Commit 15ac9d41169e1c7af4b5d9e07c433d160490df3a - python-faraday

Imported Upstream version 1.0.20 Sophie Brun 7 years ago

51 changed file(s) with 22124 addition(s) and 876 deletion(s). Raw diff Collapse all Expand all

-0

AUTHORS less more

21	21	* Martin Tartarelli
22	22	* Ronald Iraheta
23	23	* Thierry Beauquier
	24	* Brice Samulenok

+23

-0

RELEASE.md less more

8	8
9	9	New features in the latest update
10	10	=====================================
	11
	12	May 23, 2016:
	13	---
	14	* Removed description from Hosts list in WEB UI
	15	* Fixed sort in Hosts list in WEB UI
	16	* Fixed ports sorting in Host view in WEB UI
	17	* Added search link for OS in Hosts list in WEB UI
	18	* Removed description from Services list in WEB UI
	19	* Added version to Services list in WEB UI
	20	* Modified false values in Hosts list in WEB UI
	21	* Added search links in Services list in WEB UI
	22	* Added scrollbar in Gtk Terminal.
	23	* Added workspace status in Gtk interface
	24	* Added conflict resolution support for the Gtk interface
	25	* Added search entry for workspaces in Gtk
	26	* Added support for 'exit' command inside Faraday's Gtk terminal
	27	* Improved handling of uncaught exceptions in Gtk interface
	28	* Improved text formatting in Gtk's log console
	29	* Fixed several small bugs in Faraday GTK
	30	* Added support for resize workspace bar.
	31	* Added a quote for imported reports in WEB UI.
	32	* Added support for a new type of report in Qualysguard plugin.
	33	* Fixed bugs in plugins: Acunetix - Nmap - Nikto.
11	34
12	35	Apr 29, 2016:
13	36	---

-1

VERSION less more

0		1.0.19
	0	1.0.20

-1

config/default.xml less more

1	1	<faraday>
2	2
3	3	<appname>Faraday - Penetration Test IDE</appname>
4		<version>1.0.19</version>
	4	<version>1.0.20</version>
5	5	<debug_status>0</debug_status>
6	6	<font>-Misc-Fixed-medium-r-normal-*-12-100-100-100-c-70-iso8859-1</font>
7	7	<home_path>~/</home_path>

-4

faraday.py less more

431	431	helpers += ".i386"
432	432	else:
433	433	logger.fatal("Linux architecture could not be determined.")
434		exit()
	434	sys.exit()
435	435	elif sys.platform == "darwin":
436	436	logger.info("OS X detected.")
437	437	helpers += ".darwin"
438	438	else:
439	439	logger.fatal("Plaftorm not supported yet.")
440		exit()
	440	sys.exit()
441	441
442	442	if os.path.isfile(FARADAY_BASE_LIB_HELPERS):
443	443	os.remove(FARADAY_BASE_LIB_HELPERS)

576	576	if getInstanceConfiguration().getVersion() != None and getInstanceConfiguration().getVersion() != f_version:
577	577	logger.warning("You have different version of Faraday since your last run.\nRun ./faraday.py --update to update configuration!")
578	578	if query_yes_no('Do you want to close Faraday?', 'yes'):
579		exit(-1)
	579	sys.exit(-1)
580	580
581	581	getInstanceConfiguration().setVersion(f_version)
582	582	f.close()

589	589	json.dump(doc, doc_file)
590	590	except Exception as e:
591	591	getLogger("launcher").error("It seems that something's wrong with your version\nPlease contact customer support")
592		exit(-1)
	592	sys.exit(-1)
593	593
594	594
595	595	def init():

-1

gui/customevents.py less more

64	64
65	65
66	66	class ShowExceptionCustomEvent(CustomEvent):
67		def __init__(self, text, callback):
	67	def __init__(self, text, callback, error_name=None):
68	68	CustomEvent.__init__(self, EXCEPTION_ID)
69	69	self.text = text
70	70	self.exception_objects = [None, text]
71	71	self.callback = callback
	72	if error_name is not None:
	73	self.error_name = error_name
	74
72	75
73	76
74	77	class RenameHostsRootCustomEvent(CustomEvent):

+70

-8

gui/gtk/application.py less more

46	46	from dialogs import NotificationsDialog
47	47	from dialogs import aboutDialog
48	48	from dialogs import helpDialog
	49	from dialogs import ImportantErrorDialog
	50	from dialogs import ConflictsDialog
49	51
50	52	from mainwidgets import Sidebar
51	53	from mainwidgets import ConsoleLog

78	80	flags=Gio.ApplicationFlags.FLAGS_NONE)
79	81
80	82	icons = CONF.getImagePath() + "icons/"
81		self.icon = GdkPixbuf.Pixbuf.new_from_file(icons + "faraday_icon.png")
	83	faraday_icon = icons + "faraday_icon.png"
	84	self.icon = GdkPixbuf.Pixbuf.new_from_file_at_scale(faraday_icon, 16,
	85	16, False)
82	86	self.window = None
	87	self.model_controller = model_controller
	88	self.conflicts = self.model_controller.getConflicts()
83	89
84	90	def getMainWindow(self):
85	91	"""Returns the main window. This is none only at the
86	92	the startup, the GUI will create one as soon as do_activate() is called
87	93	"""
88	94	return self.window
	95
	96	def updateConflicts(self):
	97	self.conflicts = self.model_controller.getConflicts()
89	98
90	99	def createWorkspace(self, name, description="", w_type=""):
91	100	"""Pretty much copy/pasted from the QT3 GUI.

140	149	self.sidebar = Sidebar(self.workspace_manager,
141	150	self.changeWorkspace,
142	151	self.removeWorkspace,
	152	self.on_new_button,
143	153	CONF.getLastWorkspace())
	154
	155	host_count, service_count, vuln_count = self.update_counts()
144	156
145	157	self.terminal = Terminal(CONF)
146	158	self.console_log = ConsoleLog()
147		self.statusbar = Statusbar(self.on_click_notifications)
	159	self.statusbar = Statusbar(self.on_click_notifications,
	160	self.on_click_conflicts,
	161	host_count, service_count, vuln_count)
	162
148	163	self.notificationsModel = Gtk.ListStore(str)
149	164
150	165	action = Gio.SimpleAction.new("about", None)

213	228	def postEvent(self, receiver, event):
214	229	if receiver is None:
215	230	receiver = self.getMainWindow()
216		if event.type() == 3131:
	231
	232	if event.type() == 3131: # new log event
217	233	receiver.emit("new_log", event.text)
218		if event.type() == 5100:
	234
	235	if event.type() == 3141: # new conflict event
	236	receiver.emit("set_conflict_label", event.nconflicts)
	237
	238	if event.type() == 5100: # new notification event
219	239	self.notificationsModel.prepend([event.change.getMessage()])
220	240	receiver.emit("new_notif")
221		if event.type() == 3132:
	241	host_count, service_count, vuln_count = self.update_counts()
	242	receiver.emit("update_ws_info", host_count,
	243	service_count, vuln_count)
	244
	245	if event.type() == 4100 or event.type() == 3140: # newinfo or changews
	246	host_count, service_count, vuln_count = self.update_counts()
	247	receiver.emit("update_ws_info", host_count,
	248	service_count, vuln_count)
	249
	250	if event.type() == 3132: # error
222	251	dialog_text = event.text
223	252	dialog = Gtk.MessageDialog(self.window, 0,
224	253	Gtk.MessageType.INFO,

226	255	dialog_text)
227	256	dialog.run()
228	257	dialog.destroy()
	258
	259	if event.type() == 3134: # important error, uncaught exception
	260	dialog_text = event.text
	261	dialog = ImportantErrorDialog(self.window, dialog_text)
	262	response = dialog.run()
	263	if response == 42:
	264	error = event.error_name
	265	event.callback(error, *event.exception_objects)
	266	dialog.destroy()
	267
	268	def update_counts(self):
	269	host_count = self.model_controller.getHostsCount()
	270	service_count = self.model_controller.getServicesCount()
	271	vuln_count = self.model_controller.getVulnsCount()
	272	return host_count, service_count, vuln_count
229	273
230	274	def on_about(self, action, param):
231	275	""" Defines what happens when you press 'about' on the menu"""

266	310	self.window)
267	311	pluginsOption_window.show_all()
268	312
269		def on_new_button(self, action, params):
	313	def on_new_button(self, action=None, params=None, title=None):
270	314	"Defines what happens when you press the 'new' button on the toolbar"
271	315	new_workspace_dialog = NewWorkspaceDialog(self.createWorkspace,
272	316	self.workspace_manager,
273		self.sidebar, self.window)
	317	self.sidebar, self.window,
	318	title)
274	319	new_workspace_dialog.show_all()
275	320
276	321	def on_new_terminal_button(self, action, params):

294	339	self.window)
295	340	notifications_dialog.show_all()
296	341
	342	def on_click_conflicts(self, button=None):
	343	"""Doesn't use the button at all. Shows the conflict dialog"""
	344	self.updateConflicts()
	345	if self.conflicts:
	346	dialog = ConflictsDialog(self.conflicts,
	347	self.window)
	348	dialog.show_all()
	349	self.updateConflicts()
	350
	351	else:
	352	dialog = Gtk.MessageDialog(self.window, 0,
	353	Gtk.MessageType.INFO,
	354	Gtk.ButtonsType.OK,
	355	"No conflicts to fix!")
	356	dialog.run()
	357	dialog.destroy()
	358
297	359	def delete_notifications(self):
298	360	self.notificationsModel.clear()
299	361	self.window.emit("clear_notifications")
300	362
301		def changeWorkspace(self, selection=None):
	363	def changeWorkspace(self, selection):
302	364	"""Pretty much copy/pasted from QT3 GUI.
303	365	Selection is actually used nowhere, but the connect function is
304	366	Sidebar passes it as an argument so well there it is"""

+75

-23

gui/gtk/appwindow.py less more

38	38	__gsignals__ = {
39	39	"new_log": (GObject.SIGNAL_RUN_FIRST, None, (str, )),
40	40	"new_notif": (GObject.SIGNAL_RUN_FIRST, None, ()),
41		"clear_notifications": (GObject.SIGNAL_RUN_FIRST, None, ())
	41	"clear_notifications": (GObject.SIGNAL_RUN_FIRST, None, ()),
	42	"update_ws_info": (GObject.SIGNAL_RUN_FIRST, None, (int, int, int, )),
	43	"set_conflict_label": (GObject.SIGNAL_RUN_FIRST, None, (int, ))
42	44	}
43	45
44	46	def __init__(self, sidebar, terminal, console_log, statusbar,

46	48	super(Gtk.ApplicationWindow, self).__init__(args, *kwargs)
47	49
48	50	# This will be in the windows group and have the "win" prefix
49		glib_variant = GLib.Variant.new_boolean(False)
	51	glib_variant = GLib.Variant.new_boolean(True)
50	52	max_action = Gio.SimpleAction.new_stateful("maximize", None,
51	53	glib_variant)
52	54	max_action.connect("change-state", self.on_maximize_toggle)
53	55	self.add_action(max_action)
	56	self.maximize()
54	57
55	58	self.sidebar = sidebar
56	59	self.terminal = terminal
57	60	self.log = console_log
58	61	self.statusbar = statusbar
59	62
	63	self.terminal.connect("child_exited", self.on_terminal_exit)
	64
60	65	self.icons = CONF.getImagePath() + "icons/"
61	66
62	67	# sets up the clipboard

65	70
66	71	# Keep it in sync with the actual state. Deep dark GTK magic
67	72	self.connect("notify::is-maximized",
68		lambda obj:
	73	lambda obj, pspec:
69	74	max_action.set_state(
70	75	GLib.Variant.new_boolean(obj.props.is_maximized)))
71	76

74	79	self.topBox.pack_start(self.create_toolbar(), True, True, 0)
75	80
76	81	# SIDEBAR BOX
	82	search = self.sidebar.getSearchEntry()
77	83	self.sidebarBox = Gtk.Box(orientation=Gtk.Orientation.VERTICAL)
	84	self.sidebarBox.pack_start(search, False, False, 0)
78	85	self.sidebarBox.pack_start(self.sidebar.scrollableView, True, True, 0)
79	86	self.sidebarBox.pack_start(self.sidebar.getButton(), False, False, 0)
80	87
81	88	# TERMINAL BOX
82	89	self.firstTerminalBox = self.terminalBox(self.terminal.getTerminal())
83	90
84		# MIDDLE BOX: NOTEBOOK AND SIDEBAR
	91	# MIDDLE PANE: NOTEBOOK AND SIDEBAR
85	92	self.notebook = Gtk.Notebook()
86	93	self.notebook.set_scrollable(True)
87	94	self.notebook.append_page(self.firstTerminalBox, Gtk.Label("1"))
88	95
89		self.middleBox = Gtk.Box()
90		self.middleBox.pack_start(self.notebook, True, True, 0)
91		self.middleBox.pack_start(self.sidebarBox, False, False, 0)
	96	self.middlePane = Gtk.Paned(orientation=Gtk.Orientation.HORIZONTAL)
	97	self.middlePane.pack1(self.notebook, True, False)
	98	self.middlePane.pack2(self.sidebarBox, False, False)
92	99
93	100	# LOGGER BOX: THE LOGGER, DUH
94	101	self.loggerBox = Gtk.Box()

96	103
97	104	# NOTIFACTION BOX: THE BUTTON TO ACCESS NOTIFICATION DIALOG
98	105	self.notificationBox = Gtk.Box()
99		self.notificationBox.pack_start(self.statusbar.button, True, True, 0)
	106	self.notificationBox.pack_start(self.statusbar.mainBox, True, True, 0)
100	107
101	108	# MAINBOX: THE BIGGER BOX FOR ALL THE LITTLE BOXES
102	109	self.mainBox = Gtk.Box(orientation=Gtk.Orientation.VERTICAL)
103	110	self.mainBox.pack_start(self.topBox, False, False, 0)
104		self.mainBox.pack_start(self.middleBox, True, True, 0)
	111	self.mainBox.pack_start(self.middlePane, True, True, 0)
105	112	self.mainBox.pack_start(self.loggerBox, False, False, 0)
106	113	self.mainBox.pack_end(self.notificationBox, False, False, 0)
107	114

112	119	remove_terminal_button.set_image(remove_terminal_icon)
113	120	remove_terminal_button.set_relief(Gtk.ReliefStyle.NONE)
114	121	remove_terminal_button.show()
	122
115	123	at_end = Gtk.PackType.END
116
117	124	self.notebook.set_action_widget(remove_terminal_button, at_end)
118	125
119	126	self.add(self.mainBox)

178	185
179	186	# the focused terminal is the only children of the notebook
180	187	# thas has only children an event box that has as only children
181		# the terminal. Yeah, I know.
	188	# the scrolled window that has as only children the
	189	# terminal. Yeah, I know.
182	190
183	191	currentTab = self.getFocusedTab()
184	192	currentEventBox = self.notebook.get_children()[currentTab]
185	193	currentBox = currentEventBox.get_children()[0]
186		currentTerminal = currentBox.get_children()[0]
	194	currentScrolledWindow = currentBox.get_children()[0]
	195	currentTerminal = currentScrolledWindow.get_child()
187	196	return currentTerminal
188	197
189	198	def do_new_log(self, text):

193	202
194	203	def do_clear_notifications(self):
195	204	"On clear_notifications signal, it will return the button label to 0"
196		self.statusbar.button.set_label("0")
	205	self.statusbar.set_default_notif_label()
197	206
198	207	def do_new_notif(self):
199	208	"""On a new notification, increment the button label by one"""
200		self.statusbar.inc_button_label()
	209	self.statusbar.inc_notif_button_label()
	210
	211	def do_set_conflict_label(self, conflict_number):
	212	self.statusbar.update_conflict_button_label(conflict_number)
	213
	214	def do_update_ws_info(self, host_count, service_count, vuln_count):
	215	self.statusbar.update_ws_info(host_count, service_count, vuln_count)
201	216
202	217	def getLogConsole(self):
203	218	"""Returns the LogConsole. Needed by the GUIHandler logger"""

228	243	icons = self.icons
229	244
230	245	# new_from_stock is deprecated, but should work fine for now
231		new_button_icon = Gtk.Image.new_from_file(icons + "sync.png")
	246	new_button_icon = Gtk.Image.new_from_file(icons + "Documentation.png")
232	247	new_terminal_icon = Gtk.Image.new_from_file(icons + "newshell.png")
	248	preferences_icon = Gtk.Image.new_from_file(icons + "config.png")
233	249	toggle_log_icon = Gtk.Image.new_from_file(icons + "debug.png")
234	250
235	251	new_terminal_button = Gtk.ToolButton.new(new_terminal_icon, None)

241	257	new_button.set_tooltip_text("Create a new workspace")
242	258	toolbar.insert(new_button, 1)
243	259	new_button.set_action_name('app.new')
	260
	261	preferences_button = Gtk.ToolButton.new(preferences_icon, None)
	262	preferences_button.set_tooltip_text("Preferences")
	263	toolbar.insert(preferences_button, 2)
	264	preferences_button.set_action_name('app.preferences')
244	265
245	266	toggle_log_button = Gtk.ToggleToolButton.new()
246	267	toggle_log_button.set_icon_widget(toggle_log_icon)
247	268	toggle_log_button.set_active(True) # log enabled by default
248	269	toggle_log_button.set_tooltip_text("Toggle log console")
249	270	toggle_log_button.connect("clicked", self.toggle_log)
250		toolbar.insert(toggle_log_button, 2)
	271	toolbar.insert(toggle_log_button, 3)
251	272
252	273	return toolbar
253	274
254		def new_tab(self, new_terminal):
	275	def new_tab(self, scrolled_window):
255	276	"""The on_new_terminal_button redirects here. Tells the window
256	277	to create pretty much a clone of itself when the user wants a new
257	278	tab"""
258	279
	280	terminal = scrolled_window.get_children()[0]
	281	terminal.connect("child_exited", self.on_terminal_exit)
259	282	self.tab_number += 1
260	283	tab_number = self.tab_number
261		pageN = self.terminalBox(new_terminal)
	284	pageN = self.terminalBox(scrolled_window)
262	285	self.notebook.append_page(pageN, Gtk.Label(str(tab_number+1)))
263	286	self.show_all()
264	287
265		def delete_tab(self, button):
266		"""Deletes the current tab"""
267		current_page = self.notebook.get_current_page()
268		self.notebook.remove_page(current_page)
269		self.reorder_tab_names()
	288	def delete_tab(self, button=None):
	289	"""Deletes the current tab or closes the window if tab is only tab"""
	290	if self.tab_number == 0:
	291	# the following confusing but its how gtks handles delete_event
	292	# if user said YES to confirmation, do_delete_event returns False
	293	if not self.do_delete_event():
	294	self.destroy()
	295	else:
	296	current_page = self.notebook.get_current_page()
	297	self.notebook.remove_page(current_page)
	298	self.reorder_tab_names()
270	299
271	300	def reorder_tab_names(self):
272	301	"""When a tab is deleted, all other tabs must be renamed to reacomodate

283	312	"""Reverses the visibility status of the loggerbox"""
284	313	current_state = self.loggerBox.is_visible()
285	314	self.loggerBox.set_visible(not current_state)
	315
	316	def do_delete_event(self, event=None, status=None):
	317	"""Override delete_event signal to show a confirmation dialog first"""
	318	dialog = Gtk.MessageDialog(transient_for=self,
	319	modal=True,
	320	buttons=Gtk.ButtonsType.YES_NO)
	321	dialog.props.text = "Are you sure you want to quit Faraday?"
	322	response = dialog.run()
	323	dialog.destroy()
	324
	325	if response == Gtk.ResponseType.YES:
	326	return False # keep on going and destroy
	327	else:
	328	# user say you know what i don't want to exit
	329	return True
	330
	331	def on_terminal_exit(self, terminal, status):
	332	"""Really, it is very similar to delete_tab, but in this case
	333	we want to make sure that we restart Faraday is the user
	334	is not sure if he wants to exit"""
	335
	336	self.delete_tab()
	337	terminal.startFaraday()

+548

-27

gui/gtk/dialogs.py less more

14	14	from persistence.persistence_managers import CouchDbManager
15	15	from utils.common import checkSSL
16	16	from config.configuration import getInstanceConfiguration
	17	from model import guiapi
17	18
18	19
19	20	CONF = getInstanceConfiguration()

39	40	def __init__(self, callback, parent):
40	41	Gtk.Window.__init__(self, title="Preferences")
41	42	self.parent = parent
	43	self.set_modal(True)
42	44	self.set_size_request(400, 100)
43	45	self.set_type_hint(Gdk.WindowTypeHint.DIALOG)
	46	self.connect("key_press_event", on_scape)
44	47	self.set_transient_for(parent)
45	48	self.timeout_id = None
46	49	self.reloadWorkspaces = callback

50	53
51	54	self.label = Gtk.Label()
52	55	self.label.set_text("Your Couch IP")
53		vbox.pack_start(self.label, True, False, 0)
	56	vbox.pack_start(self.label, True, False, 10)
54	57
55	58	couch_uri = CONF.getCouchURI()
56	59	self.entry = Gtk.Entry()
57	60	text = couch_uri if couch_uri else "http://127.0.0.1:5050"
58	61	self.entry.set_text(text)
59		vbox.pack_start(self.entry, True, False, 0)
	62	vbox.pack_start(self.entry, True, False, 10)
60	63
61	64	hbox = Gtk.Box(orientation=Gtk.Orientation.HORIZONTAL, spacing=6)
62		vbox.pack_end(hbox, False, True, 0)
	65	vbox.pack_end(hbox, False, True, 10)
63	66
64	67	self.OK_button = Gtk.Button.new_with_label("OK")
65	68	self.OK_button.connect("clicked", self.on_click_OK)
66	69
67		hbox.pack_start(self.OK_button, False, True, 0)
	70	hbox.pack_start(self.OK_button, False, True, 10)
68	71
69	72	self.cancel_button = Gtk.Button.new_with_label("Cancel")
70	73	self.cancel_button.connect("clicked", self.on_click_cancel)
71		hbox.pack_end(self.cancel_button, False, True, 0)
	74	hbox.pack_end(self.cancel_button, False, True, 10)
72	75
73	76	def on_click_OK(self, button):
74	77	"""Defines what happens when user clicks OK button"""

94	97	a description and a type for a new workspace. Also checks that the
95	98	those attributes don't correspond to an existing workspace"""
96	99
97		def __init__(self, callback, workspace_manager, sidebar, parent):
	100	def __init__(self, callback, workspace_manager, sidebar, parent,
	101	title=None):
98	102
99	103	Gtk.Window.__init__(self, title="Create New Workspace")
100	104	self.set_type_hint(Gdk.WindowTypeHint.DIALOG)
101	105	self.set_transient_for(parent)
	106	self.set_modal(True)
	107	self.connect("key_press_event", on_scape)
102	108	self.set_size_request(200, 200)
103	109	self.timeout_id = None
104	110	self.callback = callback

110	116	self.name_label = Gtk.Label()
111	117	self.name_label.set_text("Name: ")
112	118	self.name_entry = Gtk.Entry()
	119	if title is not None:
	120	self.name_entry.set_text(title)
113	121	self.nameBox.pack_start(self.name_label, False, False, 10)
114	122	self.nameBox.pack_end(self.name_entry, True, True, 10)
115	123	self.nameBox.show()

141	149	self.buttonBox.pack_end(self.cancel_button, False, False, 10)
142	150	self.buttonBox.show()
143	151
144		self.mainBox.pack_start(self.nameBox, False, False, 0)
145		self.mainBox.pack_start(self.descrBox, False, False, 0)
146		self.mainBox.pack_start(self.typeBox, False, False, 0)
147		self.mainBox.pack_end(self.buttonBox, False, False, 0)
	152	self.mainBox.pack_start(self.nameBox, False, False, 10)
	153	self.mainBox.pack_start(self.descrBox, False, False, 10)
	154	self.mainBox.pack_start(self.typeBox, False, False, 10)
	155	self.mainBox.pack_end(self.buttonBox, False, False, 10)
148	156
149	157	self.mainBox.show()
150	158	self.add(self.mainBox)

179	187	"""The dialog where the user can see details about installed plugins.
180	188	It is not the prettiest thing in the world but it works.
181	189	Creating and displaying the models of each plugin settings is specially
182		messy, there's more info in the appropiate methods"""
	190	messy , there's more info in the appropiate methods"""
183	191	# TODO: probably stop hardcoding the first plugin, right?
184	192
185	193	def __init__(self, plugin_manager, parent):

187	195	Gtk.Window.__init__(self, title="Plugins Options")
188	196	self.set_type_hint(Gdk.WindowTypeHint.DIALOG)
189	197	self.set_transient_for(parent)
	198	self.set_modal(True)
	199	self.connect("key_press_event", on_scape)
190	200	self.set_size_request(800, 300)
191	201
192	202	if plugin_manager is not None:

203	213	pluginList = self.createPluginListView(plugin_info)
204	214	scroll_pluginList = Gtk.ScrolledWindow(None, None)
205	215	scroll_pluginList.add(pluginList)
206		# scroll_pluginList.set_min_content_width(300)
	216	scroll_pluginList.set_min_content_width(300)
207	217	pluginListBox = Gtk.Box(orientation=Gtk.Orientation.VERTICAL)
208	218	pluginListBox.pack_start(scroll_pluginList, True, True, 0)
209	219

212	222	cancel_button = Gtk.Button.new_with_label("Cancel")
213	223	OK_button.connect("clicked", self.on_click_OK, plugin_manager)
214	224	cancel_button.connect("clicked", self.on_click_cancel)
215		buttonBox.pack_start(OK_button, True, True, 0)
216		buttonBox.pack_start(cancel_button, True, True, 0)
217		pluginListBox.pack_start(buttonBox, False, False, 0)
	225	buttonBox.pack_start(OK_button, True, True, 10)
	226	buttonBox.pack_start(cancel_button, True, True, 10)
	227	pluginListBox.pack_start(buttonBox, False, False, 10)
218	228
219	229	infoBox = Gtk.Box(orientation=Gtk.Orientation.VERTICAL)
220	230	nameBox, versionBox, pluginVersionBox = [Gtk.Box() for i in range(3)]

245	255	self.pluginSpecsBox.pack_start(self.settings_view, True, True, 0)
246	256
247	257	self.mainBox = Gtk.Box(orientation=Gtk.Orientation.HORIZONTAL)
248		self.mainBox.pack_start(pluginListBox, True, True, 5)
249		self.mainBox.pack_end(self.pluginSpecsBox, True, True, 5)
	258	self.mainBox.pack_start(pluginListBox, False, True, 10)
	259	self.mainBox.pack_end(self.pluginSpecsBox, True, True, 10)
250	260
251	261	self.add(self.mainBox)
252	262

349	359	"""When the user selects a plugin, it will change the text
350	360	displeyed on the entries to their corresponding values"""
351	361
352		model, treeiter = selection.get_selected()
353		self.id_of_selected = model[treeiter][1]
354		self.name_of_selected = model[treeiter][0]
355
356		self.setSettingsView()
357
358		self.nameEntry.set_label(model[treeiter][1])
359		self.versionEntry.set_label(model[treeiter][2])
360		self.pluginVersionEntry.set_label(model[treeiter][3])
	362	# if the user searches for something that doesn't exists,
	363	# for example, the plugin 'jsaljfdlajs', this avoids
	364	# the program trying to get settings for that non-existing plugin
	365	try:
	366	model, treeiter = selection.get_selected()
	367	self.name_of_selected = model[treeiter][0]
	368	self.id_of_selected = model[treeiter][1]
	369	tool_version = model[treeiter][2]
	370	plugin_version = model[treeiter][3]
	371
	372	self.setSettingsView()
	373
	374	self.nameEntry.set_label(self.name_of_selected)
	375
	376	if tool_version:
	377	self.versionEntry.set_label(tool_version)
	378	else:
	379	self.versionEntry.set_label("")
	380
	381	if plugin_version:
	382	self.pluginVersionEntry.set_label(plugin_version)
	383	else:
	384	self.pluginVersionEntry.set_label("")
	385	except TypeError:
	386	pass
361	387
362	388	def setSettingsView(self):
363	389	"""Makes the window match the selected plugin with the settings

365	391
366	392	adecuateModel = self.models[self.id_of_selected]
367	393	self.createAdecuatePluginSettingView(adecuateModel)
	394
	395
	396	class ConflictsDialog(Gtk.Window):
	397	"""Blueprints for a beautiful, colorful, gtk-esque conflicts
	398	dialog. The user is confronted with two objects, one at the left,
	399	one at the right, and is able to edit any of the object's properties,
	400	choosing either one of them with a button"""
	401
	402	def __init__(self, conflicts, parent):
	403	"""Inits the window with its title and size, presents the
	404	user with the first conflict found. If there aren't conflict
	405	an empty window will be presented"""
	406
	407	Gtk.Window.__init__(self, title="Conflicts")
	408	self.set_transient_for(parent)
	409	self.set_size_request(600, 400)
	410	self.set_modal(True)
	411	self.connect("key_press_event", on_scape)
	412	self.conflicts = conflicts
	413	self.conflict_n = 0
	414	self.current_conflict = self.conflicts[self.conflict_n]
	415	self.view = None
	416
	417	self.views_box = Gtk.Box()
	418
	419	# TODO: FIX THIS
	420	# this is the wrong way to do it, I'm creating a useless gtk.tree
	421	# so I can know the user's default color background
	422	# that not being bad enought, get_background_color is deprecated
	423	dumpy_tree = Gtk.TreeView()
	424	style = dumpy_tree.get_style_context()
	425	self.bg_color = style.get_background_color(Gtk.StateFlags.NORMAL)
	426	self.bg_color = self.bg_color.to_string()
	427
	428	button_box = self.create_buttons()
	429
	430	self.models = self.create_conflicts_models(conflicts)
	431	self.set_conflict_view(self.conflict_n)
	432	self.current_conflict_model = self.models[self.conflict_n]
	433
	434	main_box = Gtk.Box(orientation=Gtk.Orientation.VERTICAL)
	435	main_box.pack_start(self.views_box, True, True, 5)
	436	main_box.pack_start(button_box, False, True, 5)
	437
	438	self.add(main_box)
	439
	440	def update_current_conflict_model(self):
	441	self.current_conflict_model = self.models[self.conflict_n]
	442
	443	def update_current_conflict(self):
	444	self.current_conflict = self.conflicts[self.conflict_n]
	445
	446	def create_buttons(self):
	447	"""Creates and connects the button for the window"""
	448	button_box = Gtk.Box()
	449	keep_right = Gtk.Button.new_with_label("Keep RIGHT")
	450	keep_left = Gtk.Button.new_with_label("Keep LEFT")
	451	quit = Gtk.Button.new_with_label("Quit")
	452
	453	keep_right.connect("clicked", self.save, "right")
	454	keep_left.connect("clicked", self.save, "left")
	455	quit.connect("clicked", self.on_quit)
	456
	457	space = Gtk.Box()
	458	button_box.pack_start(quit, False, False, 5)
	459	button_box.pack_start(space, True, True, 5)
	460	button_box.pack_start(keep_left, False, False, 5)
	461	button_box.pack_start(keep_right, False, False, 5)
	462	return button_box
	463
	464	def save(self, button, keeper):
	465	"""Saves information to Faraday. Keeper is needed to know if user
	466	wanted to keep left or right view"""
	467	current_conflict_type = self.current_conflict.getModelObjectType()
	468
	469	# right is represented by column 2 of the model, left by column 1
	470	if keeper == "right":
	471	n = 2
	472	elif keeper == "left":
	473	n = 1
	474
	475	# interface needs a special case, 'cause it's the only object
	476	# which resolveConflict() will expect its solution to have a
	477	# dicitionary inside the solution dictionary
	478	if current_conflict_type != "Interface":
	479	solution = {}
	480	for row in self.current_conflict_model:
	481	solution[row[0].lower()] = self.uncook(row[n], row[4])
	482	else:
	483	solution = self.case_for_interfaces(self.current_conflict_model, n)
	484
	485	try:
	486	guiapi.resolveConflict(self.current_conflict, solution)
	487	# if this isn't the last conflict...
	488	if len(self.conflicts)-1 > self.conflict_n:
	489	self.conflict_n += 1
	490	self.update_current_conflict()
	491	self.update_current_conflict_model()
	492	self.set_conflict_view(self.conflict_n)
	493	else:
	494	self.destroy()
	495
	496	except ValueError as e:
	497	dialog = Gtk.MessageDialog(self, 0,
	498	Gtk.MessageType.INFO,
	499	Gtk.ButtonsType.OK,
	500	("You tried to set some invalid "
	501	"information. Make sure all True/False"
	502	" settings are either True or False, "
	503	"all values that should be numbers are"
	504	" numbers, and so on."))
	505	dialog.run()
	506	dialog.destroy()
	507
	508	def case_for_interfaces(self, model, n):
	509	"""The custom case for the interfaces. Plays a little
	510	with the information in the given model to create a solution acceptable
	511	by resolveConflict. n is the right or left view, should be
	512	either 1 or 2 as integers"""
	513	solution = {}
	514	solution["ipv4"] = {}
	515	solution["ipv6"] = {}
	516	for row in model:
	517	prop_name = row[0].lower()
	518	if prop_name.startswith("ipv4"):
	519	prop_name = prop_name.split(" ")[1]
	520	if not prop_name.startswith("dns"):
	521	solution["ipv4"][prop_name] = self.uncook(row[n], row[4])
	522	elif prop_name.startswith("dns"):
	523	solution["ipv4"]["DNS"] = self.uncook(row[n], row[4])
	524
	525	elif prop_name.startswith("ipv6"):
	526	prop_name = prop_name.split(" ")[1]
	527	if not prop_name.startswith("dns"):
	528	solution["ipv6"][prop_name] = self.uncook(row[n], row[4])
	529	elif prop_name.startswith("dns"):
	530	solution["ipv6"]["DNS"] = self.uncook(row[n], row[4])
	531	else:
	532	solution[prop_name] = self.uncook(row[n], row[4])
	533	return solution
	534
	535	def on_quit(self, button):
	536	"""Exits the window"""
	537	self.destroy()
	538
	539	def set_conflict_view(self, conflict_n):
	540	"""Creates two views for the model corresponding to the conflict number
	541	n. If first conflict, self.view will be none. If user is past the first
	542	conflict, self.view will not be none"""
	543
	544	if self.view is None:
	545
	546	renderer = Gtk.CellRendererText()
	547
	548	original_renderer = Gtk.CellRendererText()
	549	original_renderer.set_property("editable", True)
	550	original_renderer.connect("edited", self.value_changed, "original")
	551
	552	conflict_renderer = Gtk.CellRendererText()
	553	conflict_renderer.set_property("editable", True)
	554	conflict_renderer.connect("edited", self.value_changed, "conflict")
	555
	556	prop_column = Gtk.TreeViewColumn("", renderer, text=0,
	557	background=3)
	558
	559	obj_column = Gtk.TreeViewColumn("ORIGINAL", original_renderer,
	560	text=1, background=3)
	561
	562	prop2_column = Gtk.TreeViewColumn("", renderer, text=0,
	563	background=3)
	564	obj2_column = Gtk.TreeViewColumn("CONFLICTING", conflict_renderer,
	565	text=2, background=3)
	566
	567	self.view = Gtk.TreeView(self.models[conflict_n])
	568	self.view.append_column(prop_column)
	569	self.view.append_column(obj_column)
	570	self.second_view = Gtk.TreeView(self.models[conflict_n])
	571
	572
	573	self.second_view.append_column(prop2_column)
	574	self.second_view.append_column(obj2_column)
	575
	576	self.views_box.pack_start(self.view, True, True, 5)
	577	self.views_box.pack_start(self.second_view, True, True, 5)
	578
	579	else:
	580	self.view.set_model(self.models[conflict_n])
	581	self.second_view.set_model(self.models[conflict_n])
	582
	583	def value_changed(self, widget, path, text, which_changed):
	584	"""Sets the model to keep the information which the user gave on
	585	Return Key"""
	586	active_store = self.current_conflict_model
	587	if which_changed == "original":
	588	active_store[path][1] = text
	589	elif which_changed == "conflict":
	590	active_store[path][2] = text
	591
	592	def create_conflicts_models(self, conflicts):
	593	""" Creates a list of models, one for each conflict. Each model has
	594	five columns, as shown in an example with only two rows below:
	595	\| PROPERTY \| OBJECT 1 \| OBJECT 2 \| ROW COLOR \| INPUT TYPE \|
	596	-----------------------------------------------------------
	597	\| NAME \| A \| B \| RED \| STRING \|
	598	\| PORTS \| 5050, 20 \| 5050, 20 \| WHITE \| LIST \|
	599	===========================================================
	600	ROW COLOR and INPUT TYPE are never shown to the user.
	601	"""
	602
	603	models = []
	604	for conflict in conflicts:
	605	model = Gtk.ListStore(str, str, str, str, str)
	606	obj1 = conflict.getFirstObject()
	607	obj2 = conflict.getSecondObject()
	608	conflict_type = conflict.getModelObjectType()
	609
	610	if conflict_type == "Service":
	611	self.fill_service_conflict_model(model, obj1, obj2)
	612	elif conflict_type == "Interface":
	613	self.fill_interface_conflict_model(model, obj1, obj2)
	614	elif conflict_type == "Host":
	615	self.fill_host_conflict_model(model, obj1, obj2)
	616	elif conflict_type == "Vulnerability":
	617	self.fill_vuln_conflict_model(model, obj1, obj2)
	618	elif conflict_type == "VulnerabilityWeb":
	619	self.fill_webvuln_conflict_model(model, obj1, obj2)
	620
	621	models.append(model)
	622
	623	return models
	624
	625	def fill_service_conflict_model(self, model, obj1, obj2):
	626	"""
	627	Precondition: the model has 5 string columns, obj1 && obj2 are services
	628	Will get a model and two objects and return a
	629	model with all the appropiate information"""
	630	attr = []
	631	for obj in [obj1, obj2]:
	632	attr.append((obj.getName(),
	633	obj.getDescription(),
	634	obj.getProtocol(),
	635	obj.getStatus(),
	636	obj.getPorts(),
	637	obj.getVersion(),
	638	obj.isOwned()))
	639
	640	props = ["Name", "Description", "Protocol", "Status", "Ports",
	641	"Version", "Owned"]
	642
	643	model = self.fill_model_from_props_and_attr(model, attr, props)
	644	return model
	645
	646	def fill_host_conflict_model(self, model, obj1, obj2):
	647	"""
	648	Precondition: the model has 5 string columns, obj1 && obj2 are hosts
	649	Will get a model and two objects and return a
	650	model with all the appropiate information"""
	651	attr = []
	652	for obj in [obj1, obj2]:
	653	attr.append((obj.getName(),
	654	obj.getDescription(),
	655	obj.getOS(),
	656	obj.isOwned()))
	657
	658	props = ["Name", "Description", "OS", "Owned"]
	659	model = self.fill_model_from_props_and_attr(model, attr, props)
	660	return model
	661
	662	def fill_interface_conflict_model(self, model, obj1, obj2):
	663	"""
	664	Precondition: the model has 5 string columns, obj1 && obj2 are
	665	interfaces
	666	Will get a model and two objects and return a
	667	model with all the appropiate information"""
	668	attr = []
	669	for obj in [obj1, obj2]:
	670	attr.append((obj.getName(),
	671	obj.getDescription(),
	672	obj.getHostnames(),
	673	obj.getMAC(),
	674	obj.getIPv4Address(),
	675	obj.getIPv4Mask(),
	676	obj.getIPv4Gateway(),
	677	obj.getIPv4DNS(),
	678	obj.getIPv6Address(),
	679	obj.getIPv6Gateway(),
	680	obj.getIPv6DNS(),
	681	obj.isOwned()))
	682
	683	props = ["Name", "Description", "Hostnames", "MAC", "IPv4 Address",
	684	"IPv4 Mask", "IPv4 Gateway", "IPv4 DNS", "IPv6 Address",
	685	"IPv6 Gateway", "IPv6 DNS", "Owned"]
	686
	687	model = self.fill_model_from_props_and_attr(model, attr, props)
	688	return model
	689
	690	def fill_vuln_conflict_model(self, model, obj1, obj2):
	691	"""
	692	Precondition: the model has 5 string columns, obj1 && obj2 are vulns
	693	Will get a model and two objects and return a
	694	model with all the appropiate information"""
	695	attr = []
	696	for obj in [obj1, obj2]:
	697	attr.append((obj.getName(),
	698	obj.getDescription(),
	699	obj.getData(),
	700	obj.getSeverity(),
	701	obj.getRefs()))
	702
	703	props = ["Name", "Desc", "Data", "Severity", "Refs"]
	704	model = self.fill_model_from_props_and_attr(model, attr, props)
	705	return model
	706
	707	def fill_webvuln_conflict_model(self, model, obj1, obj2):
	708	"""
	709	Precondition: the model has 5 string columns, obj1 && obj2 are web vuln
	710	Will get a model and two objects and return a
	711	model with all the appropiate information"""
	712	attr = []
	713	for obj in [obj1, obj2]:
	714	attr.append((obj.getName(),
	715	obj.getDescription(),
	716	obj.getData(),
	717	obj.getSeverity(),
	718	obj.getRefs(),
	719	obj.getPath(),
	720	obj.getWebsite(),
	721	obj.getRequest(),
	722	obj.getResponse(),
	723	obj.getMethod(),
	724	obj.getPname(),
	725	obj.getParams(),
	726	obj.getQuery(),
	727	obj.getCategory()))
	728
	729	props = ["Name", "Desc", "Data", "Severity", "Refs", "Path",
	730	"Website", "Request", "Response", "Method", "Pname",
	731	"Params", "Query", "Category"]
	732
	733	model = self.fill_model_from_props_and_attr(model, attr, props)
	734	return model
	735
	736	def fill_model_from_props_and_attr(self, model, attr, props):
	737	"""Preconditions: the model has 5 string columns,
	738	len(attr[0]) == len(attr[1]) == len(props),
	739	type(attr[0][i]) == type(attr[1][i]) for every i
	740	attr is a list of two tuples. the first tuple holds info about obj1,
	741	the second about obj2.
	742	props is the list with names of such attributes
	743
	744	Will return a model filled up with information as detailed in
	745	self.create_conflicts_models.
	746	"""
	747
	748	def decide_type(raw_prop):
	749	"""Returns the name of a type of an object.
	750	Keep in mind, type(type("a")) is Type,
	751	type(type("a").__name__) is Str
	752	"""
	753	res = type(first_raw_prop).__name__
	754	return res
	755
	756	def decide_bg():
	757	"""Decides which background should the row have depending on
	758	the uses default theme (light, dark, or unknown abomination)
	759	Pretty ugly, but it works"""
	760	color = self.bg_color.split("(")[1]
	761	color = color.split(",")
	762	color1 = int(color[0])
	763	color2 = int(color[1])
	764	color3 = int(color[2][:-1:])
	765
	766	# that weird string formats from rgb to hexa
	767	default_bg = '#%02x%02x%02x' % (color1, color2, color3)
	768
	769	if color1 > 200 and color2 > 200 and color3 > 200:
	770	return "pink" if first_prop != sec_prop else default_bg
	771	elif color1 < 100 and color2 < 100 and color3 < 100:
	772	return "darkred" if first_prop != sec_prop else default_bg
	773	else:
	774	# if your theme doesn't go for either dark or light
	775	# just use that color, screw highlights
	776	return '#%02x%02x%02x' % (color1, color2, color3)
	777
	778	i = 0
	779	for prop in props:
	780	first_raw_prop = attr[0][i]
	781	sec_raw_prop = attr[1][i]
	782	first_prop = self.cook(first_raw_prop)
	783	sec_prop = self.cook(sec_raw_prop)
	784
	785	model.append([prop, first_prop, sec_prop,
	786	decide_bg(),
	787	decide_type(first_raw_prop)])
	788	i += 1
	789
	790	return model
	791
	792	def cook(self, raw_prop):
	793	"""We need to cook our properties: not all of them are strings by
	794	default, and Gtk's models refuse to deal with lists or dictionaries.
	795	Returns a string from a list, a bool, a float, or a string.
	796	DO NOT use for dictionaries"""
	797
	798	if type(raw_prop) is list:
	799	cooked_prop = ",".join([str(p) for p in raw_prop])
	800
	801	elif type(raw_prop) is bool:
	802	cooked_prop = str(raw_prop)
	803
	804	elif type(raw_prop) is int or type(raw_prop) is float:
	805	cooked_prop = str(raw_prop)
	806
	807	else:
	808	cooked_prop = raw_prop
	809
	810	return cooked_prop
	811
	812	def uncook(self, prop, original_type):
	813	"""We need to get our raw information again: Gtk may like strings,
	814	but Faraday needs lists, booleans, floats, and such.
	815	Do not try to use for dictionaries.
	816	"""
	817
	818	if original_type == "list" or original_type == "NoneType":
	819	if prop:
	820	prop = prop.replace(" ", "")
	821	raw_prop = prop.split(",")
	822	else:
	823	raw_prop = []
	824
	825	elif original_type == "bool":
	826	prop = prop.replace(" ", "")
	827	if prop.lower() == "true":
	828	raw_prop = True
	829	elif prop.lower() == "false":
	830	raw_prop = False
	831
	832	elif original_type == "int":
	833	raw_prop = int(prop)
	834
	835	elif original_type == "float":
	836	raw_prop = float(prop)
	837
	838	elif original_type == "str" or original_type == "unicode":
	839	raw_prop = prop
	840
	841	else:
	842	raw_prop = prop
	843
	844	return raw_prop
368	845
369	846
370	847	class NotificationsDialog(Gtk.Window):

375	852	self.set_type_hint(Gdk.WindowTypeHint.DIALOG)
376	853	self.set_transient_for(parent)
377	854	self.set_size_request(400, 200)
	855	self.set_modal(True)
	856	self.connect("key_press_event", on_scape)
	857
378	858	self.view = view
379	859	self.destroy_notifications = callback
380	860

382	862	self.button.set_label("OK")
383	863	self.button.connect("clicked", self.on_click_OK)
384	864
	865	scrolled_list = Gtk.ScrolledWindow.new(None, None)
	866	scrolled_list.set_min_content_width(200)
	867	scrolled_list.set_min_content_height(350)
	868	scrolled_list.add(self.view)
	869
385	870	self.mainBox = Gtk.Box(orientation=Gtk.Orientation.VERTICAL)
386		self.mainBox.pack_start(self.view, True, True, 0)
	871	self.mainBox.pack_start(scrolled_list, True, True, 0)
387	872	self.mainBox.pack_start(self.button, False, False, 0)
388	873
389	874	self.add(self.mainBox)

443	928	self.format_secondary_text(explanation)
444	929	self.run()
445	930	self.destroy()
	931
	932
	933	class ImportantErrorDialog(Gtk.Dialog):
	934
	935	def __init__(self, parent_window, error):
	936	Gtk.Dialog.__init__(self, "Error!", parent_window, 0)
	937	self.add_button("Send report to developers...", 42)
	938	self.add_button("Ignore", 0)
	939	self.set_size_request(200, 200)
	940
	941	textBuffer = Gtk.TextBuffer()
	942	textBuffer.set_text(error)
	943
	944	textView = Gtk.TextView()
	945	textView.set_editable(False)
	946	textView.set_buffer(textBuffer)
	947
	948	box = self.get_content_area()
	949	scrolled_text = Gtk.ScrolledWindow.new(None, None)
	950	scrolled_text.set_min_content_height(200)
	951	scrolled_text.set_min_content_width(200)
	952	scrolled_text.add(textView)
	953
	954	box.pack_start(scrolled_text, True, True, 0)
	955	self.show_all()
	956
	957	def on_scape(window, event):
	958	"""Silly function to destroy a window on escape key, to use
	959	with all the dialogs that should be Gtk.Dialogs but are Gtk.Windows
	960	or with windows that are too complex for gtk dialogs but should behave
	961	as a dialog too"""
	962	if event.get_keycode()[1] == 9:
	963	window.destroy()
	964	return True
	965	else:
	966	return False

+278

-84

gui/gtk/mainwidgets.py less more

12	12	gi.require_version('Gtk', '3.0')
13	13	gi.require_version('Vte', '2.91')
14	14
15		from gi.repository import Gtk, Vte, GLib
16
17
18		class Terminal(Gtk.Widget):
	15	from gi.repository import Gtk, Vte, GLib, Pango
	16
	17
	18	class Terminal(Vte.Terminal):
19	19	"""Defines a simple terminal that will execute faraday-terminal with the
20	20	corresponding host and port as specified by the CONF"""
21	21	def __init__(self, CONF):
22		super(Gtk.Widget, self).__init__()
23
24		self.terminal = Vte.Terminal()
25		faraday_directory = os.path.dirname(os.path.realpath(sys.argv[0]))
26		self.terminal.spawn_sync(Vte.PtyFlags.DEFAULT,
27		faraday_directory, ['/bin/zsh'],
28		[],
29		GLib.SpawnFlags.DO_NOT_REAP_CHILD,
30		None,
31		None)
32
33		host, port = CONF.getApiRestfulConInfo()
34		faraday_exec = './faraday-terminal.zsh'
35		self.command = (faraday_exec + " " + host + " " + str(port))
36		self.terminal.feed_child(self.command + '\n', len(self.command)+1)
	22	super(Vte.Terminal, self).__init__()
	23
	24	self.pty = self.pty_new_sync(Vte.PtyFlags.DEFAULT, None)
	25	self.set_pty(self.pty)
	26
	27	self.set_scrollback_lines(-1)
	28	self.set_audible_bell(0)
	29
	30	self.faraday_directory = os.path.dirname(os.path.realpath(sys.argv[0]))
	31	self.host, self.port = CONF.getApiRestfulConInfo()
	32	self.faraday_exec = self.faraday_directory + "/faraday-terminal.zsh"
	33
	34	self.startFaraday()
37	35
38	36	def getTerminal(self):
39		return self.terminal
	37	"""Returns a scrolled_window with the terminal inside it"""
	38	scrolled_window = Gtk.ScrolledWindow.new(None, None)
	39	scrolled_window.set_overlay_scrolling(False)
	40	scrolled_window.add(self)
	41	return scrolled_window
	42
	43	def startFaraday(self):
	44	"""Starts a Faraday process with the appropiate host and port."""
	45
	46	home_dir = os.path.expanduser('~')
	47	self.spawn_sync(Vte.PtyFlags.DEFAULT,
	48	home_dir,
	49	[self.faraday_exec, str(self.host), str(self.port)],
	50	[],
	51	GLib.SpawnFlags.DO_NOT_REAP_CHILD,
	52	None,
	53	None)
40	54
41	55
42	56	class Sidebar(Gtk.Widget):
43	57	"""Defines the sidebar widget to be used by the AppWindow, passed as an
44		instance by the application. It only handles the view, all the backend
45		word is handled by the application via the callback"""
	58	instance to itby the application. It only handles the view and the model,
	59	all the backend word is handled by the application via the callback"""
46	60
47	61	def __init__(self, workspace_manager, callback_to_change_workspace,
48		callback_to_remove_workspace, conf):
	62	callback_to_remove_workspace, callback_to_create_workspace,
	63	last_workspace):
	64
49	65	super(Gtk.Widget, self).__init__()
50		self.callback = callback_to_change_workspace
51		self.removeWsCallback = callback_to_remove_workspace
	66	self.callbackChangeWs = callback_to_change_workspace
	67	self.callbackRemoveWs = callback_to_remove_workspace
	68	self.callbackCreateWs = callback_to_create_workspace
	69	self.lastWorkspace = last_workspace
52	70	self.ws_manager = workspace_manager
53		self.lastWorkspace = conf
	71
54	72	self.workspaces = self.ws_manager.getWorkspacesNames()
55		self.workspace_list_info = Gtk.ListStore(str)
56
57		self.workspaceModel()
58		self.workspaceView()
59
60		self.sidebar_button = Gtk.Button.new_with_label("Refresh")
	73	self.searchEntry = self.createSearchEntry()
	74
	75	self.workspace_model = self.createWsModel()
	76	self.workspace_view = self.createWsView(self.workspace_model)
	77
	78	self.sidebar_button = Gtk.Button.new_with_label("Refresh workspaces")
61	79	self.sidebar_button.connect("clicked", self.refreshSidebar)
62	80
63	81	self.scrollableView = Gtk.ScrolledWindow.new(None, None)
64	82	self.scrollableView.set_min_content_width(160)
65		self.scrollableView.add(self.lst)
	83	self.scrollableView.add(self.workspace_view)
	84
	85	def createSearchEntry(self):
	86	"""Returns a simple search entry"""
	87	searchEntry = Gtk.Entry()
	88	searchEntry.set_placeholder_text("Search...")
	89	searchEntry.connect("activate", self.onSearchEnterKey)
	90	return searchEntry
	91
	92	def getSearchEntry(self):
	93	"""Returns the search entry of the sidebar"""
	94	return self.searchEntry
	95
	96	def onSearchEnterKey(self, entry):
	97	"""When the users preses enter, if the workspace exists,
	98	select it. If not, present the window to create a workspace with
	99	that name"""
	100	selection = self.getSelectedWs()
	101	if selection.get_selected()[1] is None:
	102	self.callbackCreateWs(title=entry.get_text())
	103	entry.set_text("")
	104	else:
	105	self.callbackChangeWs(selection)
	106	ws_iter = self.getSelectedWsIter()
	107	entry.set_text("")
	108	self.selectWs(ws_iter)
66	109
67	110	def refreshSidebar(self, button=None):
68	111	"""Function called when the user press the refresh button.
69	112	Gets an updated copy of the workspaces and checks against
70	113	the model to see which are already there and which arent"""
71		model = self.workspace_list_info
	114
	115	model = self.workspace_model
72	116	self.workspaces = self.ws_manager.getWorkspacesNames()
73	117	added_workspaces = [added_ws[0] for added_ws in model]
74	118	for ws in self.workspaces:

78	122	def clearSidebar(self):
79	123	"""Brutaly clear all the information from the model.
80	124	No one survives"""
81		self.workspace_list_info.clear()
82
83		def createTitle(self):
84		"""Return a label with the text "Workspaces"""
85		title = Gtk.Label()
86		title.set_text("Workspaces")
87		return title
88
89		def workspaceModel(self):
90		"""Populates the workspace model. Also assigns self.defaultSelection
	125	self.workspace_model.clear()
	126
	127	def createWsModel(self):
	128	"""Creates and the workspace model. Also assigns self.defaultSelection
91	129	to the treeIter which represents the last active workspace"""
	130	workspace_model = Gtk.ListStore(str)
	131
92	132	for ws in self.workspaces:
93		treeIter = self.workspace_list_info.append([ws])
	133	treeIter = workspace_model.append([ws])
94	134	if ws == self.lastWorkspace:
95	135	self.defaultSelection = treeIter
96	136
97		def workspaceView(self):
98		"""Populate the workspace view. Also selected by default
	137	return workspace_model
	138
	139	def createWsView(self, model):
	140	"""Populate the workspace view. Also select by default
99	141	self.defaultSelection (see workspaceModel method). Also connect
100	142	a selection with the change workspace callback"""
101		self.lst = Gtk.TreeView(self.workspace_list_info)
	143
	144	view = Gtk.TreeView(model)
102	145	renderer = Gtk.CellRendererText()
103	146	column = Gtk.TreeViewColumn("Workspaces", renderer, text=0)
104		self.lst.append_column(column)
	147	view.append_column(column)
	148	view.set_search_entry(self.searchEntry)
105	149
106	150	# select by default the last active workspace
107	151	if self.defaultSelection is not None:
108		self.selectDefault = self.lst.get_selection()
	152	self.selectDefault = view.get_selection()
109	153	self.selectDefault.select_iter(self.defaultSelection)
110	154
111		self.lst.connect("button-press-event", self.on_right_click)
112		selection = self.lst.get_selection()
113		selection.connect("changed", self.callback)
114
115		def on_right_click(self, view, event):
	155	selection = view.get_selection()
	156	selection.set_mode(Gtk.SelectionMode.BROWSE)
	157
	158	view.connect("button-press-event", self.on_click)
	159
	160	return view
	161
	162	def on_click(self, view, event):
116	163	"""On click, check if it was a right click. If it was,
117	164	create a menu with the delete option. On click on that option,
118	165	delete the workspace that occupied the position where the user
119	166	clicked. Returns True if it was a right click"""
120	167
	168	# it it isnt right click or left click just do nothing
	169	if event.button != 3 and event.button != 1:
	170	return False
	171
	172	# we really do care about where the user clicked, that is our
	173	# connection to the soon to be selection. if this didn't exist,
	174	# we couldn't do much: the selection of the view is still
	175	# whatever the user had selected before clicking
	176	try:
	177	path = view.get_path_at_pos(int(event.x), int(event.y))[0]
	178	except TypeError:
	179	# if the user didn't click on a workspace there no path to work on
	180	return False
	181
	182	# left click:
	183	if event.button == 1:
	184	# force selection of newly selected
	185	# before actually changing workspace
	186	select = view.get_selection()
	187	select.select_path(path)
	188
	189	# change the workspace to the newly selected
	190	self.callbackChangeWs(self.getSelectedWs())
	191
121	192	if event.button == 3: # 3 represents right click
122	193	menu = Gtk.Menu()
123	194	delete_item = Gtk.MenuItem("Delete")
124	195	menu.append(delete_item)
125	196
126		# underscores mean "i don't 'care 'cause i won't use them
127		# thank haskell for that
128	197	# get the path of the item where the user clicked
129	198	# then get its tree_iter. then get its name. then delete
130	199	# that workspace
131	200
132		path, _, _, _ = view.get_path_at_pos(int(event.x), int(event.y))
133		tree_iter = self.workspace_list_info.get_iter(path)
134		ws_name = self.workspace_list_info[tree_iter][0]
135
136		delete_item.connect("activate", self.removeWsCallback, ws_name)
	201	tree_iter = self.workspace_model.get_iter(path)
	202	ws_name = self.workspace_model[tree_iter][0]
	203
	204	delete_item.connect("activate", self.callbackRemoveWs, ws_name)
137	205
138	206	delete_item.show()
139	207	menu.popup(None, None, None, None, event.button, event.time)

141	209
142	210	def addWorkspace(self, ws):
143	211	"""Append ws workspace to the model"""
144		self.workspace_list_info.append([ws])
	212	self.workspace_model.append([ws])
145	213
146	214	def getSelectedWs(self):
147		"""Returns the current selected workspace"""
148		return self.lst.get_selection()
	215	"""Returns the name of the current selected workspace"""
	216	selection = self.workspace_view.get_selection()
	217	return selection
	218
	219	def getSelectedWsIter(self):
	220	"""Returns the TreeIter of the current selected workspace"""
	221	selection = self.getSelectedWs()
	222	_iter = selection.get_selected()[1]
	223	return _iter
149	224
150	225	def selectWs(self, ws):
151	226	"""Selects workspace ws in the list"""
152		self.select = self.lst.get_selection()
	227	self.select = self.workspace_view.get_selection()
153	228	self.select.select_iter(ws)
154	229
155	230	def getButton(self):

166	241
167	242	self.textBuffer = Gtk.TextBuffer()
168	243	self.textBuffer.new()
169		self.textBuffer.set_text("LOG. Please run Faraday with the --debug "
170		"flag for more verbose output \n \0", -1)
	244
	245	self.red = self.textBuffer.create_tag("error", foreground='Red')
	246	self.green = self.textBuffer.create_tag("debug", foreground='Green')
	247	self.blue = self.textBuffer.create_tag("notif", foreground="Blue")
	248	self.orange = self.textBuffer.create_tag("warning",
	249	foreground="#F5760F")
	250	self.bold = self.textBuffer.create_tag("bold",
	251	weight=Pango.Weight.BOLD)
	252
	253	self.textBuffer.set_text("Welcome to Faraday. Happy hacking!\n\0",
	254	-1)
	255
	256	self.textBuffer.apply_tag(self.bold,
	257	self.textBuffer.get_iter_at_line(0),
	258	self.textBuffer.get_end_iter())
171	259
172	260	self.textView = Gtk.TextView()
173	261	self.textView.set_editable(False)

196	284
197	285	def customEvent(self, text):
198	286	"""Filters event so that only those with type 3131 get to the log"""
199		self.update(text)
200
201		def update(self, event):
	287	text = text.split('-')
	288	if text[0] == "INFO ":
	289	self.update("[ " + text[0] + "]", self.bold)
	290	if text[0] == "DEBUG ":
	291	self.update("[ " + text[0] + "]", self.bold, self.green)
	292	if text[0] == "ERROR " or text[0] == "CRITICAL: ":
	293	self.update("[ " + text[0] + "]", self.bold, self.red)
	294	if text[0] == "WARNING ":
	295	self.update("[ " + text[0] + "]", self.bold, self.orange)
	296	if text[0] == "NOTIFICATION ":
	297	self.update("[ " + text[0] + "]", self.bold, self.blue)
	298
	299	self.update("-" + '-'.join(text[1:]) + "\n")
	300
	301	def update(self, text, *tags):
202	302	"""Updates the textBuffer with the event sent. Also scrolls to last
203	303	posted automatically"""
204	304	last_position = self.textBuffer.get_end_iter()
205		self.textBuffer.insert(last_position, event+"\n", len(event + "\n"))
206		insert = self.textBuffer.get_insert()
	305	self.textBuffer.insert(last_position, text, len(text))
	306
	307	# we need to take 1 from the lines to compensate for the default line
	308	lines = self.textBuffer.get_line_count()
	309	begin = self.textBuffer.get_iter_at_line(lines-1)
	310
	311	# update last position, it isn't the same as when the funcion started
	312	last_position = self.textBuffer.get_end_iter()
	313
	314	for tag in tags:
	315	self.textBuffer.apply_tag(tag, begin, last_position)
	316
	317	self.scroll_to_insert(self.textBuffer.get_insert())
	318
	319	def scroll_to_insert(self, insert):
	320	"""Scrolls the view to a particular insert point"""
207	321	self.textView.scroll_to_mark(insert, 0, False, 1, 1)
208	322
209	323

213	327	Takes an on_button_do callback, so it can tell the application what
214	328	to do when the user presses the button"""
215	329
216		def __init__(self, on_button_do):
	330	def __init__(self, notif_callback, conflict_callback,
	331	host_count, service_count, vuln_count):
217	332	super(Gtk.Widget, self).__init__()
218		"""Creates a button with zero ("0") as label"""
219		self.callback = on_button_do
220		self.button_label_int = 0
221		self.button = Gtk.Button.new_with_label(str(self.button_label_int))
222		self.button.connect("clicked", self.callback)
223
224		def inc_button_label(self):
225		"""increments the label by one"""
226		self.button_label_int += 1
227		self.button.set_label(str(self.button_label_int))
	333	"""Initialices a button with a label on zero"""
	334	initial_strings = self.create_strings(host_count, service_count,
	335	vuln_count)
	336	self.notif_text = "Notifications: "
	337	self.conflict_text = "Conflicts: "
	338
	339	self.host_count_str = initial_strings[0]
	340	self.service_count_str = initial_strings[1]
	341	self.vuln_count_str = initial_strings[2]
	342
	343	self.ws_info = self.create_initial_ws_info()
	344
	345	self.notif_button = Gtk.Button.new()
	346	self.set_default_notif_label()
	347	self.notif_button.connect("clicked", notif_callback)
	348
	349	self.conflict_button = Gtk.Button.new()
	350	self.set_default_conflict_label()
	351	self.conflict_button.connect("clicked", conflict_callback)
	352
	353	self.mainBox = Gtk.Box()
	354	self.mainBox.pack_start(self.notif_button, False, False, 5)
	355	self.mainBox.pack_start(self.ws_info, False, True, 5)
	356	self.mainBox.pack_start(Gtk.Box(), True, True, 5) # space
	357	self.mainBox.pack_end(self.conflict_button, False, True, 0)
	358
	359	def inc_notif_button_label(self):
	360	"""Increments the button label, sets bold so user knows there are
	361	unread notifications"""
	362
	363	self.notif_button_label_int += 1
	364	child = self.notif_button.get_child()
	365	self.notif_button.remove(child)
	366	label = Gtk.Label.new()
	367	label.set_markup("<b> %s %s </b>"
	368	% (self.notif_text, str(self.notif_button_label_int)))
	369
	370	label.show()
	371	self.notif_button.add(label)
	372
	373	def update_conflict_button_label(self, n):
	374	self.conflict_button_label_int += n
	375	child = self.conflict_button.get_child()
	376	self.conflict_button.remove(child)
	377	label = Gtk.Label.new(self.conflict_text +
	378	str(self.conflict_button_label_int))
	379	label.show()
	380	self.conflict_button.add(label)
	381
	382	def set_default_notif_label(self):
	383	"""Creates the default label"""
	384	self.notif_button_label_int = 0
	385	self.notif_button.set_label(self.notif_text +
	386	str(self.notif_button_label_int))
	387
	388	def set_default_conflict_label(self):
	389	self.conflict_button_label_int = 0
	390	self.conflict_button.set_label(self.conflict_text +
	391	str(self.conflict_button_label_int))
	392
	393	def create_initial_ws_info(self):
	394	box = Gtk.Box()
	395	self.explain = Gtk.Label.new("Workspace status: ")
	396	self.host_label = Gtk.Label.new(self.host_count_str)
	397	self.service_label = Gtk.Label.new(self.service_count_str)
	398	self.vuln_label = Gtk.Label.new(self.vuln_count_str)
	399
	400	box.pack_start(self.explain, True, True, 0)
	401	box.pack_start(self.host_label, True, True, 0)
	402	box.pack_start(self.service_label, True, True, 0)
	403	box.pack_start(self.vuln_label, True, True, 0)
	404	return box
	405
	406	def update_ws_info(self, new_host_count, new_service_count,
	407	new_vuln_count):
	408
	409	host, service, vuln = self.create_strings(new_host_count,
	410	new_service_count,
	411	new_vuln_count)
	412	self.host_label.set_text(host)
	413	self.service_label.set_text(service)
	414	self.vuln_label.set_text(vuln)
	415
	416	def create_strings(self, host_count, service_count, vuln_count):
	417	host_string = str(host_count) + " hosts, "
	418	service_string = str(service_count) + " services, "
	419	vuln_string = str(vuln_count) + " vulnerabilities."
	420
	421	return host_string, service_string, vuln_string

-1

install.sh less more

63	63	elif [ "$os" = "Ubuntu 13.04" ]; then
64	64	version="ubuntu13-04-$arch"
65	65	down=1
66		elif [[ "$os" =~ "Ubuntu 14.04".\|"Ubuntu 14.10".\|"Ubuntu Vivid Vervet (development branch)"\|"Ubuntu 15".* ]]; then
	66	elif [[ "$os" =~ "Ubuntu 14.04".\|"Ubuntu 14.10".\|"Ubuntu Vivid Vervet (development branch)"\|"Ubuntu 15".\|"Ubuntu 16". ]]; then
67	67	version="ubuntu13-10-$arch"
68	68	down=1
69	69	# Install pip from github.

-4

managers/reports_managers.py less more

57	57
58	58	def onlinePlugin(self, cmd):
59	59
60		_, new_cmd, output_file = self.plugin_controller.processCommandInput(
61		cmd)
62		self.plugin_controller.onCommandFinished(cmd, '')
	60	_, new_cmd = self.plugin_controller.processCommandInput('0', cmd, './')
	61	self.plugin_controller.onCommandFinished('0', 0, cmd)
63	62
64	63
65	64	class ReportManager(threading.Thread):

302	301	return "Nexpose"
303	302	elif "NexposeReport" == tag:
304	303	return "NexposeFull"
305		elif "ASSET_DATA_REPORT" == tag:
	304	elif "ASSET_DATA_REPORT" == tag or "SCAN" == tag:
306	305	return "Qualysguard"
307	306	elif "scanJob" == tag:
308	307	return "Retina"

-6

model/api.py less more

650	650
651	651	# Plugin status
652	652
653		def pluginStart():
654		__model_controller.addPluginStart()
655
656
657		def pluginEnd():
658		__model_controller.addPluginEnd()
	653	def pluginStart(name):
	654	__model_controller.addPluginStart(name)
	655
	656
	657	def pluginEnd(name):
	658	__model_controller.addPluginEnd(name)
659	659
660	660	#-------------------------------------------------------------------------------
661	661	def getLoggedUser():

+52

-3

model/common.py less more

886	886	self.severity = self.standarize(severity)
887	887	self.resolution = resolution
888	888
	889	def _updatePublicAttributes(self):
	890
	891	self.publicattrs['Name'] = 'getName'
	892	self.publicattrs['Description'] = 'getDescription'
	893	self.publicattrs['Data'] = "getData"
	894	self.publicattrs['Severity'] = 'getSeverity'
	895	self.publicattrs['Refs'] = 'getRefs'
	896
	897	self.publicattrsrefs['Name'] = 'name'
	898	self.publicattrsrefs['Description'] = '_desc'
	899	self.publicattrsrefs['Data'] = "data"
	900	self.publicattrsrefs['Severity'] = 'severity'
	901	self.publicattrsrefs['Refs'] = 'refs'
	902
889	903	def standarize(self, severity):
890	904	# Transform all severities into lower strings
891	905	severity = str(severity).lower()

938	952
939	953	#@save
940	954	@updateLocalMetadata
941		def updateAttributes(self, name=None, desc=None, severity=None, resolution=None, refs=None):
	955	def updateAttributes(self, name=None, desc=None, data=None,
	956	severity=None, resolution=None, refs=None):
942	957	if name is not None:
943	958	self.setName(name)
944	959	if desc is not None:
945	960	self.setDescription(desc)
	961	if data is not None:
	962	self.setData(data)
946	963	if resolution is not None:
947	964	self.setResolution(resolution)
948	965	if severity is not None:

1035	1052	self.query = query
1036	1053	self.category = category
1037	1054
	1055	def _updatePublicAttributes(self):
	1056
	1057	self.publicattrs['Name'] = 'getName'
	1058	self.publicattrs['Desc'] = 'getDescription'
	1059	self.publicattrs['Data'] = 'getData'
	1060	self.publicattrs['Severity'] = 'getSeverity'
	1061	self.publicattrs['Refs'] = 'getRefs'
	1062	self.publicattrs['Path'] = 'getPath'
	1063	self.publicattrs['Website'] = 'getWebsite'
	1064	self.publicattrs['Request'] = 'getRequest'
	1065	self.publicattrs['Response'] = 'getResponse'
	1066	self.publicattrs['Method'] = 'getMethod'
	1067	self.publicattrs['Pname'] = 'getPname'
	1068	self.publicattrs['Params'] = 'getParams'
	1069	self.publicattrs['Query'] = 'getQuery'
	1070	self.publicattrs['Category'] = 'getCategory'
	1071
	1072	self.publicattrsrefs['Name'] = 'name'
	1073	self.publicattrsrefs['Desc'] = '_desc'
	1074	self.publicattrsrefs['Data'] = 'data'
	1075	self.publicattrsrefs['Severity'] = 'severity'
	1076	self.publicattrsrefs['Refs'] = 'refs'
	1077	self.publicattrsrefs['Path'] = 'path'
	1078	self.publicattrsrefs['Website'] = 'website'
	1079	self.publicattrsrefs['Request'] = 'request'
	1080	self.publicattrsrefs['Response'] = 'response'
	1081	self.publicattrsrefs['Method'] = 'method'
	1082	self.publicattrsrefs['Pname'] = 'pname'
	1083	self.publicattrsrefs['Params'] = 'params'
	1084	self.publicattrsrefs['Query'] = 'query'
	1085	self.publicattrsrefs['Category'] = 'category'
	1086
1038	1087	def updateID(self):
1039	1088	self._id = get_hash([self.name, self.website, self.path, self.desc ])
1040	1089	self._prependParentId()

1095	1144
1096	1145	#@save
1097	1146	@updateLocalMetadata
1098		def updateAttributes(self, name=None, desc=None, website=None, path=None, refs=None,
	1147	def updateAttributes(self, name=None, desc=None, data=None, website=None, path=None, refs=None,
1099	1148	severity=None, resolution=None, request=None,response=None, method=None,
1100	1149	pname=None, params=None, query=None, category=None):
1101		super(ModelObjectVulnWeb, self).updateAttributes(name, desc, severity, resolution, refs)
	1150	super(ModelObjectVulnWeb, self).updateAttributes(name, desc, data, severity, resolution, refs)
1102	1151	if website is not None:
1103	1152	self.website = website
1104	1153	if path is not None:

+29

-13

model/controller.py less more

655	655	res = True
656	656	return res
657	657
658		def addPluginStart(self):
659		self.__addPendingAction(modelactions.PLUGINSTART)
660
661		def addPluginEnd(self):
662		self.__addPendingAction(modelactions.PLUGINEND)
663
664		def _pluginStart(self):
	658	def addPluginStart(self, name):
	659	self.__addPendingAction(modelactions.PLUGINSTART, name)
	660
	661	def addPluginEnd(self, name):
	662	self.__addPendingAction(modelactions.PLUGINEND, name)
	663
	664	def _pluginStart(self, name):
665	665	self.active_plugins_count_lock.acquire()
666		getLogger(self).info("Plugin Started")
	666	getLogger(self).info("Plugin Started: " + name)
667	667	self.active_plugins_count += 1
668	668	self.active_plugins_count_lock.release()
669
670		def _pluginEnd(self):
	669	return True
	670
	671	def _pluginEnd(self, name):
671	672	self.active_plugins_count_lock.acquire()
672		getLogger(self).info("Plugin Ended")
	673	getLogger(self).info("Plugin Ended: " + name)
673	674	self.active_plugins_count -= 1
674	675	self.active_plugins_count_lock.release()
	676	return True
675	677
676	678	def addVulnToInterfaceASYNC(self, host, intId, newVuln):
677	679	self.__addPendingAction(modelactions.ADDVULNINT, newVuln, intId)

905	907	username, password=password, parent_id=parent_id)
906	908
907	909	def getHost(self, name):
908		hosts_mapper = self.mappers_manager.getMapper(model.hosts.Host.__name__)
	910	hosts_mapper = self.mappers_manager.getMapper(model.hosts.Host.class_signature)
909	911	return hosts_mapper.find(name)
910	912
911	913	def getAllHosts(self):
912	914	hosts = self.mappers_manager.getMapper(
913		model.hosts.Host.__name__).getAll()
	915	model.hosts.Host.class_signature).getAll()
914	916	return hosts
915	917
916	918	def getWebVulns(self):

934	936
935	937	for hostname in intr.getHostnames():
936	938	self.treeWordsTries.addWord(hostname)
	939
	940	def getHostsCount(self):
	941	hosts = model.hosts.Host.class_signature
	942	return self.mappers_manager.getMapper(hosts).getCount()
	943
	944	def getServicesCount(self):
	945	services = model.hosts.Service.class_signature
	946	return self.mappers_manager.getMapper(services).getCount()
	947
	948	def getVulnsCount(self):
	949	vulns = model.common.ModelObjectVuln.class_signature
	950	web_vulns = model.common.ModelObjectVulnWeb.class_signature
	951	return (self.mappers_manager.getMapper(vulns).getCount() +
	952	self.mappers_manager.getMapper(web_vulns).getCount())

-0

persistence/mappers/abstract_mapper.py less more

100	100
101	101	def getAll(self):
102	102	return self.object_map.values()
	103
	104	def getCount(self):
	105	return len(self.object_map.keys())

+12

-2

plugins/controller.py less more

109	109	output_queue.put(None)
110	110	output_queue.join()
111	111
112		self._processAction(modelactions.PLUGINSTART, [])
	112	self._processAction(modelactions.PLUGINSTART, [plugin.id])
113	113
114	114	while True:
115	115	try:

140	140	"something strange happened... "
141	141	"unhandled exception?")
142	142	break
143		self._processAction(modelactions.PLUGINEND, [])
	143	self._processAction(modelactions.PLUGINEND, [plugin.id])
144	144
145	145	def _processAction(self, action, parameters):
146	146	"""

407	407	return True
408	408
409	409	def processReport(self, plugin, filepath):
	410
	411	cmd_info = CommandRunInformation(
	412	**{'workspace': model.api.getActiveWorkspace().name,
	413	'itime': time.time(),
	414	'command': 'Import %s:' % plugin,
	415	'params': filepath})
	416	self._mapper_manager.save(cmd_info)
	417
410	418	if plugin in self._plugins:
411	419	self.processOutput(self._plugins[plugin], filepath, True)
	420	cmd_info.duration = time.time() - cmd_info.itime
	421	self._mapper_manager.save(cmd_info)
412	422	return True
413	423	return False
414	424

-3

plugins/plugin.py less more

103	103
104	104	def processOutput(self, term_output):
105	105	output = term_output
106		if self.has_custom_output():
	106	if self.has_custom_output() and os.path.isfile(self.get_custom_file_path()):
107	107	output = open(self.get_custom_file_path(), 'r').read()
108	108	self.parseOutputString(output)
109	109
110	110	def processReport(self, filepath):
111		output = open(filepath, 'r').read()
112		self.parseOutputString(output)
	111	if os.path.isfile(filepath):
	112	output = open(filepath, 'r').read()
	113	self.parseOutputString(output)
113	114
114	115	def parseOutputString(self, output):
115	116	"""

+10

-1

plugins/repo/acunetix/plugin.py less more

8	8	'''
9	9	from __future__ import with_statement
10	10	from plugins import core
	11	from model import api
11	12	import socket
12	13	import sys
13	14	import re

163	164	try:
164	165	return socket.gethostbyname(host)
165	166	except:
166		pass
	167	api.log(
	168	'[ERROR] Acunetix XML Plugin: Ip of host unknown ' + host,
	169	level='ERROR')
	170	return None
167	171	return host
168	172
169	173

248	252	parser = AcunetixXmlParser(output)
249	253
250	254	for site in parser.sites:
	255
	256	if site.ip is None:
	257	continue
	258
251	259	host = []
252	260	if site.host != site.ip:
253	261	host = [site.host]
	262
254	263	h_id = self.createAndAddHost(site.ip, site.os)
255	264	i_id = self.createAndAddInterface(
256	265	h_id,

+220

-174

plugins/repo/metasploiton/plugin.py less more

18	18	except ImportError:
19	19	raise Exception("Please install psycopg2 to use plugin: MetasploitOn")
20	20
21
22	21	import time
23	22
24	23	try:

28	27	except ImportError:
29	28	import xml.etree.ElementTree as ET
30	29	ETREE_VERSION = ET.VERSION
31
	30
32	31	ETREE_VERSION = [int(i) for i in ETREE_VERSION.split(".")]
33	32
34	33	current_path = os.path.abspath(os.getcwd())
35	34
36		__author__ = "Francisco Amato"
37		__copyright__ = "Copyright (c) 2013, Infobyte LLC"
38		__credits__ = ["Francisco Amato"]
39		__license__ = ""
40		__version__ = "1.0.0"
	35	__author__ = "Francisco Amato"
	36	__copyright__ = "Copyright (c) 2013, Infobyte LLC"
	37	__credits__ = ["Francisco Amato"]
	38	__license__ = ""
	39	__version__ = "1.0.0"
41	40	__maintainer__ = "Francisco Amato"
42		__email__ = "[email protected]"
43		__status__ = "Development"
44
45
46
	41	__email__ = "[email protected]"
	42	__status__ = "Development"
	43
47	44
48	45	class MetasploitOnPlugin(core.PluginBase):
49	46	"""
50	47	Example plugin to parse metasploiton output.
51	48	"""
52	49	def __init__(self):
	50
53	51	core.PluginBase.__init__(self)
54		self.id = "MetasploitOn"
55		self.name = "Metasploit Online Service Plugin"
56		self.plugin_version = "0.0.2"
57		self.version = "Metasploit 4.10.0"
58		self.framework_version = "1.0.0"
59		self.options = None
	52	self.id = "MetasploitOn"
	53	self.name = "Metasploit Online Service Plugin"
	54	self.plugin_version = "0.0.2"
	55	self.version = "Metasploit 4.10.0"
	56	self.framework_version = "1.0.0"
	57	self.options = None
60	58	self._current_output = None
61	59	self.target = None
62		self._command_regex = re.compile(r'^(metasploiton\|sudo metasploiton\|\.\/metasploiton).*?')
	60	self._command_regex = re.compile(
	61	r'^(metasploiton\|sudo metasploiton\|\.\/metasploiton).*?')
63	62
64	63	global current_path
65		# self._output_file_path = os.path.join(self.data_path,
66		# "metasploiton_output-%s.xml" % self._rid)
67
	64
68	65	self.addSetting("Database", str, "msf3")
69	66	self.addSetting("User", str, "msf3")
70	67	self.addSetting("Password", str, "EKO-1919755b")

72	69	self.addSetting("Port", str, "7337")
73	70	self.addSetting("Wordspace", str, "%%")
74	71	self.addSetting("Enable", str, "0")
75
76		self._sdate=""
77		self._lsdate=""
78		self._mwhere=""
79
80
81
82		def parseOutputString(self, output, debug = False):
	72
	73	self._sdate = ""
	74	self._lsdate = ""
	75	self._mwhere = ""
	76
	77	def parseOutputString(self, output, debug=False):
83	78	"""
84		This method will discard the output the shell sends, it will read it from
85		the xml where it expects it to be present.
	79	This method will discard the output the shell sends, it will read it
	80	from the xml where it expects it to be present.
86	81
87	82	NOTE: if 'debug' is true then it is being run from a test case and the
88	83	output being sent is valid.
89	84	"""
	85
90	86	try:
91		conn = psycopg2.connect("dbname='" + self.getSetting("Database")+ "' user='"+self.getSetting("User")+"' password='"+self.getSetting("Password")+"' host='"+self.getSetting("Server")+"' port='"+self.getSetting("Port")+"'")
	87	conn = psycopg2.connect(
	88	"dbname='" + self.getSetting("Database") + "' user='" + self.getSetting("User") + "' password='" + self.getSetting("Password") + "' host='" + self.getSetting("Server") + "' port='" + self.getSetting("Port") + "'")
92	89	cur = conn.cursor()
93	90	except Exception as e:
94	91	print e
95	92	print "Error Connection database\n"
96	93	return
97
98		cur=self._doSql(cur,"select * from hosts inner join workspaces ON (hosts.workspace_id=workspaces.id) where workspaces.name like '"+ self.getSetting("Wordspace")+"';")
	94
	95	cur = self._doSql(
	96	cur,
	97	"select * from hosts inner join workspaces ON (hosts.workspace_id=workspaces.id) where workspaces.name like '" + self.getSetting("Wordspace") + "';")
99	98	if cur is None:
100	99	print "Error getting database data\n"
101	100	return
102
103
104		self.path=self.data_path + "/"+api.getActiveWorkspace().name+ "_metasploit_last"
105
106
	101
	102	self.path = self.data_path + "/"+api.getActiveWorkspace().name + "_metasploit_last"
	103
107	104	if os.path.isfile(self.path):
108		f=open(self.path,"r")
109		self._sdate=f.readline()
	105	f = open(self.path, "r")
	106	self._sdate = f.readline()
110	107	f.close
111	108
112
113
114
115	109	for h in cur.fetchall():
116		h_id = self.createAndAddHost(str(h[2]), str(h[7]))
117
118
	110
	111	h_id = self.createAndAddHost(
	112	str(h[2]),
	113	str(h[7]))
	114
119	115	if self._isIPV4(str(h[2])):
120		i_id = self.createAndAddInterface(h_id, str(h[2]),
121		mac=str(h[3]),
122		ipv4_address=str(h[2]),
123		hostname_resolution=str(h[5])
124		)
	116
	117	i_id = self.createAndAddInterface(
	118	h_id,
	119	str(h[2]),
	120	mac=str(h[3]),
	121	ipv4_address=str(h[2]),
	122	hostname_resolution=str(h[5]))
125	123	else:
126		i_id = self.createAndAddInterface(h_id, str(h[2]),
127		mac=str(h[3]),
128		ipv6_address=str(h[2]),
129		hostname_resolution=str(h[5])
130		)
131
132
133
	124
	125	i_id = self.createAndAddInterface(
	126	h_id,
	127	str(h[2]),
	128	mac=str(h[3]),
	129	ipv6_address=str(h[2]),
	130	hostname_resolution=str(h[5]))
	131
134	132	self._checkDate(str(h[13]))
135
136
137
138		cur=self._doSql(cur,"select * from vulns where host_id="+str(h[0])+" and service_id is null"+ self._mwhere +";")
	133
	134	cur = self._doSql(
	135	cur,
	136	"select * from vulns where host_id="+str(h[0])+" and service_id is null" + self._mwhere + ";")
139	137	if cur is None:
140	138	return
141	139
142	140	for v in cur.fetchall():
	141
143	142	self._checkDate(str(v[5]))
144
145
146
147
148
149		cur=self._doSql(cur,"select * from vulns_refs inner join refs ON (vulns_refs.id=refs.id) where vulns_refs.vuln_id="+ str(v[0])+";")
	143
	144	cur = self._doSql(
	145	cur,
	146	"select * from vulns_refs inner join refs ON (vulns_refs.id=refs.id) where vulns_refs.vuln_id=" + str(v[0]) + ";")
150	147	if cur is None:
151	148	return
152
153		refs=[]
	149
	150	refs = []
154	151	for r in cur.fetchall():
155	152	self._checkDate(str(r[5]))
156	153	refs.append(r[6])
157	154
158
159		self.createAndAddVulnToHost(h_id,str(v[4]),str(v[6]),refs)
160
161
162
163		cur=self._doSql(cur,"select * from notes where host_id="+str(h[0])+" and service_id is null"+ self._mwhere +";")
	155	self.createAndAddVulnToHost(
	156	h_id,
	157	str(v[4]),
	158	str(v[6]),
	159	refs)
	160
	161	cur = self._doSql(
	162	cur,
	163	"select * from notes where host_id=" + str(h[0]) + " and service_id is null" + self._mwhere + ";")
164	164	if cur is None:
165	165	return
166	166
167	167	for n in cur.fetchall():
168	168	self._checkDate(str(n[6]))
169		self.createAndAddNoteToHost(h_id,str(n[2]),str(n[9]))
170
171
172
173		cur=self._doSql(cur,"select * from services where host_id="+str(h[0]))
	169	self.createAndAddNoteToHost(
	170	h_id,
	171	str(n[2]),
	172	str(n[9]))
	173
	174	cur = self._doSql(
	175	cur,
	176	"select * from services where host_id="+str(h[0]))
174	177	if cur is None:
175	178	return
176
	179
177	180	for s in cur.fetchall():
	181
178	182	self._checkDate(str(s[7]))
179		s_id = self.createAndAddServiceToInterface(h_id,i_id,
180		name=str(s[6]),
181		ports=[str(s[3])],
182		protocol=str(s[4]),
183		status=str(s[5]),
184		description=str(s[8]),
185		version=str(s[8]),
186		)
187
188
189
190		cur=self._doSql(cur,"select * from creds where service_id="+str(s[0])+ self._mwhere +";")
191		creds=[]
	183	s_id = self.createAndAddServiceToInterface(
	184	h_id,
	185	i_id,
	186	name=str(s[6]),
	187	ports=[str(s[3])],
	188	protocol=str(s[4]),
	189	status=str(s[5]),
	190	description=str(s[8]),
	191	version=str(s[8]))
	192
	193	cur = self._doSql(
	194	cur,
	195	"select * from creds where service_id=" + str(s[0]) + self._mwhere + ";")
	196
192	197	if cur is None:
193	198	return
194	199	for c in cur.fetchall():
195	200	self._checkDate(str(c[3]))
196		self.createAndAddCredToService(h_id,s_id,c[4],c[5])
197		self.createAndAddVulnToService(h_id, s_id, "Weak Credentials","[metasploit found the following credentials]\nuser:%s\npass:%s" % (c[4], c[5]), severity="high")
198
199
200
201
202
203
204
205		cur=self._doSql(cur,"select * from vulns where host_id="+str(h[0])+" and service_id="+str(s[0])+ self._mwhere +";")
	201
	202	self.createAndAddCredToService(
	203	h_id,
	204	s_id,
	205	c[4],
	206	c[5])
	207
	208	self.createAndAddVulnToService(
	209	h_id,
	210	s_id,
	211	"Weak Credentials",
	212	"[metasploit found the following credentials]\nuser:%s\npass:%s" % (c[4], c[5]),
	213	severity="high")
	214
	215	cur = self._doSql(
	216	cur,
	217	"select * from vulns where host_id=" + str(h[0]) + " and service_id=" + str(s[0]) + self._mwhere + ";")
206	218	if cur is None:
207	219	return
208	220
209	221	for v in cur.fetchall():
210	222	self._checkDate(str(v[5]))
211	223
212
213
214		cur=self._doSql(cur,"select * from vulns_refs inner join refs ON (vulns_refs.id=refs.id) where vulns_refs.vuln_id="+ str(v[0])+";")
	224	cur = self._doSql(
	225	cur,
	226	"select * from vulns_refs inner join refs ON (vulns_refs.id=refs.id) where vulns_refs.vuln_id=" + str(v[0]) + ";")
215	227	if cur is None:
216	228	return
217
218		refs=[]
	229
	230	refs = []
219	231	for r in cur.fetchall():
220	232	self._checkDate(str(r[5]))
221	233	refs.append(r[6])
222
223		self.createAndAddVulnToService(h_id,s_id,
224		name=str(v[4]),
225		desc=str(v[6]),ref=refs)
226
227
228
229
230		mwhere=re.sub("updated_at","web_vulns.updated_at",self._mwhere)
231		cur=self._doSql(cur,"select * from web_vulns INNER JOIN web_sites ON (web_vulns.web_site_id=web_sites.id) INNER JOIN web_vuln_category_metasploits as category ON (web_vulns.category_id=category.id) where web_sites.service_id="+str(s[0])+ mwhere +";")
	234
	235	self.createAndAddVulnToService(
	236	h_id,
	237	s_id,
	238	name=str(v[4]),
	239	desc=str(v[6]),
	240	ref=refs)
	241
	242	mwhere = re.sub(
	243	"updated_at",
	244	"web_vulns.updated_at",
	245	self._mwhere)
	246
	247	cur = self._doSql(
	248	cur,
	249	"select * from web_vulns INNER JOIN web_sites ON (web_vulns.web_site_id=web_sites.id) INNER JOIN web_vuln_category_metasploits as category ON (web_vulns.category_id=category.id) where web_sites.service_id=" + str(s[0]) + mwhere + ";")
	250
232	251	for v in cur.fetchall():
	252
233	253	self._checkDate(str(v[3]))
234		self.createAndAddVulnWebToService(h_id,s_id, name=str(v[28]), desc=str(v[29]), website=str(v[24]),
235		path=str(v[4]),request=str(v[15]), method=str(v[5]),pname=str(v[7]),
236		params=str(v[6]),query=str(v[10])
237		)
238
239
240
241
242		cur=self._doSql(cur,"select * from notes where host_id="+str(h[0])+" and service_id="+str(s[0])+ self._mwhere)
	254
	255	self.createAndAddVulnWebToService(
	256	h_id,
	257	s_id,
	258	name=str(v[28]),
	259	desc=str(v[29]),
	260	website=str(v[24]),
	261	path=str(v[4]),
	262	request=str(v[15]),
	263	method=str(v[5]),
	264	pname=str(v[7]),
	265	params=str(v[6]),
	266	query=str(v[10]))
	267
	268	cur = self._doSql(
	269	cur,
	270	"select * from notes where host_id=" + str(h[0]) + " and service_id=" + str(s[0]) + self._mwhere)
	271
243	272	if cur is None:
244	273	return
245
	274
246	275	for n in cur.fetchall():
	276
247	277	self._checkDate(str(n[6]))
248		self.createAndAddNoteToService(h_id,s_id,str(n[2]),str(n[9]))
249
250
251		cur=self._doSql(cur,"select * from web_sites where service_id="+str(s[0])+ self._mwhere)
	278
	279	self.createAndAddNoteToService(
	280	h_id,
	281	s_id,
	282	str(n[2]),
	283	str(n[9]))
	284
	285	cur = self._doSql(
	286	cur,
	287	"select * from web_sites where service_id=" + str(s[0]) + self._mwhere)
	288
252	289	for w in cur.fetchall():
	290
253	291	self._checkDate(str(w[3]))
254		n_id = self.createAndAddNoteToService(h_id,s_id,"website","")
255		n2_id = self.createAndAddNoteToNote(h_id,s_id,n_id,str(w[4]),"")
256
	292
	293	n_id = self.createAndAddNoteToService(
	294	h_id,
	295	s_id,
	296	"website",
	297	"")
	298
	299	n2_id = self.createAndAddNoteToNote(
	300	h_id,
	301	s_id,
	302	n_id,
	303	str(w[4]),
	304	"")
	305
257	306	cur.close()
258	307	conn.close()
259
260		def _doSql(self,db,sql):
	308
	309	def _doSql(self, db, sql):
261	310	try:
262	311	api.devlog("SQL:" + sql)
263	312	db.execute(sql)
264	313	except Exception, e:
265	314	print ("Error SQL[" + e.pgcode+"] - " + e.pgerror)
266	315	return None
267
	316
268	317	return db
269
270		def _checkDate(self,rowdate):
271
272		mret=True
273		msave=True
274
275		if not self._lsdate:
276
277		if self._sdate:
278		self._lsdate=self._sdate
	318
	319	def _checkDate(self, rowdate):
	320
	321	mret = True
	322	msave = True
	323
	324	if not self._lsdate:
	325
	326	if self._sdate:
	327	self._lsdate = self._sdate
279	328	else:
280		self._lsdate=rowdate
281
282
283		if self._cdate(self._lsdate,rowdate):
284		msave=False
285
	329	self._lsdate = rowdate
	330
	331	if self._cdate(self._lsdate, rowdate):
	332	msave = False
	333
286	334	if self._sdate:
287		self._mwhere =" and updated_at > to_timestamp('"+self._sdate+"','YYYY-MM-DD HH24:MI:SS.US');"
288
289
290
	335	self._mwhere = " and updated_at > to_timestamp('" + self._sdate + "','YYYY-MM-DD HH24:MI:SS.US');"
	336
291	337	if msave:
292	338	try:
293		f=open(self.path,"w")
	339	f = open(self.path, "w")
294	340	f.write(rowdate)
295	341	f.close()
296		self._lsdate=rowdate
	342	self._lsdate = rowdate
297	343	except:
298	344	print ("Can't save metasploit lastupdate file")
299	345	return
300
	346
301	347	return mret
302
303		def _cdate(self, date1,date2):
304
305		mdate=time.strptime(date1.split(".")[0],"%Y-%m-%d %H:%M:%S")
306		mdate2=time.strptime(date2.split(".")[0],"%Y-%m-%d %H:%M:%S")
307		if mdate>mdate2:
	348
	349	def _cdate(self, date1, date2):
	350
	351	mdate = time.strptime(date1.split(".")[0], "%Y-%m-%d %H:%M:%S")
	352	mdate2 = time.strptime(date2.split(".")[0], "%Y-%m-%d %H:%M:%S")
	353
	354	if mdate > mdate2:
308	355	return True
309	356	else:
310	357	return False

314	361	return True
315	362	else:
316	363	return False
317
	364
318	365	def processCommandString(self, username, current_path, command_string):
319	366	return None
320
321	367
322	368	def setHost(self):
323	369	pass

-1

plugins/repo/nessus/dotnessus_v2.py less more

295	295	continue
296	296
297	297	# If it's not a multi-valued att, store it as a string
298		setattr(self, n.tag, n.text.strip())
	298	if n.text is not None:
	299	setattr(self, n.tag, n.text.strip())
299	300
300	301	xml_report_item.clear()
301	302

+202

-234

plugins/repo/nmap/plugin.py less more

8	8	'''
9	9	from __future__ import with_statement
10	10	from plugins import core
11
12	11	import re
13	12	import os
14	13	import sys

21	20	except ImportError:
22	21	import xml.etree.ElementTree as ET
23	22	ETREE_VERSION = ET.VERSION
24
	23
25	24	ETREE_VERSION = [int(i) for i in ETREE_VERSION.split(".")]
26	25
27	26	current_path = os.path.abspath(os.getcwd())
28	27
	28
29	29	class NmapXmlParser(object):
30	30	"""
31		The objective of this class is to parse an xml file generated by the nmap tool.
	31	The objective of this class is to parse an xml file generated by
	32	the nmap tool.
32	33
33	34	TODO: Handle errors.
34		TODO: Test nmap output version. Handle what happens if the parser doesn't support it.
	35	TODO: Test nmap output version. Handle what happens if the parser
	36	doesn't support it.
35	37	TODO: Test cases.
36	38
37	39	@param nmap_xml_filepath A proper xml generated by nmap

48	50	"""
49	51	Open and parse an xml file.
50	52
51		TODO: Write custom parser to just read the nodes that we need instead of
52		reading the whole file.
	53	TODO: Write custom parser to just read the nodes that we need instead
	54	of reading the whole file.
53	55
54	56	@return xml_tree An xml tree instance. None if error.
55	57	"""
56		# with open(filepath,"r") as f:
57		# try:
58		# tree = ET.fromstring(f.read())
59		# except SyntaxError, err:
60		# print "SyntaxError: %s. %s" % (err, filepath)
61		# return None
62
63		# return tree
64		#import ipdb;ipdb.set_trace()
65		return ET.fromstring(xml_output)
	58
	59	try:
	60	return ET.fromstring(xml_output)
	61	except SyntaxError, err:
	62	print "SyntaxError: %s. %s" % (err, filepath)
	63	return None
66	64
67	65	def get_hosts(self, tree):
68	66	"""

72	70	yield Host(host_node)
73	71
74	72
75
76	73	def get_attrib_from_subnode(xml_node, subnode_xpath_expr, attrib_name):
77	74	"""
78	75	Finds a subnode in the host node and the retrieves a value from it

81	78	"""
82	79	global ETREE_VERSION
83	80	node = None
84
	81
85	82	if ETREE_VERSION[0] <= 1 and ETREE_VERSION[1] < 3:
86
87		match_obj = re.search("([^\@]+?)\[\@([^=]?)=\'([^\']?)\'",subnode_xpath_expr)
	83
	84	match_obj = re.search(
	85	"([^\@]+?)\[\@([^=]?)=\'([^\']?)\'",
	86	subnode_xpath_expr)
	87
88	88	if match_obj is not None:
	89
89	90	node_to_find = match_obj.group(1)
90	91	xpath_attrib = match_obj.group(2)
91	92	xpath_value = match_obj.group(3)
	93
92	94	for node_found in xml_node.findall(node_to_find):
93	95	if node_found.attrib[xpath_attrib] == xpath_value:
94	96	node = node_found

104	106
105	107	return None
106	108
107
108
109	109
110	110	class Host(object):
111	111	"""

125	125	self.hostname = self.hostnames[0]
126	126	else:
127	127	self.hostname = 'unknown'
128
129		self.hostnames=list(set(self.hostnames))
	128
	129	self.hostnames = list(set(self.hostnames))
130	130	self.status = self.get_status()
131	131	self.ipv4_address = self.get_ipv4_address()
132	132	self.ipv6_address = self.get_ipv6_address()
133	133	self.mac_address = self.get_mac_address()
134		self.os_guesses = [os_guess for os_guess in self.get_os_guesses()]
	134	self.os_guesses = [os_guess for os_guess in self.get_os_guesses()]
135	135	self.os = self.top_os_guess()
136	136	self.ports = [port for port in self.get_ports()]
137	137	self.vulns = [vuln for vuln in self.get_scripts()]

139	139	for p in self.ports:
140	140	if p.service is not None:
141	141	if p.service.ostype:
142		self.os=p.service.ostype
	142	self.os = p.service.ostype
143	143	break
144
145
	144
146	145	def get_hostnames(self):
147	146	"""
148		Expects to find one or more '<hostname name="localhost.localdomain" type="PTR"/>'
149		in the host node.
	147	Expects to find one or more
	148	'<hostname name="localhost.localdomain" type="PTR"/>' in the host node.
150	149
151	150	@return A list of (hostname, hostname_type) or None
152	151	"""
153	152	for hostname in self.node.findall('hostnames/hostname'):
154		yield (hostname.attrib["name"],hostname.attrib["type"])
	153	yield (hostname.attrib["name"], hostname.attrib["type"])
155	154
156	155	def get_attrib_from_subnode(self, subnode_xpath_expr, attrib_name):
157	156	"""

159	158
160	159	@return An attribute value
161	160	"""
162		return get_attrib_from_subnode(self.node, subnode_xpath_expr, attrib_name)
	161	return get_attrib_from_subnode(
	162	self.node,
	163	subnode_xpath_expr,
	164	attrib_name)
163	165
164	166	def get_status(self):
165	167	"""
166		Expects to find '<status state="up" reason="conn-refused"/>' in the node
167
	168	Expects to find '<status state="up" reason="conn-refused"/>'
	169	in the node
168	170	TODO: Use 'reason'
169
170	171	@return An status or 'unknown'
171	172	"""
172		status = self.get_attrib_from_subnode('status','state')
173
	173	status = self.get_attrib_from_subnode('status', 'state')
	174
174	175	return status if status else 'unknown'
175	176
176	177	def get_ipv4_address(self):
177	178	"""
178		Expects to find '<address addr="127.0.0.1" addrtype="ipv4"/>' in the node
	179	Expects to find '<address addr="127.0.0.1" addrtype="ipv4"/>'
	180	in the node
179	181
180	182	@return ip_address or 'unknown'
181	183	"""
182		ip_address = self.get_attrib_from_subnode("address[@addrtype='ipv4']",'addr')
	184	ip_address = self.get_attrib_from_subnode(
	185	"address[@addrtype='ipv4']",
	186	'addr')
183	187	return ip_address if ip_address else 'unknown'
184
	188
185	189	def get_ipv6_address(self):
186	190	"""
187		Expects to find '<address addr="127.0.0.1" addrtype="ipv6"/>' in the node
	191	Expects to find '<address addr="127.0.0.1" addrtype="ipv6"/>'
	192	in the node
188	193
189	194	@return ip_address or 'unknown'
190	195	"""
191		ip_address = self.get_attrib_from_subnode("address[@addrtype='ipv6']",'addr')
	196	ip_address = self.get_attrib_from_subnode(
	197	"address[@addrtype='ipv6']",
	198	'addr')
192	199	return ip_address if ip_address else 'unknown'
193	200
194	201	def get_mac_address(self):
195	202	"""
196		Expects to find '<address addr="00:08:54:26:A9:E5" addrtype="mac" vendor="Netronix" />' in the node
	203	Expects to find
	204	'<address addr="00:08:54:26:A9:E5" addrtype="mac" vendor="Netronix" />'
	205	in the node
197	206
198	207	@return mac_address or 'unknown'
199	208	"""
200		mac_address = self.get_attrib_from_subnode("address[@addrtype='mac']",'addr')
	209	mac_address = self.get_attrib_from_subnode(
	210	"address[@addrtype='mac']",
	211	'addr')
201	212	return mac_address if mac_address else 'unknown'
202	213
203	214	def get_os_guesses(self):
204	215	"""
205		Expects to find '<os>..<osclass type="general purpose" vendor="Microsoft" osfamily="Windows" osgen="2003" accuracy="96" />..</os>' in the node
	216	Expects to find
	217	'<os>..<osclass type="general purpose" vendor="Microsoft"
	218	osfamily="Windows" osgen="2003" accuracy="96" />..</os>' in the node
206	219
207	220	@return A list of (os_vendor_family_gen, accuracy)
208	221	"""
209		osclasses=self.node.findall('os/osclass')
	222	# OS information about host with great acurracy.
	223	osclasses = self.node.findall('os/osclass')
210	224	if osclasses == []:
211		osclasses=self.node.findall('os/osmatch/osclass')
212
	225	osclasses = self.node.findall('os/osmatch/osclass')
	226
213	227	for osclass in osclasses:
214	228	os_vendor = osclass.get("vendor")
215	229	os_family = osclass.get("osfamily")

217	231	accuracy = osclass.get("accuracy")
218	232
219	233	yield ("%s %s %s" % (os_vendor, os_family, os_gen), accuracy)
	234
	235	# Os information in services, bad acurracy.
	236	if osclasses == []:
	237	services = self.node.findall("ports/port/service")
	238	for service in services:
	239	ostype = service.get("ostype")
	240	yield ("%s" % ostype, 0)
	241
	242	def top_os_guess(self):
	243	"""
	244	@return The most accurate os_guess_id or 'unknown'.
	245	"""
	246	return self.os_guesses[0][0] if len(self.os_guesses) != 0 else 'unknown'
	247
220	248	def get_scripts(self):
221		"""
222		Expects to find a scripts in the node.
223		"""
	249	# Expects to find a scripts in the node.
224	250	for s in self.node.findall('hostscript/script'):
225	251	yield Script(s)
226		def top_os_guess(self):
227		"""
228		@return The most accurate os_guess_id or 'unknown'.
229		"""
230		return self.os_guesses[0][0] if len(self.os_guesses) != 0 else 'unknown'
231	252
232	253	def get_ports(self):
233	254	"""
234		Expects to find one or more '<port protocol="tcp" portid="631">...</port>' in the node.
	255	Expects to find one or more
	256	'<port protocol="tcp" portid="631">...</port>' in the node.
235	257
236	258	@return A list of Port instances or None
237	259	"""

254	276	ports.append(var)
255	277	ports = "\n".join(ports)
256	278
257		return "%s, %s, %s [%s], %s\n%s" % (self.hostnames, self.status,
258		self.ipv4_address, self.mac_address, self.os, ports)
	279	return "%s, %s, %s [%s], %s\n%s" % (
	280	self.hostnames,
	281	self.status,
	282	self.ipv4_address,
	283	self.mac_address,
	284	self.os, ports)
259	285
260	286
261	287	class Port(object):

279	305
280	306	@return An attribute value
281	307	"""
282		return get_attrib_from_subnode(self.node, subnode_xpath_expr, attrib_name)
	308	return get_attrib_from_subnode(
	309	self.node,
	310	subnode_xpath_expr,
	311	attrib_name)
283	312
284	313	def get_state(self):
285	314	"""
286		Expects to find a '<state state="open" reason="syn-ack" reason_ttl="0"/>' in the node.
	315	Expects to find a
	316	'<state state="open" reason="syn-ack" reason_ttl="0"/>' in the node.
287	317
288	318	@return (state, reason, reason_ttl) or ('unknown','unknown','unknown')
289	319	"""
290		state = self.get_attrib_from_subnode('state','state')
291		reason = self.get_attrib_from_subnode('state','reason')
292		reason_ttl = self.get_attrib_from_subnode('state','reason_ttl')
	320	state = self.get_attrib_from_subnode('state', 'state')
	321	reason = self.get_attrib_from_subnode('state', 'reason')
	322	reason_ttl = self.get_attrib_from_subnode('state', 'reason_ttl')
293	323
294	324	return (state if state else 'unknown',
295	325	reason if reason else 'unknown',

300	330	Expects to find a service in the node.
301	331	"""
302	332	service_node = self.node.find('service')
303		if service_node is not None:
	333	if service_node is not None:
304	334	return Service(service_node)
305	335
306	336	return None

311	341	"""
312	342	for s in self.node.findall('script'):
313	343	yield Script(s)
314
315	344
316	345	def __str__(self):
317	346	return "%s, %s, Service: %s" % (self.number, self.state, self.service)
318	347
	348
319	349	class Script(object):
320	350	"""
321	351	An abstract representation of a Script.
322	352
323		'<script id="http-methods" output="No Allow or Public header in OPTIONS response (status code 400)"/><script id="http-title" output="Document Error: Unauthorized"><elem key="title">Document Error: Unauthorized</elem></script>'
	353	'<script id="http-methods" output="No Allow or Public header in OPTIONS
	354	response (status code 400)"/><script id="http-title"
	355	output="Document Error: Unauthorized"><elem key="title">
	356	Document Error: Unauthorized</elem></script>'
324	357
325	358	@param script_node A script_node taken from an nmap xml tree
326	359	"""

329	362
330	363	self.name = script_node.get("id")
331	364	self.desc = script_node.get("output")
332		self.response=""
	365	self.response = ""
333	366	for k in script_node.findall("elem"):
334		self.response +="\n"+str(k.get('key')) + ": " +str(k.text)
335		self.web = True if re.search("(http-\|https-)",self.name) else False
	367	self.response += "\n"+str(k.get('key')) + ": " + str(k.text)
	368	self.web = True if re.search("(http-\|https-)", self.name) else False
336	369
337	370	def __str__(self):
338	371	return "%s, %s, %s" % (self.name, self.product, self.version)
339	372
	373
340	374	class Service(object):
341	375	"""
342	376	An abstract representation of a Service.
343	377
344		'<service name="ipp" product="CUPS" version="1.4" method="probed" conf="10"/>'
	378	'<service name="ipp" product="CUPS" version="1.4" method="probed"
	379	conf="10"/>'
345	380
346	381	@param service_node A service_node taken from an nmap xml tree
347	382	"""

371	406	"""
372	407	def __init__(self):
373	408	core.PluginBase.__init__(self)
374		self.id = "Nmap"
375		self.name = "Nmap XML Output Plugin"
376		self.plugin_version = "0.0.3"
377		self.version = "6.40"
378		self.framework_version = "1.0.0"
379		self.options = None
	409	self.id = "Nmap"
	410	self.name = "Nmap XML Output Plugin"
	411	self.plugin_version = "0.0.3"
	412	self.version = "6.40"
	413	self.framework_version = "1.0.0"
	414	self.options = None
380	415	self._current_output = None
381		self._command_regex = re.compile(r'^(sudo nmap\|nmap\|\.\/nmap).*?')
382		self._completition = {
383		'' : '',
384		"-iL":"<inputfilename>: Input from list of hosts/networks",
385		"-iR":"<num hosts>: Choose random targets",
386		"--exclude":"<host1[,host2][,host3],...>: Exclude hosts/networks",
387		"--excludefile":"<exclude_file>: Exclude list from file",
388		"-sL:":"List Scan - simply list targets to scan",
389		"-sn:":"Ping Scan - disable port scan",
390		"-Pn:":"Treat all hosts as online -- skip host discovery",
391		"-PS:":"[portlist] TCP SYN/ACK, UDP or SCTP discovery to given ports",
392		"-PA:":"[portlist] TCP SYN/ACK, UDP or SCTP discovery to given ports",
393		"-PU:":"[portlist] TCP SYN/ACK, UDP or SCTP discovery to given ports",
394		"-PY:":"[portlist] TCP SYN/ACK, UDP or SCTP discovery to given ports",
395		"-PE:":"ICMP echo, timestamp, and netmask request discovery probes",
396		"-PP:":"ICMP echo, timestamp, and netmask request discovery probes",
397		"-PM:":"ICMP echo, timestamp, and netmask request discovery probes",
398		"-PO":"[protocol list]: IP Protocol Ping",
399		"-n":"Never do DNS resolution/Always resolve [default: sometimes]",
400		"-R":"Never do DNS resolution/Always resolve [default: sometimes]",
401		"--dns-servers":"<serv1[,serv2],...>: Specify custom DNS servers",
402		"--system-dns:":"Use OS's DNS resolver",
403		"--traceroute:":"Trace hop path to each host",
404		"-sS:":"TCP SYN/Connect()/ACK/Window/Maimon scans",
405		"-sT:":"TCP SYN/Connect()/ACK/Window/Maimon scans",
406		"-sA:":"TCP SYN/Connect()/ACK/Window/Maimon scans",
407		"-sW:":"TCP SYN/Connect()/ACK/Window/Maimon scans",
408		"-sM:":"TCP SYN/Connect()/ACK/Window/Maimon scans",
409		"-sU:":"UDP Scan",
410		"-sN:":"TCP Null, FIN, and Xmas scans",
411		"-sF:":"TCP Null, FIN, and Xmas scans",
412		"-sX:":"TCP Null, FIN, and Xmas scans",
413		"--scanflags":"<flags>: Customize TCP scan flags",
414		"-sI":"<zombie host[:probeport]>: Idle scan",
415		"-sY:":"SCTP INIT/COOKIE-ECHO scans",
416		"-sZ:":"SCTP INIT/COOKIE-ECHO scans",
417		"-sO:":"IP protocol scan",
418		"-b":"<FTP relay host>: FTP bounce scan",
419		"-p":"<port ranges>: Only scan specified ports\nEx: -p22; -p1-65535; -p U:53,111,137,T:21-25,80,139,8080,S:9\naaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaAAAAAAAAAAA1",
420		"-F:":"Fast mode - Scan fewer ports than the default scan",
421		"-r:":"Scan ports consecutively - don't randomize",
422		"--top-ports":"<number>: Scan <number> most common ports",
423		"--port-ratio":"<ratio>: Scan ports more common than <ratio>",
424		"-sV:":"Probe open ports to determine service/version info",
425		"--version-intensity":"<level>: Set from 0 (light) to 9 (try all probes)",
426		"--version-light:":"Limit to most likely probes (intensity 2)",
427		"--version-all:":"Try every single probe (intensity 9)",
428		"--version-trace:":"Show detailed version scan activity (for debugging)",
429		"-sC:":"equivalent to --script=default",
430		"--script=":"<Lua scripts>: <Lua scripts> is a comma separated list of directories, script-files or script-categories",
431		"--script-args=":"<n1=v1,[n2=v2,...]>: provide arguments to scripts",
432		"--script-trace:":"Show all data sent and received",
433		"--script-updatedb:":"Update the script database.",
434		"-O:":"Enable OS detection",
435		"--osscan-limit:":"Limit OS detection to promising targets",
436		"--osscan-guess:":"Guess OS more aggressively",
437		"-T":"<0-5>: Set timing template (higher is faster)",
438		"--min-hostgroup/max-hostgroup":"<size>: Parallel host scan group sizes",
439		"--min-parallelism/max-parallelism":"<numprobes>: Probe parallelization",
440		"--min-rtt-timeout/max-rtt-timeout/initial-rtt-timeout":"<time>: Specifies",
441		"--max-retries":"<tries>: Caps number of port scan probe retransmissions.",
442		"--host-timeout":"<time>: Give up on target after this long",
443		"--scan-delay/--max-scan-delay":"<time>: Adjust delay between probes",
444		"--min-rate":"<number>: Send packets no slower than <number> per second",
445		"--max-rate":"<number>: Send packets no faster than <number> per second",
446		"-f":"<val>: fragment packets (optionally w/given MTU)",
447		"-D":"<decoy1,decoy2[,ME],...>: Cloak a scan with decoys",
448		"-S":"<IP_Address>: Spoof source address",
449		"-e":"<iface>: Use specified interface",
450		"-g":"<portnum>: Use given port number",
451		"--source-port":"<portnum>: Use given port number",
452		"--data-length":"<num>: Append random data to sent packets",
453		"--ip-options":"<options>: Send packets with specified ip options",
454		"--ttl":"<val>: Set IP time-to-live field",
455		"--spoof-mac":"<mac address/prefix/vendor name>: Spoof your MAC address",
456		"--badsum:":"Send packets with a bogus TCP/UDP/SCTP checksum",
457		"-oN":"<file>: Output scan in normal, XML, s\|<rIpt kIddi3,",
458		"-oX":"<file>: Output scan in normal, XML, s\|<rIpt kIddi3,",
459		"-oS":"<file>: Output scan in normal, XML, s\|<rIpt kIddi3,",
460		"-oG":"<file>: Output scan in normal, XML, s\|<rIpt kIddi3,",
461		"-oA":"Output in the three major formats at once",
462		"-v:":"Increase verbosity level (use -vv or more for greater effect)",
463		"-d:":"Increase debugging level (use -dd or more for greater effect)",
464		"--reason:":"Display the reason a port is in a particular state",
465		"--open:":"Only show open (or possibly open) ports",
466		"--packet-trace:":"Show all packets sent and received",
467		"--iflist:":"Print host interfaces and routes (for debugging)",
468		"--log-errors:":"Log errors/warnings to the normal-format output file",
469		"--append-output:":"Append to rather than clobber specified output files",
470		"--resume":"<filename>: Resume an aborted scan",
471		"--stylesheet":"<path/URL>: XSL stylesheet to transform XML output to HTML",
472		"--webxml:":"Reference stylesheet from Nmap.Org for more portable XML",
473		"--no-stylesheet:":"Prevent associating of XSL stylesheet w/XML output",
474		"-6:":"Enable IPv6 scanning",
475		"-A:":"Enable OS detection, version detection, script scanning, and traceroute",
476		"--datadir":"<dirname>: Specify custom Nmap data file location",
477		"--send-eth/--send-ip:":"Send using raw ethernet frames or IP packets",
478		"--privileged:":"Assume that the user is fully privileged",
479		"--unprivileged:":"Assume the user lacks raw socket privileges",
480		"-V:":"Print version number",
481		"-h:":"Print this help summary page.",
482		}
	416	self._command_regex = re.compile(r'^(sudo nmap\|nmap\|\.\/nmap).*?')
483	417
484	418	global current_path
485		self._output_file_path = os.path.join(self.data_path,
486		"nmap_output-%s.xml" % self._rid)
487
488
	419	self._output_file_path = os.path.join(
	420	self.data_path,
	421	"nmap_output-%s.xml" % self._rid)
	422
	423	self.xml_arg_re = re.compile(r"^.(-oX\s[^\s]+).*$")
489	424	self.addSetting("Scan Technique", str, "-sS")
490	425
491		def parseOutputString(self, output, debug = False):
492		"""
493		This method will discard the output the shell sends, it will read it from
494		the xml where it expects it to be present.
	426	def parseOutputString(self, output, debug=False):
	427	"""
	428	This method will discard the output the shell sends, it will read it
	429	from the xml where it expects it to be present.
495	430
496	431	NOTE: if 'debug' is true then it is being run from a test case and the
497	432	output being sent is valid.

504	439	# continue
505	440
506	441	if host.mac_address == 'unknown':
507		host.mac_address="00:00:00:00:00:00"
	442	host.mac_address = "00:00:00:00:00:00"
508	443
509	444	if host.ipv4_address != 'unknown':
510	445	minterfase = host.ipv4_address
511	446	h_id = self.createAndAddHost(minterfase, host.os)
512		i_id = self.createAndAddInterface(h_id, minterfase, host.mac_address, ipv4_address=host.ipv4_address, hostname_resolution=host.hostnames)
	447	i_id = self.createAndAddInterface(
	448	h_id,
	449	minterfase,
	450	host.mac_address,
	451	ipv4_address=host.ipv4_address,
	452	hostname_resolution=host.hostnames)
513	453	else:
514	454	minterfase = host.ipv6_address
515	455	h_id = self.createAndAddHost(minterfase, host.os)
516		i_id = self.createAndAddInterface(h_id, minterfase, host.mac_address, ipv6_address=host.ipv6_address, hostname_resolution=host.hostnames)
	456	i_id = self.createAndAddInterface(
	457	h_id,
	458	minterfase,
	459	host.mac_address,
	460	ipv6_address=host.ipv6_address,
	461	hostname_resolution=host.hostnames)
517	462
518	463	for v in host.vulns:
519		desc=v.desc
520		desc+="\nOutput: "+ v.response if v.response else ""
521		v_id = self.createAndAddVulnToHost(h_id,v.name,desc=v.desc,
522		severity=0)
	464	desc = v.desc
	465	desc += "\nOutput: " + v.response if v.response else ""
	466	v_id = self.createAndAddVulnToHost(
	467	h_id,
	468	v.name,
	469	desc=v.desc,
	470	severity=0)
523	471
524	472	for port in host.ports:
525
526		srvname=str(port.number)
527		srvversion="unknown"
	473
	474	srvname = str(port.number)
	475	srvversion = "unknown"
528	476	if port.service is not None:
529		srvname=port.service.name
530		srvversion=port.service.product if port.service.product != "unknown" else ""
531		srvversion+=" " +port.service.version if port.service.version != "unknown" else ""
532
533		s_id = self.createAndAddServiceToInterface(h_id, i_id, srvname,
534		port.protocol,
535		ports = [port.number],
536		status = port.state,
537		version = srvversion,
538		description = srvname)
539		note=True
	477	srvname = port.service.name
	478	srvversion = port.service.product if port.service.product != "unknown" else ""
	479	srvversion += " " + port.service.version if port.service.version != "unknown" else ""
	480
	481	s_id = self.createAndAddServiceToInterface(
	482	h_id,
	483	i_id,
	484	srvname,
	485	port.protocol,
	486	ports=[port.number],
	487	status=port.state,
	488	version=srvversion,
	489	description=srvname)
	490
	491	note = True
540	492	for v in port.vulns:
541	493	severity = 0
542		desc=v.desc
543		desc+="\nOutput: "+ v.response if v.response else ""
544
545		if re.search(r"VULNERABLE",desc):
	494	desc = v.desc
	495	desc += "\nOutput: " + v.response if v.response else ""
	496
	497	if re.search(r"VULNERABLE", desc):
546	498	severity = "high"
547		if re.search(r"ERROR",desc):
	499	if re.search(r"ERROR", desc):
548	500	severity = "unclassified"
549		if re.search(r"Couldn't",desc):
550		severity = "unclassified"
	501	if re.search(r"Couldn't", desc):
	502	severity = "unclassified"
551	503	if v.web:
552	504	if note:
553		n_id = self.createAndAddNoteToService(h_id,s_id,"website","")
554		n2_id = self.createAndAddNoteToNote(h_id,s_id,n_id,minterfase,"")
555		note=False
556		v_id = self.createAndAddVulnWebToService(h_id,s_id,v.name,desc=desc,
557		severity=severity,website=minterfase)
	505	n_id = self.createAndAddNoteToService(
	506	h_id,
	507	s_id,
	508	"website",
	509	"")
	510
	511	n2_id = self.createAndAddNoteToNote(
	512	h_id,
	513	s_id,
	514	n_id,
	515	minterfase,
	516	"")
	517
	518	note = False
	519	v_id = self.createAndAddVulnWebToService(
	520	h_id,
	521	s_id,
	522	v.name,
	523	desc=desc,
	524	severity=severity,
	525	website=minterfase)
558	526	else:
559		v_id = self.createAndAddVulnToService(h_id,s_id,v.name,desc=v.desc,
560		severity=severity)
561
	527	v_id = self.createAndAddVulnToService(
	528	h_id,
	529	s_id,
	530	v.name,
	531	desc=v.desc,
	532	severity=severity)
562	533	del parser
563
564	534	return True
565	535
566
567		xml_arg_re = re.compile(r"^.(-oX\s[^\s]+).*$")
568
569
570
571	536	def processCommandString(self, username, current_path, command_string):
572	537	"""
573	538	Adds the -oX parameter to get xml output to the command string that the
574	539	user has set.
575	540	"""
576		self._output_file_path = os.path.join(self.data_path,"%s_%s_output-%s.xml" % (self.get_ws(),
577		self.id,
578		random.uniform(1,10)))
	541
	542	self._output_file_path = os.path.join(
	543	self.data_path,
	544	"%s_%s_output-%s.xml" % (
	545	self.get_ws(),
	546	self.id,
	547	random.uniform(1, 10))
	548	)
579	549
580	550	arg_match = self.xml_arg_re.match(command_string)
581
582	551
583	552	if arg_match is None:
584	553	return re.sub(r"(^.*?nmap)",

589	558	r"-oX %s" % self._output_file_path,
590	559	command_string)
591	560
592
593	561	def setHost(self):
594	562	pass
595	563

+232

-125

plugins/repo/qualysguard/plugin.py less more

7	7
8	8	from __future__ import with_statement
9	9	from plugins import core
10		from model import api
11	10	import re
12	11	import os
13	12	import sys

25	24
26	25	current_path = os.path.abspath(os.getcwd())
27	26
28		__author__ = 'Francisco Amato'
29		__copyright__ = 'Copyright (c) 2013, Infobyte LLC'
30		__credits__ = ['Francisco Amato']
31		__license__ = ''
32		__version__ = '1.0.0'
	27	__author__ = 'Francisco Amato'
	28	__copyright__ = 'Copyright (c) 2013, Infobyte LLC'
	29	__credits__ = ['Francisco Amato']
	30	__license__ = ''
	31	__version__ = '1.0.0'
33	32	__maintainer__ = 'Francisco Amato'
34		__email__ = '[email protected]'
35		__status__ = 'Development'
	33	__email__ = '[email protected]'
	34	__status__ = 'Development'
36	35
37	36
38	37	def cleaner_unicode(string):

41	40	else:
42	41	return string
43	42
44		class QualysguardXmlParser(object):
45		"""
46		The objective of this class is to parse an xml file generated by the qualysguard tool.
	43
	44	def cleaner_results(string):
	45
	46	try:
	47	result = string.replace('<P>', '').replace('<UL>', ''). \
	48	replace('<LI>', '').replace('<BR>', ''). \
	49	replace('<A HREF="', '').replace('</A>', ' '). \
	50	replace('" TARGET="_blank">', ' ').replace('"', '"')
	51	return result
	52
	53	except:
	54	return ''
	55
	56
	57	class QualysguardXmlParser():
	58	"""
	59	The objective of this class is to parse an xml file generated by
	60	the qualysguard tool.
47	61
48	62	TODO: Handle errors.
49		TODO: Test qualysguard output version. Handle what happens if the parser doesn't support it.
	63	TODO: Test qualysguard output version. Handle what happens if the parser
	64	doesn't support it.
50	65	TODO: Test cases.
51	66
52	67	@param qualysguard_xml_filepath A proper xml generated by qualysguard
53	68	"""
54	69	def __init__(self, xml_output):
55	70
56		tree = self.parse_xml(xml_output)
57		if tree:
58		self.items = [data for data in self.get_items(tree)]
59		else:
	71	tree, type_report = self.parse_xml(xml_output)
	72
	73	if not tree or type_report is None:
60	74	self.items = []
	75	return
	76
	77	if type_report is 'ASSET_DATA_REPORT':
	78	self.items = [data for data in self.get_items_asset_report(tree)]
	79	elif type_report is 'SCAN':
	80	self.items = [data for data in self.get_items_scan_report(tree)]
61	81
62	82	def parse_xml(self, xml_output):
63	83	"""
64	84	Open and parse an xml file.
65	85
66		TODO: Write custom parser to just read the nodes that we need instead of
67		reading the whole file.
	86	TODO: Write custom parser to just read the nodes that we need instead
	87	of reading the whole file.
68	88
69	89	@return xml_tree An xml tree instance. None if error.
70	90	"""
	91
	92	asset_data_report = '<!DOCTYPE ASSET_DATA_REPORT SYSTEM'
	93	scan_report = '<!DOCTYPE SCAN SYSTEM'
	94
71	95	try:
72	96	tree = ET.fromstring(xml_output)
	97
	98	if asset_data_report in xml_output:
	99	type_report = 'ASSET_DATA_REPORT'
	100	elif scan_report in xml_output:
	101	type_report = 'SCAN'
	102	else:
	103	type_report = None
	104
73	105	except SyntaxError, err:
74	106	self.devlog('SyntaxError: %s. %s' % (err, xml_output))
75		return None
76
77		return tree
78
79		def get_items(self, tree):
	107	return None, None
	108
	109	return tree, type_report
	110
	111	def get_items_scan_report(self, tree):
80	112	"""
81	113	@return items A list of Host instances
82	114	"""
	115	for node in tree.findall('IP'):
	116	yield ItemScanReport(node)
	117
	118	def get_items_asset_report(self, tree):
	119	"""
	120	@return items A list of Host instances
	121	"""
83	122	for node in tree.find('HOST_LIST').findall('HOST'):
84		yield Item(node, tree)
85
86
87		class Item(object):
88		"""
89		An abstract representation of a Item (HOST)
	123	yield ItemAssetReport(node, tree)
	124
	125
	126	class ItemAssetReport():
	127	"""
	128	An abstract representation of a Item (HOST) for a Asset Report.
90	129	@param item_node A item_node taken from an qualysguard xml tree
91	130	"""
92	131	def __init__(self, item_node, tree):

102	141	glossary = tree.find('GLOSSARY/VULN_DETAILS_LIST')
103	142
104	143	for self.issue in self.node.find('VULN_INFO_LIST'):
105		yield Results(self.issue, glossary)
	144	yield ResultsAssetReport(self.issue, glossary)
106	145
107	146	def get_text_from_subnode(self, subnode_xpath_expr):
108	147	"""

117	156	return None
118	157
119	158
120		class Results():
121
	159	class ResultsAssetReport():
	160	"""
	161	A abstraction of Results for a Asset Report of Qualysguard.
	162	"""
122	163	def __init__(self, issue_node, glossary):
123	164
124		#VULN_INFO ElementTree
	165	# VULN_INFO ElementTree
125	166	self.node = issue_node
126	167	self.port = self.get_text_from_subnode(self.node, 'PORT')
127	168	self.protocol = self.get_text_from_subnode(self.node, 'PROTOCOL')

129	170	self.result = self.get_text_from_subnode(self.node, 'RESULT')
130	171
131	172	self.severity_dict = {
132		'1': 'info',
133		'2': 'low',
134		'3': 'med',
135		'4': 'high',
136		'5': 'critical'
137		}
138
139		#GLOSSARY TAG
	173	'1': 'info',
	174	'2': 'low',
	175	'3': 'med',
	176	'4': 'high',
	177	'5': 'critical'}
	178
	179	# GLOSSARY TAG
140	180	self.glossary = glossary
141	181	self.severity = self.severity_dict.get(self.get_text_from_glossary('SEVERITY'), 'info')
142	182	self.title = self.get_text_from_glossary('TITLE')

145	185	self.solution = self.get_text_from_glossary('SOLUTION')
146	186	self.impact = self.get_text_from_glossary('IMPACT')
147	187
148		#Description
149		self.desc = self.cleaner_results(self.get_text_from_glossary('THREAT'))
	188	# Description
	189	self.desc = cleaner_results(self.get_text_from_glossary('THREAT'))
150	190	if not self.desc:
151	191	self.desc = ''
152	192	if self.result:
153		self.desc += '\n\nResult: ' + self.cleaner_results(self.result)
	193	self.desc += '\n\nResult: ' + cleaner_results(self.result)
154	194	if self.impact:
155		self.desc += '\n\nImpact: ' +self.cleaner_results(self.impact)
	195	self.desc += '\n\nImpact: ' + cleaner_results(self.impact)
156	196	if self.result:
157		self.desc += '\n\nSolution: ' + self.cleaner_results(self.solution)
158
159		#References
	197	self.desc += '\n\nSolution: ' + cleaner_results(self.solution)
	198
	199	# References
160	200	self.ref = []
161		self.ref.append( self.get_text_from_glossary('CVE_ID_LIST/CVE_ID/ID') )
	201	self.ref.append(self.get_text_from_glossary('CVE_ID_LIST/CVE_ID/ID'))
162	202
163	203	if self.cvss:
164	204	self.ref.append('CVSS SCORE: ' + self.cvss)
165	205
166	206	if self.pci:
167	207	self.ref.append('PCI: ' + self.pci)
168
169		def cleaner_results(self, string):
170
171		try:
172		return string.replace('<P>', '').replace('<UL>','').replace('<LI>','').replace('<BR>', '')
173		except:
174		return ''
175	208
176	209	def get_text_from_glossary(self, tag):
177	210	"""

204	237
205	238	return None
206	239
	240
	241	class ItemScanReport():
	242	"""
	243	An abstract representation of a Item for a 'SCAN' report of Qualysguard.
	244
	245	@param item_node A item_node taken from an qualysguard xml tree
	246	"""
	247	def __init__(self, item_node):
	248	self.node = item_node
	249	self.ip = item_node.get('value')
	250	self.os = self.get_text_from_subnode('OS')
	251
	252	self.vulns = self.getResults(item_node)
	253
	254	def getResults(self, tree):
	255	"""
	256	:param tree:
	257	"""
	258	for self.issues in tree.findall('VULNS/CAT'):
	259	for v in self.issues.findall('VULN'):
	260	yield ResultsScanReport(v, self.issues)
	261	for self.issues in tree.findall('INFOS/CAT'):
	262	for v in self.issues.findall('INFO'):
	263	yield ResultsScanReport(v, self.issues)
	264
	265	def get_text_from_subnode(self, subnode_xpath_expr):
	266	"""
	267	Finds a subnode in the host node and the retrieves a value from it.
	268
	269	@return An attribute value
	270	"""
	271	sub_node = self.node.find(subnode_xpath_expr)
	272	if sub_node is not None:
	273	return sub_node.text
	274
	275	return None
	276
	277
	278	class ResultsScanReport():
	279	"""
	280	An abstraction of Result for Qualysguard 'SCAN' Report.
	281	"""
	282	def __init__(self, issue_node, parent):
	283	self.node = issue_node
	284	self.port = parent.get('port')
	285	self.protocol = parent.get('protocol')
	286	self.name = self.node.get('number')
	287	self.severity = self.node.get('severity')
	288	self.title = self.get_text_from_subnode('TITLE')
	289	self.cvss = self.get_text_from_subnode('CVSS_BASE')
	290	self.pci = self.get_text_from_subnode('PCI_FLAG')
	291	self.diagnosis = self.get_text_from_subnode('DIAGNOSIS')
	292	self.solution = self.get_text_from_subnode('SOLUTION')
	293	self.result = self.get_text_from_subnode('RESULT')
	294
	295	self.desc = cleaner_results(self.diagnosis)
	296	if self.result:
	297	self.desc += '\nResult: ' + cleaner_results(self.result)
	298	else:
	299	self.desc += ''
	300
	301	self.ref = []
	302	for r in issue_node.findall('CVE_ID_LIST/CVE_ID'):
	303	self.node = r
	304	self.ref.append(self.get_text_from_subnode('ID'))
	305	for r in issue_node.findall('BUGTRAQ_ID_LIST/BUGTRAQ_ID'):
	306	self.node = r
	307	self.ref.append('bid-'+self.get_text_from_subnode('ID'))
	308
	309	def get_text_from_subnode(self, subnode_xpath_expr):
	310	"""
	311	Finds a subnode in the host node and the retrieves a value from it.
	312
	313	@return An attribute value
	314	"""
	315	sub_node = self.node.find(subnode_xpath_expr)
	316	if sub_node is not None:
	317	return cleaner_results(cleaner_unicode(sub_node.text))
	318
	319	return None
	320
	321
207	322	class QualysguardPlugin(core.PluginBase):
208	323	"""
209	324	Example plugin to parse qualysguard output.

211	326	def __init__(self):
212	327
213	328	core.PluginBase.__init__(self)
214		self.id = 'Qualysguard'
215		self.name = 'Qualysguard XML Output Plugin'
216		self.plugin_version = '0.0.2'
217		self.version = 'Qualysguard 2016 March '
218		self.framework_version = '1.0.0'
219		self.options = None
	329	self.id = 'Qualysguard'
	330	self.name = 'Qualysguard XML Output Plugin'
	331	self.plugin_version = '0.0.2'
	332	self.version = 'Qualysguard 2016 March '
	333	self.framework_version = '1.0.0'
	334	self.options = None
220	335	self._current_output = None
221		self._command_regex = re.compile(r'^(sudo qualysguard\|\.\/qualysguard).*?')
	336	self._command_regex = re.compile(r'^(sudo qualysguard\|\.\/qualysguard).*?')
222	337
223	338	global current_path
224		self._output_file_path = os.path.join(self.data_path,
225		'qualysguard_output-%s.xml' % self._rid)
226
227		def parseOutputString(self, output, debug = False):
	339	self._output_file_path = os.path.join(
	340	self.data_path,
	341	'qualysguard_output-%s.xml' % self._rid)
	342
	343	def parseOutputString(self, output, debug=False):
228	344
229	345	parser = QualysguardXmlParser(output)
230	346
231	347	for item in parser.items:
232	348
233	349	h_id = self.createAndAddHost(
234		item.ip,
235		item.os
236		)
	350	item.ip,
	351	item.os)
237	352
238	353	i_id = self.createAndAddInterface(
239		h_id,
240		item.ip,
241		ipv4_address = item.ip,
242		hostname_resolution = item.ip
243		)
	354	h_id,
	355	item.ip,
	356	ipv4_address=item.ip,
	357	hostname_resolution=item.ip)
244	358
245	359	for v in item.vulns:
246	360
247	361	if v.port is None:
248
249		v_id = self.createAndAddVulnToHost(
250		h_id,
251		v.title if v.title else v.name,
252		ref = v.ref,
253		severity = v.severity,
254		resolution = v.solution if v.solution else '',
255		desc = v.desc
256		)
	362	self.createAndAddVulnToHost(
	363	h_id,
	364	v.title if v.title else v.name,
	365	ref=v.ref,
	366	severity=v.severity,
	367	resolution=v.solution if v.solution else '',
	368	desc=v.desc)
257	369
258	370	else:
259	371
260	372	web = False
261	373	s_id = self.createAndAddServiceToInterface(
262		h_id,
263		i_id,
264		v.port,
265		v.protocol,
266		ports = [ str(v.port) ],
267		status = 'open'
268		)
269
270		if v.port in ['80','443'] or re.search('ssl\|http', v.name):
	374	h_id,
	375	i_id,
	376	v.port,
	377	v.protocol,
	378	ports=[str(v.port)],
	379	status='open')
	380
	381	if v.port in ['80', '443'] or re.search('ssl\|http', v.name):
271	382	web = True
272	383	else:
273	384	web = False
274	385
275	386	if web:
276		v_id = self.createAndAddVulnWebToService(
277		h_id,
278		s_id,
279		v.title if v.title else v.name,
280		ref = v.ref,
281		website = item.ip,
282		severity = v.severity,
283		desc = v.desc,
284		resolution = v.solution if v.solution else ''
285		)
	387	self.createAndAddVulnWebToService(
	388	h_id,
	389	s_id,
	390	v.title if v.title else v.name,
	391	ref=v.ref,
	392	website=item.ip,
	393	severity=v.severity,
	394	desc=v.desc,
	395	resolution=v.solution if v.solution else '')
286	396
287	397	n_id = self.createAndAddNoteToService(
288		h_id,
289		s_id,
290		'website',
291		''
292		)
293
294		n2_id = self.createAndAddNoteToNote(
295		h_id,
296		s_id,
297		n_id,
298		item.ip,
299		''
300		)
	398	h_id,
	399	s_id,
	400	'website',
	401	'')
	402
	403	self.createAndAddNoteToNote(
	404	h_id,
	405	s_id,
	406	n_id,
	407	item.ip,
	408	'')
301	409
302	410	else:
303		v_id = self.createAndAddVulnToService(
304		h_id,
305		s_id,
306		v.title if v.title else v.name,
307		ref = v.ref,
308		severity = v.severity,
309		desc = v.desc,
310		resolution = v.solution if v.solution else ''
311		)
	411	self.createAndAddVulnToService(
	412	h_id,
	413	s_id,
	414	v.title if v.title else v.name,
	415	ref=v.ref,
	416	severity=v.severity,
	417	desc=v.desc,
	418	resolution=v.solution if v.solution else '')
312	419
313	420	del parser
314	421

+62

-0

test_cases/plugins/acunetix.py less more

	0	#!/usr/bin/env python2.7
	1	# -- coding: utf-8 --
	2
	3	'''
	4	Faraday Penetration Test IDE
	5	Copyright (C) 2013 Infobyte LLC (http://www.infobytesec.com/)
	6	See the file 'doc/LICENSE' for the license information
	7
	8	'''
	9
	10	import unittest
	11	import sys
	12	import os
	13	sys.path.append(os.path.abspath(os.getcwd()))
	14	from plugins.repo.acunetix.plugin import AcunetixPlugin
	15	from model.common import (
	16	factory, ModelObjectVuln, ModelObjectCred,
	17	ModelObjectVulnWeb, ModelObjectNote
	18	)
	19	from model.hosts import (
	20	Host, Service, Interface
	21	)
	22	from plugins.modelactions import modelactions
	23
	24
	25	class AcunetixParserTest(unittest.TestCase):
	26
	27	cd = os.path.dirname(os.path.realpath(__file__))
	28
	29	def setUp(self):
	30	self.plugin = AcunetixPlugin()
	31	factory.register(Host)
	32	factory.register(Interface)
	33	factory.register(Service)
	34	factory.register(ModelObjectVuln)
	35	factory.register(ModelObjectVulnWeb)
	36	factory.register(ModelObjectNote)
	37	factory.register(ModelObjectCred)
	38
	39	def test_Plugin_creates_apropiate_objects(self):
	40	self.plugin.processReport(self.cd + '/acunetix_xml')
	41	action = self.plugin._pending_actions.get(block=True)
	42	self.assertEqual(action[0], modelactions.CADDHOST)
	43	self.assertEqual(action[1], "87.230.29.167")
	44	action = self.plugin._pending_actions.get(block=True)
	45	self.assertEqual(action[0], modelactions.CADDINTERFACE)
	46	self.assertEqual(action[2], "87.230.29.167")
	47	action = self.plugin._pending_actions.get(block=True)
	48	self.assertEqual(action[0], modelactions.CADDSERVICEINT)
	49	self.assertEqual(action[5], ['80'])
	50	self.assertEqual(action[3], 'http')
	51	self.assertEqual(action[4], 'tcp')
	52	action = self.plugin._pending_actions.get(block=True)
	53	self.assertEqual(action[0], modelactions.CADDNOTESRV)
	54	action = self.plugin._pending_actions.get(block=True)
	55	self.assertEqual(action[0], modelactions.CADDNOTENOTE)
	56	action = self.plugin._pending_actions.get(block=True)
	57	self.assertEqual(action[0], modelactions.CADDVULNWEBSRV)
	58	self.assertEqual(action[3], "ASP.NET error message")
	59
	60	if __name__ == '__main__':
	61	unittest.main()

+4404

-0

test_cases/plugins/acunetix_xml less more

	0	<?xml version="1.0"?>
	1	<ScanGroup ExportedOn="14/11/2013, 11:36">
	2	<Scan>
	3	<Name><![CDATA[Scan Thread 1 ( http://testaspnet.vulnweb.com:80/ )]]></Name>
	4	<ShortName><![CDATA[Scan Thread 1]]></ShortName>
	5	<StartURL><![CDATA[http://testaspnet.vulnweb.com:80/]]></StartURL>
	6	<StartTime><![CDATA[14/11/2013, 11:30:14]]></StartTime>
	7	<FinishTime><![CDATA[14/11/2013, 11:34:08]]></FinishTime>
	8	<ScanTime><![CDATA[3 minutes, 55 seconds]]></ScanTime>
	9	<Aborted><![CDATA[True]]></Aborted>
	10	<Responsive><![CDATA[True]]></Responsive>
	11	<Banner><![CDATA[Microsoft-IIS/6.0]]></Banner>
	12	<Os><![CDATA[Windows]]></Os>
	13	<WebServer><![CDATA[IIS 6.0]]></WebServer>
	14	<Technologies><![CDATA[ASP.NET]]></Technologies>
	15	<Crawler StartUrl="http://testaspnet.vulnweb.com/">
	16	<LoginSequence>
	17	</LoginSequence>
	18	<Cookies>
	19	<Variable Name="ASP.NET_SessionId" Type="Cookie">
	20	</Variable>
	21	</Cookies>
	22	<SiteFiles>
	23	<SiteFile id="1">
	24	<Name></Name>
	25	<URL>/</URL>
	26	<FullURL>http://testaspnet.vulnweb.com/</FullURL>
	27	<Inputs>
	28	<Variable Name="/" Type="Path Fragment (suffix .aspx)">
	29	</Variable>
	30	</Inputs>
	31	<Variations>
	32	</Variations>
	33	</SiteFile>
	34	<SiteFile id="2">
	35	<Name>default.aspx</Name>
	36	<URL>/default.aspx</URL>
	37	<FullURL>http://testaspnet.vulnweb.com/default.aspx</FullURL>
	38	<Inputs>
	39	<Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
	40	</Variable>
	41	<Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
	42	</Variable>
	43	<Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
	44	</Variable>
	45	<Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
	46	</Variable>
	47	<Variable Name="delete" Type="URL encoded GET">
	48	</Variable>
	49	<Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
	50	</Variable>
	51	<Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
	52	</Variable>
	53	<Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
	54	</Variable>
	55	<Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
	56	</Variable>
	57	<Variable Name="__EVENTTARGET" Type="URL encoded GET">
	58	</Variable>
	59	</Inputs>
	60	<Variations>
	61	<Variation>
	62	<URL>http://testaspnet.vulnweb.com/default.aspx</URL>
	63	<PostData><![CDATA[__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWVwLYpJyYAwKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IM2hPdJHXXMZ9eiMzbVXhkJFAWyDk%3d&__VIEWSTATE=/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZDUAskqLyfS1MBsZINJY6LpGzdzU]]></PostData>
	64	</Variation>
	65	</Variations>
	66	</SiteFile>
	67	<SiteFile id="3">
	68	<Name>about.aspx</Name>
	69	<URL>/about.aspx</URL>
	70	<FullURL>http://testaspnet.vulnweb.com/about.aspx</FullURL>
	71	<Inputs>
	72	<Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
	73	</Variable>
	74	<Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
	75	</Variable>
	76	<Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
	77	</Variable>
	78	<Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
	79	</Variable>
	80	</Inputs>
	81	<Variations>
	82	<Variation>
	83	<URL>http://testaspnet.vulnweb.com/about.aspx</URL>
	84	<PostData><![CDATA[__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWVwKNioOoAwKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMioFdCiszghoRRSqYTihftirSM2E%3d&__VIEWSTATE=/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZCUArJ3C1Fln0zT65m8W%2b6wYPSdL]]></PostData>
	85	</Variation>
	86	</Variations>
	87	</SiteFile>
	88	<SiteFile id="4">
	89	<Name>login.aspx</Name>
	90	<URL>/login.aspx</URL>
	91	<FullURL>http://testaspnet.vulnweb.com/login.aspx</FullURL>
	92	<Inputs>
	93	<Variable Name="btnLogin" Type="URL encoded POST">
	94	</Variable>
	95	<Variable Name="btnLogin" Type="URL encoded POST">
	96	</Variable>
	97	<Variable Name="btnLogin" Type="URL encoded POST">
	98	</Variable>
	99	<Variable Name="btnLogin" Type="URL encoded POST">
	100	</Variable>
	101	<Variable Name="btnLogin" Type="URL encoded POST">
	102	</Variable>
	103	<Variable Name="btnLogin" Type="URL encoded POST">
	104	</Variable>
	105	<Variable Name="btnLogin" Type="URL encoded POST">
	106	</Variable>
	107	<Variable Name="btnLogin" Type="URL encoded POST">
	108	</Variable>
	109	<Variable Name="ReturnUrl" Type="URL encoded GET">
	110	</Variable>
	111	<Variable Name="ReturnUrl" Type="URL encoded GET">
	112	</Variable>
	113	<Variable Name="btnLogin" Type="URL encoded POST">
	114	</Variable>
	115	<Variable Name="btnLogin" Type="URL encoded POST">
	116	</Variable>
	117	<Variable Name="btnLogin" Type="URL encoded POST">
	118	</Variable>
	119	<Variable Name="btnLogin" Type="URL encoded POST">
	120	</Variable>
	121	<Variable Name="btnLogin" Type="URL encoded POST">
	122	</Variable>
	123	<Variable Name="btnLogin" Type="URL encoded POST">
	124	</Variable>
	125	<Variable Name="btnLogin" Type="URL encoded POST">
	126	</Variable>
	127	<Variable Name="btnLogin" Type="URL encoded POST">
	128	</Variable>
	129	</Inputs>
	130	<Variations>
	131	<Variation>
	132	<URL>http://testaspnet.vulnweb.com/login.aspx</URL>
	133	<PostData><![CDATA[btnLogin=Login&cbPersistCookie=on&tbPassword=g00dPa%24%24w0rD&tbUsername=ljmrwpfo&__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></PostData>
	134	</Variation>
	135	<Variation>
	136	<URL>http://testaspnet.vulnweb.com/login.aspx</URL>
	137	<PostData><![CDATA[btnLogin=Login&tbPassword=g00dPa%24%24w0rD&tbUsername=fyjmttcx&__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></PostData>
	138	</Variation>
	139	<Variation>
	140	<URL>http://testaspnet.vulnweb.com/login.aspx?ReturnUrl=/logout.aspx</URL>
	141	<PostData><![CDATA[]]></PostData>
	142	</Variation>
	143	<Variation>
	144	<URL>http://testaspnet.vulnweb.com/login.aspx?ReturnUrl=/postnews.aspx</URL>
	145	<PostData><![CDATA[]]></PostData>
	146	</Variation>
	147	<Variation>
	148	<URL>http://testaspnet.vulnweb.com/login.aspx?ReturnUrl=/logout.aspx</URL>
	149	<PostData><![CDATA[btnLogin=Login&cbPersistCookie=on&tbPassword=g00dPa%24%24w0rD&tbUsername=riqcjwfs&__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></PostData>
	150	</Variation>
	151	<Variation>
	152	<URL>http://testaspnet.vulnweb.com/login.aspx?ReturnUrl=/logout.aspx</URL>
	153	<PostData><![CDATA[btnLogin=Login&tbPassword=g00dPa%24%24w0rD&tbUsername=hjhhosnx&__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></PostData>
	154	</Variation>
	155	<Variation>
	156	<URL>http://testaspnet.vulnweb.com/login.aspx?ReturnUrl=/postnews.aspx</URL>
	157	<PostData><![CDATA[btnLogin=Login&cbPersistCookie=on&tbPassword=g00dPa%24%24w0rD&tbUsername=usighdix&__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></PostData>
	158	</Variation>
	159	<Variation>
	160	<URL>http://testaspnet.vulnweb.com/login.aspx?ReturnUrl=/postnews.aspx</URL>
	161	<PostData><![CDATA[btnLogin=Login&tbPassword=g00dPa%24%24w0rD&tbUsername=vpustxlw&__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></PostData>
	162	</Variation>
	163	<Variation>
	164	<URL>http://testaspnet.vulnweb.com/login.aspx</URL>
	165	<PostData><![CDATA[btnLogin=Login&cbPersistCookie=e&tbPassword=g00dPa%24%24w0rD&tbUsername=xeitiyuu&__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></PostData>
	166	</Variation>
	167	</Variations>
	168	</SiteFile>
	169	<SiteFile id="5">
	170	<Name>styles.css</Name>
	171	<URL>/styles.css</URL>
	172	<FullURL>http://testaspnet.vulnweb.com/styles.css</FullURL>
	173	<Inputs>
	174	</Inputs>
	175	<Variations>
	176	</Variations>
	177	</SiteFile>
	178	<SiteFile id="6">
	179	<Name>signup.aspx</Name>
	180	<URL>/signup.aspx</URL>
	181	<FullURL>http://testaspnet.vulnweb.com/signup.aspx</FullURL>
	182	<Inputs>
	183	<Variable Name="btnSignup" Type="URL encoded POST">
	184	</Variable>
	185	<Variable Name="btnSignup" Type="URL encoded POST">
	186	</Variable>
	187	<Variable Name="btnSignup" Type="URL encoded POST">
	188	</Variable>
	189	<Variable Name="btnSignup" Type="URL encoded POST">
	190	</Variable>
	191	<Variable Name="btnSignup" Type="URL encoded POST">
	192	</Variable>
	193	<Variable Name="btnSignup" Type="URL encoded POST">
	194	</Variable>
	195	<Variable Name="btnSignup" Type="URL encoded POST">
	196	</Variable>
	197	</Inputs>
	198	<Variations>
	199	<Variation>
	200	<URL>http://testaspnet.vulnweb.com/signup.aspx</URL>
	201	<PostData><![CDATA[btnSignup=Sign%20me%20up&tbPassword=g00dPa%24%24w0rD&tbUsername=paucanor&__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWWgKJ%2b8rsBQLStq24BwK3jsrkBALF97vxAQKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMe7zvcGDW1XEmT%2bKc/cai9hiHVyk%3d&__VIEWSTATE=/wEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZHEZ3VN6SP/C2xESDN/Y3p8zhfSB]]></PostData>
	202	</Variation>
	203	</Variations>
	204	</SiteFile>
	205	<SiteFile id="7">
	206	<Name>rssfeed.aspx</Name>
	207	<URL>/rssfeed.aspx</URL>
	208	<FullURL>http://testaspnet.vulnweb.com/rssfeed.aspx</FullURL>
	209	<Inputs>
	210	</Inputs>
	211	<Variations>
	212	</Variations>
	213	</SiteFile>
	214	<SiteFile id="8">
	215	<Name>readnews.aspx</Name>
	216	<URL>/readnews.aspx</URL>
	217	<FullURL>http://testaspnet.vulnweb.com/readnews.aspx</FullURL>
	218	<Inputs>
	219	<Variable Name="id" Type="URL encoded GET">
	220	</Variable>
	221	<Variable Name="id" Type="URL encoded GET">
	222	</Variable>
	223	<Variable Name="id" Type="URL encoded GET">
	224	</Variable>
	225	<Variable Name="id" Type="URL encoded GET">
	226	</Variable>
	227	<Variable Name="id" Type="URL encoded GET">
	228	</Variable>
	229	<Variable Name="NewsAd" Type="URL encoded POST">
	230	</Variable>
	231	<Variable Name="NewsAd" Type="URL encoded POST">
	232	</Variable>
	233	<Variable Name="NewsAd" Type="URL encoded POST">
	234	</Variable>
	235	<Variable Name="NewsAd" Type="URL encoded POST">
	236	</Variable>
	237	<Variable Name="id" Type="URL encoded GET">
	238	</Variable>
	239	<Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
	240	</Variable>
	241	<Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
	242	</Variable>
	243	<Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
	244	</Variable>
	245	<Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
	246	</Variable>
	247	</Inputs>
	248	<Variations>
	249	<Variation>
	250	<URL>http://testaspnet.vulnweb.com/readnews.aspx?id=2&NewsAd=ads/def.html</URL>
	251	<PostData><![CDATA[]]></PostData>
	252	</Variation>
	253	<Variation>
	254	<URL>http://testaspnet.vulnweb.com/readnews.aspx?id=0&NewsAd=ads/def.html</URL>
	255	<PostData><![CDATA[]]></PostData>
	256	</Variation>
	257	<Variation>
	258	<URL>http://testaspnet.vulnweb.com/readnews.aspx?id=3&NewsAd=ads/def.html</URL>
	259	<PostData><![CDATA[]]></PostData>
	260	</Variation>
	261	<Variation>
	262	<URL>http://testaspnet.vulnweb.com/readnews.aspx?id=2&NewsAd=ads/def.html</URL>
	263	<PostData><![CDATA[__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWVwKO/ffgDgKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMTuBuYk15KvnzAGnqqPk6tDbzR0Y%3d&__VIEWSTATE=/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2bYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWuNzxwPjxzdHJvbmc%2bQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2bPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2bPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2bIDwvdWw%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggd2FzIGZvdW5kZWQgdG8gY29tYmF0IHRoZSBhbGFybWluZyByaXNlIGluICAgICAgICAgICAgICAgICAgICAgICAgICAgIHdlYiBhdHRhY2tzLiBJdHMgZmxhZ3NoaXAgcHJvZHVjdCwgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgU2Nhbm5lciwgaXMgdGhlIHJlc3VsdCBvZiBzZXZlcmFsIHllYXJzIG9mIGRldmVsb3BtZW50ICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJ5IGEgdGVhbSBvZiBoaWdobHkgZXhwZXJpZW5jZWQgc2VjdXJpdHkgZGV2ZWxvcGVycy4gICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggaXMgYSBwcml2YXRlbHkgaGVsZCBjb21wYW55IHdpdGggaGVhZHF1YXJ0ZXJzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJhc2VkIGluIEV1cm9wZSAoTWFsdGEpIHdpdGggaXRzIE5ldyBZb3JrIFVTIG9mZmljZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY2hlZHVsZWQgdG8gb3BlbiBpbiBRMyBvZiAyMDA1LiA8L3A%2bIGQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkNCSZh%2buMoCTcXGDfVu5D5CfxA7Y%3d]]></PostData>
	264	</Variation>
	265	<Variation>
	266	<URL>http://testaspnet.vulnweb.com/readnews.aspx?id=2</URL>
	267	<PostData><![CDATA[]]></PostData>
	268	</Variation>
	269	<Variation>
	270	<URL>http://testaspnet.vulnweb.com/readnews.aspx?id=0&NewsAd=ads/def.html</URL>
	271	<PostData><![CDATA[__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWVwKO/ffgDgKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMTuBuYk15KvnzAGnqqPk6tDbzR0Y%3d&__VIEWSTATE=/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2bYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWuNzxwPjxzdHJvbmc%2bQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2bPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2bPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2bIDwvdWw%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggd2FzIGZvdW5kZWQgdG8gY29tYmF0IHRoZSBhbGFybWluZyByaXNlIGluICAgICAgICAgICAgICAgICAgICAgICAgICAgIHdlYiBhdHRhY2tzLiBJdHMgZmxhZ3NoaXAgcHJvZHVjdCwgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgU2Nhbm5lciwgaXMgdGhlIHJlc3VsdCBvZiBzZXZlcmFsIHllYXJzIG9mIGRldmVsb3BtZW50ICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJ5IGEgdGVhbSBvZiBoaWdobHkgZXhwZXJpZW5jZWQgc2VjdXJpdHkgZGV2ZWxvcGVycy4gICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggaXMgYSBwcml2YXRlbHkgaGVsZCBjb21wYW55IHdpdGggaGVhZHF1YXJ0ZXJzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJhc2VkIGluIEV1cm9wZSAoTWFsdGEpIHdpdGggaXRzIE5ldyBZb3JrIFVTIG9mZmljZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY2hlZHVsZWQgdG8gb3BlbiBpbiBRMyBvZiAyMDA1LiA8L3A%2bIGQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkNCSZh%2buMoCTcXGDfVu5D5CfxA7Y%3d]]></PostData>
	272	</Variation>
	273	<Variation>
	274	<URL>http://testaspnet.vulnweb.com/readnews.aspx?id=3&NewsAd=ads/def.html</URL>
	275	<PostData><![CDATA[__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWVwKO/ffgDgKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMTuBuYk15KvnzAGnqqPk6tDbzR0Y%3d&__VIEWSTATE=/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2bYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWuNzxwPjxzdHJvbmc%2bQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2bPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2bPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2bIDwvdWw%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggd2FzIGZvdW5kZWQgdG8gY29tYmF0IHRoZSBhbGFybWluZyByaXNlIGluICAgICAgICAgICAgICAgICAgICAgICAgICAgIHdlYiBhdHRhY2tzLiBJdHMgZmxhZ3NoaXAgcHJvZHVjdCwgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgU2Nhbm5lciwgaXMgdGhlIHJlc3VsdCBvZiBzZXZlcmFsIHllYXJzIG9mIGRldmVsb3BtZW50ICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJ5IGEgdGVhbSBvZiBoaWdobHkgZXhwZXJpZW5jZWQgc2VjdXJpdHkgZGV2ZWxvcGVycy4gICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggaXMgYSBwcml2YXRlbHkgaGVsZCBjb21wYW55IHdpdGggaGVhZHF1YXJ0ZXJzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJhc2VkIGluIEV1cm9wZSAoTWFsdGEpIHdpdGggaXRzIE5ldyBZb3JrIFVTIG9mZmljZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY2hlZHVsZWQgdG8gb3BlbiBpbiBRMyBvZiAyMDA1LiA8L3A%2bIGQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkNCSZh%2buMoCTcXGDfVu5D5CfxA7Y%3d]]></PostData>
	276	</Variation>
	277	<Variation>
	278	<URL>http://testaspnet.vulnweb.com/readnews.aspx?id=3</URL>
	279	<PostData><![CDATA[]]></PostData>
	280	</Variation>
	281	<Variation>
	282	<URL>http://testaspnet.vulnweb.com/readnews.aspx?id=2</URL>
	283	<PostData><![CDATA[__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWVwK0ovnWBgKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IM%2blktliK1xNDntOrRvIod2XbGitg%3d&__VIEWSTATE=/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2bYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWuNzxwPjxzdHJvbmc%2bQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2bPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2bPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2bIDwvdWw%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggd2FzIGZvdW5kZWQgdG8gY29tYmF0IHRoZSBhbGFybWluZyByaXNlIGluICAgICAgICAgICAgICAgICAgICAgICAgICAgIHdlYiBhdHRhY2tzLiBJdHMgZmxhZ3NoaXAgcHJvZHVjdCwgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgU2Nhbm5lciwgaXMgdGhlIHJlc3VsdCBvZiBzZXZlcmFsIHllYXJzIG9mIGRldmVsb3BtZW50ICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJ5IGEgdGVhbSBvZiBoaWdobHkgZXhwZXJpZW5jZWQgc2VjdXJpdHkgZGV2ZWxvcGVycy4gICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggaXMgYSBwcml2YXRlbHkgaGVsZCBjb21wYW55IHdpdGggaGVhZHF1YXJ0ZXJzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJhc2VkIGluIEV1cm9wZSAoTWFsdGEpIHdpdGggaXRzIE5ldyBZb3JrIFVTIG9mZmljZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY2hlZHVsZWQgdG8gb3BlbiBpbiBRMyBvZiAyMDA1LiA8L3A%2bIGQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmNkZGS78tg0yYdYIrm%2b7bJhr2ToTj/BEA%3d%3d]]></PostData>
	284	</Variation>
	285	<Variation>
	286	<URL>http://testaspnet.vulnweb.com/readnews.aspx?id=3</URL>
	287	<PostData><![CDATA[__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWVwK0ovnWBgKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IM%2blktliK1xNDntOrRvIod2XbGitg%3d&__VIEWSTATE=/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2bYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWuNzxwPjxzdHJvbmc%2bQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2bPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2bPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2bIDwvdWw%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggd2FzIGZvdW5kZWQgdG8gY29tYmF0IHRoZSBhbGFybWluZyByaXNlIGluICAgICAgICAgICAgICAgICAgICAgICAgICAgIHdlYiBhdHRhY2tzLiBJdHMgZmxhZ3NoaXAgcHJvZHVjdCwgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgU2Nhbm5lciwgaXMgdGhlIHJlc3VsdCBvZiBzZXZlcmFsIHllYXJzIG9mIGRldmVsb3BtZW50ICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJ5IGEgdGVhbSBvZiBoaWdobHkgZXhwZXJpZW5jZWQgc2VjdXJpdHkgZGV2ZWxvcGVycy4gICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggaXMgYSBwcml2YXRlbHkgaGVsZCBjb21wYW55IHdpdGggaGVhZHF1YXJ0ZXJzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJhc2VkIGluIEV1cm9wZSAoTWFsdGEpIHdpdGggaXRzIE5ldyBZb3JrIFVTIG9mZmljZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY2hlZHVsZWQgdG8gb3BlbiBpbiBRMyBvZiAyMDA1LiA8L3A%2bIGQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmNkZGS78tg0yYdYIrm%2b7bJhr2ToTj/BEA%3d%3d]]></PostData>
	288	</Variation>
	289	</Variations>
	290	</SiteFile>
	291	<SiteFile id="9">
	292	<Name>comments.aspx</Name>
	293	<URL>/comments.aspx</URL>
	294	<FullURL>http://testaspnet.vulnweb.com/comments.aspx</FullURL>
	295	<Inputs>
	296	<Variable Name="id" Type="URL encoded GET">
	297	</Variable>
	298	<Variable Name="id" Type="URL encoded GET">
	299	</Variable>
	300	<Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
	301	</Variable>
	302	<Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
	303	</Variable>
	304	<Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
	305	</Variable>
	306	<Variable Name="__EVENTARGUMENT" Type="URL encoded POST">
	307	</Variable>
	308	<Variable Name="id" Type="URL encoded GET">
	309	</Variable>
	310	<Variable Name="btnSend" Type="URL encoded POST">
	311	</Variable>
	312	<Variable Name="btnSend" Type="URL encoded POST">
	313	</Variable>
	314	<Variable Name="btnSend" Type="URL encoded POST">
	315	</Variable>
	316	<Variable Name="btnSend" Type="URL encoded POST">
	317	</Variable>
	318	<Variable Name="btnSend" Type="URL encoded POST">
	319	</Variable>
	320	<Variable Name="btnSend" Type="URL encoded POST">
	321	</Variable>
	322	</Inputs>
	323	<Variations>
	324	<Variation>
	325	<URL>http://testaspnet.vulnweb.com/comments.aspx?id=2</URL>
	326	<PostData><![CDATA[]]></PostData>
	327	</Variation>
	328	<Variation>
	329	<URL>http://testaspnet.vulnweb.com/comments.aspx?id=0</URL>
	330	<PostData><![CDATA[]]></PostData>
	331	</Variation>
	332	<Variation>
	333	<URL>http://testaspnet.vulnweb.com/comments.aspx?id=3</URL>
	334	<PostData><![CDATA[]]></PostData>
	335	</Variation>
	336	<Variation>
	337	<URL>http://testaspnet.vulnweb.com/comments.aspx?id=2</URL>
	338	<PostData><![CDATA[__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWWQLhxPPJAwKAgcfvBQKFzrr8AQKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMTN/AvEAAOD%2bI818GCE7TFNsXr%2bM%3d&__VIEWSTATE=/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2bYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WBB8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT8fAAUSUmVhZE5ld3MuYXNweD9pZD0yZAIHDxYCHwEFrAIyMSBKdWx5IDIwMDUgLSBTdGFydC11cCBjb21wYW55IEFjdW5ldGl4IHJlbGVhc2VkIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXI6IGEgdG9vbCB0byBhdXRvbWF0aWNhbGx5IGF1ZGl0IHdlYnNpdGUgc2VjdXJpdHkuIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgMiBjcmF3bHMgYW4gZW50aXJlIHdlYnNpdGUsIGxhdW5jaGVzIHBvcHVsYXIgd2ViIGF0dGFja3MgKFNRTCBJbmplY3Rpb24gZXRjLikgYW5kIGlkZW50aWZpZXMgdnVsbmVyYWJpbGl0aWVzIHRoYXQgbmVlZCB0byBiZSBmaXhlZC5kAgkPZBYCAgEPZBZUZg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgEPZBYCZg8WAh4FY2xhc3MFB0NvbW1lbnRkAgIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIED2QWAmYPFgIfAwUHQ29tbWVudGQCBQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCBg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgcPZBYCZg8WAh8DBQdDb21tZW50ZAIID2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIJD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCCg9kFgJmDxYCHwMFB0NvbW1lbnRkAgsPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgwPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIND2QWAmYPFgIfAwUHQ29tbWVudGQCDg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCDw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhAPZBYCZg8WAh8DBQdDb21tZW50ZAIRD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAISD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCEw9kFgJmDxYCHwMFB0NvbW1lbnRkAhQPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhUPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIWD2QWAmYPFgIfAwUHQ29tbWVudGQCFw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhkPZBYCZg8WAh8DBQdDb21tZW50ZAIaD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIbD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHA9kFgJmDxYCHwMFB0NvbW1lbnRkAh0PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAh4PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIfD2QWAmYPFgIfAwUHQ29tbWVudGQCIA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCIQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiIPZBYCZg8WAh8DBQdDb21tZW50ZAIjD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIkD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCJQ9kFgJmDxYCHwMFB0NvbW1lbnRkAiYPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAicPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIoD2QWAmYPFgIfAwUHQ29tbWVudGQCKQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmRkLb6CUW1qfx56qAx2J/B/XMdFeyU%3d]]></PostData>
	339	</Variation>
	340	<Variation>
	341	<URL>http://testaspnet.vulnweb.com/comments.aspx?id=3</URL>
	342	<PostData><![CDATA[btnSend=Send%20comment&tbComment=1&__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWWQKGnd2qBAKAgcfvBQKFzrr8AQKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IM6/7zO/iGsX28uMOhuqkE9gRbREU%3d&__VIEWSTATE=/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2bYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WBB8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhHwAFElJlYWROZXdzLmFzcHg/aWQ9M2QCBw8WAh8BBagBMjYgSmFudWFyeSAyMDA1IC0gQSBiZXRhIHZlcnNpb24gb2YgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciBoYXMgYmVlbiByZWxlYXNlZCB0b2RheS4gVGhlIGJldGEgaXMgYXZhaWxhYmxlIGZvciBkb3dubG9hZCBhdCBodHRwOi8vd3d3LmFjdW5ldGl4LmNvbS9kb3dubG9hZC8uZAIJD2QWAgIBD2QWcmYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIBD2QWAmYPFgIeBWNsYXNzBQdDb21tZW50ZAICD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIDD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCBA9kFgJmDxYCHwMFB0NvbW1lbnRkAgUPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIHD2QWAmYPFgIfAwUHQ29tbWVudGQCCA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCCQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgoPZBYCZg8WAh8DBQdDb21tZW50ZAILD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIMD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCDQ9kFgJmDxYCHwMFB0NvbW1lbnRkAg4PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAg8PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIQD2QWAmYPFgIfAwUHQ29tbWVudGQCEQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCEg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhMPZBYCZg8WAh8DBQdDb21tZW50ZAIUD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIVD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCFg9kFgJmDxYCHwMFB0NvbW1lbnRkAhcPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhgPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIZD2QWAmYPFgIfAwUHQ29tbWVudGQCGg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhwPZBYCZg8WAh8DBQdDb21tZW50ZAIdD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIeD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHw9kFgJmDxYCHwMFB0NvbW1lbnRkAiAPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAiEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIiD2QWAmYPFgIfAwUHQ29tbWVudGQCIw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCJA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiUPZBYCZg8WAh8DBQdDb21tZW50ZAImD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAInD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCKA9kFgJmDxYCHwMFB0NvbW1lbnRkAikPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAioPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIrD2QWAmYPFgIfAwUHQ29tbWVudGQCLA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCLQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAi4PZBYCZg8WAh8DBQdDb21tZW50ZAIvD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIwD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCMQ9kFgJmDxYCHwMFB0NvbW1lbnRkAjIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAI0D2QWAmYPFgIfAwUHQ29tbWVudGQCNQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCNg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjcPZBYCZg8WAh8DBQdDb21tZW50ZAI4D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZGRbXMsd1lEmXls/MPIgqXEnJDtSHQ%3d%3d]]></PostData>
	343	</Variation>
	344	<Variation>
	345	<URL>http://testaspnet.vulnweb.com/comments.aspx?id=0</URL>
	346	<PostData><![CDATA[btnSend=Send%20comment&tbComment=1&__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWWQKGnd2qBAKAgcfvBQKFzrr8AQKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IM6/7zO/iGsX28uMOhuqkE9gRbREU%3d&__VIEWSTATE=/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2bYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WBB8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhHwAFElJlYWROZXdzLmFzcHg/aWQ9M2QCBw8WAh8BBagBMjYgSmFudWFyeSAyMDA1IC0gQSBiZXRhIHZlcnNpb24gb2YgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciBoYXMgYmVlbiByZWxlYXNlZCB0b2RheS4gVGhlIGJldGEgaXMgYXZhaWxhYmxlIGZvciBkb3dubG9hZCBhdCBodHRwOi8vd3d3LmFjdW5ldGl4LmNvbS9kb3dubG9hZC8uZAIJD2QWAgIBD2QWcmYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIBD2QWAmYPFgIeBWNsYXNzBQdDb21tZW50ZAICD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIDD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCBA9kFgJmDxYCHwMFB0NvbW1lbnRkAgUPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIHD2QWAmYPFgIfAwUHQ29tbWVudGQCCA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCCQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgoPZBYCZg8WAh8DBQdDb21tZW50ZAILD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIMD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCDQ9kFgJmDxYCHwMFB0NvbW1lbnRkAg4PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAg8PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIQD2QWAmYPFgIfAwUHQ29tbWVudGQCEQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCEg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhMPZBYCZg8WAh8DBQdDb21tZW50ZAIUD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIVD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCFg9kFgJmDxYCHwMFB0NvbW1lbnRkAhcPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhgPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIZD2QWAmYPFgIfAwUHQ29tbWVudGQCGg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhwPZBYCZg8WAh8DBQdDb21tZW50ZAIdD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIeD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHw9kFgJmDxYCHwMFB0NvbW1lbnRkAiAPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAiEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIiD2QWAmYPFgIfAwUHQ29tbWVudGQCIw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCJA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiUPZBYCZg8WAh8DBQdDb21tZW50ZAImD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAInD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCKA9kFgJmDxYCHwMFB0NvbW1lbnRkAikPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAioPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIrD2QWAmYPFgIfAwUHQ29tbWVudGQCLA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCLQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAi4PZBYCZg8WAh8DBQdDb21tZW50ZAIvD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIwD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCMQ9kFgJmDxYCHwMFB0NvbW1lbnRkAjIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAI0D2QWAmYPFgIfAwUHQ29tbWVudGQCNQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCNg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjcPZBYCZg8WAh8DBQdDb21tZW50ZAI4D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZGRbXMsd1lEmXls/MPIgqXEnJDtSHQ%3d%3d]]></PostData>
	347	</Variation>
	348	<Variation>
	349	<URL>http://testaspnet.vulnweb.com/comments.aspx?id=2</URL>
	350	<PostData><![CDATA[btnSend=Send%20comment&tbComment=1&__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWWQKGnd2qBAKAgcfvBQKFzrr8AQKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IM6/7zO/iGsX28uMOhuqkE9gRbREU%3d&__VIEWSTATE=/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2bYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WBB8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhHwAFElJlYWROZXdzLmFzcHg/aWQ9M2QCBw8WAh8BBagBMjYgSmFudWFyeSAyMDA1IC0gQSBiZXRhIHZlcnNpb24gb2YgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciBoYXMgYmVlbiByZWxlYXNlZCB0b2RheS4gVGhlIGJldGEgaXMgYXZhaWxhYmxlIGZvciBkb3dubG9hZCBhdCBodHRwOi8vd3d3LmFjdW5ldGl4LmNvbS9kb3dubG9hZC8uZAIJD2QWAgIBD2QWcmYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIBD2QWAmYPFgIeBWNsYXNzBQdDb21tZW50ZAICD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIDD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCBA9kFgJmDxYCHwMFB0NvbW1lbnRkAgUPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAgYPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIHD2QWAmYPFgIfAwUHQ29tbWVudGQCCA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCCQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAgoPZBYCZg8WAh8DBQdDb21tZW50ZAILD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIMD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCDQ9kFgJmDxYCHwMFB0NvbW1lbnRkAg4PZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAg8PZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIQD2QWAmYPFgIfAwUHQ29tbWVudGQCEQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCEg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhMPZBYCZg8WAh8DBQdDb21tZW50ZAIUD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIVD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCFg9kFgJmDxYCHwMFB0NvbW1lbnRkAhcPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAhgPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIZD2QWAmYPFgIfAwUHQ29tbWVudGQCGg9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCGw9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAhwPZBYCZg8WAh8DBQdDb21tZW50ZAIdD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIeD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCHw9kFgJmDxYCHwMFB0NvbW1lbnRkAiAPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAiEPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIiD2QWAmYPFgIfAwUHQ29tbWVudGQCIw9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCJA9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAiUPZBYCZg8WAh8DBQdDb21tZW50ZAImD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAInD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCKA9kFgJmDxYCHwMFB0NvbW1lbnRkAikPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAioPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAIrD2QWAmYPFgIfAwUHQ29tbWVudGQCLA9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCLQ9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAi4PZBYCZg8WAh8DBQdDb21tZW50ZAIvD2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZAIwD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWJlZm9yZS5naWYiPmQCMQ9kFgJmDxYCHwMFB0NvbW1lbnRkAjIPZBYCZg8WAh8BBSQ8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYWZ0ZXIuZ2lmIj5kAjMPZBYCZg8WAh8BBSU8SU1HIHNyYz0iaW1hZ2VzL2NvbW1lbnQtYmVmb3JlLmdpZiI%2bZAI0D2QWAmYPFgIfAwUHQ29tbWVudGQCNQ9kFgJmDxYCHwEFJDxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1hZnRlci5naWYiPmQCNg9kFgJmDxYCHwEFJTxJTUcgc3JjPSJpbWFnZXMvY29tbWVudC1iZWZvcmUuZ2lmIj5kAjcPZBYCZg8WAh8DBQdDb21tZW50ZAI4D2QWAmYPFgIfAQUkPElNRyBzcmM9ImltYWdlcy9jb21tZW50LWFmdGVyLmdpZiI%2bZGRbXMsd1lEmXls/MPIgqXEnJDtSHQ%3d%3d]]></PostData>
	351	</Variation>
	352	</Variations>
	353	</SiteFile>
	354	<SiteFile id="10">
	355	<Name>images</Name>
	356	<URL>/images/</URL>
	357	<FullURL>http://testaspnet.vulnweb.com/images/</FullURL>
	358	<Inputs>
	359	</Inputs>
	360	<Variations>
	361	</Variations>
	362	</SiteFile>
	363	<SiteFile id="11">
	364	<Name>ads</Name>
	365	<URL>/ads/</URL>
	366	<FullURL>http://testaspnet.vulnweb.com/ads/</FullURL>
	367	<Inputs>
	368	</Inputs>
	369	<Variations>
	370	</Variations>
	371	</SiteFile>
	372	<SiteFile id="12">
	373	<Name>def.html</Name>
	374	<URL>/ads/def.html</URL>
	375	<FullURL>http://testaspnet.vulnweb.com/ads/def.html</FullURL>
	376	<Inputs>
	377	</Inputs>
	378	<Variations>
	379	</Variations>
	380	</SiteFile>
	381	<SiteFile id="13">
	382	<Name>aspnet_client</Name>
	383	<URL>/aspnet_client/</URL>
	384	<FullURL>http://testaspnet.vulnweb.com/aspnet_client/</FullURL>
	385	<Inputs>
	386	</Inputs>
	387	<Variations>
	388	</Variations>
	389	</SiteFile>
	390	<SiteFile id="14">
	391	<Name>system_web</Name>
	392	<URL>/aspnet_client/system_web/</URL>
	393	<FullURL>http://testaspnet.vulnweb.com/aspnet_client/system_web/</FullURL>
	394	<Inputs>
	395	</Inputs>
	396	<Variations>
	397	</Variations>
	398	</SiteFile>
	399	<SiteFile id="15">
	400	<Name>2_0_50727</Name>
	401	<URL>/aspnet_client/system_web/2_0_50727/</URL>
	402	<FullURL>http://testaspnet.vulnweb.com/aspnet_client/system_web/2_0_50727/</FullURL>
	403	<Inputs>
	404	</Inputs>
	405	<Variations>
	406	</Variations>
	407	</SiteFile>
	408	<SiteFile id="16">
	409	<Name>bin</Name>
	410	<URL>/bin/</URL>
	411	<FullURL>http://testaspnet.vulnweb.com/bin/</FullURL>
	412	<Inputs>
	413	</Inputs>
	414	<Variations>
	415	</Variations>
	416	</SiteFile>
	417	<SiteFile id="17">
	418	<Name>acublog.dll</Name>
	419	<URL>/bin/acublog.dll</URL>
	420	<FullURL>http://testaspnet.vulnweb.com/bin/acublog.dll</FullURL>
	421	<Inputs>
	422	</Inputs>
	423	<Variations>
	424	</Variations>
	425	</SiteFile>
	426	<SiteFile id="18">
	427	<Name>acublog.dll.bak</Name>
	428	<URL>/bin/acublog.dll.bak</URL>
	429	<FullURL>http://testaspnet.vulnweb.com/bin/acublog.dll.bak</FullURL>
	430	<Inputs>
	431	</Inputs>
	432	<Variations>
	433	</Variations>
	434	</SiteFile>
	435	<SiteFile id="19">
	436	<Name>acublog.pdb</Name>
	437	<URL>/bin/acublog.pdb</URL>
	438	<FullURL>http://testaspnet.vulnweb.com/bin/acublog.pdb</FullURL>
	439	<Inputs>
	440	</Inputs>
	441	<Variations>
	442	</Variations>
	443	</SiteFile>
	444	<SiteFile id="20">
	445	<Name>acuweaver.dll</Name>
	446	<URL>/bin/acuweaver.dll</URL>
	447	<FullURL>http://testaspnet.vulnweb.com/bin/acuweaver.dll</FullURL>
	448	<Inputs>
	449	</Inputs>
	450	<Variations>
	451	</Variations>
	452	</SiteFile>
	453	<SiteFile id="21">
	454	<Name>jscripts</Name>
	455	<URL>/jscripts/</URL>
	456	<FullURL>http://testaspnet.vulnweb.com/jscripts/</FullURL>
	457	<Inputs>
	458	</Inputs>
	459	<Variations>
	460	</Variations>
	461	</SiteFile>
	462	<SiteFile id="22">
	463	<Name>tiny_mce</Name>
	464	<URL>/jscripts/tiny_mce/</URL>
	465	<FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/</FullURL>
	466	<Inputs>
	467	</Inputs>
	468	<Variations>
	469	</Variations>
	470	</SiteFile>
	471	<SiteFile id="23">
	472	<Name>langs</Name>
	473	<URL>/jscripts/tiny_mce/langs/</URL>
	474	<FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/langs/</FullURL>
	475	<Inputs>
	476	</Inputs>
	477	<Variations>
	478	</Variations>
	479	</SiteFile>
	480	<SiteFile id="24">
	481	<Name>en.js</Name>
	482	<URL>/jscripts/tiny_mce/langs/en.js</URL>
	483	<FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/langs/en.js</FullURL>
	484	<Inputs>
	485	</Inputs>
	486	<Variations>
	487	</Variations>
	488	</SiteFile>
	489	<SiteFile id="25">
	490	<Name>themes</Name>
	491	<URL>/jscripts/tiny_mce/themes/</URL>
	492	<FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/themes/</FullURL>
	493	<Inputs>
	494	</Inputs>
	495	<Variations>
	496	</Variations>
	497	</SiteFile>
	498	<SiteFile id="26">
	499	<Name>simple</Name>
	500	<URL>/jscripts/tiny_mce/themes/simple/</URL>
	501	<FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/themes/simple/</FullURL>
	502	<Inputs>
	503	</Inputs>
	504	<Variations>
	505	</Variations>
	506	</SiteFile>
	507	<SiteFile id="27">
	508	<Name>css</Name>
	509	<URL>/jscripts/tiny_mce/themes/simple/css/</URL>
	510	<FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/themes/simple/css/</FullURL>
	511	<Inputs>
	512	</Inputs>
	513	<Variations>
	514	</Variations>
	515	</SiteFile>
	516	<SiteFile id="28">
	517	<Name>editor_content.css</Name>
	518	<URL>/jscripts/tiny_mce/themes/simple/css/editor_content.css</URL>
	519	<FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/themes/simple/css/editor_content.css</FullURL>
	520	<Inputs>
	521	</Inputs>
	522	<Variations>
	523	</Variations>
	524	</SiteFile>
	525	<SiteFile id="29">
	526	<Name>editor_popup.css</Name>
	527	<URL>/jscripts/tiny_mce/themes/simple/css/editor_popup.css</URL>
	528	<FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/themes/simple/css/editor_popup.css</FullURL>
	529	<Inputs>
	530	</Inputs>
	531	<Variations>
	532	</Variations>
	533	</SiteFile>
	534	<SiteFile id="30">
	535	<Name>editor_ui.css</Name>
	536	<URL>/jscripts/tiny_mce/themes/simple/css/editor_ui.css</URL>
	537	<FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/themes/simple/css/editor_ui.css</FullURL>
	538	<Inputs>
	539	</Inputs>
	540	<Variations>
	541	</Variations>
	542	</SiteFile>
	543	<SiteFile id="31">
	544	<Name>images</Name>
	545	<URL>/jscripts/tiny_mce/themes/simple/images/</URL>
	546	<FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/themes/simple/images/</FullURL>
	547	<Inputs>
	548	</Inputs>
	549	<Variations>
	550	</Variations>
	551	</SiteFile>
	552	<SiteFile id="32">
	553	<Name>editor_template.js</Name>
	554	<URL>/jscripts/tiny_mce/themes/simple/editor_template.js</URL>
	555	<FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/themes/simple/editor_template.js</FullURL>
	556	<Inputs>
	557	</Inputs>
	558	<Variations>
	559	</Variations>
	560	</SiteFile>
	561	<SiteFile id="33">
	562	<Name>editor_template_src.js</Name>
	563	<URL>/jscripts/tiny_mce/themes/simple/editor_template_src.js</URL>
	564	<FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/themes/simple/editor_template_src.js</FullURL>
	565	<Inputs>
	566	</Inputs>
	567	<Variations>
	568	</Variations>
	569	</SiteFile>
	570	<SiteFile id="34">
	571	<Name>utils</Name>
	572	<URL>/jscripts/tiny_mce/utils/</URL>
	573	<FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/utils/</FullURL>
	574	<Inputs>
	575	</Inputs>
	576	<Variations>
	577	</Variations>
	578	</SiteFile>
	579	<SiteFile id="35">
	580	<Name>form_utils.js</Name>
	581	<URL>/jscripts/tiny_mce/utils/form_utils.js</URL>
	582	<FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/utils/form_utils.js</FullURL>
	583	<Inputs>
	584	</Inputs>
	585	<Variations>
	586	</Variations>
	587	</SiteFile>
	588	<SiteFile id="36">
	589	<Name>mctabs.js</Name>
	590	<URL>/jscripts/tiny_mce/utils/mctabs.js</URL>
	591	<FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/utils/mctabs.js</FullURL>
	592	<Inputs>
	593	</Inputs>
	594	<Variations>
	595	</Variations>
	596	</SiteFile>
	597	<SiteFile id="37">
	598	<Name>validate.js</Name>
	599	<URL>/jscripts/tiny_mce/utils/validate.js</URL>
	600	<FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/utils/validate.js</FullURL>
	601	<Inputs>
	602	</Inputs>
	603	<Variations>
	604	</Variations>
	605	</SiteFile>
	606	<SiteFile id="38">
	607	<Name>blank.htm</Name>
	608	<URL>/jscripts/tiny_mce/blank.htm</URL>
	609	<FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/blank.htm</FullURL>
	610	<Inputs>
	611	</Inputs>
	612	<Variations>
	613	</Variations>
	614	</SiteFile>
	615	<SiteFile id="39">
	616	<Name>license.txt</Name>
	617	<URL>/jscripts/tiny_mce/license.txt</URL>
	618	<FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/license.txt</FullURL>
	619	<Inputs>
	620	</Inputs>
	621	<Variations>
	622	</Variations>
	623	</SiteFile>
	624	<SiteFile id="40">
	625	<Name>tiny_mce.js</Name>
	626	<URL>/jscripts/tiny_mce/tiny_mce.js</URL>
	627	<FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/tiny_mce.js</FullURL>
	628	<Inputs>
	629	</Inputs>
	630	<Variations>
	631	</Variations>
	632	</SiteFile>
	633	<SiteFile id="41">
	634	<Name>tiny_mce_popup.js</Name>
	635	<URL>/jscripts/tiny_mce/tiny_mce_popup.js</URL>
	636	<FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/tiny_mce_popup.js</FullURL>
	637	<Inputs>
	638	</Inputs>
	639	<Variations>
	640	</Variations>
	641	</SiteFile>
	642	<SiteFile id="42">
	643	<Name>tiny_mce_src.js</Name>
	644	<URL>/jscripts/tiny_mce/tiny_mce_src.js</URL>
	645	<FullURL>http://testaspnet.vulnweb.com/jscripts/tiny_mce/tiny_mce_src.js</FullURL>
	646	<Inputs>
	647	</Inputs>
	648	<Variations>
	649	</Variations>
	650	</SiteFile>
	651	<SiteFile id="43">
	652	<Name>temp</Name>
	653	<URL>/temp/</URL>
	654	<FullURL>http://testaspnet.vulnweb.com/temp/</FullURL>
	655	<Inputs>
	656	</Inputs>
	657	<Variations>
	658	</Variations>
	659	</SiteFile>
	660	<SiteFile id="44">
	661	<Name>.rnd</Name>
	662	<URL>/temp/.rnd</URL>
	663	<FullURL>http://testaspnet.vulnweb.com/temp/.rnd</FullURL>
	664	<Inputs>
	665	</Inputs>
	666	<Variations>
	667	</Variations>
	668	</SiteFile>
	669	<SiteFile id="45">
	670	<Name>utils</Name>
	671	<URL>/utils/</URL>
	672	<FullURL>http://testaspnet.vulnweb.com/utils/</FullURL>
	673	<Inputs>
	674	</Inputs>
	675	<Variations>
	676	</Variations>
	677	</SiteFile>
	678	<SiteFile id="46">
	679	<Name>usermanager.cs</Name>
	680	<URL>/utils/usermanager.cs</URL>
	681	<FullURL>http://testaspnet.vulnweb.com/utils/usermanager.cs</FullURL>
	682	<Inputs>
	683	</Inputs>
	684	<Variations>
	685	</Variations>
	686	</SiteFile>
	687	<SiteFile id="47">
	688	<Name>_vti_cnf</Name>
	689	<URL>/_vti_cnf/</URL>
	690	<FullURL>http://testaspnet.vulnweb.com/_vti_cnf/</FullURL>
	691	<Inputs>
	692	</Inputs>
	693	<Variations>
	694	</Variations>
	695	</SiteFile>
	696	<SiteFile id="48">
	697	<Name>acublog.csproj</Name>
	698	<URL>/_vti_cnf/acublog.csproj</URL>
	699	<FullURL>http://testaspnet.vulnweb.com/_vti_cnf/acublog.csproj</FullURL>
	700	<Inputs>
	701	</Inputs>
	702	<Variations>
	703	</Variations>
	704	</SiteFile>
	705	<SiteFile id="49">
	706	<Name>acublog.csproj.webinfo</Name>
	707	<URL>/_vti_cnf/acublog.csproj.webinfo</URL>
	708	<FullURL>http://testaspnet.vulnweb.com/_vti_cnf/acublog.csproj.webinfo</FullURL>
	709	<Inputs>
	710	</Inputs>
	711	<Variations>
	712	</Variations>
	713	</SiteFile>
	714	<SiteFile id="50">
	715	<Name>about.aspx.cs</Name>
	716	<URL>/about.aspx.cs</URL>
	717	<FullURL>http://testaspnet.vulnweb.com/about.aspx.cs</FullURL>
	718	<Inputs>
	719	</Inputs>
	720	<Variations>
	721	</Variations>
	722	</SiteFile>
	723	<SiteFile id="51">
	724	<Name>about.aspx.resx</Name>
	725	<URL>/about.aspx.resx</URL>
	726	<FullURL>http://testaspnet.vulnweb.com/about.aspx.resx</FullURL>
	727	<Inputs>
	728	</Inputs>
	729	<Variations>
	730	</Variations>
	731	</SiteFile>
	732	<SiteFile id="52">
	733	<Name>acublog.csproj</Name>
	734	<URL>/acublog.csproj</URL>
	735	<FullURL>http://testaspnet.vulnweb.com/acublog.csproj</FullURL>
	736	<Inputs>
	737	</Inputs>
	738	<Variations>
	739	</Variations>
	740	</SiteFile>
	741	<SiteFile id="53">
	742	<Name>acublog.csproj.webinfo</Name>
	743	<URL>/acublog.csproj.webinfo</URL>
	744	<FullURL>http://testaspnet.vulnweb.com/acublog.csproj.webinfo</FullURL>
	745	<Inputs>
	746	</Inputs>
	747	<Variations>
	748	</Variations>
	749	</SiteFile>
	750	<SiteFile id="54">
	751	<Name>assemblyinfo.cs</Name>
	752	<URL>/assemblyinfo.cs</URL>
	753	<FullURL>http://testaspnet.vulnweb.com/assemblyinfo.cs</FullURL>
	754	<Inputs>
	755	</Inputs>
	756	<Variations>
	757	</Variations>
	758	</SiteFile>
	759	<SiteFile id="55">
	760	<Name>comments.aspx.cs</Name>
	761	<URL>/comments.aspx.cs</URL>
	762	<FullURL>http://testaspnet.vulnweb.com/comments.aspx.cs</FullURL>
	763	<Inputs>
	764	</Inputs>
	765	<Variations>
	766	</Variations>
	767	</SiteFile>
	768	<SiteFile id="56">
	769	<Name>comments.aspx.resx</Name>
	770	<URL>/comments.aspx.resx</URL>
	771	<FullURL>http://testaspnet.vulnweb.com/comments.aspx.resx</FullURL>
	772	<Inputs>
	773	</Inputs>
	774	<Variations>
	775	</Variations>
	776	</SiteFile>
	777	<SiteFile id="57">
	778	<Name>default.aspx.cs</Name>
	779	<URL>/default.aspx.cs</URL>
	780	<FullURL>http://testaspnet.vulnweb.com/default.aspx.cs</FullURL>
	781	<Inputs>
	782	</Inputs>
	783	<Variations>
	784	</Variations>
	785	</SiteFile>
	786	<SiteFile id="58">
	787	<Name>default.aspx.resx</Name>
	788	<URL>/default.aspx.resx</URL>
	789	<FullURL>http://testaspnet.vulnweb.com/default.aspx.resx</FullURL>
	790	<Inputs>
	791	</Inputs>
	792	<Variations>
	793	</Variations>
	794	</SiteFile>
	795	<SiteFile id="59">
	796	<Name>global.asax</Name>
	797	<URL>/global.asax</URL>
	798	<FullURL>http://testaspnet.vulnweb.com/global.asax</FullURL>
	799	<Inputs>
	800	</Inputs>
	801	<Variations>
	802	</Variations>
	803	</SiteFile>
	804	<SiteFile id="60">
	805	<Name>global.asax.cs</Name>
	806	<URL>/global.asax.cs</URL>
	807	<FullURL>http://testaspnet.vulnweb.com/global.asax.cs</FullURL>
	808	<Inputs>
	809	</Inputs>
	810	<Variations>
	811	</Variations>
	812	</SiteFile>
	813	<SiteFile id="61">
	814	<Name>global.asax.resx</Name>
	815	<URL>/global.asax.resx</URL>
	816	<FullURL>http://testaspnet.vulnweb.com/global.asax.resx</FullURL>
	817	<Inputs>
	818	</Inputs>
	819	<Variations>
	820	</Variations>
	821	</SiteFile>
	822	<SiteFile id="62">
	823	<Name>login.aspx.cs</Name>
	824	<URL>/login.aspx.cs</URL>
	825	<FullURL>http://testaspnet.vulnweb.com/login.aspx.cs</FullURL>
	826	<Inputs>
	827	</Inputs>
	828	<Variations>
	829	</Variations>
	830	</SiteFile>
	831	<SiteFile id="63">
	832	<Name>login.aspx.resx</Name>
	833	<URL>/login.aspx.resx</URL>
	834	<FullURL>http://testaspnet.vulnweb.com/login.aspx.resx</FullURL>
	835	<Inputs>
	836	</Inputs>
	837	<Variations>
	838	</Variations>
	839	</SiteFile>
	840	<SiteFile id="64">
	841	<Name>logout.aspx</Name>
	842	<URL>/logout.aspx</URL>
	843	<FullURL>http://testaspnet.vulnweb.com/logout.aspx</FullURL>
	844	<Inputs>
	845	</Inputs>
	846	<Variations>
	847	</Variations>
	848	</SiteFile>
	849	<SiteFile id="65">
	850	<Name>logout.aspx.cs</Name>
	851	<URL>/logout.aspx.cs</URL>
	852	<FullURL>http://testaspnet.vulnweb.com/logout.aspx.cs</FullURL>
	853	<Inputs>
	854	</Inputs>
	855	<Variations>
	856	</Variations>
	857	</SiteFile>
	858	<SiteFile id="66">
	859	<Name>logout.aspx.resx</Name>
	860	<URL>/logout.aspx.resx</URL>
	861	<FullURL>http://testaspnet.vulnweb.com/logout.aspx.resx</FullURL>
	862	<Inputs>
	863	</Inputs>
	864	<Variations>
	865	</Variations>
	866	</SiteFile>
	867	<SiteFile id="67">
	868	<Name>mainmenu.ascx</Name>
	869	<URL>/mainmenu.ascx</URL>
	870	<FullURL>http://testaspnet.vulnweb.com/mainmenu.ascx</FullURL>
	871	<Inputs>
	872	</Inputs>
	873	<Variations>
	874	</Variations>
	875	</SiteFile>
	876	<SiteFile id="68">
	877	<Name>mainmenu.ascx.cs</Name>
	878	<URL>/mainmenu.ascx.cs</URL>
	879	<FullURL>http://testaspnet.vulnweb.com/mainmenu.ascx.cs</FullURL>
	880	<Inputs>
	881	</Inputs>
	882	<Variations>
	883	</Variations>
	884	</SiteFile>
	885	<SiteFile id="69">
	886	<Name>mainmenu.ascx.resx</Name>
	887	<URL>/mainmenu.ascx.resx</URL>
	888	<FullURL>http://testaspnet.vulnweb.com/mainmenu.ascx.resx</FullURL>
	889	<Inputs>
	890	</Inputs>
	891	<Variations>
	892	</Variations>
	893	</SiteFile>
	894	<SiteFile id="70">
	895	<Name>postnews.aspx</Name>
	896	<URL>/postnews.aspx</URL>
	897	<FullURL>http://testaspnet.vulnweb.com/postnews.aspx</FullURL>
	898	<Inputs>
	899	</Inputs>
	900	<Variations>
	901	</Variations>
	902	</SiteFile>
	903	<SiteFile id="71">
	904	<Name>postnews.aspx.cs</Name>
	905	<URL>/postnews.aspx.cs</URL>
	906	<FullURL>http://testaspnet.vulnweb.com/postnews.aspx.cs</FullURL>
	907	<Inputs>
	908	</Inputs>
	909	<Variations>
	910	</Variations>
	911	</SiteFile>
	912	<SiteFile id="72">
	913	<Name>postnews.aspx.resx</Name>
	914	<URL>/postnews.aspx.resx</URL>
	915	<FullURL>http://testaspnet.vulnweb.com/postnews.aspx.resx</FullURL>
	916	<Inputs>
	917	</Inputs>
	918	<Variations>
	919	</Variations>
	920	</SiteFile>
	921	<SiteFile id="73">
	922	<Name>readnews.aspx.cs</Name>
	923	<URL>/readnews.aspx.cs</URL>
	924	<FullURL>http://testaspnet.vulnweb.com/readnews.aspx.cs</FullURL>
	925	<Inputs>
	926	</Inputs>
	927	<Variations>
	928	</Variations>
	929	</SiteFile>
	930	<SiteFile id="74">
	931	<Name>readnews.aspx.resx</Name>
	932	<URL>/readnews.aspx.resx</URL>
	933	<FullURL>http://testaspnet.vulnweb.com/readnews.aspx.resx</FullURL>
	934	<Inputs>
	935	</Inputs>
	936	<Variations>
	937	</Variations>
	938	</SiteFile>
	939	<SiteFile id="75">
	940	<Name>rightpanel.ascx</Name>
	941	<URL>/rightpanel.ascx</URL>
	942	<FullURL>http://testaspnet.vulnweb.com/rightpanel.ascx</FullURL>
	943	<Inputs>
	944	</Inputs>
	945	<Variations>
	946	</Variations>
	947	</SiteFile>
	948	<SiteFile id="76">
	949	<Name>rightpanel.ascx.cs</Name>
	950	<URL>/rightpanel.ascx.cs</URL>
	951	<FullURL>http://testaspnet.vulnweb.com/rightpanel.ascx.cs</FullURL>
	952	<Inputs>
	953	</Inputs>
	954	<Variations>
	955	</Variations>
	956	</SiteFile>
	957	<SiteFile id="77">
	958	<Name>rightpanel.ascx.resx</Name>
	959	<URL>/rightpanel.ascx.resx</URL>
	960	<FullURL>http://testaspnet.vulnweb.com/rightpanel.ascx.resx</FullURL>
	961	<Inputs>
	962	</Inputs>
	963	<Variations>
	964	</Variations>
	965	</SiteFile>
	966	<SiteFile id="78">
	967	<Name>rssfeed.aspx.cs</Name>
	968	<URL>/rssfeed.aspx.cs</URL>
	969	<FullURL>http://testaspnet.vulnweb.com/rssfeed.aspx.cs</FullURL>
	970	<Inputs>
	971	</Inputs>
	972	<Variations>
	973	</Variations>
	974	</SiteFile>
	975	<SiteFile id="79">
	976	<Name>rssfeed.aspx.resx</Name>
	977	<URL>/rssfeed.aspx.resx</URL>
	978	<FullURL>http://testaspnet.vulnweb.com/rssfeed.aspx.resx</FullURL>
	979	<Inputs>
	980	</Inputs>
	981	<Variations>
	982	</Variations>
	983	</SiteFile>
	984	<SiteFile id="80">
	985	<Name>signup.aspx.cs</Name>
	986	<URL>/signup.aspx.cs</URL>
	987	<FullURL>http://testaspnet.vulnweb.com/signup.aspx.cs</FullURL>
	988	<Inputs>
	989	</Inputs>
	990	<Variations>
	991	</Variations>
	992	</SiteFile>
	993	<SiteFile id="81">
	994	<Name>signup.aspx.resx</Name>
	995	<URL>/signup.aspx.resx</URL>
	996	<FullURL>http://testaspnet.vulnweb.com/signup.aspx.resx</FullURL>
	997	<Inputs>
	998	</Inputs>
	999	<Variations>
	1000	</Variations>
	1001	</SiteFile>
	1002	<SiteFile id="82">
	1003	<Name>test.txt</Name>
	1004	<URL>/test.txt</URL>
	1005	<FullURL>http://testaspnet.vulnweb.com/test.txt</FullURL>
	1006	<Inputs>
	1007	</Inputs>
	1008	<Variations>
	1009	</Variations>
	1010	</SiteFile>
	1011	<SiteFile id="83">
	1012	<Name>web.config</Name>
	1013	<URL>/web.config</URL>
	1014	<FullURL>http://testaspnet.vulnweb.com/web.config</FullURL>
	1015	<Inputs>
	1016	</Inputs>
	1017	<Variations>
	1018	</Variations>
	1019	</SiteFile>
	1020	<SiteFile id="84">
	1021	<Name>robots.txt</Name>
	1022	<URL>/robots.txt</URL>
	1023	<FullURL>http://testaspnet.vulnweb.com/robots.txt</FullURL>
	1024	<Inputs>
	1025	</Inputs>
	1026	<Variations>
	1027	</Variations>
	1028	</SiteFile>
	1029	</SiteFiles>
	1030	</Crawler>
	1031	<ReportItems>
	1032
	1033	<ReportItem id="0" color="orange">
	1034	<Name><![CDATA[ASP.NET error message]]></Name>
	1035	<ModuleName><![CDATA[Scripting (ASP_NET_Error_Message.script)]]></ModuleName>
	1036	<Details><![CDATA[Error message pattern found: <font color="dark"><title>Illegal characters in path.</title></font><br/>Version information found: <font color="dark">Microsoft .NET Framework Version:2.0.50727.3053; ASP.NET Version:2.0.50727.3053 ⏎
	1037	</font>]]></Details>
	1038	<Affects><![CDATA[Web Server]]></Affects>
	1039	<Parameter><![CDATA[]]></Parameter>
	1040	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	1041	<AOP_SourceLine>0</AOP_SourceLine>
	1042	<AOP_Additional><![CDATA[]]></AOP_Additional>
	1043	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	1044	<Severity><![CDATA[medium]]></Severity>
	1045	<Type><![CDATA[Validation]]></Type>
	1046	<Impact><![CDATA[The error messages may disclose sensitive information. This information can be used to launch further attacks.]]></Impact>
	1047	<Description><![CDATA[By requesting a specially crafted URL is possible to generate an ASP.NET error message. The message contains the complete stack trace and Microsoft .NET Framework Version.<br/><br/>
	1048	]]></Description>
	1049	<DetailedInformation><![CDATA[]]></DetailedInformation>
	1050	<Recommendation><![CDATA[Adjust web.config to enable custom errors for remote clients. Set <b>customErrors</b> mode to <b>Off</b> or <b>RemoteOnly</b>. customErrors is part of system.web Element. RemoteOnly specifies that custom errors are shown only to the remote clients, and that ASP.NET errors are shown to the local host. This is the default value. <br/>
	1051
	1052	<pre wrap="virtual">
	1053	<configuration>
	1054	<system.web>
	1055	<customErrors mode="RemoteOnly" />
	1056	</system.web>
	1057	</configuration>
	1058	</pre>]]></Recommendation>
	1059	<TechnicalDetails>
	1060	<Request><![CDATA[GET /\|~.aspx HTTP/1.1
	1061	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	1062	Host: testaspnet.vulnweb.com
	1063	Connection: Keep-alive
	1064	Accept-Encoding: gzip,deflate
	1065	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	1066	Accept: /
	1067
	1068	]]></Request>
	1069	<Response><![CDATA[HTTP/1.1 500 Internal Server Error
	1070	Date: Thu, 14 Nov 2013 14:26:33 GMT
	1071	Server: Microsoft-IIS/6.0
	1072	X-Powered-By: ASP.NET
	1073	X-AspNet-Version: 2.0.50727
	1074	Cache-Control: private
	1075	Content-Type: text/html; charset=utf-8
	1076	Content-Length: 3670
	1077	]]></Response>
	1078	</TechnicalDetails>
	1079	<References>
	1080	<Reference>
	1081	<Database><![CDATA[customErrors Element (ASP.NET Settings Schema)]]></Database>
	1082	<URL><![CDATA[http://msdn.microsoft.com/en-us/library/vstudio/h0hfz6fc%28v=vs.100%29.aspx]]></URL>
	1083	</Reference>
	1084	</References>
	1085	</ReportItem>
	1086
	1087	<ReportItem id="1" color="orange">
	1088	<Name><![CDATA[Unencrypted __VIEWSTATE parameter]]></Name>
	1089	<ModuleName><![CDATA[Crawler]]></ModuleName>
	1090	<Details><![CDATA[form name: <font color="dark">"Form1"</font><br/>form action: <font color="dark">"Default.aspx"</font><br/>VIEWSTATE: <font color="dark">"/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZDUAskqLyfS1MBsZINJY6LpGzdzU"</font><br/>VIEWSTATE decoded: <font color="dark">"#####
	1091	-105242905#d#####d#####d#########href#
	1092	login.aspx# innerhtml##logind#######d##Visiblehdd5##J####0## #X##F###"</font><br/>]]></Details>
	1093	<Affects><![CDATA[/]]></Affects>
	1094	<Parameter><![CDATA[]]></Parameter>
	1095	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	1096	<AOP_SourceLine>0</AOP_SourceLine>
	1097	<AOP_Additional><![CDATA[]]></AOP_Additional>
	1098	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	1099	<Severity><![CDATA[medium]]></Severity>
	1100	<Type><![CDATA[Informational]]></Type>
	1101	<Impact><![CDATA[Possible sensitive information disclosure.]]></Impact>
	1102	<Description><![CDATA[The __VIEWSTATE parameter is not encrypted. To reduce the chance of someone intercepting the information stored in the ViewState, it is good design to encrypt the ViewState. To do this, set the machineKey validation type to 3DES. This instructs ASP.NET to encrypt the ViewState value using the Triple DES symmetric encryption algorithm.]]></Description>
	1103	<DetailedInformation><![CDATA[]]></DetailedInformation>
	1104	<Recommendation><![CDATA[Open <font color="dark"><b>Web.Config</b></font> and add the following line under the <font color="dark"><b><system.web></b></font> element: <br/><pre wrap="virtual"><machineKey validation="3DES"/> </pre>]]></Recommendation>
	1105	<TechnicalDetails>
	1106	<Request><![CDATA[GET / HTTP/1.1
	1107	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	1108	Host: testaspnet.vulnweb.com
	1109	Connection: Keep-alive
	1110	Accept-Encoding: gzip,deflate
	1111	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	1112	Accept: /
	1113
	1114	]]></Request>
	1115	<Response><![CDATA[HTTP/1.1 200 OK
	1116	Date: Thu, 14 Nov 2013 14:26:34 GMT
	1117	Server: Microsoft-IIS/6.0
	1118	X-Powered-By: ASP.NET
	1119	X-AspNet-Version: 2.0.50727
	1120	Cache-Control: private
	1121	Content-Type: text/html; charset=utf-8
	1122	Content-Length: 12967
	1123	]]></Response>
	1124	</TechnicalDetails>
	1125	<References></References>
	1126	</ReportItem>
	1127
	1128	<ReportItem id="2" color="blue">
	1129	<Name><![CDATA[Clickjacking: X-Frame-Options header missing]]></Name>
	1130	<ModuleName><![CDATA[Scripting (Clickjacking_X_Frame_Options.script)]]></ModuleName>
	1131	<Details><![CDATA[No details are available.]]></Details>
	1132	<Affects><![CDATA[Web Server]]></Affects>
	1133	<Parameter><![CDATA[]]></Parameter>
	1134	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	1135	<AOP_SourceLine>0</AOP_SourceLine>
	1136	<AOP_Additional><![CDATA[]]></AOP_Additional>
	1137	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	1138	<Severity><![CDATA[low]]></Severity>
	1139	<Type><![CDATA[Configuration]]></Type>
	1140	<Impact><![CDATA[The impact depends on the affected web application. ]]></Impact>
	1141	<Description><![CDATA[Clickjacking (User Interface redress attack, UI redress attack, UI redressing) is a malicious technique of tricking a Web user into clicking on something different from what the user perceives they are clicking on, thus potentially revealing confidential information or taking control of their computer while clicking on seemingly innocuous web pages. <br/><br/>
	1142	The server didn't return an <b>X-Frame-Options</b> header which means that this website could be at risk of a clickjacking attack. The X-Frame-Options HTTP response header can be used to indicate whether or not a browser should be allowed to render a page in a <frame> or <iframe>. Sites can use this to avoid clickjacking attacks, by ensuring that their content is not embedded into other sites.
	1143	]]></Description>
	1144	<DetailedInformation><![CDATA[]]></DetailedInformation>
	1145	<Recommendation><![CDATA[Configure your web server to include an X-Frame-Options header. Consult Web references for more information about the possible values for this header.]]></Recommendation>
	1146	<TechnicalDetails>
	1147	<Request><![CDATA[GET / HTTP/1.1
	1148	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	1149	Host: testaspnet.vulnweb.com
	1150	Connection: Keep-alive
	1151	Accept-Encoding: gzip,deflate
	1152	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	1153	Accept: /
	1154
	1155	]]></Request>
	1156	<Response><![CDATA[HTTP/1.1 200 OK
	1157	Date: Thu, 14 Nov 2013 14:26:34 GMT
	1158	Server: Microsoft-IIS/6.0
	1159	X-Powered-By: ASP.NET
	1160	X-AspNet-Version: 2.0.50727
	1161	Cache-Control: private
	1162	Content-Type: text/html; charset=utf-8
	1163	Content-Length: 12967
	1164	]]></Response>
	1165	</TechnicalDetails>
	1166	<References>
	1167	<Reference>
	1168	<Database><![CDATA[The X-Frame-Options response header]]></Database>
	1169	<URL><![CDATA[https://developer.mozilla.org/en-US/docs/HTTP/X-Frame-Options]]></URL>
	1170	</Reference>
	1171	<Reference>
	1172	<Database><![CDATA[Clickjacking]]></Database>
	1173	<URL><![CDATA[http://en.wikipedia.org/wiki/Clickjacking]]></URL>
	1174	</Reference>
	1175	<Reference>
	1176	<Database><![CDATA[Original Clickjacking paper]]></Database>
	1177	<URL><![CDATA[http://www.sectheory.com/clickjacking.htm]]></URL>
	1178	</Reference>
	1179	</References>
	1180	</ReportItem>
	1181
	1182	<ReportItem id="3" color="orange">
	1183	<Name><![CDATA[Unencrypted __VIEWSTATE parameter]]></Name>
	1184	<ModuleName><![CDATA[Crawler]]></ModuleName>
	1185	<Details><![CDATA[form name: <font color="dark">"Form1"</font><br/>form action: <font color="dark">"about.aspx"</font><br/>VIEWSTATE: <font color="dark">"/wEPDwUKLTEwNTI0MjkwNQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZCUArJ3C1Fln0zT65m8W+6wYPSdL"</font><br/>VIEWSTATE decoded: <font color="dark">"#####
	1186	-105242905#d#####d#####d#########href#
	1187	login.aspx# innerhtml##logind#######d##Visiblehdd%#####Yg#4##o####='K"</font><br/>]]></Details>
	1188	<Affects><![CDATA[/about.aspx]]></Affects>
	1189	<Parameter><![CDATA[]]></Parameter>
	1190	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	1191	<AOP_SourceLine>0</AOP_SourceLine>
	1192	<AOP_Additional><![CDATA[]]></AOP_Additional>
	1193	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	1194	<Severity><![CDATA[medium]]></Severity>
	1195	<Type><![CDATA[Informational]]></Type>
	1196	<Impact><![CDATA[Possible sensitive information disclosure.]]></Impact>
	1197	<Description><![CDATA[The __VIEWSTATE parameter is not encrypted. To reduce the chance of someone intercepting the information stored in the ViewState, it is good design to encrypt the ViewState. To do this, set the machineKey validation type to 3DES. This instructs ASP.NET to encrypt the ViewState value using the Triple DES symmetric encryption algorithm.]]></Description>
	1198	<DetailedInformation><![CDATA[]]></DetailedInformation>
	1199	<Recommendation><![CDATA[Open <font color="dark"><b>Web.Config</b></font> and add the following line under the <font color="dark"><b><system.web></b></font> element: <br/><pre wrap="virtual"><machineKey validation="3DES"/> </pre>]]></Recommendation>
	1200	<TechnicalDetails>
	1201	<Request><![CDATA[GET /about.aspx HTTP/1.1
	1202	Pragma: no-cache
	1203	Cache-Control: no-cache
	1204	Referer: http://testaspnet.vulnweb.com/
	1205	Acunetix-Aspect: enabled
	1206	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	1207	Acunetix-Aspect-Queries: aspectalerts
	1208	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	1209	Host: testaspnet.vulnweb.com
	1210	Connection: Keep-alive
	1211	Accept-Encoding: gzip,deflate
	1212	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	1213	Accept: /
	1214
	1215	]]></Request>
	1216	<Response><![CDATA[HTTP/1.1 200 OK
	1217	Date: Thu, 14 Nov 2013 14:26:35 GMT
	1218	Server: Microsoft-IIS/6.0
	1219	X-Powered-By: ASP.NET
	1220	X-AspNet-Version: 2.0.50727
	1221	Cache-Control: private
	1222	Content-Type: text/html; charset=utf-8
	1223	Content-Length: 13528
	1224	]]></Response>
	1225	</TechnicalDetails>
	1226	<References></References>
	1227	</ReportItem>
	1228
	1229	<ReportItem id="4" color="green">
	1230	<Name><![CDATA[Password type input with auto-complete enabled]]></Name>
	1231	<ModuleName><![CDATA[Crawler]]></ModuleName>
	1232	<Details><![CDATA[Password type input named <b><font color="dark">tbPassword</font></b> from form named <b>frmLogin</b> with action <b>login.aspx</b> has autocomplete enabled.]]></Details>
	1233	<Affects><![CDATA[/login.aspx]]></Affects>
	1234	<Parameter><![CDATA[]]></Parameter>
	1235	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	1236	<AOP_SourceLine>0</AOP_SourceLine>
	1237	<AOP_Additional><![CDATA[]]></AOP_Additional>
	1238	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	1239	<Severity><![CDATA[info]]></Severity>
	1240	<Type><![CDATA[Informational]]></Type>
	1241	<Impact><![CDATA[Possible sensitive information disclosure]]></Impact>
	1242	<Description><![CDATA[When a new name and password is entered in a form and the form is submitted, the browser asks if the password should be saved. Thereafter when the form is displayed, the name and password are filled in automatically or are completed as the name is entered. An attacker with local access could obtain the cleartext password from the browser cache.]]></Description>
	1243	<DetailedInformation><![CDATA[]]></DetailedInformation>
	1244	<Recommendation><![CDATA[The password auto-complete should be disabled in sensitive applications. <br/>To disable auto-complete, you may use a code similar to: <pre wrap="virtual"><code><INPUT TYPE="password" AUTOCOMPLETE="off"></code></pre>]]></Recommendation>
	1245	<TechnicalDetails>
	1246	<Request><![CDATA[GET /login.aspx HTTP/1.1
	1247	Pragma: no-cache
	1248	Cache-Control: no-cache
	1249	Referer: http://testaspnet.vulnweb.com/
	1250	Acunetix-Aspect: enabled
	1251	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	1252	Acunetix-Aspect-Queries: aspectalerts
	1253	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	1254	Host: testaspnet.vulnweb.com
	1255	Connection: Keep-alive
	1256	Accept-Encoding: gzip,deflate
	1257	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	1258	Accept: /
	1259
	1260	]]></Request>
	1261	<Response><![CDATA[HTTP/1.1 200 OK
	1262	Date: Thu, 14 Nov 2013 14:26:35 GMT
	1263	Server: Microsoft-IIS/6.0
	1264	X-Powered-By: ASP.NET
	1265	X-AspNet-Version: 2.0.50727
	1266	Cache-Control: private
	1267	Content-Type: text/html; charset=utf-8
	1268	Content-Length: 12329
	1269	]]></Response>
	1270	</TechnicalDetails>
	1271	<References></References>
	1272	</ReportItem>
	1273
	1274	<ReportItem id="5" color="orange">
	1275	<Name><![CDATA[User credentials are sent in clear text]]></Name>
	1276	<ModuleName><![CDATA[Crawler]]></ModuleName>
	1277	<Details><![CDATA[Form name: <font color="navy">frmLogin</font><br/>Form action: <font color="navy">http://testaspnet.vulnweb.com/login.aspx</font><br/>Form method: <font color="navy">POST</font><br/><br/>Form inputs:<br/><ul><li>__EVENTTARGET [Hidden]</li><li>__EVENTARGUMENT [Hidden]</li><li>__VIEWSTATE [Hidden]</li><li>__EVENTVALIDATION [Hidden]</li><li>tbUsername [Text]</li><li>tbPassword [Password]</li><li>cbPersistCookie [Checkbox]</li><li>btnLogin [Submit]</li></ul>]]></Details>
	1278	<Affects><![CDATA[/login.aspx]]></Affects>
	1279	<Parameter><![CDATA[]]></Parameter>
	1280	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	1281	<AOP_SourceLine>0</AOP_SourceLine>
	1282	<AOP_Additional><![CDATA[]]></AOP_Additional>
	1283	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	1284	<Severity><![CDATA[medium]]></Severity>
	1285	<Type><![CDATA[Informational]]></Type>
	1286	<Impact><![CDATA[A third party may be able to read the user credentials by intercepting an unencrypted HTTP connection.]]></Impact>
	1287	<Description><![CDATA[User credentials are transmitted over an unencrypted channel. This information should always be transferred via an encrypted channel (HTTPS) to avoid being intercepted by malicious users.]]></Description>
	1288	<DetailedInformation><![CDATA[]]></DetailedInformation>
	1289	<Recommendation><![CDATA[Because user credentials are considered sensitive information, should always be transferred to the server over an encrypted connection (HTTPS).]]></Recommendation>
	1290	<TechnicalDetails>
	1291	<Request><![CDATA[GET /login.aspx HTTP/1.1
	1292	Pragma: no-cache
	1293	Cache-Control: no-cache
	1294	Referer: http://testaspnet.vulnweb.com/
	1295	Acunetix-Aspect: enabled
	1296	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	1297	Acunetix-Aspect-Queries: aspectalerts
	1298	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	1299	Host: testaspnet.vulnweb.com
	1300	Connection: Keep-alive
	1301	Accept-Encoding: gzip,deflate
	1302	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	1303	Accept: /
	1304
	1305	]]></Request>
	1306	<Response><![CDATA[HTTP/1.1 200 OK
	1307	Date: Thu, 14 Nov 2013 14:26:35 GMT
	1308	Server: Microsoft-IIS/6.0
	1309	X-Powered-By: ASP.NET
	1310	X-AspNet-Version: 2.0.50727
	1311	Cache-Control: private
	1312	Content-Type: text/html; charset=utf-8
	1313	Content-Length: 12329
	1314	]]></Response>
	1315	</TechnicalDetails>
	1316	<References></References>
	1317	</ReportItem>
	1318
	1319	<ReportItem id="6" color="orange">
	1320	<Name><![CDATA[Unencrypted __VIEWSTATE parameter]]></Name>
	1321	<ModuleName><![CDATA[Crawler]]></ModuleName>
	1322	<Details><![CDATA[form name: <font color="dark">"frmLogin"</font><br/>form action: <font color="dark">"login.aspx"</font><br/>VIEWSTATE: <font color="dark">"/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W+w+8Zj9n0mGriLs0UbfzYNdg=="</font><br/>VIEWSTATE decoded: <font color="dark">"#####
	1323	-223969811#d#####d#####d#########href#
	1324	login.aspx# innerhtml##logind#######d##Visiblehd####__ControlsRequirePostBackKey__####cbPersistCookie##o###c#}&####E#6 ⏎
	1325	v"</font><br/>]]></Details>
	1326	<Affects><![CDATA[/login.aspx]]></Affects>
	1327	<Parameter><![CDATA[]]></Parameter>
	1328	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	1329	<AOP_SourceLine>0</AOP_SourceLine>
	1330	<AOP_Additional><![CDATA[]]></AOP_Additional>
	1331	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	1332	<Severity><![CDATA[medium]]></Severity>
	1333	<Type><![CDATA[Informational]]></Type>
	1334	<Impact><![CDATA[Possible sensitive information disclosure.]]></Impact>
	1335	<Description><![CDATA[The __VIEWSTATE parameter is not encrypted. To reduce the chance of someone intercepting the information stored in the ViewState, it is good design to encrypt the ViewState. To do this, set the machineKey validation type to 3DES. This instructs ASP.NET to encrypt the ViewState value using the Triple DES symmetric encryption algorithm.]]></Description>
	1336	<DetailedInformation><![CDATA[]]></DetailedInformation>
	1337	<Recommendation><![CDATA[Open <font color="dark"><b>Web.Config</b></font> and add the following line under the <font color="dark"><b><system.web></b></font> element: <br/><pre wrap="virtual"><machineKey validation="3DES"/> </pre>]]></Recommendation>
	1338	<TechnicalDetails>
	1339	<Request><![CDATA[GET /login.aspx HTTP/1.1
	1340	Pragma: no-cache
	1341	Cache-Control: no-cache
	1342	Referer: http://testaspnet.vulnweb.com/
	1343	Acunetix-Aspect: enabled
	1344	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	1345	Acunetix-Aspect-Queries: aspectalerts
	1346	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	1347	Host: testaspnet.vulnweb.com
	1348	Connection: Keep-alive
	1349	Accept-Encoding: gzip,deflate
	1350	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	1351	Accept: /
	1352
	1353	]]></Request>
	1354	<Response><![CDATA[HTTP/1.1 200 OK
	1355	Date: Thu, 14 Nov 2013 14:26:35 GMT
	1356	Server: Microsoft-IIS/6.0
	1357	X-Powered-By: ASP.NET
	1358	X-AspNet-Version: 2.0.50727
	1359	Cache-Control: private
	1360	Content-Type: text/html; charset=utf-8
	1361	Content-Length: 12329
	1362	]]></Response>
	1363	</TechnicalDetails>
	1364	<References></References>
	1365	</ReportItem>
	1366
	1367	<ReportItem id="7" color="green">
	1368	<Name><![CDATA[GHDB: Typical login page]]></Name>
	1369	<ModuleName><![CDATA[GHDB]]></ModuleName>
	1370	<Details><![CDATA[We found <pre wrap="virtual"><font color="blue">inurl:login.asp</font></pre>]]></Details>
	1371	<Affects><![CDATA[/login.aspx]]></Affects>
	1372	<Parameter><![CDATA[]]></Parameter>
	1373	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	1374	<AOP_SourceLine>0</AOP_SourceLine>
	1375	<AOP_Additional><![CDATA[]]></AOP_Additional>
	1376	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	1377	<Severity><![CDATA[info]]></Severity>
	1378	<Type><![CDATA[Informational]]></Type>
	1379	<Impact><![CDATA[Not available. Check description.]]></Impact>
	1380	<Description><![CDATA[ <div class="coolbox"><font color="dark">The description for this alert is contributed by the GHDB community, it may contain inappropriate language.</font></div><br/><font color="navy">Category : Pages containing login portals</font><br/><br/>This is a typical login page. It has recently become a target for SQL injection. Comsec's article at http://www.governmentsecurity.org/articles/SQLinjectionBasicTutorial.php brought this to my attention.<br/><br/>The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.]]></Description>
	1381	<DetailedInformation><![CDATA[]]></DetailedInformation>
	1382	<Recommendation><![CDATA[Not available. Check description.]]></Recommendation>
	1383	<TechnicalDetails>
	1384	<Request><![CDATA[GET /login.aspx HTTP/1.1
	1385	Pragma: no-cache
	1386	Cache-Control: no-cache
	1387	Referer: http://testaspnet.vulnweb.com/
	1388	Acunetix-Aspect: enabled
	1389	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	1390	Acunetix-Aspect-Queries: aspectalerts
	1391	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	1392	Host: testaspnet.vulnweb.com
	1393	Connection: Keep-alive
	1394	Accept-Encoding: gzip,deflate
	1395	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	1396	Accept: /
	1397
	1398	]]></Request>
	1399	<Response><![CDATA[HTTP/1.1 200 OK
	1400	Date: Thu, 14 Nov 2013 14:26:35 GMT
	1401	Server: Microsoft-IIS/6.0
	1402	X-Powered-By: ASP.NET
	1403	X-AspNet-Version: 2.0.50727
	1404	Cache-Control: private
	1405	Content-Type: text/html; charset=utf-8
	1406	Content-Length: 12329
	1407	]]></Response>
	1408	</TechnicalDetails>
	1409	<References>
	1410	<Reference>
	1411	<Database><![CDATA[The Google Hacking Database (GHDB) community]]></Database>
	1412	<URL><![CDATA[http://johnny.ihackstuff.com/]]></URL>
	1413	</Reference>
	1414	<Reference>
	1415	<Database><![CDATA[Acunetix Google hacking]]></Database>
	1416	<URL><![CDATA[http://www.acunetix.com/websitesecurity/google-hacking.htm]]></URL>
	1417	</Reference>
	1418	</References>
	1419	</ReportItem>
	1420
	1421	<ReportItem id="8" color="green">
	1422	<Name><![CDATA[Password type input with auto-complete enabled]]></Name>
	1423	<ModuleName><![CDATA[Crawler]]></ModuleName>
	1424	<Details><![CDATA[Password type input named <b><font color="dark">tbPassword</font></b> from form named <b>Form1</b> with action <b>signup.aspx</b> has autocomplete enabled.]]></Details>
	1425	<Affects><![CDATA[/signup.aspx]]></Affects>
	1426	<Parameter><![CDATA[]]></Parameter>
	1427	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	1428	<AOP_SourceLine>0</AOP_SourceLine>
	1429	<AOP_Additional><![CDATA[]]></AOP_Additional>
	1430	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	1431	<Severity><![CDATA[info]]></Severity>
	1432	<Type><![CDATA[Informational]]></Type>
	1433	<Impact><![CDATA[Possible sensitive information disclosure]]></Impact>
	1434	<Description><![CDATA[When a new name and password is entered in a form and the form is submitted, the browser asks if the password should be saved. Thereafter when the form is displayed, the name and password are filled in automatically or are completed as the name is entered. An attacker with local access could obtain the cleartext password from the browser cache.]]></Description>
	1435	<DetailedInformation><![CDATA[]]></DetailedInformation>
	1436	<Recommendation><![CDATA[The password auto-complete should be disabled in sensitive applications. <br/>To disable auto-complete, you may use a code similar to: <pre wrap="virtual"><code><INPUT TYPE="password" AUTOCOMPLETE="off"></code></pre>]]></Recommendation>
	1437	<TechnicalDetails>
	1438	<Request><![CDATA[GET /signup.aspx HTTP/1.1
	1439	Pragma: no-cache
	1440	Cache-Control: no-cache
	1441	Referer: http://testaspnet.vulnweb.com/
	1442	Acunetix-Aspect: enabled
	1443	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	1444	Acunetix-Aspect-Queries: aspectalerts
	1445	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	1446	Host: testaspnet.vulnweb.com
	1447	Connection: Keep-alive
	1448	Accept-Encoding: gzip,deflate
	1449	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	1450	Accept: /
	1451
	1452	]]></Request>
	1453	<Response><![CDATA[HTTP/1.1 200 OK
	1454	Date: Thu, 14 Nov 2013 14:26:35 GMT
	1455	Server: Microsoft-IIS/6.0
	1456	X-Powered-By: ASP.NET
	1457	X-AspNet-Version: 2.0.50727
	1458	Cache-Control: private
	1459	Content-Type: text/html; charset=utf-8
	1460	Content-Length: 12014
	1461	]]></Response>
	1462	</TechnicalDetails>
	1463	<References></References>
	1464	</ReportItem>
	1465
	1466	<ReportItem id="9" color="orange">
	1467	<Name><![CDATA[User credentials are sent in clear text]]></Name>
	1468	<ModuleName><![CDATA[Crawler]]></ModuleName>
	1469	<Details><![CDATA[Form name: <font color="navy">Form1</font><br/>Form action: <font color="navy">http://testaspnet.vulnweb.com/signup.aspx</font><br/>Form method: <font color="navy">POST</font><br/><br/>Form inputs:<br/><ul><li>__EVENTTARGET [Hidden]</li><li>__EVENTARGUMENT [Hidden]</li><li>__VIEWSTATE [Hidden]</li><li>__EVENTVALIDATION [Hidden]</li><li>tbUsername [Text]</li><li>tbPassword [Password]</li><li>btnSignup [Submit]</li></ul>]]></Details>
	1470	<Affects><![CDATA[/signup.aspx]]></Affects>
	1471	<Parameter><![CDATA[]]></Parameter>
	1472	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	1473	<AOP_SourceLine>0</AOP_SourceLine>
	1474	<AOP_Additional><![CDATA[]]></AOP_Additional>
	1475	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	1476	<Severity><![CDATA[medium]]></Severity>
	1477	<Type><![CDATA[Informational]]></Type>
	1478	<Impact><![CDATA[A third party may be able to read the user credentials by intercepting an unencrypted HTTP connection.]]></Impact>
	1479	<Description><![CDATA[User credentials are transmitted over an unencrypted channel. This information should always be transferred via an encrypted channel (HTTPS) to avoid being intercepted by malicious users.]]></Description>
	1480	<DetailedInformation><![CDATA[]]></DetailedInformation>
	1481	<Recommendation><![CDATA[Because user credentials are considered sensitive information, should always be transferred to the server over an encrypted connection (HTTPS).]]></Recommendation>
	1482	<TechnicalDetails>
	1483	<Request><![CDATA[GET /signup.aspx HTTP/1.1
	1484	Pragma: no-cache
	1485	Cache-Control: no-cache
	1486	Referer: http://testaspnet.vulnweb.com/
	1487	Acunetix-Aspect: enabled
	1488	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	1489	Acunetix-Aspect-Queries: aspectalerts
	1490	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	1491	Host: testaspnet.vulnweb.com
	1492	Connection: Keep-alive
	1493	Accept-Encoding: gzip,deflate
	1494	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	1495	Accept: /
	1496
	1497	]]></Request>
	1498	<Response><![CDATA[HTTP/1.1 200 OK
	1499	Date: Thu, 14 Nov 2013 14:26:35 GMT
	1500	Server: Microsoft-IIS/6.0
	1501	X-Powered-By: ASP.NET
	1502	X-AspNet-Version: 2.0.50727
	1503	Cache-Control: private
	1504	Content-Type: text/html; charset=utf-8
	1505	Content-Length: 12014
	1506	]]></Response>
	1507	</TechnicalDetails>
	1508	<References></References>
	1509	</ReportItem>
	1510
	1511	<ReportItem id="10" color="orange">
	1512	<Name><![CDATA[Unencrypted __VIEWSTATE parameter]]></Name>
	1513	<ModuleName><![CDATA[Crawler]]></ModuleName>
	1514	<Details><![CDATA[form name: <font color="dark">"Form1"</font><br/>form action: <font color="dark">"signup.aspx"</font><br/>VIEWSTATE: <font color="dark">"/wEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZHEZ3VN6SP/C2xESDN/Y3p8zhfSB"</font><br/>VIEWSTATE decoded: <font color="dark">"#####
	1515	-643286583#d#####d#####d#########href#
	1516	login.aspx# innerhtml##logind#######d##Visiblehddq##SzH##########3###"</font><br/>]]></Details>
	1517	<Affects><![CDATA[/signup.aspx]]></Affects>
	1518	<Parameter><![CDATA[]]></Parameter>
	1519	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	1520	<AOP_SourceLine>0</AOP_SourceLine>
	1521	<AOP_Additional><![CDATA[]]></AOP_Additional>
	1522	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	1523	<Severity><![CDATA[medium]]></Severity>
	1524	<Type><![CDATA[Informational]]></Type>
	1525	<Impact><![CDATA[Possible sensitive information disclosure.]]></Impact>
	1526	<Description><![CDATA[The __VIEWSTATE parameter is not encrypted. To reduce the chance of someone intercepting the information stored in the ViewState, it is good design to encrypt the ViewState. To do this, set the machineKey validation type to 3DES. This instructs ASP.NET to encrypt the ViewState value using the Triple DES symmetric encryption algorithm.]]></Description>
	1527	<DetailedInformation><![CDATA[]]></DetailedInformation>
	1528	<Recommendation><![CDATA[Open <font color="dark"><b>Web.Config</b></font> and add the following line under the <font color="dark"><b><system.web></b></font> element: <br/><pre wrap="virtual"><machineKey validation="3DES"/> </pre>]]></Recommendation>
	1529	<TechnicalDetails>
	1530	<Request><![CDATA[GET /signup.aspx HTTP/1.1
	1531	Pragma: no-cache
	1532	Cache-Control: no-cache
	1533	Referer: http://testaspnet.vulnweb.com/
	1534	Acunetix-Aspect: enabled
	1535	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	1536	Acunetix-Aspect-Queries: aspectalerts
	1537	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	1538	Host: testaspnet.vulnweb.com
	1539	Connection: Keep-alive
	1540	Accept-Encoding: gzip,deflate
	1541	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	1542	Accept: /
	1543
	1544	]]></Request>
	1545	<Response><![CDATA[HTTP/1.1 200 OK
	1546	Date: Thu, 14 Nov 2013 14:26:35 GMT
	1547	Server: Microsoft-IIS/6.0
	1548	X-Powered-By: ASP.NET
	1549	X-AspNet-Version: 2.0.50727
	1550	Cache-Control: private
	1551	Content-Type: text/html; charset=utf-8
	1552	Content-Length: 12014
	1553	]]></Response>
	1554	</TechnicalDetails>
	1555	<References></References>
	1556	</ReportItem>
	1557
	1558	<ReportItem id="11" color="orange">
	1559	<Name><![CDATA[Unencrypted __VIEWSTATE parameter]]></Name>
	1560	<ModuleName><![CDATA[Crawler]]></ModuleName>
	1561	<Details><![CDATA[form name: <font color="dark">"Form1"</font><br/>form action: <font color="dark">"readnews.aspx?id=2&NewsAd=ads%2fdef.html"</font><br/>VIEWSTATE: <font color="dark">"/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWuNzxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwv"</font><br/>VIEWSTATE decoded: <font color="dark">"#####
	1562	-352232569#d#####d#####d#########href#
	1563	login.aspx# innerhtml##logind#######d##Visiblehd########Iposted by <strong>admin </strong>11/8/2005 11:35:22 AMd########<Web attacks - can your web applications withstand the force?d#########7<p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix We"</font><br/>]]></Details>
	1564	<Affects><![CDATA[/readnews.aspx (f6272bf70dcf239f162f7915a4e4b3b8)]]></Affects>
	1565	<Parameter><![CDATA[]]></Parameter>
	1566	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	1567	<AOP_SourceLine>0</AOP_SourceLine>
	1568	<AOP_Additional><![CDATA[]]></AOP_Additional>
	1569	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	1570	<Severity><![CDATA[medium]]></Severity>
	1571	<Type><![CDATA[Informational]]></Type>
	1572	<Impact><![CDATA[Possible sensitive information disclosure.]]></Impact>
	1573	<Description><![CDATA[The __VIEWSTATE parameter is not encrypted. To reduce the chance of someone intercepting the information stored in the ViewState, it is good design to encrypt the ViewState. To do this, set the machineKey validation type to 3DES. This instructs ASP.NET to encrypt the ViewState value using the Triple DES symmetric encryption algorithm.]]></Description>
	1574	<DetailedInformation><![CDATA[]]></DetailedInformation>
	1575	<Recommendation><![CDATA[Open <font color="dark"><b>Web.Config</b></font> and add the following line under the <font color="dark"><b><system.web></b></font> element: <br/><pre wrap="virtual"><machineKey validation="3DES"/> </pre>]]></Recommendation>
	1576	<TechnicalDetails>
	1577	<Request><![CDATA[GET /readnews.aspx?id=2&NewsAd=ads/def.html HTTP/1.1
	1578	Pragma: no-cache
	1579	Cache-Control: no-cache
	1580	Referer: http://testaspnet.vulnweb.com/
	1581	Acunetix-Aspect: enabled
	1582	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	1583	Acunetix-Aspect-Queries: aspectalerts
	1584	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	1585	Host: testaspnet.vulnweb.com
	1586	Connection: Keep-alive
	1587	Accept-Encoding: gzip,deflate
	1588	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	1589	Accept: /
	1590
	1591	]]></Request>
	1592	<Response><![CDATA[HTTP/1.1 200 OK
	1593	Date: Thu, 14 Nov 2013 14:26:35 GMT
	1594	Server: Microsoft-IIS/6.0
	1595	X-Powered-By: ASP.NET
	1596	X-AspNet-Version: 2.0.50727
	1597	Cache-Control: private
	1598	Content-Type: text/html; charset=utf-8
	1599	Content-Length: 29264
	1600	]]></Response>
	1601	</TechnicalDetails>
	1602	<References></References>
	1603	</ReportItem>
	1604
	1605	<ReportItem id="12" color="orange">
	1606	<Name><![CDATA[Unencrypted __VIEWSTATE parameter]]></Name>
	1607	<ModuleName><![CDATA[Crawler]]></ModuleName>
	1608	<Details><![CDATA[form name: <font color="dark">"Form1"</font><br/>form action: <font color="dark">"comments.aspx?id=2"</font><br/>VIEWSTATE: <font color="dark">"/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WBB8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT8fAAUSUmVhZE5ld3MuYXNweD9pZD0yZAIHDxYCHwEFrAIyMSBKdWx5IDIwMDUgLSBTdGFydC11cCBjb21wYW55IEFjdW5ldGl4IHJlbGVhc2VkIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXI6IGEgdG9vbCB0byBhdXRvbWF0aWNh"</font><br/>VIEWSTATE decoded: <font color="dark">"#####
	1609	-862703162#d#####d#
	1610	###d#########href#
	1611	login.aspx# innerhtml##logind#######d##Visiblehd########Iposted by <strong>admin </strong>11/8/2005 11:35:22 AMd########<Web attacks - can your web applications withstand the force?####ReadNews.aspx?id=2d##########21 July 2005 - Start-up company Acunetix released Acunetix Web Vulnerability Scanner: a tool to automatically audit website security. Acunetix Web Vulnerability Scanner 2 crawls an entire website, launches popular web attacks (SQL Inj"</font><br/>]]></Details>
	1612	<Affects><![CDATA[/comments.aspx (cfbc7026028fd30e88c94fcdc534d6ba)]]></Affects>
	1613	<Parameter><![CDATA[]]></Parameter>
	1614	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	1615	<AOP_SourceLine>0</AOP_SourceLine>
	1616	<AOP_Additional><![CDATA[]]></AOP_Additional>
	1617	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	1618	<Severity><![CDATA[medium]]></Severity>
	1619	<Type><![CDATA[Informational]]></Type>
	1620	<Impact><![CDATA[Possible sensitive information disclosure.]]></Impact>
	1621	<Description><![CDATA[The __VIEWSTATE parameter is not encrypted. To reduce the chance of someone intercepting the information stored in the ViewState, it is good design to encrypt the ViewState. To do this, set the machineKey validation type to 3DES. This instructs ASP.NET to encrypt the ViewState value using the Triple DES symmetric encryption algorithm.]]></Description>
	1622	<DetailedInformation><![CDATA[]]></DetailedInformation>
	1623	<Recommendation><![CDATA[Open <font color="dark"><b>Web.Config</b></font> and add the following line under the <font color="dark"><b><system.web></b></font> element: <br/><pre wrap="virtual"><machineKey validation="3DES"/> </pre>]]></Recommendation>
	1624	<TechnicalDetails>
	1625	<Request><![CDATA[GET /comments.aspx?id=2 HTTP/1.1
	1626	Pragma: no-cache
	1627	Cache-Control: no-cache
	1628	Referer: http://testaspnet.vulnweb.com/
	1629	Acunetix-Aspect: enabled
	1630	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	1631	Acunetix-Aspect-Queries: aspectalerts
	1632	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	1633	Host: testaspnet.vulnweb.com
	1634	Connection: Keep-alive
	1635	Accept-Encoding: gzip,deflate
	1636	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	1637	Accept: /
	1638
	1639	]]></Request>
	1640	<Response><![CDATA[HTTP/1.1 200 OK
	1641	Date: Thu, 14 Nov 2013 14:26:35 GMT
	1642	Server: Microsoft-IIS/6.0
	1643	X-Powered-By: ASP.NET
	1644	X-AspNet-Version: 2.0.50727
	1645	Cache-Control: private
	1646	Content-Type: text/html; charset=utf-8
	1647	Content-Length: 20197
	1648	]]></Response>
	1649	</TechnicalDetails>
	1650	<References></References>
	1651	</ReportItem>
	1652
	1653	<ReportItem id="13" color="orange">
	1654	<Name><![CDATA[Unencrypted __VIEWSTATE parameter]]></Name>
	1655	<ModuleName><![CDATA[Crawler]]></ModuleName>
	1656	<Details><![CDATA[form name: <font color="dark">"Form1"</font><br/>form action: <font color="dark">"readnews.aspx?id=0&NewsAd=ads%2fdef.html"</font><br/>VIEWSTATE: <font color="dark">"/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozMjozMCBBTWQCBQ8WAh8BBT1XYXRjaGZpcmUgTGljZW5zZXMgUGF0ZW50ZWQgSW50ZWxsZWN0dWFsIFByb3BlcnR5IHRvIEFjdW5ldGl4ZAIHDxYCHwEFwSQgICAgICAgICAgICAgICAgICAgICAgICAgICAxNCBTZXB0ZW1iZXIgMjAwNSAtIFdhdGNoZmlyZSwgYSBwcm92aWRlciBvZiBzb2Z0d2FyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhbmQgc2VydmljZXMgdG8gbWFu"</font><br/>VIEWSTATE decoded: <font color="dark">"#####
	1657	-352232569#d#####d#####d#########href#
	1658	login.aspx# innerhtml##logind#######d##Visiblehd########Iposted by <strong>admin </strong>11/8/2005 11:32:30 AMd########=Watchfire Licenses Patented Intellectual Property to Acunetixd#########$ 14 September 2005 - Watchfire, a provider of software and services to manage online risk, and Acunetix, provider of the Acunetix Web Vulnerability Scanner, today announced "</font><br/>]]></Details>
	1659	<Affects><![CDATA[/readnews.aspx (54db37c887f8663f3ac272fd57842c59)]]></Affects>
	1660	<Parameter><![CDATA[]]></Parameter>
	1661	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	1662	<AOP_SourceLine>0</AOP_SourceLine>
	1663	<AOP_Additional><![CDATA[]]></AOP_Additional>
	1664	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	1665	<Severity><![CDATA[medium]]></Severity>
	1666	<Type><![CDATA[Informational]]></Type>
	1667	<Impact><![CDATA[Possible sensitive information disclosure.]]></Impact>
	1668	<Description><![CDATA[The __VIEWSTATE parameter is not encrypted. To reduce the chance of someone intercepting the information stored in the ViewState, it is good design to encrypt the ViewState. To do this, set the machineKey validation type to 3DES. This instructs ASP.NET to encrypt the ViewState value using the Triple DES symmetric encryption algorithm.]]></Description>
	1669	<DetailedInformation><![CDATA[]]></DetailedInformation>
	1670	<Recommendation><![CDATA[Open <font color="dark"><b>Web.Config</b></font> and add the following line under the <font color="dark"><b><system.web></b></font> element: <br/><pre wrap="virtual"><machineKey validation="3DES"/> </pre>]]></Recommendation>
	1671	<TechnicalDetails>
	1672	<Request><![CDATA[GET /readnews.aspx?id=0&NewsAd=ads/def.html HTTP/1.1
	1673	Pragma: no-cache
	1674	Cache-Control: no-cache
	1675	Referer: http://testaspnet.vulnweb.com/
	1676	Acunetix-Aspect: enabled
	1677	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	1678	Acunetix-Aspect-Queries: aspectalerts
	1679	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	1680	Host: testaspnet.vulnweb.com
	1681	Connection: Keep-alive
	1682	Accept-Encoding: gzip,deflate
	1683	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	1684	Accept: /
	1685
	1686	]]></Request>
	1687	<Response><![CDATA[HTTP/1.1 200 OK
	1688	Date: Thu, 14 Nov 2013 14:26:35 GMT
	1689	Server: Microsoft-IIS/6.0
	1690	X-Powered-By: ASP.NET
	1691	X-AspNet-Version: 2.0.50727
	1692	Cache-Control: private
	1693	Content-Type: text/html; charset=utf-8
	1694	Content-Length: 23636
	1695	]]></Response>
	1696	</TechnicalDetails>
	1697	<References></References>
	1698	</ReportItem>
	1699
	1700	<ReportItem id="14" color="orange">
	1701	<Name><![CDATA[Unencrypted __VIEWSTATE parameter]]></Name>
	1702	<ModuleName><![CDATA[Crawler]]></ModuleName>
	1703	<Details><![CDATA[form name: <font color="dark">"Form1"</font><br/>form action: <font color="dark">"comments.aspx?id=0"</font><br/>VIEWSTATE: <font color="dark">"/wEPDwUKLTg2MjcwMzE2Mg9kFgICAQ9kFgoCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozMjozMCBBTWQCBQ8WBB8BBT1XYXRjaGZpcmUgTGljZW5zZXMgUGF0ZW50ZWQgSW50ZWxsZWN0dWFsIFByb3BlcnR5IHRvIEFjdW5ldGl4HwAFElJlYWROZXdzLmFzcHg/aWQ9MGQCBw8WAh8BBT5XYXRjaGZpcmUgYW5kIEFjdW5ldGl4IEFsc28gRW50ZXIgaW50byBDcm9zcy1MaWNlbnNlIEFncmVlbWVudGQCCQ9kFgICAQ9kFhJmD2QWAmYPFgIfAQUlPElNRyBzcmM9ImltYWdlcy9j"</font><br/>VIEWSTATE decoded: <font color="dark">"#####
	1704	-862703162#d#####d#
	1705	###d#########href#
	1706	login.aspx# innerhtml##logind#######d##Visiblehd########Iposted by <strong>admin </strong>11/8/2005 11:32:30 AMd########=Watchfire Licenses Patented Intellectual Property to Acunetix####ReadNews.aspx?id=0d########>Watchfire and Acunetix Also Enter into Cross-License Agreementd# #d#####d##f#d##f######%<IMG src="images/comment-before.gif">d###d##f#####class##Commentd###d##f######$<IMG src="images/comment-after.gif">d###d##f######%<IMG src="images"</font><br/>]]></Details>
	1707	<Affects><![CDATA[/comments.aspx (3cff0a3b9e9e434739b9c4da2938e086)]]></Affects>
	1708	<Parameter><![CDATA[]]></Parameter>
	1709	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	1710	<AOP_SourceLine>0</AOP_SourceLine>
	1711	<AOP_Additional><![CDATA[]]></AOP_Additional>
	1712	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	1713	<Severity><![CDATA[medium]]></Severity>
	1714	<Type><![CDATA[Informational]]></Type>
	1715	<Impact><![CDATA[Possible sensitive information disclosure.]]></Impact>
	1716	<Description><![CDATA[The __VIEWSTATE parameter is not encrypted. To reduce the chance of someone intercepting the information stored in the ViewState, it is good design to encrypt the ViewState. To do this, set the machineKey validation type to 3DES. This instructs ASP.NET to encrypt the ViewState value using the Triple DES symmetric encryption algorithm.]]></Description>
	1717	<DetailedInformation><![CDATA[]]></DetailedInformation>
	1718	<Recommendation><![CDATA[Open <font color="dark"><b>Web.Config</b></font> and add the following line under the <font color="dark"><b><system.web></b></font> element: <br/><pre wrap="virtual"><machineKey validation="3DES"/> </pre>]]></Recommendation>
	1719	<TechnicalDetails>
	1720	<Request><![CDATA[GET /comments.aspx?id=0 HTTP/1.1
	1721	Pragma: no-cache
	1722	Cache-Control: no-cache
	1723	Referer: http://testaspnet.vulnweb.com/
	1724	Acunetix-Aspect: enabled
	1725	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	1726	Acunetix-Aspect-Queries: aspectalerts
	1727	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	1728	Host: testaspnet.vulnweb.com
	1729	Connection: Keep-alive
	1730	Accept-Encoding: gzip,deflate
	1731	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	1732	Accept: /
	1733
	1734	]]></Request>
	1735	<Response><![CDATA[HTTP/1.1 200 OK
	1736	Date: Thu, 14 Nov 2013 14:26:36 GMT
	1737	Server: Microsoft-IIS/6.0
	1738	X-Powered-By: ASP.NET
	1739	X-AspNet-Version: 2.0.50727
	1740	Cache-Control: private
	1741	Content-Type: text/html; charset=utf-8
	1742	Content-Length: 14197
	1743	]]></Response>
	1744	</TechnicalDetails>
	1745	<References></References>
	1746	</ReportItem>
	1747
	1748	<ReportItem id="15" color="green">
	1749	<Name><![CDATA[GHDB: Frontpage extensions for Unix]]></Name>
	1750	<ModuleName><![CDATA[GHDB]]></ModuleName>
	1751	<Details><![CDATA[We found <pre wrap="virtual"><font color="blue">allinurl:("//_vti_pvt/" \| "//_vti_cnf/")</font></pre>]]></Details>
	1752	<Affects><![CDATA[/_vti_cnf]]></Affects>
	1753	<Parameter><![CDATA[]]></Parameter>
	1754	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	1755	<AOP_SourceLine>0</AOP_SourceLine>
	1756	<AOP_Additional><![CDATA[]]></AOP_Additional>
	1757	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	1758	<Severity><![CDATA[info]]></Severity>
	1759	<Type><![CDATA[Informational]]></Type>
	1760	<Impact><![CDATA[Not available. Check description.]]></Impact>
	1761	<Description><![CDATA[ <div class="coolbox"><font color="dark">The description for this alert is contributed by the GHDB community, it may contain inappropriate language.</font></div><br/><font color="navy">Category : Sensitive Directories</font><br/><br/>Frontpage extensions for Unix ? So be it..<br/><br/>The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.]]></Description>
	1762	<DetailedInformation><![CDATA[]]></DetailedInformation>
	1763	<Recommendation><![CDATA[Not available. Check description.]]></Recommendation>
	1764	<TechnicalDetails>
	1765	<Request><![CDATA[GET /_vti_cnf/ HTTP/1.1
	1766	Pragma: no-cache
	1767	Cache-Control: no-cache
	1768	Referer: http://testaspnet.vulnweb.com/Default.aspx
	1769	Acunetix-Aspect: enabled
	1770	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	1771	Acunetix-Aspect-Queries: aspectalerts
	1772	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	1773	Host: testaspnet.vulnweb.com
	1774	Connection: Keep-alive
	1775	Accept-Encoding: gzip,deflate
	1776	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	1777	Accept: /
	1778
	1779	]]></Request>
	1780	<Response><![CDATA[HTTP/1.1 403 Forbidden
	1781	Content-Length: 218
	1782	Content-Type: text/html
	1783	Server: Microsoft-IIS/6.0
	1784	X-Powered-By: ASP.NET
	1785	Date: Thu, 14 Nov 2013 14:26:37 GMT
	1786	]]></Response>
	1787	</TechnicalDetails>
	1788	<References>
	1789	<Reference>
	1790	<Database><![CDATA[The Google Hacking Database (GHDB) community]]></Database>
	1791	<URL><![CDATA[http://johnny.ihackstuff.com/]]></URL>
	1792	</Reference>
	1793	<Reference>
	1794	<Database><![CDATA[Acunetix Google hacking]]></Database>
	1795	<URL><![CDATA[http://www.acunetix.com/websitesecurity/google-hacking.htm]]></URL>
	1796	</Reference>
	1797	</References>
	1798	</ReportItem>
	1799
	1800	<ReportItem id="16" color="green">
	1801	<Name><![CDATA[GHDB: Frontpage extensions for Unix]]></Name>
	1802	<ModuleName><![CDATA[GHDB]]></ModuleName>
	1803	<Details><![CDATA[We found <pre wrap="virtual"><font color="blue">allinurl:("//_vti_pvt/" \| "//_vti_cnf/")</font></pre>]]></Details>
	1804	<Affects><![CDATA[/_vti_cnf/acublog.csproj]]></Affects>
	1805	<Parameter><![CDATA[]]></Parameter>
	1806	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	1807	<AOP_SourceLine>0</AOP_SourceLine>
	1808	<AOP_Additional><![CDATA[]]></AOP_Additional>
	1809	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	1810	<Severity><![CDATA[info]]></Severity>
	1811	<Type><![CDATA[Informational]]></Type>
	1812	<Impact><![CDATA[Not available. Check description.]]></Impact>
	1813	<Description><![CDATA[ <div class="coolbox"><font color="dark">The description for this alert is contributed by the GHDB community, it may contain inappropriate language.</font></div><br/><font color="navy">Category : Sensitive Directories</font><br/><br/>Frontpage extensions for Unix ? So be it..<br/><br/>The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.]]></Description>
	1814	<DetailedInformation><![CDATA[]]></DetailedInformation>
	1815	<Recommendation><![CDATA[Not available. Check description.]]></Recommendation>
	1816	<TechnicalDetails>
	1817	<Request><![CDATA[GET /_vti_cnf/acublog.csproj HTTP/1.1
	1818	Pragma: no-cache
	1819	Cache-Control: no-cache
	1820	Referer: http://testaspnet.vulnweb.com/Default.aspx
	1821	Acunetix-Aspect: enabled
	1822	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	1823	Acunetix-Aspect-Queries: aspectalerts
	1824	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	1825	Host: testaspnet.vulnweb.com
	1826	Connection: Keep-alive
	1827	Accept-Encoding: gzip,deflate
	1828	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	1829	Accept: /
	1830
	1831	]]></Request>
	1832	<Response><![CDATA[HTTP/1.1 403 Forbidden
	1833	Date: Thu, 14 Nov 2013 14:26:38 GMT
	1834	Server: Microsoft-IIS/6.0
	1835	X-Powered-By: ASP.NET
	1836	X-AspNet-Version: 2.0.50727
	1837	Cache-Control: private
	1838	Content-Type: text/html; charset=utf-8
	1839	Content-Length: 2358
	1840	]]></Response>
	1841	</TechnicalDetails>
	1842	<References>
	1843	<Reference>
	1844	<Database><![CDATA[The Google Hacking Database (GHDB) community]]></Database>
	1845	<URL><![CDATA[http://johnny.ihackstuff.com/]]></URL>
	1846	</Reference>
	1847	<Reference>
	1848	<Database><![CDATA[Acunetix Google hacking]]></Database>
	1849	<URL><![CDATA[http://www.acunetix.com/websitesecurity/google-hacking.htm]]></URL>
	1850	</Reference>
	1851	</References>
	1852	</ReportItem>
	1853
	1854	<ReportItem id="17" color="green">
	1855	<Name><![CDATA[GHDB: Frontpage extensions for Unix]]></Name>
	1856	<ModuleName><![CDATA[GHDB]]></ModuleName>
	1857	<Details><![CDATA[We found <pre wrap="virtual"><font color="blue">allinurl:("//_vti_pvt/" \| "//_vti_cnf/")</font></pre>]]></Details>
	1858	<Affects><![CDATA[/_vti_cnf/acublog.csproj.webinfo]]></Affects>
	1859	<Parameter><![CDATA[]]></Parameter>
	1860	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	1861	<AOP_SourceLine>0</AOP_SourceLine>
	1862	<AOP_Additional><![CDATA[]]></AOP_Additional>
	1863	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	1864	<Severity><![CDATA[info]]></Severity>
	1865	<Type><![CDATA[Informational]]></Type>
	1866	<Impact><![CDATA[Not available. Check description.]]></Impact>
	1867	<Description><![CDATA[ <div class="coolbox"><font color="dark">The description for this alert is contributed by the GHDB community, it may contain inappropriate language.</font></div><br/><font color="navy">Category : Sensitive Directories</font><br/><br/>Frontpage extensions for Unix ? So be it..<br/><br/>The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.]]></Description>
	1868	<DetailedInformation><![CDATA[]]></DetailedInformation>
	1869	<Recommendation><![CDATA[Not available. Check description.]]></Recommendation>
	1870	<TechnicalDetails>
	1871	<Request><![CDATA[GET /_vti_cnf/acublog.csproj.webinfo HTTP/1.1
	1872	Pragma: no-cache
	1873	Cache-Control: no-cache
	1874	Referer: http://testaspnet.vulnweb.com/Default.aspx
	1875	Acunetix-Aspect: enabled
	1876	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	1877	Acunetix-Aspect-Queries: aspectalerts
	1878	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	1879	Host: testaspnet.vulnweb.com
	1880	Connection: Keep-alive
	1881	Accept-Encoding: gzip,deflate
	1882	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	1883	Accept: /
	1884
	1885	]]></Request>
	1886	<Response><![CDATA[HTTP/1.1 403 Forbidden
	1887	Date: Thu, 14 Nov 2013 14:26:38 GMT
	1888	Server: Microsoft-IIS/6.0
	1889	X-Powered-By: ASP.NET
	1890	X-AspNet-Version: 2.0.50727
	1891	Cache-Control: private
	1892	Content-Type: text/html; charset=utf-8
	1893	Content-Length: 2375
	1894	]]></Response>
	1895	</TechnicalDetails>
	1896	<References>
	1897	<Reference>
	1898	<Database><![CDATA[The Google Hacking Database (GHDB) community]]></Database>
	1899	<URL><![CDATA[http://johnny.ihackstuff.com/]]></URL>
	1900	</Reference>
	1901	<Reference>
	1902	<Database><![CDATA[Acunetix Google hacking]]></Database>
	1903	<URL><![CDATA[http://www.acunetix.com/websitesecurity/google-hacking.htm]]></URL>
	1904	</Reference>
	1905	</References>
	1906	</ReportItem>
	1907
	1908	<ReportItem id="18" color="green">
	1909	<Name><![CDATA[GHDB: Typical login page]]></Name>
	1910	<ModuleName><![CDATA[GHDB]]></ModuleName>
	1911	<Details><![CDATA[We found <pre wrap="virtual"><font color="blue">inurl:login.asp</font></pre>]]></Details>
	1912	<Affects><![CDATA[/login.aspx.cs]]></Affects>
	1913	<Parameter><![CDATA[]]></Parameter>
	1914	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	1915	<AOP_SourceLine>0</AOP_SourceLine>
	1916	<AOP_Additional><![CDATA[]]></AOP_Additional>
	1917	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	1918	<Severity><![CDATA[info]]></Severity>
	1919	<Type><![CDATA[Informational]]></Type>
	1920	<Impact><![CDATA[Not available. Check description.]]></Impact>
	1921	<Description><![CDATA[ <div class="coolbox"><font color="dark">The description for this alert is contributed by the GHDB community, it may contain inappropriate language.</font></div><br/><font color="navy">Category : Pages containing login portals</font><br/><br/>This is a typical login page. It has recently become a target for SQL injection. Comsec's article at http://www.governmentsecurity.org/articles/SQLinjectionBasicTutorial.php brought this to my attention.<br/><br/>The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.]]></Description>
	1922	<DetailedInformation><![CDATA[]]></DetailedInformation>
	1923	<Recommendation><![CDATA[Not available. Check description.]]></Recommendation>
	1924	<TechnicalDetails>
	1925	<Request><![CDATA[GET /login.aspx.cs HTTP/1.1
	1926	Pragma: no-cache
	1927	Cache-Control: no-cache
	1928	Referer: http://testaspnet.vulnweb.com/Default.aspx
	1929	Acunetix-Aspect: enabled
	1930	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	1931	Acunetix-Aspect-Queries: aspectalerts
	1932	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	1933	Host: testaspnet.vulnweb.com
	1934	Connection: Keep-alive
	1935	Accept-Encoding: gzip,deflate
	1936	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	1937	Accept: /
	1938
	1939	]]></Request>
	1940	<Response><![CDATA[HTTP/1.1 403 Forbidden
	1941	Date: Thu, 14 Nov 2013 14:26:39 GMT
	1942	Server: Microsoft-IIS/6.0
	1943	X-Powered-By: ASP.NET
	1944	X-AspNet-Version: 2.0.50727
	1945	Cache-Control: private
	1946	Content-Type: text/html; charset=utf-8
	1947	Content-Length: 2334
	1948	]]></Response>
	1949	</TechnicalDetails>
	1950	<References>
	1951	<Reference>
	1952	<Database><![CDATA[The Google Hacking Database (GHDB) community]]></Database>
	1953	<URL><![CDATA[http://johnny.ihackstuff.com/]]></URL>
	1954	</Reference>
	1955	<Reference>
	1956	<Database><![CDATA[Acunetix Google hacking]]></Database>
	1957	<URL><![CDATA[http://www.acunetix.com/websitesecurity/google-hacking.htm]]></URL>
	1958	</Reference>
	1959	</References>
	1960	</ReportItem>
	1961
	1962	<ReportItem id="19" color="green">
	1963	<Name><![CDATA[GHDB: Typical login page]]></Name>
	1964	<ModuleName><![CDATA[GHDB]]></ModuleName>
	1965	<Details><![CDATA[We found <pre wrap="virtual"><font color="blue">inurl:login.asp</font></pre>]]></Details>
	1966	<Affects><![CDATA[/login.aspx.resx]]></Affects>
	1967	<Parameter><![CDATA[]]></Parameter>
	1968	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	1969	<AOP_SourceLine>0</AOP_SourceLine>
	1970	<AOP_Additional><![CDATA[]]></AOP_Additional>
	1971	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	1972	<Severity><![CDATA[info]]></Severity>
	1973	<Type><![CDATA[Informational]]></Type>
	1974	<Impact><![CDATA[Not available. Check description.]]></Impact>
	1975	<Description><![CDATA[ <div class="coolbox"><font color="dark">The description for this alert is contributed by the GHDB community, it may contain inappropriate language.</font></div><br/><font color="navy">Category : Pages containing login portals</font><br/><br/>This is a typical login page. It has recently become a target for SQL injection. Comsec's article at http://www.governmentsecurity.org/articles/SQLinjectionBasicTutorial.php brought this to my attention.<br/><br/>The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.]]></Description>
	1976	<DetailedInformation><![CDATA[]]></DetailedInformation>
	1977	<Recommendation><![CDATA[Not available. Check description.]]></Recommendation>
	1978	<TechnicalDetails>
	1979	<Request><![CDATA[GET /login.aspx.resx HTTP/1.1
	1980	Pragma: no-cache
	1981	Cache-Control: no-cache
	1982	Referer: http://testaspnet.vulnweb.com/Default.aspx
	1983	Acunetix-Aspect: enabled
	1984	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	1985	Acunetix-Aspect-Queries: aspectalerts
	1986	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	1987	Host: testaspnet.vulnweb.com
	1988	Connection: Keep-alive
	1989	Accept-Encoding: gzip,deflate
	1990	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	1991	Accept: /
	1992
	1993	]]></Request>
	1994	<Response><![CDATA[HTTP/1.1 403 Forbidden
	1995	Date: Thu, 14 Nov 2013 14:26:39 GMT
	1996	Server: Microsoft-IIS/6.0
	1997	X-Powered-By: ASP.NET
	1998	X-AspNet-Version: 2.0.50727
	1999	Cache-Control: private
	2000	Content-Type: text/html; charset=utf-8
	2001	Content-Length: 2340
	2002	]]></Response>
	2003	</TechnicalDetails>
	2004	<References>
	2005	<Reference>
	2006	<Database><![CDATA[The Google Hacking Database (GHDB) community]]></Database>
	2007	<URL><![CDATA[http://johnny.ihackstuff.com/]]></URL>
	2008	</Reference>
	2009	<Reference>
	2010	<Database><![CDATA[Acunetix Google hacking]]></Database>
	2011	<URL><![CDATA[http://www.acunetix.com/websitesecurity/google-hacking.htm]]></URL>
	2012	</Reference>
	2013	</References>
	2014	</ReportItem>
	2015
	2016	<ReportItem id="20" color="green">
	2017	<Name><![CDATA[GHDB: Possible ASP.NET sensitive file (web.config)]]></Name>
	2018	<ModuleName><![CDATA[GHDB]]></ModuleName>
	2019	<Details><![CDATA[We found <pre wrap="virtual"><font color="blue">filetype:config web.config -CVS</font></pre>]]></Details>
	2020	<Affects><![CDATA[/web.config]]></Affects>
	2021	<Parameter><![CDATA[]]></Parameter>
	2022	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	2023	<AOP_SourceLine>0</AOP_SourceLine>
	2024	<AOP_Additional><![CDATA[]]></AOP_Additional>
	2025	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	2026	<Severity><![CDATA[info]]></Severity>
	2027	<Type><![CDATA[Informational]]></Type>
	2028	<Impact><![CDATA[Not available. Check description.]]></Impact>
	2029	<Description><![CDATA[ <div class="coolbox"><font color="dark">The description for this alert is contributed by the GHDB community, it may contain inappropriate language.</font></div><br/><font color="navy">Category : Files containing juicy info</font><br/><br/>Through Web.config an IIS adminstrator can specify settings like custom 404 error pages, authentication and authorization settings for the Web site.
	2030
	2031	This file can hold a plaintext password in the worst case or just reveil the full path info on a 404 error.<br/><br/>The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.]]></Description>
	2032	<DetailedInformation><![CDATA[]]></DetailedInformation>
	2033	<Recommendation><![CDATA[Not available. Check description.]]></Recommendation>
	2034	<TechnicalDetails>
	2035	<Request><![CDATA[GET /web.config HTTP/1.1
	2036	Pragma: no-cache
	2037	Cache-Control: no-cache
	2038	Referer: http://testaspnet.vulnweb.com/Default.aspx
	2039	Acunetix-Aspect: enabled
	2040	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	2041	Acunetix-Aspect-Queries: aspectalerts
	2042	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	2043	Host: testaspnet.vulnweb.com
	2044	Connection: Keep-alive
	2045	Accept-Encoding: gzip,deflate
	2046	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	2047	Accept: /
	2048
	2049	]]></Request>
	2050	<Response><![CDATA[HTTP/1.1 403 Forbidden
	2051	Date: Thu, 14 Nov 2013 14:26:40 GMT
	2052	Server: Microsoft-IIS/6.0
	2053	X-Powered-By: ASP.NET
	2054	X-AspNet-Version: 2.0.50727
	2055	Cache-Control: private
	2056	Content-Type: text/html; charset=utf-8
	2057	Content-Length: 2332
	2058	]]></Response>
	2059	</TechnicalDetails>
	2060	<References>
	2061	<Reference>
	2062	<Database><![CDATA[The Google Hacking Database (GHDB) community]]></Database>
	2063	<URL><![CDATA[http://johnny.ihackstuff.com/]]></URL>
	2064	</Reference>
	2065	<Reference>
	2066	<Database><![CDATA[Acunetix Google hacking]]></Database>
	2067	<URL><![CDATA[http://www.acunetix.com/websitesecurity/google-hacking.htm]]></URL>
	2068	</Reference>
	2069	</References>
	2070	</ReportItem>
	2071
	2072	<ReportItem id="21" color="blue">
	2073	<Name><![CDATA[OPTIONS method is enabled]]></Name>
	2074	<ModuleName><![CDATA[Scripting (Options_Server_Method.script)]]></ModuleName>
	2075	<Details><![CDATA[Methods allowed: <font color="dark"><b>OPTIONS, TRACE, GET, HEAD</b></font>]]></Details>
	2076	<Affects><![CDATA[Web Server]]></Affects>
	2077	<Parameter><![CDATA[]]></Parameter>
	2078	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	2079	<AOP_SourceLine>0</AOP_SourceLine>
	2080	<AOP_Additional><![CDATA[]]></AOP_Additional>
	2081	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	2082	<Severity><![CDATA[low]]></Severity>
	2083	<Type><![CDATA[Validation]]></Type>
	2084	<Impact><![CDATA[The OPTIONS method may expose sensitive information that may help an malicious user to prepare more advanced attacks.]]></Impact>
	2085	<Description><![CDATA[HTTP OPTIONS method is enabled on this web server. The OPTIONS method provides a list of the methods that are supported by the web server, it represents a request for information about the communication options available on the request/response chain identified by the Request-URI. ]]></Description>
	2086	<DetailedInformation><![CDATA[]]></DetailedInformation>
	2087	<Recommendation><![CDATA[It's recommended to disable OPTIONS Method on the web server.]]></Recommendation>
	2088	<TechnicalDetails>
	2089	<Request><![CDATA[OPTIONS / HTTP/1.1
	2090	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	2091	Host: testaspnet.vulnweb.com
	2092	Connection: Keep-alive
	2093	Accept-Encoding: gzip,deflate
	2094	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	2095	Accept: /
	2096
	2097	]]></Request>
	2098	<Response><![CDATA[HTTP/1.1 200 OK
	2099	Allow: OPTIONS, TRACE, GET, HEAD
	2100	Content-Length: 0
	2101	Server: Microsoft-IIS/6.0
	2102	Public: OPTIONS, TRACE, GET, HEAD, POST
	2103	X-Powered-By: ASP.NET
	2104	Date: Thu, 14 Nov 2013 14:26:40 GMT
	2105	]]></Response>
	2106	</TechnicalDetails>
	2107	<References>
	2108	<Reference>
	2109	<Database><![CDATA[Testing for HTTP Methods and XST (OWASP-CM-008)]]></Database>
	2110	<URL><![CDATA[https://www.owasp.org/index.php/Testing_for_HTTP_Methods_and_XST_(OWASP-CM-008)]]></URL>
	2111	</Reference>
	2112	</References>
	2113	</ReportItem>
	2114
	2115	<ReportItem id="22" color="green">
	2116	<Name><![CDATA[GHDB: Typical login page]]></Name>
	2117	<ModuleName><![CDATA[GHDB]]></ModuleName>
	2118	<Details><![CDATA[We found <pre wrap="virtual"><font color="blue">inurl:login.asp</font></pre>]]></Details>
	2119	<Affects><![CDATA[/login.aspx (534f1aa002ea6e0e6ca3cd0a64bb17bd)]]></Affects>
	2120	<Parameter><![CDATA[]]></Parameter>
	2121	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	2122	<AOP_SourceLine>0</AOP_SourceLine>
	2123	<AOP_Additional><![CDATA[]]></AOP_Additional>
	2124	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	2125	<Severity><![CDATA[info]]></Severity>
	2126	<Type><![CDATA[Informational]]></Type>
	2127	<Impact><![CDATA[Not available. Check description.]]></Impact>
	2128	<Description><![CDATA[ <div class="coolbox"><font color="dark">The description for this alert is contributed by the GHDB community, it may contain inappropriate language.</font></div><br/><font color="navy">Category : Pages containing login portals</font><br/><br/>This is a typical login page. It has recently become a target for SQL injection. Comsec's article at http://www.governmentsecurity.org/articles/SQLinjectionBasicTutorial.php brought this to my attention.<br/><br/>The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.]]></Description>
	2129	<DetailedInformation><![CDATA[]]></DetailedInformation>
	2130	<Recommendation><![CDATA[Not available. Check description.]]></Recommendation>
	2131	<TechnicalDetails>
	2132	<Request><![CDATA[POST /login.aspx HTTP/1.1
	2133	Pragma: no-cache
	2134	Cache-Control: no-cache
	2135	Referer: http://testaspnet.vulnweb.com/login.aspx
	2136	Content-Length: 1142
	2137	Content-Type: application/x-www-form-urlencoded
	2138	Acunetix-Aspect: enabled
	2139	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	2140	Acunetix-Aspect-Queries: aspectalerts
	2141	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	2142	Host: testaspnet.vulnweb.com
	2143	Connection: Keep-alive
	2144	Accept-Encoding: gzip,deflate
	2145	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	2146	Accept: /
	2147
	2148	btnLogin=Login&tbPassword=g00dPa%24%24w0rD&tbUsername=fyjmttcx&__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></Request>
	2149	<Response><![CDATA[HTTP/1.1 200 OK
	2150	Date: Thu, 14 Nov 2013 14:26:41 GMT
	2151	Server: Microsoft-IIS/6.0
	2152	X-Powered-By: ASP.NET
	2153	X-AspNet-Version: 2.0.50727
	2154	Cache-Control: private
	2155	Content-Type: text/html; charset=utf-8
	2156	Content-Length: 12328
	2157	]]></Response>
	2158	</TechnicalDetails>
	2159	<References>
	2160	<Reference>
	2161	<Database><![CDATA[The Google Hacking Database (GHDB) community]]></Database>
	2162	<URL><![CDATA[http://johnny.ihackstuff.com/]]></URL>
	2163	</Reference>
	2164	<Reference>
	2165	<Database><![CDATA[Acunetix Google hacking]]></Database>
	2166	<URL><![CDATA[http://www.acunetix.com/websitesecurity/google-hacking.htm]]></URL>
	2167	</Reference>
	2168	</References>
	2169	</ReportItem>
	2170
	2171	<ReportItem id="23" color="orange">
	2172	<Name><![CDATA[Unencrypted __VIEWSTATE parameter]]></Name>
	2173	<ModuleName><![CDATA[Crawler]]></ModuleName>
	2174	<Details><![CDATA[form name: <font color="dark">"Form1"</font><br/>form action: <font color="dark">"readnews.aspx?id=3&NewsAd=ads%2fdef.html"</font><br/>VIEWSTATE: <font color="dark">"/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEF8Q08cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVy"</font><br/>VIEWSTATE decoded: <font color="dark">"#####
	2175	-352232569#d#####d#####d#########href#
	2176	login.aspx# innerhtml##logind#######d##Visiblehd########Iposted by <strong>admin </strong>11/8/2005 11:37:35 AMd########1Acunetix Web Vulnerability Scanner beta released!d######### ⏎
	2177	<p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users sho"</font><br/>]]></Details>
	2178	<Affects><![CDATA[/readnews.aspx (e4657a51a6805d9d37502f831ddc19c6)]]></Affects>
	2179	<Parameter><![CDATA[]]></Parameter>
	2180	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	2181	<AOP_SourceLine>0</AOP_SourceLine>
	2182	<AOP_Additional><![CDATA[]]></AOP_Additional>
	2183	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	2184	<Severity><![CDATA[medium]]></Severity>
	2185	<Type><![CDATA[Informational]]></Type>
	2186	<Impact><![CDATA[Possible sensitive information disclosure.]]></Impact>
	2187	<Description><![CDATA[The __VIEWSTATE parameter is not encrypted. To reduce the chance of someone intercepting the information stored in the ViewState, it is good design to encrypt the ViewState. To do this, set the machineKey validation type to 3DES. This instructs ASP.NET to encrypt the ViewState value using the Triple DES symmetric encryption algorithm.]]></Description>
	2188	<DetailedInformation><![CDATA[]]></DetailedInformation>
	2189	<Recommendation><![CDATA[Open <font color="dark"><b>Web.Config</b></font> and add the following line under the <font color="dark"><b><system.web></b></font> element: <br/><pre wrap="virtual"><machineKey validation="3DES"/> </pre>]]></Recommendation>
	2190	<TechnicalDetails>
	2191	<Request><![CDATA[POST /readnews.aspx?id=3&NewsAd=ads/def.html HTTP/1.1
	2192	Pragma: no-cache
	2193	Cache-Control: no-cache
	2194	Referer: http://testaspnet.vulnweb.com/readnews.aspx
	2195	Content-Length: 10791
	2196	Content-Type: application/x-www-form-urlencoded
	2197	Acunetix-Aspect: enabled
	2198	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	2199	Acunetix-Aspect-Queries: aspectalerts
	2200	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	2201	Host: testaspnet.vulnweb.com
	2202	Connection: Keep-alive
	2203	Accept-Encoding: gzip,deflate
	2204	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	2205	Accept: /
	2206
	2207	__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWVwKO/ffgDgKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMTuBuYk15KvnzAGnqqPk6tDbzR0Y%3d&__VIEWSTATE=/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2bYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWuNzxwPjxzdHJvbmc%2bQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2bPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2bPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2bIDwvdWw%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggd2FzIGZvdW5kZWQgdG8gY29tYmF0IHRoZSBhbGFybWluZyByaXNlIGluICAgICAgICAgICAgICAgICAgICAgICAgICAgIHdlYiBhdHRhY2tzLiBJdHMgZmxhZ3NoaXAgcHJvZHVjdCwgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgU2Nhbm5lciwgaXMgdGhlIHJlc3VsdCBvZiBzZXZlcmFsIHllYXJzIG9mIGRldmVsb3BtZW50ICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJ5IGEgdGVhbSBvZiBoaWdobHkgZXhwZXJpZW5jZWQgc2VjdXJpdHkgZGV2ZWxvcGVycy4gICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggaXMgYSBwcml2YXRlbHkgaGVsZCBjb21wYW55IHdpdGggaGVhZHF1YXJ0ZXJzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJhc2VkIGluIEV1cm9wZSAoTWFsdGEpIHdpdGggaXRzIE5ldyBZb3JrIFVTIG9mZmljZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY2hlZHVsZWQgdG8gb3BlbiBpbiBRMyBvZiAyMDA1LiA8L3A%2bIGQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkNCSZh%2buMoCTcXGDfVu5D5CfxA7Y%3d]]></Request>
	2208	<Response><![CDATA[HTTP/1.1 200 OK
	2209	Date: Thu, 14 Nov 2013 14:26:41 GMT
	2210	Server: Microsoft-IIS/6.0
	2211	X-Powered-By: ASP.NET
	2212	X-AspNet-Version: 2.0.50727
	2213	Cache-Control: private
	2214	Content-Type: text/html; charset=utf-8
	2215	Content-Length: 16884
	2216	]]></Response>
	2217	</TechnicalDetails>
	2218	<References></References>
	2219	</ReportItem>
	2220
	2221	<ReportItem id="24" color="orange">
	2222	<Name><![CDATA[Unencrypted __VIEWSTATE parameter]]></Name>
	2223	<ModuleName><![CDATA[Crawler]]></ModuleName>
	2224	<Details><![CDATA[form name: <font color="dark">"Form1"</font><br/>form action: <font color="dark">"readnews.aspx?id=3"</font><br/>VIEWSTATE: <font color="dark">"/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNzozNSBBTWQCBQ8WAh8BBTFBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIGJldGEgcmVsZWFzZWQhZAIHDxYCHwEF8Q08cD5EdXJpbmcgdGhlIGJldGEgcGhhc2UsIGJ1aWxkcyBhcmUgcmVsZWFzZWQgZnJlcXVlbnRseSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhlcmVmb3JlIGl0IGlzIG5vdCByZWNvbW1lbmRlZCB0aGF0IHRoZSBzYW1lIGJldGEgdmVy"</font><br/>VIEWSTATE decoded: <font color="dark">"#####
	2225	-352232569#d#####d#####d#########href#
	2226	login.aspx# innerhtml##logind#######d##Visiblehd########Iposted by <strong>admin </strong>11/8/2005 11:37:35 AMd########1Acunetix Web Vulnerability Scanner beta released!d######### ⏎
	2227	<p>During the beta phase, builds are released frequently, therefore it is not recommended that the same beta version is used for more than 30 days. To beta-test beyond 30 days, users sho"</font><br/>]]></Details>
	2228	<Affects><![CDATA[/readnews.aspx (2ae3ef37ff42a40617d25a9c1c42559d)]]></Affects>
	2229	<Parameter><![CDATA[]]></Parameter>
	2230	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	2231	<AOP_SourceLine>0</AOP_SourceLine>
	2232	<AOP_Additional><![CDATA[]]></AOP_Additional>
	2233	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	2234	<Severity><![CDATA[medium]]></Severity>
	2235	<Type><![CDATA[Informational]]></Type>
	2236	<Impact><![CDATA[Possible sensitive information disclosure.]]></Impact>
	2237	<Description><![CDATA[The __VIEWSTATE parameter is not encrypted. To reduce the chance of someone intercepting the information stored in the ViewState, it is good design to encrypt the ViewState. To do this, set the machineKey validation type to 3DES. This instructs ASP.NET to encrypt the ViewState value using the Triple DES symmetric encryption algorithm.]]></Description>
	2238	<DetailedInformation><![CDATA[]]></DetailedInformation>
	2239	<Recommendation><![CDATA[Open <font color="dark"><b>Web.Config</b></font> and add the following line under the <font color="dark"><b><system.web></b></font> element: <br/><pre wrap="virtual"><machineKey validation="3DES"/> </pre>]]></Recommendation>
	2240	<TechnicalDetails>
	2241	<Request><![CDATA[GET /readnews.aspx?id=3 HTTP/1.1
	2242	Pragma: no-cache
	2243	Cache-Control: no-cache
	2244	Referer: http://testaspnet.vulnweb.com/comments.aspx
	2245	Acunetix-Aspect: enabled
	2246	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	2247	Acunetix-Aspect-Queries: aspectalerts
	2248	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	2249	Host: testaspnet.vulnweb.com
	2250	Connection: Keep-alive
	2251	Accept-Encoding: gzip,deflate
	2252	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	2253	Accept: /
	2254
	2255	]]></Request>
	2256	<Response><![CDATA[HTTP/1.1 200 OK
	2257	Date: Thu, 14 Nov 2013 14:26:42 GMT
	2258	Server: Microsoft-IIS/6.0
	2259	X-Powered-By: ASP.NET
	2260	X-AspNet-Version: 2.0.50727
	2261	Cache-Control: private
	2262	Content-Type: text/html; charset=utf-8
	2263	Content-Length: 16787
	2264	]]></Response>
	2265	</TechnicalDetails>
	2266	<References></References>
	2267	</ReportItem>
	2268
	2269	<ReportItem id="25" color="green">
	2270	<Name><![CDATA[Error page web server version disclosure]]></Name>
	2271	<ModuleName><![CDATA[Scripting (Error_Page_Path_Disclosure.script)]]></ModuleName>
	2272	<Details><![CDATA[Information disclosure pattern found: <font color="dark">Microsoft .NET Framework Version:2.0.50727.3053; ASP.NET Version:2.0.50727.3053</font>]]></Details>
	2273	<Affects><![CDATA[Web Server]]></Affects>
	2274	<Parameter><![CDATA[]]></Parameter>
	2275	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	2276	<AOP_SourceLine>0</AOP_SourceLine>
	2277	<AOP_Additional><![CDATA[]]></AOP_Additional>
	2278	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	2279	<Severity><![CDATA[info]]></Severity>
	2280	<Type><![CDATA[Configuration]]></Type>
	2281	<Impact><![CDATA[Possible sensitive information disclosure.]]></Impact>
	2282	<Description><![CDATA[By requesting a page that doesn't exist, an error page was returned. This error page contains the web server version number and a list of modules enabled on this server. This information can be used to conduct further attacks.]]></Description>
	2283	<DetailedInformation><![CDATA[]]></DetailedInformation>
	2284	<Recommendation><![CDATA[If you are using Apache, you can setup a custom 404 page by following the instructions provided in the References section.]]></Recommendation>
	2285	<TechnicalDetails>
	2286	<Request><![CDATA[GET /R9bwZuGkQ0.aspx HTTP/1.1
	2287	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	2288	Host: testaspnet.vulnweb.com
	2289	Connection: Keep-alive
	2290	Accept-Encoding: gzip,deflate
	2291	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	2292	Accept: /
	2293
	2294	]]></Request>
	2295	<Response><![CDATA[HTTP/1.1 404 Not Found
	2296	Date: Thu, 14 Nov 2013 14:26:42 GMT
	2297	Server: Microsoft-IIS/6.0
	2298	X-Powered-By: ASP.NET
	2299	X-AspNet-Version: 2.0.50727
	2300	Cache-Control: private
	2301	Content-Type: text/html; charset=utf-8
	2302	Content-Length: 3347
	2303	]]></Response>
	2304	</TechnicalDetails>
	2305	<References>
	2306	<Reference>
	2307	<Database><![CDATA[Custom error responses]]></Database>
	2308	<URL><![CDATA[http://httpd.apache.org/docs/1.3/custom-error.html]]></URL>
	2309	</Reference>
	2310	<Reference>
	2311	<Database><![CDATA[Creating Custom Error Pages on Apache Servers]]></Database>
	2312	<URL><![CDATA[http://www.webreference.com/programming/apache_errors/]]></URL>
	2313	</Reference>
	2314	</References>
	2315	</ReportItem>
	2316
	2317	<ReportItem id="26" color="green">
	2318	<Name><![CDATA[GHDB: Typical login page]]></Name>
	2319	<ModuleName><![CDATA[GHDB]]></ModuleName>
	2320	<Details><![CDATA[We found <pre wrap="virtual"><font color="blue">inurl:login.asp</font></pre>]]></Details>
	2321	<Affects><![CDATA[/login.aspx (79ea5a36a5cedd4ac82ab5b64fe8ad28)]]></Affects>
	2322	<Parameter><![CDATA[]]></Parameter>
	2323	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	2324	<AOP_SourceLine>0</AOP_SourceLine>
	2325	<AOP_Additional><![CDATA[]]></AOP_Additional>
	2326	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	2327	<Severity><![CDATA[info]]></Severity>
	2328	<Type><![CDATA[Informational]]></Type>
	2329	<Impact><![CDATA[Not available. Check description.]]></Impact>
	2330	<Description><![CDATA[ <div class="coolbox"><font color="dark">The description for this alert is contributed by the GHDB community, it may contain inappropriate language.</font></div><br/><font color="navy">Category : Pages containing login portals</font><br/><br/>This is a typical login page. It has recently become a target for SQL injection. Comsec's article at http://www.governmentsecurity.org/articles/SQLinjectionBasicTutorial.php brought this to my attention.<br/><br/>The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.]]></Description>
	2331	<DetailedInformation><![CDATA[]]></DetailedInformation>
	2332	<Recommendation><![CDATA[Not available. Check description.]]></Recommendation>
	2333	<TechnicalDetails>
	2334	<Request><![CDATA[POST /login.aspx HTTP/1.1
	2335	Pragma: no-cache
	2336	Cache-Control: no-cache
	2337	Referer: http://testaspnet.vulnweb.com/login.aspx
	2338	Content-Length: 1161
	2339	Content-Type: application/x-www-form-urlencoded
	2340	Acunetix-Aspect: enabled
	2341	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	2342	Acunetix-Aspect-Queries: aspectalerts
	2343	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	2344	Host: testaspnet.vulnweb.com
	2345	Connection: Keep-alive
	2346	Accept-Encoding: gzip,deflate
	2347	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	2348	Accept: /
	2349
	2350	btnLogin=Login&cbPersistCookie=on&tbPassword=g00dPa%24%24w0rD&tbUsername=ljmrwpfo&__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></Request>
	2351	<Response><![CDATA[HTTP/1.1 200 OK
	2352	Date: Thu, 14 Nov 2013 14:26:42 GMT
	2353	Server: Microsoft-IIS/6.0
	2354	X-Powered-By: ASP.NET
	2355	X-AspNet-Version: 2.0.50727
	2356	Cache-Control: private
	2357	Content-Type: text/html; charset=utf-8
	2358	Content-Length: 12346
	2359	]]></Response>
	2360	</TechnicalDetails>
	2361	<References>
	2362	<Reference>
	2363	<Database><![CDATA[The Google Hacking Database (GHDB) community]]></Database>
	2364	<URL><![CDATA[http://johnny.ihackstuff.com/]]></URL>
	2365	</Reference>
	2366	<Reference>
	2367	<Database><![CDATA[Acunetix Google hacking]]></Database>
	2368	<URL><![CDATA[http://www.acunetix.com/websitesecurity/google-hacking.htm]]></URL>
	2369	</Reference>
	2370	</References>
	2371	</ReportItem>
	2372
	2373	<ReportItem id="27" color="green">
	2374	<Name><![CDATA[Password type input with auto-complete enabled]]></Name>
	2375	<ModuleName><![CDATA[Crawler]]></ModuleName>
	2376	<Details><![CDATA[Password type input named <b><font color="dark">tbPassword</font></b> from form named <b>frmLogin</b> with action <b>login.aspx?ReturnUrl=%2flogout.aspx</b> has autocomplete enabled.]]></Details>
	2377	<Affects><![CDATA[/login.aspx (2cf4e729ea10427a01c01f366190f25a)]]></Affects>
	2378	<Parameter><![CDATA[]]></Parameter>
	2379	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	2380	<AOP_SourceLine>0</AOP_SourceLine>
	2381	<AOP_Additional><![CDATA[]]></AOP_Additional>
	2382	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	2383	<Severity><![CDATA[info]]></Severity>
	2384	<Type><![CDATA[Informational]]></Type>
	2385	<Impact><![CDATA[Possible sensitive information disclosure]]></Impact>
	2386	<Description><![CDATA[When a new name and password is entered in a form and the form is submitted, the browser asks if the password should be saved. Thereafter when the form is displayed, the name and password are filled in automatically or are completed as the name is entered. An attacker with local access could obtain the cleartext password from the browser cache.]]></Description>
	2387	<DetailedInformation><![CDATA[]]></DetailedInformation>
	2388	<Recommendation><![CDATA[The password auto-complete should be disabled in sensitive applications. <br/>To disable auto-complete, you may use a code similar to: <pre wrap="virtual"><code><INPUT TYPE="password" AUTOCOMPLETE="off"></code></pre>]]></Recommendation>
	2389	<TechnicalDetails>
	2390	<Request><![CDATA[GET /login.aspx?ReturnUrl=/logout.aspx HTTP/1.1
	2391	Pragma: no-cache
	2392	Cache-Control: no-cache
	2393	Referer: http://testaspnet.vulnweb.com/logout.aspx
	2394	Acunetix-Aspect: enabled
	2395	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	2396	Acunetix-Aspect-Queries: aspectalerts
	2397	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	2398	Host: testaspnet.vulnweb.com
	2399	Connection: Keep-alive
	2400	Accept-Encoding: gzip,deflate
	2401	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	2402	Accept: /
	2403
	2404	]]></Request>
	2405	<Response><![CDATA[HTTP/1.1 200 OK
	2406	Date: Thu, 14 Nov 2013 14:26:42 GMT
	2407	Server: Microsoft-IIS/6.0
	2408	X-Powered-By: ASP.NET
	2409	X-AspNet-Version: 2.0.50727
	2410	Cache-Control: private
	2411	Content-Type: text/html; charset=utf-8
	2412	Content-Length: 12354
	2413	]]></Response>
	2414	</TechnicalDetails>
	2415	<References></References>
	2416	</ReportItem>
	2417
	2418	<ReportItem id="28" color="orange">
	2419	<Name><![CDATA[Unencrypted __VIEWSTATE parameter]]></Name>
	2420	<ModuleName><![CDATA[Crawler]]></ModuleName>
	2421	<Details><![CDATA[form name: <font color="dark">"frmLogin"</font><br/>form action: <font color="dark">"login.aspx?ReturnUrl=%2flogout.aspx"</font><br/>VIEWSTATE: <font color="dark">"/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W+w+8Zj9n0mGriLs0UbfzYNdg=="</font><br/>VIEWSTATE decoded: <font color="dark">"#####
	2422	-223969811#d#####d#####d#########href#
	2423	login.aspx# innerhtml##logind#######d##Visiblehd####__ControlsRequirePostBackKey__####cbPersistCookie##o###c#}&####E#6 ⏎
	2424	v"</font><br/>]]></Details>
	2425	<Affects><![CDATA[/login.aspx (2cf4e729ea10427a01c01f366190f25a)]]></Affects>
	2426	<Parameter><![CDATA[]]></Parameter>
	2427	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	2428	<AOP_SourceLine>0</AOP_SourceLine>
	2429	<AOP_Additional><![CDATA[]]></AOP_Additional>
	2430	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	2431	<Severity><![CDATA[medium]]></Severity>
	2432	<Type><![CDATA[Informational]]></Type>
	2433	<Impact><![CDATA[Possible sensitive information disclosure.]]></Impact>
	2434	<Description><![CDATA[The __VIEWSTATE parameter is not encrypted. To reduce the chance of someone intercepting the information stored in the ViewState, it is good design to encrypt the ViewState. To do this, set the machineKey validation type to 3DES. This instructs ASP.NET to encrypt the ViewState value using the Triple DES symmetric encryption algorithm.]]></Description>
	2435	<DetailedInformation><![CDATA[]]></DetailedInformation>
	2436	<Recommendation><![CDATA[Open <font color="dark"><b>Web.Config</b></font> and add the following line under the <font color="dark"><b><system.web></b></font> element: <br/><pre wrap="virtual"><machineKey validation="3DES"/> </pre>]]></Recommendation>
	2437	<TechnicalDetails>
	2438	<Request><![CDATA[GET /login.aspx?ReturnUrl=/logout.aspx HTTP/1.1
	2439	Pragma: no-cache
	2440	Cache-Control: no-cache
	2441	Referer: http://testaspnet.vulnweb.com/logout.aspx
	2442	Acunetix-Aspect: enabled
	2443	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	2444	Acunetix-Aspect-Queries: aspectalerts
	2445	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	2446	Host: testaspnet.vulnweb.com
	2447	Connection: Keep-alive
	2448	Accept-Encoding: gzip,deflate
	2449	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	2450	Accept: /
	2451
	2452	]]></Request>
	2453	<Response><![CDATA[HTTP/1.1 200 OK
	2454	Date: Thu, 14 Nov 2013 14:26:42 GMT
	2455	Server: Microsoft-IIS/6.0
	2456	X-Powered-By: ASP.NET
	2457	X-AspNet-Version: 2.0.50727
	2458	Cache-Control: private
	2459	Content-Type: text/html; charset=utf-8
	2460	Content-Length: 12354
	2461	]]></Response>
	2462	</TechnicalDetails>
	2463	<References></References>
	2464	</ReportItem>
	2465
	2466	<ReportItem id="29" color="green">
	2467	<Name><![CDATA[GHDB: Typical login page]]></Name>
	2468	<ModuleName><![CDATA[GHDB]]></ModuleName>
	2469	<Details><![CDATA[We found <pre wrap="virtual"><font color="blue">inurl:login.asp</font></pre>]]></Details>
	2470	<Affects><![CDATA[/login.aspx (2cf4e729ea10427a01c01f366190f25a)]]></Affects>
	2471	<Parameter><![CDATA[]]></Parameter>
	2472	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	2473	<AOP_SourceLine>0</AOP_SourceLine>
	2474	<AOP_Additional><![CDATA[]]></AOP_Additional>
	2475	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	2476	<Severity><![CDATA[info]]></Severity>
	2477	<Type><![CDATA[Informational]]></Type>
	2478	<Impact><![CDATA[Not available. Check description.]]></Impact>
	2479	<Description><![CDATA[ <div class="coolbox"><font color="dark">The description for this alert is contributed by the GHDB community, it may contain inappropriate language.</font></div><br/><font color="navy">Category : Pages containing login portals</font><br/><br/>This is a typical login page. It has recently become a target for SQL injection. Comsec's article at http://www.governmentsecurity.org/articles/SQLinjectionBasicTutorial.php brought this to my attention.<br/><br/>The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.]]></Description>
	2480	<DetailedInformation><![CDATA[]]></DetailedInformation>
	2481	<Recommendation><![CDATA[Not available. Check description.]]></Recommendation>
	2482	<TechnicalDetails>
	2483	<Request><![CDATA[GET /login.aspx?ReturnUrl=/logout.aspx HTTP/1.1
	2484	Pragma: no-cache
	2485	Cache-Control: no-cache
	2486	Referer: http://testaspnet.vulnweb.com/logout.aspx
	2487	Acunetix-Aspect: enabled
	2488	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	2489	Acunetix-Aspect-Queries: aspectalerts
	2490	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	2491	Host: testaspnet.vulnweb.com
	2492	Connection: Keep-alive
	2493	Accept-Encoding: gzip,deflate
	2494	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	2495	Accept: /
	2496
	2497	]]></Request>
	2498	<Response><![CDATA[HTTP/1.1 200 OK
	2499	Date: Thu, 14 Nov 2013 14:26:42 GMT
	2500	Server: Microsoft-IIS/6.0
	2501	X-Powered-By: ASP.NET
	2502	X-AspNet-Version: 2.0.50727
	2503	Cache-Control: private
	2504	Content-Type: text/html; charset=utf-8
	2505	Content-Length: 12354
	2506	]]></Response>
	2507	</TechnicalDetails>
	2508	<References>
	2509	<Reference>
	2510	<Database><![CDATA[The Google Hacking Database (GHDB) community]]></Database>
	2511	<URL><![CDATA[http://johnny.ihackstuff.com/]]></URL>
	2512	</Reference>
	2513	<Reference>
	2514	<Database><![CDATA[Acunetix Google hacking]]></Database>
	2515	<URL><![CDATA[http://www.acunetix.com/websitesecurity/google-hacking.htm]]></URL>
	2516	</Reference>
	2517	</References>
	2518	</ReportItem>
	2519
	2520	<ReportItem id="30" color="green">
	2521	<Name><![CDATA[Password type input with auto-complete enabled]]></Name>
	2522	<ModuleName><![CDATA[Crawler]]></ModuleName>
	2523	<Details><![CDATA[Password type input named <b><font color="dark">tbPassword</font></b> from form named <b>frmLogin</b> with action <b>login.aspx?ReturnUrl=%2fpostnews.aspx</b> has autocomplete enabled.]]></Details>
	2524	<Affects><![CDATA[/login.aspx (7dd31244ca65de83cf0faf8d8fc754b2)]]></Affects>
	2525	<Parameter><![CDATA[]]></Parameter>
	2526	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	2527	<AOP_SourceLine>0</AOP_SourceLine>
	2528	<AOP_Additional><![CDATA[]]></AOP_Additional>
	2529	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	2530	<Severity><![CDATA[info]]></Severity>
	2531	<Type><![CDATA[Informational]]></Type>
	2532	<Impact><![CDATA[Possible sensitive information disclosure]]></Impact>
	2533	<Description><![CDATA[When a new name and password is entered in a form and the form is submitted, the browser asks if the password should be saved. Thereafter when the form is displayed, the name and password are filled in automatically or are completed as the name is entered. An attacker with local access could obtain the cleartext password from the browser cache.]]></Description>
	2534	<DetailedInformation><![CDATA[]]></DetailedInformation>
	2535	<Recommendation><![CDATA[The password auto-complete should be disabled in sensitive applications. <br/>To disable auto-complete, you may use a code similar to: <pre wrap="virtual"><code><INPUT TYPE="password" AUTOCOMPLETE="off"></code></pre>]]></Recommendation>
	2536	<TechnicalDetails>
	2537	<Request><![CDATA[GET /login.aspx?ReturnUrl=/postnews.aspx HTTP/1.1
	2538	Pragma: no-cache
	2539	Cache-Control: no-cache
	2540	Referer: http://testaspnet.vulnweb.com/postnews.aspx
	2541	Acunetix-Aspect: enabled
	2542	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	2543	Acunetix-Aspect-Queries: aspectalerts
	2544	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	2545	Host: testaspnet.vulnweb.com
	2546	Connection: Keep-alive
	2547	Accept-Encoding: gzip,deflate
	2548	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	2549	Accept: /
	2550
	2551	]]></Request>
	2552	<Response><![CDATA[HTTP/1.1 200 OK
	2553	Date: Thu, 14 Nov 2013 14:26:42 GMT
	2554	Server: Microsoft-IIS/6.0
	2555	X-Powered-By: ASP.NET
	2556	X-AspNet-Version: 2.0.50727
	2557	Cache-Control: private
	2558	Content-Type: text/html; charset=utf-8
	2559	Content-Length: 12356
	2560	]]></Response>
	2561	</TechnicalDetails>
	2562	<References></References>
	2563	</ReportItem>
	2564
	2565	<ReportItem id="31" color="orange">
	2566	<Name><![CDATA[Unencrypted __VIEWSTATE parameter]]></Name>
	2567	<ModuleName><![CDATA[Crawler]]></ModuleName>
	2568	<Details><![CDATA[form name: <font color="dark">"frmLogin"</font><br/>form action: <font color="dark">"login.aspx?ReturnUrl=%2fpostnews.aspx"</font><br/>VIEWSTATE: <font color="dark">"/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W+w+8Zj9n0mGriLs0UbfzYNdg=="</font><br/>VIEWSTATE decoded: <font color="dark">"#####
	2569	-223969811#d#####d#####d#########href#
	2570	login.aspx# innerhtml##logind#######d##Visiblehd####__ControlsRequirePostBackKey__####cbPersistCookie##o###c#}&####E#6 ⏎
	2571	v"</font><br/>]]></Details>
	2572	<Affects><![CDATA[/login.aspx (7dd31244ca65de83cf0faf8d8fc754b2)]]></Affects>
	2573	<Parameter><![CDATA[]]></Parameter>
	2574	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	2575	<AOP_SourceLine>0</AOP_SourceLine>
	2576	<AOP_Additional><![CDATA[]]></AOP_Additional>
	2577	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	2578	<Severity><![CDATA[medium]]></Severity>
	2579	<Type><![CDATA[Informational]]></Type>
	2580	<Impact><![CDATA[Possible sensitive information disclosure.]]></Impact>
	2581	<Description><![CDATA[The __VIEWSTATE parameter is not encrypted. To reduce the chance of someone intercepting the information stored in the ViewState, it is good design to encrypt the ViewState. To do this, set the machineKey validation type to 3DES. This instructs ASP.NET to encrypt the ViewState value using the Triple DES symmetric encryption algorithm.]]></Description>
	2582	<DetailedInformation><![CDATA[]]></DetailedInformation>
	2583	<Recommendation><![CDATA[Open <font color="dark"><b>Web.Config</b></font> and add the following line under the <font color="dark"><b><system.web></b></font> element: <br/><pre wrap="virtual"><machineKey validation="3DES"/> </pre>]]></Recommendation>
	2584	<TechnicalDetails>
	2585	<Request><![CDATA[GET /login.aspx?ReturnUrl=/postnews.aspx HTTP/1.1
	2586	Pragma: no-cache
	2587	Cache-Control: no-cache
	2588	Referer: http://testaspnet.vulnweb.com/postnews.aspx
	2589	Acunetix-Aspect: enabled
	2590	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	2591	Acunetix-Aspect-Queries: aspectalerts
	2592	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	2593	Host: testaspnet.vulnweb.com
	2594	Connection: Keep-alive
	2595	Accept-Encoding: gzip,deflate
	2596	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	2597	Accept: /
	2598
	2599	]]></Request>
	2600	<Response><![CDATA[HTTP/1.1 200 OK
	2601	Date: Thu, 14 Nov 2013 14:26:42 GMT
	2602	Server: Microsoft-IIS/6.0
	2603	X-Powered-By: ASP.NET
	2604	X-AspNet-Version: 2.0.50727
	2605	Cache-Control: private
	2606	Content-Type: text/html; charset=utf-8
	2607	Content-Length: 12356
	2608	]]></Response>
	2609	</TechnicalDetails>
	2610	<References></References>
	2611	</ReportItem>
	2612
	2613	<ReportItem id="32" color="green">
	2614	<Name><![CDATA[GHDB: Typical login page]]></Name>
	2615	<ModuleName><![CDATA[GHDB]]></ModuleName>
	2616	<Details><![CDATA[We found <pre wrap="virtual"><font color="blue">inurl:login.asp</font></pre>]]></Details>
	2617	<Affects><![CDATA[/login.aspx (7dd31244ca65de83cf0faf8d8fc754b2)]]></Affects>
	2618	<Parameter><![CDATA[]]></Parameter>
	2619	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	2620	<AOP_SourceLine>0</AOP_SourceLine>
	2621	<AOP_Additional><![CDATA[]]></AOP_Additional>
	2622	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	2623	<Severity><![CDATA[info]]></Severity>
	2624	<Type><![CDATA[Informational]]></Type>
	2625	<Impact><![CDATA[Not available. Check description.]]></Impact>
	2626	<Description><![CDATA[ <div class="coolbox"><font color="dark">The description for this alert is contributed by the GHDB community, it may contain inappropriate language.</font></div><br/><font color="navy">Category : Pages containing login portals</font><br/><br/>This is a typical login page. It has recently become a target for SQL injection. Comsec's article at http://www.governmentsecurity.org/articles/SQLinjectionBasicTutorial.php brought this to my attention.<br/><br/>The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.]]></Description>
	2627	<DetailedInformation><![CDATA[]]></DetailedInformation>
	2628	<Recommendation><![CDATA[Not available. Check description.]]></Recommendation>
	2629	<TechnicalDetails>
	2630	<Request><![CDATA[GET /login.aspx?ReturnUrl=/postnews.aspx HTTP/1.1
	2631	Pragma: no-cache
	2632	Cache-Control: no-cache
	2633	Referer: http://testaspnet.vulnweb.com/postnews.aspx
	2634	Acunetix-Aspect: enabled
	2635	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	2636	Acunetix-Aspect-Queries: aspectalerts
	2637	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	2638	Host: testaspnet.vulnweb.com
	2639	Connection: Keep-alive
	2640	Accept-Encoding: gzip,deflate
	2641	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	2642	Accept: /
	2643
	2644	]]></Request>
	2645	<Response><![CDATA[HTTP/1.1 200 OK
	2646	Date: Thu, 14 Nov 2013 14:26:42 GMT
	2647	Server: Microsoft-IIS/6.0
	2648	X-Powered-By: ASP.NET
	2649	X-AspNet-Version: 2.0.50727
	2650	Cache-Control: private
	2651	Content-Type: text/html; charset=utf-8
	2652	Content-Length: 12356
	2653	]]></Response>
	2654	</TechnicalDetails>
	2655	<References>
	2656	<Reference>
	2657	<Database><![CDATA[The Google Hacking Database (GHDB) community]]></Database>
	2658	<URL><![CDATA[http://johnny.ihackstuff.com/]]></URL>
	2659	</Reference>
	2660	<Reference>
	2661	<Database><![CDATA[Acunetix Google hacking]]></Database>
	2662	<URL><![CDATA[http://www.acunetix.com/websitesecurity/google-hacking.htm]]></URL>
	2663	</Reference>
	2664	</References>
	2665	</ReportItem>
	2666
	2667	<ReportItem id="33" color="orange">
	2668	<Name><![CDATA[Unencrypted __VIEWSTATE parameter]]></Name>
	2669	<ModuleName><![CDATA[Crawler]]></ModuleName>
	2670	<Details><![CDATA[form name: <font color="dark">"Form1"</font><br/>form action: <font color="dark">"readnews.aspx?id=2"</font><br/>VIEWSTATE: <font color="dark">"/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc+YWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWuNzxwPjxzdHJvbmc+QWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwv"</font><br/>VIEWSTATE decoded: <font color="dark">"#####
	2671	-352232569#d#####d#####d#########href#
	2672	login.aspx# innerhtml##logind#######d##Visiblehd########Iposted by <strong>admin </strong>11/8/2005 11:35:22 AMd########<Web attacks - can your web applications withstand the force?d#########7<p><strong>Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2 </strong></p> <p>21 July 2005 - <strong>Start-up company Acunetix released Acunetix We"</font><br/>]]></Details>
	2673	<Affects><![CDATA[/readnews.aspx (93588f630275abc47ac25455f074741b)]]></Affects>
	2674	<Parameter><![CDATA[]]></Parameter>
	2675	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	2676	<AOP_SourceLine>0</AOP_SourceLine>
	2677	<AOP_Additional><![CDATA[]]></AOP_Additional>
	2678	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	2679	<Severity><![CDATA[medium]]></Severity>
	2680	<Type><![CDATA[Informational]]></Type>
	2681	<Impact><![CDATA[Possible sensitive information disclosure.]]></Impact>
	2682	<Description><![CDATA[The __VIEWSTATE parameter is not encrypted. To reduce the chance of someone intercepting the information stored in the ViewState, it is good design to encrypt the ViewState. To do this, set the machineKey validation type to 3DES. This instructs ASP.NET to encrypt the ViewState value using the Triple DES symmetric encryption algorithm.]]></Description>
	2683	<DetailedInformation><![CDATA[]]></DetailedInformation>
	2684	<Recommendation><![CDATA[Open <font color="dark"><b>Web.Config</b></font> and add the following line under the <font color="dark"><b><system.web></b></font> element: <br/><pre wrap="virtual"><machineKey validation="3DES"/> </pre>]]></Recommendation>
	2685	<TechnicalDetails>
	2686	<Request><![CDATA[POST /readnews.aspx?id=2 HTTP/1.1
	2687	Pragma: no-cache
	2688	Cache-Control: no-cache
	2689	Referer: http://testaspnet.vulnweb.com/readnews.aspx
	2690	Content-Length: 10779
	2691	Content-Type: application/x-www-form-urlencoded
	2692	Acunetix-Aspect: enabled
	2693	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	2694	Acunetix-Aspect-Queries: aspectalerts
	2695	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	2696	Host: testaspnet.vulnweb.com
	2697	Connection: Keep-alive
	2698	Accept-Encoding: gzip,deflate
	2699	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	2700	Accept: /
	2701
	2702	__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWVwK0ovnWBgKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IM%2blktliK1xNDntOrRvIod2XbGitg%3d&__VIEWSTATE=/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2bYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWuNzxwPjxzdHJvbmc%2bQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2bPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2bPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2bIDwvdWw%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggd2FzIGZvdW5kZWQgdG8gY29tYmF0IHRoZSBhbGFybWluZyByaXNlIGluICAgICAgICAgICAgICAgICAgICAgICAgICAgIHdlYiBhdHRhY2tzLiBJdHMgZmxhZ3NoaXAgcHJvZHVjdCwgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgU2Nhbm5lciwgaXMgdGhlIHJlc3VsdCBvZiBzZXZlcmFsIHllYXJzIG9mIGRldmVsb3BtZW50ICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJ5IGEgdGVhbSBvZiBoaWdobHkgZXhwZXJpZW5jZWQgc2VjdXJpdHkgZGV2ZWxvcGVycy4gICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggaXMgYSBwcml2YXRlbHkgaGVsZCBjb21wYW55IHdpdGggaGVhZHF1YXJ0ZXJzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJhc2VkIGluIEV1cm9wZSAoTWFsdGEpIHdpdGggaXRzIE5ldyBZb3JrIFVTIG9mZmljZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY2hlZHVsZWQgdG8gb3BlbiBpbiBRMyBvZiAyMDA1LiA8L3A%2bIGQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmNkZGS78tg0yYdYIrm%2b7bJhr2ToTj/BEA%3d%3d]]></Request>
	2703	<Response><![CDATA[HTTP/1.1 200 OK
	2704	Date: Thu, 14 Nov 2013 14:26:43 GMT
	2705	Server: Microsoft-IIS/6.0
	2706	X-Powered-By: ASP.NET
	2707	X-AspNet-Version: 2.0.50727
	2708	Cache-Control: private
	2709	Content-Type: text/html; charset=utf-8
	2710	Content-Length: 29235
	2711	]]></Response>
	2712	</TechnicalDetails>
	2713	<References></References>
	2714	</ReportItem>
	2715
	2716	<ReportItem id="34" color="green">
	2717	<Name><![CDATA[GHDB: Typical login page]]></Name>
	2718	<ModuleName><![CDATA[GHDB]]></ModuleName>
	2719	<Details><![CDATA[We found <pre wrap="virtual"><font color="blue">inurl:login.asp</font></pre>]]></Details>
	2720	<Affects><![CDATA[/login.aspx (2be6e0f4b01a065da1815689302d0b54)]]></Affects>
	2721	<Parameter><![CDATA[]]></Parameter>
	2722	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	2723	<AOP_SourceLine>0</AOP_SourceLine>
	2724	<AOP_Additional><![CDATA[]]></AOP_Additional>
	2725	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	2726	<Severity><![CDATA[info]]></Severity>
	2727	<Type><![CDATA[Informational]]></Type>
	2728	<Impact><![CDATA[Not available. Check description.]]></Impact>
	2729	<Description><![CDATA[ <div class="coolbox"><font color="dark">The description for this alert is contributed by the GHDB community, it may contain inappropriate language.</font></div><br/><font color="navy">Category : Pages containing login portals</font><br/><br/>This is a typical login page. It has recently become a target for SQL injection. Comsec's article at http://www.governmentsecurity.org/articles/SQLinjectionBasicTutorial.php brought this to my attention.<br/><br/>The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.]]></Description>
	2730	<DetailedInformation><![CDATA[]]></DetailedInformation>
	2731	<Recommendation><![CDATA[Not available. Check description.]]></Recommendation>
	2732	<TechnicalDetails>
	2733	<Request><![CDATA[POST /login.aspx?ReturnUrl=/logout.aspx HTTP/1.1
	2734	Pragma: no-cache
	2735	Cache-Control: no-cache
	2736	Referer: http://testaspnet.vulnweb.com/login.aspx
	2737	Content-Length: 1161
	2738	Content-Type: application/x-www-form-urlencoded
	2739	Acunetix-Aspect: enabled
	2740	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	2741	Acunetix-Aspect-Queries: aspectalerts
	2742	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	2743	Host: testaspnet.vulnweb.com
	2744	Connection: Keep-alive
	2745	Accept-Encoding: gzip,deflate
	2746	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	2747	Accept: /
	2748
	2749	btnLogin=Login&cbPersistCookie=on&tbPassword=g00dPa%24%24w0rD&tbUsername=riqcjwfs&__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></Request>
	2750	<Response><![CDATA[HTTP/1.1 200 OK
	2751	Date: Thu, 14 Nov 2013 14:26:44 GMT
	2752	Server: Microsoft-IIS/6.0
	2753	X-Powered-By: ASP.NET
	2754	X-AspNet-Version: 2.0.50727
	2755	Cache-Control: private
	2756	Content-Type: text/html; charset=utf-8
	2757	Content-Length: 12371
	2758	]]></Response>
	2759	</TechnicalDetails>
	2760	<References>
	2761	<Reference>
	2762	<Database><![CDATA[The Google Hacking Database (GHDB) community]]></Database>
	2763	<URL><![CDATA[http://johnny.ihackstuff.com/]]></URL>
	2764	</Reference>
	2765	<Reference>
	2766	<Database><![CDATA[Acunetix Google hacking]]></Database>
	2767	<URL><![CDATA[http://www.acunetix.com/websitesecurity/google-hacking.htm]]></URL>
	2768	</Reference>
	2769	</References>
	2770	</ReportItem>
	2771
	2772	<ReportItem id="35" color="green">
	2773	<Name><![CDATA[GHDB: Typical login page]]></Name>
	2774	<ModuleName><![CDATA[GHDB]]></ModuleName>
	2775	<Details><![CDATA[We found <pre wrap="virtual"><font color="blue">inurl:login.asp</font></pre>]]></Details>
	2776	<Affects><![CDATA[/login.aspx (81f0efe3f5d1c23f8cdff40bfe50b960)]]></Affects>
	2777	<Parameter><![CDATA[]]></Parameter>
	2778	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	2779	<AOP_SourceLine>0</AOP_SourceLine>
	2780	<AOP_Additional><![CDATA[]]></AOP_Additional>
	2781	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	2782	<Severity><![CDATA[info]]></Severity>
	2783	<Type><![CDATA[Informational]]></Type>
	2784	<Impact><![CDATA[Not available. Check description.]]></Impact>
	2785	<Description><![CDATA[ <div class="coolbox"><font color="dark">The description for this alert is contributed by the GHDB community, it may contain inappropriate language.</font></div><br/><font color="navy">Category : Pages containing login portals</font><br/><br/>This is a typical login page. It has recently become a target for SQL injection. Comsec's article at http://www.governmentsecurity.org/articles/SQLinjectionBasicTutorial.php brought this to my attention.<br/><br/>The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.]]></Description>
	2786	<DetailedInformation><![CDATA[]]></DetailedInformation>
	2787	<Recommendation><![CDATA[Not available. Check description.]]></Recommendation>
	2788	<TechnicalDetails>
	2789	<Request><![CDATA[POST /login.aspx?ReturnUrl=/logout.aspx HTTP/1.1
	2790	Pragma: no-cache
	2791	Cache-Control: no-cache
	2792	Referer: http://testaspnet.vulnweb.com/login.aspx
	2793	Content-Length: 1142
	2794	Content-Type: application/x-www-form-urlencoded
	2795	Acunetix-Aspect: enabled
	2796	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	2797	Acunetix-Aspect-Queries: aspectalerts
	2798	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	2799	Host: testaspnet.vulnweb.com
	2800	Connection: Keep-alive
	2801	Accept-Encoding: gzip,deflate
	2802	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	2803	Accept: /
	2804
	2805	btnLogin=Login&tbPassword=g00dPa%24%24w0rD&tbUsername=hjhhosnx&__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></Request>
	2806	<Response><![CDATA[HTTP/1.1 200 OK
	2807	Date: Thu, 14 Nov 2013 14:26:44 GMT
	2808	Server: Microsoft-IIS/6.0
	2809	X-Powered-By: ASP.NET
	2810	X-AspNet-Version: 2.0.50727
	2811	Cache-Control: private
	2812	Content-Type: text/html; charset=utf-8
	2813	Content-Length: 12353
	2814	]]></Response>
	2815	</TechnicalDetails>
	2816	<References>
	2817	<Reference>
	2818	<Database><![CDATA[The Google Hacking Database (GHDB) community]]></Database>
	2819	<URL><![CDATA[http://johnny.ihackstuff.com/]]></URL>
	2820	</Reference>
	2821	<Reference>
	2822	<Database><![CDATA[Acunetix Google hacking]]></Database>
	2823	<URL><![CDATA[http://www.acunetix.com/websitesecurity/google-hacking.htm]]></URL>
	2824	</Reference>
	2825	</References>
	2826	</ReportItem>
	2827
	2828	<ReportItem id="36" color="green">
	2829	<Name><![CDATA[GHDB: Typical login page]]></Name>
	2830	<ModuleName><![CDATA[GHDB]]></ModuleName>
	2831	<Details><![CDATA[We found <pre wrap="virtual"><font color="blue">inurl:login.asp</font></pre>]]></Details>
	2832	<Affects><![CDATA[/login.aspx (56d7c30dbfad941e90adb621920d0432)]]></Affects>
	2833	<Parameter><![CDATA[]]></Parameter>
	2834	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	2835	<AOP_SourceLine>0</AOP_SourceLine>
	2836	<AOP_Additional><![CDATA[]]></AOP_Additional>
	2837	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	2838	<Severity><![CDATA[info]]></Severity>
	2839	<Type><![CDATA[Informational]]></Type>
	2840	<Impact><![CDATA[Not available. Check description.]]></Impact>
	2841	<Description><![CDATA[ <div class="coolbox"><font color="dark">The description for this alert is contributed by the GHDB community, it may contain inappropriate language.</font></div><br/><font color="navy">Category : Pages containing login portals</font><br/><br/>This is a typical login page. It has recently become a target for SQL injection. Comsec's article at http://www.governmentsecurity.org/articles/SQLinjectionBasicTutorial.php brought this to my attention.<br/><br/>The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.]]></Description>
	2842	<DetailedInformation><![CDATA[]]></DetailedInformation>
	2843	<Recommendation><![CDATA[Not available. Check description.]]></Recommendation>
	2844	<TechnicalDetails>
	2845	<Request><![CDATA[POST /login.aspx?ReturnUrl=/postnews.aspx HTTP/1.1
	2846	Pragma: no-cache
	2847	Cache-Control: no-cache
	2848	Referer: http://testaspnet.vulnweb.com/login.aspx
	2849	Content-Length: 1142
	2850	Content-Type: application/x-www-form-urlencoded
	2851	Acunetix-Aspect: enabled
	2852	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	2853	Acunetix-Aspect-Queries: aspectalerts
	2854	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	2855	Host: testaspnet.vulnweb.com
	2856	Connection: Keep-alive
	2857	Accept-Encoding: gzip,deflate
	2858	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	2859	Accept: /
	2860
	2861	btnLogin=Login&tbPassword=g00dPa%24%24w0rD&tbUsername=vpustxlw&__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></Request>
	2862	<Response><![CDATA[HTTP/1.1 200 OK
	2863	Date: Thu, 14 Nov 2013 14:26:44 GMT
	2864	Server: Microsoft-IIS/6.0
	2865	X-Powered-By: ASP.NET
	2866	X-AspNet-Version: 2.0.50727
	2867	Cache-Control: private
	2868	Content-Type: text/html; charset=utf-8
	2869	Content-Length: 12355
	2870	]]></Response>
	2871	</TechnicalDetails>
	2872	<References>
	2873	<Reference>
	2874	<Database><![CDATA[The Google Hacking Database (GHDB) community]]></Database>
	2875	<URL><![CDATA[http://johnny.ihackstuff.com/]]></URL>
	2876	</Reference>
	2877	<Reference>
	2878	<Database><![CDATA[Acunetix Google hacking]]></Database>
	2879	<URL><![CDATA[http://www.acunetix.com/websitesecurity/google-hacking.htm]]></URL>
	2880	</Reference>
	2881	</References>
	2882	</ReportItem>
	2883
	2884	<ReportItem id="37" color="green">
	2885	<Name><![CDATA[GHDB: Typical login page]]></Name>
	2886	<ModuleName><![CDATA[GHDB]]></ModuleName>
	2887	<Details><![CDATA[We found <pre wrap="virtual"><font color="blue">inurl:login.asp</font></pre>]]></Details>
	2888	<Affects><![CDATA[/login.aspx (faf66eb1993c2a83f6af89ad50fbd4fd)]]></Affects>
	2889	<Parameter><![CDATA[]]></Parameter>
	2890	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	2891	<AOP_SourceLine>0</AOP_SourceLine>
	2892	<AOP_Additional><![CDATA[]]></AOP_Additional>
	2893	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	2894	<Severity><![CDATA[info]]></Severity>
	2895	<Type><![CDATA[Informational]]></Type>
	2896	<Impact><![CDATA[Not available. Check description.]]></Impact>
	2897	<Description><![CDATA[ <div class="coolbox"><font color="dark">The description for this alert is contributed by the GHDB community, it may contain inappropriate language.</font></div><br/><font color="navy">Category : Pages containing login portals</font><br/><br/>This is a typical login page. It has recently become a target for SQL injection. Comsec's article at http://www.governmentsecurity.org/articles/SQLinjectionBasicTutorial.php brought this to my attention.<br/><br/>The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.]]></Description>
	2898	<DetailedInformation><![CDATA[]]></DetailedInformation>
	2899	<Recommendation><![CDATA[Not available. Check description.]]></Recommendation>
	2900	<TechnicalDetails>
	2901	<Request><![CDATA[POST /login.aspx?ReturnUrl=/postnews.aspx HTTP/1.1
	2902	Pragma: no-cache
	2903	Cache-Control: no-cache
	2904	Referer: http://testaspnet.vulnweb.com/login.aspx
	2905	Content-Length: 1161
	2906	Content-Type: application/x-www-form-urlencoded
	2907	Acunetix-Aspect: enabled
	2908	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	2909	Acunetix-Aspect-Queries: aspectalerts
	2910	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	2911	Host: testaspnet.vulnweb.com
	2912	Connection: Keep-alive
	2913	Accept-Encoding: gzip,deflate
	2914	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	2915	Accept: /
	2916
	2917	btnLogin=Login&cbPersistCookie=on&tbPassword=g00dPa%24%24w0rD&tbUsername=usighdix&__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></Request>
	2918	<Response><![CDATA[HTTP/1.1 200 OK
	2919	Date: Thu, 14 Nov 2013 14:26:44 GMT
	2920	Server: Microsoft-IIS/6.0
	2921	X-Powered-By: ASP.NET
	2922	X-AspNet-Version: 2.0.50727
	2923	Cache-Control: private
	2924	Content-Type: text/html; charset=utf-8
	2925	Content-Length: 12373
	2926	]]></Response>
	2927	</TechnicalDetails>
	2928	<References>
	2929	<Reference>
	2930	<Database><![CDATA[The Google Hacking Database (GHDB) community]]></Database>
	2931	<URL><![CDATA[http://johnny.ihackstuff.com/]]></URL>
	2932	</Reference>
	2933	<Reference>
	2934	<Database><![CDATA[Acunetix Google hacking]]></Database>
	2935	<URL><![CDATA[http://www.acunetix.com/websitesecurity/google-hacking.htm]]></URL>
	2936	</Reference>
	2937	</References>
	2938	</ReportItem>
	2939
	2940	<ReportItem id="38" color="orange">
	2941	<Name><![CDATA[User credentials are sent in clear text]]></Name>
	2942	<ModuleName><![CDATA[Crawler]]></ModuleName>
	2943	<Details><![CDATA[Form name: <font color="navy">frmLogin</font><br/>Form action: <font color="navy">http://testaspnet.vulnweb.com/login.aspx</font><br/>Form method: <font color="navy">POST</font><br/><br/>Form inputs:<br/><ul><li>__EVENTTARGET [Hidden]</li><li>__EVENTARGUMENT [Hidden]</li><li>__VIEWSTATE [Hidden]</li><li>__EVENTVALIDATION [Hidden]</li><li>tbUsername [Text]</li><li>tbPassword [Password]</li><li>cbPersistCookie [Checkbox]</li><li>btnLogin [Submit]</li></ul>]]></Details>
	2944	<Affects><![CDATA[/login.aspx]]></Affects>
	2945	<Parameter><![CDATA[]]></Parameter>
	2946	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	2947	<AOP_SourceLine>0</AOP_SourceLine>
	2948	<AOP_Additional><![CDATA[]]></AOP_Additional>
	2949	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	2950	<Severity><![CDATA[medium]]></Severity>
	2951	<Type><![CDATA[Informational]]></Type>
	2952	<Impact><![CDATA[A third party may be able to read the user credentials by intercepting an unencrypted HTTP connection.]]></Impact>
	2953	<Description><![CDATA[User credentials are transmitted over an unencrypted channel. This information should always be transferred via an encrypted channel (HTTPS) to avoid being intercepted by malicious users.]]></Description>
	2954	<DetailedInformation><![CDATA[]]></DetailedInformation>
	2955	<Recommendation><![CDATA[Because user credentials are considered sensitive information, should always be transferred to the server over an encrypted connection (HTTPS).]]></Recommendation>
	2956	<TechnicalDetails>
	2957	<Request><![CDATA[GET /login.aspx HTTP/1.1
	2958	Pragma: no-cache
	2959	Cache-Control: no-cache
	2960	Referer: http://testaspnet.vulnweb.com/
	2961	Acunetix-Aspect: enabled
	2962	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	2963	Acunetix-Aspect-Queries: aspectalerts
	2964	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	2965	Host: testaspnet.vulnweb.com
	2966	Connection: Keep-alive
	2967	Accept-Encoding: gzip,deflate
	2968	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	2969	Accept: /
	2970
	2971	]]></Request>
	2972	<Response><![CDATA[HTTP/1.1 200 OK
	2973	Date: Thu, 14 Nov 2013 14:26:35 GMT
	2974	Server: Microsoft-IIS/6.0
	2975	X-Powered-By: ASP.NET
	2976	X-AspNet-Version: 2.0.50727
	2977	Cache-Control: private
	2978	Content-Type: text/html; charset=utf-8
	2979	Content-Length: 12329
	2980	]]></Response>
	2981	</TechnicalDetails>
	2982	<References></References>
	2983	</ReportItem>
	2984
	2985	<ReportItem id="39" color="green">
	2986	<Name><![CDATA[GHDB: Typical login page]]></Name>
	2987	<ModuleName><![CDATA[GHDB]]></ModuleName>
	2988	<Details><![CDATA[We found <pre wrap="virtual"><font color="blue">inurl:login.asp</font></pre>]]></Details>
	2989	<Affects><![CDATA[/login.aspx (239d6b360bee5200c1daef0c8f58c779)]]></Affects>
	2990	<Parameter><![CDATA[]]></Parameter>
	2991	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	2992	<AOP_SourceLine>0</AOP_SourceLine>
	2993	<AOP_Additional><![CDATA[]]></AOP_Additional>
	2994	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	2995	<Severity><![CDATA[info]]></Severity>
	2996	<Type><![CDATA[Informational]]></Type>
	2997	<Impact><![CDATA[Not available. Check description.]]></Impact>
	2998	<Description><![CDATA[ <div class="coolbox"><font color="dark">The description for this alert is contributed by the GHDB community, it may contain inappropriate language.</font></div><br/><font color="navy">Category : Pages containing login portals</font><br/><br/>This is a typical login page. It has recently become a target for SQL injection. Comsec's article at http://www.governmentsecurity.org/articles/SQLinjectionBasicTutorial.php brought this to my attention.<br/><br/>The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community.]]></Description>
	2999	<DetailedInformation><![CDATA[]]></DetailedInformation>
	3000	<Recommendation><![CDATA[Not available. Check description.]]></Recommendation>
	3001	<TechnicalDetails>
	3002	<Request><![CDATA[POST /login.aspx HTTP/1.1
	3003	Pragma: no-cache
	3004	Cache-Control: no-cache
	3005	Referer: http://testaspnet.vulnweb.com/login.aspx
	3006	Content-Length: 1160
	3007	Content-Type: application/x-www-form-urlencoded
	3008	Acunetix-Aspect: enabled
	3009	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	3010	Acunetix-Aspect-Queries: aspectalerts
	3011	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	3012	Host: testaspnet.vulnweb.com
	3013	Connection: Keep-alive
	3014	Accept-Encoding: gzip,deflate
	3015	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	3016	Accept: /
	3017
	3018	btnLogin=Login&cbPersistCookie=e&tbPassword=g00dPa%24%24w0rD&tbUsername=xeitiyuu&__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></Request>
	3019	<Response><![CDATA[HTTP/1.1 200 OK
	3020	Date: Thu, 14 Nov 2013 14:26:59 GMT
	3021	Server: Microsoft-IIS/6.0
	3022	X-Powered-By: ASP.NET
	3023	X-AspNet-Version: 2.0.50727
	3024	Cache-Control: private
	3025	Content-Type: text/html; charset=utf-8
	3026	Content-Length: 12346
	3027	]]></Response>
	3028	</TechnicalDetails>
	3029	<References>
	3030	<Reference>
	3031	<Database><![CDATA[The Google Hacking Database (GHDB) community]]></Database>
	3032	<URL><![CDATA[http://johnny.ihackstuff.com/]]></URL>
	3033	</Reference>
	3034	<Reference>
	3035	<Database><![CDATA[Acunetix Google hacking]]></Database>
	3036	<URL><![CDATA[http://www.acunetix.com/websitesecurity/google-hacking.htm]]></URL>
	3037	</Reference>
	3038	</References>
	3039	</ReportItem>
	3040
	3041	<ReportItem id="40" color="blue">
	3042	<Name><![CDATA[Session Cookie without Secure flag set]]></Name>
	3043	<ModuleName><![CDATA[Crawler]]></ModuleName>
	3044	<Details><![CDATA[Cookie name: <font color="dark">"ASP.NET_SessionId"</font><br/>Cookie domain: <font color="dark">"testaspnet.vulnweb.com"</font><br/>]]></Details>
	3045	<Affects><![CDATA[/]]></Affects>
	3046	<Parameter><![CDATA[]]></Parameter>
	3047	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	3048	<AOP_SourceLine>0</AOP_SourceLine>
	3049	<AOP_Additional><![CDATA[]]></AOP_Additional>
	3050	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	3051	<Severity><![CDATA[low]]></Severity>
	3052	<Type><![CDATA[Informational]]></Type>
	3053	<Impact><![CDATA[None]]></Impact>
	3054	<Description><![CDATA[This cookie does not have the Secure flag set. When a cookie is set with the Secure flag, it instructs the browser that the cookie can only be accessed over secure SSL channels. This is an important security protection for session cookies.]]></Description>
	3055	<DetailedInformation><![CDATA[]]></DetailedInformation>
	3056	<Recommendation><![CDATA[If possible, you should set the Secure flag for this cookie.]]></Recommendation>
	3057	<TechnicalDetails>
	3058	<Request><![CDATA[GET / HTTP/1.1
	3059	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	3060	Host: testaspnet.vulnweb.com
	3061	Connection: Keep-alive
	3062	Accept-Encoding: gzip,deflate
	3063	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	3064	Accept: /
	3065
	3066	]]></Request>
	3067	<Response><![CDATA[HTTP/1.1 200 OK
	3068	Date: Thu, 14 Nov 2013 14:26:34 GMT
	3069	Server: Microsoft-IIS/6.0
	3070	X-Powered-By: ASP.NET
	3071	X-AspNet-Version: 2.0.50727
	3072	Cache-Control: private
	3073	Content-Type: text/html; charset=utf-8
	3074	Content-Length: 12967
	3075	]]></Response>
	3076	</TechnicalDetails>
	3077	<References></References>
	3078	</ReportItem>
	3079
	3080	<ReportItem id="41" color="red">
	3081	<Name><![CDATA[SQL injection (verified)]]></Name>
	3082	<ModuleName><![CDATA[Scripting (Sql_Injection.script)]]></ModuleName>
	3083	<Details><![CDATA[URL encoded GET input <b><font color="dark">id</font></b> was set to <b><font color="dark">1ACUSTART'"JufNHACUEND</font></b>]]></Details>
	3084	<Affects><![CDATA[/comments.aspx]]></Affects>
	3085	<Parameter><![CDATA[id]]></Parameter>
	3086	<AOP_SourceFile><![CDATA[C:\Websites\AspNet\comments.aspx]]></AOP_SourceFile>
	3087	<AOP_SourceLine>0</AOP_SourceLine>
	3088	<AOP_Additional><![CDATA[SQL query: SELECT NewsDate, NewsTitle, NewsShort, AuthorId, NewsId FROM news WHERE NewsId=1ACUSTART'"JufNHACUEND
	3089
	3090	Stack trace:
	3091	Method: Void ReadData()
	3092	Method: Void OnLoad(System.EventArgs)
	3093	Method: Void LoadRecursive()
	3094	Method: Void ProcessRequestMain(Boolean, Boolean)
	3095	Method: Void ProcessRequest(Boolean, Boolean)
	3096	Method: Void ProcessRequest()
	3097	Method: Void ProcessRequest(System.Web.HttpContext)
	3098	Method: Void ProcessRequest(System.Web.HttpContext)
	3099	Method: Void System.Web.HttpApplication.IExecutionStep.Execute()
	3100	Method: System.Exception ExecuteStep(IExecutionStep, Boolean ByRef)
	3101	Method: Void ResumeSteps(System.Exception)
	3102	Method: System.IAsyncResult System.Web.IHttpAsyncHandler.BeginProcessRequest(System.Web.HttpContext, System.AsyncCallback, System.Object)
	3103	Method: Void ProcessRequestInternal(System.Web.HttpWorkerRequest)
	3104	Method: Void ProcessRequestNoDemand(System.Web.HttpWorkerRequest)
	3105	Method: Int32 ProcessRequest(IntPtr, Int32)]]></AOP_Additional>
	3106	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	3107	<Severity><![CDATA[high]]></Severity>
	3108	<Type><![CDATA[Validation]]></Type>
	3109	<Impact><![CDATA[An attacker may execute arbitrary SQL statements on the vulnerable system. This may compromise the integrity of your database and/or expose sensitive information. <br/><br/>Depending on the back-end database in use, SQL injection vulnerabilities lead to varying levels of data/system access for the attacker. It may be possible to not only manipulate existing queries, but to UNION in arbitrary data, use sub selects, or append additional queries. In some cases, it may be possible to read in or write out to files, or to execute shell commands on the underlying operating system.<br/><br/>Certain SQL Servers such as Microsoft SQL Server contain stored and extended procedures (database server functions). If an attacker can obtain access to these procedures it may be possible to compromise the entire machine.]]></Impact>
	3110	<Description><![CDATA[This script is possibly vulnerable to SQL Injection attacks.<br/><br/>
	3111	SQL injection is a vulnerability that allows an attacker to alter back-end SQL statements by manipulating the user input. An SQL injection occurs when web applications accept user input that is directly placed into a SQL statement and doesn't properly filter out dangerous characters. <br/> <br/> This is one of the most common application layer attacks currently being used on the Internet. Despite the fact that it is relatively easy to protect against, there is a large number of web applications vulnerable.]]></Description>
	3112	<DetailedInformation><![CDATA[<i>Quote from SQL Injection Attacks by Example - http://www.unixwiz.net/techtips/sql-injection.html</i>
	3113	<h2>SQL injection mitigations</h2>
	3114
	3115	<p>We believe that web application developers often simply do not think about "surprise inputs", but security people do (including the bad guys), so there are three broad approaches that can be applied here.</p>
	3116
	3117	<h2>Sanitize the input</h2>
	3118	<p>It's absolutely vital to sanitize user inputs to insure that they do not contain dangerous codes, whether to the SQL server or to HTML itself. One's first idea is to strip out "bad stuff", such as quotes or semicolons or escapes, but this is a misguided attempt. Though it's easy to point out some dangerous characters, it's harder to point to all of them.</p>
	3119	<p>The language of the web is full of special characters and strange markup (including alternate ways of representing the same characters), and efforts to authoritatively identify all "bad stuff" are unlikely to be successful.</p>
	3120	<p>Instead, rather than "remove known bad data", it's better to "remove everything but known good data": this distinction is crucial. Since - in our example - an email address can contain only these characters: </p>
	3121	<code><pre wrap="virtual">
	3122	abcdefghijklmnopqrstuvwxyz
	3123	ABCDEFGHIJKLMNOPQRSTUVWXYZ
	3124	0123456789
	3125	@.-_+
	3126	</pre></code>
	3127
	3128	<p>There is really no benefit in allowing characters that could not be valid, and rejecting them early - presumably with an error message - not only helps forestall SQL Injection, but also catches mere typos early rather than stores them into the database. </p>
	3129
	3130	<p>Be aware that "sanitizing the input" doesn't mean merely "remove the quotes", because even "regular" characters can be troublesome. In an example where an integer ID value is being compared against the user input (say, a numeric PIN): </p>
	3131	<code><pre wrap="virtual">
	3132	SELECT fieldlist
	3133	FROM table
	3134	WHERE id = 23 OR 1=1; -- Boom! Always matches!
	3135	</pre></code>
	3136	<p>In practice, however, this approach is highly limited because there are so few fields for which it's possible to outright exclude many of the dangerous characters. For "dates" or "email addresses" or "integers" it may have merit, but for any kind of real application, one simply cannot avoid the other mitigations. </p>
	3137
	3138	<h2>Escape/Quotesafe the input</h2>
	3139	<p>Even if one might be able to sanitize a phone number or email address, one cannot take this approach with a "name" field lest one wishes to exclude the likes of Bill O'Reilly from one's application: a quote is simply a valid character for this field.</p>
	3140	<p>One includes an actual single quote in an SQL string by putting two of them together, so this suggests the obvious - but wrong! - technique of preprocessing every string to replicate the single quotes:</p>
	3141	<code><pre wrap="virtual">
	3142	SELECT fieldlist
	3143	FROM customers
	3144	WHERE name = 'Bill O''Reilly'; -- works OK
	3145	</pre></code>
	3146	<p>However, this naive approach can be beaten because most databases support other string escape mechanisms. MySQL, for instance, also permits \' to escape a quote, so after input of \'; DROP TABLE users; -- is "protected" by doubling the quotes, we get: </p>
	3147	<code><pre wrap="virtual">
	3148	SELECT fieldlist
	3149	FROM customers
	3150	WHERE name = '\''; DROP TABLE users; --'; -- Boom!
	3151	</pre></code>
	3152	<p>The expression '\'' is a complete string (containing just one single quote), and the usual SQL shenanigans follow. It doesn't stop with backslashes either: there is Unicode, other encodings, and parsing oddities all hiding in the weeds to trip up the application designer.</p>
	3153	<p>Getting quotes right is notoriously difficult, which is why many database interface languages provide a function that does it for you. When the same internal code is used for "string quoting" and "string parsing", it's much more likely that the process will be done properly and safely.</p>
	3154	<p>Some examples are the MySQL function <b>mysql_real_escape_string()</b> and perl DBD method <b>$dbh->quote($value)</b>. These methods must be used. </p>
	3155
	3156	<h2>Use bound parameters (the PREPARE statement)</h2>
	3157	<p>Though quotesafing is a good mechanism, we're still in the area of "considering user input as SQL", and a much better approach exists: bound parameters, which are supported by essentially all database programming interfaces. In this technique, an SQL statement string is created with placeholders - a question mark for each parameter - and it's compiled ("prepared", in SQL parlance) into an internal form. Later, this prepared query is "executed" with a list of parameters: </p>
	3158
	3159	<b>Example in perl</b>
	3160	<code><pre wrap="virtual"> $sth = $dbh->prepare("SELECT email, userid FROM members WHERE email = ?;");
	3161	$sth->execute($email);
	3162	</pre></code>
	3163	<p>Thanks to Stefan Wagner, this demonstrates bound parameters in Java: </p>
	3164
	3165	<b>Insecure version</b>
	3166	<code><pre wrap="virtual"> Statement s = connection.createStatement();
	3167	ResultSet rs = s.executeQuery("SELECT email FROM member WHERE name = "
	3168	+ formField); // boom
	3169	</pre></code>
	3170
	3171	<p><b>Secure version</b></p>
	3172	<code><pre wrap="virtual"> PreparedStatement ps = connection.prepareStatement(
	3173	"SELECT email FROM member WHERE name = ?");
	3174	ps.setString(1, formField);
	3175	ResultSet rs = ps.executeQuery();
	3176	</pre></code>
	3177
	3178	<p>Here, $email is the data obtained from the user's form, and it is passed as positional parameter #1 (the first question mark), and at no point do the contents of this variable have anything to do with SQL statement parsing. Quotes, semicolons, backslashes, SQL comment notation - none of this has any impact, because it's "just data". There simply is nothing to subvert, so the application is be largely immune to SQL injection attacks.</p>
	3179
	3180	<p>There also may be some performance benefits if this prepared query is reused multiple times (it only has to be parsed once), but this is minor compared to the enormous security benefits. This is probably the single most important step one can take to secure a web application. </p>
	3181
	3182	<h2>Limit database permissions and segregate users</h2>
	3183	<p>In the case at hand, we observed just two interactions that are made not in the context of a logged-in user: "log in" and "send me password". The web application ought to use a database connection with the most limited rights possible: query-only access to the members table, and no access to any other table.</p>
	3184	<p>The effect here is that even a "successful" SQL injection attack is going to have much more limited success. Here, we'd not have been able to do the UPDATE request that ultimately granted us access, so we'd have had to resort to other avenues.</p>
	3185	<p>Once the web application determined that a set of valid credentials had been passed via the login form, it would then switch that session to a database connection with more rights.</p>
	3186	<p>It should go almost without saying that sa rights should never be used for any web-based application.</p>
	3187
	3188	<h2>Use stored procedures for database access</h2>
	3189	<p>When the database server supports them, use stored procedures for performing access on the application's behalf, which can eliminate SQL entirely (assuming the stored procedures themselves are written properly). </p>
	3190	<p>By encapsulating the rules for a certain action - query, update, delete, etc. - into a single procedure, it can be tested and documented on a standalone basis and business rules enforced (for instance, the "add new order" procedure might reject that order if the customer were over his credit limit). </p>
	3191	<p>For simple queries this might be only a minor benefit, but as the operations become more complicated (or are used in more than one place), having a single definition for the operation means it's going to be more robust and easier to maintain. </p>
	3192	<p><i>Note: </i>it's always possible to write a stored procedure that itself constructs a query dynamically: this provides no protection against SQL Injection - it's only proper binding with prepare/execute or direct SQL statements with bound variables that provide this protection. </p>
	3193
	3194	<h2>Isolate the webserver</h2>
	3195	<p>Even having taken all these mitigation steps, it's nevertheless still possible to miss something and leave the server open to compromise. One ought to design the network infrastructure to assume that the bad guy will have full administrator access to the machine, and then attempt to limit how that can be leveraged to compromise other things. </p>
	3196	<p>For instance, putting the machine in a DMZ with extremely limited pinholes "inside" the network means that even getting complete control of the webserver doesn't automatically grant full access to everything else. This won't stop everything, of course, but it makes it a lot harder. </p>
	3197
	3198	<h2>Configure error reporting</h2>
	3199	<p>The default error reporting for some frameworks includes developer debugging information, and this cannot be shown to outside users. Imagine how much easier a time it makes for an attacker if the full query is shown, pointing to the syntax error involved. </p>
	3200	<p>This information is useful to developers, but it should be restricted - if possible - to just internal users. </p>]]></DetailedInformation>
	3201	<Recommendation><![CDATA[Your script should filter metacharacters from user input. <br/>Check detailed information for more information about fixing this vulnerability.]]></Recommendation>
	3202	<TechnicalDetails>
	3203	<Request><![CDATA[GET /comments.aspx?id=1ACUSTART'%22JufNHACUEND HTTP/1.1
	3204	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	3205	Acunetix-Aspect: enabled
	3206	Referer: http://testaspnet.vulnweb.com:80/
	3207	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	3208	Host: testaspnet.vulnweb.com
	3209	Connection: Keep-alive
	3210	Accept-Encoding: gzip,deflate
	3211	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	3212	Accept: /
	3213
	3214	]]></Request>
	3215	<Response><![CDATA[HTTP/1.1 200 OK
	3216	Date: Thu, 14 Nov 2013 14:27:02 GMT
	3217	Server: Microsoft-IIS/6.0
	3218	X-Powered-By: ASP.NET
	3219	X-AspNet-Version: 2.0.50727
	3220	Cache-Control: private
	3221	Content-Type: text/html; charset=utf-8
	3222	Content-Length: 13233
	3223	]]></Response>
	3224	</TechnicalDetails>
	3225	<References>
	3226	<Reference>
	3227	<Database><![CDATA[Acunetix SQL Injection Attack]]></Database>
	3228	<URL><![CDATA[http://www.acunetix.com/websitesecurity/sql-injection.htm]]></URL>
	3229	</Reference>
	3230	<Reference>
	3231	<Database><![CDATA[VIDEO: SQL Injection tutorial]]></Database>
	3232	<URL><![CDATA[http://www.acunetix.com/blog/web-security-zone/video-sql-injection-tutorial/]]></URL>
	3233	</Reference>
	3234	<Reference>
	3235	<Database><![CDATA[OWASP Injection Flaws]]></Database>
	3236	<URL><![CDATA[http://www.owasp.org/index.php/Injection_Flaws]]></URL>
	3237	</Reference>
	3238	<Reference>
	3239	<Database><![CDATA[How to check for SQL injection vulnerabilities]]></Database>
	3240	<URL><![CDATA[http://www.acunetix.com/websitesecurity/sql-injection2/]]></URL>
	3241	</Reference>
	3242	<Reference>
	3243	<Database><![CDATA[SQL Injection Walkthrough]]></Database>
	3244	<URL><![CDATA[http://www.securiteam.com/securityreviews/5DP0N1P76E.html]]></URL>
	3245	</Reference>
	3246	<Reference>
	3247	<Database><![CDATA[OWASP PHP Top 5]]></Database>
	3248	<URL><![CDATA[http://www.owasp.org/index.php/PHP_Top_5]]></URL>
	3249	</Reference>
	3250	</References>
	3251	</ReportItem>
	3252
	3253	<ReportItem id="42" color="red">
	3254	<Name><![CDATA[Blind SQL Injection]]></Name>
	3255	<ModuleName><![CDATA[Scripting (Blind_Sql_Injection.script)]]></ModuleName>
	3256	<Details><![CDATA[URL encoded GET input <b><font color="dark">id</font></b> was set to <b><font color="dark">3//AND//382=382</font></b><br/><br/>Tests performed: <ul><li>0+0+0+3 => <b>TRUE</b></li><li>0+382377+3 => <b>FALSE</b></li><li>13-5-2-999 => <b>FALSE</b></li><li>13-5-2-3 => <b>TRUE</b></li><li>13-25+0+0+1-1 => <b>TRUE</b></li><li>13-26+0+0+1-1 => <b>FALSE</b></li><li>3 AND 2+1-1-1=1 AND 382=382 => <b>TRUE</b></li><li>3 AND 3+1-1-1=1 AND 382=382 => <b>FALSE</b></li><li>3 AND 32<5 AND 382=382 => <b>FALSE</b></li><li>3 AND 32>5 AND 382=382 => <b>TRUE</b></li><li>3//AND//0=1//AND//382=382 => <b>FALSE</b></li><li>3//AND/*/382=382 => <b>TRUE</b></li></ul><br/> Original value: <b>3</b>]]></Details>
	3257	<Affects><![CDATA[/comments.aspx]]></Affects>
	3258	<Parameter><![CDATA[id]]></Parameter>
	3259	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	3260	<AOP_SourceLine>0</AOP_SourceLine>
	3261	<AOP_Additional><![CDATA[]]></AOP_Additional>
	3262	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	3263	<Severity><![CDATA[high]]></Severity>
	3264	<Type><![CDATA[Validation]]></Type>
	3265	<Impact><![CDATA[An attacker may execute arbitrary SQL statements on the vulnerable system. This may compromise the integrity of your database and/or expose sensitive information. <br/><br/>Depending on the back-end database in use, SQL injection vulnerabilities lead to varying levels of data/system access for the attacker. It may be possible to not only manipulate existing queries, but to UNION in arbitrary data, use sub selects, or append additional queries. In some cases, it may be possible to read in or write out to files, or to execute shell commands on the underlying operating system.<br/><br/>Certain SQL Servers such as Microsoft SQL Server contain stored and extended procedures (database server functions). If an attacker can obtain access to these procedures it may be possible to compromise the entire machine.]]></Impact>
	3266	<Description><![CDATA[This script is possibly vulnerable to SQL Injection attacks.<br/><br/>
	3267	SQL injection is a vulnerability that allows an attacker to alter back-end SQL statements by manipulating the user input. An SQL injection occurs when web applications accept user input that is directly placed into a SQL statement and doesn't properly filter out dangerous characters. <br/> <br/> This is one of the most common application layer attacks currently being used on the Internet. Despite the fact that it is relatively easy to protect against, there is a large number of web applications vulnerable.]]></Description>
	3268	<DetailedInformation><![CDATA[<i>Quote from SQL Injection Attacks by Example - http://www.unixwiz.net/techtips/sql-injection.html</i>
	3269	<h2>SQL injection mitigations</h2>
	3270
	3271	<p>We believe that web application developers often simply do not think about "surprise inputs", but security people do (including the bad guys), so there are three broad approaches that can be applied here.</p>
	3272
	3273	<h2>Sanitize the input</h2>
	3274	<p>It's absolutely vital to sanitize user inputs to insure that they do not contain dangerous codes, whether to the SQL server or to HTML itself. One's first idea is to strip out "bad stuff", such as quotes or semicolons or escapes, but this is a misguided attempt. Though it's easy to point out some dangerous characters, it's harder to point to all of them.</p>
	3275	<p>The language of the web is full of special characters and strange markup (including alternate ways of representing the same characters), and efforts to authoritatively identify all "bad stuff" are unlikely to be successful.</p>
	3276	<p>Instead, rather than "remove known bad data", it's better to "remove everything but known good data": this distinction is crucial. Since - in our example - an email address can contain only these characters: </p>
	3277	<code><pre wrap="virtual">
	3278	abcdefghijklmnopqrstuvwxyz
	3279	ABCDEFGHIJKLMNOPQRSTUVWXYZ
	3280	0123456789
	3281	@.-_+
	3282	</pre></code>
	3283
	3284	<p>There is really no benefit in allowing characters that could not be valid, and rejecting them early - presumably with an error message - not only helps forestall SQL Injection, but also catches mere typos early rather than stores them into the database. </p>
	3285
	3286	<p>Be aware that "sanitizing the input" doesn't mean merely "remove the quotes", because even "regular" characters can be troublesome. In an example where an integer ID value is being compared against the user input (say, a numeric PIN): </p>
	3287	<code><pre wrap="virtual">
	3288	SELECT fieldlist
	3289	FROM table
	3290	WHERE id = 23 OR 1=1; -- Boom! Always matches!
	3291	</pre></code>
	3292	<p>In practice, however, this approach is highly limited because there are so few fields for which it's possible to outright exclude many of the dangerous characters. For "dates" or "email addresses" or "integers" it may have merit, but for any kind of real application, one simply cannot avoid the other mitigations. </p>
	3293
	3294	<h2>Escape/Quotesafe the input</h2>
	3295	<p>Even if one might be able to sanitize a phone number or email address, one cannot take this approach with a "name" field lest one wishes to exclude the likes of Bill O'Reilly from one's application: a quote is simply a valid character for this field.</p>
	3296	<p>One includes an actual single quote in an SQL string by putting two of them together, so this suggests the obvious - but wrong! - technique of preprocessing every string to replicate the single quotes:</p>
	3297	<code><pre wrap="virtual">
	3298	SELECT fieldlist
	3299	FROM customers
	3300	WHERE name = 'Bill O''Reilly'; -- works OK
	3301	</pre></code>
	3302	<p>However, this naive approach can be beaten because most databases support other string escape mechanisms. MySQL, for instance, also permits \' to escape a quote, so after input of \'; DROP TABLE users; -- is "protected" by doubling the quotes, we get: </p>
	3303	<code><pre wrap="virtual">
	3304	SELECT fieldlist
	3305	FROM customers
	3306	WHERE name = '\''; DROP TABLE users; --'; -- Boom!
	3307	</pre></code>
	3308	<p>The expression '\'' is a complete string (containing just one single quote), and the usual SQL shenanigans follow. It doesn't stop with backslashes either: there is Unicode, other encodings, and parsing oddities all hiding in the weeds to trip up the application designer.</p>
	3309	<p>Getting quotes right is notoriously difficult, which is why many database interface languages provide a function that does it for you. When the same internal code is used for "string quoting" and "string parsing", it's much more likely that the process will be done properly and safely.</p>
	3310	<p>Some examples are the MySQL function <b>mysql_real_escape_string()</b> and perl DBD method <b>$dbh->quote($value)</b>. These methods must be used. </p>
	3311
	3312	<h2>Use bound parameters (the PREPARE statement)</h2>
	3313	<p>Though quotesafing is a good mechanism, we're still in the area of "considering user input as SQL", and a much better approach exists: bound parameters, which are supported by essentially all database programming interfaces. In this technique, an SQL statement string is created with placeholders - a question mark for each parameter - and it's compiled ("prepared", in SQL parlance) into an internal form. Later, this prepared query is "executed" with a list of parameters: </p>
	3314
	3315	<b>Example in perl</b>
	3316	<code><pre wrap="virtual"> $sth = $dbh->prepare("SELECT email, userid FROM members WHERE email = ?;");
	3317	$sth->execute($email);
	3318	</pre></code>
	3319	<p>Thanks to Stefan Wagner, this demonstrates bound parameters in Java: </p>
	3320
	3321	<b>Insecure version</b>
	3322	<code><pre wrap="virtual"> Statement s = connection.createStatement();
	3323	ResultSet rs = s.executeQuery("SELECT email FROM member WHERE name = "
	3324	+ formField); // boom
	3325	</pre></code>
	3326
	3327	<p><b>Secure version</b></p>
	3328	<code><pre wrap="virtual"> PreparedStatement ps = connection.prepareStatement(
	3329	"SELECT email FROM member WHERE name = ?");
	3330	ps.setString(1, formField);
	3331	ResultSet rs = ps.executeQuery();
	3332	</pre></code>
	3333
	3334	<p>Here, $email is the data obtained from the user's form, and it is passed as positional parameter #1 (the first question mark), and at no point do the contents of this variable have anything to do with SQL statement parsing. Quotes, semicolons, backslashes, SQL comment notation - none of this has any impact, because it's "just data". There simply is nothing to subvert, so the application is be largely immune to SQL injection attacks.</p>
	3335
	3336	<p>There also may be some performance benefits if this prepared query is reused multiple times (it only has to be parsed once), but this is minor compared to the enormous security benefits. This is probably the single most important step one can take to secure a web application. </p>
	3337
	3338	<h2>Limit database permissions and segregate users</h2>
	3339	<p>In the case at hand, we observed just two interactions that are made not in the context of a logged-in user: "log in" and "send me password". The web application ought to use a database connection with the most limited rights possible: query-only access to the members table, and no access to any other table.</p>
	3340	<p>The effect here is that even a "successful" SQL injection attack is going to have much more limited success. Here, we'd not have been able to do the UPDATE request that ultimately granted us access, so we'd have had to resort to other avenues.</p>
	3341	<p>Once the web application determined that a set of valid credentials had been passed via the login form, it would then switch that session to a database connection with more rights.</p>
	3342	<p>It should go almost without saying that sa rights should never be used for any web-based application.</p>
	3343
	3344	<h2>Use stored procedures for database access</h2>
	3345	<p>When the database server supports them, use stored procedures for performing access on the application's behalf, which can eliminate SQL entirely (assuming the stored procedures themselves are written properly). </p>
	3346	<p>By encapsulating the rules for a certain action - query, update, delete, etc. - into a single procedure, it can be tested and documented on a standalone basis and business rules enforced (for instance, the "add new order" procedure might reject that order if the customer were over his credit limit). </p>
	3347	<p>For simple queries this might be only a minor benefit, but as the operations become more complicated (or are used in more than one place), having a single definition for the operation means it's going to be more robust and easier to maintain. </p>
	3348	<p><i>Note: </i>it's always possible to write a stored procedure that itself constructs a query dynamically: this provides no protection against SQL Injection - it's only proper binding with prepare/execute or direct SQL statements with bound variables that provide this protection. </p>
	3349
	3350	<h2>Isolate the webserver</h2>
	3351	<p>Even having taken all these mitigation steps, it's nevertheless still possible to miss something and leave the server open to compromise. One ought to design the network infrastructure to assume that the bad guy will have full administrator access to the machine, and then attempt to limit how that can be leveraged to compromise other things. </p>
	3352	<p>For instance, putting the machine in a DMZ with extremely limited pinholes "inside" the network means that even getting complete control of the webserver doesn't automatically grant full access to everything else. This won't stop everything, of course, but it makes it a lot harder. </p>
	3353
	3354	<h2>Configure error reporting</h2>
	3355	<p>The default error reporting for some frameworks includes developer debugging information, and this cannot be shown to outside users. Imagine how much easier a time it makes for an attacker if the full query is shown, pointing to the syntax error involved. </p>
	3356	<p>This information is useful to developers, but it should be restricted - if possible - to just internal users. </p>]]></DetailedInformation>
	3357	<Recommendation><![CDATA[Your script should filter metacharacters from user input. <br/>Check detailed information for more information about fixing this vulnerability.]]></Recommendation>
	3358	<TechnicalDetails>
	3359	<Request><![CDATA[GET /comments.aspx?id=3//AND//382%3d382 HTTP/1.1
	3360	X-Requested-With: XMLHttpRequest
	3361	Referer: http://testaspnet.vulnweb.com:80/
	3362	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	3363	Host: testaspnet.vulnweb.com
	3364	Connection: Keep-alive
	3365	Accept-Encoding: gzip,deflate
	3366	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	3367	Accept: /
	3368
	3369	]]></Request>
	3370	<Response><![CDATA[HTTP/1.1 200 OK
	3371	Date: Thu, 14 Nov 2013 14:27:09 GMT
	3372	Server: Microsoft-IIS/6.0
	3373	X-Powered-By: ASP.NET
	3374	X-AspNet-Version: 2.0.50727
	3375	Cache-Control: private
	3376	Content-Type: text/html; charset=utf-8
	3377	Content-Length: 22650
	3378	]]></Response>
	3379	</TechnicalDetails>
	3380	<References>
	3381	<Reference>
	3382	<Database><![CDATA[Acunetix SQL Injection Attack]]></Database>
	3383	<URL><![CDATA[http://www.acunetix.com/websitesecurity/sql-injection.htm]]></URL>
	3384	</Reference>
	3385	<Reference>
	3386	<Database><![CDATA[VIDEO: SQL Injection tutorial]]></Database>
	3387	<URL><![CDATA[http://www.acunetix.com/blog/web-security-zone/video-sql-injection-tutorial/]]></URL>
	3388	</Reference>
	3389	<Reference>
	3390	<Database><![CDATA[OWASP Injection Flaws]]></Database>
	3391	<URL><![CDATA[http://www.owasp.org/index.php/Injection_Flaws]]></URL>
	3392	</Reference>
	3393	<Reference>
	3394	<Database><![CDATA[How to check for SQL injection vulnerabilities]]></Database>
	3395	<URL><![CDATA[http://www.acunetix.com/websitesecurity/sql-injection2/]]></URL>
	3396	</Reference>
	3397	<Reference>
	3398	<Database><![CDATA[SQL Injection Walkthrough]]></Database>
	3399	<URL><![CDATA[http://www.securiteam.com/securityreviews/5DP0N1P76E.html]]></URL>
	3400	</Reference>
	3401	<Reference>
	3402	<Database><![CDATA[OWASP PHP Top 5]]></Database>
	3403	<URL><![CDATA[http://www.owasp.org/index.php/PHP_Top_5]]></URL>
	3404	</Reference>
	3405	</References>
	3406	</ReportItem>
	3407
	3408	<ReportItem id="43" color="blue">
	3409	<Name><![CDATA[Login page password-guessing attack]]></Name>
	3410	<ModuleName><![CDATA[Scripting (Html_Authentication_Audit.script)]]></ModuleName>
	3411	<Details><![CDATA[The scanner tested 10 invalid credentials and no account lockout was detected.]]></Details>
	3412	<Affects><![CDATA[/login.aspx]]></Affects>
	3413	<Parameter><![CDATA[]]></Parameter>
	3414	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	3415	<AOP_SourceLine>0</AOP_SourceLine>
	3416	<AOP_Additional><![CDATA[]]></AOP_Additional>
	3417	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	3418	<Severity><![CDATA[low]]></Severity>
	3419	<Type><![CDATA[Validation]]></Type>
	3420	<Impact><![CDATA[An attacker may attempt to discover a weak password by systematically trying every possible combination of letters, numbers, and symbols until it discovers the one correct combination that works.]]></Impact>
	3421	<Description><![CDATA[A common threat web developers face is a password-guessing attack known as a brute force attack. A brute-force attack is an attempt to discover a password by systematically trying every possible combination of letters, numbers, and symbols until you discover the one correct combination that works. <br/><br/>
	3422
	3423	This login page doesn't have any protection against password-guessing attacks (brute force attacks). It's recommended to implement some type of account lockout after a defined number of incorrect password attempts. Consult Web references for more information about fixing this problem. ]]></Description>
	3424	<DetailedInformation><![CDATA[]]></DetailedInformation>
	3425	<Recommendation><![CDATA[It's recommended to implement some type of account lockout after a defined number of incorrect password attempts. ]]></Recommendation>
	3426	<TechnicalDetails>
	3427	<Request><![CDATA[POST /login.aspx HTTP/1.1
	3428	Content-Length: 1152
	3429	Content-Type: application/x-www-form-urlencoded
	3430	Referer: http://testaspnet.vulnweb.com:80/
	3431	Host: testaspnet.vulnweb.com
	3432	Connection: Keep-alive
	3433	Accept-Encoding: gzip,deflate
	3434	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	3435	Accept: /
	3436
	3437	btnLogin=Login&cbPersistCookie=e&tbPassword=SnfMQ6nv&tbUsername=s71nc2IH&__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></Request>
	3438	<Response><![CDATA[HTTP/1.1 200 OK
	3439	Date: Thu, 14 Nov 2013 14:27:42 GMT
	3440	Server: Microsoft-IIS/6.0
	3441	X-Powered-By: ASP.NET
	3442	X-AspNet-Version: 2.0.50727
	3443	Set-Cookie: ASP.NET_SessionId=ua4kaq55jbok4b45bo0lnw55; path=/; HttpOnly
	3444	Cache-Control: private
	3445	Content-Type: text/html; charset=utf-8
	3446	Content-Length: 12346
	3447	]]></Response>
	3448	</TechnicalDetails>
	3449	<References>
	3450	<Reference>
	3451	<Database><![CDATA[Blocking Brute Force Attacks]]></Database>
	3452	<URL><![CDATA[http://www.owasp.org/index.php/Blocking_Brute_Force_Attacks]]></URL>
	3453	</Reference>
	3454	</References>
	3455	</ReportItem>
	3456
	3457	<ReportItem id="44" color="red">
	3458	<Name><![CDATA[Blind SQL Injection]]></Name>
	3459	<ModuleName><![CDATA[Scripting (Blind_Sql_Injection.script)]]></ModuleName>
	3460	<Details><![CDATA[URL encoded POST input <b><font color="dark">tbUsername</font></b> was set to <b><font color="dark">CeNM62R3'; waitfor delay '0:0:0' -- </font></b><br/><br/>Tests performed: <ul><li>DsQdToog'; waitfor delay '0:0:6' -- => <b>6.911 s</b></li><li>dnDk3cZE'; waitfor delay '0:0:3' -- => <b>3.728 s</b></li><li>822Z2llJ'; waitfor delay '0:0:9' -- => <b>9.734 s</b></li><li>z6HEOzaP'; waitfor delay '0:0:0' -- => <b>1.248 s</b></li><li>4RemiJv6'; waitfor delay '0:0:0' -- => <b>1.248 s</b></li><li>i7Mo5Sw8'; waitfor delay '0:0:0' -- => <b>0.718 s</b></li><li>WRV67kph'; waitfor delay '0:0:0' -- => <b>0.671 s</b></li><li>wdZzXouP'; waitfor delay '0:0:6' -- => <b>6.676 s</b></li><li>CeNM62R3'; waitfor delay '0:0:0' -- => <b>0.686 s</b></li></ul><br/> Original value: <b>kjhxcchf</b>]]></Details>
	3461	<Affects><![CDATA[/login.aspx]]></Affects>
	3462	<Parameter><![CDATA[tbUsername]]></Parameter>
	3463	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	3464	<AOP_SourceLine>0</AOP_SourceLine>
	3465	<AOP_Additional><![CDATA[]]></AOP_Additional>
	3466	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	3467	<Severity><![CDATA[high]]></Severity>
	3468	<Type><![CDATA[Validation]]></Type>
	3469	<Impact><![CDATA[An attacker may execute arbitrary SQL statements on the vulnerable system. This may compromise the integrity of your database and/or expose sensitive information. <br/><br/>Depending on the back-end database in use, SQL injection vulnerabilities lead to varying levels of data/system access for the attacker. It may be possible to not only manipulate existing queries, but to UNION in arbitrary data, use sub selects, or append additional queries. In some cases, it may be possible to read in or write out to files, or to execute shell commands on the underlying operating system.<br/><br/>Certain SQL Servers such as Microsoft SQL Server contain stored and extended procedures (database server functions). If an attacker can obtain access to these procedures it may be possible to compromise the entire machine.]]></Impact>
	3470	<Description><![CDATA[This script is possibly vulnerable to SQL Injection attacks.<br/><br/>
	3471	SQL injection is a vulnerability that allows an attacker to alter back-end SQL statements by manipulating the user input. An SQL injection occurs when web applications accept user input that is directly placed into a SQL statement and doesn't properly filter out dangerous characters. <br/> <br/> This is one of the most common application layer attacks currently being used on the Internet. Despite the fact that it is relatively easy to protect against, there is a large number of web applications vulnerable.]]></Description>
	3472	<DetailedInformation><![CDATA[<i>Quote from SQL Injection Attacks by Example - http://www.unixwiz.net/techtips/sql-injection.html</i>
	3473	<h2>SQL injection mitigations</h2>
	3474
	3475	<p>We believe that web application developers often simply do not think about "surprise inputs", but security people do (including the bad guys), so there are three broad approaches that can be applied here.</p>
	3476
	3477	<h2>Sanitize the input</h2>
	3478	<p>It's absolutely vital to sanitize user inputs to insure that they do not contain dangerous codes, whether to the SQL server or to HTML itself. One's first idea is to strip out "bad stuff", such as quotes or semicolons or escapes, but this is a misguided attempt. Though it's easy to point out some dangerous characters, it's harder to point to all of them.</p>
	3479	<p>The language of the web is full of special characters and strange markup (including alternate ways of representing the same characters), and efforts to authoritatively identify all "bad stuff" are unlikely to be successful.</p>
	3480	<p>Instead, rather than "remove known bad data", it's better to "remove everything but known good data": this distinction is crucial. Since - in our example - an email address can contain only these characters: </p>
	3481	<code><pre wrap="virtual">
	3482	abcdefghijklmnopqrstuvwxyz
	3483	ABCDEFGHIJKLMNOPQRSTUVWXYZ
	3484	0123456789
	3485	@.-_+
	3486	</pre></code>
	3487
	3488	<p>There is really no benefit in allowing characters that could not be valid, and rejecting them early - presumably with an error message - not only helps forestall SQL Injection, but also catches mere typos early rather than stores them into the database. </p>
	3489
	3490	<p>Be aware that "sanitizing the input" doesn't mean merely "remove the quotes", because even "regular" characters can be troublesome. In an example where an integer ID value is being compared against the user input (say, a numeric PIN): </p>
	3491	<code><pre wrap="virtual">
	3492	SELECT fieldlist
	3493	FROM table
	3494	WHERE id = 23 OR 1=1; -- Boom! Always matches!
	3495	</pre></code>
	3496	<p>In practice, however, this approach is highly limited because there are so few fields for which it's possible to outright exclude many of the dangerous characters. For "dates" or "email addresses" or "integers" it may have merit, but for any kind of real application, one simply cannot avoid the other mitigations. </p>
	3497
	3498	<h2>Escape/Quotesafe the input</h2>
	3499	<p>Even if one might be able to sanitize a phone number or email address, one cannot take this approach with a "name" field lest one wishes to exclude the likes of Bill O'Reilly from one's application: a quote is simply a valid character for this field.</p>
	3500	<p>One includes an actual single quote in an SQL string by putting two of them together, so this suggests the obvious - but wrong! - technique of preprocessing every string to replicate the single quotes:</p>
	3501	<code><pre wrap="virtual">
	3502	SELECT fieldlist
	3503	FROM customers
	3504	WHERE name = 'Bill O''Reilly'; -- works OK
	3505	</pre></code>
	3506	<p>However, this naive approach can be beaten because most databases support other string escape mechanisms. MySQL, for instance, also permits \' to escape a quote, so after input of \'; DROP TABLE users; -- is "protected" by doubling the quotes, we get: </p>
	3507	<code><pre wrap="virtual">
	3508	SELECT fieldlist
	3509	FROM customers
	3510	WHERE name = '\''; DROP TABLE users; --'; -- Boom!
	3511	</pre></code>
	3512	<p>The expression '\'' is a complete string (containing just one single quote), and the usual SQL shenanigans follow. It doesn't stop with backslashes either: there is Unicode, other encodings, and parsing oddities all hiding in the weeds to trip up the application designer.</p>
	3513	<p>Getting quotes right is notoriously difficult, which is why many database interface languages provide a function that does it for you. When the same internal code is used for "string quoting" and "string parsing", it's much more likely that the process will be done properly and safely.</p>
	3514	<p>Some examples are the MySQL function <b>mysql_real_escape_string()</b> and perl DBD method <b>$dbh->quote($value)</b>. These methods must be used. </p>
	3515
	3516	<h2>Use bound parameters (the PREPARE statement)</h2>
	3517	<p>Though quotesafing is a good mechanism, we're still in the area of "considering user input as SQL", and a much better approach exists: bound parameters, which are supported by essentially all database programming interfaces. In this technique, an SQL statement string is created with placeholders - a question mark for each parameter - and it's compiled ("prepared", in SQL parlance) into an internal form. Later, this prepared query is "executed" with a list of parameters: </p>
	3518
	3519	<b>Example in perl</b>
	3520	<code><pre wrap="virtual"> $sth = $dbh->prepare("SELECT email, userid FROM members WHERE email = ?;");
	3521	$sth->execute($email);
	3522	</pre></code>
	3523	<p>Thanks to Stefan Wagner, this demonstrates bound parameters in Java: </p>
	3524
	3525	<b>Insecure version</b>
	3526	<code><pre wrap="virtual"> Statement s = connection.createStatement();
	3527	ResultSet rs = s.executeQuery("SELECT email FROM member WHERE name = "
	3528	+ formField); // boom
	3529	</pre></code>
	3530
	3531	<p><b>Secure version</b></p>
	3532	<code><pre wrap="virtual"> PreparedStatement ps = connection.prepareStatement(
	3533	"SELECT email FROM member WHERE name = ?");
	3534	ps.setString(1, formField);
	3535	ResultSet rs = ps.executeQuery();
	3536	</pre></code>
	3537
	3538	<p>Here, $email is the data obtained from the user's form, and it is passed as positional parameter #1 (the first question mark), and at no point do the contents of this variable have anything to do with SQL statement parsing. Quotes, semicolons, backslashes, SQL comment notation - none of this has any impact, because it's "just data". There simply is nothing to subvert, so the application is be largely immune to SQL injection attacks.</p>
	3539
	3540	<p>There also may be some performance benefits if this prepared query is reused multiple times (it only has to be parsed once), but this is minor compared to the enormous security benefits. This is probably the single most important step one can take to secure a web application. </p>
	3541
	3542	<h2>Limit database permissions and segregate users</h2>
	3543	<p>In the case at hand, we observed just two interactions that are made not in the context of a logged-in user: "log in" and "send me password". The web application ought to use a database connection with the most limited rights possible: query-only access to the members table, and no access to any other table.</p>
	3544	<p>The effect here is that even a "successful" SQL injection attack is going to have much more limited success. Here, we'd not have been able to do the UPDATE request that ultimately granted us access, so we'd have had to resort to other avenues.</p>
	3545	<p>Once the web application determined that a set of valid credentials had been passed via the login form, it would then switch that session to a database connection with more rights.</p>
	3546	<p>It should go almost without saying that sa rights should never be used for any web-based application.</p>
	3547
	3548	<h2>Use stored procedures for database access</h2>
	3549	<p>When the database server supports them, use stored procedures for performing access on the application's behalf, which can eliminate SQL entirely (assuming the stored procedures themselves are written properly). </p>
	3550	<p>By encapsulating the rules for a certain action - query, update, delete, etc. - into a single procedure, it can be tested and documented on a standalone basis and business rules enforced (for instance, the "add new order" procedure might reject that order if the customer were over his credit limit). </p>
	3551	<p>For simple queries this might be only a minor benefit, but as the operations become more complicated (or are used in more than one place), having a single definition for the operation means it's going to be more robust and easier to maintain. </p>
	3552	<p><i>Note: </i>it's always possible to write a stored procedure that itself constructs a query dynamically: this provides no protection against SQL Injection - it's only proper binding with prepare/execute or direct SQL statements with bound variables that provide this protection. </p>
	3553
	3554	<h2>Isolate the webserver</h2>
	3555	<p>Even having taken all these mitigation steps, it's nevertheless still possible to miss something and leave the server open to compromise. One ought to design the network infrastructure to assume that the bad guy will have full administrator access to the machine, and then attempt to limit how that can be leveraged to compromise other things. </p>
	3556	<p>For instance, putting the machine in a DMZ with extremely limited pinholes "inside" the network means that even getting complete control of the webserver doesn't automatically grant full access to everything else. This won't stop everything, of course, but it makes it a lot harder. </p>
	3557
	3558	<h2>Configure error reporting</h2>
	3559	<p>The default error reporting for some frameworks includes developer debugging information, and this cannot be shown to outside users. Imagine how much easier a time it makes for an attacker if the full query is shown, pointing to the syntax error involved. </p>
	3560	<p>This information is useful to developers, but it should be restricted - if possible - to just internal users. </p>]]></DetailedInformation>
	3561	<Recommendation><![CDATA[Your script should filter metacharacters from user input. <br/>Check detailed information for more information about fixing this vulnerability.]]></Recommendation>
	3562	<TechnicalDetails>
	3563	<Request><![CDATA[POST /login.aspx HTTP/1.1
	3564	Content-Length: 1199
	3565	Content-Type: application/x-www-form-urlencoded
	3566	X-Requested-With: XMLHttpRequest
	3567	Referer: http://testaspnet.vulnweb.com:80/
	3568	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	3569	Host: testaspnet.vulnweb.com
	3570	Connection: Keep-alive
	3571	Accept-Encoding: gzip,deflate
	3572	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	3573	Accept: /
	3574
	3575	btnLogin=Login&cbPersistCookie=on&tbPassword=g00dPa%24%24w0rD&tbUsername=CeNM62R3';%20waitfor%20delay%20'0:0:0'%20--%20&__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></Request>
	3576	<Response><![CDATA[HTTP/1.1 200 OK
	3577	Date: Thu, 14 Nov 2013 14:28:45 GMT
	3578	Server: Microsoft-IIS/6.0
	3579	X-Powered-By: ASP.NET
	3580	X-AspNet-Version: 2.0.50727
	3581	Cache-Control: private
	3582	Content-Type: text/html; charset=utf-8
	3583	Content-Length: 12374
	3584	]]></Response>
	3585	</TechnicalDetails>
	3586	<References>
	3587	<Reference>
	3588	<Database><![CDATA[Acunetix SQL Injection Attack]]></Database>
	3589	<URL><![CDATA[http://www.acunetix.com/websitesecurity/sql-injection.htm]]></URL>
	3590	</Reference>
	3591	<Reference>
	3592	<Database><![CDATA[VIDEO: SQL Injection tutorial]]></Database>
	3593	<URL><![CDATA[http://www.acunetix.com/blog/web-security-zone/video-sql-injection-tutorial/]]></URL>
	3594	</Reference>
	3595	<Reference>
	3596	<Database><![CDATA[OWASP Injection Flaws]]></Database>
	3597	<URL><![CDATA[http://www.owasp.org/index.php/Injection_Flaws]]></URL>
	3598	</Reference>
	3599	<Reference>
	3600	<Database><![CDATA[How to check for SQL injection vulnerabilities]]></Database>
	3601	<URL><![CDATA[http://www.acunetix.com/websitesecurity/sql-injection2/]]></URL>
	3602	</Reference>
	3603	<Reference>
	3604	<Database><![CDATA[SQL Injection Walkthrough]]></Database>
	3605	<URL><![CDATA[http://www.securiteam.com/securityreviews/5DP0N1P76E.html]]></URL>
	3606	</Reference>
	3607	<Reference>
	3608	<Database><![CDATA[OWASP PHP Top 5]]></Database>
	3609	<URL><![CDATA[http://www.owasp.org/index.php/PHP_Top_5]]></URL>
	3610	</Reference>
	3611	</References>
	3612	</ReportItem>
	3613
	3614	<ReportItem id="45" color="red">
	3615	<Name><![CDATA[SQL injection (verified)]]></Name>
	3616	<ModuleName><![CDATA[Scripting (Sql_Injection.script)]]></ModuleName>
	3617	<Details><![CDATA[URL encoded POST input <b><font color="dark">tbUsername</font></b> was set to <b><font color="dark">1ACUSTART'"7SbaMACUEND</font></b>]]></Details>
	3618	<Affects><![CDATA[/login.aspx]]></Affects>
	3619	<Parameter><![CDATA[tbUsername]]></Parameter>
	3620	<AOP_SourceFile><![CDATA[C:\Websites\AspNet\login.aspx]]></AOP_SourceFile>
	3621	<AOP_SourceLine>0</AOP_SourceLine>
	3622	<AOP_Additional><![CDATA[SQL query: SELECT uname, alevel FROM users WHERE uname='1ACUSTART'"7SbaMACUEND' AND upass='32cc5886dc1fa8c106a02056292c4654'
	3623
	3624	Stack trace:
	3625	Method: Boolean Authenticate(System.String ByRef, System.String, Int32 ByRef)
	3626	Method: Void btnLogin_Click(System.Object, System.EventArgs)
	3627	Method: Void OnClick(System.EventArgs)
	3628	Method: Void RaisePostBackEvent(System.String)
	3629	Method: Void RaisePostBackEvent(System.Web.UI.IPostBackEventHandler, System.String)
	3630	Method: Void ProcessRequestMain(Boolean, Boolean)
	3631	Method: Void ProcessRequest(Boolean, Boolean)
	3632	Method: Void ProcessRequest()
	3633	Method: Void ProcessRequest(System.Web.HttpContext)
	3634	Method: Void ProcessRequest(System.Web.HttpContext)
	3635	Method: Void System.Web.HttpApplication.IExecutionStep.Execute()
	3636	Method: System.Exception ExecuteStep(IExecutionStep, Boolean ByRef)
	3637	Method: Void ResumeSteps(System.Exception)
	3638	Method: Void ResumeStepsFromThreadPoolThread(System.Exception)
	3639	Method: Void ResumeStepsWithAssert(System.Exception)
	3640	Method: Void OnAsyncEventCompletion(System.IAsyncResult)
	3641	Method: Void Complete(Boolean, System.Object, System.Exception, System.Web.RequestNotificationStatus)
	3642	Method: Void PollLockedSessionCallback(System.Object)
	3643	Method: Void runTryCode(System.Object)
	3644	Method: Void ExecuteCodeWithGuaranteedCleanup(TryCode, CleanupCode, System.Object)
	3645	Method: Void Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
	3646	Method: Void PerformTimerCallback(System.Object)]]></AOP_Additional>
	3647	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	3648	<Severity><![CDATA[high]]></Severity>
	3649	<Type><![CDATA[Validation]]></Type>
	3650	<Impact><![CDATA[An attacker may execute arbitrary SQL statements on the vulnerable system. This may compromise the integrity of your database and/or expose sensitive information. <br/><br/>Depending on the back-end database in use, SQL injection vulnerabilities lead to varying levels of data/system access for the attacker. It may be possible to not only manipulate existing queries, but to UNION in arbitrary data, use sub selects, or append additional queries. In some cases, it may be possible to read in or write out to files, or to execute shell commands on the underlying operating system.<br/><br/>Certain SQL Servers such as Microsoft SQL Server contain stored and extended procedures (database server functions). If an attacker can obtain access to these procedures it may be possible to compromise the entire machine.]]></Impact>
	3651	<Description><![CDATA[This script is possibly vulnerable to SQL Injection attacks.<br/><br/>
	3652	SQL injection is a vulnerability that allows an attacker to alter back-end SQL statements by manipulating the user input. An SQL injection occurs when web applications accept user input that is directly placed into a SQL statement and doesn't properly filter out dangerous characters. <br/> <br/> This is one of the most common application layer attacks currently being used on the Internet. Despite the fact that it is relatively easy to protect against, there is a large number of web applications vulnerable.]]></Description>
	3653	<DetailedInformation><![CDATA[<i>Quote from SQL Injection Attacks by Example - http://www.unixwiz.net/techtips/sql-injection.html</i>
	3654	<h2>SQL injection mitigations</h2>
	3655
	3656	<p>We believe that web application developers often simply do not think about "surprise inputs", but security people do (including the bad guys), so there are three broad approaches that can be applied here.</p>
	3657
	3658	<h2>Sanitize the input</h2>
	3659	<p>It's absolutely vital to sanitize user inputs to insure that they do not contain dangerous codes, whether to the SQL server or to HTML itself. One's first idea is to strip out "bad stuff", such as quotes or semicolons or escapes, but this is a misguided attempt. Though it's easy to point out some dangerous characters, it's harder to point to all of them.</p>
	3660	<p>The language of the web is full of special characters and strange markup (including alternate ways of representing the same characters), and efforts to authoritatively identify all "bad stuff" are unlikely to be successful.</p>
	3661	<p>Instead, rather than "remove known bad data", it's better to "remove everything but known good data": this distinction is crucial. Since - in our example - an email address can contain only these characters: </p>
	3662	<code><pre wrap="virtual">
	3663	abcdefghijklmnopqrstuvwxyz
	3664	ABCDEFGHIJKLMNOPQRSTUVWXYZ
	3665	0123456789
	3666	@.-_+
	3667	</pre></code>
	3668
	3669	<p>There is really no benefit in allowing characters that could not be valid, and rejecting them early - presumably with an error message - not only helps forestall SQL Injection, but also catches mere typos early rather than stores them into the database. </p>
	3670
	3671	<p>Be aware that "sanitizing the input" doesn't mean merely "remove the quotes", because even "regular" characters can be troublesome. In an example where an integer ID value is being compared against the user input (say, a numeric PIN): </p>
	3672	<code><pre wrap="virtual">
	3673	SELECT fieldlist
	3674	FROM table
	3675	WHERE id = 23 OR 1=1; -- Boom! Always matches!
	3676	</pre></code>
	3677	<p>In practice, however, this approach is highly limited because there are so few fields for which it's possible to outright exclude many of the dangerous characters. For "dates" or "email addresses" or "integers" it may have merit, but for any kind of real application, one simply cannot avoid the other mitigations. </p>
	3678
	3679	<h2>Escape/Quotesafe the input</h2>
	3680	<p>Even if one might be able to sanitize a phone number or email address, one cannot take this approach with a "name" field lest one wishes to exclude the likes of Bill O'Reilly from one's application: a quote is simply a valid character for this field.</p>
	3681	<p>One includes an actual single quote in an SQL string by putting two of them together, so this suggests the obvious - but wrong! - technique of preprocessing every string to replicate the single quotes:</p>
	3682	<code><pre wrap="virtual">
	3683	SELECT fieldlist
	3684	FROM customers
	3685	WHERE name = 'Bill O''Reilly'; -- works OK
	3686	</pre></code>
	3687	<p>However, this naive approach can be beaten because most databases support other string escape mechanisms. MySQL, for instance, also permits \' to escape a quote, so after input of \'; DROP TABLE users; -- is "protected" by doubling the quotes, we get: </p>
	3688	<code><pre wrap="virtual">
	3689	SELECT fieldlist
	3690	FROM customers
	3691	WHERE name = '\''; DROP TABLE users; --'; -- Boom!
	3692	</pre></code>
	3693	<p>The expression '\'' is a complete string (containing just one single quote), and the usual SQL shenanigans follow. It doesn't stop with backslashes either: there is Unicode, other encodings, and parsing oddities all hiding in the weeds to trip up the application designer.</p>
	3694	<p>Getting quotes right is notoriously difficult, which is why many database interface languages provide a function that does it for you. When the same internal code is used for "string quoting" and "string parsing", it's much more likely that the process will be done properly and safely.</p>
	3695	<p>Some examples are the MySQL function <b>mysql_real_escape_string()</b> and perl DBD method <b>$dbh->quote($value)</b>. These methods must be used. </p>
	3696
	3697	<h2>Use bound parameters (the PREPARE statement)</h2>
	3698	<p>Though quotesafing is a good mechanism, we're still in the area of "considering user input as SQL", and a much better approach exists: bound parameters, which are supported by essentially all database programming interfaces. In this technique, an SQL statement string is created with placeholders - a question mark for each parameter - and it's compiled ("prepared", in SQL parlance) into an internal form. Later, this prepared query is "executed" with a list of parameters: </p>
	3699
	3700	<b>Example in perl</b>
	3701	<code><pre wrap="virtual"> $sth = $dbh->prepare("SELECT email, userid FROM members WHERE email = ?;");
	3702	$sth->execute($email);
	3703	</pre></code>
	3704	<p>Thanks to Stefan Wagner, this demonstrates bound parameters in Java: </p>
	3705
	3706	<b>Insecure version</b>
	3707	<code><pre wrap="virtual"> Statement s = connection.createStatement();
	3708	ResultSet rs = s.executeQuery("SELECT email FROM member WHERE name = "
	3709	+ formField); // boom
	3710	</pre></code>
	3711
	3712	<p><b>Secure version</b></p>
	3713	<code><pre wrap="virtual"> PreparedStatement ps = connection.prepareStatement(
	3714	"SELECT email FROM member WHERE name = ?");
	3715	ps.setString(1, formField);
	3716	ResultSet rs = ps.executeQuery();
	3717	</pre></code>
	3718
	3719	<p>Here, $email is the data obtained from the user's form, and it is passed as positional parameter #1 (the first question mark), and at no point do the contents of this variable have anything to do with SQL statement parsing. Quotes, semicolons, backslashes, SQL comment notation - none of this has any impact, because it's "just data". There simply is nothing to subvert, so the application is be largely immune to SQL injection attacks.</p>
	3720
	3721	<p>There also may be some performance benefits if this prepared query is reused multiple times (it only has to be parsed once), but this is minor compared to the enormous security benefits. This is probably the single most important step one can take to secure a web application. </p>
	3722
	3723	<h2>Limit database permissions and segregate users</h2>
	3724	<p>In the case at hand, we observed just two interactions that are made not in the context of a logged-in user: "log in" and "send me password". The web application ought to use a database connection with the most limited rights possible: query-only access to the members table, and no access to any other table.</p>
	3725	<p>The effect here is that even a "successful" SQL injection attack is going to have much more limited success. Here, we'd not have been able to do the UPDATE request that ultimately granted us access, so we'd have had to resort to other avenues.</p>
	3726	<p>Once the web application determined that a set of valid credentials had been passed via the login form, it would then switch that session to a database connection with more rights.</p>
	3727	<p>It should go almost without saying that sa rights should never be used for any web-based application.</p>
	3728
	3729	<h2>Use stored procedures for database access</h2>
	3730	<p>When the database server supports them, use stored procedures for performing access on the application's behalf, which can eliminate SQL entirely (assuming the stored procedures themselves are written properly). </p>
	3731	<p>By encapsulating the rules for a certain action - query, update, delete, etc. - into a single procedure, it can be tested and documented on a standalone basis and business rules enforced (for instance, the "add new order" procedure might reject that order if the customer were over his credit limit). </p>
	3732	<p>For simple queries this might be only a minor benefit, but as the operations become more complicated (or are used in more than one place), having a single definition for the operation means it's going to be more robust and easier to maintain. </p>
	3733	<p><i>Note: </i>it's always possible to write a stored procedure that itself constructs a query dynamically: this provides no protection against SQL Injection - it's only proper binding with prepare/execute or direct SQL statements with bound variables that provide this protection. </p>
	3734
	3735	<h2>Isolate the webserver</h2>
	3736	<p>Even having taken all these mitigation steps, it's nevertheless still possible to miss something and leave the server open to compromise. One ought to design the network infrastructure to assume that the bad guy will have full administrator access to the machine, and then attempt to limit how that can be leveraged to compromise other things. </p>
	3737	<p>For instance, putting the machine in a DMZ with extremely limited pinholes "inside" the network means that even getting complete control of the webserver doesn't automatically grant full access to everything else. This won't stop everything, of course, but it makes it a lot harder. </p>
	3738
	3739	<h2>Configure error reporting</h2>
	3740	<p>The default error reporting for some frameworks includes developer debugging information, and this cannot be shown to outside users. Imagine how much easier a time it makes for an attacker if the full query is shown, pointing to the syntax error involved. </p>
	3741	<p>This information is useful to developers, but it should be restricted - if possible - to just internal users. </p>]]></DetailedInformation>
	3742	<Recommendation><![CDATA[Your script should filter metacharacters from user input. <br/>Check detailed information for more information about fixing this vulnerability.]]></Recommendation>
	3743	<TechnicalDetails>
	3744	<Request><![CDATA[POST /login.aspx HTTP/1.1
	3745	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	3746	Acunetix-Aspect: enabled
	3747	Content-Length: 1177
	3748	Content-Type: application/x-www-form-urlencoded
	3749	Referer: http://testaspnet.vulnweb.com:80/
	3750	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	3751	Host: testaspnet.vulnweb.com
	3752	Connection: Keep-alive
	3753	Accept-Encoding: gzip,deflate
	3754	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	3755	Accept: /
	3756
	3757	btnLogin=Login&cbPersistCookie=on&tbPassword=g00dPa%24%24w0rD&tbUsername=1ACUSTART'%227SbaMACUEND&__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></Request>
	3758	<Response><![CDATA[HTTP/1.1 200 OK
	3759	Date: Thu, 14 Nov 2013 14:28:46 GMT
	3760	Server: Microsoft-IIS/6.0
	3761	X-Powered-By: ASP.NET
	3762	X-AspNet-Version: 2.0.50727
	3763	Cache-Control: private
	3764	Content-Type: text/html; charset=utf-8
	3765	Content-Length: 12365
	3766	]]></Response>
	3767	</TechnicalDetails>
	3768	<References>
	3769	<Reference>
	3770	<Database><![CDATA[Acunetix SQL Injection Attack]]></Database>
	3771	<URL><![CDATA[http://www.acunetix.com/websitesecurity/sql-injection.htm]]></URL>
	3772	</Reference>
	3773	<Reference>
	3774	<Database><![CDATA[VIDEO: SQL Injection tutorial]]></Database>
	3775	<URL><![CDATA[http://www.acunetix.com/blog/web-security-zone/video-sql-injection-tutorial/]]></URL>
	3776	</Reference>
	3777	<Reference>
	3778	<Database><![CDATA[OWASP Injection Flaws]]></Database>
	3779	<URL><![CDATA[http://www.owasp.org/index.php/Injection_Flaws]]></URL>
	3780	</Reference>
	3781	<Reference>
	3782	<Database><![CDATA[How to check for SQL injection vulnerabilities]]></Database>
	3783	<URL><![CDATA[http://www.acunetix.com/websitesecurity/sql-injection2/]]></URL>
	3784	</Reference>
	3785	<Reference>
	3786	<Database><![CDATA[SQL Injection Walkthrough]]></Database>
	3787	<URL><![CDATA[http://www.securiteam.com/securityreviews/5DP0N1P76E.html]]></URL>
	3788	</Reference>
	3789	<Reference>
	3790	<Database><![CDATA[OWASP PHP Top 5]]></Database>
	3791	<URL><![CDATA[http://www.owasp.org/index.php/PHP_Top_5]]></URL>
	3792	</Reference>
	3793	</References>
	3794	</ReportItem>
	3795
	3796	<ReportItem id="46" color="blue">
	3797	<Name><![CDATA[Login page password-guessing attack]]></Name>
	3798	<ModuleName><![CDATA[Scripting (Html_Authentication_Audit.script)]]></ModuleName>
	3799	<Details><![CDATA[The scanner tested 10 invalid credentials and no account lockout was detected.]]></Details>
	3800	<Affects><![CDATA[/signup.aspx]]></Affects>
	3801	<Parameter><![CDATA[]]></Parameter>
	3802	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	3803	<AOP_SourceLine>0</AOP_SourceLine>
	3804	<AOP_Additional><![CDATA[]]></AOP_Additional>
	3805	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	3806	<Severity><![CDATA[low]]></Severity>
	3807	<Type><![CDATA[Validation]]></Type>
	3808	<Impact><![CDATA[An attacker may attempt to discover a weak password by systematically trying every possible combination of letters, numbers, and symbols until it discovers the one correct combination that works.]]></Impact>
	3809	<Description><![CDATA[A common threat web developers face is a password-guessing attack known as a brute force attack. A brute-force attack is an attempt to discover a password by systematically trying every possible combination of letters, numbers, and symbols until you discover the one correct combination that works. <br/><br/>
	3810
	3811	This login page doesn't have any protection against password-guessing attacks (brute force attacks). It's recommended to implement some type of account lockout after a defined number of incorrect password attempts. Consult Web references for more information about fixing this problem. ]]></Description>
	3812	<DetailedInformation><![CDATA[]]></DetailedInformation>
	3813	<Recommendation><![CDATA[It's recommended to implement some type of account lockout after a defined number of incorrect password attempts. ]]></Recommendation>
	3814	<TechnicalDetails>
	3815	<Request><![CDATA[POST /signup.aspx HTTP/1.1
	3816	Content-Length: 1060
	3817	Content-Type: application/x-www-form-urlencoded
	3818	Referer: http://testaspnet.vulnweb.com:80/
	3819	Host: testaspnet.vulnweb.com
	3820	Connection: Keep-alive
	3821	Accept-Encoding: gzip,deflate
	3822	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	3823	Accept: /
	3824
	3825	btnSignup=Sign%20me%20up&tbPassword=wIwclpQE&tbUsername=XRr9zg25&__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWWgKJ%2b8rsBQLStq24BwK3jsrkBALF97vxAQKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMe7zvcGDW1XEmT%2bKc/cai9hiHVyk%3d&__VIEWSTATE=/wEPDwUKLTY0MzI4NjU4Mw9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkZHEZ3VN6SP/C2xESDN/Y3p8zhfSB]]></Request>
	3826	<Response><![CDATA[HTTP/1.1 200 OK
	3827	Date: Thu, 14 Nov 2013 14:29:02 GMT
	3828	Server: Microsoft-IIS/6.0
	3829	X-Powered-By: ASP.NET
	3830	X-AspNet-Version: 2.0.50727
	3831	Set-Cookie: ASP.NET_SessionId=tbbbkxq40eiyvn45c0scehya; path=/; HttpOnly
	3832	Cache-Control: private
	3833	Content-Type: text/html; charset=utf-8
	3834	Content-Length: 12242
	3835	]]></Response>
	3836	</TechnicalDetails>
	3837	<References>
	3838	<Reference>
	3839	<Database><![CDATA[Blocking Brute Force Attacks]]></Database>
	3840	<URL><![CDATA[http://www.owasp.org/index.php/Blocking_Brute_Force_Attacks]]></URL>
	3841	</Reference>
	3842	</References>
	3843	</ReportItem>
	3844
	3845	<ReportItem id="47" color="red">
	3846	<Name><![CDATA[SQL injection (verified)]]></Name>
	3847	<ModuleName><![CDATA[Scripting (Sql_Injection.script)]]></ModuleName>
	3848	<Details><![CDATA[URL encoded GET input <b><font color="dark">id</font></b> was set to <b><font color="dark">1ACUSTART'"tR4ngACUEND</font></b>]]></Details>
	3849	<Affects><![CDATA[/readnews.aspx]]></Affects>
	3850	<Parameter><![CDATA[id]]></Parameter>
	3851	<AOP_SourceFile><![CDATA[C:\Websites\AspNet\readnews.aspx]]></AOP_SourceFile>
	3852	<AOP_SourceLine>0</AOP_SourceLine>
	3853	<AOP_Additional><![CDATA[SQL query: SELECT NewsDate, NewsTitle, NewsLong, AuthorId FROM news WHERE NewsId=1ACUSTART'"tR4ngACUEND
	3854
	3855	Stack trace:
	3856	Method: Void Page_Load(System.Object, System.EventArgs)
	3857	Method: Void OnLoad(System.EventArgs)
	3858	Method: Void LoadRecursive()
	3859	Method: Void ProcessRequestMain(Boolean, Boolean)
	3860	Method: Void ProcessRequest(Boolean, Boolean)
	3861	Method: Void ProcessRequest()
	3862	Method: Void ProcessRequest(System.Web.HttpContext)
	3863	Method: Void ProcessRequest(System.Web.HttpContext)
	3864	Method: Void System.Web.HttpApplication.IExecutionStep.Execute()
	3865	Method: System.Exception ExecuteStep(IExecutionStep, Boolean ByRef)
	3866	Method: Void ResumeSteps(System.Exception)
	3867	Method: System.IAsyncResult System.Web.IHttpAsyncHandler.BeginProcessRequest(System.Web.HttpContext, System.AsyncCallback, System.Object)
	3868	Method: Void ProcessRequestInternal(System.Web.HttpWorkerRequest)
	3869	Method: Void ProcessRequestNoDemand(System.Web.HttpWorkerRequest)
	3870	Method: Int32 ProcessRequest(IntPtr, Int32)]]></AOP_Additional>
	3871	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	3872	<Severity><![CDATA[high]]></Severity>
	3873	<Type><![CDATA[Validation]]></Type>
	3874	<Impact><![CDATA[An attacker may execute arbitrary SQL statements on the vulnerable system. This may compromise the integrity of your database and/or expose sensitive information. <br/><br/>Depending on the back-end database in use, SQL injection vulnerabilities lead to varying levels of data/system access for the attacker. It may be possible to not only manipulate existing queries, but to UNION in arbitrary data, use sub selects, or append additional queries. In some cases, it may be possible to read in or write out to files, or to execute shell commands on the underlying operating system.<br/><br/>Certain SQL Servers such as Microsoft SQL Server contain stored and extended procedures (database server functions). If an attacker can obtain access to these procedures it may be possible to compromise the entire machine.]]></Impact>
	3875	<Description><![CDATA[This script is possibly vulnerable to SQL Injection attacks.<br/><br/>
	3876	SQL injection is a vulnerability that allows an attacker to alter back-end SQL statements by manipulating the user input. An SQL injection occurs when web applications accept user input that is directly placed into a SQL statement and doesn't properly filter out dangerous characters. <br/> <br/> This is one of the most common application layer attacks currently being used on the Internet. Despite the fact that it is relatively easy to protect against, there is a large number of web applications vulnerable.]]></Description>
	3877	<DetailedInformation><![CDATA[<i>Quote from SQL Injection Attacks by Example - http://www.unixwiz.net/techtips/sql-injection.html</i>
	3878	<h2>SQL injection mitigations</h2>
	3879
	3880	<p>We believe that web application developers often simply do not think about "surprise inputs", but security people do (including the bad guys), so there are three broad approaches that can be applied here.</p>
	3881
	3882	<h2>Sanitize the input</h2>
	3883	<p>It's absolutely vital to sanitize user inputs to insure that they do not contain dangerous codes, whether to the SQL server or to HTML itself. One's first idea is to strip out "bad stuff", such as quotes or semicolons or escapes, but this is a misguided attempt. Though it's easy to point out some dangerous characters, it's harder to point to all of them.</p>
	3884	<p>The language of the web is full of special characters and strange markup (including alternate ways of representing the same characters), and efforts to authoritatively identify all "bad stuff" are unlikely to be successful.</p>
	3885	<p>Instead, rather than "remove known bad data", it's better to "remove everything but known good data": this distinction is crucial. Since - in our example - an email address can contain only these characters: </p>
	3886	<code><pre wrap="virtual">
	3887	abcdefghijklmnopqrstuvwxyz
	3888	ABCDEFGHIJKLMNOPQRSTUVWXYZ
	3889	0123456789
	3890	@.-_+
	3891	</pre></code>
	3892
	3893	<p>There is really no benefit in allowing characters that could not be valid, and rejecting them early - presumably with an error message - not only helps forestall SQL Injection, but also catches mere typos early rather than stores them into the database. </p>
	3894
	3895	<p>Be aware that "sanitizing the input" doesn't mean merely "remove the quotes", because even "regular" characters can be troublesome. In an example where an integer ID value is being compared against the user input (say, a numeric PIN): </p>
	3896	<code><pre wrap="virtual">
	3897	SELECT fieldlist
	3898	FROM table
	3899	WHERE id = 23 OR 1=1; -- Boom! Always matches!
	3900	</pre></code>
	3901	<p>In practice, however, this approach is highly limited because there are so few fields for which it's possible to outright exclude many of the dangerous characters. For "dates" or "email addresses" or "integers" it may have merit, but for any kind of real application, one simply cannot avoid the other mitigations. </p>
	3902
	3903	<h2>Escape/Quotesafe the input</h2>
	3904	<p>Even if one might be able to sanitize a phone number or email address, one cannot take this approach with a "name" field lest one wishes to exclude the likes of Bill O'Reilly from one's application: a quote is simply a valid character for this field.</p>
	3905	<p>One includes an actual single quote in an SQL string by putting two of them together, so this suggests the obvious - but wrong! - technique of preprocessing every string to replicate the single quotes:</p>
	3906	<code><pre wrap="virtual">
	3907	SELECT fieldlist
	3908	FROM customers
	3909	WHERE name = 'Bill O''Reilly'; -- works OK
	3910	</pre></code>
	3911	<p>However, this naive approach can be beaten because most databases support other string escape mechanisms. MySQL, for instance, also permits \' to escape a quote, so after input of \'; DROP TABLE users; -- is "protected" by doubling the quotes, we get: </p>
	3912	<code><pre wrap="virtual">
	3913	SELECT fieldlist
	3914	FROM customers
	3915	WHERE name = '\''; DROP TABLE users; --'; -- Boom!
	3916	</pre></code>
	3917	<p>The expression '\'' is a complete string (containing just one single quote), and the usual SQL shenanigans follow. It doesn't stop with backslashes either: there is Unicode, other encodings, and parsing oddities all hiding in the weeds to trip up the application designer.</p>
	3918	<p>Getting quotes right is notoriously difficult, which is why many database interface languages provide a function that does it for you. When the same internal code is used for "string quoting" and "string parsing", it's much more likely that the process will be done properly and safely.</p>
	3919	<p>Some examples are the MySQL function <b>mysql_real_escape_string()</b> and perl DBD method <b>$dbh->quote($value)</b>. These methods must be used. </p>
	3920
	3921	<h2>Use bound parameters (the PREPARE statement)</h2>
	3922	<p>Though quotesafing is a good mechanism, we're still in the area of "considering user input as SQL", and a much better approach exists: bound parameters, which are supported by essentially all database programming interfaces. In this technique, an SQL statement string is created with placeholders - a question mark for each parameter - and it's compiled ("prepared", in SQL parlance) into an internal form. Later, this prepared query is "executed" with a list of parameters: </p>
	3923
	3924	<b>Example in perl</b>
	3925	<code><pre wrap="virtual"> $sth = $dbh->prepare("SELECT email, userid FROM members WHERE email = ?;");
	3926	$sth->execute($email);
	3927	</pre></code>
	3928	<p>Thanks to Stefan Wagner, this demonstrates bound parameters in Java: </p>
	3929
	3930	<b>Insecure version</b>
	3931	<code><pre wrap="virtual"> Statement s = connection.createStatement();
	3932	ResultSet rs = s.executeQuery("SELECT email FROM member WHERE name = "
	3933	+ formField); // boom
	3934	</pre></code>
	3935
	3936	<p><b>Secure version</b></p>
	3937	<code><pre wrap="virtual"> PreparedStatement ps = connection.prepareStatement(
	3938	"SELECT email FROM member WHERE name = ?");
	3939	ps.setString(1, formField);
	3940	ResultSet rs = ps.executeQuery();
	3941	</pre></code>
	3942
	3943	<p>Here, $email is the data obtained from the user's form, and it is passed as positional parameter #1 (the first question mark), and at no point do the contents of this variable have anything to do with SQL statement parsing. Quotes, semicolons, backslashes, SQL comment notation - none of this has any impact, because it's "just data". There simply is nothing to subvert, so the application is be largely immune to SQL injection attacks.</p>
	3944
	3945	<p>There also may be some performance benefits if this prepared query is reused multiple times (it only has to be parsed once), but this is minor compared to the enormous security benefits. This is probably the single most important step one can take to secure a web application. </p>
	3946
	3947	<h2>Limit database permissions and segregate users</h2>
	3948	<p>In the case at hand, we observed just two interactions that are made not in the context of a logged-in user: "log in" and "send me password". The web application ought to use a database connection with the most limited rights possible: query-only access to the members table, and no access to any other table.</p>
	3949	<p>The effect here is that even a "successful" SQL injection attack is going to have much more limited success. Here, we'd not have been able to do the UPDATE request that ultimately granted us access, so we'd have had to resort to other avenues.</p>
	3950	<p>Once the web application determined that a set of valid credentials had been passed via the login form, it would then switch that session to a database connection with more rights.</p>
	3951	<p>It should go almost without saying that sa rights should never be used for any web-based application.</p>
	3952
	3953	<h2>Use stored procedures for database access</h2>
	3954	<p>When the database server supports them, use stored procedures for performing access on the application's behalf, which can eliminate SQL entirely (assuming the stored procedures themselves are written properly). </p>
	3955	<p>By encapsulating the rules for a certain action - query, update, delete, etc. - into a single procedure, it can be tested and documented on a standalone basis and business rules enforced (for instance, the "add new order" procedure might reject that order if the customer were over his credit limit). </p>
	3956	<p>For simple queries this might be only a minor benefit, but as the operations become more complicated (or are used in more than one place), having a single definition for the operation means it's going to be more robust and easier to maintain. </p>
	3957	<p><i>Note: </i>it's always possible to write a stored procedure that itself constructs a query dynamically: this provides no protection against SQL Injection - it's only proper binding with prepare/execute or direct SQL statements with bound variables that provide this protection. </p>
	3958
	3959	<h2>Isolate the webserver</h2>
	3960	<p>Even having taken all these mitigation steps, it's nevertheless still possible to miss something and leave the server open to compromise. One ought to design the network infrastructure to assume that the bad guy will have full administrator access to the machine, and then attempt to limit how that can be leveraged to compromise other things. </p>
	3961	<p>For instance, putting the machine in a DMZ with extremely limited pinholes "inside" the network means that even getting complete control of the webserver doesn't automatically grant full access to everything else. This won't stop everything, of course, but it makes it a lot harder. </p>
	3962
	3963	<h2>Configure error reporting</h2>
	3964	<p>The default error reporting for some frameworks includes developer debugging information, and this cannot be shown to outside users. Imagine how much easier a time it makes for an attacker if the full query is shown, pointing to the syntax error involved. </p>
	3965	<p>This information is useful to developers, but it should be restricted - if possible - to just internal users. </p>]]></DetailedInformation>
	3966	<Recommendation><![CDATA[Your script should filter metacharacters from user input. <br/>Check detailed information for more information about fixing this vulnerability.]]></Recommendation>
	3967	<TechnicalDetails>
	3968	<Request><![CDATA[POST /readnews.aspx?id=1ACUSTART'%22tR4ngACUEND&NewsAd=ads/def.html HTTP/1.1
	3969	Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
	3970	Acunetix-Aspect: enabled
	3971	Content-Length: 10791
	3972	Content-Type: application/x-www-form-urlencoded
	3973	Referer: http://testaspnet.vulnweb.com:80/
	3974	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	3975	Host: testaspnet.vulnweb.com
	3976	Connection: Keep-alive
	3977	Accept-Encoding: gzip,deflate
	3978	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	3979	Accept: /
	3980
	3981	__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWVwKO/ffgDgKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMTuBuYk15KvnzAGnqqPk6tDbzR0Y%3d&__VIEWSTATE=/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2bYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWuNzxwPjxzdHJvbmc%2bQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2bPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2bPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2bIDwvdWw%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggd2FzIGZvdW5kZWQgdG8gY29tYmF0IHRoZSBhbGFybWluZyByaXNlIGluICAgICAgICAgICAgICAgICAgICAgICAgICAgIHdlYiBhdHRhY2tzLiBJdHMgZmxhZ3NoaXAgcHJvZHVjdCwgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgU2Nhbm5lciwgaXMgdGhlIHJlc3VsdCBvZiBzZXZlcmFsIHllYXJzIG9mIGRldmVsb3BtZW50ICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJ5IGEgdGVhbSBvZiBoaWdobHkgZXhwZXJpZW5jZWQgc2VjdXJpdHkgZGV2ZWxvcGVycy4gICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggaXMgYSBwcml2YXRlbHkgaGVsZCBjb21wYW55IHdpdGggaGVhZHF1YXJ0ZXJzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJhc2VkIGluIEV1cm9wZSAoTWFsdGEpIHdpdGggaXRzIE5ldyBZb3JrIFVTIG9mZmljZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY2hlZHVsZWQgdG8gb3BlbiBpbiBRMyBvZiAyMDA1LiA8L3A%2bIGQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkNCSZh%2buMoCTcXGDfVu5D5CfxA7Y%3d]]></Request>
	3982	<Response><![CDATA[HTTP/1.1 200 OK
	3983	Date: Thu, 14 Nov 2013 14:29:34 GMT
	3984	Server: Microsoft-IIS/6.0
	3985	X-Powered-By: ASP.NET
	3986	X-AspNet-Version: 2.0.50727
	3987	Cache-Control: private
	3988	Content-Type: text/html; charset=utf-8
	3989	Content-Length: 29377
	3990	]]></Response>
	3991	</TechnicalDetails>
	3992	<References>
	3993	<Reference>
	3994	<Database><![CDATA[Acunetix SQL Injection Attack]]></Database>
	3995	<URL><![CDATA[http://www.acunetix.com/websitesecurity/sql-injection.htm]]></URL>
	3996	</Reference>
	3997	<Reference>
	3998	<Database><![CDATA[VIDEO: SQL Injection tutorial]]></Database>
	3999	<URL><![CDATA[http://www.acunetix.com/blog/web-security-zone/video-sql-injection-tutorial/]]></URL>
	4000	</Reference>
	4001	<Reference>
	4002	<Database><![CDATA[OWASP Injection Flaws]]></Database>
	4003	<URL><![CDATA[http://www.owasp.org/index.php/Injection_Flaws]]></URL>
	4004	</Reference>
	4005	<Reference>
	4006	<Database><![CDATA[How to check for SQL injection vulnerabilities]]></Database>
	4007	<URL><![CDATA[http://www.acunetix.com/websitesecurity/sql-injection2/]]></URL>
	4008	</Reference>
	4009	<Reference>
	4010	<Database><![CDATA[SQL Injection Walkthrough]]></Database>
	4011	<URL><![CDATA[http://www.securiteam.com/securityreviews/5DP0N1P76E.html]]></URL>
	4012	</Reference>
	4013	<Reference>
	4014	<Database><![CDATA[OWASP PHP Top 5]]></Database>
	4015	<URL><![CDATA[http://www.owasp.org/index.php/PHP_Top_5]]></URL>
	4016	</Reference>
	4017	</References>
	4018	</ReportItem>
	4019
	4020	<ReportItem id="48" color="red">
	4021	<Name><![CDATA[Blind SQL Injection]]></Name>
	4022	<ModuleName><![CDATA[Scripting (Blind_Sql_Injection.script)]]></ModuleName>
	4023	<Details><![CDATA[URL encoded GET input <b><font color="dark">id</font></b> was set to <b><font color="dark">-1; waitfor delay '0:0:0' -- </font></b><br/><br/>Tests performed: <ul><li>-1; waitfor delay '0:0:6' -- => <b>6.271 s</b></li><li>-1; waitfor delay '0:0:3' -- => <b>3.276 s</b></li><li>-1; waitfor delay '0:0:0' -- => <b>0.39 s</b></li><li>-1; waitfor delay '0:0:9' -- => <b>9.282 s</b></li><li>-1; waitfor delay '0:0:0' -- => <b>0.265 s</b></li><li>-1; waitfor delay '0:0:0' -- => <b>0.265 s</b></li><li>-1; waitfor delay '0:0:0' -- => <b>0.281 s</b></li><li>-1; waitfor delay '0:0:6' -- => <b>6.755 s</b></li><li>-1; waitfor delay '0:0:0' -- => <b>0.764 s</b></li></ul><br/> Original value: <b>2</b>]]></Details>
	4024	<Affects><![CDATA[/readnews.aspx]]></Affects>
	4025	<Parameter><![CDATA[id]]></Parameter>
	4026	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	4027	<AOP_SourceLine>0</AOP_SourceLine>
	4028	<AOP_Additional><![CDATA[]]></AOP_Additional>
	4029	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	4030	<Severity><![CDATA[high]]></Severity>
	4031	<Type><![CDATA[Validation]]></Type>
	4032	<Impact><![CDATA[An attacker may execute arbitrary SQL statements on the vulnerable system. This may compromise the integrity of your database and/or expose sensitive information. <br/><br/>Depending on the back-end database in use, SQL injection vulnerabilities lead to varying levels of data/system access for the attacker. It may be possible to not only manipulate existing queries, but to UNION in arbitrary data, use sub selects, or append additional queries. In some cases, it may be possible to read in or write out to files, or to execute shell commands on the underlying operating system.<br/><br/>Certain SQL Servers such as Microsoft SQL Server contain stored and extended procedures (database server functions). If an attacker can obtain access to these procedures it may be possible to compromise the entire machine.]]></Impact>
	4033	<Description><![CDATA[This script is possibly vulnerable to SQL Injection attacks.<br/><br/>
	4034	SQL injection is a vulnerability that allows an attacker to alter back-end SQL statements by manipulating the user input. An SQL injection occurs when web applications accept user input that is directly placed into a SQL statement and doesn't properly filter out dangerous characters. <br/> <br/> This is one of the most common application layer attacks currently being used on the Internet. Despite the fact that it is relatively easy to protect against, there is a large number of web applications vulnerable.]]></Description>
	4035	<DetailedInformation><![CDATA[<i>Quote from SQL Injection Attacks by Example - http://www.unixwiz.net/techtips/sql-injection.html</i>
	4036	<h2>SQL injection mitigations</h2>
	4037
	4038	<p>We believe that web application developers often simply do not think about "surprise inputs", but security people do (including the bad guys), so there are three broad approaches that can be applied here.</p>
	4039
	4040	<h2>Sanitize the input</h2>
	4041	<p>It's absolutely vital to sanitize user inputs to insure that they do not contain dangerous codes, whether to the SQL server or to HTML itself. One's first idea is to strip out "bad stuff", such as quotes or semicolons or escapes, but this is a misguided attempt. Though it's easy to point out some dangerous characters, it's harder to point to all of them.</p>
	4042	<p>The language of the web is full of special characters and strange markup (including alternate ways of representing the same characters), and efforts to authoritatively identify all "bad stuff" are unlikely to be successful.</p>
	4043	<p>Instead, rather than "remove known bad data", it's better to "remove everything but known good data": this distinction is crucial. Since - in our example - an email address can contain only these characters: </p>
	4044	<code><pre wrap="virtual">
	4045	abcdefghijklmnopqrstuvwxyz
	4046	ABCDEFGHIJKLMNOPQRSTUVWXYZ
	4047	0123456789
	4048	@.-_+
	4049	</pre></code>
	4050
	4051	<p>There is really no benefit in allowing characters that could not be valid, and rejecting them early - presumably with an error message - not only helps forestall SQL Injection, but also catches mere typos early rather than stores them into the database. </p>
	4052
	4053	<p>Be aware that "sanitizing the input" doesn't mean merely "remove the quotes", because even "regular" characters can be troublesome. In an example where an integer ID value is being compared against the user input (say, a numeric PIN): </p>
	4054	<code><pre wrap="virtual">
	4055	SELECT fieldlist
	4056	FROM table
	4057	WHERE id = 23 OR 1=1; -- Boom! Always matches!
	4058	</pre></code>
	4059	<p>In practice, however, this approach is highly limited because there are so few fields for which it's possible to outright exclude many of the dangerous characters. For "dates" or "email addresses" or "integers" it may have merit, but for any kind of real application, one simply cannot avoid the other mitigations. </p>
	4060
	4061	<h2>Escape/Quotesafe the input</h2>
	4062	<p>Even if one might be able to sanitize a phone number or email address, one cannot take this approach with a "name" field lest one wishes to exclude the likes of Bill O'Reilly from one's application: a quote is simply a valid character for this field.</p>
	4063	<p>One includes an actual single quote in an SQL string by putting two of them together, so this suggests the obvious - but wrong! - technique of preprocessing every string to replicate the single quotes:</p>
	4064	<code><pre wrap="virtual">
	4065	SELECT fieldlist
	4066	FROM customers
	4067	WHERE name = 'Bill O''Reilly'; -- works OK
	4068	</pre></code>
	4069	<p>However, this naive approach can be beaten because most databases support other string escape mechanisms. MySQL, for instance, also permits \' to escape a quote, so after input of \'; DROP TABLE users; -- is "protected" by doubling the quotes, we get: </p>
	4070	<code><pre wrap="virtual">
	4071	SELECT fieldlist
	4072	FROM customers
	4073	WHERE name = '\''; DROP TABLE users; --'; -- Boom!
	4074	</pre></code>
	4075	<p>The expression '\'' is a complete string (containing just one single quote), and the usual SQL shenanigans follow. It doesn't stop with backslashes either: there is Unicode, other encodings, and parsing oddities all hiding in the weeds to trip up the application designer.</p>
	4076	<p>Getting quotes right is notoriously difficult, which is why many database interface languages provide a function that does it for you. When the same internal code is used for "string quoting" and "string parsing", it's much more likely that the process will be done properly and safely.</p>
	4077	<p>Some examples are the MySQL function <b>mysql_real_escape_string()</b> and perl DBD method <b>$dbh->quote($value)</b>. These methods must be used. </p>
	4078
	4079	<h2>Use bound parameters (the PREPARE statement)</h2>
	4080	<p>Though quotesafing is a good mechanism, we're still in the area of "considering user input as SQL", and a much better approach exists: bound parameters, which are supported by essentially all database programming interfaces. In this technique, an SQL statement string is created with placeholders - a question mark for each parameter - and it's compiled ("prepared", in SQL parlance) into an internal form. Later, this prepared query is "executed" with a list of parameters: </p>
	4081
	4082	<b>Example in perl</b>
	4083	<code><pre wrap="virtual"> $sth = $dbh->prepare("SELECT email, userid FROM members WHERE email = ?;");
	4084	$sth->execute($email);
	4085	</pre></code>
	4086	<p>Thanks to Stefan Wagner, this demonstrates bound parameters in Java: </p>
	4087
	4088	<b>Insecure version</b>
	4089	<code><pre wrap="virtual"> Statement s = connection.createStatement();
	4090	ResultSet rs = s.executeQuery("SELECT email FROM member WHERE name = "
	4091	+ formField); // boom
	4092	</pre></code>
	4093
	4094	<p><b>Secure version</b></p>
	4095	<code><pre wrap="virtual"> PreparedStatement ps = connection.prepareStatement(
	4096	"SELECT email FROM member WHERE name = ?");
	4097	ps.setString(1, formField);
	4098	ResultSet rs = ps.executeQuery();
	4099	</pre></code>
	4100
	4101	<p>Here, $email is the data obtained from the user's form, and it is passed as positional parameter #1 (the first question mark), and at no point do the contents of this variable have anything to do with SQL statement parsing. Quotes, semicolons, backslashes, SQL comment notation - none of this has any impact, because it's "just data". There simply is nothing to subvert, so the application is be largely immune to SQL injection attacks.</p>
	4102
	4103	<p>There also may be some performance benefits if this prepared query is reused multiple times (it only has to be parsed once), but this is minor compared to the enormous security benefits. This is probably the single most important step one can take to secure a web application. </p>
	4104
	4105	<h2>Limit database permissions and segregate users</h2>
	4106	<p>In the case at hand, we observed just two interactions that are made not in the context of a logged-in user: "log in" and "send me password". The web application ought to use a database connection with the most limited rights possible: query-only access to the members table, and no access to any other table.</p>
	4107	<p>The effect here is that even a "successful" SQL injection attack is going to have much more limited success. Here, we'd not have been able to do the UPDATE request that ultimately granted us access, so we'd have had to resort to other avenues.</p>
	4108	<p>Once the web application determined that a set of valid credentials had been passed via the login form, it would then switch that session to a database connection with more rights.</p>
	4109	<p>It should go almost without saying that sa rights should never be used for any web-based application.</p>
	4110
	4111	<h2>Use stored procedures for database access</h2>
	4112	<p>When the database server supports them, use stored procedures for performing access on the application's behalf, which can eliminate SQL entirely (assuming the stored procedures themselves are written properly). </p>
	4113	<p>By encapsulating the rules for a certain action - query, update, delete, etc. - into a single procedure, it can be tested and documented on a standalone basis and business rules enforced (for instance, the "add new order" procedure might reject that order if the customer were over his credit limit). </p>
	4114	<p>For simple queries this might be only a minor benefit, but as the operations become more complicated (or are used in more than one place), having a single definition for the operation means it's going to be more robust and easier to maintain. </p>
	4115	<p><i>Note: </i>it's always possible to write a stored procedure that itself constructs a query dynamically: this provides no protection against SQL Injection - it's only proper binding with prepare/execute or direct SQL statements with bound variables that provide this protection. </p>
	4116
	4117	<h2>Isolate the webserver</h2>
	4118	<p>Even having taken all these mitigation steps, it's nevertheless still possible to miss something and leave the server open to compromise. One ought to design the network infrastructure to assume that the bad guy will have full administrator access to the machine, and then attempt to limit how that can be leveraged to compromise other things. </p>
	4119	<p>For instance, putting the machine in a DMZ with extremely limited pinholes "inside" the network means that even getting complete control of the webserver doesn't automatically grant full access to everything else. This won't stop everything, of course, but it makes it a lot harder. </p>
	4120
	4121	<h2>Configure error reporting</h2>
	4122	<p>The default error reporting for some frameworks includes developer debugging information, and this cannot be shown to outside users. Imagine how much easier a time it makes for an attacker if the full query is shown, pointing to the syntax error involved. </p>
	4123	<p>This information is useful to developers, but it should be restricted - if possible - to just internal users. </p>]]></DetailedInformation>
	4124	<Recommendation><![CDATA[Your script should filter metacharacters from user input. <br/>Check detailed information for more information about fixing this vulnerability.]]></Recommendation>
	4125	<TechnicalDetails>
	4126	<Request><![CDATA[POST /readnews.aspx?id=-1;%20waitfor%20delay%20'0:0:0'%20--%20&NewsAd=ads/def.html HTTP/1.1
	4127	Content-Length: 10791
	4128	Content-Type: application/x-www-form-urlencoded
	4129	X-Requested-With: XMLHttpRequest
	4130	Referer: http://testaspnet.vulnweb.com:80/
	4131	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	4132	Host: testaspnet.vulnweb.com
	4133	Connection: Keep-alive
	4134	Accept-Encoding: gzip,deflate
	4135	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	4136	Accept: /
	4137
	4138	__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWVwKO/ffgDgKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMTuBuYk15KvnzAGnqqPk6tDbzR0Y%3d&__VIEWSTATE=/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2bYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWuNzxwPjxzdHJvbmc%2bQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2bPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2bPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2bIDwvdWw%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggd2FzIGZvdW5kZWQgdG8gY29tYmF0IHRoZSBhbGFybWluZyByaXNlIGluICAgICAgICAgICAgICAgICAgICAgICAgICAgIHdlYiBhdHRhY2tzLiBJdHMgZmxhZ3NoaXAgcHJvZHVjdCwgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgU2Nhbm5lciwgaXMgdGhlIHJlc3VsdCBvZiBzZXZlcmFsIHllYXJzIG9mIGRldmVsb3BtZW50ICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJ5IGEgdGVhbSBvZiBoaWdobHkgZXhwZXJpZW5jZWQgc2VjdXJpdHkgZGV2ZWxvcGVycy4gICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggaXMgYSBwcml2YXRlbHkgaGVsZCBjb21wYW55IHdpdGggaGVhZHF1YXJ0ZXJzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJhc2VkIGluIEV1cm9wZSAoTWFsdGEpIHdpdGggaXRzIE5ldyBZb3JrIFVTIG9mZmljZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY2hlZHVsZWQgdG8gb3BlbiBpbiBRMyBvZiAyMDA1LiA8L3A%2bIGQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkNCSZh%2buMoCTcXGDfVu5D5CfxA7Y%3d]]></Request>
	4139	<Response><![CDATA[HTTP/1.1 200 OK
	4140	Date: Thu, 14 Nov 2013 14:29:42 GMT
	4141	Server: Microsoft-IIS/6.0
	4142	X-Powered-By: ASP.NET
	4143	X-AspNet-Version: 2.0.50727
	4144	Cache-Control: private
	4145	Content-Type: text/html; charset=utf-8
	4146	Content-Length: 29398
	4147	]]></Response>
	4148	</TechnicalDetails>
	4149	<References>
	4150	<Reference>
	4151	<Database><![CDATA[Acunetix SQL Injection Attack]]></Database>
	4152	<URL><![CDATA[http://www.acunetix.com/websitesecurity/sql-injection.htm]]></URL>
	4153	</Reference>
	4154	<Reference>
	4155	<Database><![CDATA[VIDEO: SQL Injection tutorial]]></Database>
	4156	<URL><![CDATA[http://www.acunetix.com/blog/web-security-zone/video-sql-injection-tutorial/]]></URL>
	4157	</Reference>
	4158	<Reference>
	4159	<Database><![CDATA[OWASP Injection Flaws]]></Database>
	4160	<URL><![CDATA[http://www.owasp.org/index.php/Injection_Flaws]]></URL>
	4161	</Reference>
	4162	<Reference>
	4163	<Database><![CDATA[How to check for SQL injection vulnerabilities]]></Database>
	4164	<URL><![CDATA[http://www.acunetix.com/websitesecurity/sql-injection2/]]></URL>
	4165	</Reference>
	4166	<Reference>
	4167	<Database><![CDATA[SQL Injection Walkthrough]]></Database>
	4168	<URL><![CDATA[http://www.securiteam.com/securityreviews/5DP0N1P76E.html]]></URL>
	4169	</Reference>
	4170	<Reference>
	4171	<Database><![CDATA[OWASP PHP Top 5]]></Database>
	4172	<URL><![CDATA[http://www.owasp.org/index.php/PHP_Top_5]]></URL>
	4173	</Reference>
	4174	</References>
	4175	</ReportItem>
	4176
	4177	<ReportItem id="49" color="orange">
	4178	<Name><![CDATA[Cross frame scripting]]></Name>
	4179	<ModuleName><![CDATA[Scripting (XFS_and_Redir.script)]]></ModuleName>
	4180	<Details><![CDATA[URL encoded GET input <b><font color="dark">NewsAd</font></b> was set to <b><font color="dark">http://www.acunetix.tst</font></b>]]></Details>
	4181	<Affects><![CDATA[/readnews.aspx]]></Affects>
	4182	<Parameter><![CDATA[NewsAd]]></Parameter>
	4183	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	4184	<AOP_SourceLine>0</AOP_SourceLine>
	4185	<AOP_Additional><![CDATA[]]></AOP_Additional>
	4186	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	4187	<Severity><![CDATA[medium]]></Severity>
	4188	<Type><![CDATA[Validation]]></Type>
	4189	<Impact><![CDATA[Malicious users may poison a frame allowing them to conduct phishing attacks.]]></Impact>
	4190	<Description><![CDATA[This script is possibly vulnerable to Cross Frame Scripting (XFS) attacks.<br/><br/>This is an attack technique used to trick a user into thinking that fake web site content is legitimate data. ]]></Description>
	4191	<DetailedInformation><![CDATA[]]></DetailedInformation>
	4192	<Recommendation><![CDATA[Your script should filter metacharacters from user input.]]></Recommendation>
	4193	<TechnicalDetails>
	4194	<Request><![CDATA[POST /readnews.aspx?id=2&NewsAd=http://www.acunetix.tst HTTP/1.1
	4195	Content-Length: 10791
	4196	Content-Type: application/x-www-form-urlencoded
	4197	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	4198	Host: testaspnet.vulnweb.com
	4199	Connection: Keep-alive
	4200	Accept-Encoding: gzip,deflate
	4201	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	4202	Accept: /
	4203
	4204	__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWVwKO/ffgDgKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMTuBuYk15KvnzAGnqqPk6tDbzR0Y%3d&__VIEWSTATE=/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2bYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWuNzxwPjxzdHJvbmc%2bQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2bPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2bPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2bIDwvdWw%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggd2FzIGZvdW5kZWQgdG8gY29tYmF0IHRoZSBhbGFybWluZyByaXNlIGluICAgICAgICAgICAgICAgICAgICAgICAgICAgIHdlYiBhdHRhY2tzLiBJdHMgZmxhZ3NoaXAgcHJvZHVjdCwgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgU2Nhbm5lciwgaXMgdGhlIHJlc3VsdCBvZiBzZXZlcmFsIHllYXJzIG9mIGRldmVsb3BtZW50ICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJ5IGEgdGVhbSBvZiBoaWdobHkgZXhwZXJpZW5jZWQgc2VjdXJpdHkgZGV2ZWxvcGVycy4gICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggaXMgYSBwcml2YXRlbHkgaGVsZCBjb21wYW55IHdpdGggaGVhZHF1YXJ0ZXJzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJhc2VkIGluIEV1cm9wZSAoTWFsdGEpIHdpdGggaXRzIE5ldyBZb3JrIFVTIG9mZmljZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY2hlZHVsZWQgdG8gb3BlbiBpbiBRMyBvZiAyMDA1LiA8L3A%2bIGQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkNCSZh%2buMoCTcXGDfVu5D5CfxA7Y%3d]]></Request>
	4205	<Response><![CDATA[HTTP/1.1 200 OK
	4206	Date: Thu, 14 Nov 2013 14:29:42 GMT
	4207	Server: Microsoft-IIS/6.0
	4208	X-Powered-By: ASP.NET
	4209	X-AspNet-Version: 2.0.50727
	4210	Cache-Control: private
	4211	Content-Type: text/html; charset=utf-8
	4212	Content-Length: 29338
	4213	]]></Response>
	4214	</TechnicalDetails>
	4215	<References>
	4216	<Reference>
	4217	<Database><![CDATA[Cross Frame Scripting]]></Database>
	4218	<URL><![CDATA[https://www.owasp.org/index.php/Cross_Frame_Scripting]]></URL>
	4219	</Reference>
	4220	</References>
	4221	</ReportItem>
	4222
	4223	<ReportItem id="50" color="red">
	4224	<Name><![CDATA[Cross site scripting (verified)]]></Name>
	4225	<ModuleName><![CDATA[Scripting (XSS.script)]]></ModuleName>
	4226	<Details><![CDATA[URL encoded GET input <b><font color="dark">NewsAd</font></b> was set to <b><font color="dark">javascript:prompt(974652);</font></b><br/>The input is reflected inside A tag href parameter, a FORM tag action parameter or (I)FRAME src parameter.<br/>]]></Details>
	4227	<Affects><![CDATA[/readnews.aspx]]></Affects>
	4228	<Parameter><![CDATA[NewsAd]]></Parameter>
	4229	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	4230	<AOP_SourceLine>0</AOP_SourceLine>
	4231	<AOP_Additional><![CDATA[]]></AOP_Additional>
	4232	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	4233	<Severity><![CDATA[high]]></Severity>
	4234	<Type><![CDATA[Validation]]></Type>
	4235	<Impact><![CDATA[Malicious users may inject JavaScript, VBScript, ActiveX, HTML or Flash into a vulnerable application to fool a user in order to gather data from them.
	4236	An attacker can steal the session cookie and take over the account, impersonating the user.
	4237	It is also possible to modify the content of the page presented to the user.
	4238	]]></Impact>
	4239	<Description><![CDATA[This script is possibly vulnerable to Cross Site Scripting (XSS) attacks.<br/><br/>
	4240	Cross site scripting (also referred to as XSS) is a vulnerability that allows an attacker to send malicious code (usually in the form of Javascript) to another user.
	4241	Because a browser cannot know if the script should be trusted or not, it will execute the script in the user context allowing the attacker to access any cookies or session tokens retained by the browser. ]]></Description>
	4242	<DetailedInformation><![CDATA[<i>Quote from The Cross Site Scripting FAQ - http://www.cgisecurity.com/articles/xss-faq.shtml </i>
	4243
	4244	<h2>Introduction</h2>
	4245
	4246	<p>Websites today are more complex than ever, containing a lot of dynamic content making the experience for the user more enjoyable. Dynamic content is achieved through the use of web applications which can deliver different output to a user depending on their settings and needs. Dynamic websites suffer from a threat that static websites don't, called "Cross Site Scripting" (or XSS dubbed by other security professionals). Currently small informational tidbits about Cross Site Scripting holes exist but none really explain them to an average person or administrator. This FAQ was written to provide a better understanding of this emerging threat, and to give guidance on detection and prevention.</p>
	4247
	4248	<h2>"What is Cross Site Scripting?"</h2>
	4249
	4250	<p>Cross site scripting (also known as XSS) occurs when a web application gathers malicious data from a user. The data is usually gathered in the form of a hyperlink which contains malicious content within it. The user will most likely click on this link from another website, instant message, or simply just reading a web board or email message. Usually the attacker will encode the malicious portion of the link to the site in HEX (or other encoding methods) so the request is less suspicious looking to the user when clicked on. After the data is collected by the web application, it creates an output page for the user containing the malicious data that was originally sent to it, but in a manner to make it appear as valid content from the website. Many popular guestbook and forum programs allow users to submit posts with html and javascript embedded in them. If for example I was logged in as "john" and read a message by "joe" that contained malicious javascript in it, then it may be possible for "joe" to hijack my session just by reading his bulletin board post. Further details on how attacks like this are accomplished via "cookie theft" are explained in detail below.</p>
	4251
	4252	<h2>"What does XSS and CSS mean?"</h2>
	4253
	4254	<p>Often people refer to Cross Site Scripting as CSS. There has been a lot of confusion with Cascading Style Sheets (CSS) and cross site scripting. Some security people refer to Cross Site Scripting as XSS. If you hear someone say "I found a XSS hole", they are talking about Cross Site Scripting for certain.</p>
	4255
	4256
	4257	<h2>"What are the threats of Cross Site Scripting?"</h2>
	4258
	4259	<p>Often attackers will inject JavaScript, VBScript, ActiveX, HTML, or Flash into a vulnerable application to fool a user (Read below for further details) in order to gather data from them. Everything from account hijacking, changing of user settings, cookie theft/poisoning, or false advertising is possible. New malicious uses are being found every day for XSS attacks. The post below by Brett Moore brings up a good point with regard to "Denial Of Service", and potential "auto-attacking" of hosts if a user simply reads a post on a message board.</p>
	4260
	4261	<h2>"What can I do to protect myself as a vendor?"</h2>
	4262
	4263	<p>This is a simple answer. Never trust user input and always filter metacharacters. This will eliminate the majority of XSS attacks. Converting < and > to &lt; and &gt; is also suggested when it comes to script output. Remember XSS holes can be damaging and costly to your business if abused. Often attackers will disclose these holes to the public, which can erode customer and public confidence in the security and privacy of your organization's site. Filtering < and > alone will not solve all cross site scripting attacks and it is suggested you also attempt to filter out ( and ) by translating them to &#40; and &#41;, and also # and & by translating them to &#35 (#) and &#38 (&).</p>
	4264
	4265	<h2>"What can I do to protect myself as a user?"</h2>
	4266
	4267	<p>The easiest way to protect yourself as a user is to only follow links from the main website you wish to view. If you visit one website and it links to CNN for example, instead of clicking on it visit CNN's main site and use its search engine to find the content. This will probably eliminate ninety percent of the problem. Sometimes XSS can be executed automatically when you open an email, email attachment, read a guestbook, or bulletin board post. If you plan on opening an email, or reading a post on a public board from a person you don't know BE CAREFUL. One of the best ways to protect yourself is to turn off Javascript in your browser settings. In IE turn your security settings to high. This can prevent cookie theft, and in general is a safer thing to do.</p>
	4268
	4269	<h2>"How common are XSS holes?"</h2>
	4270
	4271	<p>Cross site scripting holes are gaining popularity among hackers as easy holes to find in large websites. Websites from FBI.gov, CNN.com, Time.com, Ebay, Yahoo, Apple computer, Microsoft, Zdnet, Wired, and Newsbytes have all had one form or another of XSS bugs.</p>
	4272
	4273	<p>Every month roughly 10-25 XSS holes are found in commercial products and advisories are published explaining the threat.</p>
	4274
	4275
	4276	<h2>"Does encryption protect me?"</h2>
	4277
	4278	<p>Websites that use SSL (https) are in no way more protected than websites that are not encrypted. The web applications work the same way as before, except the attack is taking place in an encrypted connection. People often think that because they see the lock on their browser it means everything is secure. This just isn't the case.</p>
	4279
	4280
	4281	<h2>"Can XSS holes allow command execution?"</h2>
	4282
	4283	<p>XSS holes can allow Javascript insertion, which may allow for limited execution. If an attacker were to exploit a browser flaw (browser hole) it could then be possible to execute commands on the client's side. If command execution were possible it would only be possible on the client side. In simple terms XSS holes can be used to help exploit other holes that may exist in your browser.</p>
	4284
	4285
	4286	<h2>"What if I don't feel like fixing a CSS/XSS Hole?"</h2>
	4287
	4288	<p>By not fixing an XSS hole this could allow possible user account compromise in portions of your site as they get added or updated. Cross Site Scripting has been found in various large sites recently and have been widely publicized. Left unrepaired, someone may discover it and publish a warning about your company. This may damage your company's reputation, depicting it as being lax on security matters. This of course also sends the message to your clients that you aren't dealing with every problem that arises, which turns into a trust issue. If your client doesn't trust you why would they wish to do business with you?</p>]]></DetailedInformation>
	4289	<Recommendation><![CDATA[Your script should filter metacharacters from user input.]]></Recommendation>
	4290	<TechnicalDetails>
	4291	<Request><![CDATA[POST /readnews.aspx?id=2&NewsAd=javascript:prompt(974652); HTTP/1.1
	4292	Content-Length: 10791
	4293	Content-Type: application/x-www-form-urlencoded
	4294	Referer: http://testaspnet.vulnweb.com:80/
	4295	Cookie: ASP.NET_SessionId=h40t2vqojkvypzbut2jnhbeh
	4296	Host: testaspnet.vulnweb.com
	4297	Connection: Keep-alive
	4298	Accept-Encoding: gzip,deflate
	4299	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	4300	Accept: /
	4301
	4302	__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWVwKO/ffgDgKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMTuBuYk15KvnzAGnqqPk6tDbzR0Y%3d&__VIEWSTATE=/wEPDwUKLTM1MjIzMjU2OQ9kFgICAQ9kFgwCAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkAgMPFgIfAQVJcG9zdGVkIGJ5IDxzdHJvbmc%2bYWRtaW4gICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjExLzgvMjAwNSAxMTozNToyMiBBTWQCBQ8WAh8BBTxXZWIgYXR0YWNrcyAtIGNhbiB5b3VyIHdlYiBhcHBsaWNhdGlvbnMgd2l0aHN0YW5kIHRoZSBmb3JjZT9kAgcPFgIfAQWuNzxwPjxzdHJvbmc%2bQWN1bmV0aXggY29tYmF0cyByaXNlIGluIHdlYiBhdHRhY2tzIHdpdGggQWN1bmV0aXggICAgICAgICAgICAgICAgICAgICAgICAgICAgV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAyIDwvc3Ryb25nPjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4yMSBKdWx5IDIwMDUgLSA8c3Ryb25nPlN0YXJ0LXVwIGNvbXBhbnkgQWN1bmV0aXggcmVsZWFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lcjogYSB0b29sIHRvIGF1dG9tYXRpY2FsbHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXVkaXQgd2Vic2l0ZSBzZWN1cml0eS4gQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgU2Nhbm5lciAgICAgICAgICAgICAgICAgICAgICAgICAgICAyIGNyYXdscyBhbiBlbnRpcmUgd2Vic2l0ZSwgbGF1bmNoZXMgcG9wdWxhciB3ZWIgYXR0YWNrcyAgICAgICAgICAgICAgICAgICAgICAgICAgICAoU1FMIEluamVjdGlvbiBldGMuKSBhbmQgaWRlbnRpZmllcyB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhhdCBuZWVkIHRvIGJlIGZpeGVkLjwvc3Ryb25nPiA8L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5TZWN1cmluZyB5b3VyIHdlYnNpdGUgc2hvdWxkIGJlIHlvdXIgbnVtYmVyIG9uZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjb25jZXJuPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgSGFja2VycyBhcmUgY29uY2VudHJhdGluZyB0aGVpciBlZmZvcnRzIG9uIHdlYi1iYXNlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBhcHBsaWNhdGlvbnMgLSA3NSUgb2YgY3liZXIgYXR0YWNrcyBhcmUgZG9uZSBhdCB0aGUgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGxldmVsLCBhIEdhcnRuZXIgR3JvdXAgc3R1ZHkgaGFzIHJldmVhbGVkLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBXZWIgYXBwbGljYXRpb25zIGFyZSBhY2Nlc3NpYmxlIDI0IGhvdXJzIGEgZGF5LCA3IGRheXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgYSB3ZWVrIGFuZCBjb250cm9sIHZhbHVhYmxlIGRhdGEgc3VjaCBhcyBjdXN0b21lciBpbmZvcm1hdGlvbiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgdHJhbnNhY3Rpb24gaW5mb3JtYXRpb24gYW5kIGV2ZW4gcHJvcHJpZXRhcnkgY29ycG9yYXRlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGEuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bNTAwLDAwMCBjdXN0b21lciBjcmVkaXQgY2FyZCBudW1iZXJzIG9idGFpbmVkIHZpYSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhIHdlYiBhdHRhY2s8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBXZWxsLWtub3duIHNpdGVzIHRoYXQgd2VyZSBvcGVuIHRvIHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGluY2x1ZGUgZmFzaGlvbiBsYWJlbCBHdWVzcyBhbmQgcGV0IHN1cHBseSByZXRhaWxlciAgICAgICAgICAgICAgICAgICAgICAgICAgICBQZXRDby5jb20gd2hvIHdlcmUgbm90b3Jpb3VzbHkgZm91bmQgdG8gYmUgdnVsbmVyYWJsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB0byB0aGUgU1FMIGluamVjdGlvbiB2dWxuZXJhYmlsaXR5IChKdW5lIDIwMDMpLiBUaGlzICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJlc3VsdGVkIGluIFBldENvIGxlYXZpbmcgYXMgbWFueSBhcyA1MDAsMDAwIGNyZWRpdCAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXJkIG51bWJlcnMgb3BlbiB0byBhbnlvbmUgYWJsZSB0byBjb25zdHJ1Y3QgdGhpcyBzcGVjaWFsbHktY3JhZnRlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBVUkwuPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzdHJvbmc%2bRmlyZXdhbGxzLCBTU0wgYW5kIGxvY2tlZC1kb3duIHNlcnZlcnMgYXJlIGZ1dGlsZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBoYWNraW5nPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQW55IGRlZmVuc2UgYXQgbmV0d29yayBzZWN1cml0eSBsZXZlbCB3aWxsIHByb3ZpZGUgbm8gICAgICAgICAgICAgICAgICAgICAgICAgICAgcHJvdGVjdGlvbiBhZ2FpbnN0IHdlYiBhcHBsaWNhdGlvbiBhdHRhY2tzIHNpbmNlIHRoZXkgICAgICAgICAgICAgICAgICAgICAgICAgICAgYXJlIGxhdW5jaGVkIG9uIHBvcnQgODAgLSB3aGljaCBoYXMgdG8gcmVtYWluIG9wZW4uICAgICAgICAgICAgICAgICAgICAgICAgICAgIEluIGFkZGl0aW9uLCB3ZWIgYXBwbGljYXRpb25zIChjdXN0b21lciBhcmVhcywgc2hvcHBpbmcgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FydHMgZXRjLikgYXJlIG9mdGVuIHRhaWxvci1tYWRlLCBpbnZhcmlhYmx5IHRlc3RlZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBsZXNzIHRoYW4gb2ZmLXRoZS1zaGVsZiBzb2Z0d2FyZSBhbmQgYXJlIHRoZXJlZm9yZSBtb3JlICAgICAgICAgICAgICAgICAgICAgICAgICAgIHN1c2NlcHRpYmxlIHRvIGF0dGFjay48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bJnF1b3Q7Q29tcGFuaWVzIGhhdmUgaW1wbGVtZW50ZWQgbmV0d29yay1sZXZlbCBzZWN1cml0eSwgICAgICAgICAgICAgICAgICAgICAgICAgICAgaG93ZXZlciB0aGV5IGZhaWwgdG8gYXVkaXQgYW5kIHNlY3VyZSB0aGVpciB3ZWIgYXBwbGljYXRpb25zLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBUaGVzZSBhcHBsaWNhdGlvbnMgaGF2ZSBhY2Nlc3MgdG8gc2Vuc2l0aXZlIGRhdGEgYW5kICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFyZSBhIGhhY2tlcidzIHByaW1lIHRhcmdldCwmcXVvdDsgc2FpZCBOaWNrIEdhbGVhLCAgICAgICAgICAgICAgICAgICAgICAgICAgICBDRU8gb2YgQWN1bmV0aXguICZxdW90O0F1ZGl0aW5nIG9uZSdzIHdlYiBhcHBzIHNob3VsZCAgICAgICAgICAgICAgICAgICAgICAgICAgICBiZSB0aGUgbnVtYmVyIG9uZSBzZWN1cml0eSBjb25jZXJuLiZxdW90OzwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlRoZSBuZWVkIGZvciBhbiBhdXRvbWF0ZWQgd2ViIGFwcGxpY2F0aW9uIHZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgc2Nhbm5lcjwvc3Ryb25nPjxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIE1hbnVhbGx5IGF1ZGl0aW5nIGEgd2ViIGFwcGxpY2F0aW9uIGZvciB2dWxuZXJhYmlsaXRpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgdG8gU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiAgICAgICAgICAgICAgICAgICAgICAgICAgICBhdHRhY2tzIGlzIHZpcnR1YWxseSBpbXBvc3NpYmxlLiBXaXRoIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNjYW5uZXIgdGhlIHByb2Nlc3Mgb2YgYXVkaXRpbmcgd2ViIGFwcGxpY2F0aW9ucyBzdWNoICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFzIHNob3BwaW5nIGNhcnRzIGFuZCBmb3JtcywgY2FuIGJlIGVhc2lseSBhdXRvbWF0ZWQuICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdoYXQncyBtb3JlLCB0aGUgc2VjdXJpdHkgY2hlY2tzIGNhbiBlYXNpbHkgYmUgcmUtbGF1bmNoZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGVhY2ggYXBwbGljYXRpb24gdXBkYXRlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkhvdyBBY3VuZXRpeCBXZWIgVnVsbmVyYWJpbGl0eSBTY2FubmVyIHdvcmtzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGZpcnN0IGNyYXdscyB0aGUgd2hvbGUgd2Vic2l0ZSwgYW5hbHl6ZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW4tZGVwdGggZWFjaCBmaWxlIGl0IGZpbmRzLCBhbmQgZGlzcGxheXMgdGhlIGVudGlyZSAgICAgICAgICAgICAgICAgICAgICAgICAgICB3ZWJzaXRlIHN0cnVjdHVyZS4gQWZ0ZXIgdGhpcyBkaXNjb3Zlcnkgc3RhZ2UsIGl0IHBlcmZvcm1zICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFuIGF1dG9tYXRpYyBhdWRpdCBmb3IgY29tbW9uIHNlY3VyaXR5IHZ1bG5lcmFiaWxpdGllcy48L3A%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BdXRvbWF0aWNhbGx5IGRldGVjdHMgU1FMIGluamVjdGlvbiwgY3Jvc3Mgc2l0ZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY3JpcHRpbmcgYW5kIG90aGVyIHdlYiB2dWxuZXJhYmlsaXRpZXM8L3N0cm9uZz48YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICBTUUwgaW5qZWN0aW9uIGlzIGEgaGFja2luZyB0ZWNobmlxdWUgd2hpY2ggbW9kaWZpZXMgICAgICAgICAgICAgICAgICAgICAgICAgICAgU1FMIGNvbW1hbmRzIGluIG9yZGVyIHRvIGdhaW4gYWNjZXNzIHRvIGRhdGEgaW4gdGhlICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRhdGFiYXNlLiBDcm9zcyBzaXRlIHNjcmlwdGluZyBhdHRhY2tzIGFsbG93IGEgaGFja2VyICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRvIGV4ZWN1dGUgYSBtYWxpY2lvdXMgc2NyaXB0IG9uIHlvdXIgdmlzaXRvcnMnIGJyb3dzZXIuICAgICAgICAgICAgICAgICAgICAgICAgICAgIEFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgY2FuIGNoZWNrIGlmIHlvdXIgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2ViIGFwcGxpY2F0aW9uIGlzIHZ1bG5lcmFibGUgdG8gYm90aCBvZiB0aGVzZSBhdHRhY2tzLiAgICAgICAgICAgICAgICAgICAgICAgICAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IGNyb3NzIHNpdGUgc2NyaXB0aW5nICZhbXA7IFNRTCAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbmplY3Rpb24gYXQgb3VyIHdlYnNpdGUgc2VjdXJpdHkgaW5mbyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFjdW5ldGl4IFdlYiBWdWxuZXJhYmlsaXR5IFNjYW5uZXIgYWxzbyBjaGVja3MgZm9yICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoZSBmb2xsb3dpbmcgd2ViIGF0dGFja3M6PC9zdHJvbmc%2bPC9wPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDx1bD4gPGxpPkNSTEYgaW5qZWN0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5Db2RlIGV4ZWN1dGlvbiBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRGlyZWN0b3J5IHRyYXZlcnNhbCBhdHRhY2tzPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9saT48bGk%2bRmlsZSBpbmNsdXNpb24gYXR0YWNrczxiciAvPiAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvbGk%2bPGxpPiBJbnB1dCB2YWxpZGF0aW9uIGF0dGFja3M8YnIgLz4gICAgICAgICAgICAgICAgICAgICAgICAgICA8L2xpPjxsaT5BdXRoZW50aWNhdGlvbiBhdHRhY2tzLjwvbGk%2bIDwvdWw%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA%2bPHN0cm9uZz5BZHZhbmNlZCBwZW5ldHJhdGlvbiB0ZXN0aW5nIHRvb2xzPC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGFsc28gaW5jbHVkZXMgdG9vbHMgc3VjaCBhcyBhbiBIVFRQIGVkaXRvciAgICAgICAgICAgICAgICAgICAgICAgICAgICAmYW1wOyBIVFRQIHNuaWZmZXIgdG8gYWxsb3cgY3VzdG9taXphdGlvbiBvZiB3ZWIgdnVsbmVyYWJpbGl0eSAgICAgICAgICAgICAgICAgICAgICAgICAgICBjaGVja3MuIFVzaW5nIHRoZSBWdWxuZXJhYmlsaXR5IGVkaXRvciwgbmV3IGF0dGFja3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FuIGVhc2lseSBiZSBjcmVhdGVkLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPlByaWNpbmcgJmFtcDsgYXZhaWxhYmlsaXR5PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggV1ZTIGlzIGF2YWlsYWJsZSBhcyBhbiBlbnRlcnByaXNlIG9yIGFzIGEgY29uc3VsdGFudCAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uLiBBIHN1YnNjcmlwdGlvbiBiYXNlZCBsaWNlbnNlIGNhbiBiZSBwdXJjaGFzZWQgICAgICAgICAgICAgICAgICAgICAgICAgICAgZm9yIGFzIGxpdHRsZSBhcyAkMzk1LCB3aGVyZWFzIGEgcGVycGV0dWFsIGxpY2Vuc2Ugc3RhcnRzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGF0ICQyOTk1LiBGb3IgbW9yZSBpbmZvcm1hdGlvbiB2aXNpdCBvdXIgcHJpY2luZyBwYWdlLjwvcD4gICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c3Ryb25nPkFib3V0IEFjdW5ldGl4PC9zdHJvbmc%2bPGJyIC8%2bICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggd2FzIGZvdW5kZWQgdG8gY29tYmF0IHRoZSBhbGFybWluZyByaXNlIGluICAgICAgICAgICAgICAgICAgICAgICAgICAgIHdlYiBhdHRhY2tzLiBJdHMgZmxhZ3NoaXAgcHJvZHVjdCwgQWN1bmV0aXggV2ViIFZ1bG5lcmFiaWxpdHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgU2Nhbm5lciwgaXMgdGhlIHJlc3VsdCBvZiBzZXZlcmFsIHllYXJzIG9mIGRldmVsb3BtZW50ICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJ5IGEgdGVhbSBvZiBoaWdobHkgZXhwZXJpZW5jZWQgc2VjdXJpdHkgZGV2ZWxvcGVycy4gICAgICAgICAgICAgICAgICAgICAgICAgICAgQWN1bmV0aXggaXMgYSBwcml2YXRlbHkgaGVsZCBjb21wYW55IHdpdGggaGVhZHF1YXJ0ZXJzICAgICAgICAgICAgICAgICAgICAgICAgICAgIGJhc2VkIGluIEV1cm9wZSAoTWFsdGEpIHdpdGggaXRzIE5ldyBZb3JrIFVTIG9mZmljZSAgICAgICAgICAgICAgICAgICAgICAgICAgICBzY2hlZHVsZWQgdG8gb3BlbiBpbiBRMyBvZiAyMDA1LiA8L3A%2bIGQCCQ8PFgIeC05hdmlnYXRlVXJsBRJDb21tZW50cy5hc3B4P2lkPTJkZAILDxYCHgNzcmMFDGFkcy9kZWYuaHRtbGRkNCSZh%2buMoCTcXGDfVu5D5CfxA7Y%3d]]></Request>
	4303	<Response><![CDATA[HTTP/1.1 200 OK
	4304	Date: Thu, 14 Nov 2013 14:29:49 GMT
	4305	Server: Microsoft-IIS/6.0
	4306	X-Powered-By: ASP.NET
	4307	X-AspNet-Version: 2.0.50727
	4308	Cache-Control: private
	4309	Content-Type: text/html; charset=utf-8
	4310	Content-Length: 29346
	4311	]]></Response>
	4312	</TechnicalDetails>
	4313	<References>
	4314	<Reference>
	4315	<Database><![CDATA[Acunetix Cross Site Scripting Attack]]></Database>
	4316	<URL><![CDATA[http://www.acunetix.com/websitesecurity/cross-site-scripting.htm]]></URL>
	4317	</Reference>
	4318	<Reference>
	4319	<Database><![CDATA[VIDEO: How Cross-Site Scripting (XSS) Works]]></Database>
	4320	<URL><![CDATA[http://www.acunetix.com/blog/web-security-zone/video-how-cross-site-scripting-xss-works/]]></URL>
	4321	</Reference>
	4322	<Reference>
	4323	<Database><![CDATA[The Cross Site Scripting Faq]]></Database>
	4324	<URL><![CDATA[http://www.cgisecurity.com/xss-faq.html]]></URL>
	4325	</Reference>
	4326	<Reference>
	4327	<Database><![CDATA[OWASP Cross Site Scripting]]></Database>
	4328	<URL><![CDATA[http://www.owasp.org/index.php/Cross_Site_Scripting]]></URL>
	4329	</Reference>
	4330	<Reference>
	4331	<Database><![CDATA[XSS Annihilation]]></Database>
	4332	<URL><![CDATA[http://ha.ckers.org/blog/20060602/xss-annihilation/]]></URL>
	4333	</Reference>
	4334	<Reference>
	4335	<Database><![CDATA[XSS Filter Evasion Cheat Sheet]]></Database>
	4336	<URL><![CDATA[https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet]]></URL>
	4337	</Reference>
	4338	<Reference>
	4339	<Database><![CDATA[Cross site scripting]]></Database>
	4340	<URL><![CDATA[http://en.wikipedia.org/wiki/Cross-site_scripting ]]></URL>
	4341	</Reference>
	4342	<Reference>
	4343	<Database><![CDATA[OWASP PHP Top 5]]></Database>
	4344	<URL><![CDATA[http://www.owasp.org/index.php/PHP_Top_5]]></URL>
	4345	</Reference>
	4346	<Reference>
	4347	<Database><![CDATA[How To: Prevent Cross-Site Scripting in ASP.NET]]></Database>
	4348	<URL><![CDATA[http://msdn.microsoft.com/en-us/library/ms998274.aspx]]></URL>
	4349	</Reference>
	4350	</References>
	4351	</ReportItem>
	4352
	4353	<ReportItem id="51" color="blue">
	4354	<Name><![CDATA[Login page password-guessing attack]]></Name>
	4355	<ModuleName><![CDATA[Scripting (Html_Authentication_Audit.script)]]></ModuleName>
	4356	<Details><![CDATA[The scanner tested 10 invalid credentials and no account lockout was detected.]]></Details>
	4357	<Affects><![CDATA[/login.aspx]]></Affects>
	4358	<Parameter><![CDATA[]]></Parameter>
	4359	<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
	4360	<AOP_SourceLine>0</AOP_SourceLine>
	4361	<AOP_Additional><![CDATA[]]></AOP_Additional>
	4362	<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
	4363	<Severity><![CDATA[low]]></Severity>
	4364	<Type><![CDATA[Validation]]></Type>
	4365	<Impact><![CDATA[An attacker may attempt to discover a weak password by systematically trying every possible combination of letters, numbers, and symbols until it discovers the one correct combination that works.]]></Impact>
	4366	<Description><![CDATA[A common threat web developers face is a password-guessing attack known as a brute force attack. A brute-force attack is an attempt to discover a password by systematically trying every possible combination of letters, numbers, and symbols until you discover the one correct combination that works. <br/><br/>
	4367
	4368	This login page doesn't have any protection against password-guessing attacks (brute force attacks). It's recommended to implement some type of account lockout after a defined number of incorrect password attempts. Consult Web references for more information about fixing this problem. ]]></Description>
	4369	<DetailedInformation><![CDATA[]]></DetailedInformation>
	4370	<Recommendation><![CDATA[It's recommended to implement some type of account lockout after a defined number of incorrect password attempts. ]]></Recommendation>
	4371	<TechnicalDetails>
	4372	<Request><![CDATA[POST /login.aspx?ReturnUrl=/postnews.aspx HTTP/1.1
	4373	Content-Length: 1134
	4374	Content-Type: application/x-www-form-urlencoded
	4375	Referer: http://testaspnet.vulnweb.com:80/
	4376	Host: testaspnet.vulnweb.com
	4377	Connection: Keep-alive
	4378	Accept-Encoding: gzip,deflate
	4379	User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
	4380	Accept: /
	4381
	4382	btnLogin=Login&tbPassword=TKVH3aFE&tbUsername=P4aR2fQn&__EVENTARGUMENT=&__EVENTTARGET=&__EVENTVALIDATION=/wEWWwLeys6NCALStq24BwK3jsrkBALtuvfLDQKC3IeGDAKt3MH6DgKi3JnqBwL0pMmsCQL0pMmsCQL0pP3DAgL0pP3DAgLJy8/oBQLJy8/oBQLJy%2bOPDQLJy%2bOPDQLJy5eiBgLJy5eiBgLJy4v5DwLJy4v5DwLJy7%2bcBwLJy7%2bcBwLJy9MwAsnL0zACycvH1wkCycvH1wkCycv76gICycv76gICycuv0g8Cycuv0g8CycvD9ggCycvD9ggCotKtngoCotKtngoCotLBsgMCotLBsgMCotL1yQwCotL1yQwCotLp7AUCotLp7AUCotKdgw0CotKdgw0CotKxpgYCotKxpgYCotKl/Q8CotKl/Q8CotLZkQcCotLZkQcCotKN%2bQUCotKN%2bQUCotKhnA0CotKhnA0Ch/mzBQKH%2bbMFAof5p9gJAof5p9gJAof52/wCAof52/wCAof5z5MKAof5z5MKAof547YDAof547YDAof5l80MAof5l80MAof5i%2bAFAof5i%2bAFAof5v4cNAof5v4cNAof5k%2bwLAof5k%2bwLAof5h4MDAof5h4MDAqiT88QJAqiT88QJAqiT55sBAqiT55sBAqiTm74KAqiTm74KAqiTj9UDAqiTj9UDAqiTo%2bgMAqiTo%2bgMAqiT14wEAqiT14wEAqiTy6MNAqiTy6MNAqiT/8YGAqiT/8YGAqiT068DAqiT068DAqiTx8IMAqiTx8IMvX3f25exzUvBo2CmzE01Tn1QOss%3d&__VIEWSTATE=/wEPDwUKLTIyMzk2OTgxMQ9kFgICAQ9kFgICAQ9kFgQCAQ8WBB4EaHJlZgUKbG9naW4uYXNweB4JaW5uZXJodG1sBQVsb2dpbmQCAw8WBB8AZB4HVmlzaWJsZWhkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQ9jYlBlcnNpc3RDb29raWWL1W%2bw%2b8Zj9n0mGriLs0UbfzYNdg%3d%3d]]></Request>
	4383	<Response><![CDATA[HTTP/1.1 200 OK
	4384	Date: Thu, 14 Nov 2013 14:30:12 GMT
	4385	Server: Microsoft-IIS/6.0
	4386	X-Powered-By: ASP.NET
	4387	X-AspNet-Version: 2.0.50727
	4388	Set-Cookie: ASP.NET_SessionId=o1beqzbkvjzjod55ou10xuna; path=/; HttpOnly
	4389	Cache-Control: private
	4390	Content-Type: text/html; charset=utf-8
	4391	Content-Length: 12355
	4392	]]></Response>
	4393	</TechnicalDetails>
	4394	<References>
	4395	<Reference>
	4396	<Database><![CDATA[Blocking Brute Force Attacks]]></Database>
	4397	<URL><![CDATA[http://www.owasp.org/index.php/Blocking_Brute_Force_Attacks]]></URL>
	4398	</Reference>
	4399	</References>
	4400	</ReportItem>
	4401	</ReportItems>
	4402	</Scan>
	4403	</ScanGroup>

+61

-0

test_cases/plugins/burp.py less more

	0	#!/usr/bin/env python2.7
	1	# -- coding: utf-8 --
	2
	3	'''
	4	Faraday Penetration Test IDE
	5	Copyright (C) 2013 Infobyte LLC (http://www.infobytesec.com/)
	6	See the file 'doc/LICENSE' for the license information
	7
	8	'''
	9
	10	import unittest
	11	import sys
	12	import os
	13	sys.path.append(os.path.abspath(os.getcwd()))
	14	from plugins.repo.burp.plugin import BurpPlugin
	15	from model.common import (
	16	factory, ModelObjectVuln, ModelObjectCred,
	17	ModelObjectVulnWeb, ModelObjectNote
	18	)
	19	from model.hosts import (
	20	Host, Service, Interface
	21	)
	22	from plugins.modelactions import modelactions
	23	import test_common
	24
	25
	26	class BurpTest(unittest.TestCase):
	27
	28	cd = os.path.dirname(os.path.realpath(__file__))
	29
	30	def setUp(self):
	31	self.plugin = BurpPlugin()
	32	factory.register(Host)
	33	factory.register(Interface)
	34	factory.register(Service)
	35	factory.register(ModelObjectVuln)
	36	factory.register(ModelObjectVulnWeb)
	37	factory.register(ModelObjectNote)
	38	factory.register(ModelObjectCred)
	39
	40	def test_Plugin_creates_adecuate_objects(self):
	41	self.plugin.processReport(self.cd + '/burp_xml')
	42	action = self.plugin._pending_actions.get(block=True)
	43	self.assertEqual(action[0], modelactions.CADDHOST)
	44	self.assertEqual(action[1], "200.20.20.201")
	45	action = self.plugin._pending_actions.get(block=True)
	46	self.assertEqual(action[0], modelactions.CADDINTERFACE)
	47	self.assertEqual(action[2], "200.20.20.201")
	48	action = self.plugin._pending_actions.get(block=True)
	49	self.assertEqual(action[0], modelactions.CADDSERVICEINT)
	50	self.assertEqual(action[3], 'http')
	51	self.assertEqual(action[4], 'tcp')
	52	self.assertEqual(action[5], ['80'])
	53	self.assertEqual(action[6], 'open')
	54	test_common.skip(self, 2)
	55	action = self.plugin._pending_actions.get(block=True)
	56	self.assertEqual(action[0], modelactions.CADDVULNWEBSRV)
	57	self.assertEqual(action[3], 'Cleartext submission of password')
	58
	59	if __name__ == '__main__':
	60	unittest.main()

+276

-0

test_cases/plugins/burp_xml less more

	0	<?xml version="1.0"?>
	1	<!DOCTYPE issues [
	2	<!ELEMENT issues (issue*)>
	3	<!ATTLIST issues burpVersion CDATA "">
	4	<!ATTLIST issues exportTime CDATA "">
	5	<!ELEMENT issue (serialNumber, type, name, host, path, location, severity, confidence, issueBackground?, remediationBackground?, issueDetail?, remediationDetail?, requestresponse*)>
	6	<!ELEMENT serialNumber (#PCDATA)>
	7	<!ELEMENT type (#PCDATA)>
	8	<!ELEMENT name (#PCDATA)>
	9	<!ELEMENT host (#PCDATA)>
	10	<!ATTLIST host ip CDATA "">
	11	<!ELEMENT path (#PCDATA)>
	12	<!ELEMENT location (#PCDATA)>
	13	<!ELEMENT severity (#PCDATA)>
	14	<!ELEMENT confidence (#PCDATA)>
	15	<!ELEMENT issueBackground (#PCDATA)>
	16	<!ELEMENT remediationBackground (#PCDATA)>
	17	<!ELEMENT issueDetail (#PCDATA)>
	18	<!ELEMENT remediationDetail (#PCDATA)>
	19	<!ELEMENT requestresponse (request?, response?, responseRedirected?)>
	20	<!ELEMENT request (#PCDATA)>
	21	<!ATTLIST request base64 (true\|false) "false">
	22	<!ELEMENT response (#PCDATA)>
	23	<!ATTLIST response base64 (true\|false) "false">
	24	<!ELEMENT responseRedirected (#PCDATA)>
	25	]>
	26	<issues burpVersion="1.5.18" exportTime="Thu Nov 07 15:19:06 GMT-03:00 2013">
	27	<issue>
	28	<serialNumber>382887018676354048</serialNumber>
	29	<type>3145984</type>
	30	<name>Cleartext submission of password</name>
	31	<host ip="200.20.20.201">http://www.example.org.ar</host>
	32	<path><![CDATA[/index.php]]></path>
	33	<location><![CDATA[/index.php]]></location>
	34	<severity>High</severity>
	35	<confidence>Certain</confidence>
	36	<issueBackground><![CDATA[Passwords submitted over an unencrypted connection are vulnerable to capture by an attacker who is suitably positioned on the network. This includes any malicious party located on the user's own network, within their ISP, within the ISP used by the application, and within the application's hosting infrastructure. Even if switched networks are employed at some of these locations, techniques exist to circumvent this defense and monitor the traffic passing through switches. ]]></issueBackground>
	37	<remediationBackground><![CDATA[The application should use transport-level encryption (SSL or TLS) to protect all sensitive communications passing between the client and the server. Communications that should be protected include the login mechanism and related functionality, and any functions where sensitive data can be accessed or privileged actions can be performed. These areas of the application should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications. If HTTP cookies are used for transmitting session tokens, then the secure flag should be set to prevent transmission over clear-text HTTP.]]></remediationBackground>
	38	<issueDetail><![CDATA[The page contains a form with the following action URL, which is submitted over clear-text HTTP:<ul><li>http://www.example.org.ar/login.php</li></ul>The form contains the following password field:<ul><li>pass</li></ul>]]></issueDetail>
	39	<requestresponse>
	40	<request base64="true"><![CDATA[R0VUIC9pbmRleC5waHAgSFRUUC8xLjENCkhvc3Q6IHd3dy5zYWx1ZGFjdGl2YS5vcmcuYXINCkFjY2VwdDogKi8qDQpBY2NlcHQtTGFuZ3VhZ2U6IGVuDQpVc2VyLUFnZW50OiBNb3ppbGxhLzUuMCAoY29tcGF0aWJsZTsgTVNJRSA5LjA7IFdpbmRvd3MgTlQgNi4xOyBXaW42NDsgeDY0OyBUcmlkZW50LzUuMCkNCkNvbm5lY3Rpb246IGNsb3NlDQoNCg==]]></request>
	41	<response base64="true"><![CDATA[SFRUUC8xLjEgMjAwIE9LDQpEYXRlOiBUaHUsIDA3IE5vdiAyMDEzIDE3OjE0OjA1IEdNVA0KU2VydmVyOiBBcGFjaGUvMi4yLjIzIChVbml4KSBtb2Rfc3NsLzIuMi4yMyBPcGVuU1NMLzAuOS44ZS1maXBzLXJoZWw1DQpYLVBvd2VyZWQtQnk6IFBIUC81LjIuMTcNCkV4cGlyZXM6IFRodSwgMTkgTm92IDE5ODEgMDg6NTI6MDAgR01UDQpDYWNoZS1Db250cm9sOiBuby1zdG9yZSwgbm8tY2FjaGUsIG11c3QtcmV2YWxpZGF0ZSwgcG9zdC1jaGVjaz0wLCBwcmUtY2hlY2s9MA0KUHJhZ21hOiBuby1jYWNoZQ0KQ29ubmVjdGlvbjogY2xvc2UNCkNvbnRlbnQtVHlwZTogdGV4dC9odG1sDQpDb250ZW50LUxlbmd0aDogNjA2MDYNCg0KIDxoZWFkPgo8bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LVR5cGUiIGNvbnRlbnQ9InRleHQvaHRtbDsgY2hhcnNldD1pc28tODg1OS0xIiAvPgo8dGl0bGU+U2FsdWQgQWN0aXZhIC0gQWJ1c28gdmlvbGVuY2lhIHkgbWFsdHJhdG88L3RpdGxlPgoKPHNjcmlwdD4gCiAgICAvL2VzdG8gcGFyYSBwYXNhcmxlIGFsIGZsYXNoIGxhcyB2YXJpYWxiZXMgZGVsIHBocAogCQoKCXZhciBib3Q9Jyc7Ci8vYWxlcnQodmFyaWFibGVTZXJ2aWRvcik7Cjwvc2NyaXB0Pgo8c2NyaXB0IGxhbmd1YWdlPSJKYXZhU2NyaXB0IiB0eXBlPSJ0ZXh0L0phdmFTY3JpcHQiPgo8IS0tCmZ1bmN0aW9uIE1NX3ByZWxvYWRJbWFnZXMoKSB7IC8vdjMuMAogIHZhciBkPWRvY3VtZW50OyBpZihkLmltYWdlcyl7IGlmKCFkLk1NX3ApIGQuTU1fcD1uZXcgQXJyYXkoKTsKICAgIHZhciBpLGo9ZC5NTV9wLmxlbmd0aCxhPU1NX3ByZWxvYWRJbWFnZXMuYXJndW1lbnRzOyBmb3IoaT0wOyBpPGEubGVuZ3RoOyBpKyspCiAgICBpZiAoYVtpXS5pbmRleE9mKCIjIikhPTApeyBkLk1NX3Bbal09bmV3IEltYWdlOyBkLk1NX3BbaisrXS5zcmM9YVtpXTt9fQp9Ci8vLS0+Cjwvc2NyaXB0Pgo8bGluayBocmVmPSJlc3RpbG9zLmNzcyIgcmVsPSJzdHlsZXNoZWV0IiB0eXBlPSJ0ZXh0L2NzcyIgLz4KCjwvaGVhZD4KCjxzY3JpcHQgbGFuZ3VhZ2U9IkphdmFTY3JpcHQiIHR5cGU9InRleHQvSmF2YVNjcmlwdCI+CjwhLS0KZnVuY3Rpb24gTU1fcmVsb2FkUGFnZShpbml0KSB7ICAvL3JlbG9hZHMgdGhlIHdpbmRvdyBpZiBOYXY0IHJlc2l6ZWQKICBpZiAoaW5pdD09dHJ1ZSkgd2l0aCAobmF2aWdhdG9yKSB7aWYgKChhcHBOYW1lPT0iTmV0c2NhcGUiKSYmKHBhcnNlSW50KGFwcFZlcnNpb24pPT00KSkgewogICAgZG9jdW1lbnQuTU1fcGdXPWlubmVyV2lkdGg7IGRvY3VtZW50Lk1NX3BnSD1pbm5lckhlaWdodDsgb25yZXNpemU9TU1fcmVsb2FkUGFnZTsgfX0KICBlbHNlIGlmIChpbm5lcldpZHRoIT1kb2N1bWVudC5NTV9wZ1cgfHwgaW5uZXJIZWlnaHQhPWRvY3VtZW50Lk1NX3BnSCkgbG9jYXRpb24ucmVsb2FkKCk7Cn0KTU1fcmVsb2FkUGFnZSh0cnVlKTsKLy8tLT4KCjwvc2NyaXB0Pgo8c2NyaXB0IHNyYz0iU2NyaXB0cy9BQ19SdW5BY3RpdmVDb250ZW50LmpzIiB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPjwvc2NyaXB0PgoKCjwvaGVhZD4KCjxib2R5IGJhY2tncm91bmQ9ImltZy9mb25kb19kZWdyYWRlLmpwZyIgdG9wbWFyZ2luPSIwIj4KPHRhYmxlIHdpZHRoPSIxMDA1IiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgPHRyPiAKICAgIDx0ZCB3aWR0aD0iOTYiPjxpbWcgc3JjPSJpbWcvUXVpZW5lc1NvbW9zX0EyXzBfMDEuanBnIiB3aWR0aD0iOTYiIGhlaWdodD0iMjA4IiAvPjwvdGQ+CiAgICA8dGQgd2lkdGg9IjgwOSI+IDxzY3JpcHQgdHlwZT0idGV4dC9qYXZhc2NyaXB0Ij4KQUNfRkxfUnVuQ29udGVudCggJ2NvZGViYXNlJywnaHR0cDovL2Rvd25sb2FkLm1hY3JvbWVkaWEuY29tL3B1Yi9zaG9ja3dhdmUvY2Ficy9mbGFzaC9zd2ZsYXNoLmNhYiN2ZXJzaW9uPTcsMCwxOSwwJywnd2lkdGgnLCc4MDknLCdoZWlnaHQnLCcyMDgnLCdzcmMnLCdzd2YvaGVhZGVyJywncXVhbGl0eScsJ2hpZ2gnLCdwbHVnaW5zcGFnZScsJ2h0dHA6Ly93d3cubWFjcm9tZWRpYS5jb20vZ28vZ2V0Zmxhc2hwbGF5ZXInLCdtb3ZpZScsJ3N3Zi9oZWFkZXInICk7IC8vZW5kIEFDIGNvZGUKPC9zY3JpcHQ+IDxub3NjcmlwdD4KICAgICAgPG9iamVjdCBjbGFzc2lkPSJjbHNpZDpEMjdDREI2RS1BRTZELTExY2YtOTZCOC00NDQ1NTM1NDAwMDAiIGNvZGViYXNlPSJodHRwOi8vZG93bmxvYWQubWFjcm9tZWRpYS5jb20vcHViL3Nob2Nrd2F2ZS9jYWJzL2ZsYXNoL3N3Zmxhc2guY2FiI3ZlcnNpb249NywwLDE5LDAiIHdpZHRoPSI4MDkiIGhlaWdodD0iMjA4Ij4KICAgICAgICA8cGFyYW0gbmFtZT0ibW92aWUiIHZhbHVlPSJzd2YvaGVhZGVyLnN3ZiIgLz4KICAgICAgICA8cGFyYW0gbmFtZT0icXVhbGl0eSIgdmFsdWU9ImhpZ2giIC8+CiAgICAgICAgPGVtYmVkIHNyYz0ic3dmL2hlYWRlci5zd2YiIHF1YWxpdHk9ImhpZ2giIHBsdWdpbnNwYWdlPSJodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL2dvL2dldGZsYXNocGxheWVyIiB0eXBlPSJhcHBsaWNhdGlvbi94LXNob2Nrd2F2ZS1mbGFzaCIgd2lkdGg9IjgwOSIgaGVpZ2h0PSIyMDgiPjwvZW1iZWQ+IAogICAgICA8L29iamVjdD4KICAgICAgPC9ub3NjcmlwdD48L3RkPgogICAgPHRkIHdpZHRoPSIxMiUiIHJvd3NwYW49IjUiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgYmdjb2xvcj0iIzAwMDAwMCI+Jm5ic3A7PC90ZD4KICA8L3RyPgogIDx0cj4gCiAgICA8dGQgaGVpZ2h0PSI0NjEiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgYmFja2dyb3VuZD0iaW1nL1F1aWVuZXNTb21vc19BMl8wXzEzLmpwZyI+IAogICAgICA8c2NyaXB0IHR5cGU9InRleHQvamF2YXNjcmlwdCI+CkFDX0ZMX1J1bkNvbnRlbnQoICdjb2RlYmFzZScsJ2h0dHA6Ly9kb3dubG9hZC5tYWNyb21lZGlhLmNvbS9wdWIvc2hvY2t3YXZlL2NhYnMvZmxhc2gvc3dmbGFzaC5jYWIjdmVyc2lvbj02LDAsMjksMCcsJ3dpZHRoJywnOTYnLCdoZWlnaHQnLCc0NjEnLCdzcmMnLCdzd2Yvc3VibWVudScsJ3F1YWxpdHknLCdoaWdoJywncGx1Z2luc3BhZ2UnLCdodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL2dvL2dldGZsYXNocGxheWVyJywnbW92aWUnLCdzd2Yvc3VibWVudScgKTsgLy9lbmQgQUMgY29kZQo8L3NjcmlwdD4gPG5vc2NyaXB0PgogICAgICA8b2JqZWN0IGNsYXNzaWQ9ImNsc2lkOkQyN0NEQjZFLUFFNkQtMTFjZi05NkI4LTQ0NDU1MzU0MDAwMCIgY29kZWJhc2U9Imh0dHA6Ly9kb3dubG9hZC5tYWNyb21lZGlhLmNvbS9wdWIvc2hvY2t3YXZlL2NhYnMvZmxhc2gvc3dmbGFzaC5jYWIjdmVyc2lvbj02LDAsMjksMCIgd2lkdGg9Ijk2IiBoZWlnaHQ9IjQ2MSI+CiAgICAgICAgPHBhcmFtIG5hbWU9Im1vdmllIiB2YWx1ZT0ic3dmL3N1Ym1lbnUuc3dmIiAvPgogICAgICAgIDxwYXJhbSBuYW1lPSJxdWFsaXR5IiB2YWx1ZT0iaGlnaCIgLz4KICAgICAgICA8ZW1iZWQgc3JjPSJzd2Yvc3VibWVudS5zd2YiIHF1YWxpdHk9ImhpZ2giIHBsdWdpbnNwYWdlPSJodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL2dvL2dldGZsYXNocGxheWVyIiB0eXBlPSJhcHBsaWNhdGlvbi94LXNob2Nrd2F2ZS1mbGFzaCIgd2lkdGg9Ijk2IiBoZWlnaHQ9IjQ2MSI+PC9lbWJlZD48L29iamVjdD4KICAgICAgPC9ub3NjcmlwdD48L3RkPgogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCIgYmdjb2xvcj0iI0ZGRkZGRiI+CiAgICAgICAgPHRyPiAKICAgICAgICAgIDx0ZCB3aWR0aD0iMTciIHJvd3NwYW49IjciPjxwPiZuYnNwOzwvcD48L3RkPgogICAgICAgICAgPHRkIHdpZHRoPSIxNzIiIGFsaWduPSJjZW50ZXIiIHZhbGlnbj0idG9wIiBiZ2NvbG9yPSIjRTNFM0UzIj4gPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGFsaWduPSJjZW50ZXIiPjxpbWcgc3JjPSJpbWcvM3B4LmpwZyIgd2lkdGg9IjUiIGhlaWdodD0iNSI+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4gCiAgICAgICAgICAgICAgICA8dGQgYWxpZ249ImNlbnRlciI+PGxpbmsgaHJlZj0iLi4vZXN0aWxvcy5jc3MiIHJlbD0ic3R5bGVzaGVldCIgdHlwZT0idGV4dC9jc3MiIC8+Cjxib2R5IGJnY29sb3I9IiNDQ0NDQ0MiIHRvcG1hcmdpbj0iNiBweCI+PHRhYmxlIHdpZHRoPSIxNjUiIGJvcmRlcj0iMCIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIzIiBiZ2NvbG9yPSIjRkZGRkZGIj4KPHRyPgogICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTkxIiBoZWlnaHQ9IjI4IiBiYWNrZ3JvdW5kPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiA+PGltZyBzcmM9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciIHdpZHRoPSI2IiAgaGVpZ2h0PSIyOCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJpbmRleC5waHA/aWQ9MThfbmV3IiBjbGFzcz0iZm9uZG9ib3RvbiI+SG9tZTwvYT48L3RkPgogIDwvdHI+Cjx0cj4KICA8dGQgaGVpZ2h0PSIyOCIgYmFja2dyb3VuZD0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXciIGNsYXNzPSJmb25kb2JvdG9uIj4mbmJzcDsmbmJzcDtOb3RpY2lhczwvYT48L3RkPgo8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMjgiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgd2lkdGg9IjYiIGhlaWdodD0iMjgiIGJvcmRlcj0iMCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJkb25hY2lvbmVzLyIgdGFyZ2V0PSJfYmxhbmsiIGNsYXNzPSJmb25kb2JvdG9uIj5Eb25hY2lvbmVzPC9hPjwvdGQ+CiAgPC90cj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjI4IiBiYWNrZ3JvdW5kPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiA+PGltZyBzcmM9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciICB3aWR0aD0iNiJoZWlnaHQ9IjI4IiBhbGlnbj0iYWJzbWlkZGxlIiAvPjxhIGhyZWY9ImluZGV4LnBocD9pZD0yM19uZXciIGNsYXNzPSJmb25kb2JvdG9uIj5IaXN0b3JpYWwgZGUgbmV3c2xldHRlcnM8L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMjgiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgd2lkdGg9IjYiIGhlaWdodD0iMjgiIGFsaWduPSJhYnNtaWRkbGUiIC8+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTEzYSIgY2xhc3M9ImZvbmRvYm90b24iPkVudmlhciBpbmZvcm1hY2kmb2FjdXRlO248L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciPjxpbWcgc3JjPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiB3aWR0aD0iNiJoZWlnaHQ9IjI4IiBhbGlnbj0iYWJzbWlkZGxlIiAvPjxhIGhyZWY9ImluZGV4LnBocD9pZD0yNl9uZXciIGNsYXNzPSJmb25kb2JvdG9uIj5WZXIgdHJhYmFqb3MgZGUgdXN1YXJpb3M8L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciPjxpbWcgc3JjPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiB3aWR0aD0iNiIgaGVpZ2h0PSIyOCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJpbmRleC5waHA/aWQ9MTZfbmV3IiBjbGFzcz0iZm9uZG9ib3RvbiI+U2FsdWQgQWN0aXZhIHByZW5zYTwvYT48L3RkPgogIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIxOSIgYmFja2dyb3VuZD0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgPjxpbWcgc3JjPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiB3aWR0aD0iNiIgaGVpZ2h0PSIyOCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJtYWlsdG86c2FsdWRhY3RpdmFAc2FsdWRhY3RpdmEub3JnLmFyIiBjbGFzcz0iZm9uZG9ib3RvbiI+TWFuZCZhYWN1dGU7IHR1IEMuVi48L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgIHdpZHRoPSI2ImhlaWdodD0iMjgiIGFsaWduPSJhYnNtaWRkbGUiIC8+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTIxX25ldyIgY2xhc3M9ImZvbmRvYm90b24iPkluZm9ybWFjaSZvYWN1dGU7biBkZSBpbnRlciZlYWN1dGU7czwvYT48L3RkPgogIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIxOSIgYmFja2dyb3VuZD0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyI+PGltZyBzcmM9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciIHdpZHRoPSI2IiBoZWlnaHQ9IjI4IiBhbGlnbj0iYWJzbWlkZGxlIiAvPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xMF80IiBjbGFzcz0iZm9uZG9ib3RvbiI+Q29uZ3Jlc29zCiAgICAgICAgICAgICAgICAgIHkgSm9ybmFkYXM8L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgd2lkdGg9IjYiIGhlaWdodD0iMjgiIGFsaWduPSJhYnNtaWRkbGUiIC8+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTExIiBjbGFzcz0iZm9uZG9ib3RvbiI+UmVnaXN0cmFjaSZvYWN1dGU7bjwvYT48L3RkPgogIDwvdHI+CiAgICAgICAgICAgCiAgICAgICAgICA8L3RhYmxlPgo8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGFsaWduPSJjZW50ZXIiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNSIgdGFyZ2V0PSJfYmxhbmsiPjxicj4KICAgICAgICAgICAgICAgICAgPGltZyBzcmM9ImltZy9iYW5uZXJfZG9uYWNpb25lcy5qcGciIHdpZHRoPSIxNjIiIGhlaWdodD0iMTIwIiBib3JkZXI9IjAiPjxicj4KICAgICAgICAgICAgICAgICAgPGJyPgogICAgICAgICAgICAgICAgICA8aW1nIHNyYz0iaW1nL2JvdG9uRm9yby5naWYiIHdpZHRoPSIxNzIiIGhlaWdodD0iMTE3IiBib3JkZXI9IjAiPjwvYT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPiAKICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTY3IiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjkiPjxpbWcgc3JjPSJpbWcvY2hpY29zX3BlcmRpZG9zXzAzLmdpZiIgd2lkdGg9IjkiIGhlaWdodD0iOSIgLz48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTQ5IiBiYWNrZ3JvdW5kPSJpbWcvY2hpY29zX3BlcmRpZG9zXzA1LmdpZiI+PGltZyBzcmM9ImltZy9jaGljb3NfcGVyZGlkb3NfMDUuZ2lmIiB3aWR0aD0iOSIgaGVpZ2h0PSI5IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMCI+PGltZyBzcmM9ImltZy9jaGljb3NfcGVyZGlkb3NfMDcuZ2lmIiB3aWR0aD0iOSIgaGVpZ2h0PSI5IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgYmFja2dyb3VuZD0iaW1nL2NoaWNvc19wZXJkaWRvc18xMi5naWYiPjxpbWcgc3JjPSJpbWcvY2hpY29zX3BlcmRpZG9zXzEyLmdpZiIgd2lkdGg9IjkiIGhlaWdodD0iMTEiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQ+PGltZyBzcmM9InNyYy9pbWdfdXAvMjMwODIwMTIuMS5qcGciIHdpZHRoPSIxNDkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgYmFja2dyb3VuZD0iaW1nL2NoaWNvc19wZXJkaWRvc18xMy5naWYiPjxpbWcgc3JjPSJpbWcvY2hpY29zX3BlcmRpZG9zXzEzLmdpZiIgd2lkdGg9IjkiIGhlaWdodD0iMTEiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18xNi5naWYiIHdpZHRoPSIxNjciIGhlaWdodD0iNSIgLz48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGJhY2tncm91bmQ9ImltZy9jaGljb3NfcGVyZGlkb3NfMTcuZ2lmIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18xNy5naWYiIHdpZHRoPSI5IiBoZWlnaHQ9IjkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgYWxpZ249ImNlbnRlciIgYmdjb2xvcj0iI0ZFRTdDRiIgY2xhc3M9InRpdHVsb2hvbWU1Ij48c3Ryb25nPk5pJm50aWxkZTtvcyBwZXJkaWRvczxicj4KICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0yOSIgY2xhc3M9ImJvdG9uIj5bVmVyIG0mYWFjdXRlO3NdPC9hPjwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIGJhY2tncm91bmQ9ImltZy9jaGljb3NfcGVyZGlkb3NfMTkuZ2lmIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18xOS5naWYiIHdpZHRoPSI5IiBoZWlnaHQ9IjkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18yMC5naWYiIHdpZHRoPSIxNjciIGhlaWdodD0iMjUiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPiAKICAgICAgICAgICAgICAgIDx0ZD48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4NCgkJCQkNCgkJCQk8Zm9ybSBhY3Rpb249ImluZGV4LnBocD9pZD0xMSIgIG1ldGhvZD0icG9zdCI+DQogICAgICAgICAgICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMiI+PGltZyBzcmM9ImltZy9yZWdpc3RyYXRlX2VzcV9penExLmpwZyIgd2lkdGg9IjEyIiBoZWlnaHQ9IjQ4IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgICAgPHRkPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9hcnJpYmEuanBnIiB3aWR0aD0iMTQ2IiBoZWlnaHQ9IjQ4IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNCI+PGltZyBzcmM9ImltZy9yZWdpc3RyYXRlX2VzcV9kZXIxLmpwZyIgd2lkdGg9IjE0IiBoZWlnaHQ9IjQ4IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgIDwvdHI+DQogICAgICAgICAgICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMiIgdmFsaWduPSJ0b3AiIGNsYXNzPSJyZWdGb25kbzEiPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9penEuanBnIiB3aWR0aD0iMTIiIGhlaWdodD0iMTIiIC8+PC90ZD4NCiAgICAgICAgICAgICAgICAgICAgICA8dGQgYmdjb2xvcj0iI0ZGRkZGRiI+PHRhYmxlIHdpZHRoPSI5NCUiIGJvcmRlcj0iMCIgYWxpZ249ImNlbnRlciIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4NCiAgICAgICAgICA8dHI+IA0KICAgICAgICAgICAgPHRkPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV90aXQuanBnIiB3aWR0aD0iNjYiIGhlaWdodD0iMjMiIC8+PC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgaGVpZ2h0PSI1MCIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJyZWdpc3RyYXJzZSI+SW5ncmVzJmFhY3V0ZTsgDQogICAgICAgICAgICAgIHR1cyBkYXRvcyB5IHJlY2liJmlhY3V0ZTsgbGEgbWVqb3IgaW5mb3JtYWNpJm9hY3V0ZTtuIGEgdHJhdiZlYWN1dGU7cyANCiAgICAgICAgICAgICAgZGUgbnVlc3RybzxzdHJvbmc+IE5ld3NsZXR0ZXI8L3N0cm9uZz4uIDxzdHJvbmc+PHNwYW4gY2xhc3M9ImdyYXRpcyI+R3JhdGlzITwvc3Bhbj48L3N0cm9uZz48L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgICAgPHRyPiANCiAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjI1IiB2YWxpZ249Im1pZGRsZSIgY2xhc3M9InRyYWJTRUNDSU9OIj5Ob21icmU8L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgICAgPHRyPiANCiAgICAgICAgICAgIDx0ZCBjbGFzcz0icmVnQ0VMREEiPjxpbnB1dCBuYW1lPSJub21icmUiIHR5cGU9InRleHQiIGNsYXNzPSJyZWdDRUxEQWlucHV0IiBpZD0ibm9tYnJlIiAvPjwvdGQ+DQogICAgICAgICAgPC90cj4NCiAgICAgICAgICA8dHI+IA0KICAgICAgICAgICAgPHRkIGhlaWdodD0iMjUiIHZhbGlnbj0ibWlkZGxlIiBjbGFzcz0idHJhYlNFQ0NJT04iPkFwZWxsaWRvPC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgY2xhc3M9InJlZ0NFTERBIj48aW5wdXQgbmFtZT0iYXBlbGxpZG8iIHR5cGU9InRleHQiIGNsYXNzPSJyZWdDRUxEQWlucHV0IiBpZD0iYXBlbGxpZG8iIC8+PC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgaGVpZ2h0PSIyNSIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJ0cmFiU0VDQ0lPTiI+RS1tYWlsPC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgY2xhc3M9InJlZ0NFTERBIj48aW5wdXQgbmFtZT0iZW1haWwiIHR5cGU9InRleHQiIGNsYXNzPSJyZWdDRUxEQWlucHV0IiBpZD0iZW1haWwiIC8+PC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgY2xhc3M9InRyYWJTRUNDSU9OIj4mbmJzcDs8L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgICAgPHRyPiANCiAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIiBjbGFzcz0idHJhYlNFQ0NJT04iPjxpbnB1dCB0eXBlPSJpbWFnZSIgc3JjPSJpbWcvcmVnaXN0cmF0ZV9ib3Rvbi5qcGciIHdpZHRoPSIxMTciIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgIDwvdGFibGU+PC90ZD4NCiAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE0IiB2YWxpZ249InRvcCIgY2xhc3M9InJlZ0ZvbmRvMiI+PGltZyBzcmM9ImltZy9yZWdpc3RyYXRlX2Rlci5qcGciIHdpZHRoPSIxNCIgaGVpZ2h0PSIxNCIgLz48L3RkPg0KICAgICAgICAgICAgICAgICAgICA8L3RyPg0KICAgICAgICAgICAgICAgICAgICA8dHI+IA0KICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTIiIGhlaWdodD0iMjQiPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9lc3FfaXpxMi5qcGciIHdpZHRoPSIxMiIgaGVpZ2h0PSIyNCIgLz48L3RkPg0KICAgICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjI0Ij48aW1nIHNyYz0iaW1nL3JlZ2lzdHJhdGVfYWJham8uanBnIiB3aWR0aD0iMTQ2IiBoZWlnaHQ9IjI0IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgICAgPHRkPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9lc3FfZGVyMi5qcGciIHdpZHRoPSIxNCIgaGVpZ2h0PSIyNCIgLz48L3RkPg0KICAgICAgICAgICAgICAgICAgICA8L3RyPg0KCQkJCQkNCgkJCQkJPC9mb3JtPg0KICAgICAgICAgICAgICAgICAgPC90YWJsZT4NCjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4gCiAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPiAKICAgICAgICAgICAgICAgICAgPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTcwIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMyIgY2xhc3M9ImJvcmRlIj4KICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCA+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBhbGlnbj0ibGVmdCIgY2xhc3M9InRpdHVsb2hvbWUyIj4KCQkJCQkJCQkJCQkJCQkJCTwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICA8dGQ+PGltZyBzcmM9ImltZy9jbGF1ZGlhMl8wMy5qcGciIHdpZHRoPSIxNzQiIGhlaWdodD0iMjUwIiBib3JkZXI9IjAiIHVzZW1hcD0iI01hcCI+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8L3RhYmxlPiAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICA8L3RhYmxlPiAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICA8dGQgcm93c3Bhbj0iNyIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nLzV4NS5qcGciIHdpZHRoPSI3IiBoZWlnaHQ9IjciPjwvdGQ+CiAgICAgICAgICA8dGQgY29sc3Bhbj0iMiIgcm93c3Bhbj0iNCIgYWxpZ249InJpZ2h0IiB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPGZvcm0gYWN0aW9uPSJsb2dpbi5waHAiIG1ldGhvZD0icG9zdCIgbmFtZT0iZm9ybTIiPgoKICAgICAgICAgICAgICA8dHI+IAogICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIxOSIgY29sc3Bhbj0iMiIgYWxpZ249ImxlZnQiIHZhbGlnbj0ibWlkZGxlIiBjbGFzcz0iY29udGVuaWRvIiA+IAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8c3Ryb25nPlVzdWFyaW8gbm8gcmVnaXN0cmFkbzwvc3Ryb25nPiAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9mb250PiA8L3N0cm9uZz4gCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDkiIGFsaWduPSJyaWdodCIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJjb250ZW5pZG8iPlVzdWFyaW8mbmJzcDsmbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzOSIgdmFsaWduPSJtaWRkbGUiPjxpbnB1dCBuYW1lPSJ1c3VhcmlvIiB0eXBlPSJ0ZXh0IiBjbGFzcz0icmVnIiBpZD0idXN1YXJpbyIgc2l6ZT0iNyI+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjciIGFsaWduPSJyaWdodCIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJjb250ZW5pZG8iPkNvbnRyYXNlJm50aWxkZTthJm5ic3A7Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzkiIHZhbGlnbj0ibWlkZGxlIj48aW5wdXQgbmFtZT0icGFzcyIgdHlwZT0icGFzc3dvcmQiIGNsYXNzPSJyZWciIGlkPSJwYXNzIiBzaXplPSI3Ij48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MiIgYWxpZ249InJpZ2h0IiB2YWxpZ249Im1pZGRsZSIgY2xhc3M9ImJvdG9uIj48aW5wdXQgdHlwZT0iaW1hZ2UiIHNyYz0iaW1nL3JlZy5qcGciIHdpZHRoPSI1OCIgaGVpZ2h0PSIzMCI+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPiAKICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjciIGhlaWdodD0iMTkiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgPjxhIGhyZWY9Imh0dHA6Ly93d3cuZmFjZWJvb2suY29tL2hvbWUucGhwPyMhL3BhZ2VzL01lcmxvLUFyZ2VudGluYS9TQUxVRC1BQ1RJVkEvMTAwNTgzNTQzMzE3MzIyP3JlZj10cyZhamF4cGlwZT0xJl9fYT03IiB0YXJnZXQ9Il9ibGFuayI+PGltZyBzcmM9ImltZy9mYWNlYm9vay5qcGciIHdpZHRoPSIyMCIgaGVpZ2h0PSIyMCIgYm9yZGVyPSIwIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzExIiBhbGlnbj0icmlnaHQiIHZhbGlnbj0idG9wIj48ZGl2IGFsaWduPSJsZWZ0Ij48YSBocmVmPSJodHRwOi8vdHdpdHRlci5jb20vU2FsdWRBY3RpdmFPTkciIHRhcmdldD0iX2JsYW5rIj48aW1nIHNyYz0iaW1nL3R3aXRlci5qcGciIHdpZHRoPSIyMCIgaGVpZ2h0PSIyMCIgYm9yZGVyPSIwIj48L2E+PC9kaXY+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSI1IiBhbGlnbj0icmlnaHQiIHZhbGlnbj0ibWlkZGxlIiBjbGFzcz0iY29udGVuaWRvIj48bGFiZWw+PGZvbnQgc2l6ZT0iLTYiPlNpCiAgICAgICAgICAgICAgICAgICAgICAgdG9kYXYmaWFjdXRlO2Egbm8gZXMgdXN1YXJpbyA8L2ZvbnQ+IDxhIGhyZWY9ImluZGV4LnBocD9pZD0xMSIgY2xhc3M9ImJvdG9uIj48Zm9udCBzaXplPSItNiI+cmVnJmlhY3V0ZTtzdHJlc2UKICAgICAgICAgICAgICAgICAgICAgICAgYXF1JmlhY3V0ZTsgPGZvbnQgY29sb3I9IiM2NjY2NjYiPiYjODIyNjs8L2ZvbnQ+PC9mb250PjwvYT4gPGEgaHJlZj0iaW5kZXgucGhwP2lkPTEyIiBjbGFzcz0iYm90b24xIj48Zm9udCBzaXplPSItNiI+b2x2aWRlIG1pIGNvbnRyYXNlJm50aWxkZTthPC9mb250PjwvYT48L2xhYmVsPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE3Ij4mbmJzcDsgPC90ZD4KICAgICAgICAgICAgICA8L3RyPgoJCQkgIDwvZm9ybT4KCiAgICAgICAgICAgIDwvdGFibGU+CiAgICAgICAgICA8IURPQ1RZUEUgaHRtbCBQVUJMSUMgIi0vL1czQy8vRFREIFhIVE1MIDEuMCBUcmFuc2l0aW9uYWwvL0VOIiAiaHR0cDovL3d3dy53My5vcmcvVFIveGh0bWwxL0RURC94aHRtbDEtdHJhbnNpdGlvbmFsLmR0ZCI+CjxodG1sIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hodG1sIj4KPGhlYWQ+CjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PWlzby04ODU5LTEiIC8+Cjx0aXRsZT5Eb2N1bWVudG8gc2luIHQmaWFjdXRlO3R1bG88L3RpdGxlPgo8bGluayBocmVmPSJlc3RpbG9zLmNzcyIgcmVsPSJzdHlsZXNoZWV0IiB0eXBlPSJ0ZXh0L2NzcyIgLz4KPHNjcmlwdCBsYW5ndWFnZT0iSmF2YVNjcmlwdCIgdHlwZT0idGV4dC9KYXZhU2NyaXB0Ij4KPCEtLQpmdW5jdGlvbiBNTV9yZWxvYWRQYWdlKGluaXQpIHsgIC8vcmVsb2FkcyB0aGUgd2luZG93IGlmIE5hdjQgcmVzaXplZAogIGlmIChpbml0PT10cnVlKSB3aXRoIChuYXZpZ2F0b3IpIHtpZiAoKGFwcE5hbWU9PSJOZXRzY2FwZSIpJiYocGFyc2VJbnQoYXBwVmVyc2lvbik9PTQpKSB7CiAgICBkb2N1bWVudC5NTV9wZ1c9aW5uZXJXaWR0aDsgZG9jdW1lbnQuTU1fcGdIPWlubmVySGVpZ2h0OyBvbnJlc2l6ZT1NTV9yZWxvYWRQYWdlOyB9fQogIGVsc2UgaWYgKGlubmVyV2lkdGghPWRvY3VtZW50Lk1NX3BnVyB8fCBpbm5lckhlaWdodCE9ZG9jdW1lbnQuTU1fcGdIKSBsb2NhdGlvbi5yZWxvYWQoKTsKfQpNTV9yZWxvYWRQYWdlKHRydWUpOwoKZnVuY3Rpb24gTU1fcHJlbG9hZEltYWdlcygpIHsgLy92My4wCiAgdmFyIGQ9ZG9jdW1lbnQ7IGlmKGQuaW1hZ2VzKXsgaWYoIWQuTU1fcCkgZC5NTV9wPW5ldyBBcnJheSgpOwogICAgdmFyIGksaj1kLk1NX3AubGVuZ3RoLGE9TU1fcHJlbG9hZEltYWdlcy5hcmd1bWVudHM7IGZvcihpPTA7IGk8YS5sZW5ndGg7IGkrKykKICAgIGlmIChhW2ldLmluZGV4T2YoIiMiKSE9MCl7IGQuTU1fcFtqXT1uZXcgSW1hZ2U7IGQuTU1fcFtqKytdLnNyYz1hW2ldO319Cn0KLy8tLT4KPC9zY3JpcHQ+CiAgICAgICAgICAgICA8c2NyaXB0IHNyYz0iU2NyaXB0cy9BQ19SdW5BY3RpdmVDb250ZW50LmpzIiB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPjwvc2NyaXB0PgoJCQkgCjxzdHlsZSB0eXBlPSJ0ZXh0L2NzcyI+CjwhLS0KI0xheWVyMSB7Cglwb3NpdGlvbjphYnNvbHV0ZTsKCXdpZHRoOjY1MXB4OwoJaGVpZ2h0OjIxOHB4OwoJei1pbmRleDoxOwp9CiNMYXllcjIgewoJcG9zaXRpb246YWJzb2x1dGU7Cgl3aWR0aDoyMDBweDsKCWhlaWdodDoxMTVweDsKCXotaW5kZXg6MTsKCXZpc2liaWxpdHk6IHZpc2libGU7Cn0KLkVzdGlsbzEgewoJZm9udC1zaXplOiAxOHB4OwoJZm9udC13ZWlnaHQ6IGJvbGQ7Cn0KLkVzdGlsbzIgewoJZm9udC1zaXplOiAxNHB4OwoJZm9udC13ZWlnaHQ6IGJvbGQ7Cn0KLkVzdGlsbzMge2NvbG9yOiAjNTA2OTkwOyBsaW5lLWhlaWdodDogMTJweDsgdGV4dC1kZWNvcmF0aW9uOiBub25lOyBmb250LWZhbWlseTogVGFob21hO30KLS0+Cjwvc3R5bGU+CjwvaGVhZD4KCjxib2R5IGxlZnRtYXJnaW49IjIiIG1hcmdpbndpZHRoPSIyIj4KPHRhYmxlIHdpZHRoPSI2MDgiIGJvcmRlcj0iMCIgYWxpZ249ImNlbnRlciIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4KICA8dHI+CiAgICA8dGQgY29sc3Bhbj0iNCIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCB3aWR0aD0iMiUiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzA3LmpwZyIgd2lkdGg9IjI0IiBoZWlnaHQ9IjE0IiAvPjwvdGQ+CiAgICAgICAgPHRkIHdpZHRoPSI5MCUiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18wNy5qcGciPiZuYnNwOzwvdGQ+CiAgICAgICAgPHRkIHdpZHRoPSI4JSIgYWxpZ249InJpZ2h0IiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wOS5qcGciIHdpZHRoPSI0NSIgaGVpZ2h0PSIxNyIgLz48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogIDwvdHI+CiAgPHRyPgogICAgPHRkIGNvbHNwYW49IjQiPjxiciAvPgogICAgICA8dGFibGUgd2lkdGg9Ijk4JSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiPgogICAgICA8dHI+CiAgICAgICAgPHRkIHdpZHRoPSIyJSI+PGltZyBzcmM9ImltZy81eDUuanBnIiB3aWR0aD0iMTUiIGhlaWdodD0iMTUiIC8+PC90ZD4KICAgICAgICA8dGQgd2lkdGg9IjkzJSI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CjwhLS0gSU5JQ0lPIG5vdGEgZGVzdGFjYWRhIC0tPgogICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTU2IiByb3dzcGFuPSIyIiB2YWxpZ249InRvcCI+CgkJCQkKCQkJCTx0YWJsZSB3aWR0aD0iMzIlIiBib3JkZXI9IjEiIGNlbGxzcGFjaW5nPSIzIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJzcmMvaW1nX3VwLzIzMDQyMDEzLjAuanBnIiB3aWR0aD0iMTQ2IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPgoJCQkJCQkJCTwvdGQ+ICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MjIvMTEvMjAxMzwvc3Bhbj48YnI+SVYgQ29uZ3Jlc28gSW50ZXJuYWNpb25hbCB2aW9sZW5jaWEsIG1hbHRyYXRvIHkgYWJ1c288L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iNyIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9Ijg1IiBjb2xzcGFuPSI0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPjxzdHJvbmc+MTQsIDE1IHkgMTYgZGUgTm92aWVtYnJlIEFCSUVSVEEgTEEgSU5TQ1JJUENJJk9hY3V0ZTtOISAoY29uIGRlc2N1ZW50byBoYXN0YSBlbCAyNy84KTxiciAvPjwvc3Ryb25nPjwvcD4NCjxwPjxzdHJvbmc+QUJJRVJUQSBMQSBSRUNFUENJJk9hY3V0ZTtOIERFIFRSQUJBSk88YSBocmVmPSJodHRwOi8vd3d3LmNvbmdyZXNvdmlvbGVuY2lhLmNvbS9pbmRleC5waHA/aWQ9bW9kYWxpZGFkZXMiIHRhcmdldD0iX2JsYW5rIj4gKG1hcyBpbmZvKTwvYT48L3N0cm9uZz48L3A+DQo8cD48c3BhbiBzdHlsZT0iY29sb3I6ICNmZjY2MDA7Ij48c3Ryb25nPk9yZ2FuaXphOiBTYWx1ZCBBY3RpdmE8L3N0cm9uZz48L3NwYW4+PC9wPg0KPHA+PHNwYW4gc3R5bGU9ImNvbG9yOiAjZmY2NjAwOyI+SW5jcmlwdG9zIGFsIFBvcnRhbCBkZSBTYWx1ZCBBY3RpdmEsIGltcG9ydGFudGVzIGRlc2N1ZW50b3MhPGJyIC8+PC9zcGFuPjwvcD4NCjxwPkx1Z2FyIGRlIFJlYWxpemFjaSZvYWN1dGU7biB5IGNvbGFib3JhY2lvbjogVW5pdmVyc2lkYWQgZGVsIEVzdGUsIExhIFBsYXRhIEJ1ZW5vcyBBaXJlczwvcD4NCjxwPk1hcyBkZSAxNTAgdHJhYmFqb3MgcHJlc2VudGFkb3MsIHVsdGltb3MgZGlhcyBwYXJhIGluc2NyaWJpcnNlIGNvbiBkZXNjdWVudG8hITwvcD4NCjxwPjxhIGhyZWY9Imh0dHA6Ly93d3cuY29uZ3Jlc292aW9sZW5jaWEuY29tL2luZGV4LnBocD9pZD1pbnNjcmlwY2lvbiIgdGFyZ2V0PSJfYmxhbmsiPkluc2NyaWJpcnNlPC9hPjwvcD4NCjxwPjxhIGhyZWY9Imh0dHA6Ly93d3cuY29uZ3Jlc292aW9sZW5jaWEuY29tL2luZGV4LnBocD9pZD1pbnNjcmlwY2lvbiIgdGFyZ2V0PSJfYmxhbmsiPjxiciAvPjwvYT48L3A+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTklIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzAxIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzE5LmpwZyIgd2lkdGg9Ijc1IiBoZWlnaHQ9IjQxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMS5qcGciIHdpZHRoPSI1MyIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48YSBocmVmPSIjIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDEiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIiBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgIDwvdHI+CgkJICAgICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MDQvMTEvMjAxMzwvc3Bhbj48YnI+RWwgY29sZWdpbyBkZSBQc2lj82xvZ29zIGRlIEPzcmRvYmEgc2UgcHJvbnVuY2lhIGVuIHJlbGFjafNuIGFsIFNBUCB5IGVuIGNvbmNvcmRhbmNpYSBjb24gbG8gZXhwcmVzYWRvIHBvciBlbCBDb2xlZ2lvIGRlIFBzaWPzbG9nb3MgZGUgTWFyIGRlbCBQbGF0YSB5IGVsIENvbGVnaW8gZGUgUHNpY/Nsb2dvcyBkZSBsYSAgUHJvdmluY2lhIGRlIEJ1ZW5vcyBBaXJlczwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wMV8xOS5qcGciIHdpZHRoPSI3IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODUiIGNvbHNwYW49IjQiIHZhbGlnbj0idG9wIiBjbGFzcz0idGV4dG9udWV2byI+PHA+Jm5ic3A7PC9wPg0KPHA+TGFzIGNvbnRyb3ZlcnNpYXMgZ2VuZXJhZGFzIGVuIHJlbGFjaSZvYWN1dGU7biBhbCAic2luZHJvbWUgZGUgYWxpZW5hY2kmb2FjdXRlO24gcGFyZW50YSIgU0FQLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMxMCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzEwIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTU2IiByb3dzcGFuPSIyIiB2YWxpZ249InRvcCI+CgkJCQkKCQkJCTx0YWJsZSB3aWR0aD0iMzIlIiBib3JkZXI9IjEiIGNlbGxzcGFjaW5nPSIzIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJzcmMvaW1nX3VwLzE2MTAyMDEzLjAuanBnIiB3aWR0aD0iMTQ2IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPgoJCQkJCQkJCTwvdGQ+ICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MTYvMTAvMjAxMzwvc3Bhbj48YnI+U2FsdWQgQWN0aXZhIG90b3JnYSBtZWRpYXMgYmVjYXMgcGFyYSBlbCBJViBDb25ncmVzbyBJbnRlcm5hY2lvbmFsLCBWIE5hY2lvbmFsLCBWSSBSZWdpb25hbCBWaW9sZW5jaWEsIE1hbHRyYXRvIHkgQWJ1c28uPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD4mbmJzcDs8L3A+DQo8cD5TZXImYWFjdXRlO24gb3RvcmdhZGFzIDUwIG1lZGlhcyBiZWNhcywgcXVlZGFuIHBvY2FzISEhIGNvbmRpY2lvbjo8L3A+DQo8cD5QZXJ0ZW5lY2VyIGFsIGFtYml0byBwdWJsaWNvIG8gYSBPTkcsIHNlIGNvbnNpZGVyYSB0YW1iaWVuIGxhIGRpc3RhbmNpYSBhbCBsdWdhciBkZWwgZXZlbnRvISEhIGVzIG11eSBzZW5jaWxsbywgc29sbyBkZWJlcyBlbnZpYXIgdW4gZW1haWwuLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwOSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA5Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjI0LzA3LzIwMTM8L3NwYW4+PGJyPk5FQ0VTSVRBTU9TIERFIFNVIFNPTElEQVJJREFEIEhBQ0lBIExPUyBOSdFPUyBZIE5J0UFTISEhPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD48c3Ryb25nPjxzcGFuIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IHVuZGVybGluZTsiPjxiciAvPjwvc3Bhbj48L3N0cm9uZz48L3A+DQo8cD48c3Ryb25nPjxzcGFuIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IHVuZGVybGluZTsiPjxiciAvPjwvc3Bhbj48L3N0cm9uZz48L3A+DQo8cD48c3Ryb25nPjxzcGFuIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IHVuZGVybGluZTsiPlBST0dSQU1BIEZBTUlMSUFTIFNPTElEQVJJQVM8L3NwYW4+PC9zdHJvbmc+PC9wPg0KPHA+PHN0cm9uZz5DQU1CSU8gREUgU0VERTwvc3Ryb25nPjwvcD4NCjxwPkxhIGNhcGFjaXRhY2kmb2FjdXRlO24gcGFyYSBsYSBwdWVzdGEgZW4gbWFyY2hhIGRlbCA8c3Ryb25nPlByb2dyYW1hIEZhbWlsaWFzIFNvbGlkYXJpYXM8L3N0cm9uZz4gc2UgcmVhbGl6YXImYWFjdXRlOyBlbiBsYSBsb2NhbGlkYWQgZGUgPHN0cm9uZz5OYXZhcnJvPC9zdHJvbmc+IHBhcmEgdG9kbyBlbCBjb3JyZWRvciBkZSBsYSBSdXRhIDQwLjwvcD4NCjxwPkluaWNpbyA8c3Ryb25nPk1pJmVhY3V0ZTtyY29sZXMgMjggZGUgYWdvc3RvIGEgbGFzIDE0IGhvcmFzLiZuYnNwOzwvc3Ryb25nPjwvcD4NCjxwPlNlZGU6IDxzdHJvbmc+U2FsJm9hY3V0ZTtuIE11bmljaXBhbCBlbiBsYSBjYWxsZSAxMDcgZXNxdWluYSAyMiAtIE5hdmFycm88L3N0cm9uZz48L3A+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTklIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA4Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzE5LmpwZyIgd2lkdGg9Ijc1IiBoZWlnaHQ9IjQxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMS5qcGciIHdpZHRoPSI1MyIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48YSBocmVmPSIjIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDgiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIiBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgIDwvdHI+CgkJICAgICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNTYiIHJvd3NwYW49IjIiIHZhbGlnbj0idG9wIj4KCQkJCQoJCQkJPHRhYmxlIHdpZHRoPSIzMiUiIGJvcmRlcj0iMSIgY2VsbHNwYWNpbmc9IjMiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PGltZyBzcmM9InNyYy9pbWdfdXAvMTIwNzIwMTMuMC5qcGciIHdpZHRoPSIxNDYiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+CgkJCQkJCQkJPC90ZD4gICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBjbGFzcz0idGl0dWxvaG9tZTEiPjxzcGFuIGNsYXNzPSJkZXN0YWNhZG9zIj4xMi8wNy8yMDEzPC9zcGFuPjxicj5TQUxVRCBBQ1RJVkEgaGEgc2lkbyBlbGVnaWRhIHBvciBzZWd1bmRhIHZleiBjb25zZWN1dGl2YSBjb21vIHVubyBkZSBsb3MgZ2FuYWRvcmVzIGRlbCBDdWFydG8gQ29uY3Vyc28gZGUgUHJveWVjdG9zIFNvY2lhbGVzIGRlIFBldHJvYnJhczwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wMV8xOS5qcGciIHdpZHRoPSI3IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODUiIGNvbHNwYW49IjQiIHZhbGlnbj0idG9wIiBjbGFzcz0idGV4dG9udWV2byI+PHA+RW4gZWwgbWFyY28gZGVsIEN1YXJ0byBDb25jdXJzbyBkZSBQcm95ZWN0b3MgU29jaWFsZXMgZGUgUGV0cm9icmFzLCANCm51ZXN0cmEgSW5zdGl0dWNpJm9hY3V0ZTtuIFNBTFVEIEFDVElWQSBoYSBzaWRvIGVsZWdpZGEgcG9yIHNlZ3VuZGEgdmV6IA0KY29uc2VjdXRpdmEgY29tbyB1bm8gZGUgbG9zIGdhbmFkb3JlcyBkZSBkaWNobyBjb25jdXJzby48YnIgLz5FbiBlc3RhIA0KZWRpY2kmb2FjdXRlO24gZWwgcHJveWVjdG8gcXVlIGhhIHNpZG8gZWxlZ2lkbyBlcyBlbCAmbGRxdW87UHJvZ3JhbWEgZGUgRmFtaWxpYXMgDQpTb2xpZGFyaWFzJnJkcXVvOyBzaWVuZG8gc3UgJmFhY3V0ZTtyZWEgZGUgaW1wbGVtZW50YWNpJm9hY3V0ZTtuIGxvcyBNdW5pY2lwaW9zIGRlIE5hdmFycm8sIA0KR3JhbC4gTGFzIEhlcmFzLCBNYXJjb3MgUGF6LCB5IE1lcmxvPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjAyLzA3LzIwMTM8L3NwYW4+PGJyPk/tciBvIGVzY3VjaGFyPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5Qb3IgQ2FybG9zIFJvemFuc2tpICo8L3A+DQo8cD5BIGxvIGxhcmdvIGRlIGxvcyBzaWdsb3MsIGxhcyBuaSZudGlsZGU7YXMsIG5pJm50aWxkZTtvcyB5IGFkb2xlc2NlbnRlcyBoYW4gc2lkbyBtYWx0cmF0YWRvcyB5IGFidXNhZG9zIHNpbiBxdWUgYSBsYSBjb211bmlkYWQgbGUgaW50ZXJlc2FyYSBuaSBzaXF1aWVyYSBlc2N1Y2hhcmxvcyBjdWFuZG8gaGFjJmlhY3V0ZTthbiBzYWJlciBkZSBhbGd1bmEgZm9ybWEgbG9zIHN1ZnJpbWllbnRvcyBxdWUgcGFkZWMmaWFjdXRlO2FuLiBFbiAxODc0LCBlbiBFc3RhZG9zIFVuaWRvcywgZnVlIGxhIHByaW1lcmEgdmV6IHF1ZSBlbCBFc3RhZG8gaW50ZXJ2aW5vIGVuIHVuIGNhc28gZGUgbWFsdHJhdG8geSBhYnVzby4uLjwvcD48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxOSUiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDYiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMTkuanBnIiB3aWR0aD0iNzUiIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjYwJSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjxhIGhyZWY9IiMiPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjAlIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwNiI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMi5qcGciIHdpZHRoPSI3OCIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18yNi5qcGciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjYuanBnIiB3aWR0aD0iMiIgaGVpZ2h0PSIyIiAvPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgPC90cj4KCQkgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZD48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBjbGFzcz0idGl0dWxvaG9tZTEiPjxzcGFuIGNsYXNzPSJkZXN0YWNhZG9zIj4wMi8wNy8yMDEzPC9zcGFuPjxicj5FbCBkZXJlY2hvIGRlIGxvcyBuafFvcyBhIHNlciBlc2N1Y2hhZG9zPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5VbiBob21icmUgYWN1c2FkbyBkZSBoYWJlciBhYnVzYWRvIGRlIHN1cyBoaWpvcyBoYWImaWFjdXRlO2Egc2lkbyBzb2JyZXNlJmlhY3V0ZTtkbyBkb3MgdmVjZXMgcG9yIGxhIEp1c3RpY2lhLiBQZXJvIGFob3JhLCBsYSBDJmFhY3V0ZTttYXJhIGRlIENhc2FjaSZvYWN1dGU7biByZXZvYyZvYWN1dGU7IGVzYSBkZWNpc2kmb2FjdXRlO24gcG9ycXVlIGVuIGxhIGludmVzdGlnYWNpJm9hY3V0ZTtuIGVsIGp1ZXogbnVuY2EgaGFiJmlhY3V0ZTthIGVzY3VjaGFkbyBhIGxvcyBjaGljb3MuIFkgb3JkZW4mb2FjdXRlOyBxdWUgdGVuZ2EgZW4gY3VlbnRhIGxvIHF1ZSBkaWNlbi48L3A+DQo8cD5Qb3IgTWFyaWFuYSBDYXJiYWphbDwvcD48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxOSUiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDUiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMTkuanBnIiB3aWR0aD0iNzUiIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjYwJSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjxhIGhyZWY9IiMiPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjAlIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwNSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMi5qcGciIHdpZHRoPSI3OCIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18yNi5qcGciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjYuanBnIiB3aWR0aD0iMiIgaGVpZ2h0PSIyIiAvPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgPC90cj4KCQkgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZD48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE1NiIgcm93c3Bhbj0iMiIgdmFsaWduPSJ0b3AiPgoJCQkJCgkJCQk8dGFibGUgd2lkdGg9IjMyJSIgYm9yZGVyPSIxIiBjZWxsc3BhY2luZz0iMyIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48aW1nIHNyYz0ic3JjL2ltZ191cC8wNjA2MjAxMy4xLmpwZyIgd2lkdGg9IjE0NiIgLz48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT4KCQkJCQkJCQk8L3RkPiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjA2LzA2LzIwMTM8L3NwYW4+PGJyPkFidXNvIHNleHVhbCBpbmZhbnRpbC4gRGVzYWZpb3MgZGUgbGEgY2xpbmljYSBhY3R1YWw8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iNyIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9Ijg1IiBjb2xzcGFuPSI0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPkFiaWVydGEgbGEgaW5zY3JpcGNpb248L3A+DQo8cD5Eb2NlbnRlczogTGljLiBNYXJpYSBCZWF0cml6IE0mdXVtbDtsbGVyLiBMaWMuIFBhb2xhIE11Jm50aWxkZTtveiBEdWFydGU8L3A+DQo8cD5JbmljaW86IE1pZXJjb2xlcyAxOSBkZSBKdW5pbzwvcD4NCjxwPkZyZWN1ZW5jaWE6IFNlbWFuYWw8L3A+DQo8cD5Nb2RhbGlkYWQ6IEludGVuc2l2YTwvcD4NCjxwPkNvbnRlbmlkb3M6ICZuYnNwOyBFc3RhIGRlc3RpbmFkbyBhIHRvZG9zIGxvcyBwcm9mZXNpb25hbGVzIGNvbXByb21ldGlkb3MgY29uIGxhIHRlbWF0aWNhIGRlbCBhYnVzbyBpbmZhbnRpbCBxdWUgcXVpZXJhbiBhY3R1YWxpemFyc2UgZSBpbnRlcmNhbWJpYXIgZXhwZXJpZW5jaWFzIGRlIHRyYWJham8uLi48L3A+DQo8cD4mbmJzcDs8L3A+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTklIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA0Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzE5LmpwZyIgd2lkdGg9Ijc1IiBoZWlnaHQ9IjQxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMS5qcGciIHdpZHRoPSI1MyIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48YSBocmVmPSIjIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDQiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIiBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgIDwvdHI+CgkJICAgICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNTYiIHJvd3NwYW49IjIiIHZhbGlnbj0idG9wIj4KCQkJCQoJCQkJPHRhYmxlIHdpZHRoPSIzMiUiIGJvcmRlcj0iMSIgY2VsbHNwYWNpbmc9IjMiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PGltZyBzcmM9InNyYy9pbWdfdXAvMTYwNTIwMTMuMC5qcGciIHdpZHRoPSIxNDYiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+CgkJCQkJCQkJPC90ZD4gICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBjbGFzcz0idGl0dWxvaG9tZTEiPjxzcGFuIGNsYXNzPSJkZXN0YWNhZG9zIj4xNi8wNS8yMDEzPC9zcGFuPjxicj5TYWx1ZCBBY3RpdmEgbmVjZXNpdGEgZGUgdHUgYXl1ZGEhPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5UcmFiYWphbW9zIGNvbW8gcG9kZW1vczogYmEmbnRpbGRlO29zIHJvdG9zLCBzdXNwZW5zaSZvYWN1dGU7biBkZSByZXVuaW9uZXMgcG9yIGNvcnRlcyBkZSBsdXogeSBhZ3VhLCBqdWd1ZXRlcyB2aWVqb3MsIG1lc2VzIGRlIGF0cmFzbyBlbiBlbCBwYWdvIGRlIHN1cyBwcm9mZXNpb25hbGVzIGRlIGxhIHNhbHVkLiBSZWNpZW50ZW1lbnRlIHR1dmltb3MgcXVlIGNlcnJhciBudWVzdHJvIHF1ZXJpZG8gSG9nYXI6ICZsZHF1bztNZXRhbW9yZm9zaXMmcmRxdW87IGVyYSBlbCBsdWdhciBxdWUgc3VwbyBjb250ZW5lciBhIG5pJm50aWxkZTthcyB5IGomb2FjdXRlO3ZlbmVzIHJlc2NhdGFkYSBkZSByZWRlcyBkZSB0cmF0YSBvIHYmaWFjdXRlO2N0aW1hcyBkZSBhYnVzbyBpbnRyYWZhbWlsaWFyLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwMyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzAzIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjAzLzA1LzIwMTM8L3NwYW4+PGJyPlJFUFVESU8gQSBMQSBQUkVTRU5DSUEgRU4gTEEgRkVSSUEgREVMIExJQlJPIERFIFVOIEVYIEpVRVogQUNVU0FETyBERSBBQlVTTyBTRVhVQUw8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iNyIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9Ijg1IiBjb2xzcGFuPSI0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPkZ1ZSBjYW1hcmlzdGEgZW4gTWFyIGRlbCBQbGF0YSBkdXJhbnRlIGxhIGRpY3RhZHVyYS4gSGFjZSBhJm50aWxkZTtvcywgdmFyaWFzIG11amVyZXMgbG8gYWN1c2Fyb24gZGUgaGFiZXIgYWJ1c2FkbyBkZSBlbGxhcyBjdWFuZG8gZXJhbiBuaSZudGlsZGU7YXMuIExhIGNhdXNhIHByZXNjcmliaSZvYWN1dGU7IHkgbm8gaHVibyBjb25kZW5hLiBNYSZudGlsZGU7YW5hIHRpZW5lIHByZXZpc3RvIGZpcm1hciBzdSBsaWJyby4gRXNhcyBtaXNtYXMgbXVqZXJlcyBwaWRlbiBxdWUgbm8gc2VhIGFkbWl0aWRvIGVuIGxhIGZlcmlhLjwvcD48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxOSUiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDIiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMTkuanBnIiB3aWR0aD0iNzUiIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjYwJSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjxhIGhyZWY9IiMiPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjAlIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwMiI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMi5qcGciIHdpZHRoPSI3OCIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18yNi5qcGciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjYuanBnIiB3aWR0aD0iMiIgaGVpZ2h0PSIyIiAvPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgPC90cj4KCQkgIDwhLS0gRklOIG5vdGEgZGVzdGFjYWRhIC0tPgogICAgICAgIDwvdGFibGU+ICAgICAgICA8L3RkPgogICAgICAgIDx0ZCB3aWR0aD0iNSUiIGFsaWduPSJyaWdodCI+PGltZyBzcmM9ImltZy81eDUuanBnIiB3aWR0aD0iMTUiIGhlaWdodD0iMTUiIC8+PC90ZD4KICAgICAgPC90cj4KICAgIDwvdGFibGU+PC90ZD4KICA8L3RyPgogIDx0cj4KICAgIDx0ZCB3aWR0aD0iMSUiPjxpbWcgc3JjPSJpbWcvNXg1LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjE1IiAvPjwvdGQ+CiAgICA8dGQgY29sc3Bhbj0iMiIgYWxpZ249ImNlbnRlciI+Jm5ic3A7PC90ZD4KICAgIDx0ZCB3aWR0aD0iMiUiPjxpbWcgc3JjPSJpbWcvNXg1LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjE1IiAvPjwvdGQ+CiAgPC90cj4KICAKICA8dGQ+CiAgPHRyPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgICA8dGQgY29sc3Bhbj0iMiI+Jm5ic3A7PC90ZD4KICA8L3RyPgogIDx0ciBhbGlnbj0iY2VudGVyIj4KICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgPHRkIHdpZHRoPSI5NyIgY29sc3Bhbj0iMiIgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iNTQ2IiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMyIgY2xhc3M9ImJvcmRlIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgYWxpZ249ImNlbnRlciIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZCA+PC90ZD4KICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIiBjbGFzcz0idGl0dWxvaG9tZTIiPjx0YWJsZSB3aWR0aD0iIiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYWxpZ249ImxlZnQiIHZhbGlnbj0iYm90dG9tIiBjbGFzcz0idGl0dWxvaG9tZTIiPlJhbmtpbmc8L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGFsaWduPSJsZWZ0IiB2YWxpZ249ImJvdHRvbSIgY2xhc3M9InRpdHVsb2hvbWUyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iIiBoZWlnaHQ9IjM1IiBhbGlnbj0ibGVmdCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIyNSIgY2xhc3M9ImNvbnRlbmlkb2hvbWUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMjUiIGNsYXNzPSJjb250ZW5pZG9ob21lIj48c3Ryb25nPiZidWxsO0xhcyBtJmFhY3V0ZTtzIGxlaWRhczwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGNsYXNzPSJjb250ZW5pZG9ob21lIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBjbGFzcz0iY29udGVuaWRvaG9tZSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgY2xhc3M9ImNvbnRlbmlkb2hvbWUiPjxzdHJvbmc+JmJ1bGw7TGFzIG0mYWFjdXRlO3MgY29tZW50YWRhczwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIlIiBoZWlnaHQ9IjIwIiB2YWxpZ249Im1pZGRsZSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yOTgiIGNsYXNzPSJib3RvbiI+PGltZyBzcmM9ImltZy9mbGVjaGFuYXJhbmphZmdyaXNfMjQuanBnIiB3aWR0aD0iMTQiIGhlaWdodD0iNyIgYm9yZGVyPSIwIiBhbGlnbj0iYWJzbWlkZGxlIiAvPjwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDElIiBoZWlnaHQ9IjMwIiB2YWxpZ249InRvcCIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yOTgiIGNsYXNzPSJib3RvbiI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgTHVkb3RlY2EgR2FyYWJhdG8gLSBQcm95ZWN0byBzYWx1ZGFjdGl2YSwgUG9yIHVuYSBpbmZhbmNpYSBmZWxpeiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iOSUiIGJnY29sb3I9IiNFRkVGRUYiPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzJSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0xNjIiIGNsYXNzPSJib3RvbiI+PGltZyBzcmM9ImltZy9mbGVjaGFuYXJhbmphZmdyaXNfMjQuanBnIiB3aWR0aD0iMTQiIGhlaWdodD0iNyIgYm9yZGVyPSIwIiBhbGlnbj0iYWJzbWlkZGxlIiAvPjwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDUlIiBiZ2NvbG9yPSIjRUZFRkVGIj4gICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3JmFtcDtub3RhPTE2MiIgY2xhc3M9ImJvdG9uIj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBDdXJzbyBJbnRlbnNpdm8gZGUgb3BlcmFkb3IgdGVyYXBldXRpY28gZXNwZWNpYWxpemFkbyBlbiBlbCBhYm9yZGFqZSBkZWwgYWJ1c28sIGxhIHZpb2xlbmNpYSB5IGVsIG1hbHRyYXRvIGluZmFudGlsICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9hPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIlIiBoZWlnaHQ9IjIwIiB2YWxpZ249Im1pZGRsZSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yNDIiIGNsYXNzPSJib3RvbiI+PGltZyBzcmM9ImltZy9mbGVjaGFuYXJhbmphZmdyaXNfMjQuanBnIiB3aWR0aD0iMTQiIGhlaWdodD0iNyIgYm9yZGVyPSIwIiBhbGlnbj0iYWJzbWlkZGxlIiAvPjwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDElIiBoZWlnaHQ9IjMwIiB2YWxpZ249InRvcCIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yNDIiIGNsYXNzPSJib3RvbiI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgUFJPR1JBTUEgTEFTIFZJQ1RJTUFTIENPTlRSQSBMQVMgVklPTEVOQ0lBUyAgTWluaXN0ZXJpbyBkZSBKdXN0aWNpYSB5IERlcmVjaG9zIEh1bWFub3MgZGUgbGEgTmFjafNuICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9hPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI5JSIgYmdjb2xvcj0iI0VGRUZFRiI+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjMlIiBiZ2NvbG9yPSIjRUZFRkVGIj4gICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3JmFtcDtub3RhPTI1NSIgY2xhc3M9ImJvdG9uIj48aW1nIHNyYz0iaW1nL2ZsZWNoYW5hcmFuamFmZ3Jpc18yNC5qcGciIHdpZHRoPSIxNCIgaGVpZ2h0PSI3IiBib3JkZXI9IjAiIGFsaWduPSJhYnNtaWRkbGUiIC8+PC9hPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI0NSUiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MjU1IiBjbGFzcz0iYm90b24iPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIERpcGxvbWF0dXJhIGVuIEFib3JkYWplIGludGVyZGlzY2lwbGluYXJpbyBkZWwgbWFsdHJhdG8sIGxhIHZpb2xlbmNpYSB5IGVsIGFidXNvIHNleHVhbCBpbmZhbnRpbCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyJSIgaGVpZ2h0PSIyMCIgdmFsaWduPSJtaWRkbGUiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MzAzIiBjbGFzcz0iYm90b24iPjxpbWcgc3JjPSJpbWcvZmxlY2hhbmFyYW5qYWZncmlzXzI0LmpwZyIgd2lkdGg9IjE0IiBoZWlnaHQ9IjciIGJvcmRlcj0iMCIgYWxpZ249ImFic21pZGRsZSIgLz48L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjQxJSIgaGVpZ2h0PSIzMCIgdmFsaWduPSJ0b3AiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MzAzIiBjbGFzcz0iYm90b24iPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNhbHVkIEFjdGl2YSBuZWNlc2l0YSBkZSB0dSBheXVkYSEgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjklIiBiZ2NvbG9yPSIjRUZFRkVGIj48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMyUiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MTA0IiBjbGFzcz0iYm90b24iPjxpbWcgc3JjPSJpbWcvZmxlY2hhbmFyYW5qYWZncmlzXzI0LmpwZyIgd2lkdGg9IjE0IiBoZWlnaHQ9IjciIGJvcmRlcj0iMCIgYWxpZ249ImFic21pZGRsZSIgLz48L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjQ1JSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0xMDQiIGNsYXNzPSJib3RvbiI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgTGxhbWFkbyBwYXJhIHByZXNlbnRhY2nzbiBkZSB0cmFiYWpvcy4gICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjIwIiBiZ2NvbG9yPSIjRkZGRkZGIiBjbGFzcz0idGV4dG9udWV2byI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIyMCIgYmdjb2xvcj0iI0ZGRkZGRiIgY2xhc3M9InRleHRvbnVldm8iPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGJnY29sb3I9IiNGRkZGRkYiIGNsYXNzPSJ0ZXh0b251ZXZvIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBiZ2NvbG9yPSIjRkZGRkZGIiBjbGFzcz0idGV4dG9udWV2byI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgYmdjb2xvcj0iI0ZGRkZGRiIgY2xhc3M9InRleHRvbnVldm8iPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICA8L3RhYmxlPgogICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iIyIgY2xhc3M9ImJvdG9uIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgIDwvdHI+CiAgICAgICAgPC90YWJsZT48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgIDx0ZCBjb2xzcGFuPSIyIj4mbmJzcDs8L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KPCEtLSBJTklDSU8gbm90YSBjb211biAtLT4KICA8dHI+CiAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgIDx0ZCBjb2xzcGFuPSIyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQgd2lkdGg9IjElIj4mbmJzcDs8L3RkPgogICAgPHRkIGNvbHNwYW49IjIiIGFsaWduPSJjZW50ZXIiPjx0YWJsZSB3aWR0aD0iNTQwIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgIDx0cj4KICAgICAgICA8dGQgd2lkdGg9IjI3MCIgdmFsaWduPSJ0b3AiPgoJCQkJPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBhbGlnbj0ibGVmdCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MTUvMDQvMjAxMjwvc3Bhbj48YnI+T3JnYW5pemFuIGpvcm5hZGEgc29icmUgdmlvbGVuY2lhPC90ZD4KICAgICAgICAgIDwvdHI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTUiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODAiIGNvbHNwYW49IjQiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPlNlIGNlbnRyYXImYWFjdXRlOyBlbiBsb3MgZmVuJm9hY3V0ZTttZW5vcyBxdWUgYWZlY3RhbiBhIGxhIGZhbWlsaWEgeSBlbiBsbyBxdWUgb2N1cnJlIGVuIGxhcyBlc2N1ZWxhcy48YnIgLz4gU2UgbGxldmFyJmFhY3V0ZTsgYSBjYWJvIGVsIGx1bmVzIDIzLCBlbiBlbCBDZW50cm8gQ3VsdHVyYWwgZGUgVG9zY2hpIHkgVHJlcyANCkFycm95b3MsIHVuYSBqb3JuYWRhIGRlIHJlZmxleGkmb2FjdXRlO24geSBkZWJhdGUgYWJpZXJ0YSBhIGxhIGNvbXVuaWRhZCBzb2JyZSANCiZsZHF1bztWaW9sZW5jaWEgZW4gbGEgZmFtaWxpYSB5IGVuIGxhIGVzY3VlbGEgeSBzdSByZWxhY2kmb2FjdXRlO24gY29uIGVsIGZyYWNhc28gDQplc2NvbGFyJnJkcXVvOywgb3JnYW5pemFkYSBwb3IgbGEgQXNvY2lhY2kmb2FjdXRlO24gQ2l2aWwgQ2VudHJvIEFydCZlYWN1dGU7bWlkZXMgeSBsYSANCk11bmljaXBhbGlkYWQgZGUgQ2lwb2xsZXR0aS5TZSBjZW50cmFyJmFhY3V0ZTsgZW4gbG9zIGZlbiZvYWN1dGU7bWVub3MgcXVlIGFmZWN0YW4gYSBsYSBmYW1pbGlhIHkgZW4gbG8gcXVlIG9jdXJyZSBlbiBsYXMgZXNjdWVsYXMuPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI2OSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNjkiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICAgIDx0ZCB3aWR0aD0iMjcwIiBhbGlnbj0icmlnaHQiIHZhbGlnbj0idG9wIj4KCQkJCTx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgYWxpZ249ImxlZnQiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjMwLzAzLzIwMTI8L3NwYW4+PGJyPkNhcnRhIGRlIEFTQVBNSSAtIEFzb2NpYWNp824gQXJnZW50aW5hIGRlIFByZXZlbmNp824gZGVsIE1hbHRyYXRvIEluZmFudG8tSnV2ZW5pbDwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQgd2lkdGg9IjE1IiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wMV8xOS5qcGciIHdpZHRoPSIxNSIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjgwIiBjb2xzcGFuPSI0IiBhbGlnbj0ibGVmdCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5Mb3MgaW50ZWdyYW50ZXMgZGUgbGEgQ29taXNpJm9hY3V0ZTtuIERpcmVjdGl2YSBkZSBBU0FQTUkgLSBBc29jaWFjaSZvYWN1dGU7biBBcmdlbnRpbmEgZGUgUHJldmVuY2kmb2FjdXRlO24gZGVsIE1hbHRyYXRvIEluZmFudG8tSnV2ZW5pbCwgYXNvY2lhZGEgYSBsYSBJbnRlcm5hdGlvbmFsIFNvY2lldHkgZm9yIFByZXZlbnRpb24gb2YgQ2hpbGQgQWJ1c2UgYW5kIE5lZ2xlY3QgKElTUENBTikgLSwgdGVuZW1vcyBlbCBhZ3JhZG8gZGUgZGlyaWdpcm5vcyBhIFVzdGVkIHBhcmEgdHJhc21pdGlybGUgbnVlc3RyYSBwcm9mdW5kYSAmbmJzcDt5IGhvbmRhIHByZW9jdXBhY2kmb2FjdXRlO24gcG9yIGxhIHBvc3R1cmEgcXVlIHZpZW5lbiBhc3VtaWVuZG8gZW4gZm9ybWEgY29udGludWFkYSBhbGd1bm9zIGNvbGVnaW9zIGRlIHBzaWMmb2FjdXRlO2xvZ29zLCBlc3BlY2lhbG1lbnRlIGRlIGxhIHByb3ZpbmNpYSBkZSBCdWVub3MgQWlyZXMsIGVuIHJlbGFjaSZvYWN1dGU7biBhbCB0cmF0YW1pZW50byBwb2NvIHNlcmlvIHkgY29tcHJvbWV0aWRvIHF1ZSBzZSBsZXMgb3RvcmdhIGEgbGFzIGRlbnVuY2lhcyBlZmVjdHVhZGFzIGNvbnRyYSBwcm9mZXNpb25hbGVzIHBzaWMmb2FjdXRlO2xvZ29zLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI2OCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNjgiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgIDx0ZCBjb2xzcGFuPSIyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQgd2lkdGg9IjElIj4mbmJzcDs8L3RkPgogICAgPHRkIGNvbHNwYW49IjIiIGFsaWduPSJjZW50ZXIiPjx0YWJsZSB3aWR0aD0iNTQwIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgIDx0cj4KICAgICAgICA8dGQgd2lkdGg9IjI3MCIgdmFsaWduPSJ0b3AiPgoJCQkJPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBhbGlnbj0ibGVmdCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MjAvMDMvMjAxMjwvc3Bhbj48YnI+TEEgVklPTEVOQ0lBIFNFWFVBTCBDT05UUkEgTknRT1MgWSBOSdFBUyBFTiBDSUZSQVM8L3RkPgogICAgICAgICAgPC90cj4KICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkIHdpZHRoPSIxNSIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iMTUiIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4MCIgY29sc3Bhbj0iNCIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIiBjbGFzcz0idGV4dG9udWV2byI+PHA+UmFkaW9ncmFmJmlhY3V0ZTthIGRlIHVuIHByb2JsZW1hPC9wPg0KPHA+RGUgbG9zIG4mdWFjdXRlO21lcm9zIGNvbXBpbGFkb3MgcG9yIGRvcyBlcXVpcG9zIGRlbCBNaW5pc3RlcmlvIGRlIEp1c3RpY2lhLCBsYQ0KIGF1dG9yYSB0b21hIGxvcyBkZSBsYSBjaXVkYWQgZGUgQnVlbm9zIEFpcmVzIHBhcmEgdHJhemFyIHVuIHBhcmFkaWdtYSANCmRlIGxvcyBkZWxpdG9zIGNvbnRyYSBsYSBpbnRlZ3JpZGFkIHNleHVhbCBlbiBlbCBwYSZpYWN1dGU7cyB5IHNvYnJlIHN1IA0KYXRlbmNpJm9hY3V0ZTtuLjxiciAvPiA8YnIgLz4gJm5ic3A7UG9yIEV2YSBHaWJlcnRpPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI2MCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNjAiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICAgIDx0ZCB3aWR0aD0iMjcwIiBhbGlnbj0icmlnaHQiIHZhbGlnbj0idG9wIj4KCQkJCTx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgYWxpZ249ImxlZnQiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjE1LzAzLzIwMTI8L3NwYW4+PGJyPkZBTExPIERFIExBIENPUlRFIFNVUFJFTUEgU09CUkUgTEEgTk8gSlVESUNJQUxJWkFDSU9OIERFTCBBQk9SVE8gRU4gQ0FTT1MgREUgVklPTEFDSU9OPC90ZD4KICAgICAgICAgIDwvdHI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTUiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODAiIGNvbHNwYW49IjQiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPjxiciAvPiBKVVJJU0RJQ0NJT046IE5BQ0lPTkFMPGJyIC8+IE1BVEVSSUE6IEFCT1JUTy48YnIgLz4gVFJJQlVOQUw6IENvcnRlIFN1cHJlbWEgZGUgSnVzdGljaWEgZGUgbGEgTmFjaSZvYWN1dGU7bi48YnIgLz4gQVVUT1M6IEYuLCBBLiBMLiBzLyBtZWRpZGEgYXV0b3NhdGlzZmFjdGl2YS48YnIgLz4gRkVDSEE6IDEzLzAzLzIwMTIuPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI1OSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNTkiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KPCEtLSBGSU4gbm90YSBjb211biAtLT4KPC90YWJsZT4KPG1hcCBuYW1lPSJNYXBNYXAiIGlkPSJNYXBNYXAiPjxhcmVhIHNoYXBlPSJyZWN0IiBjb29yZHM9IjE0NCw0LDIxNCwzNiIgaHJlZj0iaW5kZXgucGhwP2lkPTE0IiAvPgo8L21hcD4KPG1hcCBuYW1lPSJNYXAyTWFwMiIgaWQ9Ik1hcDJNYXAyIj48YXJlYSBzaGFwZT0icmVjdCIgY29vcmRzPSIxNDcsNCwyMjAsMzYiIGhyZWY9ImluZGV4LnBocD9pZD0xNGEiIC8+CjwvbWFwPgo8bWFwIG5hbWU9Ik1hcDMiIGlkPSJNYXAzIj48YXJlYSBzaGFwZT0icmVjdCIgY29vcmRzPSIzNjMsMyw0MzYsMzkiIGhyZWY9ImluZGV4LnBocD9pZD0xNGIiIC8+CjwvbWFwPgo8L2h0bWw+CjwvdGQ+CiAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgICA8dGQgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIiBiZ2NvbG9yPSIjRTNFM0UzIj4gICAgICAgICAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgICA8dGQgYWxpZ249ImNlbnRlciIgdmFsaWduPSJ0b3AiIGJnY29sb3I9IiNFM0UzRTMiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPHRkIHdpZHRoPSI3MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNiUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8dGQ+PGltZyBzcmM9ImltZy9kZWNpbG9fYmllbl9mdWVydGUxLmpwZyIgd2lkdGg9IjEyMCIgaGVpZ2h0PSIxMTIiPjwvdGQ+CiAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIiA+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTI0IiBjbGFzcz0iYm90b24xIj5bK10gTSZhYWN1dGU7cyBpbmZvcm1hY2kmb2FjdXRlO248L2E+PC90ZD4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPC90cj4KICAgICAgICAgIDwvdGFibGU+CiAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgYmdjb2xvcj0iI0UzRTNFMyI+ICAgICAgICA8L3RyPgogICAgICAgIDx0cj4gCiAgICAgICAgICA8dGQgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIj4mbmJzcDs8L3RkPgogICAgICAgIDwvdHI+CiAgICA8L3RhYmxlPjwvdGQ+CiAgPC90cj4KICA8dHI+IAogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249ImJvdHRvbSI+PGltZyBzcmM9ImltZy9penExLmpwZyIgd2lkdGg9Ijk2IiBoZWlnaHQ9IjExNCIgLz48L3RkPgogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9RdWllbmVzU29tb3NfQTJfMF8yNS5qcGciIHdpZHRoPSI4MDkiIGhlaWdodD0iMTE0IiBib3JkZXI9IjAiIHVzZW1hcD0iI01hcDIiIC8+PC90ZD4KICA8L3RyPgogIDx0cj4gCiAgICA8dGQgaGVpZ2h0PSI1MCIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIiBiYWNrZ3JvdW5kPSJpbWcvUXVpZW5lc1NvbW9zX0EyXzE4XzE4LmpwZyI+Jm5ic3A7PC90ZD4KICAgIDx0ZCBoZWlnaHQ9IjUwIiBjbGFzcz0iZm9uZG9ib3R0b20iPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2l0ZWkuY29tLmFyLyI+PGltZyBzcmM9ImltZy9laV9jb2xvci5wbmciIGFsdD0iZXNwYWNpb3MgZGUgaW1hZ2luYWNpb24sIGRlc2Fycm9sbG9zIGludGVyYWN0aXZvcywgY3JlYXRpdmlkYWQsIGRpc2XxbyIgd2lkdGg9IjI3IiBoZWlnaHQ9IjE1IiBib3JkZXI9IjAiPjwvYT4gPHNwYW4gY2xhc3M9ImVpIj48YSBocmVmPSJodHRwOi8vd3d3LnNpdGVpLmNvbS5hci8iIHNwYW4gY2xhc3M9ImVpIj5kaXNlJm50aWxkZTtvICsgY29tdW5pY2FjaSZvYWN1dGU7bjwvYT48L3NwYW4+PGVtPiZuYnNwOzwvZW0+PC9zcGFuPjxzcGFuIGNsYXNzPSJibGFuY28xIj48ZW0+Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7PC9lbT48L3NwYW4+PC90ZD4KICA8L3RyPgo8L3RhYmxlPgoKCjxtYXAgbmFtZT0iTWFwMiI+PGFyZWEgc2hhcGU9InJlY3QiIGNvb3Jkcz0iMjQ3LDY5LDQxNCw4MiIgaHJlZj0ibWFpbHRvOnNhbHVkYWN0aXZhQHNhbHVkYWN0aXZvLm9yZy5hciI+CjwvbWFwPgo8bWFwIG5hbWU9Ik1hcCI+CjxhcmVhIHNoYXBlPSJyZWN0IiBjb29yZHM9IjM2LDE0MiwxNDksMTUyIiBocmVmPSJpbmRleC5waHA/aWQ9OF92ZXIyJmNvbmY9MiI+CjxhcmVhIHNoYXBlPSJyZWN0IiBjb29yZHM9IjM0LDE4NiwxNTAsMTk2IiBocmVmPSJpbmRleC5waHA/aWQ9OF92ZXIyJmNvbmY9MCI+CjwvbWFwPgo8L2JvZHk+CjwvaHRtbD4K]]></response>
	42	<responseRedirected>false</responseRedirected>
	43	</requestresponse>
	44	</issue>
	45	<issue>
	46	<serialNumber>7694445463187357696</serialNumber>
	47	<type>3145984</type>
	48	<name>Cleartext submission of password</name>
	49	<host ip="200.20.20.201">http://www.example.org.ar</host>
	50	<path><![CDATA[/]]></path>
	51	<location><![CDATA[/]]></location>
	52	<severity>High</severity>
	53	<confidence>Certain</confidence>
	54	<issueBackground><![CDATA[Passwords submitted over an unencrypted connection are vulnerable to capture by an attacker who is suitably positioned on the network. This includes any malicious party located on the user's own network, within their ISP, within the ISP used by the application, and within the application's hosting infrastructure. Even if switched networks are employed at some of these locations, techniques exist to circumvent this defense and monitor the traffic passing through switches. ]]></issueBackground>
	55	<remediationBackground><![CDATA[The application should use transport-level encryption (SSL or TLS) to protect all sensitive communications passing between the client and the server. Communications that should be protected include the login mechanism and related functionality, and any functions where sensitive data can be accessed or privileged actions can be performed. These areas of the application should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications. If HTTP cookies are used for transmitting session tokens, then the secure flag should be set to prevent transmission over clear-text HTTP.]]></remediationBackground>
	56	<issueDetail><![CDATA[The page contains a form with the following action URL, which is submitted over clear-text HTTP:<ul><li>http://www.example.org.ar/login.php</li></ul>The form contains the following password field:<ul><li>pass</li></ul>]]></issueDetail>
	57	<requestresponse>
	58	<request base64="true"><![CDATA[R0VUIC8gSFRUUC8xLjENCkhvc3Q6IHd3dy5zYWx1ZGFjdGl2YS5vcmcuYXINClVzZXItQWdlbnQ6IE1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwLjg7IHJ2OjIzLjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMjMuMA0KQWNjZXB0OiB0ZXh0L2h0bWwsYXBwbGljYXRpb24veGh0bWwreG1sLGFwcGxpY2F0aW9uL3htbDtxPTAuOSwqLyo7cT0wLjgNCkFjY2VwdC1MYW5ndWFnZTogZW4tVVMsZW47cT0wLjUNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KQ29ubmVjdGlvbjoga2VlcC1hbGl2ZQ0KDQo=]]></request>
	59	<response base64="true"><![CDATA[SFRUUC8xLjEgMjAwIE9LDQpEYXRlOiBUaHUsIDA3IE5vdiAyMDEzIDE3OjEyOjAyIEdNVA0KU2VydmVyOiBBcGFjaGUvMi4yLjIzIChVbml4KSBtb2Rfc3NsLzIuMi4yMyBPcGVuU1NMLzAuOS44ZS1maXBzLXJoZWw1DQpYLVBvd2VyZWQtQnk6IFBIUC81LjIuMTcNCkV4cGlyZXM6IFRodSwgMTkgTm92IDE5ODEgMDg6NTI6MDAgR01UDQpDYWNoZS1Db250cm9sOiBuby1zdG9yZSwgbm8tY2FjaGUsIG11c3QtcmV2YWxpZGF0ZSwgcG9zdC1jaGVjaz0wLCBwcmUtY2hlY2s9MA0KUHJhZ21hOiBuby1jYWNoZQ0KU2V0LUNvb2tpZTogUEhQU0VTU0lEPTk0NTg1YWEwYzExY2YyZTg2NGQ4M2UyNDY3OGI5ODY1OyBwYXRoPS8NCktlZXAtQWxpdmU6IHRpbWVvdXQ9MjAsIG1heD0yMDANCkNvbm5lY3Rpb246IEtlZXAtQWxpdmUNCkNvbnRlbnQtVHlwZTogdGV4dC9odG1sDQpDb250ZW50LUxlbmd0aDogNjA2MDYNCg0KIDxoZWFkPgo8bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LVR5cGUiIGNvbnRlbnQ9InRleHQvaHRtbDsgY2hhcnNldD1pc28tODg1OS0xIiAvPgo8dGl0bGU+U2FsdWQgQWN0aXZhIC0gQWJ1c28gdmlvbGVuY2lhIHkgbWFsdHJhdG88L3RpdGxlPgoKPHNjcmlwdD4gCiAgICAvL2VzdG8gcGFyYSBwYXNhcmxlIGFsIGZsYXNoIGxhcyB2YXJpYWxiZXMgZGVsIHBocAogCQoKCXZhciBib3Q9Jyc7Ci8vYWxlcnQodmFyaWFibGVTZXJ2aWRvcik7Cjwvc2NyaXB0Pgo8c2NyaXB0IGxhbmd1YWdlPSJKYXZhU2NyaXB0IiB0eXBlPSJ0ZXh0L0phdmFTY3JpcHQiPgo8IS0tCmZ1bmN0aW9uIE1NX3ByZWxvYWRJbWFnZXMoKSB7IC8vdjMuMAogIHZhciBkPWRvY3VtZW50OyBpZihkLmltYWdlcyl7IGlmKCFkLk1NX3ApIGQuTU1fcD1uZXcgQXJyYXkoKTsKICAgIHZhciBpLGo9ZC5NTV9wLmxlbmd0aCxhPU1NX3ByZWxvYWRJbWFnZXMuYXJndW1lbnRzOyBmb3IoaT0wOyBpPGEubGVuZ3RoOyBpKyspCiAgICBpZiAoYVtpXS5pbmRleE9mKCIjIikhPTApeyBkLk1NX3Bbal09bmV3IEltYWdlOyBkLk1NX3BbaisrXS5zcmM9YVtpXTt9fQp9Ci8vLS0+Cjwvc2NyaXB0Pgo8bGluayBocmVmPSJlc3RpbG9zLmNzcyIgcmVsPSJzdHlsZXNoZWV0IiB0eXBlPSJ0ZXh0L2NzcyIgLz4KCjwvaGVhZD4KCjxzY3JpcHQgbGFuZ3VhZ2U9IkphdmFTY3JpcHQiIHR5cGU9InRleHQvSmF2YVNjcmlwdCI+CjwhLS0KZnVuY3Rpb24gTU1fcmVsb2FkUGFnZShpbml0KSB7ICAvL3JlbG9hZHMgdGhlIHdpbmRvdyBpZiBOYXY0IHJlc2l6ZWQKICBpZiAoaW5pdD09dHJ1ZSkgd2l0aCAobmF2aWdhdG9yKSB7aWYgKChhcHBOYW1lPT0iTmV0c2NhcGUiKSYmKHBhcnNlSW50KGFwcFZlcnNpb24pPT00KSkgewogICAgZG9jdW1lbnQuTU1fcGdXPWlubmVyV2lkdGg7IGRvY3VtZW50Lk1NX3BnSD1pbm5lckhlaWdodDsgb25yZXNpemU9TU1fcmVsb2FkUGFnZTsgfX0KICBlbHNlIGlmIChpbm5lcldpZHRoIT1kb2N1bWVudC5NTV9wZ1cgfHwgaW5uZXJIZWlnaHQhPWRvY3VtZW50Lk1NX3BnSCkgbG9jYXRpb24ucmVsb2FkKCk7Cn0KTU1fcmVsb2FkUGFnZSh0cnVlKTsKLy8tLT4KCjwvc2NyaXB0Pgo8c2NyaXB0IHNyYz0iU2NyaXB0cy9BQ19SdW5BY3RpdmVDb250ZW50LmpzIiB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPjwvc2NyaXB0PgoKCjwvaGVhZD4KCjxib2R5IGJhY2tncm91bmQ9ImltZy9mb25kb19kZWdyYWRlLmpwZyIgdG9wbWFyZ2luPSIwIj4KPHRhYmxlIHdpZHRoPSIxMDA1IiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgPHRyPiAKICAgIDx0ZCB3aWR0aD0iOTYiPjxpbWcgc3JjPSJpbWcvUXVpZW5lc1NvbW9zX0EyXzBfMDEuanBnIiB3aWR0aD0iOTYiIGhlaWdodD0iMjA4IiAvPjwvdGQ+CiAgICA8dGQgd2lkdGg9IjgwOSI+IDxzY3JpcHQgdHlwZT0idGV4dC9qYXZhc2NyaXB0Ij4KQUNfRkxfUnVuQ29udGVudCggJ2NvZGViYXNlJywnaHR0cDovL2Rvd25sb2FkLm1hY3JvbWVkaWEuY29tL3B1Yi9zaG9ja3dhdmUvY2Ficy9mbGFzaC9zd2ZsYXNoLmNhYiN2ZXJzaW9uPTcsMCwxOSwwJywnd2lkdGgnLCc4MDknLCdoZWlnaHQnLCcyMDgnLCdzcmMnLCdzd2YvaGVhZGVyJywncXVhbGl0eScsJ2hpZ2gnLCdwbHVnaW5zcGFnZScsJ2h0dHA6Ly93d3cubWFjcm9tZWRpYS5jb20vZ28vZ2V0Zmxhc2hwbGF5ZXInLCdtb3ZpZScsJ3N3Zi9oZWFkZXInICk7IC8vZW5kIEFDIGNvZGUKPC9zY3JpcHQ+IDxub3NjcmlwdD4KICAgICAgPG9iamVjdCBjbGFzc2lkPSJjbHNpZDpEMjdDREI2RS1BRTZELTExY2YtOTZCOC00NDQ1NTM1NDAwMDAiIGNvZGViYXNlPSJodHRwOi8vZG93bmxvYWQubWFjcm9tZWRpYS5jb20vcHViL3Nob2Nrd2F2ZS9jYWJzL2ZsYXNoL3N3Zmxhc2guY2FiI3ZlcnNpb249NywwLDE5LDAiIHdpZHRoPSI4MDkiIGhlaWdodD0iMjA4Ij4KICAgICAgICA8cGFyYW0gbmFtZT0ibW92aWUiIHZhbHVlPSJzd2YvaGVhZGVyLnN3ZiIgLz4KICAgICAgICA8cGFyYW0gbmFtZT0icXVhbGl0eSIgdmFsdWU9ImhpZ2giIC8+CiAgICAgICAgPGVtYmVkIHNyYz0ic3dmL2hlYWRlci5zd2YiIHF1YWxpdHk9ImhpZ2giIHBsdWdpbnNwYWdlPSJodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL2dvL2dldGZsYXNocGxheWVyIiB0eXBlPSJhcHBsaWNhdGlvbi94LXNob2Nrd2F2ZS1mbGFzaCIgd2lkdGg9IjgwOSIgaGVpZ2h0PSIyMDgiPjwvZW1iZWQ+IAogICAgICA8L29iamVjdD4KICAgICAgPC9ub3NjcmlwdD48L3RkPgogICAgPHRkIHdpZHRoPSIxMiUiIHJvd3NwYW49IjUiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgYmdjb2xvcj0iIzAwMDAwMCI+Jm5ic3A7PC90ZD4KICA8L3RyPgogIDx0cj4gCiAgICA8dGQgaGVpZ2h0PSI0NjEiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgYmFja2dyb3VuZD0iaW1nL1F1aWVuZXNTb21vc19BMl8wXzEzLmpwZyI+IAogICAgICA8c2NyaXB0IHR5cGU9InRleHQvamF2YXNjcmlwdCI+CkFDX0ZMX1J1bkNvbnRlbnQoICdjb2RlYmFzZScsJ2h0dHA6Ly9kb3dubG9hZC5tYWNyb21lZGlhLmNvbS9wdWIvc2hvY2t3YXZlL2NhYnMvZmxhc2gvc3dmbGFzaC5jYWIjdmVyc2lvbj02LDAsMjksMCcsJ3dpZHRoJywnOTYnLCdoZWlnaHQnLCc0NjEnLCdzcmMnLCdzd2Yvc3VibWVudScsJ3F1YWxpdHknLCdoaWdoJywncGx1Z2luc3BhZ2UnLCdodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL2dvL2dldGZsYXNocGxheWVyJywnbW92aWUnLCdzd2Yvc3VibWVudScgKTsgLy9lbmQgQUMgY29kZQo8L3NjcmlwdD4gPG5vc2NyaXB0PgogICAgICA8b2JqZWN0IGNsYXNzaWQ9ImNsc2lkOkQyN0NEQjZFLUFFNkQtMTFjZi05NkI4LTQ0NDU1MzU0MDAwMCIgY29kZWJhc2U9Imh0dHA6Ly9kb3dubG9hZC5tYWNyb21lZGlhLmNvbS9wdWIvc2hvY2t3YXZlL2NhYnMvZmxhc2gvc3dmbGFzaC5jYWIjdmVyc2lvbj02LDAsMjksMCIgd2lkdGg9Ijk2IiBoZWlnaHQ9IjQ2MSI+CiAgICAgICAgPHBhcmFtIG5hbWU9Im1vdmllIiB2YWx1ZT0ic3dmL3N1Ym1lbnUuc3dmIiAvPgogICAgICAgIDxwYXJhbSBuYW1lPSJxdWFsaXR5IiB2YWx1ZT0iaGlnaCIgLz4KICAgICAgICA8ZW1iZWQgc3JjPSJzd2Yvc3VibWVudS5zd2YiIHF1YWxpdHk9ImhpZ2giIHBsdWdpbnNwYWdlPSJodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL2dvL2dldGZsYXNocGxheWVyIiB0eXBlPSJhcHBsaWNhdGlvbi94LXNob2Nrd2F2ZS1mbGFzaCIgd2lkdGg9Ijk2IiBoZWlnaHQ9IjQ2MSI+PC9lbWJlZD48L29iamVjdD4KICAgICAgPC9ub3NjcmlwdD48L3RkPgogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCIgYmdjb2xvcj0iI0ZGRkZGRiI+CiAgICAgICAgPHRyPiAKICAgICAgICAgIDx0ZCB3aWR0aD0iMTciIHJvd3NwYW49IjciPjxwPiZuYnNwOzwvcD48L3RkPgogICAgICAgICAgPHRkIHdpZHRoPSIxNzIiIGFsaWduPSJjZW50ZXIiIHZhbGlnbj0idG9wIiBiZ2NvbG9yPSIjRTNFM0UzIj4gPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGFsaWduPSJjZW50ZXIiPjxpbWcgc3JjPSJpbWcvM3B4LmpwZyIgd2lkdGg9IjUiIGhlaWdodD0iNSI+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4gCiAgICAgICAgICAgICAgICA8dGQgYWxpZ249ImNlbnRlciI+PGxpbmsgaHJlZj0iLi4vZXN0aWxvcy5jc3MiIHJlbD0ic3R5bGVzaGVldCIgdHlwZT0idGV4dC9jc3MiIC8+Cjxib2R5IGJnY29sb3I9IiNDQ0NDQ0MiIHRvcG1hcmdpbj0iNiBweCI+PHRhYmxlIHdpZHRoPSIxNjUiIGJvcmRlcj0iMCIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIzIiBiZ2NvbG9yPSIjRkZGRkZGIj4KPHRyPgogICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTkxIiBoZWlnaHQ9IjI4IiBiYWNrZ3JvdW5kPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiA+PGltZyBzcmM9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciIHdpZHRoPSI2IiAgaGVpZ2h0PSIyOCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJpbmRleC5waHA/aWQ9MThfbmV3IiBjbGFzcz0iZm9uZG9ib3RvbiI+SG9tZTwvYT48L3RkPgogIDwvdHI+Cjx0cj4KICA8dGQgaGVpZ2h0PSIyOCIgYmFja2dyb3VuZD0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXciIGNsYXNzPSJmb25kb2JvdG9uIj4mbmJzcDsmbmJzcDtOb3RpY2lhczwvYT48L3RkPgo8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMjgiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgd2lkdGg9IjYiIGhlaWdodD0iMjgiIGJvcmRlcj0iMCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJkb25hY2lvbmVzLyIgdGFyZ2V0PSJfYmxhbmsiIGNsYXNzPSJmb25kb2JvdG9uIj5Eb25hY2lvbmVzPC9hPjwvdGQ+CiAgPC90cj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjI4IiBiYWNrZ3JvdW5kPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiA+PGltZyBzcmM9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciICB3aWR0aD0iNiJoZWlnaHQ9IjI4IiBhbGlnbj0iYWJzbWlkZGxlIiAvPjxhIGhyZWY9ImluZGV4LnBocD9pZD0yM19uZXciIGNsYXNzPSJmb25kb2JvdG9uIj5IaXN0b3JpYWwgZGUgbmV3c2xldHRlcnM8L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMjgiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgd2lkdGg9IjYiIGhlaWdodD0iMjgiIGFsaWduPSJhYnNtaWRkbGUiIC8+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTEzYSIgY2xhc3M9ImZvbmRvYm90b24iPkVudmlhciBpbmZvcm1hY2kmb2FjdXRlO248L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciPjxpbWcgc3JjPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiB3aWR0aD0iNiJoZWlnaHQ9IjI4IiBhbGlnbj0iYWJzbWlkZGxlIiAvPjxhIGhyZWY9ImluZGV4LnBocD9pZD0yNl9uZXciIGNsYXNzPSJmb25kb2JvdG9uIj5WZXIgdHJhYmFqb3MgZGUgdXN1YXJpb3M8L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciPjxpbWcgc3JjPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiB3aWR0aD0iNiIgaGVpZ2h0PSIyOCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJpbmRleC5waHA/aWQ9MTZfbmV3IiBjbGFzcz0iZm9uZG9ib3RvbiI+U2FsdWQgQWN0aXZhIHByZW5zYTwvYT48L3RkPgogIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIxOSIgYmFja2dyb3VuZD0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgPjxpbWcgc3JjPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiB3aWR0aD0iNiIgaGVpZ2h0PSIyOCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJtYWlsdG86c2FsdWRhY3RpdmFAc2FsdWRhY3RpdmEub3JnLmFyIiBjbGFzcz0iZm9uZG9ib3RvbiI+TWFuZCZhYWN1dGU7IHR1IEMuVi48L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgIHdpZHRoPSI2ImhlaWdodD0iMjgiIGFsaWduPSJhYnNtaWRkbGUiIC8+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTIxX25ldyIgY2xhc3M9ImZvbmRvYm90b24iPkluZm9ybWFjaSZvYWN1dGU7biBkZSBpbnRlciZlYWN1dGU7czwvYT48L3RkPgogIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIxOSIgYmFja2dyb3VuZD0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyI+PGltZyBzcmM9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciIHdpZHRoPSI2IiBoZWlnaHQ9IjI4IiBhbGlnbj0iYWJzbWlkZGxlIiAvPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xMF80IiBjbGFzcz0iZm9uZG9ib3RvbiI+Q29uZ3Jlc29zCiAgICAgICAgICAgICAgICAgIHkgSm9ybmFkYXM8L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgd2lkdGg9IjYiIGhlaWdodD0iMjgiIGFsaWduPSJhYnNtaWRkbGUiIC8+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTExIiBjbGFzcz0iZm9uZG9ib3RvbiI+UmVnaXN0cmFjaSZvYWN1dGU7bjwvYT48L3RkPgogIDwvdHI+CiAgICAgICAgICAgCiAgICAgICAgICA8L3RhYmxlPgo8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGFsaWduPSJjZW50ZXIiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNSIgdGFyZ2V0PSJfYmxhbmsiPjxicj4KICAgICAgICAgICAgICAgICAgPGltZyBzcmM9ImltZy9iYW5uZXJfZG9uYWNpb25lcy5qcGciIHdpZHRoPSIxNjIiIGhlaWdodD0iMTIwIiBib3JkZXI9IjAiPjxicj4KICAgICAgICAgICAgICAgICAgPGJyPgogICAgICAgICAgICAgICAgICA8aW1nIHNyYz0iaW1nL2JvdG9uRm9yby5naWYiIHdpZHRoPSIxNzIiIGhlaWdodD0iMTE3IiBib3JkZXI9IjAiPjwvYT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPiAKICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTY3IiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjkiPjxpbWcgc3JjPSJpbWcvY2hpY29zX3BlcmRpZG9zXzAzLmdpZiIgd2lkdGg9IjkiIGhlaWdodD0iOSIgLz48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTQ5IiBiYWNrZ3JvdW5kPSJpbWcvY2hpY29zX3BlcmRpZG9zXzA1LmdpZiI+PGltZyBzcmM9ImltZy9jaGljb3NfcGVyZGlkb3NfMDUuZ2lmIiB3aWR0aD0iOSIgaGVpZ2h0PSI5IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMCI+PGltZyBzcmM9ImltZy9jaGljb3NfcGVyZGlkb3NfMDcuZ2lmIiB3aWR0aD0iOSIgaGVpZ2h0PSI5IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgYmFja2dyb3VuZD0iaW1nL2NoaWNvc19wZXJkaWRvc18xMi5naWYiPjxpbWcgc3JjPSJpbWcvY2hpY29zX3BlcmRpZG9zXzEyLmdpZiIgd2lkdGg9IjkiIGhlaWdodD0iMTEiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQ+PGltZyBzcmM9InNyYy9pbWdfdXAvMjMwODIwMTIuMS5qcGciIHdpZHRoPSIxNDkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgYmFja2dyb3VuZD0iaW1nL2NoaWNvc19wZXJkaWRvc18xMy5naWYiPjxpbWcgc3JjPSJpbWcvY2hpY29zX3BlcmRpZG9zXzEzLmdpZiIgd2lkdGg9IjkiIGhlaWdodD0iMTEiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18xNi5naWYiIHdpZHRoPSIxNjciIGhlaWdodD0iNSIgLz48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGJhY2tncm91bmQ9ImltZy9jaGljb3NfcGVyZGlkb3NfMTcuZ2lmIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18xNy5naWYiIHdpZHRoPSI5IiBoZWlnaHQ9IjkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgYWxpZ249ImNlbnRlciIgYmdjb2xvcj0iI0ZFRTdDRiIgY2xhc3M9InRpdHVsb2hvbWU1Ij48c3Ryb25nPk5pJm50aWxkZTtvcyBwZXJkaWRvczxicj4KICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0yOSIgY2xhc3M9ImJvdG9uIj5bVmVyIG0mYWFjdXRlO3NdPC9hPjwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIGJhY2tncm91bmQ9ImltZy9jaGljb3NfcGVyZGlkb3NfMTkuZ2lmIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18xOS5naWYiIHdpZHRoPSI5IiBoZWlnaHQ9IjkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18yMC5naWYiIHdpZHRoPSIxNjciIGhlaWdodD0iMjUiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPiAKICAgICAgICAgICAgICAgIDx0ZD48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4NCgkJCQkNCgkJCQk8Zm9ybSBhY3Rpb249ImluZGV4LnBocD9pZD0xMSIgIG1ldGhvZD0icG9zdCI+DQogICAgICAgICAgICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMiI+PGltZyBzcmM9ImltZy9yZWdpc3RyYXRlX2VzcV9penExLmpwZyIgd2lkdGg9IjEyIiBoZWlnaHQ9IjQ4IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgICAgPHRkPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9hcnJpYmEuanBnIiB3aWR0aD0iMTQ2IiBoZWlnaHQ9IjQ4IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNCI+PGltZyBzcmM9ImltZy9yZWdpc3RyYXRlX2VzcV9kZXIxLmpwZyIgd2lkdGg9IjE0IiBoZWlnaHQ9IjQ4IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgIDwvdHI+DQogICAgICAgICAgICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMiIgdmFsaWduPSJ0b3AiIGNsYXNzPSJyZWdGb25kbzEiPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9penEuanBnIiB3aWR0aD0iMTIiIGhlaWdodD0iMTIiIC8+PC90ZD4NCiAgICAgICAgICAgICAgICAgICAgICA8dGQgYmdjb2xvcj0iI0ZGRkZGRiI+PHRhYmxlIHdpZHRoPSI5NCUiIGJvcmRlcj0iMCIgYWxpZ249ImNlbnRlciIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4NCiAgICAgICAgICA8dHI+IA0KICAgICAgICAgICAgPHRkPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV90aXQuanBnIiB3aWR0aD0iNjYiIGhlaWdodD0iMjMiIC8+PC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgaGVpZ2h0PSI1MCIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJyZWdpc3RyYXJzZSI+SW5ncmVzJmFhY3V0ZTsgDQogICAgICAgICAgICAgIHR1cyBkYXRvcyB5IHJlY2liJmlhY3V0ZTsgbGEgbWVqb3IgaW5mb3JtYWNpJm9hY3V0ZTtuIGEgdHJhdiZlYWN1dGU7cyANCiAgICAgICAgICAgICAgZGUgbnVlc3RybzxzdHJvbmc+IE5ld3NsZXR0ZXI8L3N0cm9uZz4uIDxzdHJvbmc+PHNwYW4gY2xhc3M9ImdyYXRpcyI+R3JhdGlzITwvc3Bhbj48L3N0cm9uZz48L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgICAgPHRyPiANCiAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjI1IiB2YWxpZ249Im1pZGRsZSIgY2xhc3M9InRyYWJTRUNDSU9OIj5Ob21icmU8L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgICAgPHRyPiANCiAgICAgICAgICAgIDx0ZCBjbGFzcz0icmVnQ0VMREEiPjxpbnB1dCBuYW1lPSJub21icmUiIHR5cGU9InRleHQiIGNsYXNzPSJyZWdDRUxEQWlucHV0IiBpZD0ibm9tYnJlIiAvPjwvdGQ+DQogICAgICAgICAgPC90cj4NCiAgICAgICAgICA8dHI+IA0KICAgICAgICAgICAgPHRkIGhlaWdodD0iMjUiIHZhbGlnbj0ibWlkZGxlIiBjbGFzcz0idHJhYlNFQ0NJT04iPkFwZWxsaWRvPC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgY2xhc3M9InJlZ0NFTERBIj48aW5wdXQgbmFtZT0iYXBlbGxpZG8iIHR5cGU9InRleHQiIGNsYXNzPSJyZWdDRUxEQWlucHV0IiBpZD0iYXBlbGxpZG8iIC8+PC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgaGVpZ2h0PSIyNSIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJ0cmFiU0VDQ0lPTiI+RS1tYWlsPC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgY2xhc3M9InJlZ0NFTERBIj48aW5wdXQgbmFtZT0iZW1haWwiIHR5cGU9InRleHQiIGNsYXNzPSJyZWdDRUxEQWlucHV0IiBpZD0iZW1haWwiIC8+PC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgY2xhc3M9InRyYWJTRUNDSU9OIj4mbmJzcDs8L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgICAgPHRyPiANCiAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIiBjbGFzcz0idHJhYlNFQ0NJT04iPjxpbnB1dCB0eXBlPSJpbWFnZSIgc3JjPSJpbWcvcmVnaXN0cmF0ZV9ib3Rvbi5qcGciIHdpZHRoPSIxMTciIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgIDwvdGFibGU+PC90ZD4NCiAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE0IiB2YWxpZ249InRvcCIgY2xhc3M9InJlZ0ZvbmRvMiI+PGltZyBzcmM9ImltZy9yZWdpc3RyYXRlX2Rlci5qcGciIHdpZHRoPSIxNCIgaGVpZ2h0PSIxNCIgLz48L3RkPg0KICAgICAgICAgICAgICAgICAgICA8L3RyPg0KICAgICAgICAgICAgICAgICAgICA8dHI+IA0KICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTIiIGhlaWdodD0iMjQiPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9lc3FfaXpxMi5qcGciIHdpZHRoPSIxMiIgaGVpZ2h0PSIyNCIgLz48L3RkPg0KICAgICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjI0Ij48aW1nIHNyYz0iaW1nL3JlZ2lzdHJhdGVfYWJham8uanBnIiB3aWR0aD0iMTQ2IiBoZWlnaHQ9IjI0IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgICAgPHRkPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9lc3FfZGVyMi5qcGciIHdpZHRoPSIxNCIgaGVpZ2h0PSIyNCIgLz48L3RkPg0KICAgICAgICAgICAgICAgICAgICA8L3RyPg0KCQkJCQkNCgkJCQkJPC9mb3JtPg0KICAgICAgICAgICAgICAgICAgPC90YWJsZT4NCjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4gCiAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPiAKICAgICAgICAgICAgICAgICAgPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTcwIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMyIgY2xhc3M9ImJvcmRlIj4KICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCA+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBhbGlnbj0ibGVmdCIgY2xhc3M9InRpdHVsb2hvbWUyIj4KCQkJCQkJCQkJCQkJCQkJCTwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICA8dGQ+PGltZyBzcmM9ImltZy9jbGF1ZGlhMl8wMy5qcGciIHdpZHRoPSIxNzQiIGhlaWdodD0iMjUwIiBib3JkZXI9IjAiIHVzZW1hcD0iI01hcCI+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8L3RhYmxlPiAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICA8L3RhYmxlPiAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICA8dGQgcm93c3Bhbj0iNyIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nLzV4NS5qcGciIHdpZHRoPSI3IiBoZWlnaHQ9IjciPjwvdGQ+CiAgICAgICAgICA8dGQgY29sc3Bhbj0iMiIgcm93c3Bhbj0iNCIgYWxpZ249InJpZ2h0IiB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPGZvcm0gYWN0aW9uPSJsb2dpbi5waHAiIG1ldGhvZD0icG9zdCIgbmFtZT0iZm9ybTIiPgoKICAgICAgICAgICAgICA8dHI+IAogICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIxOSIgY29sc3Bhbj0iMiIgYWxpZ249ImxlZnQiIHZhbGlnbj0ibWlkZGxlIiBjbGFzcz0iY29udGVuaWRvIiA+IAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8c3Ryb25nPlVzdWFyaW8gbm8gcmVnaXN0cmFkbzwvc3Ryb25nPiAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9mb250PiA8L3N0cm9uZz4gCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDkiIGFsaWduPSJyaWdodCIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJjb250ZW5pZG8iPlVzdWFyaW8mbmJzcDsmbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzOSIgdmFsaWduPSJtaWRkbGUiPjxpbnB1dCBuYW1lPSJ1c3VhcmlvIiB0eXBlPSJ0ZXh0IiBjbGFzcz0icmVnIiBpZD0idXN1YXJpbyIgc2l6ZT0iNyI+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjciIGFsaWduPSJyaWdodCIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJjb250ZW5pZG8iPkNvbnRyYXNlJm50aWxkZTthJm5ic3A7Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzkiIHZhbGlnbj0ibWlkZGxlIj48aW5wdXQgbmFtZT0icGFzcyIgdHlwZT0icGFzc3dvcmQiIGNsYXNzPSJyZWciIGlkPSJwYXNzIiBzaXplPSI3Ij48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MiIgYWxpZ249InJpZ2h0IiB2YWxpZ249Im1pZGRsZSIgY2xhc3M9ImJvdG9uIj48aW5wdXQgdHlwZT0iaW1hZ2UiIHNyYz0iaW1nL3JlZy5qcGciIHdpZHRoPSI1OCIgaGVpZ2h0PSIzMCI+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPiAKICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjciIGhlaWdodD0iMTkiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgPjxhIGhyZWY9Imh0dHA6Ly93d3cuZmFjZWJvb2suY29tL2hvbWUucGhwPyMhL3BhZ2VzL01lcmxvLUFyZ2VudGluYS9TQUxVRC1BQ1RJVkEvMTAwNTgzNTQzMzE3MzIyP3JlZj10cyZhamF4cGlwZT0xJl9fYT03IiB0YXJnZXQ9Il9ibGFuayI+PGltZyBzcmM9ImltZy9mYWNlYm9vay5qcGciIHdpZHRoPSIyMCIgaGVpZ2h0PSIyMCIgYm9yZGVyPSIwIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzExIiBhbGlnbj0icmlnaHQiIHZhbGlnbj0idG9wIj48ZGl2IGFsaWduPSJsZWZ0Ij48YSBocmVmPSJodHRwOi8vdHdpdHRlci5jb20vU2FsdWRBY3RpdmFPTkciIHRhcmdldD0iX2JsYW5rIj48aW1nIHNyYz0iaW1nL3R3aXRlci5qcGciIHdpZHRoPSIyMCIgaGVpZ2h0PSIyMCIgYm9yZGVyPSIwIj48L2E+PC9kaXY+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSI1IiBhbGlnbj0icmlnaHQiIHZhbGlnbj0ibWlkZGxlIiBjbGFzcz0iY29udGVuaWRvIj48bGFiZWw+PGZvbnQgc2l6ZT0iLTYiPlNpCiAgICAgICAgICAgICAgICAgICAgICAgdG9kYXYmaWFjdXRlO2Egbm8gZXMgdXN1YXJpbyA8L2ZvbnQ+IDxhIGhyZWY9ImluZGV4LnBocD9pZD0xMSIgY2xhc3M9ImJvdG9uIj48Zm9udCBzaXplPSItNiI+cmVnJmlhY3V0ZTtzdHJlc2UKICAgICAgICAgICAgICAgICAgICAgICAgYXF1JmlhY3V0ZTsgPGZvbnQgY29sb3I9IiM2NjY2NjYiPiYjODIyNjs8L2ZvbnQ+PC9mb250PjwvYT4gPGEgaHJlZj0iaW5kZXgucGhwP2lkPTEyIiBjbGFzcz0iYm90b24xIj48Zm9udCBzaXplPSItNiI+b2x2aWRlIG1pIGNvbnRyYXNlJm50aWxkZTthPC9mb250PjwvYT48L2xhYmVsPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE3Ij4mbmJzcDsgPC90ZD4KICAgICAgICAgICAgICA8L3RyPgoJCQkgIDwvZm9ybT4KCiAgICAgICAgICAgIDwvdGFibGU+CiAgICAgICAgICA8IURPQ1RZUEUgaHRtbCBQVUJMSUMgIi0vL1czQy8vRFREIFhIVE1MIDEuMCBUcmFuc2l0aW9uYWwvL0VOIiAiaHR0cDovL3d3dy53My5vcmcvVFIveGh0bWwxL0RURC94aHRtbDEtdHJhbnNpdGlvbmFsLmR0ZCI+CjxodG1sIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hodG1sIj4KPGhlYWQ+CjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PWlzby04ODU5LTEiIC8+Cjx0aXRsZT5Eb2N1bWVudG8gc2luIHQmaWFjdXRlO3R1bG88L3RpdGxlPgo8bGluayBocmVmPSJlc3RpbG9zLmNzcyIgcmVsPSJzdHlsZXNoZWV0IiB0eXBlPSJ0ZXh0L2NzcyIgLz4KPHNjcmlwdCBsYW5ndWFnZT0iSmF2YVNjcmlwdCIgdHlwZT0idGV4dC9KYXZhU2NyaXB0Ij4KPCEtLQpmdW5jdGlvbiBNTV9yZWxvYWRQYWdlKGluaXQpIHsgIC8vcmVsb2FkcyB0aGUgd2luZG93IGlmIE5hdjQgcmVzaXplZAogIGlmIChpbml0PT10cnVlKSB3aXRoIChuYXZpZ2F0b3IpIHtpZiAoKGFwcE5hbWU9PSJOZXRzY2FwZSIpJiYocGFyc2VJbnQoYXBwVmVyc2lvbik9PTQpKSB7CiAgICBkb2N1bWVudC5NTV9wZ1c9aW5uZXJXaWR0aDsgZG9jdW1lbnQuTU1fcGdIPWlubmVySGVpZ2h0OyBvbnJlc2l6ZT1NTV9yZWxvYWRQYWdlOyB9fQogIGVsc2UgaWYgKGlubmVyV2lkdGghPWRvY3VtZW50Lk1NX3BnVyB8fCBpbm5lckhlaWdodCE9ZG9jdW1lbnQuTU1fcGdIKSBsb2NhdGlvbi5yZWxvYWQoKTsKfQpNTV9yZWxvYWRQYWdlKHRydWUpOwoKZnVuY3Rpb24gTU1fcHJlbG9hZEltYWdlcygpIHsgLy92My4wCiAgdmFyIGQ9ZG9jdW1lbnQ7IGlmKGQuaW1hZ2VzKXsgaWYoIWQuTU1fcCkgZC5NTV9wPW5ldyBBcnJheSgpOwogICAgdmFyIGksaj1kLk1NX3AubGVuZ3RoLGE9TU1fcHJlbG9hZEltYWdlcy5hcmd1bWVudHM7IGZvcihpPTA7IGk8YS5sZW5ndGg7IGkrKykKICAgIGlmIChhW2ldLmluZGV4T2YoIiMiKSE9MCl7IGQuTU1fcFtqXT1uZXcgSW1hZ2U7IGQuTU1fcFtqKytdLnNyYz1hW2ldO319Cn0KLy8tLT4KPC9zY3JpcHQ+CiAgICAgICAgICAgICA8c2NyaXB0IHNyYz0iU2NyaXB0cy9BQ19SdW5BY3RpdmVDb250ZW50LmpzIiB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPjwvc2NyaXB0PgoJCQkgCjxzdHlsZSB0eXBlPSJ0ZXh0L2NzcyI+CjwhLS0KI0xheWVyMSB7Cglwb3NpdGlvbjphYnNvbHV0ZTsKCXdpZHRoOjY1MXB4OwoJaGVpZ2h0OjIxOHB4OwoJei1pbmRleDoxOwp9CiNMYXllcjIgewoJcG9zaXRpb246YWJzb2x1dGU7Cgl3aWR0aDoyMDBweDsKCWhlaWdodDoxMTVweDsKCXotaW5kZXg6MTsKCXZpc2liaWxpdHk6IHZpc2libGU7Cn0KLkVzdGlsbzEgewoJZm9udC1zaXplOiAxOHB4OwoJZm9udC13ZWlnaHQ6IGJvbGQ7Cn0KLkVzdGlsbzIgewoJZm9udC1zaXplOiAxNHB4OwoJZm9udC13ZWlnaHQ6IGJvbGQ7Cn0KLkVzdGlsbzMge2NvbG9yOiAjNTA2OTkwOyBsaW5lLWhlaWdodDogMTJweDsgdGV4dC1kZWNvcmF0aW9uOiBub25lOyBmb250LWZhbWlseTogVGFob21hO30KLS0+Cjwvc3R5bGU+CjwvaGVhZD4KCjxib2R5IGxlZnRtYXJnaW49IjIiIG1hcmdpbndpZHRoPSIyIj4KPHRhYmxlIHdpZHRoPSI2MDgiIGJvcmRlcj0iMCIgYWxpZ249ImNlbnRlciIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4KICA8dHI+CiAgICA8dGQgY29sc3Bhbj0iNCIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCB3aWR0aD0iMiUiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzA3LmpwZyIgd2lkdGg9IjI0IiBoZWlnaHQ9IjE0IiAvPjwvdGQ+CiAgICAgICAgPHRkIHdpZHRoPSI5MCUiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18wNy5qcGciPiZuYnNwOzwvdGQ+CiAgICAgICAgPHRkIHdpZHRoPSI4JSIgYWxpZ249InJpZ2h0IiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wOS5qcGciIHdpZHRoPSI0NSIgaGVpZ2h0PSIxNyIgLz48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogIDwvdHI+CiAgPHRyPgogICAgPHRkIGNvbHNwYW49IjQiPjxiciAvPgogICAgICA8dGFibGUgd2lkdGg9Ijk4JSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiPgogICAgICA8dHI+CiAgICAgICAgPHRkIHdpZHRoPSIyJSI+PGltZyBzcmM9ImltZy81eDUuanBnIiB3aWR0aD0iMTUiIGhlaWdodD0iMTUiIC8+PC90ZD4KICAgICAgICA8dGQgd2lkdGg9IjkzJSI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CjwhLS0gSU5JQ0lPIG5vdGEgZGVzdGFjYWRhIC0tPgogICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTU2IiByb3dzcGFuPSIyIiB2YWxpZ249InRvcCI+CgkJCQkKCQkJCTx0YWJsZSB3aWR0aD0iMzIlIiBib3JkZXI9IjEiIGNlbGxzcGFjaW5nPSIzIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJzcmMvaW1nX3VwLzIzMDQyMDEzLjAuanBnIiB3aWR0aD0iMTQ2IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPgoJCQkJCQkJCTwvdGQ+ICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MjIvMTEvMjAxMzwvc3Bhbj48YnI+SVYgQ29uZ3Jlc28gSW50ZXJuYWNpb25hbCB2aW9sZW5jaWEsIG1hbHRyYXRvIHkgYWJ1c288L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iNyIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9Ijg1IiBjb2xzcGFuPSI0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPjxzdHJvbmc+MTQsIDE1IHkgMTYgZGUgTm92aWVtYnJlIEFCSUVSVEEgTEEgSU5TQ1JJUENJJk9hY3V0ZTtOISAoY29uIGRlc2N1ZW50byBoYXN0YSBlbCAyNy84KTxiciAvPjwvc3Ryb25nPjwvcD4NCjxwPjxzdHJvbmc+QUJJRVJUQSBMQSBSRUNFUENJJk9hY3V0ZTtOIERFIFRSQUJBSk88YSBocmVmPSJodHRwOi8vd3d3LmNvbmdyZXNvdmlvbGVuY2lhLmNvbS9pbmRleC5waHA/aWQ9bW9kYWxpZGFkZXMiIHRhcmdldD0iX2JsYW5rIj4gKG1hcyBpbmZvKTwvYT48L3N0cm9uZz48L3A+DQo8cD48c3BhbiBzdHlsZT0iY29sb3I6ICNmZjY2MDA7Ij48c3Ryb25nPk9yZ2FuaXphOiBTYWx1ZCBBY3RpdmE8L3N0cm9uZz48L3NwYW4+PC9wPg0KPHA+PHNwYW4gc3R5bGU9ImNvbG9yOiAjZmY2NjAwOyI+SW5jcmlwdG9zIGFsIFBvcnRhbCBkZSBTYWx1ZCBBY3RpdmEsIGltcG9ydGFudGVzIGRlc2N1ZW50b3MhPGJyIC8+PC9zcGFuPjwvcD4NCjxwPkx1Z2FyIGRlIFJlYWxpemFjaSZvYWN1dGU7biB5IGNvbGFib3JhY2lvbjogVW5pdmVyc2lkYWQgZGVsIEVzdGUsIExhIFBsYXRhIEJ1ZW5vcyBBaXJlczwvcD4NCjxwPk1hcyBkZSAxNTAgdHJhYmFqb3MgcHJlc2VudGFkb3MsIHVsdGltb3MgZGlhcyBwYXJhIGluc2NyaWJpcnNlIGNvbiBkZXNjdWVudG8hITwvcD4NCjxwPjxhIGhyZWY9Imh0dHA6Ly93d3cuY29uZ3Jlc292aW9sZW5jaWEuY29tL2luZGV4LnBocD9pZD1pbnNjcmlwY2lvbiIgdGFyZ2V0PSJfYmxhbmsiPkluc2NyaWJpcnNlPC9hPjwvcD4NCjxwPjxhIGhyZWY9Imh0dHA6Ly93d3cuY29uZ3Jlc292aW9sZW5jaWEuY29tL2luZGV4LnBocD9pZD1pbnNjcmlwY2lvbiIgdGFyZ2V0PSJfYmxhbmsiPjxiciAvPjwvYT48L3A+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTklIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzAxIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzE5LmpwZyIgd2lkdGg9Ijc1IiBoZWlnaHQ9IjQxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMS5qcGciIHdpZHRoPSI1MyIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48YSBocmVmPSIjIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDEiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIiBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgIDwvdHI+CgkJICAgICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MDQvMTEvMjAxMzwvc3Bhbj48YnI+RWwgY29sZWdpbyBkZSBQc2lj82xvZ29zIGRlIEPzcmRvYmEgc2UgcHJvbnVuY2lhIGVuIHJlbGFjafNuIGFsIFNBUCB5IGVuIGNvbmNvcmRhbmNpYSBjb24gbG8gZXhwcmVzYWRvIHBvciBlbCBDb2xlZ2lvIGRlIFBzaWPzbG9nb3MgZGUgTWFyIGRlbCBQbGF0YSB5IGVsIENvbGVnaW8gZGUgUHNpY/Nsb2dvcyBkZSBsYSAgUHJvdmluY2lhIGRlIEJ1ZW5vcyBBaXJlczwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wMV8xOS5qcGciIHdpZHRoPSI3IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODUiIGNvbHNwYW49IjQiIHZhbGlnbj0idG9wIiBjbGFzcz0idGV4dG9udWV2byI+PHA+Jm5ic3A7PC9wPg0KPHA+TGFzIGNvbnRyb3ZlcnNpYXMgZ2VuZXJhZGFzIGVuIHJlbGFjaSZvYWN1dGU7biBhbCAic2luZHJvbWUgZGUgYWxpZW5hY2kmb2FjdXRlO24gcGFyZW50YSIgU0FQLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMxMCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzEwIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTU2IiByb3dzcGFuPSIyIiB2YWxpZ249InRvcCI+CgkJCQkKCQkJCTx0YWJsZSB3aWR0aD0iMzIlIiBib3JkZXI9IjEiIGNlbGxzcGFjaW5nPSIzIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJzcmMvaW1nX3VwLzE2MTAyMDEzLjAuanBnIiB3aWR0aD0iMTQ2IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPgoJCQkJCQkJCTwvdGQ+ICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MTYvMTAvMjAxMzwvc3Bhbj48YnI+U2FsdWQgQWN0aXZhIG90b3JnYSBtZWRpYXMgYmVjYXMgcGFyYSBlbCBJViBDb25ncmVzbyBJbnRlcm5hY2lvbmFsLCBWIE5hY2lvbmFsLCBWSSBSZWdpb25hbCBWaW9sZW5jaWEsIE1hbHRyYXRvIHkgQWJ1c28uPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD4mbmJzcDs8L3A+DQo8cD5TZXImYWFjdXRlO24gb3RvcmdhZGFzIDUwIG1lZGlhcyBiZWNhcywgcXVlZGFuIHBvY2FzISEhIGNvbmRpY2lvbjo8L3A+DQo8cD5QZXJ0ZW5lY2VyIGFsIGFtYml0byBwdWJsaWNvIG8gYSBPTkcsIHNlIGNvbnNpZGVyYSB0YW1iaWVuIGxhIGRpc3RhbmNpYSBhbCBsdWdhciBkZWwgZXZlbnRvISEhIGVzIG11eSBzZW5jaWxsbywgc29sbyBkZWJlcyBlbnZpYXIgdW4gZW1haWwuLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwOSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA5Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjI0LzA3LzIwMTM8L3NwYW4+PGJyPk5FQ0VTSVRBTU9TIERFIFNVIFNPTElEQVJJREFEIEhBQ0lBIExPUyBOSdFPUyBZIE5J0UFTISEhPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD48c3Ryb25nPjxzcGFuIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IHVuZGVybGluZTsiPjxiciAvPjwvc3Bhbj48L3N0cm9uZz48L3A+DQo8cD48c3Ryb25nPjxzcGFuIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IHVuZGVybGluZTsiPjxiciAvPjwvc3Bhbj48L3N0cm9uZz48L3A+DQo8cD48c3Ryb25nPjxzcGFuIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IHVuZGVybGluZTsiPlBST0dSQU1BIEZBTUlMSUFTIFNPTElEQVJJQVM8L3NwYW4+PC9zdHJvbmc+PC9wPg0KPHA+PHN0cm9uZz5DQU1CSU8gREUgU0VERTwvc3Ryb25nPjwvcD4NCjxwPkxhIGNhcGFjaXRhY2kmb2FjdXRlO24gcGFyYSBsYSBwdWVzdGEgZW4gbWFyY2hhIGRlbCA8c3Ryb25nPlByb2dyYW1hIEZhbWlsaWFzIFNvbGlkYXJpYXM8L3N0cm9uZz4gc2UgcmVhbGl6YXImYWFjdXRlOyBlbiBsYSBsb2NhbGlkYWQgZGUgPHN0cm9uZz5OYXZhcnJvPC9zdHJvbmc+IHBhcmEgdG9kbyBlbCBjb3JyZWRvciBkZSBsYSBSdXRhIDQwLjwvcD4NCjxwPkluaWNpbyA8c3Ryb25nPk1pJmVhY3V0ZTtyY29sZXMgMjggZGUgYWdvc3RvIGEgbGFzIDE0IGhvcmFzLiZuYnNwOzwvc3Ryb25nPjwvcD4NCjxwPlNlZGU6IDxzdHJvbmc+U2FsJm9hY3V0ZTtuIE11bmljaXBhbCBlbiBsYSBjYWxsZSAxMDcgZXNxdWluYSAyMiAtIE5hdmFycm88L3N0cm9uZz48L3A+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTklIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA4Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzE5LmpwZyIgd2lkdGg9Ijc1IiBoZWlnaHQ9IjQxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMS5qcGciIHdpZHRoPSI1MyIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48YSBocmVmPSIjIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDgiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIiBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgIDwvdHI+CgkJICAgICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNTYiIHJvd3NwYW49IjIiIHZhbGlnbj0idG9wIj4KCQkJCQoJCQkJPHRhYmxlIHdpZHRoPSIzMiUiIGJvcmRlcj0iMSIgY2VsbHNwYWNpbmc9IjMiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PGltZyBzcmM9InNyYy9pbWdfdXAvMTIwNzIwMTMuMC5qcGciIHdpZHRoPSIxNDYiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+CgkJCQkJCQkJPC90ZD4gICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBjbGFzcz0idGl0dWxvaG9tZTEiPjxzcGFuIGNsYXNzPSJkZXN0YWNhZG9zIj4xMi8wNy8yMDEzPC9zcGFuPjxicj5TQUxVRCBBQ1RJVkEgaGEgc2lkbyBlbGVnaWRhIHBvciBzZWd1bmRhIHZleiBjb25zZWN1dGl2YSBjb21vIHVubyBkZSBsb3MgZ2FuYWRvcmVzIGRlbCBDdWFydG8gQ29uY3Vyc28gZGUgUHJveWVjdG9zIFNvY2lhbGVzIGRlIFBldHJvYnJhczwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wMV8xOS5qcGciIHdpZHRoPSI3IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODUiIGNvbHNwYW49IjQiIHZhbGlnbj0idG9wIiBjbGFzcz0idGV4dG9udWV2byI+PHA+RW4gZWwgbWFyY28gZGVsIEN1YXJ0byBDb25jdXJzbyBkZSBQcm95ZWN0b3MgU29jaWFsZXMgZGUgUGV0cm9icmFzLCANCm51ZXN0cmEgSW5zdGl0dWNpJm9hY3V0ZTtuIFNBTFVEIEFDVElWQSBoYSBzaWRvIGVsZWdpZGEgcG9yIHNlZ3VuZGEgdmV6IA0KY29uc2VjdXRpdmEgY29tbyB1bm8gZGUgbG9zIGdhbmFkb3JlcyBkZSBkaWNobyBjb25jdXJzby48YnIgLz5FbiBlc3RhIA0KZWRpY2kmb2FjdXRlO24gZWwgcHJveWVjdG8gcXVlIGhhIHNpZG8gZWxlZ2lkbyBlcyBlbCAmbGRxdW87UHJvZ3JhbWEgZGUgRmFtaWxpYXMgDQpTb2xpZGFyaWFzJnJkcXVvOyBzaWVuZG8gc3UgJmFhY3V0ZTtyZWEgZGUgaW1wbGVtZW50YWNpJm9hY3V0ZTtuIGxvcyBNdW5pY2lwaW9zIGRlIE5hdmFycm8sIA0KR3JhbC4gTGFzIEhlcmFzLCBNYXJjb3MgUGF6LCB5IE1lcmxvPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjAyLzA3LzIwMTM8L3NwYW4+PGJyPk/tciBvIGVzY3VjaGFyPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5Qb3IgQ2FybG9zIFJvemFuc2tpICo8L3A+DQo8cD5BIGxvIGxhcmdvIGRlIGxvcyBzaWdsb3MsIGxhcyBuaSZudGlsZGU7YXMsIG5pJm50aWxkZTtvcyB5IGFkb2xlc2NlbnRlcyBoYW4gc2lkbyBtYWx0cmF0YWRvcyB5IGFidXNhZG9zIHNpbiBxdWUgYSBsYSBjb211bmlkYWQgbGUgaW50ZXJlc2FyYSBuaSBzaXF1aWVyYSBlc2N1Y2hhcmxvcyBjdWFuZG8gaGFjJmlhY3V0ZTthbiBzYWJlciBkZSBhbGd1bmEgZm9ybWEgbG9zIHN1ZnJpbWllbnRvcyBxdWUgcGFkZWMmaWFjdXRlO2FuLiBFbiAxODc0LCBlbiBFc3RhZG9zIFVuaWRvcywgZnVlIGxhIHByaW1lcmEgdmV6IHF1ZSBlbCBFc3RhZG8gaW50ZXJ2aW5vIGVuIHVuIGNhc28gZGUgbWFsdHJhdG8geSBhYnVzby4uLjwvcD48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxOSUiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDYiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMTkuanBnIiB3aWR0aD0iNzUiIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjYwJSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjxhIGhyZWY9IiMiPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjAlIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwNiI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMi5qcGciIHdpZHRoPSI3OCIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18yNi5qcGciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjYuanBnIiB3aWR0aD0iMiIgaGVpZ2h0PSIyIiAvPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgPC90cj4KCQkgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZD48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBjbGFzcz0idGl0dWxvaG9tZTEiPjxzcGFuIGNsYXNzPSJkZXN0YWNhZG9zIj4wMi8wNy8yMDEzPC9zcGFuPjxicj5FbCBkZXJlY2hvIGRlIGxvcyBuafFvcyBhIHNlciBlc2N1Y2hhZG9zPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5VbiBob21icmUgYWN1c2FkbyBkZSBoYWJlciBhYnVzYWRvIGRlIHN1cyBoaWpvcyBoYWImaWFjdXRlO2Egc2lkbyBzb2JyZXNlJmlhY3V0ZTtkbyBkb3MgdmVjZXMgcG9yIGxhIEp1c3RpY2lhLiBQZXJvIGFob3JhLCBsYSBDJmFhY3V0ZTttYXJhIGRlIENhc2FjaSZvYWN1dGU7biByZXZvYyZvYWN1dGU7IGVzYSBkZWNpc2kmb2FjdXRlO24gcG9ycXVlIGVuIGxhIGludmVzdGlnYWNpJm9hY3V0ZTtuIGVsIGp1ZXogbnVuY2EgaGFiJmlhY3V0ZTthIGVzY3VjaGFkbyBhIGxvcyBjaGljb3MuIFkgb3JkZW4mb2FjdXRlOyBxdWUgdGVuZ2EgZW4gY3VlbnRhIGxvIHF1ZSBkaWNlbi48L3A+DQo8cD5Qb3IgTWFyaWFuYSBDYXJiYWphbDwvcD48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxOSUiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDUiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMTkuanBnIiB3aWR0aD0iNzUiIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjYwJSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjxhIGhyZWY9IiMiPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjAlIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwNSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMi5qcGciIHdpZHRoPSI3OCIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18yNi5qcGciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjYuanBnIiB3aWR0aD0iMiIgaGVpZ2h0PSIyIiAvPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgPC90cj4KCQkgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZD48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE1NiIgcm93c3Bhbj0iMiIgdmFsaWduPSJ0b3AiPgoJCQkJCgkJCQk8dGFibGUgd2lkdGg9IjMyJSIgYm9yZGVyPSIxIiBjZWxsc3BhY2luZz0iMyIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48aW1nIHNyYz0ic3JjL2ltZ191cC8wNjA2MjAxMy4xLmpwZyIgd2lkdGg9IjE0NiIgLz48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT4KCQkJCQkJCQk8L3RkPiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjA2LzA2LzIwMTM8L3NwYW4+PGJyPkFidXNvIHNleHVhbCBpbmZhbnRpbC4gRGVzYWZpb3MgZGUgbGEgY2xpbmljYSBhY3R1YWw8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iNyIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9Ijg1IiBjb2xzcGFuPSI0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPkFiaWVydGEgbGEgaW5zY3JpcGNpb248L3A+DQo8cD5Eb2NlbnRlczogTGljLiBNYXJpYSBCZWF0cml6IE0mdXVtbDtsbGVyLiBMaWMuIFBhb2xhIE11Jm50aWxkZTtveiBEdWFydGU8L3A+DQo8cD5JbmljaW86IE1pZXJjb2xlcyAxOSBkZSBKdW5pbzwvcD4NCjxwPkZyZWN1ZW5jaWE6IFNlbWFuYWw8L3A+DQo8cD5Nb2RhbGlkYWQ6IEludGVuc2l2YTwvcD4NCjxwPkNvbnRlbmlkb3M6ICZuYnNwOyBFc3RhIGRlc3RpbmFkbyBhIHRvZG9zIGxvcyBwcm9mZXNpb25hbGVzIGNvbXByb21ldGlkb3MgY29uIGxhIHRlbWF0aWNhIGRlbCBhYnVzbyBpbmZhbnRpbCBxdWUgcXVpZXJhbiBhY3R1YWxpemFyc2UgZSBpbnRlcmNhbWJpYXIgZXhwZXJpZW5jaWFzIGRlIHRyYWJham8uLi48L3A+DQo8cD4mbmJzcDs8L3A+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTklIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA0Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzE5LmpwZyIgd2lkdGg9Ijc1IiBoZWlnaHQ9IjQxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMS5qcGciIHdpZHRoPSI1MyIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48YSBocmVmPSIjIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDQiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIiBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgIDwvdHI+CgkJICAgICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNTYiIHJvd3NwYW49IjIiIHZhbGlnbj0idG9wIj4KCQkJCQoJCQkJPHRhYmxlIHdpZHRoPSIzMiUiIGJvcmRlcj0iMSIgY2VsbHNwYWNpbmc9IjMiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PGltZyBzcmM9InNyYy9pbWdfdXAvMTYwNTIwMTMuMC5qcGciIHdpZHRoPSIxNDYiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+CgkJCQkJCQkJPC90ZD4gICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBjbGFzcz0idGl0dWxvaG9tZTEiPjxzcGFuIGNsYXNzPSJkZXN0YWNhZG9zIj4xNi8wNS8yMDEzPC9zcGFuPjxicj5TYWx1ZCBBY3RpdmEgbmVjZXNpdGEgZGUgdHUgYXl1ZGEhPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5UcmFiYWphbW9zIGNvbW8gcG9kZW1vczogYmEmbnRpbGRlO29zIHJvdG9zLCBzdXNwZW5zaSZvYWN1dGU7biBkZSByZXVuaW9uZXMgcG9yIGNvcnRlcyBkZSBsdXogeSBhZ3VhLCBqdWd1ZXRlcyB2aWVqb3MsIG1lc2VzIGRlIGF0cmFzbyBlbiBlbCBwYWdvIGRlIHN1cyBwcm9mZXNpb25hbGVzIGRlIGxhIHNhbHVkLiBSZWNpZW50ZW1lbnRlIHR1dmltb3MgcXVlIGNlcnJhciBudWVzdHJvIHF1ZXJpZG8gSG9nYXI6ICZsZHF1bztNZXRhbW9yZm9zaXMmcmRxdW87IGVyYSBlbCBsdWdhciBxdWUgc3VwbyBjb250ZW5lciBhIG5pJm50aWxkZTthcyB5IGomb2FjdXRlO3ZlbmVzIHJlc2NhdGFkYSBkZSByZWRlcyBkZSB0cmF0YSBvIHYmaWFjdXRlO2N0aW1hcyBkZSBhYnVzbyBpbnRyYWZhbWlsaWFyLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwMyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzAzIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjAzLzA1LzIwMTM8L3NwYW4+PGJyPlJFUFVESU8gQSBMQSBQUkVTRU5DSUEgRU4gTEEgRkVSSUEgREVMIExJQlJPIERFIFVOIEVYIEpVRVogQUNVU0FETyBERSBBQlVTTyBTRVhVQUw8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iNyIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9Ijg1IiBjb2xzcGFuPSI0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPkZ1ZSBjYW1hcmlzdGEgZW4gTWFyIGRlbCBQbGF0YSBkdXJhbnRlIGxhIGRpY3RhZHVyYS4gSGFjZSBhJm50aWxkZTtvcywgdmFyaWFzIG11amVyZXMgbG8gYWN1c2Fyb24gZGUgaGFiZXIgYWJ1c2FkbyBkZSBlbGxhcyBjdWFuZG8gZXJhbiBuaSZudGlsZGU7YXMuIExhIGNhdXNhIHByZXNjcmliaSZvYWN1dGU7IHkgbm8gaHVibyBjb25kZW5hLiBNYSZudGlsZGU7YW5hIHRpZW5lIHByZXZpc3RvIGZpcm1hciBzdSBsaWJyby4gRXNhcyBtaXNtYXMgbXVqZXJlcyBwaWRlbiBxdWUgbm8gc2VhIGFkbWl0aWRvIGVuIGxhIGZlcmlhLjwvcD48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxOSUiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDIiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMTkuanBnIiB3aWR0aD0iNzUiIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjYwJSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjxhIGhyZWY9IiMiPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjAlIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwMiI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMi5qcGciIHdpZHRoPSI3OCIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18yNi5qcGciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjYuanBnIiB3aWR0aD0iMiIgaGVpZ2h0PSIyIiAvPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgPC90cj4KCQkgIDwhLS0gRklOIG5vdGEgZGVzdGFjYWRhIC0tPgogICAgICAgIDwvdGFibGU+ICAgICAgICA8L3RkPgogICAgICAgIDx0ZCB3aWR0aD0iNSUiIGFsaWduPSJyaWdodCI+PGltZyBzcmM9ImltZy81eDUuanBnIiB3aWR0aD0iMTUiIGhlaWdodD0iMTUiIC8+PC90ZD4KICAgICAgPC90cj4KICAgIDwvdGFibGU+PC90ZD4KICA8L3RyPgogIDx0cj4KICAgIDx0ZCB3aWR0aD0iMSUiPjxpbWcgc3JjPSJpbWcvNXg1LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjE1IiAvPjwvdGQ+CiAgICA8dGQgY29sc3Bhbj0iMiIgYWxpZ249ImNlbnRlciI+Jm5ic3A7PC90ZD4KICAgIDx0ZCB3aWR0aD0iMiUiPjxpbWcgc3JjPSJpbWcvNXg1LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjE1IiAvPjwvdGQ+CiAgPC90cj4KICAKICA8dGQ+CiAgPHRyPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgICA8dGQgY29sc3Bhbj0iMiI+Jm5ic3A7PC90ZD4KICA8L3RyPgogIDx0ciBhbGlnbj0iY2VudGVyIj4KICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgPHRkIHdpZHRoPSI5NyIgY29sc3Bhbj0iMiIgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iNTQ2IiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMyIgY2xhc3M9ImJvcmRlIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgYWxpZ249ImNlbnRlciIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZCA+PC90ZD4KICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIiBjbGFzcz0idGl0dWxvaG9tZTIiPjx0YWJsZSB3aWR0aD0iIiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYWxpZ249ImxlZnQiIHZhbGlnbj0iYm90dG9tIiBjbGFzcz0idGl0dWxvaG9tZTIiPlJhbmtpbmc8L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGFsaWduPSJsZWZ0IiB2YWxpZ249ImJvdHRvbSIgY2xhc3M9InRpdHVsb2hvbWUyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iIiBoZWlnaHQ9IjM1IiBhbGlnbj0ibGVmdCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIyNSIgY2xhc3M9ImNvbnRlbmlkb2hvbWUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMjUiIGNsYXNzPSJjb250ZW5pZG9ob21lIj48c3Ryb25nPiZidWxsO0xhcyBtJmFhY3V0ZTtzIGxlaWRhczwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGNsYXNzPSJjb250ZW5pZG9ob21lIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBjbGFzcz0iY29udGVuaWRvaG9tZSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgY2xhc3M9ImNvbnRlbmlkb2hvbWUiPjxzdHJvbmc+JmJ1bGw7TGFzIG0mYWFjdXRlO3MgY29tZW50YWRhczwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIlIiBoZWlnaHQ9IjIwIiB2YWxpZ249Im1pZGRsZSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yOTgiIGNsYXNzPSJib3RvbiI+PGltZyBzcmM9ImltZy9mbGVjaGFuYXJhbmphZmdyaXNfMjQuanBnIiB3aWR0aD0iMTQiIGhlaWdodD0iNyIgYm9yZGVyPSIwIiBhbGlnbj0iYWJzbWlkZGxlIiAvPjwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDElIiBoZWlnaHQ9IjMwIiB2YWxpZ249InRvcCIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yOTgiIGNsYXNzPSJib3RvbiI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgTHVkb3RlY2EgR2FyYWJhdG8gLSBQcm95ZWN0byBzYWx1ZGFjdGl2YSwgUG9yIHVuYSBpbmZhbmNpYSBmZWxpeiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iOSUiIGJnY29sb3I9IiNFRkVGRUYiPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzJSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0xNjIiIGNsYXNzPSJib3RvbiI+PGltZyBzcmM9ImltZy9mbGVjaGFuYXJhbmphZmdyaXNfMjQuanBnIiB3aWR0aD0iMTQiIGhlaWdodD0iNyIgYm9yZGVyPSIwIiBhbGlnbj0iYWJzbWlkZGxlIiAvPjwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDUlIiBiZ2NvbG9yPSIjRUZFRkVGIj4gICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3JmFtcDtub3RhPTE2MiIgY2xhc3M9ImJvdG9uIj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBDdXJzbyBJbnRlbnNpdm8gZGUgb3BlcmFkb3IgdGVyYXBldXRpY28gZXNwZWNpYWxpemFkbyBlbiBlbCBhYm9yZGFqZSBkZWwgYWJ1c28sIGxhIHZpb2xlbmNpYSB5IGVsIG1hbHRyYXRvIGluZmFudGlsICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9hPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIlIiBoZWlnaHQ9IjIwIiB2YWxpZ249Im1pZGRsZSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yNDIiIGNsYXNzPSJib3RvbiI+PGltZyBzcmM9ImltZy9mbGVjaGFuYXJhbmphZmdyaXNfMjQuanBnIiB3aWR0aD0iMTQiIGhlaWdodD0iNyIgYm9yZGVyPSIwIiBhbGlnbj0iYWJzbWlkZGxlIiAvPjwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDElIiBoZWlnaHQ9IjMwIiB2YWxpZ249InRvcCIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yNDIiIGNsYXNzPSJib3RvbiI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgUFJPR1JBTUEgTEFTIFZJQ1RJTUFTIENPTlRSQSBMQVMgVklPTEVOQ0lBUyAgTWluaXN0ZXJpbyBkZSBKdXN0aWNpYSB5IERlcmVjaG9zIEh1bWFub3MgZGUgbGEgTmFjafNuICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9hPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI5JSIgYmdjb2xvcj0iI0VGRUZFRiI+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjMlIiBiZ2NvbG9yPSIjRUZFRkVGIj4gICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3JmFtcDtub3RhPTI1NSIgY2xhc3M9ImJvdG9uIj48aW1nIHNyYz0iaW1nL2ZsZWNoYW5hcmFuamFmZ3Jpc18yNC5qcGciIHdpZHRoPSIxNCIgaGVpZ2h0PSI3IiBib3JkZXI9IjAiIGFsaWduPSJhYnNtaWRkbGUiIC8+PC9hPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI0NSUiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MjU1IiBjbGFzcz0iYm90b24iPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIERpcGxvbWF0dXJhIGVuIEFib3JkYWplIGludGVyZGlzY2lwbGluYXJpbyBkZWwgbWFsdHJhdG8sIGxhIHZpb2xlbmNpYSB5IGVsIGFidXNvIHNleHVhbCBpbmZhbnRpbCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyJSIgaGVpZ2h0PSIyMCIgdmFsaWduPSJtaWRkbGUiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MzAzIiBjbGFzcz0iYm90b24iPjxpbWcgc3JjPSJpbWcvZmxlY2hhbmFyYW5qYWZncmlzXzI0LmpwZyIgd2lkdGg9IjE0IiBoZWlnaHQ9IjciIGJvcmRlcj0iMCIgYWxpZ249ImFic21pZGRsZSIgLz48L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjQxJSIgaGVpZ2h0PSIzMCIgdmFsaWduPSJ0b3AiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MzAzIiBjbGFzcz0iYm90b24iPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNhbHVkIEFjdGl2YSBuZWNlc2l0YSBkZSB0dSBheXVkYSEgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjklIiBiZ2NvbG9yPSIjRUZFRkVGIj48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMyUiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MTA0IiBjbGFzcz0iYm90b24iPjxpbWcgc3JjPSJpbWcvZmxlY2hhbmFyYW5qYWZncmlzXzI0LmpwZyIgd2lkdGg9IjE0IiBoZWlnaHQ9IjciIGJvcmRlcj0iMCIgYWxpZ249ImFic21pZGRsZSIgLz48L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjQ1JSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0xMDQiIGNsYXNzPSJib3RvbiI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgTGxhbWFkbyBwYXJhIHByZXNlbnRhY2nzbiBkZSB0cmFiYWpvcy4gICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjIwIiBiZ2NvbG9yPSIjRkZGRkZGIiBjbGFzcz0idGV4dG9udWV2byI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIyMCIgYmdjb2xvcj0iI0ZGRkZGRiIgY2xhc3M9InRleHRvbnVldm8iPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGJnY29sb3I9IiNGRkZGRkYiIGNsYXNzPSJ0ZXh0b251ZXZvIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBiZ2NvbG9yPSIjRkZGRkZGIiBjbGFzcz0idGV4dG9udWV2byI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgYmdjb2xvcj0iI0ZGRkZGRiIgY2xhc3M9InRleHRvbnVldm8iPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICA8L3RhYmxlPgogICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iIyIgY2xhc3M9ImJvdG9uIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgIDwvdHI+CiAgICAgICAgPC90YWJsZT48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgIDx0ZCBjb2xzcGFuPSIyIj4mbmJzcDs8L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KPCEtLSBJTklDSU8gbm90YSBjb211biAtLT4KICA8dHI+CiAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgIDx0ZCBjb2xzcGFuPSIyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQgd2lkdGg9IjElIj4mbmJzcDs8L3RkPgogICAgPHRkIGNvbHNwYW49IjIiIGFsaWduPSJjZW50ZXIiPjx0YWJsZSB3aWR0aD0iNTQwIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgIDx0cj4KICAgICAgICA8dGQgd2lkdGg9IjI3MCIgdmFsaWduPSJ0b3AiPgoJCQkJPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBhbGlnbj0ibGVmdCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MTUvMDQvMjAxMjwvc3Bhbj48YnI+T3JnYW5pemFuIGpvcm5hZGEgc29icmUgdmlvbGVuY2lhPC90ZD4KICAgICAgICAgIDwvdHI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTUiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODAiIGNvbHNwYW49IjQiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPlNlIGNlbnRyYXImYWFjdXRlOyBlbiBsb3MgZmVuJm9hY3V0ZTttZW5vcyBxdWUgYWZlY3RhbiBhIGxhIGZhbWlsaWEgeSBlbiBsbyBxdWUgb2N1cnJlIGVuIGxhcyBlc2N1ZWxhcy48YnIgLz4gU2UgbGxldmFyJmFhY3V0ZTsgYSBjYWJvIGVsIGx1bmVzIDIzLCBlbiBlbCBDZW50cm8gQ3VsdHVyYWwgZGUgVG9zY2hpIHkgVHJlcyANCkFycm95b3MsIHVuYSBqb3JuYWRhIGRlIHJlZmxleGkmb2FjdXRlO24geSBkZWJhdGUgYWJpZXJ0YSBhIGxhIGNvbXVuaWRhZCBzb2JyZSANCiZsZHF1bztWaW9sZW5jaWEgZW4gbGEgZmFtaWxpYSB5IGVuIGxhIGVzY3VlbGEgeSBzdSByZWxhY2kmb2FjdXRlO24gY29uIGVsIGZyYWNhc28gDQplc2NvbGFyJnJkcXVvOywgb3JnYW5pemFkYSBwb3IgbGEgQXNvY2lhY2kmb2FjdXRlO24gQ2l2aWwgQ2VudHJvIEFydCZlYWN1dGU7bWlkZXMgeSBsYSANCk11bmljaXBhbGlkYWQgZGUgQ2lwb2xsZXR0aS5TZSBjZW50cmFyJmFhY3V0ZTsgZW4gbG9zIGZlbiZvYWN1dGU7bWVub3MgcXVlIGFmZWN0YW4gYSBsYSBmYW1pbGlhIHkgZW4gbG8gcXVlIG9jdXJyZSBlbiBsYXMgZXNjdWVsYXMuPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI2OSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNjkiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICAgIDx0ZCB3aWR0aD0iMjcwIiBhbGlnbj0icmlnaHQiIHZhbGlnbj0idG9wIj4KCQkJCTx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgYWxpZ249ImxlZnQiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjMwLzAzLzIwMTI8L3NwYW4+PGJyPkNhcnRhIGRlIEFTQVBNSSAtIEFzb2NpYWNp824gQXJnZW50aW5hIGRlIFByZXZlbmNp824gZGVsIE1hbHRyYXRvIEluZmFudG8tSnV2ZW5pbDwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQgd2lkdGg9IjE1IiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wMV8xOS5qcGciIHdpZHRoPSIxNSIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjgwIiBjb2xzcGFuPSI0IiBhbGlnbj0ibGVmdCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5Mb3MgaW50ZWdyYW50ZXMgZGUgbGEgQ29taXNpJm9hY3V0ZTtuIERpcmVjdGl2YSBkZSBBU0FQTUkgLSBBc29jaWFjaSZvYWN1dGU7biBBcmdlbnRpbmEgZGUgUHJldmVuY2kmb2FjdXRlO24gZGVsIE1hbHRyYXRvIEluZmFudG8tSnV2ZW5pbCwgYXNvY2lhZGEgYSBsYSBJbnRlcm5hdGlvbmFsIFNvY2lldHkgZm9yIFByZXZlbnRpb24gb2YgQ2hpbGQgQWJ1c2UgYW5kIE5lZ2xlY3QgKElTUENBTikgLSwgdGVuZW1vcyBlbCBhZ3JhZG8gZGUgZGlyaWdpcm5vcyBhIFVzdGVkIHBhcmEgdHJhc21pdGlybGUgbnVlc3RyYSBwcm9mdW5kYSAmbmJzcDt5IGhvbmRhIHByZW9jdXBhY2kmb2FjdXRlO24gcG9yIGxhIHBvc3R1cmEgcXVlIHZpZW5lbiBhc3VtaWVuZG8gZW4gZm9ybWEgY29udGludWFkYSBhbGd1bm9zIGNvbGVnaW9zIGRlIHBzaWMmb2FjdXRlO2xvZ29zLCBlc3BlY2lhbG1lbnRlIGRlIGxhIHByb3ZpbmNpYSBkZSBCdWVub3MgQWlyZXMsIGVuIHJlbGFjaSZvYWN1dGU7biBhbCB0cmF0YW1pZW50byBwb2NvIHNlcmlvIHkgY29tcHJvbWV0aWRvIHF1ZSBzZSBsZXMgb3RvcmdhIGEgbGFzIGRlbnVuY2lhcyBlZmVjdHVhZGFzIGNvbnRyYSBwcm9mZXNpb25hbGVzIHBzaWMmb2FjdXRlO2xvZ29zLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI2OCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNjgiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgIDx0ZCBjb2xzcGFuPSIyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQgd2lkdGg9IjElIj4mbmJzcDs8L3RkPgogICAgPHRkIGNvbHNwYW49IjIiIGFsaWduPSJjZW50ZXIiPjx0YWJsZSB3aWR0aD0iNTQwIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgIDx0cj4KICAgICAgICA8dGQgd2lkdGg9IjI3MCIgdmFsaWduPSJ0b3AiPgoJCQkJPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBhbGlnbj0ibGVmdCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MjAvMDMvMjAxMjwvc3Bhbj48YnI+TEEgVklPTEVOQ0lBIFNFWFVBTCBDT05UUkEgTknRT1MgWSBOSdFBUyBFTiBDSUZSQVM8L3RkPgogICAgICAgICAgPC90cj4KICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkIHdpZHRoPSIxNSIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iMTUiIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4MCIgY29sc3Bhbj0iNCIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIiBjbGFzcz0idGV4dG9udWV2byI+PHA+UmFkaW9ncmFmJmlhY3V0ZTthIGRlIHVuIHByb2JsZW1hPC9wPg0KPHA+RGUgbG9zIG4mdWFjdXRlO21lcm9zIGNvbXBpbGFkb3MgcG9yIGRvcyBlcXVpcG9zIGRlbCBNaW5pc3RlcmlvIGRlIEp1c3RpY2lhLCBsYQ0KIGF1dG9yYSB0b21hIGxvcyBkZSBsYSBjaXVkYWQgZGUgQnVlbm9zIEFpcmVzIHBhcmEgdHJhemFyIHVuIHBhcmFkaWdtYSANCmRlIGxvcyBkZWxpdG9zIGNvbnRyYSBsYSBpbnRlZ3JpZGFkIHNleHVhbCBlbiBlbCBwYSZpYWN1dGU7cyB5IHNvYnJlIHN1IA0KYXRlbmNpJm9hY3V0ZTtuLjxiciAvPiA8YnIgLz4gJm5ic3A7UG9yIEV2YSBHaWJlcnRpPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI2MCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNjAiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICAgIDx0ZCB3aWR0aD0iMjcwIiBhbGlnbj0icmlnaHQiIHZhbGlnbj0idG9wIj4KCQkJCTx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgYWxpZ249ImxlZnQiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjE1LzAzLzIwMTI8L3NwYW4+PGJyPkZBTExPIERFIExBIENPUlRFIFNVUFJFTUEgU09CUkUgTEEgTk8gSlVESUNJQUxJWkFDSU9OIERFTCBBQk9SVE8gRU4gQ0FTT1MgREUgVklPTEFDSU9OPC90ZD4KICAgICAgICAgIDwvdHI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTUiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODAiIGNvbHNwYW49IjQiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPjxiciAvPiBKVVJJU0RJQ0NJT046IE5BQ0lPTkFMPGJyIC8+IE1BVEVSSUE6IEFCT1JUTy48YnIgLz4gVFJJQlVOQUw6IENvcnRlIFN1cHJlbWEgZGUgSnVzdGljaWEgZGUgbGEgTmFjaSZvYWN1dGU7bi48YnIgLz4gQVVUT1M6IEYuLCBBLiBMLiBzLyBtZWRpZGEgYXV0b3NhdGlzZmFjdGl2YS48YnIgLz4gRkVDSEE6IDEzLzAzLzIwMTIuPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI1OSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNTkiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KPCEtLSBGSU4gbm90YSBjb211biAtLT4KPC90YWJsZT4KPG1hcCBuYW1lPSJNYXBNYXAiIGlkPSJNYXBNYXAiPjxhcmVhIHNoYXBlPSJyZWN0IiBjb29yZHM9IjE0NCw0LDIxNCwzNiIgaHJlZj0iaW5kZXgucGhwP2lkPTE0IiAvPgo8L21hcD4KPG1hcCBuYW1lPSJNYXAyTWFwMiIgaWQ9Ik1hcDJNYXAyIj48YXJlYSBzaGFwZT0icmVjdCIgY29vcmRzPSIxNDcsNCwyMjAsMzYiIGhyZWY9ImluZGV4LnBocD9pZD0xNGEiIC8+CjwvbWFwPgo8bWFwIG5hbWU9Ik1hcDMiIGlkPSJNYXAzIj48YXJlYSBzaGFwZT0icmVjdCIgY29vcmRzPSIzNjMsMyw0MzYsMzkiIGhyZWY9ImluZGV4LnBocD9pZD0xNGIiIC8+CjwvbWFwPgo8L2h0bWw+CjwvdGQ+CiAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgICA8dGQgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIiBiZ2NvbG9yPSIjRTNFM0UzIj4gICAgICAgICAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgICA8dGQgYWxpZ249ImNlbnRlciIgdmFsaWduPSJ0b3AiIGJnY29sb3I9IiNFM0UzRTMiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPHRkIHdpZHRoPSI3MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNiUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8dGQ+PGltZyBzcmM9ImltZy9kZWNpbG9fYmllbl9mdWVydGUxLmpwZyIgd2lkdGg9IjEyMCIgaGVpZ2h0PSIxMTIiPjwvdGQ+CiAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIiA+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTI0IiBjbGFzcz0iYm90b24xIj5bK10gTSZhYWN1dGU7cyBpbmZvcm1hY2kmb2FjdXRlO248L2E+PC90ZD4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPC90cj4KICAgICAgICAgIDwvdGFibGU+CiAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgYmdjb2xvcj0iI0UzRTNFMyI+ICAgICAgICA8L3RyPgogICAgICAgIDx0cj4gCiAgICAgICAgICA8dGQgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIj4mbmJzcDs8L3RkPgogICAgICAgIDwvdHI+CiAgICA8L3RhYmxlPjwvdGQ+CiAgPC90cj4KICA8dHI+IAogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249ImJvdHRvbSI+PGltZyBzcmM9ImltZy9penExLmpwZyIgd2lkdGg9Ijk2IiBoZWlnaHQ9IjExNCIgLz48L3RkPgogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9RdWllbmVzU29tb3NfQTJfMF8yNS5qcGciIHdpZHRoPSI4MDkiIGhlaWdodD0iMTE0IiBib3JkZXI9IjAiIHVzZW1hcD0iI01hcDIiIC8+PC90ZD4KICA8L3RyPgogIDx0cj4gCiAgICA8dGQgaGVpZ2h0PSI1MCIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIiBiYWNrZ3JvdW5kPSJpbWcvUXVpZW5lc1NvbW9zX0EyXzE4XzE4LmpwZyI+Jm5ic3A7PC90ZD4KICAgIDx0ZCBoZWlnaHQ9IjUwIiBjbGFzcz0iZm9uZG9ib3R0b20iPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2l0ZWkuY29tLmFyLyI+PGltZyBzcmM9ImltZy9laV9jb2xvci5wbmciIGFsdD0iZXNwYWNpb3MgZGUgaW1hZ2luYWNpb24sIGRlc2Fycm9sbG9zIGludGVyYWN0aXZvcywgY3JlYXRpdmlkYWQsIGRpc2XxbyIgd2lkdGg9IjI3IiBoZWlnaHQ9IjE1IiBib3JkZXI9IjAiPjwvYT4gPHNwYW4gY2xhc3M9ImVpIj48YSBocmVmPSJodHRwOi8vd3d3LnNpdGVpLmNvbS5hci8iIHNwYW4gY2xhc3M9ImVpIj5kaXNlJm50aWxkZTtvICsgY29tdW5pY2FjaSZvYWN1dGU7bjwvYT48L3NwYW4+PGVtPiZuYnNwOzwvZW0+PC9zcGFuPjxzcGFuIGNsYXNzPSJibGFuY28xIj48ZW0+Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7PC9lbT48L3NwYW4+PC90ZD4KICA8L3RyPgo8L3RhYmxlPgoKCjxtYXAgbmFtZT0iTWFwMiI+PGFyZWEgc2hhcGU9InJlY3QiIGNvb3Jkcz0iMjQ3LDY5LDQxNCw4MiIgaHJlZj0ibWFpbHRvOnNhbHVkYWN0aXZhQHNhbHVkYWN0aXZvLm9yZy5hciI+CjwvbWFwPgo8bWFwIG5hbWU9Ik1hcCI+CjxhcmVhIHNoYXBlPSJyZWN0IiBjb29yZHM9IjM2LDE0MiwxNDksMTUyIiBocmVmPSJpbmRleC5waHA/aWQ9OF92ZXIyJmNvbmY9MiI+CjxhcmVhIHNoYXBlPSJyZWN0IiBjb29yZHM9IjM0LDE4NiwxNTAsMTk2IiBocmVmPSJpbmRleC5waHA/aWQ9OF92ZXIyJmNvbmY9MCI+CjwvbWFwPgo8L2JvZHk+CjwvaHRtbD4K]]></response>
	60	<responseRedirected>false</responseRedirected>
	61	</requestresponse>
	62	</issue>
	63	<issue>
	64	<serialNumber>3831322476981454848</serialNumber>
	65	<type>5244928</type>
	66	<name>Password field with autocomplete enabled</name>
	67	<host ip="200.20.20.201">http://www.example.org.ar</host>
	68	<path><![CDATA[/]]></path>
	69	<location><![CDATA[/]]></location>
	70	<severity>Low</severity>
	71	<confidence>Certain</confidence>
	72	<issueBackground><![CDATA[Most browsers have a facility to remember user credentials that are entered into HTML forms. This function can be configured by the user and also by applications which employ user credentials. If the function is enabled, then credentials entered by the user are stored on their local computer and retrieved by the browser on future visits to the same application.<br><br>The stored credentials can be captured by an attacker who gains access to the computer, either locally or through some remote compromise. Further, methods have existed whereby a malicious web site can retrieve the stored credentials for other applications, by exploiting browser vulnerabilities or through application-level cross-domain attacks. ]]></issueBackground>
	73	<remediationBackground><![CDATA[To prevent browsers from storing credentials entered into HTML forms, you should include the attribute <b>autocomplete="off"</b> within the FORM tag (to protect all form fields) or within the relevant INPUT tags (to protect specific individual fields).]]></remediationBackground>
	74	<issueDetail><![CDATA[The page contains a form with the following action URL:<ul><li>http://www.example.org.ar/login.php</li></ul>The form contains the following password field with autocomplete enabled:<ul><li>pass</li></ul>]]></issueDetail>
	75	<requestresponse>
	76	<request base64="true"><![CDATA[R0VUIC8gSFRUUC8xLjENCkhvc3Q6IHd3dy5zYWx1ZGFjdGl2YS5vcmcuYXINClVzZXItQWdlbnQ6IE1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwLjg7IHJ2OjIzLjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMjMuMA0KQWNjZXB0OiB0ZXh0L2h0bWwsYXBwbGljYXRpb24veGh0bWwreG1sLGFwcGxpY2F0aW9uL3htbDtxPTAuOSwqLyo7cT0wLjgNCkFjY2VwdC1MYW5ndWFnZTogZW4tVVMsZW47cT0wLjUNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KQ29ubmVjdGlvbjoga2VlcC1hbGl2ZQ0KDQo=]]></request>
	77	<response base64="true"><![CDATA[SFRUUC8xLjEgMjAwIE9LDQpEYXRlOiBUaHUsIDA3IE5vdiAyMDEzIDE3OjEyOjAyIEdNVA0KU2VydmVyOiBBcGFjaGUvMi4yLjIzIChVbml4KSBtb2Rfc3NsLzIuMi4yMyBPcGVuU1NMLzAuOS44ZS1maXBzLXJoZWw1DQpYLVBvd2VyZWQtQnk6IFBIUC81LjIuMTcNCkV4cGlyZXM6IFRodSwgMTkgTm92IDE5ODEgMDg6NTI6MDAgR01UDQpDYWNoZS1Db250cm9sOiBuby1zdG9yZSwgbm8tY2FjaGUsIG11c3QtcmV2YWxpZGF0ZSwgcG9zdC1jaGVjaz0wLCBwcmUtY2hlY2s9MA0KUHJhZ21hOiBuby1jYWNoZQ0KU2V0LUNvb2tpZTogUEhQU0VTU0lEPTk0NTg1YWEwYzExY2YyZTg2NGQ4M2UyNDY3OGI5ODY1OyBwYXRoPS8NCktlZXAtQWxpdmU6IHRpbWVvdXQ9MjAsIG1heD0yMDANCkNvbm5lY3Rpb246IEtlZXAtQWxpdmUNCkNvbnRlbnQtVHlwZTogdGV4dC9odG1sDQpDb250ZW50LUxlbmd0aDogNjA2MDYNCg0KIDxoZWFkPgo8bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LVR5cGUiIGNvbnRlbnQ9InRleHQvaHRtbDsgY2hhcnNldD1pc28tODg1OS0xIiAvPgo8dGl0bGU+U2FsdWQgQWN0aXZhIC0gQWJ1c28gdmlvbGVuY2lhIHkgbWFsdHJhdG88L3RpdGxlPgoKPHNjcmlwdD4gCiAgICAvL2VzdG8gcGFyYSBwYXNhcmxlIGFsIGZsYXNoIGxhcyB2YXJpYWxiZXMgZGVsIHBocAogCQoKCXZhciBib3Q9Jyc7Ci8vYWxlcnQodmFyaWFibGVTZXJ2aWRvcik7Cjwvc2NyaXB0Pgo8c2NyaXB0IGxhbmd1YWdlPSJKYXZhU2NyaXB0IiB0eXBlPSJ0ZXh0L0phdmFTY3JpcHQiPgo8IS0tCmZ1bmN0aW9uIE1NX3ByZWxvYWRJbWFnZXMoKSB7IC8vdjMuMAogIHZhciBkPWRvY3VtZW50OyBpZihkLmltYWdlcyl7IGlmKCFkLk1NX3ApIGQuTU1fcD1uZXcgQXJyYXkoKTsKICAgIHZhciBpLGo9ZC5NTV9wLmxlbmd0aCxhPU1NX3ByZWxvYWRJbWFnZXMuYXJndW1lbnRzOyBmb3IoaT0wOyBpPGEubGVuZ3RoOyBpKyspCiAgICBpZiAoYVtpXS5pbmRleE9mKCIjIikhPTApeyBkLk1NX3Bbal09bmV3IEltYWdlOyBkLk1NX3BbaisrXS5zcmM9YVtpXTt9fQp9Ci8vLS0+Cjwvc2NyaXB0Pgo8bGluayBocmVmPSJlc3RpbG9zLmNzcyIgcmVsPSJzdHlsZXNoZWV0IiB0eXBlPSJ0ZXh0L2NzcyIgLz4KCjwvaGVhZD4KCjxzY3JpcHQgbGFuZ3VhZ2U9IkphdmFTY3JpcHQiIHR5cGU9InRleHQvSmF2YVNjcmlwdCI+CjwhLS0KZnVuY3Rpb24gTU1fcmVsb2FkUGFnZShpbml0KSB7ICAvL3JlbG9hZHMgdGhlIHdpbmRvdyBpZiBOYXY0IHJlc2l6ZWQKICBpZiAoaW5pdD09dHJ1ZSkgd2l0aCAobmF2aWdhdG9yKSB7aWYgKChhcHBOYW1lPT0iTmV0c2NhcGUiKSYmKHBhcnNlSW50KGFwcFZlcnNpb24pPT00KSkgewogICAgZG9jdW1lbnQuTU1fcGdXPWlubmVyV2lkdGg7IGRvY3VtZW50Lk1NX3BnSD1pbm5lckhlaWdodDsgb25yZXNpemU9TU1fcmVsb2FkUGFnZTsgfX0KICBlbHNlIGlmIChpbm5lcldpZHRoIT1kb2N1bWVudC5NTV9wZ1cgfHwgaW5uZXJIZWlnaHQhPWRvY3VtZW50Lk1NX3BnSCkgbG9jYXRpb24ucmVsb2FkKCk7Cn0KTU1fcmVsb2FkUGFnZSh0cnVlKTsKLy8tLT4KCjwvc2NyaXB0Pgo8c2NyaXB0IHNyYz0iU2NyaXB0cy9BQ19SdW5BY3RpdmVDb250ZW50LmpzIiB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPjwvc2NyaXB0PgoKCjwvaGVhZD4KCjxib2R5IGJhY2tncm91bmQ9ImltZy9mb25kb19kZWdyYWRlLmpwZyIgdG9wbWFyZ2luPSIwIj4KPHRhYmxlIHdpZHRoPSIxMDA1IiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgPHRyPiAKICAgIDx0ZCB3aWR0aD0iOTYiPjxpbWcgc3JjPSJpbWcvUXVpZW5lc1NvbW9zX0EyXzBfMDEuanBnIiB3aWR0aD0iOTYiIGhlaWdodD0iMjA4IiAvPjwvdGQ+CiAgICA8dGQgd2lkdGg9IjgwOSI+IDxzY3JpcHQgdHlwZT0idGV4dC9qYXZhc2NyaXB0Ij4KQUNfRkxfUnVuQ29udGVudCggJ2NvZGViYXNlJywnaHR0cDovL2Rvd25sb2FkLm1hY3JvbWVkaWEuY29tL3B1Yi9zaG9ja3dhdmUvY2Ficy9mbGFzaC9zd2ZsYXNoLmNhYiN2ZXJzaW9uPTcsMCwxOSwwJywnd2lkdGgnLCc4MDknLCdoZWlnaHQnLCcyMDgnLCdzcmMnLCdzd2YvaGVhZGVyJywncXVhbGl0eScsJ2hpZ2gnLCdwbHVnaW5zcGFnZScsJ2h0dHA6Ly93d3cubWFjcm9tZWRpYS5jb20vZ28vZ2V0Zmxhc2hwbGF5ZXInLCdtb3ZpZScsJ3N3Zi9oZWFkZXInICk7IC8vZW5kIEFDIGNvZGUKPC9zY3JpcHQ+IDxub3NjcmlwdD4KICAgICAgPG9iamVjdCBjbGFzc2lkPSJjbHNpZDpEMjdDREI2RS1BRTZELTExY2YtOTZCOC00NDQ1NTM1NDAwMDAiIGNvZGViYXNlPSJodHRwOi8vZG93bmxvYWQubWFjcm9tZWRpYS5jb20vcHViL3Nob2Nrd2F2ZS9jYWJzL2ZsYXNoL3N3Zmxhc2guY2FiI3ZlcnNpb249NywwLDE5LDAiIHdpZHRoPSI4MDkiIGhlaWdodD0iMjA4Ij4KICAgICAgICA8cGFyYW0gbmFtZT0ibW92aWUiIHZhbHVlPSJzd2YvaGVhZGVyLnN3ZiIgLz4KICAgICAgICA8cGFyYW0gbmFtZT0icXVhbGl0eSIgdmFsdWU9ImhpZ2giIC8+CiAgICAgICAgPGVtYmVkIHNyYz0ic3dmL2hlYWRlci5zd2YiIHF1YWxpdHk9ImhpZ2giIHBsdWdpbnNwYWdlPSJodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL2dvL2dldGZsYXNocGxheWVyIiB0eXBlPSJhcHBsaWNhdGlvbi94LXNob2Nrd2F2ZS1mbGFzaCIgd2lkdGg9IjgwOSIgaGVpZ2h0PSIyMDgiPjwvZW1iZWQ+IAogICAgICA8L29iamVjdD4KICAgICAgPC9ub3NjcmlwdD48L3RkPgogICAgPHRkIHdpZHRoPSIxMiUiIHJvd3NwYW49IjUiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgYmdjb2xvcj0iIzAwMDAwMCI+Jm5ic3A7PC90ZD4KICA8L3RyPgogIDx0cj4gCiAgICA8dGQgaGVpZ2h0PSI0NjEiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgYmFja2dyb3VuZD0iaW1nL1F1aWVuZXNTb21vc19BMl8wXzEzLmpwZyI+IAogICAgICA8c2NyaXB0IHR5cGU9InRleHQvamF2YXNjcmlwdCI+CkFDX0ZMX1J1bkNvbnRlbnQoICdjb2RlYmFzZScsJ2h0dHA6Ly9kb3dubG9hZC5tYWNyb21lZGlhLmNvbS9wdWIvc2hvY2t3YXZlL2NhYnMvZmxhc2gvc3dmbGFzaC5jYWIjdmVyc2lvbj02LDAsMjksMCcsJ3dpZHRoJywnOTYnLCdoZWlnaHQnLCc0NjEnLCdzcmMnLCdzd2Yvc3VibWVudScsJ3F1YWxpdHknLCdoaWdoJywncGx1Z2luc3BhZ2UnLCdodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL2dvL2dldGZsYXNocGxheWVyJywnbW92aWUnLCdzd2Yvc3VibWVudScgKTsgLy9lbmQgQUMgY29kZQo8L3NjcmlwdD4gPG5vc2NyaXB0PgogICAgICA8b2JqZWN0IGNsYXNzaWQ9ImNsc2lkOkQyN0NEQjZFLUFFNkQtMTFjZi05NkI4LTQ0NDU1MzU0MDAwMCIgY29kZWJhc2U9Imh0dHA6Ly9kb3dubG9hZC5tYWNyb21lZGlhLmNvbS9wdWIvc2hvY2t3YXZlL2NhYnMvZmxhc2gvc3dmbGFzaC5jYWIjdmVyc2lvbj02LDAsMjksMCIgd2lkdGg9Ijk2IiBoZWlnaHQ9IjQ2MSI+CiAgICAgICAgPHBhcmFtIG5hbWU9Im1vdmllIiB2YWx1ZT0ic3dmL3N1Ym1lbnUuc3dmIiAvPgogICAgICAgIDxwYXJhbSBuYW1lPSJxdWFsaXR5IiB2YWx1ZT0iaGlnaCIgLz4KICAgICAgICA8ZW1iZWQgc3JjPSJzd2Yvc3VibWVudS5zd2YiIHF1YWxpdHk9ImhpZ2giIHBsdWdpbnNwYWdlPSJodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL2dvL2dldGZsYXNocGxheWVyIiB0eXBlPSJhcHBsaWNhdGlvbi94LXNob2Nrd2F2ZS1mbGFzaCIgd2lkdGg9Ijk2IiBoZWlnaHQ9IjQ2MSI+PC9lbWJlZD48L29iamVjdD4KICAgICAgPC9ub3NjcmlwdD48L3RkPgogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCIgYmdjb2xvcj0iI0ZGRkZGRiI+CiAgICAgICAgPHRyPiAKICAgICAgICAgIDx0ZCB3aWR0aD0iMTciIHJvd3NwYW49IjciPjxwPiZuYnNwOzwvcD48L3RkPgogICAgICAgICAgPHRkIHdpZHRoPSIxNzIiIGFsaWduPSJjZW50ZXIiIHZhbGlnbj0idG9wIiBiZ2NvbG9yPSIjRTNFM0UzIj4gPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGFsaWduPSJjZW50ZXIiPjxpbWcgc3JjPSJpbWcvM3B4LmpwZyIgd2lkdGg9IjUiIGhlaWdodD0iNSI+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4gCiAgICAgICAgICAgICAgICA8dGQgYWxpZ249ImNlbnRlciI+PGxpbmsgaHJlZj0iLi4vZXN0aWxvcy5jc3MiIHJlbD0ic3R5bGVzaGVldCIgdHlwZT0idGV4dC9jc3MiIC8+Cjxib2R5IGJnY29sb3I9IiNDQ0NDQ0MiIHRvcG1hcmdpbj0iNiBweCI+PHRhYmxlIHdpZHRoPSIxNjUiIGJvcmRlcj0iMCIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIzIiBiZ2NvbG9yPSIjRkZGRkZGIj4KPHRyPgogICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTkxIiBoZWlnaHQ9IjI4IiBiYWNrZ3JvdW5kPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiA+PGltZyBzcmM9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciIHdpZHRoPSI2IiAgaGVpZ2h0PSIyOCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJpbmRleC5waHA/aWQ9MThfbmV3IiBjbGFzcz0iZm9uZG9ib3RvbiI+SG9tZTwvYT48L3RkPgogIDwvdHI+Cjx0cj4KICA8dGQgaGVpZ2h0PSIyOCIgYmFja2dyb3VuZD0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXciIGNsYXNzPSJmb25kb2JvdG9uIj4mbmJzcDsmbmJzcDtOb3RpY2lhczwvYT48L3RkPgo8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMjgiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgd2lkdGg9IjYiIGhlaWdodD0iMjgiIGJvcmRlcj0iMCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJkb25hY2lvbmVzLyIgdGFyZ2V0PSJfYmxhbmsiIGNsYXNzPSJmb25kb2JvdG9uIj5Eb25hY2lvbmVzPC9hPjwvdGQ+CiAgPC90cj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjI4IiBiYWNrZ3JvdW5kPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiA+PGltZyBzcmM9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciICB3aWR0aD0iNiJoZWlnaHQ9IjI4IiBhbGlnbj0iYWJzbWlkZGxlIiAvPjxhIGhyZWY9ImluZGV4LnBocD9pZD0yM19uZXciIGNsYXNzPSJmb25kb2JvdG9uIj5IaXN0b3JpYWwgZGUgbmV3c2xldHRlcnM8L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMjgiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgd2lkdGg9IjYiIGhlaWdodD0iMjgiIGFsaWduPSJhYnNtaWRkbGUiIC8+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTEzYSIgY2xhc3M9ImZvbmRvYm90b24iPkVudmlhciBpbmZvcm1hY2kmb2FjdXRlO248L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciPjxpbWcgc3JjPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiB3aWR0aD0iNiJoZWlnaHQ9IjI4IiBhbGlnbj0iYWJzbWlkZGxlIiAvPjxhIGhyZWY9ImluZGV4LnBocD9pZD0yNl9uZXciIGNsYXNzPSJmb25kb2JvdG9uIj5WZXIgdHJhYmFqb3MgZGUgdXN1YXJpb3M8L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciPjxpbWcgc3JjPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiB3aWR0aD0iNiIgaGVpZ2h0PSIyOCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJpbmRleC5waHA/aWQ9MTZfbmV3IiBjbGFzcz0iZm9uZG9ib3RvbiI+U2FsdWQgQWN0aXZhIHByZW5zYTwvYT48L3RkPgogIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIxOSIgYmFja2dyb3VuZD0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgPjxpbWcgc3JjPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiB3aWR0aD0iNiIgaGVpZ2h0PSIyOCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJtYWlsdG86c2FsdWRhY3RpdmFAc2FsdWRhY3RpdmEub3JnLmFyIiBjbGFzcz0iZm9uZG9ib3RvbiI+TWFuZCZhYWN1dGU7IHR1IEMuVi48L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgIHdpZHRoPSI2ImhlaWdodD0iMjgiIGFsaWduPSJhYnNtaWRkbGUiIC8+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTIxX25ldyIgY2xhc3M9ImZvbmRvYm90b24iPkluZm9ybWFjaSZvYWN1dGU7biBkZSBpbnRlciZlYWN1dGU7czwvYT48L3RkPgogIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIxOSIgYmFja2dyb3VuZD0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyI+PGltZyBzcmM9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciIHdpZHRoPSI2IiBoZWlnaHQ9IjI4IiBhbGlnbj0iYWJzbWlkZGxlIiAvPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xMF80IiBjbGFzcz0iZm9uZG9ib3RvbiI+Q29uZ3Jlc29zCiAgICAgICAgICAgICAgICAgIHkgSm9ybmFkYXM8L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgd2lkdGg9IjYiIGhlaWdodD0iMjgiIGFsaWduPSJhYnNtaWRkbGUiIC8+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTExIiBjbGFzcz0iZm9uZG9ib3RvbiI+UmVnaXN0cmFjaSZvYWN1dGU7bjwvYT48L3RkPgogIDwvdHI+CiAgICAgICAgICAgCiAgICAgICAgICA8L3RhYmxlPgo8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGFsaWduPSJjZW50ZXIiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNSIgdGFyZ2V0PSJfYmxhbmsiPjxicj4KICAgICAgICAgICAgICAgICAgPGltZyBzcmM9ImltZy9iYW5uZXJfZG9uYWNpb25lcy5qcGciIHdpZHRoPSIxNjIiIGhlaWdodD0iMTIwIiBib3JkZXI9IjAiPjxicj4KICAgICAgICAgICAgICAgICAgPGJyPgogICAgICAgICAgICAgICAgICA8aW1nIHNyYz0iaW1nL2JvdG9uRm9yby5naWYiIHdpZHRoPSIxNzIiIGhlaWdodD0iMTE3IiBib3JkZXI9IjAiPjwvYT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPiAKICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTY3IiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjkiPjxpbWcgc3JjPSJpbWcvY2hpY29zX3BlcmRpZG9zXzAzLmdpZiIgd2lkdGg9IjkiIGhlaWdodD0iOSIgLz48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTQ5IiBiYWNrZ3JvdW5kPSJpbWcvY2hpY29zX3BlcmRpZG9zXzA1LmdpZiI+PGltZyBzcmM9ImltZy9jaGljb3NfcGVyZGlkb3NfMDUuZ2lmIiB3aWR0aD0iOSIgaGVpZ2h0PSI5IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMCI+PGltZyBzcmM9ImltZy9jaGljb3NfcGVyZGlkb3NfMDcuZ2lmIiB3aWR0aD0iOSIgaGVpZ2h0PSI5IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgYmFja2dyb3VuZD0iaW1nL2NoaWNvc19wZXJkaWRvc18xMi5naWYiPjxpbWcgc3JjPSJpbWcvY2hpY29zX3BlcmRpZG9zXzEyLmdpZiIgd2lkdGg9IjkiIGhlaWdodD0iMTEiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQ+PGltZyBzcmM9InNyYy9pbWdfdXAvMjMwODIwMTIuMS5qcGciIHdpZHRoPSIxNDkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgYmFja2dyb3VuZD0iaW1nL2NoaWNvc19wZXJkaWRvc18xMy5naWYiPjxpbWcgc3JjPSJpbWcvY2hpY29zX3BlcmRpZG9zXzEzLmdpZiIgd2lkdGg9IjkiIGhlaWdodD0iMTEiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18xNi5naWYiIHdpZHRoPSIxNjciIGhlaWdodD0iNSIgLz48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGJhY2tncm91bmQ9ImltZy9jaGljb3NfcGVyZGlkb3NfMTcuZ2lmIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18xNy5naWYiIHdpZHRoPSI5IiBoZWlnaHQ9IjkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgYWxpZ249ImNlbnRlciIgYmdjb2xvcj0iI0ZFRTdDRiIgY2xhc3M9InRpdHVsb2hvbWU1Ij48c3Ryb25nPk5pJm50aWxkZTtvcyBwZXJkaWRvczxicj4KICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0yOSIgY2xhc3M9ImJvdG9uIj5bVmVyIG0mYWFjdXRlO3NdPC9hPjwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIGJhY2tncm91bmQ9ImltZy9jaGljb3NfcGVyZGlkb3NfMTkuZ2lmIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18xOS5naWYiIHdpZHRoPSI5IiBoZWlnaHQ9IjkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18yMC5naWYiIHdpZHRoPSIxNjciIGhlaWdodD0iMjUiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPiAKICAgICAgICAgICAgICAgIDx0ZD48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4NCgkJCQkNCgkJCQk8Zm9ybSBhY3Rpb249ImluZGV4LnBocD9pZD0xMSIgIG1ldGhvZD0icG9zdCI+DQogICAgICAgICAgICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMiI+PGltZyBzcmM9ImltZy9yZWdpc3RyYXRlX2VzcV9penExLmpwZyIgd2lkdGg9IjEyIiBoZWlnaHQ9IjQ4IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgICAgPHRkPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9hcnJpYmEuanBnIiB3aWR0aD0iMTQ2IiBoZWlnaHQ9IjQ4IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNCI+PGltZyBzcmM9ImltZy9yZWdpc3RyYXRlX2VzcV9kZXIxLmpwZyIgd2lkdGg9IjE0IiBoZWlnaHQ9IjQ4IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgIDwvdHI+DQogICAgICAgICAgICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMiIgdmFsaWduPSJ0b3AiIGNsYXNzPSJyZWdGb25kbzEiPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9penEuanBnIiB3aWR0aD0iMTIiIGhlaWdodD0iMTIiIC8+PC90ZD4NCiAgICAgICAgICAgICAgICAgICAgICA8dGQgYmdjb2xvcj0iI0ZGRkZGRiI+PHRhYmxlIHdpZHRoPSI5NCUiIGJvcmRlcj0iMCIgYWxpZ249ImNlbnRlciIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4NCiAgICAgICAgICA8dHI+IA0KICAgICAgICAgICAgPHRkPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV90aXQuanBnIiB3aWR0aD0iNjYiIGhlaWdodD0iMjMiIC8+PC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgaGVpZ2h0PSI1MCIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJyZWdpc3RyYXJzZSI+SW5ncmVzJmFhY3V0ZTsgDQogICAgICAgICAgICAgIHR1cyBkYXRvcyB5IHJlY2liJmlhY3V0ZTsgbGEgbWVqb3IgaW5mb3JtYWNpJm9hY3V0ZTtuIGEgdHJhdiZlYWN1dGU7cyANCiAgICAgICAgICAgICAgZGUgbnVlc3RybzxzdHJvbmc+IE5ld3NsZXR0ZXI8L3N0cm9uZz4uIDxzdHJvbmc+PHNwYW4gY2xhc3M9ImdyYXRpcyI+R3JhdGlzITwvc3Bhbj48L3N0cm9uZz48L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgICAgPHRyPiANCiAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjI1IiB2YWxpZ249Im1pZGRsZSIgY2xhc3M9InRyYWJTRUNDSU9OIj5Ob21icmU8L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgICAgPHRyPiANCiAgICAgICAgICAgIDx0ZCBjbGFzcz0icmVnQ0VMREEiPjxpbnB1dCBuYW1lPSJub21icmUiIHR5cGU9InRleHQiIGNsYXNzPSJyZWdDRUxEQWlucHV0IiBpZD0ibm9tYnJlIiAvPjwvdGQ+DQogICAgICAgICAgPC90cj4NCiAgICAgICAgICA8dHI+IA0KICAgICAgICAgICAgPHRkIGhlaWdodD0iMjUiIHZhbGlnbj0ibWlkZGxlIiBjbGFzcz0idHJhYlNFQ0NJT04iPkFwZWxsaWRvPC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgY2xhc3M9InJlZ0NFTERBIj48aW5wdXQgbmFtZT0iYXBlbGxpZG8iIHR5cGU9InRleHQiIGNsYXNzPSJyZWdDRUxEQWlucHV0IiBpZD0iYXBlbGxpZG8iIC8+PC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgaGVpZ2h0PSIyNSIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJ0cmFiU0VDQ0lPTiI+RS1tYWlsPC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgY2xhc3M9InJlZ0NFTERBIj48aW5wdXQgbmFtZT0iZW1haWwiIHR5cGU9InRleHQiIGNsYXNzPSJyZWdDRUxEQWlucHV0IiBpZD0iZW1haWwiIC8+PC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgY2xhc3M9InRyYWJTRUNDSU9OIj4mbmJzcDs8L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgICAgPHRyPiANCiAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIiBjbGFzcz0idHJhYlNFQ0NJT04iPjxpbnB1dCB0eXBlPSJpbWFnZSIgc3JjPSJpbWcvcmVnaXN0cmF0ZV9ib3Rvbi5qcGciIHdpZHRoPSIxMTciIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgIDwvdGFibGU+PC90ZD4NCiAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE0IiB2YWxpZ249InRvcCIgY2xhc3M9InJlZ0ZvbmRvMiI+PGltZyBzcmM9ImltZy9yZWdpc3RyYXRlX2Rlci5qcGciIHdpZHRoPSIxNCIgaGVpZ2h0PSIxNCIgLz48L3RkPg0KICAgICAgICAgICAgICAgICAgICA8L3RyPg0KICAgICAgICAgICAgICAgICAgICA8dHI+IA0KICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTIiIGhlaWdodD0iMjQiPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9lc3FfaXpxMi5qcGciIHdpZHRoPSIxMiIgaGVpZ2h0PSIyNCIgLz48L3RkPg0KICAgICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjI0Ij48aW1nIHNyYz0iaW1nL3JlZ2lzdHJhdGVfYWJham8uanBnIiB3aWR0aD0iMTQ2IiBoZWlnaHQ9IjI0IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgICAgPHRkPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9lc3FfZGVyMi5qcGciIHdpZHRoPSIxNCIgaGVpZ2h0PSIyNCIgLz48L3RkPg0KICAgICAgICAgICAgICAgICAgICA8L3RyPg0KCQkJCQkNCgkJCQkJPC9mb3JtPg0KICAgICAgICAgICAgICAgICAgPC90YWJsZT4NCjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4gCiAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPiAKICAgICAgICAgICAgICAgICAgPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTcwIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMyIgY2xhc3M9ImJvcmRlIj4KICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCA+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBhbGlnbj0ibGVmdCIgY2xhc3M9InRpdHVsb2hvbWUyIj4KCQkJCQkJCQkJCQkJCQkJCTwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICA8dGQ+PGltZyBzcmM9ImltZy9jbGF1ZGlhMl8wMy5qcGciIHdpZHRoPSIxNzQiIGhlaWdodD0iMjUwIiBib3JkZXI9IjAiIHVzZW1hcD0iI01hcCI+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8L3RhYmxlPiAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICA8L3RhYmxlPiAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICA8dGQgcm93c3Bhbj0iNyIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nLzV4NS5qcGciIHdpZHRoPSI3IiBoZWlnaHQ9IjciPjwvdGQ+CiAgICAgICAgICA8dGQgY29sc3Bhbj0iMiIgcm93c3Bhbj0iNCIgYWxpZ249InJpZ2h0IiB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPGZvcm0gYWN0aW9uPSJsb2dpbi5waHAiIG1ldGhvZD0icG9zdCIgbmFtZT0iZm9ybTIiPgoKICAgICAgICAgICAgICA8dHI+IAogICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIxOSIgY29sc3Bhbj0iMiIgYWxpZ249ImxlZnQiIHZhbGlnbj0ibWlkZGxlIiBjbGFzcz0iY29udGVuaWRvIiA+IAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8c3Ryb25nPlVzdWFyaW8gbm8gcmVnaXN0cmFkbzwvc3Ryb25nPiAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9mb250PiA8L3N0cm9uZz4gCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDkiIGFsaWduPSJyaWdodCIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJjb250ZW5pZG8iPlVzdWFyaW8mbmJzcDsmbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzOSIgdmFsaWduPSJtaWRkbGUiPjxpbnB1dCBuYW1lPSJ1c3VhcmlvIiB0eXBlPSJ0ZXh0IiBjbGFzcz0icmVnIiBpZD0idXN1YXJpbyIgc2l6ZT0iNyI+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjciIGFsaWduPSJyaWdodCIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJjb250ZW5pZG8iPkNvbnRyYXNlJm50aWxkZTthJm5ic3A7Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzkiIHZhbGlnbj0ibWlkZGxlIj48aW5wdXQgbmFtZT0icGFzcyIgdHlwZT0icGFzc3dvcmQiIGNsYXNzPSJyZWciIGlkPSJwYXNzIiBzaXplPSI3Ij48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MiIgYWxpZ249InJpZ2h0IiB2YWxpZ249Im1pZGRsZSIgY2xhc3M9ImJvdG9uIj48aW5wdXQgdHlwZT0iaW1hZ2UiIHNyYz0iaW1nL3JlZy5qcGciIHdpZHRoPSI1OCIgaGVpZ2h0PSIzMCI+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPiAKICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjciIGhlaWdodD0iMTkiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgPjxhIGhyZWY9Imh0dHA6Ly93d3cuZmFjZWJvb2suY29tL2hvbWUucGhwPyMhL3BhZ2VzL01lcmxvLUFyZ2VudGluYS9TQUxVRC1BQ1RJVkEvMTAwNTgzNTQzMzE3MzIyP3JlZj10cyZhamF4cGlwZT0xJl9fYT03IiB0YXJnZXQ9Il9ibGFuayI+PGltZyBzcmM9ImltZy9mYWNlYm9vay5qcGciIHdpZHRoPSIyMCIgaGVpZ2h0PSIyMCIgYm9yZGVyPSIwIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzExIiBhbGlnbj0icmlnaHQiIHZhbGlnbj0idG9wIj48ZGl2IGFsaWduPSJsZWZ0Ij48YSBocmVmPSJodHRwOi8vdHdpdHRlci5jb20vU2FsdWRBY3RpdmFPTkciIHRhcmdldD0iX2JsYW5rIj48aW1nIHNyYz0iaW1nL3R3aXRlci5qcGciIHdpZHRoPSIyMCIgaGVpZ2h0PSIyMCIgYm9yZGVyPSIwIj48L2E+PC9kaXY+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSI1IiBhbGlnbj0icmlnaHQiIHZhbGlnbj0ibWlkZGxlIiBjbGFzcz0iY29udGVuaWRvIj48bGFiZWw+PGZvbnQgc2l6ZT0iLTYiPlNpCiAgICAgICAgICAgICAgICAgICAgICAgdG9kYXYmaWFjdXRlO2Egbm8gZXMgdXN1YXJpbyA8L2ZvbnQ+IDxhIGhyZWY9ImluZGV4LnBocD9pZD0xMSIgY2xhc3M9ImJvdG9uIj48Zm9udCBzaXplPSItNiI+cmVnJmlhY3V0ZTtzdHJlc2UKICAgICAgICAgICAgICAgICAgICAgICAgYXF1JmlhY3V0ZTsgPGZvbnQgY29sb3I9IiM2NjY2NjYiPiYjODIyNjs8L2ZvbnQ+PC9mb250PjwvYT4gPGEgaHJlZj0iaW5kZXgucGhwP2lkPTEyIiBjbGFzcz0iYm90b24xIj48Zm9udCBzaXplPSItNiI+b2x2aWRlIG1pIGNvbnRyYXNlJm50aWxkZTthPC9mb250PjwvYT48L2xhYmVsPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE3Ij4mbmJzcDsgPC90ZD4KICAgICAgICAgICAgICA8L3RyPgoJCQkgIDwvZm9ybT4KCiAgICAgICAgICAgIDwvdGFibGU+CiAgICAgICAgICA8IURPQ1RZUEUgaHRtbCBQVUJMSUMgIi0vL1czQy8vRFREIFhIVE1MIDEuMCBUcmFuc2l0aW9uYWwvL0VOIiAiaHR0cDovL3d3dy53My5vcmcvVFIveGh0bWwxL0RURC94aHRtbDEtdHJhbnNpdGlvbmFsLmR0ZCI+CjxodG1sIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hodG1sIj4KPGhlYWQ+CjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PWlzby04ODU5LTEiIC8+Cjx0aXRsZT5Eb2N1bWVudG8gc2luIHQmaWFjdXRlO3R1bG88L3RpdGxlPgo8bGluayBocmVmPSJlc3RpbG9zLmNzcyIgcmVsPSJzdHlsZXNoZWV0IiB0eXBlPSJ0ZXh0L2NzcyIgLz4KPHNjcmlwdCBsYW5ndWFnZT0iSmF2YVNjcmlwdCIgdHlwZT0idGV4dC9KYXZhU2NyaXB0Ij4KPCEtLQpmdW5jdGlvbiBNTV9yZWxvYWRQYWdlKGluaXQpIHsgIC8vcmVsb2FkcyB0aGUgd2luZG93IGlmIE5hdjQgcmVzaXplZAogIGlmIChpbml0PT10cnVlKSB3aXRoIChuYXZpZ2F0b3IpIHtpZiAoKGFwcE5hbWU9PSJOZXRzY2FwZSIpJiYocGFyc2VJbnQoYXBwVmVyc2lvbik9PTQpKSB7CiAgICBkb2N1bWVudC5NTV9wZ1c9aW5uZXJXaWR0aDsgZG9jdW1lbnQuTU1fcGdIPWlubmVySGVpZ2h0OyBvbnJlc2l6ZT1NTV9yZWxvYWRQYWdlOyB9fQogIGVsc2UgaWYgKGlubmVyV2lkdGghPWRvY3VtZW50Lk1NX3BnVyB8fCBpbm5lckhlaWdodCE9ZG9jdW1lbnQuTU1fcGdIKSBsb2NhdGlvbi5yZWxvYWQoKTsKfQpNTV9yZWxvYWRQYWdlKHRydWUpOwoKZnVuY3Rpb24gTU1fcHJlbG9hZEltYWdlcygpIHsgLy92My4wCiAgdmFyIGQ9ZG9jdW1lbnQ7IGlmKGQuaW1hZ2VzKXsgaWYoIWQuTU1fcCkgZC5NTV9wPW5ldyBBcnJheSgpOwogICAgdmFyIGksaj1kLk1NX3AubGVuZ3RoLGE9TU1fcHJlbG9hZEltYWdlcy5hcmd1bWVudHM7IGZvcihpPTA7IGk8YS5sZW5ndGg7IGkrKykKICAgIGlmIChhW2ldLmluZGV4T2YoIiMiKSE9MCl7IGQuTU1fcFtqXT1uZXcgSW1hZ2U7IGQuTU1fcFtqKytdLnNyYz1hW2ldO319Cn0KLy8tLT4KPC9zY3JpcHQ+CiAgICAgICAgICAgICA8c2NyaXB0IHNyYz0iU2NyaXB0cy9BQ19SdW5BY3RpdmVDb250ZW50LmpzIiB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPjwvc2NyaXB0PgoJCQkgCjxzdHlsZSB0eXBlPSJ0ZXh0L2NzcyI+CjwhLS0KI0xheWVyMSB7Cglwb3NpdGlvbjphYnNvbHV0ZTsKCXdpZHRoOjY1MXB4OwoJaGVpZ2h0OjIxOHB4OwoJei1pbmRleDoxOwp9CiNMYXllcjIgewoJcG9zaXRpb246YWJzb2x1dGU7Cgl3aWR0aDoyMDBweDsKCWhlaWdodDoxMTVweDsKCXotaW5kZXg6MTsKCXZpc2liaWxpdHk6IHZpc2libGU7Cn0KLkVzdGlsbzEgewoJZm9udC1zaXplOiAxOHB4OwoJZm9udC13ZWlnaHQ6IGJvbGQ7Cn0KLkVzdGlsbzIgewoJZm9udC1zaXplOiAxNHB4OwoJZm9udC13ZWlnaHQ6IGJvbGQ7Cn0KLkVzdGlsbzMge2NvbG9yOiAjNTA2OTkwOyBsaW5lLWhlaWdodDogMTJweDsgdGV4dC1kZWNvcmF0aW9uOiBub25lOyBmb250LWZhbWlseTogVGFob21hO30KLS0+Cjwvc3R5bGU+CjwvaGVhZD4KCjxib2R5IGxlZnRtYXJnaW49IjIiIG1hcmdpbndpZHRoPSIyIj4KPHRhYmxlIHdpZHRoPSI2MDgiIGJvcmRlcj0iMCIgYWxpZ249ImNlbnRlciIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4KICA8dHI+CiAgICA8dGQgY29sc3Bhbj0iNCIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCB3aWR0aD0iMiUiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzA3LmpwZyIgd2lkdGg9IjI0IiBoZWlnaHQ9IjE0IiAvPjwvdGQ+CiAgICAgICAgPHRkIHdpZHRoPSI5MCUiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18wNy5qcGciPiZuYnNwOzwvdGQ+CiAgICAgICAgPHRkIHdpZHRoPSI4JSIgYWxpZ249InJpZ2h0IiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wOS5qcGciIHdpZHRoPSI0NSIgaGVpZ2h0PSIxNyIgLz48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogIDwvdHI+CiAgPHRyPgogICAgPHRkIGNvbHNwYW49IjQiPjxiciAvPgogICAgICA8dGFibGUgd2lkdGg9Ijk4JSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiPgogICAgICA8dHI+CiAgICAgICAgPHRkIHdpZHRoPSIyJSI+PGltZyBzcmM9ImltZy81eDUuanBnIiB3aWR0aD0iMTUiIGhlaWdodD0iMTUiIC8+PC90ZD4KICAgICAgICA8dGQgd2lkdGg9IjkzJSI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CjwhLS0gSU5JQ0lPIG5vdGEgZGVzdGFjYWRhIC0tPgogICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTU2IiByb3dzcGFuPSIyIiB2YWxpZ249InRvcCI+CgkJCQkKCQkJCTx0YWJsZSB3aWR0aD0iMzIlIiBib3JkZXI9IjEiIGNlbGxzcGFjaW5nPSIzIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJzcmMvaW1nX3VwLzIzMDQyMDEzLjAuanBnIiB3aWR0aD0iMTQ2IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPgoJCQkJCQkJCTwvdGQ+ICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MjIvMTEvMjAxMzwvc3Bhbj48YnI+SVYgQ29uZ3Jlc28gSW50ZXJuYWNpb25hbCB2aW9sZW5jaWEsIG1hbHRyYXRvIHkgYWJ1c288L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iNyIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9Ijg1IiBjb2xzcGFuPSI0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPjxzdHJvbmc+MTQsIDE1IHkgMTYgZGUgTm92aWVtYnJlIEFCSUVSVEEgTEEgSU5TQ1JJUENJJk9hY3V0ZTtOISAoY29uIGRlc2N1ZW50byBoYXN0YSBlbCAyNy84KTxiciAvPjwvc3Ryb25nPjwvcD4NCjxwPjxzdHJvbmc+QUJJRVJUQSBMQSBSRUNFUENJJk9hY3V0ZTtOIERFIFRSQUJBSk88YSBocmVmPSJodHRwOi8vd3d3LmNvbmdyZXNvdmlvbGVuY2lhLmNvbS9pbmRleC5waHA/aWQ9bW9kYWxpZGFkZXMiIHRhcmdldD0iX2JsYW5rIj4gKG1hcyBpbmZvKTwvYT48L3N0cm9uZz48L3A+DQo8cD48c3BhbiBzdHlsZT0iY29sb3I6ICNmZjY2MDA7Ij48c3Ryb25nPk9yZ2FuaXphOiBTYWx1ZCBBY3RpdmE8L3N0cm9uZz48L3NwYW4+PC9wPg0KPHA+PHNwYW4gc3R5bGU9ImNvbG9yOiAjZmY2NjAwOyI+SW5jcmlwdG9zIGFsIFBvcnRhbCBkZSBTYWx1ZCBBY3RpdmEsIGltcG9ydGFudGVzIGRlc2N1ZW50b3MhPGJyIC8+PC9zcGFuPjwvcD4NCjxwPkx1Z2FyIGRlIFJlYWxpemFjaSZvYWN1dGU7biB5IGNvbGFib3JhY2lvbjogVW5pdmVyc2lkYWQgZGVsIEVzdGUsIExhIFBsYXRhIEJ1ZW5vcyBBaXJlczwvcD4NCjxwPk1hcyBkZSAxNTAgdHJhYmFqb3MgcHJlc2VudGFkb3MsIHVsdGltb3MgZGlhcyBwYXJhIGluc2NyaWJpcnNlIGNvbiBkZXNjdWVudG8hITwvcD4NCjxwPjxhIGhyZWY9Imh0dHA6Ly93d3cuY29uZ3Jlc292aW9sZW5jaWEuY29tL2luZGV4LnBocD9pZD1pbnNjcmlwY2lvbiIgdGFyZ2V0PSJfYmxhbmsiPkluc2NyaWJpcnNlPC9hPjwvcD4NCjxwPjxhIGhyZWY9Imh0dHA6Ly93d3cuY29uZ3Jlc292aW9sZW5jaWEuY29tL2luZGV4LnBocD9pZD1pbnNjcmlwY2lvbiIgdGFyZ2V0PSJfYmxhbmsiPjxiciAvPjwvYT48L3A+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTklIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzAxIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzE5LmpwZyIgd2lkdGg9Ijc1IiBoZWlnaHQ9IjQxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMS5qcGciIHdpZHRoPSI1MyIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48YSBocmVmPSIjIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDEiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIiBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgIDwvdHI+CgkJICAgICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MDQvMTEvMjAxMzwvc3Bhbj48YnI+RWwgY29sZWdpbyBkZSBQc2lj82xvZ29zIGRlIEPzcmRvYmEgc2UgcHJvbnVuY2lhIGVuIHJlbGFjafNuIGFsIFNBUCB5IGVuIGNvbmNvcmRhbmNpYSBjb24gbG8gZXhwcmVzYWRvIHBvciBlbCBDb2xlZ2lvIGRlIFBzaWPzbG9nb3MgZGUgTWFyIGRlbCBQbGF0YSB5IGVsIENvbGVnaW8gZGUgUHNpY/Nsb2dvcyBkZSBsYSAgUHJvdmluY2lhIGRlIEJ1ZW5vcyBBaXJlczwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wMV8xOS5qcGciIHdpZHRoPSI3IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODUiIGNvbHNwYW49IjQiIHZhbGlnbj0idG9wIiBjbGFzcz0idGV4dG9udWV2byI+PHA+Jm5ic3A7PC9wPg0KPHA+TGFzIGNvbnRyb3ZlcnNpYXMgZ2VuZXJhZGFzIGVuIHJlbGFjaSZvYWN1dGU7biBhbCAic2luZHJvbWUgZGUgYWxpZW5hY2kmb2FjdXRlO24gcGFyZW50YSIgU0FQLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMxMCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzEwIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTU2IiByb3dzcGFuPSIyIiB2YWxpZ249InRvcCI+CgkJCQkKCQkJCTx0YWJsZSB3aWR0aD0iMzIlIiBib3JkZXI9IjEiIGNlbGxzcGFjaW5nPSIzIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJzcmMvaW1nX3VwLzE2MTAyMDEzLjAuanBnIiB3aWR0aD0iMTQ2IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPgoJCQkJCQkJCTwvdGQ+ICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MTYvMTAvMjAxMzwvc3Bhbj48YnI+U2FsdWQgQWN0aXZhIG90b3JnYSBtZWRpYXMgYmVjYXMgcGFyYSBlbCBJViBDb25ncmVzbyBJbnRlcm5hY2lvbmFsLCBWIE5hY2lvbmFsLCBWSSBSZWdpb25hbCBWaW9sZW5jaWEsIE1hbHRyYXRvIHkgQWJ1c28uPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD4mbmJzcDs8L3A+DQo8cD5TZXImYWFjdXRlO24gb3RvcmdhZGFzIDUwIG1lZGlhcyBiZWNhcywgcXVlZGFuIHBvY2FzISEhIGNvbmRpY2lvbjo8L3A+DQo8cD5QZXJ0ZW5lY2VyIGFsIGFtYml0byBwdWJsaWNvIG8gYSBPTkcsIHNlIGNvbnNpZGVyYSB0YW1iaWVuIGxhIGRpc3RhbmNpYSBhbCBsdWdhciBkZWwgZXZlbnRvISEhIGVzIG11eSBzZW5jaWxsbywgc29sbyBkZWJlcyBlbnZpYXIgdW4gZW1haWwuLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwOSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA5Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjI0LzA3LzIwMTM8L3NwYW4+PGJyPk5FQ0VTSVRBTU9TIERFIFNVIFNPTElEQVJJREFEIEhBQ0lBIExPUyBOSdFPUyBZIE5J0UFTISEhPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD48c3Ryb25nPjxzcGFuIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IHVuZGVybGluZTsiPjxiciAvPjwvc3Bhbj48L3N0cm9uZz48L3A+DQo8cD48c3Ryb25nPjxzcGFuIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IHVuZGVybGluZTsiPjxiciAvPjwvc3Bhbj48L3N0cm9uZz48L3A+DQo8cD48c3Ryb25nPjxzcGFuIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IHVuZGVybGluZTsiPlBST0dSQU1BIEZBTUlMSUFTIFNPTElEQVJJQVM8L3NwYW4+PC9zdHJvbmc+PC9wPg0KPHA+PHN0cm9uZz5DQU1CSU8gREUgU0VERTwvc3Ryb25nPjwvcD4NCjxwPkxhIGNhcGFjaXRhY2kmb2FjdXRlO24gcGFyYSBsYSBwdWVzdGEgZW4gbWFyY2hhIGRlbCA8c3Ryb25nPlByb2dyYW1hIEZhbWlsaWFzIFNvbGlkYXJpYXM8L3N0cm9uZz4gc2UgcmVhbGl6YXImYWFjdXRlOyBlbiBsYSBsb2NhbGlkYWQgZGUgPHN0cm9uZz5OYXZhcnJvPC9zdHJvbmc+IHBhcmEgdG9kbyBlbCBjb3JyZWRvciBkZSBsYSBSdXRhIDQwLjwvcD4NCjxwPkluaWNpbyA8c3Ryb25nPk1pJmVhY3V0ZTtyY29sZXMgMjggZGUgYWdvc3RvIGEgbGFzIDE0IGhvcmFzLiZuYnNwOzwvc3Ryb25nPjwvcD4NCjxwPlNlZGU6IDxzdHJvbmc+U2FsJm9hY3V0ZTtuIE11bmljaXBhbCBlbiBsYSBjYWxsZSAxMDcgZXNxdWluYSAyMiAtIE5hdmFycm88L3N0cm9uZz48L3A+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTklIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA4Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzE5LmpwZyIgd2lkdGg9Ijc1IiBoZWlnaHQ9IjQxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMS5qcGciIHdpZHRoPSI1MyIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48YSBocmVmPSIjIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDgiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIiBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgIDwvdHI+CgkJICAgICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNTYiIHJvd3NwYW49IjIiIHZhbGlnbj0idG9wIj4KCQkJCQoJCQkJPHRhYmxlIHdpZHRoPSIzMiUiIGJvcmRlcj0iMSIgY2VsbHNwYWNpbmc9IjMiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PGltZyBzcmM9InNyYy9pbWdfdXAvMTIwNzIwMTMuMC5qcGciIHdpZHRoPSIxNDYiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+CgkJCQkJCQkJPC90ZD4gICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBjbGFzcz0idGl0dWxvaG9tZTEiPjxzcGFuIGNsYXNzPSJkZXN0YWNhZG9zIj4xMi8wNy8yMDEzPC9zcGFuPjxicj5TQUxVRCBBQ1RJVkEgaGEgc2lkbyBlbGVnaWRhIHBvciBzZWd1bmRhIHZleiBjb25zZWN1dGl2YSBjb21vIHVubyBkZSBsb3MgZ2FuYWRvcmVzIGRlbCBDdWFydG8gQ29uY3Vyc28gZGUgUHJveWVjdG9zIFNvY2lhbGVzIGRlIFBldHJvYnJhczwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wMV8xOS5qcGciIHdpZHRoPSI3IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODUiIGNvbHNwYW49IjQiIHZhbGlnbj0idG9wIiBjbGFzcz0idGV4dG9udWV2byI+PHA+RW4gZWwgbWFyY28gZGVsIEN1YXJ0byBDb25jdXJzbyBkZSBQcm95ZWN0b3MgU29jaWFsZXMgZGUgUGV0cm9icmFzLCANCm51ZXN0cmEgSW5zdGl0dWNpJm9hY3V0ZTtuIFNBTFVEIEFDVElWQSBoYSBzaWRvIGVsZWdpZGEgcG9yIHNlZ3VuZGEgdmV6IA0KY29uc2VjdXRpdmEgY29tbyB1bm8gZGUgbG9zIGdhbmFkb3JlcyBkZSBkaWNobyBjb25jdXJzby48YnIgLz5FbiBlc3RhIA0KZWRpY2kmb2FjdXRlO24gZWwgcHJveWVjdG8gcXVlIGhhIHNpZG8gZWxlZ2lkbyBlcyBlbCAmbGRxdW87UHJvZ3JhbWEgZGUgRmFtaWxpYXMgDQpTb2xpZGFyaWFzJnJkcXVvOyBzaWVuZG8gc3UgJmFhY3V0ZTtyZWEgZGUgaW1wbGVtZW50YWNpJm9hY3V0ZTtuIGxvcyBNdW5pY2lwaW9zIGRlIE5hdmFycm8sIA0KR3JhbC4gTGFzIEhlcmFzLCBNYXJjb3MgUGF6LCB5IE1lcmxvPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjAyLzA3LzIwMTM8L3NwYW4+PGJyPk/tciBvIGVzY3VjaGFyPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5Qb3IgQ2FybG9zIFJvemFuc2tpICo8L3A+DQo8cD5BIGxvIGxhcmdvIGRlIGxvcyBzaWdsb3MsIGxhcyBuaSZudGlsZGU7YXMsIG5pJm50aWxkZTtvcyB5IGFkb2xlc2NlbnRlcyBoYW4gc2lkbyBtYWx0cmF0YWRvcyB5IGFidXNhZG9zIHNpbiBxdWUgYSBsYSBjb211bmlkYWQgbGUgaW50ZXJlc2FyYSBuaSBzaXF1aWVyYSBlc2N1Y2hhcmxvcyBjdWFuZG8gaGFjJmlhY3V0ZTthbiBzYWJlciBkZSBhbGd1bmEgZm9ybWEgbG9zIHN1ZnJpbWllbnRvcyBxdWUgcGFkZWMmaWFjdXRlO2FuLiBFbiAxODc0LCBlbiBFc3RhZG9zIFVuaWRvcywgZnVlIGxhIHByaW1lcmEgdmV6IHF1ZSBlbCBFc3RhZG8gaW50ZXJ2aW5vIGVuIHVuIGNhc28gZGUgbWFsdHJhdG8geSBhYnVzby4uLjwvcD48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxOSUiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDYiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMTkuanBnIiB3aWR0aD0iNzUiIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjYwJSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjxhIGhyZWY9IiMiPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjAlIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwNiI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMi5qcGciIHdpZHRoPSI3OCIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18yNi5qcGciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjYuanBnIiB3aWR0aD0iMiIgaGVpZ2h0PSIyIiAvPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgPC90cj4KCQkgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZD48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBjbGFzcz0idGl0dWxvaG9tZTEiPjxzcGFuIGNsYXNzPSJkZXN0YWNhZG9zIj4wMi8wNy8yMDEzPC9zcGFuPjxicj5FbCBkZXJlY2hvIGRlIGxvcyBuafFvcyBhIHNlciBlc2N1Y2hhZG9zPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5VbiBob21icmUgYWN1c2FkbyBkZSBoYWJlciBhYnVzYWRvIGRlIHN1cyBoaWpvcyBoYWImaWFjdXRlO2Egc2lkbyBzb2JyZXNlJmlhY3V0ZTtkbyBkb3MgdmVjZXMgcG9yIGxhIEp1c3RpY2lhLiBQZXJvIGFob3JhLCBsYSBDJmFhY3V0ZTttYXJhIGRlIENhc2FjaSZvYWN1dGU7biByZXZvYyZvYWN1dGU7IGVzYSBkZWNpc2kmb2FjdXRlO24gcG9ycXVlIGVuIGxhIGludmVzdGlnYWNpJm9hY3V0ZTtuIGVsIGp1ZXogbnVuY2EgaGFiJmlhY3V0ZTthIGVzY3VjaGFkbyBhIGxvcyBjaGljb3MuIFkgb3JkZW4mb2FjdXRlOyBxdWUgdGVuZ2EgZW4gY3VlbnRhIGxvIHF1ZSBkaWNlbi48L3A+DQo8cD5Qb3IgTWFyaWFuYSBDYXJiYWphbDwvcD48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxOSUiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDUiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMTkuanBnIiB3aWR0aD0iNzUiIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjYwJSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjxhIGhyZWY9IiMiPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjAlIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwNSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMi5qcGciIHdpZHRoPSI3OCIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18yNi5qcGciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjYuanBnIiB3aWR0aD0iMiIgaGVpZ2h0PSIyIiAvPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgPC90cj4KCQkgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZD48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE1NiIgcm93c3Bhbj0iMiIgdmFsaWduPSJ0b3AiPgoJCQkJCgkJCQk8dGFibGUgd2lkdGg9IjMyJSIgYm9yZGVyPSIxIiBjZWxsc3BhY2luZz0iMyIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48aW1nIHNyYz0ic3JjL2ltZ191cC8wNjA2MjAxMy4xLmpwZyIgd2lkdGg9IjE0NiIgLz48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT4KCQkJCQkJCQk8L3RkPiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjA2LzA2LzIwMTM8L3NwYW4+PGJyPkFidXNvIHNleHVhbCBpbmZhbnRpbC4gRGVzYWZpb3MgZGUgbGEgY2xpbmljYSBhY3R1YWw8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iNyIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9Ijg1IiBjb2xzcGFuPSI0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPkFiaWVydGEgbGEgaW5zY3JpcGNpb248L3A+DQo8cD5Eb2NlbnRlczogTGljLiBNYXJpYSBCZWF0cml6IE0mdXVtbDtsbGVyLiBMaWMuIFBhb2xhIE11Jm50aWxkZTtveiBEdWFydGU8L3A+DQo8cD5JbmljaW86IE1pZXJjb2xlcyAxOSBkZSBKdW5pbzwvcD4NCjxwPkZyZWN1ZW5jaWE6IFNlbWFuYWw8L3A+DQo8cD5Nb2RhbGlkYWQ6IEludGVuc2l2YTwvcD4NCjxwPkNvbnRlbmlkb3M6ICZuYnNwOyBFc3RhIGRlc3RpbmFkbyBhIHRvZG9zIGxvcyBwcm9mZXNpb25hbGVzIGNvbXByb21ldGlkb3MgY29uIGxhIHRlbWF0aWNhIGRlbCBhYnVzbyBpbmZhbnRpbCBxdWUgcXVpZXJhbiBhY3R1YWxpemFyc2UgZSBpbnRlcmNhbWJpYXIgZXhwZXJpZW5jaWFzIGRlIHRyYWJham8uLi48L3A+DQo8cD4mbmJzcDs8L3A+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTklIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA0Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzE5LmpwZyIgd2lkdGg9Ijc1IiBoZWlnaHQ9IjQxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMS5qcGciIHdpZHRoPSI1MyIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48YSBocmVmPSIjIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDQiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIiBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgIDwvdHI+CgkJICAgICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNTYiIHJvd3NwYW49IjIiIHZhbGlnbj0idG9wIj4KCQkJCQoJCQkJPHRhYmxlIHdpZHRoPSIzMiUiIGJvcmRlcj0iMSIgY2VsbHNwYWNpbmc9IjMiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PGltZyBzcmM9InNyYy9pbWdfdXAvMTYwNTIwMTMuMC5qcGciIHdpZHRoPSIxNDYiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+CgkJCQkJCQkJPC90ZD4gICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBjbGFzcz0idGl0dWxvaG9tZTEiPjxzcGFuIGNsYXNzPSJkZXN0YWNhZG9zIj4xNi8wNS8yMDEzPC9zcGFuPjxicj5TYWx1ZCBBY3RpdmEgbmVjZXNpdGEgZGUgdHUgYXl1ZGEhPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5UcmFiYWphbW9zIGNvbW8gcG9kZW1vczogYmEmbnRpbGRlO29zIHJvdG9zLCBzdXNwZW5zaSZvYWN1dGU7biBkZSByZXVuaW9uZXMgcG9yIGNvcnRlcyBkZSBsdXogeSBhZ3VhLCBqdWd1ZXRlcyB2aWVqb3MsIG1lc2VzIGRlIGF0cmFzbyBlbiBlbCBwYWdvIGRlIHN1cyBwcm9mZXNpb25hbGVzIGRlIGxhIHNhbHVkLiBSZWNpZW50ZW1lbnRlIHR1dmltb3MgcXVlIGNlcnJhciBudWVzdHJvIHF1ZXJpZG8gSG9nYXI6ICZsZHF1bztNZXRhbW9yZm9zaXMmcmRxdW87IGVyYSBlbCBsdWdhciBxdWUgc3VwbyBjb250ZW5lciBhIG5pJm50aWxkZTthcyB5IGomb2FjdXRlO3ZlbmVzIHJlc2NhdGFkYSBkZSByZWRlcyBkZSB0cmF0YSBvIHYmaWFjdXRlO2N0aW1hcyBkZSBhYnVzbyBpbnRyYWZhbWlsaWFyLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwMyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzAzIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjAzLzA1LzIwMTM8L3NwYW4+PGJyPlJFUFVESU8gQSBMQSBQUkVTRU5DSUEgRU4gTEEgRkVSSUEgREVMIExJQlJPIERFIFVOIEVYIEpVRVogQUNVU0FETyBERSBBQlVTTyBTRVhVQUw8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iNyIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9Ijg1IiBjb2xzcGFuPSI0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPkZ1ZSBjYW1hcmlzdGEgZW4gTWFyIGRlbCBQbGF0YSBkdXJhbnRlIGxhIGRpY3RhZHVyYS4gSGFjZSBhJm50aWxkZTtvcywgdmFyaWFzIG11amVyZXMgbG8gYWN1c2Fyb24gZGUgaGFiZXIgYWJ1c2FkbyBkZSBlbGxhcyBjdWFuZG8gZXJhbiBuaSZudGlsZGU7YXMuIExhIGNhdXNhIHByZXNjcmliaSZvYWN1dGU7IHkgbm8gaHVibyBjb25kZW5hLiBNYSZudGlsZGU7YW5hIHRpZW5lIHByZXZpc3RvIGZpcm1hciBzdSBsaWJyby4gRXNhcyBtaXNtYXMgbXVqZXJlcyBwaWRlbiBxdWUgbm8gc2VhIGFkbWl0aWRvIGVuIGxhIGZlcmlhLjwvcD48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxOSUiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDIiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMTkuanBnIiB3aWR0aD0iNzUiIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjYwJSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjxhIGhyZWY9IiMiPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjAlIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwMiI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMi5qcGciIHdpZHRoPSI3OCIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18yNi5qcGciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjYuanBnIiB3aWR0aD0iMiIgaGVpZ2h0PSIyIiAvPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgPC90cj4KCQkgIDwhLS0gRklOIG5vdGEgZGVzdGFjYWRhIC0tPgogICAgICAgIDwvdGFibGU+ICAgICAgICA8L3RkPgogICAgICAgIDx0ZCB3aWR0aD0iNSUiIGFsaWduPSJyaWdodCI+PGltZyBzcmM9ImltZy81eDUuanBnIiB3aWR0aD0iMTUiIGhlaWdodD0iMTUiIC8+PC90ZD4KICAgICAgPC90cj4KICAgIDwvdGFibGU+PC90ZD4KICA8L3RyPgogIDx0cj4KICAgIDx0ZCB3aWR0aD0iMSUiPjxpbWcgc3JjPSJpbWcvNXg1LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjE1IiAvPjwvdGQ+CiAgICA8dGQgY29sc3Bhbj0iMiIgYWxpZ249ImNlbnRlciI+Jm5ic3A7PC90ZD4KICAgIDx0ZCB3aWR0aD0iMiUiPjxpbWcgc3JjPSJpbWcvNXg1LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjE1IiAvPjwvdGQ+CiAgPC90cj4KICAKICA8dGQ+CiAgPHRyPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgICA8dGQgY29sc3Bhbj0iMiI+Jm5ic3A7PC90ZD4KICA8L3RyPgogIDx0ciBhbGlnbj0iY2VudGVyIj4KICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgPHRkIHdpZHRoPSI5NyIgY29sc3Bhbj0iMiIgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iNTQ2IiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMyIgY2xhc3M9ImJvcmRlIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgYWxpZ249ImNlbnRlciIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZCA+PC90ZD4KICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIiBjbGFzcz0idGl0dWxvaG9tZTIiPjx0YWJsZSB3aWR0aD0iIiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYWxpZ249ImxlZnQiIHZhbGlnbj0iYm90dG9tIiBjbGFzcz0idGl0dWxvaG9tZTIiPlJhbmtpbmc8L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGFsaWduPSJsZWZ0IiB2YWxpZ249ImJvdHRvbSIgY2xhc3M9InRpdHVsb2hvbWUyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iIiBoZWlnaHQ9IjM1IiBhbGlnbj0ibGVmdCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIyNSIgY2xhc3M9ImNvbnRlbmlkb2hvbWUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMjUiIGNsYXNzPSJjb250ZW5pZG9ob21lIj48c3Ryb25nPiZidWxsO0xhcyBtJmFhY3V0ZTtzIGxlaWRhczwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGNsYXNzPSJjb250ZW5pZG9ob21lIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBjbGFzcz0iY29udGVuaWRvaG9tZSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgY2xhc3M9ImNvbnRlbmlkb2hvbWUiPjxzdHJvbmc+JmJ1bGw7TGFzIG0mYWFjdXRlO3MgY29tZW50YWRhczwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIlIiBoZWlnaHQ9IjIwIiB2YWxpZ249Im1pZGRsZSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yOTgiIGNsYXNzPSJib3RvbiI+PGltZyBzcmM9ImltZy9mbGVjaGFuYXJhbmphZmdyaXNfMjQuanBnIiB3aWR0aD0iMTQiIGhlaWdodD0iNyIgYm9yZGVyPSIwIiBhbGlnbj0iYWJzbWlkZGxlIiAvPjwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDElIiBoZWlnaHQ9IjMwIiB2YWxpZ249InRvcCIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yOTgiIGNsYXNzPSJib3RvbiI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgTHVkb3RlY2EgR2FyYWJhdG8gLSBQcm95ZWN0byBzYWx1ZGFjdGl2YSwgUG9yIHVuYSBpbmZhbmNpYSBmZWxpeiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iOSUiIGJnY29sb3I9IiNFRkVGRUYiPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzJSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0xNjIiIGNsYXNzPSJib3RvbiI+PGltZyBzcmM9ImltZy9mbGVjaGFuYXJhbmphZmdyaXNfMjQuanBnIiB3aWR0aD0iMTQiIGhlaWdodD0iNyIgYm9yZGVyPSIwIiBhbGlnbj0iYWJzbWlkZGxlIiAvPjwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDUlIiBiZ2NvbG9yPSIjRUZFRkVGIj4gICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3JmFtcDtub3RhPTE2MiIgY2xhc3M9ImJvdG9uIj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBDdXJzbyBJbnRlbnNpdm8gZGUgb3BlcmFkb3IgdGVyYXBldXRpY28gZXNwZWNpYWxpemFkbyBlbiBlbCBhYm9yZGFqZSBkZWwgYWJ1c28sIGxhIHZpb2xlbmNpYSB5IGVsIG1hbHRyYXRvIGluZmFudGlsICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9hPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIlIiBoZWlnaHQ9IjIwIiB2YWxpZ249Im1pZGRsZSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yNDIiIGNsYXNzPSJib3RvbiI+PGltZyBzcmM9ImltZy9mbGVjaGFuYXJhbmphZmdyaXNfMjQuanBnIiB3aWR0aD0iMTQiIGhlaWdodD0iNyIgYm9yZGVyPSIwIiBhbGlnbj0iYWJzbWlkZGxlIiAvPjwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDElIiBoZWlnaHQ9IjMwIiB2YWxpZ249InRvcCIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yNDIiIGNsYXNzPSJib3RvbiI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgUFJPR1JBTUEgTEFTIFZJQ1RJTUFTIENPTlRSQSBMQVMgVklPTEVOQ0lBUyAgTWluaXN0ZXJpbyBkZSBKdXN0aWNpYSB5IERlcmVjaG9zIEh1bWFub3MgZGUgbGEgTmFjafNuICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9hPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI5JSIgYmdjb2xvcj0iI0VGRUZFRiI+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjMlIiBiZ2NvbG9yPSIjRUZFRkVGIj4gICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3JmFtcDtub3RhPTI1NSIgY2xhc3M9ImJvdG9uIj48aW1nIHNyYz0iaW1nL2ZsZWNoYW5hcmFuamFmZ3Jpc18yNC5qcGciIHdpZHRoPSIxNCIgaGVpZ2h0PSI3IiBib3JkZXI9IjAiIGFsaWduPSJhYnNtaWRkbGUiIC8+PC9hPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI0NSUiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MjU1IiBjbGFzcz0iYm90b24iPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIERpcGxvbWF0dXJhIGVuIEFib3JkYWplIGludGVyZGlzY2lwbGluYXJpbyBkZWwgbWFsdHJhdG8sIGxhIHZpb2xlbmNpYSB5IGVsIGFidXNvIHNleHVhbCBpbmZhbnRpbCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyJSIgaGVpZ2h0PSIyMCIgdmFsaWduPSJtaWRkbGUiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MzAzIiBjbGFzcz0iYm90b24iPjxpbWcgc3JjPSJpbWcvZmxlY2hhbmFyYW5qYWZncmlzXzI0LmpwZyIgd2lkdGg9IjE0IiBoZWlnaHQ9IjciIGJvcmRlcj0iMCIgYWxpZ249ImFic21pZGRsZSIgLz48L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjQxJSIgaGVpZ2h0PSIzMCIgdmFsaWduPSJ0b3AiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MzAzIiBjbGFzcz0iYm90b24iPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNhbHVkIEFjdGl2YSBuZWNlc2l0YSBkZSB0dSBheXVkYSEgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjklIiBiZ2NvbG9yPSIjRUZFRkVGIj48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMyUiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MTA0IiBjbGFzcz0iYm90b24iPjxpbWcgc3JjPSJpbWcvZmxlY2hhbmFyYW5qYWZncmlzXzI0LmpwZyIgd2lkdGg9IjE0IiBoZWlnaHQ9IjciIGJvcmRlcj0iMCIgYWxpZ249ImFic21pZGRsZSIgLz48L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjQ1JSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0xMDQiIGNsYXNzPSJib3RvbiI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgTGxhbWFkbyBwYXJhIHByZXNlbnRhY2nzbiBkZSB0cmFiYWpvcy4gICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjIwIiBiZ2NvbG9yPSIjRkZGRkZGIiBjbGFzcz0idGV4dG9udWV2byI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIyMCIgYmdjb2xvcj0iI0ZGRkZGRiIgY2xhc3M9InRleHRvbnVldm8iPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGJnY29sb3I9IiNGRkZGRkYiIGNsYXNzPSJ0ZXh0b251ZXZvIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBiZ2NvbG9yPSIjRkZGRkZGIiBjbGFzcz0idGV4dG9udWV2byI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgYmdjb2xvcj0iI0ZGRkZGRiIgY2xhc3M9InRleHRvbnVldm8iPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICA8L3RhYmxlPgogICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iIyIgY2xhc3M9ImJvdG9uIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgIDwvdHI+CiAgICAgICAgPC90YWJsZT48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgIDx0ZCBjb2xzcGFuPSIyIj4mbmJzcDs8L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KPCEtLSBJTklDSU8gbm90YSBjb211biAtLT4KICA8dHI+CiAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgIDx0ZCBjb2xzcGFuPSIyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQgd2lkdGg9IjElIj4mbmJzcDs8L3RkPgogICAgPHRkIGNvbHNwYW49IjIiIGFsaWduPSJjZW50ZXIiPjx0YWJsZSB3aWR0aD0iNTQwIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgIDx0cj4KICAgICAgICA8dGQgd2lkdGg9IjI3MCIgdmFsaWduPSJ0b3AiPgoJCQkJPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBhbGlnbj0ibGVmdCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MTUvMDQvMjAxMjwvc3Bhbj48YnI+T3JnYW5pemFuIGpvcm5hZGEgc29icmUgdmlvbGVuY2lhPC90ZD4KICAgICAgICAgIDwvdHI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTUiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODAiIGNvbHNwYW49IjQiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPlNlIGNlbnRyYXImYWFjdXRlOyBlbiBsb3MgZmVuJm9hY3V0ZTttZW5vcyBxdWUgYWZlY3RhbiBhIGxhIGZhbWlsaWEgeSBlbiBsbyBxdWUgb2N1cnJlIGVuIGxhcyBlc2N1ZWxhcy48YnIgLz4gU2UgbGxldmFyJmFhY3V0ZTsgYSBjYWJvIGVsIGx1bmVzIDIzLCBlbiBlbCBDZW50cm8gQ3VsdHVyYWwgZGUgVG9zY2hpIHkgVHJlcyANCkFycm95b3MsIHVuYSBqb3JuYWRhIGRlIHJlZmxleGkmb2FjdXRlO24geSBkZWJhdGUgYWJpZXJ0YSBhIGxhIGNvbXVuaWRhZCBzb2JyZSANCiZsZHF1bztWaW9sZW5jaWEgZW4gbGEgZmFtaWxpYSB5IGVuIGxhIGVzY3VlbGEgeSBzdSByZWxhY2kmb2FjdXRlO24gY29uIGVsIGZyYWNhc28gDQplc2NvbGFyJnJkcXVvOywgb3JnYW5pemFkYSBwb3IgbGEgQXNvY2lhY2kmb2FjdXRlO24gQ2l2aWwgQ2VudHJvIEFydCZlYWN1dGU7bWlkZXMgeSBsYSANCk11bmljaXBhbGlkYWQgZGUgQ2lwb2xsZXR0aS5TZSBjZW50cmFyJmFhY3V0ZTsgZW4gbG9zIGZlbiZvYWN1dGU7bWVub3MgcXVlIGFmZWN0YW4gYSBsYSBmYW1pbGlhIHkgZW4gbG8gcXVlIG9jdXJyZSBlbiBsYXMgZXNjdWVsYXMuPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI2OSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNjkiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICAgIDx0ZCB3aWR0aD0iMjcwIiBhbGlnbj0icmlnaHQiIHZhbGlnbj0idG9wIj4KCQkJCTx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgYWxpZ249ImxlZnQiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjMwLzAzLzIwMTI8L3NwYW4+PGJyPkNhcnRhIGRlIEFTQVBNSSAtIEFzb2NpYWNp824gQXJnZW50aW5hIGRlIFByZXZlbmNp824gZGVsIE1hbHRyYXRvIEluZmFudG8tSnV2ZW5pbDwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQgd2lkdGg9IjE1IiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wMV8xOS5qcGciIHdpZHRoPSIxNSIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjgwIiBjb2xzcGFuPSI0IiBhbGlnbj0ibGVmdCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5Mb3MgaW50ZWdyYW50ZXMgZGUgbGEgQ29taXNpJm9hY3V0ZTtuIERpcmVjdGl2YSBkZSBBU0FQTUkgLSBBc29jaWFjaSZvYWN1dGU7biBBcmdlbnRpbmEgZGUgUHJldmVuY2kmb2FjdXRlO24gZGVsIE1hbHRyYXRvIEluZmFudG8tSnV2ZW5pbCwgYXNvY2lhZGEgYSBsYSBJbnRlcm5hdGlvbmFsIFNvY2lldHkgZm9yIFByZXZlbnRpb24gb2YgQ2hpbGQgQWJ1c2UgYW5kIE5lZ2xlY3QgKElTUENBTikgLSwgdGVuZW1vcyBlbCBhZ3JhZG8gZGUgZGlyaWdpcm5vcyBhIFVzdGVkIHBhcmEgdHJhc21pdGlybGUgbnVlc3RyYSBwcm9mdW5kYSAmbmJzcDt5IGhvbmRhIHByZW9jdXBhY2kmb2FjdXRlO24gcG9yIGxhIHBvc3R1cmEgcXVlIHZpZW5lbiBhc3VtaWVuZG8gZW4gZm9ybWEgY29udGludWFkYSBhbGd1bm9zIGNvbGVnaW9zIGRlIHBzaWMmb2FjdXRlO2xvZ29zLCBlc3BlY2lhbG1lbnRlIGRlIGxhIHByb3ZpbmNpYSBkZSBCdWVub3MgQWlyZXMsIGVuIHJlbGFjaSZvYWN1dGU7biBhbCB0cmF0YW1pZW50byBwb2NvIHNlcmlvIHkgY29tcHJvbWV0aWRvIHF1ZSBzZSBsZXMgb3RvcmdhIGEgbGFzIGRlbnVuY2lhcyBlZmVjdHVhZGFzIGNvbnRyYSBwcm9mZXNpb25hbGVzIHBzaWMmb2FjdXRlO2xvZ29zLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI2OCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNjgiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgIDx0ZCBjb2xzcGFuPSIyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQgd2lkdGg9IjElIj4mbmJzcDs8L3RkPgogICAgPHRkIGNvbHNwYW49IjIiIGFsaWduPSJjZW50ZXIiPjx0YWJsZSB3aWR0aD0iNTQwIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgIDx0cj4KICAgICAgICA8dGQgd2lkdGg9IjI3MCIgdmFsaWduPSJ0b3AiPgoJCQkJPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBhbGlnbj0ibGVmdCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MjAvMDMvMjAxMjwvc3Bhbj48YnI+TEEgVklPTEVOQ0lBIFNFWFVBTCBDT05UUkEgTknRT1MgWSBOSdFBUyBFTiBDSUZSQVM8L3RkPgogICAgICAgICAgPC90cj4KICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkIHdpZHRoPSIxNSIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iMTUiIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4MCIgY29sc3Bhbj0iNCIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIiBjbGFzcz0idGV4dG9udWV2byI+PHA+UmFkaW9ncmFmJmlhY3V0ZTthIGRlIHVuIHByb2JsZW1hPC9wPg0KPHA+RGUgbG9zIG4mdWFjdXRlO21lcm9zIGNvbXBpbGFkb3MgcG9yIGRvcyBlcXVpcG9zIGRlbCBNaW5pc3RlcmlvIGRlIEp1c3RpY2lhLCBsYQ0KIGF1dG9yYSB0b21hIGxvcyBkZSBsYSBjaXVkYWQgZGUgQnVlbm9zIEFpcmVzIHBhcmEgdHJhemFyIHVuIHBhcmFkaWdtYSANCmRlIGxvcyBkZWxpdG9zIGNvbnRyYSBsYSBpbnRlZ3JpZGFkIHNleHVhbCBlbiBlbCBwYSZpYWN1dGU7cyB5IHNvYnJlIHN1IA0KYXRlbmNpJm9hY3V0ZTtuLjxiciAvPiA8YnIgLz4gJm5ic3A7UG9yIEV2YSBHaWJlcnRpPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI2MCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNjAiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICAgIDx0ZCB3aWR0aD0iMjcwIiBhbGlnbj0icmlnaHQiIHZhbGlnbj0idG9wIj4KCQkJCTx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgYWxpZ249ImxlZnQiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjE1LzAzLzIwMTI8L3NwYW4+PGJyPkZBTExPIERFIExBIENPUlRFIFNVUFJFTUEgU09CUkUgTEEgTk8gSlVESUNJQUxJWkFDSU9OIERFTCBBQk9SVE8gRU4gQ0FTT1MgREUgVklPTEFDSU9OPC90ZD4KICAgICAgICAgIDwvdHI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTUiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODAiIGNvbHNwYW49IjQiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPjxiciAvPiBKVVJJU0RJQ0NJT046IE5BQ0lPTkFMPGJyIC8+IE1BVEVSSUE6IEFCT1JUTy48YnIgLz4gVFJJQlVOQUw6IENvcnRlIFN1cHJlbWEgZGUgSnVzdGljaWEgZGUgbGEgTmFjaSZvYWN1dGU7bi48YnIgLz4gQVVUT1M6IEYuLCBBLiBMLiBzLyBtZWRpZGEgYXV0b3NhdGlzZmFjdGl2YS48YnIgLz4gRkVDSEE6IDEzLzAzLzIwMTIuPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI1OSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNTkiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KPCEtLSBGSU4gbm90YSBjb211biAtLT4KPC90YWJsZT4KPG1hcCBuYW1lPSJNYXBNYXAiIGlkPSJNYXBNYXAiPjxhcmVhIHNoYXBlPSJyZWN0IiBjb29yZHM9IjE0NCw0LDIxNCwzNiIgaHJlZj0iaW5kZXgucGhwP2lkPTE0IiAvPgo8L21hcD4KPG1hcCBuYW1lPSJNYXAyTWFwMiIgaWQ9Ik1hcDJNYXAyIj48YXJlYSBzaGFwZT0icmVjdCIgY29vcmRzPSIxNDcsNCwyMjAsMzYiIGhyZWY9ImluZGV4LnBocD9pZD0xNGEiIC8+CjwvbWFwPgo8bWFwIG5hbWU9Ik1hcDMiIGlkPSJNYXAzIj48YXJlYSBzaGFwZT0icmVjdCIgY29vcmRzPSIzNjMsMyw0MzYsMzkiIGhyZWY9ImluZGV4LnBocD9pZD0xNGIiIC8+CjwvbWFwPgo8L2h0bWw+CjwvdGQ+CiAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgICA8dGQgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIiBiZ2NvbG9yPSIjRTNFM0UzIj4gICAgICAgICAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgICA8dGQgYWxpZ249ImNlbnRlciIgdmFsaWduPSJ0b3AiIGJnY29sb3I9IiNFM0UzRTMiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPHRkIHdpZHRoPSI3MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNiUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8dGQ+PGltZyBzcmM9ImltZy9kZWNpbG9fYmllbl9mdWVydGUxLmpwZyIgd2lkdGg9IjEyMCIgaGVpZ2h0PSIxMTIiPjwvdGQ+CiAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIiA+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTI0IiBjbGFzcz0iYm90b24xIj5bK10gTSZhYWN1dGU7cyBpbmZvcm1hY2kmb2FjdXRlO248L2E+PC90ZD4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPC90cj4KICAgICAgICAgIDwvdGFibGU+CiAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgYmdjb2xvcj0iI0UzRTNFMyI+ICAgICAgICA8L3RyPgogICAgICAgIDx0cj4gCiAgICAgICAgICA8dGQgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIj4mbmJzcDs8L3RkPgogICAgICAgIDwvdHI+CiAgICA8L3RhYmxlPjwvdGQ+CiAgPC90cj4KICA8dHI+IAogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249ImJvdHRvbSI+PGltZyBzcmM9ImltZy9penExLmpwZyIgd2lkdGg9Ijk2IiBoZWlnaHQ9IjExNCIgLz48L3RkPgogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9RdWllbmVzU29tb3NfQTJfMF8yNS5qcGciIHdpZHRoPSI4MDkiIGhlaWdodD0iMTE0IiBib3JkZXI9IjAiIHVzZW1hcD0iI01hcDIiIC8+PC90ZD4KICA8L3RyPgogIDx0cj4gCiAgICA8dGQgaGVpZ2h0PSI1MCIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIiBiYWNrZ3JvdW5kPSJpbWcvUXVpZW5lc1NvbW9zX0EyXzE4XzE4LmpwZyI+Jm5ic3A7PC90ZD4KICAgIDx0ZCBoZWlnaHQ9IjUwIiBjbGFzcz0iZm9uZG9ib3R0b20iPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2l0ZWkuY29tLmFyLyI+PGltZyBzcmM9ImltZy9laV9jb2xvci5wbmciIGFsdD0iZXNwYWNpb3MgZGUgaW1hZ2luYWNpb24sIGRlc2Fycm9sbG9zIGludGVyYWN0aXZvcywgY3JlYXRpdmlkYWQsIGRpc2XxbyIgd2lkdGg9IjI3IiBoZWlnaHQ9IjE1IiBib3JkZXI9IjAiPjwvYT4gPHNwYW4gY2xhc3M9ImVpIj48YSBocmVmPSJodHRwOi8vd3d3LnNpdGVpLmNvbS5hci8iIHNwYW4gY2xhc3M9ImVpIj5kaXNlJm50aWxkZTtvICsgY29tdW5pY2FjaSZvYWN1dGU7bjwvYT48L3NwYW4+PGVtPiZuYnNwOzwvZW0+PC9zcGFuPjxzcGFuIGNsYXNzPSJibGFuY28xIj48ZW0+Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7PC9lbT48L3NwYW4+PC90ZD4KICA8L3RyPgo8L3RhYmxlPgoKCjxtYXAgbmFtZT0iTWFwMiI+PGFyZWEgc2hhcGU9InJlY3QiIGNvb3Jkcz0iMjQ3LDY5LDQxNCw4MiIgaHJlZj0ibWFpbHRvOnNhbHVkYWN0aXZhQHNhbHVkYWN0aXZvLm9yZy5hciI+CjwvbWFwPgo8bWFwIG5hbWU9Ik1hcCI+CjxhcmVhIHNoYXBlPSJyZWN0IiBjb29yZHM9IjM2LDE0MiwxNDksMTUyIiBocmVmPSJpbmRleC5waHA/aWQ9OF92ZXIyJmNvbmY9MiI+CjxhcmVhIHNoYXBlPSJyZWN0IiBjb29yZHM9IjM0LDE4NiwxNTAsMTk2IiBocmVmPSJpbmRleC5waHA/aWQ9OF92ZXIyJmNvbmY9MCI+CjwvbWFwPgo8L2JvZHk+CjwvaHRtbD4K]]></response>
	78	<responseRedirected>false</responseRedirected>
	79	</requestresponse>
	80	</issue>
	81	<issue>
	82	<serialNumber>5107728146274449408</serialNumber>
	83	<type>5243904</type>
	84	<name>Cross-domain Referer leakage</name>
	85	<host ip="200.20.20.201">http://www.example.org.ar</host>
	86	<path><![CDATA[/index.php]]></path>
	87	<location><![CDATA[/index.php]]></location>
	88	<severity>Information</severity>
	89	<confidence>Certain</confidence>
	90	<issueBackground><![CDATA[When a web browser makes a request for a resource, it typically adds an HTTP header, called the "Referer" header, indicating the URL of the resource from which the request originated. This occurs in numerous situations, for example when a web page loads an image or script, or when a user clicks on a link or submits a form.<br><br>If the resource being requested resides on a different domain, then the Referer header is still generally included in the cross-domain request. If the originating URL contains any sensitive information within its query string, such as a session token, then this information will be transmitted to the other domain. If the other domain is not fully trusted by the application, then this may lead to a security compromise.<br><br>You should review the contents of the information being transmitted to other domains, and also determine whether those domains are fully trusted by the originating application.<br><br>Today's browsers may withhold the Referer header in some situations (for example, when loading a non-HTTPS resource from a page that was loaded over HTTPS, or when a Refresh directive is issued), but this behavior should not be relied upon to protect the originating URL from disclosure.<br><br>Note also that if users can author content within the application then an attacker may be able to inject links referring to a domain they control in order to capture data from URLs used within the application.]]></issueBackground>
	91	<remediationBackground><![CDATA[The application should never transmit any sensitive information within the URL query string. In addition to being leaked in the Referer header, such information may be logged in various locations and may be visible on-screen to untrusted parties.]]></remediationBackground>
	92	<issueDetail><![CDATA[The page was loaded from a URL containing a query string:<ul><li>http://www.example.org.ar/index.php?id=14_new&nota=301</li></ul>The response contains the following links to other domains:<ul><li>http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab</li><li>http://twitter.com/exampleONG</li><li>http://www.congresoviolencia.com/</li><li>http://www.facebook.com/home.php?</li><li>http://www.sitei.com.ar/</li></ul>]]></issueDetail>
	93	<requestresponse>
	94	<request base64="true"><![CDATA[R0VUIC9pbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzAxIEhUVFAvMS4xDQpIb3N0OiB3d3cuc2FsdWRhY3RpdmEub3JnLmFyDQpBY2NlcHQ6ICovKg0KQWNjZXB0LUxhbmd1YWdlOiBlbg0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IE1TSUUgOS4wOyBXaW5kb3dzIE5UIDYuMTsgV2luNjQ7IHg2NDsgVHJpZGVudC81LjApDQpDb25uZWN0aW9uOiBjbG9zZQ0KDQo=]]></request>
	95	<response base64="true"><![CDATA[SFRUUC8xLjEgMjAwIE9LDQpEYXRlOiBUaHUsIDA3IE5vdiAyMDEzIDE3OjE0OjA1IEdNVA0KU2VydmVyOiBBcGFjaGUvMi4yLjIzIChVbml4KSBtb2Rfc3NsLzIuMi4yMyBPcGVuU1NMLzAuOS44ZS1maXBzLXJoZWw1DQpYLVBvd2VyZWQtQnk6IFBIUC81LjIuMTcNCkV4cGlyZXM6IFRodSwgMTkgTm92IDE5ODEgMDg6NTI6MDAgR01UDQpDYWNoZS1Db250cm9sOiBuby1zdG9yZSwgbm8tY2FjaGUsIG11c3QtcmV2YWxpZGF0ZSwgcG9zdC1jaGVjaz0wLCBwcmUtY2hlY2s9MA0KUHJhZ21hOiBuby1jYWNoZQ0KQ29ubmVjdGlvbjogY2xvc2UNCkNvbnRlbnQtVHlwZTogdGV4dC9odG1sDQpDb250ZW50LUxlbmd0aDogNTAzMTMNCg0KIDxoZWFkPgo8bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LVR5cGUiIGNvbnRlbnQ9InRleHQvaHRtbDsgY2hhcnNldD1pc28tODg1OS0xIiAvPgo8dGl0bGU+U2FsdWQgQWN0aXZhIC0gQWJ1c28gdmlvbGVuY2lhIHkgbWFsdHJhdG88L3RpdGxlPgoKPHNjcmlwdD4gCiAgICAvL2VzdG8gcGFyYSBwYXNhcmxlIGFsIGZsYXNoIGxhcyB2YXJpYWxiZXMgZGVsIHBocAogCQoKCXZhciBib3Q9Jyc7Ci8vYWxlcnQodmFyaWFibGVTZXJ2aWRvcik7Cjwvc2NyaXB0Pgo8c2NyaXB0IGxhbmd1YWdlPSJKYXZhU2NyaXB0IiB0eXBlPSJ0ZXh0L0phdmFTY3JpcHQiPgo8IS0tCmZ1bmN0aW9uIE1NX3ByZWxvYWRJbWFnZXMoKSB7IC8vdjMuMAogIHZhciBkPWRvY3VtZW50OyBpZihkLmltYWdlcyl7IGlmKCFkLk1NX3ApIGQuTU1fcD1uZXcgQXJyYXkoKTsKICAgIHZhciBpLGo9ZC5NTV9wLmxlbmd0aCxhPU1NX3ByZWxvYWRJbWFnZXMuYXJndW1lbnRzOyBmb3IoaT0wOyBpPGEubGVuZ3RoOyBpKyspCiAgICBpZiAoYVtpXS5pbmRleE9mKCIjIikhPTApeyBkLk1NX3Bbal09bmV3IEltYWdlOyBkLk1NX3BbaisrXS5zcmM9YVtpXTt9fQp9Ci8vLS0+Cjwvc2NyaXB0Pgo8bGluayBocmVmPSJlc3RpbG9zLmNzcyIgcmVsPSJzdHlsZXNoZWV0IiB0eXBlPSJ0ZXh0L2NzcyIgLz4KCjwvaGVhZD4KCjxzY3JpcHQgbGFuZ3VhZ2U9IkphdmFTY3JpcHQiIHR5cGU9InRleHQvSmF2YVNjcmlwdCI+CjwhLS0KZnVuY3Rpb24gTU1fcmVsb2FkUGFnZShpbml0KSB7ICAvL3JlbG9hZHMgdGhlIHdpbmRvdyBpZiBOYXY0IHJlc2l6ZWQKICBpZiAoaW5pdD09dHJ1ZSkgd2l0aCAobmF2aWdhdG9yKSB7aWYgKChhcHBOYW1lPT0iTmV0c2NhcGUiKSYmKHBhcnNlSW50KGFwcFZlcnNpb24pPT00KSkgewogICAgZG9jdW1lbnQuTU1fcGdXPWlubmVyV2lkdGg7IGRvY3VtZW50Lk1NX3BnSD1pbm5lckhlaWdodDsgb25yZXNpemU9TU1fcmVsb2FkUGFnZTsgfX0KICBlbHNlIGlmIChpbm5lcldpZHRoIT1kb2N1bWVudC5NTV9wZ1cgfHwgaW5uZXJIZWlnaHQhPWRvY3VtZW50Lk1NX3BnSCkgbG9jYXRpb24ucmVsb2FkKCk7Cn0KTU1fcmVsb2FkUGFnZSh0cnVlKTsKLy8tLT4KCjwvc2NyaXB0Pgo8c2NyaXB0IHNyYz0iU2NyaXB0cy9BQ19SdW5BY3RpdmVDb250ZW50LmpzIiB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPjwvc2NyaXB0PgoKCjwvaGVhZD4KCjxib2R5IGJhY2tncm91bmQ9ImltZy9mb25kb19kZWdyYWRlLmpwZyIgdG9wbWFyZ2luPSIwIj4KPHRhYmxlIHdpZHRoPSIxMDA1IiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgPHRyPiAKICAgIDx0ZCB3aWR0aD0iOTYiPjxpbWcgc3JjPSJpbWcvUXVpZW5lc1NvbW9zX0EyXzBfMDEuanBnIiB3aWR0aD0iOTYiIGhlaWdodD0iMjA4IiAvPjwvdGQ+CiAgICA8dGQgd2lkdGg9IjgwOSI+IDxzY3JpcHQgdHlwZT0idGV4dC9qYXZhc2NyaXB0Ij4KQUNfRkxfUnVuQ29udGVudCggJ2NvZGViYXNlJywnaHR0cDovL2Rvd25sb2FkLm1hY3JvbWVkaWEuY29tL3B1Yi9zaG9ja3dhdmUvY2Ficy9mbGFzaC9zd2ZsYXNoLmNhYiN2ZXJzaW9uPTcsMCwxOSwwJywnd2lkdGgnLCc4MDknLCdoZWlnaHQnLCcyMDgnLCdzcmMnLCdzd2YvaGVhZGVyJywncXVhbGl0eScsJ2hpZ2gnLCdwbHVnaW5zcGFnZScsJ2h0dHA6Ly93d3cubWFjcm9tZWRpYS5jb20vZ28vZ2V0Zmxhc2hwbGF5ZXInLCdtb3ZpZScsJ3N3Zi9oZWFkZXInICk7IC8vZW5kIEFDIGNvZGUKPC9zY3JpcHQ+IDxub3NjcmlwdD4KICAgICAgPG9iamVjdCBjbGFzc2lkPSJjbHNpZDpEMjdDREI2RS1BRTZELTExY2YtOTZCOC00NDQ1NTM1NDAwMDAiIGNvZGViYXNlPSJodHRwOi8vZG93bmxvYWQubWFjcm9tZWRpYS5jb20vcHViL3Nob2Nrd2F2ZS9jYWJzL2ZsYXNoL3N3Zmxhc2guY2FiI3ZlcnNpb249NywwLDE5LDAiIHdpZHRoPSI4MDkiIGhlaWdodD0iMjA4Ij4KICAgICAgICA8cGFyYW0gbmFtZT0ibW92aWUiIHZhbHVlPSJzd2YvaGVhZGVyLnN3ZiIgLz4KICAgICAgICA8cGFyYW0gbmFtZT0icXVhbGl0eSIgdmFsdWU9ImhpZ2giIC8+CiAgICAgICAgPGVtYmVkIHNyYz0ic3dmL2hlYWRlci5zd2YiIHF1YWxpdHk9ImhpZ2giIHBsdWdpbnNwYWdlPSJodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL2dvL2dldGZsYXNocGxheWVyIiB0eXBlPSJhcHBsaWNhdGlvbi94LXNob2Nrd2F2ZS1mbGFzaCIgd2lkdGg9IjgwOSIgaGVpZ2h0PSIyMDgiPjwvZW1iZWQ+IAogICAgICA8L29iamVjdD4KICAgICAgPC9ub3NjcmlwdD48L3RkPgogICAgPHRkIHdpZHRoPSIxMiUiIHJvd3NwYW49IjUiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgYmdjb2xvcj0iIzAwMDAwMCI+Jm5ic3A7PC90ZD4KICA8L3RyPgogIDx0cj4gCiAgICA8dGQgaGVpZ2h0PSI0NjEiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgYmFja2dyb3VuZD0iaW1nL1F1aWVuZXNTb21vc19BMl8wXzEzLmpwZyI+IAogICAgICA8c2NyaXB0IHR5cGU9InRleHQvamF2YXNjcmlwdCI+CkFDX0ZMX1J1bkNvbnRlbnQoICdjb2RlYmFzZScsJ2h0dHA6Ly9kb3dubG9hZC5tYWNyb21lZGlhLmNvbS9wdWIvc2hvY2t3YXZlL2NhYnMvZmxhc2gvc3dmbGFzaC5jYWIjdmVyc2lvbj02LDAsMjksMCcsJ3dpZHRoJywnOTYnLCdoZWlnaHQnLCc0NjEnLCdzcmMnLCdzd2Yvc3VibWVudScsJ3F1YWxpdHknLCdoaWdoJywncGx1Z2luc3BhZ2UnLCdodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL2dvL2dldGZsYXNocGxheWVyJywnbW92aWUnLCdzd2Yvc3VibWVudScgKTsgLy9lbmQgQUMgY29kZQo8L3NjcmlwdD4gPG5vc2NyaXB0PgogICAgICA8b2JqZWN0IGNsYXNzaWQ9ImNsc2lkOkQyN0NEQjZFLUFFNkQtMTFjZi05NkI4LTQ0NDU1MzU0MDAwMCIgY29kZWJhc2U9Imh0dHA6Ly9kb3dubG9hZC5tYWNyb21lZGlhLmNvbS9wdWIvc2hvY2t3YXZlL2NhYnMvZmxhc2gvc3dmbGFzaC5jYWIjdmVyc2lvbj02LDAsMjksMCIgd2lkdGg9Ijk2IiBoZWlnaHQ9IjQ2MSI+CiAgICAgICAgPHBhcmFtIG5hbWU9Im1vdmllIiB2YWx1ZT0ic3dmL3N1Ym1lbnUuc3dmIiAvPgogICAgICAgIDxwYXJhbSBuYW1lPSJxdWFsaXR5IiB2YWx1ZT0iaGlnaCIgLz4KICAgICAgICA8ZW1iZWQgc3JjPSJzd2Yvc3VibWVudS5zd2YiIHF1YWxpdHk9ImhpZ2giIHBsdWdpbnNwYWdlPSJodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL2dvL2dldGZsYXNocGxheWVyIiB0eXBlPSJhcHBsaWNhdGlvbi94LXNob2Nrd2F2ZS1mbGFzaCIgd2lkdGg9Ijk2IiBoZWlnaHQ9IjQ2MSI+PC9lbWJlZD48L29iamVjdD4KICAgICAgPC9ub3NjcmlwdD48L3RkPgogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCIgYmdjb2xvcj0iI0ZGRkZGRiI+CiAgICAgICAgPHRyPiAKICAgICAgICAgIDx0ZCB3aWR0aD0iMTciIHJvd3NwYW49IjciPjxwPiZuYnNwOzwvcD48L3RkPgogICAgICAgICAgPHRkIHdpZHRoPSIxNzIiIGFsaWduPSJjZW50ZXIiIHZhbGlnbj0idG9wIiBiZ2NvbG9yPSIjRTNFM0UzIj4gPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGFsaWduPSJjZW50ZXIiPjxpbWcgc3JjPSJpbWcvM3B4LmpwZyIgd2lkdGg9IjUiIGhlaWdodD0iNSI+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4gCiAgICAgICAgICAgICAgICA8dGQgYWxpZ249ImNlbnRlciI+PGxpbmsgaHJlZj0iLi4vZXN0aWxvcy5jc3MiIHJlbD0ic3R5bGVzaGVldCIgdHlwZT0idGV4dC9jc3MiIC8+Cjxib2R5IGJnY29sb3I9IiNDQ0NDQ0MiIHRvcG1hcmdpbj0iNiBweCI+PHRhYmxlIHdpZHRoPSIxNjUiIGJvcmRlcj0iMCIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIzIiBiZ2NvbG9yPSIjRkZGRkZGIj4KPHRyPgogICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTkxIiBoZWlnaHQ9IjI4IiBiYWNrZ3JvdW5kPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiA+PGltZyBzcmM9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciIHdpZHRoPSI2IiAgaGVpZ2h0PSIyOCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJpbmRleC5waHA/aWQ9MThfbmV3IiBjbGFzcz0iZm9uZG9ib3RvbiI+SG9tZTwvYT48L3RkPgogIDwvdHI+Cjx0cj4KICA8dGQgaGVpZ2h0PSIyOCIgYmFja2dyb3VuZD0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXciIGNsYXNzPSJmb25kb2JvdG9uIj4mbmJzcDsmbmJzcDtOb3RpY2lhczwvYT48L3RkPgo8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMjgiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgd2lkdGg9IjYiIGhlaWdodD0iMjgiIGJvcmRlcj0iMCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJkb25hY2lvbmVzLyIgdGFyZ2V0PSJfYmxhbmsiIGNsYXNzPSJmb25kb2JvdG9uIj5Eb25hY2lvbmVzPC9hPjwvdGQ+CiAgPC90cj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjI4IiBiYWNrZ3JvdW5kPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiA+PGltZyBzcmM9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciICB3aWR0aD0iNiJoZWlnaHQ9IjI4IiBhbGlnbj0iYWJzbWlkZGxlIiAvPjxhIGhyZWY9ImluZGV4LnBocD9pZD0yM19uZXciIGNsYXNzPSJmb25kb2JvdG9uIj5IaXN0b3JpYWwgZGUgbmV3c2xldHRlcnM8L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMjgiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgd2lkdGg9IjYiIGhlaWdodD0iMjgiIGFsaWduPSJhYnNtaWRkbGUiIC8+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTEzYSIgY2xhc3M9ImZvbmRvYm90b24iPkVudmlhciBpbmZvcm1hY2kmb2FjdXRlO248L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciPjxpbWcgc3JjPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiB3aWR0aD0iNiJoZWlnaHQ9IjI4IiBhbGlnbj0iYWJzbWlkZGxlIiAvPjxhIGhyZWY9ImluZGV4LnBocD9pZD0yNl9uZXciIGNsYXNzPSJmb25kb2JvdG9uIj5WZXIgdHJhYmFqb3MgZGUgdXN1YXJpb3M8L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciPjxpbWcgc3JjPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiB3aWR0aD0iNiIgaGVpZ2h0PSIyOCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJpbmRleC5waHA/aWQ9MTZfbmV3IiBjbGFzcz0iZm9uZG9ib3RvbiI+U2FsdWQgQWN0aXZhIHByZW5zYTwvYT48L3RkPgogIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIxOSIgYmFja2dyb3VuZD0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgPjxpbWcgc3JjPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiB3aWR0aD0iNiIgaGVpZ2h0PSIyOCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJtYWlsdG86c2FsdWRhY3RpdmFAc2FsdWRhY3RpdmEub3JnLmFyIiBjbGFzcz0iZm9uZG9ib3RvbiI+TWFuZCZhYWN1dGU7IHR1IEMuVi48L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgIHdpZHRoPSI2ImhlaWdodD0iMjgiIGFsaWduPSJhYnNtaWRkbGUiIC8+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTIxX25ldyIgY2xhc3M9ImZvbmRvYm90b24iPkluZm9ybWFjaSZvYWN1dGU7biBkZSBpbnRlciZlYWN1dGU7czwvYT48L3RkPgogIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIxOSIgYmFja2dyb3VuZD0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyI+PGltZyBzcmM9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciIHdpZHRoPSI2IiBoZWlnaHQ9IjI4IiBhbGlnbj0iYWJzbWlkZGxlIiAvPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xMF80IiBjbGFzcz0iZm9uZG9ib3RvbiI+Q29uZ3Jlc29zCiAgICAgICAgICAgICAgICAgIHkgSm9ybmFkYXM8L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgd2lkdGg9IjYiIGhlaWdodD0iMjgiIGFsaWduPSJhYnNtaWRkbGUiIC8+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTExIiBjbGFzcz0iZm9uZG9ib3RvbiI+UmVnaXN0cmFjaSZvYWN1dGU7bjwvYT48L3RkPgogIDwvdHI+CiAgICAgICAgICAgCiAgICAgICAgICA8L3RhYmxlPgo8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGFsaWduPSJjZW50ZXIiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNSIgdGFyZ2V0PSJfYmxhbmsiPjxicj4KICAgICAgICAgICAgICAgICAgPGltZyBzcmM9ImltZy9iYW5uZXJfZG9uYWNpb25lcy5qcGciIHdpZHRoPSIxNjIiIGhlaWdodD0iMTIwIiBib3JkZXI9IjAiPjxicj4KICAgICAgICAgICAgICAgICAgPGJyPgogICAgICAgICAgICAgICAgICA8aW1nIHNyYz0iaW1nL2JvdG9uRm9yby5naWYiIHdpZHRoPSIxNzIiIGhlaWdodD0iMTE3IiBib3JkZXI9IjAiPjwvYT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPiAKICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTY3IiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjkiPjxpbWcgc3JjPSJpbWcvY2hpY29zX3BlcmRpZG9zXzAzLmdpZiIgd2lkdGg9IjkiIGhlaWdodD0iOSIgLz48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTQ5IiBiYWNrZ3JvdW5kPSJpbWcvY2hpY29zX3BlcmRpZG9zXzA1LmdpZiI+PGltZyBzcmM9ImltZy9jaGljb3NfcGVyZGlkb3NfMDUuZ2lmIiB3aWR0aD0iOSIgaGVpZ2h0PSI5IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMCI+PGltZyBzcmM9ImltZy9jaGljb3NfcGVyZGlkb3NfMDcuZ2lmIiB3aWR0aD0iOSIgaGVpZ2h0PSI5IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgYmFja2dyb3VuZD0iaW1nL2NoaWNvc19wZXJkaWRvc18xMi5naWYiPjxpbWcgc3JjPSJpbWcvY2hpY29zX3BlcmRpZG9zXzEyLmdpZiIgd2lkdGg9IjkiIGhlaWdodD0iMTEiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQ+PGltZyBzcmM9InNyYy9pbWdfdXAvMjMwODIwMTIuMS5qcGciIHdpZHRoPSIxNDkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgYmFja2dyb3VuZD0iaW1nL2NoaWNvc19wZXJkaWRvc18xMy5naWYiPjxpbWcgc3JjPSJpbWcvY2hpY29zX3BlcmRpZG9zXzEzLmdpZiIgd2lkdGg9IjkiIGhlaWdodD0iMTEiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18xNi5naWYiIHdpZHRoPSIxNjciIGhlaWdodD0iNSIgLz48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGJhY2tncm91bmQ9ImltZy9jaGljb3NfcGVyZGlkb3NfMTcuZ2lmIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18xNy5naWYiIHdpZHRoPSI5IiBoZWlnaHQ9IjkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgYWxpZ249ImNlbnRlciIgYmdjb2xvcj0iI0ZFRTdDRiIgY2xhc3M9InRpdHVsb2hvbWU1Ij48c3Ryb25nPk5pJm50aWxkZTtvcyBwZXJkaWRvczxicj4KICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0yOSIgY2xhc3M9ImJvdG9uIj5bVmVyIG0mYWFjdXRlO3NdPC9hPjwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIGJhY2tncm91bmQ9ImltZy9jaGljb3NfcGVyZGlkb3NfMTkuZ2lmIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18xOS5naWYiIHdpZHRoPSI5IiBoZWlnaHQ9IjkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18yMC5naWYiIHdpZHRoPSIxNjciIGhlaWdodD0iMjUiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPiAKICAgICAgICAgICAgICAgIDx0ZD48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4NCgkJCQkNCgkJCQk8Zm9ybSBhY3Rpb249ImluZGV4LnBocD9pZD0xMSIgIG1ldGhvZD0icG9zdCI+DQogICAgICAgICAgICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMiI+PGltZyBzcmM9ImltZy9yZWdpc3RyYXRlX2VzcV9penExLmpwZyIgd2lkdGg9IjEyIiBoZWlnaHQ9IjQ4IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgICAgPHRkPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9hcnJpYmEuanBnIiB3aWR0aD0iMTQ2IiBoZWlnaHQ9IjQ4IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNCI+PGltZyBzcmM9ImltZy9yZWdpc3RyYXRlX2VzcV9kZXIxLmpwZyIgd2lkdGg9IjE0IiBoZWlnaHQ9IjQ4IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgIDwvdHI+DQogICAgICAgICAgICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMiIgdmFsaWduPSJ0b3AiIGNsYXNzPSJyZWdGb25kbzEiPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9penEuanBnIiB3aWR0aD0iMTIiIGhlaWdodD0iMTIiIC8+PC90ZD4NCiAgICAgICAgICAgICAgICAgICAgICA8dGQgYmdjb2xvcj0iI0ZGRkZGRiI+PHRhYmxlIHdpZHRoPSI5NCUiIGJvcmRlcj0iMCIgYWxpZ249ImNlbnRlciIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4NCiAgICAgICAgICA8dHI+IA0KICAgICAgICAgICAgPHRkPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV90aXQuanBnIiB3aWR0aD0iNjYiIGhlaWdodD0iMjMiIC8+PC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgaGVpZ2h0PSI1MCIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJyZWdpc3RyYXJzZSI+SW5ncmVzJmFhY3V0ZTsgDQogICAgICAgICAgICAgIHR1cyBkYXRvcyB5IHJlY2liJmlhY3V0ZTsgbGEgbWVqb3IgaW5mb3JtYWNpJm9hY3V0ZTtuIGEgdHJhdiZlYWN1dGU7cyANCiAgICAgICAgICAgICAgZGUgbnVlc3RybzxzdHJvbmc+IE5ld3NsZXR0ZXI8L3N0cm9uZz4uIDxzdHJvbmc+PHNwYW4gY2xhc3M9ImdyYXRpcyI+R3JhdGlzITwvc3Bhbj48L3N0cm9uZz48L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgICAgPHRyPiANCiAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjI1IiB2YWxpZ249Im1pZGRsZSIgY2xhc3M9InRyYWJTRUNDSU9OIj5Ob21icmU8L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgICAgPHRyPiANCiAgICAgICAgICAgIDx0ZCBjbGFzcz0icmVnQ0VMREEiPjxpbnB1dCBuYW1lPSJub21icmUiIHR5cGU9InRleHQiIGNsYXNzPSJyZWdDRUxEQWlucHV0IiBpZD0ibm9tYnJlIiAvPjwvdGQ+DQogICAgICAgICAgPC90cj4NCiAgICAgICAgICA8dHI+IA0KICAgICAgICAgICAgPHRkIGhlaWdodD0iMjUiIHZhbGlnbj0ibWlkZGxlIiBjbGFzcz0idHJhYlNFQ0NJT04iPkFwZWxsaWRvPC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgY2xhc3M9InJlZ0NFTERBIj48aW5wdXQgbmFtZT0iYXBlbGxpZG8iIHR5cGU9InRleHQiIGNsYXNzPSJyZWdDRUxEQWlucHV0IiBpZD0iYXBlbGxpZG8iIC8+PC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgaGVpZ2h0PSIyNSIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJ0cmFiU0VDQ0lPTiI+RS1tYWlsPC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgY2xhc3M9InJlZ0NFTERBIj48aW5wdXQgbmFtZT0iZW1haWwiIHR5cGU9InRleHQiIGNsYXNzPSJyZWdDRUxEQWlucHV0IiBpZD0iZW1haWwiIC8+PC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgY2xhc3M9InRyYWJTRUNDSU9OIj4mbmJzcDs8L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgICAgPHRyPiANCiAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIiBjbGFzcz0idHJhYlNFQ0NJT04iPjxpbnB1dCB0eXBlPSJpbWFnZSIgc3JjPSJpbWcvcmVnaXN0cmF0ZV9ib3Rvbi5qcGciIHdpZHRoPSIxMTciIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgIDwvdGFibGU+PC90ZD4NCiAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE0IiB2YWxpZ249InRvcCIgY2xhc3M9InJlZ0ZvbmRvMiI+PGltZyBzcmM9ImltZy9yZWdpc3RyYXRlX2Rlci5qcGciIHdpZHRoPSIxNCIgaGVpZ2h0PSIxNCIgLz48L3RkPg0KICAgICAgICAgICAgICAgICAgICA8L3RyPg0KICAgICAgICAgICAgICAgICAgICA8dHI+IA0KICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTIiIGhlaWdodD0iMjQiPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9lc3FfaXpxMi5qcGciIHdpZHRoPSIxMiIgaGVpZ2h0PSIyNCIgLz48L3RkPg0KICAgICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjI0Ij48aW1nIHNyYz0iaW1nL3JlZ2lzdHJhdGVfYWJham8uanBnIiB3aWR0aD0iMTQ2IiBoZWlnaHQ9IjI0IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgICAgPHRkPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9lc3FfZGVyMi5qcGciIHdpZHRoPSIxNCIgaGVpZ2h0PSIyNCIgLz48L3RkPg0KICAgICAgICAgICAgICAgICAgICA8L3RyPg0KCQkJCQkNCgkJCQkJPC9mb3JtPg0KICAgICAgICAgICAgICAgICAgPC90YWJsZT4NCjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4gCiAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPiAKICAgICAgICAgICAgICAgICAgPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTcwIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMyIgY2xhc3M9ImJvcmRlIj4KICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCA+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBhbGlnbj0ibGVmdCIgY2xhc3M9InRpdHVsb2hvbWUyIj4KCQkJCQkJCQkJCQkJCQkJCTwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICA8dGQ+PGltZyBzcmM9ImltZy9jbGF1ZGlhMl8wMy5qcGciIHdpZHRoPSIxNzQiIGhlaWdodD0iMjUwIiBib3JkZXI9IjAiIHVzZW1hcD0iI01hcCI+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8L3RhYmxlPiAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICA8L3RhYmxlPiAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICA8dGQgcm93c3Bhbj0iNyIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nLzV4NS5qcGciIHdpZHRoPSI3IiBoZWlnaHQ9IjciPjwvdGQ+CiAgICAgICAgICA8dGQgY29sc3Bhbj0iMiIgcm93c3Bhbj0iNCIgYWxpZ249InJpZ2h0IiB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPGZvcm0gYWN0aW9uPSJsb2dpbi5waHAiIG1ldGhvZD0icG9zdCIgbmFtZT0iZm9ybTIiPgoKICAgICAgICAgICAgICA8dHI+IAogICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIxOSIgY29sc3Bhbj0iMiIgYWxpZ249ImxlZnQiIHZhbGlnbj0ibWlkZGxlIiBjbGFzcz0iY29udGVuaWRvIiA+IAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8c3Ryb25nPlVzdWFyaW8gbm8gcmVnaXN0cmFkbzwvc3Ryb25nPiAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9mb250PiA8L3N0cm9uZz4gCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDkiIGFsaWduPSJyaWdodCIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJjb250ZW5pZG8iPlVzdWFyaW8mbmJzcDsmbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzOSIgdmFsaWduPSJtaWRkbGUiPjxpbnB1dCBuYW1lPSJ1c3VhcmlvIiB0eXBlPSJ0ZXh0IiBjbGFzcz0icmVnIiBpZD0idXN1YXJpbyIgc2l6ZT0iNyI+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjciIGFsaWduPSJyaWdodCIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJjb250ZW5pZG8iPkNvbnRyYXNlJm50aWxkZTthJm5ic3A7Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzkiIHZhbGlnbj0ibWlkZGxlIj48aW5wdXQgbmFtZT0icGFzcyIgdHlwZT0icGFzc3dvcmQiIGNsYXNzPSJyZWciIGlkPSJwYXNzIiBzaXplPSI3Ij48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MiIgYWxpZ249InJpZ2h0IiB2YWxpZ249Im1pZGRsZSIgY2xhc3M9ImJvdG9uIj48aW5wdXQgdHlwZT0iaW1hZ2UiIHNyYz0iaW1nL3JlZy5qcGciIHdpZHRoPSI1OCIgaGVpZ2h0PSIzMCI+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPiAKICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjciIGhlaWdodD0iMTkiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgPjxhIGhyZWY9Imh0dHA6Ly93d3cuZmFjZWJvb2suY29tL2hvbWUucGhwPyMhL3BhZ2VzL01lcmxvLUFyZ2VudGluYS9TQUxVRC1BQ1RJVkEvMTAwNTgzNTQzMzE3MzIyP3JlZj10cyZhamF4cGlwZT0xJl9fYT03IiB0YXJnZXQ9Il9ibGFuayI+PGltZyBzcmM9ImltZy9mYWNlYm9vay5qcGciIHdpZHRoPSIyMCIgaGVpZ2h0PSIyMCIgYm9yZGVyPSIwIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzExIiBhbGlnbj0icmlnaHQiIHZhbGlnbj0idG9wIj48ZGl2IGFsaWduPSJsZWZ0Ij48YSBocmVmPSJodHRwOi8vdHdpdHRlci5jb20vU2FsdWRBY3RpdmFPTkciIHRhcmdldD0iX2JsYW5rIj48aW1nIHNyYz0iaW1nL3R3aXRlci5qcGciIHdpZHRoPSIyMCIgaGVpZ2h0PSIyMCIgYm9yZGVyPSIwIj48L2E+PC9kaXY+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSI1IiBhbGlnbj0icmlnaHQiIHZhbGlnbj0ibWlkZGxlIiBjbGFzcz0iY29udGVuaWRvIj48bGFiZWw+PGZvbnQgc2l6ZT0iLTYiPlNpCiAgICAgICAgICAgICAgICAgICAgICAgdG9kYXYmaWFjdXRlO2Egbm8gZXMgdXN1YXJpbyA8L2ZvbnQ+IDxhIGhyZWY9ImluZGV4LnBocD9pZD0xMSIgY2xhc3M9ImJvdG9uIj48Zm9udCBzaXplPSItNiI+cmVnJmlhY3V0ZTtzdHJlc2UKICAgICAgICAgICAgICAgICAgICAgICAgYXF1JmlhY3V0ZTsgPGZvbnQgY29sb3I9IiM2NjY2NjYiPiYjODIyNjs8L2ZvbnQ+PC9mb250PjwvYT4gPGEgaHJlZj0iaW5kZXgucGhwP2lkPTEyIiBjbGFzcz0iYm90b24xIj48Zm9udCBzaXplPSItNiI+b2x2aWRlIG1pIGNvbnRyYXNlJm50aWxkZTthPC9mb250PjwvYT48L2xhYmVsPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE3Ij4mbmJzcDsgPC90ZD4KICAgICAgICAgICAgICA8L3RyPgoJCQkgIDwvZm9ybT4KCiAgICAgICAgICAgIDwvdGFibGU+CiAgICAgICAgICA8bGluayBocmVmPSJlc3RpbG9zLmNzcyIgcmVsPSJzdHlsZXNoZWV0IiB0eXBlPSJ0ZXh0L2NzcyI+CjxTQ1JJUFQgTEFOR1VBR0U9IkphdmFTY3JpcHQiPgpmdW5jdGlvbiBpc0VtcHR5KHMpIHsKICByZXR1cm4gKChzID09IG51bGwpIHx8IChzLmxlbmd0aCA9PSAwKSkKfQoKZnVuY3Rpb24gaXNFbWFpbEFkZHJlc3MocykgewoJLy92YXIgZmlsdGVyPS9eW0EtWmEtel1bQS1aYS16MC05X10qQFtBLVphLXowLTlfXStcLltBLVphLXowLTlfLl0rW0EtemEtel0kLzsKCXZhciBmaWx0ZXI9L15cdysoW1wuLV0/XHcrKSpAXHcrKFtcLi1dP1x3KykqKFwuXHd7MiwzfSkrJC87CglpZiAocy5sZW5ndGggPT0gMCApIHJldHVybiB0cnVlOwoJaWYgKGZpbHRlci50ZXN0KHMpKSB7CgkJcmV0dXJuIHRydWU7Cgl9IGVsc2UgewoJCXJldHVybiBmYWxzZTsKCX0KfQoKZnVuY3Rpb24gdmFsaWRhcihvYmopIHsKICAgCiAgICBlcnJvcnMgPSAiIjsKICAgIAogICAgLy9Ob21icmUKICAgIGlmIChpc0VtcHR5KG9iai5ub21icmUudmFsdWUpKSB7CiAgICAgIGVycm9ycyArPSAiXG4tIEVsIE5vbWJyZSBlc3RhIHZhY2lvIjsKICAgIH0KCS8vRW1haWwKICAgIGlmIChpc0VtcHR5KG9iai5lbWFpbC52YWx1ZSkpIHsKICAgICAgZXJyb3JzICs9ICJcbi0gRWwgRW1haWwgZXN0YSB2YWNpbyI7CiAgICB9IGVsc2UgewoJCWlmIChpc0VtYWlsQWRkcmVzcyhvYmouZW1haWwudmFsdWUpID09IGZhbHNlKSB7CgkJCWVycm9ycyArPSAiXG4tIEVsIEVtYWlsIGluZ3Jlc2FkbyBlcyBpbmNvcnJlY3RvIjsKCQl9Cgl9CiAgICAvL0NvbWVudGFyaW8KICAgIGlmIChpc0VtcHR5KG9iai5jb21lbnRhcmlvLnZhbHVlKSkgewogICAgICBlcnJvcnMgKz0gIlxuLSBFbCBDb21lbnRhcmlvIGVzdGEgdmFjaW8iOwogICAgfQogICAgCiAgICBpZiAoIShlcnJvcnM9PSIiKSl7CgkJbXNnID0gIl9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX1xuXG5MYSByZWdpc3RyYWNp824gbm8gZnVlIGxsZXZhZGEgYSBjYWJvIHBvciBjYXVzYSBkZSBsb3Mgc2lndWllbnRlcyBlcnJvcmVzLlxuUG9yIGZhdm9yLCBjb3Jy7WphbG9zIHkgdnVlbHZhIGEgZW52aWFyLlxuX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXG4iOwoJCWlmIChlcnJvcnMhPSIiKXsKCQkJbXNnICs9IGVycm9yczsKCQl9CgkJYWxlcnQobXNnKTsKCQlyZXR1cm4gZmFsc2U7Cgl9ZWxzZXsKCSAgCgkgIG9iai5yZWNhcHRjaGFfY2hhbGxlbmdlX2ZpZWxkX2QudmFsdWUgPSBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgncmVjYXB0Y2hhX2NoYWxsZW5nZV9maWVsZCcpLnZhbHVlOwoJICBvYmoucmVjYXB0Y2hhX3Jlc3BvbnNlX2ZpZWxkX2QudmFsdWUgPSBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgncmVjYXB0Y2hhX3Jlc3BvbnNlX2ZpZWxkJykudmFsdWU7CgkgIAoJICByZXR1cm4gdHJ1ZTsKCX0KfQo8L1NDUklQVD4KPHN0eWxlPgojYXBlbGxpZG8gewogICAgZGlzcGxheTogbm9uZTsKfQojYWRkcmVzcyB7CiAgICBkaXNwbGF5OiBub25lOwp9Cjwvc3R5bGU+Cjx0YWJsZSB3aWR0aD0iNTk2IiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+Cjx0ciBhbGlnbj0iY2VudGVyIj4KICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMiI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgIDx0ZCBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMDcuanBnIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiPgogICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzUlIiBhbGlnbj0iY2VudGVyIj48YSBocmVmPSJqYXZhc2NyaXB0OjsiIG9uQ2xpY2s9IndpbmRvdy5vcGVuKCdpbXByaW1pci5waHA/bm90YT0zMDEnLCAnbm90YV9pbXByaW1pcicsICdyZXNpemFibGU9MSxzY3JvbGxiYXJzPTEnKSI+PGltZyBzcmM9ImltZy9pY29ub3Mtbm90YV8wOC5qcGciIHdpZHRoPSI5OCIgaGVpZ2h0PSI0NCIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzMiUiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNyZhbXA7aWRwYWc9MTQiPjxpbWcgc3JjPSJpbWcvaWNvbm9zLW5vdGFfMDUuanBnIiB3aWR0aD0iMTIzIiBoZWlnaHQ9IjQ3IiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjMzJSI+PGltZyBzcmM9ImltZy9pY29ub3Mtbm90YV8wMy5qcGciIHdpZHRoPSIxMDgiIGhlaWdodD0iNDgiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDwvdHI+CgkJCQkgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICA8dGQgYWxpZ249ImNlbnRlciI+PGltZyBzcmM9InNyYy9pbWdfdXAvMjMwNDIwMTMuMS5qcGciIHdpZHRoPSI0MjAiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPC90cj4KCQkJCSAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCI+CiAgICAgICAgICAgICAgICAgICAgPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMTUiPgogICAgICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkPjxzcGFuIGNsYXNzPSJkZXN0YWNhZG9zIj4yMi8xMS8yMDEzPGJyPjxzcGFuIGNsYXNzPSJ0cmFiVElUIj48Zm9udCBmYWNlPSJHZW9yZ2lhLCBUaW1lcyBOZXcgUm9tYW4sIFRpbWVzLCBzZXJpZiI+SVYgQ29uZ3Jlc28gSW50ZXJuYWNpb25hbCB2aW9sZW5jaWEsIG1hbHRyYXRvIHkgYWJ1c288L2ZvbnQ+PGJyIC8+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHNwYW4gY2xhc3M9ImNvbnRlbmlkbyI+PHN0cm9uZz48Zm9udCBzaXplPSIxIj5WaWN0aW1vbG9n7WEsIENyaW1pbm9sb2ftYSB5IEfpbmVyby4gVW5hIHRyaWxvZ+1hIGNvbXBsZWphPC9mb250Pjwvc3Ryb25nPjwvc3Bhbj48L3NwYW4+PC9zcGFuPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkPjxkaXYgY2xhc3M9ImRlc3RhY2Fkb3MiPjxwPiZuYnNwOzwvcD4NCjxwPjE0LCAxNSB5IDE2IGRlIE5vdmllbWJyZTwvcD4NCjxwPjxzdHJvbmc+PHNwYW4gc3R5bGU9ImNvbG9yOiAjZmY2NjAwOyI+T3JnYW5pemE6IFNhbHVkIEFjdGl2YTwvc3Bhbj48L3N0cm9uZz48L3A+DQo8cD48c3BhbiBzdHlsZT0iY29sb3I6ICNmZjY2MDA7Ij5BcXVlbGxvcyBpbnNjcmlwdG9zIGFsIHBvcnRhbCBkZSBTYWx1ZCBBY3RpdmEsIGhhc3RhIGVsIDMwLzA1LzIwMTMsIHB1ZGVuIGFjY2VkZXIgYSBpbXBvcnRhbnRlcyBkZXNjdWVudG9zIGVuIGxhIGluc2NyaXBjaSZvYWN1dGU7biBkZWwgY29uZ3Jlc28uPGJyIC8+PC9zcGFuPjwvcD4NCjxwPkx1Z2FyIGRlIFJlYWxpemFjaSZvYWN1dGU7biB5IGNvbGFib3JhY2kmb2FjdXRlO246IFVuaXZlcnNpZGFkIGRlbCBFc3RlLCBDYWxsZSAyIE4mb3JkbTsgNjg0LCBMYSBQbGF0YSwgQnVlbm9zIEFpcmVzPC9wPg0KPHA+PHN0cm9uZz48c3BhbiBzdHlsZT0iY29sb3I6ICNmZjAwMDA7Ij48c3BhbiBzdHlsZT0iZm9udC1zaXplOiB4LXNtYWxsOyI+SU5TQ1JJUENJT05FUyBDT04gREVTQ1VFTlRPIEhBU1RBIEVMIDI3IERFIEFHT1NUTyEhISE8L3NwYW4+PC9zcGFuPjwvc3Ryb25nPjwvcD4NCjxwPjxhIGhyZWY9Imh0dHA6Ly93d3cuY29uZ3Jlc292aW9sZW5jaWEuY29tIiB0YXJnZXQ9Il9ibGFuayI+bWFzIGluZm9ybWFjaW9uPC9hPjwvcD4NCjxwPiZuYnNwOzwvcD48L2Rpdj4gPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgIAkJCQkJCiAgICAJCQkJCSAgICAgICAgICAgICAgICAgICAgICA8L3RhYmxlPiAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgIDx0ZD48dGFibGUgd2lkdGg9IjQyMCIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iNCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDYiIHZhbGlnbj0iYm90dG9tIj4KCQkJCQkgIAkJCQkJICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzMTMiIHZhbGlnbj0ibWlkZGxlIj4KCQkJCQkgIAkJCQkJICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgPHRkIGFsaWduPSJyaWdodCIgdmFsaWduPSJib3R0b20iPjxhIGhyZWY9ImluZGV4LnBocCIgY2xhc3M9ImJvdG9uIj4mbHQ7Jmx0O1ZPTFZFUjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgPHRkID48L3RkPgogICAgICAgICAgICAgICAgPC90cj4KCgkJCQk8Zm9ybSBuYW1lPSJmb3JtdV9jb21lbnRhcmlvIiBhY3Rpb249Imd1YXJkYXJfZGFuaS5waHAiIG1ldGhvZD0icG9zdCIgb25TdWJtaXQ9InJldHVybiB2YWxpZGFyKHRoaXMpOyI+CgkJCQk8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJhY2MiIHZhbHVlPSJndWFyZGFyX2NvbWVudGFyaW8iPgoJCQkJPGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0ibm90YSIgdmFsdWU9IjMwMSI+CgkJCQkKCQkJCTxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9InJlY2FwdGNoYV9jaGFsbGVuZ2VfZmllbGRfZCIgdmFsdWU9IiI+CgkJCQk8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJyZWNhcHRjaGFfcmVzcG9uc2VfZmllbGRfZCIgdmFsdWU9IiI+CiAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiPgogICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9Ijg1JSIgaGVpZ2h0PSIzMCIgY2xhc3M9InRyYWJUSVQiPjxmb250IGZhY2U9Ikdlb3JnaWEsIFRpbWVzIE5ldyBSb21hbiwgVGltZXMsIHNlcmlmIj5Db21lbnRhcmlvczwvZm9udD48L3RkPgogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMSUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICAJCQkJCTx0cj4KICAgICAgICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMzAiIGNsYXNzPSJib3JkZWFycmliYSI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSI3IiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgYWxpZ249InJpZ2h0IiBjbGFzcz0iY29udGVuaWRvaG9tZSI+PHN0cm9uZz5Ob21icmU6PC9zdHJvbmc+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjYyJSI+PHNwYW4gY2xhc3M9ImNvbnRlbmlkbyI+T2ZlbGlhIERlbCBDYXJtZW4gIE1pbGxhIDwvc3Bhbj48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTglIiBjbGFzcz0iZGVzdGFjYWRvcyI+PHN0cm9uZz4wOS8wNi8yMDEzICAgICAgICAgICAgICAgICAgICAgICAgICA8L3N0cm9uZz48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGFsaWduPSJyaWdodCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJjb250ZW5pZG9ob21lIj48c3Ryb25nPkNvbWVudGFyaW86PC9zdHJvbmc+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMiI+PHNwYW4gY2xhc3M9InRleHRvbnVldm8iPk11eSBJbnRlcmVzYW50ZSBsYSBwcm9wdWVzdGEhISEgcGFydGljaXBlIGRlIGxhIGpvcm5hZGFzIGRlIEFydGVtaWRlcyBlbiBjaXBvbGxldHRpIHlvIHNveSBkZSBBbGxlbiAsQWNvbXBh8WFudGUgVGVyYXDpdXRpY2EgeVByb2Zlc29yYSBFbnNl8WFuemEgUHJpbWFyaWEudHViZSBsYSBvcG9ydHVuaWRhZCBjb25vY2VyIGEgQmVhdHJpeiBNdWxsZXI8L3NwYW4+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDwvdHI+CgkJCQkJCQkJCQk8dHI+CiAgICAgICAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjMwIiBjbGFzcz0iYm9yZGVhcnJpYmEiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iNyIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIGFsaWduPSJyaWdodCIgY2xhc3M9ImNvbnRlbmlkb2hvbWUiPjxzdHJvbmc+Tm9tYnJlOjwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MiUiPjxzcGFuIGNsYXNzPSJjb250ZW5pZG8iPkFkcmlhbmEgY2FybGEgR29ybGVybzwvc3Bhbj48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTglIiBjbGFzcz0iZGVzdGFjYWRvcyI+PHN0cm9uZz4xNS8wNi8yMDEzICAgICAgICAgICAgICAgICAgICAgICAgICA8L3N0cm9uZz48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGFsaWduPSJyaWdodCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJjb250ZW5pZG9ob21lIj48c3Ryb25nPkNvbWVudGFyaW86PC9zdHJvbmc+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMiI+PHNwYW4gY2xhc3M9InRleHRvbnVldm8iPlNveSB0ZXNpc3RhIGRlIGFudHJvcCBzb2MsIHkgY3JlZSAgdW4gcHJvZ3JhbWEgZGUiQ29udGVuY2lvbiB5IGZvcnRhbGVjaW1pZW50byBwYXJhIHBlcnNvbmFzIGVuIHNpdHVhY2lvbiBkZSB2aW9sZW5jaWEscXVlIHNlIGltcGxlbWVudGEgZGVzZGUgZWwgYfFvIDIwMTEuIFJlY2liZW4gcG9uZW5jaWFzPyBtdWNoYXMgZ3JhY2lhcyA8L3NwYW4+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDwvdHI+CgkJCQkJCQkJCQk8dHI+CiAgICAgICAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjMwIiBjbGFzcz0iYm9yZGVhcnJpYmEiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iNyIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIGFsaWduPSJyaWdodCIgY2xhc3M9ImNvbnRlbmlkb2hvbWUiPjxzdHJvbmc+Tm9tYnJlOjwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MiUiPjxzcGFuIGNsYXNzPSJjb250ZW5pZG8iPkxlb25vcjwvc3Bhbj48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTglIiBjbGFzcz0iZGVzdGFjYWRvcyI+PHN0cm9uZz4yNy8wNi8yMDEzICAgICAgICAgICAgICAgICAgICAgICAgICA8L3N0cm9uZz48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGFsaWduPSJyaWdodCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJjb250ZW5pZG9ob21lIj48c3Ryb25nPkNvbWVudGFyaW86PC9zdHJvbmc+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMiI+PHNwYW4gY2xhc3M9InRleHRvbnVldm8iPkdyYWNpYXMgcG9yIGVzdGUgY29uZ3Jlc28gdGFuIGltcG9ydGFudGUuIENvbW8gZnV0dXJhIFByb2Zlc29yYSBlbiBDcy4gZGUgbGEgRWR1Y2FjafNuIHkgT3BlcmFkb3JhIGVuIFBzLiBTYyBtZSBpbnRlcmVzYSB0cmFiYWphciBlc3RvcyB0ZW1hcy5Fc3Blcm8gY29uIGFuc2lhcyBwb2RlciBhc2lzdGlyIDwvc3Bhbj48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPC90cj4KCQkJCQkJCQkJCTx0cj4KICAgICAgICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMzAiIGNsYXNzPSJib3JkZWFycmliYSI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSI3IiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgYWxpZ249InJpZ2h0IiBjbGFzcz0iY29udGVuaWRvaG9tZSI+PHN0cm9uZz5Ob21icmU6PC9zdHJvbmc+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjYyJSI+PHNwYW4gY2xhc3M9ImNvbnRlbmlkbyI+RGVuaXNzZTwvc3Bhbj48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTglIiBjbGFzcz0iZGVzdGFjYWRvcyI+PHN0cm9uZz4wNS8wOC8yMDEzICAgICAgICAgICAgICAgICAgICAgICAgICA8L3N0cm9uZz48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGFsaWduPSJyaWdodCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJjb250ZW5pZG9ob21lIj48c3Ryb25nPkNvbWVudGFyaW86PC9zdHJvbmc+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMiI+PHNwYW4gY2xhc3M9InRleHRvbnVldm8iPr9Db21vIGhhZ28gcGFyYSBpbnNjcmliaXJtZT88L3NwYW4+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDwvdHI+CgkJCQkJCQkJCQk8dHI+CiAgICAgICAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjMwIiBjbGFzcz0iYm9yZGVhcnJpYmEiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iNyIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIGFsaWduPSJyaWdodCIgY2xhc3M9ImNvbnRlbmlkb2hvbWUiPjxzdHJvbmc+Tm9tYnJlOjwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MiUiPjxzcGFuIGNsYXNzPSJjb250ZW5pZG8iPnNhbmRyYSB2YWxkZXo8L3NwYW4+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE4JSIgY2xhc3M9ImRlc3RhY2Fkb3MiPjxzdHJvbmc+MjEvMDgvMjAxMyAgICAgICAgICAgICAgICAgICAgICAgICAgPC9zdHJvbmc+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBhbGlnbj0icmlnaHQiIHZhbGlnbj0idG9wIiBjbGFzcz0iY29udGVuaWRvaG9tZSI+PHN0cm9uZz5Db21lbnRhcmlvOjwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjIiPjxzcGFuIGNsYXNzPSJ0ZXh0b251ZXZvIj5lc3RveSBpbnRlcmVzYWRhIGVuIGNvbm9jZXIgbWFzIGFjZXJjYSBkZSBlc3RhIGpvcm5hZGEuIFByb2dyYW1hLCBwcmVjaW8gZXRjLiBQb2RyaWFuIGVudmlhciBlc3RhIGluZm9ybWFjaW9uLiBEZXNkZSB5YSBtdWhjYXMgZ3JhY2lhcyA8L3NwYW4+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDwvdHI+CgkJCQkJCQkJCQk8dHI+CiAgICAgICAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjMwIiBjbGFzcz0iYm9yZGVhcnJpYmEiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iNyIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIGFsaWduPSJyaWdodCIgY2xhc3M9ImNvbnRlbmlkb2hvbWUiPjxzdHJvbmc+Tm9tYnJlOjwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MiUiPjxzcGFuIGNsYXNzPSJjb250ZW5pZG8iPmdyYWNpZWxhIGxpbGlhbmEga2FlbXBmZm1hbm48L3NwYW4+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE4JSIgY2xhc3M9ImRlc3RhY2Fkb3MiPjxzdHJvbmc+MTAvMDkvMjAxMyAgICAgICAgICAgICAgICAgICAgICAgICAgPC9zdHJvbmc+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBhbGlnbj0icmlnaHQiIHZhbGlnbj0idG9wIiBjbGFzcz0iY29udGVuaWRvaG9tZSI+PHN0cm9uZz5Db21lbnRhcmlvOjwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjIiPjxzcGFuIGNsYXNzPSJ0ZXh0b251ZXZvIj5NZSBpbnRlcmVzYSBlc3RlIENvbmdyZXNvLCB5YSBxdWUgdHJhYmFqbyBjb21vIHRlY25pY2EgZW4gbGEgdW5pZGFkIGVqZWN1dG9yYSBkZSB2aW9sZW5jaWEgZmFtaWxpYXIsIGVuIGxhIGNpdWRhZCBkZSBHZW5lcmFsIFJvY2EsIFLtbyBOZWdybywgcXVpc2llcmEgc2FiZXIgc2kgZXhpc3RlIGFsZ/puIGNvbnZlbmlvIGNvbiBsYSBwcm92aW5jaWEuIDwvc3Bhbj48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPC90cj4KCQkJCQkJCQkJCTx0cj4KICAgICAgICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMzAiIGNsYXNzPSJib3JkZWFycmliYSI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSI3IiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgYWxpZ249InJpZ2h0IiBjbGFzcz0iY29udGVuaWRvaG9tZSI+PHN0cm9uZz5Ob21icmU6PC9zdHJvbmc+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjYyJSI+PHNwYW4gY2xhc3M9ImNvbnRlbmlkbyI+TWF0aWxkZSBNYW5nZTwvc3Bhbj48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTglIiBjbGFzcz0iZGVzdGFjYWRvcyI+PHN0cm9uZz4xNy8wOS8yMDEzICAgICAgICAgICAgICAgICAgICAgICAgICA8L3N0cm9uZz48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGFsaWduPSJyaWdodCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJjb250ZW5pZG9ob21lIj48c3Ryb25nPkNvbWVudGFyaW86PC9zdHJvbmc+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMiI+PHNwYW4gY2xhc3M9InRleHRvbnVldm8iPlF1ZSBs4XN0aW1hIHJlY2npbiBtZSBlbnRlcm8uIFlhIGVzIHRhcmRlIHBhcmEgdG9tYXJtZSBsb3MgZO1hcy4gPC9zcGFuPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICA8L3RyPgoJCQkJCQkJCQkJPHRyPgogICAgICAgICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIzMCIgY2xhc3M9ImJvcmRlYXJyaWJhIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjciIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjAlIiBhbGlnbj0icmlnaHQiIGNsYXNzPSJjb250ZW5pZG9ob21lIj48c3Ryb25nPk5vbWJyZTo8L3N0cm9uZz48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjIlIj48c3BhbiBjbGFzcz0iY29udGVuaWRvIj5QYXRyaWNpYSBNYXJ0aW48L3NwYW4+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE4JSIgY2xhc3M9ImRlc3RhY2Fkb3MiPjxzdHJvbmc+MjAvMDkvMjAxMyAgICAgICAgICAgICAgICAgICAgICAgICAgPC9zdHJvbmc+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBhbGlnbj0icmlnaHQiIHZhbGlnbj0idG9wIiBjbGFzcz0iY29udGVuaWRvaG9tZSI+PHN0cm9uZz5Db21lbnRhcmlvOjwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjIiPjxzcGFuIGNsYXNzPSJ0ZXh0b251ZXZvIj5UcmFiYWphbW9zIGVuIGVsIFByb2dyYW1hIFByb3ZpbmNpYWwgZGUgQXRlbmNp824geSBQcmV2ZW5jafNuIGFsIE1hbHRyYXRvIEluZmFudGlsLCBlbiBzZW5kb3MgY2Fzb3MgaGFjZSBt4XMgZGUgZGlleiBh8W9zLiBEZXNlYXLtYW1vcyBzYWJlciBsbyByZWxhdGl2byBhIGJlY2FzLiBHcmFjaWFzPC9zcGFuPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICA8L3RyPgoJCQkJCQkJCQkJPHRyPgogICAgICAgICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIzMCIgY2xhc3M9ImJvcmRlYXJyaWJhIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjciIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjAlIiBhbGlnbj0icmlnaHQiIGNsYXNzPSJjb250ZW5pZG9ob21lIj48c3Ryb25nPk5vbWJyZTo8L3N0cm9uZz48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjIlIj48c3BhbiBjbGFzcz0iY29udGVuaWRvIj5BREVMQSBiZWF0cml6IGtvaGFuPC9zcGFuPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxOCUiIGNsYXNzPSJkZXN0YWNhZG9zIj48c3Ryb25nPjIyLzA5LzIwMTMgICAgICAgICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgYWxpZ249InJpZ2h0IiB2YWxpZ249InRvcCIgY2xhc3M9ImNvbnRlbmlkb2hvbWUiPjxzdHJvbmc+Q29tZW50YXJpbzo8L3N0cm9uZz48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIyIj48c3BhbiBjbGFzcz0idGV4dG9udWV2byI+dm95IGEgcGFydGljaXBhcixleGNlbGVudGUgcHJvcHVlc3RhPC9zcGFuPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICA8L3RyPgoJCQkJCQkJCQkJPHRyPgogICAgICAgICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIzMCIgY2xhc3M9ImJvcmRlYXJyaWJhIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjciIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjAlIiBhbGlnbj0icmlnaHQiIGNsYXNzPSJjb250ZW5pZG9ob21lIj48c3Ryb25nPk5vbWJyZTo8L3N0cm9uZz48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjIlIj48c3BhbiBjbGFzcz0iY29udGVuaWRvIj5NYXRpbGRlIE1hbmdlPC9zcGFuPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxOCUiIGNsYXNzPSJkZXN0YWNhZG9zIj48c3Ryb25nPjMwLzA5LzIwMTMgICAgICAgICAgICAgICAgICAgICAgICAgIDwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgYWxpZ249InJpZ2h0IiB2YWxpZ249InRvcCIgY2xhc3M9ImNvbnRlbmlkb2hvbWUiPjxzdHJvbmc+Q29tZW50YXJpbzo8L3N0cm9uZz48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIyIj48c3BhbiBjbGFzcz0idGV4dG9udWV2byI+v1B1ZWRvIGluc2NyaWJpcm1lIGFsIGxsZWdhcj8gTm8gbWUgaGFuIGNvbnRlc3RhZG8gc2kgbWUgZGFuIGxvcyBk7WFzIHBhcmEgZWwgQ29uZ3Jlc28uIEdyYWNpYXM8L3NwYW4+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDwvdHI+CgkJCQkJCQkJCQk8dHI+CiAgICAgICAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjMwIiBjbGFzcz0iYm9yZGVhcnJpYmEiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iNyIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIGFsaWduPSJyaWdodCIgY2xhc3M9ImNvbnRlbmlkb2hvbWUiPjxzdHJvbmc+Tm9tYnJlOjwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MiUiPjxzcGFuIGNsYXNzPSJjb250ZW5pZG8iPnNhbmRyYSBwZXJlejwvc3Bhbj48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTglIiBjbGFzcz0iZGVzdGFjYWRvcyI+PHN0cm9uZz4wNC8xMC8yMDEzICAgICAgICAgICAgICAgICAgICAgICAgICA8L3N0cm9uZz48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGFsaWduPSJyaWdodCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJjb250ZW5pZG9ob21lIj48c3Ryb25nPkNvbWVudGFyaW86PC9zdHJvbmc+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMiI+PHNwYW4gY2xhc3M9InRleHRvbnVldm8iPnF1aXNpZXJhIHNhYmVyIHNpIGVzdGUgY29uZ3Jlc28gdGllbmUgUmVzb2x1Y2lvbiBkZWwgbWluaXN0ZXJpbyBkZSBlZHVjYWNpb24gZGUgbGEgUHJvdi4gZGUgQnVlbm9zIEFpcmVzIFNpIGVzIGFzaSBzb2xpY2l0byBzaSBwdWVkZW4gZW52aWFybWUgZWwgbnJvLkdyYWNpYXM8YnIgLz4NCjwvc3Bhbj48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPC90cj4KCQkJCQkJCQkJCTx0cj4KCQkJCQkgIDx0ZD4mbmJzcDs8L3RkPgoJCQkJCSAgPHRkIGhlaWdodD0iMzAiIGNsYXNzPSJib3JkZWFycmliYSI+Jm5ic3A7PC90ZD4KCQkJCQkgIDx0ZD4mbmJzcDs8L3RkPgoJCQkJICAgIDwvdHI+CgkJCQkJPHRyPgoJCQkJCSAgPHRkPiZuYnNwOzwvdGQ+CgkJCQkJICA8dGQgaGVpZ2h0PSIzMCIgPjxzcGFuIGNsYXNzPSJ0cmFiVElUIj48Zm9udCBmYWNlPSJHZW9yZ2lhLCBUaW1lcyBOZXcgUm9tYW4sIFRpbWVzLCBzZXJpZiIgPkNvbWVudGFyaW9zPC9mb250Pjwvc3Bhbj48L3RkPgoJCQkJCSAgPHRkPiZuYnNwOzwvdGQ+CgkJCQkgICAgPC90cj4KCQkJCQk8dHI+CgkJCQkJICA8dGQ+Jm5ic3A7PC90ZD4KCQkJCQkgIDx0ZCBoZWlnaHQ9IjMwIiBjbGFzcz0iYm9yZGVhcnJpYmEiPjxzdHJvbmc+JmJ1bGw7PHNwYW4gY2xhc3M9ImNvbnRlbmlkb2hvbWUiPkluZ3Jlc2UKCQkJICAgICAgICBzdXMgZGF0b3MgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvc3Bhbj48L3N0cm9uZz48L3RkPgoJCQkJCSAgPHRkPiZuYnNwOzwvdGQ+CgkJCQkgICAgPC90cj4KCQkJCQk8dHI+CgkJCQkJICA8dGQ+Jm5ic3A7PC90ZD4KCQkJCQkgIDx0ZCBoZWlnaHQ9IjMwIiA+CgkJCQkJICAgIDxpbnB1dCBuYW1lPSJub21icmUiIHR5cGU9InRleHQiIGNsYXNzPSJjZWxkYWZvcm0iIGlkPSJub21icmUiIHNpemU9IjQwIiB2YWx1ZT0iIiAvPgoJCQkJCSAgICA8aW5wdXQgbmFtZT0iYXBlbGxpZG8iIHR5cGU9InRleHQiIGNsYXNzPSJjZWxkYWZvcm0iIGlkPSJhcGVsbGlkbyIgc2l6ZT0iNDAiIHZhbHVlPSIiIC8+CgkJCQkgICAgICA8c3BhbiBjbGFzcz0iY29udGVuaWRvaG9tZSI+Tm9tYnJlPC9zcGFuPgkJCQkJICA8L3RkPgoJCQkJCSAgPHRkPiZuYnNwOzwvdGQ+CgkJCQkgICAgPC90cj4KCQkJCQk8dHI+CgkJCQkJICA8dGQ+Jm5ic3A7PC90ZD4KCQkJCQkgIDx0ZCBoZWlnaHQ9IjMwIiA+PGlucHV0IG5hbWU9ImVtYWlsIiB0eXBlPSJ0ZXh0IiBjbGFzcz0iY2VsZGFmb3JtIiBpZD0iZW1haWwiIHNpemU9IjQwIiB2YWx1ZT0iIiAvPgoJCQkJCSAgICA8aW5wdXQgbmFtZT0iYWRkcmVzcyIgdHlwZT0idGV4dCIgY2xhc3M9ImNlbGRhZm9ybSIgaWQ9ImFkZHJlc3MiIHNpemU9IjQwIiB2YWx1ZT0iIiAvPgogICAgICAgICAgICAgICAgICAgICAgICA8c3BhbiBjbGFzcz0iY29udGVuaWRvaG9tZSI+RW1haWw8L3NwYW4+PC90ZD4KCQkJCQkgIDx0ZD4mbmJzcDs8L3RkPgoJCQkJICAgIDwvdHI+CgkJCQkJPHRyPgoJCQkJCSAgPHRkIGhlaWdodD0iMzAiPjxzcGFuIGNsYXNzPSJjb250ZW5pZG9ob21lIj48L3NwYW4+PC90ZD4KCQkJCQkgIDx0ZCBoZWlnaHQ9IjMwIj48c3BhbiBjbGFzcz0iY29udGVuaWRvaG9tZSI+PHN0cm9uZz4mYnVsbDtEZWplIHN1IGNvbWVudGFyaW8KCQkJICAgICAgICBzb2JyZSBsYSBub3RhICht4XhpbW8gMjAwIGNhcmFjdGVyZXMpCgkJCQkJICA8dGQ+Jm5ic3A7PC90ZD4KCQkJCSAgICA8L3RyPgoJCQkJCTx0cj4KCQkJCQkgIDx0ZD4mbmJzcDs8L3RkPgoJCQkJCSAgPHRkIGhlaWdodD0iMzAiPgoJCQkJCSAgICA8c2NyaXB0PgoJCQkJCSAgICBmdW5jdGlvbiBtYXhpbW9zQ2FyYWN0ZXJlcyhteWZpZWxkLGUsbWF4aW1vKSB7CiAgICAgICAgICAgICAgICAgICAgICAgIAl2YXIga2V5Y29kZTsKICAgICAgICAgICAgICAgICAgICAgICAgCWlmICh3aW5kb3cuZXZlbnQpIHsKICAgICAgICAgICAgICAgICAgICAgICAgCSAgICBrZXljb2RlID0gd2luZG93LmV2ZW50LmtleUNvZGU7CiAgICAgICAgICAgICAgICAgICAgICAgIAl9IGVsc2UgewogICAgICAgICAgICAgICAgICAgICAgICAJICAgIGlmIChlKSB7CiAgICAgICAgICAgICAgICAgICAgICAgIAkgICAgICAgIGtleWNvZGUgPSBlLndoaWNoOwogICAgICAgICAgICAgICAgICAgICAgICAJICAgIH0gZWxzZSB7CiAgICAgICAgICAgICAgICAgICAgICAgIAkgICAgICAgIHJldHVybiB0cnVlOwogICAgICAgICAgICAgICAgICAgICAgICAJICAgIH0KICAgICAgICAgICAgICAgICAgICAgICAgCX0KICAgICAgICAgICAgICAgICAgICAgICAgCWlmIChteWZpZWxkLnZhbHVlLmxlbmd0aCA8IG1heGltbyB8fCAoa2V5Y29kZT09MCkgfHwgKGtleWNvZGU9PTgpKSB7CiAgICAgICAgICAgICAgICAgICAgICAgIAkgICAgcmV0dXJuIHRydWU7IAogICAgICAgICAgICAgICAgICAgICAgICAJfSBlbHNlIHsKICAgICAgICAgICAgICAgICAgICAgICAgCSAgICByZXR1cm4gZmFsc2U7CiAgICAgICAgICAgICAgICAgICAgICAgIAl9CiAgICAgICAgICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgICAgICAgICAgPC9zY3JpcHQ+CgkJCQkJICAgIDx0ZXh0YXJlYSBuYW1lPSJjb21lbnRhcmlvIiBjb2xzPSI0NSIgcm93cz0iNSIgY2xhc3M9InNjcm9sbDEiIGlkPSJjb21lbnRhcmlvIiBvbktleVByZXNzPSJyZXR1cm4gbWF4aW1vc0NhcmFjdGVyZXModGhpcywgZXZlbnQsIDIwMCkiPjwvdGV4dGFyZWE+PC90ZD4KCQkJCQkgIDx0ZD4mbmJzcDs8L3RkPgoJCQkJICAgIDwvdHI+CgkJCQkgICAgPHRyPgoJCQkJCSAgPHRkIGhlaWdodD0iMzAiPjxzcGFuIGNsYXNzPSJjb250ZW5pZG9ob21lIj48L3NwYW4+PC90ZD4KCQkJCQkgIDx0ZCBoZWlnaHQ9IjMwIj48c3BhbiBjbGFzcz0iY29udGVuaWRvaG9tZSI+PHN0cm9uZz4mYnVsbDtFc2NyaWJhIGVsIEPzZGlnbyBkZSBTZWd1cmlkYWQgcXVlIGFwYXJlY2UgYSBjb250aW51YWNp8248L3N0cm9uZz48L3NwYW4+PC90ZD4KCQkJCQkgIDx0ZD4mbmJzcDs8L3RkPgoJCQkJICAgIDwvdHI+CgkJCQkgICAgPHRyPgoJCQkJCSAgPHRkPiZuYnNwOzwvdGQ+CgkJCQkJICA8dGQgaGVpZ2h0PSIzMCI+CgkJCQkJICAgIDxhIG5hbWU9ImNvZGlnb19zZWd1cmlkYWQiPjwvYT4KCQkJCQkgICAgPGltZyBzcmM9InNlY3VyaW1hZ2Vfc2hvdy5waHA/c2lkPTM5OGI2NTBmODdhY2Y1NTQ2NjE2YzllYmQ4YjUyMjc0Ij48YnIgLz4KCQkJCQkgICAgPGlucHV0IG5hbWU9ImNvZGUiIHR5cGU9ImNvZGUiIGNsYXNzPSJjZWxkYWZvcm0iIGlkPSJjb2RlIiBzaXplPSI0MCIgLz4KCQkJCQkgIDwvdGQ+CgkJCQkJICA8dGQ+Jm5ic3A7PC90ZD4KCQkJCSAgICA8L3RyPgoJCQkJICAgIDwhLS0KCQkJCSAgICA8dHI+CgkJCQkgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgoJCQkJICAgICAgICA8dGQ+CgkJCQkgICAgICAgICAgICA8c2NyaXB0IHR5cGU9InRleHQvamF2YXNjcmlwdCIgc3JjPSJodHRwOi8vd3d3Lmdvb2dsZS5jb20vcmVjYXB0Y2hhL2FwaS9jaGFsbGVuZ2U/az02TGRYTDhvU0FBQUFBT3VtZnN3YmI5TTdMSEVHVHhjbjBjUkN2V3ZiIj48L3NjcmlwdD4KCgk8bm9zY3JpcHQ+CiAgCQk8aWZyYW1lIHNyYz0iaHR0cDovL3d3dy5nb29nbGUuY29tL3JlY2FwdGNoYS9hcGkvbm9zY3JpcHQ/az02TGRYTDhvU0FBQUFBT3VtZnN3YmI5TTdMSEVHVHhjbjBjUkN2V3ZiIiBoZWlnaHQ9IjMwMCIgd2lkdGg9IjUwMCIgZnJhbWVib3JkZXI9IjAiPjwvaWZyYW1lPjxici8+CiAgCQk8dGV4dGFyZWEgbmFtZT0icmVjYXB0Y2hhX2NoYWxsZW5nZV9maWVsZCIgcm93cz0iMyIgY29scz0iNDAiPjwvdGV4dGFyZWE+CiAgCQk8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJyZWNhcHRjaGFfcmVzcG9uc2VfZmllbGQiIHZhbHVlPSJtYW51YWxfY2hhbGxlbmdlIi8+Cgk8L25vc2NyaXB0PgkJCQkgICAgICAgIDwvdGQ+CgkJCQkgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgoJCQkJICAgIDwvdHI+CgkJCQkgICAgLS0+CgkJCQkJPHRyPgoJCQkJCSAgPHRkPiZuYnNwOzwvdGQ+CgkJCQkJICA8dGQgaGVpZ2h0PSIzMCIgPjxpbnB1dCBuYW1lPSJidXR0b24iIHR5cGU9InN1Ym1pdCIgY2xhc3M9ImNlbGRhZm9ybSIgaWQ9ImJ1dHRvbjIiIHZhbHVlPSJFbnZpYXIiIC8+PC90ZD4KCQkJCQkgIDx0ZD4mbmJzcDs8L3RkPgoJCQkJICAgIDwvdHI+CgkJCQkJCiAgICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICAgIDwvdHI+CgkJCQkKCQkJCTwvZm9ybT4KCQkJCQogICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgIDx0ZCA+PC90ZD4KICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgPHRkIHJvd3NwYW49IjIiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE3MCIgcm93c3Bhbj0iMiIgYWxpZ249ImNlbnRlciIgdmFsaWduPSJ0b3AiIGJnY29sb3I9IiNFRkVGRUYiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICA8dGQgYWxpZ249InJpZ2h0IiB2YWxpZ249InRvcCIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzA3LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wOS5qcGciIHdpZHRoPSI0NSIgaGVpZ2h0PSIxNyIgLz48L3RkPgogICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iNjkiIGFsaWduPSJjZW50ZXIiIHZhbGlnbj0ibWlkZGxlIiBiZ2NvbG9yPSIjRkZGRkZGIj48c3Ryb25nIGNsYXNzPSJ0aXR1bG9ob21lMiI+PGZvbnQgc2l6ZT0iMSIgZmFjZT0iR2VvcmdpYSwgVGltZXMgTmV3IFJvbWFuLCBUaW1lcywgc2VyaWYiPkNhbnRpZGFkIGRlIGxlY3R1cmFzOiA8Zm9udCBjb2xvcj0iI0ZGOTI0MSIgc2l6ZT0iMiI+MjI5PC9mb250PjwvZm9udD48L3N0cm9uZz48L3RkPgogICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNzAiIGFsaWduPSJjZW50ZXIiIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjE1MCIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjMiIGNsYXNzPSJib3JkZSI+CiAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgPHRkIGFsaWduPSJjZW50ZXIiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCA+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBhbGlnbj0ibGVmdCIgY2xhc3M9InRpdHVsb2hvbWUyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgYWxpZ249ImNlbnRlciIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIiBiZ2NvbG9yPSIjRkZGRkZGIj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYWxpZ249ImxlZnQiIHZhbGlnbj0iYm90dG9tIiBjbGFzcz0idGl0dWxvaG9tZTIiPk90cmFzIG5vdGFzPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIiBhbGlnbj0ibGVmdCIgdmFsaWduPSJib3R0b20iIGNsYXNzPSJ0aXR1bG9ob21lMiI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18yNi5qcGciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjYuanBnIiB3aWR0aD0iMiIgaGVpZ2h0PSIyIiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iIiBoZWlnaHQ9IjM1IiBhbGlnbj0ibGVmdCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMjUiIGNsYXNzPSJjb250ZW5pZG9ob21lIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMjUiIGNvbHNwYW49IjMiIGNsYXNzPSJjb250ZW5pZG9ob21lIj48c3Ryb25nPjxhIGhyZWY9ImphdmFzY3JpcHQ6OyIgY2xhc3M9ImRlc3RhY2Fkb3MiPklWIENvbmdyZXNvIEludGVybmFjaW9uYWwgdmlvbGVuY2lhLCBtYWx0cmF0byB5IGFidXNvPC9hPjwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjQlIiBjb2xzcGFuPSIzIiByb3dzcGFuPSI0IiBjbGFzcz0iY29udGVuaWRvaG9tZSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAkJCQkJCQkJCSAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI0JSIgaGVpZ2h0PSIzMCIgdmFsaWduPSJtaWRkbGUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzJSIgaGVpZ2h0PSIzMCIgdmFsaWduPSJtaWRkbGUiIGJnY29sb3I9IiNFRkVGRUYiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIzMCIgY29sc3Bhbj0iMiIgYWxpZ249ImxlZnQiIHZhbGlnbj0ibWlkZGxlIiBiZ2NvbG9yPSIjRUZFRkVGIiBjbGFzcz0iY29udGVuaWRvaG9tZSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMxMCIgY2xhc3M9ImJvdG9uIj48c3Ryb25nPkVsIGNvbGVnaW8gZGUgUHNpY/Nsb2dvcyBkZSBD83Jkb2JhIHNlIHByb251bmNpYSBlbiByZWxhY2nzbiBhbCBTQVAgeSBlbiBjb25jb3JkYW5jaWEgY29uIGxvIGV4cHJlc2FkbyBwb3IgZWwgQ29sZWdpbyBkZSBQc2lj82xvZ29zIGRlIE1hciBkZWwgUGxhdGEgeSBlbCBDb2xlZ2lvIGRlIFBzaWPzbG9nb3MgZGUgbGEgIFByb3ZpbmNpYSBkZSBCdWVub3MgQWlyZXM8L3N0cm9uZz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgoJCQkJCQkJCQkgIAkJCQkJCQkJCSAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI0JSIgaGVpZ2h0PSIzMCIgdmFsaWduPSJtaWRkbGUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzJSIgaGVpZ2h0PSIzMCIgdmFsaWduPSJtaWRkbGUiIGJnY29sb3I9IiNGRkZGRkYiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIzMCIgY29sc3Bhbj0iMiIgYWxpZ249ImxlZnQiIHZhbGlnbj0ibWlkZGxlIiBiZ2NvbG9yPSIjRkZGRkZGIiBjbGFzcz0iY29udGVuaWRvaG9tZSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwOSIgY2xhc3M9ImJvdG9uIj48c3Ryb25nPlNhbHVkIEFjdGl2YSBvdG9yZ2EgbWVkaWFzIGJlY2FzIHBhcmEgZWwgSVYgQ29uZ3Jlc28gSW50ZXJuYWNpb25hbCwgViBOYWNpb25hbCwgVkkgUmVnaW9uYWwgVmlvbGVuY2lhLCBNYWx0cmF0byB5IEFidXNvLjwvc3Ryb25nPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CgkJCQkJCQkJCSAgCQkJCQkJCQkJICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjQlIiBoZWlnaHQ9IjMwIiB2YWxpZ249Im1pZGRsZSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMlIiBoZWlnaHQ9IjMwIiB2YWxpZ249Im1pZGRsZSIgYmdjb2xvcj0iI0VGRUZFRiI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjMwIiBjb2xzcGFuPSIyIiBhbGlnbj0ibGVmdCIgdmFsaWduPSJtaWRkbGUiIGJnY29sb3I9IiNFRkVGRUYiIGNsYXNzPSJjb250ZW5pZG9ob21lIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA4IiBjbGFzcz0iYm90b24iPjxzdHJvbmc+TkVDRVNJVEFNT1MgREUgU1UgU09MSURBUklEQUQgSEFDSUEgTE9TIE5J0U9TIFkgTknRQVMhISE8L3N0cm9uZz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgoJCQkJCQkJCQkgIAkJCQkJCQkJCSAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI0JSIgaGVpZ2h0PSIzMCIgdmFsaWduPSJtaWRkbGUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzJSIgaGVpZ2h0PSIzMCIgdmFsaWduPSJtaWRkbGUiIGJnY29sb3I9IiNGRkZGRkYiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIzMCIgY29sc3Bhbj0iMiIgYWxpZ249ImxlZnQiIHZhbGlnbj0ibWlkZGxlIiBiZ2NvbG9yPSIjRkZGRkZGIiBjbGFzcz0iY29udGVuaWRvaG9tZSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwNyIgY2xhc3M9ImJvdG9uIj48c3Ryb25nPlNBTFVEIEFDVElWQSBoYSBzaWRvIGVsZWdpZGEgcG9yIHNlZ3VuZGEgdmV6IGNvbnNlY3V0aXZhIGNvbW8gdW5vIGRlIGxvcyBnYW5hZG9yZXMgZGVsIEN1YXJ0byBDb25jdXJzbyBkZSBQcm95ZWN0b3MgU29jaWFsZXMgZGUgUGV0cm9icmFzPC9zdHJvbmc+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90cj4KCQkJCQkJCQkJICAJCQkJCQkJCQkgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNCUiIGhlaWdodD0iMzAiIHZhbGlnbj0ibWlkZGxlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyUiIGhlaWdodD0iMzAiIHZhbGlnbj0ibWlkZGxlIiBiZ2NvbG9yPSIjRUZFRkVGIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMzAiIGNvbHNwYW49IjIiIGFsaWduPSJsZWZ0IiB2YWxpZ249Im1pZGRsZSIgYmdjb2xvcj0iI0VGRUZFRiIgY2xhc3M9ImNvbnRlbmlkb2hvbWUiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDYiIGNsYXNzPSJib3RvbiI+PHN0cm9uZz5P7XIgbyBlc2N1Y2hhcjwvc3Ryb25nPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CgkJCQkJCQkJCSAgCQkJCQkJCQkJICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjQlIiBoZWlnaHQ9IjMwIiB2YWxpZ249Im1pZGRsZSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMlIiBoZWlnaHQ9IjMwIiB2YWxpZ249Im1pZGRsZSIgYmdjb2xvcj0iI0ZGRkZGRiI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjMwIiBjb2xzcGFuPSIyIiBhbGlnbj0ibGVmdCIgdmFsaWduPSJtaWRkbGUiIGJnY29sb3I9IiNGRkZGRkYiIGNsYXNzPSJjb250ZW5pZG9ob21lIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA1IiBjbGFzcz0iYm90b24iPjxzdHJvbmc+RWwgZGVyZWNobyBkZSBsb3Mgbmnxb3MgYSBzZXIgZXNjdWNoYWRvczwvc3Ryb25nPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CgkJCQkJCQkJCSAgCQkJCQkJCQkJICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjQlIiBoZWlnaHQ9IjMwIiB2YWxpZ249Im1pZGRsZSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMlIiBoZWlnaHQ9IjMwIiB2YWxpZ249Im1pZGRsZSIgYmdjb2xvcj0iI0VGRUZFRiI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjMwIiBjb2xzcGFuPSIyIiBhbGlnbj0ibGVmdCIgdmFsaWduPSJtaWRkbGUiIGJnY29sb3I9IiNFRkVGRUYiIGNsYXNzPSJjb250ZW5pZG9ob21lIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA0IiBjbGFzcz0iYm90b24iPjxzdHJvbmc+QWJ1c28gc2V4dWFsIGluZmFudGlsLiBEZXNhZmlvcyBkZSBsYSBjbGluaWNhIGFjdHVhbDwvc3Ryb25nPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CgkJCQkJCQkJCSAgCQkJCQkJCQkJICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjQlIiBoZWlnaHQ9IjMwIiB2YWxpZ249Im1pZGRsZSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMlIiBoZWlnaHQ9IjMwIiB2YWxpZ249Im1pZGRsZSIgYmdjb2xvcj0iI0ZGRkZGRiI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjMwIiBjb2xzcGFuPSIyIiBhbGlnbj0ibGVmdCIgdmFsaWduPSJtaWRkbGUiIGJnY29sb3I9IiNGRkZGRkYiIGNsYXNzPSJjb250ZW5pZG9ob21lIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzAzIiBjbGFzcz0iYm90b24iPjxzdHJvbmc+U2FsdWQgQWN0aXZhIG5lY2VzaXRhIGRlIHR1IGF5dWRhITwvc3Ryb25nPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CgkJCQkJCQkJCSAgCQkJCQkJCQkJICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjQlIiBoZWlnaHQ9IjMwIiB2YWxpZ249Im1pZGRsZSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMlIiBoZWlnaHQ9IjMwIiB2YWxpZ249Im1pZGRsZSIgYmdjb2xvcj0iI0VGRUZFRiI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjMwIiBjb2xzcGFuPSIyIiBhbGlnbj0ibGVmdCIgdmFsaWduPSJtaWRkbGUiIGJnY29sb3I9IiNFRkVGRUYiIGNsYXNzPSJjb250ZW5pZG9ob21lIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzAyIiBjbGFzcz0iYm90b24iPjxzdHJvbmc+UkVQVURJTyBBIExBIFBSRVNFTkNJQSBFTiBMQSBGRVJJQSBERUwgTElCUk8gREUgVU4gRVggSlVFWiBBQ1VTQURPIERFIEFCVVNPIFNFWFVBTDwvc3Ryb25nPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CgkJCQkJCQkJCSAgCQkJCQkJCQkJICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjQlIiBoZWlnaHQ9IjMwIiB2YWxpZ249Im1pZGRsZSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMlIiBoZWlnaHQ9IjMwIiB2YWxpZ249Im1pZGRsZSIgYmdjb2xvcj0iI0ZGRkZGRiI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjMwIiBjb2xzcGFuPSIyIiBhbGlnbj0ibGVmdCIgdmFsaWduPSJtaWRkbGUiIGJnY29sb3I9IiNGRkZGRkYiIGNsYXNzPSJjb250ZW5pZG9ob21lIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzAwIiBjbGFzcz0iYm90b24iPjxzdHJvbmc+VU5BIEpVRVpBIERFIFZJTExBIEdFU0VMTCBSRUNIQVpPIEVMIFBFRElETyBERSBVTiBQQURSRSBRVUUgU0UgQVBPWUFCQSBFTiBFTCBTQVAsIERFTlVOQ0lBRE8gUE9SIEFCVVNBUiBERSBTVSBISUpPPC9zdHJvbmc+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90cj4KCQkJCQkJCQkJICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjIwIiBjb2xzcGFuPSI3IiBiZ2NvbG9yPSIjRkZGRkZGIiBjbGFzcz0idGV4dG9udWV2byI+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RhYmxlPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3X3RvZGFzIiBjbGFzcz0iYm90b24iPjxzdHJvbmc+VmVyIFRvZGFzIGxhcyBOb3RpY2lhczwvc3Ryb25nPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogIDwvdHI+CjwvdGFibGU+CjwvdGQ+CiAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgICA8dGQgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIiBiZ2NvbG9yPSIjRTNFM0UzIj4gICAgICAgICAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgICA8dGQgYWxpZ249ImNlbnRlciIgdmFsaWduPSJ0b3AiIGJnY29sb3I9IiNFM0UzRTMiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPHRkIHdpZHRoPSI3MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNiUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8dGQ+PGltZyBzcmM9ImltZy9kZWNpbG9fYmllbl9mdWVydGUxLmpwZyIgd2lkdGg9IjEyMCIgaGVpZ2h0PSIxMTIiPjwvdGQ+CiAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIiA+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTI0IiBjbGFzcz0iYm90b24xIj5bK10gTSZhYWN1dGU7cyBpbmZvcm1hY2kmb2FjdXRlO248L2E+PC90ZD4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPC90cj4KICAgICAgICAgIDwvdGFibGU+CiAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgYmdjb2xvcj0iI0UzRTNFMyI+ICAgICAgICA8L3RyPgogICAgICAgIDx0cj4gCiAgICAgICAgICA8dGQgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIj4mbmJzcDs8L3RkPgogICAgICAgIDwvdHI+CiAgICA8L3RhYmxlPjwvdGQ+CiAgPC90cj4KICA8dHI+IAogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249ImJvdHRvbSI+PGltZyBzcmM9ImltZy9penExLmpwZyIgd2lkdGg9Ijk2IiBoZWlnaHQ9IjExNCIgLz48L3RkPgogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9RdWllbmVzU29tb3NfQTJfMF8yNS5qcGciIHdpZHRoPSI4MDkiIGhlaWdodD0iMTE0IiBib3JkZXI9IjAiIHVzZW1hcD0iI01hcDIiIC8+PC90ZD4KICA8L3RyPgogIDx0cj4gCiAgICA8dGQgaGVpZ2h0PSI1MCIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIiBiYWNrZ3JvdW5kPSJpbWcvUXVpZW5lc1NvbW9zX0EyXzE4XzE4LmpwZyI+Jm5ic3A7PC90ZD4KICAgIDx0ZCBoZWlnaHQ9IjUwIiBjbGFzcz0iZm9uZG9ib3R0b20iPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2l0ZWkuY29tLmFyLyI+PGltZyBzcmM9ImltZy9laV9jb2xvci5wbmciIGFsdD0iZXNwYWNpb3MgZGUgaW1hZ2luYWNpb24sIGRlc2Fycm9sbG9zIGludGVyYWN0aXZvcywgY3JlYXRpdmlkYWQsIGRpc2XxbyIgd2lkdGg9IjI3IiBoZWlnaHQ9IjE1IiBib3JkZXI9IjAiPjwvYT4gPHNwYW4gY2xhc3M9ImVpIj48YSBocmVmPSJodHRwOi8vd3d3LnNpdGVpLmNvbS5hci8iIHNwYW4gY2xhc3M9ImVpIj5kaXNlJm50aWxkZTtvICsgY29tdW5pY2FjaSZvYWN1dGU7bjwvYT48L3NwYW4+PGVtPiZuYnNwOzwvZW0+PC9zcGFuPjxzcGFuIGNsYXNzPSJibGFuY28xIj48ZW0+Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7PC9lbT48L3NwYW4+PC90ZD4KICA8L3RyPgo8L3RhYmxlPgoKCjxtYXAgbmFtZT0iTWFwMiI+PGFyZWEgc2hhcGU9InJlY3QiIGNvb3Jkcz0iMjQ3LDY5LDQxNCw4MiIgaHJlZj0ibWFpbHRvOnNhbHVkYWN0aXZhQHNhbHVkYWN0aXZvLm9yZy5hciI+CjwvbWFwPgo8bWFwIG5hbWU9Ik1hcCI+CjxhcmVhIHNoYXBlPSJyZWN0IiBjb29yZHM9IjM2LDE0MiwxNDksMTUyIiBocmVmPSJpbmRleC5waHA/aWQ9OF92ZXIyJmNvbmY9MiI+CjxhcmVhIHNoYXBlPSJyZWN0IiBjb29yZHM9IjM0LDE4NiwxNTAsMTk2IiBocmVmPSJpbmRleC5waHA/aWQ9OF92ZXIyJmNvbmY9MCI+CjwvbWFwPgo8L2JvZHk+CjwvaHRtbD4K]]></response>
	96	<responseRedirected>false</responseRedirected>
	97	</requestresponse>
	98	</issue>
	99	<issue>
	100	<serialNumber>6589706705335705600</serialNumber>
	101	<type>5244928</type>
	102	<name>Password field with autocomplete enabled</name>
	103	<host ip="200.20.20.201">http://www.example.org.ar</host>
	104	<path><![CDATA[/index.php]]></path>
	105	<location><![CDATA[/index.php]]></location>
	106	<severity>Low</severity>
	107	<confidence>Certain</confidence>
	108	<issueBackground><![CDATA[Most browsers have a facility to remember user credentials that are entered into HTML forms. This function can be configured by the user and also by applications which employ user credentials. If the function is enabled, then credentials entered by the user are stored on their local computer and retrieved by the browser on future visits to the same application.<br><br>The stored credentials can be captured by an attacker who gains access to the computer, either locally or through some remote compromise. Further, methods have existed whereby a malicious web site can retrieve the stored credentials for other applications, by exploiting browser vulnerabilities or through application-level cross-domain attacks. ]]></issueBackground>
	109	<remediationBackground><![CDATA[To prevent browsers from storing credentials entered into HTML forms, you should include the attribute <b>autocomplete="off"</b> within the FORM tag (to protect all form fields) or within the relevant INPUT tags (to protect specific individual fields).]]></remediationBackground>
	110	<issueDetail><![CDATA[The page contains a form with the following action URL:<ul><li>http://www.example.org.ar/login.php</li></ul>The form contains the following password field with autocomplete enabled:<ul><li>pass</li></ul>]]></issueDetail>
	111	<requestresponse>
	112	<request base64="true"><![CDATA[R0VUIC9pbmRleC5waHAgSFRUUC8xLjENCkhvc3Q6IHd3dy5zYWx1ZGFjdGl2YS5vcmcuYXINCkFjY2VwdDogKi8qDQpBY2NlcHQtTGFuZ3VhZ2U6IGVuDQpVc2VyLUFnZW50OiBNb3ppbGxhLzUuMCAoY29tcGF0aWJsZTsgTVNJRSA5LjA7IFdpbmRvd3MgTlQgNi4xOyBXaW42NDsgeDY0OyBUcmlkZW50LzUuMCkNCkNvbm5lY3Rpb246IGNsb3NlDQoNCg==]]></request>
	113	<response base64="true"><![CDATA[SFRUUC8xLjEgMjAwIE9LDQpEYXRlOiBUaHUsIDA3IE5vdiAyMDEzIDE3OjE0OjA1IEdNVA0KU2VydmVyOiBBcGFjaGUvMi4yLjIzIChVbml4KSBtb2Rfc3NsLzIuMi4yMyBPcGVuU1NMLzAuOS44ZS1maXBzLXJoZWw1DQpYLVBvd2VyZWQtQnk6IFBIUC81LjIuMTcNCkV4cGlyZXM6IFRodSwgMTkgTm92IDE5ODEgMDg6NTI6MDAgR01UDQpDYWNoZS1Db250cm9sOiBuby1zdG9yZSwgbm8tY2FjaGUsIG11c3QtcmV2YWxpZGF0ZSwgcG9zdC1jaGVjaz0wLCBwcmUtY2hlY2s9MA0KUHJhZ21hOiBuby1jYWNoZQ0KQ29ubmVjdGlvbjogY2xvc2UNCkNvbnRlbnQtVHlwZTogdGV4dC9odG1sDQpDb250ZW50LUxlbmd0aDogNjA2MDYNCg0KIDxoZWFkPgo8bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LVR5cGUiIGNvbnRlbnQ9InRleHQvaHRtbDsgY2hhcnNldD1pc28tODg1OS0xIiAvPgo8dGl0bGU+U2FsdWQgQWN0aXZhIC0gQWJ1c28gdmlvbGVuY2lhIHkgbWFsdHJhdG88L3RpdGxlPgoKPHNjcmlwdD4gCiAgICAvL2VzdG8gcGFyYSBwYXNhcmxlIGFsIGZsYXNoIGxhcyB2YXJpYWxiZXMgZGVsIHBocAogCQoKCXZhciBib3Q9Jyc7Ci8vYWxlcnQodmFyaWFibGVTZXJ2aWRvcik7Cjwvc2NyaXB0Pgo8c2NyaXB0IGxhbmd1YWdlPSJKYXZhU2NyaXB0IiB0eXBlPSJ0ZXh0L0phdmFTY3JpcHQiPgo8IS0tCmZ1bmN0aW9uIE1NX3ByZWxvYWRJbWFnZXMoKSB7IC8vdjMuMAogIHZhciBkPWRvY3VtZW50OyBpZihkLmltYWdlcyl7IGlmKCFkLk1NX3ApIGQuTU1fcD1uZXcgQXJyYXkoKTsKICAgIHZhciBpLGo9ZC5NTV9wLmxlbmd0aCxhPU1NX3ByZWxvYWRJbWFnZXMuYXJndW1lbnRzOyBmb3IoaT0wOyBpPGEubGVuZ3RoOyBpKyspCiAgICBpZiAoYVtpXS5pbmRleE9mKCIjIikhPTApeyBkLk1NX3Bbal09bmV3IEltYWdlOyBkLk1NX3BbaisrXS5zcmM9YVtpXTt9fQp9Ci8vLS0+Cjwvc2NyaXB0Pgo8bGluayBocmVmPSJlc3RpbG9zLmNzcyIgcmVsPSJzdHlsZXNoZWV0IiB0eXBlPSJ0ZXh0L2NzcyIgLz4KCjwvaGVhZD4KCjxzY3JpcHQgbGFuZ3VhZ2U9IkphdmFTY3JpcHQiIHR5cGU9InRleHQvSmF2YVNjcmlwdCI+CjwhLS0KZnVuY3Rpb24gTU1fcmVsb2FkUGFnZShpbml0KSB7ICAvL3JlbG9hZHMgdGhlIHdpbmRvdyBpZiBOYXY0IHJlc2l6ZWQKICBpZiAoaW5pdD09dHJ1ZSkgd2l0aCAobmF2aWdhdG9yKSB7aWYgKChhcHBOYW1lPT0iTmV0c2NhcGUiKSYmKHBhcnNlSW50KGFwcFZlcnNpb24pPT00KSkgewogICAgZG9jdW1lbnQuTU1fcGdXPWlubmVyV2lkdGg7IGRvY3VtZW50Lk1NX3BnSD1pbm5lckhlaWdodDsgb25yZXNpemU9TU1fcmVsb2FkUGFnZTsgfX0KICBlbHNlIGlmIChpbm5lcldpZHRoIT1kb2N1bWVudC5NTV9wZ1cgfHwgaW5uZXJIZWlnaHQhPWRvY3VtZW50Lk1NX3BnSCkgbG9jYXRpb24ucmVsb2FkKCk7Cn0KTU1fcmVsb2FkUGFnZSh0cnVlKTsKLy8tLT4KCjwvc2NyaXB0Pgo8c2NyaXB0IHNyYz0iU2NyaXB0cy9BQ19SdW5BY3RpdmVDb250ZW50LmpzIiB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPjwvc2NyaXB0PgoKCjwvaGVhZD4KCjxib2R5IGJhY2tncm91bmQ9ImltZy9mb25kb19kZWdyYWRlLmpwZyIgdG9wbWFyZ2luPSIwIj4KPHRhYmxlIHdpZHRoPSIxMDA1IiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgPHRyPiAKICAgIDx0ZCB3aWR0aD0iOTYiPjxpbWcgc3JjPSJpbWcvUXVpZW5lc1NvbW9zX0EyXzBfMDEuanBnIiB3aWR0aD0iOTYiIGhlaWdodD0iMjA4IiAvPjwvdGQ+CiAgICA8dGQgd2lkdGg9IjgwOSI+IDxzY3JpcHQgdHlwZT0idGV4dC9qYXZhc2NyaXB0Ij4KQUNfRkxfUnVuQ29udGVudCggJ2NvZGViYXNlJywnaHR0cDovL2Rvd25sb2FkLm1hY3JvbWVkaWEuY29tL3B1Yi9zaG9ja3dhdmUvY2Ficy9mbGFzaC9zd2ZsYXNoLmNhYiN2ZXJzaW9uPTcsMCwxOSwwJywnd2lkdGgnLCc4MDknLCdoZWlnaHQnLCcyMDgnLCdzcmMnLCdzd2YvaGVhZGVyJywncXVhbGl0eScsJ2hpZ2gnLCdwbHVnaW5zcGFnZScsJ2h0dHA6Ly93d3cubWFjcm9tZWRpYS5jb20vZ28vZ2V0Zmxhc2hwbGF5ZXInLCdtb3ZpZScsJ3N3Zi9oZWFkZXInICk7IC8vZW5kIEFDIGNvZGUKPC9zY3JpcHQ+IDxub3NjcmlwdD4KICAgICAgPG9iamVjdCBjbGFzc2lkPSJjbHNpZDpEMjdDREI2RS1BRTZELTExY2YtOTZCOC00NDQ1NTM1NDAwMDAiIGNvZGViYXNlPSJodHRwOi8vZG93bmxvYWQubWFjcm9tZWRpYS5jb20vcHViL3Nob2Nrd2F2ZS9jYWJzL2ZsYXNoL3N3Zmxhc2guY2FiI3ZlcnNpb249NywwLDE5LDAiIHdpZHRoPSI4MDkiIGhlaWdodD0iMjA4Ij4KICAgICAgICA8cGFyYW0gbmFtZT0ibW92aWUiIHZhbHVlPSJzd2YvaGVhZGVyLnN3ZiIgLz4KICAgICAgICA8cGFyYW0gbmFtZT0icXVhbGl0eSIgdmFsdWU9ImhpZ2giIC8+CiAgICAgICAgPGVtYmVkIHNyYz0ic3dmL2hlYWRlci5zd2YiIHF1YWxpdHk9ImhpZ2giIHBsdWdpbnNwYWdlPSJodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL2dvL2dldGZsYXNocGxheWVyIiB0eXBlPSJhcHBsaWNhdGlvbi94LXNob2Nrd2F2ZS1mbGFzaCIgd2lkdGg9IjgwOSIgaGVpZ2h0PSIyMDgiPjwvZW1iZWQ+IAogICAgICA8L29iamVjdD4KICAgICAgPC9ub3NjcmlwdD48L3RkPgogICAgPHRkIHdpZHRoPSIxMiUiIHJvd3NwYW49IjUiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgYmdjb2xvcj0iIzAwMDAwMCI+Jm5ic3A7PC90ZD4KICA8L3RyPgogIDx0cj4gCiAgICA8dGQgaGVpZ2h0PSI0NjEiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgYmFja2dyb3VuZD0iaW1nL1F1aWVuZXNTb21vc19BMl8wXzEzLmpwZyI+IAogICAgICA8c2NyaXB0IHR5cGU9InRleHQvamF2YXNjcmlwdCI+CkFDX0ZMX1J1bkNvbnRlbnQoICdjb2RlYmFzZScsJ2h0dHA6Ly9kb3dubG9hZC5tYWNyb21lZGlhLmNvbS9wdWIvc2hvY2t3YXZlL2NhYnMvZmxhc2gvc3dmbGFzaC5jYWIjdmVyc2lvbj02LDAsMjksMCcsJ3dpZHRoJywnOTYnLCdoZWlnaHQnLCc0NjEnLCdzcmMnLCdzd2Yvc3VibWVudScsJ3F1YWxpdHknLCdoaWdoJywncGx1Z2luc3BhZ2UnLCdodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL2dvL2dldGZsYXNocGxheWVyJywnbW92aWUnLCdzd2Yvc3VibWVudScgKTsgLy9lbmQgQUMgY29kZQo8L3NjcmlwdD4gPG5vc2NyaXB0PgogICAgICA8b2JqZWN0IGNsYXNzaWQ9ImNsc2lkOkQyN0NEQjZFLUFFNkQtMTFjZi05NkI4LTQ0NDU1MzU0MDAwMCIgY29kZWJhc2U9Imh0dHA6Ly9kb3dubG9hZC5tYWNyb21lZGlhLmNvbS9wdWIvc2hvY2t3YXZlL2NhYnMvZmxhc2gvc3dmbGFzaC5jYWIjdmVyc2lvbj02LDAsMjksMCIgd2lkdGg9Ijk2IiBoZWlnaHQ9IjQ2MSI+CiAgICAgICAgPHBhcmFtIG5hbWU9Im1vdmllIiB2YWx1ZT0ic3dmL3N1Ym1lbnUuc3dmIiAvPgogICAgICAgIDxwYXJhbSBuYW1lPSJxdWFsaXR5IiB2YWx1ZT0iaGlnaCIgLz4KICAgICAgICA8ZW1iZWQgc3JjPSJzd2Yvc3VibWVudS5zd2YiIHF1YWxpdHk9ImhpZ2giIHBsdWdpbnNwYWdlPSJodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL2dvL2dldGZsYXNocGxheWVyIiB0eXBlPSJhcHBsaWNhdGlvbi94LXNob2Nrd2F2ZS1mbGFzaCIgd2lkdGg9Ijk2IiBoZWlnaHQ9IjQ2MSI+PC9lbWJlZD48L29iamVjdD4KICAgICAgPC9ub3NjcmlwdD48L3RkPgogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCIgYmdjb2xvcj0iI0ZGRkZGRiI+CiAgICAgICAgPHRyPiAKICAgICAgICAgIDx0ZCB3aWR0aD0iMTciIHJvd3NwYW49IjciPjxwPiZuYnNwOzwvcD48L3RkPgogICAgICAgICAgPHRkIHdpZHRoPSIxNzIiIGFsaWduPSJjZW50ZXIiIHZhbGlnbj0idG9wIiBiZ2NvbG9yPSIjRTNFM0UzIj4gPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGFsaWduPSJjZW50ZXIiPjxpbWcgc3JjPSJpbWcvM3B4LmpwZyIgd2lkdGg9IjUiIGhlaWdodD0iNSI+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4gCiAgICAgICAgICAgICAgICA8dGQgYWxpZ249ImNlbnRlciI+PGxpbmsgaHJlZj0iLi4vZXN0aWxvcy5jc3MiIHJlbD0ic3R5bGVzaGVldCIgdHlwZT0idGV4dC9jc3MiIC8+Cjxib2R5IGJnY29sb3I9IiNDQ0NDQ0MiIHRvcG1hcmdpbj0iNiBweCI+PHRhYmxlIHdpZHRoPSIxNjUiIGJvcmRlcj0iMCIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIzIiBiZ2NvbG9yPSIjRkZGRkZGIj4KPHRyPgogICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTkxIiBoZWlnaHQ9IjI4IiBiYWNrZ3JvdW5kPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiA+PGltZyBzcmM9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciIHdpZHRoPSI2IiAgaGVpZ2h0PSIyOCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJpbmRleC5waHA/aWQ9MThfbmV3IiBjbGFzcz0iZm9uZG9ib3RvbiI+SG9tZTwvYT48L3RkPgogIDwvdHI+Cjx0cj4KICA8dGQgaGVpZ2h0PSIyOCIgYmFja2dyb3VuZD0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXciIGNsYXNzPSJmb25kb2JvdG9uIj4mbmJzcDsmbmJzcDtOb3RpY2lhczwvYT48L3RkPgo8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMjgiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgd2lkdGg9IjYiIGhlaWdodD0iMjgiIGJvcmRlcj0iMCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJkb25hY2lvbmVzLyIgdGFyZ2V0PSJfYmxhbmsiIGNsYXNzPSJmb25kb2JvdG9uIj5Eb25hY2lvbmVzPC9hPjwvdGQ+CiAgPC90cj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjI4IiBiYWNrZ3JvdW5kPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiA+PGltZyBzcmM9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciICB3aWR0aD0iNiJoZWlnaHQ9IjI4IiBhbGlnbj0iYWJzbWlkZGxlIiAvPjxhIGhyZWY9ImluZGV4LnBocD9pZD0yM19uZXciIGNsYXNzPSJmb25kb2JvdG9uIj5IaXN0b3JpYWwgZGUgbmV3c2xldHRlcnM8L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMjgiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgd2lkdGg9IjYiIGhlaWdodD0iMjgiIGFsaWduPSJhYnNtaWRkbGUiIC8+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTEzYSIgY2xhc3M9ImZvbmRvYm90b24iPkVudmlhciBpbmZvcm1hY2kmb2FjdXRlO248L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciPjxpbWcgc3JjPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiB3aWR0aD0iNiJoZWlnaHQ9IjI4IiBhbGlnbj0iYWJzbWlkZGxlIiAvPjxhIGhyZWY9ImluZGV4LnBocD9pZD0yNl9uZXciIGNsYXNzPSJmb25kb2JvdG9uIj5WZXIgdHJhYmFqb3MgZGUgdXN1YXJpb3M8L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciPjxpbWcgc3JjPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiB3aWR0aD0iNiIgaGVpZ2h0PSIyOCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJpbmRleC5waHA/aWQ9MTZfbmV3IiBjbGFzcz0iZm9uZG9ib3RvbiI+U2FsdWQgQWN0aXZhIHByZW5zYTwvYT48L3RkPgogIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIxOSIgYmFja2dyb3VuZD0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgPjxpbWcgc3JjPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiB3aWR0aD0iNiIgaGVpZ2h0PSIyOCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJtYWlsdG86c2FsdWRhY3RpdmFAc2FsdWRhY3RpdmEub3JnLmFyIiBjbGFzcz0iZm9uZG9ib3RvbiI+TWFuZCZhYWN1dGU7IHR1IEMuVi48L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgIHdpZHRoPSI2ImhlaWdodD0iMjgiIGFsaWduPSJhYnNtaWRkbGUiIC8+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTIxX25ldyIgY2xhc3M9ImZvbmRvYm90b24iPkluZm9ybWFjaSZvYWN1dGU7biBkZSBpbnRlciZlYWN1dGU7czwvYT48L3RkPgogIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIxOSIgYmFja2dyb3VuZD0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyI+PGltZyBzcmM9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciIHdpZHRoPSI2IiBoZWlnaHQ9IjI4IiBhbGlnbj0iYWJzbWlkZGxlIiAvPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xMF80IiBjbGFzcz0iZm9uZG9ib3RvbiI+Q29uZ3Jlc29zCiAgICAgICAgICAgICAgICAgIHkgSm9ybmFkYXM8L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgd2lkdGg9IjYiIGhlaWdodD0iMjgiIGFsaWduPSJhYnNtaWRkbGUiIC8+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTExIiBjbGFzcz0iZm9uZG9ib3RvbiI+UmVnaXN0cmFjaSZvYWN1dGU7bjwvYT48L3RkPgogIDwvdHI+CiAgICAgICAgICAgCiAgICAgICAgICA8L3RhYmxlPgo8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGFsaWduPSJjZW50ZXIiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNSIgdGFyZ2V0PSJfYmxhbmsiPjxicj4KICAgICAgICAgICAgICAgICAgPGltZyBzcmM9ImltZy9iYW5uZXJfZG9uYWNpb25lcy5qcGciIHdpZHRoPSIxNjIiIGhlaWdodD0iMTIwIiBib3JkZXI9IjAiPjxicj4KICAgICAgICAgICAgICAgICAgPGJyPgogICAgICAgICAgICAgICAgICA8aW1nIHNyYz0iaW1nL2JvdG9uRm9yby5naWYiIHdpZHRoPSIxNzIiIGhlaWdodD0iMTE3IiBib3JkZXI9IjAiPjwvYT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPiAKICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTY3IiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjkiPjxpbWcgc3JjPSJpbWcvY2hpY29zX3BlcmRpZG9zXzAzLmdpZiIgd2lkdGg9IjkiIGhlaWdodD0iOSIgLz48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTQ5IiBiYWNrZ3JvdW5kPSJpbWcvY2hpY29zX3BlcmRpZG9zXzA1LmdpZiI+PGltZyBzcmM9ImltZy9jaGljb3NfcGVyZGlkb3NfMDUuZ2lmIiB3aWR0aD0iOSIgaGVpZ2h0PSI5IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMCI+PGltZyBzcmM9ImltZy9jaGljb3NfcGVyZGlkb3NfMDcuZ2lmIiB3aWR0aD0iOSIgaGVpZ2h0PSI5IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgYmFja2dyb3VuZD0iaW1nL2NoaWNvc19wZXJkaWRvc18xMi5naWYiPjxpbWcgc3JjPSJpbWcvY2hpY29zX3BlcmRpZG9zXzEyLmdpZiIgd2lkdGg9IjkiIGhlaWdodD0iMTEiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQ+PGltZyBzcmM9InNyYy9pbWdfdXAvMjMwODIwMTIuMS5qcGciIHdpZHRoPSIxNDkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgYmFja2dyb3VuZD0iaW1nL2NoaWNvc19wZXJkaWRvc18xMy5naWYiPjxpbWcgc3JjPSJpbWcvY2hpY29zX3BlcmRpZG9zXzEzLmdpZiIgd2lkdGg9IjkiIGhlaWdodD0iMTEiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18xNi5naWYiIHdpZHRoPSIxNjciIGhlaWdodD0iNSIgLz48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGJhY2tncm91bmQ9ImltZy9jaGljb3NfcGVyZGlkb3NfMTcuZ2lmIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18xNy5naWYiIHdpZHRoPSI5IiBoZWlnaHQ9IjkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgYWxpZ249ImNlbnRlciIgYmdjb2xvcj0iI0ZFRTdDRiIgY2xhc3M9InRpdHVsb2hvbWU1Ij48c3Ryb25nPk5pJm50aWxkZTtvcyBwZXJkaWRvczxicj4KICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0yOSIgY2xhc3M9ImJvdG9uIj5bVmVyIG0mYWFjdXRlO3NdPC9hPjwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIGJhY2tncm91bmQ9ImltZy9jaGljb3NfcGVyZGlkb3NfMTkuZ2lmIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18xOS5naWYiIHdpZHRoPSI5IiBoZWlnaHQ9IjkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18yMC5naWYiIHdpZHRoPSIxNjciIGhlaWdodD0iMjUiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPiAKICAgICAgICAgICAgICAgIDx0ZD48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4NCgkJCQkNCgkJCQk8Zm9ybSBhY3Rpb249ImluZGV4LnBocD9pZD0xMSIgIG1ldGhvZD0icG9zdCI+DQogICAgICAgICAgICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMiI+PGltZyBzcmM9ImltZy9yZWdpc3RyYXRlX2VzcV9penExLmpwZyIgd2lkdGg9IjEyIiBoZWlnaHQ9IjQ4IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgICAgPHRkPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9hcnJpYmEuanBnIiB3aWR0aD0iMTQ2IiBoZWlnaHQ9IjQ4IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNCI+PGltZyBzcmM9ImltZy9yZWdpc3RyYXRlX2VzcV9kZXIxLmpwZyIgd2lkdGg9IjE0IiBoZWlnaHQ9IjQ4IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgIDwvdHI+DQogICAgICAgICAgICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMiIgdmFsaWduPSJ0b3AiIGNsYXNzPSJyZWdGb25kbzEiPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9penEuanBnIiB3aWR0aD0iMTIiIGhlaWdodD0iMTIiIC8+PC90ZD4NCiAgICAgICAgICAgICAgICAgICAgICA8dGQgYmdjb2xvcj0iI0ZGRkZGRiI+PHRhYmxlIHdpZHRoPSI5NCUiIGJvcmRlcj0iMCIgYWxpZ249ImNlbnRlciIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4NCiAgICAgICAgICA8dHI+IA0KICAgICAgICAgICAgPHRkPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV90aXQuanBnIiB3aWR0aD0iNjYiIGhlaWdodD0iMjMiIC8+PC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgaGVpZ2h0PSI1MCIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJyZWdpc3RyYXJzZSI+SW5ncmVzJmFhY3V0ZTsgDQogICAgICAgICAgICAgIHR1cyBkYXRvcyB5IHJlY2liJmlhY3V0ZTsgbGEgbWVqb3IgaW5mb3JtYWNpJm9hY3V0ZTtuIGEgdHJhdiZlYWN1dGU7cyANCiAgICAgICAgICAgICAgZGUgbnVlc3RybzxzdHJvbmc+IE5ld3NsZXR0ZXI8L3N0cm9uZz4uIDxzdHJvbmc+PHNwYW4gY2xhc3M9ImdyYXRpcyI+R3JhdGlzITwvc3Bhbj48L3N0cm9uZz48L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgICAgPHRyPiANCiAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjI1IiB2YWxpZ249Im1pZGRsZSIgY2xhc3M9InRyYWJTRUNDSU9OIj5Ob21icmU8L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgICAgPHRyPiANCiAgICAgICAgICAgIDx0ZCBjbGFzcz0icmVnQ0VMREEiPjxpbnB1dCBuYW1lPSJub21icmUiIHR5cGU9InRleHQiIGNsYXNzPSJyZWdDRUxEQWlucHV0IiBpZD0ibm9tYnJlIiAvPjwvdGQ+DQogICAgICAgICAgPC90cj4NCiAgICAgICAgICA8dHI+IA0KICAgICAgICAgICAgPHRkIGhlaWdodD0iMjUiIHZhbGlnbj0ibWlkZGxlIiBjbGFzcz0idHJhYlNFQ0NJT04iPkFwZWxsaWRvPC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgY2xhc3M9InJlZ0NFTERBIj48aW5wdXQgbmFtZT0iYXBlbGxpZG8iIHR5cGU9InRleHQiIGNsYXNzPSJyZWdDRUxEQWlucHV0IiBpZD0iYXBlbGxpZG8iIC8+PC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgaGVpZ2h0PSIyNSIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJ0cmFiU0VDQ0lPTiI+RS1tYWlsPC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgY2xhc3M9InJlZ0NFTERBIj48aW5wdXQgbmFtZT0iZW1haWwiIHR5cGU9InRleHQiIGNsYXNzPSJyZWdDRUxEQWlucHV0IiBpZD0iZW1haWwiIC8+PC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgY2xhc3M9InRyYWJTRUNDSU9OIj4mbmJzcDs8L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgICAgPHRyPiANCiAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIiBjbGFzcz0idHJhYlNFQ0NJT04iPjxpbnB1dCB0eXBlPSJpbWFnZSIgc3JjPSJpbWcvcmVnaXN0cmF0ZV9ib3Rvbi5qcGciIHdpZHRoPSIxMTciIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgIDwvdGFibGU+PC90ZD4NCiAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE0IiB2YWxpZ249InRvcCIgY2xhc3M9InJlZ0ZvbmRvMiI+PGltZyBzcmM9ImltZy9yZWdpc3RyYXRlX2Rlci5qcGciIHdpZHRoPSIxNCIgaGVpZ2h0PSIxNCIgLz48L3RkPg0KICAgICAgICAgICAgICAgICAgICA8L3RyPg0KICAgICAgICAgICAgICAgICAgICA8dHI+IA0KICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTIiIGhlaWdodD0iMjQiPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9lc3FfaXpxMi5qcGciIHdpZHRoPSIxMiIgaGVpZ2h0PSIyNCIgLz48L3RkPg0KICAgICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjI0Ij48aW1nIHNyYz0iaW1nL3JlZ2lzdHJhdGVfYWJham8uanBnIiB3aWR0aD0iMTQ2IiBoZWlnaHQ9IjI0IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgICAgPHRkPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9lc3FfZGVyMi5qcGciIHdpZHRoPSIxNCIgaGVpZ2h0PSIyNCIgLz48L3RkPg0KICAgICAgICAgICAgICAgICAgICA8L3RyPg0KCQkJCQkNCgkJCQkJPC9mb3JtPg0KICAgICAgICAgICAgICAgICAgPC90YWJsZT4NCjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4gCiAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPiAKICAgICAgICAgICAgICAgICAgPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTcwIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMyIgY2xhc3M9ImJvcmRlIj4KICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCA+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBhbGlnbj0ibGVmdCIgY2xhc3M9InRpdHVsb2hvbWUyIj4KCQkJCQkJCQkJCQkJCQkJCTwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICA8dGQ+PGltZyBzcmM9ImltZy9jbGF1ZGlhMl8wMy5qcGciIHdpZHRoPSIxNzQiIGhlaWdodD0iMjUwIiBib3JkZXI9IjAiIHVzZW1hcD0iI01hcCI+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8L3RhYmxlPiAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICA8L3RhYmxlPiAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICA8dGQgcm93c3Bhbj0iNyIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nLzV4NS5qcGciIHdpZHRoPSI3IiBoZWlnaHQ9IjciPjwvdGQ+CiAgICAgICAgICA8dGQgY29sc3Bhbj0iMiIgcm93c3Bhbj0iNCIgYWxpZ249InJpZ2h0IiB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPGZvcm0gYWN0aW9uPSJsb2dpbi5waHAiIG1ldGhvZD0icG9zdCIgbmFtZT0iZm9ybTIiPgoKICAgICAgICAgICAgICA8dHI+IAogICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIxOSIgY29sc3Bhbj0iMiIgYWxpZ249ImxlZnQiIHZhbGlnbj0ibWlkZGxlIiBjbGFzcz0iY29udGVuaWRvIiA+IAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8c3Ryb25nPlVzdWFyaW8gbm8gcmVnaXN0cmFkbzwvc3Ryb25nPiAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9mb250PiA8L3N0cm9uZz4gCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDkiIGFsaWduPSJyaWdodCIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJjb250ZW5pZG8iPlVzdWFyaW8mbmJzcDsmbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzOSIgdmFsaWduPSJtaWRkbGUiPjxpbnB1dCBuYW1lPSJ1c3VhcmlvIiB0eXBlPSJ0ZXh0IiBjbGFzcz0icmVnIiBpZD0idXN1YXJpbyIgc2l6ZT0iNyI+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjciIGFsaWduPSJyaWdodCIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJjb250ZW5pZG8iPkNvbnRyYXNlJm50aWxkZTthJm5ic3A7Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzkiIHZhbGlnbj0ibWlkZGxlIj48aW5wdXQgbmFtZT0icGFzcyIgdHlwZT0icGFzc3dvcmQiIGNsYXNzPSJyZWciIGlkPSJwYXNzIiBzaXplPSI3Ij48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MiIgYWxpZ249InJpZ2h0IiB2YWxpZ249Im1pZGRsZSIgY2xhc3M9ImJvdG9uIj48aW5wdXQgdHlwZT0iaW1hZ2UiIHNyYz0iaW1nL3JlZy5qcGciIHdpZHRoPSI1OCIgaGVpZ2h0PSIzMCI+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPiAKICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjciIGhlaWdodD0iMTkiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgPjxhIGhyZWY9Imh0dHA6Ly93d3cuZmFjZWJvb2suY29tL2hvbWUucGhwPyMhL3BhZ2VzL01lcmxvLUFyZ2VudGluYS9TQUxVRC1BQ1RJVkEvMTAwNTgzNTQzMzE3MzIyP3JlZj10cyZhamF4cGlwZT0xJl9fYT03IiB0YXJnZXQ9Il9ibGFuayI+PGltZyBzcmM9ImltZy9mYWNlYm9vay5qcGciIHdpZHRoPSIyMCIgaGVpZ2h0PSIyMCIgYm9yZGVyPSIwIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzExIiBhbGlnbj0icmlnaHQiIHZhbGlnbj0idG9wIj48ZGl2IGFsaWduPSJsZWZ0Ij48YSBocmVmPSJodHRwOi8vdHdpdHRlci5jb20vU2FsdWRBY3RpdmFPTkciIHRhcmdldD0iX2JsYW5rIj48aW1nIHNyYz0iaW1nL3R3aXRlci5qcGciIHdpZHRoPSIyMCIgaGVpZ2h0PSIyMCIgYm9yZGVyPSIwIj48L2E+PC9kaXY+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSI1IiBhbGlnbj0icmlnaHQiIHZhbGlnbj0ibWlkZGxlIiBjbGFzcz0iY29udGVuaWRvIj48bGFiZWw+PGZvbnQgc2l6ZT0iLTYiPlNpCiAgICAgICAgICAgICAgICAgICAgICAgdG9kYXYmaWFjdXRlO2Egbm8gZXMgdXN1YXJpbyA8L2ZvbnQ+IDxhIGhyZWY9ImluZGV4LnBocD9pZD0xMSIgY2xhc3M9ImJvdG9uIj48Zm9udCBzaXplPSItNiI+cmVnJmlhY3V0ZTtzdHJlc2UKICAgICAgICAgICAgICAgICAgICAgICAgYXF1JmlhY3V0ZTsgPGZvbnQgY29sb3I9IiM2NjY2NjYiPiYjODIyNjs8L2ZvbnQ+PC9mb250PjwvYT4gPGEgaHJlZj0iaW5kZXgucGhwP2lkPTEyIiBjbGFzcz0iYm90b24xIj48Zm9udCBzaXplPSItNiI+b2x2aWRlIG1pIGNvbnRyYXNlJm50aWxkZTthPC9mb250PjwvYT48L2xhYmVsPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE3Ij4mbmJzcDsgPC90ZD4KICAgICAgICAgICAgICA8L3RyPgoJCQkgIDwvZm9ybT4KCiAgICAgICAgICAgIDwvdGFibGU+CiAgICAgICAgICA8IURPQ1RZUEUgaHRtbCBQVUJMSUMgIi0vL1czQy8vRFREIFhIVE1MIDEuMCBUcmFuc2l0aW9uYWwvL0VOIiAiaHR0cDovL3d3dy53My5vcmcvVFIveGh0bWwxL0RURC94aHRtbDEtdHJhbnNpdGlvbmFsLmR0ZCI+CjxodG1sIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hodG1sIj4KPGhlYWQ+CjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PWlzby04ODU5LTEiIC8+Cjx0aXRsZT5Eb2N1bWVudG8gc2luIHQmaWFjdXRlO3R1bG88L3RpdGxlPgo8bGluayBocmVmPSJlc3RpbG9zLmNzcyIgcmVsPSJzdHlsZXNoZWV0IiB0eXBlPSJ0ZXh0L2NzcyIgLz4KPHNjcmlwdCBsYW5ndWFnZT0iSmF2YVNjcmlwdCIgdHlwZT0idGV4dC9KYXZhU2NyaXB0Ij4KPCEtLQpmdW5jdGlvbiBNTV9yZWxvYWRQYWdlKGluaXQpIHsgIC8vcmVsb2FkcyB0aGUgd2luZG93IGlmIE5hdjQgcmVzaXplZAogIGlmIChpbml0PT10cnVlKSB3aXRoIChuYXZpZ2F0b3IpIHtpZiAoKGFwcE5hbWU9PSJOZXRzY2FwZSIpJiYocGFyc2VJbnQoYXBwVmVyc2lvbik9PTQpKSB7CiAgICBkb2N1bWVudC5NTV9wZ1c9aW5uZXJXaWR0aDsgZG9jdW1lbnQuTU1fcGdIPWlubmVySGVpZ2h0OyBvbnJlc2l6ZT1NTV9yZWxvYWRQYWdlOyB9fQogIGVsc2UgaWYgKGlubmVyV2lkdGghPWRvY3VtZW50Lk1NX3BnVyB8fCBpbm5lckhlaWdodCE9ZG9jdW1lbnQuTU1fcGdIKSBsb2NhdGlvbi5yZWxvYWQoKTsKfQpNTV9yZWxvYWRQYWdlKHRydWUpOwoKZnVuY3Rpb24gTU1fcHJlbG9hZEltYWdlcygpIHsgLy92My4wCiAgdmFyIGQ9ZG9jdW1lbnQ7IGlmKGQuaW1hZ2VzKXsgaWYoIWQuTU1fcCkgZC5NTV9wPW5ldyBBcnJheSgpOwogICAgdmFyIGksaj1kLk1NX3AubGVuZ3RoLGE9TU1fcHJlbG9hZEltYWdlcy5hcmd1bWVudHM7IGZvcihpPTA7IGk8YS5sZW5ndGg7IGkrKykKICAgIGlmIChhW2ldLmluZGV4T2YoIiMiKSE9MCl7IGQuTU1fcFtqXT1uZXcgSW1hZ2U7IGQuTU1fcFtqKytdLnNyYz1hW2ldO319Cn0KLy8tLT4KPC9zY3JpcHQ+CiAgICAgICAgICAgICA8c2NyaXB0IHNyYz0iU2NyaXB0cy9BQ19SdW5BY3RpdmVDb250ZW50LmpzIiB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPjwvc2NyaXB0PgoJCQkgCjxzdHlsZSB0eXBlPSJ0ZXh0L2NzcyI+CjwhLS0KI0xheWVyMSB7Cglwb3NpdGlvbjphYnNvbHV0ZTsKCXdpZHRoOjY1MXB4OwoJaGVpZ2h0OjIxOHB4OwoJei1pbmRleDoxOwp9CiNMYXllcjIgewoJcG9zaXRpb246YWJzb2x1dGU7Cgl3aWR0aDoyMDBweDsKCWhlaWdodDoxMTVweDsKCXotaW5kZXg6MTsKCXZpc2liaWxpdHk6IHZpc2libGU7Cn0KLkVzdGlsbzEgewoJZm9udC1zaXplOiAxOHB4OwoJZm9udC13ZWlnaHQ6IGJvbGQ7Cn0KLkVzdGlsbzIgewoJZm9udC1zaXplOiAxNHB4OwoJZm9udC13ZWlnaHQ6IGJvbGQ7Cn0KLkVzdGlsbzMge2NvbG9yOiAjNTA2OTkwOyBsaW5lLWhlaWdodDogMTJweDsgdGV4dC1kZWNvcmF0aW9uOiBub25lOyBmb250LWZhbWlseTogVGFob21hO30KLS0+Cjwvc3R5bGU+CjwvaGVhZD4KCjxib2R5IGxlZnRtYXJnaW49IjIiIG1hcmdpbndpZHRoPSIyIj4KPHRhYmxlIHdpZHRoPSI2MDgiIGJvcmRlcj0iMCIgYWxpZ249ImNlbnRlciIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4KICA8dHI+CiAgICA8dGQgY29sc3Bhbj0iNCIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCB3aWR0aD0iMiUiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzA3LmpwZyIgd2lkdGg9IjI0IiBoZWlnaHQ9IjE0IiAvPjwvdGQ+CiAgICAgICAgPHRkIHdpZHRoPSI5MCUiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18wNy5qcGciPiZuYnNwOzwvdGQ+CiAgICAgICAgPHRkIHdpZHRoPSI4JSIgYWxpZ249InJpZ2h0IiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wOS5qcGciIHdpZHRoPSI0NSIgaGVpZ2h0PSIxNyIgLz48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogIDwvdHI+CiAgPHRyPgogICAgPHRkIGNvbHNwYW49IjQiPjxiciAvPgogICAgICA8dGFibGUgd2lkdGg9Ijk4JSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiPgogICAgICA8dHI+CiAgICAgICAgPHRkIHdpZHRoPSIyJSI+PGltZyBzcmM9ImltZy81eDUuanBnIiB3aWR0aD0iMTUiIGhlaWdodD0iMTUiIC8+PC90ZD4KICAgICAgICA8dGQgd2lkdGg9IjkzJSI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CjwhLS0gSU5JQ0lPIG5vdGEgZGVzdGFjYWRhIC0tPgogICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTU2IiByb3dzcGFuPSIyIiB2YWxpZ249InRvcCI+CgkJCQkKCQkJCTx0YWJsZSB3aWR0aD0iMzIlIiBib3JkZXI9IjEiIGNlbGxzcGFjaW5nPSIzIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJzcmMvaW1nX3VwLzIzMDQyMDEzLjAuanBnIiB3aWR0aD0iMTQ2IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPgoJCQkJCQkJCTwvdGQ+ICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MjIvMTEvMjAxMzwvc3Bhbj48YnI+SVYgQ29uZ3Jlc28gSW50ZXJuYWNpb25hbCB2aW9sZW5jaWEsIG1hbHRyYXRvIHkgYWJ1c288L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iNyIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9Ijg1IiBjb2xzcGFuPSI0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPjxzdHJvbmc+MTQsIDE1IHkgMTYgZGUgTm92aWVtYnJlIEFCSUVSVEEgTEEgSU5TQ1JJUENJJk9hY3V0ZTtOISAoY29uIGRlc2N1ZW50byBoYXN0YSBlbCAyNy84KTxiciAvPjwvc3Ryb25nPjwvcD4NCjxwPjxzdHJvbmc+QUJJRVJUQSBMQSBSRUNFUENJJk9hY3V0ZTtOIERFIFRSQUJBSk88YSBocmVmPSJodHRwOi8vd3d3LmNvbmdyZXNvdmlvbGVuY2lhLmNvbS9pbmRleC5waHA/aWQ9bW9kYWxpZGFkZXMiIHRhcmdldD0iX2JsYW5rIj4gKG1hcyBpbmZvKTwvYT48L3N0cm9uZz48L3A+DQo8cD48c3BhbiBzdHlsZT0iY29sb3I6ICNmZjY2MDA7Ij48c3Ryb25nPk9yZ2FuaXphOiBTYWx1ZCBBY3RpdmE8L3N0cm9uZz48L3NwYW4+PC9wPg0KPHA+PHNwYW4gc3R5bGU9ImNvbG9yOiAjZmY2NjAwOyI+SW5jcmlwdG9zIGFsIFBvcnRhbCBkZSBTYWx1ZCBBY3RpdmEsIGltcG9ydGFudGVzIGRlc2N1ZW50b3MhPGJyIC8+PC9zcGFuPjwvcD4NCjxwPkx1Z2FyIGRlIFJlYWxpemFjaSZvYWN1dGU7biB5IGNvbGFib3JhY2lvbjogVW5pdmVyc2lkYWQgZGVsIEVzdGUsIExhIFBsYXRhIEJ1ZW5vcyBBaXJlczwvcD4NCjxwPk1hcyBkZSAxNTAgdHJhYmFqb3MgcHJlc2VudGFkb3MsIHVsdGltb3MgZGlhcyBwYXJhIGluc2NyaWJpcnNlIGNvbiBkZXNjdWVudG8hITwvcD4NCjxwPjxhIGhyZWY9Imh0dHA6Ly93d3cuY29uZ3Jlc292aW9sZW5jaWEuY29tL2luZGV4LnBocD9pZD1pbnNjcmlwY2lvbiIgdGFyZ2V0PSJfYmxhbmsiPkluc2NyaWJpcnNlPC9hPjwvcD4NCjxwPjxhIGhyZWY9Imh0dHA6Ly93d3cuY29uZ3Jlc292aW9sZW5jaWEuY29tL2luZGV4LnBocD9pZD1pbnNjcmlwY2lvbiIgdGFyZ2V0PSJfYmxhbmsiPjxiciAvPjwvYT48L3A+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTklIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzAxIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzE5LmpwZyIgd2lkdGg9Ijc1IiBoZWlnaHQ9IjQxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMS5qcGciIHdpZHRoPSI1MyIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48YSBocmVmPSIjIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDEiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIiBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgIDwvdHI+CgkJICAgICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MDQvMTEvMjAxMzwvc3Bhbj48YnI+RWwgY29sZWdpbyBkZSBQc2lj82xvZ29zIGRlIEPzcmRvYmEgc2UgcHJvbnVuY2lhIGVuIHJlbGFjafNuIGFsIFNBUCB5IGVuIGNvbmNvcmRhbmNpYSBjb24gbG8gZXhwcmVzYWRvIHBvciBlbCBDb2xlZ2lvIGRlIFBzaWPzbG9nb3MgZGUgTWFyIGRlbCBQbGF0YSB5IGVsIENvbGVnaW8gZGUgUHNpY/Nsb2dvcyBkZSBsYSAgUHJvdmluY2lhIGRlIEJ1ZW5vcyBBaXJlczwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wMV8xOS5qcGciIHdpZHRoPSI3IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODUiIGNvbHNwYW49IjQiIHZhbGlnbj0idG9wIiBjbGFzcz0idGV4dG9udWV2byI+PHA+Jm5ic3A7PC9wPg0KPHA+TGFzIGNvbnRyb3ZlcnNpYXMgZ2VuZXJhZGFzIGVuIHJlbGFjaSZvYWN1dGU7biBhbCAic2luZHJvbWUgZGUgYWxpZW5hY2kmb2FjdXRlO24gcGFyZW50YSIgU0FQLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMxMCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzEwIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTU2IiByb3dzcGFuPSIyIiB2YWxpZ249InRvcCI+CgkJCQkKCQkJCTx0YWJsZSB3aWR0aD0iMzIlIiBib3JkZXI9IjEiIGNlbGxzcGFjaW5nPSIzIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJzcmMvaW1nX3VwLzE2MTAyMDEzLjAuanBnIiB3aWR0aD0iMTQ2IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPgoJCQkJCQkJCTwvdGQ+ICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MTYvMTAvMjAxMzwvc3Bhbj48YnI+U2FsdWQgQWN0aXZhIG90b3JnYSBtZWRpYXMgYmVjYXMgcGFyYSBlbCBJViBDb25ncmVzbyBJbnRlcm5hY2lvbmFsLCBWIE5hY2lvbmFsLCBWSSBSZWdpb25hbCBWaW9sZW5jaWEsIE1hbHRyYXRvIHkgQWJ1c28uPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD4mbmJzcDs8L3A+DQo8cD5TZXImYWFjdXRlO24gb3RvcmdhZGFzIDUwIG1lZGlhcyBiZWNhcywgcXVlZGFuIHBvY2FzISEhIGNvbmRpY2lvbjo8L3A+DQo8cD5QZXJ0ZW5lY2VyIGFsIGFtYml0byBwdWJsaWNvIG8gYSBPTkcsIHNlIGNvbnNpZGVyYSB0YW1iaWVuIGxhIGRpc3RhbmNpYSBhbCBsdWdhciBkZWwgZXZlbnRvISEhIGVzIG11eSBzZW5jaWxsbywgc29sbyBkZWJlcyBlbnZpYXIgdW4gZW1haWwuLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwOSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA5Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjI0LzA3LzIwMTM8L3NwYW4+PGJyPk5FQ0VTSVRBTU9TIERFIFNVIFNPTElEQVJJREFEIEhBQ0lBIExPUyBOSdFPUyBZIE5J0UFTISEhPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD48c3Ryb25nPjxzcGFuIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IHVuZGVybGluZTsiPjxiciAvPjwvc3Bhbj48L3N0cm9uZz48L3A+DQo8cD48c3Ryb25nPjxzcGFuIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IHVuZGVybGluZTsiPjxiciAvPjwvc3Bhbj48L3N0cm9uZz48L3A+DQo8cD48c3Ryb25nPjxzcGFuIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IHVuZGVybGluZTsiPlBST0dSQU1BIEZBTUlMSUFTIFNPTElEQVJJQVM8L3NwYW4+PC9zdHJvbmc+PC9wPg0KPHA+PHN0cm9uZz5DQU1CSU8gREUgU0VERTwvc3Ryb25nPjwvcD4NCjxwPkxhIGNhcGFjaXRhY2kmb2FjdXRlO24gcGFyYSBsYSBwdWVzdGEgZW4gbWFyY2hhIGRlbCA8c3Ryb25nPlByb2dyYW1hIEZhbWlsaWFzIFNvbGlkYXJpYXM8L3N0cm9uZz4gc2UgcmVhbGl6YXImYWFjdXRlOyBlbiBsYSBsb2NhbGlkYWQgZGUgPHN0cm9uZz5OYXZhcnJvPC9zdHJvbmc+IHBhcmEgdG9kbyBlbCBjb3JyZWRvciBkZSBsYSBSdXRhIDQwLjwvcD4NCjxwPkluaWNpbyA8c3Ryb25nPk1pJmVhY3V0ZTtyY29sZXMgMjggZGUgYWdvc3RvIGEgbGFzIDE0IGhvcmFzLiZuYnNwOzwvc3Ryb25nPjwvcD4NCjxwPlNlZGU6IDxzdHJvbmc+U2FsJm9hY3V0ZTtuIE11bmljaXBhbCBlbiBsYSBjYWxsZSAxMDcgZXNxdWluYSAyMiAtIE5hdmFycm88L3N0cm9uZz48L3A+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTklIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA4Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzE5LmpwZyIgd2lkdGg9Ijc1IiBoZWlnaHQ9IjQxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMS5qcGciIHdpZHRoPSI1MyIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48YSBocmVmPSIjIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDgiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIiBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgIDwvdHI+CgkJICAgICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNTYiIHJvd3NwYW49IjIiIHZhbGlnbj0idG9wIj4KCQkJCQoJCQkJPHRhYmxlIHdpZHRoPSIzMiUiIGJvcmRlcj0iMSIgY2VsbHNwYWNpbmc9IjMiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PGltZyBzcmM9InNyYy9pbWdfdXAvMTIwNzIwMTMuMC5qcGciIHdpZHRoPSIxNDYiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+CgkJCQkJCQkJPC90ZD4gICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBjbGFzcz0idGl0dWxvaG9tZTEiPjxzcGFuIGNsYXNzPSJkZXN0YWNhZG9zIj4xMi8wNy8yMDEzPC9zcGFuPjxicj5TQUxVRCBBQ1RJVkEgaGEgc2lkbyBlbGVnaWRhIHBvciBzZWd1bmRhIHZleiBjb25zZWN1dGl2YSBjb21vIHVubyBkZSBsb3MgZ2FuYWRvcmVzIGRlbCBDdWFydG8gQ29uY3Vyc28gZGUgUHJveWVjdG9zIFNvY2lhbGVzIGRlIFBldHJvYnJhczwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wMV8xOS5qcGciIHdpZHRoPSI3IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODUiIGNvbHNwYW49IjQiIHZhbGlnbj0idG9wIiBjbGFzcz0idGV4dG9udWV2byI+PHA+RW4gZWwgbWFyY28gZGVsIEN1YXJ0byBDb25jdXJzbyBkZSBQcm95ZWN0b3MgU29jaWFsZXMgZGUgUGV0cm9icmFzLCANCm51ZXN0cmEgSW5zdGl0dWNpJm9hY3V0ZTtuIFNBTFVEIEFDVElWQSBoYSBzaWRvIGVsZWdpZGEgcG9yIHNlZ3VuZGEgdmV6IA0KY29uc2VjdXRpdmEgY29tbyB1bm8gZGUgbG9zIGdhbmFkb3JlcyBkZSBkaWNobyBjb25jdXJzby48YnIgLz5FbiBlc3RhIA0KZWRpY2kmb2FjdXRlO24gZWwgcHJveWVjdG8gcXVlIGhhIHNpZG8gZWxlZ2lkbyBlcyBlbCAmbGRxdW87UHJvZ3JhbWEgZGUgRmFtaWxpYXMgDQpTb2xpZGFyaWFzJnJkcXVvOyBzaWVuZG8gc3UgJmFhY3V0ZTtyZWEgZGUgaW1wbGVtZW50YWNpJm9hY3V0ZTtuIGxvcyBNdW5pY2lwaW9zIGRlIE5hdmFycm8sIA0KR3JhbC4gTGFzIEhlcmFzLCBNYXJjb3MgUGF6LCB5IE1lcmxvPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjAyLzA3LzIwMTM8L3NwYW4+PGJyPk/tciBvIGVzY3VjaGFyPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5Qb3IgQ2FybG9zIFJvemFuc2tpICo8L3A+DQo8cD5BIGxvIGxhcmdvIGRlIGxvcyBzaWdsb3MsIGxhcyBuaSZudGlsZGU7YXMsIG5pJm50aWxkZTtvcyB5IGFkb2xlc2NlbnRlcyBoYW4gc2lkbyBtYWx0cmF0YWRvcyB5IGFidXNhZG9zIHNpbiBxdWUgYSBsYSBjb211bmlkYWQgbGUgaW50ZXJlc2FyYSBuaSBzaXF1aWVyYSBlc2N1Y2hhcmxvcyBjdWFuZG8gaGFjJmlhY3V0ZTthbiBzYWJlciBkZSBhbGd1bmEgZm9ybWEgbG9zIHN1ZnJpbWllbnRvcyBxdWUgcGFkZWMmaWFjdXRlO2FuLiBFbiAxODc0LCBlbiBFc3RhZG9zIFVuaWRvcywgZnVlIGxhIHByaW1lcmEgdmV6IHF1ZSBlbCBFc3RhZG8gaW50ZXJ2aW5vIGVuIHVuIGNhc28gZGUgbWFsdHJhdG8geSBhYnVzby4uLjwvcD48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxOSUiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDYiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMTkuanBnIiB3aWR0aD0iNzUiIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjYwJSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjxhIGhyZWY9IiMiPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjAlIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwNiI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMi5qcGciIHdpZHRoPSI3OCIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18yNi5qcGciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjYuanBnIiB3aWR0aD0iMiIgaGVpZ2h0PSIyIiAvPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgPC90cj4KCQkgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZD48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBjbGFzcz0idGl0dWxvaG9tZTEiPjxzcGFuIGNsYXNzPSJkZXN0YWNhZG9zIj4wMi8wNy8yMDEzPC9zcGFuPjxicj5FbCBkZXJlY2hvIGRlIGxvcyBuafFvcyBhIHNlciBlc2N1Y2hhZG9zPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5VbiBob21icmUgYWN1c2FkbyBkZSBoYWJlciBhYnVzYWRvIGRlIHN1cyBoaWpvcyBoYWImaWFjdXRlO2Egc2lkbyBzb2JyZXNlJmlhY3V0ZTtkbyBkb3MgdmVjZXMgcG9yIGxhIEp1c3RpY2lhLiBQZXJvIGFob3JhLCBsYSBDJmFhY3V0ZTttYXJhIGRlIENhc2FjaSZvYWN1dGU7biByZXZvYyZvYWN1dGU7IGVzYSBkZWNpc2kmb2FjdXRlO24gcG9ycXVlIGVuIGxhIGludmVzdGlnYWNpJm9hY3V0ZTtuIGVsIGp1ZXogbnVuY2EgaGFiJmlhY3V0ZTthIGVzY3VjaGFkbyBhIGxvcyBjaGljb3MuIFkgb3JkZW4mb2FjdXRlOyBxdWUgdGVuZ2EgZW4gY3VlbnRhIGxvIHF1ZSBkaWNlbi48L3A+DQo8cD5Qb3IgTWFyaWFuYSBDYXJiYWphbDwvcD48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxOSUiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDUiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMTkuanBnIiB3aWR0aD0iNzUiIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjYwJSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjxhIGhyZWY9IiMiPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjAlIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwNSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMi5qcGciIHdpZHRoPSI3OCIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18yNi5qcGciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjYuanBnIiB3aWR0aD0iMiIgaGVpZ2h0PSIyIiAvPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgPC90cj4KCQkgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZD48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE1NiIgcm93c3Bhbj0iMiIgdmFsaWduPSJ0b3AiPgoJCQkJCgkJCQk8dGFibGUgd2lkdGg9IjMyJSIgYm9yZGVyPSIxIiBjZWxsc3BhY2luZz0iMyIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48aW1nIHNyYz0ic3JjL2ltZ191cC8wNjA2MjAxMy4xLmpwZyIgd2lkdGg9IjE0NiIgLz48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT4KCQkJCQkJCQk8L3RkPiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjA2LzA2LzIwMTM8L3NwYW4+PGJyPkFidXNvIHNleHVhbCBpbmZhbnRpbC4gRGVzYWZpb3MgZGUgbGEgY2xpbmljYSBhY3R1YWw8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iNyIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9Ijg1IiBjb2xzcGFuPSI0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPkFiaWVydGEgbGEgaW5zY3JpcGNpb248L3A+DQo8cD5Eb2NlbnRlczogTGljLiBNYXJpYSBCZWF0cml6IE0mdXVtbDtsbGVyLiBMaWMuIFBhb2xhIE11Jm50aWxkZTtveiBEdWFydGU8L3A+DQo8cD5JbmljaW86IE1pZXJjb2xlcyAxOSBkZSBKdW5pbzwvcD4NCjxwPkZyZWN1ZW5jaWE6IFNlbWFuYWw8L3A+DQo8cD5Nb2RhbGlkYWQ6IEludGVuc2l2YTwvcD4NCjxwPkNvbnRlbmlkb3M6ICZuYnNwOyBFc3RhIGRlc3RpbmFkbyBhIHRvZG9zIGxvcyBwcm9mZXNpb25hbGVzIGNvbXByb21ldGlkb3MgY29uIGxhIHRlbWF0aWNhIGRlbCBhYnVzbyBpbmZhbnRpbCBxdWUgcXVpZXJhbiBhY3R1YWxpemFyc2UgZSBpbnRlcmNhbWJpYXIgZXhwZXJpZW5jaWFzIGRlIHRyYWJham8uLi48L3A+DQo8cD4mbmJzcDs8L3A+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTklIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA0Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzE5LmpwZyIgd2lkdGg9Ijc1IiBoZWlnaHQ9IjQxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMS5qcGciIHdpZHRoPSI1MyIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48YSBocmVmPSIjIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDQiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIiBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgIDwvdHI+CgkJICAgICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNTYiIHJvd3NwYW49IjIiIHZhbGlnbj0idG9wIj4KCQkJCQoJCQkJPHRhYmxlIHdpZHRoPSIzMiUiIGJvcmRlcj0iMSIgY2VsbHNwYWNpbmc9IjMiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PGltZyBzcmM9InNyYy9pbWdfdXAvMTYwNTIwMTMuMC5qcGciIHdpZHRoPSIxNDYiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+CgkJCQkJCQkJPC90ZD4gICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBjbGFzcz0idGl0dWxvaG9tZTEiPjxzcGFuIGNsYXNzPSJkZXN0YWNhZG9zIj4xNi8wNS8yMDEzPC9zcGFuPjxicj5TYWx1ZCBBY3RpdmEgbmVjZXNpdGEgZGUgdHUgYXl1ZGEhPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5UcmFiYWphbW9zIGNvbW8gcG9kZW1vczogYmEmbnRpbGRlO29zIHJvdG9zLCBzdXNwZW5zaSZvYWN1dGU7biBkZSByZXVuaW9uZXMgcG9yIGNvcnRlcyBkZSBsdXogeSBhZ3VhLCBqdWd1ZXRlcyB2aWVqb3MsIG1lc2VzIGRlIGF0cmFzbyBlbiBlbCBwYWdvIGRlIHN1cyBwcm9mZXNpb25hbGVzIGRlIGxhIHNhbHVkLiBSZWNpZW50ZW1lbnRlIHR1dmltb3MgcXVlIGNlcnJhciBudWVzdHJvIHF1ZXJpZG8gSG9nYXI6ICZsZHF1bztNZXRhbW9yZm9zaXMmcmRxdW87IGVyYSBlbCBsdWdhciBxdWUgc3VwbyBjb250ZW5lciBhIG5pJm50aWxkZTthcyB5IGomb2FjdXRlO3ZlbmVzIHJlc2NhdGFkYSBkZSByZWRlcyBkZSB0cmF0YSBvIHYmaWFjdXRlO2N0aW1hcyBkZSBhYnVzbyBpbnRyYWZhbWlsaWFyLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwMyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzAzIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjAzLzA1LzIwMTM8L3NwYW4+PGJyPlJFUFVESU8gQSBMQSBQUkVTRU5DSUEgRU4gTEEgRkVSSUEgREVMIExJQlJPIERFIFVOIEVYIEpVRVogQUNVU0FETyBERSBBQlVTTyBTRVhVQUw8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iNyIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9Ijg1IiBjb2xzcGFuPSI0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPkZ1ZSBjYW1hcmlzdGEgZW4gTWFyIGRlbCBQbGF0YSBkdXJhbnRlIGxhIGRpY3RhZHVyYS4gSGFjZSBhJm50aWxkZTtvcywgdmFyaWFzIG11amVyZXMgbG8gYWN1c2Fyb24gZGUgaGFiZXIgYWJ1c2FkbyBkZSBlbGxhcyBjdWFuZG8gZXJhbiBuaSZudGlsZGU7YXMuIExhIGNhdXNhIHByZXNjcmliaSZvYWN1dGU7IHkgbm8gaHVibyBjb25kZW5hLiBNYSZudGlsZGU7YW5hIHRpZW5lIHByZXZpc3RvIGZpcm1hciBzdSBsaWJyby4gRXNhcyBtaXNtYXMgbXVqZXJlcyBwaWRlbiBxdWUgbm8gc2VhIGFkbWl0aWRvIGVuIGxhIGZlcmlhLjwvcD48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxOSUiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDIiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMTkuanBnIiB3aWR0aD0iNzUiIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjYwJSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjxhIGhyZWY9IiMiPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjAlIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwMiI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMi5qcGciIHdpZHRoPSI3OCIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18yNi5qcGciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjYuanBnIiB3aWR0aD0iMiIgaGVpZ2h0PSIyIiAvPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgPC90cj4KCQkgIDwhLS0gRklOIG5vdGEgZGVzdGFjYWRhIC0tPgogICAgICAgIDwvdGFibGU+ICAgICAgICA8L3RkPgogICAgICAgIDx0ZCB3aWR0aD0iNSUiIGFsaWduPSJyaWdodCI+PGltZyBzcmM9ImltZy81eDUuanBnIiB3aWR0aD0iMTUiIGhlaWdodD0iMTUiIC8+PC90ZD4KICAgICAgPC90cj4KICAgIDwvdGFibGU+PC90ZD4KICA8L3RyPgogIDx0cj4KICAgIDx0ZCB3aWR0aD0iMSUiPjxpbWcgc3JjPSJpbWcvNXg1LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjE1IiAvPjwvdGQ+CiAgICA8dGQgY29sc3Bhbj0iMiIgYWxpZ249ImNlbnRlciI+Jm5ic3A7PC90ZD4KICAgIDx0ZCB3aWR0aD0iMiUiPjxpbWcgc3JjPSJpbWcvNXg1LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjE1IiAvPjwvdGQ+CiAgPC90cj4KICAKICA8dGQ+CiAgPHRyPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgICA8dGQgY29sc3Bhbj0iMiI+Jm5ic3A7PC90ZD4KICA8L3RyPgogIDx0ciBhbGlnbj0iY2VudGVyIj4KICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgPHRkIHdpZHRoPSI5NyIgY29sc3Bhbj0iMiIgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iNTQ2IiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMyIgY2xhc3M9ImJvcmRlIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgYWxpZ249ImNlbnRlciIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZCA+PC90ZD4KICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIiBjbGFzcz0idGl0dWxvaG9tZTIiPjx0YWJsZSB3aWR0aD0iIiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYWxpZ249ImxlZnQiIHZhbGlnbj0iYm90dG9tIiBjbGFzcz0idGl0dWxvaG9tZTIiPlJhbmtpbmc8L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGFsaWduPSJsZWZ0IiB2YWxpZ249ImJvdHRvbSIgY2xhc3M9InRpdHVsb2hvbWUyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iIiBoZWlnaHQ9IjM1IiBhbGlnbj0ibGVmdCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIyNSIgY2xhc3M9ImNvbnRlbmlkb2hvbWUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMjUiIGNsYXNzPSJjb250ZW5pZG9ob21lIj48c3Ryb25nPiZidWxsO0xhcyBtJmFhY3V0ZTtzIGxlaWRhczwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGNsYXNzPSJjb250ZW5pZG9ob21lIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBjbGFzcz0iY29udGVuaWRvaG9tZSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgY2xhc3M9ImNvbnRlbmlkb2hvbWUiPjxzdHJvbmc+JmJ1bGw7TGFzIG0mYWFjdXRlO3MgY29tZW50YWRhczwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIlIiBoZWlnaHQ9IjIwIiB2YWxpZ249Im1pZGRsZSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yOTgiIGNsYXNzPSJib3RvbiI+PGltZyBzcmM9ImltZy9mbGVjaGFuYXJhbmphZmdyaXNfMjQuanBnIiB3aWR0aD0iMTQiIGhlaWdodD0iNyIgYm9yZGVyPSIwIiBhbGlnbj0iYWJzbWlkZGxlIiAvPjwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDElIiBoZWlnaHQ9IjMwIiB2YWxpZ249InRvcCIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yOTgiIGNsYXNzPSJib3RvbiI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgTHVkb3RlY2EgR2FyYWJhdG8gLSBQcm95ZWN0byBzYWx1ZGFjdGl2YSwgUG9yIHVuYSBpbmZhbmNpYSBmZWxpeiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iOSUiIGJnY29sb3I9IiNFRkVGRUYiPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzJSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0xNjIiIGNsYXNzPSJib3RvbiI+PGltZyBzcmM9ImltZy9mbGVjaGFuYXJhbmphZmdyaXNfMjQuanBnIiB3aWR0aD0iMTQiIGhlaWdodD0iNyIgYm9yZGVyPSIwIiBhbGlnbj0iYWJzbWlkZGxlIiAvPjwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDUlIiBiZ2NvbG9yPSIjRUZFRkVGIj4gICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3JmFtcDtub3RhPTE2MiIgY2xhc3M9ImJvdG9uIj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBDdXJzbyBJbnRlbnNpdm8gZGUgb3BlcmFkb3IgdGVyYXBldXRpY28gZXNwZWNpYWxpemFkbyBlbiBlbCBhYm9yZGFqZSBkZWwgYWJ1c28sIGxhIHZpb2xlbmNpYSB5IGVsIG1hbHRyYXRvIGluZmFudGlsICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9hPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIlIiBoZWlnaHQ9IjIwIiB2YWxpZ249Im1pZGRsZSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yNDIiIGNsYXNzPSJib3RvbiI+PGltZyBzcmM9ImltZy9mbGVjaGFuYXJhbmphZmdyaXNfMjQuanBnIiB3aWR0aD0iMTQiIGhlaWdodD0iNyIgYm9yZGVyPSIwIiBhbGlnbj0iYWJzbWlkZGxlIiAvPjwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDElIiBoZWlnaHQ9IjMwIiB2YWxpZ249InRvcCIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yNDIiIGNsYXNzPSJib3RvbiI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgUFJPR1JBTUEgTEFTIFZJQ1RJTUFTIENPTlRSQSBMQVMgVklPTEVOQ0lBUyAgTWluaXN0ZXJpbyBkZSBKdXN0aWNpYSB5IERlcmVjaG9zIEh1bWFub3MgZGUgbGEgTmFjafNuICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9hPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI5JSIgYmdjb2xvcj0iI0VGRUZFRiI+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjMlIiBiZ2NvbG9yPSIjRUZFRkVGIj4gICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3JmFtcDtub3RhPTI1NSIgY2xhc3M9ImJvdG9uIj48aW1nIHNyYz0iaW1nL2ZsZWNoYW5hcmFuamFmZ3Jpc18yNC5qcGciIHdpZHRoPSIxNCIgaGVpZ2h0PSI3IiBib3JkZXI9IjAiIGFsaWduPSJhYnNtaWRkbGUiIC8+PC9hPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI0NSUiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MjU1IiBjbGFzcz0iYm90b24iPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIERpcGxvbWF0dXJhIGVuIEFib3JkYWplIGludGVyZGlzY2lwbGluYXJpbyBkZWwgbWFsdHJhdG8sIGxhIHZpb2xlbmNpYSB5IGVsIGFidXNvIHNleHVhbCBpbmZhbnRpbCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyJSIgaGVpZ2h0PSIyMCIgdmFsaWduPSJtaWRkbGUiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MzAzIiBjbGFzcz0iYm90b24iPjxpbWcgc3JjPSJpbWcvZmxlY2hhbmFyYW5qYWZncmlzXzI0LmpwZyIgd2lkdGg9IjE0IiBoZWlnaHQ9IjciIGJvcmRlcj0iMCIgYWxpZ249ImFic21pZGRsZSIgLz48L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjQxJSIgaGVpZ2h0PSIzMCIgdmFsaWduPSJ0b3AiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MzAzIiBjbGFzcz0iYm90b24iPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNhbHVkIEFjdGl2YSBuZWNlc2l0YSBkZSB0dSBheXVkYSEgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjklIiBiZ2NvbG9yPSIjRUZFRkVGIj48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMyUiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MTA0IiBjbGFzcz0iYm90b24iPjxpbWcgc3JjPSJpbWcvZmxlY2hhbmFyYW5qYWZncmlzXzI0LmpwZyIgd2lkdGg9IjE0IiBoZWlnaHQ9IjciIGJvcmRlcj0iMCIgYWxpZ249ImFic21pZGRsZSIgLz48L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjQ1JSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0xMDQiIGNsYXNzPSJib3RvbiI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgTGxhbWFkbyBwYXJhIHByZXNlbnRhY2nzbiBkZSB0cmFiYWpvcy4gICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjIwIiBiZ2NvbG9yPSIjRkZGRkZGIiBjbGFzcz0idGV4dG9udWV2byI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIyMCIgYmdjb2xvcj0iI0ZGRkZGRiIgY2xhc3M9InRleHRvbnVldm8iPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGJnY29sb3I9IiNGRkZGRkYiIGNsYXNzPSJ0ZXh0b251ZXZvIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBiZ2NvbG9yPSIjRkZGRkZGIiBjbGFzcz0idGV4dG9udWV2byI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgYmdjb2xvcj0iI0ZGRkZGRiIgY2xhc3M9InRleHRvbnVldm8iPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICA8L3RhYmxlPgogICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iIyIgY2xhc3M9ImJvdG9uIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgIDwvdHI+CiAgICAgICAgPC90YWJsZT48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgIDx0ZCBjb2xzcGFuPSIyIj4mbmJzcDs8L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KPCEtLSBJTklDSU8gbm90YSBjb211biAtLT4KICA8dHI+CiAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgIDx0ZCBjb2xzcGFuPSIyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQgd2lkdGg9IjElIj4mbmJzcDs8L3RkPgogICAgPHRkIGNvbHNwYW49IjIiIGFsaWduPSJjZW50ZXIiPjx0YWJsZSB3aWR0aD0iNTQwIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgIDx0cj4KICAgICAgICA8dGQgd2lkdGg9IjI3MCIgdmFsaWduPSJ0b3AiPgoJCQkJPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBhbGlnbj0ibGVmdCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MTUvMDQvMjAxMjwvc3Bhbj48YnI+T3JnYW5pemFuIGpvcm5hZGEgc29icmUgdmlvbGVuY2lhPC90ZD4KICAgICAgICAgIDwvdHI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTUiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODAiIGNvbHNwYW49IjQiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPlNlIGNlbnRyYXImYWFjdXRlOyBlbiBsb3MgZmVuJm9hY3V0ZTttZW5vcyBxdWUgYWZlY3RhbiBhIGxhIGZhbWlsaWEgeSBlbiBsbyBxdWUgb2N1cnJlIGVuIGxhcyBlc2N1ZWxhcy48YnIgLz4gU2UgbGxldmFyJmFhY3V0ZTsgYSBjYWJvIGVsIGx1bmVzIDIzLCBlbiBlbCBDZW50cm8gQ3VsdHVyYWwgZGUgVG9zY2hpIHkgVHJlcyANCkFycm95b3MsIHVuYSBqb3JuYWRhIGRlIHJlZmxleGkmb2FjdXRlO24geSBkZWJhdGUgYWJpZXJ0YSBhIGxhIGNvbXVuaWRhZCBzb2JyZSANCiZsZHF1bztWaW9sZW5jaWEgZW4gbGEgZmFtaWxpYSB5IGVuIGxhIGVzY3VlbGEgeSBzdSByZWxhY2kmb2FjdXRlO24gY29uIGVsIGZyYWNhc28gDQplc2NvbGFyJnJkcXVvOywgb3JnYW5pemFkYSBwb3IgbGEgQXNvY2lhY2kmb2FjdXRlO24gQ2l2aWwgQ2VudHJvIEFydCZlYWN1dGU7bWlkZXMgeSBsYSANCk11bmljaXBhbGlkYWQgZGUgQ2lwb2xsZXR0aS5TZSBjZW50cmFyJmFhY3V0ZTsgZW4gbG9zIGZlbiZvYWN1dGU7bWVub3MgcXVlIGFmZWN0YW4gYSBsYSBmYW1pbGlhIHkgZW4gbG8gcXVlIG9jdXJyZSBlbiBsYXMgZXNjdWVsYXMuPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI2OSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNjkiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICAgIDx0ZCB3aWR0aD0iMjcwIiBhbGlnbj0icmlnaHQiIHZhbGlnbj0idG9wIj4KCQkJCTx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgYWxpZ249ImxlZnQiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjMwLzAzLzIwMTI8L3NwYW4+PGJyPkNhcnRhIGRlIEFTQVBNSSAtIEFzb2NpYWNp824gQXJnZW50aW5hIGRlIFByZXZlbmNp824gZGVsIE1hbHRyYXRvIEluZmFudG8tSnV2ZW5pbDwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQgd2lkdGg9IjE1IiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wMV8xOS5qcGciIHdpZHRoPSIxNSIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjgwIiBjb2xzcGFuPSI0IiBhbGlnbj0ibGVmdCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5Mb3MgaW50ZWdyYW50ZXMgZGUgbGEgQ29taXNpJm9hY3V0ZTtuIERpcmVjdGl2YSBkZSBBU0FQTUkgLSBBc29jaWFjaSZvYWN1dGU7biBBcmdlbnRpbmEgZGUgUHJldmVuY2kmb2FjdXRlO24gZGVsIE1hbHRyYXRvIEluZmFudG8tSnV2ZW5pbCwgYXNvY2lhZGEgYSBsYSBJbnRlcm5hdGlvbmFsIFNvY2lldHkgZm9yIFByZXZlbnRpb24gb2YgQ2hpbGQgQWJ1c2UgYW5kIE5lZ2xlY3QgKElTUENBTikgLSwgdGVuZW1vcyBlbCBhZ3JhZG8gZGUgZGlyaWdpcm5vcyBhIFVzdGVkIHBhcmEgdHJhc21pdGlybGUgbnVlc3RyYSBwcm9mdW5kYSAmbmJzcDt5IGhvbmRhIHByZW9jdXBhY2kmb2FjdXRlO24gcG9yIGxhIHBvc3R1cmEgcXVlIHZpZW5lbiBhc3VtaWVuZG8gZW4gZm9ybWEgY29udGludWFkYSBhbGd1bm9zIGNvbGVnaW9zIGRlIHBzaWMmb2FjdXRlO2xvZ29zLCBlc3BlY2lhbG1lbnRlIGRlIGxhIHByb3ZpbmNpYSBkZSBCdWVub3MgQWlyZXMsIGVuIHJlbGFjaSZvYWN1dGU7biBhbCB0cmF0YW1pZW50byBwb2NvIHNlcmlvIHkgY29tcHJvbWV0aWRvIHF1ZSBzZSBsZXMgb3RvcmdhIGEgbGFzIGRlbnVuY2lhcyBlZmVjdHVhZGFzIGNvbnRyYSBwcm9mZXNpb25hbGVzIHBzaWMmb2FjdXRlO2xvZ29zLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI2OCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNjgiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgIDx0ZCBjb2xzcGFuPSIyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQgd2lkdGg9IjElIj4mbmJzcDs8L3RkPgogICAgPHRkIGNvbHNwYW49IjIiIGFsaWduPSJjZW50ZXIiPjx0YWJsZSB3aWR0aD0iNTQwIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgIDx0cj4KICAgICAgICA8dGQgd2lkdGg9IjI3MCIgdmFsaWduPSJ0b3AiPgoJCQkJPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBhbGlnbj0ibGVmdCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MjAvMDMvMjAxMjwvc3Bhbj48YnI+TEEgVklPTEVOQ0lBIFNFWFVBTCBDT05UUkEgTknRT1MgWSBOSdFBUyBFTiBDSUZSQVM8L3RkPgogICAgICAgICAgPC90cj4KICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkIHdpZHRoPSIxNSIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iMTUiIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4MCIgY29sc3Bhbj0iNCIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIiBjbGFzcz0idGV4dG9udWV2byI+PHA+UmFkaW9ncmFmJmlhY3V0ZTthIGRlIHVuIHByb2JsZW1hPC9wPg0KPHA+RGUgbG9zIG4mdWFjdXRlO21lcm9zIGNvbXBpbGFkb3MgcG9yIGRvcyBlcXVpcG9zIGRlbCBNaW5pc3RlcmlvIGRlIEp1c3RpY2lhLCBsYQ0KIGF1dG9yYSB0b21hIGxvcyBkZSBsYSBjaXVkYWQgZGUgQnVlbm9zIEFpcmVzIHBhcmEgdHJhemFyIHVuIHBhcmFkaWdtYSANCmRlIGxvcyBkZWxpdG9zIGNvbnRyYSBsYSBpbnRlZ3JpZGFkIHNleHVhbCBlbiBlbCBwYSZpYWN1dGU7cyB5IHNvYnJlIHN1IA0KYXRlbmNpJm9hY3V0ZTtuLjxiciAvPiA8YnIgLz4gJm5ic3A7UG9yIEV2YSBHaWJlcnRpPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI2MCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNjAiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICAgIDx0ZCB3aWR0aD0iMjcwIiBhbGlnbj0icmlnaHQiIHZhbGlnbj0idG9wIj4KCQkJCTx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgYWxpZ249ImxlZnQiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjE1LzAzLzIwMTI8L3NwYW4+PGJyPkZBTExPIERFIExBIENPUlRFIFNVUFJFTUEgU09CUkUgTEEgTk8gSlVESUNJQUxJWkFDSU9OIERFTCBBQk9SVE8gRU4gQ0FTT1MgREUgVklPTEFDSU9OPC90ZD4KICAgICAgICAgIDwvdHI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTUiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODAiIGNvbHNwYW49IjQiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPjxiciAvPiBKVVJJU0RJQ0NJT046IE5BQ0lPTkFMPGJyIC8+IE1BVEVSSUE6IEFCT1JUTy48YnIgLz4gVFJJQlVOQUw6IENvcnRlIFN1cHJlbWEgZGUgSnVzdGljaWEgZGUgbGEgTmFjaSZvYWN1dGU7bi48YnIgLz4gQVVUT1M6IEYuLCBBLiBMLiBzLyBtZWRpZGEgYXV0b3NhdGlzZmFjdGl2YS48YnIgLz4gRkVDSEE6IDEzLzAzLzIwMTIuPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI1OSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNTkiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KPCEtLSBGSU4gbm90YSBjb211biAtLT4KPC90YWJsZT4KPG1hcCBuYW1lPSJNYXBNYXAiIGlkPSJNYXBNYXAiPjxhcmVhIHNoYXBlPSJyZWN0IiBjb29yZHM9IjE0NCw0LDIxNCwzNiIgaHJlZj0iaW5kZXgucGhwP2lkPTE0IiAvPgo8L21hcD4KPG1hcCBuYW1lPSJNYXAyTWFwMiIgaWQ9Ik1hcDJNYXAyIj48YXJlYSBzaGFwZT0icmVjdCIgY29vcmRzPSIxNDcsNCwyMjAsMzYiIGhyZWY9ImluZGV4LnBocD9pZD0xNGEiIC8+CjwvbWFwPgo8bWFwIG5hbWU9Ik1hcDMiIGlkPSJNYXAzIj48YXJlYSBzaGFwZT0icmVjdCIgY29vcmRzPSIzNjMsMyw0MzYsMzkiIGhyZWY9ImluZGV4LnBocD9pZD0xNGIiIC8+CjwvbWFwPgo8L2h0bWw+CjwvdGQ+CiAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgICA8dGQgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIiBiZ2NvbG9yPSIjRTNFM0UzIj4gICAgICAgICAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgICA8dGQgYWxpZ249ImNlbnRlciIgdmFsaWduPSJ0b3AiIGJnY29sb3I9IiNFM0UzRTMiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPHRkIHdpZHRoPSI3MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNiUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8dGQ+PGltZyBzcmM9ImltZy9kZWNpbG9fYmllbl9mdWVydGUxLmpwZyIgd2lkdGg9IjEyMCIgaGVpZ2h0PSIxMTIiPjwvdGQ+CiAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIiA+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTI0IiBjbGFzcz0iYm90b24xIj5bK10gTSZhYWN1dGU7cyBpbmZvcm1hY2kmb2FjdXRlO248L2E+PC90ZD4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPC90cj4KICAgICAgICAgIDwvdGFibGU+CiAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgYmdjb2xvcj0iI0UzRTNFMyI+ICAgICAgICA8L3RyPgogICAgICAgIDx0cj4gCiAgICAgICAgICA8dGQgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIj4mbmJzcDs8L3RkPgogICAgICAgIDwvdHI+CiAgICA8L3RhYmxlPjwvdGQ+CiAgPC90cj4KICA8dHI+IAogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249ImJvdHRvbSI+PGltZyBzcmM9ImltZy9penExLmpwZyIgd2lkdGg9Ijk2IiBoZWlnaHQ9IjExNCIgLz48L3RkPgogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9RdWllbmVzU29tb3NfQTJfMF8yNS5qcGciIHdpZHRoPSI4MDkiIGhlaWdodD0iMTE0IiBib3JkZXI9IjAiIHVzZW1hcD0iI01hcDIiIC8+PC90ZD4KICA8L3RyPgogIDx0cj4gCiAgICA8dGQgaGVpZ2h0PSI1MCIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIiBiYWNrZ3JvdW5kPSJpbWcvUXVpZW5lc1NvbW9zX0EyXzE4XzE4LmpwZyI+Jm5ic3A7PC90ZD4KICAgIDx0ZCBoZWlnaHQ9IjUwIiBjbGFzcz0iZm9uZG9ib3R0b20iPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2l0ZWkuY29tLmFyLyI+PGltZyBzcmM9ImltZy9laV9jb2xvci5wbmciIGFsdD0iZXNwYWNpb3MgZGUgaW1hZ2luYWNpb24sIGRlc2Fycm9sbG9zIGludGVyYWN0aXZvcywgY3JlYXRpdmlkYWQsIGRpc2XxbyIgd2lkdGg9IjI3IiBoZWlnaHQ9IjE1IiBib3JkZXI9IjAiPjwvYT4gPHNwYW4gY2xhc3M9ImVpIj48YSBocmVmPSJodHRwOi8vd3d3LnNpdGVpLmNvbS5hci8iIHNwYW4gY2xhc3M9ImVpIj5kaXNlJm50aWxkZTtvICsgY29tdW5pY2FjaSZvYWN1dGU7bjwvYT48L3NwYW4+PGVtPiZuYnNwOzwvZW0+PC9zcGFuPjxzcGFuIGNsYXNzPSJibGFuY28xIj48ZW0+Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7PC9lbT48L3NwYW4+PC90ZD4KICA8L3RyPgo8L3RhYmxlPgoKCjxtYXAgbmFtZT0iTWFwMiI+PGFyZWEgc2hhcGU9InJlY3QiIGNvb3Jkcz0iMjQ3LDY5LDQxNCw4MiIgaHJlZj0ibWFpbHRvOnNhbHVkYWN0aXZhQHNhbHVkYWN0aXZvLm9yZy5hciI+CjwvbWFwPgo8bWFwIG5hbWU9Ik1hcCI+CjxhcmVhIHNoYXBlPSJyZWN0IiBjb29yZHM9IjM2LDE0MiwxNDksMTUyIiBocmVmPSJpbmRleC5waHA/aWQ9OF92ZXIyJmNvbmY9MiI+CjxhcmVhIHNoYXBlPSJyZWN0IiBjb29yZHM9IjM0LDE4NiwxNTAsMTk2IiBocmVmPSJpbmRleC5waHA/aWQ9OF92ZXIyJmNvbmY9MCI+CjwvbWFwPgo8L2JvZHk+CjwvaHRtbD4K]]></response>
	114	<responseRedirected>false</responseRedirected>
	115	</requestresponse>
	116	</issue>
	117	<issue>
	118	<serialNumber>3685188967706670080</serialNumber>
	119	<type>5245440</type>
	120	<name>TRACE method is enabled</name>
	121	<host ip="200.20.20.201">http://www.example.org.ar</host>
	122	<path><![CDATA[/]]></path>
	123	<location><![CDATA[/]]></location>
	124	<severity>Information</severity>
	125	<confidence>Certain</confidence>
	126	<issueBackground><![CDATA[The TRACE method is designed for diagnostic purposes. If enabled, the web server will respond to requests which use the TRACE method by echoing in its response the exact request which was received.<br><br>Although this behavior is apparently harmless in itself, it can sometimes be leveraged to support attacks against other application users. If an attacker can find a way of causing a user to make a TRACE request, and can retrieve the response to that request, then the attacker will be able to capture any sensitive data which is included in the request by the user's browser, for example session cookies or credentials for platform-level authentication. This may exacerbate the impact of other vulnerabilities, such as cross-site scripting.]]></issueBackground>
	127	<remediationBackground><![CDATA[The TRACE method should be disabled on the web server.]]></remediationBackground>
	128	<requestresponse>
	129	<request base64="true"><![CDATA[VFJBQ0UgLyBIVFRQLzEuMA0KSG9zdDogd3d3LnNhbHVkYWN0aXZhLm9yZy5hcg0KQ29va2llOiBhYzMyNzQ2YjdhYzA2YzE5DQoNCg==]]></request>
	130	<response base64="true"><![CDATA[SFRUUC8xLjEgMjAwIE9LDQpEYXRlOiBUaHUsIDA3IE5vdiAyMDEzIDE3OjE0OjA2IEdNVA0KU2VydmVyOiBBcGFjaGUvMi4yLjIzIChVbml4KSBtb2Rfc3NsLzIuMi4yMyBPcGVuU1NMLzAuOS44ZS1maXBzLXJoZWw1DQpDb25uZWN0aW9uOiBjbG9zZQ0KQ29udGVudC1UeXBlOiBtZXNzYWdlL2h0dHANCg0KVFJBQ0UgLyBIVFRQLzEuMA0KSG9zdDogd3d3LnNhbHVkYWN0aXZhLm9yZy5hcg0KQ29va2llOiBhYzMyNzQ2YjdhYzA2YzE5OyBQSFBTRVNTSUQ9OTQ1ODVhYTBjMTFjZjJlODY0ZDgzZTI0Njc4Yjk4NjUNCg0K]]></response>
	131	<responseRedirected>false</responseRedirected>
	132	</requestresponse>
	133	</issue>
	134	<issue>
	135	<serialNumber>739390687228795904</serialNumber>
	136	<type>5245344</type>
	137	<name>Frameable response (potential Clickjacking)</name>
	138	<host ip="200.20.20.201">http://www.example.org.ar</host>
	139	<path><![CDATA[/]]></path>
	140	<location><![CDATA[/]]></location>
	141	<severity>Information</severity>
	142	<confidence>Firm</confidence>
	143	<issueBackground><![CDATA[It might be possible for a web page controlled by an attacker to load the content of this response within an iframe on the attacker's page. This may enable a "clickjacking" attack, in which the attacker's page overlays the target application's interface with a different interface provided by the attacker. By inducing victim users to perform actions such as mouse clicks and keystrokes, the attacker can cause them to unwittingly carry out actions within the application that is being targeted. This technique allows the attacker to circumvent defenses against cross-site request forgery, and may result in unauthorized actions.<br><br>Note that this issue is being reported because the application's response does not set a suitable <b>X-Frame-Options</b> header in order to prevent framing attacks. Some applications attempt to prevent these attacks from within the HTML page itself, using "framebusting" code. However, this type of defense is normally ineffective and can usually be circumvented by a skilled attacker.]]></issueBackground>
	144	<remediationBackground><![CDATA[You should review the application functions that are accessible from within the response, and determine whether they can be used by application users to perform any sensitive actions within the application. If so, then a framing attack targeting this response may result in unauthorized actions.<br><br>To effectively prevent framing attacks, the application should return a response header with the name <b>X-Frame-Options</b> and the value <b>DENY</b> to prevent framing altogether, or the value <b>SAMEORIGIN</b> to allow framing only by pages on the same origin as the response itself.]]></remediationBackground>
	145	<requestresponse>
	146	<request base64="true"><![CDATA[R0VUIC8gSFRUUC8xLjENCkhvc3Q6IHd3dy5zYWx1ZGFjdGl2YS5vcmcuYXINClVzZXItQWdlbnQ6IE1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwLjg7IHJ2OjIzLjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMjMuMA0KQWNjZXB0OiB0ZXh0L2h0bWwsYXBwbGljYXRpb24veGh0bWwreG1sLGFwcGxpY2F0aW9uL3htbDtxPTAuOSwqLyo7cT0wLjgNCkFjY2VwdC1MYW5ndWFnZTogZW4tVVMsZW47cT0wLjUNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KQ29ubmVjdGlvbjoga2VlcC1hbGl2ZQ0KDQo=]]></request>
	147	<response base64="true"><![CDATA[SFRUUC8xLjEgMjAwIE9LDQpEYXRlOiBUaHUsIDA3IE5vdiAyMDEzIDE3OjEyOjAyIEdNVA0KU2VydmVyOiBBcGFjaGUvMi4yLjIzIChVbml4KSBtb2Rfc3NsLzIuMi4yMyBPcGVuU1NMLzAuOS44ZS1maXBzLXJoZWw1DQpYLVBvd2VyZWQtQnk6IFBIUC81LjIuMTcNCkV4cGlyZXM6IFRodSwgMTkgTm92IDE5ODEgMDg6NTI6MDAgR01UDQpDYWNoZS1Db250cm9sOiBuby1zdG9yZSwgbm8tY2FjaGUsIG11c3QtcmV2YWxpZGF0ZSwgcG9zdC1jaGVjaz0wLCBwcmUtY2hlY2s9MA0KUHJhZ21hOiBuby1jYWNoZQ0KU2V0LUNvb2tpZTogUEhQU0VTU0lEPTk0NTg1YWEwYzExY2YyZTg2NGQ4M2UyNDY3OGI5ODY1OyBwYXRoPS8NCktlZXAtQWxpdmU6IHRpbWVvdXQ9MjAsIG1heD0yMDANCkNvbm5lY3Rpb246IEtlZXAtQWxpdmUNCkNvbnRlbnQtVHlwZTogdGV4dC9odG1sDQpDb250ZW50LUxlbmd0aDogNjA2MDYNCg0KIDxoZWFkPgo8bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LVR5cGUiIGNvbnRlbnQ9InRleHQvaHRtbDsgY2hhcnNldD1pc28tODg1OS0xIiAvPgo8dGl0bGU+U2FsdWQgQWN0aXZhIC0gQWJ1c28gdmlvbGVuY2lhIHkgbWFsdHJhdG88L3RpdGxlPgoKPHNjcmlwdD4gCiAgICAvL2VzdG8gcGFyYSBwYXNhcmxlIGFsIGZsYXNoIGxhcyB2YXJpYWxiZXMgZGVsIHBocAogCQoKCXZhciBib3Q9Jyc7Ci8vYWxlcnQodmFyaWFibGVTZXJ2aWRvcik7Cjwvc2NyaXB0Pgo8c2NyaXB0IGxhbmd1YWdlPSJKYXZhU2NyaXB0IiB0eXBlPSJ0ZXh0L0phdmFTY3JpcHQiPgo8IS0tCmZ1bmN0aW9uIE1NX3ByZWxvYWRJbWFnZXMoKSB7IC8vdjMuMAogIHZhciBkPWRvY3VtZW50OyBpZihkLmltYWdlcyl7IGlmKCFkLk1NX3ApIGQuTU1fcD1uZXcgQXJyYXkoKTsKICAgIHZhciBpLGo9ZC5NTV9wLmxlbmd0aCxhPU1NX3ByZWxvYWRJbWFnZXMuYXJndW1lbnRzOyBmb3IoaT0wOyBpPGEubGVuZ3RoOyBpKyspCiAgICBpZiAoYVtpXS5pbmRleE9mKCIjIikhPTApeyBkLk1NX3Bbal09bmV3IEltYWdlOyBkLk1NX3BbaisrXS5zcmM9YVtpXTt9fQp9Ci8vLS0+Cjwvc2NyaXB0Pgo8bGluayBocmVmPSJlc3RpbG9zLmNzcyIgcmVsPSJzdHlsZXNoZWV0IiB0eXBlPSJ0ZXh0L2NzcyIgLz4KCjwvaGVhZD4KCjxzY3JpcHQgbGFuZ3VhZ2U9IkphdmFTY3JpcHQiIHR5cGU9InRleHQvSmF2YVNjcmlwdCI+CjwhLS0KZnVuY3Rpb24gTU1fcmVsb2FkUGFnZShpbml0KSB7ICAvL3JlbG9hZHMgdGhlIHdpbmRvdyBpZiBOYXY0IHJlc2l6ZWQKICBpZiAoaW5pdD09dHJ1ZSkgd2l0aCAobmF2aWdhdG9yKSB7aWYgKChhcHBOYW1lPT0iTmV0c2NhcGUiKSYmKHBhcnNlSW50KGFwcFZlcnNpb24pPT00KSkgewogICAgZG9jdW1lbnQuTU1fcGdXPWlubmVyV2lkdGg7IGRvY3VtZW50Lk1NX3BnSD1pbm5lckhlaWdodDsgb25yZXNpemU9TU1fcmVsb2FkUGFnZTsgfX0KICBlbHNlIGlmIChpbm5lcldpZHRoIT1kb2N1bWVudC5NTV9wZ1cgfHwgaW5uZXJIZWlnaHQhPWRvY3VtZW50Lk1NX3BnSCkgbG9jYXRpb24ucmVsb2FkKCk7Cn0KTU1fcmVsb2FkUGFnZSh0cnVlKTsKLy8tLT4KCjwvc2NyaXB0Pgo8c2NyaXB0IHNyYz0iU2NyaXB0cy9BQ19SdW5BY3RpdmVDb250ZW50LmpzIiB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPjwvc2NyaXB0PgoKCjwvaGVhZD4KCjxib2R5IGJhY2tncm91bmQ9ImltZy9mb25kb19kZWdyYWRlLmpwZyIgdG9wbWFyZ2luPSIwIj4KPHRhYmxlIHdpZHRoPSIxMDA1IiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgPHRyPiAKICAgIDx0ZCB3aWR0aD0iOTYiPjxpbWcgc3JjPSJpbWcvUXVpZW5lc1NvbW9zX0EyXzBfMDEuanBnIiB3aWR0aD0iOTYiIGhlaWdodD0iMjA4IiAvPjwvdGQ+CiAgICA8dGQgd2lkdGg9IjgwOSI+IDxzY3JpcHQgdHlwZT0idGV4dC9qYXZhc2NyaXB0Ij4KQUNfRkxfUnVuQ29udGVudCggJ2NvZGViYXNlJywnaHR0cDovL2Rvd25sb2FkLm1hY3JvbWVkaWEuY29tL3B1Yi9zaG9ja3dhdmUvY2Ficy9mbGFzaC9zd2ZsYXNoLmNhYiN2ZXJzaW9uPTcsMCwxOSwwJywnd2lkdGgnLCc4MDknLCdoZWlnaHQnLCcyMDgnLCdzcmMnLCdzd2YvaGVhZGVyJywncXVhbGl0eScsJ2hpZ2gnLCdwbHVnaW5zcGFnZScsJ2h0dHA6Ly93d3cubWFjcm9tZWRpYS5jb20vZ28vZ2V0Zmxhc2hwbGF5ZXInLCdtb3ZpZScsJ3N3Zi9oZWFkZXInICk7IC8vZW5kIEFDIGNvZGUKPC9zY3JpcHQ+IDxub3NjcmlwdD4KICAgICAgPG9iamVjdCBjbGFzc2lkPSJjbHNpZDpEMjdDREI2RS1BRTZELTExY2YtOTZCOC00NDQ1NTM1NDAwMDAiIGNvZGViYXNlPSJodHRwOi8vZG93bmxvYWQubWFjcm9tZWRpYS5jb20vcHViL3Nob2Nrd2F2ZS9jYWJzL2ZsYXNoL3N3Zmxhc2guY2FiI3ZlcnNpb249NywwLDE5LDAiIHdpZHRoPSI4MDkiIGhlaWdodD0iMjA4Ij4KICAgICAgICA8cGFyYW0gbmFtZT0ibW92aWUiIHZhbHVlPSJzd2YvaGVhZGVyLnN3ZiIgLz4KICAgICAgICA8cGFyYW0gbmFtZT0icXVhbGl0eSIgdmFsdWU9ImhpZ2giIC8+CiAgICAgICAgPGVtYmVkIHNyYz0ic3dmL2hlYWRlci5zd2YiIHF1YWxpdHk9ImhpZ2giIHBsdWdpbnNwYWdlPSJodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL2dvL2dldGZsYXNocGxheWVyIiB0eXBlPSJhcHBsaWNhdGlvbi94LXNob2Nrd2F2ZS1mbGFzaCIgd2lkdGg9IjgwOSIgaGVpZ2h0PSIyMDgiPjwvZW1iZWQ+IAogICAgICA8L29iamVjdD4KICAgICAgPC9ub3NjcmlwdD48L3RkPgogICAgPHRkIHdpZHRoPSIxMiUiIHJvd3NwYW49IjUiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgYmdjb2xvcj0iIzAwMDAwMCI+Jm5ic3A7PC90ZD4KICA8L3RyPgogIDx0cj4gCiAgICA8dGQgaGVpZ2h0PSI0NjEiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgYmFja2dyb3VuZD0iaW1nL1F1aWVuZXNTb21vc19BMl8wXzEzLmpwZyI+IAogICAgICA8c2NyaXB0IHR5cGU9InRleHQvamF2YXNjcmlwdCI+CkFDX0ZMX1J1bkNvbnRlbnQoICdjb2RlYmFzZScsJ2h0dHA6Ly9kb3dubG9hZC5tYWNyb21lZGlhLmNvbS9wdWIvc2hvY2t3YXZlL2NhYnMvZmxhc2gvc3dmbGFzaC5jYWIjdmVyc2lvbj02LDAsMjksMCcsJ3dpZHRoJywnOTYnLCdoZWlnaHQnLCc0NjEnLCdzcmMnLCdzd2Yvc3VibWVudScsJ3F1YWxpdHknLCdoaWdoJywncGx1Z2luc3BhZ2UnLCdodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL2dvL2dldGZsYXNocGxheWVyJywnbW92aWUnLCdzd2Yvc3VibWVudScgKTsgLy9lbmQgQUMgY29kZQo8L3NjcmlwdD4gPG5vc2NyaXB0PgogICAgICA8b2JqZWN0IGNsYXNzaWQ9ImNsc2lkOkQyN0NEQjZFLUFFNkQtMTFjZi05NkI4LTQ0NDU1MzU0MDAwMCIgY29kZWJhc2U9Imh0dHA6Ly9kb3dubG9hZC5tYWNyb21lZGlhLmNvbS9wdWIvc2hvY2t3YXZlL2NhYnMvZmxhc2gvc3dmbGFzaC5jYWIjdmVyc2lvbj02LDAsMjksMCIgd2lkdGg9Ijk2IiBoZWlnaHQ9IjQ2MSI+CiAgICAgICAgPHBhcmFtIG5hbWU9Im1vdmllIiB2YWx1ZT0ic3dmL3N1Ym1lbnUuc3dmIiAvPgogICAgICAgIDxwYXJhbSBuYW1lPSJxdWFsaXR5IiB2YWx1ZT0iaGlnaCIgLz4KICAgICAgICA8ZW1iZWQgc3JjPSJzd2Yvc3VibWVudS5zd2YiIHF1YWxpdHk9ImhpZ2giIHBsdWdpbnNwYWdlPSJodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL2dvL2dldGZsYXNocGxheWVyIiB0eXBlPSJhcHBsaWNhdGlvbi94LXNob2Nrd2F2ZS1mbGFzaCIgd2lkdGg9Ijk2IiBoZWlnaHQ9IjQ2MSI+PC9lbWJlZD48L29iamVjdD4KICAgICAgPC9ub3NjcmlwdD48L3RkPgogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCIgYmdjb2xvcj0iI0ZGRkZGRiI+CiAgICAgICAgPHRyPiAKICAgICAgICAgIDx0ZCB3aWR0aD0iMTciIHJvd3NwYW49IjciPjxwPiZuYnNwOzwvcD48L3RkPgogICAgICAgICAgPHRkIHdpZHRoPSIxNzIiIGFsaWduPSJjZW50ZXIiIHZhbGlnbj0idG9wIiBiZ2NvbG9yPSIjRTNFM0UzIj4gPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGFsaWduPSJjZW50ZXIiPjxpbWcgc3JjPSJpbWcvM3B4LmpwZyIgd2lkdGg9IjUiIGhlaWdodD0iNSI+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4gCiAgICAgICAgICAgICAgICA8dGQgYWxpZ249ImNlbnRlciI+PGxpbmsgaHJlZj0iLi4vZXN0aWxvcy5jc3MiIHJlbD0ic3R5bGVzaGVldCIgdHlwZT0idGV4dC9jc3MiIC8+Cjxib2R5IGJnY29sb3I9IiNDQ0NDQ0MiIHRvcG1hcmdpbj0iNiBweCI+PHRhYmxlIHdpZHRoPSIxNjUiIGJvcmRlcj0iMCIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIzIiBiZ2NvbG9yPSIjRkZGRkZGIj4KPHRyPgogICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTkxIiBoZWlnaHQ9IjI4IiBiYWNrZ3JvdW5kPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiA+PGltZyBzcmM9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciIHdpZHRoPSI2IiAgaGVpZ2h0PSIyOCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJpbmRleC5waHA/aWQ9MThfbmV3IiBjbGFzcz0iZm9uZG9ib3RvbiI+SG9tZTwvYT48L3RkPgogIDwvdHI+Cjx0cj4KICA8dGQgaGVpZ2h0PSIyOCIgYmFja2dyb3VuZD0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXciIGNsYXNzPSJmb25kb2JvdG9uIj4mbmJzcDsmbmJzcDtOb3RpY2lhczwvYT48L3RkPgo8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMjgiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgd2lkdGg9IjYiIGhlaWdodD0iMjgiIGJvcmRlcj0iMCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJkb25hY2lvbmVzLyIgdGFyZ2V0PSJfYmxhbmsiIGNsYXNzPSJmb25kb2JvdG9uIj5Eb25hY2lvbmVzPC9hPjwvdGQ+CiAgPC90cj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjI4IiBiYWNrZ3JvdW5kPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiA+PGltZyBzcmM9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciICB3aWR0aD0iNiJoZWlnaHQ9IjI4IiBhbGlnbj0iYWJzbWlkZGxlIiAvPjxhIGhyZWY9ImluZGV4LnBocD9pZD0yM19uZXciIGNsYXNzPSJmb25kb2JvdG9uIj5IaXN0b3JpYWwgZGUgbmV3c2xldHRlcnM8L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMjgiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgd2lkdGg9IjYiIGhlaWdodD0iMjgiIGFsaWduPSJhYnNtaWRkbGUiIC8+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTEzYSIgY2xhc3M9ImZvbmRvYm90b24iPkVudmlhciBpbmZvcm1hY2kmb2FjdXRlO248L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciPjxpbWcgc3JjPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiB3aWR0aD0iNiJoZWlnaHQ9IjI4IiBhbGlnbj0iYWJzbWlkZGxlIiAvPjxhIGhyZWY9ImluZGV4LnBocD9pZD0yNl9uZXciIGNsYXNzPSJmb25kb2JvdG9uIj5WZXIgdHJhYmFqb3MgZGUgdXN1YXJpb3M8L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciPjxpbWcgc3JjPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiB3aWR0aD0iNiIgaGVpZ2h0PSIyOCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJpbmRleC5waHA/aWQ9MTZfbmV3IiBjbGFzcz0iZm9uZG9ib3RvbiI+U2FsdWQgQWN0aXZhIHByZW5zYTwvYT48L3RkPgogIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIxOSIgYmFja2dyb3VuZD0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgPjxpbWcgc3JjPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiB3aWR0aD0iNiIgaGVpZ2h0PSIyOCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJtYWlsdG86c2FsdWRhY3RpdmFAc2FsdWRhY3RpdmEub3JnLmFyIiBjbGFzcz0iZm9uZG9ib3RvbiI+TWFuZCZhYWN1dGU7IHR1IEMuVi48L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgIHdpZHRoPSI2ImhlaWdodD0iMjgiIGFsaWduPSJhYnNtaWRkbGUiIC8+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTIxX25ldyIgY2xhc3M9ImZvbmRvYm90b24iPkluZm9ybWFjaSZvYWN1dGU7biBkZSBpbnRlciZlYWN1dGU7czwvYT48L3RkPgogIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIxOSIgYmFja2dyb3VuZD0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyI+PGltZyBzcmM9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciIHdpZHRoPSI2IiBoZWlnaHQ9IjI4IiBhbGlnbj0iYWJzbWlkZGxlIiAvPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xMF80IiBjbGFzcz0iZm9uZG9ib3RvbiI+Q29uZ3Jlc29zCiAgICAgICAgICAgICAgICAgIHkgSm9ybmFkYXM8L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgd2lkdGg9IjYiIGhlaWdodD0iMjgiIGFsaWduPSJhYnNtaWRkbGUiIC8+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTExIiBjbGFzcz0iZm9uZG9ib3RvbiI+UmVnaXN0cmFjaSZvYWN1dGU7bjwvYT48L3RkPgogIDwvdHI+CiAgICAgICAgICAgCiAgICAgICAgICA8L3RhYmxlPgo8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGFsaWduPSJjZW50ZXIiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNSIgdGFyZ2V0PSJfYmxhbmsiPjxicj4KICAgICAgICAgICAgICAgICAgPGltZyBzcmM9ImltZy9iYW5uZXJfZG9uYWNpb25lcy5qcGciIHdpZHRoPSIxNjIiIGhlaWdodD0iMTIwIiBib3JkZXI9IjAiPjxicj4KICAgICAgICAgICAgICAgICAgPGJyPgogICAgICAgICAgICAgICAgICA8aW1nIHNyYz0iaW1nL2JvdG9uRm9yby5naWYiIHdpZHRoPSIxNzIiIGhlaWdodD0iMTE3IiBib3JkZXI9IjAiPjwvYT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPiAKICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTY3IiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjkiPjxpbWcgc3JjPSJpbWcvY2hpY29zX3BlcmRpZG9zXzAzLmdpZiIgd2lkdGg9IjkiIGhlaWdodD0iOSIgLz48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTQ5IiBiYWNrZ3JvdW5kPSJpbWcvY2hpY29zX3BlcmRpZG9zXzA1LmdpZiI+PGltZyBzcmM9ImltZy9jaGljb3NfcGVyZGlkb3NfMDUuZ2lmIiB3aWR0aD0iOSIgaGVpZ2h0PSI5IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMCI+PGltZyBzcmM9ImltZy9jaGljb3NfcGVyZGlkb3NfMDcuZ2lmIiB3aWR0aD0iOSIgaGVpZ2h0PSI5IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgYmFja2dyb3VuZD0iaW1nL2NoaWNvc19wZXJkaWRvc18xMi5naWYiPjxpbWcgc3JjPSJpbWcvY2hpY29zX3BlcmRpZG9zXzEyLmdpZiIgd2lkdGg9IjkiIGhlaWdodD0iMTEiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQ+PGltZyBzcmM9InNyYy9pbWdfdXAvMjMwODIwMTIuMS5qcGciIHdpZHRoPSIxNDkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgYmFja2dyb3VuZD0iaW1nL2NoaWNvc19wZXJkaWRvc18xMy5naWYiPjxpbWcgc3JjPSJpbWcvY2hpY29zX3BlcmRpZG9zXzEzLmdpZiIgd2lkdGg9IjkiIGhlaWdodD0iMTEiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18xNi5naWYiIHdpZHRoPSIxNjciIGhlaWdodD0iNSIgLz48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGJhY2tncm91bmQ9ImltZy9jaGljb3NfcGVyZGlkb3NfMTcuZ2lmIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18xNy5naWYiIHdpZHRoPSI5IiBoZWlnaHQ9IjkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgYWxpZ249ImNlbnRlciIgYmdjb2xvcj0iI0ZFRTdDRiIgY2xhc3M9InRpdHVsb2hvbWU1Ij48c3Ryb25nPk5pJm50aWxkZTtvcyBwZXJkaWRvczxicj4KICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0yOSIgY2xhc3M9ImJvdG9uIj5bVmVyIG0mYWFjdXRlO3NdPC9hPjwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIGJhY2tncm91bmQ9ImltZy9jaGljb3NfcGVyZGlkb3NfMTkuZ2lmIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18xOS5naWYiIHdpZHRoPSI5IiBoZWlnaHQ9IjkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18yMC5naWYiIHdpZHRoPSIxNjciIGhlaWdodD0iMjUiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPiAKICAgICAgICAgICAgICAgIDx0ZD48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4NCgkJCQkNCgkJCQk8Zm9ybSBhY3Rpb249ImluZGV4LnBocD9pZD0xMSIgIG1ldGhvZD0icG9zdCI+DQogICAgICAgICAgICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMiI+PGltZyBzcmM9ImltZy9yZWdpc3RyYXRlX2VzcV9penExLmpwZyIgd2lkdGg9IjEyIiBoZWlnaHQ9IjQ4IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgICAgPHRkPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9hcnJpYmEuanBnIiB3aWR0aD0iMTQ2IiBoZWlnaHQ9IjQ4IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNCI+PGltZyBzcmM9ImltZy9yZWdpc3RyYXRlX2VzcV9kZXIxLmpwZyIgd2lkdGg9IjE0IiBoZWlnaHQ9IjQ4IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgIDwvdHI+DQogICAgICAgICAgICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMiIgdmFsaWduPSJ0b3AiIGNsYXNzPSJyZWdGb25kbzEiPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9penEuanBnIiB3aWR0aD0iMTIiIGhlaWdodD0iMTIiIC8+PC90ZD4NCiAgICAgICAgICAgICAgICAgICAgICA8dGQgYmdjb2xvcj0iI0ZGRkZGRiI+PHRhYmxlIHdpZHRoPSI5NCUiIGJvcmRlcj0iMCIgYWxpZ249ImNlbnRlciIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4NCiAgICAgICAgICA8dHI+IA0KICAgICAgICAgICAgPHRkPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV90aXQuanBnIiB3aWR0aD0iNjYiIGhlaWdodD0iMjMiIC8+PC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgaGVpZ2h0PSI1MCIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJyZWdpc3RyYXJzZSI+SW5ncmVzJmFhY3V0ZTsgDQogICAgICAgICAgICAgIHR1cyBkYXRvcyB5IHJlY2liJmlhY3V0ZTsgbGEgbWVqb3IgaW5mb3JtYWNpJm9hY3V0ZTtuIGEgdHJhdiZlYWN1dGU7cyANCiAgICAgICAgICAgICAgZGUgbnVlc3RybzxzdHJvbmc+IE5ld3NsZXR0ZXI8L3N0cm9uZz4uIDxzdHJvbmc+PHNwYW4gY2xhc3M9ImdyYXRpcyI+R3JhdGlzITwvc3Bhbj48L3N0cm9uZz48L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgICAgPHRyPiANCiAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjI1IiB2YWxpZ249Im1pZGRsZSIgY2xhc3M9InRyYWJTRUNDSU9OIj5Ob21icmU8L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgICAgPHRyPiANCiAgICAgICAgICAgIDx0ZCBjbGFzcz0icmVnQ0VMREEiPjxpbnB1dCBuYW1lPSJub21icmUiIHR5cGU9InRleHQiIGNsYXNzPSJyZWdDRUxEQWlucHV0IiBpZD0ibm9tYnJlIiAvPjwvdGQ+DQogICAgICAgICAgPC90cj4NCiAgICAgICAgICA8dHI+IA0KICAgICAgICAgICAgPHRkIGhlaWdodD0iMjUiIHZhbGlnbj0ibWlkZGxlIiBjbGFzcz0idHJhYlNFQ0NJT04iPkFwZWxsaWRvPC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgY2xhc3M9InJlZ0NFTERBIj48aW5wdXQgbmFtZT0iYXBlbGxpZG8iIHR5cGU9InRleHQiIGNsYXNzPSJyZWdDRUxEQWlucHV0IiBpZD0iYXBlbGxpZG8iIC8+PC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgaGVpZ2h0PSIyNSIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJ0cmFiU0VDQ0lPTiI+RS1tYWlsPC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgY2xhc3M9InJlZ0NFTERBIj48aW5wdXQgbmFtZT0iZW1haWwiIHR5cGU9InRleHQiIGNsYXNzPSJyZWdDRUxEQWlucHV0IiBpZD0iZW1haWwiIC8+PC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgY2xhc3M9InRyYWJTRUNDSU9OIj4mbmJzcDs8L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgICAgPHRyPiANCiAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIiBjbGFzcz0idHJhYlNFQ0NJT04iPjxpbnB1dCB0eXBlPSJpbWFnZSIgc3JjPSJpbWcvcmVnaXN0cmF0ZV9ib3Rvbi5qcGciIHdpZHRoPSIxMTciIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgIDwvdGFibGU+PC90ZD4NCiAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE0IiB2YWxpZ249InRvcCIgY2xhc3M9InJlZ0ZvbmRvMiI+PGltZyBzcmM9ImltZy9yZWdpc3RyYXRlX2Rlci5qcGciIHdpZHRoPSIxNCIgaGVpZ2h0PSIxNCIgLz48L3RkPg0KICAgICAgICAgICAgICAgICAgICA8L3RyPg0KICAgICAgICAgICAgICAgICAgICA8dHI+IA0KICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTIiIGhlaWdodD0iMjQiPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9lc3FfaXpxMi5qcGciIHdpZHRoPSIxMiIgaGVpZ2h0PSIyNCIgLz48L3RkPg0KICAgICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjI0Ij48aW1nIHNyYz0iaW1nL3JlZ2lzdHJhdGVfYWJham8uanBnIiB3aWR0aD0iMTQ2IiBoZWlnaHQ9IjI0IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgICAgPHRkPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9lc3FfZGVyMi5qcGciIHdpZHRoPSIxNCIgaGVpZ2h0PSIyNCIgLz48L3RkPg0KICAgICAgICAgICAgICAgICAgICA8L3RyPg0KCQkJCQkNCgkJCQkJPC9mb3JtPg0KICAgICAgICAgICAgICAgICAgPC90YWJsZT4NCjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4gCiAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPiAKICAgICAgICAgICAgICAgICAgPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTcwIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMyIgY2xhc3M9ImJvcmRlIj4KICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCA+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBhbGlnbj0ibGVmdCIgY2xhc3M9InRpdHVsb2hvbWUyIj4KCQkJCQkJCQkJCQkJCQkJCTwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICA8dGQ+PGltZyBzcmM9ImltZy9jbGF1ZGlhMl8wMy5qcGciIHdpZHRoPSIxNzQiIGhlaWdodD0iMjUwIiBib3JkZXI9IjAiIHVzZW1hcD0iI01hcCI+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8L3RhYmxlPiAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICA8L3RhYmxlPiAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICA8dGQgcm93c3Bhbj0iNyIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nLzV4NS5qcGciIHdpZHRoPSI3IiBoZWlnaHQ9IjciPjwvdGQ+CiAgICAgICAgICA8dGQgY29sc3Bhbj0iMiIgcm93c3Bhbj0iNCIgYWxpZ249InJpZ2h0IiB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPGZvcm0gYWN0aW9uPSJsb2dpbi5waHAiIG1ldGhvZD0icG9zdCIgbmFtZT0iZm9ybTIiPgoKICAgICAgICAgICAgICA8dHI+IAogICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIxOSIgY29sc3Bhbj0iMiIgYWxpZ249ImxlZnQiIHZhbGlnbj0ibWlkZGxlIiBjbGFzcz0iY29udGVuaWRvIiA+IAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8c3Ryb25nPlVzdWFyaW8gbm8gcmVnaXN0cmFkbzwvc3Ryb25nPiAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9mb250PiA8L3N0cm9uZz4gCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDkiIGFsaWduPSJyaWdodCIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJjb250ZW5pZG8iPlVzdWFyaW8mbmJzcDsmbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzOSIgdmFsaWduPSJtaWRkbGUiPjxpbnB1dCBuYW1lPSJ1c3VhcmlvIiB0eXBlPSJ0ZXh0IiBjbGFzcz0icmVnIiBpZD0idXN1YXJpbyIgc2l6ZT0iNyI+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjciIGFsaWduPSJyaWdodCIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJjb250ZW5pZG8iPkNvbnRyYXNlJm50aWxkZTthJm5ic3A7Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzkiIHZhbGlnbj0ibWlkZGxlIj48aW5wdXQgbmFtZT0icGFzcyIgdHlwZT0icGFzc3dvcmQiIGNsYXNzPSJyZWciIGlkPSJwYXNzIiBzaXplPSI3Ij48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MiIgYWxpZ249InJpZ2h0IiB2YWxpZ249Im1pZGRsZSIgY2xhc3M9ImJvdG9uIj48aW5wdXQgdHlwZT0iaW1hZ2UiIHNyYz0iaW1nL3JlZy5qcGciIHdpZHRoPSI1OCIgaGVpZ2h0PSIzMCI+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPiAKICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjciIGhlaWdodD0iMTkiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgPjxhIGhyZWY9Imh0dHA6Ly93d3cuZmFjZWJvb2suY29tL2hvbWUucGhwPyMhL3BhZ2VzL01lcmxvLUFyZ2VudGluYS9TQUxVRC1BQ1RJVkEvMTAwNTgzNTQzMzE3MzIyP3JlZj10cyZhamF4cGlwZT0xJl9fYT03IiB0YXJnZXQ9Il9ibGFuayI+PGltZyBzcmM9ImltZy9mYWNlYm9vay5qcGciIHdpZHRoPSIyMCIgaGVpZ2h0PSIyMCIgYm9yZGVyPSIwIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzExIiBhbGlnbj0icmlnaHQiIHZhbGlnbj0idG9wIj48ZGl2IGFsaWduPSJsZWZ0Ij48YSBocmVmPSJodHRwOi8vdHdpdHRlci5jb20vU2FsdWRBY3RpdmFPTkciIHRhcmdldD0iX2JsYW5rIj48aW1nIHNyYz0iaW1nL3R3aXRlci5qcGciIHdpZHRoPSIyMCIgaGVpZ2h0PSIyMCIgYm9yZGVyPSIwIj48L2E+PC9kaXY+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSI1IiBhbGlnbj0icmlnaHQiIHZhbGlnbj0ibWlkZGxlIiBjbGFzcz0iY29udGVuaWRvIj48bGFiZWw+PGZvbnQgc2l6ZT0iLTYiPlNpCiAgICAgICAgICAgICAgICAgICAgICAgdG9kYXYmaWFjdXRlO2Egbm8gZXMgdXN1YXJpbyA8L2ZvbnQ+IDxhIGhyZWY9ImluZGV4LnBocD9pZD0xMSIgY2xhc3M9ImJvdG9uIj48Zm9udCBzaXplPSItNiI+cmVnJmlhY3V0ZTtzdHJlc2UKICAgICAgICAgICAgICAgICAgICAgICAgYXF1JmlhY3V0ZTsgPGZvbnQgY29sb3I9IiM2NjY2NjYiPiYjODIyNjs8L2ZvbnQ+PC9mb250PjwvYT4gPGEgaHJlZj0iaW5kZXgucGhwP2lkPTEyIiBjbGFzcz0iYm90b24xIj48Zm9udCBzaXplPSItNiI+b2x2aWRlIG1pIGNvbnRyYXNlJm50aWxkZTthPC9mb250PjwvYT48L2xhYmVsPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE3Ij4mbmJzcDsgPC90ZD4KICAgICAgICAgICAgICA8L3RyPgoJCQkgIDwvZm9ybT4KCiAgICAgICAgICAgIDwvdGFibGU+CiAgICAgICAgICA8IURPQ1RZUEUgaHRtbCBQVUJMSUMgIi0vL1czQy8vRFREIFhIVE1MIDEuMCBUcmFuc2l0aW9uYWwvL0VOIiAiaHR0cDovL3d3dy53My5vcmcvVFIveGh0bWwxL0RURC94aHRtbDEtdHJhbnNpdGlvbmFsLmR0ZCI+CjxodG1sIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hodG1sIj4KPGhlYWQ+CjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PWlzby04ODU5LTEiIC8+Cjx0aXRsZT5Eb2N1bWVudG8gc2luIHQmaWFjdXRlO3R1bG88L3RpdGxlPgo8bGluayBocmVmPSJlc3RpbG9zLmNzcyIgcmVsPSJzdHlsZXNoZWV0IiB0eXBlPSJ0ZXh0L2NzcyIgLz4KPHNjcmlwdCBsYW5ndWFnZT0iSmF2YVNjcmlwdCIgdHlwZT0idGV4dC9KYXZhU2NyaXB0Ij4KPCEtLQpmdW5jdGlvbiBNTV9yZWxvYWRQYWdlKGluaXQpIHsgIC8vcmVsb2FkcyB0aGUgd2luZG93IGlmIE5hdjQgcmVzaXplZAogIGlmIChpbml0PT10cnVlKSB3aXRoIChuYXZpZ2F0b3IpIHtpZiAoKGFwcE5hbWU9PSJOZXRzY2FwZSIpJiYocGFyc2VJbnQoYXBwVmVyc2lvbik9PTQpKSB7CiAgICBkb2N1bWVudC5NTV9wZ1c9aW5uZXJXaWR0aDsgZG9jdW1lbnQuTU1fcGdIPWlubmVySGVpZ2h0OyBvbnJlc2l6ZT1NTV9yZWxvYWRQYWdlOyB9fQogIGVsc2UgaWYgKGlubmVyV2lkdGghPWRvY3VtZW50Lk1NX3BnVyB8fCBpbm5lckhlaWdodCE9ZG9jdW1lbnQuTU1fcGdIKSBsb2NhdGlvbi5yZWxvYWQoKTsKfQpNTV9yZWxvYWRQYWdlKHRydWUpOwoKZnVuY3Rpb24gTU1fcHJlbG9hZEltYWdlcygpIHsgLy92My4wCiAgdmFyIGQ9ZG9jdW1lbnQ7IGlmKGQuaW1hZ2VzKXsgaWYoIWQuTU1fcCkgZC5NTV9wPW5ldyBBcnJheSgpOwogICAgdmFyIGksaj1kLk1NX3AubGVuZ3RoLGE9TU1fcHJlbG9hZEltYWdlcy5hcmd1bWVudHM7IGZvcihpPTA7IGk8YS5sZW5ndGg7IGkrKykKICAgIGlmIChhW2ldLmluZGV4T2YoIiMiKSE9MCl7IGQuTU1fcFtqXT1uZXcgSW1hZ2U7IGQuTU1fcFtqKytdLnNyYz1hW2ldO319Cn0KLy8tLT4KPC9zY3JpcHQ+CiAgICAgICAgICAgICA8c2NyaXB0IHNyYz0iU2NyaXB0cy9BQ19SdW5BY3RpdmVDb250ZW50LmpzIiB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPjwvc2NyaXB0PgoJCQkgCjxzdHlsZSB0eXBlPSJ0ZXh0L2NzcyI+CjwhLS0KI0xheWVyMSB7Cglwb3NpdGlvbjphYnNvbHV0ZTsKCXdpZHRoOjY1MXB4OwoJaGVpZ2h0OjIxOHB4OwoJei1pbmRleDoxOwp9CiNMYXllcjIgewoJcG9zaXRpb246YWJzb2x1dGU7Cgl3aWR0aDoyMDBweDsKCWhlaWdodDoxMTVweDsKCXotaW5kZXg6MTsKCXZpc2liaWxpdHk6IHZpc2libGU7Cn0KLkVzdGlsbzEgewoJZm9udC1zaXplOiAxOHB4OwoJZm9udC13ZWlnaHQ6IGJvbGQ7Cn0KLkVzdGlsbzIgewoJZm9udC1zaXplOiAxNHB4OwoJZm9udC13ZWlnaHQ6IGJvbGQ7Cn0KLkVzdGlsbzMge2NvbG9yOiAjNTA2OTkwOyBsaW5lLWhlaWdodDogMTJweDsgdGV4dC1kZWNvcmF0aW9uOiBub25lOyBmb250LWZhbWlseTogVGFob21hO30KLS0+Cjwvc3R5bGU+CjwvaGVhZD4KCjxib2R5IGxlZnRtYXJnaW49IjIiIG1hcmdpbndpZHRoPSIyIj4KPHRhYmxlIHdpZHRoPSI2MDgiIGJvcmRlcj0iMCIgYWxpZ249ImNlbnRlciIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4KICA8dHI+CiAgICA8dGQgY29sc3Bhbj0iNCIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCB3aWR0aD0iMiUiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzA3LmpwZyIgd2lkdGg9IjI0IiBoZWlnaHQ9IjE0IiAvPjwvdGQ+CiAgICAgICAgPHRkIHdpZHRoPSI5MCUiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18wNy5qcGciPiZuYnNwOzwvdGQ+CiAgICAgICAgPHRkIHdpZHRoPSI4JSIgYWxpZ249InJpZ2h0IiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wOS5qcGciIHdpZHRoPSI0NSIgaGVpZ2h0PSIxNyIgLz48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogIDwvdHI+CiAgPHRyPgogICAgPHRkIGNvbHNwYW49IjQiPjxiciAvPgogICAgICA8dGFibGUgd2lkdGg9Ijk4JSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiPgogICAgICA8dHI+CiAgICAgICAgPHRkIHdpZHRoPSIyJSI+PGltZyBzcmM9ImltZy81eDUuanBnIiB3aWR0aD0iMTUiIGhlaWdodD0iMTUiIC8+PC90ZD4KICAgICAgICA8dGQgd2lkdGg9IjkzJSI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CjwhLS0gSU5JQ0lPIG5vdGEgZGVzdGFjYWRhIC0tPgogICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTU2IiByb3dzcGFuPSIyIiB2YWxpZ249InRvcCI+CgkJCQkKCQkJCTx0YWJsZSB3aWR0aD0iMzIlIiBib3JkZXI9IjEiIGNlbGxzcGFjaW5nPSIzIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJzcmMvaW1nX3VwLzIzMDQyMDEzLjAuanBnIiB3aWR0aD0iMTQ2IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPgoJCQkJCQkJCTwvdGQ+ICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MjIvMTEvMjAxMzwvc3Bhbj48YnI+SVYgQ29uZ3Jlc28gSW50ZXJuYWNpb25hbCB2aW9sZW5jaWEsIG1hbHRyYXRvIHkgYWJ1c288L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iNyIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9Ijg1IiBjb2xzcGFuPSI0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPjxzdHJvbmc+MTQsIDE1IHkgMTYgZGUgTm92aWVtYnJlIEFCSUVSVEEgTEEgSU5TQ1JJUENJJk9hY3V0ZTtOISAoY29uIGRlc2N1ZW50byBoYXN0YSBlbCAyNy84KTxiciAvPjwvc3Ryb25nPjwvcD4NCjxwPjxzdHJvbmc+QUJJRVJUQSBMQSBSRUNFUENJJk9hY3V0ZTtOIERFIFRSQUJBSk88YSBocmVmPSJodHRwOi8vd3d3LmNvbmdyZXNvdmlvbGVuY2lhLmNvbS9pbmRleC5waHA/aWQ9bW9kYWxpZGFkZXMiIHRhcmdldD0iX2JsYW5rIj4gKG1hcyBpbmZvKTwvYT48L3N0cm9uZz48L3A+DQo8cD48c3BhbiBzdHlsZT0iY29sb3I6ICNmZjY2MDA7Ij48c3Ryb25nPk9yZ2FuaXphOiBTYWx1ZCBBY3RpdmE8L3N0cm9uZz48L3NwYW4+PC9wPg0KPHA+PHNwYW4gc3R5bGU9ImNvbG9yOiAjZmY2NjAwOyI+SW5jcmlwdG9zIGFsIFBvcnRhbCBkZSBTYWx1ZCBBY3RpdmEsIGltcG9ydGFudGVzIGRlc2N1ZW50b3MhPGJyIC8+PC9zcGFuPjwvcD4NCjxwPkx1Z2FyIGRlIFJlYWxpemFjaSZvYWN1dGU7biB5IGNvbGFib3JhY2lvbjogVW5pdmVyc2lkYWQgZGVsIEVzdGUsIExhIFBsYXRhIEJ1ZW5vcyBBaXJlczwvcD4NCjxwPk1hcyBkZSAxNTAgdHJhYmFqb3MgcHJlc2VudGFkb3MsIHVsdGltb3MgZGlhcyBwYXJhIGluc2NyaWJpcnNlIGNvbiBkZXNjdWVudG8hITwvcD4NCjxwPjxhIGhyZWY9Imh0dHA6Ly93d3cuY29uZ3Jlc292aW9sZW5jaWEuY29tL2luZGV4LnBocD9pZD1pbnNjcmlwY2lvbiIgdGFyZ2V0PSJfYmxhbmsiPkluc2NyaWJpcnNlPC9hPjwvcD4NCjxwPjxhIGhyZWY9Imh0dHA6Ly93d3cuY29uZ3Jlc292aW9sZW5jaWEuY29tL2luZGV4LnBocD9pZD1pbnNjcmlwY2lvbiIgdGFyZ2V0PSJfYmxhbmsiPjxiciAvPjwvYT48L3A+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTklIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzAxIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzE5LmpwZyIgd2lkdGg9Ijc1IiBoZWlnaHQ9IjQxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMS5qcGciIHdpZHRoPSI1MyIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48YSBocmVmPSIjIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDEiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIiBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgIDwvdHI+CgkJICAgICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MDQvMTEvMjAxMzwvc3Bhbj48YnI+RWwgY29sZWdpbyBkZSBQc2lj82xvZ29zIGRlIEPzcmRvYmEgc2UgcHJvbnVuY2lhIGVuIHJlbGFjafNuIGFsIFNBUCB5IGVuIGNvbmNvcmRhbmNpYSBjb24gbG8gZXhwcmVzYWRvIHBvciBlbCBDb2xlZ2lvIGRlIFBzaWPzbG9nb3MgZGUgTWFyIGRlbCBQbGF0YSB5IGVsIENvbGVnaW8gZGUgUHNpY/Nsb2dvcyBkZSBsYSAgUHJvdmluY2lhIGRlIEJ1ZW5vcyBBaXJlczwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wMV8xOS5qcGciIHdpZHRoPSI3IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODUiIGNvbHNwYW49IjQiIHZhbGlnbj0idG9wIiBjbGFzcz0idGV4dG9udWV2byI+PHA+Jm5ic3A7PC9wPg0KPHA+TGFzIGNvbnRyb3ZlcnNpYXMgZ2VuZXJhZGFzIGVuIHJlbGFjaSZvYWN1dGU7biBhbCAic2luZHJvbWUgZGUgYWxpZW5hY2kmb2FjdXRlO24gcGFyZW50YSIgU0FQLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMxMCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzEwIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTU2IiByb3dzcGFuPSIyIiB2YWxpZ249InRvcCI+CgkJCQkKCQkJCTx0YWJsZSB3aWR0aD0iMzIlIiBib3JkZXI9IjEiIGNlbGxzcGFjaW5nPSIzIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJzcmMvaW1nX3VwLzE2MTAyMDEzLjAuanBnIiB3aWR0aD0iMTQ2IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPgoJCQkJCQkJCTwvdGQ+ICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MTYvMTAvMjAxMzwvc3Bhbj48YnI+U2FsdWQgQWN0aXZhIG90b3JnYSBtZWRpYXMgYmVjYXMgcGFyYSBlbCBJViBDb25ncmVzbyBJbnRlcm5hY2lvbmFsLCBWIE5hY2lvbmFsLCBWSSBSZWdpb25hbCBWaW9sZW5jaWEsIE1hbHRyYXRvIHkgQWJ1c28uPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD4mbmJzcDs8L3A+DQo8cD5TZXImYWFjdXRlO24gb3RvcmdhZGFzIDUwIG1lZGlhcyBiZWNhcywgcXVlZGFuIHBvY2FzISEhIGNvbmRpY2lvbjo8L3A+DQo8cD5QZXJ0ZW5lY2VyIGFsIGFtYml0byBwdWJsaWNvIG8gYSBPTkcsIHNlIGNvbnNpZGVyYSB0YW1iaWVuIGxhIGRpc3RhbmNpYSBhbCBsdWdhciBkZWwgZXZlbnRvISEhIGVzIG11eSBzZW5jaWxsbywgc29sbyBkZWJlcyBlbnZpYXIgdW4gZW1haWwuLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwOSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA5Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjI0LzA3LzIwMTM8L3NwYW4+PGJyPk5FQ0VTSVRBTU9TIERFIFNVIFNPTElEQVJJREFEIEhBQ0lBIExPUyBOSdFPUyBZIE5J0UFTISEhPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD48c3Ryb25nPjxzcGFuIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IHVuZGVybGluZTsiPjxiciAvPjwvc3Bhbj48L3N0cm9uZz48L3A+DQo8cD48c3Ryb25nPjxzcGFuIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IHVuZGVybGluZTsiPjxiciAvPjwvc3Bhbj48L3N0cm9uZz48L3A+DQo8cD48c3Ryb25nPjxzcGFuIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IHVuZGVybGluZTsiPlBST0dSQU1BIEZBTUlMSUFTIFNPTElEQVJJQVM8L3NwYW4+PC9zdHJvbmc+PC9wPg0KPHA+PHN0cm9uZz5DQU1CSU8gREUgU0VERTwvc3Ryb25nPjwvcD4NCjxwPkxhIGNhcGFjaXRhY2kmb2FjdXRlO24gcGFyYSBsYSBwdWVzdGEgZW4gbWFyY2hhIGRlbCA8c3Ryb25nPlByb2dyYW1hIEZhbWlsaWFzIFNvbGlkYXJpYXM8L3N0cm9uZz4gc2UgcmVhbGl6YXImYWFjdXRlOyBlbiBsYSBsb2NhbGlkYWQgZGUgPHN0cm9uZz5OYXZhcnJvPC9zdHJvbmc+IHBhcmEgdG9kbyBlbCBjb3JyZWRvciBkZSBsYSBSdXRhIDQwLjwvcD4NCjxwPkluaWNpbyA8c3Ryb25nPk1pJmVhY3V0ZTtyY29sZXMgMjggZGUgYWdvc3RvIGEgbGFzIDE0IGhvcmFzLiZuYnNwOzwvc3Ryb25nPjwvcD4NCjxwPlNlZGU6IDxzdHJvbmc+U2FsJm9hY3V0ZTtuIE11bmljaXBhbCBlbiBsYSBjYWxsZSAxMDcgZXNxdWluYSAyMiAtIE5hdmFycm88L3N0cm9uZz48L3A+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTklIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA4Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzE5LmpwZyIgd2lkdGg9Ijc1IiBoZWlnaHQ9IjQxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMS5qcGciIHdpZHRoPSI1MyIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48YSBocmVmPSIjIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDgiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIiBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgIDwvdHI+CgkJICAgICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNTYiIHJvd3NwYW49IjIiIHZhbGlnbj0idG9wIj4KCQkJCQoJCQkJPHRhYmxlIHdpZHRoPSIzMiUiIGJvcmRlcj0iMSIgY2VsbHNwYWNpbmc9IjMiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PGltZyBzcmM9InNyYy9pbWdfdXAvMTIwNzIwMTMuMC5qcGciIHdpZHRoPSIxNDYiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+CgkJCQkJCQkJPC90ZD4gICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBjbGFzcz0idGl0dWxvaG9tZTEiPjxzcGFuIGNsYXNzPSJkZXN0YWNhZG9zIj4xMi8wNy8yMDEzPC9zcGFuPjxicj5TQUxVRCBBQ1RJVkEgaGEgc2lkbyBlbGVnaWRhIHBvciBzZWd1bmRhIHZleiBjb25zZWN1dGl2YSBjb21vIHVubyBkZSBsb3MgZ2FuYWRvcmVzIGRlbCBDdWFydG8gQ29uY3Vyc28gZGUgUHJveWVjdG9zIFNvY2lhbGVzIGRlIFBldHJvYnJhczwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wMV8xOS5qcGciIHdpZHRoPSI3IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODUiIGNvbHNwYW49IjQiIHZhbGlnbj0idG9wIiBjbGFzcz0idGV4dG9udWV2byI+PHA+RW4gZWwgbWFyY28gZGVsIEN1YXJ0byBDb25jdXJzbyBkZSBQcm95ZWN0b3MgU29jaWFsZXMgZGUgUGV0cm9icmFzLCANCm51ZXN0cmEgSW5zdGl0dWNpJm9hY3V0ZTtuIFNBTFVEIEFDVElWQSBoYSBzaWRvIGVsZWdpZGEgcG9yIHNlZ3VuZGEgdmV6IA0KY29uc2VjdXRpdmEgY29tbyB1bm8gZGUgbG9zIGdhbmFkb3JlcyBkZSBkaWNobyBjb25jdXJzby48YnIgLz5FbiBlc3RhIA0KZWRpY2kmb2FjdXRlO24gZWwgcHJveWVjdG8gcXVlIGhhIHNpZG8gZWxlZ2lkbyBlcyBlbCAmbGRxdW87UHJvZ3JhbWEgZGUgRmFtaWxpYXMgDQpTb2xpZGFyaWFzJnJkcXVvOyBzaWVuZG8gc3UgJmFhY3V0ZTtyZWEgZGUgaW1wbGVtZW50YWNpJm9hY3V0ZTtuIGxvcyBNdW5pY2lwaW9zIGRlIE5hdmFycm8sIA0KR3JhbC4gTGFzIEhlcmFzLCBNYXJjb3MgUGF6LCB5IE1lcmxvPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjAyLzA3LzIwMTM8L3NwYW4+PGJyPk/tciBvIGVzY3VjaGFyPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5Qb3IgQ2FybG9zIFJvemFuc2tpICo8L3A+DQo8cD5BIGxvIGxhcmdvIGRlIGxvcyBzaWdsb3MsIGxhcyBuaSZudGlsZGU7YXMsIG5pJm50aWxkZTtvcyB5IGFkb2xlc2NlbnRlcyBoYW4gc2lkbyBtYWx0cmF0YWRvcyB5IGFidXNhZG9zIHNpbiBxdWUgYSBsYSBjb211bmlkYWQgbGUgaW50ZXJlc2FyYSBuaSBzaXF1aWVyYSBlc2N1Y2hhcmxvcyBjdWFuZG8gaGFjJmlhY3V0ZTthbiBzYWJlciBkZSBhbGd1bmEgZm9ybWEgbG9zIHN1ZnJpbWllbnRvcyBxdWUgcGFkZWMmaWFjdXRlO2FuLiBFbiAxODc0LCBlbiBFc3RhZG9zIFVuaWRvcywgZnVlIGxhIHByaW1lcmEgdmV6IHF1ZSBlbCBFc3RhZG8gaW50ZXJ2aW5vIGVuIHVuIGNhc28gZGUgbWFsdHJhdG8geSBhYnVzby4uLjwvcD48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxOSUiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDYiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMTkuanBnIiB3aWR0aD0iNzUiIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjYwJSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjxhIGhyZWY9IiMiPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjAlIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwNiI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMi5qcGciIHdpZHRoPSI3OCIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18yNi5qcGciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjYuanBnIiB3aWR0aD0iMiIgaGVpZ2h0PSIyIiAvPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgPC90cj4KCQkgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZD48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBjbGFzcz0idGl0dWxvaG9tZTEiPjxzcGFuIGNsYXNzPSJkZXN0YWNhZG9zIj4wMi8wNy8yMDEzPC9zcGFuPjxicj5FbCBkZXJlY2hvIGRlIGxvcyBuafFvcyBhIHNlciBlc2N1Y2hhZG9zPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5VbiBob21icmUgYWN1c2FkbyBkZSBoYWJlciBhYnVzYWRvIGRlIHN1cyBoaWpvcyBoYWImaWFjdXRlO2Egc2lkbyBzb2JyZXNlJmlhY3V0ZTtkbyBkb3MgdmVjZXMgcG9yIGxhIEp1c3RpY2lhLiBQZXJvIGFob3JhLCBsYSBDJmFhY3V0ZTttYXJhIGRlIENhc2FjaSZvYWN1dGU7biByZXZvYyZvYWN1dGU7IGVzYSBkZWNpc2kmb2FjdXRlO24gcG9ycXVlIGVuIGxhIGludmVzdGlnYWNpJm9hY3V0ZTtuIGVsIGp1ZXogbnVuY2EgaGFiJmlhY3V0ZTthIGVzY3VjaGFkbyBhIGxvcyBjaGljb3MuIFkgb3JkZW4mb2FjdXRlOyBxdWUgdGVuZ2EgZW4gY3VlbnRhIGxvIHF1ZSBkaWNlbi48L3A+DQo8cD5Qb3IgTWFyaWFuYSBDYXJiYWphbDwvcD48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxOSUiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDUiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMTkuanBnIiB3aWR0aD0iNzUiIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjYwJSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjxhIGhyZWY9IiMiPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjAlIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwNSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMi5qcGciIHdpZHRoPSI3OCIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18yNi5qcGciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjYuanBnIiB3aWR0aD0iMiIgaGVpZ2h0PSIyIiAvPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgPC90cj4KCQkgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZD48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE1NiIgcm93c3Bhbj0iMiIgdmFsaWduPSJ0b3AiPgoJCQkJCgkJCQk8dGFibGUgd2lkdGg9IjMyJSIgYm9yZGVyPSIxIiBjZWxsc3BhY2luZz0iMyIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48aW1nIHNyYz0ic3JjL2ltZ191cC8wNjA2MjAxMy4xLmpwZyIgd2lkdGg9IjE0NiIgLz48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT4KCQkJCQkJCQk8L3RkPiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjA2LzA2LzIwMTM8L3NwYW4+PGJyPkFidXNvIHNleHVhbCBpbmZhbnRpbC4gRGVzYWZpb3MgZGUgbGEgY2xpbmljYSBhY3R1YWw8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iNyIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9Ijg1IiBjb2xzcGFuPSI0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPkFiaWVydGEgbGEgaW5zY3JpcGNpb248L3A+DQo8cD5Eb2NlbnRlczogTGljLiBNYXJpYSBCZWF0cml6IE0mdXVtbDtsbGVyLiBMaWMuIFBhb2xhIE11Jm50aWxkZTtveiBEdWFydGU8L3A+DQo8cD5JbmljaW86IE1pZXJjb2xlcyAxOSBkZSBKdW5pbzwvcD4NCjxwPkZyZWN1ZW5jaWE6IFNlbWFuYWw8L3A+DQo8cD5Nb2RhbGlkYWQ6IEludGVuc2l2YTwvcD4NCjxwPkNvbnRlbmlkb3M6ICZuYnNwOyBFc3RhIGRlc3RpbmFkbyBhIHRvZG9zIGxvcyBwcm9mZXNpb25hbGVzIGNvbXByb21ldGlkb3MgY29uIGxhIHRlbWF0aWNhIGRlbCBhYnVzbyBpbmZhbnRpbCBxdWUgcXVpZXJhbiBhY3R1YWxpemFyc2UgZSBpbnRlcmNhbWJpYXIgZXhwZXJpZW5jaWFzIGRlIHRyYWJham8uLi48L3A+DQo8cD4mbmJzcDs8L3A+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTklIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA0Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzE5LmpwZyIgd2lkdGg9Ijc1IiBoZWlnaHQ9IjQxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMS5qcGciIHdpZHRoPSI1MyIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48YSBocmVmPSIjIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDQiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIiBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgIDwvdHI+CgkJICAgICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNTYiIHJvd3NwYW49IjIiIHZhbGlnbj0idG9wIj4KCQkJCQoJCQkJPHRhYmxlIHdpZHRoPSIzMiUiIGJvcmRlcj0iMSIgY2VsbHNwYWNpbmc9IjMiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PGltZyBzcmM9InNyYy9pbWdfdXAvMTYwNTIwMTMuMC5qcGciIHdpZHRoPSIxNDYiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+CgkJCQkJCQkJPC90ZD4gICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBjbGFzcz0idGl0dWxvaG9tZTEiPjxzcGFuIGNsYXNzPSJkZXN0YWNhZG9zIj4xNi8wNS8yMDEzPC9zcGFuPjxicj5TYWx1ZCBBY3RpdmEgbmVjZXNpdGEgZGUgdHUgYXl1ZGEhPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5UcmFiYWphbW9zIGNvbW8gcG9kZW1vczogYmEmbnRpbGRlO29zIHJvdG9zLCBzdXNwZW5zaSZvYWN1dGU7biBkZSByZXVuaW9uZXMgcG9yIGNvcnRlcyBkZSBsdXogeSBhZ3VhLCBqdWd1ZXRlcyB2aWVqb3MsIG1lc2VzIGRlIGF0cmFzbyBlbiBlbCBwYWdvIGRlIHN1cyBwcm9mZXNpb25hbGVzIGRlIGxhIHNhbHVkLiBSZWNpZW50ZW1lbnRlIHR1dmltb3MgcXVlIGNlcnJhciBudWVzdHJvIHF1ZXJpZG8gSG9nYXI6ICZsZHF1bztNZXRhbW9yZm9zaXMmcmRxdW87IGVyYSBlbCBsdWdhciBxdWUgc3VwbyBjb250ZW5lciBhIG5pJm50aWxkZTthcyB5IGomb2FjdXRlO3ZlbmVzIHJlc2NhdGFkYSBkZSByZWRlcyBkZSB0cmF0YSBvIHYmaWFjdXRlO2N0aW1hcyBkZSBhYnVzbyBpbnRyYWZhbWlsaWFyLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwMyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzAzIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjAzLzA1LzIwMTM8L3NwYW4+PGJyPlJFUFVESU8gQSBMQSBQUkVTRU5DSUEgRU4gTEEgRkVSSUEgREVMIExJQlJPIERFIFVOIEVYIEpVRVogQUNVU0FETyBERSBBQlVTTyBTRVhVQUw8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iNyIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9Ijg1IiBjb2xzcGFuPSI0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPkZ1ZSBjYW1hcmlzdGEgZW4gTWFyIGRlbCBQbGF0YSBkdXJhbnRlIGxhIGRpY3RhZHVyYS4gSGFjZSBhJm50aWxkZTtvcywgdmFyaWFzIG11amVyZXMgbG8gYWN1c2Fyb24gZGUgaGFiZXIgYWJ1c2FkbyBkZSBlbGxhcyBjdWFuZG8gZXJhbiBuaSZudGlsZGU7YXMuIExhIGNhdXNhIHByZXNjcmliaSZvYWN1dGU7IHkgbm8gaHVibyBjb25kZW5hLiBNYSZudGlsZGU7YW5hIHRpZW5lIHByZXZpc3RvIGZpcm1hciBzdSBsaWJyby4gRXNhcyBtaXNtYXMgbXVqZXJlcyBwaWRlbiBxdWUgbm8gc2VhIGFkbWl0aWRvIGVuIGxhIGZlcmlhLjwvcD48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxOSUiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDIiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMTkuanBnIiB3aWR0aD0iNzUiIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjYwJSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjxhIGhyZWY9IiMiPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjAlIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwMiI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMi5qcGciIHdpZHRoPSI3OCIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18yNi5qcGciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjYuanBnIiB3aWR0aD0iMiIgaGVpZ2h0PSIyIiAvPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgPC90cj4KCQkgIDwhLS0gRklOIG5vdGEgZGVzdGFjYWRhIC0tPgogICAgICAgIDwvdGFibGU+ICAgICAgICA8L3RkPgogICAgICAgIDx0ZCB3aWR0aD0iNSUiIGFsaWduPSJyaWdodCI+PGltZyBzcmM9ImltZy81eDUuanBnIiB3aWR0aD0iMTUiIGhlaWdodD0iMTUiIC8+PC90ZD4KICAgICAgPC90cj4KICAgIDwvdGFibGU+PC90ZD4KICA8L3RyPgogIDx0cj4KICAgIDx0ZCB3aWR0aD0iMSUiPjxpbWcgc3JjPSJpbWcvNXg1LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjE1IiAvPjwvdGQ+CiAgICA8dGQgY29sc3Bhbj0iMiIgYWxpZ249ImNlbnRlciI+Jm5ic3A7PC90ZD4KICAgIDx0ZCB3aWR0aD0iMiUiPjxpbWcgc3JjPSJpbWcvNXg1LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjE1IiAvPjwvdGQ+CiAgPC90cj4KICAKICA8dGQ+CiAgPHRyPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgICA8dGQgY29sc3Bhbj0iMiI+Jm5ic3A7PC90ZD4KICA8L3RyPgogIDx0ciBhbGlnbj0iY2VudGVyIj4KICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgPHRkIHdpZHRoPSI5NyIgY29sc3Bhbj0iMiIgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iNTQ2IiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMyIgY2xhc3M9ImJvcmRlIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgYWxpZ249ImNlbnRlciIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZCA+PC90ZD4KICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIiBjbGFzcz0idGl0dWxvaG9tZTIiPjx0YWJsZSB3aWR0aD0iIiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYWxpZ249ImxlZnQiIHZhbGlnbj0iYm90dG9tIiBjbGFzcz0idGl0dWxvaG9tZTIiPlJhbmtpbmc8L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGFsaWduPSJsZWZ0IiB2YWxpZ249ImJvdHRvbSIgY2xhc3M9InRpdHVsb2hvbWUyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iIiBoZWlnaHQ9IjM1IiBhbGlnbj0ibGVmdCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIyNSIgY2xhc3M9ImNvbnRlbmlkb2hvbWUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMjUiIGNsYXNzPSJjb250ZW5pZG9ob21lIj48c3Ryb25nPiZidWxsO0xhcyBtJmFhY3V0ZTtzIGxlaWRhczwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGNsYXNzPSJjb250ZW5pZG9ob21lIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBjbGFzcz0iY29udGVuaWRvaG9tZSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgY2xhc3M9ImNvbnRlbmlkb2hvbWUiPjxzdHJvbmc+JmJ1bGw7TGFzIG0mYWFjdXRlO3MgY29tZW50YWRhczwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIlIiBoZWlnaHQ9IjIwIiB2YWxpZ249Im1pZGRsZSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yOTgiIGNsYXNzPSJib3RvbiI+PGltZyBzcmM9ImltZy9mbGVjaGFuYXJhbmphZmdyaXNfMjQuanBnIiB3aWR0aD0iMTQiIGhlaWdodD0iNyIgYm9yZGVyPSIwIiBhbGlnbj0iYWJzbWlkZGxlIiAvPjwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDElIiBoZWlnaHQ9IjMwIiB2YWxpZ249InRvcCIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yOTgiIGNsYXNzPSJib3RvbiI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgTHVkb3RlY2EgR2FyYWJhdG8gLSBQcm95ZWN0byBzYWx1ZGFjdGl2YSwgUG9yIHVuYSBpbmZhbmNpYSBmZWxpeiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iOSUiIGJnY29sb3I9IiNFRkVGRUYiPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzJSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0xNjIiIGNsYXNzPSJib3RvbiI+PGltZyBzcmM9ImltZy9mbGVjaGFuYXJhbmphZmdyaXNfMjQuanBnIiB3aWR0aD0iMTQiIGhlaWdodD0iNyIgYm9yZGVyPSIwIiBhbGlnbj0iYWJzbWlkZGxlIiAvPjwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDUlIiBiZ2NvbG9yPSIjRUZFRkVGIj4gICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3JmFtcDtub3RhPTE2MiIgY2xhc3M9ImJvdG9uIj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBDdXJzbyBJbnRlbnNpdm8gZGUgb3BlcmFkb3IgdGVyYXBldXRpY28gZXNwZWNpYWxpemFkbyBlbiBlbCBhYm9yZGFqZSBkZWwgYWJ1c28sIGxhIHZpb2xlbmNpYSB5IGVsIG1hbHRyYXRvIGluZmFudGlsICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9hPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIlIiBoZWlnaHQ9IjIwIiB2YWxpZ249Im1pZGRsZSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yNDIiIGNsYXNzPSJib3RvbiI+PGltZyBzcmM9ImltZy9mbGVjaGFuYXJhbmphZmdyaXNfMjQuanBnIiB3aWR0aD0iMTQiIGhlaWdodD0iNyIgYm9yZGVyPSIwIiBhbGlnbj0iYWJzbWlkZGxlIiAvPjwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDElIiBoZWlnaHQ9IjMwIiB2YWxpZ249InRvcCIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yNDIiIGNsYXNzPSJib3RvbiI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgUFJPR1JBTUEgTEFTIFZJQ1RJTUFTIENPTlRSQSBMQVMgVklPTEVOQ0lBUyAgTWluaXN0ZXJpbyBkZSBKdXN0aWNpYSB5IERlcmVjaG9zIEh1bWFub3MgZGUgbGEgTmFjafNuICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9hPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI5JSIgYmdjb2xvcj0iI0VGRUZFRiI+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjMlIiBiZ2NvbG9yPSIjRUZFRkVGIj4gICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3JmFtcDtub3RhPTI1NSIgY2xhc3M9ImJvdG9uIj48aW1nIHNyYz0iaW1nL2ZsZWNoYW5hcmFuamFmZ3Jpc18yNC5qcGciIHdpZHRoPSIxNCIgaGVpZ2h0PSI3IiBib3JkZXI9IjAiIGFsaWduPSJhYnNtaWRkbGUiIC8+PC9hPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI0NSUiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MjU1IiBjbGFzcz0iYm90b24iPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIERpcGxvbWF0dXJhIGVuIEFib3JkYWplIGludGVyZGlzY2lwbGluYXJpbyBkZWwgbWFsdHJhdG8sIGxhIHZpb2xlbmNpYSB5IGVsIGFidXNvIHNleHVhbCBpbmZhbnRpbCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyJSIgaGVpZ2h0PSIyMCIgdmFsaWduPSJtaWRkbGUiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MzAzIiBjbGFzcz0iYm90b24iPjxpbWcgc3JjPSJpbWcvZmxlY2hhbmFyYW5qYWZncmlzXzI0LmpwZyIgd2lkdGg9IjE0IiBoZWlnaHQ9IjciIGJvcmRlcj0iMCIgYWxpZ249ImFic21pZGRsZSIgLz48L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjQxJSIgaGVpZ2h0PSIzMCIgdmFsaWduPSJ0b3AiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MzAzIiBjbGFzcz0iYm90b24iPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNhbHVkIEFjdGl2YSBuZWNlc2l0YSBkZSB0dSBheXVkYSEgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjklIiBiZ2NvbG9yPSIjRUZFRkVGIj48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMyUiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MTA0IiBjbGFzcz0iYm90b24iPjxpbWcgc3JjPSJpbWcvZmxlY2hhbmFyYW5qYWZncmlzXzI0LmpwZyIgd2lkdGg9IjE0IiBoZWlnaHQ9IjciIGJvcmRlcj0iMCIgYWxpZ249ImFic21pZGRsZSIgLz48L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjQ1JSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0xMDQiIGNsYXNzPSJib3RvbiI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgTGxhbWFkbyBwYXJhIHByZXNlbnRhY2nzbiBkZSB0cmFiYWpvcy4gICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjIwIiBiZ2NvbG9yPSIjRkZGRkZGIiBjbGFzcz0idGV4dG9udWV2byI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIyMCIgYmdjb2xvcj0iI0ZGRkZGRiIgY2xhc3M9InRleHRvbnVldm8iPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGJnY29sb3I9IiNGRkZGRkYiIGNsYXNzPSJ0ZXh0b251ZXZvIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBiZ2NvbG9yPSIjRkZGRkZGIiBjbGFzcz0idGV4dG9udWV2byI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgYmdjb2xvcj0iI0ZGRkZGRiIgY2xhc3M9InRleHRvbnVldm8iPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICA8L3RhYmxlPgogICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iIyIgY2xhc3M9ImJvdG9uIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgIDwvdHI+CiAgICAgICAgPC90YWJsZT48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgIDx0ZCBjb2xzcGFuPSIyIj4mbmJzcDs8L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KPCEtLSBJTklDSU8gbm90YSBjb211biAtLT4KICA8dHI+CiAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgIDx0ZCBjb2xzcGFuPSIyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQgd2lkdGg9IjElIj4mbmJzcDs8L3RkPgogICAgPHRkIGNvbHNwYW49IjIiIGFsaWduPSJjZW50ZXIiPjx0YWJsZSB3aWR0aD0iNTQwIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgIDx0cj4KICAgICAgICA8dGQgd2lkdGg9IjI3MCIgdmFsaWduPSJ0b3AiPgoJCQkJPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBhbGlnbj0ibGVmdCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MTUvMDQvMjAxMjwvc3Bhbj48YnI+T3JnYW5pemFuIGpvcm5hZGEgc29icmUgdmlvbGVuY2lhPC90ZD4KICAgICAgICAgIDwvdHI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTUiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODAiIGNvbHNwYW49IjQiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPlNlIGNlbnRyYXImYWFjdXRlOyBlbiBsb3MgZmVuJm9hY3V0ZTttZW5vcyBxdWUgYWZlY3RhbiBhIGxhIGZhbWlsaWEgeSBlbiBsbyBxdWUgb2N1cnJlIGVuIGxhcyBlc2N1ZWxhcy48YnIgLz4gU2UgbGxldmFyJmFhY3V0ZTsgYSBjYWJvIGVsIGx1bmVzIDIzLCBlbiBlbCBDZW50cm8gQ3VsdHVyYWwgZGUgVG9zY2hpIHkgVHJlcyANCkFycm95b3MsIHVuYSBqb3JuYWRhIGRlIHJlZmxleGkmb2FjdXRlO24geSBkZWJhdGUgYWJpZXJ0YSBhIGxhIGNvbXVuaWRhZCBzb2JyZSANCiZsZHF1bztWaW9sZW5jaWEgZW4gbGEgZmFtaWxpYSB5IGVuIGxhIGVzY3VlbGEgeSBzdSByZWxhY2kmb2FjdXRlO24gY29uIGVsIGZyYWNhc28gDQplc2NvbGFyJnJkcXVvOywgb3JnYW5pemFkYSBwb3IgbGEgQXNvY2lhY2kmb2FjdXRlO24gQ2l2aWwgQ2VudHJvIEFydCZlYWN1dGU7bWlkZXMgeSBsYSANCk11bmljaXBhbGlkYWQgZGUgQ2lwb2xsZXR0aS5TZSBjZW50cmFyJmFhY3V0ZTsgZW4gbG9zIGZlbiZvYWN1dGU7bWVub3MgcXVlIGFmZWN0YW4gYSBsYSBmYW1pbGlhIHkgZW4gbG8gcXVlIG9jdXJyZSBlbiBsYXMgZXNjdWVsYXMuPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI2OSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNjkiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICAgIDx0ZCB3aWR0aD0iMjcwIiBhbGlnbj0icmlnaHQiIHZhbGlnbj0idG9wIj4KCQkJCTx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgYWxpZ249ImxlZnQiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjMwLzAzLzIwMTI8L3NwYW4+PGJyPkNhcnRhIGRlIEFTQVBNSSAtIEFzb2NpYWNp824gQXJnZW50aW5hIGRlIFByZXZlbmNp824gZGVsIE1hbHRyYXRvIEluZmFudG8tSnV2ZW5pbDwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQgd2lkdGg9IjE1IiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wMV8xOS5qcGciIHdpZHRoPSIxNSIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjgwIiBjb2xzcGFuPSI0IiBhbGlnbj0ibGVmdCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5Mb3MgaW50ZWdyYW50ZXMgZGUgbGEgQ29taXNpJm9hY3V0ZTtuIERpcmVjdGl2YSBkZSBBU0FQTUkgLSBBc29jaWFjaSZvYWN1dGU7biBBcmdlbnRpbmEgZGUgUHJldmVuY2kmb2FjdXRlO24gZGVsIE1hbHRyYXRvIEluZmFudG8tSnV2ZW5pbCwgYXNvY2lhZGEgYSBsYSBJbnRlcm5hdGlvbmFsIFNvY2lldHkgZm9yIFByZXZlbnRpb24gb2YgQ2hpbGQgQWJ1c2UgYW5kIE5lZ2xlY3QgKElTUENBTikgLSwgdGVuZW1vcyBlbCBhZ3JhZG8gZGUgZGlyaWdpcm5vcyBhIFVzdGVkIHBhcmEgdHJhc21pdGlybGUgbnVlc3RyYSBwcm9mdW5kYSAmbmJzcDt5IGhvbmRhIHByZW9jdXBhY2kmb2FjdXRlO24gcG9yIGxhIHBvc3R1cmEgcXVlIHZpZW5lbiBhc3VtaWVuZG8gZW4gZm9ybWEgY29udGludWFkYSBhbGd1bm9zIGNvbGVnaW9zIGRlIHBzaWMmb2FjdXRlO2xvZ29zLCBlc3BlY2lhbG1lbnRlIGRlIGxhIHByb3ZpbmNpYSBkZSBCdWVub3MgQWlyZXMsIGVuIHJlbGFjaSZvYWN1dGU7biBhbCB0cmF0YW1pZW50byBwb2NvIHNlcmlvIHkgY29tcHJvbWV0aWRvIHF1ZSBzZSBsZXMgb3RvcmdhIGEgbGFzIGRlbnVuY2lhcyBlZmVjdHVhZGFzIGNvbnRyYSBwcm9mZXNpb25hbGVzIHBzaWMmb2FjdXRlO2xvZ29zLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI2OCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNjgiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgIDx0ZCBjb2xzcGFuPSIyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQgd2lkdGg9IjElIj4mbmJzcDs8L3RkPgogICAgPHRkIGNvbHNwYW49IjIiIGFsaWduPSJjZW50ZXIiPjx0YWJsZSB3aWR0aD0iNTQwIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgIDx0cj4KICAgICAgICA8dGQgd2lkdGg9IjI3MCIgdmFsaWduPSJ0b3AiPgoJCQkJPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBhbGlnbj0ibGVmdCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MjAvMDMvMjAxMjwvc3Bhbj48YnI+TEEgVklPTEVOQ0lBIFNFWFVBTCBDT05UUkEgTknRT1MgWSBOSdFBUyBFTiBDSUZSQVM8L3RkPgogICAgICAgICAgPC90cj4KICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkIHdpZHRoPSIxNSIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iMTUiIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4MCIgY29sc3Bhbj0iNCIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIiBjbGFzcz0idGV4dG9udWV2byI+PHA+UmFkaW9ncmFmJmlhY3V0ZTthIGRlIHVuIHByb2JsZW1hPC9wPg0KPHA+RGUgbG9zIG4mdWFjdXRlO21lcm9zIGNvbXBpbGFkb3MgcG9yIGRvcyBlcXVpcG9zIGRlbCBNaW5pc3RlcmlvIGRlIEp1c3RpY2lhLCBsYQ0KIGF1dG9yYSB0b21hIGxvcyBkZSBsYSBjaXVkYWQgZGUgQnVlbm9zIEFpcmVzIHBhcmEgdHJhemFyIHVuIHBhcmFkaWdtYSANCmRlIGxvcyBkZWxpdG9zIGNvbnRyYSBsYSBpbnRlZ3JpZGFkIHNleHVhbCBlbiBlbCBwYSZpYWN1dGU7cyB5IHNvYnJlIHN1IA0KYXRlbmNpJm9hY3V0ZTtuLjxiciAvPiA8YnIgLz4gJm5ic3A7UG9yIEV2YSBHaWJlcnRpPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI2MCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNjAiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICAgIDx0ZCB3aWR0aD0iMjcwIiBhbGlnbj0icmlnaHQiIHZhbGlnbj0idG9wIj4KCQkJCTx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgYWxpZ249ImxlZnQiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjE1LzAzLzIwMTI8L3NwYW4+PGJyPkZBTExPIERFIExBIENPUlRFIFNVUFJFTUEgU09CUkUgTEEgTk8gSlVESUNJQUxJWkFDSU9OIERFTCBBQk9SVE8gRU4gQ0FTT1MgREUgVklPTEFDSU9OPC90ZD4KICAgICAgICAgIDwvdHI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTUiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODAiIGNvbHNwYW49IjQiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPjxiciAvPiBKVVJJU0RJQ0NJT046IE5BQ0lPTkFMPGJyIC8+IE1BVEVSSUE6IEFCT1JUTy48YnIgLz4gVFJJQlVOQUw6IENvcnRlIFN1cHJlbWEgZGUgSnVzdGljaWEgZGUgbGEgTmFjaSZvYWN1dGU7bi48YnIgLz4gQVVUT1M6IEYuLCBBLiBMLiBzLyBtZWRpZGEgYXV0b3NhdGlzZmFjdGl2YS48YnIgLz4gRkVDSEE6IDEzLzAzLzIwMTIuPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI1OSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNTkiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KPCEtLSBGSU4gbm90YSBjb211biAtLT4KPC90YWJsZT4KPG1hcCBuYW1lPSJNYXBNYXAiIGlkPSJNYXBNYXAiPjxhcmVhIHNoYXBlPSJyZWN0IiBjb29yZHM9IjE0NCw0LDIxNCwzNiIgaHJlZj0iaW5kZXgucGhwP2lkPTE0IiAvPgo8L21hcD4KPG1hcCBuYW1lPSJNYXAyTWFwMiIgaWQ9Ik1hcDJNYXAyIj48YXJlYSBzaGFwZT0icmVjdCIgY29vcmRzPSIxNDcsNCwyMjAsMzYiIGhyZWY9ImluZGV4LnBocD9pZD0xNGEiIC8+CjwvbWFwPgo8bWFwIG5hbWU9Ik1hcDMiIGlkPSJNYXAzIj48YXJlYSBzaGFwZT0icmVjdCIgY29vcmRzPSIzNjMsMyw0MzYsMzkiIGhyZWY9ImluZGV4LnBocD9pZD0xNGIiIC8+CjwvbWFwPgo8L2h0bWw+CjwvdGQ+CiAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgICA8dGQgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIiBiZ2NvbG9yPSIjRTNFM0UzIj4gICAgICAgICAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgICA8dGQgYWxpZ249ImNlbnRlciIgdmFsaWduPSJ0b3AiIGJnY29sb3I9IiNFM0UzRTMiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPHRkIHdpZHRoPSI3MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNiUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8dGQ+PGltZyBzcmM9ImltZy9kZWNpbG9fYmllbl9mdWVydGUxLmpwZyIgd2lkdGg9IjEyMCIgaGVpZ2h0PSIxMTIiPjwvdGQ+CiAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIiA+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTI0IiBjbGFzcz0iYm90b24xIj5bK10gTSZhYWN1dGU7cyBpbmZvcm1hY2kmb2FjdXRlO248L2E+PC90ZD4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPC90cj4KICAgICAgICAgIDwvdGFibGU+CiAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgYmdjb2xvcj0iI0UzRTNFMyI+ICAgICAgICA8L3RyPgogICAgICAgIDx0cj4gCiAgICAgICAgICA8dGQgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIj4mbmJzcDs8L3RkPgogICAgICAgIDwvdHI+CiAgICA8L3RhYmxlPjwvdGQ+CiAgPC90cj4KICA8dHI+IAogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249ImJvdHRvbSI+PGltZyBzcmM9ImltZy9penExLmpwZyIgd2lkdGg9Ijk2IiBoZWlnaHQ9IjExNCIgLz48L3RkPgogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9RdWllbmVzU29tb3NfQTJfMF8yNS5qcGciIHdpZHRoPSI4MDkiIGhlaWdodD0iMTE0IiBib3JkZXI9IjAiIHVzZW1hcD0iI01hcDIiIC8+PC90ZD4KICA8L3RyPgogIDx0cj4gCiAgICA8dGQgaGVpZ2h0PSI1MCIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIiBiYWNrZ3JvdW5kPSJpbWcvUXVpZW5lc1NvbW9zX0EyXzE4XzE4LmpwZyI+Jm5ic3A7PC90ZD4KICAgIDx0ZCBoZWlnaHQ9IjUwIiBjbGFzcz0iZm9uZG9ib3R0b20iPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2l0ZWkuY29tLmFyLyI+PGltZyBzcmM9ImltZy9laV9jb2xvci5wbmciIGFsdD0iZXNwYWNpb3MgZGUgaW1hZ2luYWNpb24sIGRlc2Fycm9sbG9zIGludGVyYWN0aXZvcywgY3JlYXRpdmlkYWQsIGRpc2XxbyIgd2lkdGg9IjI3IiBoZWlnaHQ9IjE1IiBib3JkZXI9IjAiPjwvYT4gPHNwYW4gY2xhc3M9ImVpIj48YSBocmVmPSJodHRwOi8vd3d3LnNpdGVpLmNvbS5hci8iIHNwYW4gY2xhc3M9ImVpIj5kaXNlJm50aWxkZTtvICsgY29tdW5pY2FjaSZvYWN1dGU7bjwvYT48L3NwYW4+PGVtPiZuYnNwOzwvZW0+PC9zcGFuPjxzcGFuIGNsYXNzPSJibGFuY28xIj48ZW0+Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7PC9lbT48L3NwYW4+PC90ZD4KICA8L3RyPgo8L3RhYmxlPgoKCjxtYXAgbmFtZT0iTWFwMiI+PGFyZWEgc2hhcGU9InJlY3QiIGNvb3Jkcz0iMjQ3LDY5LDQxNCw4MiIgaHJlZj0ibWFpbHRvOnNhbHVkYWN0aXZhQHNhbHVkYWN0aXZvLm9yZy5hciI+CjwvbWFwPgo8bWFwIG5hbWU9Ik1hcCI+CjxhcmVhIHNoYXBlPSJyZWN0IiBjb29yZHM9IjM2LDE0MiwxNDksMTUyIiBocmVmPSJpbmRleC5waHA/aWQ9OF92ZXIyJmNvbmY9MiI+CjxhcmVhIHNoYXBlPSJyZWN0IiBjb29yZHM9IjM0LDE4NiwxNTAsMTk2IiBocmVmPSJpbmRleC5waHA/aWQ9OF92ZXIyJmNvbmY9MCI+CjwvbWFwPgo8L2JvZHk+CjwvaHRtbD4K]]></response>
	148	<responseRedirected>false</responseRedirected>
	149	</requestresponse>
	150	</issue>
	151	<issue>
	152	<serialNumber>3368157477358873600</serialNumber>
	153	<type>5245344</type>
	154	<name>Frameable response (potential Clickjacking)</name>
	155	<host ip="200.20.20.201">http://www.example.org.ar</host>
	156	<path><![CDATA[/index.php]]></path>
	157	<location><![CDATA[/index.php]]></location>
	158	<severity>Information</severity>
	159	<confidence>Firm</confidence>
	160	<issueBackground><![CDATA[It might be possible for a web page controlled by an attacker to load the content of this response within an iframe on the attacker's page. This may enable a "clickjacking" attack, in which the attacker's page overlays the target application's interface with a different interface provided by the attacker. By inducing victim users to perform actions such as mouse clicks and keystrokes, the attacker can cause them to unwittingly carry out actions within the application that is being targeted. This technique allows the attacker to circumvent defenses against cross-site request forgery, and may result in unauthorized actions.<br><br>Note that this issue is being reported because the application's response does not set a suitable <b>X-Frame-Options</b> header in order to prevent framing attacks. Some applications attempt to prevent these attacks from within the HTML page itself, using "framebusting" code. However, this type of defense is normally ineffective and can usually be circumvented by a skilled attacker.]]></issueBackground>
	161	<remediationBackground><![CDATA[You should review the application functions that are accessible from within the response, and determine whether they can be used by application users to perform any sensitive actions within the application. If so, then a framing attack targeting this response may result in unauthorized actions.<br><br>To effectively prevent framing attacks, the application should return a response header with the name <b>X-Frame-Options</b> and the value <b>DENY</b> to prevent framing altogether, or the value <b>SAMEORIGIN</b> to allow framing only by pages on the same origin as the response itself.]]></remediationBackground>
	162	<requestresponse>
	163	<request base64="true"><![CDATA[R0VUIC9pbmRleC5waHAgSFRUUC8xLjENCkhvc3Q6IHd3dy5zYWx1ZGFjdGl2YS5vcmcuYXINCkFjY2VwdDogKi8qDQpBY2NlcHQtTGFuZ3VhZ2U6IGVuDQpVc2VyLUFnZW50OiBNb3ppbGxhLzUuMCAoY29tcGF0aWJsZTsgTVNJRSA5LjA7IFdpbmRvd3MgTlQgNi4xOyBXaW42NDsgeDY0OyBUcmlkZW50LzUuMCkNCkNvbm5lY3Rpb246IGNsb3NlDQoNCg==]]></request>
	164	<response base64="true"><![CDATA[SFRUUC8xLjEgMjAwIE9LDQpEYXRlOiBUaHUsIDA3IE5vdiAyMDEzIDE3OjE0OjA1IEdNVA0KU2VydmVyOiBBcGFjaGUvMi4yLjIzIChVbml4KSBtb2Rfc3NsLzIuMi4yMyBPcGVuU1NMLzAuOS44ZS1maXBzLXJoZWw1DQpYLVBvd2VyZWQtQnk6IFBIUC81LjIuMTcNCkV4cGlyZXM6IFRodSwgMTkgTm92IDE5ODEgMDg6NTI6MDAgR01UDQpDYWNoZS1Db250cm9sOiBuby1zdG9yZSwgbm8tY2FjaGUsIG11c3QtcmV2YWxpZGF0ZSwgcG9zdC1jaGVjaz0wLCBwcmUtY2hlY2s9MA0KUHJhZ21hOiBuby1jYWNoZQ0KQ29ubmVjdGlvbjogY2xvc2UNCkNvbnRlbnQtVHlwZTogdGV4dC9odG1sDQpDb250ZW50LUxlbmd0aDogNjA2MDYNCg0KIDxoZWFkPgo8bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LVR5cGUiIGNvbnRlbnQ9InRleHQvaHRtbDsgY2hhcnNldD1pc28tODg1OS0xIiAvPgo8dGl0bGU+U2FsdWQgQWN0aXZhIC0gQWJ1c28gdmlvbGVuY2lhIHkgbWFsdHJhdG88L3RpdGxlPgoKPHNjcmlwdD4gCiAgICAvL2VzdG8gcGFyYSBwYXNhcmxlIGFsIGZsYXNoIGxhcyB2YXJpYWxiZXMgZGVsIHBocAogCQoKCXZhciBib3Q9Jyc7Ci8vYWxlcnQodmFyaWFibGVTZXJ2aWRvcik7Cjwvc2NyaXB0Pgo8c2NyaXB0IGxhbmd1YWdlPSJKYXZhU2NyaXB0IiB0eXBlPSJ0ZXh0L0phdmFTY3JpcHQiPgo8IS0tCmZ1bmN0aW9uIE1NX3ByZWxvYWRJbWFnZXMoKSB7IC8vdjMuMAogIHZhciBkPWRvY3VtZW50OyBpZihkLmltYWdlcyl7IGlmKCFkLk1NX3ApIGQuTU1fcD1uZXcgQXJyYXkoKTsKICAgIHZhciBpLGo9ZC5NTV9wLmxlbmd0aCxhPU1NX3ByZWxvYWRJbWFnZXMuYXJndW1lbnRzOyBmb3IoaT0wOyBpPGEubGVuZ3RoOyBpKyspCiAgICBpZiAoYVtpXS5pbmRleE9mKCIjIikhPTApeyBkLk1NX3Bbal09bmV3IEltYWdlOyBkLk1NX3BbaisrXS5zcmM9YVtpXTt9fQp9Ci8vLS0+Cjwvc2NyaXB0Pgo8bGluayBocmVmPSJlc3RpbG9zLmNzcyIgcmVsPSJzdHlsZXNoZWV0IiB0eXBlPSJ0ZXh0L2NzcyIgLz4KCjwvaGVhZD4KCjxzY3JpcHQgbGFuZ3VhZ2U9IkphdmFTY3JpcHQiIHR5cGU9InRleHQvSmF2YVNjcmlwdCI+CjwhLS0KZnVuY3Rpb24gTU1fcmVsb2FkUGFnZShpbml0KSB7ICAvL3JlbG9hZHMgdGhlIHdpbmRvdyBpZiBOYXY0IHJlc2l6ZWQKICBpZiAoaW5pdD09dHJ1ZSkgd2l0aCAobmF2aWdhdG9yKSB7aWYgKChhcHBOYW1lPT0iTmV0c2NhcGUiKSYmKHBhcnNlSW50KGFwcFZlcnNpb24pPT00KSkgewogICAgZG9jdW1lbnQuTU1fcGdXPWlubmVyV2lkdGg7IGRvY3VtZW50Lk1NX3BnSD1pbm5lckhlaWdodDsgb25yZXNpemU9TU1fcmVsb2FkUGFnZTsgfX0KICBlbHNlIGlmIChpbm5lcldpZHRoIT1kb2N1bWVudC5NTV9wZ1cgfHwgaW5uZXJIZWlnaHQhPWRvY3VtZW50Lk1NX3BnSCkgbG9jYXRpb24ucmVsb2FkKCk7Cn0KTU1fcmVsb2FkUGFnZSh0cnVlKTsKLy8tLT4KCjwvc2NyaXB0Pgo8c2NyaXB0IHNyYz0iU2NyaXB0cy9BQ19SdW5BY3RpdmVDb250ZW50LmpzIiB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPjwvc2NyaXB0PgoKCjwvaGVhZD4KCjxib2R5IGJhY2tncm91bmQ9ImltZy9mb25kb19kZWdyYWRlLmpwZyIgdG9wbWFyZ2luPSIwIj4KPHRhYmxlIHdpZHRoPSIxMDA1IiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgPHRyPiAKICAgIDx0ZCB3aWR0aD0iOTYiPjxpbWcgc3JjPSJpbWcvUXVpZW5lc1NvbW9zX0EyXzBfMDEuanBnIiB3aWR0aD0iOTYiIGhlaWdodD0iMjA4IiAvPjwvdGQ+CiAgICA8dGQgd2lkdGg9IjgwOSI+IDxzY3JpcHQgdHlwZT0idGV4dC9qYXZhc2NyaXB0Ij4KQUNfRkxfUnVuQ29udGVudCggJ2NvZGViYXNlJywnaHR0cDovL2Rvd25sb2FkLm1hY3JvbWVkaWEuY29tL3B1Yi9zaG9ja3dhdmUvY2Ficy9mbGFzaC9zd2ZsYXNoLmNhYiN2ZXJzaW9uPTcsMCwxOSwwJywnd2lkdGgnLCc4MDknLCdoZWlnaHQnLCcyMDgnLCdzcmMnLCdzd2YvaGVhZGVyJywncXVhbGl0eScsJ2hpZ2gnLCdwbHVnaW5zcGFnZScsJ2h0dHA6Ly93d3cubWFjcm9tZWRpYS5jb20vZ28vZ2V0Zmxhc2hwbGF5ZXInLCdtb3ZpZScsJ3N3Zi9oZWFkZXInICk7IC8vZW5kIEFDIGNvZGUKPC9zY3JpcHQ+IDxub3NjcmlwdD4KICAgICAgPG9iamVjdCBjbGFzc2lkPSJjbHNpZDpEMjdDREI2RS1BRTZELTExY2YtOTZCOC00NDQ1NTM1NDAwMDAiIGNvZGViYXNlPSJodHRwOi8vZG93bmxvYWQubWFjcm9tZWRpYS5jb20vcHViL3Nob2Nrd2F2ZS9jYWJzL2ZsYXNoL3N3Zmxhc2guY2FiI3ZlcnNpb249NywwLDE5LDAiIHdpZHRoPSI4MDkiIGhlaWdodD0iMjA4Ij4KICAgICAgICA8cGFyYW0gbmFtZT0ibW92aWUiIHZhbHVlPSJzd2YvaGVhZGVyLnN3ZiIgLz4KICAgICAgICA8cGFyYW0gbmFtZT0icXVhbGl0eSIgdmFsdWU9ImhpZ2giIC8+CiAgICAgICAgPGVtYmVkIHNyYz0ic3dmL2hlYWRlci5zd2YiIHF1YWxpdHk9ImhpZ2giIHBsdWdpbnNwYWdlPSJodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL2dvL2dldGZsYXNocGxheWVyIiB0eXBlPSJhcHBsaWNhdGlvbi94LXNob2Nrd2F2ZS1mbGFzaCIgd2lkdGg9IjgwOSIgaGVpZ2h0PSIyMDgiPjwvZW1iZWQ+IAogICAgICA8L29iamVjdD4KICAgICAgPC9ub3NjcmlwdD48L3RkPgogICAgPHRkIHdpZHRoPSIxMiUiIHJvd3NwYW49IjUiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgYmdjb2xvcj0iIzAwMDAwMCI+Jm5ic3A7PC90ZD4KICA8L3RyPgogIDx0cj4gCiAgICA8dGQgaGVpZ2h0PSI0NjEiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgYmFja2dyb3VuZD0iaW1nL1F1aWVuZXNTb21vc19BMl8wXzEzLmpwZyI+IAogICAgICA8c2NyaXB0IHR5cGU9InRleHQvamF2YXNjcmlwdCI+CkFDX0ZMX1J1bkNvbnRlbnQoICdjb2RlYmFzZScsJ2h0dHA6Ly9kb3dubG9hZC5tYWNyb21lZGlhLmNvbS9wdWIvc2hvY2t3YXZlL2NhYnMvZmxhc2gvc3dmbGFzaC5jYWIjdmVyc2lvbj02LDAsMjksMCcsJ3dpZHRoJywnOTYnLCdoZWlnaHQnLCc0NjEnLCdzcmMnLCdzd2Yvc3VibWVudScsJ3F1YWxpdHknLCdoaWdoJywncGx1Z2luc3BhZ2UnLCdodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL2dvL2dldGZsYXNocGxheWVyJywnbW92aWUnLCdzd2Yvc3VibWVudScgKTsgLy9lbmQgQUMgY29kZQo8L3NjcmlwdD4gPG5vc2NyaXB0PgogICAgICA8b2JqZWN0IGNsYXNzaWQ9ImNsc2lkOkQyN0NEQjZFLUFFNkQtMTFjZi05NkI4LTQ0NDU1MzU0MDAwMCIgY29kZWJhc2U9Imh0dHA6Ly9kb3dubG9hZC5tYWNyb21lZGlhLmNvbS9wdWIvc2hvY2t3YXZlL2NhYnMvZmxhc2gvc3dmbGFzaC5jYWIjdmVyc2lvbj02LDAsMjksMCIgd2lkdGg9Ijk2IiBoZWlnaHQ9IjQ2MSI+CiAgICAgICAgPHBhcmFtIG5hbWU9Im1vdmllIiB2YWx1ZT0ic3dmL3N1Ym1lbnUuc3dmIiAvPgogICAgICAgIDxwYXJhbSBuYW1lPSJxdWFsaXR5IiB2YWx1ZT0iaGlnaCIgLz4KICAgICAgICA8ZW1iZWQgc3JjPSJzd2Yvc3VibWVudS5zd2YiIHF1YWxpdHk9ImhpZ2giIHBsdWdpbnNwYWdlPSJodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL2dvL2dldGZsYXNocGxheWVyIiB0eXBlPSJhcHBsaWNhdGlvbi94LXNob2Nrd2F2ZS1mbGFzaCIgd2lkdGg9Ijk2IiBoZWlnaHQ9IjQ2MSI+PC9lbWJlZD48L29iamVjdD4KICAgICAgPC9ub3NjcmlwdD48L3RkPgogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCIgYmdjb2xvcj0iI0ZGRkZGRiI+CiAgICAgICAgPHRyPiAKICAgICAgICAgIDx0ZCB3aWR0aD0iMTciIHJvd3NwYW49IjciPjxwPiZuYnNwOzwvcD48L3RkPgogICAgICAgICAgPHRkIHdpZHRoPSIxNzIiIGFsaWduPSJjZW50ZXIiIHZhbGlnbj0idG9wIiBiZ2NvbG9yPSIjRTNFM0UzIj4gPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGFsaWduPSJjZW50ZXIiPjxpbWcgc3JjPSJpbWcvM3B4LmpwZyIgd2lkdGg9IjUiIGhlaWdodD0iNSI+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4gCiAgICAgICAgICAgICAgICA8dGQgYWxpZ249ImNlbnRlciI+PGxpbmsgaHJlZj0iLi4vZXN0aWxvcy5jc3MiIHJlbD0ic3R5bGVzaGVldCIgdHlwZT0idGV4dC9jc3MiIC8+Cjxib2R5IGJnY29sb3I9IiNDQ0NDQ0MiIHRvcG1hcmdpbj0iNiBweCI+PHRhYmxlIHdpZHRoPSIxNjUiIGJvcmRlcj0iMCIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIzIiBiZ2NvbG9yPSIjRkZGRkZGIj4KPHRyPgogICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTkxIiBoZWlnaHQ9IjI4IiBiYWNrZ3JvdW5kPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiA+PGltZyBzcmM9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciIHdpZHRoPSI2IiAgaGVpZ2h0PSIyOCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJpbmRleC5waHA/aWQ9MThfbmV3IiBjbGFzcz0iZm9uZG9ib3RvbiI+SG9tZTwvYT48L3RkPgogIDwvdHI+Cjx0cj4KICA8dGQgaGVpZ2h0PSIyOCIgYmFja2dyb3VuZD0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXciIGNsYXNzPSJmb25kb2JvdG9uIj4mbmJzcDsmbmJzcDtOb3RpY2lhczwvYT48L3RkPgo8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMjgiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgd2lkdGg9IjYiIGhlaWdodD0iMjgiIGJvcmRlcj0iMCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJkb25hY2lvbmVzLyIgdGFyZ2V0PSJfYmxhbmsiIGNsYXNzPSJmb25kb2JvdG9uIj5Eb25hY2lvbmVzPC9hPjwvdGQ+CiAgPC90cj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjI4IiBiYWNrZ3JvdW5kPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiA+PGltZyBzcmM9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciICB3aWR0aD0iNiJoZWlnaHQ9IjI4IiBhbGlnbj0iYWJzbWlkZGxlIiAvPjxhIGhyZWY9ImluZGV4LnBocD9pZD0yM19uZXciIGNsYXNzPSJmb25kb2JvdG9uIj5IaXN0b3JpYWwgZGUgbmV3c2xldHRlcnM8L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMjgiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgd2lkdGg9IjYiIGhlaWdodD0iMjgiIGFsaWduPSJhYnNtaWRkbGUiIC8+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTEzYSIgY2xhc3M9ImZvbmRvYm90b24iPkVudmlhciBpbmZvcm1hY2kmb2FjdXRlO248L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciPjxpbWcgc3JjPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiB3aWR0aD0iNiJoZWlnaHQ9IjI4IiBhbGlnbj0iYWJzbWlkZGxlIiAvPjxhIGhyZWY9ImluZGV4LnBocD9pZD0yNl9uZXciIGNsYXNzPSJmb25kb2JvdG9uIj5WZXIgdHJhYmFqb3MgZGUgdXN1YXJpb3M8L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciPjxpbWcgc3JjPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiB3aWR0aD0iNiIgaGVpZ2h0PSIyOCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJpbmRleC5waHA/aWQ9MTZfbmV3IiBjbGFzcz0iZm9uZG9ib3RvbiI+U2FsdWQgQWN0aXZhIHByZW5zYTwvYT48L3RkPgogIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIxOSIgYmFja2dyb3VuZD0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgPjxpbWcgc3JjPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiB3aWR0aD0iNiIgaGVpZ2h0PSIyOCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJtYWlsdG86c2FsdWRhY3RpdmFAc2FsdWRhY3RpdmEub3JnLmFyIiBjbGFzcz0iZm9uZG9ib3RvbiI+TWFuZCZhYWN1dGU7IHR1IEMuVi48L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgIHdpZHRoPSI2ImhlaWdodD0iMjgiIGFsaWduPSJhYnNtaWRkbGUiIC8+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTIxX25ldyIgY2xhc3M9ImZvbmRvYm90b24iPkluZm9ybWFjaSZvYWN1dGU7biBkZSBpbnRlciZlYWN1dGU7czwvYT48L3RkPgogIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIxOSIgYmFja2dyb3VuZD0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyI+PGltZyBzcmM9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciIHdpZHRoPSI2IiBoZWlnaHQ9IjI4IiBhbGlnbj0iYWJzbWlkZGxlIiAvPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xMF80IiBjbGFzcz0iZm9uZG9ib3RvbiI+Q29uZ3Jlc29zCiAgICAgICAgICAgICAgICAgIHkgSm9ybmFkYXM8L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgd2lkdGg9IjYiIGhlaWdodD0iMjgiIGFsaWduPSJhYnNtaWRkbGUiIC8+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTExIiBjbGFzcz0iZm9uZG9ib3RvbiI+UmVnaXN0cmFjaSZvYWN1dGU7bjwvYT48L3RkPgogIDwvdHI+CiAgICAgICAgICAgCiAgICAgICAgICA8L3RhYmxlPgo8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGFsaWduPSJjZW50ZXIiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNSIgdGFyZ2V0PSJfYmxhbmsiPjxicj4KICAgICAgICAgICAgICAgICAgPGltZyBzcmM9ImltZy9iYW5uZXJfZG9uYWNpb25lcy5qcGciIHdpZHRoPSIxNjIiIGhlaWdodD0iMTIwIiBib3JkZXI9IjAiPjxicj4KICAgICAgICAgICAgICAgICAgPGJyPgogICAgICAgICAgICAgICAgICA8aW1nIHNyYz0iaW1nL2JvdG9uRm9yby5naWYiIHdpZHRoPSIxNzIiIGhlaWdodD0iMTE3IiBib3JkZXI9IjAiPjwvYT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPiAKICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTY3IiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjkiPjxpbWcgc3JjPSJpbWcvY2hpY29zX3BlcmRpZG9zXzAzLmdpZiIgd2lkdGg9IjkiIGhlaWdodD0iOSIgLz48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTQ5IiBiYWNrZ3JvdW5kPSJpbWcvY2hpY29zX3BlcmRpZG9zXzA1LmdpZiI+PGltZyBzcmM9ImltZy9jaGljb3NfcGVyZGlkb3NfMDUuZ2lmIiB3aWR0aD0iOSIgaGVpZ2h0PSI5IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMCI+PGltZyBzcmM9ImltZy9jaGljb3NfcGVyZGlkb3NfMDcuZ2lmIiB3aWR0aD0iOSIgaGVpZ2h0PSI5IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgYmFja2dyb3VuZD0iaW1nL2NoaWNvc19wZXJkaWRvc18xMi5naWYiPjxpbWcgc3JjPSJpbWcvY2hpY29zX3BlcmRpZG9zXzEyLmdpZiIgd2lkdGg9IjkiIGhlaWdodD0iMTEiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQ+PGltZyBzcmM9InNyYy9pbWdfdXAvMjMwODIwMTIuMS5qcGciIHdpZHRoPSIxNDkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgYmFja2dyb3VuZD0iaW1nL2NoaWNvc19wZXJkaWRvc18xMy5naWYiPjxpbWcgc3JjPSJpbWcvY2hpY29zX3BlcmRpZG9zXzEzLmdpZiIgd2lkdGg9IjkiIGhlaWdodD0iMTEiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18xNi5naWYiIHdpZHRoPSIxNjciIGhlaWdodD0iNSIgLz48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGJhY2tncm91bmQ9ImltZy9jaGljb3NfcGVyZGlkb3NfMTcuZ2lmIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18xNy5naWYiIHdpZHRoPSI5IiBoZWlnaHQ9IjkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgYWxpZ249ImNlbnRlciIgYmdjb2xvcj0iI0ZFRTdDRiIgY2xhc3M9InRpdHVsb2hvbWU1Ij48c3Ryb25nPk5pJm50aWxkZTtvcyBwZXJkaWRvczxicj4KICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0yOSIgY2xhc3M9ImJvdG9uIj5bVmVyIG0mYWFjdXRlO3NdPC9hPjwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIGJhY2tncm91bmQ9ImltZy9jaGljb3NfcGVyZGlkb3NfMTkuZ2lmIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18xOS5naWYiIHdpZHRoPSI5IiBoZWlnaHQ9IjkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18yMC5naWYiIHdpZHRoPSIxNjciIGhlaWdodD0iMjUiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPiAKICAgICAgICAgICAgICAgIDx0ZD48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4NCgkJCQkNCgkJCQk8Zm9ybSBhY3Rpb249ImluZGV4LnBocD9pZD0xMSIgIG1ldGhvZD0icG9zdCI+DQogICAgICAgICAgICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMiI+PGltZyBzcmM9ImltZy9yZWdpc3RyYXRlX2VzcV9penExLmpwZyIgd2lkdGg9IjEyIiBoZWlnaHQ9IjQ4IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgICAgPHRkPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9hcnJpYmEuanBnIiB3aWR0aD0iMTQ2IiBoZWlnaHQ9IjQ4IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNCI+PGltZyBzcmM9ImltZy9yZWdpc3RyYXRlX2VzcV9kZXIxLmpwZyIgd2lkdGg9IjE0IiBoZWlnaHQ9IjQ4IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgIDwvdHI+DQogICAgICAgICAgICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMiIgdmFsaWduPSJ0b3AiIGNsYXNzPSJyZWdGb25kbzEiPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9penEuanBnIiB3aWR0aD0iMTIiIGhlaWdodD0iMTIiIC8+PC90ZD4NCiAgICAgICAgICAgICAgICAgICAgICA8dGQgYmdjb2xvcj0iI0ZGRkZGRiI+PHRhYmxlIHdpZHRoPSI5NCUiIGJvcmRlcj0iMCIgYWxpZ249ImNlbnRlciIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4NCiAgICAgICAgICA8dHI+IA0KICAgICAgICAgICAgPHRkPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV90aXQuanBnIiB3aWR0aD0iNjYiIGhlaWdodD0iMjMiIC8+PC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgaGVpZ2h0PSI1MCIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJyZWdpc3RyYXJzZSI+SW5ncmVzJmFhY3V0ZTsgDQogICAgICAgICAgICAgIHR1cyBkYXRvcyB5IHJlY2liJmlhY3V0ZTsgbGEgbWVqb3IgaW5mb3JtYWNpJm9hY3V0ZTtuIGEgdHJhdiZlYWN1dGU7cyANCiAgICAgICAgICAgICAgZGUgbnVlc3RybzxzdHJvbmc+IE5ld3NsZXR0ZXI8L3N0cm9uZz4uIDxzdHJvbmc+PHNwYW4gY2xhc3M9ImdyYXRpcyI+R3JhdGlzITwvc3Bhbj48L3N0cm9uZz48L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgICAgPHRyPiANCiAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjI1IiB2YWxpZ249Im1pZGRsZSIgY2xhc3M9InRyYWJTRUNDSU9OIj5Ob21icmU8L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgICAgPHRyPiANCiAgICAgICAgICAgIDx0ZCBjbGFzcz0icmVnQ0VMREEiPjxpbnB1dCBuYW1lPSJub21icmUiIHR5cGU9InRleHQiIGNsYXNzPSJyZWdDRUxEQWlucHV0IiBpZD0ibm9tYnJlIiAvPjwvdGQ+DQogICAgICAgICAgPC90cj4NCiAgICAgICAgICA8dHI+IA0KICAgICAgICAgICAgPHRkIGhlaWdodD0iMjUiIHZhbGlnbj0ibWlkZGxlIiBjbGFzcz0idHJhYlNFQ0NJT04iPkFwZWxsaWRvPC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgY2xhc3M9InJlZ0NFTERBIj48aW5wdXQgbmFtZT0iYXBlbGxpZG8iIHR5cGU9InRleHQiIGNsYXNzPSJyZWdDRUxEQWlucHV0IiBpZD0iYXBlbGxpZG8iIC8+PC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgaGVpZ2h0PSIyNSIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJ0cmFiU0VDQ0lPTiI+RS1tYWlsPC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgY2xhc3M9InJlZ0NFTERBIj48aW5wdXQgbmFtZT0iZW1haWwiIHR5cGU9InRleHQiIGNsYXNzPSJyZWdDRUxEQWlucHV0IiBpZD0iZW1haWwiIC8+PC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgY2xhc3M9InRyYWJTRUNDSU9OIj4mbmJzcDs8L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgICAgPHRyPiANCiAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIiBjbGFzcz0idHJhYlNFQ0NJT04iPjxpbnB1dCB0eXBlPSJpbWFnZSIgc3JjPSJpbWcvcmVnaXN0cmF0ZV9ib3Rvbi5qcGciIHdpZHRoPSIxMTciIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgIDwvdGFibGU+PC90ZD4NCiAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE0IiB2YWxpZ249InRvcCIgY2xhc3M9InJlZ0ZvbmRvMiI+PGltZyBzcmM9ImltZy9yZWdpc3RyYXRlX2Rlci5qcGciIHdpZHRoPSIxNCIgaGVpZ2h0PSIxNCIgLz48L3RkPg0KICAgICAgICAgICAgICAgICAgICA8L3RyPg0KICAgICAgICAgICAgICAgICAgICA8dHI+IA0KICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTIiIGhlaWdodD0iMjQiPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9lc3FfaXpxMi5qcGciIHdpZHRoPSIxMiIgaGVpZ2h0PSIyNCIgLz48L3RkPg0KICAgICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjI0Ij48aW1nIHNyYz0iaW1nL3JlZ2lzdHJhdGVfYWJham8uanBnIiB3aWR0aD0iMTQ2IiBoZWlnaHQ9IjI0IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgICAgPHRkPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9lc3FfZGVyMi5qcGciIHdpZHRoPSIxNCIgaGVpZ2h0PSIyNCIgLz48L3RkPg0KICAgICAgICAgICAgICAgICAgICA8L3RyPg0KCQkJCQkNCgkJCQkJPC9mb3JtPg0KICAgICAgICAgICAgICAgICAgPC90YWJsZT4NCjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4gCiAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPiAKICAgICAgICAgICAgICAgICAgPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTcwIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMyIgY2xhc3M9ImJvcmRlIj4KICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCA+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBhbGlnbj0ibGVmdCIgY2xhc3M9InRpdHVsb2hvbWUyIj4KCQkJCQkJCQkJCQkJCQkJCTwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICA8dGQ+PGltZyBzcmM9ImltZy9jbGF1ZGlhMl8wMy5qcGciIHdpZHRoPSIxNzQiIGhlaWdodD0iMjUwIiBib3JkZXI9IjAiIHVzZW1hcD0iI01hcCI+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8L3RhYmxlPiAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICA8L3RhYmxlPiAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICA8dGQgcm93c3Bhbj0iNyIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nLzV4NS5qcGciIHdpZHRoPSI3IiBoZWlnaHQ9IjciPjwvdGQ+CiAgICAgICAgICA8dGQgY29sc3Bhbj0iMiIgcm93c3Bhbj0iNCIgYWxpZ249InJpZ2h0IiB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPGZvcm0gYWN0aW9uPSJsb2dpbi5waHAiIG1ldGhvZD0icG9zdCIgbmFtZT0iZm9ybTIiPgoKICAgICAgICAgICAgICA8dHI+IAogICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIxOSIgY29sc3Bhbj0iMiIgYWxpZ249ImxlZnQiIHZhbGlnbj0ibWlkZGxlIiBjbGFzcz0iY29udGVuaWRvIiA+IAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8c3Ryb25nPlVzdWFyaW8gbm8gcmVnaXN0cmFkbzwvc3Ryb25nPiAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9mb250PiA8L3N0cm9uZz4gCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDkiIGFsaWduPSJyaWdodCIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJjb250ZW5pZG8iPlVzdWFyaW8mbmJzcDsmbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzOSIgdmFsaWduPSJtaWRkbGUiPjxpbnB1dCBuYW1lPSJ1c3VhcmlvIiB0eXBlPSJ0ZXh0IiBjbGFzcz0icmVnIiBpZD0idXN1YXJpbyIgc2l6ZT0iNyI+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjciIGFsaWduPSJyaWdodCIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJjb250ZW5pZG8iPkNvbnRyYXNlJm50aWxkZTthJm5ic3A7Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzkiIHZhbGlnbj0ibWlkZGxlIj48aW5wdXQgbmFtZT0icGFzcyIgdHlwZT0icGFzc3dvcmQiIGNsYXNzPSJyZWciIGlkPSJwYXNzIiBzaXplPSI3Ij48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MiIgYWxpZ249InJpZ2h0IiB2YWxpZ249Im1pZGRsZSIgY2xhc3M9ImJvdG9uIj48aW5wdXQgdHlwZT0iaW1hZ2UiIHNyYz0iaW1nL3JlZy5qcGciIHdpZHRoPSI1OCIgaGVpZ2h0PSIzMCI+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPiAKICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjciIGhlaWdodD0iMTkiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgPjxhIGhyZWY9Imh0dHA6Ly93d3cuZmFjZWJvb2suY29tL2hvbWUucGhwPyMhL3BhZ2VzL01lcmxvLUFyZ2VudGluYS9TQUxVRC1BQ1RJVkEvMTAwNTgzNTQzMzE3MzIyP3JlZj10cyZhamF4cGlwZT0xJl9fYT03IiB0YXJnZXQ9Il9ibGFuayI+PGltZyBzcmM9ImltZy9mYWNlYm9vay5qcGciIHdpZHRoPSIyMCIgaGVpZ2h0PSIyMCIgYm9yZGVyPSIwIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzExIiBhbGlnbj0icmlnaHQiIHZhbGlnbj0idG9wIj48ZGl2IGFsaWduPSJsZWZ0Ij48YSBocmVmPSJodHRwOi8vdHdpdHRlci5jb20vU2FsdWRBY3RpdmFPTkciIHRhcmdldD0iX2JsYW5rIj48aW1nIHNyYz0iaW1nL3R3aXRlci5qcGciIHdpZHRoPSIyMCIgaGVpZ2h0PSIyMCIgYm9yZGVyPSIwIj48L2E+PC9kaXY+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSI1IiBhbGlnbj0icmlnaHQiIHZhbGlnbj0ibWlkZGxlIiBjbGFzcz0iY29udGVuaWRvIj48bGFiZWw+PGZvbnQgc2l6ZT0iLTYiPlNpCiAgICAgICAgICAgICAgICAgICAgICAgdG9kYXYmaWFjdXRlO2Egbm8gZXMgdXN1YXJpbyA8L2ZvbnQ+IDxhIGhyZWY9ImluZGV4LnBocD9pZD0xMSIgY2xhc3M9ImJvdG9uIj48Zm9udCBzaXplPSItNiI+cmVnJmlhY3V0ZTtzdHJlc2UKICAgICAgICAgICAgICAgICAgICAgICAgYXF1JmlhY3V0ZTsgPGZvbnQgY29sb3I9IiM2NjY2NjYiPiYjODIyNjs8L2ZvbnQ+PC9mb250PjwvYT4gPGEgaHJlZj0iaW5kZXgucGhwP2lkPTEyIiBjbGFzcz0iYm90b24xIj48Zm9udCBzaXplPSItNiI+b2x2aWRlIG1pIGNvbnRyYXNlJm50aWxkZTthPC9mb250PjwvYT48L2xhYmVsPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE3Ij4mbmJzcDsgPC90ZD4KICAgICAgICAgICAgICA8L3RyPgoJCQkgIDwvZm9ybT4KCiAgICAgICAgICAgIDwvdGFibGU+CiAgICAgICAgICA8IURPQ1RZUEUgaHRtbCBQVUJMSUMgIi0vL1czQy8vRFREIFhIVE1MIDEuMCBUcmFuc2l0aW9uYWwvL0VOIiAiaHR0cDovL3d3dy53My5vcmcvVFIveGh0bWwxL0RURC94aHRtbDEtdHJhbnNpdGlvbmFsLmR0ZCI+CjxodG1sIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hodG1sIj4KPGhlYWQ+CjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PWlzby04ODU5LTEiIC8+Cjx0aXRsZT5Eb2N1bWVudG8gc2luIHQmaWFjdXRlO3R1bG88L3RpdGxlPgo8bGluayBocmVmPSJlc3RpbG9zLmNzcyIgcmVsPSJzdHlsZXNoZWV0IiB0eXBlPSJ0ZXh0L2NzcyIgLz4KPHNjcmlwdCBsYW5ndWFnZT0iSmF2YVNjcmlwdCIgdHlwZT0idGV4dC9KYXZhU2NyaXB0Ij4KPCEtLQpmdW5jdGlvbiBNTV9yZWxvYWRQYWdlKGluaXQpIHsgIC8vcmVsb2FkcyB0aGUgd2luZG93IGlmIE5hdjQgcmVzaXplZAogIGlmIChpbml0PT10cnVlKSB3aXRoIChuYXZpZ2F0b3IpIHtpZiAoKGFwcE5hbWU9PSJOZXRzY2FwZSIpJiYocGFyc2VJbnQoYXBwVmVyc2lvbik9PTQpKSB7CiAgICBkb2N1bWVudC5NTV9wZ1c9aW5uZXJXaWR0aDsgZG9jdW1lbnQuTU1fcGdIPWlubmVySGVpZ2h0OyBvbnJlc2l6ZT1NTV9yZWxvYWRQYWdlOyB9fQogIGVsc2UgaWYgKGlubmVyV2lkdGghPWRvY3VtZW50Lk1NX3BnVyB8fCBpbm5lckhlaWdodCE9ZG9jdW1lbnQuTU1fcGdIKSBsb2NhdGlvbi5yZWxvYWQoKTsKfQpNTV9yZWxvYWRQYWdlKHRydWUpOwoKZnVuY3Rpb24gTU1fcHJlbG9hZEltYWdlcygpIHsgLy92My4wCiAgdmFyIGQ9ZG9jdW1lbnQ7IGlmKGQuaW1hZ2VzKXsgaWYoIWQuTU1fcCkgZC5NTV9wPW5ldyBBcnJheSgpOwogICAgdmFyIGksaj1kLk1NX3AubGVuZ3RoLGE9TU1fcHJlbG9hZEltYWdlcy5hcmd1bWVudHM7IGZvcihpPTA7IGk8YS5sZW5ndGg7IGkrKykKICAgIGlmIChhW2ldLmluZGV4T2YoIiMiKSE9MCl7IGQuTU1fcFtqXT1uZXcgSW1hZ2U7IGQuTU1fcFtqKytdLnNyYz1hW2ldO319Cn0KLy8tLT4KPC9zY3JpcHQ+CiAgICAgICAgICAgICA8c2NyaXB0IHNyYz0iU2NyaXB0cy9BQ19SdW5BY3RpdmVDb250ZW50LmpzIiB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPjwvc2NyaXB0PgoJCQkgCjxzdHlsZSB0eXBlPSJ0ZXh0L2NzcyI+CjwhLS0KI0xheWVyMSB7Cglwb3NpdGlvbjphYnNvbHV0ZTsKCXdpZHRoOjY1MXB4OwoJaGVpZ2h0OjIxOHB4OwoJei1pbmRleDoxOwp9CiNMYXllcjIgewoJcG9zaXRpb246YWJzb2x1dGU7Cgl3aWR0aDoyMDBweDsKCWhlaWdodDoxMTVweDsKCXotaW5kZXg6MTsKCXZpc2liaWxpdHk6IHZpc2libGU7Cn0KLkVzdGlsbzEgewoJZm9udC1zaXplOiAxOHB4OwoJZm9udC13ZWlnaHQ6IGJvbGQ7Cn0KLkVzdGlsbzIgewoJZm9udC1zaXplOiAxNHB4OwoJZm9udC13ZWlnaHQ6IGJvbGQ7Cn0KLkVzdGlsbzMge2NvbG9yOiAjNTA2OTkwOyBsaW5lLWhlaWdodDogMTJweDsgdGV4dC1kZWNvcmF0aW9uOiBub25lOyBmb250LWZhbWlseTogVGFob21hO30KLS0+Cjwvc3R5bGU+CjwvaGVhZD4KCjxib2R5IGxlZnRtYXJnaW49IjIiIG1hcmdpbndpZHRoPSIyIj4KPHRhYmxlIHdpZHRoPSI2MDgiIGJvcmRlcj0iMCIgYWxpZ249ImNlbnRlciIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4KICA8dHI+CiAgICA8dGQgY29sc3Bhbj0iNCIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCB3aWR0aD0iMiUiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzA3LmpwZyIgd2lkdGg9IjI0IiBoZWlnaHQ9IjE0IiAvPjwvdGQ+CiAgICAgICAgPHRkIHdpZHRoPSI5MCUiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18wNy5qcGciPiZuYnNwOzwvdGQ+CiAgICAgICAgPHRkIHdpZHRoPSI4JSIgYWxpZ249InJpZ2h0IiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wOS5qcGciIHdpZHRoPSI0NSIgaGVpZ2h0PSIxNyIgLz48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogIDwvdHI+CiAgPHRyPgogICAgPHRkIGNvbHNwYW49IjQiPjxiciAvPgogICAgICA8dGFibGUgd2lkdGg9Ijk4JSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiPgogICAgICA8dHI+CiAgICAgICAgPHRkIHdpZHRoPSIyJSI+PGltZyBzcmM9ImltZy81eDUuanBnIiB3aWR0aD0iMTUiIGhlaWdodD0iMTUiIC8+PC90ZD4KICAgICAgICA8dGQgd2lkdGg9IjkzJSI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CjwhLS0gSU5JQ0lPIG5vdGEgZGVzdGFjYWRhIC0tPgogICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTU2IiByb3dzcGFuPSIyIiB2YWxpZ249InRvcCI+CgkJCQkKCQkJCTx0YWJsZSB3aWR0aD0iMzIlIiBib3JkZXI9IjEiIGNlbGxzcGFjaW5nPSIzIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJzcmMvaW1nX3VwLzIzMDQyMDEzLjAuanBnIiB3aWR0aD0iMTQ2IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPgoJCQkJCQkJCTwvdGQ+ICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MjIvMTEvMjAxMzwvc3Bhbj48YnI+SVYgQ29uZ3Jlc28gSW50ZXJuYWNpb25hbCB2aW9sZW5jaWEsIG1hbHRyYXRvIHkgYWJ1c288L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iNyIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9Ijg1IiBjb2xzcGFuPSI0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPjxzdHJvbmc+MTQsIDE1IHkgMTYgZGUgTm92aWVtYnJlIEFCSUVSVEEgTEEgSU5TQ1JJUENJJk9hY3V0ZTtOISAoY29uIGRlc2N1ZW50byBoYXN0YSBlbCAyNy84KTxiciAvPjwvc3Ryb25nPjwvcD4NCjxwPjxzdHJvbmc+QUJJRVJUQSBMQSBSRUNFUENJJk9hY3V0ZTtOIERFIFRSQUJBSk88YSBocmVmPSJodHRwOi8vd3d3LmNvbmdyZXNvdmlvbGVuY2lhLmNvbS9pbmRleC5waHA/aWQ9bW9kYWxpZGFkZXMiIHRhcmdldD0iX2JsYW5rIj4gKG1hcyBpbmZvKTwvYT48L3N0cm9uZz48L3A+DQo8cD48c3BhbiBzdHlsZT0iY29sb3I6ICNmZjY2MDA7Ij48c3Ryb25nPk9yZ2FuaXphOiBTYWx1ZCBBY3RpdmE8L3N0cm9uZz48L3NwYW4+PC9wPg0KPHA+PHNwYW4gc3R5bGU9ImNvbG9yOiAjZmY2NjAwOyI+SW5jcmlwdG9zIGFsIFBvcnRhbCBkZSBTYWx1ZCBBY3RpdmEsIGltcG9ydGFudGVzIGRlc2N1ZW50b3MhPGJyIC8+PC9zcGFuPjwvcD4NCjxwPkx1Z2FyIGRlIFJlYWxpemFjaSZvYWN1dGU7biB5IGNvbGFib3JhY2lvbjogVW5pdmVyc2lkYWQgZGVsIEVzdGUsIExhIFBsYXRhIEJ1ZW5vcyBBaXJlczwvcD4NCjxwPk1hcyBkZSAxNTAgdHJhYmFqb3MgcHJlc2VudGFkb3MsIHVsdGltb3MgZGlhcyBwYXJhIGluc2NyaWJpcnNlIGNvbiBkZXNjdWVudG8hITwvcD4NCjxwPjxhIGhyZWY9Imh0dHA6Ly93d3cuY29uZ3Jlc292aW9sZW5jaWEuY29tL2luZGV4LnBocD9pZD1pbnNjcmlwY2lvbiIgdGFyZ2V0PSJfYmxhbmsiPkluc2NyaWJpcnNlPC9hPjwvcD4NCjxwPjxhIGhyZWY9Imh0dHA6Ly93d3cuY29uZ3Jlc292aW9sZW5jaWEuY29tL2luZGV4LnBocD9pZD1pbnNjcmlwY2lvbiIgdGFyZ2V0PSJfYmxhbmsiPjxiciAvPjwvYT48L3A+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTklIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzAxIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzE5LmpwZyIgd2lkdGg9Ijc1IiBoZWlnaHQ9IjQxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMS5qcGciIHdpZHRoPSI1MyIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48YSBocmVmPSIjIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDEiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIiBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgIDwvdHI+CgkJICAgICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MDQvMTEvMjAxMzwvc3Bhbj48YnI+RWwgY29sZWdpbyBkZSBQc2lj82xvZ29zIGRlIEPzcmRvYmEgc2UgcHJvbnVuY2lhIGVuIHJlbGFjafNuIGFsIFNBUCB5IGVuIGNvbmNvcmRhbmNpYSBjb24gbG8gZXhwcmVzYWRvIHBvciBlbCBDb2xlZ2lvIGRlIFBzaWPzbG9nb3MgZGUgTWFyIGRlbCBQbGF0YSB5IGVsIENvbGVnaW8gZGUgUHNpY/Nsb2dvcyBkZSBsYSAgUHJvdmluY2lhIGRlIEJ1ZW5vcyBBaXJlczwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wMV8xOS5qcGciIHdpZHRoPSI3IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODUiIGNvbHNwYW49IjQiIHZhbGlnbj0idG9wIiBjbGFzcz0idGV4dG9udWV2byI+PHA+Jm5ic3A7PC9wPg0KPHA+TGFzIGNvbnRyb3ZlcnNpYXMgZ2VuZXJhZGFzIGVuIHJlbGFjaSZvYWN1dGU7biBhbCAic2luZHJvbWUgZGUgYWxpZW5hY2kmb2FjdXRlO24gcGFyZW50YSIgU0FQLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMxMCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzEwIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTU2IiByb3dzcGFuPSIyIiB2YWxpZ249InRvcCI+CgkJCQkKCQkJCTx0YWJsZSB3aWR0aD0iMzIlIiBib3JkZXI9IjEiIGNlbGxzcGFjaW5nPSIzIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJzcmMvaW1nX3VwLzE2MTAyMDEzLjAuanBnIiB3aWR0aD0iMTQ2IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPgoJCQkJCQkJCTwvdGQ+ICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MTYvMTAvMjAxMzwvc3Bhbj48YnI+U2FsdWQgQWN0aXZhIG90b3JnYSBtZWRpYXMgYmVjYXMgcGFyYSBlbCBJViBDb25ncmVzbyBJbnRlcm5hY2lvbmFsLCBWIE5hY2lvbmFsLCBWSSBSZWdpb25hbCBWaW9sZW5jaWEsIE1hbHRyYXRvIHkgQWJ1c28uPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD4mbmJzcDs8L3A+DQo8cD5TZXImYWFjdXRlO24gb3RvcmdhZGFzIDUwIG1lZGlhcyBiZWNhcywgcXVlZGFuIHBvY2FzISEhIGNvbmRpY2lvbjo8L3A+DQo8cD5QZXJ0ZW5lY2VyIGFsIGFtYml0byBwdWJsaWNvIG8gYSBPTkcsIHNlIGNvbnNpZGVyYSB0YW1iaWVuIGxhIGRpc3RhbmNpYSBhbCBsdWdhciBkZWwgZXZlbnRvISEhIGVzIG11eSBzZW5jaWxsbywgc29sbyBkZWJlcyBlbnZpYXIgdW4gZW1haWwuLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwOSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA5Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjI0LzA3LzIwMTM8L3NwYW4+PGJyPk5FQ0VTSVRBTU9TIERFIFNVIFNPTElEQVJJREFEIEhBQ0lBIExPUyBOSdFPUyBZIE5J0UFTISEhPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD48c3Ryb25nPjxzcGFuIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IHVuZGVybGluZTsiPjxiciAvPjwvc3Bhbj48L3N0cm9uZz48L3A+DQo8cD48c3Ryb25nPjxzcGFuIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IHVuZGVybGluZTsiPjxiciAvPjwvc3Bhbj48L3N0cm9uZz48L3A+DQo8cD48c3Ryb25nPjxzcGFuIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IHVuZGVybGluZTsiPlBST0dSQU1BIEZBTUlMSUFTIFNPTElEQVJJQVM8L3NwYW4+PC9zdHJvbmc+PC9wPg0KPHA+PHN0cm9uZz5DQU1CSU8gREUgU0VERTwvc3Ryb25nPjwvcD4NCjxwPkxhIGNhcGFjaXRhY2kmb2FjdXRlO24gcGFyYSBsYSBwdWVzdGEgZW4gbWFyY2hhIGRlbCA8c3Ryb25nPlByb2dyYW1hIEZhbWlsaWFzIFNvbGlkYXJpYXM8L3N0cm9uZz4gc2UgcmVhbGl6YXImYWFjdXRlOyBlbiBsYSBsb2NhbGlkYWQgZGUgPHN0cm9uZz5OYXZhcnJvPC9zdHJvbmc+IHBhcmEgdG9kbyBlbCBjb3JyZWRvciBkZSBsYSBSdXRhIDQwLjwvcD4NCjxwPkluaWNpbyA8c3Ryb25nPk1pJmVhY3V0ZTtyY29sZXMgMjggZGUgYWdvc3RvIGEgbGFzIDE0IGhvcmFzLiZuYnNwOzwvc3Ryb25nPjwvcD4NCjxwPlNlZGU6IDxzdHJvbmc+U2FsJm9hY3V0ZTtuIE11bmljaXBhbCBlbiBsYSBjYWxsZSAxMDcgZXNxdWluYSAyMiAtIE5hdmFycm88L3N0cm9uZz48L3A+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTklIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA4Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzE5LmpwZyIgd2lkdGg9Ijc1IiBoZWlnaHQ9IjQxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMS5qcGciIHdpZHRoPSI1MyIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48YSBocmVmPSIjIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDgiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIiBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgIDwvdHI+CgkJICAgICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNTYiIHJvd3NwYW49IjIiIHZhbGlnbj0idG9wIj4KCQkJCQoJCQkJPHRhYmxlIHdpZHRoPSIzMiUiIGJvcmRlcj0iMSIgY2VsbHNwYWNpbmc9IjMiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PGltZyBzcmM9InNyYy9pbWdfdXAvMTIwNzIwMTMuMC5qcGciIHdpZHRoPSIxNDYiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+CgkJCQkJCQkJPC90ZD4gICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBjbGFzcz0idGl0dWxvaG9tZTEiPjxzcGFuIGNsYXNzPSJkZXN0YWNhZG9zIj4xMi8wNy8yMDEzPC9zcGFuPjxicj5TQUxVRCBBQ1RJVkEgaGEgc2lkbyBlbGVnaWRhIHBvciBzZWd1bmRhIHZleiBjb25zZWN1dGl2YSBjb21vIHVubyBkZSBsb3MgZ2FuYWRvcmVzIGRlbCBDdWFydG8gQ29uY3Vyc28gZGUgUHJveWVjdG9zIFNvY2lhbGVzIGRlIFBldHJvYnJhczwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wMV8xOS5qcGciIHdpZHRoPSI3IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODUiIGNvbHNwYW49IjQiIHZhbGlnbj0idG9wIiBjbGFzcz0idGV4dG9udWV2byI+PHA+RW4gZWwgbWFyY28gZGVsIEN1YXJ0byBDb25jdXJzbyBkZSBQcm95ZWN0b3MgU29jaWFsZXMgZGUgUGV0cm9icmFzLCANCm51ZXN0cmEgSW5zdGl0dWNpJm9hY3V0ZTtuIFNBTFVEIEFDVElWQSBoYSBzaWRvIGVsZWdpZGEgcG9yIHNlZ3VuZGEgdmV6IA0KY29uc2VjdXRpdmEgY29tbyB1bm8gZGUgbG9zIGdhbmFkb3JlcyBkZSBkaWNobyBjb25jdXJzby48YnIgLz5FbiBlc3RhIA0KZWRpY2kmb2FjdXRlO24gZWwgcHJveWVjdG8gcXVlIGhhIHNpZG8gZWxlZ2lkbyBlcyBlbCAmbGRxdW87UHJvZ3JhbWEgZGUgRmFtaWxpYXMgDQpTb2xpZGFyaWFzJnJkcXVvOyBzaWVuZG8gc3UgJmFhY3V0ZTtyZWEgZGUgaW1wbGVtZW50YWNpJm9hY3V0ZTtuIGxvcyBNdW5pY2lwaW9zIGRlIE5hdmFycm8sIA0KR3JhbC4gTGFzIEhlcmFzLCBNYXJjb3MgUGF6LCB5IE1lcmxvPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjAyLzA3LzIwMTM8L3NwYW4+PGJyPk/tciBvIGVzY3VjaGFyPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5Qb3IgQ2FybG9zIFJvemFuc2tpICo8L3A+DQo8cD5BIGxvIGxhcmdvIGRlIGxvcyBzaWdsb3MsIGxhcyBuaSZudGlsZGU7YXMsIG5pJm50aWxkZTtvcyB5IGFkb2xlc2NlbnRlcyBoYW4gc2lkbyBtYWx0cmF0YWRvcyB5IGFidXNhZG9zIHNpbiBxdWUgYSBsYSBjb211bmlkYWQgbGUgaW50ZXJlc2FyYSBuaSBzaXF1aWVyYSBlc2N1Y2hhcmxvcyBjdWFuZG8gaGFjJmlhY3V0ZTthbiBzYWJlciBkZSBhbGd1bmEgZm9ybWEgbG9zIHN1ZnJpbWllbnRvcyBxdWUgcGFkZWMmaWFjdXRlO2FuLiBFbiAxODc0LCBlbiBFc3RhZG9zIFVuaWRvcywgZnVlIGxhIHByaW1lcmEgdmV6IHF1ZSBlbCBFc3RhZG8gaW50ZXJ2aW5vIGVuIHVuIGNhc28gZGUgbWFsdHJhdG8geSBhYnVzby4uLjwvcD48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxOSUiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDYiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMTkuanBnIiB3aWR0aD0iNzUiIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjYwJSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjxhIGhyZWY9IiMiPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjAlIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwNiI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMi5qcGciIHdpZHRoPSI3OCIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18yNi5qcGciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjYuanBnIiB3aWR0aD0iMiIgaGVpZ2h0PSIyIiAvPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgPC90cj4KCQkgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZD48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBjbGFzcz0idGl0dWxvaG9tZTEiPjxzcGFuIGNsYXNzPSJkZXN0YWNhZG9zIj4wMi8wNy8yMDEzPC9zcGFuPjxicj5FbCBkZXJlY2hvIGRlIGxvcyBuafFvcyBhIHNlciBlc2N1Y2hhZG9zPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5VbiBob21icmUgYWN1c2FkbyBkZSBoYWJlciBhYnVzYWRvIGRlIHN1cyBoaWpvcyBoYWImaWFjdXRlO2Egc2lkbyBzb2JyZXNlJmlhY3V0ZTtkbyBkb3MgdmVjZXMgcG9yIGxhIEp1c3RpY2lhLiBQZXJvIGFob3JhLCBsYSBDJmFhY3V0ZTttYXJhIGRlIENhc2FjaSZvYWN1dGU7biByZXZvYyZvYWN1dGU7IGVzYSBkZWNpc2kmb2FjdXRlO24gcG9ycXVlIGVuIGxhIGludmVzdGlnYWNpJm9hY3V0ZTtuIGVsIGp1ZXogbnVuY2EgaGFiJmlhY3V0ZTthIGVzY3VjaGFkbyBhIGxvcyBjaGljb3MuIFkgb3JkZW4mb2FjdXRlOyBxdWUgdGVuZ2EgZW4gY3VlbnRhIGxvIHF1ZSBkaWNlbi48L3A+DQo8cD5Qb3IgTWFyaWFuYSBDYXJiYWphbDwvcD48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxOSUiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDUiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMTkuanBnIiB3aWR0aD0iNzUiIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjYwJSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjxhIGhyZWY9IiMiPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjAlIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwNSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMi5qcGciIHdpZHRoPSI3OCIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18yNi5qcGciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjYuanBnIiB3aWR0aD0iMiIgaGVpZ2h0PSIyIiAvPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgPC90cj4KCQkgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZD48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE1NiIgcm93c3Bhbj0iMiIgdmFsaWduPSJ0b3AiPgoJCQkJCgkJCQk8dGFibGUgd2lkdGg9IjMyJSIgYm9yZGVyPSIxIiBjZWxsc3BhY2luZz0iMyIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48aW1nIHNyYz0ic3JjL2ltZ191cC8wNjA2MjAxMy4xLmpwZyIgd2lkdGg9IjE0NiIgLz48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT4KCQkJCQkJCQk8L3RkPiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjA2LzA2LzIwMTM8L3NwYW4+PGJyPkFidXNvIHNleHVhbCBpbmZhbnRpbC4gRGVzYWZpb3MgZGUgbGEgY2xpbmljYSBhY3R1YWw8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iNyIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9Ijg1IiBjb2xzcGFuPSI0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPkFiaWVydGEgbGEgaW5zY3JpcGNpb248L3A+DQo8cD5Eb2NlbnRlczogTGljLiBNYXJpYSBCZWF0cml6IE0mdXVtbDtsbGVyLiBMaWMuIFBhb2xhIE11Jm50aWxkZTtveiBEdWFydGU8L3A+DQo8cD5JbmljaW86IE1pZXJjb2xlcyAxOSBkZSBKdW5pbzwvcD4NCjxwPkZyZWN1ZW5jaWE6IFNlbWFuYWw8L3A+DQo8cD5Nb2RhbGlkYWQ6IEludGVuc2l2YTwvcD4NCjxwPkNvbnRlbmlkb3M6ICZuYnNwOyBFc3RhIGRlc3RpbmFkbyBhIHRvZG9zIGxvcyBwcm9mZXNpb25hbGVzIGNvbXByb21ldGlkb3MgY29uIGxhIHRlbWF0aWNhIGRlbCBhYnVzbyBpbmZhbnRpbCBxdWUgcXVpZXJhbiBhY3R1YWxpemFyc2UgZSBpbnRlcmNhbWJpYXIgZXhwZXJpZW5jaWFzIGRlIHRyYWJham8uLi48L3A+DQo8cD4mbmJzcDs8L3A+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTklIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA0Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzE5LmpwZyIgd2lkdGg9Ijc1IiBoZWlnaHQ9IjQxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMS5qcGciIHdpZHRoPSI1MyIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48YSBocmVmPSIjIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDQiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIiBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgIDwvdHI+CgkJICAgICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNTYiIHJvd3NwYW49IjIiIHZhbGlnbj0idG9wIj4KCQkJCQoJCQkJPHRhYmxlIHdpZHRoPSIzMiUiIGJvcmRlcj0iMSIgY2VsbHNwYWNpbmc9IjMiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PGltZyBzcmM9InNyYy9pbWdfdXAvMTYwNTIwMTMuMC5qcGciIHdpZHRoPSIxNDYiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+CgkJCQkJCQkJPC90ZD4gICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBjbGFzcz0idGl0dWxvaG9tZTEiPjxzcGFuIGNsYXNzPSJkZXN0YWNhZG9zIj4xNi8wNS8yMDEzPC9zcGFuPjxicj5TYWx1ZCBBY3RpdmEgbmVjZXNpdGEgZGUgdHUgYXl1ZGEhPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5UcmFiYWphbW9zIGNvbW8gcG9kZW1vczogYmEmbnRpbGRlO29zIHJvdG9zLCBzdXNwZW5zaSZvYWN1dGU7biBkZSByZXVuaW9uZXMgcG9yIGNvcnRlcyBkZSBsdXogeSBhZ3VhLCBqdWd1ZXRlcyB2aWVqb3MsIG1lc2VzIGRlIGF0cmFzbyBlbiBlbCBwYWdvIGRlIHN1cyBwcm9mZXNpb25hbGVzIGRlIGxhIHNhbHVkLiBSZWNpZW50ZW1lbnRlIHR1dmltb3MgcXVlIGNlcnJhciBudWVzdHJvIHF1ZXJpZG8gSG9nYXI6ICZsZHF1bztNZXRhbW9yZm9zaXMmcmRxdW87IGVyYSBlbCBsdWdhciBxdWUgc3VwbyBjb250ZW5lciBhIG5pJm50aWxkZTthcyB5IGomb2FjdXRlO3ZlbmVzIHJlc2NhdGFkYSBkZSByZWRlcyBkZSB0cmF0YSBvIHYmaWFjdXRlO2N0aW1hcyBkZSBhYnVzbyBpbnRyYWZhbWlsaWFyLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwMyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzAzIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjAzLzA1LzIwMTM8L3NwYW4+PGJyPlJFUFVESU8gQSBMQSBQUkVTRU5DSUEgRU4gTEEgRkVSSUEgREVMIExJQlJPIERFIFVOIEVYIEpVRVogQUNVU0FETyBERSBBQlVTTyBTRVhVQUw8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iNyIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9Ijg1IiBjb2xzcGFuPSI0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPkZ1ZSBjYW1hcmlzdGEgZW4gTWFyIGRlbCBQbGF0YSBkdXJhbnRlIGxhIGRpY3RhZHVyYS4gSGFjZSBhJm50aWxkZTtvcywgdmFyaWFzIG11amVyZXMgbG8gYWN1c2Fyb24gZGUgaGFiZXIgYWJ1c2FkbyBkZSBlbGxhcyBjdWFuZG8gZXJhbiBuaSZudGlsZGU7YXMuIExhIGNhdXNhIHByZXNjcmliaSZvYWN1dGU7IHkgbm8gaHVibyBjb25kZW5hLiBNYSZudGlsZGU7YW5hIHRpZW5lIHByZXZpc3RvIGZpcm1hciBzdSBsaWJyby4gRXNhcyBtaXNtYXMgbXVqZXJlcyBwaWRlbiBxdWUgbm8gc2VhIGFkbWl0aWRvIGVuIGxhIGZlcmlhLjwvcD48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxOSUiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDIiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMTkuanBnIiB3aWR0aD0iNzUiIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjYwJSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjxhIGhyZWY9IiMiPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjAlIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwMiI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMi5qcGciIHdpZHRoPSI3OCIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18yNi5qcGciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjYuanBnIiB3aWR0aD0iMiIgaGVpZ2h0PSIyIiAvPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgPC90cj4KCQkgIDwhLS0gRklOIG5vdGEgZGVzdGFjYWRhIC0tPgogICAgICAgIDwvdGFibGU+ICAgICAgICA8L3RkPgogICAgICAgIDx0ZCB3aWR0aD0iNSUiIGFsaWduPSJyaWdodCI+PGltZyBzcmM9ImltZy81eDUuanBnIiB3aWR0aD0iMTUiIGhlaWdodD0iMTUiIC8+PC90ZD4KICAgICAgPC90cj4KICAgIDwvdGFibGU+PC90ZD4KICA8L3RyPgogIDx0cj4KICAgIDx0ZCB3aWR0aD0iMSUiPjxpbWcgc3JjPSJpbWcvNXg1LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjE1IiAvPjwvdGQ+CiAgICA8dGQgY29sc3Bhbj0iMiIgYWxpZ249ImNlbnRlciI+Jm5ic3A7PC90ZD4KICAgIDx0ZCB3aWR0aD0iMiUiPjxpbWcgc3JjPSJpbWcvNXg1LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjE1IiAvPjwvdGQ+CiAgPC90cj4KICAKICA8dGQ+CiAgPHRyPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgICA8dGQgY29sc3Bhbj0iMiI+Jm5ic3A7PC90ZD4KICA8L3RyPgogIDx0ciBhbGlnbj0iY2VudGVyIj4KICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgPHRkIHdpZHRoPSI5NyIgY29sc3Bhbj0iMiIgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iNTQ2IiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMyIgY2xhc3M9ImJvcmRlIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgYWxpZ249ImNlbnRlciIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZCA+PC90ZD4KICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIiBjbGFzcz0idGl0dWxvaG9tZTIiPjx0YWJsZSB3aWR0aD0iIiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYWxpZ249ImxlZnQiIHZhbGlnbj0iYm90dG9tIiBjbGFzcz0idGl0dWxvaG9tZTIiPlJhbmtpbmc8L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGFsaWduPSJsZWZ0IiB2YWxpZ249ImJvdHRvbSIgY2xhc3M9InRpdHVsb2hvbWUyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iIiBoZWlnaHQ9IjM1IiBhbGlnbj0ibGVmdCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIyNSIgY2xhc3M9ImNvbnRlbmlkb2hvbWUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMjUiIGNsYXNzPSJjb250ZW5pZG9ob21lIj48c3Ryb25nPiZidWxsO0xhcyBtJmFhY3V0ZTtzIGxlaWRhczwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGNsYXNzPSJjb250ZW5pZG9ob21lIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBjbGFzcz0iY29udGVuaWRvaG9tZSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgY2xhc3M9ImNvbnRlbmlkb2hvbWUiPjxzdHJvbmc+JmJ1bGw7TGFzIG0mYWFjdXRlO3MgY29tZW50YWRhczwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIlIiBoZWlnaHQ9IjIwIiB2YWxpZ249Im1pZGRsZSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yOTgiIGNsYXNzPSJib3RvbiI+PGltZyBzcmM9ImltZy9mbGVjaGFuYXJhbmphZmdyaXNfMjQuanBnIiB3aWR0aD0iMTQiIGhlaWdodD0iNyIgYm9yZGVyPSIwIiBhbGlnbj0iYWJzbWlkZGxlIiAvPjwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDElIiBoZWlnaHQ9IjMwIiB2YWxpZ249InRvcCIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yOTgiIGNsYXNzPSJib3RvbiI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgTHVkb3RlY2EgR2FyYWJhdG8gLSBQcm95ZWN0byBzYWx1ZGFjdGl2YSwgUG9yIHVuYSBpbmZhbmNpYSBmZWxpeiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iOSUiIGJnY29sb3I9IiNFRkVGRUYiPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzJSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0xNjIiIGNsYXNzPSJib3RvbiI+PGltZyBzcmM9ImltZy9mbGVjaGFuYXJhbmphZmdyaXNfMjQuanBnIiB3aWR0aD0iMTQiIGhlaWdodD0iNyIgYm9yZGVyPSIwIiBhbGlnbj0iYWJzbWlkZGxlIiAvPjwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDUlIiBiZ2NvbG9yPSIjRUZFRkVGIj4gICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3JmFtcDtub3RhPTE2MiIgY2xhc3M9ImJvdG9uIj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBDdXJzbyBJbnRlbnNpdm8gZGUgb3BlcmFkb3IgdGVyYXBldXRpY28gZXNwZWNpYWxpemFkbyBlbiBlbCBhYm9yZGFqZSBkZWwgYWJ1c28sIGxhIHZpb2xlbmNpYSB5IGVsIG1hbHRyYXRvIGluZmFudGlsICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9hPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIlIiBoZWlnaHQ9IjIwIiB2YWxpZ249Im1pZGRsZSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yNDIiIGNsYXNzPSJib3RvbiI+PGltZyBzcmM9ImltZy9mbGVjaGFuYXJhbmphZmdyaXNfMjQuanBnIiB3aWR0aD0iMTQiIGhlaWdodD0iNyIgYm9yZGVyPSIwIiBhbGlnbj0iYWJzbWlkZGxlIiAvPjwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDElIiBoZWlnaHQ9IjMwIiB2YWxpZ249InRvcCIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yNDIiIGNsYXNzPSJib3RvbiI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgUFJPR1JBTUEgTEFTIFZJQ1RJTUFTIENPTlRSQSBMQVMgVklPTEVOQ0lBUyAgTWluaXN0ZXJpbyBkZSBKdXN0aWNpYSB5IERlcmVjaG9zIEh1bWFub3MgZGUgbGEgTmFjafNuICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9hPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI5JSIgYmdjb2xvcj0iI0VGRUZFRiI+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjMlIiBiZ2NvbG9yPSIjRUZFRkVGIj4gICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3JmFtcDtub3RhPTI1NSIgY2xhc3M9ImJvdG9uIj48aW1nIHNyYz0iaW1nL2ZsZWNoYW5hcmFuamFmZ3Jpc18yNC5qcGciIHdpZHRoPSIxNCIgaGVpZ2h0PSI3IiBib3JkZXI9IjAiIGFsaWduPSJhYnNtaWRkbGUiIC8+PC9hPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI0NSUiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MjU1IiBjbGFzcz0iYm90b24iPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIERpcGxvbWF0dXJhIGVuIEFib3JkYWplIGludGVyZGlzY2lwbGluYXJpbyBkZWwgbWFsdHJhdG8sIGxhIHZpb2xlbmNpYSB5IGVsIGFidXNvIHNleHVhbCBpbmZhbnRpbCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyJSIgaGVpZ2h0PSIyMCIgdmFsaWduPSJtaWRkbGUiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MzAzIiBjbGFzcz0iYm90b24iPjxpbWcgc3JjPSJpbWcvZmxlY2hhbmFyYW5qYWZncmlzXzI0LmpwZyIgd2lkdGg9IjE0IiBoZWlnaHQ9IjciIGJvcmRlcj0iMCIgYWxpZ249ImFic21pZGRsZSIgLz48L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjQxJSIgaGVpZ2h0PSIzMCIgdmFsaWduPSJ0b3AiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MzAzIiBjbGFzcz0iYm90b24iPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNhbHVkIEFjdGl2YSBuZWNlc2l0YSBkZSB0dSBheXVkYSEgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjklIiBiZ2NvbG9yPSIjRUZFRkVGIj48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMyUiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MTA0IiBjbGFzcz0iYm90b24iPjxpbWcgc3JjPSJpbWcvZmxlY2hhbmFyYW5qYWZncmlzXzI0LmpwZyIgd2lkdGg9IjE0IiBoZWlnaHQ9IjciIGJvcmRlcj0iMCIgYWxpZ249ImFic21pZGRsZSIgLz48L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjQ1JSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0xMDQiIGNsYXNzPSJib3RvbiI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgTGxhbWFkbyBwYXJhIHByZXNlbnRhY2nzbiBkZSB0cmFiYWpvcy4gICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjIwIiBiZ2NvbG9yPSIjRkZGRkZGIiBjbGFzcz0idGV4dG9udWV2byI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIyMCIgYmdjb2xvcj0iI0ZGRkZGRiIgY2xhc3M9InRleHRvbnVldm8iPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGJnY29sb3I9IiNGRkZGRkYiIGNsYXNzPSJ0ZXh0b251ZXZvIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBiZ2NvbG9yPSIjRkZGRkZGIiBjbGFzcz0idGV4dG9udWV2byI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgYmdjb2xvcj0iI0ZGRkZGRiIgY2xhc3M9InRleHRvbnVldm8iPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICA8L3RhYmxlPgogICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iIyIgY2xhc3M9ImJvdG9uIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgIDwvdHI+CiAgICAgICAgPC90YWJsZT48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgIDx0ZCBjb2xzcGFuPSIyIj4mbmJzcDs8L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KPCEtLSBJTklDSU8gbm90YSBjb211biAtLT4KICA8dHI+CiAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgIDx0ZCBjb2xzcGFuPSIyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQgd2lkdGg9IjElIj4mbmJzcDs8L3RkPgogICAgPHRkIGNvbHNwYW49IjIiIGFsaWduPSJjZW50ZXIiPjx0YWJsZSB3aWR0aD0iNTQwIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgIDx0cj4KICAgICAgICA8dGQgd2lkdGg9IjI3MCIgdmFsaWduPSJ0b3AiPgoJCQkJPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBhbGlnbj0ibGVmdCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MTUvMDQvMjAxMjwvc3Bhbj48YnI+T3JnYW5pemFuIGpvcm5hZGEgc29icmUgdmlvbGVuY2lhPC90ZD4KICAgICAgICAgIDwvdHI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTUiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODAiIGNvbHNwYW49IjQiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPlNlIGNlbnRyYXImYWFjdXRlOyBlbiBsb3MgZmVuJm9hY3V0ZTttZW5vcyBxdWUgYWZlY3RhbiBhIGxhIGZhbWlsaWEgeSBlbiBsbyBxdWUgb2N1cnJlIGVuIGxhcyBlc2N1ZWxhcy48YnIgLz4gU2UgbGxldmFyJmFhY3V0ZTsgYSBjYWJvIGVsIGx1bmVzIDIzLCBlbiBlbCBDZW50cm8gQ3VsdHVyYWwgZGUgVG9zY2hpIHkgVHJlcyANCkFycm95b3MsIHVuYSBqb3JuYWRhIGRlIHJlZmxleGkmb2FjdXRlO24geSBkZWJhdGUgYWJpZXJ0YSBhIGxhIGNvbXVuaWRhZCBzb2JyZSANCiZsZHF1bztWaW9sZW5jaWEgZW4gbGEgZmFtaWxpYSB5IGVuIGxhIGVzY3VlbGEgeSBzdSByZWxhY2kmb2FjdXRlO24gY29uIGVsIGZyYWNhc28gDQplc2NvbGFyJnJkcXVvOywgb3JnYW5pemFkYSBwb3IgbGEgQXNvY2lhY2kmb2FjdXRlO24gQ2l2aWwgQ2VudHJvIEFydCZlYWN1dGU7bWlkZXMgeSBsYSANCk11bmljaXBhbGlkYWQgZGUgQ2lwb2xsZXR0aS5TZSBjZW50cmFyJmFhY3V0ZTsgZW4gbG9zIGZlbiZvYWN1dGU7bWVub3MgcXVlIGFmZWN0YW4gYSBsYSBmYW1pbGlhIHkgZW4gbG8gcXVlIG9jdXJyZSBlbiBsYXMgZXNjdWVsYXMuPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI2OSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNjkiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICAgIDx0ZCB3aWR0aD0iMjcwIiBhbGlnbj0icmlnaHQiIHZhbGlnbj0idG9wIj4KCQkJCTx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgYWxpZ249ImxlZnQiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjMwLzAzLzIwMTI8L3NwYW4+PGJyPkNhcnRhIGRlIEFTQVBNSSAtIEFzb2NpYWNp824gQXJnZW50aW5hIGRlIFByZXZlbmNp824gZGVsIE1hbHRyYXRvIEluZmFudG8tSnV2ZW5pbDwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQgd2lkdGg9IjE1IiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wMV8xOS5qcGciIHdpZHRoPSIxNSIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjgwIiBjb2xzcGFuPSI0IiBhbGlnbj0ibGVmdCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5Mb3MgaW50ZWdyYW50ZXMgZGUgbGEgQ29taXNpJm9hY3V0ZTtuIERpcmVjdGl2YSBkZSBBU0FQTUkgLSBBc29jaWFjaSZvYWN1dGU7biBBcmdlbnRpbmEgZGUgUHJldmVuY2kmb2FjdXRlO24gZGVsIE1hbHRyYXRvIEluZmFudG8tSnV2ZW5pbCwgYXNvY2lhZGEgYSBsYSBJbnRlcm5hdGlvbmFsIFNvY2lldHkgZm9yIFByZXZlbnRpb24gb2YgQ2hpbGQgQWJ1c2UgYW5kIE5lZ2xlY3QgKElTUENBTikgLSwgdGVuZW1vcyBlbCBhZ3JhZG8gZGUgZGlyaWdpcm5vcyBhIFVzdGVkIHBhcmEgdHJhc21pdGlybGUgbnVlc3RyYSBwcm9mdW5kYSAmbmJzcDt5IGhvbmRhIHByZW9jdXBhY2kmb2FjdXRlO24gcG9yIGxhIHBvc3R1cmEgcXVlIHZpZW5lbiBhc3VtaWVuZG8gZW4gZm9ybWEgY29udGludWFkYSBhbGd1bm9zIGNvbGVnaW9zIGRlIHBzaWMmb2FjdXRlO2xvZ29zLCBlc3BlY2lhbG1lbnRlIGRlIGxhIHByb3ZpbmNpYSBkZSBCdWVub3MgQWlyZXMsIGVuIHJlbGFjaSZvYWN1dGU7biBhbCB0cmF0YW1pZW50byBwb2NvIHNlcmlvIHkgY29tcHJvbWV0aWRvIHF1ZSBzZSBsZXMgb3RvcmdhIGEgbGFzIGRlbnVuY2lhcyBlZmVjdHVhZGFzIGNvbnRyYSBwcm9mZXNpb25hbGVzIHBzaWMmb2FjdXRlO2xvZ29zLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI2OCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNjgiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgIDx0ZCBjb2xzcGFuPSIyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQgd2lkdGg9IjElIj4mbmJzcDs8L3RkPgogICAgPHRkIGNvbHNwYW49IjIiIGFsaWduPSJjZW50ZXIiPjx0YWJsZSB3aWR0aD0iNTQwIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgIDx0cj4KICAgICAgICA8dGQgd2lkdGg9IjI3MCIgdmFsaWduPSJ0b3AiPgoJCQkJPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBhbGlnbj0ibGVmdCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MjAvMDMvMjAxMjwvc3Bhbj48YnI+TEEgVklPTEVOQ0lBIFNFWFVBTCBDT05UUkEgTknRT1MgWSBOSdFBUyBFTiBDSUZSQVM8L3RkPgogICAgICAgICAgPC90cj4KICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkIHdpZHRoPSIxNSIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iMTUiIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4MCIgY29sc3Bhbj0iNCIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIiBjbGFzcz0idGV4dG9udWV2byI+PHA+UmFkaW9ncmFmJmlhY3V0ZTthIGRlIHVuIHByb2JsZW1hPC9wPg0KPHA+RGUgbG9zIG4mdWFjdXRlO21lcm9zIGNvbXBpbGFkb3MgcG9yIGRvcyBlcXVpcG9zIGRlbCBNaW5pc3RlcmlvIGRlIEp1c3RpY2lhLCBsYQ0KIGF1dG9yYSB0b21hIGxvcyBkZSBsYSBjaXVkYWQgZGUgQnVlbm9zIEFpcmVzIHBhcmEgdHJhemFyIHVuIHBhcmFkaWdtYSANCmRlIGxvcyBkZWxpdG9zIGNvbnRyYSBsYSBpbnRlZ3JpZGFkIHNleHVhbCBlbiBlbCBwYSZpYWN1dGU7cyB5IHNvYnJlIHN1IA0KYXRlbmNpJm9hY3V0ZTtuLjxiciAvPiA8YnIgLz4gJm5ic3A7UG9yIEV2YSBHaWJlcnRpPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI2MCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNjAiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICAgIDx0ZCB3aWR0aD0iMjcwIiBhbGlnbj0icmlnaHQiIHZhbGlnbj0idG9wIj4KCQkJCTx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgYWxpZ249ImxlZnQiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjE1LzAzLzIwMTI8L3NwYW4+PGJyPkZBTExPIERFIExBIENPUlRFIFNVUFJFTUEgU09CUkUgTEEgTk8gSlVESUNJQUxJWkFDSU9OIERFTCBBQk9SVE8gRU4gQ0FTT1MgREUgVklPTEFDSU9OPC90ZD4KICAgICAgICAgIDwvdHI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTUiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODAiIGNvbHNwYW49IjQiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPjxiciAvPiBKVVJJU0RJQ0NJT046IE5BQ0lPTkFMPGJyIC8+IE1BVEVSSUE6IEFCT1JUTy48YnIgLz4gVFJJQlVOQUw6IENvcnRlIFN1cHJlbWEgZGUgSnVzdGljaWEgZGUgbGEgTmFjaSZvYWN1dGU7bi48YnIgLz4gQVVUT1M6IEYuLCBBLiBMLiBzLyBtZWRpZGEgYXV0b3NhdGlzZmFjdGl2YS48YnIgLz4gRkVDSEE6IDEzLzAzLzIwMTIuPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI1OSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNTkiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KPCEtLSBGSU4gbm90YSBjb211biAtLT4KPC90YWJsZT4KPG1hcCBuYW1lPSJNYXBNYXAiIGlkPSJNYXBNYXAiPjxhcmVhIHNoYXBlPSJyZWN0IiBjb29yZHM9IjE0NCw0LDIxNCwzNiIgaHJlZj0iaW5kZXgucGhwP2lkPTE0IiAvPgo8L21hcD4KPG1hcCBuYW1lPSJNYXAyTWFwMiIgaWQ9Ik1hcDJNYXAyIj48YXJlYSBzaGFwZT0icmVjdCIgY29vcmRzPSIxNDcsNCwyMjAsMzYiIGhyZWY9ImluZGV4LnBocD9pZD0xNGEiIC8+CjwvbWFwPgo8bWFwIG5hbWU9Ik1hcDMiIGlkPSJNYXAzIj48YXJlYSBzaGFwZT0icmVjdCIgY29vcmRzPSIzNjMsMyw0MzYsMzkiIGhyZWY9ImluZGV4LnBocD9pZD0xNGIiIC8+CjwvbWFwPgo8L2h0bWw+CjwvdGQ+CiAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgICA8dGQgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIiBiZ2NvbG9yPSIjRTNFM0UzIj4gICAgICAgICAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgICA8dGQgYWxpZ249ImNlbnRlciIgdmFsaWduPSJ0b3AiIGJnY29sb3I9IiNFM0UzRTMiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPHRkIHdpZHRoPSI3MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNiUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8dGQ+PGltZyBzcmM9ImltZy9kZWNpbG9fYmllbl9mdWVydGUxLmpwZyIgd2lkdGg9IjEyMCIgaGVpZ2h0PSIxMTIiPjwvdGQ+CiAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIiA+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTI0IiBjbGFzcz0iYm90b24xIj5bK10gTSZhYWN1dGU7cyBpbmZvcm1hY2kmb2FjdXRlO248L2E+PC90ZD4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPC90cj4KICAgICAgICAgIDwvdGFibGU+CiAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgYmdjb2xvcj0iI0UzRTNFMyI+ICAgICAgICA8L3RyPgogICAgICAgIDx0cj4gCiAgICAgICAgICA8dGQgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIj4mbmJzcDs8L3RkPgogICAgICAgIDwvdHI+CiAgICA8L3RhYmxlPjwvdGQ+CiAgPC90cj4KICA8dHI+IAogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249ImJvdHRvbSI+PGltZyBzcmM9ImltZy9penExLmpwZyIgd2lkdGg9Ijk2IiBoZWlnaHQ9IjExNCIgLz48L3RkPgogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9RdWllbmVzU29tb3NfQTJfMF8yNS5qcGciIHdpZHRoPSI4MDkiIGhlaWdodD0iMTE0IiBib3JkZXI9IjAiIHVzZW1hcD0iI01hcDIiIC8+PC90ZD4KICA8L3RyPgogIDx0cj4gCiAgICA8dGQgaGVpZ2h0PSI1MCIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIiBiYWNrZ3JvdW5kPSJpbWcvUXVpZW5lc1NvbW9zX0EyXzE4XzE4LmpwZyI+Jm5ic3A7PC90ZD4KICAgIDx0ZCBoZWlnaHQ9IjUwIiBjbGFzcz0iZm9uZG9ib3R0b20iPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2l0ZWkuY29tLmFyLyI+PGltZyBzcmM9ImltZy9laV9jb2xvci5wbmciIGFsdD0iZXNwYWNpb3MgZGUgaW1hZ2luYWNpb24sIGRlc2Fycm9sbG9zIGludGVyYWN0aXZvcywgY3JlYXRpdmlkYWQsIGRpc2XxbyIgd2lkdGg9IjI3IiBoZWlnaHQ9IjE1IiBib3JkZXI9IjAiPjwvYT4gPHNwYW4gY2xhc3M9ImVpIj48YSBocmVmPSJodHRwOi8vd3d3LnNpdGVpLmNvbS5hci8iIHNwYW4gY2xhc3M9ImVpIj5kaXNlJm50aWxkZTtvICsgY29tdW5pY2FjaSZvYWN1dGU7bjwvYT48L3NwYW4+PGVtPiZuYnNwOzwvZW0+PC9zcGFuPjxzcGFuIGNsYXNzPSJibGFuY28xIj48ZW0+Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7PC9lbT48L3NwYW4+PC90ZD4KICA8L3RyPgo8L3RhYmxlPgoKCjxtYXAgbmFtZT0iTWFwMiI+PGFyZWEgc2hhcGU9InJlY3QiIGNvb3Jkcz0iMjQ3LDY5LDQxNCw4MiIgaHJlZj0ibWFpbHRvOnNhbHVkYWN0aXZhQHNhbHVkYWN0aXZvLm9yZy5hciI+CjwvbWFwPgo8bWFwIG5hbWU9Ik1hcCI+CjxhcmVhIHNoYXBlPSJyZWN0IiBjb29yZHM9IjM2LDE0MiwxNDksMTUyIiBocmVmPSJpbmRleC5waHA/aWQ9OF92ZXIyJmNvbmY9MiI+CjxhcmVhIHNoYXBlPSJyZWN0IiBjb29yZHM9IjM0LDE4NiwxNTAsMTk2IiBocmVmPSJpbmRleC5waHA/aWQ9OF92ZXIyJmNvbmY9MCI+CjwvbWFwPgo8L2JvZHk+CjwvaHRtbD4K]]></response>
	165	<responseRedirected>false</responseRedirected>
	166	</requestresponse>
	167	</issue>
	168	<issue>
	169	<serialNumber>8637745207739944960</serialNumber>
	170	<type>6291968</type>
	171	<name>Email addresses disclosed</name>
	172	<host ip="200.20.20.201">http://www.example.org.ar</host>
	173	<path><![CDATA[/index.php]]></path>
	174	<location><![CDATA[/index.php]]></location>
	175	<severity>Information</severity>
	176	<confidence>Certain</confidence>
	177	<issueBackground><![CDATA[The presence of email addresses within application responses does not necessarily constitute a security vulnerability. Email addresses may appear intentionally within contact information, and many applications (such as web mail) include arbitrary third-party email addresses within their core content.<br><br>However, email addresses of developers and other individuals (whether appearing on-screen or hidden within page source) may disclose information that is useful to an attacker; for example, they may represent usernames that can be used at the application's login, and they may be used in social engineering attacks against the organization's personnel. Unnecessary or excessive disclosure of email addresses may also lead to an increase in the volume of spam email received.]]></issueBackground>
	178	<remediationBackground><![CDATA[You should review the email addresses being disclosed by the application, and consider removing any that are unnecessary, or replacing personal addresses with anonymous mailbox addresses (such as [email protected]).]]></remediationBackground>
	179	<issueDetail><![CDATA[The following email addresses were disclosed in the response:<ul><li>[email protected]</li><li>[email protected]</li></ul>]]></issueDetail>
	180	<requestresponse>
	181	<request base64="true"><![CDATA[R0VUIC9pbmRleC5waHAgSFRUUC8xLjENCkhvc3Q6IHd3dy5zYWx1ZGFjdGl2YS5vcmcuYXINCkFjY2VwdDogKi8qDQpBY2NlcHQtTGFuZ3VhZ2U6IGVuDQpVc2VyLUFnZW50OiBNb3ppbGxhLzUuMCAoY29tcGF0aWJsZTsgTVNJRSA5LjA7IFdpbmRvd3MgTlQgNi4xOyBXaW42NDsgeDY0OyBUcmlkZW50LzUuMCkNCkNvbm5lY3Rpb246IGNsb3NlDQoNCg==]]></request>
	182	<response base64="true"><![CDATA[SFRUUC8xLjEgMjAwIE9LDQpEYXRlOiBUaHUsIDA3IE5vdiAyMDEzIDE3OjE0OjA1IEdNVA0KU2VydmVyOiBBcGFjaGUvMi4yLjIzIChVbml4KSBtb2Rfc3NsLzIuMi4yMyBPcGVuU1NMLzAuOS44ZS1maXBzLXJoZWw1DQpYLVBvd2VyZWQtQnk6IFBIUC81LjIuMTcNCkV4cGlyZXM6IFRodSwgMTkgTm92IDE5ODEgMDg6NTI6MDAgR01UDQpDYWNoZS1Db250cm9sOiBuby1zdG9yZSwgbm8tY2FjaGUsIG11c3QtcmV2YWxpZGF0ZSwgcG9zdC1jaGVjaz0wLCBwcmUtY2hlY2s9MA0KUHJhZ21hOiBuby1jYWNoZQ0KQ29ubmVjdGlvbjogY2xvc2UNCkNvbnRlbnQtVHlwZTogdGV4dC9odG1sDQpDb250ZW50LUxlbmd0aDogNjA2MDYNCg0KIDxoZWFkPgo8bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LVR5cGUiIGNvbnRlbnQ9InRleHQvaHRtbDsgY2hhcnNldD1pc28tODg1OS0xIiAvPgo8dGl0bGU+U2FsdWQgQWN0aXZhIC0gQWJ1c28gdmlvbGVuY2lhIHkgbWFsdHJhdG88L3RpdGxlPgoKPHNjcmlwdD4gCiAgICAvL2VzdG8gcGFyYSBwYXNhcmxlIGFsIGZsYXNoIGxhcyB2YXJpYWxiZXMgZGVsIHBocAogCQoKCXZhciBib3Q9Jyc7Ci8vYWxlcnQodmFyaWFibGVTZXJ2aWRvcik7Cjwvc2NyaXB0Pgo8c2NyaXB0IGxhbmd1YWdlPSJKYXZhU2NyaXB0IiB0eXBlPSJ0ZXh0L0phdmFTY3JpcHQiPgo8IS0tCmZ1bmN0aW9uIE1NX3ByZWxvYWRJbWFnZXMoKSB7IC8vdjMuMAogIHZhciBkPWRvY3VtZW50OyBpZihkLmltYWdlcyl7IGlmKCFkLk1NX3ApIGQuTU1fcD1uZXcgQXJyYXkoKTsKICAgIHZhciBpLGo9ZC5NTV9wLmxlbmd0aCxhPU1NX3ByZWxvYWRJbWFnZXMuYXJndW1lbnRzOyBmb3IoaT0wOyBpPGEubGVuZ3RoOyBpKyspCiAgICBpZiAoYVtpXS5pbmRleE9mKCIjIikhPTApeyBkLk1NX3Bbal09bmV3IEltYWdlOyBkLk1NX3BbaisrXS5zcmM9YVtpXTt9fQp9Ci8vLS0+Cjwvc2NyaXB0Pgo8bGluayBocmVmPSJlc3RpbG9zLmNzcyIgcmVsPSJzdHlsZXNoZWV0IiB0eXBlPSJ0ZXh0L2NzcyIgLz4KCjwvaGVhZD4KCjxzY3JpcHQgbGFuZ3VhZ2U9IkphdmFTY3JpcHQiIHR5cGU9InRleHQvSmF2YVNjcmlwdCI+CjwhLS0KZnVuY3Rpb24gTU1fcmVsb2FkUGFnZShpbml0KSB7ICAvL3JlbG9hZHMgdGhlIHdpbmRvdyBpZiBOYXY0IHJlc2l6ZWQKICBpZiAoaW5pdD09dHJ1ZSkgd2l0aCAobmF2aWdhdG9yKSB7aWYgKChhcHBOYW1lPT0iTmV0c2NhcGUiKSYmKHBhcnNlSW50KGFwcFZlcnNpb24pPT00KSkgewogICAgZG9jdW1lbnQuTU1fcGdXPWlubmVyV2lkdGg7IGRvY3VtZW50Lk1NX3BnSD1pbm5lckhlaWdodDsgb25yZXNpemU9TU1fcmVsb2FkUGFnZTsgfX0KICBlbHNlIGlmIChpbm5lcldpZHRoIT1kb2N1bWVudC5NTV9wZ1cgfHwgaW5uZXJIZWlnaHQhPWRvY3VtZW50Lk1NX3BnSCkgbG9jYXRpb24ucmVsb2FkKCk7Cn0KTU1fcmVsb2FkUGFnZSh0cnVlKTsKLy8tLT4KCjwvc2NyaXB0Pgo8c2NyaXB0IHNyYz0iU2NyaXB0cy9BQ19SdW5BY3RpdmVDb250ZW50LmpzIiB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPjwvc2NyaXB0PgoKCjwvaGVhZD4KCjxib2R5IGJhY2tncm91bmQ9ImltZy9mb25kb19kZWdyYWRlLmpwZyIgdG9wbWFyZ2luPSIwIj4KPHRhYmxlIHdpZHRoPSIxMDA1IiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgPHRyPiAKICAgIDx0ZCB3aWR0aD0iOTYiPjxpbWcgc3JjPSJpbWcvUXVpZW5lc1NvbW9zX0EyXzBfMDEuanBnIiB3aWR0aD0iOTYiIGhlaWdodD0iMjA4IiAvPjwvdGQ+CiAgICA8dGQgd2lkdGg9IjgwOSI+IDxzY3JpcHQgdHlwZT0idGV4dC9qYXZhc2NyaXB0Ij4KQUNfRkxfUnVuQ29udGVudCggJ2NvZGViYXNlJywnaHR0cDovL2Rvd25sb2FkLm1hY3JvbWVkaWEuY29tL3B1Yi9zaG9ja3dhdmUvY2Ficy9mbGFzaC9zd2ZsYXNoLmNhYiN2ZXJzaW9uPTcsMCwxOSwwJywnd2lkdGgnLCc4MDknLCdoZWlnaHQnLCcyMDgnLCdzcmMnLCdzd2YvaGVhZGVyJywncXVhbGl0eScsJ2hpZ2gnLCdwbHVnaW5zcGFnZScsJ2h0dHA6Ly93d3cubWFjcm9tZWRpYS5jb20vZ28vZ2V0Zmxhc2hwbGF5ZXInLCdtb3ZpZScsJ3N3Zi9oZWFkZXInICk7IC8vZW5kIEFDIGNvZGUKPC9zY3JpcHQ+IDxub3NjcmlwdD4KICAgICAgPG9iamVjdCBjbGFzc2lkPSJjbHNpZDpEMjdDREI2RS1BRTZELTExY2YtOTZCOC00NDQ1NTM1NDAwMDAiIGNvZGViYXNlPSJodHRwOi8vZG93bmxvYWQubWFjcm9tZWRpYS5jb20vcHViL3Nob2Nrd2F2ZS9jYWJzL2ZsYXNoL3N3Zmxhc2guY2FiI3ZlcnNpb249NywwLDE5LDAiIHdpZHRoPSI4MDkiIGhlaWdodD0iMjA4Ij4KICAgICAgICA8cGFyYW0gbmFtZT0ibW92aWUiIHZhbHVlPSJzd2YvaGVhZGVyLnN3ZiIgLz4KICAgICAgICA8cGFyYW0gbmFtZT0icXVhbGl0eSIgdmFsdWU9ImhpZ2giIC8+CiAgICAgICAgPGVtYmVkIHNyYz0ic3dmL2hlYWRlci5zd2YiIHF1YWxpdHk9ImhpZ2giIHBsdWdpbnNwYWdlPSJodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL2dvL2dldGZsYXNocGxheWVyIiB0eXBlPSJhcHBsaWNhdGlvbi94LXNob2Nrd2F2ZS1mbGFzaCIgd2lkdGg9IjgwOSIgaGVpZ2h0PSIyMDgiPjwvZW1iZWQ+IAogICAgICA8L29iamVjdD4KICAgICAgPC9ub3NjcmlwdD48L3RkPgogICAgPHRkIHdpZHRoPSIxMiUiIHJvd3NwYW49IjUiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgYmdjb2xvcj0iIzAwMDAwMCI+Jm5ic3A7PC90ZD4KICA8L3RyPgogIDx0cj4gCiAgICA8dGQgaGVpZ2h0PSI0NjEiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgYmFja2dyb3VuZD0iaW1nL1F1aWVuZXNTb21vc19BMl8wXzEzLmpwZyI+IAogICAgICA8c2NyaXB0IHR5cGU9InRleHQvamF2YXNjcmlwdCI+CkFDX0ZMX1J1bkNvbnRlbnQoICdjb2RlYmFzZScsJ2h0dHA6Ly9kb3dubG9hZC5tYWNyb21lZGlhLmNvbS9wdWIvc2hvY2t3YXZlL2NhYnMvZmxhc2gvc3dmbGFzaC5jYWIjdmVyc2lvbj02LDAsMjksMCcsJ3dpZHRoJywnOTYnLCdoZWlnaHQnLCc0NjEnLCdzcmMnLCdzd2Yvc3VibWVudScsJ3F1YWxpdHknLCdoaWdoJywncGx1Z2luc3BhZ2UnLCdodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL2dvL2dldGZsYXNocGxheWVyJywnbW92aWUnLCdzd2Yvc3VibWVudScgKTsgLy9lbmQgQUMgY29kZQo8L3NjcmlwdD4gPG5vc2NyaXB0PgogICAgICA8b2JqZWN0IGNsYXNzaWQ9ImNsc2lkOkQyN0NEQjZFLUFFNkQtMTFjZi05NkI4LTQ0NDU1MzU0MDAwMCIgY29kZWJhc2U9Imh0dHA6Ly9kb3dubG9hZC5tYWNyb21lZGlhLmNvbS9wdWIvc2hvY2t3YXZlL2NhYnMvZmxhc2gvc3dmbGFzaC5jYWIjdmVyc2lvbj02LDAsMjksMCIgd2lkdGg9Ijk2IiBoZWlnaHQ9IjQ2MSI+CiAgICAgICAgPHBhcmFtIG5hbWU9Im1vdmllIiB2YWx1ZT0ic3dmL3N1Ym1lbnUuc3dmIiAvPgogICAgICAgIDxwYXJhbSBuYW1lPSJxdWFsaXR5IiB2YWx1ZT0iaGlnaCIgLz4KICAgICAgICA8ZW1iZWQgc3JjPSJzd2Yvc3VibWVudS5zd2YiIHF1YWxpdHk9ImhpZ2giIHBsdWdpbnNwYWdlPSJodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL2dvL2dldGZsYXNocGxheWVyIiB0eXBlPSJhcHBsaWNhdGlvbi94LXNob2Nrd2F2ZS1mbGFzaCIgd2lkdGg9Ijk2IiBoZWlnaHQ9IjQ2MSI+PC9lbWJlZD48L29iamVjdD4KICAgICAgPC9ub3NjcmlwdD48L3RkPgogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCIgYmdjb2xvcj0iI0ZGRkZGRiI+CiAgICAgICAgPHRyPiAKICAgICAgICAgIDx0ZCB3aWR0aD0iMTciIHJvd3NwYW49IjciPjxwPiZuYnNwOzwvcD48L3RkPgogICAgICAgICAgPHRkIHdpZHRoPSIxNzIiIGFsaWduPSJjZW50ZXIiIHZhbGlnbj0idG9wIiBiZ2NvbG9yPSIjRTNFM0UzIj4gPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGFsaWduPSJjZW50ZXIiPjxpbWcgc3JjPSJpbWcvM3B4LmpwZyIgd2lkdGg9IjUiIGhlaWdodD0iNSI+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4gCiAgICAgICAgICAgICAgICA8dGQgYWxpZ249ImNlbnRlciI+PGxpbmsgaHJlZj0iLi4vZXN0aWxvcy5jc3MiIHJlbD0ic3R5bGVzaGVldCIgdHlwZT0idGV4dC9jc3MiIC8+Cjxib2R5IGJnY29sb3I9IiNDQ0NDQ0MiIHRvcG1hcmdpbj0iNiBweCI+PHRhYmxlIHdpZHRoPSIxNjUiIGJvcmRlcj0iMCIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIzIiBiZ2NvbG9yPSIjRkZGRkZGIj4KPHRyPgogICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTkxIiBoZWlnaHQ9IjI4IiBiYWNrZ3JvdW5kPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiA+PGltZyBzcmM9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciIHdpZHRoPSI2IiAgaGVpZ2h0PSIyOCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJpbmRleC5waHA/aWQ9MThfbmV3IiBjbGFzcz0iZm9uZG9ib3RvbiI+SG9tZTwvYT48L3RkPgogIDwvdHI+Cjx0cj4KICA8dGQgaGVpZ2h0PSIyOCIgYmFja2dyb3VuZD0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXciIGNsYXNzPSJmb25kb2JvdG9uIj4mbmJzcDsmbmJzcDtOb3RpY2lhczwvYT48L3RkPgo8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMjgiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgd2lkdGg9IjYiIGhlaWdodD0iMjgiIGJvcmRlcj0iMCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJkb25hY2lvbmVzLyIgdGFyZ2V0PSJfYmxhbmsiIGNsYXNzPSJmb25kb2JvdG9uIj5Eb25hY2lvbmVzPC9hPjwvdGQ+CiAgPC90cj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjI4IiBiYWNrZ3JvdW5kPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiA+PGltZyBzcmM9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciICB3aWR0aD0iNiJoZWlnaHQ9IjI4IiBhbGlnbj0iYWJzbWlkZGxlIiAvPjxhIGhyZWY9ImluZGV4LnBocD9pZD0yM19uZXciIGNsYXNzPSJmb25kb2JvdG9uIj5IaXN0b3JpYWwgZGUgbmV3c2xldHRlcnM8L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMjgiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgd2lkdGg9IjYiIGhlaWdodD0iMjgiIGFsaWduPSJhYnNtaWRkbGUiIC8+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTEzYSIgY2xhc3M9ImZvbmRvYm90b24iPkVudmlhciBpbmZvcm1hY2kmb2FjdXRlO248L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciPjxpbWcgc3JjPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiB3aWR0aD0iNiJoZWlnaHQ9IjI4IiBhbGlnbj0iYWJzbWlkZGxlIiAvPjxhIGhyZWY9ImluZGV4LnBocD9pZD0yNl9uZXciIGNsYXNzPSJmb25kb2JvdG9uIj5WZXIgdHJhYmFqb3MgZGUgdXN1YXJpb3M8L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciPjxpbWcgc3JjPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiB3aWR0aD0iNiIgaGVpZ2h0PSIyOCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJpbmRleC5waHA/aWQ9MTZfbmV3IiBjbGFzcz0iZm9uZG9ib3RvbiI+U2FsdWQgQWN0aXZhIHByZW5zYTwvYT48L3RkPgogIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIxOSIgYmFja2dyb3VuZD0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgPjxpbWcgc3JjPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiB3aWR0aD0iNiIgaGVpZ2h0PSIyOCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJtYWlsdG86c2FsdWRhY3RpdmFAc2FsdWRhY3RpdmEub3JnLmFyIiBjbGFzcz0iZm9uZG9ib3RvbiI+TWFuZCZhYWN1dGU7IHR1IEMuVi48L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgIHdpZHRoPSI2ImhlaWdodD0iMjgiIGFsaWduPSJhYnNtaWRkbGUiIC8+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTIxX25ldyIgY2xhc3M9ImZvbmRvYm90b24iPkluZm9ybWFjaSZvYWN1dGU7biBkZSBpbnRlciZlYWN1dGU7czwvYT48L3RkPgogIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIxOSIgYmFja2dyb3VuZD0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyI+PGltZyBzcmM9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciIHdpZHRoPSI2IiBoZWlnaHQ9IjI4IiBhbGlnbj0iYWJzbWlkZGxlIiAvPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xMF80IiBjbGFzcz0iZm9uZG9ib3RvbiI+Q29uZ3Jlc29zCiAgICAgICAgICAgICAgICAgIHkgSm9ybmFkYXM8L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgd2lkdGg9IjYiIGhlaWdodD0iMjgiIGFsaWduPSJhYnNtaWRkbGUiIC8+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTExIiBjbGFzcz0iZm9uZG9ib3RvbiI+UmVnaXN0cmFjaSZvYWN1dGU7bjwvYT48L3RkPgogIDwvdHI+CiAgICAgICAgICAgCiAgICAgICAgICA8L3RhYmxlPgo8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGFsaWduPSJjZW50ZXIiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNSIgdGFyZ2V0PSJfYmxhbmsiPjxicj4KICAgICAgICAgICAgICAgICAgPGltZyBzcmM9ImltZy9iYW5uZXJfZG9uYWNpb25lcy5qcGciIHdpZHRoPSIxNjIiIGhlaWdodD0iMTIwIiBib3JkZXI9IjAiPjxicj4KICAgICAgICAgICAgICAgICAgPGJyPgogICAgICAgICAgICAgICAgICA8aW1nIHNyYz0iaW1nL2JvdG9uRm9yby5naWYiIHdpZHRoPSIxNzIiIGhlaWdodD0iMTE3IiBib3JkZXI9IjAiPjwvYT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPiAKICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTY3IiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjkiPjxpbWcgc3JjPSJpbWcvY2hpY29zX3BlcmRpZG9zXzAzLmdpZiIgd2lkdGg9IjkiIGhlaWdodD0iOSIgLz48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTQ5IiBiYWNrZ3JvdW5kPSJpbWcvY2hpY29zX3BlcmRpZG9zXzA1LmdpZiI+PGltZyBzcmM9ImltZy9jaGljb3NfcGVyZGlkb3NfMDUuZ2lmIiB3aWR0aD0iOSIgaGVpZ2h0PSI5IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMCI+PGltZyBzcmM9ImltZy9jaGljb3NfcGVyZGlkb3NfMDcuZ2lmIiB3aWR0aD0iOSIgaGVpZ2h0PSI5IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgYmFja2dyb3VuZD0iaW1nL2NoaWNvc19wZXJkaWRvc18xMi5naWYiPjxpbWcgc3JjPSJpbWcvY2hpY29zX3BlcmRpZG9zXzEyLmdpZiIgd2lkdGg9IjkiIGhlaWdodD0iMTEiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQ+PGltZyBzcmM9InNyYy9pbWdfdXAvMjMwODIwMTIuMS5qcGciIHdpZHRoPSIxNDkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgYmFja2dyb3VuZD0iaW1nL2NoaWNvc19wZXJkaWRvc18xMy5naWYiPjxpbWcgc3JjPSJpbWcvY2hpY29zX3BlcmRpZG9zXzEzLmdpZiIgd2lkdGg9IjkiIGhlaWdodD0iMTEiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18xNi5naWYiIHdpZHRoPSIxNjciIGhlaWdodD0iNSIgLz48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGJhY2tncm91bmQ9ImltZy9jaGljb3NfcGVyZGlkb3NfMTcuZ2lmIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18xNy5naWYiIHdpZHRoPSI5IiBoZWlnaHQ9IjkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgYWxpZ249ImNlbnRlciIgYmdjb2xvcj0iI0ZFRTdDRiIgY2xhc3M9InRpdHVsb2hvbWU1Ij48c3Ryb25nPk5pJm50aWxkZTtvcyBwZXJkaWRvczxicj4KICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0yOSIgY2xhc3M9ImJvdG9uIj5bVmVyIG0mYWFjdXRlO3NdPC9hPjwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIGJhY2tncm91bmQ9ImltZy9jaGljb3NfcGVyZGlkb3NfMTkuZ2lmIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18xOS5naWYiIHdpZHRoPSI5IiBoZWlnaHQ9IjkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18yMC5naWYiIHdpZHRoPSIxNjciIGhlaWdodD0iMjUiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPiAKICAgICAgICAgICAgICAgIDx0ZD48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4NCgkJCQkNCgkJCQk8Zm9ybSBhY3Rpb249ImluZGV4LnBocD9pZD0xMSIgIG1ldGhvZD0icG9zdCI+DQogICAgICAgICAgICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMiI+PGltZyBzcmM9ImltZy9yZWdpc3RyYXRlX2VzcV9penExLmpwZyIgd2lkdGg9IjEyIiBoZWlnaHQ9IjQ4IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgICAgPHRkPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9hcnJpYmEuanBnIiB3aWR0aD0iMTQ2IiBoZWlnaHQ9IjQ4IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNCI+PGltZyBzcmM9ImltZy9yZWdpc3RyYXRlX2VzcV9kZXIxLmpwZyIgd2lkdGg9IjE0IiBoZWlnaHQ9IjQ4IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgIDwvdHI+DQogICAgICAgICAgICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMiIgdmFsaWduPSJ0b3AiIGNsYXNzPSJyZWdGb25kbzEiPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9penEuanBnIiB3aWR0aD0iMTIiIGhlaWdodD0iMTIiIC8+PC90ZD4NCiAgICAgICAgICAgICAgICAgICAgICA8dGQgYmdjb2xvcj0iI0ZGRkZGRiI+PHRhYmxlIHdpZHRoPSI5NCUiIGJvcmRlcj0iMCIgYWxpZ249ImNlbnRlciIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4NCiAgICAgICAgICA8dHI+IA0KICAgICAgICAgICAgPHRkPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV90aXQuanBnIiB3aWR0aD0iNjYiIGhlaWdodD0iMjMiIC8+PC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgaGVpZ2h0PSI1MCIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJyZWdpc3RyYXJzZSI+SW5ncmVzJmFhY3V0ZTsgDQogICAgICAgICAgICAgIHR1cyBkYXRvcyB5IHJlY2liJmlhY3V0ZTsgbGEgbWVqb3IgaW5mb3JtYWNpJm9hY3V0ZTtuIGEgdHJhdiZlYWN1dGU7cyANCiAgICAgICAgICAgICAgZGUgbnVlc3RybzxzdHJvbmc+IE5ld3NsZXR0ZXI8L3N0cm9uZz4uIDxzdHJvbmc+PHNwYW4gY2xhc3M9ImdyYXRpcyI+R3JhdGlzITwvc3Bhbj48L3N0cm9uZz48L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgICAgPHRyPiANCiAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjI1IiB2YWxpZ249Im1pZGRsZSIgY2xhc3M9InRyYWJTRUNDSU9OIj5Ob21icmU8L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgICAgPHRyPiANCiAgICAgICAgICAgIDx0ZCBjbGFzcz0icmVnQ0VMREEiPjxpbnB1dCBuYW1lPSJub21icmUiIHR5cGU9InRleHQiIGNsYXNzPSJyZWdDRUxEQWlucHV0IiBpZD0ibm9tYnJlIiAvPjwvdGQ+DQogICAgICAgICAgPC90cj4NCiAgICAgICAgICA8dHI+IA0KICAgICAgICAgICAgPHRkIGhlaWdodD0iMjUiIHZhbGlnbj0ibWlkZGxlIiBjbGFzcz0idHJhYlNFQ0NJT04iPkFwZWxsaWRvPC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgY2xhc3M9InJlZ0NFTERBIj48aW5wdXQgbmFtZT0iYXBlbGxpZG8iIHR5cGU9InRleHQiIGNsYXNzPSJyZWdDRUxEQWlucHV0IiBpZD0iYXBlbGxpZG8iIC8+PC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgaGVpZ2h0PSIyNSIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJ0cmFiU0VDQ0lPTiI+RS1tYWlsPC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgY2xhc3M9InJlZ0NFTERBIj48aW5wdXQgbmFtZT0iZW1haWwiIHR5cGU9InRleHQiIGNsYXNzPSJyZWdDRUxEQWlucHV0IiBpZD0iZW1haWwiIC8+PC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgY2xhc3M9InRyYWJTRUNDSU9OIj4mbmJzcDs8L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgICAgPHRyPiANCiAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIiBjbGFzcz0idHJhYlNFQ0NJT04iPjxpbnB1dCB0eXBlPSJpbWFnZSIgc3JjPSJpbWcvcmVnaXN0cmF0ZV9ib3Rvbi5qcGciIHdpZHRoPSIxMTciIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgIDwvdGFibGU+PC90ZD4NCiAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE0IiB2YWxpZ249InRvcCIgY2xhc3M9InJlZ0ZvbmRvMiI+PGltZyBzcmM9ImltZy9yZWdpc3RyYXRlX2Rlci5qcGciIHdpZHRoPSIxNCIgaGVpZ2h0PSIxNCIgLz48L3RkPg0KICAgICAgICAgICAgICAgICAgICA8L3RyPg0KICAgICAgICAgICAgICAgICAgICA8dHI+IA0KICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTIiIGhlaWdodD0iMjQiPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9lc3FfaXpxMi5qcGciIHdpZHRoPSIxMiIgaGVpZ2h0PSIyNCIgLz48L3RkPg0KICAgICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjI0Ij48aW1nIHNyYz0iaW1nL3JlZ2lzdHJhdGVfYWJham8uanBnIiB3aWR0aD0iMTQ2IiBoZWlnaHQ9IjI0IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgICAgPHRkPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9lc3FfZGVyMi5qcGciIHdpZHRoPSIxNCIgaGVpZ2h0PSIyNCIgLz48L3RkPg0KICAgICAgICAgICAgICAgICAgICA8L3RyPg0KCQkJCQkNCgkJCQkJPC9mb3JtPg0KICAgICAgICAgICAgICAgICAgPC90YWJsZT4NCjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4gCiAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPiAKICAgICAgICAgICAgICAgICAgPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTcwIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMyIgY2xhc3M9ImJvcmRlIj4KICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCA+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBhbGlnbj0ibGVmdCIgY2xhc3M9InRpdHVsb2hvbWUyIj4KCQkJCQkJCQkJCQkJCQkJCTwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICA8dGQ+PGltZyBzcmM9ImltZy9jbGF1ZGlhMl8wMy5qcGciIHdpZHRoPSIxNzQiIGhlaWdodD0iMjUwIiBib3JkZXI9IjAiIHVzZW1hcD0iI01hcCI+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8L3RhYmxlPiAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICA8L3RhYmxlPiAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICA8dGQgcm93c3Bhbj0iNyIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nLzV4NS5qcGciIHdpZHRoPSI3IiBoZWlnaHQ9IjciPjwvdGQ+CiAgICAgICAgICA8dGQgY29sc3Bhbj0iMiIgcm93c3Bhbj0iNCIgYWxpZ249InJpZ2h0IiB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPGZvcm0gYWN0aW9uPSJsb2dpbi5waHAiIG1ldGhvZD0icG9zdCIgbmFtZT0iZm9ybTIiPgoKICAgICAgICAgICAgICA8dHI+IAogICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIxOSIgY29sc3Bhbj0iMiIgYWxpZ249ImxlZnQiIHZhbGlnbj0ibWlkZGxlIiBjbGFzcz0iY29udGVuaWRvIiA+IAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8c3Ryb25nPlVzdWFyaW8gbm8gcmVnaXN0cmFkbzwvc3Ryb25nPiAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9mb250PiA8L3N0cm9uZz4gCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDkiIGFsaWduPSJyaWdodCIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJjb250ZW5pZG8iPlVzdWFyaW8mbmJzcDsmbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzOSIgdmFsaWduPSJtaWRkbGUiPjxpbnB1dCBuYW1lPSJ1c3VhcmlvIiB0eXBlPSJ0ZXh0IiBjbGFzcz0icmVnIiBpZD0idXN1YXJpbyIgc2l6ZT0iNyI+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjciIGFsaWduPSJyaWdodCIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJjb250ZW5pZG8iPkNvbnRyYXNlJm50aWxkZTthJm5ic3A7Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzkiIHZhbGlnbj0ibWlkZGxlIj48aW5wdXQgbmFtZT0icGFzcyIgdHlwZT0icGFzc3dvcmQiIGNsYXNzPSJyZWciIGlkPSJwYXNzIiBzaXplPSI3Ij48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MiIgYWxpZ249InJpZ2h0IiB2YWxpZ249Im1pZGRsZSIgY2xhc3M9ImJvdG9uIj48aW5wdXQgdHlwZT0iaW1hZ2UiIHNyYz0iaW1nL3JlZy5qcGciIHdpZHRoPSI1OCIgaGVpZ2h0PSIzMCI+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPiAKICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjciIGhlaWdodD0iMTkiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgPjxhIGhyZWY9Imh0dHA6Ly93d3cuZmFjZWJvb2suY29tL2hvbWUucGhwPyMhL3BhZ2VzL01lcmxvLUFyZ2VudGluYS9TQUxVRC1BQ1RJVkEvMTAwNTgzNTQzMzE3MzIyP3JlZj10cyZhamF4cGlwZT0xJl9fYT03IiB0YXJnZXQ9Il9ibGFuayI+PGltZyBzcmM9ImltZy9mYWNlYm9vay5qcGciIHdpZHRoPSIyMCIgaGVpZ2h0PSIyMCIgYm9yZGVyPSIwIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzExIiBhbGlnbj0icmlnaHQiIHZhbGlnbj0idG9wIj48ZGl2IGFsaWduPSJsZWZ0Ij48YSBocmVmPSJodHRwOi8vdHdpdHRlci5jb20vU2FsdWRBY3RpdmFPTkciIHRhcmdldD0iX2JsYW5rIj48aW1nIHNyYz0iaW1nL3R3aXRlci5qcGciIHdpZHRoPSIyMCIgaGVpZ2h0PSIyMCIgYm9yZGVyPSIwIj48L2E+PC9kaXY+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSI1IiBhbGlnbj0icmlnaHQiIHZhbGlnbj0ibWlkZGxlIiBjbGFzcz0iY29udGVuaWRvIj48bGFiZWw+PGZvbnQgc2l6ZT0iLTYiPlNpCiAgICAgICAgICAgICAgICAgICAgICAgdG9kYXYmaWFjdXRlO2Egbm8gZXMgdXN1YXJpbyA8L2ZvbnQ+IDxhIGhyZWY9ImluZGV4LnBocD9pZD0xMSIgY2xhc3M9ImJvdG9uIj48Zm9udCBzaXplPSItNiI+cmVnJmlhY3V0ZTtzdHJlc2UKICAgICAgICAgICAgICAgICAgICAgICAgYXF1JmlhY3V0ZTsgPGZvbnQgY29sb3I9IiM2NjY2NjYiPiYjODIyNjs8L2ZvbnQ+PC9mb250PjwvYT4gPGEgaHJlZj0iaW5kZXgucGhwP2lkPTEyIiBjbGFzcz0iYm90b24xIj48Zm9udCBzaXplPSItNiI+b2x2aWRlIG1pIGNvbnRyYXNlJm50aWxkZTthPC9mb250PjwvYT48L2xhYmVsPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE3Ij4mbmJzcDsgPC90ZD4KICAgICAgICAgICAgICA8L3RyPgoJCQkgIDwvZm9ybT4KCiAgICAgICAgICAgIDwvdGFibGU+CiAgICAgICAgICA8IURPQ1RZUEUgaHRtbCBQVUJMSUMgIi0vL1czQy8vRFREIFhIVE1MIDEuMCBUcmFuc2l0aW9uYWwvL0VOIiAiaHR0cDovL3d3dy53My5vcmcvVFIveGh0bWwxL0RURC94aHRtbDEtdHJhbnNpdGlvbmFsLmR0ZCI+CjxodG1sIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hodG1sIj4KPGhlYWQ+CjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PWlzby04ODU5LTEiIC8+Cjx0aXRsZT5Eb2N1bWVudG8gc2luIHQmaWFjdXRlO3R1bG88L3RpdGxlPgo8bGluayBocmVmPSJlc3RpbG9zLmNzcyIgcmVsPSJzdHlsZXNoZWV0IiB0eXBlPSJ0ZXh0L2NzcyIgLz4KPHNjcmlwdCBsYW5ndWFnZT0iSmF2YVNjcmlwdCIgdHlwZT0idGV4dC9KYXZhU2NyaXB0Ij4KPCEtLQpmdW5jdGlvbiBNTV9yZWxvYWRQYWdlKGluaXQpIHsgIC8vcmVsb2FkcyB0aGUgd2luZG93IGlmIE5hdjQgcmVzaXplZAogIGlmIChpbml0PT10cnVlKSB3aXRoIChuYXZpZ2F0b3IpIHtpZiAoKGFwcE5hbWU9PSJOZXRzY2FwZSIpJiYocGFyc2VJbnQoYXBwVmVyc2lvbik9PTQpKSB7CiAgICBkb2N1bWVudC5NTV9wZ1c9aW5uZXJXaWR0aDsgZG9jdW1lbnQuTU1fcGdIPWlubmVySGVpZ2h0OyBvbnJlc2l6ZT1NTV9yZWxvYWRQYWdlOyB9fQogIGVsc2UgaWYgKGlubmVyV2lkdGghPWRvY3VtZW50Lk1NX3BnVyB8fCBpbm5lckhlaWdodCE9ZG9jdW1lbnQuTU1fcGdIKSBsb2NhdGlvbi5yZWxvYWQoKTsKfQpNTV9yZWxvYWRQYWdlKHRydWUpOwoKZnVuY3Rpb24gTU1fcHJlbG9hZEltYWdlcygpIHsgLy92My4wCiAgdmFyIGQ9ZG9jdW1lbnQ7IGlmKGQuaW1hZ2VzKXsgaWYoIWQuTU1fcCkgZC5NTV9wPW5ldyBBcnJheSgpOwogICAgdmFyIGksaj1kLk1NX3AubGVuZ3RoLGE9TU1fcHJlbG9hZEltYWdlcy5hcmd1bWVudHM7IGZvcihpPTA7IGk8YS5sZW5ndGg7IGkrKykKICAgIGlmIChhW2ldLmluZGV4T2YoIiMiKSE9MCl7IGQuTU1fcFtqXT1uZXcgSW1hZ2U7IGQuTU1fcFtqKytdLnNyYz1hW2ldO319Cn0KLy8tLT4KPC9zY3JpcHQ+CiAgICAgICAgICAgICA8c2NyaXB0IHNyYz0iU2NyaXB0cy9BQ19SdW5BY3RpdmVDb250ZW50LmpzIiB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPjwvc2NyaXB0PgoJCQkgCjxzdHlsZSB0eXBlPSJ0ZXh0L2NzcyI+CjwhLS0KI0xheWVyMSB7Cglwb3NpdGlvbjphYnNvbHV0ZTsKCXdpZHRoOjY1MXB4OwoJaGVpZ2h0OjIxOHB4OwoJei1pbmRleDoxOwp9CiNMYXllcjIgewoJcG9zaXRpb246YWJzb2x1dGU7Cgl3aWR0aDoyMDBweDsKCWhlaWdodDoxMTVweDsKCXotaW5kZXg6MTsKCXZpc2liaWxpdHk6IHZpc2libGU7Cn0KLkVzdGlsbzEgewoJZm9udC1zaXplOiAxOHB4OwoJZm9udC13ZWlnaHQ6IGJvbGQ7Cn0KLkVzdGlsbzIgewoJZm9udC1zaXplOiAxNHB4OwoJZm9udC13ZWlnaHQ6IGJvbGQ7Cn0KLkVzdGlsbzMge2NvbG9yOiAjNTA2OTkwOyBsaW5lLWhlaWdodDogMTJweDsgdGV4dC1kZWNvcmF0aW9uOiBub25lOyBmb250LWZhbWlseTogVGFob21hO30KLS0+Cjwvc3R5bGU+CjwvaGVhZD4KCjxib2R5IGxlZnRtYXJnaW49IjIiIG1hcmdpbndpZHRoPSIyIj4KPHRhYmxlIHdpZHRoPSI2MDgiIGJvcmRlcj0iMCIgYWxpZ249ImNlbnRlciIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4KICA8dHI+CiAgICA8dGQgY29sc3Bhbj0iNCIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCB3aWR0aD0iMiUiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzA3LmpwZyIgd2lkdGg9IjI0IiBoZWlnaHQ9IjE0IiAvPjwvdGQ+CiAgICAgICAgPHRkIHdpZHRoPSI5MCUiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18wNy5qcGciPiZuYnNwOzwvdGQ+CiAgICAgICAgPHRkIHdpZHRoPSI4JSIgYWxpZ249InJpZ2h0IiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wOS5qcGciIHdpZHRoPSI0NSIgaGVpZ2h0PSIxNyIgLz48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogIDwvdHI+CiAgPHRyPgogICAgPHRkIGNvbHNwYW49IjQiPjxiciAvPgogICAgICA8dGFibGUgd2lkdGg9Ijk4JSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiPgogICAgICA8dHI+CiAgICAgICAgPHRkIHdpZHRoPSIyJSI+PGltZyBzcmM9ImltZy81eDUuanBnIiB3aWR0aD0iMTUiIGhlaWdodD0iMTUiIC8+PC90ZD4KICAgICAgICA8dGQgd2lkdGg9IjkzJSI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CjwhLS0gSU5JQ0lPIG5vdGEgZGVzdGFjYWRhIC0tPgogICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTU2IiByb3dzcGFuPSIyIiB2YWxpZ249InRvcCI+CgkJCQkKCQkJCTx0YWJsZSB3aWR0aD0iMzIlIiBib3JkZXI9IjEiIGNlbGxzcGFjaW5nPSIzIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJzcmMvaW1nX3VwLzIzMDQyMDEzLjAuanBnIiB3aWR0aD0iMTQ2IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPgoJCQkJCQkJCTwvdGQ+ICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MjIvMTEvMjAxMzwvc3Bhbj48YnI+SVYgQ29uZ3Jlc28gSW50ZXJuYWNpb25hbCB2aW9sZW5jaWEsIG1hbHRyYXRvIHkgYWJ1c288L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iNyIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9Ijg1IiBjb2xzcGFuPSI0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPjxzdHJvbmc+MTQsIDE1IHkgMTYgZGUgTm92aWVtYnJlIEFCSUVSVEEgTEEgSU5TQ1JJUENJJk9hY3V0ZTtOISAoY29uIGRlc2N1ZW50byBoYXN0YSBlbCAyNy84KTxiciAvPjwvc3Ryb25nPjwvcD4NCjxwPjxzdHJvbmc+QUJJRVJUQSBMQSBSRUNFUENJJk9hY3V0ZTtOIERFIFRSQUJBSk88YSBocmVmPSJodHRwOi8vd3d3LmNvbmdyZXNvdmlvbGVuY2lhLmNvbS9pbmRleC5waHA/aWQ9bW9kYWxpZGFkZXMiIHRhcmdldD0iX2JsYW5rIj4gKG1hcyBpbmZvKTwvYT48L3N0cm9uZz48L3A+DQo8cD48c3BhbiBzdHlsZT0iY29sb3I6ICNmZjY2MDA7Ij48c3Ryb25nPk9yZ2FuaXphOiBTYWx1ZCBBY3RpdmE8L3N0cm9uZz48L3NwYW4+PC9wPg0KPHA+PHNwYW4gc3R5bGU9ImNvbG9yOiAjZmY2NjAwOyI+SW5jcmlwdG9zIGFsIFBvcnRhbCBkZSBTYWx1ZCBBY3RpdmEsIGltcG9ydGFudGVzIGRlc2N1ZW50b3MhPGJyIC8+PC9zcGFuPjwvcD4NCjxwPkx1Z2FyIGRlIFJlYWxpemFjaSZvYWN1dGU7biB5IGNvbGFib3JhY2lvbjogVW5pdmVyc2lkYWQgZGVsIEVzdGUsIExhIFBsYXRhIEJ1ZW5vcyBBaXJlczwvcD4NCjxwPk1hcyBkZSAxNTAgdHJhYmFqb3MgcHJlc2VudGFkb3MsIHVsdGltb3MgZGlhcyBwYXJhIGluc2NyaWJpcnNlIGNvbiBkZXNjdWVudG8hITwvcD4NCjxwPjxhIGhyZWY9Imh0dHA6Ly93d3cuY29uZ3Jlc292aW9sZW5jaWEuY29tL2luZGV4LnBocD9pZD1pbnNjcmlwY2lvbiIgdGFyZ2V0PSJfYmxhbmsiPkluc2NyaWJpcnNlPC9hPjwvcD4NCjxwPjxhIGhyZWY9Imh0dHA6Ly93d3cuY29uZ3Jlc292aW9sZW5jaWEuY29tL2luZGV4LnBocD9pZD1pbnNjcmlwY2lvbiIgdGFyZ2V0PSJfYmxhbmsiPjxiciAvPjwvYT48L3A+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTklIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzAxIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzE5LmpwZyIgd2lkdGg9Ijc1IiBoZWlnaHQ9IjQxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMS5qcGciIHdpZHRoPSI1MyIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48YSBocmVmPSIjIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDEiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIiBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgIDwvdHI+CgkJICAgICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MDQvMTEvMjAxMzwvc3Bhbj48YnI+RWwgY29sZWdpbyBkZSBQc2lj82xvZ29zIGRlIEPzcmRvYmEgc2UgcHJvbnVuY2lhIGVuIHJlbGFjafNuIGFsIFNBUCB5IGVuIGNvbmNvcmRhbmNpYSBjb24gbG8gZXhwcmVzYWRvIHBvciBlbCBDb2xlZ2lvIGRlIFBzaWPzbG9nb3MgZGUgTWFyIGRlbCBQbGF0YSB5IGVsIENvbGVnaW8gZGUgUHNpY/Nsb2dvcyBkZSBsYSAgUHJvdmluY2lhIGRlIEJ1ZW5vcyBBaXJlczwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wMV8xOS5qcGciIHdpZHRoPSI3IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODUiIGNvbHNwYW49IjQiIHZhbGlnbj0idG9wIiBjbGFzcz0idGV4dG9udWV2byI+PHA+Jm5ic3A7PC9wPg0KPHA+TGFzIGNvbnRyb3ZlcnNpYXMgZ2VuZXJhZGFzIGVuIHJlbGFjaSZvYWN1dGU7biBhbCAic2luZHJvbWUgZGUgYWxpZW5hY2kmb2FjdXRlO24gcGFyZW50YSIgU0FQLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMxMCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzEwIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTU2IiByb3dzcGFuPSIyIiB2YWxpZ249InRvcCI+CgkJCQkKCQkJCTx0YWJsZSB3aWR0aD0iMzIlIiBib3JkZXI9IjEiIGNlbGxzcGFjaW5nPSIzIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJzcmMvaW1nX3VwLzE2MTAyMDEzLjAuanBnIiB3aWR0aD0iMTQ2IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPgoJCQkJCQkJCTwvdGQ+ICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MTYvMTAvMjAxMzwvc3Bhbj48YnI+U2FsdWQgQWN0aXZhIG90b3JnYSBtZWRpYXMgYmVjYXMgcGFyYSBlbCBJViBDb25ncmVzbyBJbnRlcm5hY2lvbmFsLCBWIE5hY2lvbmFsLCBWSSBSZWdpb25hbCBWaW9sZW5jaWEsIE1hbHRyYXRvIHkgQWJ1c28uPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD4mbmJzcDs8L3A+DQo8cD5TZXImYWFjdXRlO24gb3RvcmdhZGFzIDUwIG1lZGlhcyBiZWNhcywgcXVlZGFuIHBvY2FzISEhIGNvbmRpY2lvbjo8L3A+DQo8cD5QZXJ0ZW5lY2VyIGFsIGFtYml0byBwdWJsaWNvIG8gYSBPTkcsIHNlIGNvbnNpZGVyYSB0YW1iaWVuIGxhIGRpc3RhbmNpYSBhbCBsdWdhciBkZWwgZXZlbnRvISEhIGVzIG11eSBzZW5jaWxsbywgc29sbyBkZWJlcyBlbnZpYXIgdW4gZW1haWwuLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwOSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA5Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjI0LzA3LzIwMTM8L3NwYW4+PGJyPk5FQ0VTSVRBTU9TIERFIFNVIFNPTElEQVJJREFEIEhBQ0lBIExPUyBOSdFPUyBZIE5J0UFTISEhPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD48c3Ryb25nPjxzcGFuIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IHVuZGVybGluZTsiPjxiciAvPjwvc3Bhbj48L3N0cm9uZz48L3A+DQo8cD48c3Ryb25nPjxzcGFuIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IHVuZGVybGluZTsiPjxiciAvPjwvc3Bhbj48L3N0cm9uZz48L3A+DQo8cD48c3Ryb25nPjxzcGFuIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IHVuZGVybGluZTsiPlBST0dSQU1BIEZBTUlMSUFTIFNPTElEQVJJQVM8L3NwYW4+PC9zdHJvbmc+PC9wPg0KPHA+PHN0cm9uZz5DQU1CSU8gREUgU0VERTwvc3Ryb25nPjwvcD4NCjxwPkxhIGNhcGFjaXRhY2kmb2FjdXRlO24gcGFyYSBsYSBwdWVzdGEgZW4gbWFyY2hhIGRlbCA8c3Ryb25nPlByb2dyYW1hIEZhbWlsaWFzIFNvbGlkYXJpYXM8L3N0cm9uZz4gc2UgcmVhbGl6YXImYWFjdXRlOyBlbiBsYSBsb2NhbGlkYWQgZGUgPHN0cm9uZz5OYXZhcnJvPC9zdHJvbmc+IHBhcmEgdG9kbyBlbCBjb3JyZWRvciBkZSBsYSBSdXRhIDQwLjwvcD4NCjxwPkluaWNpbyA8c3Ryb25nPk1pJmVhY3V0ZTtyY29sZXMgMjggZGUgYWdvc3RvIGEgbGFzIDE0IGhvcmFzLiZuYnNwOzwvc3Ryb25nPjwvcD4NCjxwPlNlZGU6IDxzdHJvbmc+U2FsJm9hY3V0ZTtuIE11bmljaXBhbCBlbiBsYSBjYWxsZSAxMDcgZXNxdWluYSAyMiAtIE5hdmFycm88L3N0cm9uZz48L3A+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTklIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA4Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzE5LmpwZyIgd2lkdGg9Ijc1IiBoZWlnaHQ9IjQxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMS5qcGciIHdpZHRoPSI1MyIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48YSBocmVmPSIjIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDgiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIiBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgIDwvdHI+CgkJICAgICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNTYiIHJvd3NwYW49IjIiIHZhbGlnbj0idG9wIj4KCQkJCQoJCQkJPHRhYmxlIHdpZHRoPSIzMiUiIGJvcmRlcj0iMSIgY2VsbHNwYWNpbmc9IjMiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PGltZyBzcmM9InNyYy9pbWdfdXAvMTIwNzIwMTMuMC5qcGciIHdpZHRoPSIxNDYiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+CgkJCQkJCQkJPC90ZD4gICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBjbGFzcz0idGl0dWxvaG9tZTEiPjxzcGFuIGNsYXNzPSJkZXN0YWNhZG9zIj4xMi8wNy8yMDEzPC9zcGFuPjxicj5TQUxVRCBBQ1RJVkEgaGEgc2lkbyBlbGVnaWRhIHBvciBzZWd1bmRhIHZleiBjb25zZWN1dGl2YSBjb21vIHVubyBkZSBsb3MgZ2FuYWRvcmVzIGRlbCBDdWFydG8gQ29uY3Vyc28gZGUgUHJveWVjdG9zIFNvY2lhbGVzIGRlIFBldHJvYnJhczwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wMV8xOS5qcGciIHdpZHRoPSI3IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODUiIGNvbHNwYW49IjQiIHZhbGlnbj0idG9wIiBjbGFzcz0idGV4dG9udWV2byI+PHA+RW4gZWwgbWFyY28gZGVsIEN1YXJ0byBDb25jdXJzbyBkZSBQcm95ZWN0b3MgU29jaWFsZXMgZGUgUGV0cm9icmFzLCANCm51ZXN0cmEgSW5zdGl0dWNpJm9hY3V0ZTtuIFNBTFVEIEFDVElWQSBoYSBzaWRvIGVsZWdpZGEgcG9yIHNlZ3VuZGEgdmV6IA0KY29uc2VjdXRpdmEgY29tbyB1bm8gZGUgbG9zIGdhbmFkb3JlcyBkZSBkaWNobyBjb25jdXJzby48YnIgLz5FbiBlc3RhIA0KZWRpY2kmb2FjdXRlO24gZWwgcHJveWVjdG8gcXVlIGhhIHNpZG8gZWxlZ2lkbyBlcyBlbCAmbGRxdW87UHJvZ3JhbWEgZGUgRmFtaWxpYXMgDQpTb2xpZGFyaWFzJnJkcXVvOyBzaWVuZG8gc3UgJmFhY3V0ZTtyZWEgZGUgaW1wbGVtZW50YWNpJm9hY3V0ZTtuIGxvcyBNdW5pY2lwaW9zIGRlIE5hdmFycm8sIA0KR3JhbC4gTGFzIEhlcmFzLCBNYXJjb3MgUGF6LCB5IE1lcmxvPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjAyLzA3LzIwMTM8L3NwYW4+PGJyPk/tciBvIGVzY3VjaGFyPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5Qb3IgQ2FybG9zIFJvemFuc2tpICo8L3A+DQo8cD5BIGxvIGxhcmdvIGRlIGxvcyBzaWdsb3MsIGxhcyBuaSZudGlsZGU7YXMsIG5pJm50aWxkZTtvcyB5IGFkb2xlc2NlbnRlcyBoYW4gc2lkbyBtYWx0cmF0YWRvcyB5IGFidXNhZG9zIHNpbiBxdWUgYSBsYSBjb211bmlkYWQgbGUgaW50ZXJlc2FyYSBuaSBzaXF1aWVyYSBlc2N1Y2hhcmxvcyBjdWFuZG8gaGFjJmlhY3V0ZTthbiBzYWJlciBkZSBhbGd1bmEgZm9ybWEgbG9zIHN1ZnJpbWllbnRvcyBxdWUgcGFkZWMmaWFjdXRlO2FuLiBFbiAxODc0LCBlbiBFc3RhZG9zIFVuaWRvcywgZnVlIGxhIHByaW1lcmEgdmV6IHF1ZSBlbCBFc3RhZG8gaW50ZXJ2aW5vIGVuIHVuIGNhc28gZGUgbWFsdHJhdG8geSBhYnVzby4uLjwvcD48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxOSUiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDYiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMTkuanBnIiB3aWR0aD0iNzUiIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjYwJSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjxhIGhyZWY9IiMiPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjAlIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwNiI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMi5qcGciIHdpZHRoPSI3OCIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18yNi5qcGciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjYuanBnIiB3aWR0aD0iMiIgaGVpZ2h0PSIyIiAvPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgPC90cj4KCQkgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZD48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBjbGFzcz0idGl0dWxvaG9tZTEiPjxzcGFuIGNsYXNzPSJkZXN0YWNhZG9zIj4wMi8wNy8yMDEzPC9zcGFuPjxicj5FbCBkZXJlY2hvIGRlIGxvcyBuafFvcyBhIHNlciBlc2N1Y2hhZG9zPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5VbiBob21icmUgYWN1c2FkbyBkZSBoYWJlciBhYnVzYWRvIGRlIHN1cyBoaWpvcyBoYWImaWFjdXRlO2Egc2lkbyBzb2JyZXNlJmlhY3V0ZTtkbyBkb3MgdmVjZXMgcG9yIGxhIEp1c3RpY2lhLiBQZXJvIGFob3JhLCBsYSBDJmFhY3V0ZTttYXJhIGRlIENhc2FjaSZvYWN1dGU7biByZXZvYyZvYWN1dGU7IGVzYSBkZWNpc2kmb2FjdXRlO24gcG9ycXVlIGVuIGxhIGludmVzdGlnYWNpJm9hY3V0ZTtuIGVsIGp1ZXogbnVuY2EgaGFiJmlhY3V0ZTthIGVzY3VjaGFkbyBhIGxvcyBjaGljb3MuIFkgb3JkZW4mb2FjdXRlOyBxdWUgdGVuZ2EgZW4gY3VlbnRhIGxvIHF1ZSBkaWNlbi48L3A+DQo8cD5Qb3IgTWFyaWFuYSBDYXJiYWphbDwvcD48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxOSUiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDUiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMTkuanBnIiB3aWR0aD0iNzUiIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjYwJSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjxhIGhyZWY9IiMiPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjAlIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwNSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMi5qcGciIHdpZHRoPSI3OCIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18yNi5qcGciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjYuanBnIiB3aWR0aD0iMiIgaGVpZ2h0PSIyIiAvPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgPC90cj4KCQkgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZD48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE1NiIgcm93c3Bhbj0iMiIgdmFsaWduPSJ0b3AiPgoJCQkJCgkJCQk8dGFibGUgd2lkdGg9IjMyJSIgYm9yZGVyPSIxIiBjZWxsc3BhY2luZz0iMyIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48aW1nIHNyYz0ic3JjL2ltZ191cC8wNjA2MjAxMy4xLmpwZyIgd2lkdGg9IjE0NiIgLz48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT4KCQkJCQkJCQk8L3RkPiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjA2LzA2LzIwMTM8L3NwYW4+PGJyPkFidXNvIHNleHVhbCBpbmZhbnRpbC4gRGVzYWZpb3MgZGUgbGEgY2xpbmljYSBhY3R1YWw8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iNyIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9Ijg1IiBjb2xzcGFuPSI0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPkFiaWVydGEgbGEgaW5zY3JpcGNpb248L3A+DQo8cD5Eb2NlbnRlczogTGljLiBNYXJpYSBCZWF0cml6IE0mdXVtbDtsbGVyLiBMaWMuIFBhb2xhIE11Jm50aWxkZTtveiBEdWFydGU8L3A+DQo8cD5JbmljaW86IE1pZXJjb2xlcyAxOSBkZSBKdW5pbzwvcD4NCjxwPkZyZWN1ZW5jaWE6IFNlbWFuYWw8L3A+DQo8cD5Nb2RhbGlkYWQ6IEludGVuc2l2YTwvcD4NCjxwPkNvbnRlbmlkb3M6ICZuYnNwOyBFc3RhIGRlc3RpbmFkbyBhIHRvZG9zIGxvcyBwcm9mZXNpb25hbGVzIGNvbXByb21ldGlkb3MgY29uIGxhIHRlbWF0aWNhIGRlbCBhYnVzbyBpbmZhbnRpbCBxdWUgcXVpZXJhbiBhY3R1YWxpemFyc2UgZSBpbnRlcmNhbWJpYXIgZXhwZXJpZW5jaWFzIGRlIHRyYWJham8uLi48L3A+DQo8cD4mbmJzcDs8L3A+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTklIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA0Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzE5LmpwZyIgd2lkdGg9Ijc1IiBoZWlnaHQ9IjQxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMS5qcGciIHdpZHRoPSI1MyIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48YSBocmVmPSIjIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDQiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIiBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgIDwvdHI+CgkJICAgICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNTYiIHJvd3NwYW49IjIiIHZhbGlnbj0idG9wIj4KCQkJCQoJCQkJPHRhYmxlIHdpZHRoPSIzMiUiIGJvcmRlcj0iMSIgY2VsbHNwYWNpbmc9IjMiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PGltZyBzcmM9InNyYy9pbWdfdXAvMTYwNTIwMTMuMC5qcGciIHdpZHRoPSIxNDYiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+CgkJCQkJCQkJPC90ZD4gICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBjbGFzcz0idGl0dWxvaG9tZTEiPjxzcGFuIGNsYXNzPSJkZXN0YWNhZG9zIj4xNi8wNS8yMDEzPC9zcGFuPjxicj5TYWx1ZCBBY3RpdmEgbmVjZXNpdGEgZGUgdHUgYXl1ZGEhPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5UcmFiYWphbW9zIGNvbW8gcG9kZW1vczogYmEmbnRpbGRlO29zIHJvdG9zLCBzdXNwZW5zaSZvYWN1dGU7biBkZSByZXVuaW9uZXMgcG9yIGNvcnRlcyBkZSBsdXogeSBhZ3VhLCBqdWd1ZXRlcyB2aWVqb3MsIG1lc2VzIGRlIGF0cmFzbyBlbiBlbCBwYWdvIGRlIHN1cyBwcm9mZXNpb25hbGVzIGRlIGxhIHNhbHVkLiBSZWNpZW50ZW1lbnRlIHR1dmltb3MgcXVlIGNlcnJhciBudWVzdHJvIHF1ZXJpZG8gSG9nYXI6ICZsZHF1bztNZXRhbW9yZm9zaXMmcmRxdW87IGVyYSBlbCBsdWdhciBxdWUgc3VwbyBjb250ZW5lciBhIG5pJm50aWxkZTthcyB5IGomb2FjdXRlO3ZlbmVzIHJlc2NhdGFkYSBkZSByZWRlcyBkZSB0cmF0YSBvIHYmaWFjdXRlO2N0aW1hcyBkZSBhYnVzbyBpbnRyYWZhbWlsaWFyLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwMyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzAzIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjAzLzA1LzIwMTM8L3NwYW4+PGJyPlJFUFVESU8gQSBMQSBQUkVTRU5DSUEgRU4gTEEgRkVSSUEgREVMIExJQlJPIERFIFVOIEVYIEpVRVogQUNVU0FETyBERSBBQlVTTyBTRVhVQUw8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iNyIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9Ijg1IiBjb2xzcGFuPSI0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPkZ1ZSBjYW1hcmlzdGEgZW4gTWFyIGRlbCBQbGF0YSBkdXJhbnRlIGxhIGRpY3RhZHVyYS4gSGFjZSBhJm50aWxkZTtvcywgdmFyaWFzIG11amVyZXMgbG8gYWN1c2Fyb24gZGUgaGFiZXIgYWJ1c2FkbyBkZSBlbGxhcyBjdWFuZG8gZXJhbiBuaSZudGlsZGU7YXMuIExhIGNhdXNhIHByZXNjcmliaSZvYWN1dGU7IHkgbm8gaHVibyBjb25kZW5hLiBNYSZudGlsZGU7YW5hIHRpZW5lIHByZXZpc3RvIGZpcm1hciBzdSBsaWJyby4gRXNhcyBtaXNtYXMgbXVqZXJlcyBwaWRlbiBxdWUgbm8gc2VhIGFkbWl0aWRvIGVuIGxhIGZlcmlhLjwvcD48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxOSUiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDIiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMTkuanBnIiB3aWR0aD0iNzUiIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjYwJSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjxhIGhyZWY9IiMiPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjAlIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwMiI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMi5qcGciIHdpZHRoPSI3OCIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18yNi5qcGciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjYuanBnIiB3aWR0aD0iMiIgaGVpZ2h0PSIyIiAvPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgPC90cj4KCQkgIDwhLS0gRklOIG5vdGEgZGVzdGFjYWRhIC0tPgogICAgICAgIDwvdGFibGU+ICAgICAgICA8L3RkPgogICAgICAgIDx0ZCB3aWR0aD0iNSUiIGFsaWduPSJyaWdodCI+PGltZyBzcmM9ImltZy81eDUuanBnIiB3aWR0aD0iMTUiIGhlaWdodD0iMTUiIC8+PC90ZD4KICAgICAgPC90cj4KICAgIDwvdGFibGU+PC90ZD4KICA8L3RyPgogIDx0cj4KICAgIDx0ZCB3aWR0aD0iMSUiPjxpbWcgc3JjPSJpbWcvNXg1LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjE1IiAvPjwvdGQ+CiAgICA8dGQgY29sc3Bhbj0iMiIgYWxpZ249ImNlbnRlciI+Jm5ic3A7PC90ZD4KICAgIDx0ZCB3aWR0aD0iMiUiPjxpbWcgc3JjPSJpbWcvNXg1LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjE1IiAvPjwvdGQ+CiAgPC90cj4KICAKICA8dGQ+CiAgPHRyPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgICA8dGQgY29sc3Bhbj0iMiI+Jm5ic3A7PC90ZD4KICA8L3RyPgogIDx0ciBhbGlnbj0iY2VudGVyIj4KICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgPHRkIHdpZHRoPSI5NyIgY29sc3Bhbj0iMiIgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iNTQ2IiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMyIgY2xhc3M9ImJvcmRlIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgYWxpZ249ImNlbnRlciIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZCA+PC90ZD4KICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIiBjbGFzcz0idGl0dWxvaG9tZTIiPjx0YWJsZSB3aWR0aD0iIiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYWxpZ249ImxlZnQiIHZhbGlnbj0iYm90dG9tIiBjbGFzcz0idGl0dWxvaG9tZTIiPlJhbmtpbmc8L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGFsaWduPSJsZWZ0IiB2YWxpZ249ImJvdHRvbSIgY2xhc3M9InRpdHVsb2hvbWUyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iIiBoZWlnaHQ9IjM1IiBhbGlnbj0ibGVmdCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIyNSIgY2xhc3M9ImNvbnRlbmlkb2hvbWUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMjUiIGNsYXNzPSJjb250ZW5pZG9ob21lIj48c3Ryb25nPiZidWxsO0xhcyBtJmFhY3V0ZTtzIGxlaWRhczwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGNsYXNzPSJjb250ZW5pZG9ob21lIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBjbGFzcz0iY29udGVuaWRvaG9tZSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgY2xhc3M9ImNvbnRlbmlkb2hvbWUiPjxzdHJvbmc+JmJ1bGw7TGFzIG0mYWFjdXRlO3MgY29tZW50YWRhczwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIlIiBoZWlnaHQ9IjIwIiB2YWxpZ249Im1pZGRsZSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yOTgiIGNsYXNzPSJib3RvbiI+PGltZyBzcmM9ImltZy9mbGVjaGFuYXJhbmphZmdyaXNfMjQuanBnIiB3aWR0aD0iMTQiIGhlaWdodD0iNyIgYm9yZGVyPSIwIiBhbGlnbj0iYWJzbWlkZGxlIiAvPjwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDElIiBoZWlnaHQ9IjMwIiB2YWxpZ249InRvcCIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yOTgiIGNsYXNzPSJib3RvbiI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgTHVkb3RlY2EgR2FyYWJhdG8gLSBQcm95ZWN0byBzYWx1ZGFjdGl2YSwgUG9yIHVuYSBpbmZhbmNpYSBmZWxpeiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iOSUiIGJnY29sb3I9IiNFRkVGRUYiPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzJSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0xNjIiIGNsYXNzPSJib3RvbiI+PGltZyBzcmM9ImltZy9mbGVjaGFuYXJhbmphZmdyaXNfMjQuanBnIiB3aWR0aD0iMTQiIGhlaWdodD0iNyIgYm9yZGVyPSIwIiBhbGlnbj0iYWJzbWlkZGxlIiAvPjwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDUlIiBiZ2NvbG9yPSIjRUZFRkVGIj4gICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3JmFtcDtub3RhPTE2MiIgY2xhc3M9ImJvdG9uIj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBDdXJzbyBJbnRlbnNpdm8gZGUgb3BlcmFkb3IgdGVyYXBldXRpY28gZXNwZWNpYWxpemFkbyBlbiBlbCBhYm9yZGFqZSBkZWwgYWJ1c28sIGxhIHZpb2xlbmNpYSB5IGVsIG1hbHRyYXRvIGluZmFudGlsICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9hPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIlIiBoZWlnaHQ9IjIwIiB2YWxpZ249Im1pZGRsZSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yNDIiIGNsYXNzPSJib3RvbiI+PGltZyBzcmM9ImltZy9mbGVjaGFuYXJhbmphZmdyaXNfMjQuanBnIiB3aWR0aD0iMTQiIGhlaWdodD0iNyIgYm9yZGVyPSIwIiBhbGlnbj0iYWJzbWlkZGxlIiAvPjwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDElIiBoZWlnaHQ9IjMwIiB2YWxpZ249InRvcCIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yNDIiIGNsYXNzPSJib3RvbiI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgUFJPR1JBTUEgTEFTIFZJQ1RJTUFTIENPTlRSQSBMQVMgVklPTEVOQ0lBUyAgTWluaXN0ZXJpbyBkZSBKdXN0aWNpYSB5IERlcmVjaG9zIEh1bWFub3MgZGUgbGEgTmFjafNuICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9hPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI5JSIgYmdjb2xvcj0iI0VGRUZFRiI+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjMlIiBiZ2NvbG9yPSIjRUZFRkVGIj4gICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3JmFtcDtub3RhPTI1NSIgY2xhc3M9ImJvdG9uIj48aW1nIHNyYz0iaW1nL2ZsZWNoYW5hcmFuamFmZ3Jpc18yNC5qcGciIHdpZHRoPSIxNCIgaGVpZ2h0PSI3IiBib3JkZXI9IjAiIGFsaWduPSJhYnNtaWRkbGUiIC8+PC9hPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI0NSUiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MjU1IiBjbGFzcz0iYm90b24iPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIERpcGxvbWF0dXJhIGVuIEFib3JkYWplIGludGVyZGlzY2lwbGluYXJpbyBkZWwgbWFsdHJhdG8sIGxhIHZpb2xlbmNpYSB5IGVsIGFidXNvIHNleHVhbCBpbmZhbnRpbCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyJSIgaGVpZ2h0PSIyMCIgdmFsaWduPSJtaWRkbGUiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MzAzIiBjbGFzcz0iYm90b24iPjxpbWcgc3JjPSJpbWcvZmxlY2hhbmFyYW5qYWZncmlzXzI0LmpwZyIgd2lkdGg9IjE0IiBoZWlnaHQ9IjciIGJvcmRlcj0iMCIgYWxpZ249ImFic21pZGRsZSIgLz48L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjQxJSIgaGVpZ2h0PSIzMCIgdmFsaWduPSJ0b3AiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MzAzIiBjbGFzcz0iYm90b24iPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNhbHVkIEFjdGl2YSBuZWNlc2l0YSBkZSB0dSBheXVkYSEgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjklIiBiZ2NvbG9yPSIjRUZFRkVGIj48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMyUiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MTA0IiBjbGFzcz0iYm90b24iPjxpbWcgc3JjPSJpbWcvZmxlY2hhbmFyYW5qYWZncmlzXzI0LmpwZyIgd2lkdGg9IjE0IiBoZWlnaHQ9IjciIGJvcmRlcj0iMCIgYWxpZ249ImFic21pZGRsZSIgLz48L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjQ1JSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0xMDQiIGNsYXNzPSJib3RvbiI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgTGxhbWFkbyBwYXJhIHByZXNlbnRhY2nzbiBkZSB0cmFiYWpvcy4gICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjIwIiBiZ2NvbG9yPSIjRkZGRkZGIiBjbGFzcz0idGV4dG9udWV2byI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIyMCIgYmdjb2xvcj0iI0ZGRkZGRiIgY2xhc3M9InRleHRvbnVldm8iPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGJnY29sb3I9IiNGRkZGRkYiIGNsYXNzPSJ0ZXh0b251ZXZvIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBiZ2NvbG9yPSIjRkZGRkZGIiBjbGFzcz0idGV4dG9udWV2byI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgYmdjb2xvcj0iI0ZGRkZGRiIgY2xhc3M9InRleHRvbnVldm8iPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICA8L3RhYmxlPgogICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iIyIgY2xhc3M9ImJvdG9uIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgIDwvdHI+CiAgICAgICAgPC90YWJsZT48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgIDx0ZCBjb2xzcGFuPSIyIj4mbmJzcDs8L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KPCEtLSBJTklDSU8gbm90YSBjb211biAtLT4KICA8dHI+CiAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgIDx0ZCBjb2xzcGFuPSIyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQgd2lkdGg9IjElIj4mbmJzcDs8L3RkPgogICAgPHRkIGNvbHNwYW49IjIiIGFsaWduPSJjZW50ZXIiPjx0YWJsZSB3aWR0aD0iNTQwIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgIDx0cj4KICAgICAgICA8dGQgd2lkdGg9IjI3MCIgdmFsaWduPSJ0b3AiPgoJCQkJPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBhbGlnbj0ibGVmdCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MTUvMDQvMjAxMjwvc3Bhbj48YnI+T3JnYW5pemFuIGpvcm5hZGEgc29icmUgdmlvbGVuY2lhPC90ZD4KICAgICAgICAgIDwvdHI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTUiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODAiIGNvbHNwYW49IjQiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPlNlIGNlbnRyYXImYWFjdXRlOyBlbiBsb3MgZmVuJm9hY3V0ZTttZW5vcyBxdWUgYWZlY3RhbiBhIGxhIGZhbWlsaWEgeSBlbiBsbyBxdWUgb2N1cnJlIGVuIGxhcyBlc2N1ZWxhcy48YnIgLz4gU2UgbGxldmFyJmFhY3V0ZTsgYSBjYWJvIGVsIGx1bmVzIDIzLCBlbiBlbCBDZW50cm8gQ3VsdHVyYWwgZGUgVG9zY2hpIHkgVHJlcyANCkFycm95b3MsIHVuYSBqb3JuYWRhIGRlIHJlZmxleGkmb2FjdXRlO24geSBkZWJhdGUgYWJpZXJ0YSBhIGxhIGNvbXVuaWRhZCBzb2JyZSANCiZsZHF1bztWaW9sZW5jaWEgZW4gbGEgZmFtaWxpYSB5IGVuIGxhIGVzY3VlbGEgeSBzdSByZWxhY2kmb2FjdXRlO24gY29uIGVsIGZyYWNhc28gDQplc2NvbGFyJnJkcXVvOywgb3JnYW5pemFkYSBwb3IgbGEgQXNvY2lhY2kmb2FjdXRlO24gQ2l2aWwgQ2VudHJvIEFydCZlYWN1dGU7bWlkZXMgeSBsYSANCk11bmljaXBhbGlkYWQgZGUgQ2lwb2xsZXR0aS5TZSBjZW50cmFyJmFhY3V0ZTsgZW4gbG9zIGZlbiZvYWN1dGU7bWVub3MgcXVlIGFmZWN0YW4gYSBsYSBmYW1pbGlhIHkgZW4gbG8gcXVlIG9jdXJyZSBlbiBsYXMgZXNjdWVsYXMuPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI2OSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNjkiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICAgIDx0ZCB3aWR0aD0iMjcwIiBhbGlnbj0icmlnaHQiIHZhbGlnbj0idG9wIj4KCQkJCTx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgYWxpZ249ImxlZnQiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjMwLzAzLzIwMTI8L3NwYW4+PGJyPkNhcnRhIGRlIEFTQVBNSSAtIEFzb2NpYWNp824gQXJnZW50aW5hIGRlIFByZXZlbmNp824gZGVsIE1hbHRyYXRvIEluZmFudG8tSnV2ZW5pbDwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQgd2lkdGg9IjE1IiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wMV8xOS5qcGciIHdpZHRoPSIxNSIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjgwIiBjb2xzcGFuPSI0IiBhbGlnbj0ibGVmdCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5Mb3MgaW50ZWdyYW50ZXMgZGUgbGEgQ29taXNpJm9hY3V0ZTtuIERpcmVjdGl2YSBkZSBBU0FQTUkgLSBBc29jaWFjaSZvYWN1dGU7biBBcmdlbnRpbmEgZGUgUHJldmVuY2kmb2FjdXRlO24gZGVsIE1hbHRyYXRvIEluZmFudG8tSnV2ZW5pbCwgYXNvY2lhZGEgYSBsYSBJbnRlcm5hdGlvbmFsIFNvY2lldHkgZm9yIFByZXZlbnRpb24gb2YgQ2hpbGQgQWJ1c2UgYW5kIE5lZ2xlY3QgKElTUENBTikgLSwgdGVuZW1vcyBlbCBhZ3JhZG8gZGUgZGlyaWdpcm5vcyBhIFVzdGVkIHBhcmEgdHJhc21pdGlybGUgbnVlc3RyYSBwcm9mdW5kYSAmbmJzcDt5IGhvbmRhIHByZW9jdXBhY2kmb2FjdXRlO24gcG9yIGxhIHBvc3R1cmEgcXVlIHZpZW5lbiBhc3VtaWVuZG8gZW4gZm9ybWEgY29udGludWFkYSBhbGd1bm9zIGNvbGVnaW9zIGRlIHBzaWMmb2FjdXRlO2xvZ29zLCBlc3BlY2lhbG1lbnRlIGRlIGxhIHByb3ZpbmNpYSBkZSBCdWVub3MgQWlyZXMsIGVuIHJlbGFjaSZvYWN1dGU7biBhbCB0cmF0YW1pZW50byBwb2NvIHNlcmlvIHkgY29tcHJvbWV0aWRvIHF1ZSBzZSBsZXMgb3RvcmdhIGEgbGFzIGRlbnVuY2lhcyBlZmVjdHVhZGFzIGNvbnRyYSBwcm9mZXNpb25hbGVzIHBzaWMmb2FjdXRlO2xvZ29zLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI2OCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNjgiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgIDx0ZCBjb2xzcGFuPSIyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQgd2lkdGg9IjElIj4mbmJzcDs8L3RkPgogICAgPHRkIGNvbHNwYW49IjIiIGFsaWduPSJjZW50ZXIiPjx0YWJsZSB3aWR0aD0iNTQwIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgIDx0cj4KICAgICAgICA8dGQgd2lkdGg9IjI3MCIgdmFsaWduPSJ0b3AiPgoJCQkJPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBhbGlnbj0ibGVmdCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MjAvMDMvMjAxMjwvc3Bhbj48YnI+TEEgVklPTEVOQ0lBIFNFWFVBTCBDT05UUkEgTknRT1MgWSBOSdFBUyBFTiBDSUZSQVM8L3RkPgogICAgICAgICAgPC90cj4KICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkIHdpZHRoPSIxNSIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iMTUiIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4MCIgY29sc3Bhbj0iNCIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIiBjbGFzcz0idGV4dG9udWV2byI+PHA+UmFkaW9ncmFmJmlhY3V0ZTthIGRlIHVuIHByb2JsZW1hPC9wPg0KPHA+RGUgbG9zIG4mdWFjdXRlO21lcm9zIGNvbXBpbGFkb3MgcG9yIGRvcyBlcXVpcG9zIGRlbCBNaW5pc3RlcmlvIGRlIEp1c3RpY2lhLCBsYQ0KIGF1dG9yYSB0b21hIGxvcyBkZSBsYSBjaXVkYWQgZGUgQnVlbm9zIEFpcmVzIHBhcmEgdHJhemFyIHVuIHBhcmFkaWdtYSANCmRlIGxvcyBkZWxpdG9zIGNvbnRyYSBsYSBpbnRlZ3JpZGFkIHNleHVhbCBlbiBlbCBwYSZpYWN1dGU7cyB5IHNvYnJlIHN1IA0KYXRlbmNpJm9hY3V0ZTtuLjxiciAvPiA8YnIgLz4gJm5ic3A7UG9yIEV2YSBHaWJlcnRpPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI2MCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNjAiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICAgIDx0ZCB3aWR0aD0iMjcwIiBhbGlnbj0icmlnaHQiIHZhbGlnbj0idG9wIj4KCQkJCTx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgYWxpZ249ImxlZnQiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjE1LzAzLzIwMTI8L3NwYW4+PGJyPkZBTExPIERFIExBIENPUlRFIFNVUFJFTUEgU09CUkUgTEEgTk8gSlVESUNJQUxJWkFDSU9OIERFTCBBQk9SVE8gRU4gQ0FTT1MgREUgVklPTEFDSU9OPC90ZD4KICAgICAgICAgIDwvdHI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTUiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODAiIGNvbHNwYW49IjQiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPjxiciAvPiBKVVJJU0RJQ0NJT046IE5BQ0lPTkFMPGJyIC8+IE1BVEVSSUE6IEFCT1JUTy48YnIgLz4gVFJJQlVOQUw6IENvcnRlIFN1cHJlbWEgZGUgSnVzdGljaWEgZGUgbGEgTmFjaSZvYWN1dGU7bi48YnIgLz4gQVVUT1M6IEYuLCBBLiBMLiBzLyBtZWRpZGEgYXV0b3NhdGlzZmFjdGl2YS48YnIgLz4gRkVDSEE6IDEzLzAzLzIwMTIuPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI1OSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNTkiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KPCEtLSBGSU4gbm90YSBjb211biAtLT4KPC90YWJsZT4KPG1hcCBuYW1lPSJNYXBNYXAiIGlkPSJNYXBNYXAiPjxhcmVhIHNoYXBlPSJyZWN0IiBjb29yZHM9IjE0NCw0LDIxNCwzNiIgaHJlZj0iaW5kZXgucGhwP2lkPTE0IiAvPgo8L21hcD4KPG1hcCBuYW1lPSJNYXAyTWFwMiIgaWQ9Ik1hcDJNYXAyIj48YXJlYSBzaGFwZT0icmVjdCIgY29vcmRzPSIxNDcsNCwyMjAsMzYiIGhyZWY9ImluZGV4LnBocD9pZD0xNGEiIC8+CjwvbWFwPgo8bWFwIG5hbWU9Ik1hcDMiIGlkPSJNYXAzIj48YXJlYSBzaGFwZT0icmVjdCIgY29vcmRzPSIzNjMsMyw0MzYsMzkiIGhyZWY9ImluZGV4LnBocD9pZD0xNGIiIC8+CjwvbWFwPgo8L2h0bWw+CjwvdGQ+CiAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgICA8dGQgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIiBiZ2NvbG9yPSIjRTNFM0UzIj4gICAgICAgICAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgICA8dGQgYWxpZ249ImNlbnRlciIgdmFsaWduPSJ0b3AiIGJnY29sb3I9IiNFM0UzRTMiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPHRkIHdpZHRoPSI3MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNiUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8dGQ+PGltZyBzcmM9ImltZy9kZWNpbG9fYmllbl9mdWVydGUxLmpwZyIgd2lkdGg9IjEyMCIgaGVpZ2h0PSIxMTIiPjwvdGQ+CiAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIiA+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTI0IiBjbGFzcz0iYm90b24xIj5bK10gTSZhYWN1dGU7cyBpbmZvcm1hY2kmb2FjdXRlO248L2E+PC90ZD4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPC90cj4KICAgICAgICAgIDwvdGFibGU+CiAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgYmdjb2xvcj0iI0UzRTNFMyI+ICAgICAgICA8L3RyPgogICAgICAgIDx0cj4gCiAgICAgICAgICA8dGQgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIj4mbmJzcDs8L3RkPgogICAgICAgIDwvdHI+CiAgICA8L3RhYmxlPjwvdGQ+CiAgPC90cj4KICA8dHI+IAogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249ImJvdHRvbSI+PGltZyBzcmM9ImltZy9penExLmpwZyIgd2lkdGg9Ijk2IiBoZWlnaHQ9IjExNCIgLz48L3RkPgogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9RdWllbmVzU29tb3NfQTJfMF8yNS5qcGciIHdpZHRoPSI4MDkiIGhlaWdodD0iMTE0IiBib3JkZXI9IjAiIHVzZW1hcD0iI01hcDIiIC8+PC90ZD4KICA8L3RyPgogIDx0cj4gCiAgICA8dGQgaGVpZ2h0PSI1MCIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIiBiYWNrZ3JvdW5kPSJpbWcvUXVpZW5lc1NvbW9zX0EyXzE4XzE4LmpwZyI+Jm5ic3A7PC90ZD4KICAgIDx0ZCBoZWlnaHQ9IjUwIiBjbGFzcz0iZm9uZG9ib3R0b20iPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2l0ZWkuY29tLmFyLyI+PGltZyBzcmM9ImltZy9laV9jb2xvci5wbmciIGFsdD0iZXNwYWNpb3MgZGUgaW1hZ2luYWNpb24sIGRlc2Fycm9sbG9zIGludGVyYWN0aXZvcywgY3JlYXRpdmlkYWQsIGRpc2XxbyIgd2lkdGg9IjI3IiBoZWlnaHQ9IjE1IiBib3JkZXI9IjAiPjwvYT4gPHNwYW4gY2xhc3M9ImVpIj48YSBocmVmPSJodHRwOi8vd3d3LnNpdGVpLmNvbS5hci8iIHNwYW4gY2xhc3M9ImVpIj5kaXNlJm50aWxkZTtvICsgY29tdW5pY2FjaSZvYWN1dGU7bjwvYT48L3NwYW4+PGVtPiZuYnNwOzwvZW0+PC9zcGFuPjxzcGFuIGNsYXNzPSJibGFuY28xIj48ZW0+Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7PC9lbT48L3NwYW4+PC90ZD4KICA8L3RyPgo8L3RhYmxlPgoKCjxtYXAgbmFtZT0iTWFwMiI+PGFyZWEgc2hhcGU9InJlY3QiIGNvb3Jkcz0iMjQ3LDY5LDQxNCw4MiIgaHJlZj0ibWFpbHRvOnNhbHVkYWN0aXZhQHNhbHVkYWN0aXZvLm9yZy5hciI+CjwvbWFwPgo8bWFwIG5hbWU9Ik1hcCI+CjxhcmVhIHNoYXBlPSJyZWN0IiBjb29yZHM9IjM2LDE0MiwxNDksMTUyIiBocmVmPSJpbmRleC5waHA/aWQ9OF92ZXIyJmNvbmY9MiI+CjxhcmVhIHNoYXBlPSJyZWN0IiBjb29yZHM9IjM0LDE4NiwxNTAsMTk2IiBocmVmPSJpbmRleC5waHA/aWQ9OF92ZXIyJmNvbmY9MCI+CjwvbWFwPgo8L2JvZHk+CjwvaHRtbD4K]]></response>
	183	<responseRedirected>false</responseRedirected>
	184	</requestresponse>
	185	</issue>
	186	<issue>
	187	<serialNumber>2348918843333562368</serialNumber>
	188	<type>6291968</type>
	189	<name>Email addresses disclosed</name>
	190	<host ip="200.20.20.201">http://www.example.org.ar</host>
	191	<path><![CDATA[/]]></path>
	192	<location><![CDATA[/]]></location>
	193	<severity>Information</severity>
	194	<confidence>Certain</confidence>
	195	<issueBackground><![CDATA[The presence of email addresses within application responses does not necessarily constitute a security vulnerability. Email addresses may appear intentionally within contact information, and many applications (such as web mail) include arbitrary third-party email addresses within their core content.<br><br>However, email addresses of developers and other individuals (whether appearing on-screen or hidden within page source) may disclose information that is useful to an attacker; for example, they may represent usernames that can be used at the application's login, and they may be used in social engineering attacks against the organization's personnel. Unnecessary or excessive disclosure of email addresses may also lead to an increase in the volume of spam email received.]]></issueBackground>
	196	<remediationBackground><![CDATA[You should review the email addresses being disclosed by the application, and consider removing any that are unnecessary, or replacing personal addresses with anonymous mailbox addresses (such as [email protected]).]]></remediationBackground>
	197	<issueDetail><![CDATA[The following email addresses were disclosed in the response:<ul><li>[email protected]</li><li>[email protected]</li></ul>]]></issueDetail>
	198	<requestresponse>
	199	<request base64="true"><![CDATA[R0VUIC8gSFRUUC8xLjENCkhvc3Q6IHd3dy5zYWx1ZGFjdGl2YS5vcmcuYXINClVzZXItQWdlbnQ6IE1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwLjg7IHJ2OjIzLjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMjMuMA0KQWNjZXB0OiB0ZXh0L2h0bWwsYXBwbGljYXRpb24veGh0bWwreG1sLGFwcGxpY2F0aW9uL3htbDtxPTAuOSwqLyo7cT0wLjgNCkFjY2VwdC1MYW5ndWFnZTogZW4tVVMsZW47cT0wLjUNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KQ29ubmVjdGlvbjoga2VlcC1hbGl2ZQ0KDQo=]]></request>
	200	<response base64="true"><![CDATA[SFRUUC8xLjEgMjAwIE9LDQpEYXRlOiBUaHUsIDA3IE5vdiAyMDEzIDE3OjEyOjAyIEdNVA0KU2VydmVyOiBBcGFjaGUvMi4yLjIzIChVbml4KSBtb2Rfc3NsLzIuMi4yMyBPcGVuU1NMLzAuOS44ZS1maXBzLXJoZWw1DQpYLVBvd2VyZWQtQnk6IFBIUC81LjIuMTcNCkV4cGlyZXM6IFRodSwgMTkgTm92IDE5ODEgMDg6NTI6MDAgR01UDQpDYWNoZS1Db250cm9sOiBuby1zdG9yZSwgbm8tY2FjaGUsIG11c3QtcmV2YWxpZGF0ZSwgcG9zdC1jaGVjaz0wLCBwcmUtY2hlY2s9MA0KUHJhZ21hOiBuby1jYWNoZQ0KU2V0LUNvb2tpZTogUEhQU0VTU0lEPTk0NTg1YWEwYzExY2YyZTg2NGQ4M2UyNDY3OGI5ODY1OyBwYXRoPS8NCktlZXAtQWxpdmU6IHRpbWVvdXQ9MjAsIG1heD0yMDANCkNvbm5lY3Rpb246IEtlZXAtQWxpdmUNCkNvbnRlbnQtVHlwZTogdGV4dC9odG1sDQpDb250ZW50LUxlbmd0aDogNjA2MDYNCg0KIDxoZWFkPgo8bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LVR5cGUiIGNvbnRlbnQ9InRleHQvaHRtbDsgY2hhcnNldD1pc28tODg1OS0xIiAvPgo8dGl0bGU+U2FsdWQgQWN0aXZhIC0gQWJ1c28gdmlvbGVuY2lhIHkgbWFsdHJhdG88L3RpdGxlPgoKPHNjcmlwdD4gCiAgICAvL2VzdG8gcGFyYSBwYXNhcmxlIGFsIGZsYXNoIGxhcyB2YXJpYWxiZXMgZGVsIHBocAogCQoKCXZhciBib3Q9Jyc7Ci8vYWxlcnQodmFyaWFibGVTZXJ2aWRvcik7Cjwvc2NyaXB0Pgo8c2NyaXB0IGxhbmd1YWdlPSJKYXZhU2NyaXB0IiB0eXBlPSJ0ZXh0L0phdmFTY3JpcHQiPgo8IS0tCmZ1bmN0aW9uIE1NX3ByZWxvYWRJbWFnZXMoKSB7IC8vdjMuMAogIHZhciBkPWRvY3VtZW50OyBpZihkLmltYWdlcyl7IGlmKCFkLk1NX3ApIGQuTU1fcD1uZXcgQXJyYXkoKTsKICAgIHZhciBpLGo9ZC5NTV9wLmxlbmd0aCxhPU1NX3ByZWxvYWRJbWFnZXMuYXJndW1lbnRzOyBmb3IoaT0wOyBpPGEubGVuZ3RoOyBpKyspCiAgICBpZiAoYVtpXS5pbmRleE9mKCIjIikhPTApeyBkLk1NX3Bbal09bmV3IEltYWdlOyBkLk1NX3BbaisrXS5zcmM9YVtpXTt9fQp9Ci8vLS0+Cjwvc2NyaXB0Pgo8bGluayBocmVmPSJlc3RpbG9zLmNzcyIgcmVsPSJzdHlsZXNoZWV0IiB0eXBlPSJ0ZXh0L2NzcyIgLz4KCjwvaGVhZD4KCjxzY3JpcHQgbGFuZ3VhZ2U9IkphdmFTY3JpcHQiIHR5cGU9InRleHQvSmF2YVNjcmlwdCI+CjwhLS0KZnVuY3Rpb24gTU1fcmVsb2FkUGFnZShpbml0KSB7ICAvL3JlbG9hZHMgdGhlIHdpbmRvdyBpZiBOYXY0IHJlc2l6ZWQKICBpZiAoaW5pdD09dHJ1ZSkgd2l0aCAobmF2aWdhdG9yKSB7aWYgKChhcHBOYW1lPT0iTmV0c2NhcGUiKSYmKHBhcnNlSW50KGFwcFZlcnNpb24pPT00KSkgewogICAgZG9jdW1lbnQuTU1fcGdXPWlubmVyV2lkdGg7IGRvY3VtZW50Lk1NX3BnSD1pbm5lckhlaWdodDsgb25yZXNpemU9TU1fcmVsb2FkUGFnZTsgfX0KICBlbHNlIGlmIChpbm5lcldpZHRoIT1kb2N1bWVudC5NTV9wZ1cgfHwgaW5uZXJIZWlnaHQhPWRvY3VtZW50Lk1NX3BnSCkgbG9jYXRpb24ucmVsb2FkKCk7Cn0KTU1fcmVsb2FkUGFnZSh0cnVlKTsKLy8tLT4KCjwvc2NyaXB0Pgo8c2NyaXB0IHNyYz0iU2NyaXB0cy9BQ19SdW5BY3RpdmVDb250ZW50LmpzIiB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPjwvc2NyaXB0PgoKCjwvaGVhZD4KCjxib2R5IGJhY2tncm91bmQ9ImltZy9mb25kb19kZWdyYWRlLmpwZyIgdG9wbWFyZ2luPSIwIj4KPHRhYmxlIHdpZHRoPSIxMDA1IiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgPHRyPiAKICAgIDx0ZCB3aWR0aD0iOTYiPjxpbWcgc3JjPSJpbWcvUXVpZW5lc1NvbW9zX0EyXzBfMDEuanBnIiB3aWR0aD0iOTYiIGhlaWdodD0iMjA4IiAvPjwvdGQ+CiAgICA8dGQgd2lkdGg9IjgwOSI+IDxzY3JpcHQgdHlwZT0idGV4dC9qYXZhc2NyaXB0Ij4KQUNfRkxfUnVuQ29udGVudCggJ2NvZGViYXNlJywnaHR0cDovL2Rvd25sb2FkLm1hY3JvbWVkaWEuY29tL3B1Yi9zaG9ja3dhdmUvY2Ficy9mbGFzaC9zd2ZsYXNoLmNhYiN2ZXJzaW9uPTcsMCwxOSwwJywnd2lkdGgnLCc4MDknLCdoZWlnaHQnLCcyMDgnLCdzcmMnLCdzd2YvaGVhZGVyJywncXVhbGl0eScsJ2hpZ2gnLCdwbHVnaW5zcGFnZScsJ2h0dHA6Ly93d3cubWFjcm9tZWRpYS5jb20vZ28vZ2V0Zmxhc2hwbGF5ZXInLCdtb3ZpZScsJ3N3Zi9oZWFkZXInICk7IC8vZW5kIEFDIGNvZGUKPC9zY3JpcHQ+IDxub3NjcmlwdD4KICAgICAgPG9iamVjdCBjbGFzc2lkPSJjbHNpZDpEMjdDREI2RS1BRTZELTExY2YtOTZCOC00NDQ1NTM1NDAwMDAiIGNvZGViYXNlPSJodHRwOi8vZG93bmxvYWQubWFjcm9tZWRpYS5jb20vcHViL3Nob2Nrd2F2ZS9jYWJzL2ZsYXNoL3N3Zmxhc2guY2FiI3ZlcnNpb249NywwLDE5LDAiIHdpZHRoPSI4MDkiIGhlaWdodD0iMjA4Ij4KICAgICAgICA8cGFyYW0gbmFtZT0ibW92aWUiIHZhbHVlPSJzd2YvaGVhZGVyLnN3ZiIgLz4KICAgICAgICA8cGFyYW0gbmFtZT0icXVhbGl0eSIgdmFsdWU9ImhpZ2giIC8+CiAgICAgICAgPGVtYmVkIHNyYz0ic3dmL2hlYWRlci5zd2YiIHF1YWxpdHk9ImhpZ2giIHBsdWdpbnNwYWdlPSJodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL2dvL2dldGZsYXNocGxheWVyIiB0eXBlPSJhcHBsaWNhdGlvbi94LXNob2Nrd2F2ZS1mbGFzaCIgd2lkdGg9IjgwOSIgaGVpZ2h0PSIyMDgiPjwvZW1iZWQ+IAogICAgICA8L29iamVjdD4KICAgICAgPC9ub3NjcmlwdD48L3RkPgogICAgPHRkIHdpZHRoPSIxMiUiIHJvd3NwYW49IjUiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgYmdjb2xvcj0iIzAwMDAwMCI+Jm5ic3A7PC90ZD4KICA8L3RyPgogIDx0cj4gCiAgICA8dGQgaGVpZ2h0PSI0NjEiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgYmFja2dyb3VuZD0iaW1nL1F1aWVuZXNTb21vc19BMl8wXzEzLmpwZyI+IAogICAgICA8c2NyaXB0IHR5cGU9InRleHQvamF2YXNjcmlwdCI+CkFDX0ZMX1J1bkNvbnRlbnQoICdjb2RlYmFzZScsJ2h0dHA6Ly9kb3dubG9hZC5tYWNyb21lZGlhLmNvbS9wdWIvc2hvY2t3YXZlL2NhYnMvZmxhc2gvc3dmbGFzaC5jYWIjdmVyc2lvbj02LDAsMjksMCcsJ3dpZHRoJywnOTYnLCdoZWlnaHQnLCc0NjEnLCdzcmMnLCdzd2Yvc3VibWVudScsJ3F1YWxpdHknLCdoaWdoJywncGx1Z2luc3BhZ2UnLCdodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL2dvL2dldGZsYXNocGxheWVyJywnbW92aWUnLCdzd2Yvc3VibWVudScgKTsgLy9lbmQgQUMgY29kZQo8L3NjcmlwdD4gPG5vc2NyaXB0PgogICAgICA8b2JqZWN0IGNsYXNzaWQ9ImNsc2lkOkQyN0NEQjZFLUFFNkQtMTFjZi05NkI4LTQ0NDU1MzU0MDAwMCIgY29kZWJhc2U9Imh0dHA6Ly9kb3dubG9hZC5tYWNyb21lZGlhLmNvbS9wdWIvc2hvY2t3YXZlL2NhYnMvZmxhc2gvc3dmbGFzaC5jYWIjdmVyc2lvbj02LDAsMjksMCIgd2lkdGg9Ijk2IiBoZWlnaHQ9IjQ2MSI+CiAgICAgICAgPHBhcmFtIG5hbWU9Im1vdmllIiB2YWx1ZT0ic3dmL3N1Ym1lbnUuc3dmIiAvPgogICAgICAgIDxwYXJhbSBuYW1lPSJxdWFsaXR5IiB2YWx1ZT0iaGlnaCIgLz4KICAgICAgICA8ZW1iZWQgc3JjPSJzd2Yvc3VibWVudS5zd2YiIHF1YWxpdHk9ImhpZ2giIHBsdWdpbnNwYWdlPSJodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL2dvL2dldGZsYXNocGxheWVyIiB0eXBlPSJhcHBsaWNhdGlvbi94LXNob2Nrd2F2ZS1mbGFzaCIgd2lkdGg9Ijk2IiBoZWlnaHQ9IjQ2MSI+PC9lbWJlZD48L29iamVjdD4KICAgICAgPC9ub3NjcmlwdD48L3RkPgogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCIgYmdjb2xvcj0iI0ZGRkZGRiI+CiAgICAgICAgPHRyPiAKICAgICAgICAgIDx0ZCB3aWR0aD0iMTciIHJvd3NwYW49IjciPjxwPiZuYnNwOzwvcD48L3RkPgogICAgICAgICAgPHRkIHdpZHRoPSIxNzIiIGFsaWduPSJjZW50ZXIiIHZhbGlnbj0idG9wIiBiZ2NvbG9yPSIjRTNFM0UzIj4gPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGFsaWduPSJjZW50ZXIiPjxpbWcgc3JjPSJpbWcvM3B4LmpwZyIgd2lkdGg9IjUiIGhlaWdodD0iNSI+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4gCiAgICAgICAgICAgICAgICA8dGQgYWxpZ249ImNlbnRlciI+PGxpbmsgaHJlZj0iLi4vZXN0aWxvcy5jc3MiIHJlbD0ic3R5bGVzaGVldCIgdHlwZT0idGV4dC9jc3MiIC8+Cjxib2R5IGJnY29sb3I9IiNDQ0NDQ0MiIHRvcG1hcmdpbj0iNiBweCI+PHRhYmxlIHdpZHRoPSIxNjUiIGJvcmRlcj0iMCIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIzIiBiZ2NvbG9yPSIjRkZGRkZGIj4KPHRyPgogICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTkxIiBoZWlnaHQ9IjI4IiBiYWNrZ3JvdW5kPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiA+PGltZyBzcmM9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciIHdpZHRoPSI2IiAgaGVpZ2h0PSIyOCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJpbmRleC5waHA/aWQ9MThfbmV3IiBjbGFzcz0iZm9uZG9ib3RvbiI+SG9tZTwvYT48L3RkPgogIDwvdHI+Cjx0cj4KICA8dGQgaGVpZ2h0PSIyOCIgYmFja2dyb3VuZD0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXciIGNsYXNzPSJmb25kb2JvdG9uIj4mbmJzcDsmbmJzcDtOb3RpY2lhczwvYT48L3RkPgo8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMjgiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgd2lkdGg9IjYiIGhlaWdodD0iMjgiIGJvcmRlcj0iMCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJkb25hY2lvbmVzLyIgdGFyZ2V0PSJfYmxhbmsiIGNsYXNzPSJmb25kb2JvdG9uIj5Eb25hY2lvbmVzPC9hPjwvdGQ+CiAgPC90cj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjI4IiBiYWNrZ3JvdW5kPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiA+PGltZyBzcmM9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciICB3aWR0aD0iNiJoZWlnaHQ9IjI4IiBhbGlnbj0iYWJzbWlkZGxlIiAvPjxhIGhyZWY9ImluZGV4LnBocD9pZD0yM19uZXciIGNsYXNzPSJmb25kb2JvdG9uIj5IaXN0b3JpYWwgZGUgbmV3c2xldHRlcnM8L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMjgiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgd2lkdGg9IjYiIGhlaWdodD0iMjgiIGFsaWduPSJhYnNtaWRkbGUiIC8+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTEzYSIgY2xhc3M9ImZvbmRvYm90b24iPkVudmlhciBpbmZvcm1hY2kmb2FjdXRlO248L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciPjxpbWcgc3JjPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiB3aWR0aD0iNiJoZWlnaHQ9IjI4IiBhbGlnbj0iYWJzbWlkZGxlIiAvPjxhIGhyZWY9ImluZGV4LnBocD9pZD0yNl9uZXciIGNsYXNzPSJmb25kb2JvdG9uIj5WZXIgdHJhYmFqb3MgZGUgdXN1YXJpb3M8L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciPjxpbWcgc3JjPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiB3aWR0aD0iNiIgaGVpZ2h0PSIyOCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJpbmRleC5waHA/aWQ9MTZfbmV3IiBjbGFzcz0iZm9uZG9ib3RvbiI+U2FsdWQgQWN0aXZhIHByZW5zYTwvYT48L3RkPgogIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIxOSIgYmFja2dyb3VuZD0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgPjxpbWcgc3JjPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiB3aWR0aD0iNiIgaGVpZ2h0PSIyOCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJtYWlsdG86c2FsdWRhY3RpdmFAc2FsdWRhY3RpdmEub3JnLmFyIiBjbGFzcz0iZm9uZG9ib3RvbiI+TWFuZCZhYWN1dGU7IHR1IEMuVi48L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgIHdpZHRoPSI2ImhlaWdodD0iMjgiIGFsaWduPSJhYnNtaWRkbGUiIC8+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTIxX25ldyIgY2xhc3M9ImZvbmRvYm90b24iPkluZm9ybWFjaSZvYWN1dGU7biBkZSBpbnRlciZlYWN1dGU7czwvYT48L3RkPgogIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIxOSIgYmFja2dyb3VuZD0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyI+PGltZyBzcmM9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciIHdpZHRoPSI2IiBoZWlnaHQ9IjI4IiBhbGlnbj0iYWJzbWlkZGxlIiAvPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xMF80IiBjbGFzcz0iZm9uZG9ib3RvbiI+Q29uZ3Jlc29zCiAgICAgICAgICAgICAgICAgIHkgSm9ybmFkYXM8L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgd2lkdGg9IjYiIGhlaWdodD0iMjgiIGFsaWduPSJhYnNtaWRkbGUiIC8+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTExIiBjbGFzcz0iZm9uZG9ib3RvbiI+UmVnaXN0cmFjaSZvYWN1dGU7bjwvYT48L3RkPgogIDwvdHI+CiAgICAgICAgICAgCiAgICAgICAgICA8L3RhYmxlPgo8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGFsaWduPSJjZW50ZXIiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNSIgdGFyZ2V0PSJfYmxhbmsiPjxicj4KICAgICAgICAgICAgICAgICAgPGltZyBzcmM9ImltZy9iYW5uZXJfZG9uYWNpb25lcy5qcGciIHdpZHRoPSIxNjIiIGhlaWdodD0iMTIwIiBib3JkZXI9IjAiPjxicj4KICAgICAgICAgICAgICAgICAgPGJyPgogICAgICAgICAgICAgICAgICA8aW1nIHNyYz0iaW1nL2JvdG9uRm9yby5naWYiIHdpZHRoPSIxNzIiIGhlaWdodD0iMTE3IiBib3JkZXI9IjAiPjwvYT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPiAKICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTY3IiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjkiPjxpbWcgc3JjPSJpbWcvY2hpY29zX3BlcmRpZG9zXzAzLmdpZiIgd2lkdGg9IjkiIGhlaWdodD0iOSIgLz48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTQ5IiBiYWNrZ3JvdW5kPSJpbWcvY2hpY29zX3BlcmRpZG9zXzA1LmdpZiI+PGltZyBzcmM9ImltZy9jaGljb3NfcGVyZGlkb3NfMDUuZ2lmIiB3aWR0aD0iOSIgaGVpZ2h0PSI5IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMCI+PGltZyBzcmM9ImltZy9jaGljb3NfcGVyZGlkb3NfMDcuZ2lmIiB3aWR0aD0iOSIgaGVpZ2h0PSI5IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgYmFja2dyb3VuZD0iaW1nL2NoaWNvc19wZXJkaWRvc18xMi5naWYiPjxpbWcgc3JjPSJpbWcvY2hpY29zX3BlcmRpZG9zXzEyLmdpZiIgd2lkdGg9IjkiIGhlaWdodD0iMTEiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQ+PGltZyBzcmM9InNyYy9pbWdfdXAvMjMwODIwMTIuMS5qcGciIHdpZHRoPSIxNDkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgYmFja2dyb3VuZD0iaW1nL2NoaWNvc19wZXJkaWRvc18xMy5naWYiPjxpbWcgc3JjPSJpbWcvY2hpY29zX3BlcmRpZG9zXzEzLmdpZiIgd2lkdGg9IjkiIGhlaWdodD0iMTEiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18xNi5naWYiIHdpZHRoPSIxNjciIGhlaWdodD0iNSIgLz48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGJhY2tncm91bmQ9ImltZy9jaGljb3NfcGVyZGlkb3NfMTcuZ2lmIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18xNy5naWYiIHdpZHRoPSI5IiBoZWlnaHQ9IjkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgYWxpZ249ImNlbnRlciIgYmdjb2xvcj0iI0ZFRTdDRiIgY2xhc3M9InRpdHVsb2hvbWU1Ij48c3Ryb25nPk5pJm50aWxkZTtvcyBwZXJkaWRvczxicj4KICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0yOSIgY2xhc3M9ImJvdG9uIj5bVmVyIG0mYWFjdXRlO3NdPC9hPjwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIGJhY2tncm91bmQ9ImltZy9jaGljb3NfcGVyZGlkb3NfMTkuZ2lmIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18xOS5naWYiIHdpZHRoPSI5IiBoZWlnaHQ9IjkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18yMC5naWYiIHdpZHRoPSIxNjciIGhlaWdodD0iMjUiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPiAKICAgICAgICAgICAgICAgIDx0ZD48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4NCgkJCQkNCgkJCQk8Zm9ybSBhY3Rpb249ImluZGV4LnBocD9pZD0xMSIgIG1ldGhvZD0icG9zdCI+DQogICAgICAgICAgICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMiI+PGltZyBzcmM9ImltZy9yZWdpc3RyYXRlX2VzcV9penExLmpwZyIgd2lkdGg9IjEyIiBoZWlnaHQ9IjQ4IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgICAgPHRkPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9hcnJpYmEuanBnIiB3aWR0aD0iMTQ2IiBoZWlnaHQ9IjQ4IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNCI+PGltZyBzcmM9ImltZy9yZWdpc3RyYXRlX2VzcV9kZXIxLmpwZyIgd2lkdGg9IjE0IiBoZWlnaHQ9IjQ4IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgIDwvdHI+DQogICAgICAgICAgICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMiIgdmFsaWduPSJ0b3AiIGNsYXNzPSJyZWdGb25kbzEiPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9penEuanBnIiB3aWR0aD0iMTIiIGhlaWdodD0iMTIiIC8+PC90ZD4NCiAgICAgICAgICAgICAgICAgICAgICA8dGQgYmdjb2xvcj0iI0ZGRkZGRiI+PHRhYmxlIHdpZHRoPSI5NCUiIGJvcmRlcj0iMCIgYWxpZ249ImNlbnRlciIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4NCiAgICAgICAgICA8dHI+IA0KICAgICAgICAgICAgPHRkPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV90aXQuanBnIiB3aWR0aD0iNjYiIGhlaWdodD0iMjMiIC8+PC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgaGVpZ2h0PSI1MCIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJyZWdpc3RyYXJzZSI+SW5ncmVzJmFhY3V0ZTsgDQogICAgICAgICAgICAgIHR1cyBkYXRvcyB5IHJlY2liJmlhY3V0ZTsgbGEgbWVqb3IgaW5mb3JtYWNpJm9hY3V0ZTtuIGEgdHJhdiZlYWN1dGU7cyANCiAgICAgICAgICAgICAgZGUgbnVlc3RybzxzdHJvbmc+IE5ld3NsZXR0ZXI8L3N0cm9uZz4uIDxzdHJvbmc+PHNwYW4gY2xhc3M9ImdyYXRpcyI+R3JhdGlzITwvc3Bhbj48L3N0cm9uZz48L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgICAgPHRyPiANCiAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjI1IiB2YWxpZ249Im1pZGRsZSIgY2xhc3M9InRyYWJTRUNDSU9OIj5Ob21icmU8L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgICAgPHRyPiANCiAgICAgICAgICAgIDx0ZCBjbGFzcz0icmVnQ0VMREEiPjxpbnB1dCBuYW1lPSJub21icmUiIHR5cGU9InRleHQiIGNsYXNzPSJyZWdDRUxEQWlucHV0IiBpZD0ibm9tYnJlIiAvPjwvdGQ+DQogICAgICAgICAgPC90cj4NCiAgICAgICAgICA8dHI+IA0KICAgICAgICAgICAgPHRkIGhlaWdodD0iMjUiIHZhbGlnbj0ibWlkZGxlIiBjbGFzcz0idHJhYlNFQ0NJT04iPkFwZWxsaWRvPC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgY2xhc3M9InJlZ0NFTERBIj48aW5wdXQgbmFtZT0iYXBlbGxpZG8iIHR5cGU9InRleHQiIGNsYXNzPSJyZWdDRUxEQWlucHV0IiBpZD0iYXBlbGxpZG8iIC8+PC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgaGVpZ2h0PSIyNSIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJ0cmFiU0VDQ0lPTiI+RS1tYWlsPC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgY2xhc3M9InJlZ0NFTERBIj48aW5wdXQgbmFtZT0iZW1haWwiIHR5cGU9InRleHQiIGNsYXNzPSJyZWdDRUxEQWlucHV0IiBpZD0iZW1haWwiIC8+PC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgY2xhc3M9InRyYWJTRUNDSU9OIj4mbmJzcDs8L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgICAgPHRyPiANCiAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIiBjbGFzcz0idHJhYlNFQ0NJT04iPjxpbnB1dCB0eXBlPSJpbWFnZSIgc3JjPSJpbWcvcmVnaXN0cmF0ZV9ib3Rvbi5qcGciIHdpZHRoPSIxMTciIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgIDwvdGFibGU+PC90ZD4NCiAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE0IiB2YWxpZ249InRvcCIgY2xhc3M9InJlZ0ZvbmRvMiI+PGltZyBzcmM9ImltZy9yZWdpc3RyYXRlX2Rlci5qcGciIHdpZHRoPSIxNCIgaGVpZ2h0PSIxNCIgLz48L3RkPg0KICAgICAgICAgICAgICAgICAgICA8L3RyPg0KICAgICAgICAgICAgICAgICAgICA8dHI+IA0KICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTIiIGhlaWdodD0iMjQiPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9lc3FfaXpxMi5qcGciIHdpZHRoPSIxMiIgaGVpZ2h0PSIyNCIgLz48L3RkPg0KICAgICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjI0Ij48aW1nIHNyYz0iaW1nL3JlZ2lzdHJhdGVfYWJham8uanBnIiB3aWR0aD0iMTQ2IiBoZWlnaHQ9IjI0IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgICAgPHRkPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9lc3FfZGVyMi5qcGciIHdpZHRoPSIxNCIgaGVpZ2h0PSIyNCIgLz48L3RkPg0KICAgICAgICAgICAgICAgICAgICA8L3RyPg0KCQkJCQkNCgkJCQkJPC9mb3JtPg0KICAgICAgICAgICAgICAgICAgPC90YWJsZT4NCjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4gCiAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPiAKICAgICAgICAgICAgICAgICAgPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTcwIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMyIgY2xhc3M9ImJvcmRlIj4KICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCA+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBhbGlnbj0ibGVmdCIgY2xhc3M9InRpdHVsb2hvbWUyIj4KCQkJCQkJCQkJCQkJCQkJCTwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICA8dGQ+PGltZyBzcmM9ImltZy9jbGF1ZGlhMl8wMy5qcGciIHdpZHRoPSIxNzQiIGhlaWdodD0iMjUwIiBib3JkZXI9IjAiIHVzZW1hcD0iI01hcCI+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8L3RhYmxlPiAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICA8L3RhYmxlPiAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICA8dGQgcm93c3Bhbj0iNyIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nLzV4NS5qcGciIHdpZHRoPSI3IiBoZWlnaHQ9IjciPjwvdGQ+CiAgICAgICAgICA8dGQgY29sc3Bhbj0iMiIgcm93c3Bhbj0iNCIgYWxpZ249InJpZ2h0IiB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPGZvcm0gYWN0aW9uPSJsb2dpbi5waHAiIG1ldGhvZD0icG9zdCIgbmFtZT0iZm9ybTIiPgoKICAgICAgICAgICAgICA8dHI+IAogICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIxOSIgY29sc3Bhbj0iMiIgYWxpZ249ImxlZnQiIHZhbGlnbj0ibWlkZGxlIiBjbGFzcz0iY29udGVuaWRvIiA+IAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8c3Ryb25nPlVzdWFyaW8gbm8gcmVnaXN0cmFkbzwvc3Ryb25nPiAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9mb250PiA8L3N0cm9uZz4gCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDkiIGFsaWduPSJyaWdodCIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJjb250ZW5pZG8iPlVzdWFyaW8mbmJzcDsmbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzOSIgdmFsaWduPSJtaWRkbGUiPjxpbnB1dCBuYW1lPSJ1c3VhcmlvIiB0eXBlPSJ0ZXh0IiBjbGFzcz0icmVnIiBpZD0idXN1YXJpbyIgc2l6ZT0iNyI+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjciIGFsaWduPSJyaWdodCIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJjb250ZW5pZG8iPkNvbnRyYXNlJm50aWxkZTthJm5ic3A7Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzkiIHZhbGlnbj0ibWlkZGxlIj48aW5wdXQgbmFtZT0icGFzcyIgdHlwZT0icGFzc3dvcmQiIGNsYXNzPSJyZWciIGlkPSJwYXNzIiBzaXplPSI3Ij48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MiIgYWxpZ249InJpZ2h0IiB2YWxpZ249Im1pZGRsZSIgY2xhc3M9ImJvdG9uIj48aW5wdXQgdHlwZT0iaW1hZ2UiIHNyYz0iaW1nL3JlZy5qcGciIHdpZHRoPSI1OCIgaGVpZ2h0PSIzMCI+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPiAKICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjciIGhlaWdodD0iMTkiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgPjxhIGhyZWY9Imh0dHA6Ly93d3cuZmFjZWJvb2suY29tL2hvbWUucGhwPyMhL3BhZ2VzL01lcmxvLUFyZ2VudGluYS9TQUxVRC1BQ1RJVkEvMTAwNTgzNTQzMzE3MzIyP3JlZj10cyZhamF4cGlwZT0xJl9fYT03IiB0YXJnZXQ9Il9ibGFuayI+PGltZyBzcmM9ImltZy9mYWNlYm9vay5qcGciIHdpZHRoPSIyMCIgaGVpZ2h0PSIyMCIgYm9yZGVyPSIwIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzExIiBhbGlnbj0icmlnaHQiIHZhbGlnbj0idG9wIj48ZGl2IGFsaWduPSJsZWZ0Ij48YSBocmVmPSJodHRwOi8vdHdpdHRlci5jb20vU2FsdWRBY3RpdmFPTkciIHRhcmdldD0iX2JsYW5rIj48aW1nIHNyYz0iaW1nL3R3aXRlci5qcGciIHdpZHRoPSIyMCIgaGVpZ2h0PSIyMCIgYm9yZGVyPSIwIj48L2E+PC9kaXY+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSI1IiBhbGlnbj0icmlnaHQiIHZhbGlnbj0ibWlkZGxlIiBjbGFzcz0iY29udGVuaWRvIj48bGFiZWw+PGZvbnQgc2l6ZT0iLTYiPlNpCiAgICAgICAgICAgICAgICAgICAgICAgdG9kYXYmaWFjdXRlO2Egbm8gZXMgdXN1YXJpbyA8L2ZvbnQ+IDxhIGhyZWY9ImluZGV4LnBocD9pZD0xMSIgY2xhc3M9ImJvdG9uIj48Zm9udCBzaXplPSItNiI+cmVnJmlhY3V0ZTtzdHJlc2UKICAgICAgICAgICAgICAgICAgICAgICAgYXF1JmlhY3V0ZTsgPGZvbnQgY29sb3I9IiM2NjY2NjYiPiYjODIyNjs8L2ZvbnQ+PC9mb250PjwvYT4gPGEgaHJlZj0iaW5kZXgucGhwP2lkPTEyIiBjbGFzcz0iYm90b24xIj48Zm9udCBzaXplPSItNiI+b2x2aWRlIG1pIGNvbnRyYXNlJm50aWxkZTthPC9mb250PjwvYT48L2xhYmVsPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE3Ij4mbmJzcDsgPC90ZD4KICAgICAgICAgICAgICA8L3RyPgoJCQkgIDwvZm9ybT4KCiAgICAgICAgICAgIDwvdGFibGU+CiAgICAgICAgICA8IURPQ1RZUEUgaHRtbCBQVUJMSUMgIi0vL1czQy8vRFREIFhIVE1MIDEuMCBUcmFuc2l0aW9uYWwvL0VOIiAiaHR0cDovL3d3dy53My5vcmcvVFIveGh0bWwxL0RURC94aHRtbDEtdHJhbnNpdGlvbmFsLmR0ZCI+CjxodG1sIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hodG1sIj4KPGhlYWQ+CjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PWlzby04ODU5LTEiIC8+Cjx0aXRsZT5Eb2N1bWVudG8gc2luIHQmaWFjdXRlO3R1bG88L3RpdGxlPgo8bGluayBocmVmPSJlc3RpbG9zLmNzcyIgcmVsPSJzdHlsZXNoZWV0IiB0eXBlPSJ0ZXh0L2NzcyIgLz4KPHNjcmlwdCBsYW5ndWFnZT0iSmF2YVNjcmlwdCIgdHlwZT0idGV4dC9KYXZhU2NyaXB0Ij4KPCEtLQpmdW5jdGlvbiBNTV9yZWxvYWRQYWdlKGluaXQpIHsgIC8vcmVsb2FkcyB0aGUgd2luZG93IGlmIE5hdjQgcmVzaXplZAogIGlmIChpbml0PT10cnVlKSB3aXRoIChuYXZpZ2F0b3IpIHtpZiAoKGFwcE5hbWU9PSJOZXRzY2FwZSIpJiYocGFyc2VJbnQoYXBwVmVyc2lvbik9PTQpKSB7CiAgICBkb2N1bWVudC5NTV9wZ1c9aW5uZXJXaWR0aDsgZG9jdW1lbnQuTU1fcGdIPWlubmVySGVpZ2h0OyBvbnJlc2l6ZT1NTV9yZWxvYWRQYWdlOyB9fQogIGVsc2UgaWYgKGlubmVyV2lkdGghPWRvY3VtZW50Lk1NX3BnVyB8fCBpbm5lckhlaWdodCE9ZG9jdW1lbnQuTU1fcGdIKSBsb2NhdGlvbi5yZWxvYWQoKTsKfQpNTV9yZWxvYWRQYWdlKHRydWUpOwoKZnVuY3Rpb24gTU1fcHJlbG9hZEltYWdlcygpIHsgLy92My4wCiAgdmFyIGQ9ZG9jdW1lbnQ7IGlmKGQuaW1hZ2VzKXsgaWYoIWQuTU1fcCkgZC5NTV9wPW5ldyBBcnJheSgpOwogICAgdmFyIGksaj1kLk1NX3AubGVuZ3RoLGE9TU1fcHJlbG9hZEltYWdlcy5hcmd1bWVudHM7IGZvcihpPTA7IGk8YS5sZW5ndGg7IGkrKykKICAgIGlmIChhW2ldLmluZGV4T2YoIiMiKSE9MCl7IGQuTU1fcFtqXT1uZXcgSW1hZ2U7IGQuTU1fcFtqKytdLnNyYz1hW2ldO319Cn0KLy8tLT4KPC9zY3JpcHQ+CiAgICAgICAgICAgICA8c2NyaXB0IHNyYz0iU2NyaXB0cy9BQ19SdW5BY3RpdmVDb250ZW50LmpzIiB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPjwvc2NyaXB0PgoJCQkgCjxzdHlsZSB0eXBlPSJ0ZXh0L2NzcyI+CjwhLS0KI0xheWVyMSB7Cglwb3NpdGlvbjphYnNvbHV0ZTsKCXdpZHRoOjY1MXB4OwoJaGVpZ2h0OjIxOHB4OwoJei1pbmRleDoxOwp9CiNMYXllcjIgewoJcG9zaXRpb246YWJzb2x1dGU7Cgl3aWR0aDoyMDBweDsKCWhlaWdodDoxMTVweDsKCXotaW5kZXg6MTsKCXZpc2liaWxpdHk6IHZpc2libGU7Cn0KLkVzdGlsbzEgewoJZm9udC1zaXplOiAxOHB4OwoJZm9udC13ZWlnaHQ6IGJvbGQ7Cn0KLkVzdGlsbzIgewoJZm9udC1zaXplOiAxNHB4OwoJZm9udC13ZWlnaHQ6IGJvbGQ7Cn0KLkVzdGlsbzMge2NvbG9yOiAjNTA2OTkwOyBsaW5lLWhlaWdodDogMTJweDsgdGV4dC1kZWNvcmF0aW9uOiBub25lOyBmb250LWZhbWlseTogVGFob21hO30KLS0+Cjwvc3R5bGU+CjwvaGVhZD4KCjxib2R5IGxlZnRtYXJnaW49IjIiIG1hcmdpbndpZHRoPSIyIj4KPHRhYmxlIHdpZHRoPSI2MDgiIGJvcmRlcj0iMCIgYWxpZ249ImNlbnRlciIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4KICA8dHI+CiAgICA8dGQgY29sc3Bhbj0iNCIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCB3aWR0aD0iMiUiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzA3LmpwZyIgd2lkdGg9IjI0IiBoZWlnaHQ9IjE0IiAvPjwvdGQ+CiAgICAgICAgPHRkIHdpZHRoPSI5MCUiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18wNy5qcGciPiZuYnNwOzwvdGQ+CiAgICAgICAgPHRkIHdpZHRoPSI4JSIgYWxpZ249InJpZ2h0IiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wOS5qcGciIHdpZHRoPSI0NSIgaGVpZ2h0PSIxNyIgLz48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogIDwvdHI+CiAgPHRyPgogICAgPHRkIGNvbHNwYW49IjQiPjxiciAvPgogICAgICA8dGFibGUgd2lkdGg9Ijk4JSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiPgogICAgICA8dHI+CiAgICAgICAgPHRkIHdpZHRoPSIyJSI+PGltZyBzcmM9ImltZy81eDUuanBnIiB3aWR0aD0iMTUiIGhlaWdodD0iMTUiIC8+PC90ZD4KICAgICAgICA8dGQgd2lkdGg9IjkzJSI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CjwhLS0gSU5JQ0lPIG5vdGEgZGVzdGFjYWRhIC0tPgogICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTU2IiByb3dzcGFuPSIyIiB2YWxpZ249InRvcCI+CgkJCQkKCQkJCTx0YWJsZSB3aWR0aD0iMzIlIiBib3JkZXI9IjEiIGNlbGxzcGFjaW5nPSIzIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJzcmMvaW1nX3VwLzIzMDQyMDEzLjAuanBnIiB3aWR0aD0iMTQ2IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPgoJCQkJCQkJCTwvdGQ+ICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MjIvMTEvMjAxMzwvc3Bhbj48YnI+SVYgQ29uZ3Jlc28gSW50ZXJuYWNpb25hbCB2aW9sZW5jaWEsIG1hbHRyYXRvIHkgYWJ1c288L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iNyIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9Ijg1IiBjb2xzcGFuPSI0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPjxzdHJvbmc+MTQsIDE1IHkgMTYgZGUgTm92aWVtYnJlIEFCSUVSVEEgTEEgSU5TQ1JJUENJJk9hY3V0ZTtOISAoY29uIGRlc2N1ZW50byBoYXN0YSBlbCAyNy84KTxiciAvPjwvc3Ryb25nPjwvcD4NCjxwPjxzdHJvbmc+QUJJRVJUQSBMQSBSRUNFUENJJk9hY3V0ZTtOIERFIFRSQUJBSk88YSBocmVmPSJodHRwOi8vd3d3LmNvbmdyZXNvdmlvbGVuY2lhLmNvbS9pbmRleC5waHA/aWQ9bW9kYWxpZGFkZXMiIHRhcmdldD0iX2JsYW5rIj4gKG1hcyBpbmZvKTwvYT48L3N0cm9uZz48L3A+DQo8cD48c3BhbiBzdHlsZT0iY29sb3I6ICNmZjY2MDA7Ij48c3Ryb25nPk9yZ2FuaXphOiBTYWx1ZCBBY3RpdmE8L3N0cm9uZz48L3NwYW4+PC9wPg0KPHA+PHNwYW4gc3R5bGU9ImNvbG9yOiAjZmY2NjAwOyI+SW5jcmlwdG9zIGFsIFBvcnRhbCBkZSBTYWx1ZCBBY3RpdmEsIGltcG9ydGFudGVzIGRlc2N1ZW50b3MhPGJyIC8+PC9zcGFuPjwvcD4NCjxwPkx1Z2FyIGRlIFJlYWxpemFjaSZvYWN1dGU7biB5IGNvbGFib3JhY2lvbjogVW5pdmVyc2lkYWQgZGVsIEVzdGUsIExhIFBsYXRhIEJ1ZW5vcyBBaXJlczwvcD4NCjxwPk1hcyBkZSAxNTAgdHJhYmFqb3MgcHJlc2VudGFkb3MsIHVsdGltb3MgZGlhcyBwYXJhIGluc2NyaWJpcnNlIGNvbiBkZXNjdWVudG8hITwvcD4NCjxwPjxhIGhyZWY9Imh0dHA6Ly93d3cuY29uZ3Jlc292aW9sZW5jaWEuY29tL2luZGV4LnBocD9pZD1pbnNjcmlwY2lvbiIgdGFyZ2V0PSJfYmxhbmsiPkluc2NyaWJpcnNlPC9hPjwvcD4NCjxwPjxhIGhyZWY9Imh0dHA6Ly93d3cuY29uZ3Jlc292aW9sZW5jaWEuY29tL2luZGV4LnBocD9pZD1pbnNjcmlwY2lvbiIgdGFyZ2V0PSJfYmxhbmsiPjxiciAvPjwvYT48L3A+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTklIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzAxIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzE5LmpwZyIgd2lkdGg9Ijc1IiBoZWlnaHQ9IjQxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMS5qcGciIHdpZHRoPSI1MyIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48YSBocmVmPSIjIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDEiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIiBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgIDwvdHI+CgkJICAgICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MDQvMTEvMjAxMzwvc3Bhbj48YnI+RWwgY29sZWdpbyBkZSBQc2lj82xvZ29zIGRlIEPzcmRvYmEgc2UgcHJvbnVuY2lhIGVuIHJlbGFjafNuIGFsIFNBUCB5IGVuIGNvbmNvcmRhbmNpYSBjb24gbG8gZXhwcmVzYWRvIHBvciBlbCBDb2xlZ2lvIGRlIFBzaWPzbG9nb3MgZGUgTWFyIGRlbCBQbGF0YSB5IGVsIENvbGVnaW8gZGUgUHNpY/Nsb2dvcyBkZSBsYSAgUHJvdmluY2lhIGRlIEJ1ZW5vcyBBaXJlczwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wMV8xOS5qcGciIHdpZHRoPSI3IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODUiIGNvbHNwYW49IjQiIHZhbGlnbj0idG9wIiBjbGFzcz0idGV4dG9udWV2byI+PHA+Jm5ic3A7PC9wPg0KPHA+TGFzIGNvbnRyb3ZlcnNpYXMgZ2VuZXJhZGFzIGVuIHJlbGFjaSZvYWN1dGU7biBhbCAic2luZHJvbWUgZGUgYWxpZW5hY2kmb2FjdXRlO24gcGFyZW50YSIgU0FQLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMxMCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzEwIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTU2IiByb3dzcGFuPSIyIiB2YWxpZ249InRvcCI+CgkJCQkKCQkJCTx0YWJsZSB3aWR0aD0iMzIlIiBib3JkZXI9IjEiIGNlbGxzcGFjaW5nPSIzIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJzcmMvaW1nX3VwLzE2MTAyMDEzLjAuanBnIiB3aWR0aD0iMTQ2IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPgoJCQkJCQkJCTwvdGQ+ICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MTYvMTAvMjAxMzwvc3Bhbj48YnI+U2FsdWQgQWN0aXZhIG90b3JnYSBtZWRpYXMgYmVjYXMgcGFyYSBlbCBJViBDb25ncmVzbyBJbnRlcm5hY2lvbmFsLCBWIE5hY2lvbmFsLCBWSSBSZWdpb25hbCBWaW9sZW5jaWEsIE1hbHRyYXRvIHkgQWJ1c28uPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD4mbmJzcDs8L3A+DQo8cD5TZXImYWFjdXRlO24gb3RvcmdhZGFzIDUwIG1lZGlhcyBiZWNhcywgcXVlZGFuIHBvY2FzISEhIGNvbmRpY2lvbjo8L3A+DQo8cD5QZXJ0ZW5lY2VyIGFsIGFtYml0byBwdWJsaWNvIG8gYSBPTkcsIHNlIGNvbnNpZGVyYSB0YW1iaWVuIGxhIGRpc3RhbmNpYSBhbCBsdWdhciBkZWwgZXZlbnRvISEhIGVzIG11eSBzZW5jaWxsbywgc29sbyBkZWJlcyBlbnZpYXIgdW4gZW1haWwuLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwOSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA5Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjI0LzA3LzIwMTM8L3NwYW4+PGJyPk5FQ0VTSVRBTU9TIERFIFNVIFNPTElEQVJJREFEIEhBQ0lBIExPUyBOSdFPUyBZIE5J0UFTISEhPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD48c3Ryb25nPjxzcGFuIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IHVuZGVybGluZTsiPjxiciAvPjwvc3Bhbj48L3N0cm9uZz48L3A+DQo8cD48c3Ryb25nPjxzcGFuIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IHVuZGVybGluZTsiPjxiciAvPjwvc3Bhbj48L3N0cm9uZz48L3A+DQo8cD48c3Ryb25nPjxzcGFuIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IHVuZGVybGluZTsiPlBST0dSQU1BIEZBTUlMSUFTIFNPTElEQVJJQVM8L3NwYW4+PC9zdHJvbmc+PC9wPg0KPHA+PHN0cm9uZz5DQU1CSU8gREUgU0VERTwvc3Ryb25nPjwvcD4NCjxwPkxhIGNhcGFjaXRhY2kmb2FjdXRlO24gcGFyYSBsYSBwdWVzdGEgZW4gbWFyY2hhIGRlbCA8c3Ryb25nPlByb2dyYW1hIEZhbWlsaWFzIFNvbGlkYXJpYXM8L3N0cm9uZz4gc2UgcmVhbGl6YXImYWFjdXRlOyBlbiBsYSBsb2NhbGlkYWQgZGUgPHN0cm9uZz5OYXZhcnJvPC9zdHJvbmc+IHBhcmEgdG9kbyBlbCBjb3JyZWRvciBkZSBsYSBSdXRhIDQwLjwvcD4NCjxwPkluaWNpbyA8c3Ryb25nPk1pJmVhY3V0ZTtyY29sZXMgMjggZGUgYWdvc3RvIGEgbGFzIDE0IGhvcmFzLiZuYnNwOzwvc3Ryb25nPjwvcD4NCjxwPlNlZGU6IDxzdHJvbmc+U2FsJm9hY3V0ZTtuIE11bmljaXBhbCBlbiBsYSBjYWxsZSAxMDcgZXNxdWluYSAyMiAtIE5hdmFycm88L3N0cm9uZz48L3A+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTklIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA4Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzE5LmpwZyIgd2lkdGg9Ijc1IiBoZWlnaHQ9IjQxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMS5qcGciIHdpZHRoPSI1MyIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48YSBocmVmPSIjIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDgiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIiBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgIDwvdHI+CgkJICAgICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNTYiIHJvd3NwYW49IjIiIHZhbGlnbj0idG9wIj4KCQkJCQoJCQkJPHRhYmxlIHdpZHRoPSIzMiUiIGJvcmRlcj0iMSIgY2VsbHNwYWNpbmc9IjMiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PGltZyBzcmM9InNyYy9pbWdfdXAvMTIwNzIwMTMuMC5qcGciIHdpZHRoPSIxNDYiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+CgkJCQkJCQkJPC90ZD4gICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBjbGFzcz0idGl0dWxvaG9tZTEiPjxzcGFuIGNsYXNzPSJkZXN0YWNhZG9zIj4xMi8wNy8yMDEzPC9zcGFuPjxicj5TQUxVRCBBQ1RJVkEgaGEgc2lkbyBlbGVnaWRhIHBvciBzZWd1bmRhIHZleiBjb25zZWN1dGl2YSBjb21vIHVubyBkZSBsb3MgZ2FuYWRvcmVzIGRlbCBDdWFydG8gQ29uY3Vyc28gZGUgUHJveWVjdG9zIFNvY2lhbGVzIGRlIFBldHJvYnJhczwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wMV8xOS5qcGciIHdpZHRoPSI3IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODUiIGNvbHNwYW49IjQiIHZhbGlnbj0idG9wIiBjbGFzcz0idGV4dG9udWV2byI+PHA+RW4gZWwgbWFyY28gZGVsIEN1YXJ0byBDb25jdXJzbyBkZSBQcm95ZWN0b3MgU29jaWFsZXMgZGUgUGV0cm9icmFzLCANCm51ZXN0cmEgSW5zdGl0dWNpJm9hY3V0ZTtuIFNBTFVEIEFDVElWQSBoYSBzaWRvIGVsZWdpZGEgcG9yIHNlZ3VuZGEgdmV6IA0KY29uc2VjdXRpdmEgY29tbyB1bm8gZGUgbG9zIGdhbmFkb3JlcyBkZSBkaWNobyBjb25jdXJzby48YnIgLz5FbiBlc3RhIA0KZWRpY2kmb2FjdXRlO24gZWwgcHJveWVjdG8gcXVlIGhhIHNpZG8gZWxlZ2lkbyBlcyBlbCAmbGRxdW87UHJvZ3JhbWEgZGUgRmFtaWxpYXMgDQpTb2xpZGFyaWFzJnJkcXVvOyBzaWVuZG8gc3UgJmFhY3V0ZTtyZWEgZGUgaW1wbGVtZW50YWNpJm9hY3V0ZTtuIGxvcyBNdW5pY2lwaW9zIGRlIE5hdmFycm8sIA0KR3JhbC4gTGFzIEhlcmFzLCBNYXJjb3MgUGF6LCB5IE1lcmxvPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjAyLzA3LzIwMTM8L3NwYW4+PGJyPk/tciBvIGVzY3VjaGFyPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5Qb3IgQ2FybG9zIFJvemFuc2tpICo8L3A+DQo8cD5BIGxvIGxhcmdvIGRlIGxvcyBzaWdsb3MsIGxhcyBuaSZudGlsZGU7YXMsIG5pJm50aWxkZTtvcyB5IGFkb2xlc2NlbnRlcyBoYW4gc2lkbyBtYWx0cmF0YWRvcyB5IGFidXNhZG9zIHNpbiBxdWUgYSBsYSBjb211bmlkYWQgbGUgaW50ZXJlc2FyYSBuaSBzaXF1aWVyYSBlc2N1Y2hhcmxvcyBjdWFuZG8gaGFjJmlhY3V0ZTthbiBzYWJlciBkZSBhbGd1bmEgZm9ybWEgbG9zIHN1ZnJpbWllbnRvcyBxdWUgcGFkZWMmaWFjdXRlO2FuLiBFbiAxODc0LCBlbiBFc3RhZG9zIFVuaWRvcywgZnVlIGxhIHByaW1lcmEgdmV6IHF1ZSBlbCBFc3RhZG8gaW50ZXJ2aW5vIGVuIHVuIGNhc28gZGUgbWFsdHJhdG8geSBhYnVzby4uLjwvcD48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxOSUiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDYiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMTkuanBnIiB3aWR0aD0iNzUiIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjYwJSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjxhIGhyZWY9IiMiPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjAlIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwNiI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMi5qcGciIHdpZHRoPSI3OCIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18yNi5qcGciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjYuanBnIiB3aWR0aD0iMiIgaGVpZ2h0PSIyIiAvPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgPC90cj4KCQkgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZD48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBjbGFzcz0idGl0dWxvaG9tZTEiPjxzcGFuIGNsYXNzPSJkZXN0YWNhZG9zIj4wMi8wNy8yMDEzPC9zcGFuPjxicj5FbCBkZXJlY2hvIGRlIGxvcyBuafFvcyBhIHNlciBlc2N1Y2hhZG9zPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5VbiBob21icmUgYWN1c2FkbyBkZSBoYWJlciBhYnVzYWRvIGRlIHN1cyBoaWpvcyBoYWImaWFjdXRlO2Egc2lkbyBzb2JyZXNlJmlhY3V0ZTtkbyBkb3MgdmVjZXMgcG9yIGxhIEp1c3RpY2lhLiBQZXJvIGFob3JhLCBsYSBDJmFhY3V0ZTttYXJhIGRlIENhc2FjaSZvYWN1dGU7biByZXZvYyZvYWN1dGU7IGVzYSBkZWNpc2kmb2FjdXRlO24gcG9ycXVlIGVuIGxhIGludmVzdGlnYWNpJm9hY3V0ZTtuIGVsIGp1ZXogbnVuY2EgaGFiJmlhY3V0ZTthIGVzY3VjaGFkbyBhIGxvcyBjaGljb3MuIFkgb3JkZW4mb2FjdXRlOyBxdWUgdGVuZ2EgZW4gY3VlbnRhIGxvIHF1ZSBkaWNlbi48L3A+DQo8cD5Qb3IgTWFyaWFuYSBDYXJiYWphbDwvcD48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxOSUiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDUiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMTkuanBnIiB3aWR0aD0iNzUiIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjYwJSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjxhIGhyZWY9IiMiPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjAlIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwNSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMi5qcGciIHdpZHRoPSI3OCIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18yNi5qcGciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjYuanBnIiB3aWR0aD0iMiIgaGVpZ2h0PSIyIiAvPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgPC90cj4KCQkgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZD48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE1NiIgcm93c3Bhbj0iMiIgdmFsaWduPSJ0b3AiPgoJCQkJCgkJCQk8dGFibGUgd2lkdGg9IjMyJSIgYm9yZGVyPSIxIiBjZWxsc3BhY2luZz0iMyIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48aW1nIHNyYz0ic3JjL2ltZ191cC8wNjA2MjAxMy4xLmpwZyIgd2lkdGg9IjE0NiIgLz48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT4KCQkJCQkJCQk8L3RkPiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjA2LzA2LzIwMTM8L3NwYW4+PGJyPkFidXNvIHNleHVhbCBpbmZhbnRpbC4gRGVzYWZpb3MgZGUgbGEgY2xpbmljYSBhY3R1YWw8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iNyIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9Ijg1IiBjb2xzcGFuPSI0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPkFiaWVydGEgbGEgaW5zY3JpcGNpb248L3A+DQo8cD5Eb2NlbnRlczogTGljLiBNYXJpYSBCZWF0cml6IE0mdXVtbDtsbGVyLiBMaWMuIFBhb2xhIE11Jm50aWxkZTtveiBEdWFydGU8L3A+DQo8cD5JbmljaW86IE1pZXJjb2xlcyAxOSBkZSBKdW5pbzwvcD4NCjxwPkZyZWN1ZW5jaWE6IFNlbWFuYWw8L3A+DQo8cD5Nb2RhbGlkYWQ6IEludGVuc2l2YTwvcD4NCjxwPkNvbnRlbmlkb3M6ICZuYnNwOyBFc3RhIGRlc3RpbmFkbyBhIHRvZG9zIGxvcyBwcm9mZXNpb25hbGVzIGNvbXByb21ldGlkb3MgY29uIGxhIHRlbWF0aWNhIGRlbCBhYnVzbyBpbmZhbnRpbCBxdWUgcXVpZXJhbiBhY3R1YWxpemFyc2UgZSBpbnRlcmNhbWJpYXIgZXhwZXJpZW5jaWFzIGRlIHRyYWJham8uLi48L3A+DQo8cD4mbmJzcDs8L3A+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTklIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA0Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzE5LmpwZyIgd2lkdGg9Ijc1IiBoZWlnaHQ9IjQxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMS5qcGciIHdpZHRoPSI1MyIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48YSBocmVmPSIjIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDQiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIiBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgIDwvdHI+CgkJICAgICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNTYiIHJvd3NwYW49IjIiIHZhbGlnbj0idG9wIj4KCQkJCQoJCQkJPHRhYmxlIHdpZHRoPSIzMiUiIGJvcmRlcj0iMSIgY2VsbHNwYWNpbmc9IjMiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PGltZyBzcmM9InNyYy9pbWdfdXAvMTYwNTIwMTMuMC5qcGciIHdpZHRoPSIxNDYiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+CgkJCQkJCQkJPC90ZD4gICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBjbGFzcz0idGl0dWxvaG9tZTEiPjxzcGFuIGNsYXNzPSJkZXN0YWNhZG9zIj4xNi8wNS8yMDEzPC9zcGFuPjxicj5TYWx1ZCBBY3RpdmEgbmVjZXNpdGEgZGUgdHUgYXl1ZGEhPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5UcmFiYWphbW9zIGNvbW8gcG9kZW1vczogYmEmbnRpbGRlO29zIHJvdG9zLCBzdXNwZW5zaSZvYWN1dGU7biBkZSByZXVuaW9uZXMgcG9yIGNvcnRlcyBkZSBsdXogeSBhZ3VhLCBqdWd1ZXRlcyB2aWVqb3MsIG1lc2VzIGRlIGF0cmFzbyBlbiBlbCBwYWdvIGRlIHN1cyBwcm9mZXNpb25hbGVzIGRlIGxhIHNhbHVkLiBSZWNpZW50ZW1lbnRlIHR1dmltb3MgcXVlIGNlcnJhciBudWVzdHJvIHF1ZXJpZG8gSG9nYXI6ICZsZHF1bztNZXRhbW9yZm9zaXMmcmRxdW87IGVyYSBlbCBsdWdhciBxdWUgc3VwbyBjb250ZW5lciBhIG5pJm50aWxkZTthcyB5IGomb2FjdXRlO3ZlbmVzIHJlc2NhdGFkYSBkZSByZWRlcyBkZSB0cmF0YSBvIHYmaWFjdXRlO2N0aW1hcyBkZSBhYnVzbyBpbnRyYWZhbWlsaWFyLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwMyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzAzIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjAzLzA1LzIwMTM8L3NwYW4+PGJyPlJFUFVESU8gQSBMQSBQUkVTRU5DSUEgRU4gTEEgRkVSSUEgREVMIExJQlJPIERFIFVOIEVYIEpVRVogQUNVU0FETyBERSBBQlVTTyBTRVhVQUw8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iNyIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9Ijg1IiBjb2xzcGFuPSI0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPkZ1ZSBjYW1hcmlzdGEgZW4gTWFyIGRlbCBQbGF0YSBkdXJhbnRlIGxhIGRpY3RhZHVyYS4gSGFjZSBhJm50aWxkZTtvcywgdmFyaWFzIG11amVyZXMgbG8gYWN1c2Fyb24gZGUgaGFiZXIgYWJ1c2FkbyBkZSBlbGxhcyBjdWFuZG8gZXJhbiBuaSZudGlsZGU7YXMuIExhIGNhdXNhIHByZXNjcmliaSZvYWN1dGU7IHkgbm8gaHVibyBjb25kZW5hLiBNYSZudGlsZGU7YW5hIHRpZW5lIHByZXZpc3RvIGZpcm1hciBzdSBsaWJyby4gRXNhcyBtaXNtYXMgbXVqZXJlcyBwaWRlbiBxdWUgbm8gc2VhIGFkbWl0aWRvIGVuIGxhIGZlcmlhLjwvcD48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxOSUiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDIiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMTkuanBnIiB3aWR0aD0iNzUiIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjYwJSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjxhIGhyZWY9IiMiPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjAlIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwMiI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMi5qcGciIHdpZHRoPSI3OCIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18yNi5qcGciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjYuanBnIiB3aWR0aD0iMiIgaGVpZ2h0PSIyIiAvPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgPC90cj4KCQkgIDwhLS0gRklOIG5vdGEgZGVzdGFjYWRhIC0tPgogICAgICAgIDwvdGFibGU+ICAgICAgICA8L3RkPgogICAgICAgIDx0ZCB3aWR0aD0iNSUiIGFsaWduPSJyaWdodCI+PGltZyBzcmM9ImltZy81eDUuanBnIiB3aWR0aD0iMTUiIGhlaWdodD0iMTUiIC8+PC90ZD4KICAgICAgPC90cj4KICAgIDwvdGFibGU+PC90ZD4KICA8L3RyPgogIDx0cj4KICAgIDx0ZCB3aWR0aD0iMSUiPjxpbWcgc3JjPSJpbWcvNXg1LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjE1IiAvPjwvdGQ+CiAgICA8dGQgY29sc3Bhbj0iMiIgYWxpZ249ImNlbnRlciI+Jm5ic3A7PC90ZD4KICAgIDx0ZCB3aWR0aD0iMiUiPjxpbWcgc3JjPSJpbWcvNXg1LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjE1IiAvPjwvdGQ+CiAgPC90cj4KICAKICA8dGQ+CiAgPHRyPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgICA8dGQgY29sc3Bhbj0iMiI+Jm5ic3A7PC90ZD4KICA8L3RyPgogIDx0ciBhbGlnbj0iY2VudGVyIj4KICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgPHRkIHdpZHRoPSI5NyIgY29sc3Bhbj0iMiIgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iNTQ2IiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMyIgY2xhc3M9ImJvcmRlIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgYWxpZ249ImNlbnRlciIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZCA+PC90ZD4KICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIiBjbGFzcz0idGl0dWxvaG9tZTIiPjx0YWJsZSB3aWR0aD0iIiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYWxpZ249ImxlZnQiIHZhbGlnbj0iYm90dG9tIiBjbGFzcz0idGl0dWxvaG9tZTIiPlJhbmtpbmc8L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGFsaWduPSJsZWZ0IiB2YWxpZ249ImJvdHRvbSIgY2xhc3M9InRpdHVsb2hvbWUyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iIiBoZWlnaHQ9IjM1IiBhbGlnbj0ibGVmdCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIyNSIgY2xhc3M9ImNvbnRlbmlkb2hvbWUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMjUiIGNsYXNzPSJjb250ZW5pZG9ob21lIj48c3Ryb25nPiZidWxsO0xhcyBtJmFhY3V0ZTtzIGxlaWRhczwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGNsYXNzPSJjb250ZW5pZG9ob21lIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBjbGFzcz0iY29udGVuaWRvaG9tZSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgY2xhc3M9ImNvbnRlbmlkb2hvbWUiPjxzdHJvbmc+JmJ1bGw7TGFzIG0mYWFjdXRlO3MgY29tZW50YWRhczwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIlIiBoZWlnaHQ9IjIwIiB2YWxpZ249Im1pZGRsZSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yOTgiIGNsYXNzPSJib3RvbiI+PGltZyBzcmM9ImltZy9mbGVjaGFuYXJhbmphZmdyaXNfMjQuanBnIiB3aWR0aD0iMTQiIGhlaWdodD0iNyIgYm9yZGVyPSIwIiBhbGlnbj0iYWJzbWlkZGxlIiAvPjwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDElIiBoZWlnaHQ9IjMwIiB2YWxpZ249InRvcCIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yOTgiIGNsYXNzPSJib3RvbiI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgTHVkb3RlY2EgR2FyYWJhdG8gLSBQcm95ZWN0byBzYWx1ZGFjdGl2YSwgUG9yIHVuYSBpbmZhbmNpYSBmZWxpeiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iOSUiIGJnY29sb3I9IiNFRkVGRUYiPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzJSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0xNjIiIGNsYXNzPSJib3RvbiI+PGltZyBzcmM9ImltZy9mbGVjaGFuYXJhbmphZmdyaXNfMjQuanBnIiB3aWR0aD0iMTQiIGhlaWdodD0iNyIgYm9yZGVyPSIwIiBhbGlnbj0iYWJzbWlkZGxlIiAvPjwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDUlIiBiZ2NvbG9yPSIjRUZFRkVGIj4gICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3JmFtcDtub3RhPTE2MiIgY2xhc3M9ImJvdG9uIj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBDdXJzbyBJbnRlbnNpdm8gZGUgb3BlcmFkb3IgdGVyYXBldXRpY28gZXNwZWNpYWxpemFkbyBlbiBlbCBhYm9yZGFqZSBkZWwgYWJ1c28sIGxhIHZpb2xlbmNpYSB5IGVsIG1hbHRyYXRvIGluZmFudGlsICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9hPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIlIiBoZWlnaHQ9IjIwIiB2YWxpZ249Im1pZGRsZSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yNDIiIGNsYXNzPSJib3RvbiI+PGltZyBzcmM9ImltZy9mbGVjaGFuYXJhbmphZmdyaXNfMjQuanBnIiB3aWR0aD0iMTQiIGhlaWdodD0iNyIgYm9yZGVyPSIwIiBhbGlnbj0iYWJzbWlkZGxlIiAvPjwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDElIiBoZWlnaHQ9IjMwIiB2YWxpZ249InRvcCIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yNDIiIGNsYXNzPSJib3RvbiI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgUFJPR1JBTUEgTEFTIFZJQ1RJTUFTIENPTlRSQSBMQVMgVklPTEVOQ0lBUyAgTWluaXN0ZXJpbyBkZSBKdXN0aWNpYSB5IERlcmVjaG9zIEh1bWFub3MgZGUgbGEgTmFjafNuICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9hPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI5JSIgYmdjb2xvcj0iI0VGRUZFRiI+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjMlIiBiZ2NvbG9yPSIjRUZFRkVGIj4gICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3JmFtcDtub3RhPTI1NSIgY2xhc3M9ImJvdG9uIj48aW1nIHNyYz0iaW1nL2ZsZWNoYW5hcmFuamFmZ3Jpc18yNC5qcGciIHdpZHRoPSIxNCIgaGVpZ2h0PSI3IiBib3JkZXI9IjAiIGFsaWduPSJhYnNtaWRkbGUiIC8+PC9hPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI0NSUiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MjU1IiBjbGFzcz0iYm90b24iPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIERpcGxvbWF0dXJhIGVuIEFib3JkYWplIGludGVyZGlzY2lwbGluYXJpbyBkZWwgbWFsdHJhdG8sIGxhIHZpb2xlbmNpYSB5IGVsIGFidXNvIHNleHVhbCBpbmZhbnRpbCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyJSIgaGVpZ2h0PSIyMCIgdmFsaWduPSJtaWRkbGUiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MzAzIiBjbGFzcz0iYm90b24iPjxpbWcgc3JjPSJpbWcvZmxlY2hhbmFyYW5qYWZncmlzXzI0LmpwZyIgd2lkdGg9IjE0IiBoZWlnaHQ9IjciIGJvcmRlcj0iMCIgYWxpZ249ImFic21pZGRsZSIgLz48L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjQxJSIgaGVpZ2h0PSIzMCIgdmFsaWduPSJ0b3AiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MzAzIiBjbGFzcz0iYm90b24iPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNhbHVkIEFjdGl2YSBuZWNlc2l0YSBkZSB0dSBheXVkYSEgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjklIiBiZ2NvbG9yPSIjRUZFRkVGIj48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMyUiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MTA0IiBjbGFzcz0iYm90b24iPjxpbWcgc3JjPSJpbWcvZmxlY2hhbmFyYW5qYWZncmlzXzI0LmpwZyIgd2lkdGg9IjE0IiBoZWlnaHQ9IjciIGJvcmRlcj0iMCIgYWxpZ249ImFic21pZGRsZSIgLz48L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjQ1JSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0xMDQiIGNsYXNzPSJib3RvbiI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgTGxhbWFkbyBwYXJhIHByZXNlbnRhY2nzbiBkZSB0cmFiYWpvcy4gICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjIwIiBiZ2NvbG9yPSIjRkZGRkZGIiBjbGFzcz0idGV4dG9udWV2byI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIyMCIgYmdjb2xvcj0iI0ZGRkZGRiIgY2xhc3M9InRleHRvbnVldm8iPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGJnY29sb3I9IiNGRkZGRkYiIGNsYXNzPSJ0ZXh0b251ZXZvIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBiZ2NvbG9yPSIjRkZGRkZGIiBjbGFzcz0idGV4dG9udWV2byI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgYmdjb2xvcj0iI0ZGRkZGRiIgY2xhc3M9InRleHRvbnVldm8iPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICA8L3RhYmxlPgogICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iIyIgY2xhc3M9ImJvdG9uIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgIDwvdHI+CiAgICAgICAgPC90YWJsZT48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgIDx0ZCBjb2xzcGFuPSIyIj4mbmJzcDs8L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KPCEtLSBJTklDSU8gbm90YSBjb211biAtLT4KICA8dHI+CiAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgIDx0ZCBjb2xzcGFuPSIyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQgd2lkdGg9IjElIj4mbmJzcDs8L3RkPgogICAgPHRkIGNvbHNwYW49IjIiIGFsaWduPSJjZW50ZXIiPjx0YWJsZSB3aWR0aD0iNTQwIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgIDx0cj4KICAgICAgICA8dGQgd2lkdGg9IjI3MCIgdmFsaWduPSJ0b3AiPgoJCQkJPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBhbGlnbj0ibGVmdCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MTUvMDQvMjAxMjwvc3Bhbj48YnI+T3JnYW5pemFuIGpvcm5hZGEgc29icmUgdmlvbGVuY2lhPC90ZD4KICAgICAgICAgIDwvdHI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTUiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODAiIGNvbHNwYW49IjQiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPlNlIGNlbnRyYXImYWFjdXRlOyBlbiBsb3MgZmVuJm9hY3V0ZTttZW5vcyBxdWUgYWZlY3RhbiBhIGxhIGZhbWlsaWEgeSBlbiBsbyBxdWUgb2N1cnJlIGVuIGxhcyBlc2N1ZWxhcy48YnIgLz4gU2UgbGxldmFyJmFhY3V0ZTsgYSBjYWJvIGVsIGx1bmVzIDIzLCBlbiBlbCBDZW50cm8gQ3VsdHVyYWwgZGUgVG9zY2hpIHkgVHJlcyANCkFycm95b3MsIHVuYSBqb3JuYWRhIGRlIHJlZmxleGkmb2FjdXRlO24geSBkZWJhdGUgYWJpZXJ0YSBhIGxhIGNvbXVuaWRhZCBzb2JyZSANCiZsZHF1bztWaW9sZW5jaWEgZW4gbGEgZmFtaWxpYSB5IGVuIGxhIGVzY3VlbGEgeSBzdSByZWxhY2kmb2FjdXRlO24gY29uIGVsIGZyYWNhc28gDQplc2NvbGFyJnJkcXVvOywgb3JnYW5pemFkYSBwb3IgbGEgQXNvY2lhY2kmb2FjdXRlO24gQ2l2aWwgQ2VudHJvIEFydCZlYWN1dGU7bWlkZXMgeSBsYSANCk11bmljaXBhbGlkYWQgZGUgQ2lwb2xsZXR0aS5TZSBjZW50cmFyJmFhY3V0ZTsgZW4gbG9zIGZlbiZvYWN1dGU7bWVub3MgcXVlIGFmZWN0YW4gYSBsYSBmYW1pbGlhIHkgZW4gbG8gcXVlIG9jdXJyZSBlbiBsYXMgZXNjdWVsYXMuPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI2OSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNjkiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICAgIDx0ZCB3aWR0aD0iMjcwIiBhbGlnbj0icmlnaHQiIHZhbGlnbj0idG9wIj4KCQkJCTx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgYWxpZ249ImxlZnQiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjMwLzAzLzIwMTI8L3NwYW4+PGJyPkNhcnRhIGRlIEFTQVBNSSAtIEFzb2NpYWNp824gQXJnZW50aW5hIGRlIFByZXZlbmNp824gZGVsIE1hbHRyYXRvIEluZmFudG8tSnV2ZW5pbDwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQgd2lkdGg9IjE1IiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wMV8xOS5qcGciIHdpZHRoPSIxNSIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjgwIiBjb2xzcGFuPSI0IiBhbGlnbj0ibGVmdCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5Mb3MgaW50ZWdyYW50ZXMgZGUgbGEgQ29taXNpJm9hY3V0ZTtuIERpcmVjdGl2YSBkZSBBU0FQTUkgLSBBc29jaWFjaSZvYWN1dGU7biBBcmdlbnRpbmEgZGUgUHJldmVuY2kmb2FjdXRlO24gZGVsIE1hbHRyYXRvIEluZmFudG8tSnV2ZW5pbCwgYXNvY2lhZGEgYSBsYSBJbnRlcm5hdGlvbmFsIFNvY2lldHkgZm9yIFByZXZlbnRpb24gb2YgQ2hpbGQgQWJ1c2UgYW5kIE5lZ2xlY3QgKElTUENBTikgLSwgdGVuZW1vcyBlbCBhZ3JhZG8gZGUgZGlyaWdpcm5vcyBhIFVzdGVkIHBhcmEgdHJhc21pdGlybGUgbnVlc3RyYSBwcm9mdW5kYSAmbmJzcDt5IGhvbmRhIHByZW9jdXBhY2kmb2FjdXRlO24gcG9yIGxhIHBvc3R1cmEgcXVlIHZpZW5lbiBhc3VtaWVuZG8gZW4gZm9ybWEgY29udGludWFkYSBhbGd1bm9zIGNvbGVnaW9zIGRlIHBzaWMmb2FjdXRlO2xvZ29zLCBlc3BlY2lhbG1lbnRlIGRlIGxhIHByb3ZpbmNpYSBkZSBCdWVub3MgQWlyZXMsIGVuIHJlbGFjaSZvYWN1dGU7biBhbCB0cmF0YW1pZW50byBwb2NvIHNlcmlvIHkgY29tcHJvbWV0aWRvIHF1ZSBzZSBsZXMgb3RvcmdhIGEgbGFzIGRlbnVuY2lhcyBlZmVjdHVhZGFzIGNvbnRyYSBwcm9mZXNpb25hbGVzIHBzaWMmb2FjdXRlO2xvZ29zLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI2OCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNjgiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgIDx0ZCBjb2xzcGFuPSIyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQgd2lkdGg9IjElIj4mbmJzcDs8L3RkPgogICAgPHRkIGNvbHNwYW49IjIiIGFsaWduPSJjZW50ZXIiPjx0YWJsZSB3aWR0aD0iNTQwIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgIDx0cj4KICAgICAgICA8dGQgd2lkdGg9IjI3MCIgdmFsaWduPSJ0b3AiPgoJCQkJPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBhbGlnbj0ibGVmdCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MjAvMDMvMjAxMjwvc3Bhbj48YnI+TEEgVklPTEVOQ0lBIFNFWFVBTCBDT05UUkEgTknRT1MgWSBOSdFBUyBFTiBDSUZSQVM8L3RkPgogICAgICAgICAgPC90cj4KICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkIHdpZHRoPSIxNSIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iMTUiIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4MCIgY29sc3Bhbj0iNCIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIiBjbGFzcz0idGV4dG9udWV2byI+PHA+UmFkaW9ncmFmJmlhY3V0ZTthIGRlIHVuIHByb2JsZW1hPC9wPg0KPHA+RGUgbG9zIG4mdWFjdXRlO21lcm9zIGNvbXBpbGFkb3MgcG9yIGRvcyBlcXVpcG9zIGRlbCBNaW5pc3RlcmlvIGRlIEp1c3RpY2lhLCBsYQ0KIGF1dG9yYSB0b21hIGxvcyBkZSBsYSBjaXVkYWQgZGUgQnVlbm9zIEFpcmVzIHBhcmEgdHJhemFyIHVuIHBhcmFkaWdtYSANCmRlIGxvcyBkZWxpdG9zIGNvbnRyYSBsYSBpbnRlZ3JpZGFkIHNleHVhbCBlbiBlbCBwYSZpYWN1dGU7cyB5IHNvYnJlIHN1IA0KYXRlbmNpJm9hY3V0ZTtuLjxiciAvPiA8YnIgLz4gJm5ic3A7UG9yIEV2YSBHaWJlcnRpPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI2MCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNjAiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICAgIDx0ZCB3aWR0aD0iMjcwIiBhbGlnbj0icmlnaHQiIHZhbGlnbj0idG9wIj4KCQkJCTx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgYWxpZ249ImxlZnQiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjE1LzAzLzIwMTI8L3NwYW4+PGJyPkZBTExPIERFIExBIENPUlRFIFNVUFJFTUEgU09CUkUgTEEgTk8gSlVESUNJQUxJWkFDSU9OIERFTCBBQk9SVE8gRU4gQ0FTT1MgREUgVklPTEFDSU9OPC90ZD4KICAgICAgICAgIDwvdHI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTUiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODAiIGNvbHNwYW49IjQiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPjxiciAvPiBKVVJJU0RJQ0NJT046IE5BQ0lPTkFMPGJyIC8+IE1BVEVSSUE6IEFCT1JUTy48YnIgLz4gVFJJQlVOQUw6IENvcnRlIFN1cHJlbWEgZGUgSnVzdGljaWEgZGUgbGEgTmFjaSZvYWN1dGU7bi48YnIgLz4gQVVUT1M6IEYuLCBBLiBMLiBzLyBtZWRpZGEgYXV0b3NhdGlzZmFjdGl2YS48YnIgLz4gRkVDSEE6IDEzLzAzLzIwMTIuPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI1OSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNTkiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KPCEtLSBGSU4gbm90YSBjb211biAtLT4KPC90YWJsZT4KPG1hcCBuYW1lPSJNYXBNYXAiIGlkPSJNYXBNYXAiPjxhcmVhIHNoYXBlPSJyZWN0IiBjb29yZHM9IjE0NCw0LDIxNCwzNiIgaHJlZj0iaW5kZXgucGhwP2lkPTE0IiAvPgo8L21hcD4KPG1hcCBuYW1lPSJNYXAyTWFwMiIgaWQ9Ik1hcDJNYXAyIj48YXJlYSBzaGFwZT0icmVjdCIgY29vcmRzPSIxNDcsNCwyMjAsMzYiIGhyZWY9ImluZGV4LnBocD9pZD0xNGEiIC8+CjwvbWFwPgo8bWFwIG5hbWU9Ik1hcDMiIGlkPSJNYXAzIj48YXJlYSBzaGFwZT0icmVjdCIgY29vcmRzPSIzNjMsMyw0MzYsMzkiIGhyZWY9ImluZGV4LnBocD9pZD0xNGIiIC8+CjwvbWFwPgo8L2h0bWw+CjwvdGQ+CiAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgICA8dGQgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIiBiZ2NvbG9yPSIjRTNFM0UzIj4gICAgICAgICAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgICA8dGQgYWxpZ249ImNlbnRlciIgdmFsaWduPSJ0b3AiIGJnY29sb3I9IiNFM0UzRTMiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPHRkIHdpZHRoPSI3MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNiUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8dGQ+PGltZyBzcmM9ImltZy9kZWNpbG9fYmllbl9mdWVydGUxLmpwZyIgd2lkdGg9IjEyMCIgaGVpZ2h0PSIxMTIiPjwvdGQ+CiAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIiA+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTI0IiBjbGFzcz0iYm90b24xIj5bK10gTSZhYWN1dGU7cyBpbmZvcm1hY2kmb2FjdXRlO248L2E+PC90ZD4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPC90cj4KICAgICAgICAgIDwvdGFibGU+CiAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgYmdjb2xvcj0iI0UzRTNFMyI+ICAgICAgICA8L3RyPgogICAgICAgIDx0cj4gCiAgICAgICAgICA8dGQgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIj4mbmJzcDs8L3RkPgogICAgICAgIDwvdHI+CiAgICA8L3RhYmxlPjwvdGQ+CiAgPC90cj4KICA8dHI+IAogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249ImJvdHRvbSI+PGltZyBzcmM9ImltZy9penExLmpwZyIgd2lkdGg9Ijk2IiBoZWlnaHQ9IjExNCIgLz48L3RkPgogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9RdWllbmVzU29tb3NfQTJfMF8yNS5qcGciIHdpZHRoPSI4MDkiIGhlaWdodD0iMTE0IiBib3JkZXI9IjAiIHVzZW1hcD0iI01hcDIiIC8+PC90ZD4KICA8L3RyPgogIDx0cj4gCiAgICA8dGQgaGVpZ2h0PSI1MCIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIiBiYWNrZ3JvdW5kPSJpbWcvUXVpZW5lc1NvbW9zX0EyXzE4XzE4LmpwZyI+Jm5ic3A7PC90ZD4KICAgIDx0ZCBoZWlnaHQ9IjUwIiBjbGFzcz0iZm9uZG9ib3R0b20iPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2l0ZWkuY29tLmFyLyI+PGltZyBzcmM9ImltZy9laV9jb2xvci5wbmciIGFsdD0iZXNwYWNpb3MgZGUgaW1hZ2luYWNpb24sIGRlc2Fycm9sbG9zIGludGVyYWN0aXZvcywgY3JlYXRpdmlkYWQsIGRpc2XxbyIgd2lkdGg9IjI3IiBoZWlnaHQ9IjE1IiBib3JkZXI9IjAiPjwvYT4gPHNwYW4gY2xhc3M9ImVpIj48YSBocmVmPSJodHRwOi8vd3d3LnNpdGVpLmNvbS5hci8iIHNwYW4gY2xhc3M9ImVpIj5kaXNlJm50aWxkZTtvICsgY29tdW5pY2FjaSZvYWN1dGU7bjwvYT48L3NwYW4+PGVtPiZuYnNwOzwvZW0+PC9zcGFuPjxzcGFuIGNsYXNzPSJibGFuY28xIj48ZW0+Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7PC9lbT48L3NwYW4+PC90ZD4KICA8L3RyPgo8L3RhYmxlPgoKCjxtYXAgbmFtZT0iTWFwMiI+PGFyZWEgc2hhcGU9InJlY3QiIGNvb3Jkcz0iMjQ3LDY5LDQxNCw4MiIgaHJlZj0ibWFpbHRvOnNhbHVkYWN0aXZhQHNhbHVkYWN0aXZvLm9yZy5hciI+CjwvbWFwPgo8bWFwIG5hbWU9Ik1hcCI+CjxhcmVhIHNoYXBlPSJyZWN0IiBjb29yZHM9IjM2LDE0MiwxNDksMTUyIiBocmVmPSJpbmRleC5waHA/aWQ9OF92ZXIyJmNvbmY9MiI+CjxhcmVhIHNoYXBlPSJyZWN0IiBjb29yZHM9IjM0LDE4NiwxNTAsMTk2IiBocmVmPSJpbmRleC5waHA/aWQ9OF92ZXIyJmNvbmY9MCI+CjwvbWFwPgo8L2JvZHk+CjwvaHRtbD4K]]></response>
	201	<responseRedirected>false</responseRedirected>
	202	</requestresponse>
	203	</issue>
	204	<issue>
	205	<serialNumber>3742539495863584768</serialNumber>
	206	<type>5243904</type>
	207	<name>Cross-domain Referer leakage</name>
	208	<host ip="200.20.20.201">http://www.example.org.ar</host>
	209	<path><![CDATA[/index.php]]></path>
	210	<location><![CDATA[/index.php]]></location>
	211	<severity>Information</severity>
	212	<confidence>Certain</confidence>
	213	<issueBackground><![CDATA[When a web browser makes a request for a resource, it typically adds an HTTP header, called the "Referer" header, indicating the URL of the resource from which the request originated. This occurs in numerous situations, for example when a web page loads an image or script, or when a user clicks on a link or submits a form.<br><br>If the resource being requested resides on a different domain, then the Referer header is still generally included in the cross-domain request. If the originating URL contains any sensitive information within its query string, such as a session token, then this information will be transmitted to the other domain. If the other domain is not fully trusted by the application, then this may lead to a security compromise.<br><br>You should review the contents of the information being transmitted to other domains, and also determine whether those domains are fully trusted by the originating application.<br><br>Today's browsers may withhold the Referer header in some situations (for example, when loading a non-HTTPS resource from a page that was loaded over HTTPS, or when a Refresh directive is issued), but this behavior should not be relied upon to protect the originating URL from disclosure.<br><br>Note also that if users can author content within the application then an attacker may be able to inject links referring to a domain they control in order to capture data from URLs used within the application.]]></issueBackground>
	214	<remediationBackground><![CDATA[The application should never transmit any sensitive information within the URL query string. In addition to being leaked in the Referer header, such information may be logged in various locations and may be visible on-screen to untrusted parties.]]></remediationBackground>
	215	<issueDetail><![CDATA[The page was loaded from a URL containing a query string:<ul><li>http://www.example.org.ar/index.php?id=18_new</li></ul>The response contains the following links to other domains:<ul><li>http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab</li><li>http://twitter.com/exampleONG</li><li>http://www.congresoviolencia.com/index.php?id=inscripcion</li><li>http://www.congresoviolencia.com/index.php?id=modalidades</li><li>http://www.facebook.com/home.php?</li><li>http://www.sitei.com.ar/</li></ul>]]></issueDetail>
	216	<requestresponse>
	217	<request base64="true"><![CDATA[R0VUIC9pbmRleC5waHA/aWQ9MThfbmV3IEhUVFAvMS4xDQpIb3N0OiB3d3cuc2FsdWRhY3RpdmEub3JnLmFyDQpBY2NlcHQ6ICovKg0KQWNjZXB0LUxhbmd1YWdlOiBlbg0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IE1TSUUgOS4wOyBXaW5kb3dzIE5UIDYuMTsgV2luNjQ7IHg2NDsgVHJpZGVudC81LjApDQpDb25uZWN0aW9uOiBjbG9zZQ0KDQo=]]></request>
	218	<response base64="true"><![CDATA[SFRUUC8xLjEgMjAwIE9LDQpEYXRlOiBUaHUsIDA3IE5vdiAyMDEzIDE3OjE0OjA1IEdNVA0KU2VydmVyOiBBcGFjaGUvMi4yLjIzIChVbml4KSBtb2Rfc3NsLzIuMi4yMyBPcGVuU1NMLzAuOS44ZS1maXBzLXJoZWw1DQpYLVBvd2VyZWQtQnk6IFBIUC81LjIuMTcNCkV4cGlyZXM6IFRodSwgMTkgTm92IDE5ODEgMDg6NTI6MDAgR01UDQpDYWNoZS1Db250cm9sOiBuby1zdG9yZSwgbm8tY2FjaGUsIG11c3QtcmV2YWxpZGF0ZSwgcG9zdC1jaGVjaz0wLCBwcmUtY2hlY2s9MA0KUHJhZ21hOiBuby1jYWNoZQ0KQ29ubmVjdGlvbjogY2xvc2UNCkNvbnRlbnQtVHlwZTogdGV4dC9odG1sDQpDb250ZW50LUxlbmd0aDogNjA2MDYNCg0KIDxoZWFkPgo8bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LVR5cGUiIGNvbnRlbnQ9InRleHQvaHRtbDsgY2hhcnNldD1pc28tODg1OS0xIiAvPgo8dGl0bGU+U2FsdWQgQWN0aXZhIC0gQWJ1c28gdmlvbGVuY2lhIHkgbWFsdHJhdG88L3RpdGxlPgoKPHNjcmlwdD4gCiAgICAvL2VzdG8gcGFyYSBwYXNhcmxlIGFsIGZsYXNoIGxhcyB2YXJpYWxiZXMgZGVsIHBocAogCQoKCXZhciBib3Q9Jyc7Ci8vYWxlcnQodmFyaWFibGVTZXJ2aWRvcik7Cjwvc2NyaXB0Pgo8c2NyaXB0IGxhbmd1YWdlPSJKYXZhU2NyaXB0IiB0eXBlPSJ0ZXh0L0phdmFTY3JpcHQiPgo8IS0tCmZ1bmN0aW9uIE1NX3ByZWxvYWRJbWFnZXMoKSB7IC8vdjMuMAogIHZhciBkPWRvY3VtZW50OyBpZihkLmltYWdlcyl7IGlmKCFkLk1NX3ApIGQuTU1fcD1uZXcgQXJyYXkoKTsKICAgIHZhciBpLGo9ZC5NTV9wLmxlbmd0aCxhPU1NX3ByZWxvYWRJbWFnZXMuYXJndW1lbnRzOyBmb3IoaT0wOyBpPGEubGVuZ3RoOyBpKyspCiAgICBpZiAoYVtpXS5pbmRleE9mKCIjIikhPTApeyBkLk1NX3Bbal09bmV3IEltYWdlOyBkLk1NX3BbaisrXS5zcmM9YVtpXTt9fQp9Ci8vLS0+Cjwvc2NyaXB0Pgo8bGluayBocmVmPSJlc3RpbG9zLmNzcyIgcmVsPSJzdHlsZXNoZWV0IiB0eXBlPSJ0ZXh0L2NzcyIgLz4KCjwvaGVhZD4KCjxzY3JpcHQgbGFuZ3VhZ2U9IkphdmFTY3JpcHQiIHR5cGU9InRleHQvSmF2YVNjcmlwdCI+CjwhLS0KZnVuY3Rpb24gTU1fcmVsb2FkUGFnZShpbml0KSB7ICAvL3JlbG9hZHMgdGhlIHdpbmRvdyBpZiBOYXY0IHJlc2l6ZWQKICBpZiAoaW5pdD09dHJ1ZSkgd2l0aCAobmF2aWdhdG9yKSB7aWYgKChhcHBOYW1lPT0iTmV0c2NhcGUiKSYmKHBhcnNlSW50KGFwcFZlcnNpb24pPT00KSkgewogICAgZG9jdW1lbnQuTU1fcGdXPWlubmVyV2lkdGg7IGRvY3VtZW50Lk1NX3BnSD1pbm5lckhlaWdodDsgb25yZXNpemU9TU1fcmVsb2FkUGFnZTsgfX0KICBlbHNlIGlmIChpbm5lcldpZHRoIT1kb2N1bWVudC5NTV9wZ1cgfHwgaW5uZXJIZWlnaHQhPWRvY3VtZW50Lk1NX3BnSCkgbG9jYXRpb24ucmVsb2FkKCk7Cn0KTU1fcmVsb2FkUGFnZSh0cnVlKTsKLy8tLT4KCjwvc2NyaXB0Pgo8c2NyaXB0IHNyYz0iU2NyaXB0cy9BQ19SdW5BY3RpdmVDb250ZW50LmpzIiB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPjwvc2NyaXB0PgoKCjwvaGVhZD4KCjxib2R5IGJhY2tncm91bmQ9ImltZy9mb25kb19kZWdyYWRlLmpwZyIgdG9wbWFyZ2luPSIwIj4KPHRhYmxlIHdpZHRoPSIxMDA1IiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgPHRyPiAKICAgIDx0ZCB3aWR0aD0iOTYiPjxpbWcgc3JjPSJpbWcvUXVpZW5lc1NvbW9zX0EyXzBfMDEuanBnIiB3aWR0aD0iOTYiIGhlaWdodD0iMjA4IiAvPjwvdGQ+CiAgICA8dGQgd2lkdGg9IjgwOSI+IDxzY3JpcHQgdHlwZT0idGV4dC9qYXZhc2NyaXB0Ij4KQUNfRkxfUnVuQ29udGVudCggJ2NvZGViYXNlJywnaHR0cDovL2Rvd25sb2FkLm1hY3JvbWVkaWEuY29tL3B1Yi9zaG9ja3dhdmUvY2Ficy9mbGFzaC9zd2ZsYXNoLmNhYiN2ZXJzaW9uPTcsMCwxOSwwJywnd2lkdGgnLCc4MDknLCdoZWlnaHQnLCcyMDgnLCdzcmMnLCdzd2YvaGVhZGVyJywncXVhbGl0eScsJ2hpZ2gnLCdwbHVnaW5zcGFnZScsJ2h0dHA6Ly93d3cubWFjcm9tZWRpYS5jb20vZ28vZ2V0Zmxhc2hwbGF5ZXInLCdtb3ZpZScsJ3N3Zi9oZWFkZXInICk7IC8vZW5kIEFDIGNvZGUKPC9zY3JpcHQ+IDxub3NjcmlwdD4KICAgICAgPG9iamVjdCBjbGFzc2lkPSJjbHNpZDpEMjdDREI2RS1BRTZELTExY2YtOTZCOC00NDQ1NTM1NDAwMDAiIGNvZGViYXNlPSJodHRwOi8vZG93bmxvYWQubWFjcm9tZWRpYS5jb20vcHViL3Nob2Nrd2F2ZS9jYWJzL2ZsYXNoL3N3Zmxhc2guY2FiI3ZlcnNpb249NywwLDE5LDAiIHdpZHRoPSI4MDkiIGhlaWdodD0iMjA4Ij4KICAgICAgICA8cGFyYW0gbmFtZT0ibW92aWUiIHZhbHVlPSJzd2YvaGVhZGVyLnN3ZiIgLz4KICAgICAgICA8cGFyYW0gbmFtZT0icXVhbGl0eSIgdmFsdWU9ImhpZ2giIC8+CiAgICAgICAgPGVtYmVkIHNyYz0ic3dmL2hlYWRlci5zd2YiIHF1YWxpdHk9ImhpZ2giIHBsdWdpbnNwYWdlPSJodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL2dvL2dldGZsYXNocGxheWVyIiB0eXBlPSJhcHBsaWNhdGlvbi94LXNob2Nrd2F2ZS1mbGFzaCIgd2lkdGg9IjgwOSIgaGVpZ2h0PSIyMDgiPjwvZW1iZWQ+IAogICAgICA8L29iamVjdD4KICAgICAgPC9ub3NjcmlwdD48L3RkPgogICAgPHRkIHdpZHRoPSIxMiUiIHJvd3NwYW49IjUiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgYmdjb2xvcj0iIzAwMDAwMCI+Jm5ic3A7PC90ZD4KICA8L3RyPgogIDx0cj4gCiAgICA8dGQgaGVpZ2h0PSI0NjEiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgYmFja2dyb3VuZD0iaW1nL1F1aWVuZXNTb21vc19BMl8wXzEzLmpwZyI+IAogICAgICA8c2NyaXB0IHR5cGU9InRleHQvamF2YXNjcmlwdCI+CkFDX0ZMX1J1bkNvbnRlbnQoICdjb2RlYmFzZScsJ2h0dHA6Ly9kb3dubG9hZC5tYWNyb21lZGlhLmNvbS9wdWIvc2hvY2t3YXZlL2NhYnMvZmxhc2gvc3dmbGFzaC5jYWIjdmVyc2lvbj02LDAsMjksMCcsJ3dpZHRoJywnOTYnLCdoZWlnaHQnLCc0NjEnLCdzcmMnLCdzd2Yvc3VibWVudScsJ3F1YWxpdHknLCdoaWdoJywncGx1Z2luc3BhZ2UnLCdodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL2dvL2dldGZsYXNocGxheWVyJywnbW92aWUnLCdzd2Yvc3VibWVudScgKTsgLy9lbmQgQUMgY29kZQo8L3NjcmlwdD4gPG5vc2NyaXB0PgogICAgICA8b2JqZWN0IGNsYXNzaWQ9ImNsc2lkOkQyN0NEQjZFLUFFNkQtMTFjZi05NkI4LTQ0NDU1MzU0MDAwMCIgY29kZWJhc2U9Imh0dHA6Ly9kb3dubG9hZC5tYWNyb21lZGlhLmNvbS9wdWIvc2hvY2t3YXZlL2NhYnMvZmxhc2gvc3dmbGFzaC5jYWIjdmVyc2lvbj02LDAsMjksMCIgd2lkdGg9Ijk2IiBoZWlnaHQ9IjQ2MSI+CiAgICAgICAgPHBhcmFtIG5hbWU9Im1vdmllIiB2YWx1ZT0ic3dmL3N1Ym1lbnUuc3dmIiAvPgogICAgICAgIDxwYXJhbSBuYW1lPSJxdWFsaXR5IiB2YWx1ZT0iaGlnaCIgLz4KICAgICAgICA8ZW1iZWQgc3JjPSJzd2Yvc3VibWVudS5zd2YiIHF1YWxpdHk9ImhpZ2giIHBsdWdpbnNwYWdlPSJodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL2dvL2dldGZsYXNocGxheWVyIiB0eXBlPSJhcHBsaWNhdGlvbi94LXNob2Nrd2F2ZS1mbGFzaCIgd2lkdGg9Ijk2IiBoZWlnaHQ9IjQ2MSI+PC9lbWJlZD48L29iamVjdD4KICAgICAgPC9ub3NjcmlwdD48L3RkPgogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCIgYmdjb2xvcj0iI0ZGRkZGRiI+CiAgICAgICAgPHRyPiAKICAgICAgICAgIDx0ZCB3aWR0aD0iMTciIHJvd3NwYW49IjciPjxwPiZuYnNwOzwvcD48L3RkPgogICAgICAgICAgPHRkIHdpZHRoPSIxNzIiIGFsaWduPSJjZW50ZXIiIHZhbGlnbj0idG9wIiBiZ2NvbG9yPSIjRTNFM0UzIj4gPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGFsaWduPSJjZW50ZXIiPjxpbWcgc3JjPSJpbWcvM3B4LmpwZyIgd2lkdGg9IjUiIGhlaWdodD0iNSI+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4gCiAgICAgICAgICAgICAgICA8dGQgYWxpZ249ImNlbnRlciI+PGxpbmsgaHJlZj0iLi4vZXN0aWxvcy5jc3MiIHJlbD0ic3R5bGVzaGVldCIgdHlwZT0idGV4dC9jc3MiIC8+Cjxib2R5IGJnY29sb3I9IiNDQ0NDQ0MiIHRvcG1hcmdpbj0iNiBweCI+PHRhYmxlIHdpZHRoPSIxNjUiIGJvcmRlcj0iMCIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIzIiBiZ2NvbG9yPSIjRkZGRkZGIj4KPHRyPgogICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTkxIiBoZWlnaHQ9IjI4IiBiYWNrZ3JvdW5kPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiA+PGltZyBzcmM9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciIHdpZHRoPSI2IiAgaGVpZ2h0PSIyOCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJpbmRleC5waHA/aWQ9MThfbmV3IiBjbGFzcz0iZm9uZG9ib3RvbiI+SG9tZTwvYT48L3RkPgogIDwvdHI+Cjx0cj4KICA8dGQgaGVpZ2h0PSIyOCIgYmFja2dyb3VuZD0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXciIGNsYXNzPSJmb25kb2JvdG9uIj4mbmJzcDsmbmJzcDtOb3RpY2lhczwvYT48L3RkPgo8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMjgiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgd2lkdGg9IjYiIGhlaWdodD0iMjgiIGJvcmRlcj0iMCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJkb25hY2lvbmVzLyIgdGFyZ2V0PSJfYmxhbmsiIGNsYXNzPSJmb25kb2JvdG9uIj5Eb25hY2lvbmVzPC9hPjwvdGQ+CiAgPC90cj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjI4IiBiYWNrZ3JvdW5kPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiA+PGltZyBzcmM9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciICB3aWR0aD0iNiJoZWlnaHQ9IjI4IiBhbGlnbj0iYWJzbWlkZGxlIiAvPjxhIGhyZWY9ImluZGV4LnBocD9pZD0yM19uZXciIGNsYXNzPSJmb25kb2JvdG9uIj5IaXN0b3JpYWwgZGUgbmV3c2xldHRlcnM8L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMjgiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgd2lkdGg9IjYiIGhlaWdodD0iMjgiIGFsaWduPSJhYnNtaWRkbGUiIC8+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTEzYSIgY2xhc3M9ImZvbmRvYm90b24iPkVudmlhciBpbmZvcm1hY2kmb2FjdXRlO248L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciPjxpbWcgc3JjPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiB3aWR0aD0iNiJoZWlnaHQ9IjI4IiBhbGlnbj0iYWJzbWlkZGxlIiAvPjxhIGhyZWY9ImluZGV4LnBocD9pZD0yNl9uZXciIGNsYXNzPSJmb25kb2JvdG9uIj5WZXIgdHJhYmFqb3MgZGUgdXN1YXJpb3M8L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciPjxpbWcgc3JjPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiB3aWR0aD0iNiIgaGVpZ2h0PSIyOCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJpbmRleC5waHA/aWQ9MTZfbmV3IiBjbGFzcz0iZm9uZG9ib3RvbiI+U2FsdWQgQWN0aXZhIHByZW5zYTwvYT48L3RkPgogIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIxOSIgYmFja2dyb3VuZD0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgPjxpbWcgc3JjPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiB3aWR0aD0iNiIgaGVpZ2h0PSIyOCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJtYWlsdG86c2FsdWRhY3RpdmFAc2FsdWRhY3RpdmEub3JnLmFyIiBjbGFzcz0iZm9uZG9ib3RvbiI+TWFuZCZhYWN1dGU7IHR1IEMuVi48L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgIHdpZHRoPSI2ImhlaWdodD0iMjgiIGFsaWduPSJhYnNtaWRkbGUiIC8+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTIxX25ldyIgY2xhc3M9ImZvbmRvYm90b24iPkluZm9ybWFjaSZvYWN1dGU7biBkZSBpbnRlciZlYWN1dGU7czwvYT48L3RkPgogIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIxOSIgYmFja2dyb3VuZD0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyI+PGltZyBzcmM9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciIHdpZHRoPSI2IiBoZWlnaHQ9IjI4IiBhbGlnbj0iYWJzbWlkZGxlIiAvPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xMF80IiBjbGFzcz0iZm9uZG9ib3RvbiI+Q29uZ3Jlc29zCiAgICAgICAgICAgICAgICAgIHkgSm9ybmFkYXM8L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgd2lkdGg9IjYiIGhlaWdodD0iMjgiIGFsaWduPSJhYnNtaWRkbGUiIC8+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTExIiBjbGFzcz0iZm9uZG9ib3RvbiI+UmVnaXN0cmFjaSZvYWN1dGU7bjwvYT48L3RkPgogIDwvdHI+CiAgICAgICAgICAgCiAgICAgICAgICA8L3RhYmxlPgo8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGFsaWduPSJjZW50ZXIiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNSIgdGFyZ2V0PSJfYmxhbmsiPjxicj4KICAgICAgICAgICAgICAgICAgPGltZyBzcmM9ImltZy9iYW5uZXJfZG9uYWNpb25lcy5qcGciIHdpZHRoPSIxNjIiIGhlaWdodD0iMTIwIiBib3JkZXI9IjAiPjxicj4KICAgICAgICAgICAgICAgICAgPGJyPgogICAgICAgICAgICAgICAgICA8aW1nIHNyYz0iaW1nL2JvdG9uRm9yby5naWYiIHdpZHRoPSIxNzIiIGhlaWdodD0iMTE3IiBib3JkZXI9IjAiPjwvYT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPiAKICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTY3IiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjkiPjxpbWcgc3JjPSJpbWcvY2hpY29zX3BlcmRpZG9zXzAzLmdpZiIgd2lkdGg9IjkiIGhlaWdodD0iOSIgLz48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTQ5IiBiYWNrZ3JvdW5kPSJpbWcvY2hpY29zX3BlcmRpZG9zXzA1LmdpZiI+PGltZyBzcmM9ImltZy9jaGljb3NfcGVyZGlkb3NfMDUuZ2lmIiB3aWR0aD0iOSIgaGVpZ2h0PSI5IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMCI+PGltZyBzcmM9ImltZy9jaGljb3NfcGVyZGlkb3NfMDcuZ2lmIiB3aWR0aD0iOSIgaGVpZ2h0PSI5IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgYmFja2dyb3VuZD0iaW1nL2NoaWNvc19wZXJkaWRvc18xMi5naWYiPjxpbWcgc3JjPSJpbWcvY2hpY29zX3BlcmRpZG9zXzEyLmdpZiIgd2lkdGg9IjkiIGhlaWdodD0iMTEiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQ+PGltZyBzcmM9InNyYy9pbWdfdXAvMjMwODIwMTIuMS5qcGciIHdpZHRoPSIxNDkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgYmFja2dyb3VuZD0iaW1nL2NoaWNvc19wZXJkaWRvc18xMy5naWYiPjxpbWcgc3JjPSJpbWcvY2hpY29zX3BlcmRpZG9zXzEzLmdpZiIgd2lkdGg9IjkiIGhlaWdodD0iMTEiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18xNi5naWYiIHdpZHRoPSIxNjciIGhlaWdodD0iNSIgLz48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGJhY2tncm91bmQ9ImltZy9jaGljb3NfcGVyZGlkb3NfMTcuZ2lmIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18xNy5naWYiIHdpZHRoPSI5IiBoZWlnaHQ9IjkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgYWxpZ249ImNlbnRlciIgYmdjb2xvcj0iI0ZFRTdDRiIgY2xhc3M9InRpdHVsb2hvbWU1Ij48c3Ryb25nPk5pJm50aWxkZTtvcyBwZXJkaWRvczxicj4KICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0yOSIgY2xhc3M9ImJvdG9uIj5bVmVyIG0mYWFjdXRlO3NdPC9hPjwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIGJhY2tncm91bmQ9ImltZy9jaGljb3NfcGVyZGlkb3NfMTkuZ2lmIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18xOS5naWYiIHdpZHRoPSI5IiBoZWlnaHQ9IjkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18yMC5naWYiIHdpZHRoPSIxNjciIGhlaWdodD0iMjUiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPiAKICAgICAgICAgICAgICAgIDx0ZD48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4NCgkJCQkNCgkJCQk8Zm9ybSBhY3Rpb249ImluZGV4LnBocD9pZD0xMSIgIG1ldGhvZD0icG9zdCI+DQogICAgICAgICAgICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMiI+PGltZyBzcmM9ImltZy9yZWdpc3RyYXRlX2VzcV9penExLmpwZyIgd2lkdGg9IjEyIiBoZWlnaHQ9IjQ4IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgICAgPHRkPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9hcnJpYmEuanBnIiB3aWR0aD0iMTQ2IiBoZWlnaHQ9IjQ4IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNCI+PGltZyBzcmM9ImltZy9yZWdpc3RyYXRlX2VzcV9kZXIxLmpwZyIgd2lkdGg9IjE0IiBoZWlnaHQ9IjQ4IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgIDwvdHI+DQogICAgICAgICAgICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMiIgdmFsaWduPSJ0b3AiIGNsYXNzPSJyZWdGb25kbzEiPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9penEuanBnIiB3aWR0aD0iMTIiIGhlaWdodD0iMTIiIC8+PC90ZD4NCiAgICAgICAgICAgICAgICAgICAgICA8dGQgYmdjb2xvcj0iI0ZGRkZGRiI+PHRhYmxlIHdpZHRoPSI5NCUiIGJvcmRlcj0iMCIgYWxpZ249ImNlbnRlciIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4NCiAgICAgICAgICA8dHI+IA0KICAgICAgICAgICAgPHRkPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV90aXQuanBnIiB3aWR0aD0iNjYiIGhlaWdodD0iMjMiIC8+PC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgaGVpZ2h0PSI1MCIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJyZWdpc3RyYXJzZSI+SW5ncmVzJmFhY3V0ZTsgDQogICAgICAgICAgICAgIHR1cyBkYXRvcyB5IHJlY2liJmlhY3V0ZTsgbGEgbWVqb3IgaW5mb3JtYWNpJm9hY3V0ZTtuIGEgdHJhdiZlYWN1dGU7cyANCiAgICAgICAgICAgICAgZGUgbnVlc3RybzxzdHJvbmc+IE5ld3NsZXR0ZXI8L3N0cm9uZz4uIDxzdHJvbmc+PHNwYW4gY2xhc3M9ImdyYXRpcyI+R3JhdGlzITwvc3Bhbj48L3N0cm9uZz48L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgICAgPHRyPiANCiAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjI1IiB2YWxpZ249Im1pZGRsZSIgY2xhc3M9InRyYWJTRUNDSU9OIj5Ob21icmU8L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgICAgPHRyPiANCiAgICAgICAgICAgIDx0ZCBjbGFzcz0icmVnQ0VMREEiPjxpbnB1dCBuYW1lPSJub21icmUiIHR5cGU9InRleHQiIGNsYXNzPSJyZWdDRUxEQWlucHV0IiBpZD0ibm9tYnJlIiAvPjwvdGQ+DQogICAgICAgICAgPC90cj4NCiAgICAgICAgICA8dHI+IA0KICAgICAgICAgICAgPHRkIGhlaWdodD0iMjUiIHZhbGlnbj0ibWlkZGxlIiBjbGFzcz0idHJhYlNFQ0NJT04iPkFwZWxsaWRvPC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgY2xhc3M9InJlZ0NFTERBIj48aW5wdXQgbmFtZT0iYXBlbGxpZG8iIHR5cGU9InRleHQiIGNsYXNzPSJyZWdDRUxEQWlucHV0IiBpZD0iYXBlbGxpZG8iIC8+PC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgaGVpZ2h0PSIyNSIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJ0cmFiU0VDQ0lPTiI+RS1tYWlsPC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgY2xhc3M9InJlZ0NFTERBIj48aW5wdXQgbmFtZT0iZW1haWwiIHR5cGU9InRleHQiIGNsYXNzPSJyZWdDRUxEQWlucHV0IiBpZD0iZW1haWwiIC8+PC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgY2xhc3M9InRyYWJTRUNDSU9OIj4mbmJzcDs8L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgICAgPHRyPiANCiAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIiBjbGFzcz0idHJhYlNFQ0NJT04iPjxpbnB1dCB0eXBlPSJpbWFnZSIgc3JjPSJpbWcvcmVnaXN0cmF0ZV9ib3Rvbi5qcGciIHdpZHRoPSIxMTciIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgIDwvdGFibGU+PC90ZD4NCiAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE0IiB2YWxpZ249InRvcCIgY2xhc3M9InJlZ0ZvbmRvMiI+PGltZyBzcmM9ImltZy9yZWdpc3RyYXRlX2Rlci5qcGciIHdpZHRoPSIxNCIgaGVpZ2h0PSIxNCIgLz48L3RkPg0KICAgICAgICAgICAgICAgICAgICA8L3RyPg0KICAgICAgICAgICAgICAgICAgICA8dHI+IA0KICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTIiIGhlaWdodD0iMjQiPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9lc3FfaXpxMi5qcGciIHdpZHRoPSIxMiIgaGVpZ2h0PSIyNCIgLz48L3RkPg0KICAgICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjI0Ij48aW1nIHNyYz0iaW1nL3JlZ2lzdHJhdGVfYWJham8uanBnIiB3aWR0aD0iMTQ2IiBoZWlnaHQ9IjI0IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgICAgPHRkPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9lc3FfZGVyMi5qcGciIHdpZHRoPSIxNCIgaGVpZ2h0PSIyNCIgLz48L3RkPg0KICAgICAgICAgICAgICAgICAgICA8L3RyPg0KCQkJCQkNCgkJCQkJPC9mb3JtPg0KICAgICAgICAgICAgICAgICAgPC90YWJsZT4NCjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4gCiAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPiAKICAgICAgICAgICAgICAgICAgPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTcwIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMyIgY2xhc3M9ImJvcmRlIj4KICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCA+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBhbGlnbj0ibGVmdCIgY2xhc3M9InRpdHVsb2hvbWUyIj4KCQkJCQkJCQkJCQkJCQkJCTwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICA8dGQ+PGltZyBzcmM9ImltZy9jbGF1ZGlhMl8wMy5qcGciIHdpZHRoPSIxNzQiIGhlaWdodD0iMjUwIiBib3JkZXI9IjAiIHVzZW1hcD0iI01hcCI+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8L3RhYmxlPiAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICA8L3RhYmxlPiAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICA8dGQgcm93c3Bhbj0iNyIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nLzV4NS5qcGciIHdpZHRoPSI3IiBoZWlnaHQ9IjciPjwvdGQ+CiAgICAgICAgICA8dGQgY29sc3Bhbj0iMiIgcm93c3Bhbj0iNCIgYWxpZ249InJpZ2h0IiB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPGZvcm0gYWN0aW9uPSJsb2dpbi5waHAiIG1ldGhvZD0icG9zdCIgbmFtZT0iZm9ybTIiPgoKICAgICAgICAgICAgICA8dHI+IAogICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIxOSIgY29sc3Bhbj0iMiIgYWxpZ249ImxlZnQiIHZhbGlnbj0ibWlkZGxlIiBjbGFzcz0iY29udGVuaWRvIiA+IAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8c3Ryb25nPlVzdWFyaW8gbm8gcmVnaXN0cmFkbzwvc3Ryb25nPiAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9mb250PiA8L3N0cm9uZz4gCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDkiIGFsaWduPSJyaWdodCIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJjb250ZW5pZG8iPlVzdWFyaW8mbmJzcDsmbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzOSIgdmFsaWduPSJtaWRkbGUiPjxpbnB1dCBuYW1lPSJ1c3VhcmlvIiB0eXBlPSJ0ZXh0IiBjbGFzcz0icmVnIiBpZD0idXN1YXJpbyIgc2l6ZT0iNyI+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjciIGFsaWduPSJyaWdodCIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJjb250ZW5pZG8iPkNvbnRyYXNlJm50aWxkZTthJm5ic3A7Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzkiIHZhbGlnbj0ibWlkZGxlIj48aW5wdXQgbmFtZT0icGFzcyIgdHlwZT0icGFzc3dvcmQiIGNsYXNzPSJyZWciIGlkPSJwYXNzIiBzaXplPSI3Ij48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MiIgYWxpZ249InJpZ2h0IiB2YWxpZ249Im1pZGRsZSIgY2xhc3M9ImJvdG9uIj48aW5wdXQgdHlwZT0iaW1hZ2UiIHNyYz0iaW1nL3JlZy5qcGciIHdpZHRoPSI1OCIgaGVpZ2h0PSIzMCI+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPiAKICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjciIGhlaWdodD0iMTkiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgPjxhIGhyZWY9Imh0dHA6Ly93d3cuZmFjZWJvb2suY29tL2hvbWUucGhwPyMhL3BhZ2VzL01lcmxvLUFyZ2VudGluYS9TQUxVRC1BQ1RJVkEvMTAwNTgzNTQzMzE3MzIyP3JlZj10cyZhamF4cGlwZT0xJl9fYT03IiB0YXJnZXQ9Il9ibGFuayI+PGltZyBzcmM9ImltZy9mYWNlYm9vay5qcGciIHdpZHRoPSIyMCIgaGVpZ2h0PSIyMCIgYm9yZGVyPSIwIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzExIiBhbGlnbj0icmlnaHQiIHZhbGlnbj0idG9wIj48ZGl2IGFsaWduPSJsZWZ0Ij48YSBocmVmPSJodHRwOi8vdHdpdHRlci5jb20vU2FsdWRBY3RpdmFPTkciIHRhcmdldD0iX2JsYW5rIj48aW1nIHNyYz0iaW1nL3R3aXRlci5qcGciIHdpZHRoPSIyMCIgaGVpZ2h0PSIyMCIgYm9yZGVyPSIwIj48L2E+PC9kaXY+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSI1IiBhbGlnbj0icmlnaHQiIHZhbGlnbj0ibWlkZGxlIiBjbGFzcz0iY29udGVuaWRvIj48bGFiZWw+PGZvbnQgc2l6ZT0iLTYiPlNpCiAgICAgICAgICAgICAgICAgICAgICAgdG9kYXYmaWFjdXRlO2Egbm8gZXMgdXN1YXJpbyA8L2ZvbnQ+IDxhIGhyZWY9ImluZGV4LnBocD9pZD0xMSIgY2xhc3M9ImJvdG9uIj48Zm9udCBzaXplPSItNiI+cmVnJmlhY3V0ZTtzdHJlc2UKICAgICAgICAgICAgICAgICAgICAgICAgYXF1JmlhY3V0ZTsgPGZvbnQgY29sb3I9IiM2NjY2NjYiPiYjODIyNjs8L2ZvbnQ+PC9mb250PjwvYT4gPGEgaHJlZj0iaW5kZXgucGhwP2lkPTEyIiBjbGFzcz0iYm90b24xIj48Zm9udCBzaXplPSItNiI+b2x2aWRlIG1pIGNvbnRyYXNlJm50aWxkZTthPC9mb250PjwvYT48L2xhYmVsPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE3Ij4mbmJzcDsgPC90ZD4KICAgICAgICAgICAgICA8L3RyPgoJCQkgIDwvZm9ybT4KCiAgICAgICAgICAgIDwvdGFibGU+CiAgICAgICAgICA8IURPQ1RZUEUgaHRtbCBQVUJMSUMgIi0vL1czQy8vRFREIFhIVE1MIDEuMCBUcmFuc2l0aW9uYWwvL0VOIiAiaHR0cDovL3d3dy53My5vcmcvVFIveGh0bWwxL0RURC94aHRtbDEtdHJhbnNpdGlvbmFsLmR0ZCI+CjxodG1sIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hodG1sIj4KPGhlYWQ+CjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PWlzby04ODU5LTEiIC8+Cjx0aXRsZT5Eb2N1bWVudG8gc2luIHQmaWFjdXRlO3R1bG88L3RpdGxlPgo8bGluayBocmVmPSJlc3RpbG9zLmNzcyIgcmVsPSJzdHlsZXNoZWV0IiB0eXBlPSJ0ZXh0L2NzcyIgLz4KPHNjcmlwdCBsYW5ndWFnZT0iSmF2YVNjcmlwdCIgdHlwZT0idGV4dC9KYXZhU2NyaXB0Ij4KPCEtLQpmdW5jdGlvbiBNTV9yZWxvYWRQYWdlKGluaXQpIHsgIC8vcmVsb2FkcyB0aGUgd2luZG93IGlmIE5hdjQgcmVzaXplZAogIGlmIChpbml0PT10cnVlKSB3aXRoIChuYXZpZ2F0b3IpIHtpZiAoKGFwcE5hbWU9PSJOZXRzY2FwZSIpJiYocGFyc2VJbnQoYXBwVmVyc2lvbik9PTQpKSB7CiAgICBkb2N1bWVudC5NTV9wZ1c9aW5uZXJXaWR0aDsgZG9jdW1lbnQuTU1fcGdIPWlubmVySGVpZ2h0OyBvbnJlc2l6ZT1NTV9yZWxvYWRQYWdlOyB9fQogIGVsc2UgaWYgKGlubmVyV2lkdGghPWRvY3VtZW50Lk1NX3BnVyB8fCBpbm5lckhlaWdodCE9ZG9jdW1lbnQuTU1fcGdIKSBsb2NhdGlvbi5yZWxvYWQoKTsKfQpNTV9yZWxvYWRQYWdlKHRydWUpOwoKZnVuY3Rpb24gTU1fcHJlbG9hZEltYWdlcygpIHsgLy92My4wCiAgdmFyIGQ9ZG9jdW1lbnQ7IGlmKGQuaW1hZ2VzKXsgaWYoIWQuTU1fcCkgZC5NTV9wPW5ldyBBcnJheSgpOwogICAgdmFyIGksaj1kLk1NX3AubGVuZ3RoLGE9TU1fcHJlbG9hZEltYWdlcy5hcmd1bWVudHM7IGZvcihpPTA7IGk8YS5sZW5ndGg7IGkrKykKICAgIGlmIChhW2ldLmluZGV4T2YoIiMiKSE9MCl7IGQuTU1fcFtqXT1uZXcgSW1hZ2U7IGQuTU1fcFtqKytdLnNyYz1hW2ldO319Cn0KLy8tLT4KPC9zY3JpcHQ+CiAgICAgICAgICAgICA8c2NyaXB0IHNyYz0iU2NyaXB0cy9BQ19SdW5BY3RpdmVDb250ZW50LmpzIiB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPjwvc2NyaXB0PgoJCQkgCjxzdHlsZSB0eXBlPSJ0ZXh0L2NzcyI+CjwhLS0KI0xheWVyMSB7Cglwb3NpdGlvbjphYnNvbHV0ZTsKCXdpZHRoOjY1MXB4OwoJaGVpZ2h0OjIxOHB4OwoJei1pbmRleDoxOwp9CiNMYXllcjIgewoJcG9zaXRpb246YWJzb2x1dGU7Cgl3aWR0aDoyMDBweDsKCWhlaWdodDoxMTVweDsKCXotaW5kZXg6MTsKCXZpc2liaWxpdHk6IHZpc2libGU7Cn0KLkVzdGlsbzEgewoJZm9udC1zaXplOiAxOHB4OwoJZm9udC13ZWlnaHQ6IGJvbGQ7Cn0KLkVzdGlsbzIgewoJZm9udC1zaXplOiAxNHB4OwoJZm9udC13ZWlnaHQ6IGJvbGQ7Cn0KLkVzdGlsbzMge2NvbG9yOiAjNTA2OTkwOyBsaW5lLWhlaWdodDogMTJweDsgdGV4dC1kZWNvcmF0aW9uOiBub25lOyBmb250LWZhbWlseTogVGFob21hO30KLS0+Cjwvc3R5bGU+CjwvaGVhZD4KCjxib2R5IGxlZnRtYXJnaW49IjIiIG1hcmdpbndpZHRoPSIyIj4KPHRhYmxlIHdpZHRoPSI2MDgiIGJvcmRlcj0iMCIgYWxpZ249ImNlbnRlciIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4KICA8dHI+CiAgICA8dGQgY29sc3Bhbj0iNCIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCB3aWR0aD0iMiUiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzA3LmpwZyIgd2lkdGg9IjI0IiBoZWlnaHQ9IjE0IiAvPjwvdGQ+CiAgICAgICAgPHRkIHdpZHRoPSI5MCUiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18wNy5qcGciPiZuYnNwOzwvdGQ+CiAgICAgICAgPHRkIHdpZHRoPSI4JSIgYWxpZ249InJpZ2h0IiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wOS5qcGciIHdpZHRoPSI0NSIgaGVpZ2h0PSIxNyIgLz48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogIDwvdHI+CiAgPHRyPgogICAgPHRkIGNvbHNwYW49IjQiPjxiciAvPgogICAgICA8dGFibGUgd2lkdGg9Ijk4JSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiPgogICAgICA8dHI+CiAgICAgICAgPHRkIHdpZHRoPSIyJSI+PGltZyBzcmM9ImltZy81eDUuanBnIiB3aWR0aD0iMTUiIGhlaWdodD0iMTUiIC8+PC90ZD4KICAgICAgICA8dGQgd2lkdGg9IjkzJSI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CjwhLS0gSU5JQ0lPIG5vdGEgZGVzdGFjYWRhIC0tPgogICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTU2IiByb3dzcGFuPSIyIiB2YWxpZ249InRvcCI+CgkJCQkKCQkJCTx0YWJsZSB3aWR0aD0iMzIlIiBib3JkZXI9IjEiIGNlbGxzcGFjaW5nPSIzIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJzcmMvaW1nX3VwLzIzMDQyMDEzLjAuanBnIiB3aWR0aD0iMTQ2IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPgoJCQkJCQkJCTwvdGQ+ICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MjIvMTEvMjAxMzwvc3Bhbj48YnI+SVYgQ29uZ3Jlc28gSW50ZXJuYWNpb25hbCB2aW9sZW5jaWEsIG1hbHRyYXRvIHkgYWJ1c288L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iNyIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9Ijg1IiBjb2xzcGFuPSI0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPjxzdHJvbmc+MTQsIDE1IHkgMTYgZGUgTm92aWVtYnJlIEFCSUVSVEEgTEEgSU5TQ1JJUENJJk9hY3V0ZTtOISAoY29uIGRlc2N1ZW50byBoYXN0YSBlbCAyNy84KTxiciAvPjwvc3Ryb25nPjwvcD4NCjxwPjxzdHJvbmc+QUJJRVJUQSBMQSBSRUNFUENJJk9hY3V0ZTtOIERFIFRSQUJBSk88YSBocmVmPSJodHRwOi8vd3d3LmNvbmdyZXNvdmlvbGVuY2lhLmNvbS9pbmRleC5waHA/aWQ9bW9kYWxpZGFkZXMiIHRhcmdldD0iX2JsYW5rIj4gKG1hcyBpbmZvKTwvYT48L3N0cm9uZz48L3A+DQo8cD48c3BhbiBzdHlsZT0iY29sb3I6ICNmZjY2MDA7Ij48c3Ryb25nPk9yZ2FuaXphOiBTYWx1ZCBBY3RpdmE8L3N0cm9uZz48L3NwYW4+PC9wPg0KPHA+PHNwYW4gc3R5bGU9ImNvbG9yOiAjZmY2NjAwOyI+SW5jcmlwdG9zIGFsIFBvcnRhbCBkZSBTYWx1ZCBBY3RpdmEsIGltcG9ydGFudGVzIGRlc2N1ZW50b3MhPGJyIC8+PC9zcGFuPjwvcD4NCjxwPkx1Z2FyIGRlIFJlYWxpemFjaSZvYWN1dGU7biB5IGNvbGFib3JhY2lvbjogVW5pdmVyc2lkYWQgZGVsIEVzdGUsIExhIFBsYXRhIEJ1ZW5vcyBBaXJlczwvcD4NCjxwPk1hcyBkZSAxNTAgdHJhYmFqb3MgcHJlc2VudGFkb3MsIHVsdGltb3MgZGlhcyBwYXJhIGluc2NyaWJpcnNlIGNvbiBkZXNjdWVudG8hITwvcD4NCjxwPjxhIGhyZWY9Imh0dHA6Ly93d3cuY29uZ3Jlc292aW9sZW5jaWEuY29tL2luZGV4LnBocD9pZD1pbnNjcmlwY2lvbiIgdGFyZ2V0PSJfYmxhbmsiPkluc2NyaWJpcnNlPC9hPjwvcD4NCjxwPjxhIGhyZWY9Imh0dHA6Ly93d3cuY29uZ3Jlc292aW9sZW5jaWEuY29tL2luZGV4LnBocD9pZD1pbnNjcmlwY2lvbiIgdGFyZ2V0PSJfYmxhbmsiPjxiciAvPjwvYT48L3A+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTklIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzAxIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzE5LmpwZyIgd2lkdGg9Ijc1IiBoZWlnaHQ9IjQxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMS5qcGciIHdpZHRoPSI1MyIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48YSBocmVmPSIjIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDEiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIiBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgIDwvdHI+CgkJICAgICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MDQvMTEvMjAxMzwvc3Bhbj48YnI+RWwgY29sZWdpbyBkZSBQc2lj82xvZ29zIGRlIEPzcmRvYmEgc2UgcHJvbnVuY2lhIGVuIHJlbGFjafNuIGFsIFNBUCB5IGVuIGNvbmNvcmRhbmNpYSBjb24gbG8gZXhwcmVzYWRvIHBvciBlbCBDb2xlZ2lvIGRlIFBzaWPzbG9nb3MgZGUgTWFyIGRlbCBQbGF0YSB5IGVsIENvbGVnaW8gZGUgUHNpY/Nsb2dvcyBkZSBsYSAgUHJvdmluY2lhIGRlIEJ1ZW5vcyBBaXJlczwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wMV8xOS5qcGciIHdpZHRoPSI3IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODUiIGNvbHNwYW49IjQiIHZhbGlnbj0idG9wIiBjbGFzcz0idGV4dG9udWV2byI+PHA+Jm5ic3A7PC9wPg0KPHA+TGFzIGNvbnRyb3ZlcnNpYXMgZ2VuZXJhZGFzIGVuIHJlbGFjaSZvYWN1dGU7biBhbCAic2luZHJvbWUgZGUgYWxpZW5hY2kmb2FjdXRlO24gcGFyZW50YSIgU0FQLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMxMCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzEwIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTU2IiByb3dzcGFuPSIyIiB2YWxpZ249InRvcCI+CgkJCQkKCQkJCTx0YWJsZSB3aWR0aD0iMzIlIiBib3JkZXI9IjEiIGNlbGxzcGFjaW5nPSIzIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJzcmMvaW1nX3VwLzE2MTAyMDEzLjAuanBnIiB3aWR0aD0iMTQ2IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPgoJCQkJCQkJCTwvdGQ+ICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MTYvMTAvMjAxMzwvc3Bhbj48YnI+U2FsdWQgQWN0aXZhIG90b3JnYSBtZWRpYXMgYmVjYXMgcGFyYSBlbCBJViBDb25ncmVzbyBJbnRlcm5hY2lvbmFsLCBWIE5hY2lvbmFsLCBWSSBSZWdpb25hbCBWaW9sZW5jaWEsIE1hbHRyYXRvIHkgQWJ1c28uPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD4mbmJzcDs8L3A+DQo8cD5TZXImYWFjdXRlO24gb3RvcmdhZGFzIDUwIG1lZGlhcyBiZWNhcywgcXVlZGFuIHBvY2FzISEhIGNvbmRpY2lvbjo8L3A+DQo8cD5QZXJ0ZW5lY2VyIGFsIGFtYml0byBwdWJsaWNvIG8gYSBPTkcsIHNlIGNvbnNpZGVyYSB0YW1iaWVuIGxhIGRpc3RhbmNpYSBhbCBsdWdhciBkZWwgZXZlbnRvISEhIGVzIG11eSBzZW5jaWxsbywgc29sbyBkZWJlcyBlbnZpYXIgdW4gZW1haWwuLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwOSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA5Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjI0LzA3LzIwMTM8L3NwYW4+PGJyPk5FQ0VTSVRBTU9TIERFIFNVIFNPTElEQVJJREFEIEhBQ0lBIExPUyBOSdFPUyBZIE5J0UFTISEhPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD48c3Ryb25nPjxzcGFuIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IHVuZGVybGluZTsiPjxiciAvPjwvc3Bhbj48L3N0cm9uZz48L3A+DQo8cD48c3Ryb25nPjxzcGFuIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IHVuZGVybGluZTsiPjxiciAvPjwvc3Bhbj48L3N0cm9uZz48L3A+DQo8cD48c3Ryb25nPjxzcGFuIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IHVuZGVybGluZTsiPlBST0dSQU1BIEZBTUlMSUFTIFNPTElEQVJJQVM8L3NwYW4+PC9zdHJvbmc+PC9wPg0KPHA+PHN0cm9uZz5DQU1CSU8gREUgU0VERTwvc3Ryb25nPjwvcD4NCjxwPkxhIGNhcGFjaXRhY2kmb2FjdXRlO24gcGFyYSBsYSBwdWVzdGEgZW4gbWFyY2hhIGRlbCA8c3Ryb25nPlByb2dyYW1hIEZhbWlsaWFzIFNvbGlkYXJpYXM8L3N0cm9uZz4gc2UgcmVhbGl6YXImYWFjdXRlOyBlbiBsYSBsb2NhbGlkYWQgZGUgPHN0cm9uZz5OYXZhcnJvPC9zdHJvbmc+IHBhcmEgdG9kbyBlbCBjb3JyZWRvciBkZSBsYSBSdXRhIDQwLjwvcD4NCjxwPkluaWNpbyA8c3Ryb25nPk1pJmVhY3V0ZTtyY29sZXMgMjggZGUgYWdvc3RvIGEgbGFzIDE0IGhvcmFzLiZuYnNwOzwvc3Ryb25nPjwvcD4NCjxwPlNlZGU6IDxzdHJvbmc+U2FsJm9hY3V0ZTtuIE11bmljaXBhbCBlbiBsYSBjYWxsZSAxMDcgZXNxdWluYSAyMiAtIE5hdmFycm88L3N0cm9uZz48L3A+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTklIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA4Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzE5LmpwZyIgd2lkdGg9Ijc1IiBoZWlnaHQ9IjQxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMS5qcGciIHdpZHRoPSI1MyIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48YSBocmVmPSIjIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDgiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIiBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgIDwvdHI+CgkJICAgICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNTYiIHJvd3NwYW49IjIiIHZhbGlnbj0idG9wIj4KCQkJCQoJCQkJPHRhYmxlIHdpZHRoPSIzMiUiIGJvcmRlcj0iMSIgY2VsbHNwYWNpbmc9IjMiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PGltZyBzcmM9InNyYy9pbWdfdXAvMTIwNzIwMTMuMC5qcGciIHdpZHRoPSIxNDYiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+CgkJCQkJCQkJPC90ZD4gICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBjbGFzcz0idGl0dWxvaG9tZTEiPjxzcGFuIGNsYXNzPSJkZXN0YWNhZG9zIj4xMi8wNy8yMDEzPC9zcGFuPjxicj5TQUxVRCBBQ1RJVkEgaGEgc2lkbyBlbGVnaWRhIHBvciBzZWd1bmRhIHZleiBjb25zZWN1dGl2YSBjb21vIHVubyBkZSBsb3MgZ2FuYWRvcmVzIGRlbCBDdWFydG8gQ29uY3Vyc28gZGUgUHJveWVjdG9zIFNvY2lhbGVzIGRlIFBldHJvYnJhczwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wMV8xOS5qcGciIHdpZHRoPSI3IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODUiIGNvbHNwYW49IjQiIHZhbGlnbj0idG9wIiBjbGFzcz0idGV4dG9udWV2byI+PHA+RW4gZWwgbWFyY28gZGVsIEN1YXJ0byBDb25jdXJzbyBkZSBQcm95ZWN0b3MgU29jaWFsZXMgZGUgUGV0cm9icmFzLCANCm51ZXN0cmEgSW5zdGl0dWNpJm9hY3V0ZTtuIFNBTFVEIEFDVElWQSBoYSBzaWRvIGVsZWdpZGEgcG9yIHNlZ3VuZGEgdmV6IA0KY29uc2VjdXRpdmEgY29tbyB1bm8gZGUgbG9zIGdhbmFkb3JlcyBkZSBkaWNobyBjb25jdXJzby48YnIgLz5FbiBlc3RhIA0KZWRpY2kmb2FjdXRlO24gZWwgcHJveWVjdG8gcXVlIGhhIHNpZG8gZWxlZ2lkbyBlcyBlbCAmbGRxdW87UHJvZ3JhbWEgZGUgRmFtaWxpYXMgDQpTb2xpZGFyaWFzJnJkcXVvOyBzaWVuZG8gc3UgJmFhY3V0ZTtyZWEgZGUgaW1wbGVtZW50YWNpJm9hY3V0ZTtuIGxvcyBNdW5pY2lwaW9zIGRlIE5hdmFycm8sIA0KR3JhbC4gTGFzIEhlcmFzLCBNYXJjb3MgUGF6LCB5IE1lcmxvPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjAyLzA3LzIwMTM8L3NwYW4+PGJyPk/tciBvIGVzY3VjaGFyPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5Qb3IgQ2FybG9zIFJvemFuc2tpICo8L3A+DQo8cD5BIGxvIGxhcmdvIGRlIGxvcyBzaWdsb3MsIGxhcyBuaSZudGlsZGU7YXMsIG5pJm50aWxkZTtvcyB5IGFkb2xlc2NlbnRlcyBoYW4gc2lkbyBtYWx0cmF0YWRvcyB5IGFidXNhZG9zIHNpbiBxdWUgYSBsYSBjb211bmlkYWQgbGUgaW50ZXJlc2FyYSBuaSBzaXF1aWVyYSBlc2N1Y2hhcmxvcyBjdWFuZG8gaGFjJmlhY3V0ZTthbiBzYWJlciBkZSBhbGd1bmEgZm9ybWEgbG9zIHN1ZnJpbWllbnRvcyBxdWUgcGFkZWMmaWFjdXRlO2FuLiBFbiAxODc0LCBlbiBFc3RhZG9zIFVuaWRvcywgZnVlIGxhIHByaW1lcmEgdmV6IHF1ZSBlbCBFc3RhZG8gaW50ZXJ2aW5vIGVuIHVuIGNhc28gZGUgbWFsdHJhdG8geSBhYnVzby4uLjwvcD48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxOSUiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDYiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMTkuanBnIiB3aWR0aD0iNzUiIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjYwJSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjxhIGhyZWY9IiMiPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjAlIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwNiI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMi5qcGciIHdpZHRoPSI3OCIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18yNi5qcGciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjYuanBnIiB3aWR0aD0iMiIgaGVpZ2h0PSIyIiAvPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgPC90cj4KCQkgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZD48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBjbGFzcz0idGl0dWxvaG9tZTEiPjxzcGFuIGNsYXNzPSJkZXN0YWNhZG9zIj4wMi8wNy8yMDEzPC9zcGFuPjxicj5FbCBkZXJlY2hvIGRlIGxvcyBuafFvcyBhIHNlciBlc2N1Y2hhZG9zPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5VbiBob21icmUgYWN1c2FkbyBkZSBoYWJlciBhYnVzYWRvIGRlIHN1cyBoaWpvcyBoYWImaWFjdXRlO2Egc2lkbyBzb2JyZXNlJmlhY3V0ZTtkbyBkb3MgdmVjZXMgcG9yIGxhIEp1c3RpY2lhLiBQZXJvIGFob3JhLCBsYSBDJmFhY3V0ZTttYXJhIGRlIENhc2FjaSZvYWN1dGU7biByZXZvYyZvYWN1dGU7IGVzYSBkZWNpc2kmb2FjdXRlO24gcG9ycXVlIGVuIGxhIGludmVzdGlnYWNpJm9hY3V0ZTtuIGVsIGp1ZXogbnVuY2EgaGFiJmlhY3V0ZTthIGVzY3VjaGFkbyBhIGxvcyBjaGljb3MuIFkgb3JkZW4mb2FjdXRlOyBxdWUgdGVuZ2EgZW4gY3VlbnRhIGxvIHF1ZSBkaWNlbi48L3A+DQo8cD5Qb3IgTWFyaWFuYSBDYXJiYWphbDwvcD48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxOSUiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDUiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMTkuanBnIiB3aWR0aD0iNzUiIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjYwJSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjxhIGhyZWY9IiMiPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjAlIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwNSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMi5qcGciIHdpZHRoPSI3OCIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18yNi5qcGciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjYuanBnIiB3aWR0aD0iMiIgaGVpZ2h0PSIyIiAvPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgPC90cj4KCQkgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZD48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE1NiIgcm93c3Bhbj0iMiIgdmFsaWduPSJ0b3AiPgoJCQkJCgkJCQk8dGFibGUgd2lkdGg9IjMyJSIgYm9yZGVyPSIxIiBjZWxsc3BhY2luZz0iMyIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48aW1nIHNyYz0ic3JjL2ltZ191cC8wNjA2MjAxMy4xLmpwZyIgd2lkdGg9IjE0NiIgLz48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT4KCQkJCQkJCQk8L3RkPiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjA2LzA2LzIwMTM8L3NwYW4+PGJyPkFidXNvIHNleHVhbCBpbmZhbnRpbC4gRGVzYWZpb3MgZGUgbGEgY2xpbmljYSBhY3R1YWw8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iNyIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9Ijg1IiBjb2xzcGFuPSI0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPkFiaWVydGEgbGEgaW5zY3JpcGNpb248L3A+DQo8cD5Eb2NlbnRlczogTGljLiBNYXJpYSBCZWF0cml6IE0mdXVtbDtsbGVyLiBMaWMuIFBhb2xhIE11Jm50aWxkZTtveiBEdWFydGU8L3A+DQo8cD5JbmljaW86IE1pZXJjb2xlcyAxOSBkZSBKdW5pbzwvcD4NCjxwPkZyZWN1ZW5jaWE6IFNlbWFuYWw8L3A+DQo8cD5Nb2RhbGlkYWQ6IEludGVuc2l2YTwvcD4NCjxwPkNvbnRlbmlkb3M6ICZuYnNwOyBFc3RhIGRlc3RpbmFkbyBhIHRvZG9zIGxvcyBwcm9mZXNpb25hbGVzIGNvbXByb21ldGlkb3MgY29uIGxhIHRlbWF0aWNhIGRlbCBhYnVzbyBpbmZhbnRpbCBxdWUgcXVpZXJhbiBhY3R1YWxpemFyc2UgZSBpbnRlcmNhbWJpYXIgZXhwZXJpZW5jaWFzIGRlIHRyYWJham8uLi48L3A+DQo8cD4mbmJzcDs8L3A+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTklIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA0Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzE5LmpwZyIgd2lkdGg9Ijc1IiBoZWlnaHQ9IjQxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMS5qcGciIHdpZHRoPSI1MyIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48YSBocmVmPSIjIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDQiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIiBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgIDwvdHI+CgkJICAgICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNTYiIHJvd3NwYW49IjIiIHZhbGlnbj0idG9wIj4KCQkJCQoJCQkJPHRhYmxlIHdpZHRoPSIzMiUiIGJvcmRlcj0iMSIgY2VsbHNwYWNpbmc9IjMiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PGltZyBzcmM9InNyYy9pbWdfdXAvMTYwNTIwMTMuMC5qcGciIHdpZHRoPSIxNDYiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+CgkJCQkJCQkJPC90ZD4gICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBjbGFzcz0idGl0dWxvaG9tZTEiPjxzcGFuIGNsYXNzPSJkZXN0YWNhZG9zIj4xNi8wNS8yMDEzPC9zcGFuPjxicj5TYWx1ZCBBY3RpdmEgbmVjZXNpdGEgZGUgdHUgYXl1ZGEhPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5UcmFiYWphbW9zIGNvbW8gcG9kZW1vczogYmEmbnRpbGRlO29zIHJvdG9zLCBzdXNwZW5zaSZvYWN1dGU7biBkZSByZXVuaW9uZXMgcG9yIGNvcnRlcyBkZSBsdXogeSBhZ3VhLCBqdWd1ZXRlcyB2aWVqb3MsIG1lc2VzIGRlIGF0cmFzbyBlbiBlbCBwYWdvIGRlIHN1cyBwcm9mZXNpb25hbGVzIGRlIGxhIHNhbHVkLiBSZWNpZW50ZW1lbnRlIHR1dmltb3MgcXVlIGNlcnJhciBudWVzdHJvIHF1ZXJpZG8gSG9nYXI6ICZsZHF1bztNZXRhbW9yZm9zaXMmcmRxdW87IGVyYSBlbCBsdWdhciBxdWUgc3VwbyBjb250ZW5lciBhIG5pJm50aWxkZTthcyB5IGomb2FjdXRlO3ZlbmVzIHJlc2NhdGFkYSBkZSByZWRlcyBkZSB0cmF0YSBvIHYmaWFjdXRlO2N0aW1hcyBkZSBhYnVzbyBpbnRyYWZhbWlsaWFyLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwMyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzAzIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjAzLzA1LzIwMTM8L3NwYW4+PGJyPlJFUFVESU8gQSBMQSBQUkVTRU5DSUEgRU4gTEEgRkVSSUEgREVMIExJQlJPIERFIFVOIEVYIEpVRVogQUNVU0FETyBERSBBQlVTTyBTRVhVQUw8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iNyIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9Ijg1IiBjb2xzcGFuPSI0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPkZ1ZSBjYW1hcmlzdGEgZW4gTWFyIGRlbCBQbGF0YSBkdXJhbnRlIGxhIGRpY3RhZHVyYS4gSGFjZSBhJm50aWxkZTtvcywgdmFyaWFzIG11amVyZXMgbG8gYWN1c2Fyb24gZGUgaGFiZXIgYWJ1c2FkbyBkZSBlbGxhcyBjdWFuZG8gZXJhbiBuaSZudGlsZGU7YXMuIExhIGNhdXNhIHByZXNjcmliaSZvYWN1dGU7IHkgbm8gaHVibyBjb25kZW5hLiBNYSZudGlsZGU7YW5hIHRpZW5lIHByZXZpc3RvIGZpcm1hciBzdSBsaWJyby4gRXNhcyBtaXNtYXMgbXVqZXJlcyBwaWRlbiBxdWUgbm8gc2VhIGFkbWl0aWRvIGVuIGxhIGZlcmlhLjwvcD48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxOSUiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDIiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMTkuanBnIiB3aWR0aD0iNzUiIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjYwJSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjxhIGhyZWY9IiMiPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjAlIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwMiI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMi5qcGciIHdpZHRoPSI3OCIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18yNi5qcGciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjYuanBnIiB3aWR0aD0iMiIgaGVpZ2h0PSIyIiAvPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgPC90cj4KCQkgIDwhLS0gRklOIG5vdGEgZGVzdGFjYWRhIC0tPgogICAgICAgIDwvdGFibGU+ICAgICAgICA8L3RkPgogICAgICAgIDx0ZCB3aWR0aD0iNSUiIGFsaWduPSJyaWdodCI+PGltZyBzcmM9ImltZy81eDUuanBnIiB3aWR0aD0iMTUiIGhlaWdodD0iMTUiIC8+PC90ZD4KICAgICAgPC90cj4KICAgIDwvdGFibGU+PC90ZD4KICA8L3RyPgogIDx0cj4KICAgIDx0ZCB3aWR0aD0iMSUiPjxpbWcgc3JjPSJpbWcvNXg1LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjE1IiAvPjwvdGQ+CiAgICA8dGQgY29sc3Bhbj0iMiIgYWxpZ249ImNlbnRlciI+Jm5ic3A7PC90ZD4KICAgIDx0ZCB3aWR0aD0iMiUiPjxpbWcgc3JjPSJpbWcvNXg1LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjE1IiAvPjwvdGQ+CiAgPC90cj4KICAKICA8dGQ+CiAgPHRyPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgICA8dGQgY29sc3Bhbj0iMiI+Jm5ic3A7PC90ZD4KICA8L3RyPgogIDx0ciBhbGlnbj0iY2VudGVyIj4KICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgPHRkIHdpZHRoPSI5NyIgY29sc3Bhbj0iMiIgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iNTQ2IiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMyIgY2xhc3M9ImJvcmRlIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgYWxpZ249ImNlbnRlciIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZCA+PC90ZD4KICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIiBjbGFzcz0idGl0dWxvaG9tZTIiPjx0YWJsZSB3aWR0aD0iIiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYWxpZ249ImxlZnQiIHZhbGlnbj0iYm90dG9tIiBjbGFzcz0idGl0dWxvaG9tZTIiPlJhbmtpbmc8L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGFsaWduPSJsZWZ0IiB2YWxpZ249ImJvdHRvbSIgY2xhc3M9InRpdHVsb2hvbWUyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iIiBoZWlnaHQ9IjM1IiBhbGlnbj0ibGVmdCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIyNSIgY2xhc3M9ImNvbnRlbmlkb2hvbWUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMjUiIGNsYXNzPSJjb250ZW5pZG9ob21lIj48c3Ryb25nPiZidWxsO0xhcyBtJmFhY3V0ZTtzIGxlaWRhczwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGNsYXNzPSJjb250ZW5pZG9ob21lIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBjbGFzcz0iY29udGVuaWRvaG9tZSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgY2xhc3M9ImNvbnRlbmlkb2hvbWUiPjxzdHJvbmc+JmJ1bGw7TGFzIG0mYWFjdXRlO3MgY29tZW50YWRhczwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIlIiBoZWlnaHQ9IjIwIiB2YWxpZ249Im1pZGRsZSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yOTgiIGNsYXNzPSJib3RvbiI+PGltZyBzcmM9ImltZy9mbGVjaGFuYXJhbmphZmdyaXNfMjQuanBnIiB3aWR0aD0iMTQiIGhlaWdodD0iNyIgYm9yZGVyPSIwIiBhbGlnbj0iYWJzbWlkZGxlIiAvPjwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDElIiBoZWlnaHQ9IjMwIiB2YWxpZ249InRvcCIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yOTgiIGNsYXNzPSJib3RvbiI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgTHVkb3RlY2EgR2FyYWJhdG8gLSBQcm95ZWN0byBzYWx1ZGFjdGl2YSwgUG9yIHVuYSBpbmZhbmNpYSBmZWxpeiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iOSUiIGJnY29sb3I9IiNFRkVGRUYiPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzJSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0xNjIiIGNsYXNzPSJib3RvbiI+PGltZyBzcmM9ImltZy9mbGVjaGFuYXJhbmphZmdyaXNfMjQuanBnIiB3aWR0aD0iMTQiIGhlaWdodD0iNyIgYm9yZGVyPSIwIiBhbGlnbj0iYWJzbWlkZGxlIiAvPjwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDUlIiBiZ2NvbG9yPSIjRUZFRkVGIj4gICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3JmFtcDtub3RhPTE2MiIgY2xhc3M9ImJvdG9uIj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBDdXJzbyBJbnRlbnNpdm8gZGUgb3BlcmFkb3IgdGVyYXBldXRpY28gZXNwZWNpYWxpemFkbyBlbiBlbCBhYm9yZGFqZSBkZWwgYWJ1c28sIGxhIHZpb2xlbmNpYSB5IGVsIG1hbHRyYXRvIGluZmFudGlsICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9hPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIlIiBoZWlnaHQ9IjIwIiB2YWxpZ249Im1pZGRsZSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yNDIiIGNsYXNzPSJib3RvbiI+PGltZyBzcmM9ImltZy9mbGVjaGFuYXJhbmphZmdyaXNfMjQuanBnIiB3aWR0aD0iMTQiIGhlaWdodD0iNyIgYm9yZGVyPSIwIiBhbGlnbj0iYWJzbWlkZGxlIiAvPjwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDElIiBoZWlnaHQ9IjMwIiB2YWxpZ249InRvcCIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yNDIiIGNsYXNzPSJib3RvbiI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgUFJPR1JBTUEgTEFTIFZJQ1RJTUFTIENPTlRSQSBMQVMgVklPTEVOQ0lBUyAgTWluaXN0ZXJpbyBkZSBKdXN0aWNpYSB5IERlcmVjaG9zIEh1bWFub3MgZGUgbGEgTmFjafNuICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9hPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI5JSIgYmdjb2xvcj0iI0VGRUZFRiI+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjMlIiBiZ2NvbG9yPSIjRUZFRkVGIj4gICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3JmFtcDtub3RhPTI1NSIgY2xhc3M9ImJvdG9uIj48aW1nIHNyYz0iaW1nL2ZsZWNoYW5hcmFuamFmZ3Jpc18yNC5qcGciIHdpZHRoPSIxNCIgaGVpZ2h0PSI3IiBib3JkZXI9IjAiIGFsaWduPSJhYnNtaWRkbGUiIC8+PC9hPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI0NSUiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MjU1IiBjbGFzcz0iYm90b24iPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIERpcGxvbWF0dXJhIGVuIEFib3JkYWplIGludGVyZGlzY2lwbGluYXJpbyBkZWwgbWFsdHJhdG8sIGxhIHZpb2xlbmNpYSB5IGVsIGFidXNvIHNleHVhbCBpbmZhbnRpbCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyJSIgaGVpZ2h0PSIyMCIgdmFsaWduPSJtaWRkbGUiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MzAzIiBjbGFzcz0iYm90b24iPjxpbWcgc3JjPSJpbWcvZmxlY2hhbmFyYW5qYWZncmlzXzI0LmpwZyIgd2lkdGg9IjE0IiBoZWlnaHQ9IjciIGJvcmRlcj0iMCIgYWxpZ249ImFic21pZGRsZSIgLz48L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjQxJSIgaGVpZ2h0PSIzMCIgdmFsaWduPSJ0b3AiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MzAzIiBjbGFzcz0iYm90b24iPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNhbHVkIEFjdGl2YSBuZWNlc2l0YSBkZSB0dSBheXVkYSEgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjklIiBiZ2NvbG9yPSIjRUZFRkVGIj48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMyUiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MTA0IiBjbGFzcz0iYm90b24iPjxpbWcgc3JjPSJpbWcvZmxlY2hhbmFyYW5qYWZncmlzXzI0LmpwZyIgd2lkdGg9IjE0IiBoZWlnaHQ9IjciIGJvcmRlcj0iMCIgYWxpZ249ImFic21pZGRsZSIgLz48L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjQ1JSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0xMDQiIGNsYXNzPSJib3RvbiI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgTGxhbWFkbyBwYXJhIHByZXNlbnRhY2nzbiBkZSB0cmFiYWpvcy4gICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjIwIiBiZ2NvbG9yPSIjRkZGRkZGIiBjbGFzcz0idGV4dG9udWV2byI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIyMCIgYmdjb2xvcj0iI0ZGRkZGRiIgY2xhc3M9InRleHRvbnVldm8iPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGJnY29sb3I9IiNGRkZGRkYiIGNsYXNzPSJ0ZXh0b251ZXZvIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBiZ2NvbG9yPSIjRkZGRkZGIiBjbGFzcz0idGV4dG9udWV2byI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgYmdjb2xvcj0iI0ZGRkZGRiIgY2xhc3M9InRleHRvbnVldm8iPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICA8L3RhYmxlPgogICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iIyIgY2xhc3M9ImJvdG9uIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgIDwvdHI+CiAgICAgICAgPC90YWJsZT48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgIDx0ZCBjb2xzcGFuPSIyIj4mbmJzcDs8L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KPCEtLSBJTklDSU8gbm90YSBjb211biAtLT4KICA8dHI+CiAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgIDx0ZCBjb2xzcGFuPSIyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQgd2lkdGg9IjElIj4mbmJzcDs8L3RkPgogICAgPHRkIGNvbHNwYW49IjIiIGFsaWduPSJjZW50ZXIiPjx0YWJsZSB3aWR0aD0iNTQwIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgIDx0cj4KICAgICAgICA8dGQgd2lkdGg9IjI3MCIgdmFsaWduPSJ0b3AiPgoJCQkJPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBhbGlnbj0ibGVmdCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MTUvMDQvMjAxMjwvc3Bhbj48YnI+T3JnYW5pemFuIGpvcm5hZGEgc29icmUgdmlvbGVuY2lhPC90ZD4KICAgICAgICAgIDwvdHI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTUiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODAiIGNvbHNwYW49IjQiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPlNlIGNlbnRyYXImYWFjdXRlOyBlbiBsb3MgZmVuJm9hY3V0ZTttZW5vcyBxdWUgYWZlY3RhbiBhIGxhIGZhbWlsaWEgeSBlbiBsbyBxdWUgb2N1cnJlIGVuIGxhcyBlc2N1ZWxhcy48YnIgLz4gU2UgbGxldmFyJmFhY3V0ZTsgYSBjYWJvIGVsIGx1bmVzIDIzLCBlbiBlbCBDZW50cm8gQ3VsdHVyYWwgZGUgVG9zY2hpIHkgVHJlcyANCkFycm95b3MsIHVuYSBqb3JuYWRhIGRlIHJlZmxleGkmb2FjdXRlO24geSBkZWJhdGUgYWJpZXJ0YSBhIGxhIGNvbXVuaWRhZCBzb2JyZSANCiZsZHF1bztWaW9sZW5jaWEgZW4gbGEgZmFtaWxpYSB5IGVuIGxhIGVzY3VlbGEgeSBzdSByZWxhY2kmb2FjdXRlO24gY29uIGVsIGZyYWNhc28gDQplc2NvbGFyJnJkcXVvOywgb3JnYW5pemFkYSBwb3IgbGEgQXNvY2lhY2kmb2FjdXRlO24gQ2l2aWwgQ2VudHJvIEFydCZlYWN1dGU7bWlkZXMgeSBsYSANCk11bmljaXBhbGlkYWQgZGUgQ2lwb2xsZXR0aS5TZSBjZW50cmFyJmFhY3V0ZTsgZW4gbG9zIGZlbiZvYWN1dGU7bWVub3MgcXVlIGFmZWN0YW4gYSBsYSBmYW1pbGlhIHkgZW4gbG8gcXVlIG9jdXJyZSBlbiBsYXMgZXNjdWVsYXMuPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI2OSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNjkiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICAgIDx0ZCB3aWR0aD0iMjcwIiBhbGlnbj0icmlnaHQiIHZhbGlnbj0idG9wIj4KCQkJCTx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgYWxpZ249ImxlZnQiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjMwLzAzLzIwMTI8L3NwYW4+PGJyPkNhcnRhIGRlIEFTQVBNSSAtIEFzb2NpYWNp824gQXJnZW50aW5hIGRlIFByZXZlbmNp824gZGVsIE1hbHRyYXRvIEluZmFudG8tSnV2ZW5pbDwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQgd2lkdGg9IjE1IiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wMV8xOS5qcGciIHdpZHRoPSIxNSIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjgwIiBjb2xzcGFuPSI0IiBhbGlnbj0ibGVmdCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5Mb3MgaW50ZWdyYW50ZXMgZGUgbGEgQ29taXNpJm9hY3V0ZTtuIERpcmVjdGl2YSBkZSBBU0FQTUkgLSBBc29jaWFjaSZvYWN1dGU7biBBcmdlbnRpbmEgZGUgUHJldmVuY2kmb2FjdXRlO24gZGVsIE1hbHRyYXRvIEluZmFudG8tSnV2ZW5pbCwgYXNvY2lhZGEgYSBsYSBJbnRlcm5hdGlvbmFsIFNvY2lldHkgZm9yIFByZXZlbnRpb24gb2YgQ2hpbGQgQWJ1c2UgYW5kIE5lZ2xlY3QgKElTUENBTikgLSwgdGVuZW1vcyBlbCBhZ3JhZG8gZGUgZGlyaWdpcm5vcyBhIFVzdGVkIHBhcmEgdHJhc21pdGlybGUgbnVlc3RyYSBwcm9mdW5kYSAmbmJzcDt5IGhvbmRhIHByZW9jdXBhY2kmb2FjdXRlO24gcG9yIGxhIHBvc3R1cmEgcXVlIHZpZW5lbiBhc3VtaWVuZG8gZW4gZm9ybWEgY29udGludWFkYSBhbGd1bm9zIGNvbGVnaW9zIGRlIHBzaWMmb2FjdXRlO2xvZ29zLCBlc3BlY2lhbG1lbnRlIGRlIGxhIHByb3ZpbmNpYSBkZSBCdWVub3MgQWlyZXMsIGVuIHJlbGFjaSZvYWN1dGU7biBhbCB0cmF0YW1pZW50byBwb2NvIHNlcmlvIHkgY29tcHJvbWV0aWRvIHF1ZSBzZSBsZXMgb3RvcmdhIGEgbGFzIGRlbnVuY2lhcyBlZmVjdHVhZGFzIGNvbnRyYSBwcm9mZXNpb25hbGVzIHBzaWMmb2FjdXRlO2xvZ29zLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI2OCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNjgiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgIDx0ZCBjb2xzcGFuPSIyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQgd2lkdGg9IjElIj4mbmJzcDs8L3RkPgogICAgPHRkIGNvbHNwYW49IjIiIGFsaWduPSJjZW50ZXIiPjx0YWJsZSB3aWR0aD0iNTQwIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgIDx0cj4KICAgICAgICA8dGQgd2lkdGg9IjI3MCIgdmFsaWduPSJ0b3AiPgoJCQkJPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBhbGlnbj0ibGVmdCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MjAvMDMvMjAxMjwvc3Bhbj48YnI+TEEgVklPTEVOQ0lBIFNFWFVBTCBDT05UUkEgTknRT1MgWSBOSdFBUyBFTiBDSUZSQVM8L3RkPgogICAgICAgICAgPC90cj4KICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkIHdpZHRoPSIxNSIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iMTUiIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4MCIgY29sc3Bhbj0iNCIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIiBjbGFzcz0idGV4dG9udWV2byI+PHA+UmFkaW9ncmFmJmlhY3V0ZTthIGRlIHVuIHByb2JsZW1hPC9wPg0KPHA+RGUgbG9zIG4mdWFjdXRlO21lcm9zIGNvbXBpbGFkb3MgcG9yIGRvcyBlcXVpcG9zIGRlbCBNaW5pc3RlcmlvIGRlIEp1c3RpY2lhLCBsYQ0KIGF1dG9yYSB0b21hIGxvcyBkZSBsYSBjaXVkYWQgZGUgQnVlbm9zIEFpcmVzIHBhcmEgdHJhemFyIHVuIHBhcmFkaWdtYSANCmRlIGxvcyBkZWxpdG9zIGNvbnRyYSBsYSBpbnRlZ3JpZGFkIHNleHVhbCBlbiBlbCBwYSZpYWN1dGU7cyB5IHNvYnJlIHN1IA0KYXRlbmNpJm9hY3V0ZTtuLjxiciAvPiA8YnIgLz4gJm5ic3A7UG9yIEV2YSBHaWJlcnRpPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI2MCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNjAiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICAgIDx0ZCB3aWR0aD0iMjcwIiBhbGlnbj0icmlnaHQiIHZhbGlnbj0idG9wIj4KCQkJCTx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgYWxpZ249ImxlZnQiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjE1LzAzLzIwMTI8L3NwYW4+PGJyPkZBTExPIERFIExBIENPUlRFIFNVUFJFTUEgU09CUkUgTEEgTk8gSlVESUNJQUxJWkFDSU9OIERFTCBBQk9SVE8gRU4gQ0FTT1MgREUgVklPTEFDSU9OPC90ZD4KICAgICAgICAgIDwvdHI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTUiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODAiIGNvbHNwYW49IjQiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPjxiciAvPiBKVVJJU0RJQ0NJT046IE5BQ0lPTkFMPGJyIC8+IE1BVEVSSUE6IEFCT1JUTy48YnIgLz4gVFJJQlVOQUw6IENvcnRlIFN1cHJlbWEgZGUgSnVzdGljaWEgZGUgbGEgTmFjaSZvYWN1dGU7bi48YnIgLz4gQVVUT1M6IEYuLCBBLiBMLiBzLyBtZWRpZGEgYXV0b3NhdGlzZmFjdGl2YS48YnIgLz4gRkVDSEE6IDEzLzAzLzIwMTIuPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI1OSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNTkiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KPCEtLSBGSU4gbm90YSBjb211biAtLT4KPC90YWJsZT4KPG1hcCBuYW1lPSJNYXBNYXAiIGlkPSJNYXBNYXAiPjxhcmVhIHNoYXBlPSJyZWN0IiBjb29yZHM9IjE0NCw0LDIxNCwzNiIgaHJlZj0iaW5kZXgucGhwP2lkPTE0IiAvPgo8L21hcD4KPG1hcCBuYW1lPSJNYXAyTWFwMiIgaWQ9Ik1hcDJNYXAyIj48YXJlYSBzaGFwZT0icmVjdCIgY29vcmRzPSIxNDcsNCwyMjAsMzYiIGhyZWY9ImluZGV4LnBocD9pZD0xNGEiIC8+CjwvbWFwPgo8bWFwIG5hbWU9Ik1hcDMiIGlkPSJNYXAzIj48YXJlYSBzaGFwZT0icmVjdCIgY29vcmRzPSIzNjMsMyw0MzYsMzkiIGhyZWY9ImluZGV4LnBocD9pZD0xNGIiIC8+CjwvbWFwPgo8L2h0bWw+CjwvdGQ+CiAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgICA8dGQgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIiBiZ2NvbG9yPSIjRTNFM0UzIj4gICAgICAgICAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgICA8dGQgYWxpZ249ImNlbnRlciIgdmFsaWduPSJ0b3AiIGJnY29sb3I9IiNFM0UzRTMiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPHRkIHdpZHRoPSI3MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNiUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8dGQ+PGltZyBzcmM9ImltZy9kZWNpbG9fYmllbl9mdWVydGUxLmpwZyIgd2lkdGg9IjEyMCIgaGVpZ2h0PSIxMTIiPjwvdGQ+CiAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIiA+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTI0IiBjbGFzcz0iYm90b24xIj5bK10gTSZhYWN1dGU7cyBpbmZvcm1hY2kmb2FjdXRlO248L2E+PC90ZD4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPC90cj4KICAgICAgICAgIDwvdGFibGU+CiAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgYmdjb2xvcj0iI0UzRTNFMyI+ICAgICAgICA8L3RyPgogICAgICAgIDx0cj4gCiAgICAgICAgICA8dGQgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIj4mbmJzcDs8L3RkPgogICAgICAgIDwvdHI+CiAgICA8L3RhYmxlPjwvdGQ+CiAgPC90cj4KICA8dHI+IAogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249ImJvdHRvbSI+PGltZyBzcmM9ImltZy9penExLmpwZyIgd2lkdGg9Ijk2IiBoZWlnaHQ9IjExNCIgLz48L3RkPgogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9RdWllbmVzU29tb3NfQTJfMF8yNS5qcGciIHdpZHRoPSI4MDkiIGhlaWdodD0iMTE0IiBib3JkZXI9IjAiIHVzZW1hcD0iI01hcDIiIC8+PC90ZD4KICA8L3RyPgogIDx0cj4gCiAgICA8dGQgaGVpZ2h0PSI1MCIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIiBiYWNrZ3JvdW5kPSJpbWcvUXVpZW5lc1NvbW9zX0EyXzE4XzE4LmpwZyI+Jm5ic3A7PC90ZD4KICAgIDx0ZCBoZWlnaHQ9IjUwIiBjbGFzcz0iZm9uZG9ib3R0b20iPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2l0ZWkuY29tLmFyLyI+PGltZyBzcmM9ImltZy9laV9jb2xvci5wbmciIGFsdD0iZXNwYWNpb3MgZGUgaW1hZ2luYWNpb24sIGRlc2Fycm9sbG9zIGludGVyYWN0aXZvcywgY3JlYXRpdmlkYWQsIGRpc2XxbyIgd2lkdGg9IjI3IiBoZWlnaHQ9IjE1IiBib3JkZXI9IjAiPjwvYT4gPHNwYW4gY2xhc3M9ImVpIj48YSBocmVmPSJodHRwOi8vd3d3LnNpdGVpLmNvbS5hci8iIHNwYW4gY2xhc3M9ImVpIj5kaXNlJm50aWxkZTtvICsgY29tdW5pY2FjaSZvYWN1dGU7bjwvYT48L3NwYW4+PGVtPiZuYnNwOzwvZW0+PC9zcGFuPjxzcGFuIGNsYXNzPSJibGFuY28xIj48ZW0+Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7PC9lbT48L3NwYW4+PC90ZD4KICA8L3RyPgo8L3RhYmxlPgoKCjxtYXAgbmFtZT0iTWFwMiI+PGFyZWEgc2hhcGU9InJlY3QiIGNvb3Jkcz0iMjQ3LDY5LDQxNCw4MiIgaHJlZj0ibWFpbHRvOnNhbHVkYWN0aXZhQHNhbHVkYWN0aXZvLm9yZy5hciI+CjwvbWFwPgo8bWFwIG5hbWU9Ik1hcCI+CjxhcmVhIHNoYXBlPSJyZWN0IiBjb29yZHM9IjM2LDE0MiwxNDksMTUyIiBocmVmPSJpbmRleC5waHA/aWQ9OF92ZXIyJmNvbmY9MiI+CjxhcmVhIHNoYXBlPSJyZWN0IiBjb29yZHM9IjM0LDE4NiwxNTAsMTk2IiBocmVmPSJpbmRleC5waHA/aWQ9OF92ZXIyJmNvbmY9MCI+CjwvbWFwPgo8L2JvZHk+CjwvaHRtbD4K]]></response>
	219	<responseRedirected>false</responseRedirected>
	220	</requestresponse>
	221	</issue>
	222	<issue>
	223	<serialNumber>3820606740865266688</serialNumber>
	224	<type>5245344</type>
	225	<name>Frameable response (potential Clickjacking)</name>
	226	<host ip="200.20.20.201">http://www.example.org.ar</host>
	227	<path><![CDATA[/donaciones/]]></path>
	228	<location><![CDATA[/donaciones/]]></location>
	229	<severity>Information</severity>
	230	<confidence>Firm</confidence>
	231	<issueBackground><![CDATA[It might be possible for a web page controlled by an attacker to load the content of this response within an iframe on the attacker's page. This may enable a "clickjacking" attack, in which the attacker's page overlays the target application's interface with a different interface provided by the attacker. By inducing victim users to perform actions such as mouse clicks and keystrokes, the attacker can cause them to unwittingly carry out actions within the application that is being targeted. This technique allows the attacker to circumvent defenses against cross-site request forgery, and may result in unauthorized actions.<br><br>Note that this issue is being reported because the application's response does not set a suitable <b>X-Frame-Options</b> header in order to prevent framing attacks. Some applications attempt to prevent these attacks from within the HTML page itself, using "framebusting" code. However, this type of defense is normally ineffective and can usually be circumvented by a skilled attacker.]]></issueBackground>
	232	<remediationBackground><![CDATA[You should review the application functions that are accessible from within the response, and determine whether they can be used by application users to perform any sensitive actions within the application. If so, then a framing attack targeting this response may result in unauthorized actions.<br><br>To effectively prevent framing attacks, the application should return a response header with the name <b>X-Frame-Options</b> and the value <b>DENY</b> to prevent framing altogether, or the value <b>SAMEORIGIN</b> to allow framing only by pages on the same origin as the response itself.]]></remediationBackground>
	233	<requestresponse>
	234	<request base64="true"><![CDATA[R0VUIC9kb25hY2lvbmVzLyBIVFRQLzEuMQ0KSG9zdDogd3d3LnNhbHVkYWN0aXZhLm9yZy5hcg0KQWNjZXB0OiAqLyoNCkFjY2VwdC1MYW5ndWFnZTogZW4NClVzZXItQWdlbnQ6IE1vemlsbGEvNS4wIChjb21wYXRpYmxlOyBNU0lFIDkuMDsgV2luZG93cyBOVCA2LjE7IFdpbjY0OyB4NjQ7IFRyaWRlbnQvNS4wKQ0KQ29ubmVjdGlvbjogY2xvc2UNCg0K]]></request>
	235	<response base64="true"><![CDATA[SFRUUC8xLjEgMjAwIE9LDQpEYXRlOiBUaHUsIDA3IE5vdiAyMDEzIDE3OjE0OjA2IEdNVA0KU2VydmVyOiBBcGFjaGUvMi4yLjIzIChVbml4KSBtb2Rfc3NsLzIuMi4yMyBPcGVuU1NMLzAuOS44ZS1maXBzLXJoZWw1DQpMYXN0LU1vZGlmaWVkOiBXZWQsIDAzIEp1bCAyMDEzIDEzOjQ4OjMwIEdNVA0KRVRhZzogImFhZDk2Ny03MTI5LTRlMDliYjc3ZmM3ODAiDQpBY2NlcHQtUmFuZ2VzOiBieXRlcw0KQ29udGVudC1MZW5ndGg6IDI4OTY5DQpDb25uZWN0aW9uOiBjbG9zZQ0KQ29udGVudC1UeXBlOiB0ZXh0L2h0bWwNCg0KPCFET0NUWVBFIGh0bWwgUFVCTElDICItLy9XM0MvL0RURCBYSFRNTCAxLjAgVHJhbnNpdGlvbmFsLy9FTiIgImh0dHA6Ly93d3cudzMub3JnL1RSL3hodG1sMS9EVEQveGh0bWwxLXRyYW5zaXRpb25hbC5kdGQiPgo8aHRtbCB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMTk5OS94aHRtbCI+CjxoZWFkPgo8bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LVR5cGUiIGNvbnRlbnQ9InRleHQvaHRtbDsgY2hhcnNldD1VVEYtOCIgLz4KPHRpdGxlPlNhbHVkIEFjdGl2YTwvdGl0bGU+CjxsaW5rIGhyZWY9ImVzdGlsb3MuY3NzIiByZWw9InN0eWxlc2hlZXQiIHR5cGU9InRleHQvY3NzIiAvPgo8bGluayBocmVmPSJmb3JtX2ZpbGVzL2VzdGlsb3MuY3NzIiByZWw9InN0eWxlc2hlZXQiIHR5cGU9InRleHQvY3NzIj4KPCEtLVtpZiBJRSA2XT4KCQkJPHN0eWxlIHR5cGU9InRleHQvY3NzIj4KCQkJIEBpbXBvcnQgdXJsKGllNi5jc3MpOwoJCQk8L3N0eWxlPiAKCQk8IVtlbmRpZl0tLT4KPHNjcmlwdCB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiIHNyYz0ianMvanF1ZXJ5Lm1pbi5qcyI+PC9zY3JpcHQ+CjxzY3JpcHQgc3JjPSJTY3JpcHRzL3N3Zm9iamVjdF9tb2RpZmllZC5qcyIgdHlwZT0idGV4dC9qYXZhc2NyaXB0Ij48L3NjcmlwdD4KPHNjcmlwdCB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiIHNyYz0ianMvanF1ZXJ5LmN5Y2xlLmFsbC4yLjc0LmpzIj48L3NjcmlwdD4gCjxzY3JpcHQgdHlwZT0idGV4dC9qYXZhc2NyaXB0Ij4KJChkb2N1bWVudCkucmVhZHkoZnVuY3Rpb24oKSB7CgkkKCcjc2xpZGUnKS5jeWNsZSh7IAogICAgCWZ4OiAgICAgJ3Njcm9sbExlZnQnLCAKICAgCSAJc3BlZWQ6ICAxNTAwLCAKICAgIAl0aW1lb3V0OiA2MDAwICwKCQluZXh0OiAgICcjbmV4dCcsIAogICAgCXByZXY6ICAgJyNwcmV2JwoJfSk7Cn0pOwokKGZ1bmN0aW9uKCkKewovL2JvdG9uMQokKCIjYm90b24xIikuY2xpY2soZnVuY3Rpb24oZXZlbnQpIHsKZXZlbnQucHJldmVudERlZmF1bHQoKTsKJCgiI2NvbnRlbmlkbzEiKS5zbGlkZVRvZ2dsZSgpOwokKCIjY29udGVuaWRvMiwgI2NvbnRlbmlkbzMsICNjb250ZW5pZG80LCAjY29udGVuaWRvNSIpLnNsaWRlVXAoKTsKJCgiI2JvdG9uMSIpLnJlbW92ZUNsYXNzKCdub3NlbGVjdCcpLmFkZENsYXNzKCdzZWxlY3QnKTsKLy8kKCIjYm90b24yLCAjYm90b24zLCAjYm90b240LCAjYm90b241IikucmVtb3ZlQ2xhc3MoJ3NlbGVjdCcpLmFkZENsYXNzKCdub3NlbGVjdCcpOwp9KTsKCi8vYm90b24yCiQoIiNib3RvbjIiKS5jbGljayhmdW5jdGlvbihldmVudCkgewpldmVudC5wcmV2ZW50RGVmYXVsdCgpOwokKCIjY29udGVuaWRvMiIpLnNsaWRlVG9nZ2xlKCk7CiQoIiNjb250ZW5pZG8xLCAjY29udGVuaWRvMywgI2NvbnRlbmlkbzQsICNjb250ZW5pZG81Iikuc2xpZGVVcCgpOwokKCIjYm90b24yIikucmVtb3ZlQ2xhc3MoJ25vc2VsZWN0JykuYWRkQ2xhc3MoJ3NlbGVjdCcpOwovLyQoIiNib3RvbjEsICNib3RvbjMsICNib3RvbjQsICNib3RvbjUiKS5yZW1vdmVDbGFzcygnc2VsZWN0JykuYWRkQ2xhc3MoJ25vc2VsZWN0Jyk7Cn0pOwoKLy9ib3RvbjMKJCgiI2JvdG9uMyIpLmNsaWNrKGZ1bmN0aW9uKGV2ZW50KSB7CmV2ZW50LnByZXZlbnREZWZhdWx0KCk7CiQoIiNjb250ZW5pZG8zIikuc2xpZGVUb2dnbGUoKTsKJCgiI2NvbnRlbmlkbzEsICNjb250ZW5pZG8yLCAjY29udGVuaWRvNCwgI2NvbnRlbmlkbzUiKS5zbGlkZVVwKCk7CiQoIiNib3RvbjMiKS5yZW1vdmVDbGFzcygnbm9zZWxlY3QnKS5hZGRDbGFzcygnc2VsZWN0Jyk7Ci8vJCgiI2JvdG9uMiwgI2JvdG9uMSwgI2JvdG9uNCwgI2JvdG9uNSIpLnJlbW92ZUNsYXNzKCdzZWxlY3QnKS5hZGRDbGFzcygnbm9zZWxlY3QnKTsKfSk7CgovL2JvdG9uNAokKCIjYm90b240IikuY2xpY2soZnVuY3Rpb24oZXZlbnQpIHsKZXZlbnQucHJldmVudERlZmF1bHQoKTsKJCgiI2NvbnRlbmlkbzQiKS5zbGlkZVRvZ2dsZSgpOwokKCIjY29udGVuaWRvMSwgI2NvbnRlbmlkbzMsICNjb250ZW5pZG8yLCAjY29udGVuaWRvNSIpLnNsaWRlVXAoKTsKJCgiI2JvdG9uNCIpLnJlbW92ZUNsYXNzKCdub3NlbGVjdCcpLmFkZENsYXNzKCdzZWxlY3QnKTsKJCgiI2JvdG9uMiwgI2JvdG9uMywgI2JvdG9uMSwgI2JvdG9uNSIpLnJlbW92ZUNsYXNzKCdzZWxlY3QnKS5hZGRDbGFzcygnbm9zZWxlY3QnKTsKfSk7CgovL2JvdG9uNQokKCIjYm90b241IikuY2xpY2soZnVuY3Rpb24oZXZlbnQpIHsKZXZlbnQucHJldmVudERlZmF1bHQoKTsKJCgiI2NvbnRlbmlkbzUiKS5zbGlkZVRvZ2dsZSgpOwokKCIjY29udGVuaWRvMSwgI2NvbnRlbmlkbzMsICNjb250ZW5pZG8yLCAjY29udGVuaWRvNCIpLnNsaWRlVXAoKTsKJCgiI2JvdG9uNSIpLnJlbW92ZUNsYXNzKCdub3NlbGVjdCcpLmFkZENsYXNzKCdzZWxlY3QnKTsKJCgiI2JvdG9uMiwgI2JvdG9uMywgI2JvdG9uMSwgI2JvdG9uNCIpLnJlbW92ZUNsYXNzKCdzZWxlY3QnKS5hZGRDbGFzcygnbm9zZWxlY3QnKTsKfSk7Cn0pOwo8L3NjcmlwdD4KCgo8L2hlYWQ+Cgo8Ym9keT4KPGRpdiBpZD0iY29udGVuZWRvciI+CjxkaXYgaWQ9ImhlYWRlciI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgPHRyPgogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249Im1pZGRsZSI+PGltZyBzcmM9ImltYWdlcy9oZWFkZXIuanBnIiBuYW1lPSJib3RvbjQiIHdpZHRoPSI5MzMiIGhlaWdodD0iMTI5IiBpZD0iYm90b240Ii8+PC90ZD4KICAgPCEtLSA8dGQgdmFsaWduPSJtaWRkbGUiPjxhIGhyZWY9ImluZm8uZG9jIiB0YXJnZXQ9Il9ibGFuayI+PGltZyBzcmM9ImltYWdlcy9oZWFkZXJtYzEuanBnIiBuYW1lPSJkZXNjYXJnYSIgd2lkdGg9Ijg0NSIgaGVpZ2h0PSIxMTAiIGJvcmRlcj0iMCIgIGlkPSJkZXNjYXJnYSIvPi0tPgo8L2E+PC90ZD4KICA8L3RyPgo8L3RhYmxlPgo8L2Rpdj4gPCEtLWVuZCBvZiBIRUFERVIgLS0+CiAgICA8ZGl2IGlkPSJpbWFnZW5lcyI+CiAgICAgIDxkaXYgaWQ9InNsaWRlciI+CiAgIAkgIDxkaXY+CiAgIAkJPGltZyBzcmM9ImltYWdlcy9iYW5uZXJfaG9tZS5qcGciIHdpZHRoPSI5MzUiIGhlaWdodD0iMzA5IiAvPjwvZGl2PiAKICAgCSAgPCEtLWVuZCBvZiBTTElERSAtLT4KICAgICAgPC9kaXY+IAogICAgICA8IS0tZW5kIG9mIFNMSURFUiAtLT4KPC9kaXY+IAogICAgPCEtLWVuZCBvZiBJTUFHRU5FUyAtLT4gICAgCjxkaXYgaWQ9ImJvdG9uZXJhIj4KICAgIAk8dWw+CiAgICAgICAgCTxsaSBjbGFzcz0ibm9zZWxlY3QxIiBpZD0iYm90b24yIj48L2xpPgogICAgICAgICAgICA8bGkgY2xhc3M9Im5vc2VsZWN0MiIgaWQ9ImJvdG9uMSI+PC9saT4KICAgICAgICAgIDxhIGhyZWY9ImphdmFzY3JpcHQ6IHZvaWQobyk7IiBvbmNsaWNrPSJ3aW5kb3cub3BlbignaHR0cDovL3d3dy5mYWNlYm9vay5jb20vc2hhcmVyLnBocD91PWh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2RvbmFjaW9uZXMvJywndmVudGFuYWNvbXBhcnRpcicsICd0b29sYmFyPTAsIHN0YXR1cz0wLCB3aWR0aD02NTAsIGhlaWdodD00NTAnKTsiPgogICAgICAgIDxsaSBjbGFzcz0ibm9zZWxlY3QzIj48L2xpPgogICAgICAgICAgICA8L2E+CiAgICAgICAgICAgIDwhLS08bGkgY2xhc3M9Im5vc2VsZWN0IiBpZD0iYm90b240Ij5JTkZPUk1BQ0nDk04gREUgQ09NUFJBUzwvbGk+LS0+CiAgICAgICAgICA8IS0tIDxsaSBjbGFzcz0ibm9zZWxlY3QiIGlkPSJib3RvbjUiPkNPTUVSQ0lBTCBERSBUVjwvbGk+IC0tPgogICAgICAgIDwvdWw+CiAgICAgPC9kaXY+ICAgICAgIAogICAgIDwvZGl2Pgo8IS0tZW5kIG9mIEJPVE9ORVJBIC0tPgogICAgCjxkaXYgY2xhc3M9ImNvbnRlbmlkbyIgaWQ9ImNvbnRlbmlkbzEiPgoKPCEtLUNPTlRFTklETyAxZXIgQk9UT04gLS0+CiAKPGRpdiBjbGFzcz0iZm9uZG9fY29udDQiPgoKPGRpdiBjbGFzcz0idGV4dG8iPgo8cD4mbmJzcDs8L3A+CjxwPiZuYnNwOzwvcD4KPHA+PHNwYW4gY2xhc3M9ImgxIj48Yj5TYWx1ZCBBY3RpdmE8L2I+PC9zcGFuPjwvcD4KICAgIAo8cD48c3BhbiBjbGFzcz0iaDIiPlNhbHVkIEFjdGl2YSBlcyB1bmEgb3JnYW5pemFjacOzbiBzaW4gZmluZXMgZGUgbHVjcm8gcXVlIGluaWNpw7Mgc3UgdHJhYmFqbyBhIHByaW5jaXBpb3MgZGVsIGHDsW8gMTk5OS48L3NwYW4+PC9wPgoKPHA+PHNwYW4gY2xhc3M9ImgzIj4KPHN0cm9uZyBzdHlsZT0iZm9udC13ZWlnaHQ6Ym9sZDsiPjxiciAvPgpIb3kgZXN0YW1vcyB0cmFiYWphbmRvIGVuIGVzdGUgcHJveWVjdG86PC9zdHJvbmc+PGJyIC8+CjxhIGhyZWY9Imh0dHA6Ly9pc3N1dS5jb20vZWkuZXN0dWRpby9kb2NzL3NhbHVkYWN0aXZhLWx1ZG90ZWNhP21vZGU9d2luZG93IiB0YXJnZXQ9Il9ibGFuayI+PGltZyBzcmM9ImltYWdlcy9HYXJhYmF0b0x1ZG90ZWNhXzUwMHB4LmpwZyIgd2lkdGg9IjUwMCIgaGVpZ2h0PSIxMTMiIGJvcmRlcj0iMCIgLz48L2E+Cgo8YnIgLz4KPGEgaHJlZj0iUHJveWVjdG9MdWRvdGVjYUNvbXBsZXRvLnBkZiIgdGFyZ2V0PSJfYmxhbmsiIHN0eWxlPSJjb2xvcjojRjYwOyI+VmVyIHByb3llY3RvIGNvbXBsZXRvPC9hPjxiciAvPgo8c3Ryb25nPjxiciAvPgo8L3N0cm9uZz48L3NwYW4+PHN0cm9uZyBzdHlsZT0iZm9udC13ZWlnaHQ6Ym9sZDsiPlVuIHBvY28gZGUgaGlzdG9yaWE8L3N0cm9uZz48ZW0+OjwvZW0+PC9wPgo8cD48c3BhbiBjbGFzcz0iaDMiPkN1YW5kbyBpbmljaWFtb3MgZXN0ZSBjYW1pbm8gdGVuw61hbW9zIHVuYSBwcmVvY3VwYWNpw7NuLCBsb3MgcHNpY8OzbG9nb3MgeSBwc2ljw7Nsb2dhcyBjdWFuZG8gc2UgcmVjaWLDrWFuIHRlbsOtYW4gcXVlIGNvbWVuemFyIGEgZWplcmNlciB5IHNlIGVuZnJlbnRhYmFuIGEgdW5hIHNlcmllIGRlIHByb2JsZW1hcywgZW50cmUgZWxsb3MgbGEgZGlmZXJlbmNpYSBlbnRyZSBsbyBxdWUgYXByZW5kw61hbiAoeSBhcHJlbmRlbikgZW4gbGEgRmFjdWx0YWQgKHNlYSBsYSBxdWUgc2VhKSB5IGxhIHJlYWxpZGFkIGRlbCBzdWZyaW1pZW50byBkZSBsYSBnZW50ZS4gCiAgRWwgb3RybyBwcm9ibGVtYSBjb24gZWwgcXVlIHNlIHRvcGFiYW4gZXMgbGEgaW5leGlzdGVuY2lhIGRlIGx1Z2FyZXMgZG9uZGUgcmVhbGl6YXIgcHLDoWN0aWNhcywgZG9uZGUgYXByZW5kZXIgYSBhdGVuZGVyIHBhY2llbnRlcywgY29tbyBzZXIgcHNpY8OzbG9nb3MgeSBwc2ljw7Nsb2dhcyBlbiBsYSByZWFsaWRhZCBkZWwgY29udXJiYW5vIGJvbmFlcmVuc2XigKYgPGJyIC8+PGJyIC8+CiAgRXNhcyBwcmVvY3VwYWNpb25lcyBzZSBkZXNwcmVuZGllcm9uIGRlIGRpZXogYcOxb3MgZGUgZnVuY2lvbmFtaWVudG8gY29tbyBpbnN0aXR1Y2nDs24gcHNpY29sw7NnaWNhLCBlbCBDSUFQU0kgKENlbnRybyBkZSBJbnZlc3RpZ2FjacOzbiB5IEFzaXN0ZW5jaWEgUHNpY29zb23DoXRpY2EgZnVuZGFkbyBlbiAxOTg5KSB5IGEgbGEgcXVlIGNvbnZvY2Ftb3MgYSBtdWNob3MgeSBtdWNoYXMgasOzdmVuZXMgY29sZWdhcyBxdWUgc3VmcsOtYW4gZXN0YXMgZG9zIGNhcmVuY2lhcyBiw6FzaWNhcyBlbiBzdSBmb3JtYWNpw7NuLiBDb24gZXN0ZSBlc3DDrXJpdHUgZGUgZm9ybWFjacOzbiBwcm9mZXNpb25hbCBjb21lbnphbW9zIG51ZXN0cm8gY2FtaW5vIGNvbiBTYWx1ZCBBY3RpdmEsIGV4YWN0YW1lbnRlIGVsIDkgZGUgYWJyaWwgZGVsIDk5LCBtZWRpYW50ZSBsYSBpbXBsZW1lbnRhY2nDs24gZGVsIFByb2dyYW1hIEFzaXRpci4gQ29udm9jYW1vcyBhIGxvcyBwcm9mZXNpb25hbGVzIHJlY2nDqW4gcmVjaWJpZG9zIGEgcmVhbGl6YXIgZXN0YSBmb3JtYWNpw7NuIHByb2Zlc2lvbmFsIHRlw7NyaWNvLXByw6FjdGljYSBkZSBtYW5lcmEgZ3JhdHVpdGEgeSBxdWUgaW5jbHXDrWEgbGEgc3VwZXJ2aXNpw7NuIGNsw61uaWNhIGRlIGxvcyBwYWNpZW50ZXMgdGFtYmnDqW4gZGUgbWFuZXJhIGdyYXR1aXRhLiAKICA8YnIgLz48YnIgLz4KICBQYXJhIGdlbmVyYXIgbG9zIGVzcGFjaW9zIGRlIGxhIHByw6FjdGljYSBpbnZpdGFtb3MgYSBsYSBjb211bmlkYWQgY2VyY2FuYSBhIHBhcnRpY2lwYXIgZGUgZXN0YSBwb3NpYmlsaWRhZDogYXNpc3RlbmNpYSBwc2ljb2zDs2dpY2EgZ3JhdHVpdGEgbyBtZWRpYW50ZSBlbCBwYWdvIGRlIHVuIG3DrW5pbW8gYm9ubyBjb250cmlidWNpw7Nu4oCmCiAgPGJyIC8+PGJyIC8+CiAgUHJpbWVybyBmdWVyb24gbGFzIGVzY3VlbGFzIGRlIG51ZXN0cm8gcGFydGlkbywgcG9kcsOhbiBpbWFnaW5hcnNlIHF1ZSBsYSBwcmltZXJhIHJlYWNjacOzbiBmdWUgZGUgYXNvbWJybyB5IGRlc2NvbmZpYW56YSwgbGFzIGRpcmVjdG9yYXMgeSBlcXVpcG9zIHTDqWNuaWNvcyBjb21lbnphcm9uIGEgbGxhbWFyIHBvciB0ZWzDqWZvbm8sIHNlIGZ1ZXJvbiBhY2VyY2FuZG8geSBsZXMgZXhwbGljw6FiYW1vcyBjdWFsZXMgZXJhbiBudWVzdHJvcyBvYmpldGl2b3M6IGZvcm1hciBwcm9mZXNpb25hbGVzIHkgcGVybWl0aXIgYSBtw6FzIGdlbnRlIHBvZGVyIGFjY2VkZXIgYSBsYSBhc2lzdGVuY2lhIHBzaWNvbMOzZ2ljYS4gQXPDrSBwbGFudGVhZG8gZW1wZXphcm9uIGEgbGxlZ2FyIGxhcyBwcmltZXJhcyBkZXJpdmFjaW9uZXM6IG5pw7FvcywgbmnDsWFzIHkgYWRvbGVzY2VudGVzIHF1ZSB0dXZpZXJhbiBkaWZpY3VsdGFkZXMgbyBwcm9ibGVtYXMgZW4gbGEgZXNjdWVsYSwgeSBxdWUgbGEgZXNjdWVsYSBzZSBjb21wcm9tZXRpZXJhIGEKICB0cmFiYWphciBqdW50byBhIG5vc290cm9zIGVuIGxhIHByb2JsZW3DoXRpY2EgZGVsIG5pw7FvIG8gbmnDsWEuCiAgUXVlIGZ1ZSBsbyBxdWUgb2N1cnJpw7PigKZsYSBtYXlvcsOtYSBkZSBsYXMgZGVyaXZhY2lvbmVzIGVzdGFiYW4gdmluY3VsYWRhcyBhbCBtYWx0cmF0byAsIGEgbGEgdmlvbGVuY2lhIHkgYWwgYWJ1c28gaW5mYW50aWwuIAogIDxiciAvPjxiciAvPgogIEp1c3RhbWVudGUgcG9yIHVuIGNhc28gZGUgYWJ1c28gc2V4dWFsIGluZmFudGlsIGZ1aW1vcyBjb252b2NhZG9zIHBvciB1bm8gZGUgbG9zIFRyaWJ1bmFsZXMgZGUgRmFtaWxpYSBkZSBNb3LDs24sIGVsIG7CuiAxIHBhcmEgc2VyIG3DoXMgZXhhY3RvcyBlbiBkb25kZSBjb21lbnphYmEgYSBmdW5jaW9uYXIgdW4gZXNwYWNpbyBpbm5vdmFkb3IgcGFyYSBhcXVlbCBtb21lbnRvLCBub3ZpZW1icmUgZGVsIDk5LCAgbGEgUmVkIGRlIEZhbWlsaWEgZGVsIE9lc3RlLCBjcmVhZGEgcG9yIHVuIEp1ZXogZWwgRHIuIENhcmxvcyBSb21hbm8sIHZpc2lvbmFyaW8gc29icmUgbGEgZm9ybWEgZW4gbGEgcXVlIHNlIGRlYmVuIHRyYWJhamFyIGxvcyB0ZW1hcyBkZSB2aW9sZW5jaWEsIG1hbHRyYXRvIHkgYWJ1c286IGVuIHJlZCwgYXJ0aWN1bGFuZG8sCiAgbXVsdGlkaXNjaXBsaW5hcmlhbWVudGUsIHBlbnNhbmRvIGp1bnRvcywgc2llbmRvIGNyZWF0aXZvc+KApgogIDxiciAvPjxiciAvPgogIE5vcyBhdXRvIGZvcm1hbW9zLCBpbnZlc3RpZ2Ftb3MsIGNvbnN0aXR1aW1vcyBncnVwb3MgZGUgZXN0dWRpbywgbm9zIGNhcGFjaXRhbW9zLCB5IG5vcyBlc3BlY2lhbGl6YW1vcy4KICBTaWVtcHJlIGRlY2ltb3MgcXVlIG5vc290cm9zIG5vIGVsZWdpbW9zIGhhY2VyIGVzdG8sIGxhIHJlYWxpZGFkIHNlIG5vcyBpbXB1c28geSBzZW50aW1vcyBxdWUgZXJhIG51ZXN0cm8gZGViZXIgcmVzcG9uZGVyIGEgbG8gcXVlIG5hZGllIHJlc3BvbmRlLCBhY29tcGHDsWFyIGxvIHF1ZSBuYWRpZSBhY29tcGHDsWEsIHkgcG9yIHNvYnJlIHRvZG8gaGFjZXLigKYsIHRyYXRhciBxdWUgZWwgcXVlIGVzdMOhIHN1ZnJpZW5kbyB0ZW5nYSBsYSBvcG9ydHVuaWRhZCBkZSBlbGVnaXIgb3RyYSBjb3NhLCB0ZW5nYSBsYSBwb3NpYmlsaWRhZCBkZSBtZWpvcmFyLCBkZSBjYW1iaWFyIHN1IGRlc3Rpbm/igKYKICA8YnIgLz48YnIgLz4KICBFbiBlc2UgY2FtaW5vIGZ1aW1vcyBoYWNpZW5kbywgbG9zIENvbmdyZXNvcywgbGFzIEpvcm5hZGFzLCBsYXMgY2FwYWNpdGFjaW9uZXMgZXh0ZXJuYXMgeSBmb3JtYW1vcyBtdWNob3MsIHBlcm8gbXVjaG9zIHByb2Zlc2lvbmFsZXPigKZudW5jYSB0dXZpbW9zIGVsIHRpZW1wbyB5IGVsIGRpbmVybyBwYXJhIHNpc3RlbWF0aXphciBsYSBpbmZvcm1hY2nDs24geSBwb2RlciBjb250YXIgY29uIGVzdGFkw61zdGljYXMgcG9ycXVlIGVsIHRpZW1wbyB5IGVsIHBvY28gZGluZXJvIGxvIHVzYW1vcyBwYXJhIGFsaXZpYXIgZWwgc3VmcmltaWVudG8gZGUgbG9zIHBhY2llbnRlcyBxdWUgcmVjdXJyZW4gYSBub3NvdHJvcy4KICA8YnIgLz48YnIgLz4KICBUYW1iacOpbiBub3MgZGltb3MgY3VlbnRhIHF1ZSBlbiBtdWNob3MgbW9tZW50b3MgZGUgbGEgdmlkYSBkZSBsb3MgbmnDsW9zIHkgbmnDsWFzIG5vIGFsY2FuemEgY29uIGVsIHRyYXRhbWllbnRvIGVuIHVuIGNvbnN1bHRvcmlvLCBwb3JxdWUgbGFzIHByb2JsZW3DoXRpY2FzIHNlIGNvbXBsZWppemFuLCBsYXMgc2l0dWFjaW9uZXMgc2UgYWdyYXZhbiB5IHNlbnRpbW9zIHF1ZSB0ZW7DrWFtb3MgcXVlIGhhY2VyIGFsZ28gbcOhc+KApgogIEFzw60gbmFjZSBudWVzdHJvIFByb2dyYW1hIE1ldGFtb3Jmb3NpcywgdW4gZXNwYWNpbyBkZSB0cmF0YW1pZW50byBpbnRlZ3JhbCBjb24gaW50ZXJuYWNpw7NuIHBhcmEgYWRvbGVzY2VudGVzIG11amVyZXMgdsOtY3RpbWFzIGRlIGFidXNvIHNleHVhbCwgZGUgdmlvbGVuY2lhLCBkZSB0cmF0YeKAplRhbWJpw6luIGluaWNpYW1vcyBudWVzdHJvcyBwcm9ncmFtYXMgQ29uc3RydXllbmRvIHkgQXByZW5kZXIgYSB2b2xhciwgZGVzdGluYWRvIGEgYWRvbGVzY2VudGVzIGVuIGNvbmZsaWN0byBjb24gbGEgbGV5IHBlbmFsLCAgcHVuaWJsZXMgeSBubyBwdW5pYmxlcyByZXNwZWN0aXZhbWVudGUsIAogIGFsZ28gYWx0ZXJuYXRpdm8gYSBsYSBpbnRlcm5hY2nDs27igKYKICA8YnIgLz48YnIgLz4KICBBIGxvIGxhcmdvIGRlIGVzdG9zIGHDsW9zIGhlbW9zIGRlc2Fycm9sbGFkbyBtdWNob3MgcHJvZ3JhbWFzLCBxdWUgdHV2aWVyb24gcXVlIGRpc2NvbnRpbnVhcnNlIGRlYmlkbyBhIGxhIGZhbHRhIGRlIHJlY3Vyc29zIGVjb27Ds21pY29zLCBsYSB2ZXJkYWQgZXMgcXVlIG51bmNhIGhheSBkaW5lcm8gcGFyYSBlc3RvcyB0ZW1hcywgYSBwZXNhciBkZSBxdWUgdG9kbyBlbCBtdW5kbyBzZSBsYSBwYXNhIGhhYmxhbmRvIGRlIGVsbG9zLCBwZXJvIGhhYmxhbiwgc29sbyBoYWJsYW7igKYKICA8YnIgLz48YnIgLz4KICBIb3kgbm9zIGVuY29udHJhbW9zIGVuIGVzdGUgbW9tZW50bywgZW4gZG9uZGUgU2FsdWQgQWN0aXZhIHNlIGVuY3VlbnRyYSBlbiBjcmlzaXPigKYKICBOdWVzdHJhIMO6bmljYSBmdWVudGUgZGUgZmluYW5jaWFtaWVudG8gcGFyZWNlIHF1ZSB0YW1iacOpbiBlc3TDoSBlbiBjcmlzaXMsIG5vcyBlbmNvbnRyYW1vcyBlbiB1bmEgZW5jcnVjaWphZGEsIG5lY2VzaXRhbW9zIGRlIGxhIGF5dWRhIGRlIHVzdGVkZXPigKZTaSBsZXMgcGFyZWNlIHF1ZSBlc3RhbW9zIGhhY2llbmRvIGFsZ28gYnVlbm8gcGFyYSBsYSBnZW50ZSBsb3MgaW52aXRhbW9zIGEgcXVlIHNlIGFzb2NpZW4gYSBub3NvdHJvcyBtZWRpYW50ZSBlbCBwYWdvIGRlIHVuYSBwZXF1ZcOxYSBjb250cmlidWNpw7NuIG1lbnN1YWwgcXVlIHNlIGRlYml0YXLDoSBkZSBzdSB0YXJqZXRhIAogIGRlIGNyw6lkaXRvLCB0b2RhIGNvbGFib3JhY2nDs24gcG9yIHBlcXVlw7FhIHF1ZSBzZWEgbm9zIGF5dWRhcsOhCiAgPGJyIC8+PGJyIC8+CiAgQWNvbXBhw7FlbiBlc3RhIHRhcmVhIHF1ZSBkZXNlYW1vcyBzZWd1aXIgaGFjaWVuZG/igKYKPC9zcGFuPjwvcD4KPC9kaXY+CgkJCjwvZGl2PgogICAgPGRpdiBjbGFzcz0iZm9vdGVyIj48aW1nIHNyYz0iaW1hZ2VzL2Zvb3Rlci5qcGciIHdpZHRoPSI5MzUiIGhlaWdodD0iODciIC8+PC9kaXY+Cgo8L2Rpdj4KICAgICA8IS0tZW5kIG9mIENPTlRFTklETzEgLS0+CiAgICAKICAgIDxkaXYgY2xhc3M9ImNvbnRlbmlkbzIiIGlkPSJjb250ZW5pZG8yIj4KICAgIDwhLS1DT05URU5JRE8gMmRvIEJPVE9OICAtLT4KICAgIAoKPGRpdiBjbGFzcz0iZm9uZG9fY29udDIiPgoKPGRpdiBjbGFzcz0iZm9ybSI+CiAgPGRpdiBjbGFzcz0idGV4dG8iPgogICAgPHA+Jm5ic3A7PC9wPgogICAgPHA+Jm5ic3A7PC9wPgo8cD48c3BhbiBjbGFzcz0idGl0dWxvX2Zvcm0iPjxiPkRBVE9TIFBFUlNPTkFMRVM8L2I+PC9zcGFuPgogICAgPHNwYW4gY2xhc3M9InRpdHVsb19mb3JtMiI+KEVzIG9ibGlnYXRvcmlvIHJlbGxlbmFyIGxvcyBjYW1wb3MgCiAgICAgICAgICAgICAgICBpbmRpY2Fkb3MgY29uICopPC9zcGFuPjwvcD4KICAgIDxkaXYgaWQ9ImJsb3F1ZV9penFfMDMiPgogICAgCQk8ZGl2IGlkPSJibG9xdWVfaXpxXzAzX3RleHRvIj4KICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgIDxzY3JpcHQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICBmdW5jdGlvbiB2YWxpZGFyRW1haWwoZW1haWwpIHsgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgdmFyIHJlICA9IC9eKFthLXpBLVowLTlfLi1dKStAKChbYS16QS1aMC05LV0pKy4pKyhbYS16QS1aMC05XXsyLDR9KSskLzsgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgKCFyZS50ZXN0KGVtYWlsKSkgeyAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgcmV0dXJuIGZhbHNlOyAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB9IAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJldHVybiB0cnVlOyAKICAgICAgICAgICAgICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgICAgICAgICAgZnVuY3Rpb24gdmFsaWRhcihvYmopIHsKICAgICAgICAgICAgICAgICAgICAgICAgICAgIGlmIChvYmoubm9tYnJlLnZhbHVlID09ICcnKSB7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgYWxlcnQoIkRlYmUgaW5ncmVzYXIgc3Ugbm9tYnJlIik7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgb2JqLm5vbWJyZS5mb2N1cygpOwogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJldHVybiBmYWxzZTsKICAgICAgICAgICAgICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgICAgICAgICAgICAgIGlmIChvYmouYXBlbGxpZG8udmFsdWUgPT0gJycpIHsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBhbGVydCgiRGViZSBpbmdyZXNhciBzdSBhcGVsbGlkbyIpOwogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIG9iai5hcGVsbGlkby5mb2N1cygpOwogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJldHVybiBmYWxzZTsKICAgICAgICAgICAgICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgICAgICAgICAgICAgIGlmIChvYmoudGVsZWZvbm8udmFsdWUgPT0gJycpIHsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBhbGVydCgiRGViZSBpbmdyZXNhciBzdSB0ZWxlZm9ubyIpOwogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIG9iai50ZWxlZm9uby5mb2N1cygpOwogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJldHVybiBmYWxzZTsKICAgICAgICAgICAgICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgICAgICAgICAgICAgIGlmIChvYmouZW1haWwudmFsdWUgPT0gJycpIHsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBhbGVydCgiRGViZSBpbmdyZXNhciBzdSBlbWFpbCIpOwogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIG9iai5lbWFpbC5mb2N1cygpOwogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJldHVybiBmYWxzZTsKICAgICAgICAgICAgICAgICAgICAgICAgICAgIH0gZWxzZSB7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgKHZhbGlkYXJFbWFpbChvYmouZW1haWwudmFsdWUpID09IGZhbHNlKSB7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFsZXJ0KCJFbCBlbWFpbCBpbmdyZXNhZG8gZXMgaW5jb3JyZWN0byIpOwogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBvYmouZW1haWwuZm9jdXMoKTsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgcmV0dXJuIGZhbHNlOwogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgICAgICAgICAgICAgIGlmIChvYmoudGVybWlub3MuY2hlY2tlZCAhPSB0cnVlKSB7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgYWxlcnQoIkRlYmUgYWNlcHRhciBsb3MgdMOpcm1pbm9zIHkgY29uZGljaW9uZXMiKTsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBvYmoudGVybWlub3MuZm9jdXMoKTsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICByZXR1cm4gZmFsc2U7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgICAgICAgICAgPC9zY3JpcHQ+CiAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICA8Zm9ybSBuYW1lPSJjb250YWN0IiBtZXRob2Q9IlBPU1QiIGFjdGlvbj0iZW52aW8ucGhwIiBvblN1Ym1pdD0icmV0dXJuIHZhbGlkYXIodGhpcykiPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgPGRpdiBpZD0iYmxvcXVlX2l6cV8wMiI+CjxoMT5Ob21icmU8Zm9udCBjb2xvcj0iI0ZGNjYwMCI+KjwvZm9udD48L2gxPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxoMT5BcGVsbGlkbzxmb250IGNvbG9yPSIjRkY2NjAwIj4qPC9mb250PjwvaDE+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGgxPlByb2Zlc2nDs248L2gxPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxoMT5MdWdhciBkZSB0cmFiYWpvPC9oMT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8aDE+VGVsw6lmb25vPGZvbnQgY29sb3I9IiNGRjY2MDAiPio8L2ZvbnQ+PC9oMT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8aDE+RW1haWw8Zm9udCBjb2xvcj0iI0ZGNjYwMCI+KjwvZm9udD48L2gxPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxiciAvPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxiciAvPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwhLS0gPGgxPk5yby4gZGUgVGFyamV0YTxmb250IGNvbG9yPSIjRkY2NjAwIj4qPC9mb250PjwvaDE+IC0tPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxoMT5Nb250bzxmb250IGNvbG9yPSIjRkY2NjAwIj4qPC9mb250PjwvaDE+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGgxPlRpcG8gZGUgT3BlcmFjacOzbjxmb250IGNvbG9yPSIjRkY2NjAwIj4qPC9mb250PjwvaDE+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGgxIGlkPSJoMV90YXJqZXRhIj5UYXJqZXRhPGZvbnQgY29sb3I9IiNGRjY2MDAiPio8L2ZvbnQ+PC9oMT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8aDEgaWQ9ImgxX2ZyZWN1ZW5jaWEiPkZyZWN1ZW5jaWE8Zm9udCBjb2xvcj0iI0ZGNjYwMCI+KjwvZm9udD48L2gxPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9kaXY+CiAgICAgICAgICAgICAgICAgICAJCSAgPGZpZWxkc2V0PgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48YnIgLz4KICAgICAgICAgICAgICAgICAgICAgICAgICA8aW5wdXQgbmFtZT0ibm9tYnJlIiBjbGFzcz0icmVnMSIgc2l6ZT0iMTUiIHdpZHRoPSIxMDUiIGlkPSJub21icmUiIHR5cGU9InRleHQiPjwvcD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGgxPjwvaDE+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxpbnB1dCBuYW1lPSJhcGVsbGlkbyIgY2xhc3M9InJlZzEiIHNpemU9IjE1IiB3aWR0aD0iMTA1IiBpZD0iYXBlbGxpZG8iIHR5cGU9InRleHQiPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3A+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxoMT48L2gxPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48aW5wdXQgbmFtZT0icHJvZmVzaW9uIiBjbGFzcz0icmVnMSIgc2l6ZT0iMTUiIHdpZHRoPSIxMDUiIGlkPSJwcm9mZXNpb24iIHR5cGU9InRleHQiPjwvcD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGgxPjwvaDE+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxpbnB1dCBuYW1lPSJ0cmFiYWpvIiBjbGFzcz0icmVnMSIgc2l6ZT0iMTUiIHdpZHRoPSIxMDUiIGlkPSJ0cmFiYWpvIiB0eXBlPSJ0ZXh0Ij48L3A+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxoMT48L2gxPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48aW5wdXQgbmFtZT0idGVsZWZvbm8iIGNsYXNzPSJyZWcxIiBzaXplPSIxNSIgd2lkdGg9IjEwNSIgaWQ9InRlbGVmb25vIiB0eXBlPSJ0ZXh0Ij48L3A+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxoMT48L2gxPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48aW5wdXQgbmFtZT0iZW1haWwiIGNsYXNzPSJyZWcxIiBzaXplPSIxNSIgd2lkdGg9IjEwNSIgaWQ9ImVtYWlsIiB0eXBlPSJ0ZXh0Ij48L3A+PGJyIC8+CgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHNwYW4gY2xhc3M9InRpdHVsb19mb3JtIj48Yj5ET05BQ0lPTkVTPC9iPjwvc3Bhbj48L3A+ICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjwvcD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwhLS0gPHA+PGlucHV0IG5hbWU9InRhcmpldGEiIGNsYXNzPSJyZWcxIiBzaXplPSIxNSIgd2lkdGg9IjEwNSIgaWQ9InRhcmpldGEiIHR5cGU9InRleHQiPjwvcD4gLS0+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c2VsZWN0IG5hbWU9Im1vbnRvIiBjbGFzcz0icmVnMiIgaWQ9Im1vbnRvIiBvbkNoYW5nZT0iaWYgKHRoaXMudmFsdWUgPT0gJy0xJykgeyBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgndHh0bW9udG8nKS5zdHlsZS5kaXNwbGF5PScnOyB9IGVsc2UgeyBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgndHh0bW9udG8nKS5zdHlsZS5kaXNwbGF5PSdub25lJzsgfSAiPgogICAgICAgICAgICAgICAgICAgICAgPG9wdGlvbiB2YWx1ZT0iNTAiPiQgNTA8L29wdGlvbj4KICAgICAgICAgICAgICAgICAgICAgIDxvcHRpb24gdmFsdWU9IjEwMCI+JCAxMDA8L29wdGlvbj4KICAgICAgICAgICAgICAgICAgICAgIDxvcHRpb24gdmFsdWU9IjE1MCI+JCAxNTA8L29wdGlvbj4KICAgICAgICAgICAgICAgICAgICAgIDxvcHRpb24gdmFsdWU9IjIwMCI+JCAyMDA8L29wdGlvbj4KICAgICAgICAgICAgICAgICAgICAgIDxvcHRpb24gdmFsdWU9Ii0xIj5PdHJvLCBpbmdyZXNlIHZhbG9yPC9vcHRpb24+CiAgICAgICAgICAgICAgICAgICAgPC9zZWxlY3Q+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICA8c2NyaXB0PgogICAgICAgICAgICAgICAgICAgICAgICAgICAgZnVuY3Rpb24gc29sb051bWVyb3MobXlmaWVsZCxlKSB7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAJdmFyIGtleWNvZGU7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAJaWYgKHdpbmRvdy5ldmVudCkgewogICAgICAgICAgICAgICAgICAgICAgICAgICAgCSAgICBrZXljb2RlID0gd2luZG93LmV2ZW50LmtleUNvZGU7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAJfSBlbHNlIHsKICAgICAgICAgICAgICAgICAgICAgICAgICAgIAkgICAgaWYgKGUpIHsKICAgICAgICAgICAgICAgICAgICAgICAgICAgIAkgICAgICAgIGtleWNvZGUgPSBlLndoaWNoOwogICAgICAgICAgICAgICAgICAgICAgICAgICAgCSAgICB9IGVsc2UgewogICAgICAgICAgICAgICAgICAgICAgICAgICAgCSAgICAgICAgcmV0dXJuIHRydWU7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAJICAgIH0KICAgICAgICAgICAgICAgICAgICAgICAgICAgIAl9CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAJaWYgKCgoa2V5Y29kZT40NykgJiYgKGtleWNvZGU8NTgpKSAgfHwgKGtleWNvZGU9PTgpKSB7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAJICAgIHJldHVybiB0cnVlOyAKICAgICAgICAgICAgICAgICAgICAgICAgICAgIAl9IGVsc2UgewogICAgICAgICAgICAgICAgICAgICAgICAgICAgCSAgICByZXR1cm4gZmFsc2U7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAJfQogICAgICAgICAgICAgICAgICAgICAgICAgICAgfQogICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9zY3JpcHQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICA8aW5wdXQgbmFtZT0idHh0bW9udG8iIGNsYXNzPSJyZWcxIiBzaXplPSIxNSIgd2lkdGg9IjIwIiBpZD0idHh0bW9udG8iIHR5cGU9InRleHQiIG1heGxlbmd0aD0iNyIgb25LZXlQcmVzcz0icmV0dXJuIHNvbG9OdW1lcm9zKHRoaXMsIGV2ZW50KTsiIHN0eWxlPSJkaXNwbGF5Om5vbmUiPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9wPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgPHNjcmlwdD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgIGZ1bmN0aW9uIG11ZXN0cmFGb3JtYVBhZ28odmFsb3IpIHsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBpZiAodmFsb3IgPT0gMikgewogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgncF9tZWRpb3BhZ28nKS5zdHlsZS5kaXNwbGF5ID0gJ25vbmUnOwogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgncF9jdW90YXMnKS5zdHlsZS5kaXNwbGF5ID0gJ25vbmUnOwogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgncF9mb3JtYXBhZ29vdHJvJykuc3R5bGUuZGlzcGxheSA9ICcnOwogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgnaDFfdGFyamV0YScpLmlubmVySFRNTCA9ICdGb3JtYSBkZSBQYWdvPGZvbnQgY29sb3I9IiNGRjY2MDAiPio8L2ZvbnQ+JzsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoJ2gxX2ZyZWN1ZW5jaWEnKS5pbm5lckhUTUwgPSAnJzsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB9IGVsc2UgewogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgncF9tZWRpb3BhZ28nKS5zdHlsZS5kaXNwbGF5ID0gJyc7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdwX2N1b3RhcycpLnN0eWxlLmRpc3BsYXkgPSAnJzsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoJ3BfZm9ybWFwYWdvb3RybycpLnN0eWxlLmRpc3BsYXkgPSAnbm9uZSc7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdoMV90YXJqZXRhJykuaW5uZXJIVE1MID0gJ1RhcmpldGE8Zm9udCBjb2xvcj0iI0ZGNjYwMCI+KjwvZm9udD4nOwogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgnaDFfZnJlY3VlbmNpYScpLmlubmVySFRNTCA9ICdGcmVjdWVuY2lhPGZvbnQgY29sb3I9IiNGRjY2MDAiPio8L2ZvbnQ+JzsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3NjcmlwdD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzZWxlY3QgbmFtZT0iZm9ybWFwYWdvIiBjbGFzcz0icmVnMiIgaWQ9ImZvcm1hcGFnbyIgb25DaGFuZ2U9Im11ZXN0cmFGb3JtYVBhZ28odGhpcy52YWx1ZSkiIHN0eWxlPSJwb3NpdGlvbjpyZWxhdGl2ZTsgdG9wOjVweDsiPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8b3B0aW9uIHZhbHVlPSIxIj5UYXJqZXRhIGRlIENyw6lkaXRvPC9vcHRpb24+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxvcHRpb24gdmFsdWU9IjIiPkVmZWN0aXZvICjDum5pY2EgdmV6KTwvb3B0aW9uPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9zZWxlY3Q+PC9wPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgPHAgaWQ9InBfbWVkaW9wYWdvIiBzdHlsZT0iZGlzcGxheTpub25lIj48c2VsZWN0IG5hbWU9Im1lZGlvcGFnbyIgY2xhc3M9InJlZzIiIGlkPSJtZWRpb3BhZ28iIHN0eWxlPSJwb3NpdGlvbjpyZWxhdGl2ZTsgdG9wOjZweDsiPgogICAgICAgICAgICAgICAgICAgICAgPG9wdGlvbiB2YWx1ZT0iMTUiPk1hc3RlcmNhcmQ8L29wdGlvbj4KICAgICAgICAgICAgICAgICAgICAgIDxvcHRpb24gdmFsdWU9IjEiPlZpc2E8L29wdGlvbj4KICAgICAgICAgICAgICAgICAgICAgIDxvcHRpb24gdmFsdWU9IjYiPkFtZXJpY2FuIEV4cHJlc3M8L29wdGlvbj4KICAgICAgICAgICAgICAgICAgICA8L3NlbGVjdD48L3A+CiAgICAgICAgICAgICAgICAgICAgIDxwIGlkPSJwX2N1b3RhcyIgc3R5bGU9ImRpc3BsYXk6bm9uZSI+PHNlbGVjdCBuYW1lPSJjdW90YXMiIGNsYXNzPSJyZWcyIiBpZD0iY3VvdGFzIiBzdHlsZT0icG9zaXRpb246cmVsYXRpdmU7IHRvcDo3cHg7Ij4KICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxvcHRpb24gdmFsdWU9IjEiPkQmZWFjdXRlO2JpdG8gQXV0b20mYWFjdXRlO3RpY28gKHRvZG9zIGxvcyBtZXNlcyk8L29wdGlvbj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxvcHRpb24gdmFsdWU9IjIiPsOabmljYSB2ZXo8L29wdGlvbj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8L3NlbGVjdD48L3A+CiAgICAgICAgICAgICAgICAgICAgPHAgaWQ9InBfZm9ybWFwYWdvb3RybyIgc3R5bGU9ImRpc3BsYXk6bm9uZSI+PHNlbGVjdCBuYW1lPSJmb3JtYXBhZ29vdHJvIiBjbGFzcz0icmVnMiIgaWQ9ImZvcm1hcGFnb290cm8iIHN0eWxlPSJwb3NpdGlvbjpyZWxhdGl2ZTsgdG9wOjdweDsiPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgPG9wdGlvbiB2YWx1ZT0iOTk3Ij5EZXBvc2l0byBCYW5jYXJpbzwvb3B0aW9uPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgPG9wdGlvbiB2YWx1ZT0iOTk4Ij5QYWdvIGVuIEVmZWN0aXZvPC9vcHRpb24+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICA8b3B0aW9uIHZhbHVlPSI5OTkiPkRpbmVyb01haWw8L29wdGlvbj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8L3NlbGVjdD48L3A+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+ICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxiciAvPiAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxpbnB1dCBuYW1lPSJyZWNpYmlyIiBpZD0iY2hlY2siIHR5cGU9ImNoZWNrYm94IiBjaGVja2VkPSJ0cnVlIiB2YWx1ZT0iU2kiIC8+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIFMmaWFjdXRlOywgZGVzZW8gcmVjaWJpciAKICAgICAgICAgICAgICAgIGluZm9ybWFjaSZvYWN1dGU7biBwZXJpJm9hY3V0ZTtkaWNhIGRlIFNhbHVkIEFjdGl2YSB5IAogICAgICAgICAgICAgICAgc3VzIFByb3llY3RvcyBkZSBEZXNhcnJvbGxvLiAgICAgICAgICAgICAgICA8L3A+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxpbnB1dCBuYW1lPSJsaXN0YSIgaWQ9ImNoZWNrIiB0eXBlPSJjaGVja2JveCIgY2hlY2tlZD0idHJ1ZSIgdmFsdWU9IlNpIiAvPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNpIGRlc2VvIGFwYXJlY2VyIGVuIGxhIGxpc3RhIGRlIGRvbmFjaW9uZXMgaW5kaXZpZHVhbGVzLiAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBBcGFyZWNlciZhYWN1dGU7IHN1IG5vbWJyZSBlbiBsYSBsaXN0YSBkZWwgcG9ydGFsIGRlIFNhbHVkIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICBBY3RpdmEuPC9wPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8aW5wdXQgbmFtZT0idGVybWlub3MiIGlkPSJ0ZXJtaW5vcyIgdHlwZT0iY2hlY2tib3giIHZhbHVlPSJTaSIgLz4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBBY2VwdG8gbG9zIHTDqXJtaW5vcyB5IGNvbmRpY2lvbmVzLjwvcD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWRlbcOhcywgY29uIHR1IGRvbmFjacOzbiwgb2J0ZW7DqXMgZGVzY3VlbnRvcyBlbiB0b2RhcyBsYXMgYWN0aXZpZGFkZXMgZGUgU2FsdWQgQWN0aXZhOiBjdXJzb3MsIGpvcm5hZGFzLCBjb25ncmVzb3MuPC9wPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxpbnB1dCBuYW1lPSJpbWFnZSIgc3JjPSJmb3JtX2ZpbGVzL0ZPUk1VTEFSSU9fMTUuanBnIiBoZWlnaHQ9IjM4IiB0eXBlPSJpbWFnZSIgd2lkdGg9IjExNSI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGltZyBvbkNsaWNrPSJyZXR1cm4gcmVzZXQoKTsiIHNyYz0iZm9ybV9maWxlcy9ib3Rvbi1jYW5jZWxfMTUuanBnIiBoZWlnaHQ9IjM4IiB3aWR0aD0iMTE1Ij48L3A+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPC9maWVsZHNldD4KCiAgPC9mb3JtPgogIAogIDxiciAvPgo8YnIgLz4KCgoKPHRhYmxlIHdpZHRoPSI2MzMiIGJvcmRlcj0iMCIgYWxpZ249ImNlbnRlciIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4KICA8dHI+CiAgICA8dGQgd2lkdGg9IjAiIGFsaWduPSJsZWZ0IiBiZ2NvbG9yPSIjMjY1MjE3IiBjbGFzcz0iaDMiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMTAiIGNlbGxwYWRkaW5nPSI3Ij4KICAgICAgPHRyPgogICAgICAgIDx0ZCBjbGFzcz0iaDUiPkZPUk1BUyBERSBQQUdPPC90ZD4KICAgICAgPC90cj4KICAgIDwvdGFibGU+CiAgICAgIDxzcGFuIGNsYXNzPSJoNCI+CiAgICA8L3NwYW4+PC90ZD4KICA8L3RyPgogIDx0cj4KICAgIDx0ZCBiZ2NvbG9yPSIjQ0NDQ0NDIj48YnIgLz4KICAgICAgPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIxMCIgY2VsbHNwYWNpbmc9IjUiPgogICAgICA8dHI+CiAgICAgICAgPHRkIGJnY29sb3I9IiNlMDY3MGEiPiZuYnNwOyZuYnNwOzxzcGFuIGNsYXNzPSJoNSI+VGFyamV0YSBkZSBDUsOJRElUTyAocG9yIGTDqWJpdG8gYXV0b23DoXRpY28pPC9zcGFuPjwvdGQ+CiAgICAgIDwvdHI+CiAgICAgIDx0cj4KICAgICAgICA8dGQgYmdjb2xvcj0iI0ZGRkZGRiI+PHRhYmxlIHdpZHRoPSIxODUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkIHdpZHRoPSIxMCI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkIHdpZHRoPSIxNTAiPjxpbWcgc3JjPSJpbWFnZXMvdmlzYW1hc3RlcmFtZS5qcGciICB3aWR0aD0iMjM2IiBoZWlnaHQ9IjYwIiAvPjwvdGQ+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CiAgICAgICAgICA8dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjciIGNlbGxwYWRkaW5nPSI1Ij4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZD48c3BhbiBjbGFzcz0iaDMiPlNlIGxlIGRlYml0YXLDoSBkZSBzdSBjdWVudGEsIHRvZG9zIGxvcyBtZXNlcy4gTGUgcmVjb3JkYW1vcyBxdWUgZWwgZMOpYml0byBhdXRvbcOhdGljbyBkZSBzdSB0YXJqZXRhIGRlIGNyw6lkaXRvIHVzdGVkIGxvIHB1ZWRlIGNhbmNlbGFyIGVuIGVsIG1vbWVudG8gcXVlIGxvIGRlc2VlIGNvbXVuaWPDoW5kb3NlIGNvbiBub3NvdHJvczwvc3Bhbj48L3RkPgogICAgICAgICAgICA8L3RyPgogICAgICAgICAgPC90YWJsZT4KICAgICAgICAgIDxwPgogICAgICAgICAgPC9wPjwvdGQ+CiAgICAgIDwvdHI+CiAgICA8L3RhYmxlPgogICAgICA8cD4mbmJzcDs8L3A+CiAgICAgIDx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBhbGlnbj0iY2VudGVyIiBjZWxscGFkZGluZz0iMTAiIGNlbGxzcGFjaW5nPSI1Ij4KICAgICAgICA8dHI+CiAgICAgICAgICA8dGQgYmdjb2xvcj0iI2UwNjcwYSI+Jm5ic3A7IDxzcGFuIGNsYXNzPSJoNSI+RUZFQ1RJVk8gcG9yIMO6bmljYSB2ZXogPC9zcGFuPjwvdGQ+CiAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgICA8dGQgYmdjb2xvcj0iI0ZGRkZGRiI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSI3IiBjZWxscGFkZGluZz0iNSI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQ+PHNwYW4gY2xhc3M9ImgzIj48ZW0+VXN0ZWQgcmVhbGl6YXLDoSBsYSBkb25hY2nDs24gcG9yIMO6bmljYSB2ZXouIFB1ZWRlIGRvbmFyIGxhcyB2ZWNlcyBxdWUgcXVpZXJhLCBjb21wbGV0YW5kbyBudWV2YW1lbnRlIGVzdGUgZm9ybXVsYXJpbyBlIGluZ3Jlc2FuZG8gZWwgbW9udG8gZGVzZWFkby48L2VtPjwvc3Bhbj48L3RkPgogICAgICAgICAgICA8L3RyPgogICAgICAgICAgPC90YWJsZT4KICAgICAgICAgICAgPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSI3IiBjZWxscGFkZGluZz0iNSI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGJnY29sb3I9IiNDQ0NDQ0MiPjxzcGFuIGNsYXNzPSJoMiI+PHN0cm9uZz5Qb3IgIHRyYW5zZmVyZW5jaWEgYmFuY2FyaWEgbyBkZXDDs3NpdG88L3N0cm9uZz4gPC9zcGFuPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT4KICAgICAgICAgICAgPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSI3IiBjZWxscGFkZGluZz0iNSI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNSUiPjxzcGFuIGNsYXNzPSJoMyI+QVJHRU5USU5BPC9zcGFuPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9Ijg1JSI+PHNwYW4gY2xhc3M9ImgzIj48aW1nIHNyYz0iaW1hZ2VzL2dhbGljaWEuanBnIiB3aWR0aD0iMTA3IiBoZWlnaHQ9IjE5IiBhbGlnbj0ibWlkZGxlIiAvPjwvc3Bhbj48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjIiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMiIgY2VsbHBhZGRpbmc9IjciPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjIiPjxzcGFuIGNsYXNzPSJoMyI+RGF0b3MgcGFyYSBkZXDDs3NpdG9zIHkvbyB0cmFuc2ZlcmVuY2lhOjwvc3Bhbj48L3RkPgogICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIxJSI+PHNwYW4gY2xhc3M9ImgzIj5FbnRpZGFkIEJhbmNhcmlhOiA8L3NwYW4+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9Ijc5JSI+PHNwYW4gY2xhc3M9ImgzIj5CYW5jbyBHYWxpY2lhPC9zcGFuPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQ+PHNwYW4gY2xhc3M9ImgzIj5UaXR1bGFyIGRlIEN1ZW50YTo8L3NwYW4+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQ+PHNwYW4gY2xhc3M9ImgzIj5TYWx1ZCBBY3RpdmE8L3NwYW4+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZD48c3BhbiBjbGFzcz0iaDMiPlRpcG8gZGUgY3VlbnRhOjwvc3Bhbj48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZD48c3BhbiBjbGFzcz0iaDMiPkN1ZW50YSBDb3JyaWVudGUgZW4gcGVzb3M8L3NwYW4+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZD48c3BhbiBjbGFzcz0iaDMiPk7Dum1lcm8gZGUgY3VlbnRhOjwvc3Bhbj48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZD48c3BhbiBjbGFzcz0iaDMiPjU1MTctOCAwNTktNDwvc3Bhbj48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkPjxzcGFuIGNsYXNzPSJoMyI+Q0JVOjwvc3Bhbj48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZD48c3BhbiBjbGFzcz0iaDMiPjAwNzAwNTk3MjAwMDAwMDU1MTc4NDY8L3NwYW4+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZD48c3BhbiBjbGFzcz0iaDMiPkNVSVQ6PC9zcGFuPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkPjxzcGFuIGNsYXNzPSJoMyI+MzAtNzA4MDE0NjMtNjwvc3Bhbj48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjIiIGNsYXNzPSJoMyI+UkVTVE8gREVMIE1VTkRPPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIyIiBjbGFzcz0iaDMiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMiIgY2VsbHBhZGRpbmc9IjciPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjIiPjxzcGFuIGNsYXNzPSJoMyI+RGF0b3MgcGFyYSBkZXDDs3NpdG9zIHkvbyB0cmFuc2ZlcmVuY2lhOjwvc3Bhbj48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMSUiPjxzcGFuIGNsYXNzPSJoMyI+RW50aWRhZCBCYW5jYXJpYTogPC9zcGFuPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI3OSUiPjxzcGFuIGNsYXNzPSJoMyI+V2FjaG92aWEgQmFuayBOLkEuIC0gTmV3IFlvcms8L3NwYW4+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZD48c3BhbiBjbGFzcz0iaDMiPlN3aWZ0IEFkZHJlc3M6PC9zcGFuPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkPjxzcGFuIGNsYXNzPSJoMyI+UE5CUFVTM05OWUM8L3NwYW4+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZD48c3BhbiBjbGFzcz0iaDMiPkZlZHdpcmU6PC9zcGFuPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkPjxzcGFuIGNsYXNzPSJoMyI+MDI2MDA1MDkyPC9zcGFuPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT4KICAgICAgICAgICAgPHA+PC9wPgogICAgICAgICAgICA8dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjciIGNlbGxwYWRkaW5nPSI1Ij4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgYmdjb2xvcj0iI0NDQ0NDQyI+PHNwYW4gY2xhc3M9ImgyIj5BY2Vyw6FuZG9zZSBhIG51ZXN0cmEgZW50aWRhZDwvc3Bhbj48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDwvdGFibGU+CiAgICAgICAgICAgIDx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBhbGlnbj0iY2VudGVyIiBjZWxscGFkZGluZz0iMTAiIGNlbGxzcGFjaW5nPSI1Ij4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgIAogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGJnY29sb3I9IiNGRkZGRkYiPjx0YWJsZSB3aWR0aD0iMzAwIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7Jm5ic3A7PGltZyBzcmM9ImltYWdlcy9zYWx1ZC5qcGciIHdpZHRoPSIxNTQiIGhlaWdodD0iMzkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT4KICAgICAgICAgICAgICAgICAgPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSI3IiBjZWxscGFkZGluZz0iNSI+CiAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgPHRkIGNsYXNzPSJoMyI+RGlyZWNjaW9uOiBBdi4gUHRlIFBlcsOzbiAoZXggUml2YWRhdmlhKSAyNTE0MC4gTWVybG8gQnMuIEFzLjxiciAvPgogICAgICAgICAgICAgICAgICAgICAgICBUZWwuOiAwMjIwIDQ4Mjg0MTggLyA0ODYxMTgwPGJyIC8+CiAgICAgICAgICAgICAgICAgICAgICAgIEUtbWFpbDogc2FsdWRhY3RpdmFAc2FsdWRhY3RpdmEub3JnLmFyPC90ZD4KICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8L3RhYmxlPgogICAgICAgICAgICAgICAgICA8cD48L3A+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPgogICAgICAgICAgICA8dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjciIGNlbGxwYWRkaW5nPSI1Ij4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgYmdjb2xvcj0iI0NDQ0NDQyIgY2xhc3M9ImgyIj5ESU5FUk8gTUFJTDwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT4KICAgICAgICAgICAgPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIxMCIgY2VsbHNwYWNpbmc9IjUiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgYmdjb2xvcj0iI0ZGRkZGRiI+PHRhYmxlIHdpZHRoPSIzMDAiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTAiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyOTAiPjxpbWcgc3JjPSJpbWFnZXMvZGluZXJvbWFpbC5qcGciIHdpZHRoPSI0MTEiIGhlaWdodD0iNTAiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+CiAgICAgICAgICAgICAgICAgIDx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iNyIgY2VsbHBhZGRpbmc9IjUiPgogICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgIDx0ZCBjbGFzcz0iaDMiPkltcHJpbWEgZWwgY3Vww7NuIHkgZGlyw61qYXNlIGEgbGFzIHN1Y3Vyc2FsZXMgaGFiaWxpdGFkYXMgcGFyYSByZWFsaXphciBlbCBwYWdvLiBMdWVnbyBww7NuZ2FzZSBlbiBjb250YWN0byBjb24gbm9zb3Ryb3MgcGFyYSBpbmZvcm1hcm5vcyBkZSBsYSBvcGVyYWNpw7NuLjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPC90YWJsZT4KICAgICAgICAgICAgICAgICAgPHA+PC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICA8L3RyPgogICAgICA8L3RhYmxlPgogICAgICA8cD48YnIgLz4KICAgIDwvcD48L3RkPgogIDwvdHI+CjwvdGFibGU+CgoKICAgICAKPC9kaXY+CgoKPCEtLWVuZCBvZiBDT05URU5JRE8yIC0tPgogICAgCiAgICA8ZGl2IGNsYXNzPSJjb250ZW5pZG8iIGlkPSJjb250ZW5pZG8zIj4KCgogICAgPC9kaXY+IDwhLS1lbmQgb2YgQ09OVEVOSURPMyAtLT4KICAgIAogICAgPGRpdiBjbGFzcz0iY29udGVuaWRvIiBpZD0iY29udGVuaWRvNCI+CiAgICAKICAgIDwvZGl2PiA8IS0tZW5kIG9mIENPTlRFTklETzQgLS0+CiAgICAKPGJyIC8+ICAgIAo8YnIgLz4KPGRpdiBjbGFzcz0iY29udGVuaWRvMiIgaWQ9ImNvbnRlbmlkbzUiIGFsaWduPSJjZW50ZXIiPjwvZGl2Pgo8cD4KICA8IS0tZW5kIG9mIENPTlRFTklETzQgLS0+CiAgPCEtLWVuZCBvZiBDT05URU5FRE9SIC0tPgo8L3A+Cgo8c2NyaXB0Pm11ZXN0cmFGb3JtYVBhZ28oZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoJ2Zvcm1hcGFnbycpLnZhbHVlKTwvc2NyaXB0Pgo8L2JvZHk+Cgo8L2h0bWw+Cg==]]></response>
	236	<responseRedirected>false</responseRedirected>
	237	</requestresponse>
	238	</issue>
	239	<issue>
	240	<serialNumber>3260534830746413056</serialNumber>
	241	<type>5244416</type>
	242	<name>Cookie without HttpOnly flag set</name>
	243	<host ip="200.20.20.201">http://www.example.org.ar</host>
	244	<path><![CDATA[/]]></path>
	245	<location><![CDATA[/]]></location>
	246	<severity>Low</severity>
	247	<confidence>Firm</confidence>
	248	<issueBackground><![CDATA[If the HttpOnly attribute is set on a cookie, then the cookie's value cannot be read or set by client-side JavaScript. This measure can prevent certain client-side attacks, such as cross-site scripting, from trivially capturing the cookie's value via an injected script.]]></issueBackground>
	249	<remediationBackground><![CDATA[There is usually no good reason not to set the HttpOnly flag on all cookies. Unless you specifically require legitimate client-side scripts within your application to read or set a cookie's value, you should set the HttpOnly flag by including this attribute within the relevant Set-cookie directive.<br><br>You should be aware that the restrictions imposed by the HttpOnly flag can potentially be circumvented in some circumstances, and that numerous other serious attacks can be delivered by client-side script injection, aside from simple cookie stealing.]]></remediationBackground>
	250	<issueDetail><![CDATA[The following cookie was issued by the application and does not have the HttpOnly flag set:<ul><li><b>PHPSESSID=94585aa0c11cf2e864d83e24678b9865; path=/</b></li></ul>The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.]]></issueDetail>
	251	<requestresponse>
	252	<request base64="true"><![CDATA[R0VUIC8gSFRUUC8xLjENCkhvc3Q6IHd3dy5zYWx1ZGFjdGl2YS5vcmcuYXINClVzZXItQWdlbnQ6IE1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwLjg7IHJ2OjIzLjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMjMuMA0KQWNjZXB0OiB0ZXh0L2h0bWwsYXBwbGljYXRpb24veGh0bWwreG1sLGFwcGxpY2F0aW9uL3htbDtxPTAuOSwqLyo7cT0wLjgNCkFjY2VwdC1MYW5ndWFnZTogZW4tVVMsZW47cT0wLjUNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KQ29ubmVjdGlvbjoga2VlcC1hbGl2ZQ0KDQo=]]></request>
	253	<response base64="true"><![CDATA[SFRUUC8xLjEgMjAwIE9LDQpEYXRlOiBUaHUsIDA3IE5vdiAyMDEzIDE3OjEyOjAyIEdNVA0KU2VydmVyOiBBcGFjaGUvMi4yLjIzIChVbml4KSBtb2Rfc3NsLzIuMi4yMyBPcGVuU1NMLzAuOS44ZS1maXBzLXJoZWw1DQpYLVBvd2VyZWQtQnk6IFBIUC81LjIuMTcNCkV4cGlyZXM6IFRodSwgMTkgTm92IDE5ODEgMDg6NTI6MDAgR01UDQpDYWNoZS1Db250cm9sOiBuby1zdG9yZSwgbm8tY2FjaGUsIG11c3QtcmV2YWxpZGF0ZSwgcG9zdC1jaGVjaz0wLCBwcmUtY2hlY2s9MA0KUHJhZ21hOiBuby1jYWNoZQ0KU2V0LUNvb2tpZTogUEhQU0VTU0lEPTk0NTg1YWEwYzExY2YyZTg2NGQ4M2UyNDY3OGI5ODY1OyBwYXRoPS8NCktlZXAtQWxpdmU6IHRpbWVvdXQ9MjAsIG1heD0yMDANCkNvbm5lY3Rpb246IEtlZXAtQWxpdmUNCkNvbnRlbnQtVHlwZTogdGV4dC9odG1sDQpDb250ZW50LUxlbmd0aDogNjA2MDYNCg0KIDxoZWFkPgo8bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LVR5cGUiIGNvbnRlbnQ9InRleHQvaHRtbDsgY2hhcnNldD1pc28tODg1OS0xIiAvPgo8dGl0bGU+U2FsdWQgQWN0aXZhIC0gQWJ1c28gdmlvbGVuY2lhIHkgbWFsdHJhdG88L3RpdGxlPgoKPHNjcmlwdD4gCiAgICAvL2VzdG8gcGFyYSBwYXNhcmxlIGFsIGZsYXNoIGxhcyB2YXJpYWxiZXMgZGVsIHBocAogCQoKCXZhciBib3Q9Jyc7Ci8vYWxlcnQodmFyaWFibGVTZXJ2aWRvcik7Cjwvc2NyaXB0Pgo8c2NyaXB0IGxhbmd1YWdlPSJKYXZhU2NyaXB0IiB0eXBlPSJ0ZXh0L0phdmFTY3JpcHQiPgo8IS0tCmZ1bmN0aW9uIE1NX3ByZWxvYWRJbWFnZXMoKSB7IC8vdjMuMAogIHZhciBkPWRvY3VtZW50OyBpZihkLmltYWdlcyl7IGlmKCFkLk1NX3ApIGQuTU1fcD1uZXcgQXJyYXkoKTsKICAgIHZhciBpLGo9ZC5NTV9wLmxlbmd0aCxhPU1NX3ByZWxvYWRJbWFnZXMuYXJndW1lbnRzOyBmb3IoaT0wOyBpPGEubGVuZ3RoOyBpKyspCiAgICBpZiAoYVtpXS5pbmRleE9mKCIjIikhPTApeyBkLk1NX3Bbal09bmV3IEltYWdlOyBkLk1NX3BbaisrXS5zcmM9YVtpXTt9fQp9Ci8vLS0+Cjwvc2NyaXB0Pgo8bGluayBocmVmPSJlc3RpbG9zLmNzcyIgcmVsPSJzdHlsZXNoZWV0IiB0eXBlPSJ0ZXh0L2NzcyIgLz4KCjwvaGVhZD4KCjxzY3JpcHQgbGFuZ3VhZ2U9IkphdmFTY3JpcHQiIHR5cGU9InRleHQvSmF2YVNjcmlwdCI+CjwhLS0KZnVuY3Rpb24gTU1fcmVsb2FkUGFnZShpbml0KSB7ICAvL3JlbG9hZHMgdGhlIHdpbmRvdyBpZiBOYXY0IHJlc2l6ZWQKICBpZiAoaW5pdD09dHJ1ZSkgd2l0aCAobmF2aWdhdG9yKSB7aWYgKChhcHBOYW1lPT0iTmV0c2NhcGUiKSYmKHBhcnNlSW50KGFwcFZlcnNpb24pPT00KSkgewogICAgZG9jdW1lbnQuTU1fcGdXPWlubmVyV2lkdGg7IGRvY3VtZW50Lk1NX3BnSD1pbm5lckhlaWdodDsgb25yZXNpemU9TU1fcmVsb2FkUGFnZTsgfX0KICBlbHNlIGlmIChpbm5lcldpZHRoIT1kb2N1bWVudC5NTV9wZ1cgfHwgaW5uZXJIZWlnaHQhPWRvY3VtZW50Lk1NX3BnSCkgbG9jYXRpb24ucmVsb2FkKCk7Cn0KTU1fcmVsb2FkUGFnZSh0cnVlKTsKLy8tLT4KCjwvc2NyaXB0Pgo8c2NyaXB0IHNyYz0iU2NyaXB0cy9BQ19SdW5BY3RpdmVDb250ZW50LmpzIiB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPjwvc2NyaXB0PgoKCjwvaGVhZD4KCjxib2R5IGJhY2tncm91bmQ9ImltZy9mb25kb19kZWdyYWRlLmpwZyIgdG9wbWFyZ2luPSIwIj4KPHRhYmxlIHdpZHRoPSIxMDA1IiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgPHRyPiAKICAgIDx0ZCB3aWR0aD0iOTYiPjxpbWcgc3JjPSJpbWcvUXVpZW5lc1NvbW9zX0EyXzBfMDEuanBnIiB3aWR0aD0iOTYiIGhlaWdodD0iMjA4IiAvPjwvdGQ+CiAgICA8dGQgd2lkdGg9IjgwOSI+IDxzY3JpcHQgdHlwZT0idGV4dC9qYXZhc2NyaXB0Ij4KQUNfRkxfUnVuQ29udGVudCggJ2NvZGViYXNlJywnaHR0cDovL2Rvd25sb2FkLm1hY3JvbWVkaWEuY29tL3B1Yi9zaG9ja3dhdmUvY2Ficy9mbGFzaC9zd2ZsYXNoLmNhYiN2ZXJzaW9uPTcsMCwxOSwwJywnd2lkdGgnLCc4MDknLCdoZWlnaHQnLCcyMDgnLCdzcmMnLCdzd2YvaGVhZGVyJywncXVhbGl0eScsJ2hpZ2gnLCdwbHVnaW5zcGFnZScsJ2h0dHA6Ly93d3cubWFjcm9tZWRpYS5jb20vZ28vZ2V0Zmxhc2hwbGF5ZXInLCdtb3ZpZScsJ3N3Zi9oZWFkZXInICk7IC8vZW5kIEFDIGNvZGUKPC9zY3JpcHQ+IDxub3NjcmlwdD4KICAgICAgPG9iamVjdCBjbGFzc2lkPSJjbHNpZDpEMjdDREI2RS1BRTZELTExY2YtOTZCOC00NDQ1NTM1NDAwMDAiIGNvZGViYXNlPSJodHRwOi8vZG93bmxvYWQubWFjcm9tZWRpYS5jb20vcHViL3Nob2Nrd2F2ZS9jYWJzL2ZsYXNoL3N3Zmxhc2guY2FiI3ZlcnNpb249NywwLDE5LDAiIHdpZHRoPSI4MDkiIGhlaWdodD0iMjA4Ij4KICAgICAgICA8cGFyYW0gbmFtZT0ibW92aWUiIHZhbHVlPSJzd2YvaGVhZGVyLnN3ZiIgLz4KICAgICAgICA8cGFyYW0gbmFtZT0icXVhbGl0eSIgdmFsdWU9ImhpZ2giIC8+CiAgICAgICAgPGVtYmVkIHNyYz0ic3dmL2hlYWRlci5zd2YiIHF1YWxpdHk9ImhpZ2giIHBsdWdpbnNwYWdlPSJodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL2dvL2dldGZsYXNocGxheWVyIiB0eXBlPSJhcHBsaWNhdGlvbi94LXNob2Nrd2F2ZS1mbGFzaCIgd2lkdGg9IjgwOSIgaGVpZ2h0PSIyMDgiPjwvZW1iZWQ+IAogICAgICA8L29iamVjdD4KICAgICAgPC9ub3NjcmlwdD48L3RkPgogICAgPHRkIHdpZHRoPSIxMiUiIHJvd3NwYW49IjUiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgYmdjb2xvcj0iIzAwMDAwMCI+Jm5ic3A7PC90ZD4KICA8L3RyPgogIDx0cj4gCiAgICA8dGQgaGVpZ2h0PSI0NjEiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgYmFja2dyb3VuZD0iaW1nL1F1aWVuZXNTb21vc19BMl8wXzEzLmpwZyI+IAogICAgICA8c2NyaXB0IHR5cGU9InRleHQvamF2YXNjcmlwdCI+CkFDX0ZMX1J1bkNvbnRlbnQoICdjb2RlYmFzZScsJ2h0dHA6Ly9kb3dubG9hZC5tYWNyb21lZGlhLmNvbS9wdWIvc2hvY2t3YXZlL2NhYnMvZmxhc2gvc3dmbGFzaC5jYWIjdmVyc2lvbj02LDAsMjksMCcsJ3dpZHRoJywnOTYnLCdoZWlnaHQnLCc0NjEnLCdzcmMnLCdzd2Yvc3VibWVudScsJ3F1YWxpdHknLCdoaWdoJywncGx1Z2luc3BhZ2UnLCdodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL2dvL2dldGZsYXNocGxheWVyJywnbW92aWUnLCdzd2Yvc3VibWVudScgKTsgLy9lbmQgQUMgY29kZQo8L3NjcmlwdD4gPG5vc2NyaXB0PgogICAgICA8b2JqZWN0IGNsYXNzaWQ9ImNsc2lkOkQyN0NEQjZFLUFFNkQtMTFjZi05NkI4LTQ0NDU1MzU0MDAwMCIgY29kZWJhc2U9Imh0dHA6Ly9kb3dubG9hZC5tYWNyb21lZGlhLmNvbS9wdWIvc2hvY2t3YXZlL2NhYnMvZmxhc2gvc3dmbGFzaC5jYWIjdmVyc2lvbj02LDAsMjksMCIgd2lkdGg9Ijk2IiBoZWlnaHQ9IjQ2MSI+CiAgICAgICAgPHBhcmFtIG5hbWU9Im1vdmllIiB2YWx1ZT0ic3dmL3N1Ym1lbnUuc3dmIiAvPgogICAgICAgIDxwYXJhbSBuYW1lPSJxdWFsaXR5IiB2YWx1ZT0iaGlnaCIgLz4KICAgICAgICA8ZW1iZWQgc3JjPSJzd2Yvc3VibWVudS5zd2YiIHF1YWxpdHk9ImhpZ2giIHBsdWdpbnNwYWdlPSJodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL2dvL2dldGZsYXNocGxheWVyIiB0eXBlPSJhcHBsaWNhdGlvbi94LXNob2Nrd2F2ZS1mbGFzaCIgd2lkdGg9Ijk2IiBoZWlnaHQ9IjQ2MSI+PC9lbWJlZD48L29iamVjdD4KICAgICAgPC9ub3NjcmlwdD48L3RkPgogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCIgYmdjb2xvcj0iI0ZGRkZGRiI+CiAgICAgICAgPHRyPiAKICAgICAgICAgIDx0ZCB3aWR0aD0iMTciIHJvd3NwYW49IjciPjxwPiZuYnNwOzwvcD48L3RkPgogICAgICAgICAgPHRkIHdpZHRoPSIxNzIiIGFsaWduPSJjZW50ZXIiIHZhbGlnbj0idG9wIiBiZ2NvbG9yPSIjRTNFM0UzIj4gPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGFsaWduPSJjZW50ZXIiPjxpbWcgc3JjPSJpbWcvM3B4LmpwZyIgd2lkdGg9IjUiIGhlaWdodD0iNSI+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4gCiAgICAgICAgICAgICAgICA8dGQgYWxpZ249ImNlbnRlciI+PGxpbmsgaHJlZj0iLi4vZXN0aWxvcy5jc3MiIHJlbD0ic3R5bGVzaGVldCIgdHlwZT0idGV4dC9jc3MiIC8+Cjxib2R5IGJnY29sb3I9IiNDQ0NDQ0MiIHRvcG1hcmdpbj0iNiBweCI+PHRhYmxlIHdpZHRoPSIxNjUiIGJvcmRlcj0iMCIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIzIiBiZ2NvbG9yPSIjRkZGRkZGIj4KPHRyPgogICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTkxIiBoZWlnaHQ9IjI4IiBiYWNrZ3JvdW5kPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiA+PGltZyBzcmM9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciIHdpZHRoPSI2IiAgaGVpZ2h0PSIyOCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJpbmRleC5waHA/aWQ9MThfbmV3IiBjbGFzcz0iZm9uZG9ib3RvbiI+SG9tZTwvYT48L3RkPgogIDwvdHI+Cjx0cj4KICA8dGQgaGVpZ2h0PSIyOCIgYmFja2dyb3VuZD0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXciIGNsYXNzPSJmb25kb2JvdG9uIj4mbmJzcDsmbmJzcDtOb3RpY2lhczwvYT48L3RkPgo8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMjgiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgd2lkdGg9IjYiIGhlaWdodD0iMjgiIGJvcmRlcj0iMCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJkb25hY2lvbmVzLyIgdGFyZ2V0PSJfYmxhbmsiIGNsYXNzPSJmb25kb2JvdG9uIj5Eb25hY2lvbmVzPC9hPjwvdGQ+CiAgPC90cj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjI4IiBiYWNrZ3JvdW5kPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiA+PGltZyBzcmM9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciICB3aWR0aD0iNiJoZWlnaHQ9IjI4IiBhbGlnbj0iYWJzbWlkZGxlIiAvPjxhIGhyZWY9ImluZGV4LnBocD9pZD0yM19uZXciIGNsYXNzPSJmb25kb2JvdG9uIj5IaXN0b3JpYWwgZGUgbmV3c2xldHRlcnM8L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMjgiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgd2lkdGg9IjYiIGhlaWdodD0iMjgiIGFsaWduPSJhYnNtaWRkbGUiIC8+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTEzYSIgY2xhc3M9ImZvbmRvYm90b24iPkVudmlhciBpbmZvcm1hY2kmb2FjdXRlO248L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciPjxpbWcgc3JjPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiB3aWR0aD0iNiJoZWlnaHQ9IjI4IiBhbGlnbj0iYWJzbWlkZGxlIiAvPjxhIGhyZWY9ImluZGV4LnBocD9pZD0yNl9uZXciIGNsYXNzPSJmb25kb2JvdG9uIj5WZXIgdHJhYmFqb3MgZGUgdXN1YXJpb3M8L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciPjxpbWcgc3JjPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiB3aWR0aD0iNiIgaGVpZ2h0PSIyOCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJpbmRleC5waHA/aWQ9MTZfbmV3IiBjbGFzcz0iZm9uZG9ib3RvbiI+U2FsdWQgQWN0aXZhIHByZW5zYTwvYT48L3RkPgogIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIxOSIgYmFja2dyb3VuZD0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgPjxpbWcgc3JjPSIuLi9pbWcvcmVkaXNlbm9fMTEuanBnIiB3aWR0aD0iNiIgaGVpZ2h0PSIyOCIgYWxpZ249ImFic21pZGRsZSIgLz48YSBocmVmPSJtYWlsdG86c2FsdWRhY3RpdmFAc2FsdWRhY3RpdmEub3JnLmFyIiBjbGFzcz0iZm9uZG9ib3RvbiI+TWFuZCZhYWN1dGU7IHR1IEMuVi48L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgIHdpZHRoPSI2ImhlaWdodD0iMjgiIGFsaWduPSJhYnNtaWRkbGUiIC8+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTIxX25ldyIgY2xhc3M9ImZvbmRvYm90b24iPkluZm9ybWFjaSZvYWN1dGU7biBkZSBpbnRlciZlYWN1dGU7czwvYT48L3RkPgogIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIxOSIgYmFja2dyb3VuZD0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyI+PGltZyBzcmM9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciIHdpZHRoPSI2IiBoZWlnaHQ9IjI4IiBhbGlnbj0iYWJzbWlkZGxlIiAvPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xMF80IiBjbGFzcz0iZm9uZG9ib3RvbiI+Q29uZ3Jlc29zCiAgICAgICAgICAgICAgICAgIHkgSm9ybmFkYXM8L2E+PC90ZD4KICA8L3RyPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMTkiIGJhY2tncm91bmQ9Ii4uL2ltZy9yZWRpc2Vub18xMS5qcGciID48aW1nIHNyYz0iLi4vaW1nL3JlZGlzZW5vXzExLmpwZyIgd2lkdGg9IjYiIGhlaWdodD0iMjgiIGFsaWduPSJhYnNtaWRkbGUiIC8+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTExIiBjbGFzcz0iZm9uZG9ib3RvbiI+UmVnaXN0cmFjaSZvYWN1dGU7bjwvYT48L3RkPgogIDwvdHI+CiAgICAgICAgICAgCiAgICAgICAgICA8L3RhYmxlPgo8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGFsaWduPSJjZW50ZXIiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNSIgdGFyZ2V0PSJfYmxhbmsiPjxicj4KICAgICAgICAgICAgICAgICAgPGltZyBzcmM9ImltZy9iYW5uZXJfZG9uYWNpb25lcy5qcGciIHdpZHRoPSIxNjIiIGhlaWdodD0iMTIwIiBib3JkZXI9IjAiPjxicj4KICAgICAgICAgICAgICAgICAgPGJyPgogICAgICAgICAgICAgICAgICA8aW1nIHNyYz0iaW1nL2JvdG9uRm9yby5naWYiIHdpZHRoPSIxNzIiIGhlaWdodD0iMTE3IiBib3JkZXI9IjAiPjwvYT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPiAKICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTY3IiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjkiPjxpbWcgc3JjPSJpbWcvY2hpY29zX3BlcmRpZG9zXzAzLmdpZiIgd2lkdGg9IjkiIGhlaWdodD0iOSIgLz48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTQ5IiBiYWNrZ3JvdW5kPSJpbWcvY2hpY29zX3BlcmRpZG9zXzA1LmdpZiI+PGltZyBzcmM9ImltZy9jaGljb3NfcGVyZGlkb3NfMDUuZ2lmIiB3aWR0aD0iOSIgaGVpZ2h0PSI5IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMCI+PGltZyBzcmM9ImltZy9jaGljb3NfcGVyZGlkb3NfMDcuZ2lmIiB3aWR0aD0iOSIgaGVpZ2h0PSI5IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgYmFja2dyb3VuZD0iaW1nL2NoaWNvc19wZXJkaWRvc18xMi5naWYiPjxpbWcgc3JjPSJpbWcvY2hpY29zX3BlcmRpZG9zXzEyLmdpZiIgd2lkdGg9IjkiIGhlaWdodD0iMTEiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQ+PGltZyBzcmM9InNyYy9pbWdfdXAvMjMwODIwMTIuMS5qcGciIHdpZHRoPSIxNDkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgYmFja2dyb3VuZD0iaW1nL2NoaWNvc19wZXJkaWRvc18xMy5naWYiPjxpbWcgc3JjPSJpbWcvY2hpY29zX3BlcmRpZG9zXzEzLmdpZiIgd2lkdGg9IjkiIGhlaWdodD0iMTEiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18xNi5naWYiIHdpZHRoPSIxNjciIGhlaWdodD0iNSIgLz48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGJhY2tncm91bmQ9ImltZy9jaGljb3NfcGVyZGlkb3NfMTcuZ2lmIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18xNy5naWYiIHdpZHRoPSI5IiBoZWlnaHQ9IjkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgYWxpZ249ImNlbnRlciIgYmdjb2xvcj0iI0ZFRTdDRiIgY2xhc3M9InRpdHVsb2hvbWU1Ij48c3Ryb25nPk5pJm50aWxkZTtvcyBwZXJkaWRvczxicj4KICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0yOSIgY2xhc3M9ImJvdG9uIj5bVmVyIG0mYWFjdXRlO3NdPC9hPjwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIGJhY2tncm91bmQ9ImltZy9jaGljb3NfcGVyZGlkb3NfMTkuZ2lmIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18xOS5naWYiIHdpZHRoPSI5IiBoZWlnaHQ9IjkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIj48aW1nIHNyYz0iaW1nL2NoaWNvc19wZXJkaWRvc18yMC5naWYiIHdpZHRoPSIxNjciIGhlaWdodD0iMjUiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPiAKICAgICAgICAgICAgICAgIDx0ZD48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4NCgkJCQkNCgkJCQk8Zm9ybSBhY3Rpb249ImluZGV4LnBocD9pZD0xMSIgIG1ldGhvZD0icG9zdCI+DQogICAgICAgICAgICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMiI+PGltZyBzcmM9ImltZy9yZWdpc3RyYXRlX2VzcV9penExLmpwZyIgd2lkdGg9IjEyIiBoZWlnaHQ9IjQ4IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgICAgPHRkPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9hcnJpYmEuanBnIiB3aWR0aD0iMTQ2IiBoZWlnaHQ9IjQ4IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNCI+PGltZyBzcmM9ImltZy9yZWdpc3RyYXRlX2VzcV9kZXIxLmpwZyIgd2lkdGg9IjE0IiBoZWlnaHQ9IjQ4IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgIDwvdHI+DQogICAgICAgICAgICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMiIgdmFsaWduPSJ0b3AiIGNsYXNzPSJyZWdGb25kbzEiPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9penEuanBnIiB3aWR0aD0iMTIiIGhlaWdodD0iMTIiIC8+PC90ZD4NCiAgICAgICAgICAgICAgICAgICAgICA8dGQgYmdjb2xvcj0iI0ZGRkZGRiI+PHRhYmxlIHdpZHRoPSI5NCUiIGJvcmRlcj0iMCIgYWxpZ249ImNlbnRlciIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4NCiAgICAgICAgICA8dHI+IA0KICAgICAgICAgICAgPHRkPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV90aXQuanBnIiB3aWR0aD0iNjYiIGhlaWdodD0iMjMiIC8+PC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgaGVpZ2h0PSI1MCIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJyZWdpc3RyYXJzZSI+SW5ncmVzJmFhY3V0ZTsgDQogICAgICAgICAgICAgIHR1cyBkYXRvcyB5IHJlY2liJmlhY3V0ZTsgbGEgbWVqb3IgaW5mb3JtYWNpJm9hY3V0ZTtuIGEgdHJhdiZlYWN1dGU7cyANCiAgICAgICAgICAgICAgZGUgbnVlc3RybzxzdHJvbmc+IE5ld3NsZXR0ZXI8L3N0cm9uZz4uIDxzdHJvbmc+PHNwYW4gY2xhc3M9ImdyYXRpcyI+R3JhdGlzITwvc3Bhbj48L3N0cm9uZz48L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgICAgPHRyPiANCiAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjI1IiB2YWxpZ249Im1pZGRsZSIgY2xhc3M9InRyYWJTRUNDSU9OIj5Ob21icmU8L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgICAgPHRyPiANCiAgICAgICAgICAgIDx0ZCBjbGFzcz0icmVnQ0VMREEiPjxpbnB1dCBuYW1lPSJub21icmUiIHR5cGU9InRleHQiIGNsYXNzPSJyZWdDRUxEQWlucHV0IiBpZD0ibm9tYnJlIiAvPjwvdGQ+DQogICAgICAgICAgPC90cj4NCiAgICAgICAgICA8dHI+IA0KICAgICAgICAgICAgPHRkIGhlaWdodD0iMjUiIHZhbGlnbj0ibWlkZGxlIiBjbGFzcz0idHJhYlNFQ0NJT04iPkFwZWxsaWRvPC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgY2xhc3M9InJlZ0NFTERBIj48aW5wdXQgbmFtZT0iYXBlbGxpZG8iIHR5cGU9InRleHQiIGNsYXNzPSJyZWdDRUxEQWlucHV0IiBpZD0iYXBlbGxpZG8iIC8+PC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgaGVpZ2h0PSIyNSIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJ0cmFiU0VDQ0lPTiI+RS1tYWlsPC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgY2xhc3M9InJlZ0NFTERBIj48aW5wdXQgbmFtZT0iZW1haWwiIHR5cGU9InRleHQiIGNsYXNzPSJyZWdDRUxEQWlucHV0IiBpZD0iZW1haWwiIC8+PC90ZD4NCiAgICAgICAgICA8L3RyPg0KICAgICAgICAgIDx0cj4gDQogICAgICAgICAgICA8dGQgY2xhc3M9InRyYWJTRUNDSU9OIj4mbmJzcDs8L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgICAgPHRyPiANCiAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIiBjbGFzcz0idHJhYlNFQ0NJT04iPjxpbnB1dCB0eXBlPSJpbWFnZSIgc3JjPSJpbWcvcmVnaXN0cmF0ZV9ib3Rvbi5qcGciIHdpZHRoPSIxMTciIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L3RkPg0KICAgICAgICAgIDwvdHI+DQogICAgICAgIDwvdGFibGU+PC90ZD4NCiAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE0IiB2YWxpZ249InRvcCIgY2xhc3M9InJlZ0ZvbmRvMiI+PGltZyBzcmM9ImltZy9yZWdpc3RyYXRlX2Rlci5qcGciIHdpZHRoPSIxNCIgaGVpZ2h0PSIxNCIgLz48L3RkPg0KICAgICAgICAgICAgICAgICAgICA8L3RyPg0KICAgICAgICAgICAgICAgICAgICA8dHI+IA0KICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTIiIGhlaWdodD0iMjQiPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9lc3FfaXpxMi5qcGciIHdpZHRoPSIxMiIgaGVpZ2h0PSIyNCIgLz48L3RkPg0KICAgICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjI0Ij48aW1nIHNyYz0iaW1nL3JlZ2lzdHJhdGVfYWJham8uanBnIiB3aWR0aD0iMTQ2IiBoZWlnaHQ9IjI0IiAvPjwvdGQ+DQogICAgICAgICAgICAgICAgICAgICAgPHRkPjxpbWcgc3JjPSJpbWcvcmVnaXN0cmF0ZV9lc3FfZGVyMi5qcGciIHdpZHRoPSIxNCIgaGVpZ2h0PSIyNCIgLz48L3RkPg0KICAgICAgICAgICAgICAgICAgICA8L3RyPg0KCQkJCQkNCgkJCQkJPC9mb3JtPg0KICAgICAgICAgICAgICAgICAgPC90YWJsZT4NCjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4gCiAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPiAKICAgICAgICAgICAgICAgICAgPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTcwIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMyIgY2xhc3M9ImJvcmRlIj4KICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCA+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBhbGlnbj0ibGVmdCIgY2xhc3M9InRpdHVsb2hvbWUyIj4KCQkJCQkJCQkJCQkJCQkJCTwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICA8dGQ+PGltZyBzcmM9ImltZy9jbGF1ZGlhMl8wMy5qcGciIHdpZHRoPSIxNzQiIGhlaWdodD0iMjUwIiBib3JkZXI9IjAiIHVzZW1hcD0iI01hcCI+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8L3RhYmxlPiAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICA8L3RhYmxlPiAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICA8dGQgcm93c3Bhbj0iNyIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nLzV4NS5qcGciIHdpZHRoPSI3IiBoZWlnaHQ9IjciPjwvdGQ+CiAgICAgICAgICA8dGQgY29sc3Bhbj0iMiIgcm93c3Bhbj0iNCIgYWxpZ249InJpZ2h0IiB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPGZvcm0gYWN0aW9uPSJsb2dpbi5waHAiIG1ldGhvZD0icG9zdCIgbmFtZT0iZm9ybTIiPgoKICAgICAgICAgICAgICA8dHI+IAogICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIxOSIgY29sc3Bhbj0iMiIgYWxpZ249ImxlZnQiIHZhbGlnbj0ibWlkZGxlIiBjbGFzcz0iY29udGVuaWRvIiA+IAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8c3Ryb25nPlVzdWFyaW8gbm8gcmVnaXN0cmFkbzwvc3Ryb25nPiAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9mb250PiA8L3N0cm9uZz4gCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDkiIGFsaWduPSJyaWdodCIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJjb250ZW5pZG8iPlVzdWFyaW8mbmJzcDsmbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzOSIgdmFsaWduPSJtaWRkbGUiPjxpbnB1dCBuYW1lPSJ1c3VhcmlvIiB0eXBlPSJ0ZXh0IiBjbGFzcz0icmVnIiBpZD0idXN1YXJpbyIgc2l6ZT0iNyI+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjciIGFsaWduPSJyaWdodCIgdmFsaWduPSJtaWRkbGUiIGNsYXNzPSJjb250ZW5pZG8iPkNvbnRyYXNlJm50aWxkZTthJm5ic3A7Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzkiIHZhbGlnbj0ibWlkZGxlIj48aW5wdXQgbmFtZT0icGFzcyIgdHlwZT0icGFzc3dvcmQiIGNsYXNzPSJyZWciIGlkPSJwYXNzIiBzaXplPSI3Ij48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MiIgYWxpZ249InJpZ2h0IiB2YWxpZ249Im1pZGRsZSIgY2xhc3M9ImJvdG9uIj48aW5wdXQgdHlwZT0iaW1hZ2UiIHNyYz0iaW1nL3JlZy5qcGciIHdpZHRoPSI1OCIgaGVpZ2h0PSIzMCI+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPiAKICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjciIGhlaWdodD0iMTkiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgPjxhIGhyZWY9Imh0dHA6Ly93d3cuZmFjZWJvb2suY29tL2hvbWUucGhwPyMhL3BhZ2VzL01lcmxvLUFyZ2VudGluYS9TQUxVRC1BQ1RJVkEvMTAwNTgzNTQzMzE3MzIyP3JlZj10cyZhamF4cGlwZT0xJl9fYT03IiB0YXJnZXQ9Il9ibGFuayI+PGltZyBzcmM9ImltZy9mYWNlYm9vay5qcGciIHdpZHRoPSIyMCIgaGVpZ2h0PSIyMCIgYm9yZGVyPSIwIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzExIiBhbGlnbj0icmlnaHQiIHZhbGlnbj0idG9wIj48ZGl2IGFsaWduPSJsZWZ0Ij48YSBocmVmPSJodHRwOi8vdHdpdHRlci5jb20vU2FsdWRBY3RpdmFPTkciIHRhcmdldD0iX2JsYW5rIj48aW1nIHNyYz0iaW1nL3R3aXRlci5qcGciIHdpZHRoPSIyMCIgaGVpZ2h0PSIyMCIgYm9yZGVyPSIwIj48L2E+PC9kaXY+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSI1IiBhbGlnbj0icmlnaHQiIHZhbGlnbj0ibWlkZGxlIiBjbGFzcz0iY29udGVuaWRvIj48bGFiZWw+PGZvbnQgc2l6ZT0iLTYiPlNpCiAgICAgICAgICAgICAgICAgICAgICAgdG9kYXYmaWFjdXRlO2Egbm8gZXMgdXN1YXJpbyA8L2ZvbnQ+IDxhIGhyZWY9ImluZGV4LnBocD9pZD0xMSIgY2xhc3M9ImJvdG9uIj48Zm9udCBzaXplPSItNiI+cmVnJmlhY3V0ZTtzdHJlc2UKICAgICAgICAgICAgICAgICAgICAgICAgYXF1JmlhY3V0ZTsgPGZvbnQgY29sb3I9IiM2NjY2NjYiPiYjODIyNjs8L2ZvbnQ+PC9mb250PjwvYT4gPGEgaHJlZj0iaW5kZXgucGhwP2lkPTEyIiBjbGFzcz0iYm90b24xIj48Zm9udCBzaXplPSItNiI+b2x2aWRlIG1pIGNvbnRyYXNlJm50aWxkZTthPC9mb250PjwvYT48L2xhYmVsPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE3Ij4mbmJzcDsgPC90ZD4KICAgICAgICAgICAgICA8L3RyPgoJCQkgIDwvZm9ybT4KCiAgICAgICAgICAgIDwvdGFibGU+CiAgICAgICAgICA8IURPQ1RZUEUgaHRtbCBQVUJMSUMgIi0vL1czQy8vRFREIFhIVE1MIDEuMCBUcmFuc2l0aW9uYWwvL0VOIiAiaHR0cDovL3d3dy53My5vcmcvVFIveGh0bWwxL0RURC94aHRtbDEtdHJhbnNpdGlvbmFsLmR0ZCI+CjxodG1sIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hodG1sIj4KPGhlYWQ+CjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PWlzby04ODU5LTEiIC8+Cjx0aXRsZT5Eb2N1bWVudG8gc2luIHQmaWFjdXRlO3R1bG88L3RpdGxlPgo8bGluayBocmVmPSJlc3RpbG9zLmNzcyIgcmVsPSJzdHlsZXNoZWV0IiB0eXBlPSJ0ZXh0L2NzcyIgLz4KPHNjcmlwdCBsYW5ndWFnZT0iSmF2YVNjcmlwdCIgdHlwZT0idGV4dC9KYXZhU2NyaXB0Ij4KPCEtLQpmdW5jdGlvbiBNTV9yZWxvYWRQYWdlKGluaXQpIHsgIC8vcmVsb2FkcyB0aGUgd2luZG93IGlmIE5hdjQgcmVzaXplZAogIGlmIChpbml0PT10cnVlKSB3aXRoIChuYXZpZ2F0b3IpIHtpZiAoKGFwcE5hbWU9PSJOZXRzY2FwZSIpJiYocGFyc2VJbnQoYXBwVmVyc2lvbik9PTQpKSB7CiAgICBkb2N1bWVudC5NTV9wZ1c9aW5uZXJXaWR0aDsgZG9jdW1lbnQuTU1fcGdIPWlubmVySGVpZ2h0OyBvbnJlc2l6ZT1NTV9yZWxvYWRQYWdlOyB9fQogIGVsc2UgaWYgKGlubmVyV2lkdGghPWRvY3VtZW50Lk1NX3BnVyB8fCBpbm5lckhlaWdodCE9ZG9jdW1lbnQuTU1fcGdIKSBsb2NhdGlvbi5yZWxvYWQoKTsKfQpNTV9yZWxvYWRQYWdlKHRydWUpOwoKZnVuY3Rpb24gTU1fcHJlbG9hZEltYWdlcygpIHsgLy92My4wCiAgdmFyIGQ9ZG9jdW1lbnQ7IGlmKGQuaW1hZ2VzKXsgaWYoIWQuTU1fcCkgZC5NTV9wPW5ldyBBcnJheSgpOwogICAgdmFyIGksaj1kLk1NX3AubGVuZ3RoLGE9TU1fcHJlbG9hZEltYWdlcy5hcmd1bWVudHM7IGZvcihpPTA7IGk8YS5sZW5ndGg7IGkrKykKICAgIGlmIChhW2ldLmluZGV4T2YoIiMiKSE9MCl7IGQuTU1fcFtqXT1uZXcgSW1hZ2U7IGQuTU1fcFtqKytdLnNyYz1hW2ldO319Cn0KLy8tLT4KPC9zY3JpcHQ+CiAgICAgICAgICAgICA8c2NyaXB0IHNyYz0iU2NyaXB0cy9BQ19SdW5BY3RpdmVDb250ZW50LmpzIiB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPjwvc2NyaXB0PgoJCQkgCjxzdHlsZSB0eXBlPSJ0ZXh0L2NzcyI+CjwhLS0KI0xheWVyMSB7Cglwb3NpdGlvbjphYnNvbHV0ZTsKCXdpZHRoOjY1MXB4OwoJaGVpZ2h0OjIxOHB4OwoJei1pbmRleDoxOwp9CiNMYXllcjIgewoJcG9zaXRpb246YWJzb2x1dGU7Cgl3aWR0aDoyMDBweDsKCWhlaWdodDoxMTVweDsKCXotaW5kZXg6MTsKCXZpc2liaWxpdHk6IHZpc2libGU7Cn0KLkVzdGlsbzEgewoJZm9udC1zaXplOiAxOHB4OwoJZm9udC13ZWlnaHQ6IGJvbGQ7Cn0KLkVzdGlsbzIgewoJZm9udC1zaXplOiAxNHB4OwoJZm9udC13ZWlnaHQ6IGJvbGQ7Cn0KLkVzdGlsbzMge2NvbG9yOiAjNTA2OTkwOyBsaW5lLWhlaWdodDogMTJweDsgdGV4dC1kZWNvcmF0aW9uOiBub25lOyBmb250LWZhbWlseTogVGFob21hO30KLS0+Cjwvc3R5bGU+CjwvaGVhZD4KCjxib2R5IGxlZnRtYXJnaW49IjIiIG1hcmdpbndpZHRoPSIyIj4KPHRhYmxlIHdpZHRoPSI2MDgiIGJvcmRlcj0iMCIgYWxpZ249ImNlbnRlciIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4KICA8dHI+CiAgICA8dGQgY29sc3Bhbj0iNCIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCB3aWR0aD0iMiUiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzA3LmpwZyIgd2lkdGg9IjI0IiBoZWlnaHQ9IjE0IiAvPjwvdGQ+CiAgICAgICAgPHRkIHdpZHRoPSI5MCUiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18wNy5qcGciPiZuYnNwOzwvdGQ+CiAgICAgICAgPHRkIHdpZHRoPSI4JSIgYWxpZ249InJpZ2h0IiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wOS5qcGciIHdpZHRoPSI0NSIgaGVpZ2h0PSIxNyIgLz48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogIDwvdHI+CiAgPHRyPgogICAgPHRkIGNvbHNwYW49IjQiPjxiciAvPgogICAgICA8dGFibGUgd2lkdGg9Ijk4JSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiPgogICAgICA8dHI+CiAgICAgICAgPHRkIHdpZHRoPSIyJSI+PGltZyBzcmM9ImltZy81eDUuanBnIiB3aWR0aD0iMTUiIGhlaWdodD0iMTUiIC8+PC90ZD4KICAgICAgICA8dGQgd2lkdGg9IjkzJSI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CjwhLS0gSU5JQ0lPIG5vdGEgZGVzdGFjYWRhIC0tPgogICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTU2IiByb3dzcGFuPSIyIiB2YWxpZ249InRvcCI+CgkJCQkKCQkJCTx0YWJsZSB3aWR0aD0iMzIlIiBib3JkZXI9IjEiIGNlbGxzcGFjaW5nPSIzIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJzcmMvaW1nX3VwLzIzMDQyMDEzLjAuanBnIiB3aWR0aD0iMTQ2IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPgoJCQkJCQkJCTwvdGQ+ICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MjIvMTEvMjAxMzwvc3Bhbj48YnI+SVYgQ29uZ3Jlc28gSW50ZXJuYWNpb25hbCB2aW9sZW5jaWEsIG1hbHRyYXRvIHkgYWJ1c288L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iNyIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9Ijg1IiBjb2xzcGFuPSI0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPjxzdHJvbmc+MTQsIDE1IHkgMTYgZGUgTm92aWVtYnJlIEFCSUVSVEEgTEEgSU5TQ1JJUENJJk9hY3V0ZTtOISAoY29uIGRlc2N1ZW50byBoYXN0YSBlbCAyNy84KTxiciAvPjwvc3Ryb25nPjwvcD4NCjxwPjxzdHJvbmc+QUJJRVJUQSBMQSBSRUNFUENJJk9hY3V0ZTtOIERFIFRSQUJBSk88YSBocmVmPSJodHRwOi8vd3d3LmNvbmdyZXNvdmlvbGVuY2lhLmNvbS9pbmRleC5waHA/aWQ9bW9kYWxpZGFkZXMiIHRhcmdldD0iX2JsYW5rIj4gKG1hcyBpbmZvKTwvYT48L3N0cm9uZz48L3A+DQo8cD48c3BhbiBzdHlsZT0iY29sb3I6ICNmZjY2MDA7Ij48c3Ryb25nPk9yZ2FuaXphOiBTYWx1ZCBBY3RpdmE8L3N0cm9uZz48L3NwYW4+PC9wPg0KPHA+PHNwYW4gc3R5bGU9ImNvbG9yOiAjZmY2NjAwOyI+SW5jcmlwdG9zIGFsIFBvcnRhbCBkZSBTYWx1ZCBBY3RpdmEsIGltcG9ydGFudGVzIGRlc2N1ZW50b3MhPGJyIC8+PC9zcGFuPjwvcD4NCjxwPkx1Z2FyIGRlIFJlYWxpemFjaSZvYWN1dGU7biB5IGNvbGFib3JhY2lvbjogVW5pdmVyc2lkYWQgZGVsIEVzdGUsIExhIFBsYXRhIEJ1ZW5vcyBBaXJlczwvcD4NCjxwPk1hcyBkZSAxNTAgdHJhYmFqb3MgcHJlc2VudGFkb3MsIHVsdGltb3MgZGlhcyBwYXJhIGluc2NyaWJpcnNlIGNvbiBkZXNjdWVudG8hITwvcD4NCjxwPjxhIGhyZWY9Imh0dHA6Ly93d3cuY29uZ3Jlc292aW9sZW5jaWEuY29tL2luZGV4LnBocD9pZD1pbnNjcmlwY2lvbiIgdGFyZ2V0PSJfYmxhbmsiPkluc2NyaWJpcnNlPC9hPjwvcD4NCjxwPjxhIGhyZWY9Imh0dHA6Ly93d3cuY29uZ3Jlc292aW9sZW5jaWEuY29tL2luZGV4LnBocD9pZD1pbnNjcmlwY2lvbiIgdGFyZ2V0PSJfYmxhbmsiPjxiciAvPjwvYT48L3A+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTklIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzAxIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzE5LmpwZyIgd2lkdGg9Ijc1IiBoZWlnaHQ9IjQxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMS5qcGciIHdpZHRoPSI1MyIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48YSBocmVmPSIjIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDEiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIiBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgIDwvdHI+CgkJICAgICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MDQvMTEvMjAxMzwvc3Bhbj48YnI+RWwgY29sZWdpbyBkZSBQc2lj82xvZ29zIGRlIEPzcmRvYmEgc2UgcHJvbnVuY2lhIGVuIHJlbGFjafNuIGFsIFNBUCB5IGVuIGNvbmNvcmRhbmNpYSBjb24gbG8gZXhwcmVzYWRvIHBvciBlbCBDb2xlZ2lvIGRlIFBzaWPzbG9nb3MgZGUgTWFyIGRlbCBQbGF0YSB5IGVsIENvbGVnaW8gZGUgUHNpY/Nsb2dvcyBkZSBsYSAgUHJvdmluY2lhIGRlIEJ1ZW5vcyBBaXJlczwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wMV8xOS5qcGciIHdpZHRoPSI3IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODUiIGNvbHNwYW49IjQiIHZhbGlnbj0idG9wIiBjbGFzcz0idGV4dG9udWV2byI+PHA+Jm5ic3A7PC9wPg0KPHA+TGFzIGNvbnRyb3ZlcnNpYXMgZ2VuZXJhZGFzIGVuIHJlbGFjaSZvYWN1dGU7biBhbCAic2luZHJvbWUgZGUgYWxpZW5hY2kmb2FjdXRlO24gcGFyZW50YSIgU0FQLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMxMCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzEwIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTU2IiByb3dzcGFuPSIyIiB2YWxpZ249InRvcCI+CgkJCQkKCQkJCTx0YWJsZSB3aWR0aD0iMzIlIiBib3JkZXI9IjEiIGNlbGxzcGFjaW5nPSIzIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJzcmMvaW1nX3VwLzE2MTAyMDEzLjAuanBnIiB3aWR0aD0iMTQ2IiAvPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPgoJCQkJCQkJCTwvdGQ+ICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MTYvMTAvMjAxMzwvc3Bhbj48YnI+U2FsdWQgQWN0aXZhIG90b3JnYSBtZWRpYXMgYmVjYXMgcGFyYSBlbCBJViBDb25ncmVzbyBJbnRlcm5hY2lvbmFsLCBWIE5hY2lvbmFsLCBWSSBSZWdpb25hbCBWaW9sZW5jaWEsIE1hbHRyYXRvIHkgQWJ1c28uPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD4mbmJzcDs8L3A+DQo8cD5TZXImYWFjdXRlO24gb3RvcmdhZGFzIDUwIG1lZGlhcyBiZWNhcywgcXVlZGFuIHBvY2FzISEhIGNvbmRpY2lvbjo8L3A+DQo8cD5QZXJ0ZW5lY2VyIGFsIGFtYml0byBwdWJsaWNvIG8gYSBPTkcsIHNlIGNvbnNpZGVyYSB0YW1iaWVuIGxhIGRpc3RhbmNpYSBhbCBsdWdhciBkZWwgZXZlbnRvISEhIGVzIG11eSBzZW5jaWxsbywgc29sbyBkZWJlcyBlbnZpYXIgdW4gZW1haWwuLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwOSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA5Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjI0LzA3LzIwMTM8L3NwYW4+PGJyPk5FQ0VTSVRBTU9TIERFIFNVIFNPTElEQVJJREFEIEhBQ0lBIExPUyBOSdFPUyBZIE5J0UFTISEhPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD48c3Ryb25nPjxzcGFuIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IHVuZGVybGluZTsiPjxiciAvPjwvc3Bhbj48L3N0cm9uZz48L3A+DQo8cD48c3Ryb25nPjxzcGFuIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IHVuZGVybGluZTsiPjxiciAvPjwvc3Bhbj48L3N0cm9uZz48L3A+DQo8cD48c3Ryb25nPjxzcGFuIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IHVuZGVybGluZTsiPlBST0dSQU1BIEZBTUlMSUFTIFNPTElEQVJJQVM8L3NwYW4+PC9zdHJvbmc+PC9wPg0KPHA+PHN0cm9uZz5DQU1CSU8gREUgU0VERTwvc3Ryb25nPjwvcD4NCjxwPkxhIGNhcGFjaXRhY2kmb2FjdXRlO24gcGFyYSBsYSBwdWVzdGEgZW4gbWFyY2hhIGRlbCA8c3Ryb25nPlByb2dyYW1hIEZhbWlsaWFzIFNvbGlkYXJpYXM8L3N0cm9uZz4gc2UgcmVhbGl6YXImYWFjdXRlOyBlbiBsYSBsb2NhbGlkYWQgZGUgPHN0cm9uZz5OYXZhcnJvPC9zdHJvbmc+IHBhcmEgdG9kbyBlbCBjb3JyZWRvciBkZSBsYSBSdXRhIDQwLjwvcD4NCjxwPkluaWNpbyA8c3Ryb25nPk1pJmVhY3V0ZTtyY29sZXMgMjggZGUgYWdvc3RvIGEgbGFzIDE0IGhvcmFzLiZuYnNwOzwvc3Ryb25nPjwvcD4NCjxwPlNlZGU6IDxzdHJvbmc+U2FsJm9hY3V0ZTtuIE11bmljaXBhbCBlbiBsYSBjYWxsZSAxMDcgZXNxdWluYSAyMiAtIE5hdmFycm88L3N0cm9uZz48L3A+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTklIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA4Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzE5LmpwZyIgd2lkdGg9Ijc1IiBoZWlnaHQ9IjQxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMS5qcGciIHdpZHRoPSI1MyIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48YSBocmVmPSIjIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDgiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIiBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgIDwvdHI+CgkJICAgICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNTYiIHJvd3NwYW49IjIiIHZhbGlnbj0idG9wIj4KCQkJCQoJCQkJPHRhYmxlIHdpZHRoPSIzMiUiIGJvcmRlcj0iMSIgY2VsbHNwYWNpbmc9IjMiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PGltZyBzcmM9InNyYy9pbWdfdXAvMTIwNzIwMTMuMC5qcGciIHdpZHRoPSIxNDYiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+CgkJCQkJCQkJPC90ZD4gICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBjbGFzcz0idGl0dWxvaG9tZTEiPjxzcGFuIGNsYXNzPSJkZXN0YWNhZG9zIj4xMi8wNy8yMDEzPC9zcGFuPjxicj5TQUxVRCBBQ1RJVkEgaGEgc2lkbyBlbGVnaWRhIHBvciBzZWd1bmRhIHZleiBjb25zZWN1dGl2YSBjb21vIHVubyBkZSBsb3MgZ2FuYWRvcmVzIGRlbCBDdWFydG8gQ29uY3Vyc28gZGUgUHJveWVjdG9zIFNvY2lhbGVzIGRlIFBldHJvYnJhczwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wMV8xOS5qcGciIHdpZHRoPSI3IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODUiIGNvbHNwYW49IjQiIHZhbGlnbj0idG9wIiBjbGFzcz0idGV4dG9udWV2byI+PHA+RW4gZWwgbWFyY28gZGVsIEN1YXJ0byBDb25jdXJzbyBkZSBQcm95ZWN0b3MgU29jaWFsZXMgZGUgUGV0cm9icmFzLCANCm51ZXN0cmEgSW5zdGl0dWNpJm9hY3V0ZTtuIFNBTFVEIEFDVElWQSBoYSBzaWRvIGVsZWdpZGEgcG9yIHNlZ3VuZGEgdmV6IA0KY29uc2VjdXRpdmEgY29tbyB1bm8gZGUgbG9zIGdhbmFkb3JlcyBkZSBkaWNobyBjb25jdXJzby48YnIgLz5FbiBlc3RhIA0KZWRpY2kmb2FjdXRlO24gZWwgcHJveWVjdG8gcXVlIGhhIHNpZG8gZWxlZ2lkbyBlcyBlbCAmbGRxdW87UHJvZ3JhbWEgZGUgRmFtaWxpYXMgDQpTb2xpZGFyaWFzJnJkcXVvOyBzaWVuZG8gc3UgJmFhY3V0ZTtyZWEgZGUgaW1wbGVtZW50YWNpJm9hY3V0ZTtuIGxvcyBNdW5pY2lwaW9zIGRlIE5hdmFycm8sIA0KR3JhbC4gTGFzIEhlcmFzLCBNYXJjb3MgUGF6LCB5IE1lcmxvPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjAyLzA3LzIwMTM8L3NwYW4+PGJyPk/tciBvIGVzY3VjaGFyPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5Qb3IgQ2FybG9zIFJvemFuc2tpICo8L3A+DQo8cD5BIGxvIGxhcmdvIGRlIGxvcyBzaWdsb3MsIGxhcyBuaSZudGlsZGU7YXMsIG5pJm50aWxkZTtvcyB5IGFkb2xlc2NlbnRlcyBoYW4gc2lkbyBtYWx0cmF0YWRvcyB5IGFidXNhZG9zIHNpbiBxdWUgYSBsYSBjb211bmlkYWQgbGUgaW50ZXJlc2FyYSBuaSBzaXF1aWVyYSBlc2N1Y2hhcmxvcyBjdWFuZG8gaGFjJmlhY3V0ZTthbiBzYWJlciBkZSBhbGd1bmEgZm9ybWEgbG9zIHN1ZnJpbWllbnRvcyBxdWUgcGFkZWMmaWFjdXRlO2FuLiBFbiAxODc0LCBlbiBFc3RhZG9zIFVuaWRvcywgZnVlIGxhIHByaW1lcmEgdmV6IHF1ZSBlbCBFc3RhZG8gaW50ZXJ2aW5vIGVuIHVuIGNhc28gZGUgbWFsdHJhdG8geSBhYnVzby4uLjwvcD48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxOSUiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDYiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMTkuanBnIiB3aWR0aD0iNzUiIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjYwJSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjxhIGhyZWY9IiMiPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjAlIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwNiI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMi5qcGciIHdpZHRoPSI3OCIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18yNi5qcGciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjYuanBnIiB3aWR0aD0iMiIgaGVpZ2h0PSIyIiAvPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgPC90cj4KCQkgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZD48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBjbGFzcz0idGl0dWxvaG9tZTEiPjxzcGFuIGNsYXNzPSJkZXN0YWNhZG9zIj4wMi8wNy8yMDEzPC9zcGFuPjxicj5FbCBkZXJlY2hvIGRlIGxvcyBuafFvcyBhIHNlciBlc2N1Y2hhZG9zPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5VbiBob21icmUgYWN1c2FkbyBkZSBoYWJlciBhYnVzYWRvIGRlIHN1cyBoaWpvcyBoYWImaWFjdXRlO2Egc2lkbyBzb2JyZXNlJmlhY3V0ZTtkbyBkb3MgdmVjZXMgcG9yIGxhIEp1c3RpY2lhLiBQZXJvIGFob3JhLCBsYSBDJmFhY3V0ZTttYXJhIGRlIENhc2FjaSZvYWN1dGU7biByZXZvYyZvYWN1dGU7IGVzYSBkZWNpc2kmb2FjdXRlO24gcG9ycXVlIGVuIGxhIGludmVzdGlnYWNpJm9hY3V0ZTtuIGVsIGp1ZXogbnVuY2EgaGFiJmlhY3V0ZTthIGVzY3VjaGFkbyBhIGxvcyBjaGljb3MuIFkgb3JkZW4mb2FjdXRlOyBxdWUgdGVuZ2EgZW4gY3VlbnRhIGxvIHF1ZSBkaWNlbi48L3A+DQo8cD5Qb3IgTWFyaWFuYSBDYXJiYWphbDwvcD48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxOSUiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDUiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMTkuanBnIiB3aWR0aD0iNzUiIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjYwJSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjxhIGhyZWY9IiMiPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjAlIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwNSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMi5qcGciIHdpZHRoPSI3OCIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18yNi5qcGciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjYuanBnIiB3aWR0aD0iMiIgaGVpZ2h0PSIyIiAvPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgPC90cj4KCQkgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZD48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE1NiIgcm93c3Bhbj0iMiIgdmFsaWduPSJ0b3AiPgoJCQkJCgkJCQk8dGFibGUgd2lkdGg9IjMyJSIgYm9yZGVyPSIxIiBjZWxsc3BhY2luZz0iMyIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48aW1nIHNyYz0ic3JjL2ltZ191cC8wNjA2MjAxMy4xLmpwZyIgd2lkdGg9IjE0NiIgLz48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT4KCQkJCQkJCQk8L3RkPiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjA2LzA2LzIwMTM8L3NwYW4+PGJyPkFidXNvIHNleHVhbCBpbmZhbnRpbC4gRGVzYWZpb3MgZGUgbGEgY2xpbmljYSBhY3R1YWw8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iNyIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9Ijg1IiBjb2xzcGFuPSI0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPkFiaWVydGEgbGEgaW5zY3JpcGNpb248L3A+DQo8cD5Eb2NlbnRlczogTGljLiBNYXJpYSBCZWF0cml6IE0mdXVtbDtsbGVyLiBMaWMuIFBhb2xhIE11Jm50aWxkZTtveiBEdWFydGU8L3A+DQo8cD5JbmljaW86IE1pZXJjb2xlcyAxOSBkZSBKdW5pbzwvcD4NCjxwPkZyZWN1ZW5jaWE6IFNlbWFuYWw8L3A+DQo8cD5Nb2RhbGlkYWQ6IEludGVuc2l2YTwvcD4NCjxwPkNvbnRlbmlkb3M6ICZuYnNwOyBFc3RhIGRlc3RpbmFkbyBhIHRvZG9zIGxvcyBwcm9mZXNpb25hbGVzIGNvbXByb21ldGlkb3MgY29uIGxhIHRlbWF0aWNhIGRlbCBhYnVzbyBpbmZhbnRpbCBxdWUgcXVpZXJhbiBhY3R1YWxpemFyc2UgZSBpbnRlcmNhbWJpYXIgZXhwZXJpZW5jaWFzIGRlIHRyYWJham8uLi48L3A+DQo8cD4mbmJzcDs8L3A+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTklIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzA0Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzE5LmpwZyIgd2lkdGg9Ijc1IiBoZWlnaHQ9IjQxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2luZGV4LnBocD9pZD0xNyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMS5qcGciIHdpZHRoPSI1MyIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48YSBocmVmPSIjIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDQiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIzIiBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgIDwvdHI+CgkJICAgICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNTYiIHJvd3NwYW49IjIiIHZhbGlnbj0idG9wIj4KCQkJCQoJCQkJPHRhYmxlIHdpZHRoPSIzMiUiIGJvcmRlcj0iMSIgY2VsbHNwYWNpbmc9IjMiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PGltZyBzcmM9InNyYy9pbWdfdXAvMTYwNTIwMTMuMC5qcGciIHdpZHRoPSIxNDYiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+CgkJCQkJCQkJPC90ZD4gICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBjbGFzcz0idGl0dWxvaG9tZTEiPjxzcGFuIGNsYXNzPSJkZXN0YWNhZG9zIj4xNi8wNS8yMDEzPC9zcGFuPjxicj5TYWx1ZCBBY3RpdmEgbmVjZXNpdGEgZGUgdHUgYXl1ZGEhPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjciIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4NSIgY29sc3Bhbj0iNCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5UcmFiYWphbW9zIGNvbW8gcG9kZW1vczogYmEmbnRpbGRlO29zIHJvdG9zLCBzdXNwZW5zaSZvYWN1dGU7biBkZSByZXVuaW9uZXMgcG9yIGNvcnRlcyBkZSBsdXogeSBhZ3VhLCBqdWd1ZXRlcyB2aWVqb3MsIG1lc2VzIGRlIGF0cmFzbyBlbiBlbCBwYWdvIGRlIHN1cyBwcm9mZXNpb25hbGVzIGRlIGxhIHNhbHVkLiBSZWNpZW50ZW1lbnRlIHR1dmltb3MgcXVlIGNlcnJhciBudWVzdHJvIHF1ZXJpZG8gSG9nYXI6ICZsZHF1bztNZXRhbW9yZm9zaXMmcmRxdW87IGVyYSBlbCBsdWdhciBxdWUgc3VwbyBjb250ZW5lciBhIG5pJm50aWxkZTthcyB5IGomb2FjdXRlO3ZlbmVzIHJlc2NhdGFkYSBkZSByZWRlcyBkZSB0cmF0YSBvIHYmaWFjdXRlO2N0aW1hcyBkZSBhYnVzbyBpbnRyYWZhbWlsaWFyLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwMyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18xOS5qcGciIHdpZHRoPSI3NSIgaGVpZ2h0PSI0MSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNjAlIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMSUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJodHRwOi8vd3d3LnNhbHVkYWN0aXZhLm9yZy5hci9pbmRleC5waHA/aWQ9MTciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjEuanBnIiB3aWR0aD0iNTMiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PGEgaHJlZj0iIyI+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMCUiIHZhbGlnbj0idG9wIj48YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3Jm5vdGE9MzAzIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIyLmpwZyIgd2lkdGg9Ijc4IiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYmFja2dyb3VuZD0iaW1nL3JlZGlzZW5vXzI2LmpwZyI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yNi5qcGciIHdpZHRoPSIyIiBoZWlnaHQ9IjIiIC8+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgoJCSAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzODEiIGhlaWdodD0iMzAiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjAzLzA1LzIwMTM8L3NwYW4+PGJyPlJFUFVESU8gQSBMQSBQUkVTRU5DSUEgRU4gTEEgRkVSSUEgREVMIExJQlJPIERFIFVOIEVYIEpVRVogQUNVU0FETyBERSBBQlVTTyBTRVhVQUw8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxMyIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iNyIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9Ijg1IiBjb2xzcGFuPSI0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPkZ1ZSBjYW1hcmlzdGEgZW4gTWFyIGRlbCBQbGF0YSBkdXJhbnRlIGxhIGRpY3RhZHVyYS4gSGFjZSBhJm50aWxkZTtvcywgdmFyaWFzIG11amVyZXMgbG8gYWN1c2Fyb24gZGUgaGFiZXIgYWJ1c2FkbyBkZSBlbGxhcyBjdWFuZG8gZXJhbiBuaSZudGlsZGU7YXMuIExhIGNhdXNhIHByZXNjcmliaSZvYWN1dGU7IHkgbm8gaHVibyBjb25kZW5hLiBNYSZudGlsZGU7YW5hIHRpZW5lIHByZXZpc3RvIGZpcm1hciBzdSBsaWJyby4gRXNhcyBtaXNtYXMgbXVqZXJlcyBwaWRlbiBxdWUgbm8gc2VhIGFkbWl0aWRvIGVuIGxhIGZlcmlhLjwvcD48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxOSUiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0zMDIiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMTkuanBnIiB3aWR0aD0iNzUiIGhlaWdodD0iNDEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjYwJSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjxhIGhyZWY9IiMiPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjAlIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTMwMiI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18yMi5qcGciIHdpZHRoPSI3OCIgaGVpZ2h0PSIyMSIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGJhY2tncm91bmQ9ImltZy9yZWRpc2Vub18yNi5qcGciPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjYuanBnIiB3aWR0aD0iMiIgaGVpZ2h0PSIyIiAvPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgPC90cj4KCQkgIDwhLS0gRklOIG5vdGEgZGVzdGFjYWRhIC0tPgogICAgICAgIDwvdGFibGU+ICAgICAgICA8L3RkPgogICAgICAgIDx0ZCB3aWR0aD0iNSUiIGFsaWduPSJyaWdodCI+PGltZyBzcmM9ImltZy81eDUuanBnIiB3aWR0aD0iMTUiIGhlaWdodD0iMTUiIC8+PC90ZD4KICAgICAgPC90cj4KICAgIDwvdGFibGU+PC90ZD4KICA8L3RyPgogIDx0cj4KICAgIDx0ZCB3aWR0aD0iMSUiPjxpbWcgc3JjPSJpbWcvNXg1LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjE1IiAvPjwvdGQ+CiAgICA8dGQgY29sc3Bhbj0iMiIgYWxpZ249ImNlbnRlciI+Jm5ic3A7PC90ZD4KICAgIDx0ZCB3aWR0aD0iMiUiPjxpbWcgc3JjPSJpbWcvNXg1LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjE1IiAvPjwvdGQ+CiAgPC90cj4KICAKICA8dGQ+CiAgPHRyPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgICA8dGQgY29sc3Bhbj0iMiI+Jm5ic3A7PC90ZD4KICA8L3RyPgogIDx0ciBhbGlnbj0iY2VudGVyIj4KICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgPHRkIHdpZHRoPSI5NyIgY29sc3Bhbj0iMiIgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iNTQ2IiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMyIgY2xhc3M9ImJvcmRlIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgYWxpZ249ImNlbnRlciIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZCA+PC90ZD4KICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIiBjbGFzcz0idGl0dWxvaG9tZTIiPjx0YWJsZSB3aWR0aD0iIiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgY29sc3Bhbj0iMyIgYWxpZ249ImxlZnQiIHZhbGlnbj0iYm90dG9tIiBjbGFzcz0idGl0dWxvaG9tZTIiPlJhbmtpbmc8L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjMiIGFsaWduPSJsZWZ0IiB2YWxpZ249ImJvdHRvbSIgY2xhc3M9InRpdHVsb2hvbWUyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iIiBoZWlnaHQ9IjM1IiBhbGlnbj0ibGVmdCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIyNSIgY2xhc3M9ImNvbnRlbmlkb2hvbWUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iMjUiIGNsYXNzPSJjb250ZW5pZG9ob21lIj48c3Ryb25nPiZidWxsO0xhcyBtJmFhY3V0ZTtzIGxlaWRhczwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGNsYXNzPSJjb250ZW5pZG9ob21lIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBjbGFzcz0iY29udGVuaWRvaG9tZSI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgY2xhc3M9ImNvbnRlbmlkb2hvbWUiPjxzdHJvbmc+JmJ1bGw7TGFzIG0mYWFjdXRlO3MgY29tZW50YWRhczwvc3Ryb25nPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIlIiBoZWlnaHQ9IjIwIiB2YWxpZ249Im1pZGRsZSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yOTgiIGNsYXNzPSJib3RvbiI+PGltZyBzcmM9ImltZy9mbGVjaGFuYXJhbmphZmdyaXNfMjQuanBnIiB3aWR0aD0iMTQiIGhlaWdodD0iNyIgYm9yZGVyPSIwIiBhbGlnbj0iYWJzbWlkZGxlIiAvPjwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDElIiBoZWlnaHQ9IjMwIiB2YWxpZ249InRvcCIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yOTgiIGNsYXNzPSJib3RvbiI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgTHVkb3RlY2EgR2FyYWJhdG8gLSBQcm95ZWN0byBzYWx1ZGFjdGl2YSwgUG9yIHVuYSBpbmZhbmNpYSBmZWxpeiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iOSUiIGJnY29sb3I9IiNFRkVGRUYiPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIzJSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0xNjIiIGNsYXNzPSJib3RvbiI+PGltZyBzcmM9ImltZy9mbGVjaGFuYXJhbmphZmdyaXNfMjQuanBnIiB3aWR0aD0iMTQiIGhlaWdodD0iNyIgYm9yZGVyPSIwIiBhbGlnbj0iYWJzbWlkZGxlIiAvPjwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDUlIiBiZ2NvbG9yPSIjRUZFRkVGIj4gICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3JmFtcDtub3RhPTE2MiIgY2xhc3M9ImJvdG9uIj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBDdXJzbyBJbnRlbnNpdm8gZGUgb3BlcmFkb3IgdGVyYXBldXRpY28gZXNwZWNpYWxpemFkbyBlbiBlbCBhYm9yZGFqZSBkZWwgYWJ1c28sIGxhIHZpb2xlbmNpYSB5IGVsIG1hbHRyYXRvIGluZmFudGlsICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9hPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIlIiBoZWlnaHQ9IjIwIiB2YWxpZ249Im1pZGRsZSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yNDIiIGNsYXNzPSJib3RvbiI+PGltZyBzcmM9ImltZy9mbGVjaGFuYXJhbmphZmdyaXNfMjQuanBnIiB3aWR0aD0iMTQiIGhlaWdodD0iNyIgYm9yZGVyPSIwIiBhbGlnbj0iYWJzbWlkZGxlIiAvPjwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iNDElIiBoZWlnaHQ9IjMwIiB2YWxpZ249InRvcCIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0yNDIiIGNsYXNzPSJib3RvbiI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgUFJPR1JBTUEgTEFTIFZJQ1RJTUFTIENPTlRSQSBMQVMgVklPTEVOQ0lBUyAgTWluaXN0ZXJpbyBkZSBKdXN0aWNpYSB5IERlcmVjaG9zIEh1bWFub3MgZGUgbGEgTmFjafNuICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9hPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI5JSIgYmdjb2xvcj0iI0VGRUZFRiI+PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjMlIiBiZ2NvbG9yPSIjRUZFRkVGIj4gICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8YSBocmVmPSJpbmRleC5waHA/aWQ9MTRfbmV3JmFtcDtub3RhPTI1NSIgY2xhc3M9ImJvdG9uIj48aW1nIHNyYz0iaW1nL2ZsZWNoYW5hcmFuamFmZ3Jpc18yNC5qcGciIHdpZHRoPSIxNCIgaGVpZ2h0PSI3IiBib3JkZXI9IjAiIGFsaWduPSJhYnNtaWRkbGUiIC8+PC9hPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI0NSUiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MjU1IiBjbGFzcz0iYm90b24iPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIERpcGxvbWF0dXJhIGVuIEFib3JkYWplIGludGVyZGlzY2lwbGluYXJpbyBkZWwgbWFsdHJhdG8sIGxhIHZpb2xlbmNpYSB5IGVsIGFidXNvIHNleHVhbCBpbmZhbnRpbCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvYT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyJSIgaGVpZ2h0PSIyMCIgdmFsaWduPSJtaWRkbGUiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MzAzIiBjbGFzcz0iYm90b24iPjxpbWcgc3JjPSJpbWcvZmxlY2hhbmFyYW5qYWZncmlzXzI0LmpwZyIgd2lkdGg9IjE0IiBoZWlnaHQ9IjciIGJvcmRlcj0iMCIgYWxpZ249ImFic21pZGRsZSIgLz48L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjQxJSIgaGVpZ2h0PSIzMCIgdmFsaWduPSJ0b3AiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MzAzIiBjbGFzcz0iYm90b24iPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNhbHVkIEFjdGl2YSBuZWNlc2l0YSBkZSB0dSBheXVkYSEgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjklIiBiZ2NvbG9yPSIjRUZFRkVGIj48L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMyUiIGJnY29sb3I9IiNFRkVGRUYiPiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmYW1wO25vdGE9MTA0IiBjbGFzcz0iYm90b24iPjxpbWcgc3JjPSJpbWcvZmxlY2hhbmFyYW5qYWZncmlzXzI0LmpwZyIgd2lkdGg9IjE0IiBoZWlnaHQ9IjciIGJvcmRlcj0iMCIgYWxpZ249ImFic21pZGRsZSIgLz48L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjQ1JSIgYmdjb2xvcj0iI0VGRUZFRiI+ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZhbXA7bm90YT0xMDQiIGNsYXNzPSJib3RvbiI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgTGxhbWFkbyBwYXJhIHByZXNlbnRhY2nzbiBkZSB0cmFiYWpvcy4gICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L2E+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjIwIiBiZ2NvbG9yPSIjRkZGRkZGIiBjbGFzcz0idGV4dG9udWV2byI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSIyMCIgYmdjb2xvcj0iI0ZGRkZGRiIgY2xhc3M9InRleHRvbnVldm8iPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPHRkIGJnY29sb3I9IiNGRkZGRkYiIGNsYXNzPSJ0ZXh0b251ZXZvIj4mbmJzcDs8L3RkPgogICAgICAgICAgICAgICAgICAgICAgICAgIDx0ZCBiZ2NvbG9yPSIjRkZGRkZGIiBjbGFzcz0idGV4dG9udWV2byI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICAgICAgICAgICAgICA8dGQgYmdjb2xvcj0iI0ZGRkZGRiIgY2xhc3M9InRleHRvbnVldm8iPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgICAgICA8L3RhYmxlPgogICAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iIyIgY2xhc3M9ImJvdG9uIj48L2E+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgIDwvdHI+CiAgICAgICAgPC90YWJsZT48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgIDx0ZCBjb2xzcGFuPSIyIj4mbmJzcDs8L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KPCEtLSBJTklDSU8gbm90YSBjb211biAtLT4KICA8dHI+CiAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgIDx0ZCBjb2xzcGFuPSIyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQgd2lkdGg9IjElIj4mbmJzcDs8L3RkPgogICAgPHRkIGNvbHNwYW49IjIiIGFsaWduPSJjZW50ZXIiPjx0YWJsZSB3aWR0aD0iNTQwIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgIDx0cj4KICAgICAgICA8dGQgd2lkdGg9IjI3MCIgdmFsaWduPSJ0b3AiPgoJCQkJPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBhbGlnbj0ibGVmdCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MTUvMDQvMjAxMjwvc3Bhbj48YnI+T3JnYW5pemFuIGpvcm5hZGEgc29icmUgdmlvbGVuY2lhPC90ZD4KICAgICAgICAgIDwvdHI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTUiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODAiIGNvbHNwYW49IjQiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPlNlIGNlbnRyYXImYWFjdXRlOyBlbiBsb3MgZmVuJm9hY3V0ZTttZW5vcyBxdWUgYWZlY3RhbiBhIGxhIGZhbWlsaWEgeSBlbiBsbyBxdWUgb2N1cnJlIGVuIGxhcyBlc2N1ZWxhcy48YnIgLz4gU2UgbGxldmFyJmFhY3V0ZTsgYSBjYWJvIGVsIGx1bmVzIDIzLCBlbiBlbCBDZW50cm8gQ3VsdHVyYWwgZGUgVG9zY2hpIHkgVHJlcyANCkFycm95b3MsIHVuYSBqb3JuYWRhIGRlIHJlZmxleGkmb2FjdXRlO24geSBkZWJhdGUgYWJpZXJ0YSBhIGxhIGNvbXVuaWRhZCBzb2JyZSANCiZsZHF1bztWaW9sZW5jaWEgZW4gbGEgZmFtaWxpYSB5IGVuIGxhIGVzY3VlbGEgeSBzdSByZWxhY2kmb2FjdXRlO24gY29uIGVsIGZyYWNhc28gDQplc2NvbGFyJnJkcXVvOywgb3JnYW5pemFkYSBwb3IgbGEgQXNvY2lhY2kmb2FjdXRlO24gQ2l2aWwgQ2VudHJvIEFydCZlYWN1dGU7bWlkZXMgeSBsYSANCk11bmljaXBhbGlkYWQgZGUgQ2lwb2xsZXR0aS5TZSBjZW50cmFyJmFhY3V0ZTsgZW4gbG9zIGZlbiZvYWN1dGU7bWVub3MgcXVlIGFmZWN0YW4gYSBsYSBmYW1pbGlhIHkgZW4gbG8gcXVlIG9jdXJyZSBlbiBsYXMgZXNjdWVsYXMuPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI2OSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNjkiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICAgIDx0ZCB3aWR0aD0iMjcwIiBhbGlnbj0icmlnaHQiIHZhbGlnbj0idG9wIj4KCQkJCTx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgYWxpZ249ImxlZnQiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjMwLzAzLzIwMTI8L3NwYW4+PGJyPkNhcnRhIGRlIEFTQVBNSSAtIEFzb2NpYWNp824gQXJnZW50aW5hIGRlIFByZXZlbmNp824gZGVsIE1hbHRyYXRvIEluZmFudG8tSnV2ZW5pbDwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQgd2lkdGg9IjE1IiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18wMV8xOS5qcGciIHdpZHRoPSIxNSIgaGVpZ2h0PSI3MSIgLz48L3RkPgogICAgICAgICAgICA8dGQgdmFsaWduPSJ0b3AiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBoZWlnaHQ9IjgwIiBjb2xzcGFuPSI0IiBhbGlnbj0ibGVmdCIgdmFsaWduPSJ0b3AiIGNsYXNzPSJ0ZXh0b251ZXZvIj48cD5Mb3MgaW50ZWdyYW50ZXMgZGUgbGEgQ29taXNpJm9hY3V0ZTtuIERpcmVjdGl2YSBkZSBBU0FQTUkgLSBBc29jaWFjaSZvYWN1dGU7biBBcmdlbnRpbmEgZGUgUHJldmVuY2kmb2FjdXRlO24gZGVsIE1hbHRyYXRvIEluZmFudG8tSnV2ZW5pbCwgYXNvY2lhZGEgYSBsYSBJbnRlcm5hdGlvbmFsIFNvY2lldHkgZm9yIFByZXZlbnRpb24gb2YgQ2hpbGQgQWJ1c2UgYW5kIE5lZ2xlY3QgKElTUENBTikgLSwgdGVuZW1vcyBlbCBhZ3JhZG8gZGUgZGlyaWdpcm5vcyBhIFVzdGVkIHBhcmEgdHJhc21pdGlybGUgbnVlc3RyYSBwcm9mdW5kYSAmbmJzcDt5IGhvbmRhIHByZW9jdXBhY2kmb2FjdXRlO24gcG9yIGxhIHBvc3R1cmEgcXVlIHZpZW5lbiBhc3VtaWVuZG8gZW4gZm9ybWEgY29udGludWFkYSBhbGd1bm9zIGNvbGVnaW9zIGRlIHBzaWMmb2FjdXRlO2xvZ29zLCBlc3BlY2lhbG1lbnRlIGRlIGxhIHByb3ZpbmNpYSBkZSBCdWVub3MgQWlyZXMsIGVuIHJlbGFjaSZvYWN1dGU7biBhbCB0cmF0YW1pZW50byBwb2NvIHNlcmlvIHkgY29tcHJvbWV0aWRvIHF1ZSBzZSBsZXMgb3RvcmdhIGEgbGFzIGRlbnVuY2lhcyBlZmVjdHVhZGFzIGNvbnRyYSBwcm9mZXNpb25hbGVzIHBzaWMmb2FjdXRlO2xvZ29zLi4uPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI2OCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNjgiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgIDx0ZCBjb2xzcGFuPSIyIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgPHRyPgogICAgICAgIDx0ZCBiYWNrZ3JvdW5kPSJpbWcvcmVkaXNlbm9fMjYuanBnIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzI2LmpwZyIgd2lkdGg9IjIiIGhlaWdodD0iMiIgLz48L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQgd2lkdGg9IjElIj4mbmJzcDs8L3RkPgogICAgPHRkIGNvbHNwYW49IjIiIGFsaWduPSJjZW50ZXIiPjx0YWJsZSB3aWR0aD0iNTQwIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgIDx0cj4KICAgICAgICA8dGQgd2lkdGg9IjI3MCIgdmFsaWduPSJ0b3AiPgoJCQkJPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTMiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMzgxIiBoZWlnaHQ9IjMwIiBhbGlnbj0ibGVmdCIgY2xhc3M9InRpdHVsb2hvbWUxIj48c3BhbiBjbGFzcz0iZGVzdGFjYWRvcyI+MjAvMDMvMjAxMjwvc3Bhbj48YnI+TEEgVklPTEVOQ0lBIFNFWFVBTCBDT05UUkEgTknRT1MgWSBOSdFBUyBFTiBDSUZSQVM8L3RkPgogICAgICAgICAgPC90cj4KICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkIHdpZHRoPSIxNSIgdmFsaWduPSJ0b3AiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMDFfMTkuanBnIiB3aWR0aD0iMTUiIGhlaWdodD0iNzEiIC8+PC90ZD4KICAgICAgICAgICAgPHRkIHZhbGlnbj0idG9wIj48dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgaGVpZ2h0PSI4MCIgY29sc3Bhbj0iNCIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIiBjbGFzcz0idGV4dG9udWV2byI+PHA+UmFkaW9ncmFmJmlhY3V0ZTthIGRlIHVuIHByb2JsZW1hPC9wPg0KPHA+RGUgbG9zIG4mdWFjdXRlO21lcm9zIGNvbXBpbGFkb3MgcG9yIGRvcyBlcXVpcG9zIGRlbCBNaW5pc3RlcmlvIGRlIEp1c3RpY2lhLCBsYQ0KIGF1dG9yYSB0b21hIGxvcyBkZSBsYSBjaXVkYWQgZGUgQnVlbm9zIEFpcmVzIHBhcmEgdHJhemFyIHVuIHBhcmFkaWdtYSANCmRlIGxvcyBkZWxpdG9zIGNvbnRyYSBsYSBpbnRlZ3JpZGFkIHNleHVhbCBlbiBlbCBwYSZpYWN1dGU7cyB5IHNvYnJlIHN1IA0KYXRlbmNpJm9hY3V0ZTtuLjxiciAvPiA8YnIgLz4gJm5ic3A7UG9yIEV2YSBHaWJlcnRpPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI2MCI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNjAiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICAgIDx0ZCB3aWR0aD0iMjcwIiBhbGlnbj0icmlnaHQiIHZhbGlnbj0idG9wIj4KCQkJCTx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMCIgY2VsbHNwYWNpbmc9IjAiPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQgd2lkdGg9IjEzIj4mbmJzcDs8L3RkPgogICAgICAgICAgICA8dGQgd2lkdGg9IjM4MSIgaGVpZ2h0PSIzMCIgYWxpZ249ImxlZnQiIGNsYXNzPSJ0aXR1bG9ob21lMSI+PHNwYW4gY2xhc3M9ImRlc3RhY2Fkb3MiPjE1LzAzLzIwMTI8L3NwYW4+PGJyPkZBTExPIERFIExBIENPUlRFIFNVUFJFTUEgU09CUkUgTEEgTk8gSlVESUNJQUxJWkFDSU9OIERFTCBBQk9SVE8gRU4gQ0FTT1MgREUgVklPTEFDSU9OPC90ZD4KICAgICAgICAgIDwvdHI+CiAgICAgICAgICA8dHI+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTUiIHZhbGlnbj0idG9wIj48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzAxXzE5LmpwZyIgd2lkdGg9IjE1IiBoZWlnaHQ9IjcxIiAvPjwvdGQ+CiAgICAgICAgICAgIDx0ZCB2YWxpZ249InRvcCI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGhlaWdodD0iODAiIGNvbHNwYW49IjQiIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgY2xhc3M9InRleHRvbnVldm8iPjxwPjxiciAvPiBKVVJJU0RJQ0NJT046IE5BQ0lPTkFMPGJyIC8+IE1BVEVSSUE6IEFCT1JUTy48YnIgLz4gVFJJQlVOQUw6IENvcnRlIFN1cHJlbWEgZGUgSnVzdGljaWEgZGUgbGEgTmFjaSZvYWN1dGU7bi48YnIgLz4gQVVUT1M6IEYuLCBBLiBMLiBzLyBtZWRpZGEgYXV0b3NhdGlzZmFjdGl2YS48YnIgLz4gRkVDSEE6IDEzLzAzLzIwMTIuPC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjE5JSI+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTE0X25ldyZub3RhPTI1OSI+PGltZyBzcmM9ImltZy9yZWRpc2Vub18zMy5qcGciIHdpZHRoPSI2NiIgaGVpZ2h0PSIyNyIgYm9yZGVyPSIwIiAvPjwvYT48L3RkPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI2MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjElIiB2YWxpZ249InRvcCI+PGEgaHJlZj0iaHR0cDovL3d3dy5zYWx1ZGFjdGl2YS5vcmcuYXIvaW5kZXgucGhwP2lkPTE3Ij48aW1nIHNyYz0iaW1nL3JlZGlzZW5vXzIxLmpwZyIgd2lkdGg9IjUzIiBoZWlnaHQ9IjIxIiBib3JkZXI9IjAiIC8+PC9hPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIwJSIgdmFsaWduPSJ0b3AiPjxhIGhyZWY9ImluZGV4LnBocD9pZD0xNF9uZXcmbm90YT0yNTkiPjxpbWcgc3JjPSJpbWcvcmVkaXNlbm9fMjIuanBnIiB3aWR0aD0iNzgiIGhlaWdodD0iMjEiIGJvcmRlcj0iMCIgLz48L2E+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgICAgPHRyPgogICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CgkJCQk8L3RkPgogICAgICA8L3RyPgogICAgPC90YWJsZT48L3RkPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KPCEtLSBGSU4gbm90YSBjb211biAtLT4KPC90YWJsZT4KPG1hcCBuYW1lPSJNYXBNYXAiIGlkPSJNYXBNYXAiPjxhcmVhIHNoYXBlPSJyZWN0IiBjb29yZHM9IjE0NCw0LDIxNCwzNiIgaHJlZj0iaW5kZXgucGhwP2lkPTE0IiAvPgo8L21hcD4KPG1hcCBuYW1lPSJNYXAyTWFwMiIgaWQ9Ik1hcDJNYXAyIj48YXJlYSBzaGFwZT0icmVjdCIgY29vcmRzPSIxNDcsNCwyMjAsMzYiIGhyZWY9ImluZGV4LnBocD9pZD0xNGEiIC8+CjwvbWFwPgo8bWFwIG5hbWU9Ik1hcDMiIGlkPSJNYXAzIj48YXJlYSBzaGFwZT0icmVjdCIgY29vcmRzPSIzNjMsMyw0MzYsMzkiIGhyZWY9ImluZGV4LnBocD9pZD0xNGIiIC8+CjwvbWFwPgo8L2h0bWw+CjwvdGQ+CiAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgICA8dGQgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIiBiZ2NvbG9yPSIjRTNFM0UzIj4gICAgICAgICAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgICA8dGQgYWxpZ249ImNlbnRlciIgdmFsaWduPSJ0b3AiIGJnY29sb3I9IiNFM0UzRTMiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiPgogICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPHRkIHdpZHRoPSI3MCUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNiUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8dGQ+PGltZyBzcmM9ImltZy9kZWNpbG9fYmllbl9mdWVydGUxLmpwZyIgd2lkdGg9IjEyMCIgaGVpZ2h0PSIxMTIiPjwvdGQ+CiAgICAgICAgICAgICAgPHRkPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZD4mbmJzcDs8L3RkPgogICAgICAgICAgICAgIDx0ZCBhbGlnbj0iY2VudGVyIiA+PGEgaHJlZj0iaW5kZXgucGhwP2lkPTI0IiBjbGFzcz0iYm90b24xIj5bK10gTSZhYWN1dGU7cyBpbmZvcm1hY2kmb2FjdXRlO248L2E+PC90ZD4KICAgICAgICAgICAgICA8dGQ+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPC90cj4KICAgICAgICAgIDwvdGFibGU+CiAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCIgYmdjb2xvcj0iI0UzRTNFMyI+ICAgICAgICA8L3RyPgogICAgICAgIDx0cj4gCiAgICAgICAgICA8dGQgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIj4mbmJzcDs8L3RkPgogICAgICAgIDwvdHI+CiAgICA8L3RhYmxlPjwvdGQ+CiAgPC90cj4KICA8dHI+IAogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249ImJvdHRvbSI+PGltZyBzcmM9ImltZy9penExLmpwZyIgd2lkdGg9Ijk2IiBoZWlnaHQ9IjExNCIgLz48L3RkPgogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249InRvcCI+PGltZyBzcmM9ImltZy9RdWllbmVzU29tb3NfQTJfMF8yNS5qcGciIHdpZHRoPSI4MDkiIGhlaWdodD0iMTE0IiBib3JkZXI9IjAiIHVzZW1hcD0iI01hcDIiIC8+PC90ZD4KICA8L3RyPgogIDx0cj4gCiAgICA8dGQgaGVpZ2h0PSI1MCIgYWxpZ249ImxlZnQiIHZhbGlnbj0idG9wIiBiYWNrZ3JvdW5kPSJpbWcvUXVpZW5lc1NvbW9zX0EyXzE4XzE4LmpwZyI+Jm5ic3A7PC90ZD4KICAgIDx0ZCBoZWlnaHQ9IjUwIiBjbGFzcz0iZm9uZG9ib3R0b20iPjxhIGhyZWY9Imh0dHA6Ly93d3cuc2l0ZWkuY29tLmFyLyI+PGltZyBzcmM9ImltZy9laV9jb2xvci5wbmciIGFsdD0iZXNwYWNpb3MgZGUgaW1hZ2luYWNpb24sIGRlc2Fycm9sbG9zIGludGVyYWN0aXZvcywgY3JlYXRpdmlkYWQsIGRpc2XxbyIgd2lkdGg9IjI3IiBoZWlnaHQ9IjE1IiBib3JkZXI9IjAiPjwvYT4gPHNwYW4gY2xhc3M9ImVpIj48YSBocmVmPSJodHRwOi8vd3d3LnNpdGVpLmNvbS5hci8iIHNwYW4gY2xhc3M9ImVpIj5kaXNlJm50aWxkZTtvICsgY29tdW5pY2FjaSZvYWN1dGU7bjwvYT48L3NwYW4+PGVtPiZuYnNwOzwvZW0+PC9zcGFuPjxzcGFuIGNsYXNzPSJibGFuY28xIj48ZW0+Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7PC9lbT48L3NwYW4+PC90ZD4KICA8L3RyPgo8L3RhYmxlPgoKCjxtYXAgbmFtZT0iTWFwMiI+PGFyZWEgc2hhcGU9InJlY3QiIGNvb3Jkcz0iMjQ3LDY5LDQxNCw4MiIgaHJlZj0ibWFpbHRvOnNhbHVkYWN0aXZhQHNhbHVkYWN0aXZvLm9yZy5hciI+CjwvbWFwPgo8bWFwIG5hbWU9Ik1hcCI+CjxhcmVhIHNoYXBlPSJyZWN0IiBjb29yZHM9IjM2LDE0MiwxNDksMTUyIiBocmVmPSJpbmRleC5waHA/aWQ9OF92ZXIyJmNvbmY9MiI+CjxhcmVhIHNoYXBlPSJyZWN0IiBjb29yZHM9IjM0LDE4NiwxNTAsMTk2IiBocmVmPSJpbmRleC5waHA/aWQ9OF92ZXIyJmNvbmY9MCI+CjwvbWFwPgo8L2JvZHk+CjwvaHRtbD4K]]></response>
	254	<responseRedirected>false</responseRedirected>
	255	</requestresponse>
	256	</issue>
	257	<issue>
	258	<serialNumber>497905397226519552</serialNumber>
	259	<type>6291968</type>
	260	<name>Email addresses disclosed</name>
	261	<host ip="200.20.20.201">http://www.example.org.ar</host>
	262	<path><![CDATA[/donaciones/]]></path>
	263	<location><![CDATA[/donaciones/]]></location>
	264	<severity>Information</severity>
	265	<confidence>Certain</confidence>
	266	<issueBackground><![CDATA[The presence of email addresses within application responses does not necessarily constitute a security vulnerability. Email addresses may appear intentionally within contact information, and many applications (such as web mail) include arbitrary third-party email addresses within their core content.<br><br>However, email addresses of developers and other individuals (whether appearing on-screen or hidden within page source) may disclose information that is useful to an attacker; for example, they may represent usernames that can be used at the application's login, and they may be used in social engineering attacks against the organization's personnel. Unnecessary or excessive disclosure of email addresses may also lead to an increase in the volume of spam email received.]]></issueBackground>
	267	<remediationBackground><![CDATA[You should review the email addresses being disclosed by the application, and consider removing any that are unnecessary, or replacing personal addresses with anonymous mailbox addresses (such as [email protected]).]]></remediationBackground>
	268	<issueDetail><![CDATA[The following email address was disclosed in the response:<ul><li>[email protected]</li></ul>]]></issueDetail>
	269	<requestresponse>
	270	<request base64="true"><![CDATA[R0VUIC9kb25hY2lvbmVzLyBIVFRQLzEuMQ0KSG9zdDogd3d3LnNhbHVkYWN0aXZhLm9yZy5hcg0KQWNjZXB0OiAqLyoNCkFjY2VwdC1MYW5ndWFnZTogZW4NClVzZXItQWdlbnQ6IE1vemlsbGEvNS4wIChjb21wYXRpYmxlOyBNU0lFIDkuMDsgV2luZG93cyBOVCA2LjE7IFdpbjY0OyB4NjQ7IFRyaWRlbnQvNS4wKQ0KQ29ubmVjdGlvbjogY2xvc2UNCg0K]]></request>
	271	<response base64="true"><![CDATA[SFRUUC8xLjEgMjAwIE9LDQpEYXRlOiBUaHUsIDA3IE5vdiAyMDEzIDE3OjE0OjA2IEdNVA0KU2VydmVyOiBBcGFjaGUvMi4yLjIzIChVbml4KSBtb2Rfc3NsLzIuMi4yMyBPcGVuU1NMLzAuOS44ZS1maXBzLXJoZWw1DQpMYXN0LU1vZGlmaWVkOiBXZWQsIDAzIEp1bCAyMDEzIDEzOjQ4OjMwIEdNVA0KRVRhZzogImFhZDk2Ny03MTI5LTRlMDliYjc3ZmM3ODAiDQpBY2NlcHQtUmFuZ2VzOiBieXRlcw0KQ29udGVudC1MZW5ndGg6IDI4OTY5DQpDb25uZWN0aW9uOiBjbG9zZQ0KQ29udGVudC1UeXBlOiB0ZXh0L2h0bWwNCg0KPCFET0NUWVBFIGh0bWwgUFVCTElDICItLy9XM0MvL0RURCBYSFRNTCAxLjAgVHJhbnNpdGlvbmFsLy9FTiIgImh0dHA6Ly93d3cudzMub3JnL1RSL3hodG1sMS9EVEQveGh0bWwxLXRyYW5zaXRpb25hbC5kdGQiPgo8aHRtbCB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMTk5OS94aHRtbCI+CjxoZWFkPgo8bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LVR5cGUiIGNvbnRlbnQ9InRleHQvaHRtbDsgY2hhcnNldD1VVEYtOCIgLz4KPHRpdGxlPlNhbHVkIEFjdGl2YTwvdGl0bGU+CjxsaW5rIGhyZWY9ImVzdGlsb3MuY3NzIiByZWw9InN0eWxlc2hlZXQiIHR5cGU9InRleHQvY3NzIiAvPgo8bGluayBocmVmPSJmb3JtX2ZpbGVzL2VzdGlsb3MuY3NzIiByZWw9InN0eWxlc2hlZXQiIHR5cGU9InRleHQvY3NzIj4KPCEtLVtpZiBJRSA2XT4KCQkJPHN0eWxlIHR5cGU9InRleHQvY3NzIj4KCQkJIEBpbXBvcnQgdXJsKGllNi5jc3MpOwoJCQk8L3N0eWxlPiAKCQk8IVtlbmRpZl0tLT4KPHNjcmlwdCB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiIHNyYz0ianMvanF1ZXJ5Lm1pbi5qcyI+PC9zY3JpcHQ+CjxzY3JpcHQgc3JjPSJTY3JpcHRzL3N3Zm9iamVjdF9tb2RpZmllZC5qcyIgdHlwZT0idGV4dC9qYXZhc2NyaXB0Ij48L3NjcmlwdD4KPHNjcmlwdCB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiIHNyYz0ianMvanF1ZXJ5LmN5Y2xlLmFsbC4yLjc0LmpzIj48L3NjcmlwdD4gCjxzY3JpcHQgdHlwZT0idGV4dC9qYXZhc2NyaXB0Ij4KJChkb2N1bWVudCkucmVhZHkoZnVuY3Rpb24oKSB7CgkkKCcjc2xpZGUnKS5jeWNsZSh7IAogICAgCWZ4OiAgICAgJ3Njcm9sbExlZnQnLCAKICAgCSAJc3BlZWQ6ICAxNTAwLCAKICAgIAl0aW1lb3V0OiA2MDAwICwKCQluZXh0OiAgICcjbmV4dCcsIAogICAgCXByZXY6ICAgJyNwcmV2JwoJfSk7Cn0pOwokKGZ1bmN0aW9uKCkKewovL2JvdG9uMQokKCIjYm90b24xIikuY2xpY2soZnVuY3Rpb24oZXZlbnQpIHsKZXZlbnQucHJldmVudERlZmF1bHQoKTsKJCgiI2NvbnRlbmlkbzEiKS5zbGlkZVRvZ2dsZSgpOwokKCIjY29udGVuaWRvMiwgI2NvbnRlbmlkbzMsICNjb250ZW5pZG80LCAjY29udGVuaWRvNSIpLnNsaWRlVXAoKTsKJCgiI2JvdG9uMSIpLnJlbW92ZUNsYXNzKCdub3NlbGVjdCcpLmFkZENsYXNzKCdzZWxlY3QnKTsKLy8kKCIjYm90b24yLCAjYm90b24zLCAjYm90b240LCAjYm90b241IikucmVtb3ZlQ2xhc3MoJ3NlbGVjdCcpLmFkZENsYXNzKCdub3NlbGVjdCcpOwp9KTsKCi8vYm90b24yCiQoIiNib3RvbjIiKS5jbGljayhmdW5jdGlvbihldmVudCkgewpldmVudC5wcmV2ZW50RGVmYXVsdCgpOwokKCIjY29udGVuaWRvMiIpLnNsaWRlVG9nZ2xlKCk7CiQoIiNjb250ZW5pZG8xLCAjY29udGVuaWRvMywgI2NvbnRlbmlkbzQsICNjb250ZW5pZG81Iikuc2xpZGVVcCgpOwokKCIjYm90b24yIikucmVtb3ZlQ2xhc3MoJ25vc2VsZWN0JykuYWRkQ2xhc3MoJ3NlbGVjdCcpOwovLyQoIiNib3RvbjEsICNib3RvbjMsICNib3RvbjQsICNib3RvbjUiKS5yZW1vdmVDbGFzcygnc2VsZWN0JykuYWRkQ2xhc3MoJ25vc2VsZWN0Jyk7Cn0pOwoKLy9ib3RvbjMKJCgiI2JvdG9uMyIpLmNsaWNrKGZ1bmN0aW9uKGV2ZW50KSB7CmV2ZW50LnByZXZlbnREZWZhdWx0KCk7CiQoIiNjb250ZW5pZG8zIikuc2xpZGVUb2dnbGUoKTsKJCgiI2NvbnRlbmlkbzEsICNjb250ZW5pZG8yLCAjY29udGVuaWRvNCwgI2NvbnRlbmlkbzUiKS5zbGlkZVVwKCk7CiQoIiNib3RvbjMiKS5yZW1vdmVDbGFzcygnbm9zZWxlY3QnKS5hZGRDbGFzcygnc2VsZWN0Jyk7Ci8vJCgiI2JvdG9uMiwgI2JvdG9uMSwgI2JvdG9uNCwgI2JvdG9uNSIpLnJlbW92ZUNsYXNzKCdzZWxlY3QnKS5hZGRDbGFzcygnbm9zZWxlY3QnKTsKfSk7CgovL2JvdG9uNAokKCIjYm90b240IikuY2xpY2soZnVuY3Rpb24oZXZlbnQpIHsKZXZlbnQucHJldmVudERlZmF1bHQoKTsKJCgiI2NvbnRlbmlkbzQiKS5zbGlkZVRvZ2dsZSgpOwokKCIjY29udGVuaWRvMSwgI2NvbnRlbmlkbzMsICNjb250ZW5pZG8yLCAjY29udGVuaWRvNSIpLnNsaWRlVXAoKTsKJCgiI2JvdG9uNCIpLnJlbW92ZUNsYXNzKCdub3NlbGVjdCcpLmFkZENsYXNzKCdzZWxlY3QnKTsKJCgiI2JvdG9uMiwgI2JvdG9uMywgI2JvdG9uMSwgI2JvdG9uNSIpLnJlbW92ZUNsYXNzKCdzZWxlY3QnKS5hZGRDbGFzcygnbm9zZWxlY3QnKTsKfSk7CgovL2JvdG9uNQokKCIjYm90b241IikuY2xpY2soZnVuY3Rpb24oZXZlbnQpIHsKZXZlbnQucHJldmVudERlZmF1bHQoKTsKJCgiI2NvbnRlbmlkbzUiKS5zbGlkZVRvZ2dsZSgpOwokKCIjY29udGVuaWRvMSwgI2NvbnRlbmlkbzMsICNjb250ZW5pZG8yLCAjY29udGVuaWRvNCIpLnNsaWRlVXAoKTsKJCgiI2JvdG9uNSIpLnJlbW92ZUNsYXNzKCdub3NlbGVjdCcpLmFkZENsYXNzKCdzZWxlY3QnKTsKJCgiI2JvdG9uMiwgI2JvdG9uMywgI2JvdG9uMSwgI2JvdG9uNCIpLnJlbW92ZUNsYXNzKCdzZWxlY3QnKS5hZGRDbGFzcygnbm9zZWxlY3QnKTsKfSk7Cn0pOwo8L3NjcmlwdD4KCgo8L2hlYWQ+Cgo8Ym9keT4KPGRpdiBpZD0iY29udGVuZWRvciI+CjxkaXYgaWQ9ImhlYWRlciI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgPHRyPgogICAgPHRkIGFsaWduPSJsZWZ0IiB2YWxpZ249Im1pZGRsZSI+PGltZyBzcmM9ImltYWdlcy9oZWFkZXIuanBnIiBuYW1lPSJib3RvbjQiIHdpZHRoPSI5MzMiIGhlaWdodD0iMTI5IiBpZD0iYm90b240Ii8+PC90ZD4KICAgPCEtLSA8dGQgdmFsaWduPSJtaWRkbGUiPjxhIGhyZWY9ImluZm8uZG9jIiB0YXJnZXQ9Il9ibGFuayI+PGltZyBzcmM9ImltYWdlcy9oZWFkZXJtYzEuanBnIiBuYW1lPSJkZXNjYXJnYSIgd2lkdGg9Ijg0NSIgaGVpZ2h0PSIxMTAiIGJvcmRlcj0iMCIgIGlkPSJkZXNjYXJnYSIvPi0tPgo8L2E+PC90ZD4KICA8L3RyPgo8L3RhYmxlPgo8L2Rpdj4gPCEtLWVuZCBvZiBIRUFERVIgLS0+CiAgICA8ZGl2IGlkPSJpbWFnZW5lcyI+CiAgICAgIDxkaXYgaWQ9InNsaWRlciI+CiAgIAkgIDxkaXY+CiAgIAkJPGltZyBzcmM9ImltYWdlcy9iYW5uZXJfaG9tZS5qcGciIHdpZHRoPSI5MzUiIGhlaWdodD0iMzA5IiAvPjwvZGl2PiAKICAgCSAgPCEtLWVuZCBvZiBTTElERSAtLT4KICAgICAgPC9kaXY+IAogICAgICA8IS0tZW5kIG9mIFNMSURFUiAtLT4KPC9kaXY+IAogICAgPCEtLWVuZCBvZiBJTUFHRU5FUyAtLT4gICAgCjxkaXYgaWQ9ImJvdG9uZXJhIj4KICAgIAk8dWw+CiAgICAgICAgCTxsaSBjbGFzcz0ibm9zZWxlY3QxIiBpZD0iYm90b24yIj48L2xpPgogICAgICAgICAgICA8bGkgY2xhc3M9Im5vc2VsZWN0MiIgaWQ9ImJvdG9uMSI+PC9saT4KICAgICAgICAgIDxhIGhyZWY9ImphdmFzY3JpcHQ6IHZvaWQobyk7IiBvbmNsaWNrPSJ3aW5kb3cub3BlbignaHR0cDovL3d3dy5mYWNlYm9vay5jb20vc2hhcmVyLnBocD91PWh0dHA6Ly93d3cuc2FsdWRhY3RpdmEub3JnLmFyL2RvbmFjaW9uZXMvJywndmVudGFuYWNvbXBhcnRpcicsICd0b29sYmFyPTAsIHN0YXR1cz0wLCB3aWR0aD02NTAsIGhlaWdodD00NTAnKTsiPgogICAgICAgIDxsaSBjbGFzcz0ibm9zZWxlY3QzIj48L2xpPgogICAgICAgICAgICA8L2E+CiAgICAgICAgICAgIDwhLS08bGkgY2xhc3M9Im5vc2VsZWN0IiBpZD0iYm90b240Ij5JTkZPUk1BQ0nDk04gREUgQ09NUFJBUzwvbGk+LS0+CiAgICAgICAgICA8IS0tIDxsaSBjbGFzcz0ibm9zZWxlY3QiIGlkPSJib3RvbjUiPkNPTUVSQ0lBTCBERSBUVjwvbGk+IC0tPgogICAgICAgIDwvdWw+CiAgICAgPC9kaXY+ICAgICAgIAogICAgIDwvZGl2Pgo8IS0tZW5kIG9mIEJPVE9ORVJBIC0tPgogICAgCjxkaXYgY2xhc3M9ImNvbnRlbmlkbyIgaWQ9ImNvbnRlbmlkbzEiPgoKPCEtLUNPTlRFTklETyAxZXIgQk9UT04gLS0+CiAKPGRpdiBjbGFzcz0iZm9uZG9fY29udDQiPgoKPGRpdiBjbGFzcz0idGV4dG8iPgo8cD4mbmJzcDs8L3A+CjxwPiZuYnNwOzwvcD4KPHA+PHNwYW4gY2xhc3M9ImgxIj48Yj5TYWx1ZCBBY3RpdmE8L2I+PC9zcGFuPjwvcD4KICAgIAo8cD48c3BhbiBjbGFzcz0iaDIiPlNhbHVkIEFjdGl2YSBlcyB1bmEgb3JnYW5pemFjacOzbiBzaW4gZmluZXMgZGUgbHVjcm8gcXVlIGluaWNpw7Mgc3UgdHJhYmFqbyBhIHByaW5jaXBpb3MgZGVsIGHDsW8gMTk5OS48L3NwYW4+PC9wPgoKPHA+PHNwYW4gY2xhc3M9ImgzIj4KPHN0cm9uZyBzdHlsZT0iZm9udC13ZWlnaHQ6Ym9sZDsiPjxiciAvPgpIb3kgZXN0YW1vcyB0cmFiYWphbmRvIGVuIGVzdGUgcHJveWVjdG86PC9zdHJvbmc+PGJyIC8+CjxhIGhyZWY9Imh0dHA6Ly9pc3N1dS5jb20vZWkuZXN0dWRpby9kb2NzL3NhbHVkYWN0aXZhLWx1ZG90ZWNhP21vZGU9d2luZG93IiB0YXJnZXQ9Il9ibGFuayI+PGltZyBzcmM9ImltYWdlcy9HYXJhYmF0b0x1ZG90ZWNhXzUwMHB4LmpwZyIgd2lkdGg9IjUwMCIgaGVpZ2h0PSIxMTMiIGJvcmRlcj0iMCIgLz48L2E+Cgo8YnIgLz4KPGEgaHJlZj0iUHJveWVjdG9MdWRvdGVjYUNvbXBsZXRvLnBkZiIgdGFyZ2V0PSJfYmxhbmsiIHN0eWxlPSJjb2xvcjojRjYwOyI+VmVyIHByb3llY3RvIGNvbXBsZXRvPC9hPjxiciAvPgo8c3Ryb25nPjxiciAvPgo8L3N0cm9uZz48L3NwYW4+PHN0cm9uZyBzdHlsZT0iZm9udC13ZWlnaHQ6Ym9sZDsiPlVuIHBvY28gZGUgaGlzdG9yaWE8L3N0cm9uZz48ZW0+OjwvZW0+PC9wPgo8cD48c3BhbiBjbGFzcz0iaDMiPkN1YW5kbyBpbmljaWFtb3MgZXN0ZSBjYW1pbm8gdGVuw61hbW9zIHVuYSBwcmVvY3VwYWNpw7NuLCBsb3MgcHNpY8OzbG9nb3MgeSBwc2ljw7Nsb2dhcyBjdWFuZG8gc2UgcmVjaWLDrWFuIHRlbsOtYW4gcXVlIGNvbWVuemFyIGEgZWplcmNlciB5IHNlIGVuZnJlbnRhYmFuIGEgdW5hIHNlcmllIGRlIHByb2JsZW1hcywgZW50cmUgZWxsb3MgbGEgZGlmZXJlbmNpYSBlbnRyZSBsbyBxdWUgYXByZW5kw61hbiAoeSBhcHJlbmRlbikgZW4gbGEgRmFjdWx0YWQgKHNlYSBsYSBxdWUgc2VhKSB5IGxhIHJlYWxpZGFkIGRlbCBzdWZyaW1pZW50byBkZSBsYSBnZW50ZS4gCiAgRWwgb3RybyBwcm9ibGVtYSBjb24gZWwgcXVlIHNlIHRvcGFiYW4gZXMgbGEgaW5leGlzdGVuY2lhIGRlIGx1Z2FyZXMgZG9uZGUgcmVhbGl6YXIgcHLDoWN0aWNhcywgZG9uZGUgYXByZW5kZXIgYSBhdGVuZGVyIHBhY2llbnRlcywgY29tbyBzZXIgcHNpY8OzbG9nb3MgeSBwc2ljw7Nsb2dhcyBlbiBsYSByZWFsaWRhZCBkZWwgY29udXJiYW5vIGJvbmFlcmVuc2XigKYgPGJyIC8+PGJyIC8+CiAgRXNhcyBwcmVvY3VwYWNpb25lcyBzZSBkZXNwcmVuZGllcm9uIGRlIGRpZXogYcOxb3MgZGUgZnVuY2lvbmFtaWVudG8gY29tbyBpbnN0aXR1Y2nDs24gcHNpY29sw7NnaWNhLCBlbCBDSUFQU0kgKENlbnRybyBkZSBJbnZlc3RpZ2FjacOzbiB5IEFzaXN0ZW5jaWEgUHNpY29zb23DoXRpY2EgZnVuZGFkbyBlbiAxOTg5KSB5IGEgbGEgcXVlIGNvbnZvY2Ftb3MgYSBtdWNob3MgeSBtdWNoYXMgasOzdmVuZXMgY29sZWdhcyBxdWUgc3VmcsOtYW4gZXN0YXMgZG9zIGNhcmVuY2lhcyBiw6FzaWNhcyBlbiBzdSBmb3JtYWNpw7NuLiBDb24gZXN0ZSBlc3DDrXJpdHUgZGUgZm9ybWFjacOzbiBwcm9mZXNpb25hbCBjb21lbnphbW9zIG51ZXN0cm8gY2FtaW5vIGNvbiBTYWx1ZCBBY3RpdmEsIGV4YWN0YW1lbnRlIGVsIDkgZGUgYWJyaWwgZGVsIDk5LCBtZWRpYW50ZSBsYSBpbXBsZW1lbnRhY2nDs24gZGVsIFByb2dyYW1hIEFzaXRpci4gQ29udm9jYW1vcyBhIGxvcyBwcm9mZXNpb25hbGVzIHJlY2nDqW4gcmVjaWJpZG9zIGEgcmVhbGl6YXIgZXN0YSBmb3JtYWNpw7NuIHByb2Zlc2lvbmFsIHRlw7NyaWNvLXByw6FjdGljYSBkZSBtYW5lcmEgZ3JhdHVpdGEgeSBxdWUgaW5jbHXDrWEgbGEgc3VwZXJ2aXNpw7NuIGNsw61uaWNhIGRlIGxvcyBwYWNpZW50ZXMgdGFtYmnDqW4gZGUgbWFuZXJhIGdyYXR1aXRhLiAKICA8YnIgLz48YnIgLz4KICBQYXJhIGdlbmVyYXIgbG9zIGVzcGFjaW9zIGRlIGxhIHByw6FjdGljYSBpbnZpdGFtb3MgYSBsYSBjb211bmlkYWQgY2VyY2FuYSBhIHBhcnRpY2lwYXIgZGUgZXN0YSBwb3NpYmlsaWRhZDogYXNpc3RlbmNpYSBwc2ljb2zDs2dpY2EgZ3JhdHVpdGEgbyBtZWRpYW50ZSBlbCBwYWdvIGRlIHVuIG3DrW5pbW8gYm9ubyBjb250cmlidWNpw7Nu4oCmCiAgPGJyIC8+PGJyIC8+CiAgUHJpbWVybyBmdWVyb24gbGFzIGVzY3VlbGFzIGRlIG51ZXN0cm8gcGFydGlkbywgcG9kcsOhbiBpbWFnaW5hcnNlIHF1ZSBsYSBwcmltZXJhIHJlYWNjacOzbiBmdWUgZGUgYXNvbWJybyB5IGRlc2NvbmZpYW56YSwgbGFzIGRpcmVjdG9yYXMgeSBlcXVpcG9zIHTDqWNuaWNvcyBjb21lbnphcm9uIGEgbGxhbWFyIHBvciB0ZWzDqWZvbm8sIHNlIGZ1ZXJvbiBhY2VyY2FuZG8geSBsZXMgZXhwbGljw6FiYW1vcyBjdWFsZXMgZXJhbiBudWVzdHJvcyBvYmpldGl2b3M6IGZvcm1hciBwcm9mZXNpb25hbGVzIHkgcGVybWl0aXIgYSBtw6FzIGdlbnRlIHBvZGVyIGFjY2VkZXIgYSBsYSBhc2lzdGVuY2lhIHBzaWNvbMOzZ2ljYS4gQXPDrSBwbGFudGVhZG8gZW1wZXphcm9uIGEgbGxlZ2FyIGxhcyBwcmltZXJhcyBkZXJpdmFjaW9uZXM6IG5pw7FvcywgbmnDsWFzIHkgYWRvbGVzY2VudGVzIHF1ZSB0dXZpZXJhbiBkaWZpY3VsdGFkZXMgbyBwcm9ibGVtYXMgZW4gbGEgZXNjdWVsYSwgeSBxdWUgbGEgZXNjdWVsYSBzZSBjb21wcm9tZXRpZXJhIGEKICB0cmFiYWphciBqdW50byBhIG5vc290cm9zIGVuIGxhIHByb2JsZW3DoXRpY2EgZGVsIG5pw7FvIG8gbmnDsWEuCiAgUXVlIGZ1ZSBsbyBxdWUgb2N1cnJpw7PigKZsYSBtYXlvcsOtYSBkZSBsYXMgZGVyaXZhY2lvbmVzIGVzdGFiYW4gdmluY3VsYWRhcyBhbCBtYWx0cmF0byAsIGEgbGEgdmlvbGVuY2lhIHkgYWwgYWJ1c28gaW5mYW50aWwuIAogIDxiciAvPjxiciAvPgogIEp1c3RhbWVudGUgcG9yIHVuIGNhc28gZGUgYWJ1c28gc2V4dWFsIGluZmFudGlsIGZ1aW1vcyBjb252b2NhZG9zIHBvciB1bm8gZGUgbG9zIFRyaWJ1bmFsZXMgZGUgRmFtaWxpYSBkZSBNb3LDs24sIGVsIG7CuiAxIHBhcmEgc2VyIG3DoXMgZXhhY3RvcyBlbiBkb25kZSBjb21lbnphYmEgYSBmdW5jaW9uYXIgdW4gZXNwYWNpbyBpbm5vdmFkb3IgcGFyYSBhcXVlbCBtb21lbnRvLCBub3ZpZW1icmUgZGVsIDk5LCAgbGEgUmVkIGRlIEZhbWlsaWEgZGVsIE9lc3RlLCBjcmVhZGEgcG9yIHVuIEp1ZXogZWwgRHIuIENhcmxvcyBSb21hbm8sIHZpc2lvbmFyaW8gc29icmUgbGEgZm9ybWEgZW4gbGEgcXVlIHNlIGRlYmVuIHRyYWJhamFyIGxvcyB0ZW1hcyBkZSB2aW9sZW5jaWEsIG1hbHRyYXRvIHkgYWJ1c286IGVuIHJlZCwgYXJ0aWN1bGFuZG8sCiAgbXVsdGlkaXNjaXBsaW5hcmlhbWVudGUsIHBlbnNhbmRvIGp1bnRvcywgc2llbmRvIGNyZWF0aXZvc+KApgogIDxiciAvPjxiciAvPgogIE5vcyBhdXRvIGZvcm1hbW9zLCBpbnZlc3RpZ2Ftb3MsIGNvbnN0aXR1aW1vcyBncnVwb3MgZGUgZXN0dWRpbywgbm9zIGNhcGFjaXRhbW9zLCB5IG5vcyBlc3BlY2lhbGl6YW1vcy4KICBTaWVtcHJlIGRlY2ltb3MgcXVlIG5vc290cm9zIG5vIGVsZWdpbW9zIGhhY2VyIGVzdG8sIGxhIHJlYWxpZGFkIHNlIG5vcyBpbXB1c28geSBzZW50aW1vcyBxdWUgZXJhIG51ZXN0cm8gZGViZXIgcmVzcG9uZGVyIGEgbG8gcXVlIG5hZGllIHJlc3BvbmRlLCBhY29tcGHDsWFyIGxvIHF1ZSBuYWRpZSBhY29tcGHDsWEsIHkgcG9yIHNvYnJlIHRvZG8gaGFjZXLigKYsIHRyYXRhciBxdWUgZWwgcXVlIGVzdMOhIHN1ZnJpZW5kbyB0ZW5nYSBsYSBvcG9ydHVuaWRhZCBkZSBlbGVnaXIgb3RyYSBjb3NhLCB0ZW5nYSBsYSBwb3NpYmlsaWRhZCBkZSBtZWpvcmFyLCBkZSBjYW1iaWFyIHN1IGRlc3Rpbm/igKYKICA8YnIgLz48YnIgLz4KICBFbiBlc2UgY2FtaW5vIGZ1aW1vcyBoYWNpZW5kbywgbG9zIENvbmdyZXNvcywgbGFzIEpvcm5hZGFzLCBsYXMgY2FwYWNpdGFjaW9uZXMgZXh0ZXJuYXMgeSBmb3JtYW1vcyBtdWNob3MsIHBlcm8gbXVjaG9zIHByb2Zlc2lvbmFsZXPigKZudW5jYSB0dXZpbW9zIGVsIHRpZW1wbyB5IGVsIGRpbmVybyBwYXJhIHNpc3RlbWF0aXphciBsYSBpbmZvcm1hY2nDs24geSBwb2RlciBjb250YXIgY29uIGVzdGFkw61zdGljYXMgcG9ycXVlIGVsIHRpZW1wbyB5IGVsIHBvY28gZGluZXJvIGxvIHVzYW1vcyBwYXJhIGFsaXZpYXIgZWwgc3VmcmltaWVudG8gZGUgbG9zIHBhY2llbnRlcyBxdWUgcmVjdXJyZW4gYSBub3NvdHJvcy4KICA8YnIgLz48YnIgLz4KICBUYW1iacOpbiBub3MgZGltb3MgY3VlbnRhIHF1ZSBlbiBtdWNob3MgbW9tZW50b3MgZGUgbGEgdmlkYSBkZSBsb3MgbmnDsW9zIHkgbmnDsWFzIG5vIGFsY2FuemEgY29uIGVsIHRyYXRhbWllbnRvIGVuIHVuIGNvbnN1bHRvcmlvLCBwb3JxdWUgbGFzIHByb2JsZW3DoXRpY2FzIHNlIGNvbXBsZWppemFuLCBsYXMgc2l0dWFjaW9uZXMgc2UgYWdyYXZhbiB5IHNlbnRpbW9zIHF1ZSB0ZW7DrWFtb3MgcXVlIGhhY2VyIGFsZ28gbcOhc+KApgogIEFzw60gbmFjZSBudWVzdHJvIFByb2dyYW1hIE1ldGFtb3Jmb3NpcywgdW4gZXNwYWNpbyBkZSB0cmF0YW1pZW50byBpbnRlZ3JhbCBjb24gaW50ZXJuYWNpw7NuIHBhcmEgYWRvbGVzY2VudGVzIG11amVyZXMgdsOtY3RpbWFzIGRlIGFidXNvIHNleHVhbCwgZGUgdmlvbGVuY2lhLCBkZSB0cmF0YeKAplRhbWJpw6luIGluaWNpYW1vcyBudWVzdHJvcyBwcm9ncmFtYXMgQ29uc3RydXllbmRvIHkgQXByZW5kZXIgYSB2b2xhciwgZGVzdGluYWRvIGEgYWRvbGVzY2VudGVzIGVuIGNvbmZsaWN0byBjb24gbGEgbGV5IHBlbmFsLCAgcHVuaWJsZXMgeSBubyBwdW5pYmxlcyByZXNwZWN0aXZhbWVudGUsIAogIGFsZ28gYWx0ZXJuYXRpdm8gYSBsYSBpbnRlcm5hY2nDs27igKYKICA8YnIgLz48YnIgLz4KICBBIGxvIGxhcmdvIGRlIGVzdG9zIGHDsW9zIGhlbW9zIGRlc2Fycm9sbGFkbyBtdWNob3MgcHJvZ3JhbWFzLCBxdWUgdHV2aWVyb24gcXVlIGRpc2NvbnRpbnVhcnNlIGRlYmlkbyBhIGxhIGZhbHRhIGRlIHJlY3Vyc29zIGVjb27Ds21pY29zLCBsYSB2ZXJkYWQgZXMgcXVlIG51bmNhIGhheSBkaW5lcm8gcGFyYSBlc3RvcyB0ZW1hcywgYSBwZXNhciBkZSBxdWUgdG9kbyBlbCBtdW5kbyBzZSBsYSBwYXNhIGhhYmxhbmRvIGRlIGVsbG9zLCBwZXJvIGhhYmxhbiwgc29sbyBoYWJsYW7igKYKICA8YnIgLz48YnIgLz4KICBIb3kgbm9zIGVuY29udHJhbW9zIGVuIGVzdGUgbW9tZW50bywgZW4gZG9uZGUgU2FsdWQgQWN0aXZhIHNlIGVuY3VlbnRyYSBlbiBjcmlzaXPigKYKICBOdWVzdHJhIMO6bmljYSBmdWVudGUgZGUgZmluYW5jaWFtaWVudG8gcGFyZWNlIHF1ZSB0YW1iacOpbiBlc3TDoSBlbiBjcmlzaXMsIG5vcyBlbmNvbnRyYW1vcyBlbiB1bmEgZW5jcnVjaWphZGEsIG5lY2VzaXRhbW9zIGRlIGxhIGF5dWRhIGRlIHVzdGVkZXPigKZTaSBsZXMgcGFyZWNlIHF1ZSBlc3RhbW9zIGhhY2llbmRvIGFsZ28gYnVlbm8gcGFyYSBsYSBnZW50ZSBsb3MgaW52aXRhbW9zIGEgcXVlIHNlIGFzb2NpZW4gYSBub3NvdHJvcyBtZWRpYW50ZSBlbCBwYWdvIGRlIHVuYSBwZXF1ZcOxYSBjb250cmlidWNpw7NuIG1lbnN1YWwgcXVlIHNlIGRlYml0YXLDoSBkZSBzdSB0YXJqZXRhIAogIGRlIGNyw6lkaXRvLCB0b2RhIGNvbGFib3JhY2nDs24gcG9yIHBlcXVlw7FhIHF1ZSBzZWEgbm9zIGF5dWRhcsOhCiAgPGJyIC8+PGJyIC8+CiAgQWNvbXBhw7FlbiBlc3RhIHRhcmVhIHF1ZSBkZXNlYW1vcyBzZWd1aXIgaGFjaWVuZG/igKYKPC9zcGFuPjwvcD4KPC9kaXY+CgkJCjwvZGl2PgogICAgPGRpdiBjbGFzcz0iZm9vdGVyIj48aW1nIHNyYz0iaW1hZ2VzL2Zvb3Rlci5qcGciIHdpZHRoPSI5MzUiIGhlaWdodD0iODciIC8+PC9kaXY+Cgo8L2Rpdj4KICAgICA8IS0tZW5kIG9mIENPTlRFTklETzEgLS0+CiAgICAKICAgIDxkaXYgY2xhc3M9ImNvbnRlbmlkbzIiIGlkPSJjb250ZW5pZG8yIj4KICAgIDwhLS1DT05URU5JRE8gMmRvIEJPVE9OICAtLT4KICAgIAoKPGRpdiBjbGFzcz0iZm9uZG9fY29udDIiPgoKPGRpdiBjbGFzcz0iZm9ybSI+CiAgPGRpdiBjbGFzcz0idGV4dG8iPgogICAgPHA+Jm5ic3A7PC9wPgogICAgPHA+Jm5ic3A7PC9wPgo8cD48c3BhbiBjbGFzcz0idGl0dWxvX2Zvcm0iPjxiPkRBVE9TIFBFUlNPTkFMRVM8L2I+PC9zcGFuPgogICAgPHNwYW4gY2xhc3M9InRpdHVsb19mb3JtMiI+KEVzIG9ibGlnYXRvcmlvIHJlbGxlbmFyIGxvcyBjYW1wb3MgCiAgICAgICAgICAgICAgICBpbmRpY2Fkb3MgY29uICopPC9zcGFuPjwvcD4KICAgIDxkaXYgaWQ9ImJsb3F1ZV9penFfMDMiPgogICAgCQk8ZGl2IGlkPSJibG9xdWVfaXpxXzAzX3RleHRvIj4KICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgIDxzY3JpcHQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICBmdW5jdGlvbiB2YWxpZGFyRW1haWwoZW1haWwpIHsgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgdmFyIHJlICA9IC9eKFthLXpBLVowLTlfLi1dKStAKChbYS16QS1aMC05LV0pKy4pKyhbYS16QS1aMC05XXsyLDR9KSskLzsgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgKCFyZS50ZXN0KGVtYWlsKSkgeyAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgcmV0dXJuIGZhbHNlOyAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB9IAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJldHVybiB0cnVlOyAKICAgICAgICAgICAgICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgICAgICAgICAgZnVuY3Rpb24gdmFsaWRhcihvYmopIHsKICAgICAgICAgICAgICAgICAgICAgICAgICAgIGlmIChvYmoubm9tYnJlLnZhbHVlID09ICcnKSB7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgYWxlcnQoIkRlYmUgaW5ncmVzYXIgc3Ugbm9tYnJlIik7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgb2JqLm5vbWJyZS5mb2N1cygpOwogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJldHVybiBmYWxzZTsKICAgICAgICAgICAgICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgICAgICAgICAgICAgIGlmIChvYmouYXBlbGxpZG8udmFsdWUgPT0gJycpIHsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBhbGVydCgiRGViZSBpbmdyZXNhciBzdSBhcGVsbGlkbyIpOwogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIG9iai5hcGVsbGlkby5mb2N1cygpOwogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJldHVybiBmYWxzZTsKICAgICAgICAgICAgICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgICAgICAgICAgICAgIGlmIChvYmoudGVsZWZvbm8udmFsdWUgPT0gJycpIHsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBhbGVydCgiRGViZSBpbmdyZXNhciBzdSB0ZWxlZm9ubyIpOwogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIG9iai50ZWxlZm9uby5mb2N1cygpOwogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJldHVybiBmYWxzZTsKICAgICAgICAgICAgICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgICAgICAgICAgICAgIGlmIChvYmouZW1haWwudmFsdWUgPT0gJycpIHsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBhbGVydCgiRGViZSBpbmdyZXNhciBzdSBlbWFpbCIpOwogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIG9iai5lbWFpbC5mb2N1cygpOwogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHJldHVybiBmYWxzZTsKICAgICAgICAgICAgICAgICAgICAgICAgICAgIH0gZWxzZSB7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgKHZhbGlkYXJFbWFpbChvYmouZW1haWwudmFsdWUpID09IGZhbHNlKSB7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGFsZXJ0KCJFbCBlbWFpbCBpbmdyZXNhZG8gZXMgaW5jb3JyZWN0byIpOwogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBvYmouZW1haWwuZm9jdXMoKTsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgcmV0dXJuIGZhbHNlOwogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgICAgICAgICAgICAgIGlmIChvYmoudGVybWlub3MuY2hlY2tlZCAhPSB0cnVlKSB7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgYWxlcnQoIkRlYmUgYWNlcHRhciBsb3MgdMOpcm1pbm9zIHkgY29uZGljaW9uZXMiKTsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBvYmoudGVybWlub3MuZm9jdXMoKTsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICByZXR1cm4gZmFsc2U7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgICAgICAgICAgPC9zY3JpcHQ+CiAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICA8Zm9ybSBuYW1lPSJjb250YWN0IiBtZXRob2Q9IlBPU1QiIGFjdGlvbj0iZW52aW8ucGhwIiBvblN1Ym1pdD0icmV0dXJuIHZhbGlkYXIodGhpcykiPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgPGRpdiBpZD0iYmxvcXVlX2l6cV8wMiI+CjxoMT5Ob21icmU8Zm9udCBjb2xvcj0iI0ZGNjYwMCI+KjwvZm9udD48L2gxPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxoMT5BcGVsbGlkbzxmb250IGNvbG9yPSIjRkY2NjAwIj4qPC9mb250PjwvaDE+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGgxPlByb2Zlc2nDs248L2gxPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxoMT5MdWdhciBkZSB0cmFiYWpvPC9oMT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8aDE+VGVsw6lmb25vPGZvbnQgY29sb3I9IiNGRjY2MDAiPio8L2ZvbnQ+PC9oMT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8aDE+RW1haWw8Zm9udCBjb2xvcj0iI0ZGNjYwMCI+KjwvZm9udD48L2gxPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxiciAvPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxiciAvPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwhLS0gPGgxPk5yby4gZGUgVGFyamV0YTxmb250IGNvbG9yPSIjRkY2NjAwIj4qPC9mb250PjwvaDE+IC0tPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxoMT5Nb250bzxmb250IGNvbG9yPSIjRkY2NjAwIj4qPC9mb250PjwvaDE+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGgxPlRpcG8gZGUgT3BlcmFjacOzbjxmb250IGNvbG9yPSIjRkY2NjAwIj4qPC9mb250PjwvaDE+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGgxIGlkPSJoMV90YXJqZXRhIj5UYXJqZXRhPGZvbnQgY29sb3I9IiNGRjY2MDAiPio8L2ZvbnQ+PC9oMT4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8aDEgaWQ9ImgxX2ZyZWN1ZW5jaWEiPkZyZWN1ZW5jaWE8Zm9udCBjb2xvcj0iI0ZGNjYwMCI+KjwvZm9udD48L2gxPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9kaXY+CiAgICAgICAgICAgICAgICAgICAJCSAgPGZpZWxkc2V0PgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48YnIgLz4KICAgICAgICAgICAgICAgICAgICAgICAgICA8aW5wdXQgbmFtZT0ibm9tYnJlIiBjbGFzcz0icmVnMSIgc2l6ZT0iMTUiIHdpZHRoPSIxMDUiIGlkPSJub21icmUiIHR5cGU9InRleHQiPjwvcD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGgxPjwvaDE+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxpbnB1dCBuYW1lPSJhcGVsbGlkbyIgY2xhc3M9InJlZzEiIHNpemU9IjE1IiB3aWR0aD0iMTA1IiBpZD0iYXBlbGxpZG8iIHR5cGU9InRleHQiPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3A+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxoMT48L2gxPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48aW5wdXQgbmFtZT0icHJvZmVzaW9uIiBjbGFzcz0icmVnMSIgc2l6ZT0iMTUiIHdpZHRoPSIxMDUiIGlkPSJwcm9mZXNpb24iIHR5cGU9InRleHQiPjwvcD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGgxPjwvaDE+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxpbnB1dCBuYW1lPSJ0cmFiYWpvIiBjbGFzcz0icmVnMSIgc2l6ZT0iMTUiIHdpZHRoPSIxMDUiIGlkPSJ0cmFiYWpvIiB0eXBlPSJ0ZXh0Ij48L3A+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxoMT48L2gxPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48aW5wdXQgbmFtZT0idGVsZWZvbm8iIGNsYXNzPSJyZWcxIiBzaXplPSIxNSIgd2lkdGg9IjEwNSIgaWQ9InRlbGVmb25vIiB0eXBlPSJ0ZXh0Ij48L3A+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxoMT48L2gxPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48aW5wdXQgbmFtZT0iZW1haWwiIGNsYXNzPSJyZWcxIiBzaXplPSIxNSIgd2lkdGg9IjEwNSIgaWQ9ImVtYWlsIiB0eXBlPSJ0ZXh0Ij48L3A+PGJyIC8+CgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+PHNwYW4gY2xhc3M9InRpdHVsb19mb3JtIj48Yj5ET05BQ0lPTkVTPC9iPjwvc3Bhbj48L3A+ICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjwvcD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwhLS0gPHA+PGlucHV0IG5hbWU9InRhcmpldGEiIGNsYXNzPSJyZWcxIiBzaXplPSIxNSIgd2lkdGg9IjEwNSIgaWQ9InRhcmpldGEiIHR5cGU9InRleHQiPjwvcD4gLS0+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICA8cD48c2VsZWN0IG5hbWU9Im1vbnRvIiBjbGFzcz0icmVnMiIgaWQ9Im1vbnRvIiBvbkNoYW5nZT0iaWYgKHRoaXMudmFsdWUgPT0gJy0xJykgeyBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgndHh0bW9udG8nKS5zdHlsZS5kaXNwbGF5PScnOyB9IGVsc2UgeyBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgndHh0bW9udG8nKS5zdHlsZS5kaXNwbGF5PSdub25lJzsgfSAiPgogICAgICAgICAgICAgICAgICAgICAgPG9wdGlvbiB2YWx1ZT0iNTAiPiQgNTA8L29wdGlvbj4KICAgICAgICAgICAgICAgICAgICAgIDxvcHRpb24gdmFsdWU9IjEwMCI+JCAxMDA8L29wdGlvbj4KICAgICAgICAgICAgICAgICAgICAgIDxvcHRpb24gdmFsdWU9IjE1MCI+JCAxNTA8L29wdGlvbj4KICAgICAgICAgICAgICAgICAgICAgIDxvcHRpb24gdmFsdWU9IjIwMCI+JCAyMDA8L29wdGlvbj4KICAgICAgICAgICAgICAgICAgICAgIDxvcHRpb24gdmFsdWU9Ii0xIj5PdHJvLCBpbmdyZXNlIHZhbG9yPC9vcHRpb24+CiAgICAgICAgICAgICAgICAgICAgPC9zZWxlY3Q+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICA8c2NyaXB0PgogICAgICAgICAgICAgICAgICAgICAgICAgICAgZnVuY3Rpb24gc29sb051bWVyb3MobXlmaWVsZCxlKSB7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAJdmFyIGtleWNvZGU7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAJaWYgKHdpbmRvdy5ldmVudCkgewogICAgICAgICAgICAgICAgICAgICAgICAgICAgCSAgICBrZXljb2RlID0gd2luZG93LmV2ZW50LmtleUNvZGU7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAJfSBlbHNlIHsKICAgICAgICAgICAgICAgICAgICAgICAgICAgIAkgICAgaWYgKGUpIHsKICAgICAgICAgICAgICAgICAgICAgICAgICAgIAkgICAgICAgIGtleWNvZGUgPSBlLndoaWNoOwogICAgICAgICAgICAgICAgICAgICAgICAgICAgCSAgICB9IGVsc2UgewogICAgICAgICAgICAgICAgICAgICAgICAgICAgCSAgICAgICAgcmV0dXJuIHRydWU7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAJICAgIH0KICAgICAgICAgICAgICAgICAgICAgICAgICAgIAl9CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAJaWYgKCgoa2V5Y29kZT40NykgJiYgKGtleWNvZGU8NTgpKSAgfHwgKGtleWNvZGU9PTgpKSB7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAJICAgIHJldHVybiB0cnVlOyAKICAgICAgICAgICAgICAgICAgICAgICAgICAgIAl9IGVsc2UgewogICAgICAgICAgICAgICAgICAgICAgICAgICAgCSAgICByZXR1cm4gZmFsc2U7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAJfQogICAgICAgICAgICAgICAgICAgICAgICAgICAgfQogICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9zY3JpcHQ+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICA8aW5wdXQgbmFtZT0idHh0bW9udG8iIGNsYXNzPSJyZWcxIiBzaXplPSIxNSIgd2lkdGg9IjIwIiBpZD0idHh0bW9udG8iIHR5cGU9InRleHQiIG1heGxlbmd0aD0iNyIgb25LZXlQcmVzcz0icmV0dXJuIHNvbG9OdW1lcm9zKHRoaXMsIGV2ZW50KTsiIHN0eWxlPSJkaXNwbGF5Om5vbmUiPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9wPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgPHNjcmlwdD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgIGZ1bmN0aW9uIG11ZXN0cmFGb3JtYVBhZ28odmFsb3IpIHsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBpZiAodmFsb3IgPT0gMikgewogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgncF9tZWRpb3BhZ28nKS5zdHlsZS5kaXNwbGF5ID0gJ25vbmUnOwogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgncF9jdW90YXMnKS5zdHlsZS5kaXNwbGF5ID0gJ25vbmUnOwogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgncF9mb3JtYXBhZ29vdHJvJykuc3R5bGUuZGlzcGxheSA9ICcnOwogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgnaDFfdGFyamV0YScpLmlubmVySFRNTCA9ICdGb3JtYSBkZSBQYWdvPGZvbnQgY29sb3I9IiNGRjY2MDAiPio8L2ZvbnQ+JzsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoJ2gxX2ZyZWN1ZW5jaWEnKS5pbm5lckhUTUwgPSAnJzsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB9IGVsc2UgewogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgncF9tZWRpb3BhZ28nKS5zdHlsZS5kaXNwbGF5ID0gJyc7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdwX2N1b3RhcycpLnN0eWxlLmRpc3BsYXkgPSAnJzsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoJ3BfZm9ybWFwYWdvb3RybycpLnN0eWxlLmRpc3BsYXkgPSAnbm9uZSc7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdoMV90YXJqZXRhJykuaW5uZXJIVE1MID0gJ1RhcmpldGE8Zm9udCBjb2xvcj0iI0ZGNjYwMCI+KjwvZm9udD4nOwogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgnaDFfZnJlY3VlbmNpYScpLmlubmVySFRNTCA9ICdGcmVjdWVuY2lhPGZvbnQgY29sb3I9IiNGRjY2MDAiPio8L2ZvbnQ+JzsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICAgICAgICAgICAgICA8L3NjcmlwdD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPjxzZWxlY3QgbmFtZT0iZm9ybWFwYWdvIiBjbGFzcz0icmVnMiIgaWQ9ImZvcm1hcGFnbyIgb25DaGFuZ2U9Im11ZXN0cmFGb3JtYVBhZ28odGhpcy52YWx1ZSkiIHN0eWxlPSJwb3NpdGlvbjpyZWxhdGl2ZTsgdG9wOjVweDsiPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8b3B0aW9uIHZhbHVlPSIxIj5UYXJqZXRhIGRlIENyw6lkaXRvPC9vcHRpb24+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxvcHRpb24gdmFsdWU9IjIiPkVmZWN0aXZvICjDum5pY2EgdmV6KTwvb3B0aW9uPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9zZWxlY3Q+PC9wPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgPHAgaWQ9InBfbWVkaW9wYWdvIiBzdHlsZT0iZGlzcGxheTpub25lIj48c2VsZWN0IG5hbWU9Im1lZGlvcGFnbyIgY2xhc3M9InJlZzIiIGlkPSJtZWRpb3BhZ28iIHN0eWxlPSJwb3NpdGlvbjpyZWxhdGl2ZTsgdG9wOjZweDsiPgogICAgICAgICAgICAgICAgICAgICAgPG9wdGlvbiB2YWx1ZT0iMTUiPk1hc3RlcmNhcmQ8L29wdGlvbj4KICAgICAgICAgICAgICAgICAgICAgIDxvcHRpb24gdmFsdWU9IjEiPlZpc2E8L29wdGlvbj4KICAgICAgICAgICAgICAgICAgICAgIDxvcHRpb24gdmFsdWU9IjYiPkFtZXJpY2FuIEV4cHJlc3M8L29wdGlvbj4KICAgICAgICAgICAgICAgICAgICA8L3NlbGVjdD48L3A+CiAgICAgICAgICAgICAgICAgICAgIDxwIGlkPSJwX2N1b3RhcyIgc3R5bGU9ImRpc3BsYXk6bm9uZSI+PHNlbGVjdCBuYW1lPSJjdW90YXMiIGNsYXNzPSJyZWcyIiBpZD0iY3VvdGFzIiBzdHlsZT0icG9zaXRpb246cmVsYXRpdmU7IHRvcDo3cHg7Ij4KICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxvcHRpb24gdmFsdWU9IjEiPkQmZWFjdXRlO2JpdG8gQXV0b20mYWFjdXRlO3RpY28gKHRvZG9zIGxvcyBtZXNlcyk8L29wdGlvbj4KICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxvcHRpb24gdmFsdWU9IjIiPsOabmljYSB2ZXo8L29wdGlvbj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8L3NlbGVjdD48L3A+CiAgICAgICAgICAgICAgICAgICAgPHAgaWQ9InBfZm9ybWFwYWdvb3RybyIgc3R5bGU9ImRpc3BsYXk6bm9uZSI+PHNlbGVjdCBuYW1lPSJmb3JtYXBhZ29vdHJvIiBjbGFzcz0icmVnMiIgaWQ9ImZvcm1hcGFnb290cm8iIHN0eWxlPSJwb3NpdGlvbjpyZWxhdGl2ZTsgdG9wOjdweDsiPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgPG9wdGlvbiB2YWx1ZT0iOTk3Ij5EZXBvc2l0byBCYW5jYXJpbzwvb3B0aW9uPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgPG9wdGlvbiB2YWx1ZT0iOTk4Ij5QYWdvIGVuIEVmZWN0aXZvPC9vcHRpb24+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICA8b3B0aW9uIHZhbHVlPSI5OTkiPkRpbmVyb01haWw8L29wdGlvbj4KICAgICAgICAgICAgICAgICAgICAgICAgICA8L3NlbGVjdD48L3A+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+ICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxiciAvPiAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxpbnB1dCBuYW1lPSJyZWNpYmlyIiBpZD0iY2hlY2siIHR5cGU9ImNoZWNrYm94IiBjaGVja2VkPSJ0cnVlIiB2YWx1ZT0iU2kiIC8+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIFMmaWFjdXRlOywgZGVzZW8gcmVjaWJpciAKICAgICAgICAgICAgICAgIGluZm9ybWFjaSZvYWN1dGU7biBwZXJpJm9hY3V0ZTtkaWNhIGRlIFNhbHVkIEFjdGl2YSB5IAogICAgICAgICAgICAgICAgc3VzIFByb3llY3RvcyBkZSBEZXNhcnJvbGxvLiAgICAgICAgICAgICAgICA8L3A+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxpbnB1dCBuYW1lPSJsaXN0YSIgaWQ9ImNoZWNrIiB0eXBlPSJjaGVja2JveCIgY2hlY2tlZD0idHJ1ZSIgdmFsdWU9IlNpIiAvPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIFNpIGRlc2VvIGFwYXJlY2VyIGVuIGxhIGxpc3RhIGRlIGRvbmFjaW9uZXMgaW5kaXZpZHVhbGVzLiAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBBcGFyZWNlciZhYWN1dGU7IHN1IG5vbWJyZSBlbiBsYSBsaXN0YSBkZWwgcG9ydGFsIGRlIFNhbHVkIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICBBY3RpdmEuPC9wPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8aW5wdXQgbmFtZT0idGVybWlub3MiIGlkPSJ0ZXJtaW5vcyIgdHlwZT0iY2hlY2tib3giIHZhbHVlPSJTaSIgLz4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBBY2VwdG8gbG9zIHTDqXJtaW5vcyB5IGNvbmRpY2lvbmVzLjwvcD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPHA+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgQWRlbcOhcywgY29uIHR1IGRvbmFjacOzbiwgb2J0ZW7DqXMgZGVzY3VlbnRvcyBlbiB0b2RhcyBsYXMgYWN0aXZpZGFkZXMgZGUgU2FsdWQgQWN0aXZhOiBjdXJzb3MsIGpvcm5hZGFzLCBjb25ncmVzb3MuPC9wPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8cD4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxpbnB1dCBuYW1lPSJpbWFnZSIgc3JjPSJmb3JtX2ZpbGVzL0ZPUk1VTEFSSU9fMTUuanBnIiBoZWlnaHQ9IjM4IiB0eXBlPSJpbWFnZSIgd2lkdGg9IjExNSI+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGltZyBvbkNsaWNrPSJyZXR1cm4gcmVzZXQoKTsiIHNyYz0iZm9ybV9maWxlcy9ib3Rvbi1jYW5jZWxfMTUuanBnIiBoZWlnaHQ9IjM4IiB3aWR0aD0iMTE1Ij48L3A+CiAgICAgICAgICAgICAgICAgICAgICAgICAgPC9maWVsZHNldD4KCiAgPC9mb3JtPgogIAogIDxiciAvPgo8YnIgLz4KCgoKPHRhYmxlIHdpZHRoPSI2MzMiIGJvcmRlcj0iMCIgYWxpZ249ImNlbnRlciIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIj4KICA8dHI+CiAgICA8dGQgd2lkdGg9IjAiIGFsaWduPSJsZWZ0IiBiZ2NvbG9yPSIjMjY1MjE3IiBjbGFzcz0iaDMiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMTAiIGNlbGxwYWRkaW5nPSI3Ij4KICAgICAgPHRyPgogICAgICAgIDx0ZCBjbGFzcz0iaDUiPkZPUk1BUyBERSBQQUdPPC90ZD4KICAgICAgPC90cj4KICAgIDwvdGFibGU+CiAgICAgIDxzcGFuIGNsYXNzPSJoNCI+CiAgICA8L3NwYW4+PC90ZD4KICA8L3RyPgogIDx0cj4KICAgIDx0ZCBiZ2NvbG9yPSIjQ0NDQ0NDIj48YnIgLz4KICAgICAgPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIxMCIgY2VsbHNwYWNpbmc9IjUiPgogICAgICA8dHI+CiAgICAgICAgPHRkIGJnY29sb3I9IiNlMDY3MGEiPiZuYnNwOyZuYnNwOzxzcGFuIGNsYXNzPSJoNSI+VGFyamV0YSBkZSBDUsOJRElUTyAocG9yIGTDqWJpdG8gYXV0b23DoXRpY28pPC9zcGFuPjwvdGQ+CiAgICAgIDwvdHI+CiAgICAgIDx0cj4KICAgICAgICA8dGQgYmdjb2xvcj0iI0ZGRkZGRiI+PHRhYmxlIHdpZHRoPSIxODUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgIDx0cj4KICAgICAgICAgICAgPHRkIHdpZHRoPSIxMCI+Jm5ic3A7PC90ZD4KICAgICAgICAgICAgPHRkIHdpZHRoPSIxNTAiPjxpbWcgc3JjPSJpbWFnZXMvdmlzYW1hc3RlcmFtZS5qcGciICB3aWR0aD0iMjM2IiBoZWlnaHQ9IjYwIiAvPjwvdGQ+CiAgICAgICAgICAgIDx0ZCB3aWR0aD0iMjUiPiZuYnNwOzwvdGQ+CiAgICAgICAgICA8L3RyPgogICAgICAgIDwvdGFibGU+CiAgICAgICAgICA8dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjciIGNlbGxwYWRkaW5nPSI1Ij4KICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgIDx0ZD48c3BhbiBjbGFzcz0iaDMiPlNlIGxlIGRlYml0YXLDoSBkZSBzdSBjdWVudGEsIHRvZG9zIGxvcyBtZXNlcy4gTGUgcmVjb3JkYW1vcyBxdWUgZWwgZMOpYml0byBhdXRvbcOhdGljbyBkZSBzdSB0YXJqZXRhIGRlIGNyw6lkaXRvIHVzdGVkIGxvIHB1ZWRlIGNhbmNlbGFyIGVuIGVsIG1vbWVudG8gcXVlIGxvIGRlc2VlIGNvbXVuaWPDoW5kb3NlIGNvbiBub3NvdHJvczwvc3Bhbj48L3RkPgogICAgICAgICAgICA8L3RyPgogICAgICAgICAgPC90YWJsZT4KICAgICAgICAgIDxwPgogICAgICAgICAgPC9wPjwvdGQ+CiAgICAgIDwvdHI+CiAgICA8L3RhYmxlPgogICAgICA8cD4mbmJzcDs8L3A+CiAgICAgIDx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBhbGlnbj0iY2VudGVyIiBjZWxscGFkZGluZz0iMTAiIGNlbGxzcGFjaW5nPSI1Ij4KICAgICAgICA8dHI+CiAgICAgICAgICA8dGQgYmdjb2xvcj0iI2UwNjcwYSI+Jm5ic3A7IDxzcGFuIGNsYXNzPSJoNSI+RUZFQ1RJVk8gcG9yIMO6bmljYSB2ZXogPC9zcGFuPjwvdGQ+CiAgICAgICAgPC90cj4KICAgICAgICA8dHI+CiAgICAgICAgICA8dGQgYmdjb2xvcj0iI0ZGRkZGRiI+PHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSI3IiBjZWxscGFkZGluZz0iNSI+CiAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICA8dGQ+PHNwYW4gY2xhc3M9ImgzIj48ZW0+VXN0ZWQgcmVhbGl6YXLDoSBsYSBkb25hY2nDs24gcG9yIMO6bmljYSB2ZXouIFB1ZWRlIGRvbmFyIGxhcyB2ZWNlcyBxdWUgcXVpZXJhLCBjb21wbGV0YW5kbyBudWV2YW1lbnRlIGVzdGUgZm9ybXVsYXJpbyBlIGluZ3Jlc2FuZG8gZWwgbW9udG8gZGVzZWFkby48L2VtPjwvc3Bhbj48L3RkPgogICAgICAgICAgICA8L3RyPgogICAgICAgICAgPC90YWJsZT4KICAgICAgICAgICAgPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSI3IiBjZWxscGFkZGluZz0iNSI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGJnY29sb3I9IiNDQ0NDQ0MiPjxzcGFuIGNsYXNzPSJoMiI+PHN0cm9uZz5Qb3IgIHRyYW5zZmVyZW5jaWEgYmFuY2FyaWEgbyBkZXDDs3NpdG88L3N0cm9uZz4gPC9zcGFuPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT4KICAgICAgICAgICAgPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSI3IiBjZWxscGFkZGluZz0iNSI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIxNSUiPjxzcGFuIGNsYXNzPSJoMyI+QVJHRU5USU5BPC9zcGFuPjwvdGQ+CiAgICAgICAgICAgICAgICA8dGQgd2lkdGg9Ijg1JSI+PHNwYW4gY2xhc3M9ImgzIj48aW1nIHNyYz0iaW1hZ2VzL2dhbGljaWEuanBnIiB3aWR0aD0iMTA3IiBoZWlnaHQ9IjE5IiBhbGlnbj0ibWlkZGxlIiAvPjwvc3Bhbj48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjIiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMiIgY2VsbHBhZGRpbmc9IjciPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjIiPjxzcGFuIGNsYXNzPSJoMyI+RGF0b3MgcGFyYSBkZXDDs3NpdG9zIHkvbyB0cmFuc2ZlcmVuY2lhOjwvc3Bhbj48L3RkPgogICAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9IjIxJSI+PHNwYW4gY2xhc3M9ImgzIj5FbnRpZGFkIEJhbmNhcmlhOiA8L3NwYW4+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQgd2lkdGg9Ijc5JSI+PHNwYW4gY2xhc3M9ImgzIj5CYW5jbyBHYWxpY2lhPC9zcGFuPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQ+PHNwYW4gY2xhc3M9ImgzIj5UaXR1bGFyIGRlIEN1ZW50YTo8L3NwYW4+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8dGQ+PHNwYW4gY2xhc3M9ImgzIj5TYWx1ZCBBY3RpdmE8L3NwYW4+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZD48c3BhbiBjbGFzcz0iaDMiPlRpcG8gZGUgY3VlbnRhOjwvc3Bhbj48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZD48c3BhbiBjbGFzcz0iaDMiPkN1ZW50YSBDb3JyaWVudGUgZW4gcGVzb3M8L3NwYW4+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZD48c3BhbiBjbGFzcz0iaDMiPk7Dum1lcm8gZGUgY3VlbnRhOjwvc3Bhbj48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZD48c3BhbiBjbGFzcz0iaDMiPjU1MTctOCAwNTktNDwvc3Bhbj48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkPjxzcGFuIGNsYXNzPSJoMyI+Q0JVOjwvc3Bhbj48L3RkPgogICAgICAgICAgICAgICAgICAgIDx0ZD48c3BhbiBjbGFzcz0iaDMiPjAwNzAwNTk3MjAwMDAwMDU1MTc4NDY8L3NwYW4+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZD48c3BhbiBjbGFzcz0iaDMiPkNVSVQ6PC9zcGFuPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkPjxzcGFuIGNsYXNzPSJoMyI+MzAtNzA4MDE0NjMtNjwvc3Bhbj48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjIiIGNsYXNzPSJoMyI+UkVTVE8gREVMIE1VTkRPPC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgIDx0ZCBjb2xzcGFuPSIyIiBjbGFzcz0iaDMiPjx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMiIgY2VsbHBhZGRpbmc9IjciPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIGNvbHNwYW49IjIiPjxzcGFuIGNsYXNzPSJoMyI+RGF0b3MgcGFyYSBkZXDDs3NpdG9zIHkvbyB0cmFuc2ZlcmVuY2lhOjwvc3Bhbj48L3RkPgogICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyMSUiPjxzcGFuIGNsYXNzPSJoMyI+RW50aWRhZCBCYW5jYXJpYTogPC9zcGFuPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSI3OSUiPjxzcGFuIGNsYXNzPSJoMyI+V2FjaG92aWEgQmFuayBOLkEuIC0gTmV3IFlvcms8L3NwYW4+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZD48c3BhbiBjbGFzcz0iaDMiPlN3aWZ0IEFkZHJlc3M6PC9zcGFuPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkPjxzcGFuIGNsYXNzPSJoMyI+UE5CUFVTM05OWUM8L3NwYW4+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZD48c3BhbiBjbGFzcz0iaDMiPkZlZHdpcmU6PC9zcGFuPjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkPjxzcGFuIGNsYXNzPSJoMyI+MDI2MDA1MDkyPC9zcGFuPjwvdGQ+CiAgICAgICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgICA8L3RhYmxlPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT4KICAgICAgICAgICAgPHA+PC9wPgogICAgICAgICAgICA8dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjciIGNlbGxwYWRkaW5nPSI1Ij4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgYmdjb2xvcj0iI0NDQ0NDQyI+PHNwYW4gY2xhc3M9ImgyIj5BY2Vyw6FuZG9zZSBhIG51ZXN0cmEgZW50aWRhZDwvc3Bhbj48L3RkPgogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgIDwvdGFibGU+CiAgICAgICAgICAgIDx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBhbGlnbj0iY2VudGVyIiBjZWxscGFkZGluZz0iMTAiIGNlbGxzcGFjaW5nPSI1Ij4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgIAogICAgICAgICAgICAgIDwvdHI+CiAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgPHRkIGJnY29sb3I9IiNGRkZGRkYiPjx0YWJsZSB3aWR0aD0iMzAwIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCI+CiAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICA8dGQ+Jm5ic3A7Jm5ic3A7PGltZyBzcmM9ImltYWdlcy9zYWx1ZC5qcGciIHdpZHRoPSIxNTQiIGhlaWdodD0iMzkiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgPC90YWJsZT4KICAgICAgICAgICAgICAgICAgPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSI3IiBjZWxscGFkZGluZz0iNSI+CiAgICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgICAgPHRkIGNsYXNzPSJoMyI+RGlyZWNjaW9uOiBBdi4gUHRlIFBlcsOzbiAoZXggUml2YWRhdmlhKSAyNTE0MC4gTWVybG8gQnMuIEFzLjxiciAvPgogICAgICAgICAgICAgICAgICAgICAgICBUZWwuOiAwMjIwIDQ4Mjg0MTggLyA0ODYxMTgwPGJyIC8+CiAgICAgICAgICAgICAgICAgICAgICAgIEUtbWFpbDogc2FsdWRhY3RpdmFAc2FsdWRhY3RpdmEub3JnLmFyPC90ZD4KICAgICAgICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICAgICAgICA8L3RhYmxlPgogICAgICAgICAgICAgICAgICA8cD48L3A+PC90ZD4KICAgICAgICAgICAgICA8L3RyPgogICAgICAgICAgICA8L3RhYmxlPgogICAgICAgICAgICA8dGFibGUgd2lkdGg9IjEwMCUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjciIGNlbGxwYWRkaW5nPSI1Ij4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgYmdjb2xvcj0iI0NDQ0NDQyIgY2xhc3M9ImgyIj5ESU5FUk8gTUFJTDwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgPC90YWJsZT4KICAgICAgICAgICAgPHRhYmxlIHdpZHRoPSIxMDAlIiBib3JkZXI9IjAiIGFsaWduPSJjZW50ZXIiIGNlbGxwYWRkaW5nPSIxMCIgY2VsbHNwYWNpbmc9IjUiPgogICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICA8dHI+CiAgICAgICAgICAgICAgICA8dGQgYmdjb2xvcj0iI0ZGRkZGRiI+PHRhYmxlIHdpZHRoPSIzMDAiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIj4KICAgICAgICAgICAgICAgICAgPHRyPgogICAgICAgICAgICAgICAgICAgIDx0ZCB3aWR0aD0iMTAiPiZuYnNwOzwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPHRkIHdpZHRoPSIyOTAiPjxpbWcgc3JjPSJpbWFnZXMvZGluZXJvbWFpbC5qcGciIHdpZHRoPSI0MTEiIGhlaWdodD0iNTAiIC8+PC90ZD4KICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgIDwvdGFibGU+CiAgICAgICAgICAgICAgICAgIDx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iNyIgY2VsbHBhZGRpbmc9IjUiPgogICAgICAgICAgICAgICAgICAgIDx0cj4KICAgICAgICAgICAgICAgICAgICAgIDx0ZCBjbGFzcz0iaDMiPkltcHJpbWEgZWwgY3Vww7NuIHkgZGlyw61qYXNlIGEgbGFzIHN1Y3Vyc2FsZXMgaGFiaWxpdGFkYXMgcGFyYSByZWFsaXphciBlbCBwYWdvLiBMdWVnbyBww7NuZ2FzZSBlbiBjb250YWN0byBjb24gbm9zb3Ryb3MgcGFyYSBpbmZvcm1hcm5vcyBkZSBsYSBvcGVyYWNpw7NuLjwvdGQ+CiAgICAgICAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgICAgICAgICAgPC90YWJsZT4KICAgICAgICAgICAgICAgICAgPHA+PC9wPjwvdGQ+CiAgICAgICAgICAgICAgPC90cj4KICAgICAgICAgIDwvdGFibGU+PC90ZD4KICAgICAgICA8L3RyPgogICAgICA8L3RhYmxlPgogICAgICA8cD48YnIgLz4KICAgIDwvcD48L3RkPgogIDwvdHI+CjwvdGFibGU+CgoKICAgICAKPC9kaXY+CgoKPCEtLWVuZCBvZiBDT05URU5JRE8yIC0tPgogICAgCiAgICA8ZGl2IGNsYXNzPSJjb250ZW5pZG8iIGlkPSJjb250ZW5pZG8zIj4KCgogICAgPC9kaXY+IDwhLS1lbmQgb2YgQ09OVEVOSURPMyAtLT4KICAgIAogICAgPGRpdiBjbGFzcz0iY29udGVuaWRvIiBpZD0iY29udGVuaWRvNCI+CiAgICAKICAgIDwvZGl2PiA8IS0tZW5kIG9mIENPTlRFTklETzQgLS0+CiAgICAKPGJyIC8+ICAgIAo8YnIgLz4KPGRpdiBjbGFzcz0iY29udGVuaWRvMiIgaWQ9ImNvbnRlbmlkbzUiIGFsaWduPSJjZW50ZXIiPjwvZGl2Pgo8cD4KICA8IS0tZW5kIG9mIENPTlRFTklETzQgLS0+CiAgPCEtLWVuZCBvZiBDT05URU5FRE9SIC0tPgo8L3A+Cgo8c2NyaXB0Pm11ZXN0cmFGb3JtYVBhZ28oZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoJ2Zvcm1hcGFnbycpLnZhbHVlKTwvc2NyaXB0Pgo8L2JvZHk+Cgo8L2h0bWw+Cg==]]></response>
	272	<responseRedirected>false</responseRedirected>
	273	</requestresponse>
	274	</issue>
	275	</issues>

+58

-0

test_cases/plugins/nessus.py less more

	0	#!/usr/bin/env python2.7
	1	# -- coding: utf-8 --
	2
	3	'''
	4	Faraday Penetration Test IDE
	5	Copyright (C) 2013 Infobyte LLC (http://www.infobytesec.com/)
	6	See the file 'doc/LICENSE' for the license information
	7
	8	'''
	9
	10	import unittest
	11	import sys
	12	import os
	13	sys.path.append(os.path.abspath(os.getcwd()))
	14	from plugins.repo.nessus.plugin import NessusPlugin
	15	from model.common import (
	16	factory, ModelObjectVuln, ModelObjectCred,
	17	ModelObjectVulnWeb, ModelObjectNote
	18	)
	19	from model.hosts import (
	20	Host, Service, Interface
	21	)
	22	from plugins.modelactions import modelactions
	23	import test_common
	24
	25	class NessusParserTest(unittest.TestCase):
	26	cd = os.path.dirname(os.path.realpath(__file__))
	27
	28	def setUp(self):
	29	self.plugin = NessusPlugin()
	30	factory.register(Host)
	31	factory.register(Interface)
	32	factory.register(Service)
	33	factory.register(ModelObjectVuln)
	34	factory.register(ModelObjectVulnWeb)
	35	factory.register(ModelObjectNote)
	36	factory.register(ModelObjectCred)
	37
	38	def test_Plugin_Calls_createAndAddHost(self):
	39	self.plugin.processReport(self.cd + '/nessus_xml')
	40	action = self.plugin._pending_actions.get(block=True)
	41	self.assertEqual(action[0], modelactions.CADDHOST)
	42	self.assertEqual(action[1], "12.233.108.201")
	43	action = self.plugin._pending_actions.get(block=True)
	44	self.assertEqual(action[0], modelactions.CADDINTERFACE)
	45	self.assertEqual(action[2], "12.233.108.201")
	46	action = self.plugin._pending_actions.get(block=True)
	47	self.assertEqual(action[0], modelactions.CADDVULNHOST)
	48	self.assertEqual(action[2], "Nessus Scan Information")
	49	test_common.skip(self, 4)
	50	action = self.plugin._pending_actions.get(block=True)
	51	self.assertEqual(action[0], modelactions.CADDSERVICEINT)
	52	self.assertEqual(action[5], ['443'])
	53	self.assertEqual(action[3], 'https?')
	54	self.assertEqual(action[4], 'tcp')
	55
	56	if __name__ == '__main__':
	57	unittest.main()

+2757

-0

test_cases/plugins/nessus_xml less more

	0	<?xml version="1.0" ?>
	1	<NessusClientData_v2>
	2	<Policy><policyName>Web App Tests</policyName>
	3	<Preferences><ServerPreferences><preference><name>max_simult_tcp_sessions</name>
	4	<value>unlimited</value>
	5	</preference>
	6	<preference><name>use_mac_addr</name>
	7	<value>no</value>
	8	</preference>
	9	<preference><name>plugin_set</name>
	10	<value>16775;16066;25451;54191;60374;55364;61980;33572;12878;24384;43101;40715;26256;27362;57439;66560;21828;64849;39419;32080;65025;64615;28457;55991;38878;40003;40295;16700;14933;66924;19111;15882;36867;63797;24446;34096;34617;23116;27863;56309;23189;32964;50088;53469;34145;32085;27877;18919;60594;62734;42311;19973;31892;36886;38403;55257;25995;52440;31436;17166;65244;19388;27965;15393;26515;28262;16773;62047;20539;35893;59532;15649;23796;58710;11594;45524;33408;39771;29306;14951;63816;58325;31734;38307;32903;56742;22288;56843;34309;39792;19670;14569;56779;25131;51561;20609;40921;25266;29615;63994;58162;10204;53864;14546;22930;60854;25068;23322;16312;19085;44745;50674;44799;24139;12202;36772;18138;52867;55000;62536;16658;38123;34019;55904;40427;44045;38321;24327;62205;20432;23952;38236;21636;28106;36662;43573;55879;43474;51875;11729;13663;42859;56810;65485;47696;31561;47282;45832;53105;13247;56184;57113;11739;58678;27884;29860;51053;57103;46951;15171;14227;17165;20428;52632;41600;15266;16025;46105;51858;46237;39113;16893;22762;40250;51698;33691;42641;33700;54546;21258;58145;16638;63985;22868;49610;56746;52661;48874;51900;47041;24200;21571;66365;11943;20180;14171;10154;47806;62875;22482;45201;50431;30320;66411;28749;16299;22434;57250;51598;37120;45164;34660;29451;29617;49560;41594;59710;24867;48889;41944;43520;15774;54143;47460;49908;39636;49216;19225;49646;64778;42547;21541;57938;61559;18062;26524;38588;11272;21078;62583;60028;31067;37086;51363;15225;28696;20845;66903;16810;21701;66938;13008;15401;26081;51606;37106;37750;41013;20616;45996;53256;53194;24486;19214;10917;15378;54564;40520;27011;38990;19278;44149;55221;49975;43197;34147;32120;53066;33034;20189;61512;47009;55122;48195;51146;28485;24597;59787;24508;36760;20284;49322;40251;14441;25657;50355;30048;17716;59389;16967;36481;43373;60386;29491;38942;39491;37062;34111;54514;59702;12239;59574;20381;30751;24278;21000;41693;11941;54910;30073;28949;37389;40461;14315;10662;24806;14421;41100;26083;60317;22418;18129;32960;54316;45293;33282;63888;49382;25608;33820;12631;39693;59652;60850;46413;14781;60396;39705;17727;17426;64519;50675;10806;61239;20993;52205;42101;41218;16156;17053;25173;57840;51387;47451;11412;52770;10142;13207;37128;61996;27465;39296;49170;37769;29553;62985;38125;53435;53953;39482;29555;10005;15457;53021;33578;37474;20817;41795;20895;14788;19279;38643;47254;11370;18105;17676;14416;21002;39355;33000;30892;28206;50090;20345;22594;66573;53826;42459;19081;64084;63498;22829;39738;24054;37622;64018;31870;51369;10177;24577;14932;58389;45216;20406;65644;17277;25542;45615;31043;60619;15574;40887;22928;55048;10056;12252;36575;55774;52443;16894;40435;57020;25647;18618;25867;48891;18568;23509;32432;64128;40938;40964;36774;41656;54189;46755;34555;30819;14901;35624;31690;24442;39508;31017;66747;44910;24860;66726;26286;50212;34673;31837;53986;62223;12651;62597;11578;59925;28355;29359;17337;36753;42317;40747;22475;31811;49125;12217;57435;45150;50413;23691;29318;30543;64980;30717;54490;14590;56258;32092;35005;27058;63682;44878;34414;24479;19538;48351;20875;41702;20745;21460;53349;18604;63413;32031;31095;18493;33276;25231;13575;59411;13254;27641;24185;10728;42031;10509;15840;51593;39822;62915;43163;13600;52919;43765;62348;33759;62572;47784;35547;46362;12460;18058;59077;39266;65377;36671;53590;23588;36876;42538;28111;34519;15385;12791;49555;36275;10919;61384;37468;43972;37561;21368;38075;46049;65350;35176;45488;21860;45110;50531;58464;58041;53828;63141;37472;63036;60172;17071;41114;14931;59747;28638;54145;41520;44769;56847;31608;55045;20762;35022;41923;11245;14860;32854;19321;32687;42111;11443;39582;33385;38237;41105;65107;22860;64140;27061;42214;32717;53184;61441;23506;64376;33983;61050;19433;49821;24782;51774;21050;30977;50529;43066;35416;43307;65437;60770;49557;21178;62951;22336;53819;20653;45475;32808;30205;26929;39087;57575;25795;43669;50136;50635;29169;56044;64935;51248;63439;35292;65819;19276;33227;33468;55659;22413;50564;49335;56225;50940;11835;17312;44596;45350;50824;27851;27615;42051;60260;52980;13754;45371;49535;37287;50372;66798;65098;52118;46809;40916;61022;59507;10487;19584;42068;62333;39780;63440;47277;49386;16800;42439;19562;42422;40569;38296;58709;19101;33964;27934;50182;18477;31952;36996;61138;38756;44398;26914;44535;22302;22028;65355;33100;63222;43799;65393;33932;50485;28260;46277;18173;66809;47534;39752;60939;33256;13128;37404;42722;27748;23869;28637;35269;20006;19946;50710;36634;55495;19375;34331;34221;49683;23298;38821;57541;62192;55753;63185;61706;53618;59164;15021;22516;39253;60321;33009;44987;13572;11785;38740;22859;24335;57301;51549;13760;13629;58404;45841;34029;38889;11692;63168;44968;46739;18364;29423;31411;36936;42982;35083;52427;23972;27605;49771;57409;18506;21795;47364;55064;57124;21437;30557;63199;49058;63681;56704;13868;25172;49119;36118;62431;46763;27947;38440;60871;22736;50343;17518;28241;21685;64991;30877;65564;26075;64588;31292;27043;46326;51069;11882;28862;27312;55305;52119;39956;25539;32901;17283;37313;20482;16599;63869;18279;52999;58775;58925;31682;61762;47069;55992;51474;52120;19630;30133;29840;44698;63871;47549;11416;55092;30006;48518;19610;64232;17248;27507;65634;32913;36222;65030;53996;66837;47527;12066;43406;54840;48815;59208;66081;58477;23992;25082;36021;44848;60582;27244;38962;62147;46051;21145;51870;43396;17379;44959;15508;25749;41317;11939;28038;64030;22472;32775;32720;20661;60829;20478;65888;48975;20312;55736;47280;27368;21614;49621;14346;66705;16885;14990;40590;17341;16964;20537;63547;28024;52969;29552;22512;62391;29089;34985;11641;43809;19325;30063;28871;11083;51404;27623;38653;12591;47626;56106;13109;40597;28254;65197;62272;47195;13581;66079;57513;28656;51299;33961;30925;57380;49263;24402;52165;37217;14422;38193;56954;21935;17020;15816;61572;25924;44436;37002;17026;14778;18098;16208;65240;24886;49160;62318;62207;38251;11236;63680;41957;17821;54933;23081;16748;13836;27752;26339;26438;21042;33272;49930;11127;19945;35432;29117;54469;14629;44747;13295;16719;64494;51225;34427;17326;63290;38303;33640;38057;26792;33861;45029;11552;60343;24570;41673;51009;22602;23407;17351;23668;27482;65727;54713;30243;10529;29956;41096;40662;36505;20088;19047;10725;51001;55501;32772;53676;29442;10099;53759;52916;10757;52955;13406;45138;59824;18185;38919;31469;51505;55848;41273;19626;38636;37651;44516;25456;28809;40372;61213;18223;13036;34789;14155;33835;25476;59936;33819;55516;28108;21030;62988;65896;43038;18885;37022;44895;45625;38855;60721;26499;22110;26226;11327;10528;45246;22024;32658;24390;62492;21584;22653;45507;49412;46922;15609;48854;57207;56630;60357;30509;60709;17749;10496;64046;66410;53522;60772;29063;23459;28630;48276;28029;31726;64657;18670;24134;18176;53411;48570;61524;55917;66541;52382;25559;43142;34024;27028;22203;46331;63838;33087;51251;44651;39221;36605;26317;41449;43886;22937;43057;29396;20059;28849;17834;47061;50704;14127;45577;40259;59535;25971;11382;52653;44635;59506;38373;21538;50867;58272;15325;51334;29492;20960;48174;45747;48383;47102;11037;46449;53015;21226;13300;42375;11730;23877;35569;21007;24687;34066;27672;31231;56102;55400;38760;55789;60585;48811;13069;55306;44414;50853;55834;50950;17637;18421;53716;23325;65973;52191;48640;38050;16374;59123;41433;14379;46226;55859;17057;32179;62678;62279;58133;35156;35739;30910;25862;16620;17989;56086;39684;52356;23620;41384;10492;46561;36896;28527;34621;46839;31446;63114;17336;33978;63696;57393;40414;18442;22374;50265;30849;58937;21870;42833;26678;51226;34273;31366;40105;19559;59469;34363;38477;29915;10268;36362;21771;40188;19387;41442;52809;12235;40209;59134;62246;23204;61370;42494;54698;43086;29789;49710;15898;61995;54592;12444;23285;42106;64668;50098;23201;38968;44479;49130;40254;21858;44875;10392;43716;65781;44423;65190;44123;51124;35367;20316;60319;11021;65138;55640;49954;46005;29071;55322;16313;46205;51710;32981;19355;59850;60117;30972;29444;54926;59723;39015;25312;19490;54058;61158;64926;10673;63004;43687;33319;23625;42677;37753;61864;60737;36932;50884;19774;27393;23855;27432;36660;16221;22558;66921;37251;34773;57328;47119;40280;52219;42449;12287;58575;45074;12839;13814;38804;31773;12015;28424;39590;27145;58702;13537;58462;53240;14786;42138;51323;63894;15748;62968;32164;49071;17713;65573;63643;22528;56009;38506;61118;31617;24616;45768;24511;37845;66813;38412;27716;28151;56567;64799;29855;41945;44181;62309;23453;30547;62773;22174;18332;59957;43425;31792;60603;52133;22525;18991;63446;66647;63980;11702;58679;32697;57723;55095;54790;36982;18346;39996;66928;64660;44048;26735;59891;34239;40592;13311;56932;22289;53286;59428;26324;36805;13862;35895;34142;46860;46585;63381;42299;23786;54723;31471;20113;23449;38220;36695;42984;25656;18483;37281;20569;61528;11066;52960;58568;10911;11337;10573;60670;55587;53683;44505;25025;34872;12928;30072;25146;28962;51352;57659;46386;41339;14713;16827;37978;39575;53026;16098;49580;55024;34344;55885;65226;55726;34917;24761;61258;52891;17671;64723;59049;63861;32295;59792;26343;27278;52907;64774;25985;54495;54260;33335;65555;17085;46321;38478;42297;37500;53927;47407;12111;24559;52829;59736;49945;66574;16501;30991;33442;49566;61376;13227;66556;43701;24676;17599;57144;15970;56168;21280;59910;53622;14897;18823;49759;38446;36319;14596;32784;28896;14511;48237;36920;15699;13090;18348;60614;44614;19356;13726;45516;13696;15222;52441;56984;25406;12232;60570;35900;21392;45595;41987;20130;34192;39787;14332;55626;49110;23624;40830;52492;26345;13464;21054;26501;26084;19654;16923;46109;36761;26687;62762;25609;29109;61372;16315;37636;28225;57487;18226;13997;34669;31706;19074;52790;28025;63969;58209;56568;57021;50794;42558;15444;29187;54812;63495;28671;64096;27908;64653;15734;58698;16220;14551;34233;21328;49729;60200;31181;38535;14720;50006;35002;53884;43232;55399;22023;35199;64781;62519;61318;30126;55527;53386;28286;13268;35138;59822;42263;44522;37730;14974;27973;21248;49779;37366;27549;19597;36288;42785;27398;43394;43736;47638;28384;42113;59006;26012;51538;39119;33168;58616;24455;53124;36196;60064;17077;14658;37656;53236;27987;50690;60171;65825;16484;14670;46519;44454;17791;17445;55285;61127;57143;21214;12906;15780;56723;24491;40311;26974;43881;33450;14787;12804;27256;32593;61977;65544;14399;18993;34347;22391;51955;23395;50707;58540;31423;23621;50049;16291;56535;45604;59203;50919;43906;36594;26070;11290;61037;41515;61733;48647;44313;36612;64941;61989;30725;13049;35537;25235;24636;40977;32859;47846;13753;15878;15196;37503;60855;30018;17171;47270;59027;11026;46430;41841;26444;47378;60484;56493;64342;15109;34367;14733;56754;26938;11985;44750;52739;61747;40129;47386;51321;30897;14013;53474;26021;38161;10970;56239;27533;38798;54387;14303;33571;12921;33587;12503;23784;16443;44427;57549;43145;61310;23097;57175;55208;26448;30417;44018;59534;43872;51202;60618;26465;24685;33584;11714;46667;50643;20831;47111;51975;14337;32591;46358;36527;10947;22782;33384;15095;52180;34851;66126;54203;34149;25160;60383;58842;26138;60044;52944;39820;51925;12736;44553;20387;13427;24057;41470;32966;37377;52954;56649;15676;66950;59041;41281;59047;60336;38995;48287;61423;45817;29854;15621;14985;28989;52808;21052;62399;24602;14092;36347;50631;36673;38194;49833;35888;19154;61013;62289;46576;21831;29435;46659;40391;12536;58040;61701;28408;66255;39601;13071;32185;38309;46384;49390;24114;61869;48773;53955;62316;66119;40239;35572;24917;63349;19846;33715;15268;64544;47028;30968;65664;32235;44071;45162;41880;14342;16655;44037;29285;47066;44625;47298;59338;24992;47668;17717;38580;10666;65401;25418;55403;43522;14795;26449;48689;18690;28081;25948;45363;55733;46152;20900;32692;15688;17174;36035;65351;20304;28471;25250;42082;35306;46666;40332;34572;11474;50411;26953;33678;49982;28838;26643;35550;50544;45795;10913;26017;33375;63543;43723;31780;27349;51717;28587;41759;62805;35686;64298;42267;21937;41498;18983;57878;65289;47136;31538;33699;64712;43051;21574;13692;11757;29834;44573;14184;53778;42541;13282;42094;42652;43751;23652;15899;31527;36504;51485;53727;43102;38382;30312;18852;48742;15389;36601;40235;49304;27686;51186;18895;16349;35602;41185;12673;46909;13253;22485;45906;53707;32985;35026;36345;13333;48940;28655;40737;16297;23528;37362;18657;65567;65261;20149;45517;40252;12584;64764;48916;56005;42857;62619;26373;39620;34310;58880;22012;24938;65200;53515;66361;65911;57685;64828;62506;58072;37485;55077;61874;16248;17710;29632;59923;65196;60467;14604;60385;64056;22456;43471;39027;35800;55175;24255;47063;38593;54551;61148;28978;24222;66299;15541;12399;32910;47441;44998;33170;13750;47728;32197;52578;35652;35581;28026;51235;51074;25877;60842;43829;46559;62792;43753;22963;64596;18443;19764;18229;37416;38758;30142;62146;57504;50907;14187;51528;35552;47258;36623;45305;34421;32339;65071;66226;10859;23963;46878;56002;33501;47861;49532;29971;55664;29065;15597;23198;20580;32399;21379;23555;36135;40302;41631;15102;38763;28118;35324;61764;56219;22721;41090;13719;25908;54041;29043;13446;60863;26162;59201;43794;56415;26656;24904;15677;66851;63493;30573;47095;39250;53315;32038;50823;14809;27122;26022;54335;39189;39182;38534;33879;59245;44729;31155;34771;38547;66391;26150;63828;15620;50259;35679;20871;61556;64184;26201;62836;60371;59372;57552;19689;52166;58521;18160;34460;33064;38574;66611;62764;51542;44183;29110;47794;28539;13704;20626;28334;64301;38748;47689;10670;19453;21011;56133;41328;37760;28074;50759;63927;58874;14174;65939;46558;37092;13033;37535;22998;51075;38916;27270;43260;45281;15674;16509;54940;26798;57075;12439;60098;12471;19875;47715;32978;44452;44114;27474;33542;55178;57656;20805;65447;45638;35633;17272;55902;29008;45463;50123;58665;53502;27492;42411;25750;30095;55402;41828;51930;35722;17376;11649;28430;58608;51289;59728;36010;38449;23941;33885;39100;56937;22784;34164;47359;18512;17504;49270;16200;56419;66827;33742;15506;22807;17625;10273;27501;15794;31661;33803;45789;43267;44272;60209;47297;51388;11063;14052;48721;32690;23320;37397;19409;52991;11658;50314;46220;45180;27829;43333;66242;49220;52712;34710;42260;66349;14076;45169;48505;38575;18978;54503;62368;26440;54064;34064;61888;24275;48950;33077;55380;59785;16765;29001;28548;52733;46917;35454;53231;41094;25137;17689;20819;10296;15138;33539;38829;64851;18389;58030;45426;29532;62035;48683;55811;64389;55415;54421;43578;61577;51375;12120;51458;52283;51778;20300;42117;44956;31102;52573;23244;22267;41812;26862;66635;61253;13633;21001;21842;13617;30762;38551;51221;33506;59071;50227;49225;36397;27966;30636;38632;60264;27077;60097;11054;56361;21905;15921;19937;49228;30974;23059;49326;38199;26208;18518;38903;13953;66940;15418;11131;45551;31192;25627;43914;38337;35253;11469;46438;26709;18951;42977;56873;11758;33832;44434;54036;29913;28145;24348;57110;39023;36140;18497;46317;22078;56578;20843;13847;60873;36552;39891;64755;20689;11828;29596;56051;60170;38838;21274;31104;54513;54720;48814;16464;12458;27097;50518;21022;42615;60864;46235;35428;57961;24425;34956;56097;52680;24313;62470;63066;11396;43490;55330;21362;49343;22502;44301;53603;57480;33138;34056;62338;37333;33299;32536;56132;55662;49611;23005;44320;39006;26175;12977;38729;24874;32948;38379;48862;41525;12118;41888;24277;40054;52677;10491;65752;15858;48229;25800;37407;56397;12979;12457;34044;48216;45099;53538;33946;42742;37703;37932;31243;47248;65699;40212;13913;18772;56247;26992;29272;29329;28411;60410;57429;20602;53783;48461;26124;42739;59772;60512;63964;43417;14153;18532;14406;10555;24593;59547;14998;39517;49725;55190;23580;61119;46293;37504;64181;31037;54909;39472;18283;39455;47447;24252;43181;27812;21175;28463;31158;55110;60122;36003;53838;33165;39703;40482;63667;10019;64748;27135;57106;58514;60137;60299;30315;64692;25419;10923;58939;51452;18121;45739;36457;25344;12820;40298;45388;43652;37619;63415;66451;42080;58723;19163;26205;60568;55901;21510;63204;59025;38941;64994;21302;39618;54209;26893;16240;47050;63819;36281;36270;55680;32739;51802;20864;31230;21140;39001;23188;47439;32503;19824;11984;40849;60096;47272;47847;60287;31035;21555;49698;46745;35927;53559;54993;47584;57013;29167;38569;26919;63979;20257;44374;11779;27161;26469;16709;30576;48920;65853;30324;45134;22326;62345;20120;40194;52295;43713;58544;32618;34898;26811;52422;50432;22870;21727;37020;21032;26609;10860;54157;45847;21522;63092;26274;45330;32002;19273;19146;44571;47222;25296;46267;32590;54768;19410;42910;26848;24070;33927;36553;28782;12807;13976;18684;57039;42965;65702;41293;62306;30959;60080;59090;39988;48167;19460;32596;40939;30141;58783;40810;46357;12246;13032;16980;14085;29837;27723;35272;44778;10526;16624;55227;63538;41815;26778;12620;23348;43819;58347;38831;38710;65993;41680;30527;53880;55355;58265;18333;11588;31641;40911;66707;50568;53519;66920;28370;35364;22923;66603;41752;21365;18831;61521;12427;11506;14906;52865;46404;60263;60014;11518;27677;40257;32684;15427;31679;32492;32527;15417;39325;21966;61058;21154;55730;10833;61731;26335;31545;33871;48731;10119;10377;11667;39908;60786;45890;60397;52051;58200;66001;50308;10763;61330;14032;35396;47538;46002;49589;37521;49151;37668;15874;64458;61432;61527;30368;20914;52459;36216;63116;57606;62871;52262;40301;64020;47850;43172;57729;41696;64950;32116;66975;32849;37653;25011;53645;24254;45684;55710;43321;28819;51338;40050;50770;52272;51242;23950;53216;19255;18366;66558;51301;57036;49334;59148;26647;18205;42415;19618;23301;54013;54750;39441;63025;20785;38462;38628;51819;34308;60253;17670;65397;16377;22962;11395;11666;46028;37884;22691;49015;27137;37374;12690;46374;42125;29303;17300;29965;30294;53722;53752;20994;13091;38871;23923;39279;37569;13583;44806;49857;30495;36828;42947;13857;20504;56463;51518;66570;37903;51038;19260;56658;35289;26237;56963;41692;19891;46823;55074;22034;19785;41753;14444;56681;13579;16264;66774;47462;44238;13593;35806;53689;48225;61958;22769;39783;18961;42230;51903;66820;55909;15537;22803;41461;52506;41890;57176;52981;40092;47488;10450;49414;16821;25710;41993;31800;32332;34965;44338;52224;40788;24569;32738;40572;19790;34868;24686;66138;28506;64782;48551;41784;26490;46389;38849;40012;31295;54429;17587;15907;37447;18362;13689;43722;42110;49632;54271;58159;43666;12300;12858;42716;25791;61919;64254;35610;63249;13892;56150;32317;31863;33647;15112;53787;34353;44709;61178;63153;24007;35033;60297;38645;14063;37705;43159;39981;43166;47262;66357;18821;56206;58077;60657;36263;24627;62580;13278;17014;17789;57177;14073;54102;13747;39110;13447;46289;23700;58354;56670;24015;35455;46751;64208;61131;29591;40004;53019;21864;33136;20952;42860;46639;14158;24869;52626;30783;21082;17225;14363;48173;35388;21401;43454;28476;65183;47178;32873;20818;27803;54448;50061;16480;13016;25377;30253;51576;65055;38541;40237;66776;27295;42399;44765;60866;21855;37580;19148;29085;60013;19167;32976;46758;24954;63175;45105;42186;14374;52766;24967;40878;38074;56925;47624;36439;40462;39481;44513;59045;54742;12901;63923;45576;48516;10730;63773;50368;42518;56859;52408;18997;37097;27346;30800;18217;11440;20872;15554;56928;26683;31042;28406;17152;12864;44980;64768;41133;49961;29966;50042;29384;32013;14823;55248;21205;58071;22631;66339;33596;48601;29301;21834;51707;52953;22650;40631;46216;16909;16963;40655;30199;30390;43880;46164;43556;55636;51325;63876;46101;12338;45803;54879;49156;50753;40431;39444;53581;16329;49369;13379;27958;24304;56187;65480;11478;50730;11088;63856;65435;64529;27876;54033;25360;46330;35912;40725;39055;34561;45864;62538;17773;30035;44346;34974;35505;42676;65442;29430;21269;52245;54110;64402;36143;35139;54494;32568;42016;44126;13560;44817;50083;48246;11418;39778;35908;24422;15976;48953;36318;40369;17038;20210;58748;42550;48460;25398;30609;28499;37533;27595;60529;41069;24291;46465;37133;39071;15760;64882;37881;56893;20680;53638;37345;32517;32040;25341;64393;34944;59493;34148;52236;56944;25855;21904;45335;44160;55663;18507;38081;55044;24908;56609;35319;56448;29975;14278;39235;27956;64493;55315;47821;40873;10800;47588;50561;59135;17486;62748;15540;17294;16532;63971;16747;37818;63451;62412;29797;38596;30300;27588;61885;21291;20481;26450;10437;57812;52081;31514;51935;11125;60694;39391;42322;54155;64889;28561;42535;38883;52785;60859;58446;44642;30934;47867;34479;14992;55945;23731;34206;66476;47214;30695;20013;20606;31128;62713;46043;32204;19570;63970;16449;10989;62534;53774;41810;60942;61583;18329;24012;50782;52252;51255;17566;35423;41062;52946;63230;44768;21894;51098;42032;21128;54267;45011;44294;63155;66271;34046;11724;61171;21594;16840;45468;18437;33090;26607;46300;65108;62285;52889;26702;13326;25817;63683;63992;39122;53924;24507;29054;44866;16294;60985;63085;25578;21649;46411;55546;62511;10412;25015;33499;24319;46707;11646;60983;32066;44760;10369;48543;34518;40952;61514;61313;66596;28783;45537;48905;66908;61324;57709;45586;58688;53521;55776;65441;29199;62118;36133;65068;16077;22891;31263;61001;58096;30301;36883;44391;38278;66044;19062;19676;66017;60778;27506;59062;53486;16378;49637;24791;52832;49383;21940;18745;39398;56528;31027;15239;44716;31028;28593;18729;15800;59343;41921;43989;41954;35314;41345;62482;23346;42424;22235;53602;20204;34912;56037;64009;37456;10846;15595;20479;30409;58419;62552;21228;18166;12097;54180;17645;44795;16393;43083;24757;36860;49554;52791;54673;12205;16201;61492;16403;11212;17278;56688;61721;27541;49182;54153;62984;40366;20951;12589;15419;63508;61735;62610;24800;44531;58006;62563;33265;11331;36840;56425;35966;51918;49865;38275;15664;13875;41192;51383;62353;33515;42134;11154;29891;46324;45682;45165;53093;58282;51758;64648;24544;38242;35574;51535;24664;17737;40198;15020;20341;27654;12601;58327;17044;59918;37273;47826;16870;17736;64248;33850;59108;17707;38606;44610;66372;30329;46020;29293;31838;21006;38518;34927;35125;19385;59298;17117;18330;15271;31464;26215;10689;53888;50275;65628;17177;43790;56191;36248;18865;49987;24234;33935;20617;50462;57828;46669;23032;46047;65761;26379;15149;32858;36479;52353;58010;42520;39881;45049;65128;56697;51976;21664;25858;13337;61666;18843;21516;21906;44772;66130;61678;65857;43933;11431;30631;64743;34593;22404;64012;16873;15340;42657;13562;58712;53904;25932;48725;65969;44554;13978;14460;55700;12728;52250;33643;64073;38814;14101;53429;50694;36131;38690;18679;25229;62819;56212;59555;33821;32016;27334;15986;62938;22208;40464;26472;61499;57226;28359;31047;40090;17309;44796;55618;66336;23293;28212;30658;63120;62879;52418;22576;13484;35242;62430;59456;33206;13844;48467;53881;35132;12598;65093;64490;46996;47088;29302;57344;20883;12058;11848;22177;51399;55762;21561;25258;54419;18687;63889;58860;41990;42143;35775;54011;35897;51831;42139;60510;50740;63624;28123;34776;16710;44700;18319;13554;50499;53892;51184;64903;16847;15602;65789;14423;24810;22426;44086;56303;34087;39012;28658;66676;42034;44543;23561;28303;57054;53510;35058;27098;60869;37797;42035;16735;41152;51893;37226;53981;40970;50246;41559;52852;51654;17441;40038;20470;43380;10017;45622;62230;44360;42978;35787;43565;13024;50945;36209;58819;29357;41341;64124;36750;56708;27223;59828;53303;17236;47856;11348;13352;40323;47253;56000;22618;10568;66313;35920;20305;52487;39495;38053;30194;55503;59666;24297;36370;62495;53928;62981;62354;56048;26361;66658;47081;24224;36827;19264;21170;10316;47499;65738;40641;59504;15093;14233;39175;51231;54228;46451;29408;46622;19581;15997;19975;42296;44898;30216;14049;66273;33735;37566;64909;54480;14188;32483;65590;64722;66427;46913;19050;32514;28903;23262;18563;55062;12576;10935;38922;55484;55386;27475;12209;47770;66431;29170;48439;58300;54595;34752;62681;18314;62704;38522;48451;18587;39940;52679;42537;54851;40513;19806;48774;20515;60026;51020;24849;10580;66910;34137;57174;49381;19593;57919;28442;30010;50241;47710;10823;16607;35692;45257;46228;50127;23970;18370;32444;64877;20974;53013;30545;47647;22306;19092;37923;49624;43680;41830;59640;62378;30340;66831;20489;65905;42824;14913;35305;22935;15902;20402;60413;36624;30064;62890;60978;27885;56001;34653;58751;57451;38094;17813;52509;11602;62643;14718;35149;48951;20505;12034;25345;51155;43503;53958;62882;31453;20507;54867;61724;36309;44417;35534;29321;16431;12346;18971;34999;34038;65912;53120;24362;51739;36364;25701;13332;33015;66563;46834;21264;64932;58191;20935;45365;47580;28659;27002;26942;41001;21605;51617;14579;54783;41819;17787;49158;60199;63535;56122;28446;14963;52208;26466;33689;43177;38540;58998;13548;11686;33278;55172;49605;48650;50647;48466;46985;37901;58317;34089;51199;57896;24219;22412;44197;28901;57795;64908;55356;59323;53068;63623;38579;40763;22301;62815;66315;56359;12432;16486;59820;40735;65338;15796;56165;60024;53059;31269;60893;14686;37855;33505;52075;43395;62775;18018;66046;21492;44450;54641;27526;29238;43127;49817;24805;51354;42261;29844;29795;12863;12055;44378;44365;58231;60305;12695;41306;35681;61224;29405;14274;38281;54412;61846;24701;22076;22508;61464;15433;66882;27781;35917;18282;19887;64165;61461;62540;23928;49079;20241;26736;66503;63258;62682;44880;35669;25934;27148;58801;35170;46798;26485;38101;24283;60615;60061;22705;43810;35903;64628;24078;63841;35096;20758;50296;41541;37058;52255;47737;51523;41199;34584;64867;32429;52521;46993;30167;61389;49106;58548;23326;61667;57596;57764;14288;39598;42542;30184;32059;64469;25002;44228;52281;28492;33082;15127;61063;21120;26161;37142;42171;45230;17247;18833;14594;48154;50194;65966;53457;15231;52697;64627;51904;28390;21724;15350;35604;23919;30426;16568;26217;18695;10428;20043;19552;45764;24629;11636;60952;33652;29352;32280;11765;54282;58518;64264;23777;64726;34153;27127;43140;24804;18228;58648;10431;20431;11070;55457;55015;42095;35576;56738;42058;33154;64161;26789;39034;37306;39543;49726;18812;57305;47450;62800;19230;22117;10675;12581;34302;21691;54072;38148;18720;28569;21733;20757;14968;35683;63447;62910;61700;33846;37821;27522;14135;38877;54314;57281;12726;11392;62501;36405;33213;36579;50287;12336;10514;66009;45605;65779;32036;28583;54633;31108;25530;52582;36557;38681;49784;39388;12089;48416;56659;25400;43224;46052;30094;44847;43699;26377;28288;64865;65583;16858;41930;30287;18050;12855;37574;46600;27124;32553;42994;44696;28991;54475;45100;28851;20002;32795;63032;33645;29091;65630;42464;63039;31557;33604;53643;53781;27935;62277;11857;66029;42689;47568;13107;50926;45582;18873;28447;43019;64233;36358;64305;19002;33936;29612;53400;52958;55525;58642;60606;52157;59709;62154;21911;14541;56373;43766;12383;21430;38811;23707;23876;65047;58803;64863;47210;15121;40799;19740;53089;62760;10464;12527;61242;31438;14397;52364;34911;51466;10118;22844;26439;41543;33349;26451;13401;25594;31372;14751;18784;51645;44096;25526;50562;22127;38897;45223;33268;36265;66487;45166;13477;45650;18940;21944;27583;53293;66957;20925;18382;61782;45208;66677;24013;32735;50279;18775;56384;30699;49888;47244;56920;62855;28061;47676;63808;43602;10360;33440;30262;46162;42220;17251;64509;57998;40856;38762;53144;23403;63217;14851;22488;45448;11248;38376;24796;27765;39465;30807;30839;63671;24558;13516;39576;33623;62657;61089;46061;37342;36490;64737;24682;61924;63016;63394;50333;22743;13179;18019;28566;22965;58753;57019;52333;38869;28575;38820;23562;19639;28617;37127;35954;14413;52719;50683;21633;26460;47535;31050;41052;37207;48455;55537;12828;24879;61095;20876;42650;65530;10481;62721;53866;42971;55055;11885;46799;54823;19615;26642;59074;28090;14907;21177;29841;45189;49013;16590;37431;24464;45599;13711;16284;41368;61998;44563;40402;50795;34128;58935;25205;62105;35283;27118;31500;55251;38184;44788;41011;57446;59804;40835;34699;12688;33769;52480;21748;47669;29668;61027;18603;28725;27705;22601;12023;55147;48274;14330;25294;57749;21200;11408;66232;30375;17202;29336;39422;33548;19748;53141;33180;52777;39980;41443;41506;54612;12225;57277;29105;45104;10926;49839;34326;22903;39111;11889;27644;29666;52478;52147;14749;18966;41208;47187;42908;20918;40260;41139;36513;53696;48210;55523;53335;64153;23020;27140;49078;63720;58690;56459;14212;21699;17505;35687;26839;51253;29631;36849;30824;41765;31756;44965;41508;41606;62418;27838;22059;56798;27087;54686;10934;26976;42407;52168;44376;29703;32572;62374;33058;40596;21261;40243;51992;46679;28354;30032;64690;16653;34840;31750;63263;32489;53337;59032;17021;40547;27111;52235;16530;23327;58288;64062;37776;43424;27611;39606;32210;27159;49404;54697;38311;53234;65282;45406;23718;65019;36039;13312;25302;28271;64543;43572;43787;54080;29143;40443;55647;30153;15698;36240;25414;33179;33481;14799;48436;36110;57856;66106;24018;41932;62739;60767;36902;52618;29674;56594;23872;41677;51997;23310;20686;59371;39722;28879;49783;40381;31474;33010;15090;51479;24092;26359;23263;27167;39663;33016;66848;52554;56108;59932;32414;40853;27903;10682;20227;34327;39142;15411;13039;38699;30639;53401;56177;33150;61526;58264;65227;57960;42801;23960;23484;63523;24588;62647;13838;15357;27659;16373;37960;26347;14855;10942;12714;15980;50701;35623;45446;61302;14041;65689;19623;41337;52016;25440;30817;35771;22761;65594;31513;36261;22929;40734;36645;17996;52204;50964;63345;30710;53836;38706;30482;60236;30121;50124;28681;33863;49376;31741;13452;62693;20719;38725;22009;42682;49190;57468;51693;40423;52331;48488;30092;16941;18216;64847;31671;15873;51784;39614;60023;55510;34246;39214;65415;35672;13830;12902;49981;46007;16603;27180;56566;35466;28933;52358;49798;52363;48284;17831;42923;55559;52901;64911;25392;28610;66694;36127;17290;11215;63275;35750;61141;35118;64542;35419;12408;61772;47699;18237;43665;21618;30612;55963;40760;63198;28719;37867;39955;48168;53726;30787;47266;62515;65996;37698;32236;53447;30446;62842;19112;25110;53434;60403;50165;52906;16252;28891;30283;24942;23728;26718;61675;46965;34646;23639;29987;26960;58626;49087;22838;57954;25582;48801;51272;63550;52282;61909;25180;61906;42367;10796;21854;25619;51827;35632;17435;47674;28733;11324;57211;53987;52805;30366;10083;50808;13486;16309;37394;54987;30790;44560;43047;55851;20418;44518;65974;10943;12518;47161;49996;49585;51133;28606;25990;26785;13382;21265;17781;24723;58814;18169;32183;28649;57098;41723;18944;20644;31859;43963;42017;36974;39125;13409;54067;64171;31076;29587;19245;56066;49859;38350;57986;48632;59717;50077;48934;36684;16345;59835;50235;53106;23513;31167;64638;22337;39579;63548;29513;37554;17423;51616;65389;32388;25904;63157;53666;12942;41948;18781;39308;22419;45436;20119;36780;34017;47350;27019;36506;38776;44329;62215;59815;32155;27964;16721;24085;20916;54418;61656;26297;64674;53489;36967;14666;47413;56375;34320;18555;34294;65823;13434;28608;55602;44000;19996;50638;60367;18805;13650;64361;63993;55244;36121;26599;38095;50825;20767;22221;56424;59335;64227;41015;49293;49994;58726;13272;36507;40135;41190;27897;47815;57939;54057;22686;50335;29732;24775;30767;40872;24166;14770;17520;49464;53338;51410;31141;32571;49819;41298;36766;22340;29368;14377;49402;19791;51002;49971;45056;56321;54623;57573;58114;15434;19955;35852;19590;17998;28115;13192;54941;61003;14622;29222;53229;20732;46946;53104;58173;24721;37183;21131;43530;12953;46586;12219;26541;47351;35025;38297;63018;44142;55292;38630;58634;26480;17402;36205;45736;38730;41484;35880;19390;63996;40253;45833;21985;28555;29264;27511;49490;35556;43084;32733;33875;52392;15208;37721;61604;23154;65085;53929;60183;46029;20838;29988;33530;20380;41177;58822;10761;37023;31813;42523;29134;13429;30704;44354;41521;16000;13979;54105;49033;12350;43485;10469;55270;62330;33187;55165;62059;34068;56969;51680;60581;61103;51752;34755;53993;28777;41964;39535;38848;16679;35685;59755;19577;28534;18238;34383;55654;45130;13536;38471;28568;63860;13889;41002;46633;11334;25036;19681;62213;39503;38745;65720;60650;47394;12647;60925;16984;63594;55783;61112;53230;42024;37099;55161;38832;34482;18013;51730;46540;31610;16134;24232;64937;64771;29586;41779;22178;39097;13373;13283;16600;34014;35449;32181;15670;29949;58673;64976;28216;28523;34124;14084;40559;22423;41428;25483;52748;37850;18962;15758;49746;38549;17742;57217;55678;63687;27136;42476;33940;17741;36359;14634;29097;52526;15375;19099;11685;30314;28570;15025;21176;27375;54692;11347;62712;15848;36618;58543;50406;12885;14888;58569;51256;35566;10847;31278;18365;33789;42572;53153;45264;17819;59035;14287;54998;20359;32440;49086;31256;18877;45143;58043;22598;17301;62089;63375;40353;63358;16281;15074;32041;55368;20704;52636;14592;22319;55716;53287;22794;26802;51117;21545;17603;12799;64741;41388;29778;34622;66146;45198;24050;23879;51128;29361;34638;38711;64667;15924;44804;29284;28683;62101;54870;36251;27732;60398;27678;39534;46697;32047;58802;38020;37686;63960;29457;55632;24345;27508;50171;53824;54902;10565;12355;64459;26231;64421;35769;20289;10380;66632;64951;17293;60288;57821;54890;64059;60148;54963;27874;37426;17658;51470;47174;11110;63163;60794;53060;24827;28582;66550;15182;21647;49666;41294;60518;12049;27054;34745;62750;18658;64551;34855;34808;29118;66886;37349;35249;11756;37152;34715;41019;33561;65488;18660;39747;58221;58951;22801;55653;40515;52015;58171;56818;51134;64553;45155;51570;31943;66096;57953;23093;60074;47544;66674;11847;64082;25469;36790;32909;33322;51065;19280;17013;11383;44214;12431;57551;61167;51443;19500;27222;29680;10644;22093;65971;34016;26812;23023;49115;53833;25845;40352;26158;18930;25017;56741;28272;63299;19363;17723;34826;61790;25962;10632;33666;57744;62874;57642;18920;46042;25623;32575;18257;50881;19141;34687;22344;39919;20447;12742;26362;34120;58875;37515;63214;31190;15571;40459;58185;50473;23990;26742;44213;38923;16836;46032;13197;23890;15823;12524;41653;12498;11515;47217;64823;39080;28992;52813;63352;28186;31760;51818;18769;29191;64188;28057;46655;15739;64907;58140;49871;41769;61743;52794;20776;12384;34287;36049;34922;65596;16828;22415;60022;29456;66880;31121;26247;62274;28924;20911;36095;11593;65586;38042;20098;52095;49097;35069;32834;48573;64089;65078;36670;26872;19963;13492;17634;13028;17533;30691;22585;48631;43028;29261;42079;34116;35972;30584;17173;24251;63271;25602;37415;43469;31449;49718;42310;38254;15234;35065;53630;38818;38939;64538;21099;35478;36029;46589;13702;23237;30615;51629;56800;42149;61045;59455;11487;10538;52423;40852;29310;16488;41793;40234;13658;14456;64831;23089;26879;14068;46428;35661;41909;52761;45592;53943;64021;11603;51126;33782;13903;44736;45493;50482;54074;11743;36796;24417;54251;20636;64830;28317;34800;65411;28469;37093;55336;51874;17415;29210;52917;57183;14867;38846;16544;15438;54202;48812;45124;19514;39611;53813;63807;30361;12341;66419;34354;32956;11107;43808;57760;47199;22285;60668;23530;44371;40430;57771;13322;20222;25411;57457;12859;39784;44097;56464;49213;33962;52824;14927;43900;45748;42496;48345;47884;14605;15927;30478;50979;37068;36656;28495;65726;27842;61438;14556;33984;61531;19345;31904;34109;19606;26312;34514;33503;41353;37000;18822;12362;56443;14580;29725;41652;58517;25220;46506;12600;36163;59737;33401;32327;41376;21694;38552;56840;29994;31222;40060;29796;49128;11769;52013;23309;37318;57711;62722;41194;30682;52088;59236;51019;32621;59461;26984;52159;24437;29465;45019;58738;38787;51956;45322;29295;52239;63646;48910;17428;20737;51366;33148;44547;44467;34368;61927;34536;20584;43570;59707;45387;38189;42556;21136;31678;14410;26352;25069;22624;28375;16837;54358;65757;16054;65983;11161;15409;66438;56677;60175;20825;31490;26125;55408;17541;55921;25188;61099;56152;21916;16169;19462;29338;43568;42876;32541;26151;14902;40534;48847;40663;19550;43491;57236;16969;66624;39627;40472;56885;43320;19485;66360;27847;27709;46046;60466;50905;37403;24717;56672;41138;49349;56526;62907;53382;27604;58895;33910;26969;12660;51828;40350;53834;15486;25951;50233;46294;54408;31386;42747;24990;10802;15512;12803;46265;32237;52400;32937;26427;29879;26331;60550;28395;19921;59805;12426;51732;53897;20707;40276;45487;58459;50426;66830;17413;65461;57292;52237;41861;23045;49361;37600;61248;66763;42532;21951;31696;61816;13902;13859;26583;61071;60215;38372;23417;48819;53591;37123;23785;17841;36400;21721;13771;41413;13954;63989;31130;31632;31139;13855;45655;57269;65945;50388;21035;57808;35790;41197;18592;23299;27397;57358;62062;62547;55341;31277;34742;24117;29427;30488;62578;48249;55854;20261;44474;13782;46966;16339;42564;35001;43558;19667;66421;34698;44029;32576;54679;54354;40314;18413;51878;22004;17318;41127;46333;56790;26999;33500;53847;15075;57546;45025;49775;28544;32866;47717;26686;10936;42454;44033;50125;20854;60762;42444;50999;35447;20544;42039;43584;47155;13786;63274;27792;36034;23630;10282;34603;63424;42300;26582;20476;49109;53264;33387;35522;36328;39974;22143;66386;61986;26182;32669;44283;21110;49083;44289;48266;50879;33598;48933;51630;45648;48806;48813;45065;53660;11821;41982;58086;22438;42456;18318;50796;35218;32305;14772;50587;41727;11213;45286;24412;66074;30730;13897;14168;11457;18591;44645;63506;11737;36421;22291;65637;63017;37969;37839;35507;11006;21688;42544;56621;61522;21745;54675;43449;63565;37396;57166;26961;44347;16802;44919;61746;26105;18111;54883;47412;16869;44789;34335;56614;24987;65673;64050;38428;66879;24137;12663;48935;29712;32867;26905;19305;44420;62889;14636;41735;45342;52833;48779;10969;57842;13230;35044;55309;46695;51993;22831;39199;23194;63545;30011;15652;64804;53297;23479;15814;39067;42217;17981;42906;34403;60381;17982;49200;29542;25639;43026;39754;49179;14637;36027;48404;25599;15622;20749;13939;27688;16734;61630;22725;57350;24919;14295;43598;55864;57863;48198;18174;22315;20408;47877;15663;32174;49845;59277;26011;23629;13519;45039;43324;26710;16368;56639;20956;47327;36981;27839;13809;26142;37809;12849;14498;33051;10652;20503;25672;53405;12295;64763;62020;25291;55327;40168;54704;29941;62019;56006;54329;54533;46657;39607;37906;44060;64817;33008;62473;32191;17461;42435;31220;45846;45044;36549;44733;34393;20513;20551;34022;24426;22952;33941;55139;22146;30927;22795;16013;20438;48747;66963;64698;25658;57092;42274;16338;34762;14982;63574;37822;56054;49603;18530;24333;34793;55949;64814;57445;17162;52642;33786;62950;52949;17655;49423;39457;46144;24843;13927;21256;25150;16490;64360;17091;63920;61561;63338;54068;23654;50447;41806;29874;35091;33497;53414;40379;62491;32936;22085;43222;36508;59973;55670;46133;52709;53588;13108;45758;51036;63690;59857;61633;65658;61190;43444;31163;11738;35558;16400;65046;43939;11536;42732;65264;15000;25289;33248;64431;26397;51807;45640;55433;18730;60469;12525;30069;30279;51471;54236;48155;21192;32158;57073;49934;51808;20183;42247;40385;65512;57454;26874;31002;13706;47438;21143;49143;12821;36219;64866;43381;22022;14039;27833;14320;12207;13074;59983;34816;59948;36030;46978;33906;62099;32885;29688;27078;53273;15918;51407;32907;56013;26303;13405;32124;16184;18748;54527;22175;64634;45451;43115;62175;46635;53575;43208;60150;48247;32152;10269;65026;32554;15487;46779;23912;27798;66739;16944;14934;49284;55138;38453;10539;30852;64378;42548;45010;55586;22042;55440;14341;49227;25748;54014;23738;27593;12897;17762;20094;31240;61893;13052;41285;15569;29517;48737;28033;13471;18201;22071;65687;20012;13549;49598;59005;13202;38964;25293;65053;66615;66562;51120;10461;25274;41934;30842;28977;16901;15517;46322;19588;53887;39018;16236;62058;58532;39914;20497;39741;20830;27778;65587;60271;58094;57586;49937;20364;19884;46026;57993;16079;56173;10653;43241;57616;36225;51330;66859;54541;25033;19306;26089;55276;62199;63926;64800;39121;32320;30907;49948;40841;47193;28121;31996;17311;15307;61805;25319;16745;22766;28218;50535;49777;36628;61297;40647;47396;43988;29496;33458;16881;46023;63459;64200;65245;56322;24460;51297;39716;40983;31728;57319;64262;20448;20181;29801;15281;40884;40416;42733;48795;43133;21416;57784;58652;53631;63340;23296;35898;22316;34921;21247;13712;28344;44514;57981;62825;64547;26540;45478;40053;60903;53714;29878;10199;60769;64222;42226;30166;36675;30071;29469;30660;54370;48599;53782;41614;53646;35424;30441;51519;64104;55994;19153;27598;32144;26989;55488;51769;65532;46637;17786;55411;31995;63285;18435;62696;35482;48476;56129;61301;50206;15964;58274;27814;17083;50487;15177;58055;62006;32713;62838;45018;30701;61758;26368;43801;24920;42073;59977;46141;13331;10444;60451;58553;43124;46971;61053;45102;15830;58664;10546;51472;65960;63830;57647;31554;23460;43712;10552;51949;60896;59687;22648;40061;33897;15952;28763;32607;15332;30626;37450;66509;13374;12961;24884;39400;33580;61753;48639;45822;27891;25347;62014;34465;34362;25787;29381;60365;40152;59731;49085;43609;11082;64406;59365;19712;39775;61887;13142;63001;54724;26733;34734;60763;28768;23432;55093;25997;33436;62063;10575;56727;63616;42376;60569;48667;56518;32230;22752;64968;47681;24988;15286;15524;13664;23571;31669;10981;23207;20439;23227;20393;52615;16180;30476;42944;49001;61227;51765;47906;28987;45564;40941;10111;53632;66409;21830;50466;44459;61320;42074;43407;28884;23240;59952;55810;62811;24614;38173;17111;54045;34151;30503;30885;61024;32267;22123;39983;11180;43265;13065;61060;57006;17595;30302;52071;26684;37989;15219;60720;45456;65536;10457;11747;39277;50039;51294;57141;58980;62052;54128;40397;45630;23868;14878;40623;55121;51713;27976;14999;61399;56756;51530;23314;56964;24910;32742;63689;49515;39737;14539;48231;47823;19852;20712;64787;48738;53738;45533;52875;55499;27550;54531;39158;26827;57890;11364;31714;52310;38363;58151;53475;38257;57070;62455;33185;16863;50807;65810;15756;30155;60217;25005;29740;27675;21478;24130;12303;62782;35892;59370;24970;52181;30328;44448;61547;15358;12646;22874;66900;56089;21783;11615;24284;45256;11229;20486;26314;57205;13442;18554;50190;49892;61057;31291;65773;59330;51014;53030;16095;25277;29630;59635;64546;52749;34472;66054;20771;44204;18674;47108;49447;38564;61637;59513;42293;64255;60705;18021;40838;60302;11367;58914;51699;14848;14369;27528;12406;42202;15637;57077;62415;56172;54094;40437;51475;45106;56595;17675;14896;21920;63482;65121;66657;53259;21454;53460;44852;63054;25284;34663;44900;60564;58777;27813;38444;43635;54703;10272;57507;10912;58955;34274;22210;21517;23898;59257;24956;43223;14272;52633;58225;30735;24979;60560;54476;47334;47739;14891;59026;61725;10135;59654;26258;61546;22628;65048;64967;46626;60573;44305;26491;18011;30998;19700;52657;21081;60629;45792;10146;64609;56901;23102;35916;18845;28480;14119;26544;33298;23368;58109;55605;18184;43169;22139;56398;27564;44286;12989;25876;18487;40676;64580;52335;63963;25394;55372;13280;28825;14536;62104;11326;28039;45929;37757;49713;48956;21684;16706;55827;16637;38513;25138;64975;47094;27174;66341;24366;19986;31829;27480;19226;49644;33734;48699;35099;65280;21820;11309;18399;25945;23283;62924;19543;37136;57547;53366;26152;24606;29209;39180;50017;15669;40803;12016;15546;46353;16500;43992;64435;10353;38210;32776;66799;38873;12398;49918;57310;14793;18452;39127;34706;38697;40564;15718;65841;12071;37289;40573;36324;30960;40731;39875;27726;40789;59606;57272;18271;54122;62669;44580;26270;39990;15797;42166;46260;51378;18502;66884;66849;53907;26454;19716;15229;57093;16189;17395;58809;31018;44469;28930;32831;41926;28119;22089;50418;59396;55677;34404;36189;62785;18923;63540;64189;42153;16285;30134;54005;61661;52050;14993;14022;66176;35271;24483;57303;32033;36702;31876;13566;42590;13912;39213;32999;52787;33781;13058;39546;66853;52349;25279;24705;29931;58259;55910;49537;57995;47769;31868;25094;31616;17639;24076;12388;16515;16307;51817;25486;32793;37449;10622;55583;42165;58520;30895;19311;51984;29328;19668;34658;22668;66109;18496;33762;62694;16379;15073;32239;62341;24498;27807;13185;50284;27144;39782;50766;57133;39159;58576;22424;61538;21399;25860;51924;36990;40055;11678;22645;11001;51108;10838;27345;27428;22644;21900;64836;35402;66422;19132;18369;55646;35342;47060;50112;63316;16556;14271;59682;34176;57657;47695;56850;57274;31960;20746;10171;39928;30769;14053;60496;14850;62408;48332;63768;12910;51078;17046;48930;51906;34055;33807;28050;15301;35976;47332;33389;62840;29022;44487;27420;19951;54736;14940;26085;13569;37393;48340;11676;55219;13870;19301;28067;54849;21556;45485;47793;16290;60239;11555;64970;52143;33665;42864;52393;25020;17784;64307;41549;43587;40516;45855;10421;48979;27990;30175;53394;58268;32870;32045;53937;22925;13721;58597;57186;66500;19078;52006;47480;41758;23349;28094;18559;56127;36001;38659;42087;62520;14261;28505;23230;57251;20496;34193;36006;56125;47516;41153;11341;63117;11671;53917;47036;30008;59588;16705;47805;36514;43342;66392;43643;42768;18038;23521;56888;54606;23913;56193;58066;60554;48171;63317;27027;10223;29426;19296;50094;20090;57984;54195;13922;13304;43805;63786;53585;61691;33841;39252;51311;65104;33985;57561;43672;15006;19624;27348;11935;39773;51618;58934;19369;33926;66871;55422;30729;60141;25265;12088;15727;43539;63273;52580;61508;63998;54477;19959;60354;48223;12654;52708;37189;50717;40928;52503;43440;30749;62718;39191;51597;55243;37477;21929;25203;19097;12521;18689;66197;23186;21848;41454;50013;19013;59130;51091;15012;19053;42791;60960;53687;38144;39751;63630;37830;11742;29204;42508;11427;23790;51496;29766;27650;10807;59093;55870;26952;66450;34123;56842;62424;60213;60664;56731;58537;14965;51898;35311;29820;28574;60294;61582;19509;33711;53404;32680;40635;42591;48538;40317;21740;60583;22240;10271;56748;17317;39039;18465;63422;26705;10929;16835;42245;40130;23930;19059;13718;34196;49399;38854;21232;41162;54321;29726;39176;11951;56094;16074;53737;54626;59639;50214;15135;40182;34268;61973;42819;21045;19954;33737;59122;66891;56400;14852;53004;38464;29159;60961;64590;57386;34129;10885;66591;59029;32225;64174;37612;40826;61705;55458;55297;27831;20429;11937;19876;29812;38167;26964;52873;62013;26068;15251;40608;25960;62369;38204;11855;27149;66032;12789;33815;18810;25232;41242;21489;48718;49223;26296;10206;44957;40997;41872;40560;24280;20255;59449;13882;61380;18193;21862;16793;55982;43534;17233;55439;27711;13222;39743;26250;23788;24784;23034;19217;63221;42078;60695;36976;47288;20358;61575;37413;59447;30906;35854;40283;52776;49590;26078;51160;62904;20342;39921;28431;24603;21961;51526;50603;50318;48610;23547;24140;44830;41119;33886;54415;22381;63647;26519;33795;19205;49453;33053;54959;49350;15482;16553;44519;22976;35594;28647;41655;21899;31930;19064;53379;22006;49829;13917;15954;18031;37594;65407;12069;19789;54323;24962;34107;31878;48472;46719;24789;42213;14941;41460;61307;36727;25182;30642;14069;64809;46375;30999;45469;45461;15072;10307;60326;21370;63122;17222;64192;20669;37247;43097;28170;16851;13543;53547;15215;26118;66944;16433;40548;33054;26266;19450;14881;33899;19190;38898;12263;18379;19809;11417;24370;32410;18899;48638;49488;52056;38809;32691;28969;54603;33188;27493;53406;39624;65688;20357;45087;20718;62419;64963;37401;49526;48971;39641;31559;48839;31920;45811;30455;27249;33958;55835;47894;38819;31894;55875;46440;41295;18109;36971;16548;65860;60827;56698;64699;34534;11715;37739;12718;33025;60211;26600;18747;27035;27315;24557;27221;54383;13271;52939;52774;11360;55217;59560;59562;66537;34389;58480;18857;49066;49121;62605;22035;23753;55065;55843;22361;56059;12121;26837;66701;61844;11912;11613;34557;58959;14762;43575;13547;57419;37959;41228;31444;24080;40452;45109;35519;38404;13767;47372;55574;60430;13683;35776;38728;43252;39832;36924;60678;35010;62823;38524;54745;15282;15647;36644;18447;55599;21998;65031;37831;31227;48762;54240;58483;18428;57767;62400;62273;42828;13727;32782;46017;23953;62793;19781;10946;35227;19883;31673;14812;17582;11789;38427;26228;30740;64269;62429;66883;20983;59801;10053;25204;52782;30114;13124;19682;56169;16405;33226;26713;50688;47348;47740;60965;23664;27481;15855;64578;30062;25269;27638;51972;43130;11638;28963;29218;28207;15304;57080;44223;61463;34231;44618;62134;62849;64901;61286;46401;20001;59290;23846;54496;58930;41808;60835;61155;25029;50876;24731;42790;57432;52556;60637;13459;18287;34062;11580;50143;38288;65772;44146;45389;11126;35195;51219;61270;52481;22951;54857;52913;51170;10311;48554;61539;58457;30101;61901;43739;63749;62145;66819;23839;42467;10441;41714;49727;50654;38344;13829;63566;36979;14714;14518;58627;11617;24457;20177;41540;29521;32071;60707;62494;47176;10081;55504;17993;18164;16317;44243;16444;39151;36641;42390;43315;57284;57827;33613;31656;42275;41182;37677;51923;41904;22258;17619;63941;54135;22408;47052;21980;50376;17025;66171;50664;55357;29479;18116;51672;18806;65657;58668;42469;64135;51861;21938;64646;61823;65010;21420;55419;43667;37748;59788;41745;58098;33030;54889;59364;30827;46900;39163;51500;38716;28613;50135;56341;23231;32478;65764;31415;39803;65328;61953;33774;66640;41045;26196;55052;63161;16659;64263;61647;59470;50869;57142;40668;34336;19775;50248;24258;58845;17731;16415;18402;31484;37492;62382;40681;56521;36444;31791;59339;14909;20586;18798;24999;22215;28486;21587;62658;19738;50395;46491;53470;31618;64137;39373;55660;50541;38285;24322;64453;14520;35016;40554;27967;14996;39656;34032;14828;41217;57374;51010;14028;28815;47212;14440;12374;27873;46269;30318;15123;59353;31319;35947;57155;18340;42779;22075;45344;34508;22920;22677;61549;61043;41766;45234;49687;54000;46861;55639;45285;33285;22942;62576;37282;57099;54309;25798;41308;30590;45249;11419;35196;10454;61505;45973;30967;43331;63172;57363;48723;24386;24167;32869;62821;59575;52115;13164;28640;11093;22137;65465;63514;14945;59764;51885;14082;41462;51787;61483;43414;29529;33247;20394;60364;16912;23733;54530;13027;40620;66714;65561;48435;35067;15313;26782;13907;19039;51420;21268;11721;18538;14467;19804;14846;44141;15634;61783;45653;30932;21747;41557;54296;12558;61382;36350;60392;20067;39432;29221;61928;41683;33260;37223;55213;36303;35276;60195;18588;52092;28084;32330;28567;60519;21802;21776;58018;60682;48850;30750;60035;35145;58079;45544;44501;13376;12386;36192;65105;46504;43506;29407;50959;53221;31466;40519;29792;15226;42417;62567;33698;64008;63040;49422;28399;48178;27888;57787;32851;30034;26107;24608;49496;15441;55102;64410;62324;59369;43216;22856;43870;15931;13968;37616;47575;46222;13930;15949;47000;53190;61029;28059;26120;63814;49282;12027;38172;42536;40697;14820;45984;36154;38680;41778;40741;18619;18918;29502;43262;16726;38345;48265;23609;47896;42006;64120;37553;38443;33562;48730;26825;40875;29087;39521;40980;46593;10964;30778;26931;55016;50983;36214;18557;57031;39413;14724;14930;62487;29086;50648;56796;30316;38452;20731;33858;55056;43202;40100;46424;18312;35923;60393;13810;45881;46532;26680;46443;28394;25920;10597;48227;29473;48170;10358;31188;16123;28758;63504;61162;12847;49545;24694;58971;65161;23389;12208;62833;48684;48641;16070;41253;57592;61972;37609;19477;11486;37245;18758;29024;35595;48480;32559;57493;55370;40673;54735;51201;31739;32531;30450;43079;56667;63388;30372;41291;60730;64447;12683;29108;21296;22588;59845;64092;30996;12603;66539;23165;48954;44932;11645;50240;46234;49883;53279;58261;23926;30580;14114;43561;25587;57629;55869;63095;61959;18087;60578;42746;52736;63330;65387;58843;63662;58367;34408;65348;50573;31226;36062;25111;38437;60602;21986;56787;65839;61614;19847;16808;26436;33839;38542;35383;52077;31160;51512;12095;62634;66041;27699;31476;25909;51932;27743;64201;20844;19949;39037;27632;12240;19661;29884;56203;52040;47525;26615;10488;54264;56711;16394;24228;58355;54174;46122;49872;44735;56050;28685;55468;44731;51510;56501;57582;37482;10208;60623;65316;36646;27870;31248;19220;63976;35498;41487;14409;25695;56948;56198;14207;10077;48401;39247;56226;61712;17066;51123;30908;54599;54782;64593;38523;30980;46156;55825;65142;29377;46856;55520;10324;58574;50916;10560;37417;18846;26446;48968;54751;25790;53464;31720;23206;52386;28781;22145;37238;65975;32520;47792;35461;23961;20981;41707;20594;45022;62179;28299;39433;28013;11198;20547;51829;46472;52968;49357;11108;26954;43657;61173;25634;65077;48582;32935;32458;42250;62342;46366;13299;47573;27086;32921;66414;52484;47302;60651;10639;65537;34566;56777;44949;60340;20151;37071;37918;33259;29828;50693;17547;59827;35952;34577;53090;18773;27680;26771;25976;37723;39947;35500;47478;52746;47839;11733;11225;40746;29079;19813;65756;20036;34838;19848;31997;42089;60847;58461;16116;51487;23605;47015;35955;66680;40629;58177;24716;64168;46625;22312;26532;50703;36111;30564;46712;50998;22466;30618;27319;50975;54116;41440;36073;63351;40425;30847;33133;30425;51379;32579;32485;60534;60717;56974;38967;39268;63796;62936;31684;54605;28976;29516;61223;65958;25564;13458;54407;56574;61914;27406;50069;56072;21208;60086;23182;60805;33838;66565;24144;29962;41379;32685;41874;64923;14811;46664;56319;41717;31974;30002;24802;32698;53479;61741;20597;42928;66100;20546;34619;65405;56287;10325;58833;12818;26246;48212;50166;34938;32608;58301;62095;17817;18907;66275;66521;29641;44921;17701;64398;41367;32029;58329;32550;47530;64139;62826;43107;51737;55421;51602;26323;42156;41056;20038;44446;41726;50196;22038;34168;42206;58932;33884;39643;61490;12844;45749;57411;12443;35282;52929;35106;17550;30169;66672;53348;58973;36782;57721;64790;61515;17480;26091;62407;41750;58442;65957;16826;21878;17195;66039;25362;31693;28326;35958;52491;52231;34796;15795;18782;10515;30260;66218;54711;57710;18869;65670;26640;16094;10070;54730;66970;59644;31003;51081;66582;46407;44468;48984;65162;48835;13403;23732;50530;51667;42832;49740;61104;41313;32397;17744;51931;51886;11827;42161;49465;19574;20687;56404;35562;66454;51796;16512;35935;65444;58926;41499;60640;19434;19609;39212;48165;20285;30496;43301;53607;58725;46825;17755;44720;22147;51209;17552;28981;47729;34224;23457;62214;14094;20493;36853;19498;16408;59380;42283;64036;31194;37185;32461;60115;24321;48771;41785;39384;12835;40535;65022;34228;37675;10956;55028;16787;61870;27033;18249;60038;43080;36921;24087;45885;15116;48424;65499;33487;23996;35405;49753;62790;48752;10595;32569;28235;45233;48328;40756;11831;35945;53788;29292;10570;65359;48809;28278;58901;15205;10197;54640;17631;47887;21696;65483;54973;47338;15966;57109;57514;60874;20399;13106;23364;42233;34953;12813;51200;25925;54263;59106;42109;66727;55800;31840;52971;52132;34121;42152;47055;16960;38978;11085;17759;53092;58772;48219;21918;50553;32632;15454;28432;21589;50622;61488;64368;51615;36380;36626;66198;26411;15241;51596;15668;59430;43640;44936;29747;49758;10251;37467;43970;37817;49730;11151;20217;47091;43063;22282;24294;61979;39580;54373;20154;57517;43002;48483;59406;66812;13072;20224;58186;33601;65014;31429;54468;16513;63127;41044;11477;34664;15575;31148;39725;32321;51971;57922;48473;51460;15633;51780;43579;45151;66022;46715;56438;48445;17481;23485;19027;63805;57595;66810;27046;11471;13341;55483;42939;25368;43399;33938;11164;66346;62917;49973;55712;65357;31245;58684;18280;14008;61617;21070;26537;29052;40497;26780;29053;45397;39497;48263;18601;29573;31060;18589;24008;49185;36201;29588;22111;56855;36363;28743;27464;18764;13756;37291;58904;13584;45462;19686;43263;12116;16348;41346;13324;27991;29719;38364;31020;48207;24536;60090;27869;61993;25528;32883;50031;26459;42705;43542;64314;20531;16684;11393;23477;22256;53341;31638;48945;40614;29041;61670;62286;44687;63174;60994;14492;39454;13221;12877;11544;22671;29414;63401;16542;45209;17629;44248;40723;39479;11316;14033;15615;61685;33023;63721;63553;60149;50374;23906;65676;53084;35751;50158;58756;26186;10958;28786;44978;35247;49480;15778;20138;65180;30629;38713;47690;32387;11303;48350;45362;27255;41089;48508;46623;31029;16597;40820;23468;41166;11550;31966;49720;23037;43679;20554;52268;53831;25563;63595;55125;59320;26273;54237;65607;58778;63502;40814;52516;57353;44582;28290;48244;53330;28158;18939;21345;27673;40316;63201;25183;22623;35207;61558;26422;64566;28644;50772;27837;50779;29611;64924;43138;63279;21502;45361;38436;25885;27304;53613;40364;10390;54798;46114;54665;48300;32768;52396;36819;26225;34154;11607;33252;20806;52344;11448;65283;14757;12237;36895;42872;22196;52297;18385;60635;60039;60192;13525;36132;38008;45030;25841;22625;55267;15292;30845;59078;55275;53863;45754;25145;61139;64920;49246;65880;35336;12597;37430;63488;65007;55424;28878;34651;56559;23255;35126;59782;53669;29371;22949;61571;53999;13941;35810;36510;60760;38920;38077;26854;45298;28136;65451;37259;21891;53002;29120;57579;54230;11267;50301;47369;18732;44035;48869;41598;22201;24652;38484;63542;63315;51265;41946;50064;18078;46163;20706;22667;40203;64853;36332;45091;40351;60736;53452;24996;42474;42098;21755;53312;10073;42515;61601;58672;66720;43577;45742;27071;27779;56638;63150;65192;28520;40181;21810;24209;33967;51953;45258;29154;39238;50470;53255;54456;44380;48497;53492;52651;38999;19889;46812;14450;20343;54120;60033;58100;19777;45606;21123;30291;61482;23054;66751;43122;40233;39065;48926;34467;22663;33461;25097;11183;53132;16938;21331;34379;40744;13139;26679;33721;26146;23762;65426;66538;18368;49437;17100;60765;12533;49938;47679;16879;56860;29935;40966;11622;42560;40111;43139;42655;39655;26498;57448;51083;36129;35008;20107;41679;12451;47761;53421;66652;47907;36277;52612;53096;56444;27786;15175;59443;58315;49731;45733;58312;50078;15491;14544;36190;53298;40059;43442;59569;20356;51687;24768;56921;26366;27285;17743;33758;58878;15060;10455;57506;14515;13444;60206;40637;14036;20750;35159;29536;44938;17244;12377;51663;64808;43690;17382;17738;47260;49873;59520;19441;32269;28066;66400;66600;48602;29267;39077;53111;49500;56080;21523;30484;25008;22909;11523;24303;39085;60425;23111;50322;20975;55043;35862;30268;53589;16460;50458;53561;26987;66105;37795;45710;51761;19988;10805;61374;27309;39836;58667;35104;15314;10646;22994;57973;39013;12410;37210;25963;62153;33570;10482;18614;21273;48622;28005;11915;26280;31614;44066;27606;28464;33707;35570;28795;34023;65095;16576;66297;34893;35320;18858;42357;62969;16783;57267;53712;59358;64212;50377;51473;19495;28502;23162;53064;50550;49592;25491;63587;17366;19066;16623;44291;16155;32162;22320;28512;51488;50865;38500;64942;10278;38129;15068;60140;11488;46437;33235;43650;45780;57532;46001;25531;26951;40333;48661;66379;44185;42014;45059;52212;10110;65496;29481;47402;63974;25751;39193;14189;55665;18076;26915;64158;11946;51012;21255;18664;28015;11783;11695;54205;21686;36341;12455;35240;29164;15583;21465;15103;13529;29195;13541;14211;10025;27250;36002;53918;43538;44974;65233;26587;56028;23482;42100;41849;54622;63196;62433;13970;16176;58101;12435;55936;22474;62652;14953;37083;26555;12920;15270;39287;20331;32955;14568;62060;50751;35224;26940;44993;42891;18639;66380;47454;19191;13785;27762;30856;45583;50756;26402;31885;27736;41587;22394;63119;18630;44275;65520;23118;23751;63610;55273;29445;30222;23607;59937;27655;66838;16109;53088;61373;51594;55803;61010;25543;15803;58720;19698;63558;59919;31666;36449;66612;13694;11233;20890;41319;45919;10613;63937;54576;21493;52323;10537;66575;26558;16998;54177;52928;41468;37874;14573;44842;45354;51913;65674;54636;24103;50897;52681;36959;20729;40101;12502;45913;23250;56386;15088;56634;45251;34377;50864;50073;38046;33674;64603;48191;30208;22217;55899;45767;60269;46904;45215;22122;19478;56556;38505;35607;34990;29694;29009;61174;18036;59492;41239;37908;38067;46341;14279;12693;58831;66948;35293;43893;47029;44170;42495;32401;18290;60395;36758;38212;65843;23628;12661;29406;27912;34318;12682;66092;19507;21382;63307;12446;58620;62588;20109;30572;37358;32344;13789;43450;40524;37541;13329;65543;58432;11654;15498;47375;28928;47240;63377;61081;22252;57848;58335;55088;17153;46416;23603;18424;16631;61709;39453;55320;51849;24670;44447;40999;53108;47130;37489;28308;64014;34076;38884;43367;41026;55004;44738;29029;16071;35095;12865;47796;32983;48397;55692;52291;66965;40943;59283;45421;24779;37105;59705;34546;10261;29289;13498;64397;59757;64179;47273;35212;61776;37913;36074;10892;22987;51781;53413;18374;50640;66190;18712;39354;65008;16459;38071;34731;65920;18598;20400;12506;15690;20574;52446;60325;66832;19666;26957;25846;46906;60734;42137;47269;59008;40358;43741;66155;60508;18876;44127;10720;50692;23491;55860;30031;14439;25680;15024;19228;53113;22849;31975;23290;39259;11373;35404;52613;45324;32206;63288;13439;33312;37696;65818;46941;60752;60696;33320;12229;49451;10665;25827;31338;27018;58513;33970;44826;61212;65002;43726;11097;20412;50113;46245;28164;36101;16905;47471;10520;41962;35779;41169;34537;11980;39062;64288;42423;17549;35820;60001;10194;52482;12627;34361;41400;33616;34935;55185;54930;54975;53623;12081;57370;46166;21744;25369;29499;23155;54906;14647;47572;40767;17493;63412;60473;59014;24421;66021;25359;32678;27401;31722;21513;24883;50180;58559;61660;15742;46377;59539;21624;61032;37759;18152;64098;33881;15822;52160;20213;56915;46273;61042;31558;25523;40834;44364;40199;49147;33526;64981;48797;10400;30003;22809;12477;35267;13992;42616;30412;43468;53282;40241;42618;22503;47315;65069;40528;56793;49045;10759;53557;46863;53100;25728;30764;62365;65067;33514;33245;60693;55545;40410;42999;41740;62663;57791;50943;39134;66588;42717;65395;23113;12952;62046;40584;40831;37899;34165;41703;48379;56857;20092;18643;11952;56092;18110;44674;57307;16314;13345;61883;48918;33849;66770;35108;27534;14648;12569;16384;66559;44315;11563;37611;63138;29710;61108;28578;63552;13162;29742;34264;34266;18449;46857;44502;42090;44688;57318;36466;11299;60861;15504;61487;44247;15725;58408;44483;49482;41732;63812;15693;50015;18256;41501;14334;29938;32740;13700;14892;23516;24858;13026;31778;62564;41809;25040;13723;54031;44326;25206;21642;48427;12657;63101;10980;20560;65460;17069;38135;50176;44813;18770;19714;20659;58167;54687;43431;16615;11547;24334;41148;66494;16822;45147;14517;44703;51679;49841;16945;50941;53225;57190;53534;35848;45496;61795;59280;27801;30360;47470;18099;27085;28684;20739;61468;57152;56021;22130;40354;23542;53518;44504;39153;12490;64107;53966;51852;30183;49265;12712;66643;49623;39347;63582;22755;44532;50872;59846;38512;63953;30212;14825;21677;24056;17463;39584;42522;55001;53997;59829;52817;22751;66520;33371;20889;44955;10788;57704;27630;63665;28459;42009;46486;64001;66598;13160;33452;23697;29213;45094;21474;38926;16375;60549;42177;29276;50311;46876;30952;44670;35034;31518;21211;11703;24829;54051;16575;16262;28070;55934;37288;63291;12515;21922;19952;20056;55846;18620;35377;28841;50378;56302;14585;15132;45593;12748;31006;28460;63522;66481;21407;49181;11470;53025;42916;42210;50607;31246;39510;57631;60520;34785;36518;29432;40193;19976;38492;63765;62183;30644;60628;56529;43604;45351;17462;47464;56866;21167;18122;27553;44444;31455;41297;54443;66274;13542;10320;23981;30112;18586;32688;44982;30674;14147;32474;19003;66012;34339;31364;57243;52890;45077;39002;39890;47251;27336;56227;56947;18132;12735;59111;37309;39499;40667;64170;37851;13021;25650;52745;16981;12356;59224;25547;10066;31866;57151;44606;46829;22818;17700;15067;31985;15451;66183;19865;13597;19664;21563;60922;45261;23171;40839;45971;48523;25357;53323;66259;38936;16712;35175;53031;16791;37659;23324;12573;62332;23496;35467;12213;41592;47555;12822;58111;15789;11206;28054;49409;45228;37025;33443;27710;61548;44370;13490;49366;35638;36343;66309;63266;17142;19037;64964;20485;15563;23222;32241;53442;34919;36863;35740;51416;23940;15706;31437;65953;49828;57059;16756;34000;40320;64424;63398;59401;66270;35341;20041;25049;18220;11567;14917;45504;63319;45542;12266;37490;38166;59498;64474;58215;21890;25810;66943;66858;15264;20330;66492;58424;30707;29438;43605;55099;45569;44179;51760;10475;13845;51417;45708;28468;31550;18594;35720;63013;52874;39057;44829;15567;42932;53253;29094;10011;17472;58588;48186;59612;63455;46459;32624;46814;42726;54172;10026;17079;13054;30890;14247;49670;55619;33343;29236;20829;32744;62791;31541;38451;10863;60538;21155;39210;19168;59604;34885;61143;43923;59345;58172;45540;61965;33003;39770;66449;31735;47398;64019;45961;26153;15790;65769;23024;11572;59138;30949;28343;54557;57923;16742;45529;61467;36430;42765;37014;38473;38521;45088;51218;14516;61730;33377;58033;46325;18958;30826;65277;35310;25407;61715;29970;64331;30147;56613;50617;51894;39912;56997;13873;12922;40879;36004;42661;24285;50465;58737;66335;66490;56076;27279;38626;19794;55054;50721;54766;37704;34671;56084;53344;55253;42222;25520;33405;54091;48807;40042;37486;35671;32794;20367;23601;32649;22479;39853;14570;66369;56476;16673;51499;41855;35568;28234;27356;63777;53514;15065;66338;30595;19957;10180;22828;61306;45495;47383;33772;26835;44771;14454;14773;27067;34538;57210;44439;32570;17583;33792;31630;38456;27476;27879;24286;23297;26673;24411;53692;17350;45175;31414;61251;10478;30753;34505;57004;54071;30203;59010;50329;65079;28530;66483;43020;33634;38901;13888;52001;29070;15953;24719;31694;30538;20275;19981;60822;42169;20623;54743;12046;23415;10723;52518;31867;27558;28112;47409;33743;34466;35307;23480;27625;33126;46409;42406;51723;52903;59241;10994;45239;29709;66069;25167;63813;59012;31012;59696;20248;44718;48236;24964;44164;63629;49904;44683;20924;37902;62075;21126;64126;51189;44555;45480;32022;31511;19833;16654;38048;27047;66703;22941;32009;21229;55268;21409;46573;16356;22728;20444;36145;46893;25432;54712;37464;63012;44946;51661;50336;42488;30555;27968;36999;30202;57058;45259;31832;12986;42920;32629;25734;38617;24997;58280;25878;62178;59730;61101;60216;66971;36517;36484;32704;26421;46412;62732;55837;57581;46059;21579;65063;45064;36105;41436;23123;50446;54332;49519;55274;27437;57915;52685;19308;10299;39007;12393;25884;25355;18310;13610;30343;59929;65438;25969;49038;44981;34920;60881;17554;34187;42729;23900;17699;65371;61991;58948;35309;40296;59072;19886;39257;64503;33232;40348;52346;14711;24506;51351;18505;51595;36892;31506;56632;49429;43698;36933;51513;54290;63793;59104;61064;58036;53391;11118;55500;52483;16205;33730;46092;33498;23597;18626;27093;33336;24184;52303;44337;58333;17999;63568;66585;29171;14643;23199;56908;25772;31940;44163;10647;29128;63788;27109;31236;49009;19940;49372;27794;60186;35066;62925;19309;58771;59759;34092;60977;61653;43007;32984;16015;19568;28093;26832;25700;48688;16665;55384;36247;22499;50616;29298;66888;41864;35148;64270;62771;38406;63353;52750;60880;51763;55878;56079;54401;59101;51974;15646;51601;56447;23276;35970;64706;25158;44845;37720;30403;57315;10499;59643;15296;12417;58484;14755;50508;58572;55114;26060;21287;36406;41749;62688;24646;13790;24793;52060;59834;57908;66742;57200;15817;28172;22489;26399;25422;34049;32972;11439;36616;66295;64587;60862;16398;63255;57528;10024;49803;29533;35412;29212;63211;30532;20286;37779;52713;51772;27914;56601;62322;47184;52940;53040;29528;12436;15711;24020;52467;23103;20027;53195;62417;46159;51348;58038;56679;22783;28961;23492;33195;36668;45405;64473;64576;47124;18813;34006;32480;39448;19397;16933;57112;19635;59079;14173;57400;58897;55280;50251;52672;18054;29100;15630;53979;58331;26128;32992;23433;59832;58469;45260;28627;34263;10703;57818;38951;29480;53098;14108;58251;37125;19933;46768;54624;64829;20885;29716;13523;22410;47128;50255;18075;15505;22826;23190;38868;30592;58374;56968;26221;43822;61777;13167;58863;45770;21220;19287;30497;31903;65642;14091;37188;42546;11371;46484;61136;33043;24643;25894;65713;15448;32926;55616;26111;58441;15056;10497;49907;41545;50942;10106;59819;30434;38545;30802;21191;34539;61455;18196;23586;22674;47901;66137;66646;61774;39635;44843;30944;50280;27302;52253;44595;12405;61160;32279;52603;10207;36128;20579;60406;53652;15692;52309;42843;16063;14838;35089;23969;59414;49789;29889;22095;60417;41288;17501;27957;17156;66115;28076;12607;16646;42450;14109;55689;66214;65904;66814;61147;32518;29643;41927;48669;27586;11476;57518;48671;23356;35765;24093;11753;12248;16779;58961;65847;35781;32987;30406;24984;31522;25686;28556;63957;21494;12871;53501;27578;53508;53815;51317;17499;65134;38138;60996;25348;45338;12238;64746;54917;33670;50243;39629;42570;12570;32228;45004;62970;18686;32747;54695;10466;34753;29936;22732;33883;43021;40132;30939;40897;55334;61517;34396;49105;65889;57931;48820;53201;17340;34683;62251;59519;39074;21036;29468;54632;60179;41951;19858;43155;11423;11909;24797;61303;17593;52877;12667;41260;31809;20632;30107;14505;60975;55447;53512;24014;31058;53653;57461;42736;29541;18596;57820;59926;38001;23750;34918;62559;54816;20634;17810;48224;30452;63250;22836;13570;37997;57365;35142;34591;18197;21990;36166;28150;64579;63069;26463;23078;27082;48973;20252;19987;25216;65947;44863;41008;28960;54582;38773;57275;53528;47211;30774;17991;25566;29096;37587;33663;44079;26754;57746;50324;14176;28660;10966;52617;32809;30627;59261;64206;37871;61860;21529;57687;57258;62194;23956;66622;48337;32918;14698;40377;21024;41859;15968;10724;62457;53398;58821;29265;37346;53713;33810;56992;64727;43361;17630;13270;43954;29341;26145;54939;61403;60712;52501;34319;41243;49906;29374;40058;27056;57088;46910;24399;61763;51973;53720;47858;31534;33947;49054;28273;56151;53238;55715;50592;54818;13372;52920;57366;33675;38608;33928;36834;25387;48846;62533;51220;43290;66669;16946;44742;32601;65979;43291;19268;38700;66470;51478;26195;32439;45688;21431;28764;25633;34748;23069;35626;41209;66080;45707;31624;61385;21209;55752;31779;17997;63192;52844;11623;26744;65367;16113;65909;22077;31504;15586;28083;25193;13861;49504;44611;19068;55177;57620;47323;48693;50610;21165;24547;11878;54991;24198;30935;66896;30652;24435;57022;38475;48760;25382;38637;33311;33329;34689;36138;60742;45188;33451;13733;33676;10871;32501;30185;56071;11368;13168;54841;64316;66350;32101;26203;33629;56604;27458;24741;57403;40758;27539;62190;34265;63038;53331;39683;28650;57214;49368;61739;13653;46012;43171;34448;20293;47599;29206;31998;53296;33918;55764;56687;28174;19739;65278;54457;34470;18608;37242;63764;54946;32791;50620;62140;25900;39408;16850;29675;45596;11062;34418;38595;46642;41444;42624;66182;55070;21622;21879;32812;52628;44570;43067;12445;12862;30367;42995;21926;10925;60771;47543;14245;62049;16150;42686;49690;12698;23759;66114;24907;21969;60441;54275;16992;61342;14418;21876;66280;40263;32243;44784;27032;54659;62159;60414;30269;24985;45932;59393;54929;14743;28477;19415;25967;58311;54359;60394;21737;63792;37935;50802;39369;22183;20937;10260;43743;44824;58947;54232;31697;59586;23195;49540;64897;50783;12312;44672;18875;27584;24059;39694;62489;43803;14523;26371;20526;60114;50379;20446;64251;36390;40268;25014;26001;47238;56278;41160;25496;36337;31395;51727;64736;63895;27121;40612;23386;50572;21410;48828;17032;45991;65215;45763;63669;46408;53625;47871;51620;56365;21113;31788;26357;41854;52769;17210;31225;52676;24971;30286;49162;34949;51086;25464;30981;27670;54379;24834;26170;23831;49534;24660;57854;29960;17588;52717;10363;13781;55882;31969;34888;25253;29175;35693;10582;61550;52966;43755;31146;55281;40422;47542;40154;15984;37637;52477;12083;36441;46003;25501;15277;57132;31882;21144;44076;17772;10853;57898;61197;33105;38058;46248;12365;39745;47541;38782;47517;29373;56527;62015;52463;62829;32477;38983;13509;48892;24977;23180;54683;40934;56767;16636;56357;24298;22657;45766;46006;40585;55996;20996;48587;54035;49268;47003;19679;55770;46493;15299;48636;15124;22661;12809;49081;36791;34258;53562;52457;37836;58856;63139;39240;17442;32594;15943;32125;50557;53268;30459;19760;42142;39192;46113;13596;48832;61187;21093;44028;37624;19389;62346;57538;15007;45374;14486;50918;10963;48902;12720;18072;42216;56712;52751;54715;60207;61650;11554;62206;16153;14488;23978;63555;35189;29959;22961;63331;20803;23619;12825;42851;30705;46475;28381;12623;44780;17465;16036;40958;14196;60957;60841;19753;24591;22709;50927;37606;63480;52101;32219;56057;25682;22983;46937;43317;32109;58766;65850;47239;42940;53389;24204;65722;31379;19421;32562;17088;57853;42629;31264;64309;13174;49878;17536;29250;40136;66444;59582;52583;15288;55538;26944;38315;60447;23091;63955;57118;51396;66561;12965;32821;24678;16075;36236;37909;38661;12970;30837;32138;33198;57406;65257;53168;55739;23722;21376;65148;23532;66110;23564;31336;40359;62671;22072;54248;50362;26076;54300;25731;51428;64602;22070;19555;60404;55638;22693;34765;49286;25364;43840;26743;61176;33650;15048;18546;10359;12643;34870;20756;36169;42437;39128;29682;35133;61006;54684;54722;38859;46817;60660;34285;37252;51854;28491;55314;20280;55146;47414;37496;22088;43043;10974;45927;64217;33898;38306;49573;38590;65934;62359;59921;15330;44026;47287;22764;18815;18633;49642;64679;19782;55724;10439;38723;55556;12115;26219;25830;42540;61677;15523;25236;49047;48449;15290;29060;64320;36388;51880;65921;10191;53126;18863;18525;63026;59387;30246;18998;49999;44103;45455;37363;28639;45994;56293;48277;47494;66458;63244;28514;21956;53963;35213;44986;59732;19072;51631;45073;57529;62055;50400;62697;38694;15590;50141;66189;28926;32132;32024;14606;13044;64235;39669;25742;64228;34522;24801;63588;37778;15352;20003;41157;44455;56038;36841;60257;21790;58211;39140;41892;10398;30498;35592;66217;37962;12284;10091;46920;64559;24837;23247;56255;49793;39942;12588;13126;47859;59495;31031;20188;32425;28304;41270;16457;65592;50186;39141;43929;66868;64365;40191;26015;16086;41445;31908;37517;50781;62177;48939;29914;64925;27856;31819;42316;29867;16970;53374;28240;47365;13190;52318;62886;65872;28179;54772;33068;43827;11134;44316;29512;27236;63453;48577;66301;62225;22238;17339;55299;57219;28700;61216;14494;21933;64744;10857;65879;20187;35166;53797;29255;22548;17601;62375;21752;65170;53080;25390;50117;32378;15247;27883;18826;39072;21434;64147;40349;16541;56492;20045;36495;27846;30130;47606;50108;31337;40225;54361;64842;10280;46879;62817;32476;47107;56283;52768;13384;58164;40505;35950;58970;15558;65285;43495;27559;15061;13428;11586;43338;44044;63324;18539;18411;66147;31742;50421;11784;42871;61319;18254;64452;31976;48517;32156;27521;24848;52840;66973;43725;29486;38568;23643;20811;58306;46888;40683;27683;19737;63740;22905;12314;53634;19885;53258;46221;29589;51632;65754;10896;11920;57613;52825;52836;14588;54726;46299;36799;25361;23833;16243;56179;54996;45385;37074;24433;60420;54672;52044;45321;38509;31677;51655;19056;59756;17315;54284;24230;30470;63341;36357;64987;51860;29644;51237;26295;13327;58107;32063;21656;51246;15993;27338;30997;19969;27269;25586;56292;40802;21127;62635;11890;28800;62701;29178;60697;45021;38062;46279;35867;15533;65980;48696;36308;18342;58278;40322;25494;20670;64113;13086;49214;28673;31958;23758;52597;11887;64582;51673;55644;47762;15064;19900;28698;66256;61074;43206;47495;63147;31465;32510;29350;19116;26533;21610;58013;17003;39883;21569;33333;21965;52495;51580;28748;48539;10951;61818;66019;25455;57477;60107;23573;13722;39834;24101;62252;26429;32148;60830;65898;36783;57067;26586;54397;35380;54597;43201;32284;53112;41483;40008;43296;47664;43531;61435;35037;10727;12941;52403;29550;17034;50346;15159;28211;30889;42314;45554;53159;48396;24338;65091;10530;40216;33321;41036;12765;24625;56589;36392;54381;58562;44075;26008;53649;23549;60692;57983;52814;12788;42642;33874;42911;27901;31461;34903;56917;23129;64518;14479;45570;49628;37824;24175;59013;33071;64971;26608;47250;22848;33574;66446;19382;31664;55771;55361;10395;40678;61703;30383;15808;11508;29538;28153;59417;40248;51032;53367;10979;52864;34905;42822;16780;35518;39423;35725;38149;21575;66926;30336;53143;13885;31746;46033;11340;29872;14491;21651;19338;29893;15355;39861;61566;65004;34629;62500;41794;46429;10721;19113;41805;30667;43887;24953;30915;27561;32074;27490;63704;17585;46206;60774;25323;46907;49320;16690;32359;42842;33055;42738;22532;64259;15660;48853;50315;46932;14463;23724;10716;16440;32737;56480;14001;18275;20920;25380;35791;58630;23357;42846;27340;23797;39852;57943;59171;31990;16929;55928;57066;53641;57895;32123;26052;27845;21518;19908;60656;47207;30504;32837;28022;29296;47400;38987;64697;13531;42921;12057;50391;43003;37829;44422;66396;40821;24831;31340;45341;40695;44299;51786;27495;20603;40155;56027;24127;20379;23606;61092;66388;54970;46939;53425;13314;13842;53154;21354;23367;46892;47291;31526;62166;43412;65728;61051;45474;51403;44876;33264;17616;46271;35761;60000;20753;58421;48716;52514;27768;60155;29049;14966;45651;20441;24657;64652;33006;65666;26692;12705;39179;58950;20549;39961;36566;35232;51821;54740;32176;14103;28345;21763;59672;20199;66750;59693;21216;25821;25743;53274;62078;52023;39645;52285;51332;52912;45963;50193;51433;21620;60333;19271;66033;20039;34364;29699;33746;12689;58267;66549;43372;39762;13422;23772;27355;45853;35514;52319;49230;66028;49619;34156;33316;48201;54272;51486;31406;59489;59133;48810;50403;25372;49805;48656;32544;26747;30835;62281;51966;56183;31440;64400;22789;61395;49647;66008;11840;19347;22290;35977;55740;66648;59410;32746;11507;19358;39564;25281;20927;49743;14616;54048;54563;17730;59615;48776;21130;35777;12554;60907;26776;28767;21782;10584;33755;66802;53506;25570;32548;13334;40967;38347;50007;28774;34241;35279;26051;22889;29139;50748;50930;40300;34906;31098;58479;23757;48711;47760;56576;36289;31745;17345;37158;47321;48802;50589;13252;61039;13703;48475;30433;55313;63086;59228;55872;66786;25010;44382;27656;16874;48422;55344;50105;42191;61094;66283;46284;48579;57091;19773;58769;53116;31603;36948;48694;40336;53309;52590;54146;17803;36091;24315;17809;59473;64673;26082;44905;19669;63933;61152;53672;25139;17600;41256;29829;53610;60556;36824;51587;61079;27283;55903;34639;63226;48769;27941;35665;44116;42249;34262;58617;36613;43547;13649;49697;53487;14538;35597;16103;12731;58130;47156;29217;63782;45940;54709;46496;32254;36674;62930;30761;46543;28680;42290;41305;18880;39681;56597;14266;46470;55179;36217;55588;29505;29864;15601;27933;62106;56453;24658;61848;59610;15101;62000;12330;56804;65777;23082;20824;28284;39818;44542;33167;40768;38559;19221;49674;40409;54252;35553;25197;36547;61226;32674;49211;45992;11155;40825;63640;48817;33540;23254;11539;63605;53017;23259;18281;42281;26055;15904;32645;11480;60868;49572;57563;29813;40023;14628;42038;30506;20736;14601;35654;28711;51551;27076;47653;44250;52137;41916;20541;43566;15958;54088;29144;61054;41961;65288;26433;31001;27104;41691;11366;59291;64661;12549;39335;10362;27107;12594;40052;27566;28645;46601;28889;49174;57536;29251;61707;65153;51495;53580;20624;34648;40901;53560;39856;65714;13193;46536;59297;25047;42743;37454;48347;33996;19659;44659;35217;47842;44740;45952;42416;52830;62165;48414;60234;45624;63378;38885;43132;63281;61256;53642;30611;28097;62631;57499;64334;64131;49134;35060;44517;44812;63809;56088;65149;62026;59125;19070;50002;21539;58341;23151;48448;13226;58476;41912;58717;53232;61431;25854;58153;43214;64190;17314;35635;27943;13364;10882;26918;26549;33756;12082;53317;50713;21954;51944;32175;59995;63987;63539;27272;42007;27313;15228;18948;39967;57556;25910;49703;11899;36832;13518;62042;54218;50968;14741;20297;38837;63747;47032;51380;56467;52140;59120;64586;44265;29822;48836;31928;39168;22814;46963;38738;25723;36460;43842;27758;18635;15079;62182;62737;25871;20522;17734;48976;57223;23853;15069;55005;63672;22715;15328;44967;61843;26004;22349;64129;53952;51749;21873;22115;25087;28586;58454;58816;50326;25562;63107;30982;61200;15015;48285;44296;61970;58024;30670;13149;36061;10195;53289;10423;10596;29686;20205;18470;64099;12848;66473;57755;61346;51694;61440;65693;52820;47389;19025;18947;23613;24513;32995;27214;56124;59143;14967;50110;18023;61348;48993;34452;56499;31891;30348;49077;21118;33162;55369;53180;34775;50726;54942;26044;20463;59626;52127;41589;14316;28313;66736;30759;27012;60130;61076;25136;15310;58377;40269;33537;60453;39847;60041;63240;28540;38021;55390;42066;11002;24164;63911;17243;35153;61290;63983;40492;21723;28863;64855;60946;39431;29775;63675;13448;58214;60741;35859;65216;26065;42463;11844;44704;23105;26214;30407;57678;63961;58643;13911;54343;38215;63575;34215;21317;10215;42588;65935;40950;16287;28105;38348;57590;27073;35372;50528;24372;43513;42925;33550;49472;54820;52792;22704;18248;63006;29896;24966;17770;53436;10022;59591;58577;57246;46406;63118;10826;41332;26575;27760;61202;35767;14958;37965;20645;18233;57773;26374;62397;60953;59947;64471;14124;16050;54402;33197;59232;62848;42858;38224;66055;29099;27500;35354;53769;63438;56049;17437;36302;45407;60821;31065;50549;47342;51411;34857;25190;28874;52091;61067;50780;33205;20765;42919;41522;38600;49302;37679;43752;40771;66344;64711;20985;14657;37027;52064;12936;36706;14942;22165;41731;14674;22947;29428;55880;57391;62554;53198;23451;41321;42714;41771;51413;24187;30164;22701;33518;43402;17401;36764;58763;51847;64069;55808;13967;57776;33341;15477;10961;16951;50115;31797;32567;50291;16119;13770;13316;28236;43340;66691;39076;40361;54451;22269;63737;13788;38413;36910;12041;20437;20882;14813;35889;52274;61100;18337;42694;60527;23420;41494;57839;27579;36808;38583;19151;21094;15617;16215;50084;60653;30448;34009;54628;11044;34728;28510;36280;50422;58492;32342;62767;16487;36445;17155;57026;66163;18970;42162;16743;46850;61163;46306;33853;21428;58805;33435;38159;31265;60708;41591;56296;35932;66153;36731;53640;58694;42937;18728;43951;29853;15691;20858;19604;31954;52193;21270;32160;15223;52227;26983;18504;42724;43072;65208;52726;49995;59383;49396;48549;11230;59052;63695;17975;39509;42019;12339;63466;18788;64577;30984;19591;44411;66228;17516;36188;50178;28315;29412;36379;41661;32823;30673;21874;15255;40961;28522;19272;52100;36051;45532;15010;24314;19956;50634;11441;21106;15082;60344;49196;36312;10188;37211;18198;56878;29149;36000;62948;56254;28102;49339;18617;63776;42303;34526;46171;25096;30760;20449;48840;57797;58655;58163;58658;20656;66485;38282;14794;20082;21251;32841;15559;13869;48887;39161;15169;11484;29903;55833;29126;46636;18685;59349;40817;15509;28693;55688;42286;20390;64880;29290;17506;40208;30661;31462;27560;64794;38938;47005;62392;38197;53441;52811;52842;22542;21486;10107;64527;32032;35121;61602;46009;42901;55272;25631;62076;45600;25287;64032;35038;19734;57459;11936;26594;54579;26734;61922;37134;48608;24645;20370;35371;41988;65051;41802;26520;43864;49562;62053;18189;63382;27179;55429;63641;28865;24945;27469;64784;25527;22105;34569;64637;13742;24595;54614;43215;56391;57001;65739;27849;31481;36759;21661;61186;44453;35077;12342;55990;53990;51151;17204;58089;23393;11087;27331;39382;49586;23921;17647;16786;54375;24494;55652;32564;53974;46665;15192;59708;50929;47151;17387;16686;25000;24943;59754;17245;54800;13661;30378;52647;21102;35004;59159;29827;64478;60561;66875;54657;21033;11822;46024;23328;22610;50204;25257;15768;46107;22639;21700;20566;62868;42062;58685;30891;15134;52458;24058;49108;43764;55661;30833;17976;57540;38459;59508;36202;24156;26786;57639;51622;54669;56562;58792;37391;52703;41251;33621;35155;39333;35600;37141;23483;22498;28545;39715;47379;54897;34306;16172;60232;33013;10640;10163;58852;58826;33281;24432;26301;46487;39682;34542;41899;54908;12293;12958;48778;10055;50044;32209;15596;24389;50718;30229;37236;29064;29023;26389;24466;20362;54731;62184;44827;51652;47788;24675;11450;33208;31644;14822;14839;65873;65648;35397;66543;14745;46620;46365;44287;63496;58382;43125;49029;14003;42896;34415;47574;48758;30559;43779;64068;59688;20346;32143;13811;16167;55323;19783;38731;59637;20054;46500;58318;48317;28361;52714;11124;59898;66445;38000;13105;55547;24777;29610;53213;53214;17796;28373;14668;11716;28232;51628;27297;62582;42200;41903;22568;31725;56987;34401;12469;43095;27311;43917;15799;63515;62012;37683;63278;22688;66715;48872;21356;65859;21129;64872;18760;56858;55925;12308;48583;47285;44575;27092;60662;13239;65560;40671;57609;28296;15851;47411;55953;64102;27737;19362;28200;66131;60986;39473;20102;28778;25616;39219;10679;40022;57780;64434;42104;46501;30603;15510;29565;45681;49333;41277;23136;39993;65469;38816;65937;13066;32763;56828;24189;47139;54856;36158;44855;35015;28910;63215;17632;30080;63021;40816;34662;33465;26425;59076;21101;12080;41340;42638;29658;29181;35564;28203;14804;28440;13577;65784;28536;26202;11708;55193;29458;65661;31182;43482;24318;32676;57011;33254;46010;42664;52451;38293;49283;56347;12032;15374;21456;30589;24662;18182;24376;41797;66523;51136;38836;50483;11278;47048;27664;34897;14426;10246;37631;38997;17368;17703;15392;63464;16871;24590;26143;15879;42369;63336;65795;62384;16289;65040;23030;12545;50655;45244;66617;48378;48288;18397;28041;50201;57676;50385;60501;36666;18574;25597;13641;59838;42862;55765;18800;12373;22454;24440;60997;27983;18627;55865;25935;56967;51116;12020;26474;66404;57806;43936;10287;13111;41336;20117;38195;43997;33471;51810;61016;62933;21867;19035;29132;19471;65646;37754;64274;23332;60298;29398;47405;54190;24112;60970;41564;26966;38415;48556;19518;54815;58650;43243;63445;12815;11846;47904;65518;22148;64548;49486;40032;46183;47024;12430;32469;48654;27825;28904;27924;60358;51483;31752;57852;66633;23371;54670;64892;16311;22706;18030;24128;14305;43514;63967;10027;48658;32749;23690;47353;13307;53424;26564;47661;39523;35625;55396;36153;65608;61448;51666;19765;46749;47448;56497;35254;35497;24148;22443;40071;21151;65826;32871;53110;41360;55709;27376;44091;24493;31814;25499;39164;63712;29028;36498;64266;48580;28453;18439;56571;25966;55413;23053;27954;32335;42915;52176;44186;63803;25209;19407;49199;15191;57889;60904;10717;13946;15762;25194;61419;17468;65057;11210;45751;37571;58604;40557;50789;22446;19834;47444;46340;18706;34082;15083;61241;28199;11862;50080;26507;40922;45125;12868;47020;61217;59650;40294;57510;42792;50312;31807;53062;58706;48911;34521;15946;61850;22698;59793;21348;48535;31744;13135;27347;10960;22776;35215;21383;28806;51228;32968;36917;33274;48992;47204;18883;23838;49510;51910;61520;50479;18952;51329;31137;19463;57683;19248;63973;45791;23471;49180;54192;65865;18212;32341;12053;63146;17029;63435;41032;62029;60876;41996;62590;15416;13910;14926;25055;26147;51753;63725;42308;42231;50271;40645;43812;32188;37043;26415;32927;53166;52807;59843;63441;58383;33060;39514;34540;61401;47540;38099;43365;39528;55621;39496;45943;62113;54759;23124;66728;37716;45161;53357;12860;15735;60349;49493;15323;54337;43774;56880;53944;49672;35353;55759;14532;43336;52341;40500;32630;33637;60931;62920;32693;20899;34560;54903;11527;41667;50935;38455;17349;54104;15989;51754;19520;65052;63414;21805;19079;63356;29957;49440;56673;46369;39099;47508;46542;42654;38972;34876;66441;49860;52616;16212;59016;41983;46063;28268;47623;10678;23927;13699;52097;26131;26479;66376;43617;64508;32507;25699;12833;63766;43768;64340;34692;12586;29749;59721;65759;60562;46901;58638;17649;10253;24309;32094;42545;43466;43065;51271;42503;59939;23337;14324;43420;47650;12585;32319;56334;46706;51890;35113;18985;40865;28736;47059;45531;29568;13433;19763;38377;31547;13420;64394;40468;57140;26634;22999;52675;13896;58057;63306;44339;16087;62394;52630;61540;59357;37509;31417;19177;33544;32044;61641;30516;19292;36736;59102;13797;30812;23760;25178;13155;10092;31994;23397;41997;32546;54565;34714;37494;15334;11251;24199;49850;49458;17139;27197;50014;21096;47121;10924;61720;56590;52702;35244;55449;37328;29655;12425;13138;57134;33694;50256;62516;46815;65125;33891;32315;51293;36258;32675;26892;53061;65032;10594;34301;30084;56645;53894;27631;59997;64388;28420;50686;25556;66857;14234;50848;11701;21527;23381;38771;51077;56305;15777;19890;36313;46740;49926;37724;17234;46923;34850;22630;64550;60372;58992;20966;35440;15335;35070;26222;65597;61598;24216;10701;23581;27975;24571;23127;32217;34930;58989;11604;11461;47051;56778;15238;32765;61613;28722;57169;31078;11782;19165;65241;15053;16910;23365;64287;45957;63714;26813;19556;24896;24259;55477;22439;49131;30675;34858;32974;25551;16704;11273;40733;55249;58539;65515;41800;12824;64822;40179;32797;15825;13467;17191;52882;53281;17615;31982;62537;17623;46538;22852;38121;48547;22873;11257;58828;26478;54545;13397;17419;44034;34378;35370;11011;62452;45349;54981;60300;29995;35009;45931;19076;52510;57735;34103;64604;66649;41107;18260;32719;43960;10602;36968;53076;53427;23864;35382;39559;54348;46508;27010;29951;13588;47007;20553;52146;16657;47610;49509;18208;19181;14199;59769;60286;19898;63642;49692;56454;29912;44172;66245;37340;10283;20910;16664;32408;17836;17123;22331;57562;24579;10547;50119;48553;31723;13290;34674;10365;12037;33407;26622;12353;66730;34682;21886;43919;59153;24640;13431;21254;53651;23110;44637;11098;19178;17510;58647;50174;61568;35742;20976;57822;47408;28881;33300;54765;31284;56062;40424;42602;55528;56852;57748;51141;55311;20141;42155;48492;51959;66958;34563;14132;31766;34854;60611;40710;54486;29672;56763;17227;19300;30733;60792;31698;34506;30993;37764;20538;22778;45033;31150;43205;57783;25671;18704;31846;14935;51920;61397;29026;28911;38164;34736;13224;52932;31640;48653;64724;64670;17285;51131;41936;20570;32908;30089;22469;15071;43058;31424;38405;42381;38414;43979;46681;21746;41070;26413;45728;22417;33859;23943;44798;65439;48722;13424;47833;33594;41301;57283;13137;49651;20763;19121;13461;65086;47698;60442;65572;10620;44565;64244;25921;48754;62814;53051;32887;52577;18301;47200;12127;47234;35674;58510;59024;57645;50582;23122;46872;14681;43700;39251;61808;45170;40822;15732;42893;23566;46290;48374;21631;44903;18556;27156;61643;29257;18799;54441;50412;60101;45998;65041;64708;48572;37325;62756;25769;14237;59758;52530;13602;57479;53052;41829;35434;66581;32605;32263;55418;32655;60438;59441;62604;60359;49426;55354;57209;57584;15613;14764;41876;44270;55844;49898;21057;66169;35281;60370;53139;53615;20856;45236;48320;65876;49388;45400;31388;16864;34530;33037;36374;49866;36226;15651;65320;51889;65493;40159;63673;21405;10712;20591;36555;66241;36986;44402;12485;53329;53266;60045;29592;27601;54901;36292;25938;37956;10828;26171;52527;18547;34407;62530;27931;56121;22908;24195;40433;26013;35073;32333;41544;66243;33398;35914;20108;63475;55838;49543;41227;33434;42445;66735;16685;29819;56069;60951;41149;26883;59432;64654;64240;56814;62509;41675;17733;19449;20576;60791;17776;56931;12675;11720;65875;54406;62565;20647;44484;24102;56517;28028;49037;24878;64226;37644;42551;27720;21341;49502;33373;62761;35918;42899;33914;45771;16550;64506;58861;18195;61017;32382;11156;50205;49309;45804;10068;49608;59215;50896;63657;13215;47706;28571;39838;11752;29393;13893;28016;13037;29160;38511;23272;45242;43636;12061;30853;66664;13603;51427;56416;27460;18740;39223;28496;63965;11922;56976;48777;66240;45262;12778;11591;25429;35143;18801;19080;12226;33390;25911;64335;66393;29880;51183;15467;40327;12382;27299;59211;24770;33944;13686;28195;51626;41387;21617;54707;56270;13173;11924;56171;46810;48312;19156;41801;15420;49676;62618;63469;25693;63395;60157;59475;31082;20607;39269;55343;34343;27023;26638;10563;62999;21467;11628;66767;35557;48322;23576;10133;11466;51179;61349;14477;14209;34655;25614;11640;50365;58595;65737;25763;59124;32614;66636;38612;22979;29233;11159;66209;25466;11682;18380;21711;30551;55915;10104;56189;25074;59720;58879;42631;41131;42355;32240;40994;25545;40712;14380;13931;47057;65840;42195;36256;43853;20725;17683;64076;29370;60433;19126;49920;39911;32508;36949;53432;34188;41021;30696;59959;43480;25856;11763;36716;20709;24959;18046;53127;21519;17559;51114;44711;60783;19814;25912;40116;34772;46858;58622;27824;24937;58178;65354;66909;48707;56966;39160;25016;57060;30832;16423;17663;18790;53731;51269;53922;43796;35055;36410;34720;37260;11865;17267;39403;20550;63176;25493;25041;29807;46304;43550;40040;35363;50563;60686;63688;26606;40793;48545;15209;20769;39608;52072;56806;32348;34475;34567;39879;55184;52656;41335;52497;20701;20839;45172;60834;37910;31993;46663;23025;22745;63059;56557;25555;53582;30945;24355;17978;64928;60169;10424;28340;18186;10626;31918;44440;25275;10372;55250;17429;53302;63664;33305;10076;12894;32052;30855;41446;56846;24763;27320;43010;40451;55335;10535;43448;14175;39835;26864;41438;65364;28227;42913;19277;23138;49330;25351;52169;16577;42242;65575;18838;17190;16280;32989;59497;61837;21260;38198;34641;42974;52213;58063;26293;65601;58002;50509;39487;47711;47137;49155;40639;53785;21705;52099;48808;54449;62328;22676;42478;27997;33975;59499;33356;63465;63089;44657;14782;23164;16626;34923;29121;29278;40517;11854;13023;44578;29692;34716;28672;21147;38255;42763;58979;19483;21948;18422;64075;40405;60304;49780;34583;48459;11075;47683;50521;36269;38646;20155;15792;65710;21358;33444;57071;20420;29651;31893;49060;66842;14405;57157;35901;49269;59844;66401;65150;17230;62976;15901;12204;34767;27911;18221;54646;66841;35491;25725;60274;45695;25237;53535;59760;37507;59817;38949;47324;58452;54627;18537;28790;60803;29836;39519;64775;53763;21648;14837;46034;45553;33687;48452;45858;40625;57466;42772;61025;17385;28765;50839;29723;30548;44579;43785;10124;46921;32604;28661;40699;26481;51933;22136;12717;57568;52379;25915;53960;39346;55748;63829;25898;16990;22186;33826;33909;19795;40523;59186;45334;19150;18776;42530;38424;29972;59174;65972;32838;16320;55745;64973;42960;30323;34908;62036;12766;59694;33065;21069;26019;13056;57673;49218;60246;47226;13294;64512;12850;58812;37049;15051;48241;12641;57079;60384;62666;45287;63407;37973;48533;44869;60644;58125;47551;56146;62087;50729;58993;18161;35766;53450;62426;39794;28805;58075;17035;56620;27667;37013;23523;55115;38582;44152;16949;16429;10812;60475;29309;40617;28147;24975;51041;43759;21644;63684;39205;61759;15333;58083;40954;51954;63128;22975;13538;34705;58471;25764;29277;55304;55245;33606;36777;55856;62107;23302;63256;52828;57867;38656;58770;58887;29260;15754;61963;53458;62892;49806;43631;19752;48629;32166;26719;64858;35560;64460;27679;56825;53041;49684;24138;42378;24663;18840;11191;21184;28546;41300;13802;39394;29753;48744;21086;16586;27219;20577;11072;11668;53633;12900;48213;15070;27183;38566;38087;40057;48621;52448;23101;38687;63618;54594;35871;42873;20303;18010;17546;11221;19840;44046;45466;34865;21857;40264;40083;52068;54893;56849;58091;65457;52359;30776;59596;64289;27547;42594;29098;32884;28321;24063;32781;56747;63400;57991;17783;41630;35048;20963;63049;28126;54974;25301;27900;45186;61788;63817;40738;20837;46539;51719;31643;19634;62025;32223;43081;39876;47865;58060;57415;52870;10134;24119;26375;31556;18074;60106;46648;22158;16917;19551;10378;19134;44585;59181;26487;40085;53620;26282;31512;62636;36570;58008;29894;17357;44785;21788;14432;20922;30055;30556;58968;15679;50512;11078;50347;33890;66167;40634;44552;35450;54631;20276;30483;55076;34199;25399;57888;16080;53711;49491;29774;18292;48962;36469;17590;59812;64537;29282;34578;52302;42574;45597;49387;28975;36431;25994;28632;18811;55526;32252;45671;65539;53806;60513;22278;39941;27155;40985;63355;38352;34184;41588;61059;19831;45194;66426;22131;52795;59426;18915;35697;24414;23117;65867;39026;44929;50101;15640;57815;58869;12609;21299;24332;12375;29068;22025;31174;49764;15982;14012;45441;34429;46510;26588;25039;20398;61624;34761;62957;24450;42347;30828;13485;10318;20782;35463;59088;54793;16261;10128;18278;64041;49139;47080;22858;11463;62031;41489;25703;38381;33951;13512;59097;13284;14375;19708;40455;64569;41402;15259;13395;26488;47756;16868;33104;50906;33808;57571;14466;13381;23922;55066;31805;53747;64203;42352;18792;14972;21398;63784;19000;45623;46230;59084;22270;62561;63028;63314;60375;39720;55498;44349;39653;42404;44010;29466;11790;20942;37100;27775;37186;14559;34380;24993;61478;19169;14704;25070;37405;38605;53592;11282;59525;24190;58152;21778;50657;62820;38622;17644;20588;34307;58435;49039;49439;13668;23662;23713;58349;52942;36183;27852;65058;59503;49267;59790;50716;15471;63956;48380;39426;42510;56417;17110;25949;32892;53393;41685;27645;25839;65862;20459;11089;21896;51785;27022;17726;59692;33893;35580;38476;27253;52472;30033;56470;40883;34817;21137;58486;55927;50286;66038;49203;26602;20022;45007;20759;46977;34323;18425;62284;34436;58609;13113;18472;10589;55817;33088;27172;44529;11853;63527;40927;13713;43436;12905;62556;62551;14276;64719;22048;55339;37774;34792;16298;28351;55514;17257;18904;22303;13935;35745;36563;61838;44960;54571;22821;17226;28040;60482;23568;30958;23641;53545;59847;43198;21224;28183;52082;17361;63105;61023;64501;19977;27907;22036;64816;11690;45132;44510;34977;46619;22249;11643;46185;64984;26445;40565;15469;50285;21528;16943;24902;14504;58504;16255;40140;30971;58724;27602;51659;27715;28557;54681;66846;18347;39562;53103;23968;60915;25465;36262;50111;19991;11311;36200;51555;34807;15462;12616;43708;43363;63046;35993;39837;58586;11188;60131;48743;15887;62320;27280;45280;14688;14345;16346;40522;39797;66364;20711;27382;38425;39744;55979;10746;37390;64715;14226;13534;59139;11271;33987;19768;38880;18927;20433;62444;32356;61631;31691;16888;12537;52337;30706;64403;35453;55508;65353;27013;58423;63191;14055;10160;49186;54779;50542;35286;55188;44399;49420;19184;45224;25154;26794;37860;24218;34203;62651;41404;42486;54666;15044;10671;61625;29317;63136;15599;25245;12396;22614;42029;59767;46434;59416;55920;27536;44815;53136;46685;24443;24100;35468;25027;34747;16543;33956;30075;20780;62459;58412;45759;64143;22562;33191;55595;47252;11820;23363;25106;35608;32056;12548;38474;57733;66015;61634;28056;56275;54755;62224;22797;51006;11929;31841;29436;61840;32355;35345;11595;42255;41725;14125;46076;55627;36525;29157;12040;41531;45037;35511;17291;45574;52926;59658;24951;40972;30282;54710;61262;39436;14201;32346;64761;46232;41532;64749;50565;64169;19034;31604;22029;23061;57150;63801;24621;25829;49626;28138;25333;21791;41146;19359;60796;44752;66645;21692;12956;54747;64589;32773;45289;24986;54108;12638;39679;12772;10145;65096;54380;31767;22356;62438;61544;38751;44177;32190;65866;27215;27722;48958;47140;33847;37921;14735;37351;14655;41908;22662;61048;24248;34054;30880;23779;50810;62660;34220;31905;55067;60962;25028;53480;56827;16118;21646;47797;60926;39975;43366;53609;39190;17667;66086;36414;29696;21238;13367;18535;11709;33768;31560;12924;39892;51745;51709;22506;28155;55658;65791;63045;52324;12245;24004;31574;25690;45424;25561;37647;10012;31282;43624;38340;44985;46867;25753;14311;42396;14465;46933;18027;25644;22636;10430;17540;56611;17507;42258;34194;48382;37898;41299;41575;60241;51055;11829;45375;62168;38908;40163;62112;58985;66261;31580;29254;66296;24651;38332;14356;22665;39078;53122;40648;61259;45830;46425;13972;14087;53343;32446;63460;20581;16325;22486;15327;39970;39896;20798;17832;20046;63597;18835;12856;45732;50858;25770;30591;52188;46347;17118;51212;55441;33611;41721;26062;59168;54090;10894;10130;44426;16571;32832;12313;38386;22683;46698;62189;51704;55011;10886;28003;23677;56490;34398;33044;31948;10601;23527;62687;61858;47427;34970;13734;61420;33255;60853;43921;30672;46019;43655;64564;24711;34544;23236;49931;58987;57531;25318;28488;58610;15525;64517;56077;56182;10248;54509;48321;39588;51692;54801;45366;41940;17450;56231;51675;33588;29673;40006;52779;51400;35808;66370;33099;15283;21984;30914;59091;18558;26511;37365;21507;32023;63030;51515;40329;13914;62340;13580;44809;59184;29648;25668;31655;41054;56730;37150;59142;56736;11256;33644;54864;60621;47257;36603;15398;48477;50059;50644;16662;40882;15791;37082;42869;61414;19501;61470;40652;51213;52062;30702;38857;28940;62991;21134;24481;37623;11244;41072;23115;11992;43388;31642;27823;37421;46178;12419;44375;34329;18351;46130;35469;59545;15995;36367;55900;64442;39467;36461;61884;33388;16362;53077;43731;15395;49966;15367;35663;13594;18432;56128;41862;44237;61314;48486;64358;36573;14964;41636;33977;18267;44786;21785;19058;47173;57739;29471;16204;32728;39361;65167;35374;42777;65141;27527;65016;10684;12800;46956;47748;21943;15914;11813;16606;44241;22140;61836;35525;35992;20097;34106;57811;21092;47607;15425;11153;55814;28676;14051;10581;42241;20477;42711;58175;56244;21775;49752;59419;48751;15413;29378;18135;38996;62313;58269;26360;10702;11688;44219;20936;43656;54491;60111;56157;54293;15538;19405;38238;19897;47001;20247;21423;60154;36161;55521;14468;51690;21286;57509;30553;56245;39227;43293;26005;59598;43070;47046;17421;11873;32877;49691;44971;55983;59968;15094;29051;21660;63709;12112;30325;56989;47259;50559;51584;20389;66529;61437;12668;40728;53327;41441;31010;54484;44791;58613;25937;14824;61902;40278;37019;32251;55220;26475;19970;18029;46596;47113;47419;59623;28666;39371;65450;21351;34510;38652;23717;41902;46898;51060;29342;38895;50630;33052;42135;13582;63903;24268;15461;46395;50289;42193;40833;55316;44192;57905;48215;66030;55255;48936;28754;12437;62451;22189;35495;55993;52611;37953;15245;41275;59098;27761;14875;24269;42534;61545;56330;51908;66468;41359;61771;28688;62079;47162;32417;60262;24865;56053;31409;57313;51187;35565;53045;66168;54234;53311;56794;56277;38619;37384;50514;47422;50612;31369;45828;56276;54328;66416;37116;18864;36443;18391;13292;48966;46439;19175;57761;23663;49723;23947;47320;43470;54256;51644;59067;21599;16666;40153;64339;55592;63251;33911;18485;65165;65805;15489;29165;39985;31090;12612;26529;41894;28675;45798;22079;34842;65623;57045;46711;27724;55307;53721;54616;31374;35234;45978;28643;65955;62867;61485;50163;38783;54727;23552;23423;55009;31956;66180;58872;17828;61114;53117;57408;64315;60669;40787;47654;44699;14899;58229;41482;65653;26254;16627;40962;14948;38420;10677;53540;41826;27896;11280;42573;34295;23197;15834;34303;49401;49007;49682;44039;58118;56942;31125;34847;62749;19638;43704;24803;64160;21843;25417;57997;26922;45824;22948;47589;61309;51715;47134;13530;55410;23832;54507;27557;16088;13709;53314;10893;30313;47150;20329;47585;41764;60401;52956;38384;50030;57508;17539;41465;61920;34607;11748;60838;16257;29690;36586;43445;52238;20978;43035;66595;44619;29564;62894;20194;37157;62589;38963;41975;58339;11994;19223;35315;43297;16165;13793;40536;14004;50026;20988;23084;41425;42276;42926;33844;31309;35078;35007;20608;14632;19187;59774;16601;28850;15089;55347;19529;35102;63227;46748;46527;62310;42825;57738;26329;62302;22400;29019;14692;34356;58213;44770;35051;17433;23551;11923;31441;66484;46146;36136;61506;12669;26912;14361;51685;18032;46118;12412;14290;66855;13655;16049;37350;30519;46833;27932;11434;41984;60198;27000;43256;55540;34503;50472;21592;16841;33134;46182;16977;21756;30976;51392;16321;52105;19368;64837;24145;49649;26574;34599;65924;48987;66788;17262;29400;46394;38678;37725;64921;52998;44581;29845;44067;36409;17304;18489;46613;11076;11285;15371;25719;14886;14753;34805;27692;35857;46603;35729;50819;58097;41212;38088;31667;28605;52644;59738;18615;12285;19374;49978;21499;28579;65256;40095;65833;19383;34457;61284;51872;11178;20058;55668;12056;51734;66469;18774;15415;59860;51722;56715;11374;43832;48293;60316;66773;33379;43938;15992;63567;10449;53661;27503;63322;60528;49558;22108;15681;28428;65432;36602;17500;55533;32270;53073;40858;49963;60103;47306;37629;52502;33894;32565;16755;46871;57587;13507;33415;38240;46732;27740;16142;56291;38905;18859;53364;50633;28189;53010;23896;56770;30000;65832;14113;42181;10034;37218;53532;44368;12606;37862;37866;32540;50888;59712;58657;44345;18126;28270;65949;26130;41204;51090;19576;37876;15173;39960;22360;41626;54149;58481;39857;26369;36914;49722;42313;53867;18960;53018;45989;52810;61612;46239;39149;53467;63754;22658;49953;27519;40806;15737;57910;61915;46788;24441;27246;34827;50025;42961;45959;43364;38037;17483;22944;23636;29177;27681;46397;63511;63609;58475;20820;47692;33920;40558;29030;26509;14826;45325;24584;64757;52660;14298;19443;15532;64676;52312;36897;29077;57082;11704;22654;11600;10856;15503;24771;15813;25061;14255;66186;60831;41851;37761;66631;48912;48402;31066;28633;49627;28088;65443;18673;17217;45301;34866;56717;33538;39054;21064;23875;53222;48166;39677;39982;46621;51833;15300;49419;14859;45095;41085;32189;48162;12224;62114;47702;13141;61244;25758;47764;17538;44277;19044;24681;16059;34700;53962;42837;45575;58150;52701;15473;43270;11013;33110;40363;24088;32293;14803;35662;43308;28804;66127;18008;66499;55929;18352;37354;14633;57630;15682;49551;49064;16265;40201;59675;30957;24151;12546;57320;42933;22241;40229;45697;44861;15909;62410;49059;44173;14461;27617;22462;46918;38127;21074;16932;31621;40507;21473;11745;40324;26755;11850;31795;57385;49696;57886;59083;61080;61105;21004;18519;66107;64121;17369;21669;56651;43426;37165;27425;46743;17052;15345;31877;49295;11868;17551;55732;61955;19258;34803;61225;31187;66511;25824;52646;13157;49178;16361;16764;31421;46675;21010;17078;26311;39625;40948;17055;18219;46746;17624;48994;66604;62992;66229;58405;31864;13720;24210;24380;34642;15861;64631;51701;40666;27228;39702;40563;56200;25217;47022;30102;43275;19237;63151;37425;20157;43112;48200;64284;42687;24887;46744;15436;28788;52185;31709;61274;21585;17082;63487;49791;28146;17660;66026;56729;48877;35112;10314;10418;41517;57643;61028;19944;47116;39750;31099;52385;65176;62765;56663;22483;36141;27890;12685;35392;30044;41136;63337;66725;30581;60078;19215;59584;65675;33690;14317;25270;27629;20069;24382;41302;40015;20892;49550;64454;53278;25447;37618;29590;57974;11545;38248;35963;25084;11735;18501;52399;14088;41386;15037;45936;44121;23413;62466;57680;59613;20353;39063;31092;49887;62955;27634;40415;46962;35924;37826;25435;32004;25606;24205;39756;63261;18817;55686;41406;50133;37770;50071;29748;34015;13698;13864;46587;25031;31896;51883;45995;63759;15773;61477;59085;44389;58406;15996;61815;29299;37529;56510;19651;64049;17735;37323;14984;62698;19596;11298;62735;46580;44032;29441;61570;50262;32457;48624;13029;27537;39851;40401;22800;31855;38391;13784;53407;13691;43391;56918;20093;49351;23711;14384;49527;10735;35646;26979;37356;64513;62989;45219;37409;17801;45645;31448;12873;59149;19587;17708;54588;14761;56205;43845;54791;62812;57816;46405;17430;46466;16639;33495;29498;24395;13438;47205;25737;33907;23447;41767;15431;59684;35287;61405;38985;14832;32843;49171;14977;13276;14350;61407;18056;59488;18153;53014;16238;65337;41104;33648;60277;50065;30988;21907;33086;60191;44038;46990;29115;23892;10164;28210;11736;33811;46964;64182;32686;29607;59050;28143;55926;32664;33845;59221;47509;35726;66722;13895;20612;10452;40467;37161;26539;54028;18884;60950;48267;56886;18990;66442;21245;27384;45526;32969;27627;38618;38538;58401;26531;51736;42505;36119;42656;38016;13136;17476;17482;37215;56573;14719;29463;15468;55941;15763;47047;54758;57633;17199;30188;40072;48443;37751;11475;21967;21675;26064;32173;23497;58915;65342;29038;42855;25721;34382;32753;35300;60755;53901;37674;45202;33011;33857;30992;22767;42562;56676;31272;27858;30124;42839;17310;26737;16425;25370;53693;13612;31495;35230;40195;50316;45017;42174;29314;58663;40693;24397;33895;15218;41361;21710;47618;32277;30240;60898;56282;34230;35421;12787;23993;20419;24581;59543;11540;32711;49830;49327;10158;42382;57809;61229;17400;26355;38354;18544;40903;43660;23454;59189;39665;19815;16456;31459;50567;56338;56310;23141;50525;53849;13014;27440;27790;42273;19913;11635;45950;45955;16587;35666;51442;65212;44544;39916;56936;41262;57167;60197;37765;13540;15388;25797;33668;47164;26933;24604;53001;58701;54070;23871;35861;65868;51061;20168;53742;28784;57691;29083;42013;64557;34987;20178;53049;46015;41423;45381;36348;56689;50757;15761;63197;13455;21871;34822;62211;40027;37734;61896;23036;11672;18542;18878;47777;33414;38343;30052;27371;55749;38487;22727;54056;56836;62891;11732;59196;34768;13618;48313;60624;59600;21451;65446;14554;45071;17490;61113;65733;54517;34968;16585;65861;47310;30860;59823;30946;20014;60930;48502;37607;62201;50203;21839;37711;30358;26101;32260;34864;19517;51668;66201;63601;36866;42460;56927;27204;11817;52347;38322;66291;22617;29600;62387;20262;32250;12551;32246;25982;50731;42042;37841;13245;14078;44911;41265;32484;62427;41678;44117;16245;63287;57491;14659;54873;42412;23187;28990;63845;46099;18654;47586;35838;49069;28159;41701;50852;40940;25043;58920;52967;27986;53844;12428;10374;60240;45438;49222;26552;42973;41078;30526;11818;66011;18395;30264;16817;13315;44489;65335;34212;46688;10836;27005;54158;55150;56775;25917;13298;19968;52846;16045;49441;31087;61811;35326;64466;52752;64718;50558;55031;57548;33960;36493;46129;26277;42586;51261;51556;13241;26249;54140;35996;31701;59740;56817;28529;32666;22420;62480;20667;60531;20703;44015;27322;25981;14250;62290;16185;34741;29364;19994;12122;26199;22555;20472;66932;57193;55371;28519;56735;64234;29963;24206;25165;24842;38260;25659;62856;12618;60689;65476;27739;58785;45070;38722;47767;34048;57025;31408;48635;13826;47175;32819;14252;13321;25600;35280;33093;60050;42559;44914;12298;42745;54994;39102;21425;40718;48648;63037;60547;49949;60781;66254;27784;54187;50556;18894;13920;11655;62786;22931;21689;64245;58799;51529;65913;66005;65306;13281;54355;50309;52720;12919;13995;26787;35186;58230;30954;21221;43031;45876;45867;10921;26112;24704;66861;64080;33630;57800;66175;19561;25776;19274;10756;33793;29252;18488;35667;25093;37147;48897;34346;36432;44410;48429;58232;10317;52450;56486;57646;64938;56099;50282;63873;63276;65482;29663;42620;54664;51731;64332;37813;36939;18946;52910;15142;28803;27308;27505;62303;38958;40680;26538;37113;40477;25424;58996;25621;52070;42443;24856;52927;54674;51490;53325;33269;61021;33517;49750;23726;44108;56833;16179;63734;40347;53919;65315;62599;33592;11656;15351;65356;16939;52696;48264;62001;22590;20246;17474;29870;58600;16972;47366;27188;19136;35437;42105;44148;34365;30720;41137;66808;25191;13791;51508;42043;28481;46181;23291;31523;29231;11792;51292;50811;55349;29738;21481;12987;16344;11305;52601;43428;20271;17276;33523;51426;13616;11891;35092;37060;18286;59486;44231;27844;14530;19049;11777;28599;64353;51941;62271;21463;52539;39340;35884;50146;58534;18154;35544;54410;15481;54124;28691;21300;42049;23120;34616;11246;39206;43850;28899;64081;25509;22984;61497;35512;15359;53385;62715;26093;56596;60587;44593;64381;16472;29954;42484;46992;39589;30577;51241;40626;12681;10668;45920;39567;47194;17169;11717;10262;36580;31839;44961;21602;55461;37966;56821;37766;59220;43718;17979;65097;28291;64411;22936;35967;62311;23003;55750;65998;59980;66818;64916;46955;29761;41009;39842;18632;65606;42434;32754;63981;30157;46363;40640;51298;63631;66571;21796;24714;57333;47790;50804;54004;24599;12721;43121;40024;17208;31433;55671;14639;12456;66534;64132;20699;26923;29824;39073;19881;49552;29717;57930;57383;40267;16596;16108;35147;10151;58963;63202;41154;10193;34035;44834;54810;16833;24253;56149;31407;35088;10375;38543;12709;36987;22877;61106;26349;36087;36664;48943;53284;55986;14900;41641;44104;42517;48591;19673;51711;45392;58371;47341;28620;33306;65388;11147;55486;51583;11234;42958;59942;63901;29619;18123;16235;25214;39165;56090;58314;54470;33908;49840;48540;21553;56196;59753;63968;63248;62665;32019;66803;42606;35063;19508;62517;36916;55938;33007;32895;65463;19912;44279;49424;43526;53155;42688;64539;40173;18662;29440;64057;40628;20532;10820;35386;19603;22538;28524;56268;27413;41267;27745;55962;63851;29993;16583;35438;23611;35080;31442;55083;25054;56110;55985;11833;33638;30098;45410;44229;51062;28943;29695;19816;45093;19719;17176;25391;12322;29507;24529;64792;21548;17432;17517;59199;43015;53131;31201;61835;57501;40246;47579;43274;36726;24634;12592;37741;22275;19578;38607;22886;44138;65507;55569;17812;21535;16340;44999;45974;32017;35987;44303;32882;66343;37955;52474;25873;49172;45886;30514;64974;29750;60311;27780;39675;31274;63293;62781;60667;26941;55049;51504;43174;42489;18524;26990;55182;38887;14754;36416;31136;35295;21424;54492;30840;18743;34095;43615;57081;30144;48729;48393;35673;62072;24750;16446;40166;66531;49192;31749;39312;24267;45122;32902;63613;26283;61708;33315;35794;40099;10586;19084;12879;40769;45142;12817;30938;47429;14042;61356;14126;64488;32303;16014;55558;56841;27366;43384;36050;58050;45113;24972;40845;57975;39805;45534;21735;14621;41643;46008;48310;50684;41546;46862;32602;58782;48239;32097;26326;61289;50785;42603;66765;19040;42047;48214;45333;36800;23268;44664;36076;26822;35643;10006;29078;23416;16217;64348;41042;59438;29585;47271;10808;22897;30624;19521;16044;60483;43937;15809;40542;32411;35014;24173;14558;58005;51391;63170;62331;31217;50210;24815;11633;32922;10818;24042;19754;41312;29390;34333;13466;11295;34860;11060;32996;27040;59158;60679;59807;33994;60376;50642;24496;23131;44526;49795;12216;64671;39009;65723;41896;48262;44884;58195;33005;48974;23226;50992;42816;61964;34764;24353;54077;59657;38207;35886;32583;26775;18959;61336;21275;26292;34862;65179;48741;28310;59326;33725;53664;30816;30380;20212;65821;31872;17622;60218;17197;63580;49410;41437;56745;47014;35657;59421;66906;46064;15623;63572;40720;16276;30850;24743;52384;21135;45295;63417;37887;58463;62235;25083;24326;21241;21578;18900;44641;33040;61442;16335;62921;46786;11029;32584;46287;28847;59322;66679;18230;36354;31688;48856;49802;58508;10618;10899;34021;39171;65236;64101;44155;21768;46835;61543;49836;54133;56474;55794;18103;38943;25408;32724;48617;27417;31759;58560;11670;62010;45238;59195;39757;57270;22236;40450;52273;22265;23170;31992;22719;20169;33773;19640;28687;18937;48208;13217;55984;51194;35629;44927;31942;42708;62661;24863;52621;43187;30867;35758;21021;23440;49699;25684;10054;46121;32167;62267;30818;58313;52307;36994;60687;42433;58359;15043;49217;17464;43393;13156;27969;11597;54601;54676;40062;24933;65487;16052;38686;47256;17266;32878;66762;51669;46125;29366;54199;39488;23703;66224;16921;40398;41873;11881;38634;57700;23936;54084;43305;29578;30061;25373;44036;66682;25761;32466;47889;11080;14690;20336;38601;34902;13228;10116;20139;61533;36067;58646;57935;15440;15165;29263;28009;10592;10416;38283;52162;54685;34515;45027;45711;40020;55988;27651;16854;30619;22000;25242;35214;40644;51873;26129;23490;37763;65012;27377;35509;20460;36899;25176;31753;58837;23748;45358;26067;22066;23507;36743;17398;11363;28728;35490;50932;51415;52564;48983;57296;32796;18967;64277;55812;45196;62067;42651;43782;58014;22441;21808;11665;25625;64649;22985;32427;38419;14736;10861;21840;11401;12884;38080;30718;42731;38685;40441;58502;11566;26209;25119;26819;31663;62171;18824;65762;55226;36191;40383;63862;28436;19888;51327;32127;36025;33917;15452;63823;11876;28362;41644;13506;48798;38035;66121;21836;64405;32232;64117;40104;13942;26910;23916;32929;28607;41583;53147;53612;22478;47533;28513;37520;21531;22958;10061;14995;53451;57489;34102;45901;58297;32828;36165;25461;49882;58007;15542;57100;45340;40184;42934;18373;63390;46767;37240;65219;45701;63706;23737;66354;16151;32771;32084;54085;40880;51059;24756;25585;43606;12992;20571;56381;13147;26913;21673;36708;34036;13080;40650;55610;51066;26500;35427;37958;14908;33292;50397;65524;61769;36889;23066;42521;60944;44859;23773;21172;60787;30083;24515;46337;19145;12719;55551;63052;59914;26163;53530;42119;31275;59700;32227;62472;59150;65942;63010;45997;62336;17764;61117;47736;33437;29397;39547;10867;57936;25718;57238;61935;31808;25120;40995;55388;57956;52455;10991;48525;40740;39978;53462;10239;40473;39267;21521;33125;25444;44990;66497;41362;10519;61573;21272;39042;27552;31483;46661;52990;13631;23680;10038;41628;14563;25881;47311;23282;32493;53659;11834;61752;61541;29148;66941;45873;11995;59496;61377;57028;25799;58281;66628;25591;34011;37527;48343;27404;63890;13977;53688;11238;36104;12128;23719;35919;66540;22737;66098;37154;26627;21400;44713;33270;56776;50288;55772;66876;18291;26455;45610;28957;18665;36911;30922;43455;64728;58994;23437;50667;33632;28686;54842;39459;26995;62228;52722;43487;28740;15975;63626;37030;39088;52756;11706;52938;55119;32881;25866;44805;37630;13411;31967;58392;56234;11313;10046;12304;58364;34628;42359;44877;25512;40106;22939;57121;22334;50033;14708;20696;61665;20905;26290;62723;41248;34198;24931;36931;50711;32437;49256;58700;66342;58386;37227;43113;49656;21560;45117;25521;22773;47138;11050;54382;63472;11426;28239;41650;38154;13987;17748;50991;54553;32848;21532;23274;59331;56648;61269;59590;13159;13250;58385;22827;40271;22357;13731;51264;18602;60267;10279;50254;47804;65970;54396;22206;29185;11452;53048;22163;12077;14260;26917;18582;12729;17570;43554;39807;43590;29890;13125;12315;24105;31016;10540;53326;34370;65729;62725;21252;37039;60505;59053;60339;23094;36016;36533;40956;23794;55231;47565;17477;44730;51846;31021;21139;23600;39480;34986;58902;45566;20744;45887;23763;27062;55194;17008;16713;58369;61215;34939;65585;35360;28592;19330;31736;49880;58124;66489;18202;41620;38537;59802;22531;50045;45668;51230;29790;10267;31599;54858;14056;43717;65230;57282;17302;10975;11301;49428;39840;62008;27265;55204;24826;44665;11409;58287;24289;37265;34931;42413;52727;60885;52187;36492;42272;23185;35843;10472;37985;12917;45782;54555;39341;48411;14357;26407;38658;23982;38719;35236;20682;61621;15539;30119;23347;53137;59180;22094;14876;54022;54539;16518;10067;64359;27271;49749;30544;47583;19810;44330;48970;43055;32039;21386;52821;62073;58338;29270;61345;31298;29131;46687;54453;57321;54294;14289;65834;33121;60634;32213;30861;16493;16466;41168;25590;26876;36729;30741;32202;56958;23011;45714;63837;39220;57836;12113;41935;31315;61590;29848;24215;62959;41967;62180;12215;10799;19159;36785;30129;33972;19974;63789;44710;55239;54219;39530;60043;13264;21500;25944;63569;64230;44030;43859;25179;37261;42262;25653;55420;61168;37192;26799;60455;47519;60897;63699;13410;63497;29721;20957;63756;44763;65006;22305;63751;32430;23602;13062;65292;23050;49450;34125;54302;43409;13573;27141;57524;30708;55529;43895;38965;32714;44840;45815;13389;45377;57869;14973;27946;49645;36381;18307;56953;56580;15407;19844;61853;22317;23665;36682;30149;42823;17526;37697;10162;53219;13342;21645;46450;21687;20249;63893;56266;51249;12108;58044;38174;52837;40417;53484;29526;35362;53995;24500;49505;53710;30270;52858;21952;32311;57866;43306;58379;47814;43401;41991;62326;49571;33246;35347;59691;64052;39898;53275;44856;34059;39583;42452;51358;50639;11115;21662;59579;12996;49241;23712;35865;44196;13673;24600;29382;41879;29771;51590;20648;27445;58910;37945;56797;54024;63456;22386;60722;29433;23706;19505;36543;22180;39714;31270;32442;47044;48294;25162;14321;25660;16030;15140;59341;35559;65135;23686;13362;41741;25993;23212;27399;26245;22355;46482;40056;65416;37846;13950;66286;21285;34352;41220;22133;30060;60144;30683;50687;14043;25459;38450;62386;31285;26220;62160;37078;37254;55262;16001;65890;19133;64639;20360;37873;49046;64555;35109;20733;61153;36792;60427;52113;60674;27764;48390;28154;51130;55425;31127;29286;30779;42425;16699;34678;15683;54861;24487;42669;51703;65106;15632;62677;35974;39651;29401;45297;43192;54761;42619;34242;43254;24444;30178;34925;14562;48184;17081;45773;66325;11436;47663;38993;50223;27955;62409;66634;33212;30085;51747;39303;21919;16641;31014;11553;65346;14034;14771;66578;52666;50016;53539;46653;66708;30687;44359;42737;22297;49237;27037;55003;65783;26395;20567;27571;17237;34634;10649;47201;52952;64714;38683;59230;28187;26584;65704;52233;21267;38644;29728;42658;28251;59924;64636;38827;49867;25463;20061;41573;63082;33729;22138;48175;28256;62169;18795;19377;64463;32951;26970;59226;61945;59409;50967;59935;43382;51559;13647;45893;35700;19947;54655;63599;39170;28215;28265;23899;24846;64565;55553;59852;45084;49837;29036;38649;59899;62468;38824;39511;19929;56055;22702;38892;32304;28709;39813;24330;38796;52565;66192;11294;43738;28837;17509;54832;23177;41943;17592;32481;25064;33455;34305;59895;10900;56633;20196;64220;39872;37540;30479;64621;12026;16146;55097;53729;38614;34061;58825;11390;14019;37367;63409;12691;66231;11195;56824;16570;59121;52202;34248;10680;60249;37137;37564;57955;28925;42754;40282;55181;64295;10285;29133;63130;34951;54229;31331;61275;17456;58695;28367;16738;46771;37920;25610;47233;55505;49890;33682;54214;55694;65577;36545;24948;36044;58675;35755;34456;22119;34713;58049;47181;35571;42358;25870;31573;42866;14038;47524;35064;26305;13261;18258;63179;62307;59776;40009;43098;17602;24171;66430;32195;48275;36436;17194;29346;44937;65790;25071;30918;56396;60312;12497;13749;35834;35746;57625;24157;36120;35294;49776;41642;35084;66084;65732;55777;35493;34428;44844;48876;31912;21868;59210;22805;40400;59481;14470;17620;30686;49234;59309;24816;33069;35219;45442;64983;54384;28341;62899;59145;56864;31687;60672;33318;32331;50198;63858;33723;35664;16988;16926;32736;27467;17328;62706;50375;61978;31418;64063;22324;42625;47903;47569;61755;31430;32357;24126;33766;56919;30864;53604;60894;34780;21947;25457;14501;31118;29459;31764;30093;59529;21253;52182;41412;47511;37208;27016;52524;50628;23983;53874;17344;65611;60127;17362;49446;62592;35130;29320;56141;53624;39808;55729;29770;15213;39638;58394;48463;44390;30445;58923;61925;44885;36559;48724;27396;15717;56251;46079;56865;60913;42036;15766;21146;24982;52594;33804;25192;41315;39416;15998;62982;53493;41356;65717;20121;59061;13816;15150;14684;22057;22033;23557;52365;27731;31132;18490;41276;56333;35874;20243;23563;35190;62009;64827;42021;45825;34993;57985;11101;27108;42159;59611;20018;47518;14746;37710;44409;25117;42302;49832;43024;59273;59484;42583;44143;47237;33381;61786;33302;20281;41287;48536;20203;11464;39261;14476;50067;32551;49091;34740;14701;33397;40143;16913;42748;51154;27791;28253;52431;20266;43607;34845;39587;35303;43593;12938;20270;39364;37749;66078;39855;45501;24000;40126;38358;40646;48196;19721;40479;40861;65144;18084;56560;50834;65433;14836;42697;38032;38673;47236;65321;19919;14083;33017;59348;51376;35926;53840;43527;54388;23146;64606;41627;34812;16326;51768;33625;33825;47445;62448;13798;42345;20086;62167;36327;61943;49103;62123;13807;46381;42108;39256;53854;25023;52256;66066;55550;40408;18987;56131;24213;18227;42008;21306;41426;57467;28572;45546;37575;33217;13387;16027;39045;66276;51308;31594;41269;29899;56075;61354;15648;20134;56261;31425;43626;55155;11874;20309;10137;10357;59595;62314;13962;22311;34824;61362;50673;20755;46198;11389;43153;50467;49363;24220;45331;31549;26365;57520;22322;19063;40982;47038;20841;20469;60790;50330;51393;51999;18127;31147;23159;51566;40310;39532;34579;38717;13578;61917;43918;12311;13388;36052;15944;14296;23112;39817;35516;18417;64644;11010;55298;53891;15023;17491;46213;64961;24401;11700;29279;50290;45204;56627;61472;29917;57801;29437;33915;33089;18796;24936;10364;38517;22092;46410;41570;43348;37859;63490;31581;33867;27608;45916;19656;31171;53249;42132;16934;37187;38244;42663;12898;57580;38847;60620;63187;49356;46302;36447;58395;52848;45449;17192;54520;32137;60988;33183;60428;35846;42336;26997;25735;58168;12752;35546;63519;48185;13919;65489;19990;41526;66461;48144;18600;45545;18834;26275;34718;19983;11356;35117;58884;26494;16769;14721;35833;30809;43497;26605;49824;34097;25788;12866;48487;46014;46320;45550;59021;31048;59294;51502;24968;13929;60810;29877;46131;31046;62117;26772;57203;12470;43014;27254;15316;55216;42212;12976;65276;23152;44011;49957;56340;17018;56376;37264;32512;14116;13187;56603;21639;32428;32028;18522;23666;49976;40609;57302;43729;60431;62828;18973;23539;10634;20950;30474;36788;39334;57015;39689;42699;57483;35986;63325;16940;42529;57410;60813;37178;11501;65380;66140;42041;54403;16618;18097;63660;49896;26573;28472;25889;56411;14378;51994;56553;33066;47628;15627;49173;63334;32142;58015;26649;48271;10708;61956;17974;40784;59509;33662;51948;58378;64423;40125;23795;12379;62905;33791;21801;50456;19855;41112;24981;11445;13166;29090;49074;66555;48362;11214;62831;65352;61129;52220;42945;56752;65692;31451;56389;64324;44318;18999;43413;46954;24820;11886;49281;41883;15847;47809;44963;40384;27886;43912;33457;27455;45666;28274;40525;44379;39736;26611;42898;66428;43955;19257;53053;50952;19045;17299;31400;50341;62560;14943;26109;63165;34332;34291;38864;13325;48646;62373;30931;50047;54270;25175;34725;42827;10247;48879;33131;63772;45002;45489;44499;23725;12484;21719;40836;21665;28036;38411;61969;54488;25872;46445;21514;18124;18243;14763;61729;14144;47245;29659;65263;13318;52296;20787;54360;49197;45842;17184;59934;33661;60363;46334;47751;51503;36599;47485;16762;14760;30187;33182;61479;48194;51697;42946;40231;44774;60146;61391;44406;34141;51543;62018;58402;63235;36528;43459;41178;51015;10522;29720;25283;53523;66644;25863;20676;47352;53205;49594;19762;20773;56017;59813;29281;15667;42715;42083;65964;23387;38539;33513;24835;30163;32799;59351;35653;55240;31401;40481;65528;42720;34553;52744;44433;42950;36314;33147;65940;17677;37439;16160;27895;52136;43056;58190;34774;54061;42895;41852;35330;18637;46915;10903;27555;28761;19334;53050;32706;39793;12447;24239;60004;11104;13146;45836;57970;20783;35748;65379;35811;48750;38408;51764;30477;40395;21780;48187;11046;58117;49959;45861;39435;48800;20792;38495;65182;51896;33080;19236;40900;53074;28694;47763;39299;54450;34679;20132;56545;22779;56808;43727;14980;64210;19014;53593;28823;66794;17693;64489;16288;55145;59789;63242;57712;27940;64902;15476;37568;31492;28591;32061;34020;23286;63839;51138;42696;26010;50863;13688;28678;14482;28616;13145;21683;31019;28827;35011;49274;57064;59982;20174;54949;49596;65511;15478;44388;35708;10604;45090;22411;19823;20720;28068;57608;20019;49788;63507;49512;54394;12940;42228;53967;58455;65038;45508;15324;32880;59030;48292;22141;34478;61857;55620;23083;52305;43676;60932;11451;45083;21713;37101;23007;36732;37237;14923;43968;49852;49925;66885;14404;11546;48890;33240;32598;34820;60596;20099;52371;21923;35642;61360;40458;63959;21670;13986;33106;66496;33591;51977;56456;52607;50790;10971;57849;48576;37977;23355;49564;64311;63193;18244;34225;17353;37173;57570;29755;33710;44445;54047;61093;56902;63863;54183;45467;22913;35442;51563;52110;15913;15003;19627;38313;60147;65631;22272;25947;14131;53733;18448;33422;39742;44850;47219;28306;33636;44226;50618;41694;50914;40265;29376;20083;44257;42690;17728;11530;59647;27577;21212;60665;33286;34889;14058;19830;47640;52183;24594;62265;34130;20195;22656;55134;30215;48596;21210;49591;54299;13351;61381;35823;40881;57803;32566;57032;37882;13423;62615;41558;44748;13472;29743;42001;44790;34884;25558;43826;36915;63391;20592;40661;55798;10341;51950;40487;55802;33949;37537;26823;14785;62614;42553;24394;49365;24524;21728;56209;65228;40664;63200;46078;36711;15757;24383;50722;32923;49389;27484;48552;36100;43724;64945;24891;55593;52438;14503;18548;59367;16564;17125;66387;23708;11468;51987;13609;53899;19444;46959;61722;61761;49516;27066;11094;53662;29783;33012;21505;52011;59114;56686;11497;10485;55741;19539;24293;11192;49667;16479;51143;57044;38399;54900;63852;53868;10082;64595;49373;65074;56288;26859;29411;43582;64878;64988;21215;49599;17289;12978;51142;24049;32612;45639;36658;54206;53449;23249;46045;51102;50574;65323;31204;34618;51196;15709;37102;34480;10719;12523;23277;54196;30469;61447;24890;18119;44969;20112;30170;49336;25626;25571;15370;40777;35426;66865;23068;20741;21049;30077;24226;48709;21547;10379;34778;11057;54482;14162;21312;45412;24550;61116;18171;40196;54734;61997;12465;36577;30904;63158;63554;24520;42580;14903;12463;20405;12696;54098;30116;33327;50765;61350;57279;62017;33020;62070;43120;46794;21471;40868;13940;51845;20525;31112;64524;49567;54150;43146;48243;55725;50695;35174;62869;23861;50691;26660;49989;23598;20688;10408;24276;51268;64005;26844;37129;31777;42885;24526;62037;35243;46595;64898;29683;50520;15923;42003;49148;61951;18384;54725;24998;56217;41292;51695;31472;63238;60135;35191;34300;17099;57965;56653;53930;39005;31008;15530;28615;35129;39424;24025;50591;52368;32276;21027;19052;66420;17239;51315;10839;20986;35649;13133;38230;17271;25593;44767;59476;58589;13787;35053;40490;15151;26191;24877;22834;42649;29485;35670;21417;27470;39830;15736;27937;23315;28882;62249;60220;45616;65701;44222;44897;25244;50679;45345;45848;19055;33287;35845;58121;38235;27806;48833;43836;38973;19210;41590;22724;58438;55398;61179;51099;40859;49138;61639;31349;54427;66417;35475;45844;64470;50356;26930;19335;51541;41576;14246;13465;26216;62411;64780;13923;52326;35439;31517;25774;32904;59851;18360;53208;16210;59468;57023;62471;62846;56835;20915;13494;19869;31172;42122;60165;49811;41536;26838;19722;41117;26556;55956;50706;59676;55174;62980;57107;44944;38267;16241;61288;33843;48764;47621;45818;58305;35738;63722;38530;34932;27449;58871;32916;29780;47898;44119;47295;63364;32701;35589;14134;60718;22587;45243;16209;44050;23429;47202;61430;60472;64929;38913;12198;25535;37941;16347;63717;21736;26653;35144;47263;26967;49433;57149;36989;47318;27668;61619;19480;51907;51374;58984;15608;63073;60448;62958;53594;18889;12421;61714;20104;10458;59439;16327;42307;51682;43998;50669;56781;55519;57473;21342;56466;51361;45884;20967;63384;42741;20017;13945;21013;16948;64658;14707;20320;47148;44130;38701;66584;14313;63882;31276;45979;40870;25505;52925;20455;62041;56410;11954;36181;27339;43196;61263;11838;45735;59454;15810;59206;66397;45860;34189;55197;19778;56353;43085;15373;52547;46885;14915;63880;39254;12541;13291;33993;30565;45621;37028;54862;41609;15969;26172;29316;62581;41086;61233;27026;65164;27025;42707;38367;29888;54288;24197;27224;64500;30492;46214;15551;10356;59752;30888;45781;58511;22924;32000;22251;60648;52545;29911;30510;47818;28089;11201;22250;20605;19569;61780;53248;31468;15377;44655;33137;57096;21992;25233;61809;41915;57359;22696;57766;11483;61751;44557;26971;49862;26850;17688;25541;39999;51684;23510;52354;27573;66912;44340;22921;52762;22407;38603;39081;51936;20797;57405;52293;22839;42770;55922;46875;55117;36655;17446;30950;49259;12843;26007;52145;11023;40167;41817;21213;42011;11767;36635;66141;25579;28336;66551;57298;38025;19558;44151;37476;17618;18545;50777;13901;30030;27301;52485;35678;12281;22264;11328;18513;40138;26881;27498;16781;22205;20807;55767;44120;60477;21164;47652;40175;53942;31086;28329;31826;54836;58940;66113;37595;15645;22313;54007;51449;21406;64954;52533;11532;16778;14675;63991;13114;11648;17610;61392;62003;66403;12892;55840;65383;42028;37162;27878;63011;35035;54705;39768;43973;51939;21751;63243;35727;16617;62672;12903;62600;38291;54767;42728;36837;15635;10676;53283;53841;20595;18359;63216;44293;40591;24666;57572;17209;33619;56418;56602;36195;32581;47357;56452;61009;12454;46775;18265;27889;56457;21824;20403;48628;45678;14054;55734;66050;10123;62173;11325;43432;55957;59689;46103;23280;33475;45888;43620;48627;36531;32807;41416;23019;66448;48855;14060;11802;44367;62591;57381;18533;19861;41511;24398;11059;65112;39390;48712;52161;48791;63103;49673;38211;56383;45949;53516;40951;52894;18288;58332;19424;51205;12954;23183;16517;29092;13832;61847;38252;46442;20599;63950;57681;15568;56739;58656;37691;36534;37834;39273;34191;19511;51575;30280;30305;16360;23987;48657;18157;14097;50835;11749;49539;65018;50416;33778;18006;41380;50696;57216;65214;48159;12810;41049;29230;31732;54784;39249;19867;54042;43950;20325;53675;18819;44472;31024;23556;39061;48868;51082;25901;44461;65474;40986;20291;54786;46132;64461;46548;59763;31257;23752;14697;54544;48410;54794;51158;31567;28309;56534;55832;50057;20435;34585;54570;16732;18777;44385;19534;34067;30213;37376;58669;66082;22723;60307;58719;46108;45958;24799;19800;47500;34676;11884;14728;13302;38786;19051;63945;20450;10814;63102;39701;27245;52780;16608;27402;13171;41529;13659;29999;49787;15606;21487;51197;64065;60879;25412;52922;57278;64195;47188;35555;38647;37634;39739;36598;55111;16295;50087;15828;32347;20999;33059;19281;66202;25874;21301;26086;62502;24342;17249;28532;34995;52090;37743;60916;41697;66377;17664;53811;60998;45337;65588;18896;25736;55735;24700;39924;30766;66602;29525;52243;36748;31751;55950;39326;16468;46217;53991;44456;37670;18112;62866;13006;40603;26589;28750;37714;47421;56903;15892;32651;19262;23213;54589;31381;19160;36755;11795;50488;61361;44302;63269;47065;16682;18836;52439;63850;30621;66466;20528;55058;33981;61828;24589;12257;58323;11772;60798;42067;11877;44872;13555;65115;61646;41651;58876;57730;57338;48626;38316;35346;57663;12628;31062;59780;53765;56519;26020;24434;50507;59051;32475;50555;45541;65785;30274;62103;59169;43797;52313;22086;40630;36458;64196;52014;20789;62949;36829;31705;22308;57916;22579;66698;26973;45522;43460;35277;36735;15536;55241;19860;25222;58824;17348;12279;48941;61214;30127;63649;22118;28487;48841;51406;50434;53605;44576;24074;66623;11938;22074;66501;31932;36014;38082;42224;65995;41027;39513;64919;36417;59217;20051;59175;20523;55105;44008;48772;65072;64689;31312;33512;27607;54499;10638;51049;58705;20665;44005;63420;14243;21063;47170;48386;38950;22934;65814;37079;25613;36882;19416;35003;37336;24930;32471;14545;22198;54015;64906;29487;59445;14130;34592;31925;50189;21207;57260;19364;33323;47707;14438;41254;40307;62040;66616;52970;49431;51557;34502;59913;12467;55200;39952;26006;18486;38216;60612;61535;49370;16695;15306;29649;45126;57972;22371;28692;57041;26676;51313;11039;15353;59264;46202;36349;12915;65753;34003;63220;18678;14023;58456;45235;16494;22037;16614;28323;32788;45430;53152;58545;55641;40807;31457;16834;29982;17037;19367;38486;64626;17129;54238;39568;30638;34650;46720;66320;34657;35343;42361;33522;40889;50754;62356;52292;27446;12806;19077;29515;28799;54431;46781;62421;32857;11620;30886;27240;57237;37483;62066;32114;22013;29973;51748;60584;28289;53365;24019;59546;31587;13527;59040;61982;62349;51657;52662;39028;33351;26962;36746;45609;43087;63129;16796;34315;35203;12423;28261;25959;56564;43358;41363;56324;35445;42936;29910;63231;65250;24638;12571;34135;52803;14035;51397;27929;56228;15550;51899;28905;58144;58854;26855;60509;27669;59578;52815;18708;18841;54446;58516;14256;38844;56703;66252;29016;35905;32445;35586;60166;27741;56378;62601;25295;20862;45416;44161;16194;23426;10087;65529;26820;50860;13819;55325;59462;36316;27756;61451;26039;15916;62298;53932;29905;51165;41409;41601;32486;33184;41006;24107;11910;45454;29842;25765;21629;45962;26784;63855;39304;28422;50258;52704;62514;64468;27451;62174;19655;60126;50092;17157;10051;56710;40638;59901;63061;42880;30377;15172;30739;49231;49436;22876;27422;14583;62730;27257;66260;40864;54923;35807;52232;53418;26418;37232;49714;32110;47892;21678;23929;45868;19683;51331;41038;29902;50575;52430;10035;66956;29817;35021;59100;15885;31162;56113;51892;66811;61523;27898;46117;42219;63723;17657;21293;24766;21319;56719;32505;46618;36116;56485;27049;62024;37928;16273;22938;60331;64047;44137;61676;27261;11473;62816;43327;52551;43831;26593;66304;35979;43356;53483;54936;34686;14232;27418;29977;28974;36412;16521;13266;58582;37475;64522;35181;15846;15117;38156;50996;20028;53794;38510;12043;65065;56977;63929;53526;23538;19197;30250;54566;48366;14025;15317;50598;59070;45308;32207;54162;36477;12440;34492;40082;60759;35891;56642;29297;56640;49772;32802;21995;25895;29736;19923;34516;23934;17695;45159;43350;30143;19235;12060;52758;18041;53162;17646;19856;38562;57262;15170;60515;16427;19290;43323;21613;41394;51639;46229;46041;29847;43131;30647;41435;10089;56301;44941;48550;26980;21903;29081;14589;22879;11430;24462;63761;43668;32369;14582;25977;30525;29304;52366;57830;13440;44823;17240;33464;45229;63479;48520;42962;29958;51638;57038;26836;54461;40297;58156;39604;55768;59197;25477;45783;35409;16267;46106;38341;19466;25353;61710;66960;46272;16136;19527;13068;59043;58509;25906;51877;23074;53438;31426;31367;43075;60047;53555;21014;42798;47290;28242;26993;26738;37437;12694;17380;20064;22825;54142;15456;52772;30970;59009;19820;58573;53954;18204;55603;38416;52729;40160;25428;28982;19448;35805;61219;61282;66279;63900;27802;64616;47458;58500;53196;40711;16343;27684;38226;28706;34201;18328;23574;14327;30226;41807;59225;58143;44466;14487;35747;59112;27836;21880;52975;17763;37385;23472;13117;27633;20850;20442;33796;49950;47232;54643;54245;16303;34613;58346;34216;60366;53751;64677;64779;21133;27291;57833;36178;18143;44485;18480;56972;32824;27217;65440;48188;32783;31412;46983;25326;31145;66308;52558;20173;62736;21893;60801;54289;52555;13456;19019;30520;36213;62898;48882;23591;51757;11403;17705;29906;49371;55942;56733;23910;11509;20454;17971;45076;26223;40453;35255;52216;65662;49183;16183;17662;25475;18584;19971;46477;12397;14027;20559;36279;16216;54027;46498;59246;58749;23873;40174;50619;24032;18094;54773;48713;34002;30057;26080;53319;66800;65270;43885;59554;53749;45924;15174;50053;59668;22030;40917;66122;51767;27510;23486;37462;50035;56210;22379;40601;58487;14608;12797;14613;55124;44249;35770;39704;65578;16278;59516;55416;52694;12272;44271;39315;11289;56563;61682;43064;49528;59302;61903;23540;51172;35702;65989;17760;60949;34304;24470;50225;29811;66311;46874;21009;34907;32069;59634;42203;40218;54050;30813;42091;46927;54078;57494;63347;47225;40759;14740;42811;21447;43540;66399;19553;28875;32617;41799;12404;51857;29944;59993;53397;26677;23638;61450;56970;16229;19106;54500;36009;63503;44019;60185;35676;41966;17391;38480;20122;60652;41742;61855;13632;32511;39466;41246;16667;24647;43642;55284;36838;33688;34594;43347;38893;53352;40362;50321;51444;25747;51681;42229;13994;23040;10347;20948;46149;30251;61055;52856;59795;10810;16628;65413;65793;24734;41016;32574;11197;22759;11632;20715;29784;19960;61077;58903;20328;30303;29831;52025;10382;25141;15785;28132;62727;57768;57230;16919;54787;27282;11793;52624;40113;12596;66095;19102;65581;25100;38004;63718;17329;60380;42845;14139;10507;37792;62244;39050;63611;59281;57255;64650;60886;65419;45706;14937;44070;20929;21554;56112;16816;30081;58536;34358;13642;38040;13189;60706;24669;55350;33002;55442;12887;64261;15552;59713;55788;52665;11762;55383;35209;50469;59334;21882;14768;35913;51520;58538;24282;27074;53673;33403;36978;48753;17605;47634;11243;35733;50593;12747;39823;53263;13344;63068;56264;15938;12838;53988;12370;66671;44442;41748;20982;37035;11184;12278;28053;38454;17399;59999;44085;61557;46826;47101;43772;65744;26139;37593;23699;16191;35460;64343;43496;44054;57604;37341;46291;57655;44334;20859;48305;47587;56265;15776;51498;63106;14224;27894;56496;62453;21630;63444;28014;15703;56615;52631;57488;44970;35308;30549;25992;43663;32296;56154;15724;20672;55863;48686;35817;64766;12724;15948;59645;63628;52614;14831;38232;29280;21786;61412;40069;63846;45043;45925;17835;14435;13357;10386;18717;15959;65021;44195;10829;36881;40643;49813;55151;44262;44568;10771;45729;22260;42076;43452;32291;31890;63842;47281;50870;34450;15185;46403;35721;62162;35658;38705;25826;55612;52178;40142;21426;17373;20466;62918;27477;35251;35684;23865;47168;26950;43562;37301;59896;21488;12449;22748;20821;20221;55563;61878;25048;54340;48866;66475;59861;13277;14654;22577;22607;32899;15745;66593;53845;42280;44854;19942;64915;14603;62343;50832;12995;27963;54154;17140;62416;60108;21902;57395;20422;14192;52276;25331;23383;13238;36282;23305;55394;49522;42526;45292;18037;30614;55061;54990;19684;36752;45512;32528;21485;17280;11114;21612;33156;18451;14110;49781;19115;27795;64643;42685;34760;45801;39901;52214;21046;24396;62733;28559;41187;22692;14396;16032;62200;34581;11043;19522;35441;62278;24684;64213;18652;42429;39485;42055;29325;28814;19491;21732;24639;54984;19580;52336;15548;17016;53346;65378;52369;10435;32431;48623;11007;48566;63188;44348;37314;19103;57949;24522;38508;27008;62927;57212;60504;54459;18363;48532;43000;10945;25350;42834;51101;66298;47870;28813;11355;31535;46480;32949;54164;55560;35883;27822;62971;26885;34915;37602;55824;61078;45053;28821;52859;54167;36338;30513;52974;10411;14508;29018;36571;66902;30225;38937;66099;62919;63132;39105;37047;50727;47117;15148;55673;36336;18460;43709;35352;65109;24449;64891;63711;54899;60673;20832;66323;31543;30909;27514;36048;52731;24697;43475;31185;61410;16584;64558;53217;65492;45883;51048;30404;25338;59849;34166;26308;31600;60728;61944;46789;39378;10572;56020;37360;27981;51986;15111;49838;62986;40846;35052;58611;21484;47393;62436;44394;48952;45727;65122;18321;57883;54422;53807;12808;28419;21043;57007;16961;14742;31009;19696;60558;62742;22612;15233;12975;11652;41224;22554;21955;59185;46844;60548;34410;27721;42461;38498;29354;58827;13370;36408;59991;23409;42340;58212;56619;44893;35250;13758;50109;35223;36385;47326;42331;50910;16588;45903;65612;40860;56307;28279;11000;36894;18376;39084;16900;16966;50344;20813;54463;23144;40719;25264;16861;13751;38668;18115;57628;19430;24367;17127;56579;55580;24212;58253;28634;52257;66592;19419;35057;41823;42325;45538;60194;26189;48870;35760;63270;47719;40751;11398;47481;32020;66257;52918;45327;11788;44692;28445;19693;18661;15435;59734;54792;29183;33531;30978;29558;52976;23076;28689;12658;12380;49310;17543;60956;54017;16814;63283;40716;66867;30457;35340;19692;25857;27267;63135;17711;43250;12614;22742;36854;14373;60454;46805;50548;63346;16820;31584;26841;45669;36333;40137;48606;30218;30911;54281;64694;38286;22214;26716;44835;44203;20273;28008;22615;62526;19487;65899;50604;36151;32249;46188;64869;33014;55868;32628;56514;66048;48318;64138;18809;14868;57578;52271;23313;17661;57533;51438;15099;64879;22690;55611;13457;55153;24746;66590;64806;53745;19872;14819;15052;19540;22902;40429;57624;55968;31244;43371;42604;21098;16342;43408;35508;15211;13205;58933;16417;11024;64438;42301;14086;19404;19164;53912;30719;37516;40748;20369;41604;33555;53509;53949;66310;38132;30752;45193;46583;18613;56628;38666;34667;42054;65571;23052;62804;61066;57674;44324;36047;19647;34887;30151;13567;23541;50373;55452;40158;27757;35937;37495;31955;27115;13860;36560;61581;28677;27176;13975;10249;61452;26198;59033;36215;35476;11041;21794;33107;48921;40249;41025;33862;56899;23798;31531;36272;11264;29852;34545;54389;13414;64972;61949;21537;58061;56955;65333;25500;16149;12665;36066;66235;32631;15853;20236;52984;53161;20238;16566;50001;21289;12555;41847;55839;19523;40141;22757;18361;30863;57160;41093;60323;63236;60511;11565;63767;37371;64811;30784;27525;35694;66840;13348;25730;32549;32556;16754;21230;48739;31902;15017;37274;14047;40895;50153;16736;46882;18140;43851;62077;58277;10387;26092;18520;51056;34170;28483;38532;12402;44668;15217;18053;47390;16097;40812;60905;56765;52289;53336;35616;33214;16350;54693;36669;38726;31820;41524;51726;44996;59471;32761;62233;36305;36415;17672;62002;48409;39945;65262;44350;53931;46200;62594;26169;21313;50074;33998;23676;58056;23593;46027;15747;52522;53627;43564;19850;57115;25834;62557;21109;17766;17107;30862;45326;60593;23681;11137;19628;55507;35205;35959;14807;33480;23015;58467;29153;52986;40960;39613;38274;53681;56541;19365;46073;55469;34652;29104;40902;57443;41527;20930;13343;39019;66524;39147;29593;17687;62352;54385;44524;22780;46631;28100;51714;41981;64199;39957;28721;35744;34991;26766;20879;32413;25943;25692;40001;28951;31290;28944;62787;40066;40016;48541;62607;42820;59954;30026;22155;31339;27961;37337;53667;31572;29667;63162;37355;62913;63408;43945;39306;21458;64319;26547;12526;45255;13003;31919;42385;24246;63999;26704;25248;22563;26726;66526;59922;64321;14284;20026;51546;47819;65491;43835;65147;55401;56978;48157;25813;55974;10794;28401;60184;14011;17638;16206;63142;21029;60231;18079;50503;43343;17561;33391;30082;37863;30546;50027;29353;10711;64857;15827;15869;66504;47198;21917;14195;23379;46461;15057;16902;23271;53784;31847;64914;50066;29404;16525;45276;56313;13336;37814;63501;13640;48914;65776;56304;21759;47333;39563;33732;28402;48947;12318;11415;12886;54607;44991;28127;48389;61871;44052;44537;40217;54619;35715;51493;35333;60439;34442;31253;51162;49715;13188;41485;64535;28906;46630;22669;35318;56259;42282;37176;30219;33904;61890;21963;13960;50898;31382;17746;17372;61396;17120;37856;63268;30562;54944;25670;65349;37304;49916;44775;45373;61072;66108;49021;50621;16125;36046;24762;29802;41933;17161;48745;66486;34703;44646;13729;51263;19736;41978;38292;52184;21415;26394;52058;31200;66456;12522;46154;41061;24585;58197;20334;13218;17313;46610;16824;33568;30131;33817;42582;27192;39824;53992;57996;40586;62096;51871;49017;44607;35208;40483;25032;21758;10419;48818;49939;52087;53670;12776;64333;41122;14214;34797;49739;34513;32407;66695;42713;32364;61698;15940;50851;57125;36926;32177;12733;41347;26791;49195;65918;31683;40752;53574;59858;40808;52104;17525;56744;11402;61525;60245;15262;52698;59392;15166;44477;28331;30569;33788;57453;10096;18398;57245;41432;60685;47160;12916;60517;13909;20115;50608;50497;15405;12269;53823;17087;13743;21550;35981;31061;55475;28427;19213;40165;14738;45114;37111;56144;19821;61806;36242;18372;22731;24325;34631;36207;37084;13880;63743;31737;25980;38833;15421;32650;36386;45933;64387;22497;21994;42131;26268;43986;66104;41352;55892;62972;62308;47443;20724;31972;57722;25259;16442;23544;24623;63079;51492;17692;19922;22091;34967;10657;18146;59214;50892;18383;16753;10001;64783;59903;12741;38186;24051;22730;37597;65131;51068;22157;35749;62109;58275;56163;54039;56078;28320;18055;58728;23655;52036;12466;19432;48597;27318;37220;44782;24932;34394;40502;52388;66733;53285;53453;29574;51167;10227;46460;56202;40331;16253;11084;13672;54986;44828;21823;60027;62425;16300;30645;26847;58729;35714;59137;31515;46261;11226;47820;21056;15875;25330;45192;51521;52715;58293;11035;15442;32294;25129;61632;61608;54639;41513;32088;51800;12796;36106;47132;51771;24106;34737;54966;13646;34126;60076;55342;15566;31321;20473;32112;24610;57650;16145;38648;28712;52222;28504;37907;27609;61238;60219;53741;57632;30177;17408;65774;41787;15930;59786;62832;38491;48190;16406;46371;66822;25524;57666;51096;36957;49427;37228;49248;53118;62558;46392;32329;30115;46776;64796;51461;53445;30620;12946;11381;17798;31810;32343;12052;57990;43806;16083;15445;35931;25314;53934;15900;33032;33767;27370;19646;64592;40529;28169;33445;35962;25756;47123;45473;59096;26795;16812;13545;61702;48929;52378;36797;66327;26664;62361;41757;34702;31672;38214;42900;55999;10471;11774;52868;10114;45115;10149;48714;32633;30259;50763;39849;61358;60971;13989;44387;60622;64962;50151;27880;56370;25450;38663;14323;24769;40686;26088;55431;17807;35784;28622;56242;46591;36550;33738;62292;25880;54830;46054;53616;39124;57046;44766;40406;36123;19829;43993;26875;59949;13163;43976;50268;15584;42648;32806;39336;38361;65747;11696;35075;16965;65267;27186;36539;54044;20382;18179;41561;22274;65421;59176;21195;61321;30711;30440;39492;35930;52548;56325;61592;16497;37842;42852;52754;56477;19583;29535;66463;33402;30554;48254;53304;44896;11113;57063;35941;13984;39049;23380;46088;61719;54945;52332;32076;46821;35778;23443;28392;46677;19386;20643;16111;22637;19853;46495;35297;22917;57553;16355;50459;38882;42253;50534;22907;14959;13094;31509;41760;36595;38830;56939;66253;28202;12629;25822;19393;25984;34139;47491;58123;25502;34374;20292;46654;53680;56911;22259;53261;16067;56826;25617;34733;55575;60270;59515;41382;16133;42836;44225;47791;53134;34417;39612;36376;56555;58496;55524;28318;46995;46066;16648;32358;55295;32245;21866;44966;32827;66936;13047;33667;30788;33749;19643;11807;19174;44493;29152;59317;57525;49678;24163;54805;49761;46193;51353;50820;24456;41200;11538;57474;63433;23166;62579;23791;55842;16916;50402;41848;24545;24885;62642;34649;17597;41417;62212;65468;11504;11573;37689;56262;18052;30400;10368;21089;16578;19067;12029;31419;14481;65527;52066;22496;23585;10884;65892;56690;24650;49460;23047;52155;64729;10042;45167;15464;30350;33753;20944;55763;24404;25715;31347;37640;45731;41474;55943;50208;18117;52529;65672;52587;12755;63232;54719;42632;31493;49249;39954;25337;26458;19832;37972;66112;41676;10157;35216;35221;10349;58919;48664;45954;12918;26765;44954;56060;36179;11014;25012;33039;50880;27048;16922;49501;31105;46831;44989;28418;39874;65174;11012;28475;61369;38662;31074;34250;41373;62135;54921;62650;64337;62231;41333;41075;50676;63509;30351;10767;49025;60444;57413;62344;55471;37248;66974;36569;36084;32730;30518;33097;59511;55816;10062;13601;41818;43536;21059;60666;66213;20766;15437;28629;61334;10803;44165;19675;53006;19935;52627;18070;13559;49032;35393;18156;38850;10132;37755;64701;19427;45146;57719;61149;15910;49462;42617;38351;13233;33049;20335;14767;55301;48149;37746;52055;15610;63978;60912;51000;60073;36754;10950;58747;38853;53569;16950;17098;30763;58302;39108;11780;49542;22107;23592;16152;10785;57280;15315;29685;46756;62288;17641;49027;55728;30392;44721;10631;37974;17795;43117;16166;17769;22445;47328;55254;60982;21774;44849;35123;29556;46418;18853;57920;51008;47665;60991;66844;21413;22120;61861;42436;48783;20660;48849;63790;29799;57653;64429;49072;16958;35735;29881;15272;66314;63094;12556;44787;53121;52267;47030;59587;42808;23167;18989;63654;40337;63875;50990;35260;57291;23893;38019;58266;27893;53961;51398;56656;56034;42812;35329;44158;14529;29047;54701;58425;27734;49804;42821;28834;65691;25371;20987;58913;16528;54176;45672;17006;57747;41917;12494;33783;62335;55633;18418;52139;28839;29886;23995;27231;33229;14459;55561;10129;16435;63160;46346;62203;18065;10080;28037;38369;31755;27499;34841;21148;34589;51207;16382;52747;54121;63361;53566;53192;40380;17255;44886;31117;43285;63113;53378;19648;51553;19566;14922;36722;11102;60034;39602;20808;29794;60443;41792;41331;23384;21619;59156;46766;18445;46646;24062;23957;53412;32165;52247;51565;55144;50882;47545;55222;32585;32352;65339;26770;58862;60935;18245;57736;55515;46199;12896;47314;41289;37983;20068;49844;24582;31941;26821;32374;38360;45793;17015;66212;38089;53691;56584;49530;24531;44068;20063;42555;51284;60290;56772;60387;52620;15494;26409;57945;57373;51539;38969;10167;58849;42287;27868;22981;14115;32447;29387;65649;16352;59412;29919;44145;39899;15344;63267;41451;37964;43322;16784;46928;47118;59969;34488;65513;63280;30668;57906;39004;57418;47742;38026;40394;40659;10731;64412;61756;22543;64347;59821;59703;48491;59994;30571;53552;36339;28194;47268;39475;44530;56585;33693;52380;59998;45066;20714;62664;19193;22559;53830;46588;29602;52375;17586;63691;25409;21503;38271;57204;61606;11208;65780;54400;46944;66621;48303;45127;36770;65595;34875;16609;12908;28983;22068;61792;12764;64477;29814;30171;47854;13040;16129;51439;50350;24221;31311;65445;16819;59347;66312;61797;58674;26947;52447;47126;59127;16498;57727;53499;49767;66265;22153;52730;43694;36497;22586;49194;28000;14381;55142;17231;40847;61738;45060;35677;46143;38317;31861;50342;38553;47425;53328;28873;31439;12411;43638;39229;30384;42680;27134;16239;59415;61757;48226;46727;49307;63982;22294;35792;60356;15820;45911;10308;48946;11217;24484;64366;59044;59398;64685;50292;40619;14880;56981;65501;31387;10888;49395;65884;42387;27039;42943;46355;39673;65534;24225;60046;27565;56435;14981;10039;36315;38169;64835;66775;55022;57341;62695;39556;61773;11824;35668;33966;40890;55007;47691;65392;18739;41480;38171;47300;40081;58558;35361;35651;62437;56436;55543;34471;58003;59191;28461;15294;33196;43793;23038;12945;23318;60481;29147;22714;24952;57992;51043;25762;31219;42854;60077;61911;39758;45364;20458;42601;31871;53482;32018;61312;34424;17712;53257;47855;49895;62586;44975;40857;21281;49024;30105;32372;36995;14185;21934;53005;28267;10608;25272;27069;55940;17178;29818;30528;64647;51355;15119;10636;35940;13478;30342;37352;32083;10760;54838;17768;38872;45907;38055;39626;30755;43090;44211;46093;36643;13565;55363;17980;64370;30029;53202;45964;30267;33797;24067;37300;46987;38671;36689;65885;20804;15592;30096;64027;18262;29597;11608;26396;35177;29275;29757;40368;19636;59614;21163;50222;14449;26878;51206;51109;38110;28986;22505;47114;30198;42749;54474;12725;27139;16989;52835;15564;17321;33400;50253;40434;14304;38715;16272;11091;21462;36322;50451;46842;42236;18336;42773;53635;40501;52284;41033;28298;26328;59680;43730;37021;44268;52659;41191;54019;39362;14159;31708;58418;16996;33589;34101;59490;34181;61341;27194;65509;14326;41534;31914;45497;19357;49742;27793;52488;25536;31771;61841;41464;54850;25436;24724;24146;20565;27325;57670;48405;34444;27128;42504;45005;27674;57172;34211;43419;28948;23727;14924;63943;15978;38934;45807;23476;16772;45206;19703;39864;23894;53799;29056;19896;44176;46354;54125;47888;34491;22561;38103;40701;55225;31289;27782;46873;55359;21595;16522;58527;35339;31376;63245;49150;65651;36576;24211;65494;64481;64303;56546;60948;38616;46170;51279;57498;62250;27380;53055;19874;10897;34458;52902;25919;10933;33609;29698;66892;11562;38006;22182;54762;43677;21418;42758;28263;27273;30499;11503;50009;51524;23284;29904;24862;11819;49927;24299;30345;53776;20931;46970;35317;48927;10030;35351;52149;34081;15361;66901;23870;60804;17690;30355;55154;25489;10065;13079;30894;27811;29939;39789;36904;53498;19909;53875;59034;47286;38660;34069;36238;29044;25395;53503;54222;11634;31716;31352;55642;55797;14976;17023;16068;30369;14183;27206;40150;31177;54537;63874;15932;26590;36705;56624;59800;23905;41754;56961;60457;40306;33968;10376;34028;26907;51838;19878;18102;39734;17697;15926;54130;52721;10147;10459;33296;28985;60817;29711;60639;32647;52908;25974;31539;17673;16689;35334;15919;18984;64275;52263;64934;31041;10095;51947;31595;22740;37012;42207;17135;46254;39008;31989;62510;42480;45947;21695;58430;43646;43647;47807;62071;55326;46292;21023;51450;38775;22519;13521;51067;27089;31836;13915;30473;33559;47808;31229;22375;58703;45458;52405;27160;66135;34157;65910;14142;50486;12505;43750;14928;21813;24698;54615;56458;43632;19599;42877;37063;13176;35030;23499;60542;18263;18716;11663;56004;12234;46604;35990;13615;29583;39866;25767;42421;58564;64354;17564;26367;24628;46089;47249;37081;44496;38736;32681;39232;22463;12874;59463;40117;51180;39068;66700;24807;13504;53858;61967;38310;30605;19331;11308;47058;39397;29367;50453;50576;16082;46518;27268;57114;64776;26610;13744;20411;40832;10041;26306;42967;17022;24611;13354;25243;54390;27152;64883;18484;53848;34979;66205;17186;28866;19506;10532;36751;62088;26385;22436;22069;12767;24223;47463;30789;53175;11947;42528;25875;17154;48342;61315;60927;47694;65938;12110;30608;61416;15730;26024;62934;39338;34574;32917;30550;42803;30811;46011;61075;51394;66716;26103;43517;64053;64432;53965;51558;56713;61195;25021;35641;34721;57266;37216;42288;56874;51522;40749;50131;31913;27563;38695;35785;56399;51144;54049;11533;47183;26632;60391;55600;35357;46385;39889;50842;26236;57108;29569;48858;57384;38677;46469;29638;21841;20633;66749;66835;44621;64042;40636;49375;32487;61775;29661;55333;36193;30016;48464;52996;55923;22726;29810;60552;61873;60121;56201;26668;14665;29453;56875;20462;28625;38205;17146;53708;53650;17223;11090;66453;12973;32419;49849;14048;10987;35849;11254;43313;44717;38229;13210;22239;39946;26207;19801;16175;39697;15298;44147;28494;59129;12840;44074;27391;15235;34112;64852;10468;61511;15714;17682;46731;29190;49766;31266;61552;60125;19437;14895;24710;61597;22263;36144;38183;18820;60799;20077;12395;56223;32900;58807;15257;22855;56031;18236;18040;45490;13894;66070;17556;52537;22511;38485;45399;31761;54478;29737;33722;42088;36197;49331;35379;16789;22440;46305;40722;53085;50234;15267;20146;25050;27660;65224;59985;12486;18677;55131;34871;37934;45857;30617;53191;14555;54433;66712;58752;59655;46627;31334;26384;41216;53978;58352;56531;63448;24838;37785;21061;24707;22982;26364;26307;33869;15782;62132;33194;46526;47824;61180;59548;12831;16131;55614;39038;24499;64004;19546;48325;65956;61199;13194;25452;34207;46035;26502;65770;18551;44490;27887;48875;26667;21709;28046;46390;64013;32822;14841;36814;59971;63348;45514;16794;39059;62100;29192;15341;64918;12107;61913;24079;61504;14586;55494;20150;16214;22694;23307;14547;34914;34152;66738;56348;29450;56320;66517;45945;26657;43710;52563;46608;34763;49894;34975;12014;30449;40200;26144;63182;24084;60462;24927;10060;11315;58216;56583;37687;52355;24521;12566;21037;21958;48959;31303;14220;58865;34727;45009;55976;37344;59848;54839;52195;19286;44950;51004;11481;50191;38202;19241;29652;28890;64986;62945;21580;41791;38822;44227;35169;25443;22039;32090;31036;49983;62685;36535;37737;31529;22853;14400;29454;14156;21787;40339;39197;64492;66359;50142;49101;21041;30505;64813;63100;42761;25760;30781;18404;46899;54968;34226;20322;51088;27243;52436;19694;63513;26800;45898;47521;32093;17686;42894;60919;59256;36676;50392;41060;29113;21653;14702;56233;49855;31762;62885;41681;58334;20857;13445;16182;24113;24356;13237;43009;42473;46212;31196;11135;17576;55841;43621;64445;15059;44341;31134;61640;22584;51018;17138;21680;12909;62548;28770;60105;58262;50476;20710;59240;21797;32216;42904;45184;45851;57671;35012;65310;43697;24653;48255;26711;30161;45658;66306;33363;18042;56900;35819;26426;36516;60318;12529;42360;31906;53803;36723;65202;14946;19155;16260;66717;14830;60129;30132;17790;24519;37015;56344;49607;44059;12621;63087;42408;38469;25208;50500;13469;24023;16270;57814;14231;42712;45762;36284;55905;59616;18629;21008;63121;49657;36394;21572;33290;19127;53718;32516;14645;13353;36089;49010;65766;19879;57790;20575;16485;19455;41897;25256;40474;26768;51867;64256;39512;45352;15705;55648;38143;38357;54814;59234;55169;22746;55446;64584;64356;61087;24912;41095;56952;10186;25678;23986;50381;58764;52150;38896;34909;63485;34413;16115;39605;45788;35764;65936;51996;14148;59198;20698;46192;42710;63995;10953;36908;45687;28434;66150;34668;28342;44773;14576;15715;27773;18756;62413;27671;42388;34496;27239;56631;40210;63286;48708;61102;22606;19563;49922;11806;64607;37181;30423;27169;32529;20110;55857;24574;16477;44014;29760;54268;44369;20540;36749;60610;65206;19024;50920;23567;38870;44310;25714;46195;46793;13216;66535;43134;21957;25903;37292;50560;22799;39401;31591;31530;62617;20191;11265;21374;21616;13626;44080;57254;25442;26322;63474;51349;13669;44431;17747;53906;65503;56358;32932;51825;57137;55038;29676;41839;39203;24774;41396;53375;32309;21725;28787;66713;11361;27712;20619;56831;47493;20955;65247;16792;18509;13358;10165;31652;61406;40407;31924;63350;52261;60390;62261;53477;37244;26616;15181;31881;24191;25716;47501;61649;39846;21964;60636;14242;31895;25953;54896;65801;39211;37197;48611;65238;17443;64598;45835;62366;14389;42270;32253;55164;43597;32683;30419;43339;66230;17469;64088;12334;64943;58126;13522;38398;16158;18158;49167;24168;34843;47785;28162;27195;66847;51766;47743;61966;39343;51280;60201;52199;38359;22067;57909;26506;39389;49244;30387;31828;12753;50351;23931;19131;28365;16187;33614;61322;54188;47795;42197;10131;17614;30714;47235;56412;41882;28727;41971;21557;39804;11105;23632;16537;23935;66437;18235;32135;47492;20664;47750;33022;53494;61732;35527;38024;24861;36714;50155;16020;52797;61359;30306;44814;42391;57969;11900;30872;62806;13526;16017;40907;50060;55819;65775;54629;25927;61565;65103;12559;14564;41836;34340;48258;65146;64205;29670;20153;54785;24387;48842;31308;30871;63111;48406;30122;27980;50300;18625;20578;32147;38458;25886;29518;10342;20902;40717;64894;12442;25632;39949;22666;50895;48633;52871;51054;23345;25282;29269;25958;15285;11414;53970;52442;44739;62164;23973;62993;40776;26740;65807;49992;12676;37548;13468;20734;60764;19663;41654;39332;55898;58918;33576;41574;36344;10315;61807;46567;17411;37643;40073;66090;30241;12260;49354;58276;49092;23734;21838;28063;55554;23139;48341;32894;25801;56598;58384;40854;10281;50957;43823;39986;37131;23147;25663;63836;43167;12801;60309;11616;29455;46868;20693;15237;27277;23217;52941;63366;64290;65417;38788;47474;34973;53779;38175;17263;58474;61609;39642;50038;54898;45409;58615;35712;15908;55713;42343;34666;31313;63634;48757;62632;63644;58321;23546;42046;25638;56910;46191;19622;62068;41020;17381;13732;15694;32282;57372;39327;66710;42018;60029;38911;32450;18802;35956;10155;23382;37879;20060;22255;56117;66434;16461;23021;23029;16041;52061;21439;50162;33367;57703;46818;27126;45659;21566;49517;54813;10351;33116;12547;50606;65928;56314;23991;33204;31789;65736;49053;62845;51422;59131;26882;20378;47825;52228;45730;33096;54317;43314;42371;34834;34455;61635;51648;34474;48242;52520;58254;36177;61812;34438;66317;18511;23856;18576;45317;37599;12564;12816;53402;22806;59263;34297;34313;24476;59307;62893;49716;42427;19400;62483;56246;36233;25288;31806;66143;48423;30120;59242;65620;64237;44093;57519;42566;46123;38991;38799;26613;21080;50522;42565;47339;58997;23039;23425;55871;28785;13679;29830;41881;20332;46095;42636;58447;54008;25661;18725;50682;43221;49080;58907;51712;48799;46754;34693;14898;10309;31815;41622;28843;50627;32456;29773;28403;18020;21741;22681;46710;46233;53941;33228;53648;61519;66637;34269;42366;21690;57963;45854;25480;52373;65954;55703;15273;25883;38056;10918;25228;30277;18356;58585;35456;64239;61503;56740;56039;37892;11169;61418;49378;30036;42702;29650;27247;13662;11940;39404;64765;37808;54982;31011;46549;19157;40204;63090;58141;48673;38743;16039;43644;48395;23964;59775;51259;35124;54424;52325;19244;33965;19402;50809;39903;60161;31281;27112;33557;23694;16757;54951;52210;51835;14412;49062;64197;56867;63362;31501;65856;56003;12895;64362;56832;47289;48240;50539;61409;59423;58911;32539;10202;44732;24410;49912;33153;13060;24116;13339;60902;64327;65522;31685;23099;58180;61918;44193;50457;25066;49915;60196;17558;59099;13396;22383;39490;55867;63537;53235;45254;16174;33739;16089;13854;65414;63284;33600;39929;13848;45802;61065;21395;21663;56042;13390;36019;34487;35451;14398;20552;31116;53497;35296;18296;62347;43860;54398;61125;49800;52935;11942;32226;41226;28609;32557;49546;33727;54501;61745;59200;39654;53308;24231;26621;13076;11354;30628;36134;22765;45062;22501;17017;56257;12028;52515;20283;25057;24227;14307;19275;43685;54965;61644;17473;39906;55149;43959;22099;23756;37151;18611;65398;34169;36453;25019;25177;11167;23531;14575;40866;24365;49946;41303;57846;22253;64982;22199;39029;22432;55362;34432;62193;50812;14017;16708;11837;55539;53798;59260;63783;64202;65579;66316;66821;58780;41371;25989;20775;55487;42725;17607;52561;18375;40850;48919;16526;64785;62383;36142;43595;42384;53305;52799;28973;54148;65886;53247;60933;26354;47215;27296;20424;31184;50028;37526;21115;31119;32661;16547;52200;65448;52834;48495;56273;39806;57452;40426;31261;44811;15221;53086;36221;27621;21945;42002;59011;44697;28156;49161;43319;56959;57398;33092;49206;11281;45226;42128;26096;19086;53772;64430;39659;19366;43592;28818;31607;58990;44478;59046;12890;53009;58654;37767;14540;23016;53332;33438;58839;19172;63944;54855;28149;39177;35266;48145;39895;12347;23783;48289;23984;27882;56617;14789;24260;41816;32897;25837;31680;66318;10343;53856;40460;64395;37820;48353;11560;38217;38431;18516;49118;55667;22150;43194;63228;10187;61652;17394;59609;27529;56950;36011;57090;30297;27694;58440;48980;47684;13823;55209;43863;20742;19854;46030;11522;58205;65260;18969;32153;50599;10612;41249;65158;58146;60788;49899;21182;16672;13030;18861;58142;47343;14167;49650;30354;57873;10831;54667;36728;33919;20200;43499;64087;29582;64207;62245;11482;30382;44492;42849;42328;59233;51319;61932;25254;38468;28163;35894;65943;43922;53546;32865;65073;11061;35411;17200;33360;25890;47726;15022;46161;47582;37412;57256;31195;43238;21495;64534;23406;31551;44702;46673;64323;56894;48925;53461;64067;44520;43465;21047;23917;14251;18931;39376;65797;55606;65372;59725;62377;40446;22741;28826;12927;21730;65113;45069;13122;16178;45149;43630;38022;59057;29909;25247;55223;11983;57705;14431;47010;34065;13804;29511;24542;17390;45140;31383;65734;44913;48710;54671;50629;35994;40119;20118;57521;57199;51150;12117;28917;28062;22926;65137;60160;63425;59619;52453;52710;30540;18043;35801;62568;40227;45794;66251;28697;54732;28932;62710;64399;13140;64854;57043;39926;29706;36230;48961;10928;15956;12368;44089;65225;20483;27866;49435;37294;46432;31887;46991;55585;34895;52804;53138;34729;49985;63578;27663;41405;13415;26804;44361;23046;16582;31715;25462;19828;21672;56342;42975;17598;40498;66062;57966;19851;26604;26662;44397;46270;16823;53342;19452;33369;14458;23515;14448;59313;27546;42783;64341;39515;65363;18566;39173;55831;45154;10777;14050;38904;31763;62304;19185;20784;49031;41528;54303;28498;63300;18024;37784;56083;60087;55454;30568;39870;47442;25792;34342;41939;63065;11842;51073;26748;45869;38759;28389;32804;55132;34799;47483;15188;14729;34245;49008;52496;51465;16426;26572;48430;64885;66642;57950;30293;25957;46988;50609;18917;51277;42988;26663;13648;35561;64786;41955;11660;59494;30309;35237;42289;49240;51637;28704;15198;32370;10797;15027;48816;24091;65545;51007;60980;27687;62659;60346;19836;11433;31197;20009;64740;27589;52042;42578;30961;40321;20512;42350;19472;52078;42333;38733;15658;13421;34236;11990;59190;47344;57222;26672;58279;30078;33651;52265;19631;30321;22389;66193;39276;23375;17425;21847;30490;41132;65694;13660;56599;61586;13476;42507;61819;20728;20388;21970;48413;10674;58677;21067;64985;50430;34590;28397;58916;54432;40261;17454;57837;25327;53022;46725;35844;42909;16952;34952;50615;20253;29434;35471;31489;63593;18752;15655;57861;45401;11875;30486;40221;30447;60355;62295;18190;47045;63308;18642;11003;45418;47745;25655;55265;11142;59830;58290;27945;11196;64995;64888;26183;46656;39181;11712;56022;20898;43504;27459;27015;46414;37132;23614;55850;24165;38933;40509;41551;29869;66154;60601;60844;51702;18316;45179;60750;17698;53339;63311;51340;37465;16157;43693;40046;11674;60943;42627;39992;32755;36963;62447;43330;65941;41135;62830;19204;40792;54962;41820;24880;26041;62788;55106;42045;56700;34976;41326;30671;12997;53859;34030;18247;46645;56720;65101;28553;13416;23648;20909;56484;29244;45263;40005;59314;48780;50361;32459;52028;64499;54992;55624;10686;16114;21640;11744;32003;35551;31131;54464;43118;45845;66072;19294;64818;27542;10074;63912;16337;26681;12258;44587;28137;54647;39777;57065;28449;57397;31333;32920;44311;25784;63186;61946;57195;41786;33565;14769;32801;36057;21997;63524;56143;20277;49693;53087;56118;40919;58397;25961;28631;54156;42611;53125;21558;14149;36817;61801;31786;63246;11811;25240;26517;38992;26042;56983;22405;51258;55513;62962;66187;45079;53740;28338;31096;52164;31420;47017;37632;44184;27373;10641;39759;38761;12039;58628;29772;37378;42081;29660;32595;64375;34891;45453;15039;51421;59719;19238;45432;64887;25567;44819;27001;60445;63881;63329;54211;23533;65011;43943;33427;15406;56669;65427;32707;45693;25928;33905;62243;18206;48675;59271;62367;35812;32662;61454;10257;41924;40480;27407;51756;58326;20534;15203;43837;35822;45689;55895;27504;21988;65981;63892;34275;66745;27292;10480;45663;51957;39735;16225;42721;36954;57438;25439;36583;15947;62839;59512;42757;34685;11787;15522;52209;51912;29010;22409;58905;58699;28993;55435;39687;36180;63359;34996;55453;15880;62798;32473;44598;51013;38856;14140;51664;17753;26698;10870;11581;30311;40815;66530;44546;13177;31391;17992;23140;61799;25713;30266;22397;22682;14947;29011;53677;60273;27832;36255;58415;46315;37588;57753;18517;41530;57247;61992;16473;26259;49098;40041;52126;39260;39933;42830;56056;41005;61877;59966;59407;34532;55818;49910;45960;41099;38289;63607;11266;49745;31947;10327;19625;18387;32856;16891;33660;26633;46474;11556;63041;14473;31730;39187;44239;47337;16727;34596;62402;52395;44594;35984;24726;54938;44051;65792;12999;51981;61516;34113;16341;44159;24947;21015;45686;20752;47367;26388;59327;26614;58846;41034;38810;51636;36007;38769;43957;47649;23148;14525;32769;55051;48997;54682;50714;57569;34252;50168;30053;50519;40236;19519;39387;18394;24439;44889;36086;37883;53890;62136;22894;27640;54357;57253;29724;62822;22851;65999;23989;66381;38727;11557;18118;48391;62327;42294;17628;49463;56354;47299;34558;13426;34901;13973;21119;34573;29472;49792;48749;15460;43682;50477;63431;60945;51705;15713;66459;13623;49924;39950;32844;29107;39079;36139;32759;31827;16647;57796;50425;25322;46194;32725;33770;13110;61555;20694;58857;30929;64183;20849;29626;37667;11067;23615;32944;39058;40923;23849;65696;58345;63149;62744;54194;54881;21352;59207;58426;50646;38263;34517;22342;12853;23837;65080;66293;44144;44491;64281;65535;61904;60164;43141;18259;59231;44612;42993;10600;55107;39412;24300;26405;66522;60118;29623;22634;27103;52997;14100;42232;18624;64172;58004;44259;64874;10910;48581;30197;56829;44280;39292;57017;44512;40905;43807;15040;29111;37194;53340;58637;28812;60968;36718;19805;61737;62675;42976;23253;33072;61156;24781;12929;40877;38044;61480;65203;38629;14347;39647;11283;11574;23577;44797;58396;21621;19339;63771;50653;26994;49082;53695;22156;40829;61426;49355;35885;48158;38060;57988;31874;34672;64145;26241;27080;21346;33283;16318;65059;35173;41516;30109;24659;39118;26896;37085;49430;31368;52148;47230;61278;42552;38078;64038;38422;17757;28669;28307;64709;15303;62741;45585;58023;43119;15372;40315;66863;16268;29678;39370;24028;41130;31582;58740;41893;28509;19827;47037;26774;30758;22878;22887;40605;12104;17668;20673;58659;45740;43871;63924;12981;47734;14874;62131;65102;40973;60230;16749;20355;30979;24978;59630;44870;53682;27369;25707;12935;35045;26336;63898;14241;25651;31889;15042;16768;56537;39860;46866;16914;42392;14146;46380;23202;30009;60085;36149;14524;29348;13991;58330;30017;34520;37469;24955;56440;54144;43213;29102;39708;28734;59248;10858;40447;54733;29002;54569;65931;65133;27213;19379;14561;21707;32126;17033;28543;47068;31660;32644;41821;46136;64028;57847;45457;17973;66010;42279;32609;48474;27394;43866;57798;39114;50260;18724;53420;31598;50452;13725;64702;45580;58048;50938;28099;35094;53531;26300;55738;18567;10479;27717;62851;23294;40340;55853;51459;60040;45712;44077;50883;29420;31215;49041;55224;38122;56323;15274;36956;14105;64003;57057;34489;40577;11689;37532;45676;56683;61931;33913;31785;35929;55496;57558;26045;47465;55881;24921;50536;55278;48147;27772;24250;30346;34483;28349;13470;25842;39236;20065;33851;12579;40412;59577;63483;50954;64862;28435;40998;26603;56623;55801;61636;59592;30574;63369;61243;39577;29045;18320;25460;55377;61030;17075;43749;36677;62628;14057;50720;14651;35768;57173;18942;25601;24503;41128;44677;48995;45598;56379;16846;51148;59194;40580;43165;47593;14725;47489;37518;30757;58965;16038;33736;34272;46128;26927;32145;33924;31623;11379;18061;45431;13552;61827;15557;47079;33135;38185;50382;20000;20185;29395;61443;49570;49191;25891;31088;43748;46215;57165;16076;11691;24374;61316;49801;18100;31039;30884;62260;35828;10904;27478;39155;54367;40228;30804;61337;43907;17560;21615;22605;38935;48964;29510;31346;65923;28958;47274;14815;38790;12888;56538;15991;47082;26601;48871;18324;39910;63928;35486;54777;40290;13209;15826;16559;54668;66567;30416;11568;13203;51456;54107;52279;60036;59028;16838;57511;64216;36807;36335;23518;60102;49893;16021;15514;55719;46564;27220;13488;13766;60958;32659;52005;11017;62351;51037;65110;65680;52407;60782;13150;29858;15643;11453;29758;36763;15488;31038;13757;62692;57627;38795;36298;44202;54466;51795;16877;13599;47129;52895;11863;36249;44244;19398;53657;60079;52579;66052;18808;16785;38874;42653;13796;26631;52985;43287;51794;26911;46457;54985;16630;23678;36186;51436;41304;65187;29490;52138;12068;40102;56081;24556;59324;11880;41504;20901;40575;42514;17306;57559;22892;35789;17418;62808;10190;50263;56095;53224;49070;25201;55041;52462;65828;39241;61386;53038;58810;40499;25441;45171;48569;60595;10669;30782;50988;62004;39740;52827;43251;27949;14890;29127;63658;65643;18575;54885;30468;33267;37639;43795;63468;60632;42753;13783;56872;36081;47834;31628;56362;26398;26921;46085;44592;32362;34025;38465;42679;59466;37649;35358;58704;64567;64845;32384;31075;46310;53157;56483;56856;53433;59517;20287;39507;19877;36691;13524;58380;25478;50440;46179;28287;59333;29734;28955;59855;16132;45908;46734;32298;48307;44021;16478;35301;38948;15786;18130;16968;34735;60424;65237;20572;45312;33339;53351;20867;27178;30391;11073;39920;47227;50257;10310;51250;65484;62039;34345;17752;37585;31301;49479;45491;17478;36075;10931;26304;53621;46668;18155;35120;54578;65706;19741;61473;31159;57481;32792;11768;22832;22229;12635;14864;23210;25309;61663;57925;60523;33525;12697;48334;41245;18593;42929;36700;40583;58945;60754;57660;59550;28071;20501;10136;46517;34390;65730;12106;19324;39595;20913;21971;66288;65549;39427;50297;58139;40780;36536;11852;66599;63405;62440;61466;55445;50313;28470;13587;64802;52763;63653;47755;17019;36122;46301;39112;54924;46830;15199;64304;31615;63896;12307;59981;26626;26851;26936;32925;43995;53801;16889;25224;21812;61668;49258;36474;22003;35074;59576;30815;38323;63481;51468;12267;35193;55873;11263;15579;17771;18750;64793;54481;59617;32770;22476;35204;35387;18759;65217;42868;17977;37098;31126;20514;22510;63109;57688;21655;62404;33453;33901;57495;66117;40726;44332;24504;13231;30224;63627;52197;29385;25307;64881;49497;63385;47566;63318;15256;61542;23428;61267;49377;44476;56147;15973;21508;38977;23988;16269;18893;57000;63811;30882;13598;48585;24894;53879;66507;14077;13454;35103;18253;26192;34136;54560;62952;21227;66305;28455;50242;59054;32103;14806;19953;25973;52541;37174;13019;38362;31080;29635;13398;40842;12474;11879;50089;22080;38433;66083;17537;36631;40356;32652;32426;58337;55897;66817;43824;65976;37327;48924;47514;55148;63621;48192;43737;46512;25153;16561;57012;66382;24696;65409;46807;18461;43533;15570;22045;63678;39395;45343;57005;34665;35783;16499;54185;35128;60655;11306;51031;19948;40632;31394;33431;31103;48615;12802;12400;39844;40556;15842;64801;49469;28295;54714;22812;28888;54163;49579;10174;37255;66895;55714;11870;28909;27447;12716;56508;66583;11240;25506;18830;56207;12271;58433;35291;43515;22471;23333;42409;35344;54333;59518;45353;10075;21149;25332;25448;37971;22388;37054;41690;40892;15158;56962;48494;25782;62843;40192;16862;29034;66457;25694;40679;29403;60476;65659;61620;29722;65024;13097;12990;61689;15598;41994;18315;49239;61295;65369;41910;16978;58081;28753;63713;52711;29705;19061;15318;20084;19130;56801;16991;14737;29389;18856;53606;56250;47686;22173;25843;41101;33680;16925;63058;59549;41234;48720;33210;28703;59986;56934;33234;30511;61250;51611;63312;45856;47329;58759;39998;33361;27952;44216;27177;25356;17591;61347;62943;60089;46672;62994;40549;40051;24755;19327;29669;27915;28060;18508;30025;18028;18913;13665;36565;23378;26790;32743;48883;23239;25092;53210;11932;45556;22729;20193;16974;47899;26508;15939;20350;35407;57342;58956;29446;40795;41845;26717;14814;20874;22490;17779;35226;42481;55459;23683;39909;16843;13359;32281;50435;49525;27693;48896;30771;55506;10866;14500;30876;36740;47596;17827;28892;17574;30512;38423;37762;50493;54445;25709;37498;37064;41266;16422;66508;28859;10286;27430;38228;26372;47642;66389;13591;66480;40475;28915;46803;59018;66718;38909;42118;43616;14734;48434;16353;13684;26119;20801;64541;32297;49782;22922;45082;13225;24730;59552;25118;46201;32941;42755;38960;23495;51603;36991;26483;54848;40021;41747;34334;23977;37947;40798;58161;21453;54081;31965;51370;39200;35290;20855;54350;34090;26948;49958;36637;15369;25379;45445;62170;52424;15062;45956;43244;60627;39090;53099;51851;63053;18464;52490;17378;15895;11145;34759;40439;65235;38702;22583;41144;44473;14472;21161;66854;50577;18908;58283;24094;61323;60133;64733;15616;17460;28493;16811;45840;64759;15662;23644;59472;17319;29093;29308;64515;11040;47192;25533;52570;35071;60963;53882;22459;32660;64328;29188;63223;42432;46388;40007;16503;51531;43276;64742;66258;42767;49969;42451;15507;23000;51145;20313;35615;19418;47127;58631;25170;31748;16448;38102;42265;24637;15184;41000;14577;52933;23163;44115;26417;59897;34321;32509;55971;29489;64864;51806;18529;63083;45141;18766;17045;61034;22842;54053;30237;34039;10611;39650;32500;61408;24944;66185;64070;14578;41822;39474;20219;44701;38126;13849;33142;14133;25086;48761;13244;47077;34446;23354;55623;40546;49034;24841;38002;45874;21490;39086;28968;54954;30186;16867;26341;10576;28971;18222;59673;62450;21433;14879;38434;32257;57050;23049;31110;31499;54386;12617;33103;51437;65809;59602;25720;42942;29577;32709;21851;65171;15386;55955;43778;26920;14791;39827;57136;59565;46624;51647;20870;26149;61458;44230;34449;12200;61355;40214;47432;14388;14358;51368;52217;40121;19695;57180;63005;19532;15788;65424;10606;10691;22566;42319;30646;65812;27662;36592;22673;18466;54161;13748;18585;38707;19054;37694;17581;53455;20860;63676;45897;64344;61398;63738;55192;38463;30487;21044;20868;21552;39937;30359;44064;17497;32716;43855;61615;36291;64325;14072;18141;18410;45210;40274;15990;64873;13557;10064;57181;46975;53428;61084;33094;49145;42285;10463;39972;12483;45827;24323;31835;50755;18581;24369;42802;19315;14955;17719;44199;35855;32367;44779;45829;64803;44384;38611;15258;63815;39878;31781;43858;33258;26551;19048;39594;65817;30228;42719;61750;54699;37026;57016;53416;40587;24667;46464;53975;59042;65929;28110;10977;51408;63577;35647;26725;59467;20631;45318;36130;23525;39678;40730;30594;64166;38079;24562;14961;14870;15432;51537;62684;53790;49675;36520;63840;23043;52321;47423;50741;13949;48604;19006;50408;27496;42470;46726;19732;22376;21019;28368;48837;14869;53500;65808;61588;43001;58760;18051;62150;26330;65695;11596;28596;65189;44372;60776;59342;50034;30068;25329;40161;51670;47196;28885;31833;46151;39630;26924;51815;32552;26176;21194;38739;22596;40287;47641;14496;23410;57794;14775;10758;31030;12704;66547;65313;63154;38572;28369;29984;65870;48375;59809;16903;57999;35554;26234;41407;13038;33238;45272;32888;54313;55212;59295;13035;18672;34018;41476;61971;17626;62074;22609;13473;43711;11512;49188;40677;39761;25396;65750;64745;18870;25675;18270;41734;45465;27859;40078;32756;32215;49019;18676;43645;27497;15581;10998;60555;60826;12926;14602;31322;37522;42774;12582;60128;23583;16860;66852;13450;15412;19857;58102;21117;60308;35473;41041;47171;27619;46382;12513;58946;12344;36494;19572;19212;32997;64713;35479;22341;21525;21278;34746;31546;19733;21978;59116;10409;30606;57781;38514;30722;12950;42935;33876;11310;63386;46097;60347;19413;35535;24016;24632;50437;25529;40855;24950;59605;33380;63376;27119;24903;19075;64416;15625;54216;64753;43247;38116;59202;35545;29809;19735;24033;62364;49936;45320;28511;47110;40238;55804;46147;19399;15186;43337;50855;46544;51107;15176;55237;63917;19526;56807;52327;60500;56692;63373;18975;33558;14024;48304;55541;22544;20052;24727;33230;47567;34037;34235;57288;18636;34425;49262;29283;52038;48555;60502;58835;52063;49056;62903;21204;12044;54854;32970;45641;24925;42164;12830;51797;66620;35630;34214;41672;62376;48909;50611;21103;65458;34010;51346;52728;30427;10258;50732;13891;28238;45843;20465;51240;45951;54099;58848;57887;21526;40247;36096;54452;16395;17196;56211;36730;63402;60418;33980;27697;10300;55206;20692;31689;30244;28387;64678;24133;26869;37448;30579;65249;61988;34531;14766;65275;38392;63055;34637;31378;26248;32199;34960;60775;16441;59621;34477;57944;50157;65721;56949;34172;49315;66208;20223;22435;47027;20675;24371;62269;47346;41568;15394;35696;24350;52988;48740;20211;61150;12544;13279;23398;49114;10619;27661;52008;13012;57153;38380;19653;11675;62266;66683;50585;16986;22793;11975;45895;41173;41619;44094;20415;36568;49219;54536;61090;58422;40959;59711;10557;45889;48619;24859;22134;10502;62434;57693;57694;50887;20998;57102;49816;25384;40403;21279;48211;62728;47180;19513;32256;36874;26946;20164;35373;54353;18431;16192;25343;28870;64966;59541;65655;55737;30873;22822;17706;37844;15963;53698;55961;26503;14840;33765;35949;21872;61618;55367;61880;64502;64369;55338;23966;16884;22754;15639;47303;14682;27652;25808;22293;24172;18142;66654;26721;20590;40675;38407;37558;28581;56626;39652;19964;36878;29245;32214;44675;61603;50623;46507;53746;55566;50554;33359;17093;11966;30327;35321;43783;36909;19497;35068;53762;15339;65570;49531;29791;56520;26651;17206;61699;43762;31267;19999;14910;42180;32136;44188;24249;35430;66699;45571;50734;46772;29687;51039;62689;30337;61400;27909;58053;57261;42531;52796;11727;14393;14253;18646;26434;21450;48156;47531;52759;12798;26468;51605;49342;59337;18420;45814;43229;12501;26378;46399;54371;25706;51656;36680;26061;13508;17567;44511;32846;16130;43258;38604;62219;15719;10817;36629;51805;66845;18647;44295;22954;62195;41571;47774;35313;23642;10821;45386;27698;55607;40068;54327;29142;42394;11794;33428;20921;57597;11056;56791;63212;20407;14208;49055;45837;48756;30803;19371;13441;24312;17802;27727;58065;29220;56861;45275;40345;66161;11109;60976;66347;43675;27854;20298;41322;30522;37153;52435;31373;66302;49809;44297;35316;57047;46415;17568;66670;59328;41768;54892;57076;36440;17141;28699;63470;37889;54437;61018;37967;36107;62127;54100;64594;29868;14493;30051;63897;38825;54137;36491;63531;58157;27367;43875;65622;23902;22651;53067;11162;19149;65254;11291;56879;47780;66961;10569;11549;34809;33605;36064;38318;52872;45875;51440;35076;32231;18134;12479;24892;36526;57008;50917;33627;60999;59943;31487;14696;27457;17651;20374;52572;20893;25255;47731;18736;21976;10489;11277;52301;27421;40123;44572;14527;43981;13517;61518;16982;41495;35462;52734;30399;50244;30388;46547;30937;11800;10590;63693;63843;18578;66460;23766;29776;47779;32705;25598;57557;50800;19776;56999;65322;47157;48278;48526;12889;45415;63033;21461;44475;13103;31175;57049;28180;43781;54928;13959;11437;54611;38669;38858;60320;46072;30951;17005;47371;49478;36148;43613;57577;13017;48527;46890;16993;56702;55502;65160;33912;25930;55675;58718;65061;38479;31404;43962;49374;29679;41447;31358;66580;33494;13121;21738;65314;49492;34280;50121;30898;57248;66385;65473;32421;63583;19515;49518;10683;49243;39724;20302;45644;24038;24158;56374;30593;66748;15844;25130;54907;34060;19246;16141;37032;65300;28002;39538;32422;27805;61781;36918;66689;57034;17750;54988;16365;61899;32065;66103;55933;24693;60350;47420;17751;17392;32498;39115;20861;32051;40783;49476;22212;27200;60747;12762;24272;33831;37277;46112;21760;33293;64415;60091;43472;35960;29754;23774;14887;66223;65786;45993;39709;59938;14452;21087;11797;42948;20308;56478;56643;57725;17714;43683;65724;41314;14678;10415;50475;46155;51532;12832;55548;40704;11404;49820;19342;38774;62575;19243;50491;13020;18638;16716;46091;16621;15349;43283;25513;22414;52669;36885;52320;62297;40273;44589;16906;29634;20029;19749;34292;12706;41434;34825;12492;38665;15475;46342;20543;34355;60006;18002;21511;59306;50438;29330;30230;39505;33459;55886;51746;51106;55085;39897;18719;11047;54618;57717;34284;48238;53119;36600;35762;34163;12385;16959;15868;42158;20423;33824;17449;18977;34247;56811;19699;38959;53685;66093;37339;26200;64485;23421;57752;63411;58183;36422;19195;22791;60002;66789;63208;31922;45834;20160;27928;48681;14873;26868;41323;54895;21852;16407;16551;44284;57792;66075;49260;57617;49769;19927;36211;58028;38598;47185;31699;61255;24120;64002;35921;24818;59825;19510;65994;19095;41867;15114;56139;65930;48860;65778;63492;36478;29421;44577;39421;15888;41958;45988;18851;63650;20023;10156;47456;64622;36855;46065;24514;29424;46343;45434;29323;23672;25852;50908;17220;26512;41068;19417;27004;22232;27648;48150;47054;15063;47505;12420;56135;63178;65569;56033;42254;34756;59448;56271;34454;51822;11182;53948;31590;60003;15831;64773;19458;11614;52420;53355;24375;32898;63834;63703;64419;26470;28872;59551;33524;60456;58052;24630;35116;19674;46822;62152;25741;31776;19428;32200;63392;66697;33074;53353;33161;33152;28731;20880;28538;52841;11590;38018;55448;55855;41115;45020;17187;53431;63617;26620;16283;59192;36252;51288;28707;48365;38472;51544;63156;16409;37222;22352;21271;23778;44201;60100;50401;35323;60522;23442;61916;25313;18350;22393;37322;36665;18541;41087;50649;50230;39616;62045;49655;24672;55822;12280;17170;24889;59669;60646;65140;13799;53280;45691;66904;65907;12072;32345;24308;31176;66569;59735;27405;48323;17265;19176;54886;26648;14975;17720;16037;57087;31845;43477;33271;29595;15720;18671;31970;17167;56052;49065;39711;58095;15912;21324;14661;25116;10811;52376;24002;58877;25897;34223;33683;65199;11421;10410;39339;58189;22857;25998;44725;25101;51161;25115;40543;52589;27353;35773;56337;20467;57309;66796;48283;65504;17095;58158;20319;33528;58757;22007;15490;64893;63865;18741;27853;63450;38886;51568;58841;63014;38749;64859;52329;47416;31068;40761;22044;29704;38213;11194;15527;28188;14411;12343;13048;58110;49768;11808;11609;63770;44907;47106;13089;61817;42622;20256;16034;61133;50139;52037;46616;27820;48151;15837;41431;31396;33681;10915;35502;16644;38835;40388;36433;61015;13853;43248;39633;25122;65768;54914;16332;58453;14182;14808;22348;59970;59060;33412;52904;43277;62834;41031;40689;47787;47008;45217;30773;21682;42194;54417;47829;12007;26671;38899;58800;30304;34178;63064;29315;33399;21240;66351;38349;22720;30456;45303;58375;25124;24359;56155;44055;24792;42794;60729;37065;34001;55075;45823;45413;46448;55432;39815;29007;39561;58029;55430;60779;61329;34988;64890;46524;30049;65505;19310;20414;52286;10323;19372;59402;23589;30679;63726;13993;18510;21443;42882;39348;26845;11520;30059;63467;13175;34270;34047;27572;62895;64731;37570;59305;63067;33631;33439;54943;37094;35991;44604;60860;25922;26104;37954;26888;16942;57535;12947;25009;47627;25196;45439;52668;19256;18441;15396;28237;49923;43405;33618;56351;21604;27916;13951;59424;50543;39285;10769;20310;47406;64103;40949;51534;47625;65425;59399;36704;30056;27361;44246;16730;60704;32451;43225;41053;17405;24177;41728;26212;10453;26591;32129;35056;18914;46259;66792;36274;34108;36564;40642;18218;32642;31757;25468;22854;21468;62776;18897;40809;17113;45038;49814;57926;42466;55034;48674;13761;63824;53761;33251;27153;64465;23847;43814;21925;25445;19173;51773;34928;14336;53473;58795;44377;63310;32643;22128;47120;56680;20339;56047;60178;32105;45692;32710;14280;32193;42952;23107;27871;22200;46098;22735;56019;45987;61651;35480;16717;13933;55781;50159;38587;64163;34045;52878;10021;39030;43947;14627;46190;66937;33714;26773;60987;31314;49618;19925;31467;31460;38314;47637;65175;43335;23914;23220;49212;51304;14075;20333;53220;26408;10503;58120;49706;40702;33338;48503;32561;58561;20628;58206;66464;41141;54803;48788;49634;13313;18440;54642;43013;16223;15920;64086;53926;35268;11647;12966;60327;38342;13801;26521;25473;65990;21419;25213;31569;52655;23933;27151;34831;43508;41581;64750;55366;49470;24783;33309;50594;51371;59624;19451;49960;25704;27733;62380;10628;56236;28017;14344;29616;36678;37786;20847;56119;30780;39498;15644;34782;39429;48315;23228;52886;11181;12619;10545;43857;18536;49352;41030;32287;58368;18305;63342;24448;61532;64085;57156;52764;22129;31101;20973;51836;46359;54602;10072;30285;48510;52743;33424;11279;26289;52445;44081;27835;48759;43546;55133;64574;43076;33242;17529;19598;41028;11384;52124;64846;34896;35804;54825;56980;59286;12047;57672;55935;15999;15657;48415;55340;56498;26400;51533;13695;57422;18552;34484;58977;32990;26267;50637;21051;21814;36094;34405;65221;54630;53251;41638;26739;57911;64571;14302;52242;12394;50353;65635;37499;55012;55891;66790;46513;15496;23504;57699;44825;14403;66930;62262;51052;48938;12064;21246;35391;50427;63520;20074;37722;39194;43608;11726;49774;24423;28842;43242;28454;16363;38284;29166;57357;31533;59161;20903;28228;64797;46780;24328;31769;43502;66929;57078;53272;20081;66433;60458;24633;45158;15078;49970;41663;57276;26561;38778;28358;58284;47011;34406;60758;61679;58391;63904;16447;32169;46327;18645;45756;34237;34229;30128;49587;51306;41843;10914;19108;44221;29243;17322;62923;34088;66618;43389;14557;46135;49459;64007;32328;53094;41914;47067;35017;28226;35933;40801;32299;60068;51571;13378;65703;48789;66824;18412;65901;66781;18651;36952;12750;27324;32055;49921;34146;42418;30799;49466;48687;13363;46187;37678;24379;32104;16148;65682;57605;50394;60094;48678;24870;25865;56854;21337;20912;25635;24913;64556;14202;22845;54062;30401;53872;49449;29700;47387;60726;56513;11699;57441;29803;40503;46081;45357;37900;42673;48634;65746;11510;22722;56405;10855;43179;66771;21381;14093;24409;35262;40828;21570;17571;63757;40442;31692;51295;47293;25573;21141;15950;42184;55656;13705;50380;18787;13417;10663;29713;55261;15573;41596;58409;13871;37552;58353;27409;37939;12580;36587;19128;44992;22910;27603;42446;14154;55565;33328;66744;23622;44132;16688;24654;16924;63295;19124;26337;51122;29005;62768;14638;18848;48485;57785;53617;48676;28652;46578;21908;51058;14553;51991;44441;50276;18723;18523;18786;13070;26023;62300;61576;42163;39309;57484;45240;13143;41860;57505;58011;13057;20237;20326;29570;29035;31986;25498;16084;34784;39943;48509;57769;15721;44808;22495;64428;65718;17797;28716;64549;65358;53409;57433;49403;66663;49485;60229;61474;58524;12656;37635;30738;13827;18491;56390;50091;49455;56414;33079;27146;51024;44527;61209;63313;61110;44242;55493;41420;22164;55159;26801;23135;49204;66766;37471;12854;14002;25665;55073;13551;61672;34160;24759;66024;65376;48985;43523;13025;54003;27099;24960;34159;26098;53207;60167;48544;61276;22392;62946;13242;17147;56369;18200;50602;10396;50697;62142;28824;12048;43329;34602;20646;19411;64876;19727;52401;12812;64444;30331;30210;14244;39056;47581;56063;20904;16987;47644;11258;20684;52172;50913;21753;19746;18667;32393;48496;14446;50997;65665;48418;30795;53133;33047;48594;47810;63919;44092;42610;29871;15784;21638;22813;43189;13776;21815;43586;33563;55849;53789;49341;37184;22202;53291;28255;14584;62584;65312;57257;19252;60132;23172;42490;31542;46986;39894;14141;45549;55170;61421;52610;16124;11681;15360;23884;27488;46281;43999;57544;55032;36366;57555;53786;19069;35995;59172;45572;46841;41898;38527;26087;42672;11099;59810;31796;28372;46869;26796;41203;17150;40990;44588;38560;45680;14417;12328;36476;14747;23745;34981;57917;59276;25589;61413;40139;54596;25738;14170;45670;36993;16106;50805;26959;15087;31473;64417;60266;29862;58791;18768;58042;25263;46931;26646;63544;54109;46658;24742;51127;13671;28623;48388;45001;25078;34806;60761;20299;10306;24310;22950;24586;61826;46308;43404;18844;40562;45760;39502;52760;47866;61388;20564;23086;28122;34461;45891;41188;29066;54874;27365;49003;46283;37811;57330;66472;31611;44304;23669;36719;60849;18561;29701;65517;37583;41900;32172;55279;14074;20144;23100;22980;42751;63031;53020;42607;37104;53495;27984;16046;52466;42704;50423;41029;58067;42640;17061;52039;65268;26233;29618;49615;24099;31210;65231;25195;33479;34507;17048;51448;20315;52973;45904;48732;63557;32578;19554;28953;18033;29402;50075;54378;57879;41665;51599;63560;33128;55828;49127;41238;23537;18086;60938;16852;26049;13010;54524;32708;64520;54677;30352;55796;20723;62390;64472;54756;16555;31653;12761;10798;60514;18980;48440;22429;51157;56253;18976;23997;56799;45942;36311;20984;13115;32247;54462;44260;32212;11741;54213;30174;45633;18943;14800;44027;22195;37823;17115;41832;12763;66367;58136;48990;43219;36125;35183;54561;14107;20165;17374;29050;34179;58742;32879;49454;41244;48605;35752;41165;57147;47019;40721;28462;63724;59797;43052;28718;28732;31665;27326;61824;23604;51057;59080;48368;52640;42342;35706;20158;10747;40504;27770;60740;60250;19862;31818;21055;15607;50856;33073;64164;46718;43246;45922;12199;32376;28332;61897;17407;29926;46528;36043;34431;28964;46671;18714;12358;62094;43421;33535;43188;57364;50161;66144;29021;28176;23211;29608;10498;23319;13369;38098;22956;41931;19007;61294;45543;37059;63934;27489;32102;22515;37042;23174;15708;30206;32463;22430;49367;22247;12869;30491;30234;53637;39070;20697;42146;29823;10625;46148;59183;36257;33129;62395;52634;33896;42953;63209;10615;45590;60471;59933;35275;61502;26703;44481;51578;20965;11138;50149;65804;41519;64946;39044;64108;26674;40219;55861;63034;17448;42170;35410;66554;58692;66101;52593;28854;12473;37870;64739;12349;17838;65132;56395;27747;45785;39570;17327;55858;56674;14273;43614;10256;15466;61272;10434;61793;53525;37006;24974;49048;49719;60119;27787;33581;46994;18979;23715;39286;25896;47319;63471;43884;48672;29524;57412;36286;53324;51343;50250;64427;55571;16777;24525;63452;45232;53998;31602;62503;33655;47209;42204;56471;60055;49287;22863;48652;44615;60846;37293;63679;39020;49094;56783;37316;29702;24046;60807;63866;18454;12811;61111;27582;26342;21053;22640;49601;30037;13607;23133;56495;46116;42980;59262;59391;44098;61181;44395;28880;60882;13460;21105;39648;12983;23939;11100;58936;25286;51527;17635;40779;64948;58943;13656;21826;45067;20445;11816;54829;25063;58137;25825;12251;66787;53177;38368;13383;32412;18580;37572;61264;45477;58832;66236;59440;48209;57460;55517;26887;66734;61387;33794;33355;10361;25346;33922;38808;38483;15741;17124;55972;36922;29388;64949;60238;30989;58546;62256;29934;12367;63778;48437;65301;31235;47844;18935;53016;25430;44344;59646;13872;55046;49654;59081;31052;65062;57444;34253;29620;56812;21166;33366;26858;50200;27657;21476;45813;17133;44958;52215;32057;62092;15164;46124;27123;18818;20923;45253;64422;46644;15876;62355;34074;52206;53805;47675;64446;25472;28600;15081;57515;62294;52076;26173;58745;66945;31478;33829;59505;46590;29103;46104;49073;16062;26404;16414;22451;23948;17393;16907;35591;59648;22872;10263;32787;48272;48852;33109;24043;58490;30921;23179;46018;15308;25164;66227;54638;62148;46926;65988;38277;54574;29520;30258;37620;49280;37738;59204;58899;46662;20311;58218;20627;18001;33211;61981;52567;43599;13905;30822;33301;44558;62612;15702;58786;42069;22480;59066;29604;62956;65627;41634;50788;58501;64426;22428;50184;21803;16481;47177;52625;62570;14414;55444;16391;52700;50236;23720;56352;23376;10305;49689;17837;52057;31658;60168;15214;25238;11925;49521;62598;51029;59905;39979;14650;40706;43273;55263;10511;41507;50974;10504;15600;46566;36402;58551;36847;34289;23391;17183;41057;54097;63659;53187;39271;54598;11343;43903;39425;32286;49099;11377;23857;25669;59065;31939;30227;64625;32588;53408;46929;16003;30663;52116;50417;35688;32316;12018;58721;55702;47224;59678;22914;36164;33873;48537;24344;59950;28769;32140;48735;47758;13443;64856;34835;42084;63962;30962;12480;29537;56913;43004;66784;63434;49875;14150;38223;51641;28339;50093;38696;58128;47838;58414;34635;23439;55191;39600;39918;59531;55779;60600;29058;30192;12091;38003;33552;22672;30541;63015;58062;56188;39130;45034;33368;10284;38789;12944;31178;25803;35853;51985;52034;41584;52251;52314;41790;35201;48715;14574;45547;13501;63887;29997;52339;18996;54912;51359;50678;24178;42985;46760;18847;21875;53459;54356;15410;60544;13338;31157;13246;57052;62449;58645;28131;43569;48372;47453;34786;24518;25113;26188;50023;20869;14776;30834;19758;18929;50086;31743;37557;52945;63731;58618;14694;30508;54525;52562;58929;59686;61990;40707;58708;42335;47595;44009;23330;37381;29785;40790;47633;35876;35741;24900;46177;41772;24468;29762;64601;62176;12785;23908;11378;16674;33061;25052;33641;54426;23143;52419;35711;64350;65686;42326;29249;19158;56862;29311;21762;64798;11759;12674;58924;40974;54804;64561;24352;38781;11673;43861;15829;32634;21095;46713;64017;48844;50986;14989;66225;31816;44648;13865;41080;10295;48355;64560;43544;21983;53964;37445;32835;50658;20127;39064;33771;62916;52934;23251;24320;65516;57537;66002;13449;43433;36023;48698;26779;63853;19617;51751;35660;10518;40551;65671;59437;13824;15672;65991;23489;29291;42064;55806;54891;24242;65894;20593;57242;13201;32014;26576;43834;18468;12054;13087;14821;47040;19650;16856;51071;14102;24642;38387;38627;60214;40144;34197;51840;16424;40289;14098;35090;30529;42344;65422;13533;37676;19717;55954;45612;29305;59478;52735;52328;37451;44122;50181;25246;22509;17487;47440;60526;37880;41553;33219;48250;16798;16886;31707;16381;10490;41533;15326;51820;37041;11322;60626;11321;25018;55331;32534;43707;34791;43312;48468;45515;41429;46674;19200;15483;45160;20327;57593;56957;14863;34549;57881;36463;66089;55319;31120;56214;38266;39380;10476;26036;54515;44633;25553;29076;35716;64886;20812;33127;16915;28248;47197;24339;57198;53292;61718;26860;13590;17047;20548;15243;51979;53520;12042;35036;19083;19542;34654;34879;29908;10125;57456;21355;45910;51864;10697;59238;32930;45006;24537;49163;26527;12499;40732;42814;45368;61236;26863;65849;28831;59289;19440;45948;23524;35757;58788;58566;35796;54888;31140;52086;38623;22713;60243;13936;13319;35753;18612;60964;34547;39195;62818;33877;24129;62458;35178;44124;61404;50345;11583;60203;63908;43721;51405;54967;20494;38800;58286;42706;31434;15701;27769;55137;11710;62111;33510;41240;15865;49444;43543;59132;28120;16645;32255;64871;46077;39692;24976;49000;45403;61245;23264;41372;56329;43272;39632;29969;33536;14387;23065;19807;31397;15348;50586;43255;14020;48205;62428;18874;12453;54935;59537;30200;26230;45359;30465;56130;48399;59988;34012;45535;60228;36567;66913;34420;64812;53817;59831;31328;24566;53976;28937;61879;57130;26029;27701;53925;17112;49757;52186;36962;27700;58830;37875;48937;28657;27031;52930;60434;31034;45395;13876;30021;13098;51040;22101;44622;50862;44640;43828;10843;35043;36941;50546;42218;43158;50709;56343;54351;41891;45567;32448;37163;30146;59964;65799;50854;22160;61231;54297;14672;47656;14591;10429;57192;13399;62504;36831;38091;18572;57745;21186;41565;57314;29197;51464;16671;33695;54904;60818;49577;33325;64386;19282;51050;51964;46090;66366;30770;25056;19594;39900;29326;30389;57040;53883;32468;29976;42799;64238;66244;15556;61983;35517;44168;45394;16266;19028;23626;46897;41463;14652;27064;26781;55981;14217;27065;41145;39270;10391;51177;22359;62654;10020;24549;20790;37610;41878;60208;62754;55135;42990;22659;23980;17284;37145;44743;16135;19340;16476;16546;47646;64363;29547;51072;44235;41255;52600;19649;25388;48670;20279;20371;65915;45584;20802;66067;22363;13794;51837;56105;60680;37077;17808;51793;40863;13199;27702;45314;24196;34186;24183;11292;45654;45935;57589;44523;26072;51381;47349;18300;32543;54953;55576;46716;64820;65683;21236;27101;55300;60116;32366;43143;39504;15455;62319;63327;60436;11754;13377;59319;33344;43398;35872;66843;62187;52691;10809;19772;17984;11642;64456;30930;23840;18623;38092;23985;28113;44215;35131;62593;65557;55374;29503;25267;19015;66964;17412;42205;11472;22717;50971;29129;32613;50685;64157;37888;35185;59566;12268;60557;54498;32852;41439;59636;46376;22204;22798;12590;29508;48354;49049;19036;25221;40510;56668;13180;27431;25045;54937;54920;55617;18178;36757;20828;17134;62996;33934;22670;38533;58813;60981;12264;54001;22242;22031;37419;60575;61875;57377;65279;58892;65685;29689;48923;51621;19396;35533;24316;36058;58870;56647;63190;31212;32265;19302;17578;12636;30640;11241;33658;36806;62709;60123;30563;29409;32337;38239;14061;61296;33216;48180;24186;44890;54436;23334;23402;61587;47459;56516;60025;52352;50651;53758;47678;32390;30983;27154;43742;40476;32134;54613;29312;22967;62998;22368;32326;19001;60795;57937;31525;33067;12530;41705;49902;32928;55912;45866;66655;29337;64280;59359;57086;16763;30065;34659;27423;60851;34278;60837;14810;37190;39031;49305;46207;54259;21652;33684;64215;49808;66027;65287;38206;17696;16211;14264;24036;65015;50150;27094;41547;13998;25550;39873;51028;28554;27962;20989;20307;64436;34886;42735;24909;62532;28178;24871;40819;22861;41401;20884;13232;45629;46531;33313;10733;12415;18860;48571;56788;11860;29182;40840;53541;43555;31704;14983;48734;45521;62606;50893;39786;13436;43268;55120;65396;44691;31957;47645;45278;49662;12680;65088;59544;63561;17767;40933;53422;24601;48663;13736;43695;29629;34122;65933;55511;19711;65533;51084;61765;28737;11227;34823;44681;57360;30829;10614;65767;61444;49604;14844;19756;20209;49606;33382;24635;49129;14257;49885;21544;23710;20410;37775;14979;38805;33122;24143;22461;51316;20361;16751;18005;28490;13716;34387;63184;32336;62975;52298;26986;13852;29765;49834;52134;34867;58058;52806;24244;24041;47031;52374;34371;61868;37591;11332;16483;66250;10752;39859;17580;10554;66488;58411;31886;53852;64268;39156;58376;53946;19332;12991;22823;16725;20964;49068;65697;34210;39123;48564;17089;59023;44584;10627;35631;64224;17331;55412;24060;33244;37267;31979;23329;28198;36042;59017;30690;48845;55103;39661;38147;52475;61367;31033;51945;39438;54016;48794;62268;57957;22575;12360;10322;18403;44741;37788;44821;58619;41895;47539;63436;13262;58806;41264;15338;47836;28702;51476;58873;20244;20809;13004;12320;63254;54254;30726;22395;58733;57778;61616;44251;18682;21623;35100;25783;43516;44838;22102;38613;57265;39566;23787;53723;26958;28072;64035;50994;16729;43967;35257;20971;33484;24274;45213;55704;32184;29031;64686;55883;52123;25421;36331;30943;61394;66290;11803;36997;23137;52857;10687;49095;47685;28489;38262;60048;37709;60254;33474;40255;19135;53169;16328;16574;12550;32958;15707;31879;62258;39096;16508;16482;55890;22390;45619;45972;58295;47247;29627;15422;14015;26998;49575;42927;17839;61014;66455;63044;40463;46060;46000;22027;41040;62638;15560;39414;18807;24482;15034;55039;28330;46257;59386;61204;64824;10109;30973;22321;33828;17064;19818;36473;26380;17523;45055;52670;46219;60352;33705;21953;14510;29345;41825;49835;43784;15801;59912;33541;33823;43735;38109;56784;20834;45378;48666;28302;64884;45131;32961;54173;39685;60833;22517;35944;26714;25773;32072;58565;20314;12565;62700;64769;48339;45008;45578;64167;14194;27041;66626;65967;19839;45153;65963;44352;25075;58639;45212;13293;19125;54069;63134;54221;13874;26261;40754;62125;41567;62325;43800;57698;23835;46037;32012;31142;12740;32762;40242;17130;49523;17521;27298;26945;16218;12880;37650;34359;65521;62488;39539;60173;50845;46820;49717;17001;34267;59941;26382;15343;14485;41658;24512;29924;65471;19905;41580;65917;15697;47218;39318;22753;42938;54368;63233;21364;16296;35488;59641;64282;29653;21628;54212;61975;15922;65742;23132;12568;23295;27538;33639;15113;22365;24973;20234;21913;55189;19247;32455;50600;53980;37458;57131;60936;58587;21704;11339;25431;65185;41408;50551;31648;30424;38785;48308;61886;38250;25681;35422;55215;62524;13904;56869;34249;28931;41023;66610;38554;45591;25334;63423;28294;31015;40438;28069;34392;48908;65464;21446;58344;16731;17252;60588;28636;61298;17347;60777;39578;13154;66764;59457;17416;63252;60292;65143;54558;50192;38013;23022;44209;16616;40930;11864;25544;60296;47213;25577;43953;47073;13553;31207;19811;24817;62038;41003;47292;44317;29452;19291;60159;57035;54516;49022;34942;24068;28597;56355;65827;24748;42643;52177;26659;61834;21174;53101;27616;18992;46417;17724;39529;33432;49544;27696;40937;39305;27636;47832;52096;61184;44061;22527;47782;53940;47428;13198;39471;20995;30858;38178;66502;61378;28452;57845;51592;27354;50980;48531;34288;32623;58207;34994;39185;43351;35842;55089;33624;64772;64791;51755;22660;10044;41309;57158;59055;16691;29464;52012;65598;39469;52098;53947;28952;59697;50857;43168;34440;58549;34463;19093;12114;29928;21601;50769;33181;12819;31721;14626;41329;35780;15167;18902;59842;10170;47498;24341;10383;65741;61690;41684;54911;51779;54573;35443;41344;53750;64905;58170;27258;41925;42571;35971;35085;61962;44198;35046;37308;15329;36438;64322;54934;57002;30643;51016;21038;21892;44139;30256;60815;15624;42211;45765;65070;21506;52643;48522;49416;11304;17544;11907;56433;34810;12098;23466;21390;32774;40030;24995;24980;16072;39288;22135;50097;39932;58298;41047;62350;32825;58223;60110;19105;15695;56802;22518;20143;16761;55162;57455;38488;12511;53791;54774;38961;61655;33785;13489;49612;12491;13223;44327;11856;53969;14080;13614;50725;51735;30912;57614;14499;46173;46733;58555;16770;28997;42346;52605;43585;28980;35961;46660;64276;16878;50764;22465;47835;22550;66609;57375;23361;65887;55474;47882;11981;12096;45741;19194;13628;59836;27317;51386;54276;22549;26985;22626;22231;50202;39148;42093;13088;18703;37576;44171;40843;33556;41383;25729;59742;10501;51270;64372;48768;26722;57030;41999;14625;53356;37837;57732;39869;59115;41645;34399;58407;45163;20786;34541;36946;39440;30195;21363;22427;59094;64134;11346;55758;52270;66136;27881;63104;52755;43458;29380;49688;15336;30747;27953;45176;16412;54716;56834;28079;55168;33314;56504;60279;65854;50871;32682;39649;60143;37579;62995;49932;49602;13493;25565;50063;30344;52304;33787;63753;31508;56426;53481;61798;27060;16358;33488;39674;39437;45207;20124;54808;15500;27130;62007;33119;58981;57897;30362;53057;48498;16310;14427;35997;44109;42321;63986;60725;39046;48901;43902;18016;23543;61950;27387;16258;43744;40075;35603;35869;57885;66478;41662;56965;13170;57962;54593;18607;36846;31486;56475;43501;21729;53933;27647;23279;14889;66211;26204;37124;61279;56764;48316;24048;19548;66006;10329;53959;62137;57048;39324;34298;23976;60984;51149;49090;46980;31341;56046;27751;27227;51477;42099;10561;14885;20254;22364;42883;43942;43661;22467;29883;52207;42575;58864;40097;48333;17067;46895;24081;36588;34894;12757;22915;22063;30104;11997;18803;44356;58025;14671;36454;49136;37148;14457;45190;39712;13792;20666;55210;29567;41605;12038;51244;34091;45499;33470;47657;53083;34739;11293;13966;38246;22883;46741;60335;16650;20427;61820;22387;43346;44500;43760;39888;66768;15449;36998;18339;39449;38300;44415;11399;53313;33827;10927;26148;17235;36393;28205;11976;10551;45930;38793;43633;53551;12008;64952;54822;13347;46169;44613;37249;22001;28371;51283;40976;33386;61188;65303;62719;20031;43500;13407;13843;39377;15426;38259;26630;25674;62496;19503;26968;30964;65563;16581;28086;15689;15077;10085;46759;62758;15983;16510;56306;10451;13214;63859;15585;11771;40588;52360;40489;65265;33151;44253;31754;63864;52229;40392;54983;59355;54434;51223;12236;13184;19706;46958;46516;23450;26623;43733;12025;34749;54311;23267;62264;10543;15155;30467;66688;29319;53091;37312;52683;15254;53971;19621;36812;56423;19298;35418;24075;16758;63229;43050;38875;11424;29545;37916;42567;35622;18783;20640;56335;25691;45152;49620;18828;30067;47424;63752;13589;64016;37212;62686;51646;51982;35179;48873;60324;36220;33048;18922;25059;45323;28129;11861;63194;58525;32118;33421;26619;25308;18779;57355;66378;39443;12051;19170;39428;55706;25114;38180;26484;32886;23959;44013;65820;52024;61984;63477;16171;15026;41804;44833;28466;40118;52505;63305;62027;59594;15091;23400;10685;10513;65553;44660;38862;24473;17732;47781;19926;54947;54746;18881;31399;22647;28916;11253;26428;11839;50829;21378;17830;61693;55916;15242;51335;24357;64385;61305;24459;41514;48989;52737;46329;40049;11683;41621;41585;40786;25752;17534;27548;55830;38218;49344;49468;60174;41250;56876;35160;51389;12745;52664;58735;60180;20778;48704;13851;26833;12758;25838;62334;20042;54811;11170;62236;46435;53699;11095;34077;37177;14067;11042;54510;40197;13622;55705;54046;54440;62947;61760;55020;44069;55128;43437;54960;63097;42810;25252;35611;62097;19166;10650;36591;20625;32836;55395;60224;17281;15561;54552;32979;54661;13938;62130;29122;15994;36448;59162;61462;55742;51252;45128;30422;21153;29980;40736;16259;46680;32803;31503;56023;17246;53614;38334;22680;54775;42647;22599;29174;21225;34161;54877;50137;59118;42248;39670;49664;20395;43659;38704;55601;41928;14685;61804;53744;35899;52531;39052;41282;37233;66303;54435;33709;61669;20242;18407;22396;50145;50939;42130;50911;18579;54609;51865;26525;48282;42667;31981;14364;43369;57872;23374;30223;20506;15463;54505;27429;44562;53678;30439;39545;63633;27042;62603;49762;19152;18463;14597;63296;61930;40393;45078;60188;64250;54220;42240;45786;36152;33392;19120;33520;56655;52898;53485;59773;52740;63484;36901;26865;48885;34468;32058;49582;64762;40653;62291;34094;31123;45277;20295;32436;58105;30330;65811;34183;66807;61056;60732;57565;15207;60521;43390;20137;21770;10289;54326;13608;57436;31348;45665;59990;47078;47609;60303;29228;29826;23216;24408;24553;48446;22448;60011;15018;33478;52391;11128;33394;12700;54224;39951;45185;30883;40096;26071;36789;21304;18476;28967;24243;43423;63166;36852;52413;62850;61842;47900;34605;20091;46250;37119;56180;39225;48358;25549;25187;27543;11728;47636;21449;17970;23780;43505;29324;15531;21360;39825;10906;43230;27970;51649;28573;22613;66519;34279;24039;59911;45568;13899;52135;39217;63638;57119;41886;25641;36365;58522;36115;26761;11432;29825;23008;57583;23342;22333;23545;16552;64642;19406;16774;46246;26134;16104;40893;65284;11775;31040;53181;16660;37029;33330;11351;23553;60226;47084;44178;18794;57825;58320;36264;31646;28516;24388;20233;23883;50454;18882;26745;39307;17002;40561;55655;66887;22687;53318;59781;31884;16293;20421;39609;30734;33334;15080;39850;15383;40036;21158;12962;41235;27045;12294;19394;54776;66881;53237;33712;25979;47528;52433;44157;55590;32815;45990;51025;58494;64373;36561;28412;20968;45061;54310;60494;26043;25642;50414;30255;28107;25311;14987;18599;16438;32154;35866;33275;56542;29202;58296;51716;19284;19251;49669;24573;33117;53889;63002;48176;41259;33649;53684;32198;38879;37980;64562;35969;42966;49159;20228;17579;32586;40969;45513;18886;45414;16428;13059;24786;62299;23173;56115;56029;39154;37444;44994;24302;27305;41649;12475;31945;18080;51651;23176;24649;15125;52687;66601;60507;58285;33019;64072;43705;61130;61695;20495;15577;34608;26688;23487;28497;14026;36742;20192;38954;30684;55205;29839;58289;62745;56816;41777;52221;55348;11335;44351;57734;56035;25615;25511;27998;19688;55156;64122;33532;56586;28518;18471;24739;41518;32423;54010;27113;66769;46598;15836;21800;36810;54458;63735;20344;19032;26706;64349;43089;32889;64710;50005;12512;17036;50478;42121;45181;34836;23770;19504;30041;49659;25211;24855;33157;12968;65633;46069;27774;20894;39667;27360;34040;62911;32310;66040;28528;47026;41733;36960;49853;31044;58691;29718;61489;54217;23634;41730;38279;46393;24488;24607;41719;15767;44871;58557;22597;38927;24176;37160;29151;27372;53390;19104;58388;34369;66528;22280;27444;11092;12495;41193;33995;23645;25952;62090;49385;41738;21309;55332;20760;21034;43185;29636;38051;63952;33953;54414;23303;17815;19179;20907;26909;50776;45902;11027;21769;17553;51585;46275;36767;19910;29351;39984;22444;64031;35200;40935;55579;22533;31249;16911;34568;60162;51121;39162;10113;66330;37828;14433;22103;31356;59927;44057;29805;34630;44658;46761;64293;59479;34084;19658;59796;36488;57527;51030;61402;44926;23887;32526;44599;16092;53690;48575;25956;46530;55884;38146;47042;37017;57503;42703;45746;64486;43481;40593;62562;50737;39717;13131;23739;36124;34877;13005;13350;46367;15347;43935;65619;29494;24576;39411;14228;10972;43034;10023;15305;27202;24136;47484;29474;41110;62544;47590;54247;19482;49724;21020;38714;34859;17273;62484;41010;20457;44129;18954;56605;23248;63732;25492;27855;29892;26260;46836;17316;13000;66510;22552;10659;43649;39103;51094;51169;35140;64693;18264;56819;12519;38467;20225;43956;58012;55027;16643;43930;29495;49275;17104;35398;46314;29798;56032;56437;46038;27207;33751;37525;43334;60256;55743;56718;58413;60474;52203;35000;15843;28374;60858;17643;63719;45307;47614;49600;13670;12593;58420;65755;15833;64401;11228;36259;10948;39222;26461;40128;49084;30179;15641;55318;32121;44125;64528;37275;24031;39644;45391;10181;55392;20123;18735;30397;56612;52855;64896;29155;21520;26840;32653;19680;12931;49935;45173;52416;34873;40684;45098;13777;39280;36232;30451;46396;36980;28197;28624;38900;55629;46948;47092;41938;13148;30100;21784;49944;57396;18367;42112;42587;42179;31681;59523;38481;10512;39755;32001;52350;44912;54334;17039;31497;26016;12448;15354;17149;51917;66826;57823;28752;27690;20906;15860;57750;46801;61498;55701;27562;25159;22593;50836;63762;47098;46736;31563;24429;57882;35258;42338;38638;47666;11564;45744;66627;46974;19344;26826;60877;47891;55635;55939;48630;24071;65838;22749;51188;12036;62912;32760;22230;25166;64382;51336;26327;35782;38918;24958;54365;23414;15642;65708;18309;19341;23270;46398;39139;24850;10700;54073;16670;14703;29506;34738;13077;29563;57458;55098;22329;58444;31593;38041;37231;44757;54235;27036;65475;23949;56286;23092;58373;42208;44667;11048;35184;34451;51988;52775;66548;34971;61645;11843;51210;19033;41827;32233;48888;55669;30501;46889;61862;10121;33948;21028;13328;54249;41496;19496;31606;35150;59157;63080;55130;66780;39301;61192;35717;52308;33954;17063;41201;58578;44006;50004;45013;42809;38330;36377;53905;50915;64632;30534;15605;45360;41167;46979;54169;32779;42609;26452;33140;30444;10558;38592;21077;41837;47479;19316;27622;55141;60713;43511;56577;53821;19144;59152;33266;51469;41773;32637;65281;39458;38689;45211;15614;51803;53358;14117;22571;50982;40622;64618;56678;35403;18727;48546;33426;47611;39791;24561;43137;12949;11927;51665;17825;23569;57146;66415;53193;61740;11934;29335;64495;31934;37257;53597;22338;46025;53347;37285;45157;42870;38828;19882;17203;43492;30254;25290;46142;26592;23063;53046;22756;36744;36237;10709;31059;59726;38615;22643;39591;31380;26154;25819;26432;24916;31202;61363;45372;33102;24735;51431;10781;48432;48766;60571;11859;10103;52638;39733;36420;58982;27614;33547;27388;65743;33189;41121;17515;37511;55476;18327;21885;13879;37660;50068;63635;44381;26424;54021;61900;38894;24538;60332;40098;11220;41918;42244;15013;41403;42442;23946;38924;48377;36168;30087;61434;39248;25474;56694;36223;48346;51174;55252;40272;59695;64162;10094;60345;54542;36452;36609;59477;33101;65576;56380;53206;36424;62293;39723;19320;22224;49581;22556;30271;51623;21483;47468;60802;55893;52692;25080;45283;27919;64861;20962;36382;12779;34571;49215;36384;54837;47522;26977;18500;18371;66165;20318;65547;49818;58623;19567;34033;61185;15626;18172;24400;43302;57424;19161;13479;45268;41686;20080;66047;38594;63707;33277;50175;53491;39016;40107;31853;49093;43703;36418;16413;62626;27006;25853;53511;25090;18616;66746;51445;33943;11697;19995;27307;44671;28465;51998;41370;46168;34397;60479;38558;22192;57042;17375;40088;62939;49340;17367;15376;64055;45435;51296;63656;53218;50547;16805;54781;65900;34998;20681;41211;14322;48690;16563;42561;56737;22279;16744;31169;65429;14646;20426;50793;42320;20317;25630;19932;58602;47033;62862;49863;33748;26618;14715;66402;12253;26340;22114;64955;25833;49012;22646;44366;36150;15612;36803;29391;42092;31959;62050;17511;52394;62011;57757;16411;39188;58883;32302;51021;26988;32111;45494;16610;62928;17218;25249;41472;27100;45470;32911;48823;14849;64623;17471;35847;40357;42569;15492;54763;66447;44041;28065;37542;55684;46266;35536;32994;38693;36167;22018;23169;38112;60452;17659;21625;27948;46378;27530;66931;56192;35425;64302;15136;19614;38930;59699;11751;37320;32731;27718;19071;23434;60419;30791;19436;46870;65172;34624;49028;51262;43387;57394;28856;65951;19370;27754;61536;17794;31637;36045;32833;13764;24236;21973;64484;45656;65616;10302;36159;38182;31675;31564;60222;12306;15118;31071;28034;19253;34586;52598;62388;57902;18274;16330;25504;58037;41358;44416;11222;66916;13685;19188;59771;49140;46209;56665;42568;56294;30600;44758;43032;63056;41043;30242;14037;26269;11725;24245;23845;42386;36361;58711;22271;41959;14197;36958;31676;32712;32087;27055;50019;58512;35939;20863;35047;21340;10127;62865;50517;61770;52084;50085;10148;53140;28458;38974;54497;45777;30613;62061;64597;14759;43817;50708;18004;64408;36821;52568;48986;66544;22734;35650;22955;13858;13520;10536;39958;59972;20265;40914;45290;12939;31657;50363;16366;21116;19724;19873;37331;24329;42804;32182;66128;66493;51554;11631;60104;62881;65308;23044;42227;32798;63399;59255;33491;10401;14792;37621;46400;65205;40399;32767;11028;32496;39662;54927;19662;31079;54845;63525;17427;36157;59597;64023;17212;22890;31622;27327;52896;14765;23090;60432;43184;20958;19259;37466;36625;32266;33704;23193;60037;59837;24480;10274;45265;44407;33626;17811;49658;49257;42243;47283;29764;37584;42025;52294;58088;37505;36923;39533;11845;50197;52317;10905;26597;51236;56377;28441;65173;47594;31280;63949;16954;43049;30928;25280;22513;66795;50238;54568;43813;22572;53513;45790;51911;15447;56661;46936;61766;50987;31712;45068;26243;29501;58660;51888;26299;27531;19575;65679;33144;65166;53536;35040;55760;32752;47086;52170;66337;40303;43461;38718;24469;34529;58303;42389;48453;28231;11505;65027;41491;19803;23214;65735;23744;50489;20943;65798;31023;17214;51776;66425;45481;28747;63397;56511;27612;34550;62595;31477;21203;65130;13856;23740;62861;53037;20873;11760;30823;17485;17060;52652;10045;47312;19350;34527;50448;21276;55674;65229;62030;62667;63463;63779;40981;17215;59350;27771;21111;61265;40266;58403;61800;31674;43769;28416;28405;36640;62098;54969;37368;13073;46499;34422;13840;39157;36472;61942;56982;36887;18849;30180;29150;14348;14612;10298;64364;45880;17043;46520;45120;21833;52860;10967;32721;30376;47603;20596;12429;37827;28350;33763;34078;35868;44549;60566;38586;43453;47872;13151;13999;52429;34395;32011;62668;52847;24097;20131;52818;38460;45620;20214;32278;54322;26729;49864;38633;53736;37480;36530;18252;57332;19380;16162;61905;33046;59036;16760;28031;27105;23014;43756;25128;63947;62493;26344;11897;66353;32855;30088;59095;38684;54656;19792;39931;59642;30801;28141;44882;15450;39671;44322;51203;11069;10692;12507;53174;54141;26514;45425;28379;12934;58179;59285;64511;51914;40131;51832;52595;23119;24073;34144;43920;11498;53636;36685;41083;40169;32977;45225;37452;59167;40773;46838;47578;23017;66685;59628;63437;28064;30221;31271;24857;59087;38570;51125;27666;39760;65403;51591;56488;58224;34443;47189;52226;14722;63241;60940;11336;47261;32893;20366;59904;61120;15604;23863;29885;23653;46345;13361;54391;18668;59632;42471;29288;60617;25785;57667;33241;41175;51104;43349;39713;56328;49332;43890;49483;58032;37070;21190;28723;37854;52351;27861;30680;64629;54178;25733;21350;44756;64193;31113;37075;30097;14120;42000;33425;36843;31165;13275;29046;26026;27918;41877;57311;52866;55784;22343;18968;15252;52476;38907;61353;40698;39965;57414;45111;63795;51227;13996;39228;63936;26496;53171;17788;59627;34684;26749;47577;48471;27917;46268;36540;43856;14193;62229;66779;64221;57164;25812;50132;12786;47109;17259;35528;57648;63173;24240;63645;37868;11972;58307;50199;34093;30806;65621;38234;41756;58047;10517;37040;21132;47361;37225;12645;56087;62609;46694;15619;43175;21634;39930;25850;26363;30189;12957;34131;52121;61839;39198;35151;47878;50758;38265;58308;12846;27942;60261;21658;16065;19474;64061;23962;64552;18067;27435;16207;27971;34348;66263;65878;19224;18955;32573;58697;27520;26166;33083;48568;52584;29130;62370;23594;48567;11974;44047;41624;52007;18742;44888;13042;16316;37199;40275;35705;56393;27191;18757;40313;53265;26843;56637;13425;57576;34730;13924;29004;16683;50504;59117;47725;27639;47709;28019;28148;12634;45581;24478;37213;49393;19140;33974;64380;62028;27294;40694;42168;40318;42077;13916;24808;66219;23743;64441;42188;30868;56548;27985;13883;50126;26935;60053;52863;60789;56960;52470;60506;48586;32107;13514;61041;61132;54438;55426;24407;15278;22621;28886;43879;24764;26315;18285;47356;47104;43160;33158;41803;19117;13257;20604;54797;26978;10637;33393;16694;23500;26240;19435;18199;42881;34878;17011;23321;15032;16399;53403;37067;30135;21681;24564;54208;34433;52911;51412;15297;24745;23503;50773;10214;63123;16351;44723;27864;49744;59533;20721;46175;53728;20147;32875;23258;23002;11032;44263;51742;12702;47730;53595;40308;24141;53973;29952;16060;23682;14483;55072;11287;13009;46186;65117;55375;63685;10047;18113;28386;19353;18355;13255;55290;63637;14293;53070;59404;53345;45267;13571;55780;50364;41481;56716;44883;46981;11896;48408;21806;38029;49345;28972;10016;63494;17826;51905;18177;17308;10593;65705;32606;65490;34750;46764;49928;66872;24543;56367;56582;35365;39145;66238;10079;50334;43830;16520;55303;24505;43008;33585;64418;42182;62900;53160;24311;12834;16445;10436;24306;59395;39829;26661;37603;22008;53478;27950;46311;32748;55717;23599;62708;62720;54413;13779;54580;38328;12488;65188;24915;40987;30694;43074;21031;15580;19122;63632;25299;64904;20251;59553;52853;53804;19295;57807;52604;56618;58399;17180;53165;38721;57472;43928;39450;53419;44401;47115;47571;27872;64956;38516;61280;41578;49868;41538;29125;44764;66666;25892;36092;33992;31516;59265;22843;23418;57215;26110;54087;35680;62753;52937;41512;18974;31528;52532;32636;21085;20770;44486;47135;40824;46158;19206;18550;47643;53267;21921;54865;28011;61794;33854;52957;53898;45101;61727;49856;43889;32046;60969;52130;30191;10510;65034;65731;46525;26746;50933;21124;15802;34372;20535;60780;52031;23478;19864;53629;57976;58437;27735;59474;18933;19582;34565;51326;15588;10117;22109;63902;58894;41202;48511;59346;16376;18014;35433;29647;34804;27719;35584;19384;47721;52083;30794;37266;17780;57496;31900;45796;57851;49481;40669;39915;57542;40326;39284;54769;63810;21183;47504;22547;64443;63906;46297;32789;60328;19993;43257;20705;48563;38565;37735;45168;20007;14007;54127;43077;35499;60470;41004;58505;40654;30299;21180;31548;24532;34282;35322;29246;22918;11618;15275;54246;19808;53564;56905;61940;35698;36815;56107;29234;54392;49846;54511;64530;44942;52557;29214;38470;16112;42173;53415;15603;36905;52266;55436;35299;10440;58122;22433;28946;64619;12982;15130;66413;49364;47370;36038;57430;34485;56671;55793;46204;31651;58893;42269;62914;60738;66724;59667;32560;39746;56142;42902;11411;33186;30319;23335;53368;42693;18583;39258;60605;18349;53619;16994;26114;23671;22786;51564;62317;16286;56446;51804;44400;22589;55456;29677;58542;36060;66557;63990;37927;58988;28297;35111;18250;56468;52043;29544;38366;33354;44449;21991;16529;30341;65897;17254;44951;15035;55747;24502;61207;41907;21982;25525;11120;22875;23362;12324;45870;39845;62442;50736;61551;21414;55463;21546;56041;60498;43318;37051;60909;25814;33303;59450;51345;61726;32242;43488;11796;36502;47547;49271;58666;43467;46651;15759;66962;11165;17829;12653;14818;55708;31154;50104;25144;25490;34119;60676;25044;59961;60422;60480;49432;39922;55116;30413;15108;12516;58227;30046;47497;32800;25941;66215;17410;51940;19303;38221;44669;47619;26528;66210;39923;23535;24281;38015;42986;55604;41422;23684;20810;42189;16680;62129;19930;51928;66514;32638;33159;27226;48917;50349;43648;50445;59768;66967;49870;29386;25174;33777;22971;65986;16904;37380;32524;21968;50008;25950;65449;43854;39396;23907;58836;60990;64910;56280;27580;31510;24729;63589;26598;51290;59397;49360;20926;26625;41660;59538;62522;36203;64572;26696;12361;13539;28858;45698;62979;58754;18867;35248;57239;63181;25849;51166;61247;27830;17371;33701;31377;44559;12650;49633;16127;28938;50100;26167;58134;57376;41762;34447;52211;48454;22457;33466;15686;19645;45476;37414;43128;11722;59783;36227;54346;37201;60683;26596;52437;58612;24926;50219;10705;38441;21326;64404;25304;30625;28942;24180;44930;40660;19010;61694;66711;57159;47720;42595;29777;13921;50583;26462;64312;59542;27208;53754;46973;63592;27821;46021;32790;38410;22104;21432;26891;40365;46984;39094;10198;19907;60661;42879;50302;11928;30596;49474;26495;45422;29664;27238;26048;58372;44800;19162;46478;58113;19138;62155;29657;12672;32324;52654;23998;49913;48363;25163;51238;38181;57295;28283;11207;46115;57636;50670;32919;33472;50209;64105;58847;44881;33370;22841;41535;29161;32234;36661;44266;37310;25740;13219;41247;13496;41597;41035;25519;43559;14912;14469;39365;60007;26712;52000;19183;14709;39558;64868;12845;36836;66142;31410;14664;25711;51995;22787;46286;52950;44931;59352;11867;21975;39501;39418;55687;48298;56830;11203;13564;30028;66390;64839;44694;44200;65678;34100;30347;31532;54887;42256;33365;51017;26441;55718;36611;24064;28114;43430;56230;47410;20524;56540;35627;16788;62210;37117;32062;27486;57857;41327;39272;59659;34790;36156;26493;55766;13576;61428;52963;49556;55443;22090;59310;57056;61036;28010;39323;38031;60591;22524;45050;47827;21635;25404;26803;66467;20826;50698;61222;52334;42223;13349;59431;51276;63625;40334;35194;52465;31579;66723;36756;50249;35146;63603;16005;22416;61859;34801;25546;43876;37911;28209;34926;10484;55937;15106;33573;57354;52102;36210;41875;51418;16489;46252;47778;46383;16198;26467;44088;45054;22904;35298;36546;53957;46552;24364;29362;22016;29624;38036;30110;59064;61952;53033;36462;48848;14157;44333;46553;40281;40690;34366;48662;34910;54075;45016;27535;25386;54644;14756;32434;29339;54652;27116;13772;62757;27936;59522;60360;24072;35809;61736;35172;35032;53496;18669;66034;37917;37693;46692;55247;40319;59818;32380;22351;36795;44025;53466;55472;33177;15342;62513;42178;28665;57369;10245;21977;49576;41775;62144;42853;22632;21249;20363;23441;51185;16031;18003;33358;31077;63454;56407;41492;48603;54020;11627;12401;28051;50000;30296;53023;44276;11386;41427;35634;33942;44753;66755;26901;35814;27328;41142;11791;29916;13034;51881;50846;65641;13878;54054;11809;17049;23427;40112;37995;25189;61486;65950;37321;51970;28780;34853;13800;43103;50331;12699;25676;42829;33957;33263;28409;56016;23106;29419;65932;25058;59270;65640;50841;41320;29875;46456;15881;49303;64116;64819;13402;54255;15484;21588;51577;25149;51489;44746;36435;16882;21380;13867;58986;62467;55567;52179;40389;28443;11385;18762;65360;54425;37681;13499;10579;18749;61937;57470;27926;52523;41523;53709;26431;46599;66088;49988;18753;41776;40089;63418;26543;48559;54658;50900;33050;20583;43376;62880;51619;20779;14971;55289;30838;13220;64695;26179;41058;44498;26580;18414;32070;28560;28144;41375;19715;34680;36940;50213;48295;11513;31491;18311;33035;28407;19307;61779;63357;38691;13104;26897;14434;34811;43352;13437;61070;26294;47415;11394;59540;27512;66003;15480;64218;17414;52085;31293;19759;55947;39541;57835;35704;39107;26645;14016;51429;47766;18341;61600;56758;10456;27414;22372;39350;47512;66102;20555;41066;18446;39966;21697;64734;39316;60278;44983;50306;29478;25487;32699;30688;64725;37615;60093;50700;46511;58076;50024;51859;47016;21403;19633;36325;62545;21498;28679;61091;24795;23265;60265;51600;22811;35759;34795;15740;33175;51740;53871;14079;43896;57967;62287;49568;19652;15618;46827;60954;43294;50581;61500;58908;14882;66572;51683;64788;46319;49663;37586;32064;19100;45573;12364;65252;61182;38692;31719;31389;34202;34611;49379;63857;43892;52822;33889;31710;12534;31144;55234;50828;41222;32954;18528;31413;57607;19605;54286;60310;42397;42235;61595;13956;25775;45121;64176;55358;39402;41901;64525;33653;34296;36005;59791;45753;43869;64825;33529;50441;27635;14512;46036;28219;29998;66966;34114;29948;33410;55805;53764;50393;58530;41318;49874;13678;47816;39953;37981;43811;12723;30024;45398;65716;48373;34349;55787;21088;58358;39184;16467;58651;40633;58350;16558;11136;57779;10902;35127;22957;60113;56153;53537;19709;36266;55029;34941;33760;12031;60989;60757;24546;32314;20073;22960;64258;45183;10516;66553;40729;21475;29548;33989;10433;10293;20671;48359;25453;18903;42740;64119;58182;18159;34004;15628;42605;57259;52839;18945;52486;39209;54585;24918;40494;22504;12045;10766;45045;64033;31205;57201;64352;25581;28192;57751;40312;43023;58838;52278;59564;63907;14883;25698;62766;35824;35082;14843;41014;18302;23955;33567;39169;40177;26624;33225;21440;53215;34373;49198;19980;22162;27904;21231;26037;55173;61802;49107;18565;65076;48281;45632;10583;45332;20516;45816;43541;46307;49561;63003;31258;59113;20639;56170;43110;20231;12230;44832;38910;63694;22733;27576;62571;50652;22010;24752;48203;26034;35567;32086;38201;56769;31294;34604;49909;18622;51467;51232;29176;41164;44245;25215;63027;61210;46094;58683;35813;48805;52793;21396;65207;51481;43771;14319;43044;19902;54239;38581;57900;27237;30808;13463;47335;20700;50449;16580;42107;44727;33200;11919;40770;23067;10172;48169;40404;58528;18924;38577;54160;40120;45896;55434;14798;54306;14299;23241;53584;54223;63145;53363;31647;19998;41343;61366;65802;58294;45319;55896;32462;21950;64039;27286;38497;63997;36187;46537;26193;28695;24179;43451;56018;53307;19984;47724;49457;35501;29399;66709;18721;28708;62022;42684;28184;24193;65145;16632;19934;47223;34913;62034;53362;13746;18816;44090;20800;42844;57317;15528;63099;15404;35231;51341;48705;44836;42440;24690;33551;23698;25013;63620;32037;58713;43295;66955;46859;55596;54079;21524;57971;25688;32522;32538;22777;54833;40800;58154;38989;43355;38301;18921;46111;19573;29584;17175;39622;43298;24351;49264;31842;28832;28835;58092;23455;35863;13481;31650;50723;42890;42145;34848;13846;57033;59154;35743;15244;24403;42428;49613;20301;63383;27410;54876;23945;18767;41237;63549;16254;58583;62196;40627;27523;43934;52067;24821;63510;40382;63755;19089;57345;21369;33812;33417;21457;41055;17680;64225;49272;54227;24819;44353;18026;13563;62877;65191;44062;21422;31521;30402;32670;14997;27922;35335;56215;26187;63700;14372;25510;29850;27289;34959;62202;15458;58343;41280;61717;53777;60193;57325;62841;43068;29032;27218;60937;57168;54344;22881;36927;57437;61560;36184;44837;21237;65787;63309;17656;32030;30466;34830;48529;17814;50750;40621;18763;49254;50827;21792;40555;42847;20545;18832;22268;10052;35803;44818;19431;62270;52540;65803;43622;64357;14833;35470;51497;21568;26291;33209;65829;12659;62608;52786;14343;41381;14420;34837;11462;12297;41325;20087;66184;40011;47071;52125;52017;51435;66237;66418;50384;37949;21530;11329;37536;14395;52111;62381;62044;52674;16718;46729;11300;43422;26095;52153;62185;58070;57664;18746;20679;20519;33976;15750;56451;39959;12392;65305;28058;32078;19107;33449;31520;44650;66690;37605;55564;29923;37024;31612;25905;33848;33750;10982;41098;27540;44001;15139;46753;36884;39639;23736;61579;21766;39917;60973;52606;15180;40093;53756;44639;36859;47513;33143;23377;34610;43061;63966;42127;30298;18064;57716;38641;40202;42063;27491;45024;10690;11187;63785;22112;23128;41084;22477;20095;46240;18297;37279;44947;33420;44608;15031;45302;35369;29857;13850;34360;49417;54717;21715;61960;10983;42176;10405;54347;32115;16829;41081;63802;54126;51926;40034;37334;11601;17806;11045;59239;64833;22382;51960;46999;31662;43757;25321;42554;40918;56815;49861;24605;63009;47849;64958;36068;10321;44058;58507;14618;39623;32149;13605;27841;13611;13964;35188;60373;51430;25777;63529;62847;26925;36632;64040;10944;48786;49968;53935;46075;46167;63074;14623;38378;31631;25780;51718;66740;49686;28914;14858;24235;66037;13886;20324;34798;43156;38929;43303;50443;18995;46433;25646;38986;64810;25148;56073;38261;15961;41889;48306;57714;47701;22763;28756;34937;24897;24578;48680;26807;33677;53373;42671;10057;19779;40355;57696;20386;11592;63207;11444;54060;28947;18854;26562;23994;50130;57161;12754;47830;65650;34597;31191;30634;34328;40550;61948;20340;26727;52741;36935;16557;14611;39293;64917;48804;42148;15004;20610;17260;60643;13229;46370;56469;14565;63077;64391;29493;32905;21193;60493;65084;18540;38866;56536;36953;65399;23958;23862;55952;29576;40134;20866;39585;46084;14893;26557;30458;33021;16402;30431;66203;46351;63736;42805;10534;14265;38117;22058;51217;44761;66527;61019;51328;17555;36942;63224;21761;22345;35489;44541;45273;13412;36512;25584;56465;19352;24045;23742;16728;16064;47384;53035;57421;66248;62549;55852;66893;24626;45108;44133;28923;18381;51395;12604;56058;19008;11185;17296;16117;29983;53107;64930;58744;60828;28730;18344;50719;56449;41475;58974;58954;54922;43434;38294;30012;34509;63727;21764;45498;54423;13260;35965;47426;44421;31122;22529;56650;35359;13701;13356;17569;32100;20264;49461;43905;39699;24083;20162;27682;36558;20044;45408;62422;64127;35042;54269;13120;11193;45980;66207;43036;62476;10071;12756;31385;38863;28319;43178;18224;22223;52112;33607;20278;10564;60017;66949;61584;43104;56428;60576;56441;38461;25778;30278;30001;63925;10949;12461;43473;63639;60900;51848;44556;62254;19691;42501;48160;54894;30857;56608;36823;60247;17406;16896;56064;38815;65220;65436;21445;32379;16496;51572;23608;37538;31149;39800;19802;40456;40944;41195;42295;34945;13635;65311;56093;41419;60158;50874;42623;66132;28533;56120;59567;65580;51775;25458;66651;14726;29943;25779;30597;38417;40896;54549;62623;63847;14267;23352;52504;17535;12325;16511;51216;24451;65788;22011;46912;25869;61333;40338;25051;32338;54964;57640;27848;49851;36407;34190;31063;13480;49296;36155;20182;58689;26443;37453;29645;66927;23730;36654;25488;65760;21679;28161;27749;47231;56760;34462;17678;53472;48969;15793;19465;54771;42377;62596;27300;24773;11330;38061;66031;64735;13707;55069;48613;16085;62859;61912;16333;35162;58054;37777;18409;41338;19470;32786;28507;32813;11798;13132;19849;30756;30521;55799;11719;36913;55482;24899;59451;24674;29200;64286;66172;34821;23924;25916;14095;44623;47477;19541;16011;44831;22911;31724;46454;49700;48904;65318;59514;51042;58084;22100;47401;33190;16416;56136;32108;24317;26707;14419;64608;58184;23673;28897;43239;42129;52299;40344;61254;17228;31498;25081;34598;56951;28352;50733;63534;29470;19697;53226;43309;63071;22788;37501;25285;11770;17404;58360;31049;19537;59213;25416;49323;12781;51214;49290;16848;42264;40170;18912;53842;42327;46714;28333;19788;58387;48428;31571;35312;47083;56241;54430;45012;40552;19641;40610;64998;65669;35472;43012;44451;30566;33635;22916;51079;15230;14180;42874;34670;35628;65478;27185;18277;12687;56420;35601;51720;25030;39215;52972;51743;36597;45284;27350;25239;44601;48499;42912;39290;25471;25705;30748;60735;37807;46769;60553;34924;15925;64815;43310;10014;56750;56240;16593;22425;45015;53044;15216;24828;40176;61338;48465;40553;53288;14223;43441;12441;44915;55100;49889;13828;32622;22318;45627;54608;52311;45452;27676;50540;28894;11065;66839;63648;24273;15671;49680;40750;38621;36175;40544;58165;49169;23512;15293;55199;28515;54119;29697;32113;60421;65136;23481;30263;32170;11019;47417;45205;15201;42592;30019;37061;20650;58116;21865;28135;41831;28311;24533;23721;13769;40025;43553;43654;35401;64464;34601;12930;32027;11895;52781;32453;43415;66179;53114;53437;65846;30536;32021;11832;46458;36285;28811;58503;30428;63023;10126;56897;56300;58599;48574;13204;35395;36320;18139;61999;38225;65329;35799;22906;13502;21714;46096;20748;37853;56103;59336;11140;37690;33042;22521;58556;32523;38119;14676;22707;50474;32667;22052;33511;53956;12872;52585;40215;60225;48588;60058;19087;27466;65654;16470;48644;16890;48369;43560;36372;60793;66266;65294;63636;53476;42050;40205;27462;66706;26665;30887;12493;43862;57027;35496;47875;29061;57526;26861;39854;59287;51314;53577;13320;13051;16322;59179;66177;52223;14401;45647;15863;60258;45370;19677;14359;37263;41763;38429;23175;47811;24363;20079;31765;54882;10143;34783;16143;30290;56174;61475;18423;25053;46953;24668;28247;16122;12971;20035;53392;52725;35709;56569;31927;60272;54976;64345;22233;29932;24592;65374;49903;62198;31626;48181;19208;35636;66262;29640;35481;58319;48719;22050;35164;10562;45872;43088;60773;49622;54175;50429;50699;50925;57485;37858;48217;25879;57122;20677;23575;53829;23012;21017;22353;16454;64457;15379;11871;51963;55518;63098;42968;43282;34869;40724;32119;35385;29355;41579;22171;17377;20738;65042;55060;35802;51777;28035;52033;60008;51424;60840;36088;41713;57170;56472;38584;42778;15815;37463;14865;63942;34325;44654;61934;34098;16244;64026;43825;22373;17102;17457;13884;57416;34779;14200;62546;10196;63586;33692;26102;55907;42730;22281;52264;37685;29730;40885;63219;15036;47635;60914;28324;39363;18855;22277;65502;51463;55492;24270;26526;62204;30013;33111;20600;57089;48269;55160;62937;47418;20128;25689;45737;21750;53179;65239;64681;62259;59329;18147;26670;19967;45000;37018;32810;21702;45778;43901;27210;46545;45072;11086;54754;19787;47141;43786;17434;41469;41751;37434;30204;25939;63486;11694;26353;36459;32060;27804;56339;26211;46792;63546;41706;27091;20004;35081;42167;24720;61164;25835;25554;35521;40376;43259;34587;11064;14096;60753;54728;27819;14163;21739;32301;12256;20589;51980;57741;37719;19218;15280;15850;11542;13558;33166;65700;35202;48349;58021;65334;25611;25592;42884;37046;31636;26141;48442;18744;38881;60289;60746;23431;18148;49141;16430;30339;23667;61484;50955;50948;38176;48438;29543;23675;36970;20887;15402;25991;57154;13297;10176;37423;59996;23010;28421;44712;31775;40688;44583;60658;14464;49778;56289;20651;52241;54528;65845;44810;11500;55405;36231;62858;43226;41051;47435;29333;50671;57728;54538;37555;12738;33776;14784;26695;27993;38709;14706;54721;61825;40906;28970;13092;58470;66222;58680;12655;24261;31262;51700;24181;61002;55645;35165;23073;39867;38011;60235;23714;25207;55756;51579;42972;60489;20103;28364;48645;22850;30437;41989;47482;60134;18240;38247;26090;54258;42332;47172;62021;57469;48825;66532;61852;53270;49786;24911;53262;20620;12759;18653;50310;24620;11587;33780;65514;23396;16462;18353;12514;26032;57651;15680;17822;34787;23505;57980;52738;16173;62648;43217;36398;39237;23208;16669;49498;52645;38059;14283;64933;22064;18194;53130;32764;16975;45806;58365;43029;45779;17424;63063;59989;30284;29027;30875;16562;46236;44744;57611;23888;43149;22500;64476;38635;16813;56252;44822;16883;19109;61157;25225;47377;29138;50614;18553;30159;66061;15819;39138;47112;20461;51762;49113;12496;43715;31286;16465;57300;33441;14122;39573;17799;12744;51990;15731;50660;58603;60139;39446;43571;31234;30005;52225;55544;15967;59665;10722;36541;17754;26177;29219;45139;21804;44240;37230;21372;60503;57218;20229;18268;32208;31629;19704;12508;63171;58590;41351;65384;25103;23055;61716;21590;30070;42766;63849;30395;44673;18401;56408;34316;13675;64294;29967;34819;42298;26569;26635;26281;11199;11459;30209;46453;64688;26908;55582;53504;21325;26700;32089;11866;46431;39691;38489;30139;32409;10660;25859;47190;63705;13161;66607;18354;44515;58445;50129;10891;17024;60675;39196;55573;40778;26094;41374;61249;25438;57392;10743;51801;56494;39311;17295;27860;56316;32963;43996;28745;25538;18570;45486;58361;59618;57401;16471;12094;21895;18298;35957;40606;53527;30956;52027;14905;65632;54280;46709;39728;24331;66398;56877;41478;47515;49405;28264;37229;59177;52343;27203;62158;22300;13306;58761;37857;57880;16696;58567;56509;13256;27556;61593;35152;19464;39597;30235;63282;11175;17189;25954;51927;52316;28921;40145;24142;32365;36801;55090;33284;33041;23006;41366;42992;23260;19842;25481;29417;20618;57946;32026;14507;53069;12249;42199;29546;63820;55126;58859;19231;40745;44323;65340;48245;10827;22211;32499;36870;45649;39968;44887;58972;14526;15520;20167;62901;58201;44435;56065;31983;27951;12310;46485;61137;41700;57462;29172;36387;22354;50152;41539;11639;63939;21789;62312;40871;40127;40309;44693;14300;32323;28233;44561;15977;54114;53167;33527;16554;51446;63899;28124;23723;66754;48152;48311;33463;46352;45914;42185;21242;44167;58155;24208;10898;50207;35538;46949;17286;13503;16707;16845;20939;50229;18393;25972;34588;41257;23841;43509;58270;49741;35492;57737;31109;18473;17557;61433;25354;54093;50506;59082;53656;46274;58621;22744;21412;49312;14723;59580;19202;53950;15856;10693;56973;28388;23205;36765;39060;60684;59425;49685;38767;15096;39871;46670;10591;47803;21218;30745;22880;34711;30902;39106;24061;13101;37560;64136;14137;39136;39886;37633;54132;39014;47035;45719;61285;29180;10750;30099;23514;42015;44043;45674;23771;19446;57870;48425;14916;36176;44934;66199;28603;30027;30539;33423;49088;44488;47502;44574;43728;32424;18691;36109;20635;22747;55889;15974;11801;16203;20391;37364;64575;55406;34723;14921;13643;22901;49617;24928;48782;48824;59816;50668;20288;55379;27274;52074;41737;26758;35840;47331;59770;24471;64037;29895;43839;36544;49974;12434;53563;26133;14950;23874;60872;25612;30248;27789;66474;43494;43234;30830;12335;26965;29179;51287;15168;10996;57221;59420;44105;59704;64051;38865;40805;43410;51650;15518;39893;66495;46140;49831;49020;60095;62960;57713;31069;40230;12476;56100;59458;56413;16387;14210;40953;25095;30429;41118;37283;51093;13586;56544;54472;50571;54250;26788;66268;30173;25426;59992;48955;22161;51921;19966;43628;44224;63748;58928;37497;14710;22287;57312;27999;57294;61175;27624;46068;52410;57610;22592;30716;45675;33798;54405;11781;25152;46813;55522;46348;25975;45097;63326;46541;28883;32785;39828;65877;49737;31241;37278;63612;60530;33837;66220;27068;54547;52538;31923;62747;49881;47548;22655;56922;22055;58715;16263;52914;24096;58482;64229;50866;29955;41223;24534;50404;19612;25378;23661;19018;24428;34794;43775;55196;24161;39763;37235;23895;52569;56161;32558;54835;30472;26637;57145;57918;14918;32657;12539;51266;48327;31297;39698;64927;49398;10849;56040;32186;56123;56570;65317;52979;63571;22081;52684;33507;10973;46602;10166;42760;25902;46316;57074;22541;40545;34947;63500;49166;20125;47557;11707;31801;39417;61220;58203;65325;42337;49503;28177;49964;19479;54979;51876;57928;32495;53843;14624;61415;62255;66659;15382;55167;14717;27515;62197;58563;31357;52707;43865;30936;56482;58342;46210;27344;41071;63835;50595;45245;19985;28001;64130;37988;28836;46902;18335;41369;51137;35695;17358;24009;55324;28988;49308;58964;51092;40581;40335;19046;24418;60924;61031;60825;37926;17800;38329;21470;31143;16697;34351;21318;62784;31938;29331;30901;58591;57826;62069;40002;55676;12615;31375;60532;48381;53920;14312;52026;34962;30502;15852;28724;49311;66545;52801;52054;40284;18273;38331;47476;32180;19020;63332;53109;50338;30535;31609;33543;17298;40178;64521;24852;64246;28954;64990;31057;16380;27329;35598;29369;43610;38688;63234;55187;34138;60124;65156;18941;25219;60488;52029;60437;35619;63530;19924;40149;56491;42455;45594;59296;51887;23559;51168;65677;11786;22536;18462;44567;66515;25482;16222;13763;52461;28073;36360;13812;18025;66933;64118;14739;43271;52500;28726;46795;29123;53276;26164;32416;52757;32751;56892;29519;25042;39399;29449;23266;49668;53380;19447;13937;11130;17513;57775;54572;62389;65454;17563;64899;11410;24082;66834;25820;14462;30881;62151;15770;41311;32727;40488;55685;25628;25815;57862;39964;60151;28213;28792;48907;50745;55269;30641;24169;22172;57178;24034;30712;44634;19744;21850;45915;13096;65390;41554;52566;29901;13018;15883;13095;36403;45369;38915;38153;55911;10654;60719;51300;63804;62977;38155;58817;45667;15728;10907;28357;61331;61787;13813;60059;18251;19442;64687;57417;65908;42086;36865;61196;62621;44312;47461;49529;65626;20397;59436;10895;29992;33747;12933;19110;43758;63872;27766;23456;61206;46535;58889;26370;52921;39172;32820;24445;62240;37276;25818;36659;53176;18590;49165;28855;43891;10651;41471;64318;14123;11362;43100;18408;33726;33413;22864;28246;12610;15279;62296;54523;29476;37262;32817;19289;47301;30851;46790;27389;40753;25375;34115;35506;50774;37994;48702;11454;12652;49984;35797;54590;63093;15397;61882;38457;47526;54859;63602;24024;40448;37033;24174;15055;55101;10816;57858;15687;31544;32308;64510;63564;45380;46700;18304;43740;63060;49785;53945;39415;66018;36437;41479;13980;58730;40156;60244;29733;43211;63652;45909;52909;53295;38115;38980;32718;43994;58966;16277;21773;19613;54131;43114;40484;59344;40521;48830;66157;31055;23746;62769;46251;31306;31963;25677;41392;46489;56884;46628;31831;26777;21811;48784;44194;38245;50837;66174;42659;45673;52773;12737;46942;16012;12438;30552;63668;37825;59909;58898;45878;19751;56267;48291;16565;23158;28012;61456;38750;20354;66239;44309;26628;13513;37388;47090;30693;50738;45928;61563;54123;66564;45203;41221;22328;53705;13158;62625;52596;30651;59677;41486;18083;37121;46640;40035;62827;62941;27173;41279;34071;40658;52723;12241;12842;46309;26996;13022;13258;14203;24122;40540;32934;42878;13778;43069;33545;31432;17370;23880;64913;47704;20500;48197;66533;65036;27810;45506;27448;44715;22053;23493;42886;50965;63000;57731;39381;15331;21515;57018;35587;59465;37011;64611;51063;36489;47754;53007;17584;36653;39520;26276;66946;62363;11734;62774;39631;14705;66282;48507;30616;25340;48392;26194;44154;12011;59146;52546;36693;48803;40133;43600;48419;25169;12925;14152;43464;39668;20947;62602;50003;14258;38654;28157;60402;35059;65652;11174;53185;53701;57622;37998;15942;66384;10420;35446;45850;21898;38650;62339;30435;50022;52508;30076;12771;39555;52544;60889;21671;58196;28171;24688;22276;58942;43883;40813;15047;21716;10105;50325;37307;52381;34177;20835;12876;13475;18467;62629;27288;12309;27306;12124;24027;62172;33702;54170;32361;58260;13818;40656;34243;22083;36033;38931;50283;16908;10993;39283;64000;21169;35620;50436;65645;62731;49154;46728;37930;13045;51171;26652;62523;56332;55414;31824;17364;10762;66471;16897;65591;65881;32626;36260;57838;16053;26420;14269;52989;27341;33031;64371;65558;49030;44924;54009;65223;63799;17494;46752;40346;59631;27052;10250;37662;40114;53596;34580;27713;40757;29475;15733;46935;58299;56606;56530;24708;56803;63210;63321;63183;52845;27665;58533;60072;32400;53228;22273;17475;62362;38338;10754;42922;32203;17168;30865;42596;37045;38005;53809;11499;61513;39987;53310;56116;50128;42201;49036;43904;29256;13639;55260;44962;58593;66071;53148;25754;46062;66158;51688;19535;65615;23358;60711;47153;66753;11996;60911;38302;24202;60604;13630;56523;65114;21332;14845;29141;18564;25328;44545;31350;22227;53730;58466;58188;48161;27264;36604;48232;52053;43129;38400;37657;46402;20268;19422;45347;21632;62779;17164;54884;45986;63225;35079;62662;63844;42140;46242;65546;43686;37224;20891;52269;30825;20434;58529;54082;41466;56360;38165;14478;62978;60109;57921;28772;35583;50771;62276;54860;39554;47632;31588;43619;61947;25161;64048;60631;16450;58670;37268;27590;52609;43041;20649;39098;12583;49292;52129;42431;48748;16625;53570;51853;41746;35375;54487;26641;39166;12409;50079;44314;17297;30831;20156;41648;53658;40713;35028;37299;36639;17994;57352;40947;36304;59126;57402;57051;22040;37608;25722;43240;28393;50936;19585;24089;54853;56924;43990;38276;55681;61449;59151;43908;47452;62835;61713;27383;33801;51318;14314;35384;28830;52534;31206;49636;24155;58515;47680;13172;43777;53381;61335;26003;43952;56956;48234;43847;25073;50037;31899;33855;16619;25446;35136;23026;39043;48728;39053;12770;50215;46087;37789;50147;31668;15666;38272;23858;38797;35856;41711;15841;65039;20384;49919;61936;29522;17207;31857;22154;15988;61308;33004;66073;65556;26099;47486;32555;41391;25868;19038;40495;35585;32847;52705;26916;33669;33331;61046;29646;66284;49233;45700;56853;20171;26682;57271;62065;20716;64754;44187;44232;60540;52885;56845;40436;30117;10493;58640;59205;47562;42863;16323;63239;32313;30471;40527;42374;61867;14620;42502;47831;36638;48717;41079;15085;18426;23729;12899;13380;29173;14994;25102;57434;33171;53082;32861;42150;22332;23351;36663;25768;46762;45662;43486;63698;42485;57702;52789;53565;14640;22896;24941;20114;39075;65045;47677;66355;23494;48384;41974;34105;56979;24728;64433;45677;33062;15905;37805;20655;56515;61007;58882;64449;36984;37706;57399;47457;27463;65258;43111;21393;29136;59976;40511;44891;64383;22225;15429;34576;27818;26650;25425;10681;46490;66352;21827;32375;34330;25262;61177;50650;40651;28300;10049;35732;42633;53079;32600;48899;49100;59660;34564;56229;58606;33599;65043;51866;15178;30307;40764;37645;44419;49063;42700;21822;60533;52542;59608;37297;57189;15346;49126;31168;65157;40649;49578;29621;29707;46632;57427;31589;47667;43691;51365;22846;25607;20005;60490;47801;12366;42644;66889;40157;47727;25583;13550;15911;54506;47322;36229;11492;50532;53869;11687;64185;16572;43681;17492;60464;21222;62124;22142;31081;19685;43909;59187;26675;10252;39748;31916;49294;23637;44984;30893;66915;42892;21512;48336;55542;23909;55874;38327;14944;64959;37440;50387;43037;42695;53146;65916;50786;59741;19467;27351;42160;65498;13835;30814;15152;22808;20502;44737;37491;38177;16985;36346;47228;24661;41505;59762;24044;20888;46855;29271;43924;61748;18165;52080;59690;23695;34322;63661;11096;64377;45316;20106;42930;47276;46577;33163;65000;41556;17292;30692;15866;44793;13932;14165;39091;24949;65345;42234;27646;51307;52899;19637;56991;22234;54428;43946;55887;49917;43874;10097;41213;66408;20941;23062;23269;49702;27992;55079;57229;11117;22616;21173;64617;33560;12707;33419;19211;32438;54866;66051;32053;62406;18128;47146;34899;10443;29017;13118;40963;13013;37979;62611;11157;43535;49631;53034;18131;33231;60416;58909;36396;14560;26190;22243;13451;54817;13627;16081;12553;41952;20498;63206;19299;16711;38906;11460;33112;61908;14549;56887;55876;31051;48915;20100;63421;61364;12777;54504;53700;49825;25088;29294;59808;53417;37411;48260;40743;46004;43353;29112;40616;53244;14797;52412;44708;20961;31326;31254;44906;27685;17725;36253;53039;25802;15128;60399;59442;36012;15877;46295;28562;36371;58366;55008;58304;11746;59589;32482;63916;50993;34412;17386;28007;48895;20184;22367;49135;37167;53994;36103;49353;16675;56728;46373;31568;43653;22378;15086;42339;12805;53910;25929;21125;22403;31625;28500;25809;36419;24517;48273;57924;62393;56345;33406;28920;66741;29015;57196;38017;36321;18641;15156;64675;24881;20815;63885;64805;28956;22534;16634;66124;50801;12775;33224;21946;38945;21482;61061;63029;54971;52107;19678;27689;24824;15593;56635;33999;11030;33900;25278;61968;51674;31405;26298;21779;18125;12577;27150;25241;52951;29851;34600;40084;40091;20208;54089;38014;43249;39542;64214;37702;22520;49348;24539;42251;27643;66605;23340;33628;17121;58001;12972;32672;43261;16506;50390;38270;12331;52943;42991;36614;61654;50873;64204;32912;28301;30436;46797;41633;58039;33288;35406;52444;49313;51044;40703;37816;29863;59022;30220;15408;21188;42500;37545;32015;27452;61863;62641;25648;66783;23649;17782;49635;44460;31973;57361;52574;31856;20491;59794;57055;31273;25218;22989;19323;56432;36198;40567;15312;45565;34041;26178;29106;64504;41956;36294;59103;19180;25046;51164;32322;63443;58443;30703;38984;19817;55460;14081;58112;38388;65269;13775;14680;37727;26546;20877;51517;42383;50410;28829;60463;41349;57979;26926;41022;61097;17073;33253;55376;46555;32221;34966;65075;23126;25198;60901;66116;55317;61221;43941;65836;18163;34244;35054;49901;50264;11242;24392;44536;61696;65028;59312;15565;62897;53985;23087;22096;26238;11260;62674;10531;25955;55746;61033;56622;19414;36945;18733;11144;35355;25109;44507;55948;35154;39313;12743;47853;26805;59766;25316;10941;21598;64425;23013;10844;13961;53260;35210;64257;35906;57707;48182;33430;25098;49337;31552;36500;30357;41835;39971;31296;44684;62633;36610;25796;28353;28259;59907;27454;39152;52277;19726;15319;52249;21565;19261;33489;59292;62807;42957;20338;58416;19232;22179;25401;47893;33026;10616;40014;59209;16514;37872;32095;28229;20451;53097;51678;58917;23203;22716;55531;61681;59237;33202;17729;30765;58881;19090;41180;54305;64514;41024;51536;45923;60176;62973;56489;53360;46808;52658;47158;40039;18988;23401;19129;56364;22899;57407;22327;64066;43684;60499;60739;11914;16831;41635;41007;41788;23245;11345;23860;32283;45784;20136;16663;39302;12913;28789;22402;16458;66898;31129;28907;42144;54151;24192;17031;39231;36036;25786;22126;56823;50894;37549;10932;12608;10506;63791;18842;41316;33868;30507;10840;49494;17640;17840;34034;66681;39810;41682;65874;37919;58257;20057;65962;63909;59193;15805;54932;24162;42634;32264;12478;61938;40285;46263;58949;43233;60282;61277;26991;24454;60625;36906;26889;27017;56222;27276;27400;41497;50419;52426;26030;23885;53599;31393;12354;10648;51567;55775;39569;59282;15049;25771;49112;33633;23308;24288;43186;15611;26387;63821;32587;21336;19142;42103;51215;38891;26401;24077;51192;60824;34441;27189;38794;23390;43210;39707;29930;31452;37072;20601;29861;16250;50962;48700;55166;49489;66850;42403;18107;62789;38402;42198;22675;33215;41953;66118;35259;55845;48385;49122;48329;12468;43911;22969;18936;41017;29741;40942;50114;11624;41230;56272;39658;44902;37661;54198;21277;43747;60082;11906;60435;63304;57482;21244;36137;60054;29340;27038;20509;19914;30043;38496;21832;64329;35710;64242;24957;18515;61501;13908;42221;17080;62743;53320;40220;54395;40037;50055;11931;55202;46705;62909;60806;20637;56625;49061;33564;24612;46615;22124;61393;61237;17995;63320;38346;24336;23789;31817;46356;35836;17103;10578;16505;51089;35902;42795;42903;60836;29379;64044;28450;55581;53820;25470;36642;50455;55346;34132;43843;58552;49279;44003;56208;60460;51132;40886;58436;55423;45199;29838;19755;30754;23385;55997;20992;44892;52175;53151;19979;37744;26654;45523;62064;65273;36146;29945;45123;15321;24154;33971;46778;54925;61683;64756;30118;43969;54577;28224;31216;47537;31907;48426;13100;22213;29266;14145;32290;26056;40183;39811;26127;39230;63744;56701;29025;44208;16853;55353;24391;32506;36712;17403;37109;60597;21659;46643;23275;65204;14653;32938;34271;58662;62082;14847;37324;52671;38333;10656;34053;42225;57777;22514;61607;52108;53909;15197;14497;16771;51965;43791;41761;22840;11524;35465;28423;24415;51942;16213;61941;53921;40579;57817;43696;49184;52151;21698;54455;51357;39137;32394;11239;35503;14360;28208;24489;54266;43092;61339;12482;20111;41969;42637;61659;24847;31911;36773;50798;33220;21016;17453;46463;39995;42964;54115;30363;63938;61594;33114;57932;46774;43641;48903;51484;13974;56889;42304;35013;16962;60071;15812;58820;25964;13303;19632;50062;61599;16421;44995;46462;57516;55930;41960;34724;14391;39477;65968;22912;41129;54955;16091;52667;19866;11599;27473;24845;66498;49547;25624;62896;38925;10695;24866;57053;64437;40419;25317;28109;56114;60966;26834;23399;64993;15955;43877;35675;59524;36652;34283;49467;49812;31991;65815;63022;29488;64054;41348;47857;43545;27591;36147;20197;33842;59251;42402;50958;27171;30281;41674;57686;62161;24914;32986;50138;61429;11605;31555;25923;20260;57440;46924;53814;63167;29534;51193;34839;32946;10426;21308;28400;65255;44636;53715;36667;11388;18868;62763;42175;24812;55683;21421;55693;61495;22084;62371;31022;66505;22540;60577;25887;23072;52167;31359;15193;44437;47851;21025;59413;47506;65211;36907;49297;16519;14683;38325;55919;58722;11911;57658;10715;35590;46638;22781;58547;43199;15854;45440;10297;28165;58629;25847;12340;17417;45279;22619;12001;24677;12255;18326;26057;21477;49096;40989;44020;62133;33091;56263;65816;65864;43841;19326;36013;35577;21091;38083;46737;61228;19171;29603;12369;26797;39904;43099;10696;51111;21509;19705;55310;39353;26955;40582;29996;60291;29073;42970;46650;14801;65883;14509;38747;42453;55534;30140;61232;33802;57594;33612;36581;41919;38421;13099;26982;26059;66060;11358;17467;39765;27083;34086;11051;22151;51163;60865;58465;59572;59563;54872;32350;28913;13234;50298;23200;55437;36503;15356;52489;49425;60306;66120;54298;62301;24424;21667;17596;40172;14030;12126;29013;44682;60378;41566;28473;19094;59750;17354;61425;64838;48218;29074;39328;51047;27381;58999;12363;66542;10916;24733;50744;42997;41377;49236;36848;26180;45144;56782;19401;19797;51100;36174;36734;53936;24241;20511;20215;15160;26815;45174;36833;30272;58458;35041;16642;31365;48998;25503;15591;47099;66091;63935;14216;33429;20796;40931;58115;29751;65500;35097;55809;30848;29642;43971;58104;50923;62653;24123;20202;61866;35265;22867;56591;66704;41833;19819;28565;45750;49201;24467;33199;41189;34814;27211;18104;39447;22560;17542;18648;37470;56503;30480;40013;21856;22385;16750;47490;34143;50464;54806;18663;48991;36024;24115;66613;44728;26842;54559;60599;30137;40466;48829;50102;58840;42209;32840;30585;45187;28828;25273;25517;60784;44462;54159;59765;49671;56532;50886;21469;56387;29363;38397;30136;11139;64612;54479;37781;19060;53598;22481;37037;21322;52300;24381;24563;19043;35261;55143;25522;55087;28994;27843;20049;30310;14750;65992;35390;11577;34769;60301;41252;52591;65181;50496;52389;46864;44073;23075;49484;29235;66829;15659;57182;48659;65066;11908;26053;60485;65709;30047;26690;44412;43457;31268;60546;11152;19312;48701;26271;21910;30697;34524;51811;14566;16016;50813;32391;37931;41548;15555;41715;64497;60525;25077;37975;59058;62529;28190;34688;51525;51401;31605;30353;46332;12333;47313;49584;32396;37200;53558;18225;27453;44432;53252;40965;25212;24814;24580;64283;49205;52498;54331;21438;22366;22041;28414;32513;10371;12572;40047;30805;63922;36083;27729;64310;55387;36585;37280;29735;25732;27335;43949;16371;40103;36955;56349;57423;33350;28793;50899;27029;37804;64367;21472;20542;61145;35515;22816;56148;46584;56561;58781;31844;14218;30007;12951;48843;60663;27763;14309;40189;53204;53158;65824;16651;28588;65467;21722;38432;37613;23257;54409;53299;26629;39000;54980;31124;54760;18137;64821;66660;46556;61453;24679;11766;50323;35614;18543;32353;63674;62961;57662;25931;31738;30846;25135;19222;44328;51364;55786;52275;54129;45145;24292;40444;59739;18081;50495;61723;36844;40486;18644;39320;52983;44282;23467;33362;16605;32340;37001;37577;58160;57994;22815;31203;34453;28584;64717;55473;18073;24737;59165;14229;27592;32677;47395;10901;62656;18044;30942;18057;49843;24416;59724;44600;23517;17633;12630;34227;21676;55622;63489;66793;52428;56914;45937;43658;30111;11261;32398;36114;50947;63164;57763;11375;46218;12993;25024;39066;10152;52588;55238;22185;57179;55407;62803;12923;14338;13762;12605;13863;44874;29918;33063;50211;43964;34964;34726;35368;14428;45443;10002;12891;26595;40851;17532;47601;12826;32620;38708;66324;22051;42628;21846;54635;65251;52812;50058;65925;23225;41666;53322;52831;26108;53505;18269;61371;54807;33950;24691;18981;55877;65064;61252;45026;27075;36411;46702;57069;20510;59701;30462;16251;47070;16029;23903;50177;13568;47800;44719;11176;46467;66923;50195;63091;43483;26579;35523;52686;50661;51547;33294;37168;35825;16612;32695;63457;66064;21039;26391;41789;56592;12407;10985;42114;43627;50012;42123;36713;57324;40206;20662;25560;36399;65418;55157;54274;44609;59299;37435;34554;45505;31901;46894;54352;41724;44087;63763;41077;23754;30632;19016;12784;28810;62460;41542;13621;60136;54473;39593;13806;42215;29343;57644;60743;31897;46594;14936;53923;48637;36686;40862;65698;58601;53183;58390;45137;30275;25970;35337;50269;10577;50450;43688;48248;14662;60702;22460;34409;29759;39470;13491;26612;19901;23971;29907;51696;21743;60608;25230;39452;15936;23536;65129;55512;65331;42800;14802;51414;48433;36234;55862;34261;17288;39132;59784;32349;54586;11619;35998;66063;52879;17070;63449;11612;23702;39040;42060;53760;17282;33085;12988;58108;51224;66873;59069;14062;43763;31053;23647;32872;49695;35531;30050;63367;32099;66678;14531;45941;36871;47179;11526;64758;21608;58473;31834;60042;30963;20352;31189;56881;37438;43940;45589;33348;58336;22380;43662;18549;42630;42635;30723;66743;56600;63081;28766;16385;24296;42581;15824;15430;31064;63371;15265;22015;26899;60120;34357;25793;11629;30630;15534;33098;56439;30854;14366;60379;46550;13178;36529;64841;63708;18681;44136;35510;30607;55195;57061;51273;10790;38160;41572;17074;50978;29262;51112;45116;28282;31239;21909;44308;43767;45479;21121;53939;58983;19189;12912;41389;22121;47556;41922;44602;47523;12911;65382;13453;64659;32464;56809;66164;58526;10346;63301;65336;22790;49630;45776;16033;16971;32668;37793;57978;62676;10744;25516;46110;47220;48793;50768;47072;41774;10462;35831;19469;17122;37944;49979;64944;46554;53000;12625;17650;11022;51303;64979;15131;52404;38356;26636;47615;60572;13708;32049;50931;40971;25618;16613;38249;23300;35973;28042;36464;29067;54139;44865;44175;40687;43253;41613;65324;19017;43980;24378;52869;30623;49471;10402;21310;19420;60066;60875;57323;46783;43476;29968;60934;48590;52069;15246;52142;28934;17275;18785;47673;23938;43176;32845;57286;43594;58641;31085;16809;38086;28410;22065;60814;16995;19620;11764;23741;65997;13682;26318;16591;17761;29572;52073;58226;62518;44644;34644;42482;32696;51178;27095;12959;37271;15129;19608;30919;62702;53655;65852;22020;43611;15872;16955;49738;16319;28552;56644;50216;63775;60633;48506;53808;53611;33979;24104;62403;38519;41196;23079;24001;64482;23098;66053;50011;58147;59984;54295;11160;50953;14191;21693;53893;15893;40837;30561;14610;42954;23470;65822;32975;13737;47399;43692;42865;64187;57567;51356;47768;20159;26939;38375;55464;56232;61205;60870;42291;25495;11255;46419;20135;14090;41150;55980;36745;20568;18683;31865;62080;35376;12633;58460;28433;55094;26666;10957;26756;14104;57148;38066;49187;48513;39129;23438;45809;34200;20480;36786;19182;47747;58891;45859;56160;25125;29240;15472;20016;14292;44189;41258;42660;15862;58138;42769;46617;55127;62931;21353;20751;50903;57356;21263;62141;39610;39092;11297;22919;21586;48767;61791;55807;64480;28478;32874;66267;62057;52022;39672;31089;40765;24343;64850;27212;44012;20897;63218;48763;57834;14911;36692;62799;35968;41783;32318;42133;16048;18255;13624;65863;33033;16741;48183;56445;17027;18482;40796;50122;62751;61481;35877;45900;60248;61686;50360;21726;13881;34963;22685;26880;55960;20250;54166;43116;13957;24523;22718;56904;30058;53012;37700;22796;18761;23001;42354;37493;44922;54957;24969;50164;55259;59363;30913;44343;61662;46914;51915;34846;36297;59300;30252;52982;56238;37897;36864;15653;23793;53743;54972;31619;52174;30160;30292;38319;40256;25926;11465;23716;29145;42506;13001;19297;11872;29681;17805;27828;59833;20611;41124;24876;23640;27599;30217;22299;46943;13795;34312;50715;41577;25532;34972;45985;61845;16815;13965;48999;55682;45040;30743;44540;10422;29782;63975;33963;38256;47034;29625;26554;58793;63710;39963;50046;66166;35841;31822;33078;59007;53647;30653;28651;35656;49443;14956;12746;30257;54729;65944;45032;47817;22835;45558;60923;36330;12101;39557;17172;40674;41688;36647;35541;50424;59272;26877;47616;10264;27939;37951;34802;53748;44107;11442;66307;17609;64969;19917;27363;53170;25596;47629;50036;49597;63075;50252;34707;42577;24572;61895;24551;13323;44408;15001;54204;40794;25107;12372;37387;48682;19457;56290;24257;53388;45800;39345;29429;36395;41012;12123;16186;13393;39330;58773;51211;19687;65083;50320;59743;65985;24671;62497;60491;35302;43362;47169;53377;34063;65272;21979;66160;35936;31999;12010;20663;38914;53793;11449;60314;47651;45525;65159;62755;22580;58488;64665;13309;31228;32128;28049;12722;65984;10542;51377;18791;54012;28277;33969;46563;42059;31435;19536;29745;22125;16432;40185;46057;26904;45745;14744;36093;15665;17179;29933;31330;11606;25794;48206;20321;46832;31949;15818;34562;13958;18713;23051;32860;18754;64133;59039;59166;14862;20562;51003;53371;57249;44264;32853;13759;63848;10432;24809;13963;50735;49847;19672;55086;50743;13129;32864;65341;20323;15857;61189;35504;60449;13822;15011;30700;55438;58855;31260;42040;31238;12509;22296;47265;40029;30530;25654;51310;15414;48746;49153;22553;49448;64832;11711;13926;65871;26423;28979;15896;26457;40240;37139;32168;66675;59955;62084;22458;18416;31323;24767;55707;65851;65893;12265;13510;45156;35829;25831;56487;61974;44210;35718;57637;58592;63576;15248;15014;46546;49748;57813;18956;27175;31953;37303;28739;12715;48233;39766;46976;33575;35141;46048;39461;55965;44679;62121;66516;10203;44220;54243;16439;22837;14308;41225;30156;61553;61728;14502;44022;31135;34240;33852;35793;11270;38383;35975;62305;57135;24420;33416;51281;47631;20652;52525;41838;64523;27106;10345;18405;30601;16190;15236;35304;36077;19904;11020;59967;66188;13990;59811;52240;10040;63559;61596;66004;65412;18871;18034;25037;43987;43228;42277;42813;49763;20417;49797;21104;37270;51514;55296;15224;61627;46865;61460;62486;22073;62329;23288;15260;39885;31733;54489;45772;14005;54411;23881;12963;55570;38529;63794;17818;23692;32931;41986;56394;39133;39518;43529;23522;28654;53982;62005;27642;29080;27487;23096;24340;59715;51005;54279;12087;31601;66667;54345;14514;15133;16825;17148;48481;57241;11286;18755;42457;58194;55393;28564;57388;66277;61375;47550;61496;43878;64844;18181;45528;16832;54637;55123;57273;65385;43518;33396;56074;24823;42479;32532;25739;34640;58696;28690;35229;13497;12861;65565;30393;54404;29425;38299;22966;29598;35605;12829;13934;60878;13988;46241;20740;15194;57492;32363;26545;59570;37326;52306;64760;12329;25397;21234;51922;32839;66436;41158;19642;61957;58944;60843;15685;66577;34552;14856;50767;59163;55698;26548;50277;65667;47532;27816;45657;59366;17068;43596;29158;45291;44605;41091;24868;36112;12403;18150;24287;59418;47021;32178;57665;21703;62852;48441;53102;45557;34058;51706;36845;11190;65152;14780;45129;17611;41102;44726;53876;64581;62690;53269;54186;25540;60535;58746;22222;36519;56025;45148;52753;39265;62443;36182;45975;43507;19863;52706;45812;65959;42252;43548;56429;25112;48251;65855;39686;35910;27053;40785;66294;28098;39798;22700;41103;20794;42475;63370;33326;24641;55365;21442;35167;40292;11541;46997;54002;65213;51285;62555;37531;44857;20365;49640;52602;54442;61126;59444;57669;66650;61088;41842;44049;60015;18659;23660;42420;18534;40602;33145;50040;45086;18640;36584;44754;40532;65013;42398;65806;56199;22833;11894;29633;42192;56868;28713;19728;22608;14285;35911;46387;47264;62716;29715;29744;40469;40070;23623;19494;50516;11731;43304;39207;11521;40190;43927;64338;53468;59916;15210;28021;32952;17338;42670;55649;52742;54165;26867;20372;63343;44525;11494;47630;39795;33084;23057;40908;46945;48963;38134;14642;62016;22431;34559;30334;48512;62864;45304;57793;65420;41215;13206;50266;38624;44762;18095;47520;61564;40742;60065;25645;39101;19216;45626;63516;60929;57127;18378;31917;40682;37370;34218;40396;47765;13418;38304;15884;44053;49815;21540;42309;28714;22570;59915;21235;66594;31427;23768;32050;16495;39516;27989;55489;51260;58093;53665;44319;31843;14938;46652;47659;62456;34961;11610;54147;10037;14609;39790;66333;37729;57951;40910;57626;19096;49124;52397;43623;17685;60592;49559;66272;21720;60955;37961;38734;15110;50739;21637;33203;40109;19042;28893;29946;18345;56279;48960;30108;28140;36486;29012;32220;23219;50247;41108;37284;53197;34281;44413;16722;53300;28595;56213;46896;35890;35483;62587;43173;25576;46676;22629;61417;61744;48153;38034;45444;31575;15543;17062;29978;47655;36879;55109;44533;12504;48598;15126;13346;65286;44695;33608;40804;37582;13677;40223;29665;11249;47433;32525;11750;31782;23633;29215;54875;24017;37936;45294;58059;56759;14513;56366;61260;27287;42027;33257;24040;18323;36228;44392;32991;27797;28377;38393;58324;44678;16801;54905;29793;48665;58204;27972;28912;59223;31242;44470;38803;46197;66890;40449;66939;58202;62705;51770;27205;52783;21853;16976;35457;30879;12510;35798;58649;32392;51462;51139;29460;49679;35896;58716;24598;49876;15723;11008;45227;59360;58129;17086;25757;66007;49707;47662;29808;44973;12686;10704;23584;66145;24833;10313;20517;63563;21627;48932;61073;56870;55815;53350;59944;40026;17409;41739;32091;44233;46249;49152;49291;66597;37512;30138;38741;35093;25515;52823;65624;66429;62357;52383;27920;29656;46523;39430;20409;42010;19730;63237;31317;49507;48600;59487;30785;24709;58410;60409;30489;31883;31100;33882;13495;48479;39884;63253;59003;12611;15783;40279;36329;53488;66673;46176;13288;24794;17778;11651;29768;22062;47591;35618;63780;54444;25276;64600;37055;56311;11387;31770;30732;66058;52171;22453;22537;39178;57213;39927;43005;46701;40286;42239;22865;26309;39282;53583;30074;21501;28710;53855;59258;11584;17270;16023;34882;21949;29900;29048;23233;64536;15775;60187;46887;59583;45912;48838;44909;44424;40146;12074;63932;11626;51604;31980;40373;16436;60020;59332;56392;62983;34533;66935;60756;54778;15744;60389;26767;43944;19972;18331;12998;66196;50877;58633;44722;31933;42549;50672;57231;33376;30940;45051;18180;57316;21593;51434;57029;27216;17109;51721;21974;22309;47722;39729;48642;22032;59671;33395;15765;45492;56988;34861;55010;11071;50281;57404;57420;17097;52432;24788;34751;64260;45384;44899;64420;47897;51095;35858;61311;44102;58472;24022;33509;41885;38817;51879;17589;14777;50934;60152;53851;13474;50989;42727;35408;60724;39816;43761;47697;11237;17652;56318;11447;24121;65831;20561;42368;33870;34863;54550;32141;56607;32950;48519;57603;57829;33118;50220;61872;26184;53770;20207;28541;41046;20791;36069;57502;61987;49641;38531;58489;28626;35737;32646;29462;38957;21314;14455;34133;42998;40574;34636;55018;45977;17524;23534;14774;45965;10159;60733;65124;31496;17360;14445;45646;31812;66737;36690;40077;44285;60293;49235;15544;18022;25108;22785;48357;10183;10139;24006;26123;30020;65304;35122;28757;33708;48906;61657;63205;42856;15962;27233;30214;12984;21181;62280;65100;37849;59902;32406;61365;62574;58431;61142;63264;56505;47703;19989;44656;16830;60659;22649;44464;63581;36861;40454;36241;57899;54634;63702;43868;50787;57690;42979;35563;23975;37524;53717;34259;36224;56863;17498;21371;20730;63604;22964;41074;35062;61383;34337;65639;54113;51045;12433;58322;43815;21303;28635;19731;53578;64390;65081;53239;27759;48257;42268;65347;48500;57188;17642;13152;39489;10312;62469;41039;41207;63379;45694;61976;31233;21939;42612;18609;27337;15806;63047;26516;33372;60361;46312;59435;45112;20919;54913;42585;17213;34695;13730;41324;26639;39506;45306;13687;38070;61507;54708;66247;12732;51274;15183;28055;55597;24452;53626;29527;37642;60407;47025;28335;55246;66087;36703;63374;66016;46581;52117;27703;28160;42608;30079;21138;34997;39727;52519;44236;57329;42750;34992;57875;19571;10389;16790;11805;33482;35474;19114;40411;19822;39753;55792;44363;50156;32067;59267;63328;66056;11428;48790;61891;51938;36194;24256;21189;22595;17793;17028;48470;65961;53359;15972;42683;33433;30709;35713;14046;39726;22220;16589;22464;64640;33646;63686;33324;27938;23843;45683;55308;20464;14318;37382;17740;25484;63798;43033;13055;58888;48444;24413;60251;17253;66139;38426;62726;18306;30182;38947;32224;63677;39392;63260;14957;29887;43332;53827;50806;34818;49229;58762;58906;37164;59092;65479;64516;40618;60917;48865;64175;63247;32288;38746;64326;48831;64247;58976;15629;13212;55129;66823;19771;65381;26058;16818;22772;64505;19349;28444;36356;39208;34338;17346;18610;56743;20852;63984;58995;27164;18091;46436;37009;39010;49911;10556;32547;10388;63125;33603;29530;21962;65234;55312;53938;31787;10003;30798;10465;23018;54554;51507;66462;12790;16839;14014;47006;13408;34099;31851;37638;24477;15675;27996;12622;26227;55785;29300;39603;42681;50154;44873;55397;64870;37745;43027;42419;26723;52767;54043;53792;13738;35786;29114;49765;15465;41310;32274;19939;40926;18688;12481;29731;62810;12125;42126;16918;53703;20034;53554;14731;31494;39331;20799;23366;43588;18778;24217;45892;14542;41846;19425;12017;32360;49137;13083;65319;60221;59315;49319;48898;29201;55778;37987;23904;52592;65307;30289;35818;17438;18188;42116;63380;56699;47905;31403;52553;34008;62093;30537;38546;45092;56792;44591;17116;23181;31717;22019;10161;22996;54997;26530;30575;40823;37940;50663;34110;27753;11933;58896;52194;17092;17458;65902;13084;55228;50337;52689;19313;36724;33713;33222;46223;36762;53384;26416;24490;35637;27658;39907;35724;24587;32418;26028;27982;26757;60382;64605;36171;56185;14732;34117;25605;17084;38610;38219;29227;38703;17143;57297;27133;64106;63742;43443;57982;26895;43792;24003;51677;66191;59056;32745;52390;47783;32075;58166;25006;62929;63277;20490;28482;49583;21881;48931;11211;65186;19920;61569;39812;53372;62091;19718;26063;25091;53542;34632;50217;55203;46845;49879;55232;64407;47672;50597;61379;59110;17330;47639;24527;26383;51863;55754;28325;32292;10778;46160;60112;29253;15289;13735;39434;52009;36839;24778;39522;42645;41970;26760;21367;10930;48589;41965;64860;42380;20846;13081;57476;25320;16093;17264;41037;21408;56707;46476;55481;26476;45921;42931;49384;10474;52093;42796;65508;58022;26890;58732;26414;19351;39204;40440;49661;41870;34934;60992;24749;54847;54821;51453;14669;17355;32967;30103;18797;47376;15981;10978;62714;35332;41355;32945;56175;50921;33549;37149;47862;11252;64507;28048;47712;16999;12711;27132;35024;39048;23436;56610;66911;66579;21359;44099;60280;22061;64599;42426;11979;66870;29372;39120;29042;30731;10058;39592;16935;62081;22638;18455;23463;42115;56186;65368;63131;31951;56714;38556;25434;45715;32218;34675;39234;43984;64123;22695;30172;46227;52372;32460;39024;47733;62954;41629;33595;30405;58292;61368;31026;50317;54231;27020;55360;29580;20683;60233;61283;30878;51978;22535;62809;29020;46940;25199;51516;51267;59746;45820;51034;66897;28426;19786;34980;47191;18531;11166;17653;33880;48524;58187;41973;11955;59510;16887;48593;33304;26505;57334;30442;66340;53128;37392;60541;26430;54654;34005;53951;46765;27714;36925;62461;48787;32726;42187;37929;53027;50849;34989;61814;34625;43109;49164;41488;18909;50742;43374;55959;57964;58912;31237;29422;60852;47895;25415;44864;12063;46611;38430;13925;52409;48861;15137;40493;54439;23317;34411;21404;49810;66423;12985;56706;55480;24618;18700;38438;59304;45221;31213;47864;38602;41782;31283;10610;50228;56660;17136;61813;23659;65362;19671;34770;38448;62878;37905;30821;31988;62940;46336;46572;34609;55264;55288;23705;29273;37427;57014;50409;54689;22738;46479;11009;32619;37087;34255;58348;51373;38998;24207;62703;12093;41857;66619;56581;32404;14164;49040;65548;19750;60019;11913;19207;28738;42033;50103;56554;11625;30420;52114;57850;38394;12870;35788;36271;19982;19531;42246;15661;43852;34856;26351;45734;47013;47221;44935;45679;56933;55006;32582;41459;35542;59965;44939;15849;24237;13765;32603;22188;28166;39526;64249;59378;32106;40110;61107;65895;49035;48781;18294;13595;64807;45799;22358;19729;39935;23915;55002;21071;53628;50909;50185;27131;31731;48493;43078;52784;16161;40018;59222;34042;22622;65375;21542;57619;29637;23306;28621;46444;61961;14328;59293;14817;14138;32306;10192;38812;49316;28314;62953;23755;66653;54393;60018;63533;21284;12730;21075;65977;66951;45520;29950;62385;66918;50951;35458;16714;34013;44307;35851;19143;29208;11888;39997;53227;20969;56636;34464;41689;39801;17126;53553;10169;57306;34311;35477;30933;35444;11202;44298;65663;53277;63323;24934;38187;60888;21497;43916;60060;30985;17691;12035;39500;39944;19528;56138;13697;19742;30371;59651;20702;11969;26852;37780;61044;41156;33830;41670;47142;43204;63619;63878;22298;64498;41992;66300;60081;48420;48863;57235;44862;47203;66866;28585;45559;44331;61352;64300;19333;17333;13592;56473;38981;48651;42709;27323;51337;52052;24086;27090;63432;53271;18707;43563;15673;27424;27009;49614;45652;46244;17545;12841;27628;45222;25946;49207;34500;16927;11776;12670;45918;58045;24813;21959;11077;63832;55790;38447;20691;23867;32729;15700;62122;54242;21297;21159;66023;50169;47732;54752;46058;35274;25696;21233;47687;60313;34155;41467;33146;19564;37963;12671;33149;32268;16876;13432;26871;13971;12679;32325;26155;62646;27343;57894;32533;21107;65201;59853;13717;41140;53674;18911;65001;49133;57512;58790;20096;57187;45459;28168;63203;29974;66035;14914;50762;57585;37912;18722;13944;47147;20376;33139;22792;15253;26137;20172;46757;16928;13063;29925;45081;61856;17715;36912;54620;34052;20865;28417;60189;52629;11259;41170;63591;65982;28101;21928;62932;60545;65090;46074;55615;28104;43532;22257;27385;63518;62163;35691;46426;18106;48697;13948;64392;25352;19229;22678;43359;29003;29876;39634;35288;18183;66439;18932;25079;41458;28305;24170;28653;49487;64149;61357;40186;29961;33569;66552;60486;54292;29207;38133;61642;23519;21142;14619;47317;34495;34701;62691;65459;18569;12624;19644;17216;21912;37369;24615;41869;56385;29614;46296;37379;40293;10367;36078;42519;27862;15058;29815;38374;16649;33921;53163;53639;21206;35878;16383;23901;65758;16766;52552;11948;42395;12327;27415;58328;57379;15545;53524;45863;35835;65625;27281;48900;30681;57876;18276;65462;65684;44162;55381;15204;65099;24354;27826;57111;38917;16369;50018;59141;28075;28580;30746;44024;41399;53579;36487;65668;31370;45968;34615;42037;12326;14475;48286;27796;25393;48189;17785;52411;35119;40600;10822;15038;25664;28175;56455;62414;16523;65472;56726;26000;37968;65765;36811;28316;12059;17182;20621;46189;25123;16392;23372;32722;37122;44794;34661;29986;13078;26025;64111;45310;33297;11705;37878;60295;13365;48534;43591;31774;62315;21972;34080;12574;44867;45419;23153;47741;25022;35464;16018;17444;12348;66568;12701;26902;61469;12532;51856;28082;50641;23502;54285;20263;20743;53914;38912;51046;58255;36032;56082;53983;29365;29356;24683;58851;41562;21100;23866;34007;43193;43207;31639;66506;23627;65618;28521;42762;26884;59178;17065;35263;65749;36212;65430;33720;38674;29739;17681;23474;52512;18825;18388;53587;38744;11372;27419;40657;62542;22082;14172;66833;44802;62323;43370;45852;32971;24118;39298;31713;33892;54363;32194;33028;55021;34528;10277;40909;21448;20990;33533;55040;17484;11158;13289;15363;55282;64110;31344;16504;33860;33731;24780;25687;60070;34350;35256;53755;24548;11224;54026;61851;23508;58393;63741;23554;65919;18241;63368;56156;57543;41018;37206;45417;55450;56761;27944;41659;30415;42662;37359;66412;61605;64531;16739;51344;55888;45423;58506;52513;37728;24160;43512;33485;52002;43618;62446;19906;14402;27051;40848;22567;42306;43789;22442;39809;30414;52893;16028;18656;38504;44685;12076;49157;30662;49701;50389;63573;26473;14779;57123;62481;31170;15092;51660;30364;13985;23550;57264;33076;56479;16139;42759;48348;48501;36117;31968;23488;31727;61821;19757;23077;10566;55059;40978;47133;61674;36880;30196;49991;14306;34209;14451;40418;21861;18649;61704;40262;40341;13181;17565;58434;54136;47431;51033;43316;54023;34497;50444;10635;41106;19439;15263;18892;11296;53835;41210;27988;46502;24965;17765;20764;30669;59561;18595;45724;44463;35922;63051;26122;55562;36596;61218;38324;22491;14029;55913;23674;47841;12960;32163;62360;61122;15870;57675;63745;44666;37433;39003;51257;37885;55235;50120;42838;34182;35135;65327;61436;46492;16656;16930;34900;28936;65184;59279;47648;43060;12378;46678;34681;14429;44292;26898;56181;50705;60459;32863;40611;59729;22578;50272;38555;37708;29268;65605;19288;14677;27201;55497;29662;44686;43447;51070;47404;16359;34430;39263;41456;52128;13123;46571;29979;62253;66322;36455;26783;66321;20066;43341;25755;14667;24263;30583;65410;59814;35238;22953;28853;25604;11662;60681;52800;41097;53294;57304;52109;54040;31371;23339;48528;64939;41824;41364;41780;19481;34647;38631;11611;49648;18928;10483;34435;31318;58291;25004;35645;11052;19560;26348;33657;38264;55258;30793;22406;66586;35690;52259;42826;40920;26140;19329;27263;56104;19021;44300;38651;48548;35137;26069;50398;55628;60808;27433;11993;49168;24765;19250;66246;12005;27461;56285;66729;36451;53182;51550;10486;28996;27193;63692;43200;39680;61011;47554;55918;61742;32805;60723;28594;30014;38528;59001;66363;34026;47229;48922;49897;49677;24472;13236;63078;31450;14335;60797;16759;35907;52248;14333;27143;56705;14548;41241;62209;14827;16006;16956;22218;46717;11841;54262;12560;31654;57692;31987;42781;50537;11111;50890;62942;50632;40755;54460;45660;51153;26534;27234;64209;43220;11058;37443;12626;13061;12418;15041;11657;21311;41453;16224;25140;62157;41155;20142;55637;20475;61271;46253;22237;25363;61246;58823;34195;45871;51372;52479;66334;46013;47053;47507;14430;11406;45376;45699;46883;18059;24540;32933;30374;57641;44807;41290;27030;54753;27138;14919;15549;57083;14920;32826;29947;20938;18317;56382;13690;42775;21391;20021;20972;51862;36683;63701;21334;60030;49245;54283;18434;59859;65120;23028;24624;34426;31944;65082;27266;56923;45382;54244;50847;57550;12642;55666;12703;50875;56126;39544;35399;28266;64440;42330;23776;43629;23445;23658;11307;31592;53644;28852;32734;29349;35870;29239;31821;31670;23229;39731;65111;28845;57268;19147;33176;65725;37112;29069;62884;36771;55352;36243;10120;45713;61343;35049;46785;32068;52377;56762;43123;34213;28429;45450;40589;22895;45966;60181;26356;56162;52089;35734;31164;60067;59761;39314;61778;39821;41698;64219;45402;26320;21941;16545;28939;58051;66234;58605;53164;35827;62234;26846;54819;18804;27468;53861;46579;29540;14000;51322;17324;64834;61411;52887;21607;45685;35989;21981;35182;23582;54600;33418;48857;56587;28820;20030;49002;40074;49406;64278;41607;59974;39337;22978;10069;14376;15029;14679;52348;19270;65830;66025;61822;12296;50332;26814;51635;60845;43773;21429;64895;51609;42362;14436;20258;55829;20240;20430;35964;38609;43378;15945;48679;57695;33108;27379;32449;37056;30481;64079;28258;36317;45721;56331;37473;33579;33346;42493;10438;46972;33986;42056;32368;50328;36794;48394;63354;14442;54324;49418;60749;64475;36041;56693;48557;27827;66629;16357;14758;35180;28895;54112;44860;60338;48982;21321;16475;18850;56430;25413;11119;28128;15638;38298;23446;46551;26513;10086;28887;28984;26412;16752;44534;56940;35596;39281;64025;48146;25552;34511;17101;40672;40526;55967;19524;31740;64022;39297;43580;20668;55256;17242;16110;32816;42448;15753;17096;24509;47837;16652;54824;45036;41720;41334;27596;23979;17617;23688;39843;24262;42012;41743;22248;38578;17056;64409;56085;52888;20842;66287;36070;18827;25427;62620;23651;15738;47749;38269;61510;46134;43456;31747;35225;52290;21781;39356;16226;57789;25724;29964;44624;32580;59218;37110;47564;16892;30201;49057;10404;59745;41704;66752;18299;16232;41911;38209;13681;20373;28257;63977;54977;53306;38494;52338;52234;22973;37991;35599;12883;31936;48530;29482;21436;49884;56695;48562;37680;33744;14952;66123;27707;62873;47876;44564;21479;53172;18771;60645;54950;32479;31565;16842;46127;15391;43150;64015;33775;28508;26116;49705;32829;13561;42525;35350;39764;20747;26685;40876;30039;66085;63070;46847;14790;15987;32758;13866;45282;64173;58069;61040;64568;22712;44418;60285;41395;17440;23041;19525;56406;19484;15381;38445;35875;60334;49146;45718;46690;50970;26453;63461;14382;21844;43551;23918;59433;48620;49051;37742;27390;57958;52650;15115;11116;30578;23897;37348;60202;39599;36296;33724;50656;55466;28816;22557;29594;65477;57701;54349;37772;23134;49998;32876;62585;56237;19240;52663;63913;27610;34828;23781;14829;34633;11905;14599;41595;46722;63746;52936;43549;11209;16733;45722;25888;57824;32519;28091;12357;56525;28385;59530;62717;14693;25603;28217;53972;20527;24266;66206;24840;54171;33508;36113;64439;16531;54181;24854;28243;54273;26769;13195;41569;58381;57940;34525;11778;24994;46724;13269;65054;19030;49514;11397;23411;53024;48643;60426;36947;17009;58808;57085;42315;36391;27196;34256;55163;56220;55651;33617;26310;47145;31214;26810;58519;50095;25816;38807;57128;53075;18879;43157;36630;35689;47089;61332;48834;39344;59368;53423;54653;22194;20848;43045;54006;60487;12595;37924;16418;10495;40330;29418;28563;50889;18151;24182;59890;51573;47576;16635;34079;13317;11350;28223;66049;31327;51367;29571;30715;10189;57346;25402;64583;31850;18012;18492;26550;41159;27232;47437;47863;60227;45447;18705;56558;19004;34982;26113;49588;14489;60337;46534;52550;27438;53430;53471;53725;27785;65299;26886;34732;66332;18085;40019;61062;37080;54795;21708;14572;58834;45218;29821;45118;58755;27653;40328;23042;25234;61865;22323;65154;53071;45048;28598;32542;42026;59288;20282;44269;16008;34606;56941;18239;60906;44734;41354;38365;55532;53387;18499;21018;27777;60539;20347;19928;40957;30232;47241;31537;10059;15906;66899;43135;26390;46372;53448;47510;50081;23999;62922;55657;61115;59453;64141;18514;40028;31553;15470;60586;53735;19545;30836;46708;13780;33291;57206;25185;35723;66587;29729;16137;16120;62883;58309;49980;41668;28999;31475;10088;29467;58921;46471;38157;43899;43867;12065;44256;27995;46288;48649;18429;27321;53600;53773;27594;51176;26870;42372;60145;56766;49400;52892;11569;13419;64999;12100;20654;10210;32405;24644;27293;17158;18479;62239;18438;55643;50861;20129;46126;63262;14970;33865;22699;17684;25171;45080;30040;22254;39776;58017;64231;41236;28908;18162;49261;10937;15250;62102;31702;16937;28808;61161;15364;17181;49289;42787;54868;44647;40164;15511;34234;12794;57003;58027;28927;48290;17739;24393;60891;29037;65763;36888;60536;27799;30689;27230;15269;63404;35526;46804;60883;38520;16401;47362;63426;19557;39676;66806;24150;12795;54526;21536;49149;11644;56539;64198;28018;15227;43961;19592;43093;58493;64613;15163;31798;65266;59806;54543;57623;61849;17004;26523;65523;63344;60242;64194;25143;37214;48202;27906;43484;59906;31106;18427;66702;58829;19997;46957;24565;20695;14018;65271;47360;48821;27284;55201;33752;47002;53008;40033;36170;50533;23218;45241;36017;58491;51895;40207;50134;42701;34829;43411;38557;17051;64672;43071;49977;28618;41929;33806;46514;62630;64156;35448;12270;59622;45636;63715;20468;57337;15066;26741;32814;43754;60330;51798;35795;15002;39146;56985;22810;10259;49005;53029;14310;23570;25423;13392;29708;16579;59962;40445;16859;18680;15232;45136;22310;18814;65922;20642;47597;19461;28044;39011;22990;29307;12563;16953;51198;18406;61876;40984;13243;50167;49711;27426;29484;18390;52560;40325;13710;58428;41284;62490;43519;32096;33997;13375;51419;30986;64752;33546;23596;23461;27251;24131;46828;44839;62801;56481;23311;16105;63108;55091;41865;51824;35579;57197;11031;21559;54915;48977;47186;31056;34158;16720;25335;45178;39035;25836;14281;20456;19412;58219;24613;16078;45052;44278;36681;20226;45643;60032;46846;30168;66326;14394;34575;32201;41430;21936;40791;10959;12528;26381;53446;36244;38502;25595;35736;20979;33317;30333;28798;21987;22487;17986;43344;26477;23792;52173;42897;47705;49747;23304;28589;50366;60052;46050;35850;60638;58736;13745;49524;26159;44690;21643;40277;59308;54083;36206;14805;58087;41123;35107;66614;24011;66816;62707;55283;31458;13834;60839;10965;52370;13515;59160;42266;63112;16855;61287;55744;28293;32312;21084;27374;15387;47144;60816;28181;38010;26752;27875;41602;53036;40148;59340;37733;48376;59216;37886;43498;39863;63088;48736;55998;66686;43357;59979;27262;63360;13085;19029;30154;52861;38139;42070;14617;54277;40378;66285;58960;24098;23234;27072;60092;24822;10015;20484;14118;44841;52535;49338;63213;38418;11173;12552;61154;47043;38280;62963;29767;27199;24153;28360;30438;33113;60642;46969;39383;53739;66630;20878;32467;64308;27079;28201;11970;26257;15764;36102;42462;30239;11918;27411;35087;45617;22047;49732;17466;62435;23430;66195;21058;45107;60461;65298;23458;26252;54700;44403;18242;37135;48344;20886;20198;50912;22603;20076;11516;66292;52330;17388;39802;12227;28619;39581;17756;65198;30381;30737;42756;19199;29756;32373;27441;31363;46696;32389;22181;41963;30308;51333;22116;20368;36071;17193;47397;44383;27545;56043;17665;46276;18459;28322;41161;56178;17105;21108;30396;58222;28479;47880;50420;44638;22604;65169;12684;52141;49751;32741;34180;31596;19011;47700;27330;61257;56434;66077;18214;46256;38179;51441;14519;53250;24111;21577;30656;34556;32616;12969;49052;48949;59144;39406;46328;12904;32395;15678;39095;39478;13248;25805;22804;57742;23224;32982;55755;31183;35532;20259;22350;32610;60369;25683;18215;26567;56552;44661;42005;54989;30797;13196;36830;21583;46699;47345;47182;38768;55036;20793;33516;36818;59633;38312;52154;59663;38023;32386;49442;45003;17256;39405;33233;14407;64414;24368;11585;40108;56045;18266;15284;63416;38442;10370;26568;26763;28760;19139;18234;16804;14031;51051;66148;30288;29223;15864;62644;21887;20245;27575;54215;49826;14988;51540;59464;45404;49434;56194;55096;43576;23646;63826;31223;57116;60049;12086;10467;47449;34958;65600;49616;19201;28439;50116;21626;63579;18560;34890;17488;51686;25569;13535;36053;34476;53903;50859;17983;45738;29248;16740;27358;30869;11664;37461;48655;23891;19186;54330;42341;20557;23246;40624;43062;21576;46203;58046;58580;23344;21003;20075;34437;24247;46344;32906;55378;26751;28250;57855;53768;62974;55037;34940;24839;25508;11338;62935;19454;54796;51152;55112;38273;27746;24699;17108;28611;32285;66395;43325;21754;36368;52581;17718;34073;59384;59269;57234;46165;27120;13947;51159;33784;55964;37057;17072;28822;55084;53242;52819;28366;26235;38395;21757;65914;62507;52152;49955;36898;54339;59917;40932;62794;45938;63298;16234;23951;40568;23088;13413;44755;60329;62508;57486;62138;53063;43982;54508;58686;35278;51586;33822;41184;66076;11575;39104;17114;61146;44952;18136;56218;32351;10141;53571;17777;17261;41272;65550;56929;16899;17577;19547;18133;14215;57097;60714;13043;36208;36246;45270;52201;43091;34204;34708;26253;24747;22959;40762;20105;30125;51509;61567;20840;35031;24575;11495;49318;11150;56502;59400;45500;38902;41278;20959;27170;63822;60563;63670;48703;37130;15807;45427;55409;19475;33741;10184;29196;41502;45819;12943;58398;20499;50144;35774;63930;11033;45220;41710;41365;43345;25366;50963;23595;21863;25534;49956;36890;38801;42498;17119;32842;49553;19690;22190;11537;35436;32641;32133;65210;47813;40604;10655;18481;60967;64306;50294;23704;17575;32993;18289;52528;19192;33364;39799;64144;44901;20190;11548;50662;12760;41092;27974;49891;38550;12489;38940;59798;10350;24851;37652;21305;42053;24567;13267;57772;30792;59268;22898;10304;21402;26244;65965;54168;17221;26332;47660;53211;45826;37170;31858;35356;33024;53065;41632;29014;32081;58310;17496;60275;23520;27704;29205;24617;62553;34543;51026;58890;11534;49123;38258;56248;60163;41593;53200;49569;30633;49475;25060;10525;56010;65386;28004;27959;23469;35728;27436;51035;34381;21821;18573;52362;52883;29198;16274;25223;55598;18765;49276;22049;64451;18906;56751;50056;26419;19859;60654;11901;37008;56666;41968;44792;47330;28642;48893;65610;45879;23558;65690;54802;55242;23104;57534;66878;59155;54364;35839;24836;56543;13532;16492;10527;22399;45393;61140;14151;30604;51574;14009;35837;15161;64996;46231;12301;40705;25292;13511;28173;63877;66057;29146;50937;33120;37241;41708;43746;19799;42365;13064;26824;29606;18207;21048;24906;31931;49273;58681;12875;65748;25383;41599;58644;31888;26809;29599;30004;59526;60751;15576;45075;15582;50354;16090;49300;31218;47105;54518;12782;28167;34057;38063;41858;10381;66149;27567;20563;60715;54834;62944;61068;52246;39041;46641;64180;33075;39033;36018;47243;61086;44362;41271;24124;14484;43985;64090;20953;62432;59674;45608;56243;32891;27168;42718;45085;56308;42323;44508;43400;38571;49314;60440;32130;16633;35072;29985;13366;59212;32959;63910;31659;47746;64097;51286;25479;63541;38370;48299;27613;27403;61697;10999;57425;34781;53463;13817;34722;57024;34954;13741;35270;49652;46614;23341;49574;10603;15362;34027;16807;33706;27865;47852;16602;19841;64154;56030;34134;28720;66947;10629;54200;55071;27921;11171;27007;57431;34983;61829;38114;20232;57240;50588;20008;17363;31173;27544;31305;29639;47381;39779;10442;16797;40470;61445;15729;33237;35389;31304;25537;36404;46961;30920;47382;45047;39948;64704;34127;64789;42626;15769;13544;29211;13041;28846;53354;62926;27314;60677;41500;56036;66772;17128;41985;57654;28535;64540;19209;24495;66732;11570;26213;57615;62257;24689;62191;27840;18793;47166;19602;27450;30676;42533;25548;34490;45588;24535;22401;24029;64656;47307;55696;46947;52196;65796;14796;51254;60921;11930;44174;30721;16107;31505;49177;59020;25882;20853;46421;54535;59900;41457;42071;65538;58734;45661;39445;54625;48578;11219;47012;24438;26510;62218;64947;43802;37140;56844;16396;45628;59259;63655;25151;41378;43915;19978;61554;36929;43974;36450;26753;54341;26160;40991;44153;65584;48256;56356;36306;52699;22770;21930;13918;56507;58119;14700;49210;44002;27034;20629;57184;29225;31570;44853;63728;57139;23316;20053;37641;64700;50803;17106;25420;31107;31151;64029;65552;50747;10144;27597;25339;49639;16233;42665;36524;59048;52880;52622;35366;25708;51103;32222;44207;60559;60492;58975;31335;38113;35187;43589;42598;41976;29232;31873;34694;39047;51233;19931;11250;42918;38724;10090;57868;23579;11106;22871;28744;24898;32043;55180;57378;47553;21435;44306;42465;21112;22591;43203;64957;23462;48356;20488;33486;23572;24718;14286;56943;33656;53556;29560;23350;12664;40305;46908;64253;44156;58256;22197;37646;39617;34459;63868;39342;54540;40578;41342;64641;63335;14071;47688;37089;64151;42324;38241;37701;55014;17232;14331;11435;49972;41998;27691;33754;27059;45328;36977;55924;29448;24648;22775;66281;46723;33916;38439;43581;48319;18114;46770;65613;31620;62550;19769;10830;38105;20613;66178;16386;52850;55769;49499;24552;21444;38675;41639;23027;50278;29274;21298;50792;42981;57788;54764;58103;21079;15143;43612;29410;60348;52192;53334;23071;15122;60744;60005;24405;17389;29332;65782;23925;60237;45482;15187;26018;60823;43846;49321;12575;15499;46318;36300;37159;35114;54650;30685;37428;49044;37565;21927;65087;32470;43279;15838;63806;23685;30650;17666;39660;42666;40874;24882;53857;54575;57062;47605;51282;31700;61292;15562;15890;56882;39833;21097;66200;36617;17160;62569;44820;38097;26853;26386;18456;36468;55530;11349;25034;50961;28929;24095;44254;15162;28701;49660;33236;47074;25996;65745;47336;43524;34844;43096;10417;60138;64241;27925;41729;26262;13898;51640;47152;60647;44217;65402;54591;41537;17527;64554;10658;62987;12994;39379;21217;66133;66760;52849;34167;36738;13768;23080;30649;27333;58731;37203;26239;21072;40094;63884;50319;56140;23168;16397;34904;45838;65428;24147;19009;58922;16271;60630;45177;46574;37865;15276;52156;28796;23405;42483;50041;41884;26435;36657;28006;23612;31470;56786;15028;40714;23657;64666;30211;33988;60579;21924;24963;13213;66319;46840;34050;30905;39275;30460;57952;39772;17269;22900;40912;59733;15146;57232;49807;25126;30261;10544;57947;10266;12337;65151;15960;49347;20598;52322;21427;62746;47772;61134;57756;56350;38320;58967;66638;35220;23009;66518;22314;26699;35573;29504;57336;43292;56757;44205;61390;39317;32656;32139;52978;50712;66566;61465;38561;55791;28922;31803;12332;58357;65568;41205;37799;31862;59390;55291;30106;17562;55568;41863;24740;38806;20933;33027;29033;12006;34754;56996;24754;25666;64083;47436;34439;28249;65629;54065;26943;65092;33602;44894;57322;59483;13208;50173;24065;11851;52032;19346;29140;26489;22635;44430;53870;40413;41398;40045;28363;64043;23610;52254;43289;16701;13667;24301;15287;29101;29483;22539;42516;30941;32703;47713;53886;56137;39531;16573;22545;26132;45288;62139;46791;37664;36769;54111;14270;20175;51382;65531;28550;36699;35171;17745;39991;11204;54737;11413;37484;60468;51447;28941;22569;43601;15403;26288;51588;14368;63596;31287;62188;52258;11018;42782;16539;55552;34162;22106;41510;13877;25365;41563;31133;23701;61985;33310;39887;17137;34075;34892;44506;33728;66662;62477;12359;50636;35578;50944;24695;52452;64912;57387;48324;21339;36426;53173;11163;24152;11621;42044;27581;21168;43673;54063;27708;42674;24035;43882;55382;49394;57126;30113;25893;31115;16073;21199;34704;60362;46607;18358;41147;12414;22149;35593;11579;20404;38946;28746;15654;53376;34238;37861;17470;48367;61692;11973;21202;31392;33250;55271;28096;47744;40782;65119;13310;12677;14390;47430;24830;60142;34386;38876;64155;42196;43603;26079;35285;24461;41283;46787;24692;30145;15519;45503;50370;62226;43574;16196;47216;30158;29088;30900;18458;18436;53028;31977;66221;22679;30926;12206;54690;51229;51733;64940;25385;19403;51855;59382;46031;53550;20536;48706;44113;40342;29124;26121;63257;26106;20945;41687;27978;55894;54617;52003;12389;46423;24305;50515;53567;23942;45031;27184;11456;66825;17439;33411;47018;26279;27788;24893;62543;40946;16126;66129;30370;59940;55023;48625;65406;11559;54827;36710;42271;44776;53058;35222;53370;28840;53895;52106;23242;30090;59638;47536;11589;25374;46208;32530;21335;45023;43180;43046;59683;24307;22470;48851;28902;52543;51097;23323;63462;33833;14521;39456;25305;19611;31583;45808;54706;33460;22384;31094;33521;59603;35826;48691;24149;27626;24665;22005;11425;56785;18839;42120;25507;44396;42141;55731;44425;28185;13805;44072;12578;10445;41397;42807;28020;59716;10173;37343;53361;56158;44846;20351;53576;47469;40465;47693;25127;18631;48403;10508;15779;20425;42524;20823;58198;27857;52244;51724;41871;62770;64953;52923;58776;60745;54253;30843;35881;23656;66278;45250;21239;49905;19336;21597;10729;53081;57368;30542;50179;42065;43236;43164;51607;27439;41586;47354;20788;61047;37420;56938;28501;30736;43983;12561;65290;57068;23121;17455;46379;10009;51658;25310;32275;64292;62465;39718;22144;43873;39226;59521;24811;18090;51239;55286;52977;48484;41709;66512;53156;56654;31114;46703;48792;13825;19057;40080;30666;21731;12932;47467;43583;15428;16195;18526;19265;64060;54018;57117;19770;61789;53989;56317;30866;53316;18071;59059;51983;48482;16698;59086;51868;16803;17198;13286;36310;29866;58570;57652;62119;44135;15957;49324;35161;17334;65248;62853;18009;36862;52673;39848;29237;22526;32273;14235;60056;26728;54534;19123;46824;15965;44586;52843;57904;45383;49728;60616;35325;29816;63879;39218;40766;57588;60995;22335;38861;15479;51506;57774;26808;42353;51115;66894;24295;10984;57475;61328;53767;58535;40929;31507;20290;19322;35273;45614;34691;63393;15497;44653;20816;44933;13625;11582;47773;35682;36097;40180;32146;55108;26934;55847;45755;63600;20585;32381;31431;23709;46016;41625;29226;57621;62051;44482;19361;46040;32639;32005;17268;33903;12967;64721;15084;47503;35988;57715;16534;13093;29497;23261;10031;46777;14425;64374;18926;20754;41555;28877;16692;39938;21327;24419;18891;51952;40432;42472;11168;56795;16857;61052;30247;10500;55451;46488;21562;56500;56015;17604;59727;49224;52345;61684;64336;50659;57442;54420;40244;63133;49877;22819;40288;10714;65497;52876;53188;41411;53254;50724;39393;18175;62860;58523;28542;49952;56593;26928;41699;33132;61004;65037;52716;64252;26492;25726;50369;62876;64313;59664;35816;62780;46647;55536;57959;35999;38944;24923;14567;31921;33337;15726;44101;47708;51320;28030;32648;52771;42784;32766;66356;28080;54118;51929;64094;29921;22620;11528;41134;51480;34173;65551;42951;17356;31597;18048;12062;26287;24655;57290;64024;16936;39245;34290;64467;63615;27163;14691;27867;32943;26346;41640;64191;14656;39989;32262;30066;10473;44920;29059;13259;56249;23435;28413;23689;64177;21799;66181;58858;65638;56646;43438;32890;22992;19249;43734;26035;51190;65434;50850;37400;45717;44539;26518;57726;42963;63948;50020;45296;19899;50625;52434;18498;38243;58900;62216;32402;15971;30859;38780;21343;54369;58035;26156;25643;61580;45411;45511;53865;32334;65948;40124;25744;44042;13943;63043;64223;53241;54372;12793;27994;29942;52688;41716;48864;63297;62217;55053;30022;47828;41219;16611;26031;16622;47612;28437;57539;37810;31627;18213;32196;58787;61169;13487;44336;37243;51891;23191;45862;65589;51291;58016;35105;15261;57252;17572;41781;56014;36373;38585;26578;24214;63787;41126;65155;30965;48297;40945;29561;14437;41853;10550;12774;52965;53054;47385;53178;11511;12751;47786;50524;12218;22295;64125;30411;58579;37096;29557;37796;14089;22304;34388;66804;33193;15107;51548;57101;62116;47771;22697;62321;63169;15016;31362;39858;41163;45339;12464;28935;45300;31199;42477;35027;33374;30485;14059;53802;50797;54718;28741;50371;65740;39349;26658;13676;31790;14443;46952;25325;59946;66264;52449;62535;55914;26097;52190;24324;64533;12713;39877;52678;23394;49413;45271;31971;59408;54651;32377;63585;15200;51943;50761;41183;30238;65481;24037;65003;10018;56256;32947;64078;37627;60252;58707;53732;26403;28794;41612;56145;29193;50463;23932;34043;52494;31964;66942;50831;18965;32211;48179;22633;29800;12316;23235;31869;15104;13144;17258;66864;43493;59629;46503;35524;23130;32671;20179;44509;53072;28230;38525;32371;42815;37375;17303;60785;28742;66424;48457;15547;19476;41452;64178;12352;39051;33597;62908;58085;32098;46368;52045;15145;38371;17674;16737;29347;14106;27303;36964;50784;57612;21915;21349;48489;44438;43833;17627;49346;28396;59854;21777;55294;47125;33477;57348;37915;46056;37459;23616;65056;17530;63072;23223;51305;24264;56204;20377;15935;56068;30245;17479;51245;47798;40708;16336;15295;41646;62221;40258;61325;26818;55509;57084;42905;33615;41073;52690;61000;47752;33160;63062;64279;65246;59354;56822;40913;52471;21829;13112;35659;53586;10609;44056;40115;56284;52854;21869;36778;63195;18168;26906;27850;26046;26669;16799;24901;52473;55625;30728;10004;63303;31802;45472;54610;66693;34777;14339;10835;46570;31482;51961;23312;42875;46806;54465;63499;26560;48252;63265;34384;53011;49770;52260;25983;29671;64573;33045;58636;12424;27229;64960;11917;16724;19607;23473;60057;47670;40491;38192;52018;52619;54995;46884;24066;34766;65486;56838;15835;58068;21389;32034;66968;49929;25261;16516;21734;45274;55995;44004;45135;58252;49232;41232;27513;46172;40818;24346;25336;43126;34314;41174;64186;56297;35882;49914;34620;30570;59799;41856;23256;33249;66151;49144;48881;62238;19619;31635;26900;57447;33378;55427;11049;25518;18007;38039;48172;51409;37578;48668;51627;59000;28092;16102;50778;47363;46335;52019;61638;27551;28663;48978;48462;13821;54831;12980;58693;64614;44267;52189;27923;57635;61281;58653;55158;20070;53507;14064;26393;42096;41669;59839;28959;65291;27927;26027;19838;17495;20050;39934;21496;43770;33172;53608;53968;24758;14834;47714;35414;49075;30724;59593;28043;62640;46303;26358;12837;41813;19196;56299;25789;45970;56363;21411;60021;14325;63918;17548;25449;19269;39902;11825;23775;55761;26644;47723;57805;10908;14816;43674;35938;28383;43446;43284;17274;21290;40147;26617;29168;63606;36608;62115;20048;51173;53115;44110;32818;66094;33982;51113;53395;24961;20641;47840;16047;30454;65837;29622;41214;14978;35613;55389;22447;52010;35098;14297;39439;10226;35415;24736;11323;56281;50439;61424;29156;10804;15535;29057;33130;65127;28347;57564;17775;51027;11815;52499;37088;54152;17531;62110;27755;20713;27386;15941;59714;64413;49756;42841;42468;21877;15443;51788;14727;14385;28503;48827;41798;48967;60607;23287;60341;59394;11121;19837;45944;10291;10470;46916;29084;33642;31536;66625;46649;55650;29413;60598;39493;43328;41274;33081;49285;17229;17144;10084;39310;49255;64563;32258;14219;52361;65209;53032;31153;60009;30379;48259;21062;27088;50966;20761;48867;40541;14282;25697;20722;33490;33878;22377;15368;23156;31823;27485;27044;36822;55081;22710;18396;45396;30874;40598;22771;44676;64624;60450;38670;34085;28398;64532;19233;57327;23782;47718;54662;14534;45420;13240;17238;39144;12210;23842;14752;27416;58868;63536;37338;65559;56813;54210;12543;16536;45035;11661;15097;12345;37787;51844;57901;34031;36951;14552;22484;60268;45248;42509;49609;11479;62573;16292;34943;49773;39486;19408;11502;22946;45642;28860;41671;54338;61166;64093;40709;49445;22689;57762;51181;28526;49506;21397;53697;30664;58767;65366;42257;52357;57263;33056;58000;27899;21377;20529;21609;59653;35928;17522;57389;37803;39322;14842;63914;43212;28844;23281;43383;21223;29897;25864;44777;44140;16844;55944;60153;15474;28032;49848;29322;27960;13165;20062;21375;39143;29258;35582;54096;16661;52280;55557;45723;11903;49799;18017;11916;43152;15189;28558;60819;60613;59779;54880;46968;23687;20269;11275;23184;63180;11200;10352;36633;23954;60069;17459;42593;54660;52778;33502;13652;45946;24924;56657;49549;10397;41972;42278;45709;30236;66513;61796;10848;18829;59585;65094;28966;32862;21819;27742;45934;61768;45014;27817;44548;12540;60947;59681;25210;14528;45200;55068;64491;51614;22888;48542;65525;38124;12305;57285;32307;55277;52414;46819;54749;44528;49014;65574;47902;56371;28356;33679;24715;58941;18726;30654;16419;11535;41415;30276;58581;25588;14371;25574;20071;46338;37819;39295;42579;43377;63951;29566;64767;30494;47208;46562;11493;54748;22847;60342;61085;31054;47374;23767;39826;64738;30727;32715;57977;57865;33001;40420;33447;40696;36245;45839;14453;46686;59266;26157;55404;21388;40518;56506;35821;17050;53771;61626;52122;41455;40017;20908;29843;19868;22132;50304;48607;64900;54512;63886;11723;43720;56662;52608;16898;43965;52094;19328;40739;19871;50070;17041;11081;53396;18715;23578;50340;35163;42678;42941;14254;58584;45705;54696;62247;65707;39294;16527;12520;43435;21889;24787;20614;59482;60353;39025;55782;33990;47023;51813;25746;48981;61810;50605;28425;45539;34955;36988;49016;13355;11892;59275;63512;22564;14111;23031;27114;49359;25851;23243;39657;65253;65470;59429;27316;36521;35699;38845;17519;27570;18077;59679;21114;24935;39036;10150;24431;23343;57560;15400;20055;54138;51110;60857;11133;47466;46730;47735;52288;54741;24680;63940;57844;34504;60700;60908;32354;17824;40888;34222;12562;17325;13462;66000;64664;48584;64091;49452;22060;38784;42030;65506;37712;25485;39525;38152;39183;50821;13435;27516;13391;13500;11148;49288;29575;35864;65510;46802;10108;10997;22565;20630;15587;58031;53290;53706;32079;59778;19426;13666;49721;28801;23511;21160;46529;20518;35860;54694;38737;43218;25268;16324;10852;34205;61083;13634;34324;15787;54799;41448;57864;28919;17502;27260;51582;12090;31255;27443;15098;28577;42379;58779;26210;59661;24055;25514;47163;43528;24047;33697;35331;26571;24555;61327;34219;66721;44234;33124;23944;41424;14225;33888;10688;21455;42441;10667;57689;65023;58208;13739;19720;35612;28612;64526;46693;29119;39628;63143;36099;27800;66465;21196;28045;27125;33685;31962;52623;45635;65391;63663;31830;39135;11438;55351;61049;61208;57293;13715;48609;47296;66125;50689;43311;19488;40390;42744;63387;14598;15979;44007;17489;65519;28182;65178;54225;28802;47775;16455;53410;13274;54193;37193;56572;29539;22054;40245;63289;35982;59571;19918;52639;15195;48592;28327;53775;14221;45299;33095;54038;28682;44538;30181;13404;49900;10100;22551;40171;20163;38233;48352;58370;51634;49965;65123;63096;66777;46568;51191;26694;51962;50367;15502;42698;35197;33716;23587;32515;13116;29392;30713;35575;60703;11718;53047;19767;28103;23289;40000;14066;61892;54101;29786;36022;58078;49111;22945;10954;57347;36218;18231;38389;47122;38589;66731;42597;19893;64989;44597;35985;38140;16364;66546;41172;33345;28116;24989;54399;62220;16668;48164;62208;23844;57843;35459;57574;50590;31456;53454;20814;27744;53822;38231;55591;61623;64243;40512;53686;46891;18469;25405;17702;21357;18170;58080;47154;26559;18334;64663;55820;10122;66778;20997;26047;32640;26278;19961;21330;45509;10521;64450;33357;52131;29846;15839;18066;34174;21283;56422;19601;58026;56091;48944;42848;48595;47100;23161;35639;42600;30515;11302;31848;56891;59956;23848;46934;12662;56946;22995;59147;54467;53795;39560;19118;59953;58468;33973;63115;63292;53908;35719;50960;45191;29203;29953;66905;28771;44218;27834;51581;34486;15917;27554;24568;58850;51728;24194;18045;33937;14571;66383;23974;19041;50826;30768;20727;29832;48822;23388;60731;18621;44904;21288;44031;46483;46420;48957;20836;16598;60543;16237;44851;26806;24712;59452;47886;23465;62624;12085;17985;37038;56724;14689;62372;36972;44321;19337;38336;48942;37848;53529;49325;40063;61529;22611;27725;47738;33409;45428;24360;39246;35245;11998;48928;51076;18605;36615;10854;18308;57463;18628;25745;36401;42183;53812;50054;59229;13249;15891;31259;30531;24271;31950;40428;65891;20556;65842;61680;19903;10185;32545;33864;53671;50981;15929;57799;29040;54567;51902;33779;61183;38295;13585;23452;46925;49221;29849;50043;28474;11353;38128;18082;22802;20678;42613;38792;47873;63008;45775;56442;64114;52695;46258;15871;43025;28751;21150;65033;51347;56551;54916;15202;38401;61537;26136;53369;56990;56682;11247;18789;30322;55050;26437;56549;65293;50231;64211;10784;39841;20690;55978;56789;27157;31332;45926;58750;52900;15951;53149;61767;33554;25358;26691;39552;45579;48560;12708;62966;18650;46750;39939;53439;55757;31000;27471;49132;55183;16895;47316;33945;27259;36283;29509;38932;20657;57948;25155;21197;11455;26302;23444;11314;37717;28945;50626;35192;10549;49043;47881;43820;24447;31929;60748;19895;27524;13183;34376;56197;62887;40291;22166;26168;47097;62863;41718;28348;11112;25085;36875;57877;12823;62997;21198;27021;59573;56388;63152;32537;22664;29833;49011;41059;30332;38033;31784;28668;31111;64291;55042;50270;28087;25988;39574;22450;63666;30969;11288;55866;58250;12413;16957;38227;14991;50613;27014;51234;48270;22421;13046;51118;21122;34171;33805;43048;17573;62906;24053;22191;52948;15594;41050;48447;31252;25271;55490;33717;50032;57912;18655;31093;38567;46903;25168;20977;61921;31852;19438;25300;46919;43637;54532;46738;45046;62613;62637;23125;30386;36919;21654;43975;51390;29334;49712;46044;49997;57129;42589;21060;55082;24825;21090;17508;45269;37502;31729;17094;42370;38672;16367;49681;55594;10920;14533;21666;15650;39289;31860;26849;51182;54025;38770;42020;11630;47671;58258;19880;52079;15712;29137;54770;65719;32757;52851;29940;61193;36856;58794;18957;60567;24436;21066;18450;32271;39700;50221;40570;21989;21073;46282;19710;35284;43418;46533;50348;31634;49120;36820;23911;42157;18887;19091;55321;22970;39017;41067;31910;32689;10275;34936;64071;25832;51750;44290;21250;57684;25142;57225;46067;36054;65617;52367;17059;14474;35101;39586;47159;58497;61803;42052;35543;66665;37103;14179;54648;19723;45182;15144;14248;16776;44979;22468;34815;41603;31329;47546;26265;22546;21888;58632;40421;48331;45536;21292;27472;21315;48514;38642;50428;50840;12019;27392;55908;58263;39462;15845;51782;43082;52456;65423;66134;56109;61471;16746;31004;49102;10406;58478;19793;27378;25965;43478;32122;46592;35485;65800;47620;19376;11485;21807;50946;30917;11653;49018;64045;27902;26218;44494;24030;14871;24373;25105;35029;33173;48193;60177;35763;31898;35530;53704;38482;13728;26857;62248;14190;66162;57464;46446;45103;54376;30123;56096;22017;34375;12948;24560;61230;39375;59422;21466;45119;45787;19473;30610;31479;43702;11359;59777;53734;33659;41906;12852;65242;26693;41712;13952;63733;61172;30810;19565;33672;37948;66954;61121;25861;42072;29781;60212;53209;41664;58135;10007;15384;62740;30231;20274;42334;25575;41868;58148;37441;20186;48412;55958;12783;21295;57591;12542;22184;47552;31577;42959;24706;61749;20521;31576;21993;30091;45696;41231;37713;33610;32673;18666;30947;14447;57497;28604;21717;46055;54581;33261;18430;63259;35832;28517;15572;29072;38548;41076;27728;32915;45982;24349;14954;22652;29727;25389;60609;10138;60400;35640;18866;49495;12851;42527;35134;55969;24201;54958;49993;59037;23392;56975;46684;33262;24530;38499;28628;60537;54052;39476;61299;22226;55047;21076;57782;47149;51919;66856;30637;22943;38955;31193;54184;54678;10101;36842;14166;25026;13360;57941;52398;26014;29693;44258;25804;63729;66216;15867;51958;39664;51222;55549;34391;53860;57244;27235;61268;29991;59958;43151;24497;29477;23836;14949;32008;36900;18120;50239;59073;16002;28867;53900;28729;58978;43732;23693;46243;12004;59015;66358;10801;30349;39774;57095;54843;15100;28134;61994;31566;33383;57478;22824;33476;11810;14712;46704;35435;33664;49536;58362;16061;51729;61291;25572;54201;41198;64150;60205;63294;13969;49438;50107;38679;30786;15380;60892;46796;49754;50460;10633;16147;50188;50815;43288;54584;62232;34813;48261;61854;57465;64267;31937;64010;61610;15439;46950;23142;51839;62156;50415;14929;25828;48886;30165;21316;26565;63406;38027;13235;56098;42351;60315;61159;56664;30317;60590;38639;31454;20047;23196;30249;27050;35529;31443;65274;29579;63651;21706;34874;30148;40685;61585;52507;43932;33718;13340;42147;32577;27618;41850;53825;59318;27738;43552;54871;46180;34118;54320;29224;52315;61317;64635;36694;37418;37604;29605;19512;41111;60727;58199;20772;28415;34551;36383;56709;17503;48618;34627;34445;28245;66719;55672;46557;17185;51432;62699;29415;50261;36020;21749;10008;44393;11659;35873;43670;35338;21219;14301;56675;24656;10559;22286;32635;64273;42771;48302;36287;41181;60010;25260;43671;61754;39216;10050;12119;62086;23035;59362;44603;38888;24238;27649;47064;13386;12881;19098;35815;15120;17131;23650;61439;18284;11576;50924;44724;21534;23565;65259;22642;59182;57706;39089;30777;33799;45471;43354;40915;45761;63050;27024;66606;63042;20201;47789;19395;63905;43780;12964;45390;41410;27442;22176;27357;58957;59109;21282;19119;50498;44858;50928;11814;34833;19894;48775;42764;18101;24798;17594;43664;17512;46138;14065;43300;64732;31915;20385;57759;14415;17163;25065;17076;61005;44274;55328;33308;31251;37773;25568;20152;42401;57661;20216;20622;49242;55211;50822;16404;25807;30176;53832;61026;20949;33192;16230;19812;39710;30335;43958;47570;14367;57331;53850;55391;41414;47278;56024;15179;49477;28662;55679;59244;66914;31166;19026;17721;14239;21942;51087;62683;60701;41116;16681;46612;38326;14143;65373;21809;29691;13301;40299;31186;27241;18503;62283;29287;19549;40530;50760;25226;26829;64115;28404;22641;19499;15050;16009;64148;46145;55634;58316;22292;38208;58687;36551;18634;24188;55589;45953;46930;29882;49328;37372;24940;30648;62358;25649;42172;40076;61629;31342;48521;55104;61109;21266;40374;51814;13803;26932;55608;48972;66862;59920;58273;20674;12632;43006;37335;38515;37626;41920;28378;66152;46606;16866;24673;50140;14716;53490;53766;57522;39913;13015;44620;35915;39468;38191;21742;52163;27776;60899;33123;12462;40827;41473;24406;34416;62729;54852;39936;35349;19707;11921;39831;27502;50468;63035;15322;17452;51633;54447;46468;40576;10036;12050;26720;11650;29559;24265;16306;28715;34852;61830;27162;14040;21657;62854;13153;54261;47062;22266;10294;26456;34140;44252;61574;58661;51989;22283;36185;52802;45726;46225;66345;18916;51869;42776;18457;17188;41647;53246;47085;31302;44943;40993;34880;36872;44680;13546;34385;50273;66869;47890;33955;41695;23696;44569;41913;15019;39596;22168;43191;32035;46497;23965;18272;42924;16453;51759;31320;30659;65604;28027;28705;34969;47325;50749;36295;63019;35617;49277;13182;26471;51119;43030;24337;51653;20272;12867;26762;42867;46022;12599;12321;41623;34548;28382;26185;58541;25306;49541;31224;40343;55033;23209;55345;65751;50237;52884;46086;33866;25007;15811;46255;45969;28900;22768;52924;24732;54869;12727;40867;13308;25629;16502;40924;10607;23215;16452;12203;39976;10768;43386;49625;53301;58624;23635;19254;48417;30924;55932;17201;45752;53780;53694;14128;49563;60351;53702;60890;48727;60031;43966;65903;56327;56008;20020;26497;15054;30193;19843;37996;17621;39540;21835;47563;15553;21611;34175;52030;31097;15154;66068;38640;15704;57871;63760;42430;40533;34185;60255;38928;27364;51642;55951;13638;49796;55373;26073;31645;41418;13430;13285;44940;55171;62396;30162;32973;63048;21582;22216;30586;21718;20040;63521;48222;62824;65660;42305;33856;37894;36627;38396;23631;38764;50901;18474;42818;62462;12416;17332;10548;42723;20085;32490;37946;50677;56820;11446;54828;42983;46224;38667;10567;24090;21845;53203;18527;57308;56533;58220;18047;49411;40955;42831;39730;57754;55214;61785;31007;22219;12261;11849;28755;58853;63389;21333;56026;49142;16629;21793;12067;60895;27165;47131;39553;42400;16463;10661;25202;59356;17451;13251;54521;50976;31613;31161;20851;48469;64751;25121;59607;11317;35158;63505;19826;51741;50545;62673;36465;23331;13714;41657;43931;56421;65044;17774;30598;45703;27142;19915;22492;39224;20928;12557;12254;27905;35020;63339;22986;26504;54336;38599;22530;46634;38339;55821;55118;65232;23735;44471;28670;43821;41977;23070;42817;25766;63372;10976;22507;18357;44358;17669;35756;24069;14695;35830;12075;57765;52387;61082;12487;45548;44166;43910;32723;62143;14136;62033;51783;55030;52287;16305;37950;59893;27081;24203;37036;36428;52897;12749;28438;35548;54918;52469;33622;58498;32504;59536;20833;42284;52586;48796;12814;13841;14861;28590;10494;58429;16767;40151;47206;62844;46360;41109;15365;49362;11318;22758;39666;32054;40506;20267;20932;62837;25840;55691;19911;14480;45057;43042;52987;54086;62275;56616;33273;49704;41082;48515;58149;28547;33872;36697;20296;66482;11068;22884;17608;52517;37115;21187;13305;39083;55186;18261;16354;51342;19005;59599;35115;50172;12323;46848;37800;44063;20015;16595;19459;48884;43913;56221;35394;14129;40360;44689;31325;65906;46560;32454;37361;19616;59119;55337;34499;46150;33446;40514;37625;22703;61293;28220;17224;62227;24427;50799;25349;32007;11422;37984;15493;30207;38049;43898;20615;48695;47883;56409;38507;14614;54182;12974;28537;30338;33036;48314;66013;43991;11902;15933;27084;49473;61509;58798;46280;46569;34070;53440;33352;50513;46683;20401;55931;39524;50891;65017;65771;29358;44977;47860;33141;23937;34257;11369;61688;25940;12739;57390;45704;62645;62085;54621;39814;32625;23353;52559;19283;35235;49408;61671;49209;51022;66692;19456;28077;16524;31711;33991;49208;66443;44118;36301;48148;53757;50305;18246;62237;25454;54366;36485;24021;58867;13755;45877;21294;23145;28047;53123;53212;62525;39537;24159;55013;58034;51302;21083;38503;28328;63140;54878;25702;18093;42492;44928;36037;51812;52788;25942;28614;55218;43231;11999;40270;23273;43844;49004;55491;65332;64684;59931;16507;25324;33473;56067;20471;49967;24052;27187;65177;66959;30398;59219;32679;32433;37663;24430;40044;48677;38120;29929;39706;45237;45429;39621;63473;54257;39640;19198;33492;64977;57335;39925;54999;19317;37806;50076;60182;65848;66661;58765;38131;46247;34916;59459;11232;39291;49565;66589;20206;16370;59841;47308;21798;66042;54485;29186;55578;41550;43416;51671;19293;20492;13482;26701;46629;38222;30665;33593;61687;18343;55455;26264;24229;56749;66452;15302;64285;14206;64705;15141;44706;25315;56070;52536;32599;51569;16973;13082;11561;24785;18837;51897;32615;29383;47496;35252;40772;40386;15390;36589;14986;20573;18096;50048;48685;11836;51909;22582;42136;52198;32385;45042;49533;32010;35023;53443;22046;35487;42190;15513;34677;31307;60276;33740;58743;66373;60972;58784;37146;50681;36059;29654;32702;34276;18068;17792;61833;47347;59140;54377;38655;51842;56326;18934;49947;18577;40700;50299;66043;35934;19219;39201;42075;26050;16567;38779;50985;11531;55266;30953;24109;16715;39374;57668;52218;60641;66407;53753;28918;47434;38308;55946;34978;62531;50505;65614;43427;29551;12450;29062;38435;54325;16849;36434;66877;42797;41233;66170;27706;43948;47076;53135;43286;11141;24832;58714;36323;64997;51423;36969;22988;47868;57786;36733;49226;49643;22362;39865;51816;44150;31880;30655;11149;38466;26816;56012;34717;34757;48338;56805;38573;10990;52635;22159;59625;64931;51809;19845;49317;10270;33496;38732;55113;16604;64479;54233;51140;10115;44945;47004;19381;46742;46441;66687;59751;57634;48458;31649;62870;21504;27587;43154;66394;63084;57220;33923;10340;56780;52838;27750;63833;22968;51884;11015;45311;65218;45502;35348;46039;17422;21262;48456;54502;17320;55198;20954;56269;20024;12531;26750;35754;43978;38757;41286;60551;15309;13831;63137;60377;58064;43054;66696;39274;64271;35539;44206;24772;18905;32131;36593;57449;61170;50601;63144;46264;32006;25717;22193;22882;49238;21931;25636;16703;37684;15033;59379;57770;39695;10995;54454;29581;42956;43209;48431;22972;17636;54961;45725;52549;25298;34498;65343;55609;21307;52464;51826;64346;31250;50160;32491;33289;22167;47812;50245;19701;14186;25072;50170;29787;17384;53129;55470;20294;17250;23424;62263;53679;37005;23033;13983;37658;64662;34473;56685;58815;37847;33800;23160;63988;21179;31360;13606;51156;57841;11004;49940;33733;26689;36098;31562;25133;62048;34719;54522;47622;16228;39021;60012;12893;52862;65927;63476;21606;61123;51204;44751;47885;39186;11231;42238;36950;31072;26447;38657;21817;32441;33671;50072;33686;20896;22284;30657;53003;51064;16154;64691;45716;42356;23448;43463;14600;57987;24528;29927;50969;32150;50752;31351;12003;18494;26831;55555;59381;36055;10541;12000;28193;26830;53654;11123;27129;61530;56930;45252;42734;53800;51901;12387;36090;44551;42914;30150;35655;21459;30602;60690;42364;27930;28275;61898;49391;13287;42097;58962;10862;30742;21999;39032;54688;26224;18597;42646;22940;22885;42237;10425;24991;66432;56971;49392;28312;18419;35648;27275;53333;61881;39420;59803;31070;34984;38493;64651;37783;25673;62054;40226;47529;42614;22449;42675;15859;23412;44134;45552;45560;33353;23192;18950;47255;44180;28857;37695;39174;13263;35417;10736;65882;59960;16256;31978;21549;25899;25433;34232;39565;62043;11319;37893;52816;54788;55721;32778;21259;20582;12535;15589;26100;12002;57471;64159;14866;64645;55485;35413;57740;56167;46153;34083;57933;12102;40691;24474;14181;13130;59670;36199;60979;38591;35264;16687;43237;10292;14424;56460;10427;44714;25620;32048;40367;10043;46849;49175;35110;22866;10664;58682;11519;14550;20166;47056;53853;50274;46120;39962;21320;26054;41125;17606;15423;34494;54095;38802;54103;33469;18925;64770;26117;39463;55233;25104;10288;11146;34744;60478;38664;31156;33757;37182;37692;64384;65455;16035;62512;15722;39788;62888;57677;50099;55287;41450;12452;44997;13693;14631;52641;41509;19825;50052;19530;43264;12390;56837;64006;55699;53796;61910;64655;33218;27913;56890;44373;46102;13011;45484;37573;15157;61622;23761;54519;35879;49986;14121;30430;47304;46447;29990;11320;28292;51243;47602;11352;30385;51725;27117;66491;11365;10319;28717;57708;28125;23859;33959;29746;64620;21591;43776;18433;29082;61534;16676;50596;29375;34317;16055;56274;17090;15212;24554;29562;17722;46521;14644;44281;33332;61191;30870;55385;48755;38028;33279;50830;56871;59002;57819;58927;57638;26338;54844;55478;25156;62783;63148;16246;21065;11830;53663;39202;24609;33933;38200;14230;66801;61923;39069;21491;11274;48309;57934;50010;25986;25712;64355;65302;61628;18521;51129;18377;64351;50814;31013;35431;18953;49869;31279;50527;42497;14853;17758;32830;10962;43280;62474;42949;34697;66362;60016;54587;18562;45894;23060;15755;65647;38145;44566;48878;21897;62128;19992;47358;52021;40371;15153;62622;26392;63870;36026;43537;20768;59987;63697;28735;56403;21373;26542;21767;21596;27892;13296;24631;50232;29075;27252;13619;32521;13505;57914;48364;19766;66440;31084;61304;63159;12955;30500;30744;34286;15529;56986;35006;40898;45831;53885;57892;29531;11400;56575;14939;14383;42691;61926;54029;40048;34150;38069;27352;60051;50386;52468;57371;11467;54207;34570;47843;59170;25622;14925;58090;51247;10940;26242;33836;36429;59601;26255;62186;35018;20348;22869;57566;46238;61326;26894;11677;34423;30356;59656;25685;27585;53846;32780;27209;21005;55826;20726;31783;17396;43144;29609;26321;55293;16420;38335;22820;55727;19234;10254;52718;52765;49104;18444;55467;38268;31502;37993;35549;20133;22684;61832;59254;22187;55751;23085;32383;23419;57724;33583;33925;54702;33582;50021;51309;16007;28269;17151;60800;30533;19343;48326;10399;13906;60918;24753;65681;19073;47373;46735;49790;20658;43094;32750;58217;42806;11558;10413;44357;18386;14370;35420;42048;60408;57720;35239;32939;18392;30994;31488;25157;33038;31854;38290;55176;34260;10819;64680;46905;17305;36781;16538;43403;54809;59128;37943;42576;11376;59963;65540;38196;35494;20795;13075;22307;62120;31083;60283;12734;14495;21564;21901;15804;51278;25679;53816;32980;23221;66111;45214;13265;28095;21394;58427;19354;43375;48253;31480;14969;16026;35039;28674;34208;14386;63931;44976;64843;34104;32494;28276;61038;44925;56721;45899;51482;59620;42491;54744;23278;53426;49247;34832;62627;14635;62181;18890;47592;18295;66668;37563;29937;20383;18303;63124;22113;25667;17816;31540;41980;56111;36869;15501;24463;26828;24492;19239;38137;63551;28549;43059;29898;39781;48558;21347;37976;28869;61144;42151;22398;50885;55977;24233;32965;46880;38791;26206;61929;27910;21385;63730;36342;59107;12259;41490;11458;34299;37986;29523;23109;48765;31519;47355;56935;43266;61664;16678;59856;59227;56691;28776;60716;35948;32962;64077;48826;47165;36031;36072;23526;50383;14894;54265;60768;41796;61591;45041;45634;33454;57450;24703;61933;55140;27479;66925;52342;50396;38501;45702;29461;42793;35520;27518;26272;61648;48370;46682;38742;42599;66435;38093;45774;52931;36499;26981;23114;65296;66097;38100;39300;42987;19743;58844;52041;36471;47267;54374;31825;16302;13368;15076;26325;30567;14660;63608;40979;35241;56926;37298;26319;14962;49990;55063;46843;50538;10851;12302;26764;51823;32117;36636;36725;41722;42438;26033;10883;18144;45348;35701;37209;33207;25987;17211;39372;50728;29447;19936;50973;22830;44342;57208;36809;28142;23501;31794;22325;19533;33448;27102;16782;18982;59274;43745;57227;48387;63532;46364;39243;49520;57530;42512;37195;59019;41179;34595;60710;54312;59321;15009;30635;12422;13574;19958;16880;49508;14854;11333;41171;65139;54032;60688;20822;48450;25001;62759;42996;64299;60495;17988;52460;51691;59649;27456;30558;59840;11177;56768;21201;55417;54789;10200;20980;26975;47103;44550;42907;47848;46982;60856;25403;15459;65582;24844;29259;62441;24622;48301;29055;29920;48177;40508;48859;18972;20934;21344;25844;22056;35731;32403;45981;55584;65295;39548;44405;44182;31232;66375;64922;48733;34643;28602;12538;51625;29769;43804;55987;25251;50584;48204;26232;56134;45555;66014;39721;32157;62577;38982;52798;20349;14649;53095;61235;37332;56848;17040;61266;65554;62454;58417;23882;41151;19088;11713;50407;60204;54529;41736;24485;27359;47294;59928;14490;28052;16193;51080;31390;19665;14748;50494;58174;66797;24873;42563;61831;36768;39109;39796;30587;40894;32700;18108;18862;32415;17359;28864;32151;21712;12033;64570;33586;40224;40613;58363;50878;26655;62857;14607;51455;65542;58931;20474;66576;38390;27532;36717;11693;40222;33164;49548;18780;23252;22228;15147;12459;51425;56368;37726;28139;43714;20239;59748;57929;45849;65712;25227;23920;53818;38151;39126;50977;33057;14021;37654;55017;21323;58789;46481;24939;48770;36389;50511;44016;29360;61457;23886;44428;12013;11380;51608;25913;53383;47776;48235;17352;54030;66641;20170;41947;18203;58340;54179;30923;48726;58804;16019;25038;28281;14641;64058;57104;12827;66907;60809;41552;25099;21567;37386;65116;15772;41350;23048;66477;59004;59253;45797;53042;60910;18039;49407;62772;37357;42154;42539;11276;21825;30273;11669;30295;27695;38355;13674;24875;21366;49415;63177;33654;46278;47242;39483;57009;33719;17823;21849;63333;18872;31578;21185;65946;14099;48228;39242;37562;35953;47392;17007;53601;51850;32248;20708;53984;24290;64720;17241;18313;57545;39646;30796;15631;38305;62479;26486;17987;29216;36943;45197;28085;56336;38130;28773;39637;21960;16474;30622;34933;41637;51613;37295;47096;13200;31152;39619;38772;17709;47391;63758;52511;64152;55813;36532;66536;12637;46211;52103;22369;55577;38620;32259;39239;24135;63410;21600;49629;44707;27198;27434;12517;10698;29763;45613;29806;11038;45195;54863;32159;10699;66972;58351;27182;25303;45805;27620;57202;37513;39994;24983;30995;33566;59405;54562;47167;66036;61907;36204;20101;25781;17704;25132;41840;49026;43281;40670;43299;33340;23108;16677;15985;31718;57810;44816;49050;22244;20638;43525;22422;43689;18232;11496;54948;35588;64875;36961;16693;63491;30464;47757;33174;60671;40571;55229;22932;14960;24929;58625;19950;37016;32171;19486;33553;47822;36607;42004;52599;23464;41307;59894;50995;32563;33404;23157;17679;58727;14044;26482;28448;22600;46837;12836;56945;64483;17307;35772;20508;35400;31695;46339;64848;56312;37269;59173;34743;31221;66860;61198;60099;58127;10533;58774;27166;38952;33519;20717;41811;61069;15889;28191;44465;36741;60281;20116;30410;58635;35206;24108;58074;59945;18069;51454;31343;45967;46911;44458;66331;54342;36701;64707;28244;58671;32988;41844;36938;65711;19796;46773;57105;29394;65813;26759;39407;55465;13528;63584;31875;32289;12288;59316;64100;26731;16099;44078;26963;13774;34849;41385;31211;63478;21152;48614;22774;22708;54691;44783;28648;56007;53145;13651;33307;11262;48221;42458;43925;24744;46473;16535;17447;19870;63272;37050;38526;19065;54066;37567;15578;52964;35980;47487;40162;40899;26406;22473;46609;63954;64330;63189;44255;53243;51841;42349;58676;65163;56216;22330;42329;63403;12212;42102;11926;38823;26077;40304;59706;42840;54604;45999;23232;30899;56195;12317;66045;44288;33939;42850;10460;37794;26285;57162;52493;45810;61273;30903;63825;14581;10865;43385;43147;50218;49842;39233;41493;60928;37076;29500;28876;64074;61096;52425;18000;10394;40607;55302;32244;60190;27070;63915;34434;60574;17397;19378;61427;50645;18089;58598;46071;53911;57893;43170;60691;22977;36857;35233;60429;34645;52421;15928;46082;17058;50523;20337;36063;62505;45637;13031;19657;37479;57072;25497;52915;16983;65526;18571;45355;19725;14471;34051;44759;47473;35061;20230;19713;65869;53902;42057;44480;11223;55479;42023;43567;38045;10078;52571;45313;47753;20735;20520;14349;35452;46509;15485;66815;45096;21932;31585;50399;50949;47275;37395;34623;26956;11129;57120;62379;59434;26442;57037;32665;59930;33887;42393;26263;12613;16865;24516;12012;14522;56462;25936;24453;47716;66953;51494;20777;16795;28456;15220;48504;33223;45527;42363;55695;44617;63419;61300;26570;54308;50224;21452;50775;22043;42955;19391;57697;33840;25181;24583;22370;16920;23851;60884;32073;40797;36538;44335;22760;57228;14872;64669;44705;51023;58885;63126;11761;63598;21996;29095;28525;20436;22993;42259;32205;41887;58019;26730;56895;13837;11490;19227;26937;28807;33834;21068;56732;55966;12882;35050;47340;32535;38536;40904;15190;45976;39696;21581;41834;30086;31804;65309;62777;20145;29184;37832;66173;30582;60075;12937;28023;62083;49266;13007;10028;21040;29989;39278;13620;11391;63363;56235;11218;57968;12084;51147;26536;47682;14006;51552;52724;25467;31422;31926;63458;13330;32627;41503;37547;19429;58886;66156;20487;62872;13955;20533;48880;57185;15249;29922;65562;14291;19023;21837;65168;24465;43678;59485;22097;13645;45865;17431;33493;30475;24125;59038;30844;38170;41065;14593;33673;59718;48230;11898;11755;64696;30023;29514;19319;50791;35707;48163;40043;60565;29000;26856;48407;31984;40615;34696;48561;62738;65365;43510;24776;63396;50526;62649;13833;43706;42511;16301;46800;32611;40774;63883;59063;15005;29439;19798;23292;25914;17383;43053;58554;16872;39527;54134;46575;38994;61784;37406;48612;34788;22098;30463;63057;11893;15008;58969;15046;37398;20126;35228;10786;20413;45563;50833;45315;26715;23360;53456;17365;66233;12319;59480;43926;43894;66368;37914;44803;32497;28078;27158;26165;33462;49397;59491;24619;27063;11489;51610;43379;30493;25848;18994;66348;13815;65005;62149;11429;48965;42639;19489;55462;26873;30698;18478;39882;64978;59361;26115;43245;28762;48616;20452;34656;45433;44643;43368;64396;19348;54483;44017;45309;58739;32502;36687;48660;62724;23747;19916;12692;16040;25134;39839;48692;33029;51511;17804;47087;36056;27509;22974;54556;13680;23765;38625;42292;52693;48220;37833;31909;29189;49886;50307;20396;53186;56011;35609;34501;31447;12243;49511;21765;38409;28898;62420;58818;23834;53977;25076;49042;15746;30966;27310;18415;18949;61261;38188;11357;23475;17820;30432;19314;42861;57942;50481;49755;64730;29416;29431;21668;17514;13657;41582;46100;64826;50096;41942;24853;43521;52575;27427;66874;59075;15446;45769;12351;29162;36085;38966;61008;45664;58866;33764;63526;14595;35983;41608;43269;31361;54307;17010;30560;42752;15240;30233;17287;41995;66608;33347;22346;46816;25342;37329;57362;28775;43489;21162;34254;23679;38544;36239;13820;51969;66919;20443;43462;64462;65243;59581;60993;18963;49176;44169;39022;29116;61012;54319;26313;19965;37408;48400;34950;23150;58741;29554;10447;66159;56722;63946;63517;31324;36108;40213;27057;12092;48361;50844;40087;55973;20392;40086;43022;30841;18751;57523;44988;13604;16592;55428;27110;57343;46422;60867;23617;59749;55795;44495;37422;45089;58768;18049;59311;29194;40387;28797;16997;23064;47403;65456;57649;14392;46515;26135;57289;63867;46989;46349;35943;27815;23889;56755;26251;55720;50118;54780;56629;39732;26174;40031;47309;58550;17030;26732;55035;66374;34535;46784;52158;46070;47279;44908;61422;36172;59385;11637;25978;62539;51612;13637;66639;52732;43439;14730;52682;34758;49202;27574;35019;66249;44497;31703;57326;34612;13981;28759;31209;15045;42780;41744;30408;39329;50295;14699;32850;44386;19203;57804;25437;42499;58531;31091;39973;45379;39494;53142;20011;49117;26553;36080;27332;28667;11698;32025;33243;60368;20917;54956;55690;21384;37666;20025;19745;51135;55697;34957;10523;46323;55230;47658;53862;40478;47874;40067;10585;11074;26581;39536;10048;29779;29601;10574;26949;58938;47143;22021;61673;10553;35703;25968;41261;51562;36537;45743;60887;36985;32077;32694;29856;37544;66782;14535;10850;60223;44443;28861;31138;11005;52340;56295;22581;64379;28551;43018;29613;39571;41263;50956;46139;51946;29873;65049;46691;52065;29135;39082;23373;31586;30373;44095;49301;31416;20781;20416;14615;42989;50510;33115;26577;62528;37843;24385;48478;54362;65035;60465;27242;36992;44128;57138;39244;49456;59235;54826;63739;28204;66479;66269;19835;26002;57679;31398;54092;51457;17012;39905;30987;15399;26350;19784;66065;18293;35606;27412;30015;15320;32443;20218;29714;50461;50492;16875;47845;61128;39150;43148;38988;22493;21883;50843;49854;66328;39451;55970;20881;42124;20530;59662;11235;17000;61340;37543;11812;22522;27569;19373;27248;62405;19544;36173;61211;47869;16197;60446;45530;56883;57351;33018;38777;37219;55080;36779;57891;32488;41937;26410;43788;19502;17972;30820;25640;65020;24541;57428;49329;22862;43557;29859;46452;18088;16249;43625;60405;44065;46582;42447;59301;62670;23769;21641;51624;18338;51362;42348;19242;46881;26464;43195;50484;16138;66952;11514;18325;28337;60524;54931;27003;30677;22991;27977;15424;43634;53043;25652;60210;47284;57163;22209;37937;28995;65400;66836;61165;64142;41393;33467;21914;15526;24501;46597;19137;28451;45882;53078;45757;45690;25759;28965;62813;58952;13371;58131;65361;33295;14506;53465;30948;29327;58009;63769;36307;24005;15105;16334;61124;62241;49709;15696;27190;37315;10063;26817;24010;19392;39868;45460;16434;40968;64011;39767;62282;61894;19516;35484;41186;35086;52454;46137;51402;36276;35246;32924;35925;33483;58099;51916;20032;51501;41120;45939;35909;58485;10301;26697;43108;22452;42786;56431;53719;66684;15206;61240;61954;57682;14294;14160;35429;26229;30054;59698;48894;61135;39749;49067;22014;50029;60820;61562;48565;47049;10179;10477;32452;56101;45247;28467;65326;63110;28646;60580;45510;37771;32161;65222;60848;52020;22339;36515;27147;34690;10303;65330;16219;62337;63020;46361;31445;46080;38073;66371;66204;54663;19579;16979;55572;54117;23404;65297;12768;31073;55078;59826;44749;62108;15366;34512;62639;26316;21329;56916;13127;14161;47305;52905;58594;15903;13900;21859;54919;46811;46967;42557;25297;32192;43161;48296;54978;57233;28376;21884;58106;45917;29313;34946;60423;16170;19589;45983;46119;59908;50106;47613;12678;56176;43190;60698;32435;43429;17279;38735;62521;10205;64064;15495;14543;41866;12233;41905;61711;36425;43227;15886;54037;33620;16491;51643;38826;58356;16096;28214;40566;18734;53150;26074;19941;63921;21012;47604;60259;32472;15521;64265;60388;21650;34523;57349;46427;34881;16469;31758;35378;34626;37740;30453;37253;14198;42312;24751;20220;44023;37052;56524;56164;55723;18606;28817;51339;23370;23238;52035;12857;27809;20946;65636;47802;18901;46494;39093;12030;48785;43651;23095;13102;57287;62967;23670;41477;13773;61658;63528;44879;36008;65541;14240;30365;36267;37992;50187;13186;55989;19304;28868;58169;12371;60516;30990;10645;51208;65466;56907;50838;53533;32465;16331;10986;65394;38563;33239;23529;25184;41390;62802;39262;64777;61098;42410;18475;27730;31310;42022;61589;16144;46505;47093;28196;59068;47368;53839;25200;59136;45483;43888;16451;38971;16372;10393;44404;38576;58495;51545;13394;37933;61151;64703;65715;13211;51312;25186;47446;32957;22152;34402;32420;23878;62056;23498;59188;65126;62752;17648;60156;62423;39131;49593;33790;35621;57224;27096;51324;59568;38597;42668;55906;18731;12376;44521;19629;14340;38287;63854;61035;29752;13385;24458;27408;11679;34948;51834;36040;56260;44111;50433;35887;65344;32272;57718;31772;40975;64591;16282;34582;22169;10029;63781;45329;26522;25727;19031;12201;37546;36720;30418;18910;44964;61734;22494;58082;43479;40992;30678;65009;47598;54241;26866;40665;16004;19318;18675;54318;15684;15453;38956;18495;58020;46350;41268;64585;30524;57743;62242;17145;23149;22573;30265;34614;19938;30916;14630;37175;22245;59744;34493;16560;16140;15291;31032;30443;65118;16540;18938;52637;11143;52947;57802;63622;21441;57874;47039;28641;42085;36160;11740;48988;49006;31799;63442;13335;66194;16702;23590;25806;13613;35942;25637;30975;56061;27783;13982;63590;48490;47879;28664;22739;48360;37982;33577;50922;41814;30421;56315;51175;31316;10815;58181;40496;41610;25907;19267;44616;36893;22246;56522;16058;20010;65453;36126;15311;24377;32942;35211;18964;37488;10881;14213;18035;14112;45356;10734;44106;65370;33070;60832;14249;39977;45561;18898;53056;64610;14408;19660;56753;45464;40187;47475;59031;11053;35540;31524;15030;18986;24475;28848;38953;23338;15781;43838;27517;66922;33745;44212;24132;60699;32597;39688;53399;64109;27290;58271;22893;59685;26038;49189;62616;49858;10922;19285;38353;56734;58571;62398;56547;28791;34709;13556;44191;39690;31402;47380;24110;46782;30326;24358;41113;31633;62711;20072;42373;12769;17420;29549;54548;23359;45821;62990;38676;59460;10988;60284;17833;19600;25003;54106;65452;54076;53321;58210;64965;62464;63007;21603;25933;10968;20140;23369;32998;11205;22002;55535;16931;44190;42487;33155;36369;44273;32592;14365;21818;62485;50082;35513;54757;46877;40010;11684;26708;42318;41560;33280;38118;43977;61203;52417;62475;12381;30955;63891;52881;15710;41296;49595;66020;22261;20176;59247;16723;16410;15937;51275;52406;60415;29344;26793;28280;61491;21243;30152;58228;33761;60411;51451;24026;16640;16181;54952;48330;57299;25811;25823;29981;31485;65060;23004;44261;51744;40122;10366;33696;37436;62463;63024;10939;15337;11598;20078;37156;26563;28833;56898;21533;23336;14329;51011;60941;57859;49358;43897;26972;64795;57903;54649;33342;51882;49933;21573;28601;47608;16202;10112;19468;55019;38890;55975;35168;31768;56346;53873;64545;43235;63800;59089;13724;12710;11344;12914;42692;58811;46938;61939;44652;20558;19360;53233;63831;35198;65926;50442;39116;32777;14857;58499;49076;63818;58607;51589;37114;24922;50480;54583;27494;50984;10783;43397;66656;58073;54301;40485;65978;64496;43719;31288;41176;50293;61351;24361;12073;33952;12099;25999;63774;49827;10407;39719;53189;40925;26284;15771;60412;56851;54226;61476;37234;54738;21338;28484;47075;46455;54304;53668;59978;63302;32187;55722;64936;56565;34400;12907;45133;14178;13050;43326;63827;64840;34251;60812;32589;10605;49513;45631;65566;13273;26126;65404;31299;51560;49380;39880;27637;50490;55836;56773;46565;49708;56450;55136;23056;20774;19012;56896;32811;60322;26181;61344;55711;25381;25557;59722;46053;16437;29229;14904;63076;30775;38867;14045;27342;24279;39255;52230;66785;42414;16304;44801;16188;59951;30042;51830;49951;41357;59388;63562;41229;66969;50972;38158;51689;50624;60088;35904;33703;63614;33178;16159;25580;64317;31180;64034;37673;24713;22207;22574;32654;56839;57500;29039;56588;25376;48280;31208;63750;43360;46886;17205;49538;14537;32940;44457;46157;37896;33221;63556;30038;49306;50226;20161;12666;30394;23178;60497;64112;53544;43278;58958;40064;26535;50902;22347;57382;13808;60766;40370;39117;62778;45611;20453;28346;60589;58400;21543;17528;66791;57171;65408;56641;36079;47246;19892;50904;16242;27395;59446;62445;31961;26903;18453;16594;21772;40727;35951;61578;22437;46998;62478;40891;26040;42621;20827;13400;22627;35730;41088;10093;11407;63570;30599;30772;61889;36162;28252;57194;30517;31793;55057;46747;65858;25062;62655;28380;12262;50746;52415;10276;60649;60063;14070;22455;20440;45231;53810;34469;59403;51738;54034;38712;13890;66828;51708;51491;45437;36065;28133;55236;19423;20991;22927;45603;16128;35978;57913;27600;17694;40996;66329;40079;45266;21551;28779;45607;62401;36015;31946;18322;45367;24790;47617;45720;65609;40599;12567;16275;15743;44948;12587;19962;17342;54846;31384;11284;36606;56166;33456;59427;20587;57907;50267;37302;41206;53724;14268;26009;49760;64236;16010;45336;33504;40211;15934;41330;16533;28285;26585;25067;41755;29443;56652;47799;16390;14222;46721;46196;36082;20033;28130;23854;29835;28998;11799;34293;64747;50148;43798;24510;28152;56906;44649;27483;36509;59250;41143;47455;30588;30523;25089;35327;12773;60811;20235;29684;25662;61446;20940;32229;55152;25367;65844;19022;12780;18060;54059;51934;64146;24702;53915;57094;36851;30461;27808;13740;63958;18888;43136;41611;54197;34481;46391;31247;39819;61611;16569;40988;15656;32663;38168;16051;43639;60062;62541;36501;38490;46522;33813;40375;14673;11989;23058;59243;56190;32868;46298;16549;21480;46605;20037;63365;49023;34341;51799;33902;21171;50552;13053;59975;39167;24722;26724;20375;24895;52144;29865;23852;53245;38253;28576;41421;65050;44781;17219;17654;52959;21464;13169;19780;22523;13002;50183;13134;20685;11420;15915;18400;32300;12391;25918;10182;32082;13191;61020;50566;19082;13887;63972;41770;52004;13483;30896;48268;30045;49962;28950;40844;48913;21387;44503;15636;33534;31198;31005;54416;44131;53916;22817;64448;44868;54055;47388;65431;18145;13928;29628;39862;24905;16163;27568;47472;60974;39969;62902;54471;64633;39264;65593;64272;60920;66525;12500;16806;65599;21816;49421;61234;56912;24596;32238;10588;20148;55207;17054;27767;44429;31179;16199;58596;35328;44112;11804;12472;13067;24347;24864;63716;24946;47600;65794;17436;40232;12602;29163;57989;19747;66917;65089;46960;50680;46285;28531;23850;31428;28117;21257;31355;22170;56998;53517;31935;57367;10153;65495;34712;22711;20306;27979;37617;64992;54739;45905;34883;26376;29006;65029;38720;14877;23749;15894;61459;54680;26566;33809;49823;20089;31345;59278;16947;34217;42543;66059;66289;49193;21674;42584;52402;62126;19943;14010;35157;32914;20970;48199;48948;65952;56696;26197;56684;62023;65835;22750;32042;14177;40531;62222;50327;10505;40065;37801;27225;25410;56512;56771;56224;32896;32261;24888;61201;52826;19702;34929;35946;46083;27181;28391;46313;12792;13119;54493;45346;54278;42513;48996;32953;35381;64716;38385;62527;34419;61194;32732;34072;10938;65987;49089;53896;43011;10837;55329;17042;57191;53199;60959;54315;</value>
	11	</preference>
	12	<preference><name>TARGET</name>
	13	<value>preprod.boardvantage.net</value>
	14	</preference>
	15	<preference><name>throttle_scan</name>
	16	<value>yes</value>
	17	</preference>
	18	<preference><name>listen_address</name>
	19	<value>0.0.0.0</value>
	20	</preference>
	21	<preference><name>non_simult_ports</name>
	22	<value>139, 445, 3389</value>
	23	</preference>
	24	<preference><name>slice_network_addresses</name>
	25	<value>no</value>
	26	</preference>
	27	<preference><name>max_checks</name>
	28	<value>5</value>
	29	</preference>
	30	<preference><name>stop_scan_on_disconnect</name>
	31	<value>no</value>
	32	</preference>
	33	<preference><name>host.max_simult_tcp_sessions</name>
	34	<value>unlimited</value>
	35	</preference>
	36	<preference><name>report_crashes</name>
	37	<value>yes</value>
	38	</preference>
	39	<preference><name>xmlrpc_listen_port</name>
	40	<value>8834</value>
	41	</preference>
	42	<preference><name>whoami</name>
	43	<value>famato</value>
	44	</preference>
	45	<preference><name>audit_trail</name>
	46	<value>no</value>
	47	</preference>
	48	<preference><name>policy_uuid</name>
	49	<value>D2A991B9-F116-4540-90DC-97BFA7DE615E</value>
	50	</preference>
	51	<preference><name>reverse_lookup</name>
	52	<value>no</value>
	53	</preference>
	54	<preference><name>optimize_test</name>
	55	<value>yes</value>
	56	</preference>
	57	<preference><name>log_whole_attack</name>
	58	<value>no</value>
	59	</preference>
	60	<preference><name>ssl_cipher_list</name>
	61	<value>strong</value>
	62	</preference>
	63	<preference><name>cgi_path</name>
	64	<value>/cgi-bin:/scripts</value>
	65	</preference>
	66	<preference><name>unscanned_closed</name>
	67	<value>no</value>
	68	</preference>
	69	<preference><name>save_knowledge_base</name>
	70	<value>no</value>
	71	</preference>
	72	<preference><name>xmlrpc_no_referrer_check</name>
	73	<value>yes</value>
	74	</preference>
	75	<preference><name>use_kernel_congestion_detection</name>
	76	<value>no</value>
	77	</preference>
	78	<preference><name>listen_port</name>
	79	<value>1241</value>
	80	</preference>
	81	<preference><name>auto_update</name>
	82	<value>yes</value>
	83	</preference>
	84	<preference><name>checks_read_timeout</name>
	85	<value>5</value>
	86	</preference>
	87	<preference><name>plugins_timeout</name>
	88	<value>320</value>
	89	</preference>
	90	<preference><name>auto_enable_dependencies</name>
	91	<value>yes</value>
	92	</preference>
	93	<preference><name>safe_checks</name>
	94	<value>yes</value>
	95	</preference>
	96	<preference><name>report_task_id</name>
	97	<value>8c306ca5-5314-476a-34a6-d66657c2b837c62dc0206bd28ea3</value>
	98	</preference>
	99	<preference><name>allow_post_scan_editing</name>
	100	<value>yes</value>
	101	</preference>
	102	<preference><name>stop_scan_on_hang</name>
	103	<value>no</value>
	104	</preference>
	105	<preference><name>max_hosts</name>
	106	<value>80</value>
	107	</preference>
	108	<preference><name>plugin_upload</name>
	109	<value>yes</value>
	110	</preference>
	111	<preference><name>reduce_connections_on_congestion</name>
	112	<value>no</value>
	113	</preference>
	114	<preference><name>feed_type</name>
	115	<value>HomeFeed</value>
	116	</preference>
	117	<preference><name>silent_dependencies</name>
	118	<value>yes</value>
	119	</preference>
	120	<preference><name>port_range</name>
	121	<value>default</value>
	122	</preference>
	123	</ServerPreferences>
	124	<PluginsPreferences><item><pluginName>amap (NASL wrapper)</pluginName>
	125	<pluginId>14663</pluginId>
	126	<fullName>amap (NASL wrapper)[file]:File containing machine readable results :</fullName>
	127	<preferenceName>File containing machine readable results :</preferenceName>
	128	<preferenceType>file</preferenceType>
	129	<preferenceValues></preferenceValues>
	130	<selectedValue></selectedValue>
	131	</item>
	132	<item><pluginName>amap (NASL wrapper)</pluginName>
	133	<pluginId>14663</pluginId>
	134	<fullName>amap (NASL wrapper)[radio]:Mode</fullName>
	135	<preferenceName>Mode</preferenceName>
	136	<preferenceType>radio</preferenceType>
	137	<preferenceValues>Map applications;Just grab banners;Port scan only</preferenceValues>
	138	<selectedValue>Map applications;Just grab banners;Port scan only</selectedValue>
	139	</item>
	140	<item><pluginName>amap (NASL wrapper)</pluginName>
	141	<pluginId>14663</pluginId>
	142	<fullName>amap (NASL wrapper)[checkbox]:Quicker</fullName>
	143	<preferenceName>Quicker</preferenceName>
	144	<preferenceType>checkbox</preferenceType>
	145	<preferenceValues>no</preferenceValues>
	146	<selectedValue>no</selectedValue>
	147	</item>
	148	<item><pluginName>amap (NASL wrapper)</pluginName>
	149	<pluginId>14663</pluginId>
	150	<fullName>amap (NASL wrapper)[checkbox]:UDP scan (disabled in safe_checks)</fullName>
	151	<preferenceName>UDP scan (disabled in safe_checks)</preferenceName>
	152	<preferenceType>checkbox</preferenceType>
	153	<preferenceValues>no</preferenceValues>
	154	<selectedValue>no</selectedValue>
	155	</item>
	156	<item><pluginName>amap (NASL wrapper)</pluginName>
	157	<pluginId>14663</pluginId>
	158	<fullName>amap (NASL wrapper)[checkbox]:SSL (disabled in safe_checks)</fullName>
	159	<preferenceName>SSL (disabled in safe_checks)</preferenceName>
	160	<preferenceType>checkbox</preferenceType>
	161	<preferenceValues>yes</preferenceValues>
	162	<selectedValue>yes</selectedValue>
	163	</item>
	164	<item><pluginName>amap (NASL wrapper)</pluginName>
	165	<pluginId>14663</pluginId>
	166	<fullName>amap (NASL wrapper)[checkbox]:RPC (disabled in safe_checks)</fullName>
	167	<preferenceName>RPC (disabled in safe_checks)</preferenceName>
	168	<preferenceType>checkbox</preferenceType>
	169	<preferenceValues>yes</preferenceValues>
	170	<selectedValue>yes</selectedValue>
	171	</item>
	172	<item><pluginName>amap (NASL wrapper)</pluginName>
	173	<pluginId>14663</pluginId>
	174	<fullName>amap (NASL wrapper)[entry]:Parallel tasks</fullName>
	175	<preferenceName>Parallel tasks</preferenceName>
	176	<preferenceType>entry</preferenceType>
	177	<preferenceValues></preferenceValues>
	178	<selectedValue></selectedValue>
	179	</item>
	180	<item><pluginName>amap (NASL wrapper)</pluginName>
	181	<pluginId>14663</pluginId>
	182	<fullName>amap (NASL wrapper)[entry]:Connection retries</fullName>
	183	<preferenceName>Connection retries</preferenceName>
	184	<preferenceType>entry</preferenceType>
	185	<preferenceValues></preferenceValues>
	186	<selectedValue></selectedValue>
	187	</item>
	188	<item><pluginName>amap (NASL wrapper)</pluginName>
	189	<pluginId>14663</pluginId>
	190	<fullName>amap (NASL wrapper)[entry]:Connection timeout</fullName>
	191	<preferenceName>Connection timeout</preferenceName>
	192	<preferenceType>entry</preferenceType>
	193	<preferenceValues></preferenceValues>
	194	<selectedValue></selectedValue>
	195	</item>
	196	<item><pluginName>amap (NASL wrapper)</pluginName>
	197	<pluginId>14663</pluginId>
	198	<fullName>amap (NASL wrapper)[entry]:Read timeout</fullName>
	199	<preferenceName>Read timeout</preferenceName>
	200	<preferenceType>entry</preferenceType>
	201	<preferenceValues></preferenceValues>
	202	<selectedValue></selectedValue>
	203	</item>
	204	<item><pluginName>SNMP settings</pluginName>
	205	<pluginId>19762</pluginId>
	206	<fullName>SNMP settings[entry]:Community name :</fullName>
	207	<preferenceName>Community name :</preferenceName>
	208	<preferenceType>entry</preferenceType>
	209	<preferenceValues>public</preferenceValues>
	210	<selectedValue>public</selectedValue>
	211	</item>
	212	<item><pluginName>SNMP settings</pluginName>
	213	<pluginId>19762</pluginId>
	214	<fullName>SNMP settings[entry]:Community name (1) :</fullName>
	215	<preferenceName>Community name (1) :</preferenceName>
	216	<preferenceType>entry</preferenceType>
	217	<preferenceValues></preferenceValues>
	218	<selectedValue></selectedValue>
	219	</item>
	220	<item><pluginName>SNMP settings</pluginName>
	221	<pluginId>19762</pluginId>
	222	<fullName>SNMP settings[entry]:Community name (2) :</fullName>
	223	<preferenceName>Community name (2) :</preferenceName>
	224	<preferenceType>entry</preferenceType>
	225	<preferenceValues></preferenceValues>
	226	<selectedValue></selectedValue>
	227	</item>
	228	<item><pluginName>SNMP settings</pluginName>
	229	<pluginId>19762</pluginId>
	230	<fullName>SNMP settings[entry]:Community name (3) :</fullName>
	231	<preferenceName>Community name (3) :</preferenceName>
	232	<preferenceType>entry</preferenceType>
	233	<preferenceValues></preferenceValues>
	234	<selectedValue></selectedValue>
	235	</item>
	236	<item><pluginName>SNMP settings</pluginName>
	237	<pluginId>19762</pluginId>
	238	<fullName>SNMP settings[entry]:UDP port :</fullName>
	239	<preferenceName>UDP port :</preferenceName>
	240	<preferenceType>entry</preferenceType>
	241	<preferenceValues>161</preferenceValues>
	242	<selectedValue>161</selectedValue>
	243	</item>
	244	<item><pluginName>SNMP settings</pluginName>
	245	<pluginId>19762</pluginId>
	246	<fullName>SNMP settings[entry]:SNMPv3 user name :</fullName>
	247	<preferenceName>SNMPv3 user name :</preferenceName>
	248	<preferenceType>entry</preferenceType>
	249	<preferenceValues></preferenceValues>
	250	<selectedValue></selectedValue>
	251	</item>
	252	<item><pluginName>SNMP settings</pluginName>
	253	<pluginId>19762</pluginId>
	254	<fullName>SNMP settings[password]:SNMPv3 authentication password :</fullName>
	255	<preferenceName>SNMPv3 authentication password :</preferenceName>
	256	<preferenceType>password</preferenceType>
	257	<preferenceValues></preferenceValues>
	258	<selectedValue></selectedValue>
	259	</item>
	260	<item><pluginName>SNMP settings</pluginName>
	261	<pluginId>19762</pluginId>
	262	<fullName>SNMP settings[radio]:SNMPv3 authentication algorithm :</fullName>
	263	<preferenceName>SNMPv3 authentication algorithm :</preferenceName>
	264	<preferenceType>radio</preferenceType>
	265	<preferenceValues>MD5;SHA1</preferenceValues>
	266	<selectedValue>MD5;SHA1</selectedValue>
	267	</item>
	268	<item><pluginName>SNMP settings</pluginName>
	269	<pluginId>19762</pluginId>
	270	<fullName>SNMP settings[password]:SNMPv3 privacy password :</fullName>
	271	<preferenceName>SNMPv3 privacy password :</preferenceName>
	272	<preferenceType>password</preferenceType>
	273	<preferenceValues></preferenceValues>
	274	<selectedValue></selectedValue>
	275	</item>
	276	<item><pluginName>SNMP settings</pluginName>
	277	<pluginId>19762</pluginId>
	278	<fullName>SNMP settings[radio]:SNMPv3 privacy algorithm :</fullName>
	279	<preferenceName>SNMPv3 privacy algorithm :</preferenceName>
	280	<preferenceType>radio</preferenceType>
	281	<preferenceValues>DES</preferenceValues>
	282	<selectedValue>DES</selectedValue>
	283	</item>
	284	<item><pluginName>Good MDM Settings</pluginName>
	285	<pluginId>66963</pluginId>
	286	<fullName>Good MDM Settings[entry]:GMC Server :</fullName>
	287	<preferenceName>GMC Server :</preferenceName>
	288	<preferenceType>entry</preferenceType>
	289	<preferenceValues></preferenceValues>
	290	<selectedValue></selectedValue>
	291	</item>
	292	<item><pluginName>Good MDM Settings</pluginName>
	293	<pluginId>66963</pluginId>
	294	<fullName>Good MDM Settings[entry]:Port :</fullName>
	295	<preferenceName>Port :</preferenceName>
	296	<preferenceType>entry</preferenceType>
	297	<preferenceValues></preferenceValues>
	298	<selectedValue></selectedValue>
	299	</item>
	300	<item><pluginName>Good MDM Settings</pluginName>
	301	<pluginId>66963</pluginId>
	302	<fullName>Good MDM Settings[entry]:Domain :</fullName>
	303	<preferenceName>Domain :</preferenceName>
	304	<preferenceType>entry</preferenceType>
	305	<preferenceValues></preferenceValues>
	306	<selectedValue></selectedValue>
	307	</item>
	308	<item><pluginName>Good MDM Settings</pluginName>
	309	<pluginId>66963</pluginId>
	310	<fullName>Good MDM Settings[entry]:Username :</fullName>
	311	<preferenceName>Username :</preferenceName>
	312	<preferenceType>entry</preferenceType>
	313	<preferenceValues></preferenceValues>
	314	<selectedValue></selectedValue>
	315	</item>
	316	<item><pluginName>Good MDM Settings</pluginName>
	317	<pluginId>66963</pluginId>
	318	<fullName>Good MDM Settings[password]:Password :</fullName>
	319	<preferenceName>Password :</preferenceName>
	320	<preferenceType>password</preferenceType>
	321	<preferenceValues></preferenceValues>
	322	<selectedValue></selectedValue>
	323	</item>
	324	<item><pluginName>Good MDM Settings</pluginName>
	325	<pluginId>66963</pluginId>
	326	<fullName>Good MDM Settings[checkbox]:SSL :</fullName>
	327	<preferenceName>SSL :</preferenceName>
	328	<preferenceType>checkbox</preferenceType>
	329	<preferenceValues>yes</preferenceValues>
	330	<selectedValue>yes</selectedValue>
	331	</item>
	332	<item><pluginName>Good MDM Settings</pluginName>
	333	<pluginId>66963</pluginId>
	334	<fullName>Good MDM Settings[checkbox]:Verify SSL Certificate :</fullName>
	335	<preferenceName>Verify SSL Certificate :</preferenceName>
	336	<preferenceType>checkbox</preferenceType>
	337	<preferenceValues>no</preferenceValues>
	338	<selectedValue>no</selectedValue>
	339	</item>
	340	<item><pluginName>SSH settings</pluginName>
	341	<pluginId>14273</pluginId>
	342	<fullName>SSH settings[entry]:SSH user name :</fullName>
	343	<preferenceName>SSH user name :</preferenceName>
	344	<preferenceType>entry</preferenceType>
	345	<preferenceValues>root</preferenceValues>
	346	<selectedValue>root</selectedValue>
	347	</item>
	348	<item><pluginName>SSH settings</pluginName>
	349	<pluginId>14273</pluginId>
	350	<fullName>SSH settings[password]:SSH password (unsafe!) :</fullName>
	351	<preferenceName>SSH password (unsafe!) :</preferenceName>
	352	<preferenceType>password</preferenceType>
	353	<preferenceValues></preferenceValues>
	354	<selectedValue></selectedValue>
	355	</item>
	356	<item><pluginName>SSH settings</pluginName>
	357	<pluginId>14273</pluginId>
	358	<fullName>SSH settings[file]:SSH public key to use :</fullName>
	359	<preferenceName>SSH public key to use :</preferenceName>
	360	<preferenceType>file</preferenceType>
	361	<preferenceValues></preferenceValues>
	362	<selectedValue></selectedValue>
	363	</item>
	364	<item><pluginName>SSH settings</pluginName>
	365	<pluginId>14273</pluginId>
	366	<fullName>SSH settings[file]:SSH private key to use :</fullName>
	367	<preferenceName>SSH private key to use :</preferenceName>
	368	<preferenceType>file</preferenceType>
	369	<preferenceValues></preferenceValues>
	370	<selectedValue></selectedValue>
	371	</item>
	372	<item><pluginName>SSH settings</pluginName>
	373	<pluginId>14273</pluginId>
	374	<fullName>SSH settings[password]:Passphrase for SSH key :</fullName>
	375	<preferenceName>Passphrase for SSH key :</preferenceName>
	376	<preferenceType>password</preferenceType>
	377	<preferenceValues></preferenceValues>
	378	<selectedValue></selectedValue>
	379	</item>
	380	<item><pluginName>SSH settings</pluginName>
	381	<pluginId>14273</pluginId>
	382	<fullName>SSH settings[radio]:Elevate privileges with :</fullName>
	383	<preferenceName>Elevate privileges with :</preferenceName>
	384	<preferenceType>radio</preferenceType>
	385	<preferenceValues>Nothing;sudo;su;su+sudo;dzdo;pbrun;Cisco 'enable'</preferenceValues>
	386	<selectedValue>Nothing;sudo;su;su+sudo;Cisco 'enable'</selectedValue>
	387	</item>
	388	<item><pluginName>SSH settings</pluginName>
	389	<pluginId>14273</pluginId>
	390	<fullName>SSH settings[entry]:Privilege elevation binary path (directory) :</fullName>
	391	<preferenceName>Privilege elevation binary path (directory) :</preferenceName>
	392	<preferenceType>entry</preferenceType>
	393	<preferenceValues></preferenceValues>
	394	<selectedValue></selectedValue>
	395	</item>
	396	<item><pluginName>SSH settings</pluginName>
	397	<pluginId>14273</pluginId>
	398	<fullName>SSH settings[entry]:su login :</fullName>
	399	<preferenceName>su login :</preferenceName>
	400	<preferenceType>entry</preferenceType>
	401	<preferenceValues></preferenceValues>
	402	<selectedValue></selectedValue>
	403	</item>
	404	<item><pluginName>SSH settings</pluginName>
	405	<pluginId>14273</pluginId>
	406	<fullName>SSH settings[entry]:Escalation account :</fullName>
	407	<preferenceName>Escalation account :</preferenceName>
	408	<preferenceType>entry</preferenceType>
	409	<preferenceValues>root</preferenceValues>
	410	<selectedValue>root</selectedValue>
	411	</item>
	412	<item><pluginName>SSH settings</pluginName>
	413	<pluginId>14273</pluginId>
	414	<fullName>SSH settings[password]:Escalation password :</fullName>
	415	<preferenceName>Escalation password :</preferenceName>
	416	<preferenceType>password</preferenceType>
	417	<preferenceValues></preferenceValues>
	418	<selectedValue></selectedValue>
	419	</item>
	420	<item><pluginName>SSH settings</pluginName>
	421	<pluginId>14273</pluginId>
	422	<fullName>SSH settings[file]:SSH known_hosts file :</fullName>
	423	<preferenceName>SSH known_hosts file :</preferenceName>
	424	<preferenceType>file</preferenceType>
	425	<preferenceValues></preferenceValues>
	426	<selectedValue></selectedValue>
	427	</item>
	428	<item><pluginName>SSH settings</pluginName>
	429	<pluginId>14273</pluginId>
	430	<fullName>SSH settings[entry]:Preferred SSH port :</fullName>
	431	<preferenceName>Preferred SSH port :</preferenceName>
	432	<preferenceType>entry</preferenceType>
	433	<preferenceValues>22</preferenceValues>
	434	<selectedValue>22</selectedValue>
	435	</item>
	436	<item><pluginName>SSH settings</pluginName>
	437	<pluginId>14273</pluginId>
	438	<fullName>SSH settings[entry]:Client version :</fullName>
	439	<preferenceName>Client version :</preferenceName>
	440	<preferenceType>entry</preferenceType>
	441	<preferenceValues>OpenSSH_5.0</preferenceValues>
	442	<selectedValue>OpenSSH_5.0</selectedValue>
	443	</item>
	444	<item><pluginName>SSH settings</pluginName>
	445	<pluginId>14273</pluginId>
	446	<fullName>SSH settings[entry]:Additional SSH user name (1) :</fullName>
	447	<preferenceName>Additional SSH user name (1) :</preferenceName>
	448	<preferenceType>entry</preferenceType>
	449	<preferenceValues></preferenceValues>
	450	<selectedValue></selectedValue>
	451	</item>
	452	<item><pluginName>SSH settings</pluginName>
	453	<pluginId>14273</pluginId>
	454	<fullName>SSH settings[password]:Additional SSH password (1) :</fullName>
	455	<preferenceName>Additional SSH password (1) :</preferenceName>
	456	<preferenceType>password</preferenceType>
	457	<preferenceValues></preferenceValues>
	458	<selectedValue></selectedValue>
	459	</item>
	460	<item><pluginName>SSH settings</pluginName>
	461	<pluginId>14273</pluginId>
	462	<fullName>SSH settings[entry]:Additional SSH user name (2) :</fullName>
	463	<preferenceName>Additional SSH user name (2) :</preferenceName>
	464	<preferenceType>entry</preferenceType>
	465	<preferenceValues></preferenceValues>
	466	<selectedValue></selectedValue>
	467	</item>
	468	<item><pluginName>SSH settings</pluginName>
	469	<pluginId>14273</pluginId>
	470	<fullName>SSH settings[password]:Additional SSH password (2) :</fullName>
	471	<preferenceName>Additional SSH password (2) :</preferenceName>
	472	<preferenceType>password</preferenceType>
	473	<preferenceValues></preferenceValues>
	474	<selectedValue></selectedValue>
	475	</item>
	476	<item><pluginName>SSH settings</pluginName>
	477	<pluginId>14273</pluginId>
	478	<fullName>SSH settings[entry]:Additional SSH user name (3) :</fullName>
	479	<preferenceName>Additional SSH user name (3) :</preferenceName>
	480	<preferenceType>entry</preferenceType>
	481	<preferenceValues></preferenceValues>
	482	<selectedValue></selectedValue>
	483	</item>
	484	<item><pluginName>SSH settings</pluginName>
	485	<pluginId>14273</pluginId>
	486	<fullName>SSH settings[password]:Additional SSH password (3) :</fullName>
	487	<preferenceName>Additional SSH password (3) :</preferenceName>
	488	<preferenceType>password</preferenceType>
	489	<preferenceValues></preferenceValues>
	490	<selectedValue></selectedValue>
	491	</item>
	492	<item><pluginName>SSH settings</pluginName>
	493	<pluginId>14273</pluginId>
	494	<fullName>SSH settings[entry]:Additional SSH user name (4) :</fullName>
	495	<preferenceName>Additional SSH user name (4) :</preferenceName>
	496	<preferenceType>entry</preferenceType>
	497	<preferenceValues></preferenceValues>
	498	<selectedValue></selectedValue>
	499	</item>
	500	<item><pluginName>SSH settings</pluginName>
	501	<pluginId>14273</pluginId>
	502	<fullName>SSH settings[password]:Additional SSH password (4) :</fullName>
	503	<preferenceName>Additional SSH password (4) :</preferenceName>
	504	<preferenceType>password</preferenceType>
	505	<preferenceValues></preferenceValues>
	506	<selectedValue></selectedValue>
	507	</item>
	508	<item><pluginName>SSH settings</pluginName>
	509	<pluginId>14273</pluginId>
	510	<fullName>SSH settings[entry]:Additional SSH user name (5) :</fullName>
	511	<preferenceName>Additional SSH user name (5) :</preferenceName>
	512	<preferenceType>entry</preferenceType>
	513	<preferenceValues></preferenceValues>
	514	<selectedValue></selectedValue>
	515	</item>
	516	<item><pluginName>SSH settings</pluginName>
	517	<pluginId>14273</pluginId>
	518	<fullName>SSH settings[password]:Additional SSH password (5) :</fullName>
	519	<preferenceName>Additional SSH password (5) :</preferenceName>
	520	<preferenceType>password</preferenceType>
	521	<preferenceValues></preferenceValues>
	522	<selectedValue></selectedValue>
	523	</item>
	524	<item><pluginName>Hydra: LDAP</pluginName>
	525	<pluginId>15877</pluginId>
	526	<fullName>Hydra: LDAP[entry]:DN :</fullName>
	527	<preferenceName>DN :</preferenceName>
	528	<preferenceType>entry</preferenceType>
	529	<preferenceValues></preferenceValues>
	530	<selectedValue></selectedValue>
	531	</item>
	532	<item><pluginName>Apple Profile Manager API Settings</pluginName>
	533	<pluginId>60032</pluginId>
	534	<fullName>Apple Profile Manager API Settings[entry]:Apple Profile Manager server :</fullName>
	535	<preferenceName>Apple Profile Manager server :</preferenceName>
	536	<preferenceType>entry</preferenceType>
	537	<preferenceValues></preferenceValues>
	538	<selectedValue></selectedValue>
	539	</item>
	540	<item><pluginName>Apple Profile Manager API Settings</pluginName>
	541	<pluginId>60032</pluginId>
	542	<fullName>Apple Profile Manager API Settings[entry]:Apple Profile Manager port :</fullName>
	543	<preferenceName>Apple Profile Manager port :</preferenceName>
	544	<preferenceType>entry</preferenceType>
	545	<preferenceValues>443</preferenceValues>
	546	<selectedValue>443</selectedValue>
	547	</item>
	548	<item><pluginName>Apple Profile Manager API Settings</pluginName>
	549	<pluginId>60032</pluginId>
	550	<fullName>Apple Profile Manager API Settings[entry]:Apple Profile Manager username :</fullName>
	551	<preferenceName>Apple Profile Manager username :</preferenceName>
	552	<preferenceType>entry</preferenceType>
	553	<preferenceValues></preferenceValues>
	554	<selectedValue></selectedValue>
	555	</item>
	556	<item><pluginName>Apple Profile Manager API Settings</pluginName>
	557	<pluginId>60032</pluginId>
	558	<fullName>Apple Profile Manager API Settings[password]:Apple Profile Manager password :</fullName>
	559	<preferenceName>Apple Profile Manager password :</preferenceName>
	560	<preferenceType>password</preferenceType>
	561	<preferenceValues></preferenceValues>
	562	<selectedValue></selectedValue>
	563	</item>
	564	<item><pluginName>Apple Profile Manager API Settings</pluginName>
	565	<pluginId>60032</pluginId>
	566	<fullName>Apple Profile Manager API Settings[checkbox]:SSL :</fullName>
	567	<preferenceName>SSL :</preferenceName>
	568	<preferenceType>checkbox</preferenceType>
	569	<preferenceValues>yes</preferenceValues>
	570	<selectedValue>yes</selectedValue>
	571	</item>
	572	<item><pluginName>Apple Profile Manager API Settings</pluginName>
	573	<pluginId>60032</pluginId>
	574	<fullName>Apple Profile Manager API Settings[checkbox]:Verify SSL Certificate :</fullName>
	575	<preferenceName>Verify SSL Certificate :</preferenceName>
	576	<preferenceType>checkbox</preferenceType>
	577	<preferenceValues>no</preferenceValues>
	578	<selectedValue>no</selectedValue>
	579	</item>
	580	<item><pluginName>Apple Profile Manager API Settings</pluginName>
	581	<pluginId>60032</pluginId>
	582	<fullName>Apple Profile Manager API Settings[checkbox]:Force Device Updates :</fullName>
	583	<preferenceName>Force Device Updates :</preferenceName>
	584	<preferenceType>checkbox</preferenceType>
	585	<preferenceValues>yes</preferenceValues>
	586	<selectedValue>yes</selectedValue>
	587	</item>
	588	<item><pluginName>Apple Profile Manager API Settings</pluginName>
	589	<pluginId>60032</pluginId>
	590	<fullName>Apple Profile Manager API Settings[entry]:Device Update Timeout (Minutes) :</fullName>
	591	<preferenceName>Device Update Timeout (Minutes) :</preferenceName>
	592	<preferenceType>entry</preferenceType>
	593	<preferenceValues>5</preferenceValues>
	594	<selectedValue>5</selectedValue>
	595	</item>
	596	<item><pluginName>Remote web server screenshot</pluginName>
	597	<pluginId>59861</pluginId>
	598	<fullName>Remote web server screenshot[checkbox]:Allow Nessus to connect to the cloud to take a screenshot of the public targets</fullName>
	599	<preferenceName>Allow Nessus to connect to the cloud to take a screenshot of the public targets</preferenceName>
	600	<preferenceType>checkbox</preferenceType>
	601	<preferenceValues>no</preferenceValues>
	602	<selectedValue>no</selectedValue>
	603	</item>
	604	<item><pluginName>Patch Management: Red Hat Satellite Server Settings</pluginName>
	605	<pluginId>57063</pluginId>
	606	<fullName>Patch Management: Red Hat Satellite Server Settings[entry]:Red Hat Satellite server(s) [separated w/ semicolons] :</fullName>
	607	<preferenceName>Red Hat Satellite server(s) [separated w/ semicolons] :</preferenceName>
	608	<preferenceType>entry</preferenceType>
	609	<preferenceValues></preferenceValues>
	610	<selectedValue></selectedValue>
	611	</item>
	612	<item><pluginName>Patch Management: Red Hat Satellite Server Settings</pluginName>
	613	<pluginId>57063</pluginId>
	614	<fullName>Patch Management: Red Hat Satellite Server Settings[entry]:Red Hat Satellite port(s) :</fullName>
	615	<preferenceName>Red Hat Satellite port(s) :</preferenceName>
	616	<preferenceType>entry</preferenceType>
	617	<preferenceValues>443</preferenceValues>
	618	<selectedValue>443</selectedValue>
	619	</item>
	620	<item><pluginName>Patch Management: Red Hat Satellite Server Settings</pluginName>
	621	<pluginId>57063</pluginId>
	622	<fullName>Patch Management: Red Hat Satellite Server Settings[checkbox]:Verify SSL certificates :</fullName>
	623	<preferenceName>Verify SSL certificates :</preferenceName>
	624	<preferenceType>checkbox</preferenceType>
	625	<preferenceValues>no</preferenceValues>
	626	<selectedValue>no</selectedValue>
	627	</item>
	628	<item><pluginName>Patch Management: Red Hat Satellite Server Settings</pluginName>
	629	<pluginId>57063</pluginId>
	630	<fullName>Patch Management: Red Hat Satellite Server Settings[entry]:Red Hat Satellite username(s) :</fullName>
	631	<preferenceName>Red Hat Satellite username(s) :</preferenceName>
	632	<preferenceType>entry</preferenceType>
	633	<preferenceValues></preferenceValues>
	634	<selectedValue></selectedValue>
	635	</item>
	636	<item><pluginName>Patch Management: Red Hat Satellite Server Settings</pluginName>
	637	<pluginId>57063</pluginId>
	638	<fullName>Patch Management: Red Hat Satellite Server Settings[password]:Red Hat Satellite password(s) :</fullName>
	639	<preferenceName>Red Hat Satellite password(s) :</preferenceName>
	640	<preferenceType>password</preferenceType>
	641	<preferenceValues></preferenceValues>
	642	<selectedValue></selectedValue>
	643	</item>
	644	<item><pluginName>Hydra: HTTP</pluginName>
	645	<pluginId>15873</pluginId>
	646	<fullName>Hydra: HTTP[entry]:Web page :</fullName>
	647	<preferenceName>Web page :</preferenceName>
	648	<preferenceType>entry</preferenceType>
	649	<preferenceValues></preferenceValues>
	650	<selectedValue></selectedValue>
	651	</item>
	652	<item><pluginName>SMB Scope</pluginName>
	653	<pluginId>10917</pluginId>
	654	<fullName>SMB Scope[checkbox]:Request information about the domain</fullName>
	655	<preferenceName>Request information about the domain</preferenceName>
	656	<preferenceType>checkbox</preferenceType>
	657	<preferenceValues>yes</preferenceValues>
	658	<selectedValue>yes</selectedValue>
	659	</item>
	660	<item><pluginName>VMware SOAP API Settings</pluginName>
	661	<pluginId>57395</pluginId>
	662	<fullName>VMware SOAP API Settings[entry]:VMware user name :</fullName>
	663	<preferenceName>VMware user name :</preferenceName>
	664	<preferenceType>entry</preferenceType>
	665	<preferenceValues></preferenceValues>
	666	<selectedValue></selectedValue>
	667	</item>
	668	<item><pluginName>VMware SOAP API Settings</pluginName>
	669	<pluginId>57395</pluginId>
	670	<fullName>VMware SOAP API Settings[password]:VMware password :</fullName>
	671	<preferenceName>VMware password :</preferenceName>
	672	<preferenceType>password</preferenceType>
	673	<preferenceValues></preferenceValues>
	674	<selectedValue></selectedValue>
	675	</item>
	676	<item><pluginName>VMware SOAP API Settings</pluginName>
	677	<pluginId>57395</pluginId>
	678	<fullName>VMware SOAP API Settings[checkbox]:Ignore SSL Certificate :</fullName>
	679	<preferenceName>Ignore SSL Certificate :</preferenceName>
	680	<preferenceType>checkbox</preferenceType>
	681	<preferenceValues>no</preferenceValues>
	682	<selectedValue>no</selectedValue>
	683	</item>
	684	<item><pluginName>Login configurations</pluginName>
	685	<pluginId>10870</pluginId>
	686	<fullName>Login configurations[entry]:HTTP account :</fullName>
	687	<preferenceName>HTTP account :</preferenceName>
	688	<preferenceType>entry</preferenceType>
	689	<preferenceValues></preferenceValues>
	690	<selectedValue></selectedValue>
	691	</item>
	692	<item><pluginName>Login configurations</pluginName>
	693	<pluginId>10870</pluginId>
	694	<fullName>Login configurations[password]:HTTP password (sent in clear) :</fullName>
	695	<preferenceName>HTTP password (sent in clear) :</preferenceName>
	696	<preferenceType>password</preferenceType>
	697	<preferenceValues></preferenceValues>
	698	<selectedValue></selectedValue>
	699	</item>
	700	<item><pluginName>Login configurations</pluginName>
	701	<pluginId>10870</pluginId>
	702	<fullName>Login configurations[entry]:NNTP account :</fullName>
	703	<preferenceName>NNTP account :</preferenceName>
	704	<preferenceType>entry</preferenceType>
	705	<preferenceValues></preferenceValues>
	706	<selectedValue></selectedValue>
	707	</item>
	708	<item><pluginName>Login configurations</pluginName>
	709	<pluginId>10870</pluginId>
	710	<fullName>Login configurations[password]:NNTP password (sent in clear) :</fullName>
	711	<preferenceName>NNTP password (sent in clear) :</preferenceName>
	712	<preferenceType>password</preferenceType>
	713	<preferenceValues></preferenceValues>
	714	<selectedValue></selectedValue>
	715	</item>
	716	<item><pluginName>Login configurations</pluginName>
	717	<pluginId>10870</pluginId>
	718	<fullName>Login configurations[entry]:FTP account :</fullName>
	719	<preferenceName>FTP account :</preferenceName>
	720	<preferenceType>entry</preferenceType>
	721	<preferenceValues>anonymous</preferenceValues>
	722	<selectedValue>anonymous</selectedValue>
	723	</item>
	724	<item><pluginName>Login configurations</pluginName>
	725	<pluginId>10870</pluginId>
	726	<fullName>Login configurations[password]:FTP password (sent in clear) :</fullName>
	727	<preferenceName>FTP password (sent in clear) :</preferenceName>
	728	<preferenceType>password</preferenceType>
	729	<preferenceValues>[email protected]</preferenceValues>
	730	<selectedValue>*********</selectedValue>
	731	</item>
	732	<item><pluginName>Login configurations</pluginName>
	733	<pluginId>10870</pluginId>
	734	<fullName>Login configurations[entry]:FTP writeable directory :</fullName>
	735	<preferenceName>FTP writeable directory :</preferenceName>
	736	<preferenceType>entry</preferenceType>
	737	<preferenceValues>/incoming</preferenceValues>
	738	<selectedValue>/incoming</selectedValue>
	739	</item>
	740	<item><pluginName>Login configurations</pluginName>
	741	<pluginId>10870</pluginId>
	742	<fullName>Login configurations[entry]:POP2 account :</fullName>
	743	<preferenceName>POP2 account :</preferenceName>
	744	<preferenceType>entry</preferenceType>
	745	<preferenceValues></preferenceValues>
	746	<selectedValue></selectedValue>
	747	</item>
	748	<item><pluginName>Login configurations</pluginName>
	749	<pluginId>10870</pluginId>
	750	<fullName>Login configurations[password]:POP2 password (sent in clear) :</fullName>
	751	<preferenceName>POP2 password (sent in clear) :</preferenceName>
	752	<preferenceType>password</preferenceType>
	753	<preferenceValues></preferenceValues>
	754	<selectedValue></selectedValue>
	755	</item>
	756	<item><pluginName>Login configurations</pluginName>
	757	<pluginId>10870</pluginId>
	758	<fullName>Login configurations[entry]:POP3 account :</fullName>
	759	<preferenceName>POP3 account :</preferenceName>
	760	<preferenceType>entry</preferenceType>
	761	<preferenceValues></preferenceValues>
	762	<selectedValue></selectedValue>
	763	</item>
	764	<item><pluginName>Login configurations</pluginName>
	765	<pluginId>10870</pluginId>
	766	<fullName>Login configurations[password]:POP3 password (sent in clear) :</fullName>
	767	<preferenceName>POP3 password (sent in clear) :</preferenceName>
	768	<preferenceType>password</preferenceType>
	769	<preferenceValues></preferenceValues>
	770	<selectedValue></selectedValue>
	771	</item>
	772	<item><pluginName>Login configurations</pluginName>
	773	<pluginId>10870</pluginId>
	774	<fullName>Login configurations[entry]:IMAP account :</fullName>
	775	<preferenceName>IMAP account :</preferenceName>
	776	<preferenceType>entry</preferenceType>
	777	<preferenceValues></preferenceValues>
	778	<selectedValue></selectedValue>
	779	</item>
	780	<item><pluginName>Login configurations</pluginName>
	781	<pluginId>10870</pluginId>
	782	<fullName>Login configurations[password]:IMAP password (sent in clear) :</fullName>
	783	<preferenceName>IMAP password (sent in clear) :</preferenceName>
	784	<preferenceType>password</preferenceType>
	785	<preferenceValues></preferenceValues>
	786	<selectedValue></selectedValue>
	787	</item>
	788	<item><pluginName>Login configurations</pluginName>
	789	<pluginId>10870</pluginId>
	790	<fullName>Login configurations[entry]:SMB account :</fullName>
	791	<preferenceName>SMB account :</preferenceName>
	792	<preferenceType>entry</preferenceType>
	793	<preferenceValues></preferenceValues>
	794	<selectedValue></selectedValue>
	795	</item>
	796	<item><pluginName>Login configurations</pluginName>
	797	<pluginId>10870</pluginId>
	798	<fullName>Login configurations[password]:SMB password :</fullName>
	799	<preferenceName>SMB password :</preferenceName>
	800	<preferenceType>password</preferenceType>
	801	<preferenceValues></preferenceValues>
	802	<selectedValue></selectedValue>
	803	</item>
	804	<item><pluginName>Login configurations</pluginName>
	805	<pluginId>10870</pluginId>
	806	<fullName>Login configurations[entry]:SMB domain (optional) :</fullName>
	807	<preferenceName>SMB domain (optional) :</preferenceName>
	808	<preferenceType>entry</preferenceType>
	809	<preferenceValues></preferenceValues>
	810	<selectedValue></selectedValue>
	811	</item>
	812	<item><pluginName>Login configurations</pluginName>
	813	<pluginId>10870</pluginId>
	814	<fullName>Login configurations[radio]:SMB password type :</fullName>
	815	<preferenceName>SMB password type :</preferenceName>
	816	<preferenceType>radio</preferenceType>
	817	<preferenceValues>Password;LM Hash;NTLM Hash</preferenceValues>
	818	<selectedValue>Password;LM Hash;NTLM Hash</selectedValue>
	819	</item>
	820	<item><pluginName>Login configurations</pluginName>
	821	<pluginId>10870</pluginId>
	822	<fullName>Login configurations[entry]:Additional SMB account (1) :</fullName>
	823	<preferenceName>Additional SMB account (1) :</preferenceName>
	824	<preferenceType>entry</preferenceType>
	825	<preferenceValues></preferenceValues>
	826	<selectedValue></selectedValue>
	827	</item>
	828	<item><pluginName>Login configurations</pluginName>
	829	<pluginId>10870</pluginId>
	830	<fullName>Login configurations[password]:Additional SMB password (1) :</fullName>
	831	<preferenceName>Additional SMB password (1) :</preferenceName>
	832	<preferenceType>password</preferenceType>
	833	<preferenceValues></preferenceValues>
	834	<selectedValue></selectedValue>
	835	</item>
	836	<item><pluginName>Login configurations</pluginName>
	837	<pluginId>10870</pluginId>
	838	<fullName>Login configurations[entry]:Additional SMB domain (optional) (1) :</fullName>
	839	<preferenceName>Additional SMB domain (optional) (1) :</preferenceName>
	840	<preferenceType>entry</preferenceType>
	841	<preferenceValues></preferenceValues>
	842	<selectedValue></selectedValue>
	843	</item>
	844	<item><pluginName>Login configurations</pluginName>
	845	<pluginId>10870</pluginId>
	846	<fullName>Login configurations[entry]:Additional SMB account (2) :</fullName>
	847	<preferenceName>Additional SMB account (2) :</preferenceName>
	848	<preferenceType>entry</preferenceType>
	849	<preferenceValues></preferenceValues>
	850	<selectedValue></selectedValue>
	851	</item>
	852	<item><pluginName>Login configurations</pluginName>
	853	<pluginId>10870</pluginId>
	854	<fullName>Login configurations[password]:Additional SMB password (2) :</fullName>
	855	<preferenceName>Additional SMB password (2) :</preferenceName>
	856	<preferenceType>password</preferenceType>
	857	<preferenceValues></preferenceValues>
	858	<selectedValue></selectedValue>
	859	</item>
	860	<item><pluginName>Login configurations</pluginName>
	861	<pluginId>10870</pluginId>
	862	<fullName>Login configurations[entry]:Additional SMB domain (optional) (2) :</fullName>
	863	<preferenceName>Additional SMB domain (optional) (2) :</preferenceName>
	864	<preferenceType>entry</preferenceType>
	865	<preferenceValues></preferenceValues>
	866	<selectedValue></selectedValue>
	867	</item>
	868	<item><pluginName>Login configurations</pluginName>
	869	<pluginId>10870</pluginId>
	870	<fullName>Login configurations[entry]:Additional SMB account (3) :</fullName>
	871	<preferenceName>Additional SMB account (3) :</preferenceName>
	872	<preferenceType>entry</preferenceType>
	873	<preferenceValues></preferenceValues>
	874	<selectedValue></selectedValue>
	875	</item>
	876	<item><pluginName>Login configurations</pluginName>
	877	<pluginId>10870</pluginId>
	878	<fullName>Login configurations[password]:Additional SMB password (3) :</fullName>
	879	<preferenceName>Additional SMB password (3) :</preferenceName>
	880	<preferenceType>password</preferenceType>
	881	<preferenceValues></preferenceValues>
	882	<selectedValue></selectedValue>
	883	</item>
	884	<item><pluginName>Login configurations</pluginName>
	885	<pluginId>10870</pluginId>
	886	<fullName>Login configurations[entry]:Additional SMB domain (optional) (3) :</fullName>
	887	<preferenceName>Additional SMB domain (optional) (3) :</preferenceName>
	888	<preferenceType>entry</preferenceType>
	889	<preferenceValues></preferenceValues>
	890	<selectedValue></selectedValue>
	891	</item>
	892	<item><pluginName>Login configurations</pluginName>
	893	<pluginId>10870</pluginId>
	894	<fullName>Login configurations[checkbox]:Never send SMB credentials in clear text</fullName>
	895	<preferenceName>Never send SMB credentials in clear text</preferenceName>
	896	<preferenceType>checkbox</preferenceType>
	897	<preferenceValues>yes</preferenceValues>
	898	<selectedValue>yes</selectedValue>
	899	</item>
	900	<item><pluginName>Login configurations</pluginName>
	901	<pluginId>10870</pluginId>
	902	<fullName>Login configurations[checkbox]:Only use NTLMv2</fullName>
	903	<preferenceName>Only use NTLMv2</preferenceName>
	904	<preferenceType>checkbox</preferenceType>
	905	<preferenceValues>no</preferenceValues>
	906	<selectedValue>no</selectedValue>
	907	</item>
	908	<item><pluginName>Login configurations</pluginName>
	909	<pluginId>10870</pluginId>
	910	<fullName>Login configurations[checkbox]:Only use Kerberos authentication for SMB</fullName>
	911	<preferenceName>Only use Kerberos authentication for SMB</preferenceName>
	912	<preferenceType>checkbox</preferenceType>
	913	<preferenceValues>no</preferenceValues>
	914	<selectedValue>no</selectedValue>
	915	</item>
	916	<item><pluginName>SMB Registry : Start the Registry Service during the scan</pluginName>
	917	<pluginId>35703</pluginId>
	918	<fullName>SMB Registry : Start the Registry Service during the scan[checkbox]:Start the registry service during the scan</fullName>
	919	<preferenceName>Start the registry service during the scan</preferenceName>
	920	<preferenceType>checkbox</preferenceType>
	921	<preferenceValues>no</preferenceValues>
	922	<selectedValue>no</selectedValue>
	923	</item>
	924	<item><pluginName>SMB Registry : Start the Registry Service during the scan</pluginName>
	925	<pluginId>35703</pluginId>
	926	<fullName>SMB Registry : Start the Registry Service during the scan[checkbox]:Enable administrative shares during the scan</fullName>
	927	<preferenceName>Enable administrative shares during the scan</preferenceName>
	928	<preferenceType>checkbox</preferenceType>
	929	<preferenceValues>no</preferenceValues>
	930	<selectedValue>no</selectedValue>
	931	</item>
	932	<item><pluginName>Hydra: SMB</pluginName>
	933	<pluginId>15884</pluginId>
	934	<fullName>Hydra: SMB[radio]:Check local / domain accounts</fullName>
	935	<preferenceName>Check local / domain accounts</preferenceName>
	936	<preferenceType>radio</preferenceType>
	937	<preferenceValues>Local accounts; Domain Accounts; Either</preferenceValues>
	938	<selectedValue>Local accounts; Domain Accounts; Either</selectedValue>
	939	</item>
	940	<item><pluginName>Hydra: SMB</pluginName>
	941	<pluginId>15884</pluginId>
	942	<fullName>Hydra: SMB[checkbox]:Interpret passwords as NTLM hashes</fullName>
	943	<preferenceName>Interpret passwords as NTLM hashes</preferenceName>
	944	<preferenceType>checkbox</preferenceType>
	945	<preferenceValues>no</preferenceValues>
	946	<selectedValue>no</selectedValue>
	947	</item>
	948	<item><pluginName>Patch Management: SCCM Server Settings</pluginName>
	949	<pluginId>57029</pluginId>
	950	<fullName>Patch Management: SCCM Server Settings[entry]:SCCM Server :</fullName>
	951	<preferenceName>SCCM Server :</preferenceName>
	952	<preferenceType>entry</preferenceType>
	953	<preferenceValues></preferenceValues>
	954	<selectedValue></selectedValue>
	955	</item>
	956	<item><pluginName>Patch Management: SCCM Server Settings</pluginName>
	957	<pluginId>57029</pluginId>
	958	<fullName>Patch Management: SCCM Server Settings[entry]:SCCM Domain :</fullName>
	959	<preferenceName>SCCM Domain :</preferenceName>
	960	<preferenceType>entry</preferenceType>
	961	<preferenceValues></preferenceValues>
	962	<selectedValue></selectedValue>
	963	</item>
	964	<item><pluginName>Patch Management: SCCM Server Settings</pluginName>
	965	<pluginId>57029</pluginId>
	966	<fullName>Patch Management: SCCM Server Settings[entry]:SCCM Username :</fullName>
	967	<preferenceName>SCCM Username :</preferenceName>
	968	<preferenceType>entry</preferenceType>
	969	<preferenceValues></preferenceValues>
	970	<selectedValue></selectedValue>
	971	</item>
	972	<item><pluginName>Patch Management: SCCM Server Settings</pluginName>
	973	<pluginId>57029</pluginId>
	974	<fullName>Patch Management: SCCM Server Settings[password]:SCCM Password :</fullName>
	975	<preferenceName>SCCM Password :</preferenceName>
	976	<preferenceType>password</preferenceType>
	977	<preferenceValues></preferenceValues>
	978	<selectedValue></selectedValue>
	979	</item>
	980	<item><pluginName>Palo Alto Networks PAN-OS Settings</pluginName>
	981	<pluginId>64286</pluginId>
	982	<fullName>Palo Alto Networks PAN-OS Settings[entry]:Palo Alto Username :</fullName>
	983	<preferenceName>Palo Alto Username :</preferenceName>
	984	<preferenceType>entry</preferenceType>
	985	<preferenceValues></preferenceValues>
	986	<selectedValue></selectedValue>
	987	</item>
	988	<item><pluginName>Palo Alto Networks PAN-OS Settings</pluginName>
	989	<pluginId>64286</pluginId>
	990	<fullName>Palo Alto Networks PAN-OS Settings[password]:Palo Alto Password :</fullName>
	991	<preferenceName>Palo Alto Password :</preferenceName>
	992	<preferenceType>password</preferenceType>
	993	<preferenceValues></preferenceValues>
	994	<selectedValue></selectedValue>
	995	</item>
	996	<item><pluginName>Palo Alto Networks PAN-OS Settings</pluginName>
	997	<pluginId>64286</pluginId>
	998	<fullName>Palo Alto Networks PAN-OS Settings[entry]:Palo Alto Port :</fullName>
	999	<preferenceName>Palo Alto Port :</preferenceName>
	1000	<preferenceType>entry</preferenceType>
	1001	<preferenceValues>443</preferenceValues>
	1002	<selectedValue>443</selectedValue>
	1003	</item>
	1004	<item><pluginName>Palo Alto Networks PAN-OS Settings</pluginName>
	1005	<pluginId>64286</pluginId>
	1006	<fullName>Palo Alto Networks PAN-OS Settings[checkbox]:Verify SSL Certificate :</fullName>
	1007	<preferenceName>Verify SSL Certificate :</preferenceName>
	1008	<preferenceType>checkbox</preferenceType>
	1009	<preferenceValues>no</preferenceValues>
	1010	<selectedValue>no</selectedValue>
	1011	</item>
	1012	<item><pluginName>Port scanners settings</pluginName>
	1013	<pluginId>33812</pluginId>
	1014	<fullName>Port scanners settings[checkbox]:Check open TCP ports found by local port enumerators</fullName>
	1015	<preferenceName>Check open TCP ports found by local port enumerators</preferenceName>
	1016	<preferenceType>checkbox</preferenceType>
	1017	<preferenceValues>no</preferenceValues>
	1018	<selectedValue>no</selectedValue>
	1019	</item>
	1020	<item><pluginName>Port scanners settings</pluginName>
	1021	<pluginId>33812</pluginId>
	1022	<fullName>Port scanners settings[checkbox]:Only run network port scanners if local port enumeration failed</fullName>
	1023	<preferenceName>Only run network port scanners if local port enumeration failed</preferenceName>
	1024	<preferenceType>checkbox</preferenceType>
	1025	<preferenceValues>yes</preferenceValues>
	1026	<selectedValue>yes</selectedValue>
	1027	</item>
	1028	<item><pluginName>VMware vCenter SOAP API Settings</pluginName>
	1029	<pluginId>63060</pluginId>
	1030	<fullName>VMware vCenter SOAP API Settings[entry]:VMware vCenter host :</fullName>
	1031	<preferenceName>VMware vCenter host :</preferenceName>
	1032	<preferenceType>entry</preferenceType>
	1033	<preferenceValues></preferenceValues>
	1034	<selectedValue></selectedValue>
	1035	</item>
	1036	<item><pluginName>VMware vCenter SOAP API Settings</pluginName>
	1037	<pluginId>63060</pluginId>
	1038	<fullName>VMware vCenter SOAP API Settings[entry]:VMware vCenter port :</fullName>
	1039	<preferenceName>VMware vCenter port :</preferenceName>
	1040	<preferenceType>entry</preferenceType>
	1041	<preferenceValues>443</preferenceValues>
	1042	<selectedValue>443</selectedValue>
	1043	</item>
	1044	<item><pluginName>VMware vCenter SOAP API Settings</pluginName>
	1045	<pluginId>63060</pluginId>
	1046	<fullName>VMware vCenter SOAP API Settings[entry]:VMware vCenter user name :</fullName>
	1047	<preferenceName>VMware vCenter user name :</preferenceName>
	1048	<preferenceType>entry</preferenceType>
	1049	<preferenceValues></preferenceValues>
	1050	<selectedValue></selectedValue>
	1051	</item>
	1052	<item><pluginName>VMware vCenter SOAP API Settings</pluginName>
	1053	<pluginId>63060</pluginId>
	1054	<fullName>VMware vCenter SOAP API Settings[password]:VMware vCenter password :</fullName>
	1055	<preferenceName>VMware vCenter password :</preferenceName>
	1056	<preferenceType>password</preferenceType>
	1057	<preferenceValues></preferenceValues>
	1058	<selectedValue></selectedValue>
	1059	</item>
	1060	<item><pluginName>VMware vCenter SOAP API Settings</pluginName>
	1061	<pluginId>63060</pluginId>
	1062	<fullName>VMware vCenter SOAP API Settings[checkbox]:SSL :</fullName>
	1063	<preferenceName>SSL :</preferenceName>
	1064	<preferenceType>checkbox</preferenceType>
	1065	<preferenceValues>yes</preferenceValues>
	1066	<selectedValue>yes</selectedValue>
	1067	</item>
	1068	<item><pluginName>VMware vCenter SOAP API Settings</pluginName>
	1069	<pluginId>63060</pluginId>
	1070	<fullName>VMware vCenter SOAP API Settings[checkbox]:Verify SSL Certificate :</fullName>
	1071	<preferenceName>Verify SSL Certificate :</preferenceName>
	1072	<preferenceType>checkbox</preferenceType>
	1073	<preferenceValues>no</preferenceValues>
	1074	<selectedValue>no</selectedValue>
	1075	</item>
	1076	<item><pluginName>Patch Management: VMware Go Server Settings</pluginName>
	1077	<pluginId>57026</pluginId>
	1078	<fullName>Patch Management: VMware Go Server Settings[entry]:Host :</fullName>
	1079	<preferenceName>Host :</preferenceName>
	1080	<preferenceType>entry</preferenceType>
	1081	<preferenceValues>services.shavlik.com</preferenceValues>
	1082	<selectedValue>services.shavlik.com</selectedValue>
	1083	</item>
	1084	<item><pluginName>Patch Management: VMware Go Server Settings</pluginName>
	1085	<pluginId>57026</pluginId>
	1086	<fullName>Patch Management: VMware Go Server Settings[entry]:Port :</fullName>
	1087	<preferenceName>Port :</preferenceName>
	1088	<preferenceType>entry</preferenceType>
	1089	<preferenceValues>443</preferenceValues>
	1090	<selectedValue>443</selectedValue>
	1091	</item>
	1092	<item><pluginName>Patch Management: VMware Go Server Settings</pluginName>
	1093	<pluginId>57026</pluginId>
	1094	<fullName>Patch Management: VMware Go Server Settings[entry]:Username :</fullName>
	1095	<preferenceName>Username :</preferenceName>
	1096	<preferenceType>entry</preferenceType>
	1097	<preferenceValues></preferenceValues>
	1098	<selectedValue></selectedValue>
	1099	</item>
	1100	<item><pluginName>Patch Management: VMware Go Server Settings</pluginName>
	1101	<pluginId>57026</pluginId>
	1102	<fullName>Patch Management: VMware Go Server Settings[password]:Password :</fullName>
	1103	<preferenceName>Password :</preferenceName>
	1104	<preferenceType>password</preferenceType>
	1105	<preferenceValues></preferenceValues>
	1106	<selectedValue></selectedValue>
	1107	</item>
	1108	<item><pluginName>Patch Management: VMware Go Server Settings</pluginName>
	1109	<pluginId>57026</pluginId>
	1110	<fullName>Patch Management: VMware Go Server Settings[entry]:Domain :</fullName>
	1111	<preferenceName>Domain :</preferenceName>
	1112	<preferenceType>entry</preferenceType>
	1113	<preferenceValues></preferenceValues>
	1114	<selectedValue></selectedValue>
	1115	</item>
	1116	<item><pluginName>Patch Management: VMware Go Server Settings</pluginName>
	1117	<pluginId>57026</pluginId>
	1118	<fullName>Patch Management: VMware Go Server Settings[entry]:API path :</fullName>
	1119	<preferenceName>API path :</preferenceName>
	1120	<preferenceType>entry</preferenceType>
	1121	<preferenceValues>/api/authenticationbroker/account/httpIssue.svc/</preferenceValues>
	1122	<selectedValue>/api/authenticationbroker/account/httpIssue.svc/</selectedValue>
	1123	</item>
	1124	<item><pluginName>Patch Management: VMware Go Server Settings</pluginName>
	1125	<pluginId>57026</pluginId>
	1126	<fullName>Patch Management: VMware Go Server Settings[entry]:Authentication realm :</fullName>
	1127	<preferenceName>Authentication realm :</preferenceName>
	1128	<preferenceType>entry</preferenceType>
	1129	<preferenceValues>https://services.shavlik.com/api/dataservices/v1r1/default.aspx</preferenceValues>
	1130	<selectedValue>https://services.shavlik.com/api/dataservices/v1r1/default.aspx</selectedValue>
	1131	</item>
	1132	<item><pluginName>Patch Management: VMware Go Server Settings</pluginName>
	1133	<pluginId>57026</pluginId>
	1134	<fullName>Patch Management: VMware Go Server Settings[entry]:Service path :</fullName>
	1135	<preferenceName>Service path :</preferenceName>
	1136	<preferenceType>entry</preferenceType>
	1137	<preferenceValues>/api/dataservices/v1r1/OData.svc/</preferenceValues>
	1138	<selectedValue>/api/dataservices/v1r1/OData.svc/</selectedValue>
	1139	</item>
	1140	<item><pluginName>HTTP cookies import</pluginName>
	1141	<pluginId>42893</pluginId>
	1142	<fullName>HTTP cookies import[file]:Cookies file :</fullName>
	1143	<preferenceName>Cookies file :</preferenceName>
	1144	<preferenceType>file</preferenceType>
	1145	<preferenceValues></preferenceValues>
	1146	<selectedValue></selectedValue>
	1147	</item>
	1148	<item><pluginName>Ping the remote host</pluginName>
	1149	<pluginId>10180</pluginId>
	1150	<fullName>Ping the remote host[entry]:TCP ping destination port(s) :</fullName>
	1151	<preferenceName>TCP ping destination port(s) :</preferenceName>
	1152	<preferenceType>entry</preferenceType>
	1153	<preferenceValues>built-in</preferenceValues>
	1154	<selectedValue>built-in</selectedValue>
	1155	</item>
	1156	<item><pluginName>Ping the remote host</pluginName>
	1157	<pluginId>10180</pluginId>
	1158	<fullName>Ping the remote host[checkbox]:Do an ARP ping</fullName>
	1159	<preferenceName>Do an ARP ping</preferenceName>
	1160	<preferenceType>checkbox</preferenceType>
	1161	<preferenceValues>yes</preferenceValues>
	1162	<selectedValue>yes</selectedValue>
	1163	</item>
	1164	<item><pluginName>Ping the remote host</pluginName>
	1165	<pluginId>10180</pluginId>
	1166	<fullName>Ping the remote host[checkbox]:Do a TCP ping</fullName>
	1167	<preferenceName>Do a TCP ping</preferenceName>
	1168	<preferenceType>checkbox</preferenceType>
	1169	<preferenceValues>yes</preferenceValues>
	1170	<selectedValue>yes</selectedValue>
	1171	</item>
	1172	<item><pluginName>Ping the remote host</pluginName>
	1173	<pluginId>10180</pluginId>
	1174	<fullName>Ping the remote host[checkbox]:Do an ICMP ping</fullName>
	1175	<preferenceName>Do an ICMP ping</preferenceName>
	1176	<preferenceType>checkbox</preferenceType>
	1177	<preferenceValues>yes</preferenceValues>
	1178	<selectedValue>yes</selectedValue>
	1179	</item>
	1180	<item><pluginName>Ping the remote host</pluginName>
	1181	<pluginId>10180</pluginId>
	1182	<fullName>Ping the remote host[entry]:Number of retries (ICMP) :</fullName>
	1183	<preferenceName>Number of retries (ICMP) :</preferenceName>
	1184	<preferenceType>entry</preferenceType>
	1185	<preferenceValues>2</preferenceValues>
	1186	<selectedValue>2</selectedValue>
	1187	</item>
	1188	<item><pluginName>Ping the remote host</pluginName>
	1189	<pluginId>10180</pluginId>
	1190	<fullName>Ping the remote host[checkbox]:Do an applicative UDP ping (DNS,RPC...)</fullName>
	1191	<preferenceName>Do an applicative UDP ping (DNS,RPC...)</preferenceName>
	1192	<preferenceType>checkbox</preferenceType>
	1193	<preferenceValues>no</preferenceValues>
	1194	<selectedValue>no</selectedValue>
	1195	</item>
	1196	<item><pluginName>Ping the remote host</pluginName>
	1197	<pluginId>10180</pluginId>
	1198	<fullName>Ping the remote host[checkbox]:Make the dead hosts appear in the report</fullName>
	1199	<preferenceName>Make the dead hosts appear in the report</preferenceName>
	1200	<preferenceType>checkbox</preferenceType>
	1201	<preferenceValues>no</preferenceValues>
	1202	<selectedValue>no</selectedValue>
	1203	</item>
	1204	<item><pluginName>Ping the remote host</pluginName>
	1205	<pluginId>10180</pluginId>
	1206	<fullName>Ping the remote host[checkbox]:Log live hosts in the report</fullName>
	1207	<preferenceName>Log live hosts in the report</preferenceName>
	1208	<preferenceType>checkbox</preferenceType>
	1209	<preferenceValues>no</preferenceValues>
	1210	<selectedValue>no</selectedValue>
	1211	</item>
	1212	<item><pluginName>Ping the remote host</pluginName>
	1213	<pluginId>10180</pluginId>
	1214	<fullName>Ping the remote host[checkbox]:Test the local Nessus host</fullName>
	1215	<preferenceName>Test the local Nessus host</preferenceName>
	1216	<preferenceType>checkbox</preferenceType>
	1217	<preferenceValues>yes</preferenceValues>
	1218	<selectedValue>yes</selectedValue>
	1219	</item>
	1220	<item><pluginName>Ping the remote host</pluginName>
	1221	<pluginId>10180</pluginId>
	1222	<fullName>Ping the remote host[checkbox]:Fast network discovery</fullName>
	1223	<preferenceName>Fast network discovery</preferenceName>
	1224	<preferenceType>checkbox</preferenceType>
	1225	<preferenceValues>no</preferenceValues>
	1226	<selectedValue>no</selectedValue>
	1227	</item>
	1228	<item><pluginName>LDAP 'Domain Admins' Group Membership Enumeration</pluginName>
	1229	<pluginId>58038</pluginId>
	1230	<fullName>LDAP 'Domain Admins' Group Membership Enumeration[entry]:LDAP user :</fullName>
	1231	<preferenceName>LDAP user :</preferenceName>
	1232	<preferenceType>entry</preferenceType>
	1233	<preferenceValues></preferenceValues>
	1234	<selectedValue></selectedValue>
	1235	</item>
	1236	<item><pluginName>LDAP 'Domain Admins' Group Membership Enumeration</pluginName>
	1237	<pluginId>58038</pluginId>
	1238	<fullName>LDAP 'Domain Admins' Group Membership Enumeration[password]:LDAP password :</fullName>
	1239	<preferenceName>LDAP password :</preferenceName>
	1240	<preferenceType>password</preferenceType>
	1241	<preferenceValues></preferenceValues>
	1242	<selectedValue></selectedValue>
	1243	</item>
	1244	<item><pluginName>LDAP 'Domain Admins' Group Membership Enumeration</pluginName>
	1245	<pluginId>58038</pluginId>
	1246	<fullName>LDAP 'Domain Admins' Group Membership Enumeration[entry]:Max results :</fullName>
	1247	<preferenceName>Max results :</preferenceName>
	1248	<preferenceType>entry</preferenceType>
	1249	<preferenceValues>1000</preferenceValues>
	1250	<selectedValue>1000</selectedValue>
	1251	</item>
	1252	<item><pluginName>Global variable settings</pluginName>
	1253	<pluginId>12288</pluginId>
	1254	<fullName>Global variable settings[checkbox]:Probe services on every port</fullName>
	1255	<preferenceName>Probe services on every port</preferenceName>
	1256	<preferenceType>checkbox</preferenceType>
	1257	<preferenceValues>yes</preferenceValues>
	1258	<selectedValue>yes</selectedValue>
	1259	</item>
	1260	<item><pluginName>Global variable settings</pluginName>
	1261	<pluginId>12288</pluginId>
	1262	<fullName>Global variable settings[checkbox]:Do not log in with user accounts not specified in the policy</fullName>
	1263	<preferenceName>Do not log in with user accounts not specified in the policy</preferenceName>
	1264	<preferenceType>checkbox</preferenceType>
	1265	<preferenceValues>no</preferenceValues>
	1266	<selectedValue>no</selectedValue>
	1267	</item>
	1268	<item><pluginName>Global variable settings</pluginName>
	1269	<pluginId>12288</pluginId>
	1270	<fullName>Global variable settings[checkbox]:Enable CGI scanning</fullName>
	1271	<preferenceName>Enable CGI scanning</preferenceName>
	1272	<preferenceType>checkbox</preferenceType>
	1273	<preferenceValues>no</preferenceValues>
	1274	<selectedValue>yes</selectedValue>
	1275	</item>
	1276	<item><pluginName>Global variable settings</pluginName>
	1277	<pluginId>12288</pluginId>
	1278	<fullName>Global variable settings[radio]:Network type</fullName>
	1279	<preferenceName>Network type</preferenceName>
	1280	<preferenceType>radio</preferenceType>
	1281	<preferenceValues>Mixed (use RFC 1918);Private LAN;Public WAN (Internet)</preferenceValues>
	1282	<selectedValue>Mixed (use RFC 1918)</selectedValue>
	1283	</item>
	1284	<item><pluginName>Global variable settings</pluginName>
	1285	<pluginId>12288</pluginId>
	1286	<fullName>Global variable settings[checkbox]:Enable experimental scripts</fullName>
	1287	<preferenceName>Enable experimental scripts</preferenceName>
	1288	<preferenceType>checkbox</preferenceType>
	1289	<preferenceValues>no</preferenceValues>
	1290	<selectedValue>no</selectedValue>
	1291	</item>
	1292	<item><pluginName>Global variable settings</pluginName>
	1293	<pluginId>12288</pluginId>
	1294	<fullName>Global variable settings[checkbox]:Thorough tests (slow)</fullName>
	1295	<preferenceName>Thorough tests (slow)</preferenceName>
	1296	<preferenceType>checkbox</preferenceType>
	1297	<preferenceValues>no</preferenceValues>
	1298	<selectedValue>no</selectedValue>
	1299	</item>
	1300	<item><pluginName>Global variable settings</pluginName>
	1301	<pluginId>12288</pluginId>
	1302	<fullName>Global variable settings[radio]:Report verbosity</fullName>
	1303	<preferenceName>Report verbosity</preferenceName>
	1304	<preferenceType>radio</preferenceType>
	1305	<preferenceValues>Normal;Quiet;Verbose</preferenceValues>
	1306	<selectedValue>Normal</selectedValue>
	1307	</item>
	1308	<item><pluginName>Global variable settings</pluginName>
	1309	<pluginId>12288</pluginId>
	1310	<fullName>Global variable settings[radio]:Report paranoia</fullName>
	1311	<preferenceName>Report paranoia</preferenceName>
	1312	<preferenceType>radio</preferenceType>
	1313	<preferenceValues>Normal;Avoid false alarms;Paranoid (more false alarms)</preferenceValues>
	1314	<selectedValue>Normal</selectedValue>
	1315	</item>
	1316	<item><pluginName>Global variable settings</pluginName>
	1317	<pluginId>12288</pluginId>
	1318	<fullName>Global variable settings[entry]:HTTP User-Agent</fullName>
	1319	<preferenceName>HTTP User-Agent</preferenceName>
	1320	<preferenceType>entry</preferenceType>
	1321	<preferenceValues>Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)</preferenceValues>
	1322	<selectedValue>Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)</selectedValue>
	1323	</item>
	1324	<item><pluginName>Global variable settings</pluginName>
	1325	<pluginId>12288</pluginId>
	1326	<fullName>Global variable settings[file]:SSL certificate to use :</fullName>
	1327	<preferenceName>SSL certificate to use :</preferenceName>
	1328	<preferenceType>file</preferenceType>
	1329	<preferenceValues></preferenceValues>
	1330	<selectedValue></selectedValue>
	1331	</item>
	1332	<item><pluginName>Global variable settings</pluginName>
	1333	<pluginId>12288</pluginId>
	1334	<fullName>Global variable settings[file]:SSL CA to trust :</fullName>
	1335	<preferenceName>SSL CA to trust :</preferenceName>
	1336	<preferenceType>file</preferenceType>
	1337	<preferenceValues></preferenceValues>
	1338	<selectedValue></selectedValue>
	1339	</item>
	1340	<item><pluginName>Global variable settings</pluginName>
	1341	<pluginId>12288</pluginId>
	1342	<fullName>Global variable settings[file]:SSL key to use :</fullName>
	1343	<preferenceName>SSL key to use :</preferenceName>
	1344	<preferenceType>file</preferenceType>
	1345	<preferenceValues></preferenceValues>
	1346	<selectedValue></selectedValue>
	1347	</item>
	1348	<item><pluginName>Global variable settings</pluginName>
	1349	<pluginId>12288</pluginId>
	1350	<fullName>Global variable settings[password]:SSL password for SSL key :</fullName>
	1351	<preferenceName>SSL password for SSL key :</preferenceName>
	1352	<preferenceType>password</preferenceType>
	1353	<preferenceValues></preferenceValues>
	1354	<selectedValue></selectedValue>
	1355	</item>
	1356	<item><pluginName>Hydra: SAP R3</pluginName>
	1357	<pluginId>15883</pluginId>
	1358	<fullName>Hydra: SAP R3[entry]:Client ID (between 0 and 99) :</fullName>
	1359	<preferenceName>Client ID (between 0 and 99) :</preferenceName>
	1360	<preferenceType>entry</preferenceType>
	1361	<preferenceValues></preferenceValues>
	1362	<selectedValue></selectedValue>
	1363	</item>
	1364	<item><pluginName>Cleartext protocols settings</pluginName>
	1365	<pluginId>21744</pluginId>
	1366	<fullName>Cleartext protocols settings[entry]:User name :</fullName>
	1367	<preferenceName>User name :</preferenceName>
	1368	<preferenceType>entry</preferenceType>
	1369	<preferenceValues></preferenceValues>
	1370	<selectedValue></selectedValue>
	1371	</item>
	1372	<item><pluginName>Cleartext protocols settings</pluginName>
	1373	<pluginId>21744</pluginId>
	1374	<fullName>Cleartext protocols settings[password]:Password (unsafe!) :</fullName>
	1375	<preferenceName>Password (unsafe!) :</preferenceName>
	1376	<preferenceType>password</preferenceType>
	1377	<preferenceValues></preferenceValues>
	1378	<selectedValue></selectedValue>
	1379	</item>
	1380	<item><pluginName>Cleartext protocols settings</pluginName>
	1381	<pluginId>21744</pluginId>
	1382	<fullName>Cleartext protocols settings[checkbox]:Try to perform patch level checks over telnet</fullName>
	1383	<preferenceName>Try to perform patch level checks over telnet</preferenceName>
	1384	<preferenceType>checkbox</preferenceType>
	1385	<preferenceValues>no</preferenceValues>
	1386	<selectedValue>no</selectedValue>
	1387	</item>
	1388	<item><pluginName>Cleartext protocols settings</pluginName>
	1389	<pluginId>21744</pluginId>
	1390	<fullName>Cleartext protocols settings[checkbox]:Try to perform patch level checks over rsh</fullName>
	1391	<preferenceName>Try to perform patch level checks over rsh</preferenceName>
	1392	<preferenceType>checkbox</preferenceType>
	1393	<preferenceValues>no</preferenceValues>
	1394	<selectedValue>no</selectedValue>
	1395	</item>
	1396	<item><pluginName>Cleartext protocols settings</pluginName>
	1397	<pluginId>21744</pluginId>
	1398	<fullName>Cleartext protocols settings[checkbox]:Try to perform patch level checks over rexec</fullName>
	1399	<preferenceName>Try to perform patch level checks over rexec</preferenceName>
	1400	<preferenceType>checkbox</preferenceType>
	1401	<preferenceValues>no</preferenceValues>
	1402	<selectedValue>no</selectedValue>
	1403	</item>
	1404	<item><pluginName>IBM iSeries Credentials</pluginName>
	1405	<pluginId>57861</pluginId>
	1406	<fullName>IBM iSeries Credentials[entry]:Login :</fullName>
	1407	<preferenceName>Login :</preferenceName>
	1408	<preferenceType>entry</preferenceType>
	1409	<preferenceValues></preferenceValues>
	1410	<selectedValue></selectedValue>
	1411	</item>
	1412	<item><pluginName>IBM iSeries Credentials</pluginName>
	1413	<pluginId>57861</pluginId>
	1414	<fullName>IBM iSeries Credentials[password]:Password :</fullName>
	1415	<preferenceName>Password :</preferenceName>
	1416	<preferenceType>password</preferenceType>
	1417	<preferenceValues></preferenceValues>
	1418	<selectedValue></selectedValue>
	1419	</item>
	1420	<item><pluginName>SMB Use Domain SID to Enumerate Users</pluginName>
	1421	<pluginId>10399</pluginId>
	1422	<fullName>SMB Use Domain SID to Enumerate Users[entry]:Start UID :</fullName>
	1423	<preferenceName>Start UID :</preferenceName>
	1424	<preferenceType>entry</preferenceType>
	1425	<preferenceValues>1000</preferenceValues>
	1426	<selectedValue>1000</selectedValue>
	1427	</item>
	1428	<item><pluginName>SMB Use Domain SID to Enumerate Users</pluginName>
	1429	<pluginId>10399</pluginId>
	1430	<fullName>SMB Use Domain SID to Enumerate Users[entry]:End UID :</fullName>
	1431	<preferenceName>End UID :</preferenceName>
	1432	<preferenceType>entry</preferenceType>
	1433	<preferenceValues>1200</preferenceValues>
	1434	<selectedValue>1200</selectedValue>
	1435	</item>
	1436	<item><pluginName>Do not scan fragile devices</pluginName>
	1437	<pluginId>22481</pluginId>
	1438	<fullName>Do not scan fragile devices[checkbox]:Scan Network Printers</fullName>
	1439	<preferenceName>Scan Network Printers</preferenceName>
	1440	<preferenceType>checkbox</preferenceType>
	1441	<preferenceValues>no</preferenceValues>
	1442	<selectedValue>no</selectedValue>
	1443	</item>
	1444	<item><pluginName>Do not scan fragile devices</pluginName>
	1445	<pluginId>22481</pluginId>
	1446	<fullName>Do not scan fragile devices[checkbox]:Scan Novell Netware hosts</fullName>
	1447	<preferenceName>Scan Novell Netware hosts</preferenceName>
	1448	<preferenceType>checkbox</preferenceType>
	1449	<preferenceValues>no</preferenceValues>
	1450	<selectedValue>no</selectedValue>
	1451	</item>
	1452	<item><pluginName>Hydra: HTTP proxy</pluginName>
	1453	<pluginId>15874</pluginId>
	1454	<fullName>Hydra: HTTP proxy[entry]:Web site (optional) :</fullName>
	1455	<preferenceName>Web site (optional) :</preferenceName>
	1456	<preferenceType>entry</preferenceType>
	1457	<preferenceValues></preferenceValues>
	1458	<selectedValue></selectedValue>
	1459	</item>
	1460	<item><pluginName>Nikto (NASL wrapper)</pluginName>
	1461	<pluginId>14260</pluginId>
	1462	<fullName>Nikto (NASL wrapper)[checkbox]:Enable Nikto</fullName>
	1463	<preferenceName>Enable Nikto</preferenceName>
	1464	<preferenceType>checkbox</preferenceType>
	1465	<preferenceValues>no</preferenceValues>
	1466	<selectedValue>no</selectedValue>
	1467	</item>
	1468	<item><pluginName>Nikto (NASL wrapper)</pluginName>
	1469	<pluginId>14260</pluginId>
	1470	<fullName>Nikto (NASL wrapper)[checkbox]:Disable if server never replies 404</fullName>
	1471	<preferenceName>Disable if server never replies 404</preferenceName>
	1472	<preferenceType>checkbox</preferenceType>
	1473	<preferenceValues>yes</preferenceValues>
	1474	<selectedValue>yes</selectedValue>
	1475	</item>
	1476	<item><pluginName>Nikto (NASL wrapper)</pluginName>
	1477	<pluginId>14260</pluginId>
	1478	<fullName>Nikto (NASL wrapper)[entry]:Root directory</fullName>
	1479	<preferenceName>Root directory</preferenceName>
	1480	<preferenceType>entry</preferenceType>
	1481	<preferenceValues></preferenceValues>
	1482	<selectedValue></selectedValue>
	1483	</item>
	1484	<item><pluginName>Nikto (NASL wrapper)</pluginName>
	1485	<pluginId>14260</pluginId>
	1486	<fullName>Nikto (NASL wrapper)[entry]:Pause between tests (s)</fullName>
	1487	<preferenceName>Pause between tests (s)</preferenceName>
	1488	<preferenceType>entry</preferenceType>
	1489	<preferenceValues></preferenceValues>
	1490	<selectedValue></selectedValue>
	1491	</item>
	1492	<item><pluginName>Nikto (NASL wrapper)</pluginName>
	1493	<pluginId>14260</pluginId>
	1494	<fullName>Nikto (NASL wrapper)[radio]:Scan CGI directories</fullName>
	1495	<preferenceName>Scan CGI directories</preferenceName>
	1496	<preferenceType>radio</preferenceType>
	1497	<preferenceValues>User supplied;All;None</preferenceValues>
	1498	<selectedValue>User supplied;All;None</selectedValue>
	1499	</item>
	1500	<item><pluginName>Nikto (NASL wrapper)</pluginName>
	1501	<pluginId>14260</pluginId>
	1502	<fullName>Nikto (NASL wrapper)[checkbox]:Display: 1 Show redirects</fullName>
	1503	<preferenceName>Display: 1 Show redirects</preferenceName>
	1504	<preferenceType>checkbox</preferenceType>
	1505	<preferenceValues>no</preferenceValues>
	1506	<selectedValue>no</selectedValue>
	1507	</item>
	1508	<item><pluginName>Nikto (NASL wrapper)</pluginName>
	1509	<pluginId>14260</pluginId>
	1510	<fullName>Nikto (NASL wrapper)[checkbox]:Display: 2 Show cookies received</fullName>
	1511	<preferenceName>Display: 2 Show cookies received</preferenceName>
	1512	<preferenceType>checkbox</preferenceType>
	1513	<preferenceValues>no</preferenceValues>
	1514	<selectedValue>no</selectedValue>
	1515	</item>
	1516	<item><pluginName>Nikto (NASL wrapper)</pluginName>
	1517	<pluginId>14260</pluginId>
	1518	<fullName>Nikto (NASL wrapper)[checkbox]:Display: 3 Show all 200/OK responses</fullName>
	1519	<preferenceName>Display: 3 Show all 200/OK responses</preferenceName>
	1520	<preferenceType>checkbox</preferenceType>
	1521	<preferenceValues>no</preferenceValues>
	1522	<selectedValue>no</selectedValue>
	1523	</item>
	1524	<item><pluginName>Nikto (NASL wrapper)</pluginName>
	1525	<pluginId>14260</pluginId>
	1526	<fullName>Nikto (NASL wrapper)[checkbox]:Display: 4 Show URLs which require authentication</fullName>
	1527	<preferenceName>Display: 4 Show URLs which require authentication</preferenceName>
	1528	<preferenceType>checkbox</preferenceType>
	1529	<preferenceValues>no</preferenceValues>
	1530	<selectedValue>no</selectedValue>
	1531	</item>
	1532	<item><pluginName>Nikto (NASL wrapper)</pluginName>
	1533	<pluginId>14260</pluginId>
	1534	<fullName>Nikto (NASL wrapper)[checkbox]:Display: V Verbose Output</fullName>
	1535	<preferenceName>Display: V Verbose Output</preferenceName>
	1536	<preferenceType>checkbox</preferenceType>
	1537	<preferenceValues>no</preferenceValues>
	1538	<selectedValue>no</selectedValue>
	1539	</item>
	1540	<item><pluginName>Nikto (NASL wrapper)</pluginName>
	1541	<pluginId>14260</pluginId>
	1542	<fullName>Nikto (NASL wrapper)[checkbox]:Tuning: 1 Interesting File / Seen in logs</fullName>
	1543	<preferenceName>Tuning: 1 Interesting File / Seen in logs</preferenceName>
	1544	<preferenceType>checkbox</preferenceType>
	1545	<preferenceValues>no</preferenceValues>
	1546	<selectedValue>no</selectedValue>
	1547	</item>
	1548	<item><pluginName>Nikto (NASL wrapper)</pluginName>
	1549	<pluginId>14260</pluginId>
	1550	<fullName>Nikto (NASL wrapper)[checkbox]:Tuning: 2 Misconfiguration / Default File</fullName>
	1551	<preferenceName>Tuning: 2 Misconfiguration / Default File</preferenceName>
	1552	<preferenceType>checkbox</preferenceType>
	1553	<preferenceValues>no</preferenceValues>
	1554	<selectedValue>no</selectedValue>
	1555	</item>
	1556	<item><pluginName>Nikto (NASL wrapper)</pluginName>
	1557	<pluginId>14260</pluginId>
	1558	<fullName>Nikto (NASL wrapper)[checkbox]:Tuning: 3 Information Disclosure</fullName>
	1559	<preferenceName>Tuning: 3 Information Disclosure</preferenceName>
	1560	<preferenceType>checkbox</preferenceType>
	1561	<preferenceValues>no</preferenceValues>
	1562	<selectedValue>no</selectedValue>
	1563	</item>
	1564	<item><pluginName>Nikto (NASL wrapper)</pluginName>
	1565	<pluginId>14260</pluginId>
	1566	<fullName>Nikto (NASL wrapper)[checkbox]:Tuning: 4 Injection (XSS/Script/HTML)</fullName>
	1567	<preferenceName>Tuning: 4 Injection (XSS/Script/HTML)</preferenceName>
	1568	<preferenceType>checkbox</preferenceType>
	1569	<preferenceValues>no</preferenceValues>
	1570	<selectedValue>no</selectedValue>
	1571	</item>
	1572	<item><pluginName>Nikto (NASL wrapper)</pluginName>
	1573	<pluginId>14260</pluginId>
	1574	<fullName>Nikto (NASL wrapper)[checkbox]:Tuning: 5 Remote File Retrieval - Inside Web Root</fullName>
	1575	<preferenceName>Tuning: 5 Remote File Retrieval - Inside Web Root</preferenceName>
	1576	<preferenceType>checkbox</preferenceType>
	1577	<preferenceValues>no</preferenceValues>
	1578	<selectedValue>no</selectedValue>
	1579	</item>
	1580	<item><pluginName>Nikto (NASL wrapper)</pluginName>
	1581	<pluginId>14260</pluginId>
	1582	<fullName>Nikto (NASL wrapper)[checkbox]:Tuning: 6 Denial of Service</fullName>
	1583	<preferenceName>Tuning: 6 Denial of Service</preferenceName>
	1584	<preferenceType>checkbox</preferenceType>
	1585	<preferenceValues>no</preferenceValues>
	1586	<selectedValue>no</selectedValue>
	1587	</item>
	1588	<item><pluginName>Nikto (NASL wrapper)</pluginName>
	1589	<pluginId>14260</pluginId>
	1590	<fullName>Nikto (NASL wrapper)[checkbox]:Tuning: 7 Remote File Retrieval - Server Wide</fullName>
	1591	<preferenceName>Tuning: 7 Remote File Retrieval - Server Wide</preferenceName>
	1592	<preferenceType>checkbox</preferenceType>
	1593	<preferenceValues>no</preferenceValues>
	1594	<selectedValue>no</selectedValue>
	1595	</item>
	1596	<item><pluginName>Nikto (NASL wrapper)</pluginName>
	1597	<pluginId>14260</pluginId>
	1598	<fullName>Nikto (NASL wrapper)[checkbox]:Tuning: 8 Command Execution / Remote Shell</fullName>
	1599	<preferenceName>Tuning: 8 Command Execution / Remote Shell</preferenceName>
	1600	<preferenceType>checkbox</preferenceType>
	1601	<preferenceValues>no</preferenceValues>
	1602	<selectedValue>no</selectedValue>
	1603	</item>
	1604	<item><pluginName>Nikto (NASL wrapper)</pluginName>
	1605	<pluginId>14260</pluginId>
	1606	<fullName>Nikto (NASL wrapper)[checkbox]:Tuning: 9 SQL Injection</fullName>
	1607	<preferenceName>Tuning: 9 SQL Injection</preferenceName>
	1608	<preferenceType>checkbox</preferenceType>
	1609	<preferenceValues>no</preferenceValues>
	1610	<selectedValue>no</selectedValue>
	1611	</item>
	1612	<item><pluginName>Nikto (NASL wrapper)</pluginName>
	1613	<pluginId>14260</pluginId>
	1614	<fullName>Nikto (NASL wrapper)[checkbox]:Tuning: 0 File Upload</fullName>
	1615	<preferenceName>Tuning: 0 File Upload</preferenceName>
	1616	<preferenceType>checkbox</preferenceType>
	1617	<preferenceValues>no</preferenceValues>
	1618	<selectedValue>no</selectedValue>
	1619	</item>
	1620	<item><pluginName>Nikto (NASL wrapper)</pluginName>
	1621	<pluginId>14260</pluginId>
	1622	<fullName>Nikto (NASL wrapper)[checkbox]:Tuning: a Authentication Bypass</fullName>
	1623	<preferenceName>Tuning: a Authentication Bypass</preferenceName>
	1624	<preferenceType>checkbox</preferenceType>
	1625	<preferenceValues>no</preferenceValues>
	1626	<selectedValue>no</selectedValue>
	1627	</item>
	1628	<item><pluginName>Nikto (NASL wrapper)</pluginName>
	1629	<pluginId>14260</pluginId>
	1630	<fullName>Nikto (NASL wrapper)[checkbox]:Tuning: b Software Identification</fullName>
	1631	<preferenceName>Tuning: b Software Identification</preferenceName>
	1632	<preferenceType>checkbox</preferenceType>
	1633	<preferenceValues>no</preferenceValues>
	1634	<selectedValue>no</selectedValue>
	1635	</item>
	1636	<item><pluginName>Nikto (NASL wrapper)</pluginName>
	1637	<pluginId>14260</pluginId>
	1638	<fullName>Nikto (NASL wrapper)[checkbox]:Tuning: c Remote Source Inclusion</fullName>
	1639	<preferenceName>Tuning: c Remote Source Inclusion</preferenceName>
	1640	<preferenceType>checkbox</preferenceType>
	1641	<preferenceValues>no</preferenceValues>
	1642	<selectedValue>no</selectedValue>
	1643	</item>
	1644	<item><pluginName>Nikto (NASL wrapper)</pluginName>
	1645	<pluginId>14260</pluginId>
	1646	<fullName>Nikto (NASL wrapper)[checkbox]:Tuning: x Reverse Tuning Options (i.e., include all except specified)</fullName>
	1647	<preferenceName>Tuning: x Reverse Tuning Options (i.e., include all except specified)</preferenceName>
	1648	<preferenceType>checkbox</preferenceType>
	1649	<preferenceValues>no</preferenceValues>
	1650	<selectedValue>no</selectedValue>
	1651	</item>
	1652	<item><pluginName>Nikto (NASL wrapper)</pluginName>
	1653	<pluginId>14260</pluginId>
	1654	<fullName>Nikto (NASL wrapper)[checkbox]:Mutate: 1 Test all files with all root directories</fullName>
	1655	<preferenceName>Mutate: 1 Test all files with all root directories</preferenceName>
	1656	<preferenceType>checkbox</preferenceType>
	1657	<preferenceValues>no</preferenceValues>
	1658	<selectedValue>no</selectedValue>
	1659	</item>
	1660	<item><pluginName>Nikto (NASL wrapper)</pluginName>
	1661	<pluginId>14260</pluginId>
	1662	<fullName>Nikto (NASL wrapper)[checkbox]:Mutate: 2 Guess for password file names</fullName>
	1663	<preferenceName>Mutate: 2 Guess for password file names</preferenceName>
	1664	<preferenceType>checkbox</preferenceType>
	1665	<preferenceValues>no</preferenceValues>
	1666	<selectedValue>no</selectedValue>
	1667	</item>
	1668	<item><pluginName>Nikto (NASL wrapper)</pluginName>
	1669	<pluginId>14260</pluginId>
	1670	<fullName>Nikto (NASL wrapper)[checkbox]:Mutate: 3 Enumerate user names via Apache (/~user type requests)</fullName>
	1671	<preferenceName>Mutate: 3 Enumerate user names via Apache (/~user type requests)</preferenceName>
	1672	<preferenceType>checkbox</preferenceType>
	1673	<preferenceValues>no</preferenceValues>
	1674	<selectedValue>no</selectedValue>
	1675	</item>
	1676	<item><pluginName>Nikto (NASL wrapper)</pluginName>
	1677	<pluginId>14260</pluginId>
	1678	<fullName>Nikto (NASL wrapper)[checkbox]:Mutate: 4 Enumerate user names via cgiwrap (/cgi-bin/cgiwrap/~user type requests)</fullName>
	1679	<preferenceName>Mutate: 4 Enumerate user names via cgiwrap (/cgi-bin/cgiwrap/~user type requests)</preferenceName>
	1680	<preferenceType>checkbox</preferenceType>
	1681	<preferenceValues>no</preferenceValues>
	1682	<selectedValue>no</selectedValue>
	1683	</item>
	1684	<item><pluginName>Oracle Settings</pluginName>
	1685	<pluginId>22076</pluginId>
	1686	<fullName>Oracle Settings[entry]:Oracle SID :</fullName>
	1687	<preferenceName>Oracle SID :</preferenceName>
	1688	<preferenceType>entry</preferenceType>
	1689	<preferenceValues></preferenceValues>
	1690	<selectedValue></selectedValue>
	1691	</item>
	1692	<item><pluginName>Oracle Settings</pluginName>
	1693	<pluginId>22076</pluginId>
	1694	<fullName>Oracle Settings[checkbox]:Test default accounts (slow)</fullName>
	1695	<preferenceName>Test default accounts (slow)</preferenceName>
	1696	<preferenceType>checkbox</preferenceType>
	1697	<preferenceValues>no</preferenceValues>
	1698	<selectedValue>no</selectedValue>
	1699	</item>
	1700	<item><pluginName>Web Application Tests Settings</pluginName>
	1701	<pluginId>39471</pluginId>
	1702	<fullName>Web Application Tests Settings[checkbox]:Enable web applications tests</fullName>
	1703	<preferenceName>Enable web applications tests</preferenceName>
	1704	<preferenceType>checkbox</preferenceType>
	1705	<preferenceValues>no</preferenceValues>
	1706	<selectedValue>yes</selectedValue>
	1707	</item>
	1708	<item><pluginName>Web Application Tests Settings</pluginName>
	1709	<pluginId>39471</pluginId>
	1710	<fullName>Web Application Tests Settings[entry]:Maximum run time (min) :</fullName>
	1711	<preferenceName>Maximum run time (min) :</preferenceName>
	1712	<preferenceType>entry</preferenceType>
	1713	<preferenceValues>60</preferenceValues>
	1714	<selectedValue>60</selectedValue>
	1715	</item>
	1716	<item><pluginName>Web Application Tests Settings</pluginName>
	1717	<pluginId>39471</pluginId>
	1718	<fullName>Web Application Tests Settings[checkbox]:Try all HTTP methods</fullName>
	1719	<preferenceName>Try all HTTP methods</preferenceName>
	1720	<preferenceType>checkbox</preferenceType>
	1721	<preferenceValues>no</preferenceValues>
	1722	<selectedValue>no</selectedValue>
	1723	</item>
	1724	<item><pluginName>Web Application Tests Settings</pluginName>
	1725	<pluginId>39471</pluginId>
	1726	<fullName>Web Application Tests Settings[radio]:Combinations of arguments values</fullName>
	1727	<preferenceName>Combinations of arguments values</preferenceName>
	1728	<preferenceType>radio</preferenceType>
	1729	<preferenceValues>one value;some pairs;all pairs (slower but efficient);some combinations;all combinations (extremely slow)</preferenceValues>
	1730	<selectedValue>some pairs</selectedValue>
	1731	</item>
	1732	<item><pluginName>Web Application Tests Settings</pluginName>
	1733	<pluginId>39471</pluginId>
	1734	<fullName>Web Application Tests Settings[checkbox]:HTTP Parameter Pollution</fullName>
	1735	<preferenceName>HTTP Parameter Pollution</preferenceName>
	1736	<preferenceType>checkbox</preferenceType>
	1737	<preferenceValues>no</preferenceValues>
	1738	<selectedValue>no</selectedValue>
	1739	</item>
	1740	<item><pluginName>Web Application Tests Settings</pluginName>
	1741	<pluginId>39471</pluginId>
	1742	<fullName>Web Application Tests Settings[radio]:Stop at first flaw</fullName>
	1743	<preferenceName>Stop at first flaw</preferenceName>
	1744	<preferenceType>radio</preferenceType>
	1745	<preferenceValues>per CGI;per port (quicker);per parameter (slow);look for all flaws (slower)</preferenceValues>
	1746	<selectedValue>per CGI</selectedValue>
	1747	</item>
	1748	<item><pluginName>Web Application Tests Settings</pluginName>
	1749	<pluginId>39471</pluginId>
	1750	<fullName>Web Application Tests Settings[checkbox]:Test embedded web servers</fullName>
	1751	<preferenceName>Test embedded web servers</preferenceName>
	1752	<preferenceType>checkbox</preferenceType>
	1753	<preferenceValues>no</preferenceValues>
	1754	<selectedValue>no</selectedValue>
	1755	</item>
	1756	<item><pluginName>Web Application Tests Settings</pluginName>
	1757	<pluginId>39471</pluginId>
	1758	<fullName>Web Application Tests Settings[entry]:URL for Remote File Inclusion :</fullName>
	1759	<preferenceName>URL for Remote File Inclusion :</preferenceName>
	1760	<preferenceType>entry</preferenceType>
	1761	<preferenceValues>http://rfi.nessus.org/rfi.txt</preferenceValues>
	1762	<selectedValue>http://rfi.nessus.org/rfi.txt</selectedValue>
	1763	</item>
	1764	<item><pluginName>Nessus TCP scanner</pluginName>
	1765	<pluginId>10335</pluginId>
	1766	<fullName>Nessus TCP scanner[radio]:Firewall detection :</fullName>
	1767	<preferenceName>Firewall detection :</preferenceName>
	1768	<preferenceType>radio</preferenceType>
	1769	<preferenceValues>Automatic (normal);Disabled (softer);Do not detect RST rate limitation (soft);Ignore closed ports (aggressive)</preferenceValues>
	1770	<selectedValue>Automatic (normal);Disabled (softer);Do not detect RST rate limitation (soft);Ignore closed ports (aggressive)</selectedValue>
	1771	</item>
	1772	<item><pluginName>HTTP login page</pluginName>
	1773	<pluginId>11149</pluginId>
	1774	<fullName>HTTP login page[entry]:Login page :</fullName>
	1775	<preferenceName>Login page :</preferenceName>
	1776	<preferenceType>entry</preferenceType>
	1777	<preferenceValues>/</preferenceValues>
	1778	<selectedValue>/</selectedValue>
	1779	</item>
	1780	<item><pluginName>HTTP login page</pluginName>
	1781	<pluginId>11149</pluginId>
	1782	<fullName>HTTP login page[entry]:Login form :</fullName>
	1783	<preferenceName>Login form :</preferenceName>
	1784	<preferenceType>entry</preferenceType>
	1785	<preferenceValues></preferenceValues>
	1786	<selectedValue></selectedValue>
	1787	</item>
	1788	<item><pluginName>HTTP login page</pluginName>
	1789	<pluginId>11149</pluginId>
	1790	<fullName>HTTP login page[entry]:Login form fields :</fullName>
	1791	<preferenceName>Login form fields :</preferenceName>
	1792	<preferenceType>entry</preferenceType>
	1793	<preferenceValues>user=%USER%&pass=%PASS%</preferenceValues>
	1794	<selectedValue>user=%USER%&pass=%PASS%</selectedValue>
	1795	</item>
	1796	<item><pluginName>HTTP login page</pluginName>
	1797	<pluginId>11149</pluginId>
	1798	<fullName>HTTP login page[radio]:Login form method :</fullName>
	1799	<preferenceName>Login form method :</preferenceName>
	1800	<preferenceType>radio</preferenceType>
	1801	<preferenceValues>POST;GET</preferenceValues>
	1802	<selectedValue>POST;GET</selectedValue>
	1803	</item>
	1804	<item><pluginName>HTTP login page</pluginName>
	1805	<pluginId>11149</pluginId>
	1806	<fullName>HTTP login page[checkbox]:Automated login page search</fullName>
	1807	<preferenceName>Automated login page search</preferenceName>
	1808	<preferenceType>checkbox</preferenceType>
	1809	<preferenceValues>no</preferenceValues>
	1810	<selectedValue>no</selectedValue>
	1811	</item>
	1812	<item><pluginName>HTTP login page</pluginName>
	1813	<pluginId>11149</pluginId>
	1814	<fullName>HTTP login page[entry]:Re-authenticate delay (seconds) :</fullName>
	1815	<preferenceName>Re-authenticate delay (seconds) :</preferenceName>
	1816	<preferenceType>entry</preferenceType>
	1817	<preferenceValues></preferenceValues>
	1818	<selectedValue></selectedValue>
	1819	</item>
	1820	<item><pluginName>HTTP login page</pluginName>
	1821	<pluginId>11149</pluginId>
	1822	<fullName>HTTP login page[entry]:Check authentication on page :</fullName>
	1823	<preferenceName>Check authentication on page :</preferenceName>
	1824	<preferenceType>entry</preferenceType>
	1825	<preferenceValues></preferenceValues>
	1826	<selectedValue></selectedValue>
	1827	</item>
	1828	<item><pluginName>HTTP login page</pluginName>
	1829	<pluginId>11149</pluginId>
	1830	<fullName>HTTP login page[entry]:Follow 30x redirections (# of levels) :</fullName>
	1831	<preferenceName>Follow 30x redirections (# of levels) :</preferenceName>
	1832	<preferenceType>entry</preferenceType>
	1833	<preferenceValues>2</preferenceValues>
	1834	<selectedValue>2</selectedValue>
	1835	</item>
	1836	<item><pluginName>HTTP login page</pluginName>
	1837	<pluginId>11149</pluginId>
	1838	<fullName>HTTP login page[entry]:Authenticated regex :</fullName>
	1839	<preferenceName>Authenticated regex :</preferenceName>
	1840	<preferenceType>entry</preferenceType>
	1841	<preferenceValues></preferenceValues>
	1842	<selectedValue></selectedValue>
	1843	</item>
	1844	<item><pluginName>HTTP login page</pluginName>
	1845	<pluginId>11149</pluginId>
	1846	<fullName>HTTP login page[checkbox]:Invert test (disconnected if regex matches)</fullName>
	1847	<preferenceName>Invert test (disconnected if regex matches)</preferenceName>
	1848	<preferenceType>checkbox</preferenceType>
	1849	<preferenceValues>no</preferenceValues>
	1850	<selectedValue>no</selectedValue>
	1851	</item>
	1852	<item><pluginName>HTTP login page</pluginName>
	1853	<pluginId>11149</pluginId>
	1854	<fullName>HTTP login page[checkbox]:Match regex on HTTP headers</fullName>
	1855	<preferenceName>Match regex on HTTP headers</preferenceName>
	1856	<preferenceType>checkbox</preferenceType>
	1857	<preferenceValues>no</preferenceValues>
	1858	<selectedValue>no</selectedValue>
	1859	</item>
	1860	<item><pluginName>HTTP login page</pluginName>
	1861	<pluginId>11149</pluginId>
	1862	<fullName>HTTP login page[checkbox]:Case insensitive regex</fullName>
	1863	<preferenceName>Case insensitive regex</preferenceName>
	1864	<preferenceType>checkbox</preferenceType>
	1865	<preferenceValues>no</preferenceValues>
	1866	<selectedValue>no</selectedValue>
	1867	</item>
	1868	<item><pluginName>HTTP login page</pluginName>
	1869	<pluginId>11149</pluginId>
	1870	<fullName>HTTP login page[checkbox]:Abort web application tests if login fails</fullName>
	1871	<preferenceName>Abort web application tests if login fails</preferenceName>
	1872	<preferenceType>checkbox</preferenceType>
	1873	<preferenceValues>no</preferenceValues>
	1874	<selectedValue>no</selectedValue>
	1875	</item>
	1876	<item><pluginName>Patch Management: IBM Tivoli Endpoint Manager Server Settings</pluginName>
	1877	<pluginId>62558</pluginId>
	1878	<fullName>Patch Management: IBM Tivoli Endpoint Manager Server Settings[entry]:Web Reports Server :</fullName>
	1879	<preferenceName>Web Reports Server :</preferenceName>
	1880	<preferenceType>entry</preferenceType>
	1881	<preferenceValues></preferenceValues>
	1882	<selectedValue></selectedValue>
	1883	</item>
	1884	<item><pluginName>Patch Management: IBM Tivoli Endpoint Manager Server Settings</pluginName>
	1885	<pluginId>62558</pluginId>
	1886	<fullName>Patch Management: IBM Tivoli Endpoint Manager Server Settings[entry]:Web Reports Port :</fullName>
	1887	<preferenceName>Web Reports Port :</preferenceName>
	1888	<preferenceType>entry</preferenceType>
	1889	<preferenceValues></preferenceValues>
	1890	<selectedValue></selectedValue>
	1891	</item>
	1892	<item><pluginName>Patch Management: IBM Tivoli Endpoint Manager Server Settings</pluginName>
	1893	<pluginId>62558</pluginId>
	1894	<fullName>Patch Management: IBM Tivoli Endpoint Manager Server Settings[entry]:Web Reports Username :</fullName>
	1895	<preferenceName>Web Reports Username :</preferenceName>
	1896	<preferenceType>entry</preferenceType>
	1897	<preferenceValues></preferenceValues>
	1898	<selectedValue></selectedValue>
	1899	</item>
	1900	<item><pluginName>Patch Management: IBM Tivoli Endpoint Manager Server Settings</pluginName>
	1901	<pluginId>62558</pluginId>
	1902	<fullName>Patch Management: IBM Tivoli Endpoint Manager Server Settings[password]:Web Reports Password :</fullName>
	1903	<preferenceName>Web Reports Password :</preferenceName>
	1904	<preferenceType>password</preferenceType>
	1905	<preferenceValues></preferenceValues>
	1906	<selectedValue></selectedValue>
	1907	</item>
	1908	<item><pluginName>Patch Management: IBM Tivoli Endpoint Manager Server Settings</pluginName>
	1909	<pluginId>62558</pluginId>
	1910	<fullName>Patch Management: IBM Tivoli Endpoint Manager Server Settings[checkbox]:SSL :</fullName>
	1911	<preferenceName>SSL :</preferenceName>
	1912	<preferenceType>checkbox</preferenceType>
	1913	<preferenceValues>no</preferenceValues>
	1914	<selectedValue>no</selectedValue>
	1915	</item>
	1916	<item><pluginName>Patch Management: IBM Tivoli Endpoint Manager Server Settings</pluginName>
	1917	<pluginId>62558</pluginId>
	1918	<fullName>Patch Management: IBM Tivoli Endpoint Manager Server Settings[checkbox]:Verify SSL Certificate :</fullName>
	1919	<preferenceName>Verify SSL Certificate :</preferenceName>
	1920	<preferenceType>checkbox</preferenceType>
	1921	<preferenceValues>no</preferenceValues>
	1922	<selectedValue>no</selectedValue>
	1923	</item>
	1924	<item><pluginName>Patch Report</pluginName>
	1925	<pluginId>66334</pluginId>
	1926	<fullName>Patch Report[checkbox]:Display the superseded patches in the report</fullName>
	1927	<preferenceName>Display the superseded patches in the report</preferenceName>
	1928	<preferenceType>checkbox</preferenceType>
	1929	<preferenceValues>yes</preferenceValues>
	1930	<selectedValue>yes</selectedValue>
	1931	</item>
	1932	<item><pluginName>Hydra (NASL wrappers options)</pluginName>
	1933	<pluginId>15868</pluginId>
	1934	<fullName>Hydra (NASL wrappers options)[checkbox]:Always enable Hydra (slow)</fullName>
	1935	<preferenceName>Always enable Hydra (slow)</preferenceName>
	1936	<preferenceType>checkbox</preferenceType>
	1937	<preferenceValues>no</preferenceValues>
	1938	<selectedValue>no</selectedValue>
	1939	</item>
	1940	<item><pluginName>Hydra (NASL wrappers options)</pluginName>
	1941	<pluginId>15868</pluginId>
	1942	<fullName>Hydra (NASL wrappers options)[file]:Logins file :</fullName>
	1943	<preferenceName>Logins file :</preferenceName>
	1944	<preferenceType>file</preferenceType>
	1945	<preferenceValues></preferenceValues>
	1946	<selectedValue></selectedValue>
	1947	</item>
	1948	<item><pluginName>Hydra (NASL wrappers options)</pluginName>
	1949	<pluginId>15868</pluginId>
	1950	<fullName>Hydra (NASL wrappers options)[file]:Passwords file :</fullName>
	1951	<preferenceName>Passwords file :</preferenceName>
	1952	<preferenceType>file</preferenceType>
	1953	<preferenceValues></preferenceValues>
	1954	<selectedValue></selectedValue>
	1955	</item>
	1956	<item><pluginName>Hydra (NASL wrappers options)</pluginName>
	1957	<pluginId>15868</pluginId>
	1958	<fullName>Hydra (NASL wrappers options)[entry]:Number of parallel tasks :</fullName>
	1959	<preferenceName>Number of parallel tasks :</preferenceName>
	1960	<preferenceType>entry</preferenceType>
	1961	<preferenceValues>16</preferenceValues>
	1962	<selectedValue>16</selectedValue>
	1963	</item>
	1964	<item><pluginName>Hydra (NASL wrappers options)</pluginName>
	1965	<pluginId>15868</pluginId>
	1966	<fullName>Hydra (NASL wrappers options)[entry]:Timeout (in seconds) :</fullName>
	1967	<preferenceName>Timeout (in seconds) :</preferenceName>
	1968	<preferenceType>entry</preferenceType>
	1969	<preferenceValues>30</preferenceValues>
	1970	<selectedValue>30</selectedValue>
	1971	</item>
	1972	<item><pluginName>Hydra (NASL wrappers options)</pluginName>
	1973	<pluginId>15868</pluginId>
	1974	<fullName>Hydra (NASL wrappers options)[checkbox]:Try empty passwords</fullName>
	1975	<preferenceName>Try empty passwords</preferenceName>
	1976	<preferenceType>checkbox</preferenceType>
	1977	<preferenceValues>yes</preferenceValues>
	1978	<selectedValue>yes</selectedValue>
	1979	</item>
	1980	<item><pluginName>Hydra (NASL wrappers options)</pluginName>
	1981	<pluginId>15868</pluginId>
	1982	<fullName>Hydra (NASL wrappers options)[checkbox]:Try login as password</fullName>
	1983	<preferenceName>Try login as password</preferenceName>
	1984	<preferenceType>checkbox</preferenceType>
	1985	<preferenceValues>yes</preferenceValues>
	1986	<selectedValue>yes</selectedValue>
	1987	</item>
	1988	<item><pluginName>Hydra (NASL wrappers options)</pluginName>
	1989	<pluginId>15868</pluginId>
	1990	<fullName>Hydra (NASL wrappers options)[checkbox]:Exit as soon as an account is found</fullName>
	1991	<preferenceName>Exit as soon as an account is found</preferenceName>
	1992	<preferenceType>checkbox</preferenceType>
	1993	<preferenceValues>no</preferenceValues>
	1994	<selectedValue>no</selectedValue>
	1995	</item>
	1996	<item><pluginName>Hydra (NASL wrappers options)</pluginName>
	1997	<pluginId>15868</pluginId>
	1998	<fullName>Hydra (NASL wrappers options)[checkbox]:Add accounts found by other plugins to login file</fullName>
	1999	<preferenceName>Add accounts found by other plugins to login file</preferenceName>
	2000	<preferenceType>checkbox</preferenceType>
	2001	<preferenceValues>yes</preferenceValues>
	2002	<selectedValue>yes</selectedValue>
	2003	</item>
	2004	<item><pluginName>Wake-on-LAN</pluginName>
	2005	<pluginId>52616</pluginId>
	2006	<fullName>Wake-on-LAN[file]:List of MAC addresses for Wake-on-LAN:</fullName>
	2007	<preferenceName>List of MAC addresses for Wake-on-LAN:</preferenceName>
	2008	<preferenceType>file</preferenceType>
	2009	<preferenceValues></preferenceValues>
	2010	<selectedValue></selectedValue>
	2011	</item>
	2012	<item><pluginName>Wake-on-LAN</pluginName>
	2013	<pluginId>52616</pluginId>
	2014	<fullName>Wake-on-LAN[entry]:Time to wait (in minutes) for the systems to boot:</fullName>
	2015	<preferenceName>Time to wait (in minutes) for the systems to boot:</preferenceName>
	2016	<preferenceType>entry</preferenceType>
	2017	<preferenceValues>5</preferenceValues>
	2018	<selectedValue>5</selectedValue>
	2019	</item>
	2020	<item><pluginName>ADSI Settings</pluginName>
	2021	<pluginId>60024</pluginId>
	2022	<fullName>ADSI Settings[entry]:Domain Controller :</fullName>
	2023	<preferenceName>Domain Controller :</preferenceName>
	2024	<preferenceType>entry</preferenceType>
	2025	<preferenceValues></preferenceValues>
	2026	<selectedValue></selectedValue>
	2027	</item>
	2028	<item><pluginName>ADSI Settings</pluginName>
	2029	<pluginId>60024</pluginId>
	2030	<fullName>ADSI Settings[entry]:Domain :</fullName>
	2031	<preferenceName>Domain :</preferenceName>
	2032	<preferenceType>entry</preferenceType>
	2033	<preferenceValues></preferenceValues>
	2034	<selectedValue></selectedValue>
	2035	</item>
	2036	<item><pluginName>ADSI Settings</pluginName>
	2037	<pluginId>60024</pluginId>
	2038	<fullName>ADSI Settings[entry]:Domain Username :</fullName>
	2039	<preferenceName>Domain Username :</preferenceName>
	2040	<preferenceType>entry</preferenceType>
	2041	<preferenceValues></preferenceValues>
	2042	<selectedValue></selectedValue>
	2043	</item>
	2044	<item><pluginName>ADSI Settings</pluginName>
	2045	<pluginId>60024</pluginId>
	2046	<fullName>ADSI Settings[password]:Domain Password :</fullName>
	2047	<preferenceName>Domain Password :</preferenceName>
	2048	<preferenceType>password</preferenceType>
	2049	<preferenceValues></preferenceValues>
	2050	<selectedValue></selectedValue>
	2051	</item>
	2052	<item><pluginName>ADSI Settings</pluginName>
	2053	<pluginId>60024</pluginId>
	2054	<fullName>ADSI Settings[entry]:Domain Controller 2:</fullName>
	2055	<preferenceName>Domain Controller 2:</preferenceName>
	2056	<preferenceType>entry</preferenceType>
	2057	<preferenceValues></preferenceValues>
	2058	<selectedValue></selectedValue>
	2059	</item>
	2060	<item><pluginName>ADSI Settings</pluginName>
	2061	<pluginId>60024</pluginId>
	2062	<fullName>ADSI Settings[entry]:Domain 2:</fullName>
	2063	<preferenceName>Domain 2:</preferenceName>
	2064	<preferenceType>entry</preferenceType>
	2065	<preferenceValues></preferenceValues>
	2066	<selectedValue></selectedValue>
	2067	</item>
	2068	<item><pluginName>ADSI Settings</pluginName>
	2069	<pluginId>60024</pluginId>
	2070	<fullName>ADSI Settings[entry]:Domain Username 2:</fullName>
	2071	<preferenceName>Domain Username 2:</preferenceName>
	2072	<preferenceType>entry</preferenceType>
	2073	<preferenceValues></preferenceValues>
	2074	<selectedValue></selectedValue>
	2075	</item>
	2076	<item><pluginName>ADSI Settings</pluginName>
	2077	<pluginId>60024</pluginId>
	2078	<fullName>ADSI Settings[password]:Domain Password 2:</fullName>
	2079	<preferenceName>Domain Password 2:</preferenceName>
	2080	<preferenceType>password</preferenceType>
	2081	<preferenceValues></preferenceValues>
	2082	<selectedValue></selectedValue>
	2083	</item>
	2084	<item><pluginName>ADSI Settings</pluginName>
	2085	<pluginId>60024</pluginId>
	2086	<fullName>ADSI Settings[entry]:Domain Controller 3:</fullName>
	2087	<preferenceName>Domain Controller 3:</preferenceName>
	2088	<preferenceType>entry</preferenceType>
	2089	<preferenceValues></preferenceValues>
	2090	<selectedValue></selectedValue>
	2091	</item>
	2092	<item><pluginName>ADSI Settings</pluginName>
	2093	<pluginId>60024</pluginId>
	2094	<fullName>ADSI Settings[entry]:Domain 3:</fullName>
	2095	<preferenceName>Domain 3:</preferenceName>
	2096	<preferenceType>entry</preferenceType>
	2097	<preferenceValues></preferenceValues>
	2098	<selectedValue></selectedValue>
	2099	</item>
	2100	<item><pluginName>ADSI Settings</pluginName>
	2101	<pluginId>60024</pluginId>
	2102	<fullName>ADSI Settings[entry]:Domain Username 3:</fullName>
	2103	<preferenceName>Domain Username 3:</preferenceName>
	2104	<preferenceType>entry</preferenceType>
	2105	<preferenceValues></preferenceValues>
	2106	<selectedValue></selectedValue>
	2107	</item>
	2108	<item><pluginName>ADSI Settings</pluginName>
	2109	<pluginId>60024</pluginId>
	2110	<fullName>ADSI Settings[password]:Domain Password 3:</fullName>
	2111	<preferenceName>Domain Password 3:</preferenceName>
	2112	<preferenceType>password</preferenceType>
	2113	<preferenceValues></preferenceValues>
	2114	<selectedValue></selectedValue>
	2115	</item>
	2116	<item><pluginName>ADSI Settings</pluginName>
	2117	<pluginId>60024</pluginId>
	2118	<fullName>ADSI Settings[entry]:Domain Controller 4:</fullName>
	2119	<preferenceName>Domain Controller 4:</preferenceName>
	2120	<preferenceType>entry</preferenceType>
	2121	<preferenceValues></preferenceValues>
	2122	<selectedValue></selectedValue>
	2123	</item>
	2124	<item><pluginName>ADSI Settings</pluginName>
	2125	<pluginId>60024</pluginId>
	2126	<fullName>ADSI Settings[entry]:Domain 4:</fullName>
	2127	<preferenceName>Domain 4:</preferenceName>
	2128	<preferenceType>entry</preferenceType>
	2129	<preferenceValues></preferenceValues>
	2130	<selectedValue></selectedValue>
	2131	</item>
	2132	<item><pluginName>ADSI Settings</pluginName>
	2133	<pluginId>60024</pluginId>
	2134	<fullName>ADSI Settings[entry]:Domain Username 4:</fullName>
	2135	<preferenceName>Domain Username 4:</preferenceName>
	2136	<preferenceType>entry</preferenceType>
	2137	<preferenceValues></preferenceValues>
	2138	<selectedValue></selectedValue>
	2139	</item>
	2140	<item><pluginName>ADSI Settings</pluginName>
	2141	<pluginId>60024</pluginId>
	2142	<fullName>ADSI Settings[password]:Domain Password 4:</fullName>
	2143	<preferenceName>Domain Password 4:</preferenceName>
	2144	<preferenceType>password</preferenceType>
	2145	<preferenceValues></preferenceValues>
	2146	<selectedValue></selectedValue>
	2147	</item>
	2148	<item><pluginName>ADSI Settings</pluginName>
	2149	<pluginId>60024</pluginId>
	2150	<fullName>ADSI Settings[entry]:Domain Controller 5:</fullName>
	2151	<preferenceName>Domain Controller 5:</preferenceName>
	2152	<preferenceType>entry</preferenceType>
	2153	<preferenceValues></preferenceValues>
	2154	<selectedValue></selectedValue>
	2155	</item>
	2156	<item><pluginName>ADSI Settings</pluginName>
	2157	<pluginId>60024</pluginId>
	2158	<fullName>ADSI Settings[entry]:Domain 5:</fullName>
	2159	<preferenceName>Domain 5:</preferenceName>
	2160	<preferenceType>entry</preferenceType>
	2161	<preferenceValues></preferenceValues>
	2162	<selectedValue></selectedValue>
	2163	</item>
	2164	<item><pluginName>ADSI Settings</pluginName>
	2165	<pluginId>60024</pluginId>
	2166	<fullName>ADSI Settings[entry]:Domain Username 5:</fullName>
	2167	<preferenceName>Domain Username 5:</preferenceName>
	2168	<preferenceType>entry</preferenceType>
	2169	<preferenceValues></preferenceValues>
	2170	<selectedValue></selectedValue>
	2171	</item>
	2172	<item><pluginName>ADSI Settings</pluginName>
	2173	<pluginId>60024</pluginId>
	2174	<fullName>ADSI Settings[password]:Domain Password 5:</fullName>
	2175	<preferenceName>Domain Password 5:</preferenceName>
	2176	<preferenceType>password</preferenceType>
	2177	<preferenceValues></preferenceValues>
	2178	<selectedValue></selectedValue>
	2179	</item>
	2180	<item><pluginName>Hydra: PostgreSQL</pluginName>
	2181	<pluginId>18660</pluginId>
	2182	<fullName>Hydra: PostgreSQL[entry]:Database name (optional) :</fullName>
	2183	<preferenceName>Database name (optional) :</preferenceName>
	2184	<preferenceType>entry</preferenceType>
	2185	<preferenceValues></preferenceValues>
	2186	<selectedValue></selectedValue>
	2187	</item>
	2188	<item><pluginName>Hydra: Cisco enable</pluginName>
	2189	<pluginId>15870</pluginId>
	2190	<fullName>Hydra: Cisco enable[entry]:Logon password :</fullName>
	2191	<preferenceName>Logon password :</preferenceName>
	2192	<preferenceType>entry</preferenceType>
	2193	<preferenceValues></preferenceValues>
	2194	<selectedValue></selectedValue>
	2195	</item>
	2196	<item><pluginName>Database settings</pluginName>
	2197	<pluginId>33815</pluginId>
	2198	<fullName>Database settings[entry]:Login :</fullName>
	2199	<preferenceName>Login :</preferenceName>
	2200	<preferenceType>entry</preferenceType>
	2201	<preferenceValues></preferenceValues>
	2202	<selectedValue></selectedValue>
	2203	</item>
	2204	<item><pluginName>Database settings</pluginName>
	2205	<pluginId>33815</pluginId>
	2206	<fullName>Database settings[password]:Password :</fullName>
	2207	<preferenceName>Password :</preferenceName>
	2208	<preferenceType>password</preferenceType>
	2209	<preferenceValues></preferenceValues>
	2210	<selectedValue></selectedValue>
	2211	</item>
	2212	<item><pluginName>Database settings</pluginName>
	2213	<pluginId>33815</pluginId>
	2214	<fullName>Database settings[radio]:DB Type :</fullName>
	2215	<preferenceName>DB Type :</preferenceName>
	2216	<preferenceType>radio</preferenceType>
	2217	<preferenceValues>Oracle;SQL Server;MySQL;DB2;Informix/DRDA;PostgreSQL</preferenceValues>
	2218	<selectedValue>Oracle;SQL Server;MySQL;DB2;Informix/DRDA;PostgreSQL</selectedValue>
	2219	</item>
	2220	<item><pluginName>Database settings</pluginName>
	2221	<pluginId>33815</pluginId>
	2222	<fullName>Database settings[entry]:Database SID :</fullName>
	2223	<preferenceName>Database SID :</preferenceName>
	2224	<preferenceType>entry</preferenceType>
	2225	<preferenceValues></preferenceValues>
	2226	<selectedValue></selectedValue>
	2227	</item>
	2228	<item><pluginName>Database settings</pluginName>
	2229	<pluginId>33815</pluginId>
	2230	<fullName>Database settings[entry]:Database port to use :</fullName>
	2231	<preferenceName>Database port to use :</preferenceName>
	2232	<preferenceType>entry</preferenceType>
	2233	<preferenceValues></preferenceValues>
	2234	<selectedValue></selectedValue>
	2235	</item>
	2236	<item><pluginName>Database settings</pluginName>
	2237	<pluginId>33815</pluginId>
	2238	<fullName>Database settings[radio]:Oracle auth type:</fullName>
	2239	<preferenceName>Oracle auth type:</preferenceName>
	2240	<preferenceType>radio</preferenceType>
	2241	<preferenceValues>NORMAL;SYSOPER;SYSDBA</preferenceValues>
	2242	<selectedValue>NORMAL;SYSOPER;SYSDBA</selectedValue>
	2243	</item>
	2244	<item><pluginName>Database settings</pluginName>
	2245	<pluginId>33815</pluginId>
	2246	<fullName>Database settings[radio]:SQL Server auth type:</fullName>
	2247	<preferenceName>SQL Server auth type:</preferenceName>
	2248	<preferenceType>radio</preferenceType>
	2249	<preferenceValues>Windows;SQL</preferenceValues>
	2250	<selectedValue>Windows;SQL</selectedValue>
	2251	</item>
	2252	<item><pluginName>Service Detection</pluginName>
	2253	<pluginId>22964</pluginId>
	2254	<fullName>Service Detection[radio]:Test SSL based services</fullName>
	2255	<preferenceName>Test SSL based services</preferenceName>
	2256	<preferenceType>radio</preferenceType>
	2257	<preferenceValues>Known SSL ports;All;None</preferenceValues>
	2258	<selectedValue>Known SSL ports;All;None</selectedValue>
	2259	</item>
	2260	<item><pluginName>Kerberos configuration</pluginName>
	2261	<pluginId>17351</pluginId>
	2262	<fullName>Kerberos configuration[entry]:Kerberos Key Distribution Center (KDC) :</fullName>
	2263	<preferenceName>Kerberos Key Distribution Center (KDC) :</preferenceName>
	2264	<preferenceType>entry</preferenceType>
	2265	<preferenceValues></preferenceValues>
	2266	<selectedValue></selectedValue>
	2267	</item>
	2268	<item><pluginName>Kerberos configuration</pluginName>
	2269	<pluginId>17351</pluginId>
	2270	<fullName>Kerberos configuration[entry]:Kerberos KDC Port :</fullName>
	2271	<preferenceName>Kerberos KDC Port :</preferenceName>
	2272	<preferenceType>entry</preferenceType>
	2273	<preferenceValues>88</preferenceValues>
	2274	<selectedValue>88</selectedValue>
	2275	</item>
	2276	<item><pluginName>Kerberos configuration</pluginName>
	2277	<pluginId>17351</pluginId>
	2278	<fullName>Kerberos configuration[radio]:Kerberos KDC Transport :</fullName>
	2279	<preferenceName>Kerberos KDC Transport :</preferenceName>
	2280	<preferenceType>radio</preferenceType>
	2281	<preferenceValues>udp;tcp</preferenceValues>
	2282	<selectedValue>udp;tcp</selectedValue>
	2283	</item>
	2284	<item><pluginName>Kerberos configuration</pluginName>
	2285	<pluginId>17351</pluginId>
	2286	<fullName>Kerberos configuration[entry]:Kerberos Realm (SSH only) :</fullName>
	2287	<preferenceName>Kerberos Realm (SSH only) :</preferenceName>
	2288	<preferenceType>entry</preferenceType>
	2289	<preferenceValues></preferenceValues>
	2290	<selectedValue></selectedValue>
	2291	</item>
	2292	<item><pluginName>Malicious Process Detection</pluginName>
	2293	<pluginId>59275</pluginId>
	2294	<fullName>Malicious Process Detection[file]:Additional MD5 hashes (optional) :</fullName>
	2295	<preferenceName>Additional MD5 hashes (optional) :</preferenceName>
	2296	<preferenceType>file</preferenceType>
	2297	<preferenceValues></preferenceValues>
	2298	<selectedValue></selectedValue>
	2299	</item>
	2300	<item><pluginName>Patch Management: WSUS Server Settings</pluginName>
	2301	<pluginId>57031</pluginId>
	2302	<fullName>Patch Management: WSUS Server Settings[entry]:WSUS Server :</fullName>
	2303	<preferenceName>WSUS Server :</preferenceName>
	2304	<preferenceType>entry</preferenceType>
	2305	<preferenceValues></preferenceValues>
	2306	<selectedValue></selectedValue>
	2307	</item>
	2308	<item><pluginName>Patch Management: WSUS Server Settings</pluginName>
	2309	<pluginId>57031</pluginId>
	2310	<fullName>Patch Management: WSUS Server Settings[entry]:WSUS Port :</fullName>
	2311	<preferenceName>WSUS Port :</preferenceName>
	2312	<preferenceType>entry</preferenceType>
	2313	<preferenceValues></preferenceValues>
	2314	<selectedValue></selectedValue>
	2315	</item>
	2316	<item><pluginName>Patch Management: WSUS Server Settings</pluginName>
	2317	<pluginId>57031</pluginId>
	2318	<fullName>Patch Management: WSUS Server Settings[entry]:WSUS Username :</fullName>
	2319	<preferenceName>WSUS Username :</preferenceName>
	2320	<preferenceType>entry</preferenceType>
	2321	<preferenceValues></preferenceValues>
	2322	<selectedValue></selectedValue>
	2323	</item>
	2324	<item><pluginName>Patch Management: WSUS Server Settings</pluginName>
	2325	<pluginId>57031</pluginId>
	2326	<fullName>Patch Management: WSUS Server Settings[password]:WSUS Password :</fullName>
	2327	<preferenceName>WSUS Password :</preferenceName>
	2328	<preferenceType>password</preferenceType>
	2329	<preferenceValues></preferenceValues>
	2330	<selectedValue></selectedValue>
	2331	</item>
	2332	<item><pluginName>Patch Management: WSUS Server Settings</pluginName>
	2333	<pluginId>57031</pluginId>
	2334	<fullName>Patch Management: WSUS Server Settings[checkbox]:SSL :</fullName>
	2335	<preferenceName>SSL :</preferenceName>
	2336	<preferenceType>checkbox</preferenceType>
	2337	<preferenceValues>no</preferenceValues>
	2338	<selectedValue>no</selectedValue>
	2339	</item>
	2340	<item><pluginName>Patch Management: WSUS Server Settings</pluginName>
	2341	<pluginId>57031</pluginId>
	2342	<fullName>Patch Management: WSUS Server Settings[checkbox]:Verify SSL Certificate :</fullName>
	2343	<preferenceName>Verify SSL Certificate :</preferenceName>
	2344	<preferenceType>checkbox</preferenceType>
	2345	<preferenceValues>no</preferenceValues>
	2346	<selectedValue>no</selectedValue>
	2347	</item>
	2348	<item><pluginName>Nessus SYN scanner</pluginName>
	2349	<pluginId>11219</pluginId>
	2350	<fullName>Nessus SYN scanner[radio]:Firewall detection :</fullName>
	2351	<preferenceName>Firewall detection :</preferenceName>
	2352	<preferenceType>radio</preferenceType>
	2353	<preferenceValues>Automatic (normal);Disabled (softer);Do not detect RST rate limitation (soft);Ignore closed ports (aggressive)</preferenceValues>
	2354	<selectedValue>Automatic (normal);Disabled (softer);Do not detect RST rate limitation (soft);Ignore closed ports (aggressive)</selectedValue>
	2355	</item>
	2356	<item><pluginName>SMTP settings</pluginName>
	2357	<pluginId>11038</pluginId>
	2358	<fullName>SMTP settings[entry]:Third party domain :</fullName>
	2359	<preferenceName>Third party domain :</preferenceName>
	2360	<preferenceType>entry</preferenceType>
	2361	<preferenceValues>example.com</preferenceValues>
	2362	<selectedValue>example.com</selectedValue>
	2363	</item>
	2364	<item><pluginName>SMTP settings</pluginName>
	2365	<pluginId>11038</pluginId>
	2366	<fullName>SMTP settings[entry]:From address :</fullName>
	2367	<preferenceName>From address :</preferenceName>
	2368	<preferenceType>entry</preferenceType>
	2369	<preferenceValues>[email protected]</preferenceValues>
	2370	<selectedValue>[email protected]</selectedValue>
	2371	</item>
	2372	<item><pluginName>SMTP settings</pluginName>
	2373	<pluginId>11038</pluginId>
	2374	<fullName>SMTP settings[entry]:To address :</fullName>
	2375	<preferenceName>To address :</preferenceName>
	2376	<preferenceType>entry</preferenceType>
	2377	<preferenceValues>postmaster@[AUTO_REPLACED_IP]</preferenceValues>
	2378	<selectedValue>postmaster@[AUTO_REPLACED_IP]</selectedValue>
	2379	</item>
	2380	<item><pluginName>SMB Use Host SID to Enumerate Local Users</pluginName>
	2381	<pluginId>10860</pluginId>
	2382	<fullName>SMB Use Host SID to Enumerate Local Users[entry]:Start UID :</fullName>
	2383	<preferenceName>Start UID :</preferenceName>
	2384	<preferenceType>entry</preferenceType>
	2385	<preferenceValues>1000</preferenceValues>
	2386	<selectedValue>1000</selectedValue>
	2387	</item>
	2388	<item><pluginName>SMB Use Host SID to Enumerate Local Users</pluginName>
	2389	<pluginId>10860</pluginId>
	2390	<fullName>SMB Use Host SID to Enumerate Local Users[entry]:End UID :</fullName>
	2391	<preferenceName>End UID :</preferenceName>
	2392	<preferenceType>entry</preferenceType>
	2393	<preferenceValues>1200</preferenceValues>
	2394	<selectedValue>1200</selectedValue>
	2395	</item>
	2396	<item><pluginName>Web mirroring</pluginName>
	2397	<pluginId>10662</pluginId>
	2398	<fullName>Web mirroring[entry]:Number of pages to mirror :</fullName>
	2399	<preferenceName>Number of pages to mirror :</preferenceName>
	2400	<preferenceType>entry</preferenceType>
	2401	<preferenceValues>1000</preferenceValues>
	2402	<selectedValue>1000</selectedValue>
	2403	</item>
	2404	<item><pluginName>Web mirroring</pluginName>
	2405	<pluginId>10662</pluginId>
	2406	<fullName>Web mirroring[entry]:Maximum depth :</fullName>
	2407	<preferenceName>Maximum depth :</preferenceName>
	2408	<preferenceType>entry</preferenceType>
	2409	<preferenceValues>6</preferenceValues>
	2410	<selectedValue>6</selectedValue>
	2411	</item>
	2412	<item><pluginName>Web mirroring</pluginName>
	2413	<pluginId>10662</pluginId>
	2414	<fullName>Web mirroring[entry]:Start page :</fullName>
	2415	<preferenceName>Start page :</preferenceName>
	2416	<preferenceType>entry</preferenceType>
	2417	<preferenceValues>/</preferenceValues>
	2418	<selectedValue>/</selectedValue>
	2419	</item>
	2420	<item><pluginName>Web mirroring</pluginName>
	2421	<pluginId>10662</pluginId>
	2422	<fullName>Web mirroring[entry]:Excluded items regex :</fullName>
	2423	<preferenceName>Excluded items regex :</preferenceName>
	2424	<preferenceType>entry</preferenceType>
	2425	<preferenceValues>/server_privileges\.php\|logout</preferenceValues>
	2426	<selectedValue>/server_privileges\.php\|logout</selectedValue>
	2427	</item>
	2428	<item><pluginName>Web mirroring</pluginName>
	2429	<pluginId>10662</pluginId>
	2430	<fullName>Web mirroring[checkbox]:Follow dynamic pages :</fullName>
	2431	<preferenceName>Follow dynamic pages :</preferenceName>
	2432	<preferenceType>checkbox</preferenceType>
	2433	<preferenceValues>no</preferenceValues>
	2434	<selectedValue>yes</selectedValue>
	2435	</item>
	2436	</PluginsPreferences>
	2437	</Preferences>
	2438	<FamilySelection><FamilyItem><FamilyName>MacOS X Local Security Checks</FamilyName>
	2439	<Status>enabled</Status>
	2440	</FamilyItem>
	2441	<FamilyItem><FamilyName>DNS</FamilyName>
	2442	<Status>enabled</Status>
	2443	</FamilyItem>
	2444	<FamilyItem><FamilyName>Gain a shell remotely</FamilyName>
	2445	<Status>enabled</Status>
	2446	</FamilyItem>
	2447	<FamilyItem><FamilyName>Solaris Local Security Checks</FamilyName>
	2448	<Status>enabled</Status>
	2449	</FamilyItem>
	2450	<FamilyItem><FamilyName>Port scanners</FamilyName>
	2451	<Status>mixed</Status>
	2452	</FamilyItem>
	2453	<FamilyItem><FamilyName>Web Servers</FamilyName>
	2454	<Status>enabled</Status>
	2455	</FamilyItem>
	2456	<FamilyItem><FamilyName>SMTP problems</FamilyName>
	2457	<Status>enabled</Status>
	2458	</FamilyItem>
	2459	<FamilyItem><FamilyName>Service detection</FamilyName>
	2460	<Status>enabled</Status>
	2461	</FamilyItem>
	2462	<FamilyItem><FamilyName>CGI abuses : XSS</FamilyName>
	2463	<Status>enabled</Status>
	2464	</FamilyItem>
	2465	<FamilyItem><FamilyName>Debian Local Security Checks</FamilyName>
	2466	<Status>enabled</Status>
	2467	</FamilyItem>
	2468	<FamilyItem><FamilyName>Databases</FamilyName>
	2469	<Status>enabled</Status>
	2470	</FamilyItem>
	2471	<FamilyItem><FamilyName>Mandriva Local Security Checks</FamilyName>
	2472	<Status>enabled</Status>
	2473	</FamilyItem>
	2474	<FamilyItem><FamilyName>Default Unix Accounts</FamilyName>
	2475	<Status>enabled</Status>
	2476	</FamilyItem>
	2477	<FamilyItem><FamilyName>Denial of Service</FamilyName>
	2478	<Status>enabled</Status>
	2479	</FamilyItem>
	2480	<FamilyItem><FamilyName>Settings</FamilyName>
	2481	<Status>enabled</Status>
	2482	</FamilyItem>
	2483	<FamilyItem><FamilyName>Backdoors</FamilyName>
	2484	<Status>enabled</Status>
	2485	</FamilyItem>
	2486	<FamilyItem><FamilyName>HP-UX Local Security Checks</FamilyName>
	2487	<Status>enabled</Status>
	2488	</FamilyItem>
	2489	<FamilyItem><FamilyName>VMware ESX Local Security Checks</FamilyName>
	2490	<Status>enabled</Status>
	2491	</FamilyItem>
	2492	<FamilyItem><FamilyName>SCADA</FamilyName>
	2493	<Status>enabled</Status>
	2494	</FamilyItem>
	2495	<FamilyItem><FamilyName>General</FamilyName>
	2496	<Status>enabled</Status>
	2497	</FamilyItem>
	2498	<FamilyItem><FamilyName>Red Hat Local Security Checks</FamilyName>
	2499	<Status>enabled</Status>
	2500	</FamilyItem>
	2501	<FamilyItem><FamilyName>FreeBSD Local Security Checks</FamilyName>
	2502	<Status>enabled</Status>
	2503	</FamilyItem>
	2504	<FamilyItem><FamilyName>CGI abuses</FamilyName>
	2505	<Status>enabled</Status>
	2506	</FamilyItem>
	2507	<FamilyItem><FamilyName>Netware</FamilyName>
	2508	<Status>enabled</Status>
	2509	</FamilyItem>
	2510	<FamilyItem><FamilyName>Windows : User management</FamilyName>
	2511	<Status>enabled</Status>
	2512	</FamilyItem>
	2513	<FamilyItem><FamilyName>Peer-To-Peer File Sharing</FamilyName>
	2514	<Status>enabled</Status>
	2515	</FamilyItem>
	2516	<FamilyItem><FamilyName>Slackware Local Security Checks</FamilyName>
	2517	<Status>enabled</Status>
	2518	</FamilyItem>
	2519	<FamilyItem><FamilyName>SNMP</FamilyName>
	2520	<Status>enabled</Status>
	2521	</FamilyItem>
	2522	<FamilyItem><FamilyName>Gentoo Local Security Checks</FamilyName>
	2523	<Status>enabled</Status>
	2524	</FamilyItem>
	2525	<FamilyItem><FamilyName>Fedora Local Security Checks</FamilyName>
	2526	<Status>enabled</Status>
	2527	</FamilyItem>
	2528	<FamilyItem><FamilyName>Misc.</FamilyName>
	2529	<Status>enabled</Status>
	2530	</FamilyItem>
	2531	<FamilyItem><FamilyName>Ubuntu Local Security Checks</FamilyName>
	2532	<Status>enabled</Status>
	2533	</FamilyItem>
	2534	<FamilyItem><FamilyName>FTP</FamilyName>
	2535	<Status>enabled</Status>
	2536	</FamilyItem>
	2537	<FamilyItem><FamilyName>Firewalls</FamilyName>
	2538	<Status>enabled</Status>
	2539	</FamilyItem>
	2540	<FamilyItem><FamilyName>Windows : Microsoft Bulletins</FamilyName>
	2541	<Status>enabled</Status>
	2542	</FamilyItem>
	2543	<FamilyItem><FamilyName>SuSE Local Security Checks</FamilyName>
	2544	<Status>enabled</Status>
	2545	</FamilyItem>
	2546	<FamilyItem><FamilyName>Policy Compliance</FamilyName>
	2547	<Status>enabled</Status>
	2548	</FamilyItem>
	2549	<FamilyItem><FamilyName>Windows</FamilyName>
	2550	<Status>enabled</Status>
	2551	</FamilyItem>
	2552	<FamilyItem><FamilyName>RPC</FamilyName>
	2553	<Status>enabled</Status>
	2554	</FamilyItem>
	2555	<FamilyItem><FamilyName>Finger abuses</FamilyName>
	2556	<Status>enabled</Status>
	2557	</FamilyItem>
	2558	<FamilyItem><FamilyName>CentOS Local Security Checks</FamilyName>
	2559	<Status>enabled</Status>
	2560	</FamilyItem>
	2561	<FamilyItem><FamilyName>AIX Local Security Checks</FamilyName>
	2562	<Status>enabled</Status>
	2563	</FamilyItem>
	2564	<FamilyItem><FamilyName>CISCO</FamilyName>
	2565	<Status>enabled</Status>
	2566	</FamilyItem>
	2567	<FamilyItem><FamilyName>Junos Local Security Checks</FamilyName>
	2568	<Status>enabled</Status>
	2569	</FamilyItem>
	2570	<FamilyItem><FamilyName>Mobile Devices</FamilyName>
	2571	<Status>enabled</Status>
	2572	</FamilyItem>
	2573	<FamilyItem><FamilyName>Scientific Linux Local Security Checks</FamilyName>
	2574	<Status>enabled</Status>
	2575	</FamilyItem>
	2576	<FamilyItem><FamilyName>Brute force attacks</FamilyName>
	2577	<Status>enabled</Status>
	2578	</FamilyItem>
	2579	</FamilySelection>
	2580	<IndividualPluginSelection><PluginItem><PluginId>34220</PluginId>
	2581	<PluginName>Netstat Portscanner (WMI)</PluginName>
	2582	<Family>Port scanners</Family>
	2583	<Status>enabled</Status>
	2584	</PluginItem>
	2585	<PluginItem><PluginId>14274</PluginId>
	2586	<PluginName>Nessus SNMP Scanner</PluginName>
	2587	<Family>Port scanners</Family>
	2588	<Status>enabled</Status>
	2589	</PluginItem>
	2590	<PluginItem><PluginId>14272</PluginId>
	2591	<PluginName>netstat portscanner (SSH)</PluginName>
	2592	<Family>Port scanners</Family>
	2593	<Status>enabled</Status>
	2594	</PluginItem>
	2595	<PluginItem><PluginId>10180</PluginId>
	2596	<PluginName>Ping the remote host</PluginName>
	2597	<Family>Port scanners</Family>
	2598	<Status>enabled</Status>
	2599	</PluginItem>
	2600	<PluginItem><PluginId>11219</PluginId>
	2601	<PluginName>Nessus SYN scanner</PluginName>
	2602	<Family>Port scanners</Family>
	2603	<Status>enabled</Status>
	2604	</PluginItem>
	2605	</IndividualPluginSelection>
	2606	</Policy>
	2607	<Report name="Remote" xmlns:cm="http://www.nessus.org/cm">
	2608	<ReportHost name="preprod.boardvantage.net"><HostProperties>
	2609	<tag name="HOST_END">Tue Jun 25 10:39:42 2013</tag>
	2610	<tag name="patch-summary-total-cves">0</tag>
	2611	<tag name="system-type">firewall</tag>
	2612	<tag name="operating-system">CISCO PIX 7.0</tag>
	2613	<tag name="host-ip">12.233.108.201</tag>
	2614	<tag name="host-fqdn">preprod.boardvantage.net</tag>
	2615	<tag name="HOST_START">Tue Jun 25 10:32:42 2013</tag>
	2616	</HostProperties>
	2617	<ReportItem port="0" svc_name="general" protocol="tcp" severity="0" pluginID="19506" pluginName="Nessus Scan Information" pluginFamily="Settings">
	2618	<description>This script displays, for each tested host, information about the scan itself :
	2619
	2620	- The version of the plugin set
	2621	- The type of plugin feed (HomeFeed or ProfessionalFeed)
	2622	- The version of the Nessus Engine
	2623	- The port scanner(s) used
	2624	- The port range scanned
	2625	- Whether credentialed or third-party patch management checks are possible
	2626	- The date of the scan
	2627	- The duration of the scan
	2628	- The number of hosts scanned in parallel
	2629	- The number of checks done in parallel</description>
	2630	<fname>scan_info.nasl</fname>
	2631	<plugin_modification_date>2013/05/31</plugin_modification_date>
	2632	<plugin_name>Nessus Scan Information</plugin_name>
	2633	<plugin_publication_date>2005/08/26</plugin_publication_date>
	2634	<plugin_type>summary</plugin_type>
	2635	<risk_factor>None</risk_factor>
	2636	<script_version>$Revision: 1.59 $</script_version>
	2637	<solution>n/a</solution>
	2638	<synopsis>Information about the Nessus scan.</synopsis>
	2639	<plugin_output>Information about this scan :
	2640
	2641	Nessus version : 5.2.1
	2642	Plugin feed version : 201306251015
	2643	Type of plugin feed : HomeFeed (Non-commercial use only)
	2644	Scanner IP : 172.16.138.167
	2645	Port scanner(s) : nessus_syn_scanner
	2646	Port range : default
	2647	Thorough tests : no
	2648	Experimental tests : no
	2649	Paranoia level : 1
	2650	Report Verbosity : 1
	2651	Safe checks : yes
	2652	Optimize the test : yes
	2653	Credentialed checks : no
	2654	Patch management checks : None
	2655	CGI scanning : enabled
	2656	Web application tests : enabled
	2657	Web app tests - Test mode : some_pairs
	2658	Web app tests - Try all HTTP methods : no
	2659	Web app tests - Maximum run time : 60 minutes.
	2660	Web app tests - Stop at first flaw : CGI
	2661	Max hosts : 80
	2662	Max checks : 5
	2663	Recv timeout : 5
	2664	Backports : None
	2665	Allow post-scan editing: Yes
	2666	Scan Start Date : 2013/6/25 10:32
	2667	Scan duration : 416 sec
	2668	</plugin_output>
	2669	</ReportItem>
	2670	<ReportItem port="0" svc_name="general" protocol="tcp" severity="0" pluginID="54615" pluginName="Device Type" pluginFamily="General">
	2671	<description>Based on the remote operating system, it is possible to determine what the remote system type is (eg: a printer, router, general-purpose computer, etc).</description>
	2672	<fname>device_type.nasl</fname>
	2673	<plugin_modification_date>2011/05/23</plugin_modification_date>
	2674	<plugin_name>Device Type</plugin_name>
	2675	<plugin_publication_date>2011/05/23</plugin_publication_date>
	2676	<plugin_type>combined</plugin_type>
	2677	<risk_factor>None</risk_factor>
	2678	<script_version>$Revision: 1.1 $</script_version>
	2679	<solution>n/a</solution>
	2680	<synopsis>It is possible to guess the remote device type.</synopsis>
	2681	<plugin_output>Remote device type : firewall
	2682	Confidence level : 70
	2683	</plugin_output>
	2684	</ReportItem>
	2685	<ReportItem port="0" svc_name="general" protocol="tcp" severity="0" pluginID="45590" pluginName="Common Platform Enumeration (CPE)" pluginFamily="General">
	2686	<description>By using information obtained from a Nessus scan, this plugin reports CPE (Common Platform Enumeration) matches for various hardware and software products found on a host.
	2687
	2688	Note that if an official CPE is not available for the product, this plugin computes the best possible CPE based on the information available from the scan.</description>
	2689	<fname>cpe.nbin</fname>
	2690	<plugin_modification_date>2013/05/13</plugin_modification_date>
	2691	<plugin_name>Common Platform Enumeration (CPE)</plugin_name>
	2692	<plugin_publication_date>2010/04/21</plugin_publication_date>
	2693	<plugin_type>local</plugin_type>
	2694	<risk_factor>None</risk_factor>
	2695	<script_version>$Revision: 1.19 $</script_version>
	2696	<see_also>http://cpe.mitre.org/</see_also>
	2697	<solution>n/a</solution>
	2698	<synopsis>It is possible to enumerate CPE names that matched on the remote system.</synopsis>
	2699	<plugin_output>
	2700	The remote operating system matched the following CPE :
	2701
	2702	cpe:/o:cisco:pix_firewall:7.0
	2703	</plugin_output>
	2704	</ReportItem>
	2705	<ReportItem port="0" svc_name="general" protocol="tcp" severity="0" pluginID="11936" pluginName="OS Identification" pluginFamily="General">
	2706	<description>Using a combination of remote probes (TCP/IP, SMB, HTTP, NTP, SNMP, etc...), it is possible to guess the name of the remote operating system in use. It is also sometimes possible to guess the version of the operating system.</description>
	2707	<fname>os_fingerprint.nasl</fname>
	2708	<plugin_modification_date>2013/04/01</plugin_modification_date>
	2709	<plugin_name>OS Identification</plugin_name>
	2710	<plugin_publication_date>2003/12/09</plugin_publication_date>
	2711	<plugin_type>combined</plugin_type>
	2712	<risk_factor>None</risk_factor>
	2713	<script_version>$Revision: 2.34 $</script_version>
	2714	<solution>n/a</solution>
	2715	<synopsis>It is possible to guess the remote operating system.</synopsis>
	2716	<plugin_output>
	2717	Remote operating system : CISCO PIX 7.0
	2718	Confidence Level : 70
	2719	Method : SinFP
	2720
	2721
	2722	The remote host is running CISCO PIX 7.0</plugin_output>
	2723	</ReportItem>
	2724	<ReportItem port="0" svc_name="general" protocol="tcp" severity="0" pluginID="12053" pluginName="Host Fully Qualified Domain Name (FQDN) Resolution" pluginFamily="General">
	2725	<description>Nessus was able to resolve the FQDN of the remote host.</description>
	2726	<fname>fqdn.nasl</fname>
	2727	<plugin_modification_date>2012/09/28</plugin_modification_date>
	2728	<plugin_name>Host Fully Qualified Domain Name (FQDN) Resolution</plugin_name>
	2729	<plugin_publication_date>2004/02/11</plugin_publication_date>
	2730	<plugin_type>remote</plugin_type>
	2731	<risk_factor>None</risk_factor>
	2732	<script_version>$Revision: 1.12 $</script_version>
	2733	<solution>n/a</solution>
	2734	<synopsis>It was possible to resolve the name of the remote host.</synopsis>
	2735	<plugin_output>
	2736	12.233.108.201 resolves as preprod.boardvantage.net.
	2737	</plugin_output>
	2738	</ReportItem>
	2739	<ReportItem port="443" svc_name="https?" protocol="tcp" severity="0" pluginID="11219" pluginName="Nessus SYN scanner" pluginFamily="Port scanners">
	2740	<description>This plugin is a SYN 'half-open' port scanner.
	2741	It shall be reasonably quick even against a firewalled target.
	2742
	2743	Note that SYN scanners are less intrusive than TCP (full connect) scanners against broken services, but they might kill lame misconfigured firewalls. They might also leave unclosed connections on the remote target, if the network is loaded.</description>
	2744	<fname>nessus_syn_scanner.nbin</fname>
	2745	<plugin_modification_date>2011/04/05</plugin_modification_date>
	2746	<plugin_name>Nessus SYN scanner</plugin_name>
	2747	<plugin_type>remote</plugin_type>
	2748	<risk_factor>None</risk_factor>
	2749	<script_version>$Revision: 1.14 $</script_version>
	2750	<solution>Protect your target with an IP filter.</solution>
	2751	<synopsis>It is possible to determine which TCP ports are open.</synopsis>
	2752	<plugin_output>Port 443/tcp was found to be open</plugin_output>
	2753	</ReportItem>
	2754	</ReportHost>
	2755	</Report>
	2756	</NessusClientData_v2>

+60

-0

test_cases/plugins/nexpose_full.py less more

	0	#!/usr/bin/env python2.7
	1	# -- coding: utf-8 --
	2
	3	'''
	4	Faraday Penetration Test IDE
	5	Copyright (C) 2013 Infobyte LLC (http://www.infobytesec.com/)
	6	See the file 'doc/LICENSE' for the license information
	7
	8	'''
	9
	10	import unittest
	11	import sys
	12	import os
	13	sys.path.append(os.path.abspath(os.getcwd()))
	14	# module's path has a dash (-) in it, so we need to do this...
	15	import importlib
	16	plugin = importlib.import_module('plugins.repo.nexpose-full.plugin')
	17	NexposeFullPlugin = plugin.NexposeFullPlugin
	18	from model.common import (
	19	factory, ModelObjectVuln, ModelObjectCred,
	20	ModelObjectVulnWeb, ModelObjectNote
	21	)
	22	from model.hosts import (
	23	Host, Service, Interface
	24	)
	25	from plugins.modelactions import modelactions
	26
	27
	28	class NexposeTest(unittest.TestCase):
	29	cd = os.path.dirname(os.path.realpath(__file__))
	30
	31	def setUp(self):
	32	self.plugin = NexposeFullPlugin()
	33	factory.register(Host)
	34	factory.register(Interface)
	35	factory.register(Service)
	36	factory.register(ModelObjectVuln)
	37	factory.register(ModelObjectVulnWeb)
	38	factory.register(ModelObjectNote)
	39	factory.register(ModelObjectCred)
	40
	41	def test_Plugin_creates_apropiate_objects(self):
	42	self.plugin.processReport(self.cd + '/nexpose_full_xml')
	43	action = self.plugin._pending_actions.get(block=True)
	44	self.assertEqual(action[0], modelactions.CADDHOST)
	45	self.assertEqual(action[1], "192.168.1.1")
	46	action = self.plugin._pending_actions.get(block=True)
	47	self.assertEqual(action[0], modelactions.CADDINTERFACE)
	48	self.assertEqual(action[2], "192.168.1.1")
	49	for i in range(131):
	50	action = self.plugin._pending_actions.get(block=True)
	51	self.assertEqual(action[0], modelactions.CADDVULNHOST)
	52	action = self.plugin._pending_actions.get(block=True)
	53	self.assertEqual(action[0], modelactions.CADDSERVICEINT)
	54	for i in range(15):
	55	action = self.plugin._pending_actions.get(block=True)
	56	self.assertEqual(action[0], modelactions.CADDVULNSRV)
	57
	58	if __name__ == '__main__':
	59	unittest.main()

+12091

-0

test_cases/plugins/nexpose_full_xml less more

	0	<NexposeReport version="1.0">
	1	<scans>
	2	<scan id="1" name="Localhost" startTime="20131127T050242739" endTime="20131127T115513233" status="stopped"/>
	3	</scans><nodes>
	4	<node address="192.168.1.1" status="alive" device-id="7">
	5	<fingerprints>
	6	<os certainty="0.70" device-class="General" vendor="Linux" family="Linux" product="Linux" version="2.6.9"/>
	7	</fingerprints>
	8	<tests>
	9	<test id="tcp-seq-num-approximation" status="vulnerable-exploited">
	10
	11	<Paragraph>
	12	<Paragraph>TCP reset with incorrect sequence number triggered this fault on 192.168.1.1:21: Connection reset by peer</Paragraph></Paragraph>
	13	</test>
	14
	15	<test id="generic-icmp-netmask" status="not-vulnerable">
	16
	17	<Paragraph>
	18	<Paragraph>No response</Paragraph></Paragraph>
	19	</test>
	20
	21	<test id="generic-icmp-timestamp" status="vulnerable-exploited">
	22
	23	<Paragraph>
	24	<Paragraph>Remote system time: 03:49:09.250 UTC</Paragraph></Paragraph>
	25	</test>
	26
	27	<test id="generic-tcp-timestamp" status="vulnerable-exploited">
	28
	29	<Paragraph>
	30	<Paragraph>Apparent system boot time: Wed Nov 27 00:21:55 UTC 2013</Paragraph></Paragraph>
	31	</test>
	32	</tests>
	33	<endpoints>
	34	<endpoint protocol="tcp" port="21" status="open">
	35	<services>
	36	<service name="FTP">
	37	<configuration>
	38	<config name="ftp.banner">220 Welcome to TBS FTP Server.</config>
	39	</configuration>
	40	<tests>
	41	<test id="ftp-anonymous-writeable-directories" status="error">
	42
	43	<Paragraph>
	44	<Paragraph>Could not connect to endpoint with any known anonymous credentials</Paragraph></Paragraph>
	45	</test>
	46
	47	<test id="ftp-proftpd-1-3-3c-backdoor" status="not-vulnerable">
	48
	49	<Paragraph>
	50	<Paragraph>Returned the following is a result to executing 'id;uname -a;': 202 Command not implemented, superfluous at this site.</Paragraph></Paragraph>
	51	</test>
	52
	53	<test id="ftp-default-login-admin-null" status="not-vulnerable">
	54
	55	<Paragraph>
	56	<Paragraph>Running vulnerable FTP service.</Paragraph>Was not able to authenticate to the FTP service with no credentials.</Paragraph>
	57	</test>
	58
	59	<test id="ftp-default-login-admin-passwd" status="not-vulnerable">
	60
	61	<Paragraph>
	62	<Paragraph>Running vulnerable FTP service.</Paragraph>Was not able to authenticate to the FTP service with no credentials.</Paragraph>
	63	</test>
	64
	65	<test id="ftp-default-login-admin-password" status="not-vulnerable">
	66
	67	<Paragraph>
	68	<Paragraph>Running vulnerable FTP service.</Paragraph>Was not able to authenticate to the FTP service with no credentials.</Paragraph>
	69	</test>
	70
	71	<test id="ftp-default-login-administrator-null" status="not-vulnerable">
	72
	73	<Paragraph>
	74	<Paragraph>Running vulnerable FTP service.</Paragraph>Was not able to authenticate to the FTP service with no credentials.</Paragraph>
	75	</test>
	76
	77	<test id="ftp-default-login-administrator-passwd" status="not-vulnerable">
	78
	79	<Paragraph>
	80	<Paragraph>Running vulnerable FTP service.</Paragraph>Was not able to authenticate to the FTP service with no credentials.</Paragraph>
	81	</test>
	82
	83	<test id="ftp-default-login-administrator-password" status="not-vulnerable">
	84
	85	<Paragraph>
	86	<Paragraph>Running vulnerable FTP service.</Paragraph>Was not able to authenticate to the FTP service with no credentials.</Paragraph>
	87	</test>
	88
	89	<test id="ftp-generic-0007" status="not-vulnerable">
	90
	91	<Paragraph>
	92	<Paragraph>Server supports AUTH mechanism TLS</Paragraph></Paragraph>
	93	</test>
	94
	95	<test id="ftp-generic-0001" status="not-vulnerable">
	96
	97	<Paragraph>
	98	<Paragraph>Running vulnerable FTP service.</Paragraph>Was not able to authenticate to the FTP service with no credentials.</Paragraph>
	99	</test>
	100
	101	<test id="ftp-generic-0002" status="not-vulnerable">
	102
	103	<Paragraph>
	104	<Paragraph>Running vulnerable FTP service.</Paragraph>Was not able to authenticate to the FTP service with no credentials.</Paragraph>
	105	</test>
	106
	107	<test id="ftp-generic-0003" status="not-vulnerable">
	108
	109	<Paragraph>
	110	<Paragraph>Running vulnerable FTP service.</Paragraph>Was not able to authenticate to the FTP service with no credentials.</Paragraph>
	111	</test>
	112
	113	<test id="ftp-generic-0004" status="not-vulnerable">
	114
	115	<Paragraph>
	116	<Paragraph>Running vulnerable FTP service.</Paragraph>Was not able to authenticate to the FTP service with no credentials.</Paragraph>
	117	</test>
	118
	119	<test id="ftp-generic-0005" status="not-vulnerable">
	120
	121	<Paragraph>
	122	<Paragraph>Running vulnerable FTP service.</Paragraph>Was not able to authenticate to the FTP service with no credentials.</Paragraph>
	123	</test>
	124
	125	<test id="ftp-generic-0006" status="not-vulnerable">
	126
	127	<Paragraph>
	128	<Paragraph>Running vulnerable FTP service.</Paragraph>Was not able to authenticate to the FTP service with no credentials.</Paragraph>
	129	</test>
	130	</tests>
	131	</service>
	132	</services>
	133	</endpoint>
	134
	135	<endpoint protocol="tcp" port="22" status="open">
	136	<services>
	137	<service name="SSH">
	138	<fingerprints>
	139	<fingerprint certainty="0.90" family="Dropbear" product="Dropbear" version="0.51"/>
	140	</fingerprints>
	141	<configuration>
	142	<config name="ssh.banner">SSH-2.0-dropbear_0.51</config>
	143	<config name="ssh.protocol.version">2.0</config>
	144	<config name="ssh.rsa.pubkey.fingerprint">6305014FCD096DADED95AE89192CB8BC</config>
	145	</configuration>
	146	<tests>
	147	<test id="ssh-default-account-admin-password-admin" status="not-vulnerable">
	148
	149	<Paragraph>
	150	<Paragraph>Running vulnerable SSH service.</Paragraph>Was not able to authenticate to the SSH service with no credentials.</Paragraph>
	151	</test>
	152
	153	<test id="ssh-default-account-admin-password-password" status="not-vulnerable">
	154
	155	<Paragraph>
	156	<Paragraph>Running vulnerable SSH service.</Paragraph>Was not able to authenticate to the SSH service with no credentials.</Paragraph>
	157	</test>
	158
	159	<test id="ssh-default-account-root-no-password" status="not-vulnerable">
	160
	161	<Paragraph>
	162	<Paragraph>Running vulnerable SSH service.</Paragraph>Was not able to authenticate to the SSH service with no credentials.</Paragraph>
	163	</test>
	164
	165	<test id="ssh-default-account-root-password-password" status="not-vulnerable">
	166
	167	<Paragraph>
	168	<Paragraph>Running vulnerable SSH service.</Paragraph>Was not able to authenticate to the SSH service with no credentials.</Paragraph>
	169	</test>
	170
	171	<test id="ssh-default-account-root-password-root" status="vulnerable-exploited">
	172
	173	<Paragraph>
	174	<Paragraph>Running vulnerable SSH service.</Paragraph>Successfully authenticated to the SSH service with credentials: uid[root] pw[root] realm[null]</Paragraph>
	175	</test>
	176
	177	<test id="ssh-default-account-root-password-toor" status="not-vulnerable">
	178
	179	<Paragraph>
	180	<Paragraph>Running vulnerable SSH service.</Paragraph>Was not able to authenticate to the SSH service with no credentials.</Paragraph>
	181	</test>
	182
	183	<test id="ssh-generic-0003" status="skipped-version">
	184
	185	<Paragraph>
	186	<Paragraph>Running not-vulnerable SSH service: Dropbear 0.51.</Paragraph></Paragraph>
	187	</test>
	188
	189	<test id="ssh-iphone-default-account-root-password-alpine" status="not-vulnerable">
	190
	191	<Paragraph>
	192	<Paragraph>Running vulnerable SSH service.</Paragraph>Was not able to authenticate to the SSH service with no credentials.</Paragraph>
	193	</test>
	194
	195	<test id="ssh-iphone-default-account-root-password-dottie" status="not-vulnerable">
	196
	197	<Paragraph>
	198	<Paragraph>Running vulnerable SSH service.</Paragraph>Was not able to authenticate to the SSH service with no credentials.</Paragraph>
	199	</test>
	200
	201	<test id="ssh-openssh-0001" status="skipped-version">
	202
	203	<Paragraph>
	204	<Paragraph>Running not-vulnerable SSH service: Dropbear 0.51.</Paragraph></Paragraph>
	205	</test>
	206
	207	<test id="ssh-openssh-0006" status="skipped-version">
	208
	209	<Paragraph>
	210	<Paragraph>Running not-vulnerable SSH service: Dropbear 0.51.</Paragraph></Paragraph>
	211	</test>
	212
	213	<test id="ssh-openssh-0007" status="skipped-version">
	214
	215	<Paragraph>
	216	<Paragraph>Running not-vulnerable SSH service: Dropbear 0.51.</Paragraph></Paragraph>
	217	</test>
	218
	219	<test id="ssh-openssh-0010" status="skipped-version">
	220
	221	<Paragraph>
	222	<Paragraph>Running not-vulnerable SSH service: Dropbear 0.51.</Paragraph></Paragraph>
	223	</test>
	224
	225	<test id="ssh-pragma-sshredder-overflow" status="skipped-version">
	226
	227	<Paragraph>
	228	<Paragraph>Running not-vulnerable SSH service: Dropbear 0.51.</Paragraph></Paragraph>
	229	</test>
	230
	231	<test id="ssh-suse-default-account-suse-gm-password-123456" status="not-vulnerable">
	232
	233	<Paragraph>
	234	<Paragraph>Running vulnerable SSH service.</Paragraph>Was not able to authenticate to the SSH service with no credentials.</Paragraph>
	235	</test>
	236
	237	<test id="ssh-openssh-pam-multiple-vulns" status="skipped-version">
	238
	239	<Paragraph>
	240	<Paragraph>Running not-vulnerable SSH service: Dropbear 0.51.</Paragraph></Paragraph>
	241	</test>
	242
	243	<test id="openssl-debian-weak-keys" status="not-vulnerable">
	244
	245	<Paragraph>
	246	<Paragraph>SSH public key with fingerprint 6305014FCD096DADED95AE89192CB8BC is not a known weak key</Paragraph></Paragraph>
	247	</test>
	248
	249	<test id="ssh-default-account-guest-password-guest" status="not-vulnerable">
	250
	251	<Paragraph>
	252	<Paragraph>Running vulnerable SSH service.</Paragraph>Was not able to authenticate to the SSH service with no credentials.</Paragraph>
	253	</test>
	254
	255	<test id="ssh-default-account-vmware-password-vmware" status="not-vulnerable">
	256
	257	<Paragraph>
	258	<Paragraph>Running vulnerable SSH service.</Paragraph>Was not able to authenticate to the SSH service with no credentials.</Paragraph>
	259	</test>
	260
	261	<test id="ssh-openssh-0003" status="skipped-version">
	262
	263	<Paragraph>
	264	<Paragraph>Running not-vulnerable SSH service: Dropbear 0.51.</Paragraph></Paragraph>
	265	</test>
	266
	267	<test id="ssh-openssh-0005" status="skipped-version">
	268
	269	<Paragraph>
	270	<Paragraph>Running not-vulnerable SSH service: Dropbear 0.51.</Paragraph></Paragraph>
	271	</test>
	272
	273	<test id="ssh-openssh-0008" status="skipped-version">
	274
	275	<Paragraph>
	276	<Paragraph>Running not-vulnerable SSH service: Dropbear 0.51.</Paragraph></Paragraph>
	277	</test>
	278
	279	<test id="ssh-openssh-0009" status="skipped-version">
	280
	281	<Paragraph>
	282	<Paragraph>Running not-vulnerable SSH service: Dropbear 0.51.</Paragraph></Paragraph>
	283	</test>
	284
	285	<test id="ssh-sshinc-0002" status="skipped-version">
	286
	287	<Paragraph>
	288	<Paragraph>Running not-vulnerable SSH service: Dropbear 0.51.</Paragraph></Paragraph>
	289	</test>
	290
	291	<test id="ssh-sshinc-0007" status="skipped-version">
	292
	293	<Paragraph>
	294	<Paragraph>Running not-vulnerable SSH service: Dropbear 0.51.</Paragraph></Paragraph>
	295	</test>
	296
	297	<test id="ssh-v1-supported" status="skipped-version">
	298
	299	<Paragraph>
	300	<Paragraph>Running not-vulnerable SSH service.</Paragraph></Paragraph>
	301	</test>
	302
	303	<test id="ssh-openssh-0002" status="skipped-version">
	304
	305	<Paragraph>
	306	<Paragraph>Running not-vulnerable SSH service: Dropbear 0.51.</Paragraph></Paragraph>
	307	</test>
	308
	309	<test id="ssh-openssh-0004" status="skipped-version">
	310
	311	<Paragraph>
	312	<Paragraph>Running not-vulnerable SSH service: Dropbear 0.51.</Paragraph></Paragraph>
	313	</test>
	314
	315	<test id="ssh-sshinc-0001" status="skipped-version">
	316
	317	<Paragraph>
	318	<Paragraph>Running not-vulnerable SSH service: Dropbear 0.51.</Paragraph></Paragraph>
	319	</test>
	320
	321	<test id="ssh-sshinc-0005" status="skipped-version">
	322
	323	<Paragraph>
	324	<Paragraph>Running not-vulnerable SSH service: Dropbear 0.51.</Paragraph></Paragraph>
	325	</test>
	326
	327	<test id="ssh-sshinc-0006" status="skipped-version">
	328
	329	<Paragraph>
	330	<Paragraph>Running not-vulnerable SSH service: Dropbear 0.51.</Paragraph></Paragraph>
	331	</test>
	332
	333	<test id="ssh-sshinc-getlogin-spoof-privilege-escalation" status="skipped-version">
	334
	335	<Paragraph>
	336	<Paragraph>Running not-vulnerable SSH service: Dropbear 0.51.</Paragraph></Paragraph>
	337	</test>
	338
	339	<test id="ssh-sshinc-rsa-signature-forging" status="skipped-version">
	340
	341	<Paragraph>
	342	<Paragraph>Running not-vulnerable SSH service: Dropbear 0.51.</Paragraph></Paragraph>
	343	</test>
	344
	345	<test id="ssh-openssh-valid-username-info-leak" status="skipped-version">
	346
	347	<Paragraph>
	348	<Paragraph>Running not-vulnerable SSH service: Dropbear 0.51.</Paragraph></Paragraph>
	349	</test>
	350
	351	<test id="ssh-sshinc-0004" status="skipped-version">
	352
	353	<Paragraph>
	354	<Paragraph>Running not-vulnerable SSH service: Dropbear 0.51.</Paragraph></Paragraph>
	355	</test>
	356	</tests>
	357	</service>
	358	</services>
	359	</endpoint>
	360
	361	<endpoint protocol="tcp" port="23" status="open">
	362	<services>
	363	<service name="Telnet">
	364	<tests>
	365	<test id="telnet-avaya-default-login-diag" status="not-vulnerable">
	366
	367	<Paragraph>
	368	<Paragraph>Running vulnerable Telnet service.</Paragraph>Was not able to authenticate to the Telnet service with no credentials.</Paragraph>
	369	</test>
	370
	371	<test id="telnet-avaya-default-login-manuf" status="not-vulnerable">
	372
	373	<Paragraph>
	374	<Paragraph>Running vulnerable Telnet service.</Paragraph>Was not able to authenticate to the Telnet service with no credentials.</Paragraph>
	375	</test>
	376
	377	<test id="telnet-default-account-admin-password-password" status="not-vulnerable">
	378
	379	<Paragraph>
	380	<Paragraph>Running vulnerable Telnet service.</Paragraph>Was not able to authenticate to the Telnet service with no credentials.</Paragraph>
	381	</test>
	382
	383	<test id="telnet-default-account-root-password-password" status="not-vulnerable">
	384
	385	<Paragraph>
	386	<Paragraph>Running vulnerable Telnet service.</Paragraph>Was not able to authenticate to the Telnet service with no credentials.</Paragraph>
	387	</test>
	388
	389	<test id="telnet-generic-0001" status="not-vulnerable">
	390
	391	<Paragraph>
	392	<Paragraph>Running vulnerable Telnet service.</Paragraph>Was not able to authenticate to the Telnet service with no credentials.</Paragraph>
	393	</test>
	394
	395	<test id="telnet-generic-0002" status="not-vulnerable">
	396
	397	<Paragraph>
	398	<Paragraph>Running vulnerable Telnet service.</Paragraph>Was not able to authenticate to the Telnet service with no credentials.</Paragraph>
	399	</test>
	400
	401	<test id="telnet-generic-0003" status="not-vulnerable">
	402
	403	<Paragraph>
	404	<Paragraph>Running vulnerable Telnet service.</Paragraph>Was not able to authenticate to the Telnet service with no credentials.</Paragraph>
	405	</test>
	406
	407	<test id="telnet-generic-0004" status="not-vulnerable">
	408
	409	<Paragraph>
	410	<Paragraph>Running vulnerable Telnet service.</Paragraph>Was not able to authenticate to the Telnet service with no credentials.</Paragraph>
	411	</test>
	412
	413	<test id="telnet-generic-0005" status="not-vulnerable">
	414
	415	<Paragraph>
	416	<Paragraph>Running vulnerable Telnet service.</Paragraph>Was not able to authenticate to the Telnet service with no credentials.</Paragraph>
	417	</test>
	418
	419	<test id="telnet-netscreen-default-netscreen-netscreen" status="not-vulnerable">
	420
	421	<Paragraph>
	422	<Paragraph>Running vulnerable Telnet service.</Paragraph>Was not able to authenticate to the Telnet service with no credentials.</Paragraph>
	423	</test>
	424
	425	<test id="telnet-db2-default-login-db2as" status="not-vulnerable">
	426
	427	<Paragraph>
	428	<Paragraph>Running vulnerable Telnet service.</Paragraph>Was not able to authenticate to the Telnet service with no credentials.</Paragraph>
	429	</test>
	430
	431	<test id="telnet-db2-default-login-db2fenc1" status="not-vulnerable">
	432
	433	<Paragraph>
	434	<Paragraph>Running vulnerable Telnet service.</Paragraph>Was not able to authenticate to the Telnet service with no credentials.</Paragraph>
	435	</test>
	436
	437	<test id="telnet-db2-default-login-db2inst1" status="not-vulnerable">
	438
	439	<Paragraph>
	440	<Paragraph>Running vulnerable Telnet service.</Paragraph>Was not able to authenticate to the Telnet service with no credentials.</Paragraph>
	441	</test>
	442
	443	<test id="telnet-open-port" status="vulnerable-version">
	444
	445	<Paragraph>
	446	<Paragraph>Running vulnerable Telnet service.</Paragraph></Paragraph>
	447	</test>
	448	</tests>
	449	</service>
	450	</services>
	451	</endpoint>
	452
	453	<endpoint protocol="tcp" port="80" status="open">
	454	<services>
	455	<service name="HTTP">
	456	<fingerprints>
	457	<fingerprint certainty="0.90" vendor="ACME Laboratories" family="mini_httpd" product="mini_httpd" version="1.19"/>
	458	</fingerprints>
	459	<configuration>
	460	<config name="http.banner">mini_httpd/1.19 19dec2003</config>
	461	<config name="http.banner.server">mini_httpd/1.19 19dec2003</config>
	462	</configuration>
	463	<tests>
	464	<test id="adobe-apsb13-03-cve-2013-0632" key="/CFIDE/adminapi/administrator.cfc?" status="not-vulnerable">
	465
	466	<Paragraph>
	467	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	468	<Paragraph>
	469	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	470	</test>
	471
	472	<test id="adobe-apsb13-13-cve-2013-1389" status="skipped-version">
	473
	474	<Paragraph>
	475	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	476	<Paragraph>Based on the result of the "APSB13-13: Security updates available for Adobe ColdFusion (CVE-2013-3336)" test, this node is not vulnerable to this issue.</Paragraph></Paragraph>
	477	</test>
	478
	479	<test id="http-3com-wap-default-admin-password" key="/index.htm" status="not-vulnerable">
	480
	481	<Paragraph>
	482	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	483	<Paragraph>
	484	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	485	</test>
	486
	487	<test id="http-drac-default-login" status="not-vulnerable">
	488
	489	<Paragraph>
	490	<Paragraph>Server responded with an HTTP 404 to a request to /cgi-bin/webcgi/login</Paragraph></Paragraph>
	491	</test>
	492
	493	<test id="http-drac-default-login" key="/data/login" status="not-vulnerable">
	494
	495	<Paragraph>
	496	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	497	<Paragraph>
	498	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	499	</test>
	500
	501	<test id="http-drac-default-login" key="/cgi/login" status="not-vulnerable">
	502
	503	<Paragraph>
	504	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	505	<Paragraph>
	506	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	507	</test>
	508
	509	<test id="http-glassfish-default-admin-password" key="/common/index.jsf" status="not-vulnerable">
	510
	511	<Paragraph>
	512	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	513	<Paragraph>
	514	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	515	</test>
	516
	517	<test id="http-nokia-firewall-default-admin-password" key="/cgi-bin/home.tcl" status="not-vulnerable">
	518
	519	<Paragraph>
	520	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	521	<Paragraph>
	522	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	523	</test>
	524
	525	<test id="http-phpmyadmin-account-pma-password-empty" key="/phpmyadmin/" status="not-vulnerable">
	526
	527	<Paragraph>
	528	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	529	<Paragraph>
	530	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	531	</test>
	532
	533	<test id="apache-struts-cve-2013-2251" key="/struts2-showcase/employee/save.action" status="not-vulnerable">
	534
	535	<Paragraph>
	536	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	537	<Paragraph>
	538	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	539	</test>
	540
	541	<test id="apache-struts-cve-2013-2251" key="/struts2-blank/example/HelloWorld.action" status="not-vulnerable">
	542
	543	<Paragraph>
	544	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	545	<Paragraph>
	546	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	547	</test>
	548
	549	<test id="checkpoint-ess-info-disclosure-sk57881" key="/conf/ssl/apache/integrity.key" status="not-vulnerable">
	550
	551	<Paragraph>
	552	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	553	<Paragraph>
	554	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	555	</test>
	556
	557	<test id="http-thttpd-obsolete" status="skipped-version">
	558
	559	<Paragraph>
	560	<Paragraph>Running not-vulnerable HTTP service: ACME Laboratories mini_httpd 1.19.</Paragraph></Paragraph>
	561	</test>
	562
	563	<test id="http-unrestricted-webdav-put-delete" status="not-vulnerable">
	564
	565	<Paragraph>
	566	<Paragraph>/r7.txt was not successfully PUT on the server.</Paragraph></Paragraph>
	567	</test>
	568
	569	<test id="adobe-apsb10-18-cve-2010-2861" key="/CFIDE/administrator/enter.cfm?locale=../../../../../../../lib/password.properties%00en" status="not-vulnerable">
	570
	571	<Paragraph>
	572	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	573	<Paragraph>
	574	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	575	</test>
	576
	577	<test id="http-awstats-remote-code-execution" key="/cgi-bin/awstats.pl?PluginMode=:print+%22x%22%2e(1042+%2b+1099)%2e%22x%22;" status="not-vulnerable">
	578
	579	<Paragraph>
	580	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	581	<Paragraph>
	582	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	583	</test>
	584
	585	<test id="http-cgi-faxsurvey-command-execution" key="/cgi-bin/faxsurvey?/bin/cat%20/etc/passwd" status="not-vulnerable">
	586
	587	<Paragraph>
	588	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	589	<Paragraph>
	590	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	591	</test>
	592
	593	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/servermanager/" status="not-vulnerable">
	594
	595	<Paragraph>
	596	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	597	<Paragraph>
	598	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	599	</test>
	600
	601	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/adminapi/base.cfc?wsdl" status="not-vulnerable">
	602
	603	<Paragraph>
	604	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	605	<Paragraph>
	606	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	607	</test>
	608
	609	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/adminiapi/" status="not-vulnerable">
	610
	611	<Paragraph>
	612	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	613	<Paragraph>
	614	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	615	</test>
	616
	617	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/administrator/" status="not-vulnerable">
	618
	619	<Paragraph>
	620	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	621	<Paragraph>
	622	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	623	</test>
	624
	625	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/AIR/" status="not-vulnerable">
	626
	627	<Paragraph>
	628	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	629	<Paragraph>
	630	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	631	</test>
	632
	633	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/appdeployment/" status="not-vulnerable">
	634
	635	<Paragraph>
	636	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	637	<Paragraph>
	638	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	639	</test>
	640
	641	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/componentutils/" status="not-vulnerable">
	642
	643	<Paragraph>
	644	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	645	<Paragraph>
	646	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	647	</test>
	648
	649	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/orm/" status="not-vulnerable">
	650
	651	<Paragraph>
	652	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	653	<Paragraph>
	654	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	655	</test>
	656
	657	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/portlets/" status="not-vulnerable">
	658
	659	<Paragraph>
	660	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	661	<Paragraph>
	662	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	663	</test>
	664
	665	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/scheduler/" status="not-vulnerable">
	666
	667	<Paragraph>
	668	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	669	<Paragraph>
	670	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	671	</test>
	672
	673	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/services/" status="not-vulnerable">
	674
	675	<Paragraph>
	676	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	677	<Paragraph>
	678	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	679	</test>
	680
	681	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/websocket/" status="not-vulnerable">
	682
	683	<Paragraph>
	684	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	685	<Paragraph>
	686	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	687	</test>
	688
	689	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/wizards/common/" status="not-vulnerable">
	690
	691	<Paragraph>
	692	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	693	<Paragraph>
	694	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	695	</test>
	696
	697	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/wizards/common/utils.cfc?method=verifyldapserver&vserver=localhost&vport=22&vstart=&vusername=&vpassword=&returnformat=json" status="not-vulnerable">
	698
	699	<Paragraph>
	700	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	701	<Paragraph>
	702	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	703	</test>
	704
	705	<test id="http-frontpage-unprotected" key="/_vti_bin/_vti_aut/author.dll" status="not-vulnerable">
	706
	707	<Paragraph>
	708	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	709	<Paragraph>
	710	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	711	</test>
	712
	713	<test id="http-php-xmlrpc-code-injection" key="/xmlrpc.php" status="not-vulnerable">
	714
	715	<Paragraph>
	716	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	717	<Paragraph>
	718	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	719	</test>
	720
	721	<test id="adobe-apsb13-03-cve-2013-0625" status="skipped-version">
	722
	723	<Paragraph>
	724	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	725	<Paragraph>Based on the result of the "APSB13-03: Security updates available for Adobe ColdFusion (CVE-2013-0629)" test, this node is not vulnerable to this issue.</Paragraph></Paragraph>
	726	</test>
	727
	728	<test id="http-basic-auth-cleartext" key="/" status="not-vulnerable">
	729
	730	<Paragraph>
	731	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	732	<Paragraph>
	733	<ContainerBlockElement>
	734	<ContainerBlockElement>
	735	<Paragraph>HTTP GET request to
	736	<URLLink LinkURL="http://192.168.1.1/" LinkTitle="http://192.168.1.1/"></URLLink></Paragraph>HTTP response code was 200 but expected 401</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	737	</test>
	738
	739	<test id="http-iis-0014" status="not-vulnerable">
	740
	741	<Paragraph>
	742	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	743	<Paragraph>Based on the following 3 results:
	744	<OrderedList>
	745	<ListItem>
	746	<Paragraph>
	747	<ContainerBlockElement></ContainerBlockElement></Paragraph></ListItem>
	748	<ListItem>
	749	<Paragraph>
	750	<ContainerBlockElement></ContainerBlockElement></Paragraph></ListItem>
	751	<ListItem>
	752	<Paragraph>
	753	<ContainerBlockElement></ContainerBlockElement></Paragraph></ListItem></OrderedList></Paragraph></Paragraph>
	754	</test>
	755
	756	<test id="http-cgi-viewsource-arbitrary-file-access" key="/cgi-bin/view-source?../../../../../../../etc/passwd" status="not-vulnerable">
	757
	758	<Paragraph>
	759	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	760	<Paragraph>
	761	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	762	</test>
	763
	764	<test id="http-trace-method-enabled" key="/" status="not-vulnerable">
	765
	766	<Paragraph>
	767	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	768	<Paragraph>
	769	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	770	</test>
	771
	772	<test id="http-track-method-enabled" key="/" status="not-vulnerable">
	773
	774	<Paragraph>
	775	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	776	<Paragraph>
	777	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	778	</test>
	779
	780	<test id="spider-adobe-flash-permissive-crossdomain-xml" key="/crossdomain.xml" status="not-vulnerable">
	781
	782	<Paragraph>
	783	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	784	<Paragraph>
	785	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	786	</test>
	787
	788	<test id="adobe-apsb13-03-cve-2013-0631" key="/CFIDE/adminapi/customtags/fusebox.cfm" status="not-vulnerable">
	789
	790	<Paragraph>
	791	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	792	<Paragraph>
	793	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	794	</test>
	795
	796	<test id="adobe-apsb13-13-cve-2013-3336" key="/CFIDE/adminapi/customtags/l10n.cfm?attributes.id=test&attributes.file=../../administrator/mail/download.cfm&filename=../../lib/password.properties&attributes.locale=it&attributes.var=it&attributes.jscript=false&attributes.type=text/html&attributes.charse" status="not-vulnerable">
	797
	798	<Paragraph>
	799	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	800	<Paragraph>
	801	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	802	</test>
	803
	804	<test id="http-awstats-debug-information-disclosure" key="/cgi-bin/awstats.pl?debug=1" status="not-vulnerable">
	805
	806	<Paragraph>
	807	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	808	<Paragraph>
	809	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	810	</test>
	811
	812	<test id="http-bigbrother-accessible" key="/bb/" status="not-vulnerable">
	813
	814	<Paragraph>
	815	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	816	<Paragraph>
	817	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	818	</test>
	819
	820	<test id="http-cgi-htdig-arbitrary-file-access" key="/cgi-bin/htsearch?Exclude=%60/etc/passwd%60" status="not-vulnerable">
	821
	822	<Paragraph>
	823	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	824	<Paragraph>
	825	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	826	</test>
	827
	828	<test id="http-cgi-htgrep-arbitrary-file-access" key="/cgi-bin/htgrep/file=index.html&hdr=/etc/passwd" status="not-vulnerable">
	829
	830	<Paragraph>
	831	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	832	<Paragraph>
	833	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	834	</test>
	835
	836	<test id="http-cgi-htmlscript-arbitrary-file-access" key="/cgi-bin/htmlscript?../../../../../../../etc/passwd" status="not-vulnerable">
	837
	838	<Paragraph>
	839	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	840	<Paragraph>
	841	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	842	</test>
	843
	844	<test id="http-cgi-testcgi-file-listing" key="/cgi-bin/test-cgi" status="not-vulnerable">
	845
	846	<Paragraph>
	847	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	848	<Paragraph>
	849	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	850	</test>
	851
	852	<test id="http-cookie-http-only-flag" key="/cgi-bin/webproc" status="vulnerable-exploited">
	853
	854	<Paragraph>
	855	<ContainerBlockElement>
	856	<Paragraph>Cookie is not marked as HttpOnly: 'sessionid=7d7130f3; path=/cgi-bin; domain=192.168.1.1'</Paragraph>
	857	<Paragraph>URL:
	858	<URLLink LinkURL="http://192.168.1.1/cgi-bin/webproc" LinkTitle="http://192.168.1.1/cgi-bin/webproc"></URLLink></Paragraph></ContainerBlockElement></Paragraph>
	859	</test>
	860
	861	<test id="http-generic-propfind-dir-browsing" status="skipped-version">
	862
	863	<Paragraph>
	864	<Paragraph>
	865	<ContainerBlockElement>
	866	<Paragraph>HTTP request to
	867	<URLLink LinkURL="http://192.168.1.1/html/" LinkTitle="http://192.168.1.1/html/"></URLLink></Paragraph></ContainerBlockElement></Paragraph>
	868	<Paragraph>Server did not respond with a valid XML document.</Paragraph>
	869	<Paragraph>Based on the result of the "WebDAV Extensions are Enabled" test, this node is not vulnerable to this issue.</Paragraph></Paragraph>
	870	</test>
	871
	872	<test id="http-generic-propfind-dir-browsing" status="skipped-version">
	873
	874	<Paragraph>
	875	<Paragraph>
	876	<ContainerBlockElement>
	877	<Paragraph>HTTP request to
	878	<URLLink LinkURL="http://192.168.1.1/" LinkTitle="http://192.168.1.1/"></URLLink></Paragraph></ContainerBlockElement></Paragraph>
	879	<Paragraph>Server did not respond with a valid XML document.</Paragraph>
	880	<Paragraph>Based on the result of the "WebDAV Extensions are Enabled" test, this node is not vulnerable to this issue.</Paragraph></Paragraph>
	881	</test>
	882
	883	<test id="http-lighttpd-mod_userdir-info-discl" key="/~bin/true" status="not-vulnerable">
	884
	885	<Paragraph>
	886	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	887	<Paragraph>
	888	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	889	</test>
	890
	891	<test id="http-open-proxy" key="http://www.google.com:80/" status="not-vulnerable">
	892
	893	<Paragraph>
	894	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	895	<Paragraph>
	896	<ContainerBlockElement>
	897	<ContainerBlockElement>
	898	<Paragraph>HTTP HEAD request to
	899	<URLLink LinkURL="http://www.google.com/" LinkTitle="http://www.google.com/"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	900	</test>
	901
	902	<test id="http-php-ini-file-exposed" key="/cgi-bin/php.ini" status="not-vulnerable">
	903
	904	<Paragraph>
	905	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	906	<Paragraph>
	907	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	908	</test>
	909
	910	<test id="http-symantec-scan-engine-file-disclosure" key="/README.txt" status="not-vulnerable">
	911
	912	<Paragraph>
	913	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	914	<Paragraph>
	915	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	916	</test>
	917
	918	<test id="http-tomcat-jkstatus-accessible" key="/jkstatus/" status="not-vulnerable">
	919
	920	<Paragraph>
	921	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	922	<Paragraph>
	923	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	924	</test>
	925
	926	<test id="http-vignette-app-portal-diag" status="not-vulnerable">
	927
	928	<Paragraph>
	929	<Paragraph>Diagnostics page not returned</Paragraph></Paragraph>
	930	</test>
	931
	932	<test id="adobe-apsb13-03-cve-2013-0629" key="/CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtml&name=CFIDE.componentutils.cfcexplorer&path=../../../license.txt" status="not-vulnerable">
	933
	934	<Paragraph>
	935	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	936	<Paragraph>
	937	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	938	</test>
	939
	940	<test id="apache-httpd-cve-2008-0005" key="ftp://ftp.kernel.org/;utf7xss" status="not-vulnerable">
	941
	942	<Paragraph>
	943	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	944	<Paragraph>
	945	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	946	</test>
	947
	948	<test id="apache-httpd-cve-2008-0005" key="ftp://ftp.kernel.org/;utf7xss" status="not-vulnerable">
	949
	950	<Paragraph>
	951	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	952	<Paragraph>
	953	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	954	</test>
	955
	956	<test id="apache-httpd-cve-2008-2939" key="ftp://ftp.kernel.org/*<img%20src=""%20onerror="alert(42)">" status="not-vulnerable">
	957
	958	<Paragraph>
	959	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	960	<Paragraph>
	961	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	962	</test>
	963
	964	<test id="apache-httpd-cve-2008-2939" key="ftp://ftp.kernel.org/*<img%20src=""%20onerror="alert(42)">" status="not-vulnerable">
	965
	966	<Paragraph>
	967	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	968	<Paragraph>
	969	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	970	</test>
	971
	972	<test id="http-adobe-amf-gateway-xxe-cve-2009-3960" key="/flex2gateway/http" status="not-vulnerable">
	973
	974	<Paragraph>
	975	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	976	<Paragraph>
	977	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	978	</test>
	979	</tests>
	980	</service>
	981	</services>
	982	</endpoint>
	983	</endpoints>
	984	</node>
	985
	986	<node address="192.168.1.18" status="alive" device-id="6">
	987	<fingerprints>
	988	<os certainty="0.70" device-class="WAP" vendor="Linux" family="Linux" product="Linux" version="2.4.20"/>
	989	</fingerprints>
	990	<tests>
	991	<test id="tcp-seq-num-approximation" status="vulnerable-exploited">
	992
	993	<Paragraph>
	994	<Paragraph>TCP reset with incorrect sequence number triggered this fault on 192.168.1.18:23: Connection reset by peer</Paragraph></Paragraph>
	995	</test>
	996
	997	<test id="generic-icmp-netmask" status="not-vulnerable">
	998
	999	<Paragraph>
	1000	<Paragraph>No response</Paragraph></Paragraph>
	1001	</test>
	1002
	1003	<test id="generic-icmp-timestamp" status="vulnerable-exploited">
	1004
	1005	<Paragraph>
	1006	<Paragraph>Remote system time: 06:05:56.324 UTC</Paragraph></Paragraph>
	1007	</test>
	1008
	1009	<test id="generic-tcp-timestamp" status="vulnerable-exploited">
	1010
	1011	<Paragraph>
	1012	<Paragraph>Apparent system boot time: Wed Nov 27 00:16:51 UTC 2013</Paragraph></Paragraph>
	1013	</test>
	1014	</tests>
	1015	<endpoints>
	1016	<endpoint protocol="tcp" port="23" status="open">
	1017	<services>
	1018	<service name="Telnet">
	1019	<tests>
	1020	<test id="telnet-avaya-default-login-diag" status="not-vulnerable">
	1021
	1022	<Paragraph>
	1023	<Paragraph>Running vulnerable Telnet service.</Paragraph>Was not able to authenticate to the Telnet service with no credentials.</Paragraph>
	1024	</test>
	1025
	1026	<test id="telnet-avaya-default-login-manuf" status="not-vulnerable">
	1027
	1028	<Paragraph>
	1029	<Paragraph>Running vulnerable Telnet service.</Paragraph>Was not able to authenticate to the Telnet service with no credentials.</Paragraph>
	1030	</test>
	1031
	1032	<test id="telnet-default-account-admin-password-password" status="not-vulnerable">
	1033
	1034	<Paragraph>
	1035	<Paragraph>Running vulnerable Telnet service.</Paragraph>Was not able to authenticate to the Telnet service with no credentials.</Paragraph>
	1036	</test>
	1037
	1038	<test id="telnet-default-account-root-password-password" status="not-vulnerable">
	1039
	1040	<Paragraph>
	1041	<Paragraph>Running vulnerable Telnet service.</Paragraph>Was not able to authenticate to the Telnet service with no credentials.</Paragraph>
	1042	</test>
	1043
	1044	<test id="telnet-generic-0001" status="not-vulnerable">
	1045
	1046	<Paragraph>
	1047	<Paragraph>Running vulnerable Telnet service.</Paragraph>Was not able to authenticate to the Telnet service with no credentials.</Paragraph>
	1048	</test>
	1049
	1050	<test id="telnet-generic-0002" status="not-vulnerable">
	1051
	1052	<Paragraph>
	1053	<Paragraph>Running vulnerable Telnet service.</Paragraph>Was not able to authenticate to the Telnet service with no credentials.</Paragraph>
	1054	</test>
	1055
	1056	<test id="telnet-generic-0003" status="not-vulnerable">
	1057
	1058	<Paragraph>
	1059	<Paragraph>Running vulnerable Telnet service.</Paragraph>Was not able to authenticate to the Telnet service with no credentials.</Paragraph>
	1060	</test>
	1061
	1062	<test id="telnet-generic-0004" status="not-vulnerable">
	1063
	1064	<Paragraph>
	1065	<Paragraph>Running vulnerable Telnet service.</Paragraph>Was not able to authenticate to the Telnet service with no credentials.</Paragraph>
	1066	</test>
	1067
	1068	<test id="telnet-generic-0005" status="not-vulnerable">
	1069
	1070	<Paragraph>
	1071	<Paragraph>Running vulnerable Telnet service.</Paragraph>Was not able to authenticate to the Telnet service with no credentials.</Paragraph>
	1072	</test>
	1073
	1074	<test id="telnet-netscreen-default-netscreen-netscreen" status="not-vulnerable">
	1075
	1076	<Paragraph>
	1077	<Paragraph>Running vulnerable Telnet service.</Paragraph>Was not able to authenticate to the Telnet service with no credentials.</Paragraph>
	1078	</test>
	1079
	1080	<test id="telnet-db2-default-login-db2as" status="not-vulnerable">
	1081
	1082	<Paragraph>
	1083	<Paragraph>Running vulnerable Telnet service.</Paragraph>Was not able to authenticate to the Telnet service with no credentials.</Paragraph>
	1084	</test>
	1085
	1086	<test id="telnet-db2-default-login-db2fenc1" status="not-vulnerable">
	1087
	1088	<Paragraph>
	1089	<Paragraph>Running vulnerable Telnet service.</Paragraph>Was not able to authenticate to the Telnet service with no credentials.</Paragraph>
	1090	</test>
	1091
	1092	<test id="telnet-db2-default-login-db2inst1" status="not-vulnerable">
	1093
	1094	<Paragraph>
	1095	<Paragraph>Running vulnerable Telnet service.</Paragraph>Was not able to authenticate to the Telnet service with no credentials.</Paragraph>
	1096	</test>
	1097
	1098	<test id="telnet-open-port" status="vulnerable-version">
	1099
	1100	<Paragraph>
	1101	<Paragraph>Running vulnerable Telnet service.</Paragraph></Paragraph>
	1102	</test>
	1103	</tests>
	1104	</service>
	1105	</services>
	1106	</endpoint>
	1107
	1108	<endpoint protocol="tcp" port="53" status="open">
	1109	<services>
	1110	<service name="DNS-TCP">
	1111	<tests>
	1112	<test id="dns-allows-cache-snooping" status="error">
	1113
	1114	<Paragraph>
	1115	<Paragraph>java.io.EOFException</Paragraph></Paragraph>
	1116	</test>
	1117
	1118	<test id="dns-processes-recursive-queries" status="not-vulnerable">
	1119
	1120	<Paragraph>
	1121	<Paragraph>Nameserver did not resolve test host.</Paragraph></Paragraph>
	1122	</test>
	1123
	1124	<test id="dns-unrestricted-reverse-zone-transfer" status="error">
	1125
	1126	<Paragraph>
	1127	<Paragraph>java.io.EOFException</Paragraph></Paragraph>
	1128	</test>
	1129
	1130	<test id="dns-0004" status="not-vulnerable">
	1131
	1132	<Paragraph>
	1133	<Paragraph>The zone data was not transferred.</Paragraph></Paragraph>
	1134	</test>
	1135	</tests>
	1136	</service>
	1137	</services>
	1138	</endpoint>
	1139
	1140	<endpoint protocol="tcp" port="80" status="open">
	1141	<services>
	1142	<service name="HTTP">
	1143	<fingerprints>
	1144	<fingerprint certainty="0.75" product="httpd"/>
	1145	</fingerprints>
	1146	<configuration>
	1147	<config name="http.banner">httpd</config>
	1148	<config name="http.banner.server">httpd</config>
	1149	</configuration>
	1150	<tests>
	1151	<test id="adobe-apsb13-03-cve-2013-0632" key="/CFIDE/adminapi/administrator.cfc?" status="not-vulnerable">
	1152
	1153	<Paragraph>
	1154	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1155	<Paragraph>
	1156	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	1157	</test>
	1158
	1159	<test id="adobe-apsb13-13-cve-2013-1389" status="skipped-version">
	1160
	1161	<Paragraph>
	1162	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1163	<Paragraph>Based on the result of the "APSB13-13: Security updates available for Adobe ColdFusion (CVE-2013-3336)" test, this node is not vulnerable to this issue.</Paragraph></Paragraph>
	1164	</test>
	1165
	1166	<test id="http-3com-wap-default-admin-password" key="/index.htm" status="not-vulnerable">
	1167
	1168	<Paragraph>
	1169	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1170	<Paragraph>
	1171	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	1172	</test>
	1173
	1174	<test id="http-drac-default-login" key="/data/login" status="not-vulnerable">
	1175
	1176	<Paragraph>
	1177	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1178	<Paragraph>
	1179	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	1180	</test>
	1181
	1182	<test id="http-drac-default-login" key="/cgi/login" status="not-vulnerable">
	1183
	1184	<Paragraph>
	1185	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1186	<Paragraph>
	1187	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	1188	</test>
	1189
	1190	<test id="http-drac-default-login" status="not-vulnerable">
	1191
	1192	<Paragraph>
	1193	<Paragraph>Server responded with an HTTP 401 to a request to /cgi-bin/webcgi/login</Paragraph></Paragraph>
	1194	</test>
	1195
	1196	<test id="http-glassfish-default-admin-password" key="/common/index.jsf" status="not-vulnerable">
	1197
	1198	<Paragraph>
	1199	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1200	<Paragraph>
	1201	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	1202	</test>
	1203
	1204	<test id="http-nokia-firewall-default-admin-password" key="/cgi-bin/home.tcl" status="not-vulnerable">
	1205
	1206	<Paragraph>
	1207	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1208	<Paragraph>
	1209	<ContainerBlockElement>
	1210	<ContainerBlockElement>
	1211	<Paragraph>HTTP POST request to
	1212	<URLLink LinkURL="http://192.168.1.18/cgi-bin/home.tcl" LinkTitle="http://192.168.1.18/cgi-bin/home.tcl"></URLLink></Paragraph>HTTP response code was 401 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	1213	</test>
	1214
	1215	<test id="http-phpmyadmin-account-pma-password-empty" key="/phpmyadmin/" status="not-vulnerable">
	1216
	1217	<Paragraph>
	1218	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1219	<Paragraph>
	1220	<ContainerBlockElement>
	1221	<ContainerBlockElement>
	1222	<Paragraph>HTTP GET request to
	1223	<URLLink LinkURL="http://192.168.1.18/phpmyadmin/" LinkTitle="http://192.168.1.18/phpmyadmin/"></URLLink></Paragraph>HTTP response code was 200 but expected 401</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	1224	</test>
	1225
	1226	<test id="apache-struts-cve-2013-2251" key="/struts2-showcase/employee/save.action" status="not-vulnerable">
	1227
	1228	<Paragraph>
	1229	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1230	<Paragraph>
	1231	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	1232	</test>
	1233
	1234	<test id="apache-struts-cve-2013-2251" key="/struts2-blank/example/HelloWorld.action" status="not-vulnerable">
	1235
	1236	<Paragraph>
	1237	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1238	<Paragraph>
	1239	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	1240	</test>
	1241
	1242	<test id="checkpoint-ess-info-disclosure-sk57881" key="/conf/ssl/apache/integrity.key" status="not-vulnerable">
	1243
	1244	<Paragraph>
	1245	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1246	<Paragraph>
	1247	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	1248	</test>
	1249
	1250	<test id="http-thttpd-obsolete" status="skipped-version">
	1251
	1252	<Paragraph>
	1253	<Paragraph>Running not-vulnerable HTTP service: httpd.</Paragraph></Paragraph>
	1254	</test>
	1255
	1256	<test id="http-unrestricted-webdav-put-delete" status="not-vulnerable">
	1257
	1258	<Paragraph>
	1259	<Paragraph>/r7.txt was not successfully PUT on the server.</Paragraph></Paragraph>
	1260	</test>
	1261
	1262	<test id="adobe-apsb10-18-cve-2010-2861" key="/CFIDE/administrator/enter.cfm?locale=../../../../../../../lib/password.properties%00en" status="not-vulnerable">
	1263
	1264	<Paragraph>
	1265	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1266	<Paragraph>
	1267	<ContainerBlockElement>
	1268	<ContainerBlockElement>
	1269	<Paragraph>HTTP GET request to
	1270	<URLLink LinkURL="http://192.168.1.18/CFIDE/administrator/enter.cfm?locale=../../../../../../../lib/password.properties%00en" LinkTitle="http://192.168.1.18/CFIDE/administrator/enter.cfm?locale=../../../../../../../lib/password.properties%00en"></URLLink></Paragraph>HTTP response code was 400 but expected 200HTTP response code was 400 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	1271	</test>
	1272
	1273	<test id="http-awstats-remote-code-execution" key="/cgi-bin/awstats/awstats.pl?PluginMode=:print+%22x%22%2e(1042+%2b+1099)%2e%22x%22;" status="not-vulnerable">
	1274
	1275	<Paragraph>
	1276	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1277	<Paragraph>
	1278	<ContainerBlockElement>
	1279	<ContainerBlockElement>
	1280	<Paragraph>HTTP GET request to
	1281	<URLLink LinkURL="http://192.168.1.18/cgi-bin/awstats.pl?PluginMode=:print+%22x%22%2e(1042+%2b+1099)%2e%22x%22;" LinkTitle="http://192.168.1.18/cgi-bin/awstats.pl?PluginMode=:print+%22x%22%2e(1042+%2b+1099)%2e%22x%22;"></URLLink></Paragraph>HTTP response code was 401 but expected 200</ContainerBlockElement>
	1282	<ContainerBlockElement>
	1283	<Paragraph>HTTP GET request to
	1284	<URLLink LinkURL="http://192.168.1.18/cgi-bin/awstats/awstats.pl?PluginMode=:print+%22x%22%2e(1042+%2b+1099)%2e%22x%22;" LinkTitle="http://192.168.1.18/cgi-bin/awstats/awstats.pl?PluginMode=:print+%22x%22%2e(1042+%2b+1099)%2e%22x%22;"></URLLink></Paragraph>HTTP response code was 401 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	1285	</test>
	1286
	1287	<test id="http-cgi-faxsurvey-command-execution" key="/cgi-bin/faxquery?/bin/cat%20/etc/passwd" status="not-vulnerable">
	1288
	1289	<Paragraph>
	1290	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1291	<Paragraph>
	1292	<ContainerBlockElement>
	1293	<ContainerBlockElement>
	1294	<Paragraph>HTTP GET request to
	1295	<URLLink LinkURL="http://192.168.1.18/cgi-bin/faxsurvey?/bin/cat%20/etc/passwd" LinkTitle="http://192.168.1.18/cgi-bin/faxsurvey?/bin/cat%20/etc/passwd"></URLLink></Paragraph>HTTP response code was 401 but expected 200</ContainerBlockElement>
	1296	<ContainerBlockElement>
	1297	<Paragraph>HTTP GET request to
	1298	<URLLink LinkURL="http://192.168.1.18/cgi-bin/faxquery?/bin/cat%20/etc/passwd" LinkTitle="http://192.168.1.18/cgi-bin/faxquery?/bin/cat%20/etc/passwd"></URLLink></Paragraph>HTTP response code was 401 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	1299	</test>
	1300
	1301	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/AIR/" status="not-vulnerable">
	1302
	1303	<Paragraph>
	1304	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1305	<Paragraph>
	1306	<ContainerBlockElement>
	1307	<ContainerBlockElement>
	1308	<Paragraph>HTTP GET request to
	1309	<URLLink LinkURL="http://192.168.1.18/CFIDE/AIR/" LinkTitle="http://192.168.1.18/CFIDE/AIR/"></URLLink></Paragraph>HTTP response code was an expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	1310	</test>
	1311
	1312	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/wizards/common/utils.cfc?method=verifyldapserver&vserver=localhost&vport=22&vstart=&vusername=&vpassword=&returnformat=json" status="not-vulnerable">
	1313
	1314	<Paragraph>
	1315	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1316	<Paragraph>
	1317	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	1318	</test>
	1319
	1320	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/wizards/common/" status="not-vulnerable">
	1321
	1322	<Paragraph>
	1323	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1324	<Paragraph>
	1325	<ContainerBlockElement>
	1326	<ContainerBlockElement>
	1327	<Paragraph>HTTP GET request to
	1328	<URLLink LinkURL="http://192.168.1.18/CFIDE/wizards/common/" LinkTitle="http://192.168.1.18/CFIDE/wizards/common/"></URLLink></Paragraph>HTTP response code was an expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	1329	</test>
	1330
	1331	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/websocket/" status="not-vulnerable">
	1332
	1333	<Paragraph>
	1334	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1335	<Paragraph>
	1336	<ContainerBlockElement>
	1337	<ContainerBlockElement>
	1338	<Paragraph>HTTP GET request to
	1339	<URLLink LinkURL="http://192.168.1.18/CFIDE/websocket/" LinkTitle="http://192.168.1.18/CFIDE/websocket/"></URLLink></Paragraph>HTTP response code was an expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	1340	</test>
	1341
	1342	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/services/" status="not-vulnerable">
	1343
	1344	<Paragraph>
	1345	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1346	<Paragraph>
	1347	<ContainerBlockElement>
	1348	<ContainerBlockElement>
	1349	<Paragraph>HTTP GET request to
	1350	<URLLink LinkURL="http://192.168.1.18/CFIDE/services/" LinkTitle="http://192.168.1.18/CFIDE/services/"></URLLink></Paragraph>HTTP response code was an expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	1351	</test>
	1352
	1353	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/servermanager/" status="not-vulnerable">
	1354
	1355	<Paragraph>
	1356	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1357	<Paragraph>
	1358	<ContainerBlockElement>
	1359	<ContainerBlockElement>
	1360	<Paragraph>HTTP GET request to
	1361	<URLLink LinkURL="http://192.168.1.18/CFIDE/servermanager/" LinkTitle="http://192.168.1.18/CFIDE/servermanager/"></URLLink></Paragraph>HTTP response code was an expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	1362	</test>
	1363
	1364	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/scheduler/" status="not-vulnerable">
	1365
	1366	<Paragraph>
	1367	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1368	<Paragraph>
	1369	<ContainerBlockElement>
	1370	<ContainerBlockElement>
	1371	<Paragraph>HTTP GET request to
	1372	<URLLink LinkURL="http://192.168.1.18/CFIDE/scheduler/" LinkTitle="http://192.168.1.18/CFIDE/scheduler/"></URLLink></Paragraph>HTTP response code was an expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	1373	</test>
	1374
	1375	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/portlets/" status="not-vulnerable">
	1376
	1377	<Paragraph>
	1378	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1379	<Paragraph>
	1380	<ContainerBlockElement>
	1381	<ContainerBlockElement>
	1382	<Paragraph>HTTP GET request to
	1383	<URLLink LinkURL="http://192.168.1.18/CFIDE/portlets/" LinkTitle="http://192.168.1.18/CFIDE/portlets/"></URLLink></Paragraph>HTTP response code was an expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	1384	</test>
	1385
	1386	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/orm/" status="not-vulnerable">
	1387
	1388	<Paragraph>
	1389	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1390	<Paragraph>
	1391	<ContainerBlockElement>
	1392	<ContainerBlockElement>
	1393	<Paragraph>HTTP GET request to
	1394	<URLLink LinkURL="http://192.168.1.18/CFIDE/orm/" LinkTitle="http://192.168.1.18/CFIDE/orm/"></URLLink></Paragraph>HTTP response code was an expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	1395	</test>
	1396
	1397	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/componentutils/" status="not-vulnerable">
	1398
	1399	<Paragraph>
	1400	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1401	<Paragraph>
	1402	<ContainerBlockElement>
	1403	<ContainerBlockElement>
	1404	<Paragraph>HTTP GET request to
	1405	<URLLink LinkURL="http://192.168.1.18/CFIDE/componentutils/" LinkTitle="http://192.168.1.18/CFIDE/componentutils/"></URLLink></Paragraph>HTTP response code was an expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	1406	</test>
	1407
	1408	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/appdeployment/" status="not-vulnerable">
	1409
	1410	<Paragraph>
	1411	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1412	<Paragraph>
	1413	<ContainerBlockElement>
	1414	<ContainerBlockElement>
	1415	<Paragraph>HTTP GET request to
	1416	<URLLink LinkURL="http://192.168.1.18/CFIDE/appdeployment/" LinkTitle="http://192.168.1.18/CFIDE/appdeployment/"></URLLink></Paragraph>HTTP response code was an expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	1417	</test>
	1418
	1419	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/administrator/enter.cfm" status="not-vulnerable">
	1420
	1421	<Paragraph>
	1422	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1423	<Paragraph>
	1424	<ContainerBlockElement>
	1425	<ContainerBlockElement>
	1426	<Paragraph>HTTP GET request to
	1427	<URLLink LinkURL="http://192.168.1.18/CFIDE/administrator/" LinkTitle="http://192.168.1.18/CFIDE/administrator/"></URLLink></Paragraph>HTTP response code was an expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	1428	</test>
	1429
	1430	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/adminiapi/" status="not-vulnerable">
	1431
	1432	<Paragraph>
	1433	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1434	<Paragraph>
	1435	<ContainerBlockElement>
	1436	<ContainerBlockElement>
	1437	<Paragraph>HTTP GET request to
	1438	<URLLink LinkURL="http://192.168.1.18/CFIDE/adminiapi/" LinkTitle="http://192.168.1.18/CFIDE/adminiapi/"></URLLink></Paragraph>HTTP response code was an expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	1439	</test>
	1440
	1441	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/adminapi/base.cfc?wsdl" status="not-vulnerable">
	1442
	1443	<Paragraph>
	1444	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1445	<Paragraph>
	1446	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	1447	</test>
	1448
	1449	<test id="http-dd-wrt-remote-command-execution" status="vulnerable-exploited">
	1450
	1451	<Paragraph>
	1452	<Paragraph>Sleep command executed (Round-trip times: 10428ms, 92ms, 10100ms, 364ms)</Paragraph></Paragraph>
	1453	</test>
	1454
	1455	<test id="http-frontpage-unprotected" key="/_vti_bin/_vti_aut/author.dll" status="not-vulnerable">
	1456
	1457	<Paragraph>
	1458	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1459	<Paragraph>
	1460	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	1461	</test>
	1462
	1463	<test id="http-php-xmlrpc-code-injection" key="/xmlrpc.php" status="not-vulnerable">
	1464
	1465	<Paragraph>
	1466	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1467	<Paragraph>
	1468	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	1469	</test>
	1470
	1471	<test id="adobe-apsb13-03-cve-2013-0625" status="skipped-version">
	1472
	1473	<Paragraph>
	1474	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1475	<Paragraph>Based on the result of the "APSB13-03: Security updates available for Adobe ColdFusion (CVE-2013-0629)" test, this node is not vulnerable to this issue.</Paragraph></Paragraph>
	1476	</test>
	1477
	1478	<test id="http-basic-auth-cleartext" key="/cgi-bin/Management.asp" status="vulnerable-exploited">
	1479
	1480	<Paragraph>
	1481	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1482	<Paragraph>
	1483	<ContainerBlockElement>
	1484	<Paragraph>HTTP request to
	1485	<URLLink LinkURL="http://192.168.1.18/cgi-bin/Management.asp" LinkTitle="http://192.168.1.18/cgi-bin/Management.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	1486	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1487	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1488	</test>
	1489
	1490	<test id="http-basic-auth-cleartext" key="/" status="not-vulnerable">
	1491
	1492	<Paragraph>
	1493	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1494	<Paragraph>
	1495	<ContainerBlockElement>
	1496	<ContainerBlockElement>
	1497	<Paragraph>HTTP GET request to
	1498	<URLLink LinkURL="http://192.168.1.18/" LinkTitle="http://192.168.1.18/"></URLLink></Paragraph>HTTP response code was 200 but expected 401</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	1499	</test>
	1500
	1501	<test id="http-basic-auth-cleartext" key="/cgi-bin/images/apply.cgi" status="vulnerable-exploited">
	1502
	1503	<Paragraph>
	1504	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1505	<Paragraph>
	1506	<ContainerBlockElement>
	1507	<Paragraph>HTTP request to
	1508	<URLLink LinkURL="http://192.168.1.18/cgi-bin/images/apply.cgi" LinkTitle="http://192.168.1.18/cgi-bin/images/apply.cgi"></URLLink></Paragraph>HTTP response code was an expected 401
	1509	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1510	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1511	</test>
	1512
	1513	<test id="http-basic-auth-cleartext" key="/cgi-bin/images/index.asp" status="vulnerable-exploited">
	1514
	1515	<Paragraph>
	1516	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1517	<Paragraph>
	1518	<ContainerBlockElement>
	1519	<Paragraph>HTTP request to
	1520	<URLLink LinkURL="http://192.168.1.18/cgi-bin/images/index.asp" LinkTitle="http://192.168.1.18/cgi-bin/images/index.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	1521	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1522	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1523	</test>
	1524
	1525	<test id="http-basic-auth-cleartext" key="/cgi-bin/images/Info.live.htm" status="vulnerable-exploited">
	1526
	1527	<Paragraph>
	1528	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1529	<Paragraph>
	1530	<ContainerBlockElement>
	1531	<Paragraph>HTTP request to
	1532	<URLLink LinkURL="http://192.168.1.18/cgi-bin/images/Info.live.htm" LinkTitle="http://192.168.1.18/cgi-bin/images/Info.live.htm"></URLLink></Paragraph>HTTP response code was an expected 401
	1533	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1534	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1535	</test>
	1536
	1537	<test id="http-basic-auth-cleartext" key="/cgi-bin/images/style/elegant/style.css" status="vulnerable-exploited">
	1538
	1539	<Paragraph>
	1540	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1541	<Paragraph>
	1542	<ContainerBlockElement>
	1543	<Paragraph>HTTP request to
	1544	<URLLink LinkURL="http://192.168.1.18/cgi-bin/images/style/elegant/style.css" LinkTitle="http://192.168.1.18/cgi-bin/images/style/elegant/style.css"></URLLink></Paragraph>HTTP response code was an expected 401
	1545	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1546	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1547	</test>
	1548
	1549	<test id="http-basic-auth-cleartext" key="/cgi-bin/index.asp/<script>xss</script>" status="vulnerable-exploited">
	1550
	1551	<Paragraph>
	1552	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1553	<Paragraph>
	1554	<ContainerBlockElement>
	1555	<Paragraph>HTTP request to
	1556	<URLLink LinkURL="http://192.168.1.18/cgi-bin/index.asp/<script>xss</script>" LinkTitle="http://192.168.1.18/cgi-bin/index.asp/<script>xss</script>"></URLLink></Paragraph>HTTP response code was an expected 401
	1557	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1558	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1559	</test>
	1560
	1561	<test id="http-basic-auth-cleartext" key="/cgi-bin/index.bak" status="vulnerable-exploited">
	1562
	1563	<Paragraph>
	1564	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1565	<Paragraph>
	1566	<ContainerBlockElement>
	1567	<Paragraph>HTTP request to
	1568	<URLLink LinkURL="http://192.168.1.18/cgi-bin/index.bak" LinkTitle="http://192.168.1.18/cgi-bin/index.bak"></URLLink></Paragraph>HTTP response code was an expected 401
	1569	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1570	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1571	</test>
	1572
	1573	<test id="http-basic-auth-cleartext" key="/cgi-bin/index.chtml" status="vulnerable-exploited">
	1574
	1575	<Paragraph>
	1576	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1577	<Paragraph>
	1578	<ContainerBlockElement>
	1579	<Paragraph>HTTP request to
	1580	<URLLink LinkURL="http://192.168.1.18/cgi-bin/index.chtml" LinkTitle="http://192.168.1.18/cgi-bin/index.chtml"></URLLink></Paragraph>HTTP response code was an expected 401
	1581	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1582	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1583	</test>
	1584
	1585	<test id="http-basic-auth-cleartext" key="/cgi-bin/index.htm" status="vulnerable-exploited">
	1586
	1587	<Paragraph>
	1588	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1589	<Paragraph>
	1590	<ContainerBlockElement>
	1591	<Paragraph>HTTP request to
	1592	<URLLink LinkURL="http://192.168.1.18/cgi-bin/index.htm" LinkTitle="http://192.168.1.18/cgi-bin/index.htm"></URLLink></Paragraph>HTTP response code was an expected 401
	1593	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1594	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1595	</test>
	1596
	1597	<test id="http-basic-auth-cleartext" key="/cgi-bin/index.html" status="vulnerable-exploited">
	1598
	1599	<Paragraph>
	1600	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1601	<Paragraph>
	1602	<ContainerBlockElement>
	1603	<Paragraph>HTTP request to
	1604	<URLLink LinkURL="http://192.168.1.18/cgi-bin/index.html" LinkTitle="http://192.168.1.18/cgi-bin/index.html"></URLLink></Paragraph>HTTP response code was an expected 401
	1605	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1606	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1607	</test>
	1608
	1609	<test id="http-basic-auth-cleartext" key="/cgi-bin/index.old" status="vulnerable-exploited">
	1610
	1611	<Paragraph>
	1612	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1613	<Paragraph>
	1614	<ContainerBlockElement>
	1615	<Paragraph>HTTP request to
	1616	<URLLink LinkURL="http://192.168.1.18/cgi-bin/index.old" LinkTitle="http://192.168.1.18/cgi-bin/index.old"></URLLink></Paragraph>HTTP response code was an expected 401
	1617	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1618	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1619	</test>
	1620
	1621	<test id="http-basic-auth-cleartext" key="/cgi-bin/index.swf" status="vulnerable-exploited">
	1622
	1623	<Paragraph>
	1624	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1625	<Paragraph>
	1626	<ContainerBlockElement>
	1627	<Paragraph>HTTP request to
	1628	<URLLink LinkURL="http://192.168.1.18/cgi-bin/index.swf" LinkTitle="http://192.168.1.18/cgi-bin/index.swf"></URLLink></Paragraph>HTTP response code was an expected 401
	1629	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1630	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1631	</test>
	1632
	1633	<test id="http-basic-auth-cleartext" key="/cgi-bin/[email protected]" status="vulnerable-exploited">
	1634
	1635	<Paragraph>
	1636	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1637	<Paragraph>
	1638	<ContainerBlockElement>
	1639	<Paragraph>HTTP request to
	1640	<URLLink LinkURL="http://192.168.1.18/cgi-bin/[email protected]" LinkTitle="http://192.168.1.18/cgi-bin/[email protected]"></URLLink></Paragraph>HTTP response code was an expected 401
	1641	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1642	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1643	</test>
	1644
	1645	<test id="http-basic-auth-cleartext" key="/cgi-bin/readme.txt" status="vulnerable-exploited">
	1646
	1647	<Paragraph>
	1648	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1649	<Paragraph>
	1650	<ContainerBlockElement>
	1651	<Paragraph>HTTP request to
	1652	<URLLink LinkURL="http://192.168.1.18/cgi-bin/readme.txt" LinkTitle="http://192.168.1.18/cgi-bin/readme.txt"></URLLink></Paragraph>HTTP response code was an expected 401
	1653	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1654	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1655	</test>
	1656
	1657	<test id="http-basic-auth-cleartext" key="/cgi-bin/style/elegant/style.css" status="vulnerable-exploited">
	1658
	1659	<Paragraph>
	1660	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1661	<Paragraph>
	1662	<ContainerBlockElement>
	1663	<Paragraph>HTTP request to
	1664	<URLLink LinkURL="http://192.168.1.18/cgi-bin/style/elegant/style.css" LinkTitle="http://192.168.1.18/cgi-bin/style/elegant/style.css"></URLLink></Paragraph>HTTP response code was an expected 401
	1665	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1666	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1667	</test>
	1668
	1669	<test id="http-basic-auth-cleartext" key="/cgi-bin/lang_pack/common.js" status="vulnerable-exploited">
	1670
	1671	<Paragraph>
	1672	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1673	<Paragraph>
	1674	<ContainerBlockElement>
	1675	<Paragraph>HTTP request to
	1676	<URLLink LinkURL="http://192.168.1.18/cgi-bin/lang_pack/common.js" LinkTitle="http://192.168.1.18/cgi-bin/lang_pack/common.js"></URLLink></Paragraph>HTTP response code was an expected 401
	1677	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1678	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1679	</test>
	1680
	1681	<test id="http-basic-auth-cleartext" key="/cgi-bin/lang_pack/lang_pack/english.js" status="vulnerable-exploited">
	1682
	1683	<Paragraph>
	1684	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1685	<Paragraph>
	1686	<ContainerBlockElement>
	1687	<Paragraph>HTTP request to
	1688	<URLLink LinkURL="http://192.168.1.18/cgi-bin/lang_pack/lang_pack/english.js" LinkTitle="http://192.168.1.18/cgi-bin/lang_pack/lang_pack/english.js"></URLLink></Paragraph>HTTP response code was an expected 401
	1689	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1690	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1691	</test>
	1692
	1693	<test id="http-basic-auth-cleartext" key="/cgi-bin/lang_pack/Filters.asp" status="vulnerable-exploited">
	1694
	1695	<Paragraph>
	1696	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1697	<Paragraph>
	1698	<ContainerBlockElement>
	1699	<Paragraph>HTTP request to
	1700	<URLLink LinkURL="http://192.168.1.18/cgi-bin/lang_pack/Filters.asp" LinkTitle="http://192.168.1.18/cgi-bin/lang_pack/Filters.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	1701	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1702	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1703	</test>
	1704
	1705	<test id="http-basic-auth-cleartext" key="/cgi-bin/lang_pack/Firewall.asp" status="vulnerable-exploited">
	1706
	1707	<Paragraph>
	1708	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1709	<Paragraph>
	1710	<ContainerBlockElement>
	1711	<Paragraph>HTTP request to
	1712	<URLLink LinkURL="http://192.168.1.18/cgi-bin/lang_pack/Firewall.asp" LinkTitle="http://192.168.1.18/cgi-bin/lang_pack/Firewall.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	1713	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1714	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1715	</test>
	1716
	1717	<test id="http-basic-auth-cleartext" key="/cgi-bin/lang_pack/ForwardSpec.asp" status="vulnerable-exploited">
	1718
	1719	<Paragraph>
	1720	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1721	<Paragraph>
	1722	<ContainerBlockElement>
	1723	<Paragraph>HTTP request to
	1724	<URLLink LinkURL="http://192.168.1.18/cgi-bin/lang_pack/ForwardSpec.asp" LinkTitle="http://192.168.1.18/cgi-bin/lang_pack/ForwardSpec.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	1725	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1726	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1727	</test>
	1728
	1729	<test id="http-basic-auth-cleartext" key="/cgi-bin/style/elegant/common.js" status="vulnerable-exploited">
	1730
	1731	<Paragraph>
	1732	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1733	<Paragraph>
	1734	<ContainerBlockElement>
	1735	<Paragraph>HTTP request to
	1736	<URLLink LinkURL="http://192.168.1.18/cgi-bin/style/elegant/common.js" LinkTitle="http://192.168.1.18/cgi-bin/style/elegant/common.js"></URLLink></Paragraph>HTTP response code was an expected 401
	1737	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1738	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1739	</test>
	1740
	1741	<test id="http-basic-auth-cleartext" key="/cgi-bin/style/elegant/lang_pack/english.js" status="vulnerable-exploited">
	1742
	1743	<Paragraph>
	1744	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1745	<Paragraph>
	1746	<ContainerBlockElement>
	1747	<Paragraph>HTTP request to
	1748	<URLLink LinkURL="http://192.168.1.18/cgi-bin/style/elegant/lang_pack/english.js" LinkTitle="http://192.168.1.18/cgi-bin/style/elegant/lang_pack/english.js"></URLLink></Paragraph>HTTP response code was an expected 401
	1749	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1750	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1751	</test>
	1752
	1753	<test id="http-basic-auth-cleartext" key="/cgi-bin/lang_pack/Management.asp" status="vulnerable-exploited">
	1754
	1755	<Paragraph>
	1756	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1757	<Paragraph>
	1758	<ContainerBlockElement>
	1759	<Paragraph>HTTP request to
	1760	<URLLink LinkURL="http://192.168.1.18/cgi-bin/lang_pack/Management.asp" LinkTitle="http://192.168.1.18/cgi-bin/lang_pack/Management.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	1761	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1762	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1763	</test>
	1764
	1765	<test id="http-basic-auth-cleartext" key="/cgi-bin/lang_pack/Services.asp" status="vulnerable-exploited">
	1766
	1767	<Paragraph>
	1768	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1769	<Paragraph>
	1770	<ContainerBlockElement>
	1771	<Paragraph>HTTP request to
	1772	<URLLink LinkURL="http://192.168.1.18/cgi-bin/lang_pack/Services.asp" LinkTitle="http://192.168.1.18/cgi-bin/lang_pack/Services.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	1773	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1774	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1775	</test>
	1776
	1777	<test id="http-basic-auth-cleartext" key="/cgi-bin/lang_pack/Status_Router.asp" status="vulnerable-exploited">
	1778
	1779	<Paragraph>
	1780	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1781	<Paragraph>
	1782	<ContainerBlockElement>
	1783	<Paragraph>HTTP request to
	1784	<URLLink LinkURL="http://192.168.1.18/cgi-bin/lang_pack/Status_Router.asp" LinkTitle="http://192.168.1.18/cgi-bin/lang_pack/Status_Router.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	1785	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1786	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1787	</test>
	1788
	1789	<test id="http-basic-auth-cleartext" key="/cgi-bin/lang_pack/Wireless_Basic.asp" status="vulnerable-exploited">
	1790
	1791	<Paragraph>
	1792	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1793	<Paragraph>
	1794	<ContainerBlockElement>
	1795	<Paragraph>HTTP request to
	1796	<URLLink LinkURL="http://192.168.1.18/cgi-bin/lang_pack/Wireless_Basic.asp" LinkTitle="http://192.168.1.18/cgi-bin/lang_pack/Wireless_Basic.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	1797	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1798	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1799	</test>
	1800
	1801	<test id="http-basic-auth-cleartext" key="/cgi-bin/lang_pack/index.asp" status="vulnerable-exploited">
	1802
	1803	<Paragraph>
	1804	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1805	<Paragraph>
	1806	<ContainerBlockElement>
	1807	<Paragraph>HTTP request to
	1808	<URLLink LinkURL="http://192.168.1.18/cgi-bin/lang_pack/index.asp" LinkTitle="http://192.168.1.18/cgi-bin/lang_pack/index.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	1809	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1810	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1811	</test>
	1812
	1813	<test id="http-basic-auth-cleartext" key="/cgi-bin/style/elegant/Filters.asp" status="vulnerable-exploited">
	1814
	1815	<Paragraph>
	1816	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1817	<Paragraph>
	1818	<ContainerBlockElement>
	1819	<Paragraph>HTTP request to
	1820	<URLLink LinkURL="http://192.168.1.18/cgi-bin/style/elegant/Filters.asp" LinkTitle="http://192.168.1.18/cgi-bin/style/elegant/Filters.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	1821	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1822	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1823	</test>
	1824
	1825	<test id="http-basic-auth-cleartext" key="/cgi-bin/style/elegant/Firewall.asp" status="vulnerable-exploited">
	1826
	1827	<Paragraph>
	1828	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1829	<Paragraph>
	1830	<ContainerBlockElement>
	1831	<Paragraph>HTTP request to
	1832	<URLLink LinkURL="http://192.168.1.18/cgi-bin/style/elegant/Firewall.asp" LinkTitle="http://192.168.1.18/cgi-bin/style/elegant/Firewall.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	1833	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1834	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1835	</test>
	1836
	1837	<test id="http-basic-auth-cleartext" key="/cgi-bin/style/elegant/ForwardSpec.asp" status="vulnerable-exploited">
	1838
	1839	<Paragraph>
	1840	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1841	<Paragraph>
	1842	<ContainerBlockElement>
	1843	<Paragraph>HTTP request to
	1844	<URLLink LinkURL="http://192.168.1.18/cgi-bin/style/elegant/ForwardSpec.asp" LinkTitle="http://192.168.1.18/cgi-bin/style/elegant/ForwardSpec.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	1845	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1846	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1847	</test>
	1848
	1849	<test id="http-basic-auth-cleartext" key="/cgi-bin/style/elegant/Management.asp" status="vulnerable-exploited">
	1850
	1851	<Paragraph>
	1852	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1853	<Paragraph>
	1854	<ContainerBlockElement>
	1855	<Paragraph>HTTP request to
	1856	<URLLink LinkURL="http://192.168.1.18/cgi-bin/style/elegant/Management.asp" LinkTitle="http://192.168.1.18/cgi-bin/style/elegant/Management.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	1857	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1858	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1859	</test>
	1860
	1861	<test id="http-basic-auth-cleartext" key="/cgi-bin/style/elegant/Services.asp" status="vulnerable-exploited">
	1862
	1863	<Paragraph>
	1864	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1865	<Paragraph>
	1866	<ContainerBlockElement>
	1867	<Paragraph>HTTP request to
	1868	<URLLink LinkURL="http://192.168.1.18/cgi-bin/style/elegant/Services.asp" LinkTitle="http://192.168.1.18/cgi-bin/style/elegant/Services.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	1869	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1870	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1871	</test>
	1872
	1873	<test id="http-basic-auth-cleartext" key="/cgi-bin/style/elegant/Status_Router.asp" status="vulnerable-exploited">
	1874
	1875	<Paragraph>
	1876	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1877	<Paragraph>
	1878	<ContainerBlockElement>
	1879	<Paragraph>HTTP request to
	1880	<URLLink LinkURL="http://192.168.1.18/cgi-bin/style/elegant/Status_Router.asp" LinkTitle="http://192.168.1.18/cgi-bin/style/elegant/Status_Router.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	1881	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1882	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1883	</test>
	1884
	1885	<test id="http-basic-auth-cleartext" key="/cgi-bin/style/elegant/Wireless_Basic.asp" status="vulnerable-exploited">
	1886
	1887	<Paragraph>
	1888	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1889	<Paragraph>
	1890	<ContainerBlockElement>
	1891	<Paragraph>HTTP request to
	1892	<URLLink LinkURL="http://192.168.1.18/cgi-bin/style/elegant/Wireless_Basic.asp" LinkTitle="http://192.168.1.18/cgi-bin/style/elegant/Wireless_Basic.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	1893	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1894	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1895	</test>
	1896
	1897	<test id="http-basic-auth-cleartext" key="/cgi-bin/style/elegant/index.asp" status="vulnerable-exploited">
	1898
	1899	<Paragraph>
	1900	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1901	<Paragraph>
	1902	<ContainerBlockElement>
	1903	<Paragraph>HTTP request to
	1904	<URLLink LinkURL="http://192.168.1.18/cgi-bin/style/elegant/index.asp" LinkTitle="http://192.168.1.18/cgi-bin/style/elegant/index.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	1905	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1906	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1907	</test>
	1908
	1909	<test id="http-basic-auth-cleartext" key="/cgi-bin/lang_pack/apply.cgi" status="vulnerable-exploited">
	1910
	1911	<Paragraph>
	1912	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1913	<Paragraph>
	1914	<ContainerBlockElement>
	1915	<Paragraph>HTTP request to
	1916	<URLLink LinkURL="http://192.168.1.18/cgi-bin/lang_pack/apply.cgi" LinkTitle="http://192.168.1.18/cgi-bin/lang_pack/apply.cgi"></URLLink></Paragraph>HTTP response code was an expected 401
	1917	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1918	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1919	</test>
	1920
	1921	<test id="http-basic-auth-cleartext" key="/cgi-bin/style/elegant/apply.cgi" status="vulnerable-exploited">
	1922
	1923	<Paragraph>
	1924	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1925	<Paragraph>
	1926	<ContainerBlockElement>
	1927	<Paragraph>HTTP request to
	1928	<URLLink LinkURL="http://192.168.1.18/cgi-bin/style/elegant/apply.cgi" LinkTitle="http://192.168.1.18/cgi-bin/style/elegant/apply.cgi"></URLLink></Paragraph>HTTP response code was an expected 401
	1929	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1930	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1931	</test>
	1932
	1933	<test id="http-basic-auth-cleartext" key="/cgi-bin/lang_pack/Info.live.htm" status="vulnerable-exploited">
	1934
	1935	<Paragraph>
	1936	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1937	<Paragraph>
	1938	<ContainerBlockElement>
	1939	<Paragraph>HTTP request to
	1940	<URLLink LinkURL="http://192.168.1.18/cgi-bin/lang_pack/Info.live.htm" LinkTitle="http://192.168.1.18/cgi-bin/lang_pack/Info.live.htm"></URLLink></Paragraph>HTTP response code was an expected 401
	1941	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1942	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1943	</test>
	1944
	1945	<test id="http-basic-auth-cleartext" key="/cgi-bin/lang_pack/style/elegant/style.css" status="vulnerable-exploited">
	1946
	1947	<Paragraph>
	1948	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1949	<Paragraph>
	1950	<ContainerBlockElement>
	1951	<Paragraph>HTTP request to
	1952	<URLLink LinkURL="http://192.168.1.18/cgi-bin/lang_pack/style/elegant/style.css" LinkTitle="http://192.168.1.18/cgi-bin/lang_pack/style/elegant/style.css"></URLLink></Paragraph>HTTP response code was an expected 401
	1953	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1954	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1955	</test>
	1956
	1957	<test id="http-basic-auth-cleartext" key="/cgi-bin/style/elegant/Info.live.htm" status="vulnerable-exploited">
	1958
	1959	<Paragraph>
	1960	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1961	<Paragraph>
	1962	<ContainerBlockElement>
	1963	<Paragraph>HTTP request to
	1964	<URLLink LinkURL="http://192.168.1.18/cgi-bin/style/elegant/Info.live.htm" LinkTitle="http://192.168.1.18/cgi-bin/style/elegant/Info.live.htm"></URLLink></Paragraph>HTTP response code was an expected 401
	1965	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1966	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1967	</test>
	1968
	1969	<test id="http-basic-auth-cleartext" key="/cgi-bin/style/elegant/style/elegant/style.css" status="vulnerable-exploited">
	1970
	1971	<Paragraph>
	1972	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1973	<Paragraph>
	1974	<ContainerBlockElement>
	1975	<Paragraph>HTTP request to
	1976	<URLLink LinkURL="http://192.168.1.18/cgi-bin/style/elegant/style/elegant/style.css" LinkTitle="http://192.168.1.18/cgi-bin/style/elegant/style/elegant/style.css"></URLLink></Paragraph>HTTP response code was an expected 401
	1977	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1978	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1979	</test>
	1980
	1981	<test id="http-basic-auth-cleartext" key="/cgi-bin/style/elegant/style_ie.css" status="vulnerable-exploited">
	1982
	1983	<Paragraph>
	1984	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1985	<Paragraph>
	1986	<ContainerBlockElement>
	1987	<Paragraph>HTTP request to
	1988	<URLLink LinkURL="http://192.168.1.18/cgi-bin/style/elegant/style_ie.css" LinkTitle="http://192.168.1.18/cgi-bin/style/elegant/style_ie.css"></URLLink></Paragraph>HTTP response code was an expected 401
	1989	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	1990	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	1991	</test>
	1992
	1993	<test id="http-basic-auth-cleartext" key="/cgi-bin/web.config" status="vulnerable-exploited">
	1994
	1995	<Paragraph>
	1996	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	1997	<Paragraph>
	1998	<ContainerBlockElement>
	1999	<Paragraph>HTTP request to
	2000	<URLLink LinkURL="http://192.168.1.18/cgi-bin/web.config" LinkTitle="http://192.168.1.18/cgi-bin/web.config"></URLLink></Paragraph>HTTP response code was an expected 401
	2001	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2002	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2003	</test>
	2004
	2005	<test id="http-basic-auth-cleartext" key="/exchange/default.asp" status="vulnerable-exploited">
	2006
	2007	<Paragraph>
	2008	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2009	<Paragraph>
	2010	<ContainerBlockElement>
	2011	<Paragraph>HTTP request to
	2012	<URLLink LinkURL="http://192.168.1.18/exchange/default.asp" LinkTitle="http://192.168.1.18/exchange/default.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2013	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2014	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2015	</test>
	2016
	2017	<test id="http-basic-auth-cleartext" key="/exchange/logon.asp" status="vulnerable-exploited">
	2018
	2019	<Paragraph>
	2020	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2021	<Paragraph>
	2022	<ContainerBlockElement>
	2023	<Paragraph>HTTP request to
	2024	<URLLink LinkURL="http://192.168.1.18/exchange/logon.asp" LinkTitle="http://192.168.1.18/exchange/logon.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2025	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2026	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2027	</test>
	2028
	2029	<test id="http-basic-auth-cleartext" key="/exchweb/bin/auth/owalogon.asp" status="vulnerable-exploited">
	2030
	2031	<Paragraph>
	2032	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2033	<Paragraph>
	2034	<ContainerBlockElement>
	2035	<Paragraph>HTTP request to
	2036	<URLLink LinkURL="http://192.168.1.18/exchweb/bin/auth/owalogon.asp" LinkTitle="http://192.168.1.18/exchweb/bin/auth/owalogon.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2037	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2038	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2039	</test>
	2040
	2041	<test id="http-basic-auth-cleartext" key="/iisstart.asp" status="vulnerable-exploited">
	2042
	2043	<Paragraph>
	2044	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2045	<Paragraph>
	2046	<ContainerBlockElement>
	2047	<Paragraph>HTTP request to
	2048	<URLLink LinkURL="http://192.168.1.18/iisstart.asp" LinkTitle="http://192.168.1.18/iisstart.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2049	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2050	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2051	</test>
	2052
	2053	<test id="http-basic-auth-cleartext" key="/localstart.asp" status="vulnerable-exploited">
	2054
	2055	<Paragraph>
	2056	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2057	<Paragraph>
	2058	<ContainerBlockElement>
	2059	<Paragraph>HTTP request to
	2060	<URLLink LinkURL="http://192.168.1.18/localstart.asp" LinkTitle="http://192.168.1.18/localstart.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2061	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2062	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2063	</test>
	2064
	2065	<test id="http-basic-auth-cleartext" key="/login.asp" status="vulnerable-exploited">
	2066
	2067	<Paragraph>
	2068	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2069	<Paragraph>
	2070	<ContainerBlockElement>
	2071	<Paragraph>HTTP request to
	2072	<URLLink LinkURL="http://192.168.1.18/login.asp" LinkTitle="http://192.168.1.18/login.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2073	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2074	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2075	</test>
	2076
	2077	<test id="http-basic-auth-cleartext" key="/test.asp" status="vulnerable-exploited">
	2078
	2079	<Paragraph>
	2080	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2081	<Paragraph>
	2082	<ContainerBlockElement>
	2083	<Paragraph>HTTP request to
	2084	<URLLink LinkURL="http://192.168.1.18/test.asp" LinkTitle="http://192.168.1.18/test.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2085	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2086	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2087	</test>
	2088
	2089	<test id="http-basic-auth-cleartext" key="/.cobalt/default.asp" status="vulnerable-exploited">
	2090
	2091	<Paragraph>
	2092	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2093	<Paragraph>
	2094	<ContainerBlockElement>
	2095	<Paragraph>HTTP request to
	2096	<URLLink LinkURL="http://192.168.1.18/.cobalt/default.asp" LinkTitle="http://192.168.1.18/.cobalt/default.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2097	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2098	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2099	</test>
	2100
	2101	<test id="http-basic-auth-cleartext" key="/.cobalt/index.asp" status="vulnerable-exploited">
	2102
	2103	<Paragraph>
	2104	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2105	<Paragraph>
	2106	<ContainerBlockElement>
	2107	<Paragraph>HTTP request to
	2108	<URLLink LinkURL="http://192.168.1.18/.cobalt/index.asp" LinkTitle="http://192.168.1.18/.cobalt/index.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2109	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2110	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2111	</test>
	2112
	2113	<test id="http-basic-auth-cleartext" key="/<script>xss</script>.asp" status="vulnerable-exploited">
	2114
	2115	<Paragraph>
	2116	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2117	<Paragraph>
	2118	<ContainerBlockElement>
	2119	<Paragraph>HTTP request to
	2120	<URLLink LinkURL="http://192.168.1.18/<script>xss</script>.asp" LinkTitle="http://192.168.1.18/<script>xss</script>.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2121	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2122	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2123	</test>
	2124
	2125	<test id="http-basic-auth-cleartext" key="/AdminScripts/Filters.asp" status="vulnerable-exploited">
	2126
	2127	<Paragraph>
	2128	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2129	<Paragraph>
	2130	<ContainerBlockElement>
	2131	<Paragraph>HTTP request to
	2132	<URLLink LinkURL="http://192.168.1.18/AdminScripts/Filters.asp" LinkTitle="http://192.168.1.18/AdminScripts/Filters.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2133	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2134	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2135	</test>
	2136
	2137	<test id="http-basic-auth-cleartext" key="/AdminScripts/Firewall.asp" status="vulnerable-exploited">
	2138
	2139	<Paragraph>
	2140	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2141	<Paragraph>
	2142	<ContainerBlockElement>
	2143	<Paragraph>HTTP request to
	2144	<URLLink LinkURL="http://192.168.1.18/AdminScripts/Firewall.asp" LinkTitle="http://192.168.1.18/AdminScripts/Firewall.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2145	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2146	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2147	</test>
	2148
	2149	<test id="http-basic-auth-cleartext" key="/AdminScripts/ForwardSpec.asp" status="vulnerable-exploited">
	2150
	2151	<Paragraph>
	2152	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2153	<Paragraph>
	2154	<ContainerBlockElement>
	2155	<Paragraph>HTTP request to
	2156	<URLLink LinkURL="http://192.168.1.18/AdminScripts/ForwardSpec.asp" LinkTitle="http://192.168.1.18/AdminScripts/ForwardSpec.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2157	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2158	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2159	</test>
	2160
	2161	<test id="http-basic-auth-cleartext" key="/AdminScripts/Management.asp" status="vulnerable-exploited">
	2162
	2163	<Paragraph>
	2164	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2165	<Paragraph>
	2166	<ContainerBlockElement>
	2167	<Paragraph>HTTP request to
	2168	<URLLink LinkURL="http://192.168.1.18/AdminScripts/Management.asp" LinkTitle="http://192.168.1.18/AdminScripts/Management.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2169	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2170	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2171	</test>
	2172
	2173	<test id="http-basic-auth-cleartext" key="/AdminScripts/Services.asp" status="vulnerable-exploited">
	2174
	2175	<Paragraph>
	2176	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2177	<Paragraph>
	2178	<ContainerBlockElement>
	2179	<Paragraph>HTTP request to
	2180	<URLLink LinkURL="http://192.168.1.18/AdminScripts/Services.asp" LinkTitle="http://192.168.1.18/AdminScripts/Services.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2181	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2182	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2183	</test>
	2184
	2185	<test id="http-basic-auth-cleartext" key="/AdminScripts/Status_Router.asp" status="vulnerable-exploited">
	2186
	2187	<Paragraph>
	2188	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2189	<Paragraph>
	2190	<ContainerBlockElement>
	2191	<Paragraph>HTTP request to
	2192	<URLLink LinkURL="http://192.168.1.18/AdminScripts/Status_Router.asp" LinkTitle="http://192.168.1.18/AdminScripts/Status_Router.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2193	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2194	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2195	</test>
	2196
	2197	<test id="http-basic-auth-cleartext" key="/AdminScripts/Wireless_Basic.asp" status="vulnerable-exploited">
	2198
	2199	<Paragraph>
	2200	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2201	<Paragraph>
	2202	<ContainerBlockElement>
	2203	<Paragraph>HTTP request to
	2204	<URLLink LinkURL="http://192.168.1.18/AdminScripts/Wireless_Basic.asp" LinkTitle="http://192.168.1.18/AdminScripts/Wireless_Basic.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2205	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2206	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2207	</test>
	2208
	2209	<test id="http-basic-auth-cleartext" key="/AdminScripts/default.asp" status="vulnerable-exploited">
	2210
	2211	<Paragraph>
	2212	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2213	<Paragraph>
	2214	<ContainerBlockElement>
	2215	<Paragraph>HTTP request to
	2216	<URLLink LinkURL="http://192.168.1.18/AdminScripts/default.asp" LinkTitle="http://192.168.1.18/AdminScripts/default.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2217	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2218	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2219	</test>
	2220
	2221	<test id="http-basic-auth-cleartext" key="/AdminScripts/index.asp" status="vulnerable-exploited">
	2222
	2223	<Paragraph>
	2224	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2225	<Paragraph>
	2226	<ContainerBlockElement>
	2227	<Paragraph>HTTP request to
	2228	<URLLink LinkURL="http://192.168.1.18/AdminScripts/index.asp" LinkTitle="http://192.168.1.18/AdminScripts/index.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2229	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2230	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2231	</test>
	2232
	2233	<test id="http-basic-auth-cleartext" key="/Filters.asp" status="vulnerable-exploited">
	2234
	2235	<Paragraph>
	2236	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2237	<Paragraph>
	2238	<ContainerBlockElement>
	2239	<Paragraph>HTTP request to
	2240	<URLLink LinkURL="http://192.168.1.18/Filters.asp" LinkTitle="http://192.168.1.18/Filters.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2241	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2242	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2243	</test>
	2244
	2245	<test id="http-basic-auth-cleartext" key="/Firewall.asp" status="vulnerable-exploited">
	2246
	2247	<Paragraph>
	2248	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2249	<Paragraph>
	2250	<ContainerBlockElement>
	2251	<Paragraph>HTTP request to
	2252	<URLLink LinkURL="http://192.168.1.18/Firewall.asp" LinkTitle="http://192.168.1.18/Firewall.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2253	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2254	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2255	</test>
	2256
	2257	<test id="http-basic-auth-cleartext" key="/ForwardSpec.asp" status="vulnerable-exploited">
	2258
	2259	<Paragraph>
	2260	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2261	<Paragraph>
	2262	<ContainerBlockElement>
	2263	<Paragraph>HTTP request to
	2264	<URLLink LinkURL="http://192.168.1.18/ForwardSpec.asp" LinkTitle="http://192.168.1.18/ForwardSpec.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2265	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2266	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2267	</test>
	2268
	2269	<test id="http-basic-auth-cleartext" key="/Management.asp" status="vulnerable-exploited">
	2270
	2271	<Paragraph>
	2272	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2273	<Paragraph>
	2274	<ContainerBlockElement>
	2275	<Paragraph>HTTP request to
	2276	<URLLink LinkURL="http://192.168.1.18/Management.asp" LinkTitle="http://192.168.1.18/Management.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2277	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2278	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2279	</test>
	2280
	2281	<test id="http-basic-auth-cleartext" key="/Services.asp" status="vulnerable-exploited">
	2282
	2283	<Paragraph>
	2284	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2285	<Paragraph>
	2286	<ContainerBlockElement>
	2287	<Paragraph>HTTP request to
	2288	<URLLink LinkURL="http://192.168.1.18/Services.asp" LinkTitle="http://192.168.1.18/Services.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2289	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2290	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2291	</test>
	2292
	2293	<test id="http-basic-auth-cleartext" key="/Status_Router.asp" status="vulnerable-exploited">
	2294
	2295	<Paragraph>
	2296	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2297	<Paragraph>
	2298	<ContainerBlockElement>
	2299	<Paragraph>HTTP request to
	2300	<URLLink LinkURL="http://192.168.1.18/Status_Router.asp" LinkTitle="http://192.168.1.18/Status_Router.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2301	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2302	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2303	</test>
	2304
	2305	<test id="http-basic-auth-cleartext" key="/Statusinfo.live.asp" status="vulnerable-exploited">
	2306
	2307	<Paragraph>
	2308	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2309	<Paragraph>
	2310	<ContainerBlockElement>
	2311	<Paragraph>HTTP request to
	2312	<URLLink LinkURL="http://192.168.1.18/Statusinfo.live.asp" LinkTitle="http://192.168.1.18/Statusinfo.live.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2313	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2314	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2315	</test>
	2316
	2317	<test id="http-basic-auth-cleartext" key="/Wireless_Basic.asp" status="vulnerable-exploited">
	2318
	2319	<Paragraph>
	2320	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2321	<Paragraph>
	2322	<ContainerBlockElement>
	2323	<Paragraph>HTTP request to
	2324	<URLLink LinkURL="http://192.168.1.18/Wireless_Basic.asp" LinkTitle="http://192.168.1.18/Wireless_Basic.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2325	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2326	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2327	</test>
	2328
	2329	<test id="http-basic-auth-cleartext" key="/default.asp" status="vulnerable-exploited">
	2330
	2331	<Paragraph>
	2332	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2333	<Paragraph>
	2334	<ContainerBlockElement>
	2335	<Paragraph>HTTP request to
	2336	<URLLink LinkURL="http://192.168.1.18/default.asp" LinkTitle="http://192.168.1.18/default.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2337	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2338	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2339	</test>
	2340
	2341	<test id="http-basic-auth-cleartext" key="/index.asp" status="vulnerable-exploited">
	2342
	2343	<Paragraph>
	2344	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2345	<Paragraph>
	2346	<ContainerBlockElement>
	2347	<Paragraph>HTTP request to
	2348	<URLLink LinkURL="http://192.168.1.18/index.asp" LinkTitle="http://192.168.1.18/index.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2349	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2350	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2351	</test>
	2352
	2353	<test id="http-basic-auth-cleartext" key="/apply.cgi" status="vulnerable-exploited">
	2354
	2355	<Paragraph>
	2356	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2357	<Paragraph>
	2358	<ContainerBlockElement>
	2359	<Paragraph>HTTP request to
	2360	<URLLink LinkURL="http://192.168.1.18/apply.cgi" LinkTitle="http://192.168.1.18/apply.cgi"></URLLink></Paragraph>HTTP response code was an expected 401
	2361	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2362	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2363	</test>
	2364
	2365	<test id="http-basic-auth-cleartext" key="/cgi-bin/printenv" status="vulnerable-exploited">
	2366
	2367	<Paragraph>
	2368	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2369	<Paragraph>
	2370	<ContainerBlockElement>
	2371	<Paragraph>HTTP request to
	2372	<URLLink LinkURL="http://192.168.1.18/cgi-bin/printenv" LinkTitle="http://192.168.1.18/cgi-bin/printenv"></URLLink></Paragraph>HTTP response code was an expected 401
	2373	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2374	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2375	</test>
	2376
	2377	<test id="http-basic-auth-cleartext" key="/cgi-bin/test-cgi" status="vulnerable-exploited">
	2378
	2379	<Paragraph>
	2380	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2381	<Paragraph>
	2382	<ContainerBlockElement>
	2383	<Paragraph>HTTP request to
	2384	<URLLink LinkURL="http://192.168.1.18/cgi-bin/test-cgi" LinkTitle="http://192.168.1.18/cgi-bin/test-cgi"></URLLink></Paragraph>HTTP response code was an expected 401
	2385	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2386	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2387	</test>
	2388
	2389	<test id="http-basic-auth-cleartext" key="/cgi-bin/common.js" status="vulnerable-exploited">
	2390
	2391	<Paragraph>
	2392	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2393	<Paragraph>
	2394	<ContainerBlockElement>
	2395	<Paragraph>HTTP request to
	2396	<URLLink LinkURL="http://192.168.1.18/cgi-bin/common.js" LinkTitle="http://192.168.1.18/cgi-bin/common.js"></URLLink></Paragraph>HTTP response code was an expected 401
	2397	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2398	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2399	</test>
	2400
	2401	<test id="http-basic-auth-cleartext" key="/cgi-bin/lang_pack/english.js" status="vulnerable-exploited">
	2402
	2403	<Paragraph>
	2404	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2405	<Paragraph>
	2406	<ContainerBlockElement>
	2407	<Paragraph>HTTP request to
	2408	<URLLink LinkURL="http://192.168.1.18/cgi-bin/lang_pack/english.js" LinkTitle="http://192.168.1.18/cgi-bin/lang_pack/english.js"></URLLink></Paragraph>HTTP response code was an expected 401
	2409	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2410	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2411	</test>
	2412
	2413	<test id="http-basic-auth-cleartext" key="/cgi-bin/%3f.jsp" status="vulnerable-exploited">
	2414
	2415	<Paragraph>
	2416	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2417	<Paragraph>
	2418	<ContainerBlockElement>
	2419	<Paragraph>HTTP request to
	2420	<URLLink LinkURL="http://192.168.1.18/cgi-bin/%3f.jsp" LinkTitle="http://192.168.1.18/cgi-bin/%3f.jsp"></URLLink></Paragraph>HTTP response code was an expected 401
	2421	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2422	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2423	</test>
	2424
	2425	<test id="http-basic-auth-cleartext" key="/cgi-bin/default.jsp" status="vulnerable-exploited">
	2426
	2427	<Paragraph>
	2428	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2429	<Paragraph>
	2430	<ContainerBlockElement>
	2431	<Paragraph>HTTP request to
	2432	<URLLink LinkURL="http://192.168.1.18/cgi-bin/default.jsp" LinkTitle="http://192.168.1.18/cgi-bin/default.jsp"></URLLink></Paragraph>HTTP response code was an expected 401
	2433	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2434	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2435	</test>
	2436
	2437	<test id="http-basic-auth-cleartext" key="/cgi-bin/index.jsp" status="vulnerable-exploited">
	2438
	2439	<Paragraph>
	2440	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2441	<Paragraph>
	2442	<ContainerBlockElement>
	2443	<Paragraph>HTTP request to
	2444	<URLLink LinkURL="http://192.168.1.18/cgi-bin/index.jsp" LinkTitle="http://192.168.1.18/cgi-bin/index.jsp"></URLLink></Paragraph>HTTP response code was an expected 401
	2445	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2446	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2447	</test>
	2448
	2449	<test id="http-basic-auth-cleartext" key="/cgi-bin/Filters.asp" status="vulnerable-exploited">
	2450
	2451	<Paragraph>
	2452	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2453	<Paragraph>
	2454	<ContainerBlockElement>
	2455	<Paragraph>HTTP request to
	2456	<URLLink LinkURL="http://192.168.1.18/cgi-bin/Filters.asp" LinkTitle="http://192.168.1.18/cgi-bin/Filters.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2457	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2458	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2459	</test>
	2460
	2461	<test id="http-basic-auth-cleartext" key="/cgi-bin/Firewall.asp" status="vulnerable-exploited">
	2462
	2463	<Paragraph>
	2464	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2465	<Paragraph>
	2466	<ContainerBlockElement>
	2467	<Paragraph>HTTP request to
	2468	<URLLink LinkURL="http://192.168.1.18/cgi-bin/Firewall.asp" LinkTitle="http://192.168.1.18/cgi-bin/Firewall.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2469	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2470	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2471	</test>
	2472
	2473	<test id="http-basic-auth-cleartext" key="/cgi-bin/ForwardSpec.asp" status="vulnerable-exploited">
	2474
	2475	<Paragraph>
	2476	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2477	<Paragraph>
	2478	<ContainerBlockElement>
	2479	<Paragraph>HTTP request to
	2480	<URLLink LinkURL="http://192.168.1.18/cgi-bin/ForwardSpec.asp" LinkTitle="http://192.168.1.18/cgi-bin/ForwardSpec.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2481	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2482	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2483	</test>
	2484
	2485	<test id="http-basic-auth-cleartext" key="/cgi-bin/Services.asp" status="vulnerable-exploited">
	2486
	2487	<Paragraph>
	2488	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2489	<Paragraph>
	2490	<ContainerBlockElement>
	2491	<Paragraph>HTTP request to
	2492	<URLLink LinkURL="http://192.168.1.18/cgi-bin/Services.asp" LinkTitle="http://192.168.1.18/cgi-bin/Services.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2493	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2494	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2495	</test>
	2496
	2497	<test id="http-basic-auth-cleartext" key="/cgi-bin/Wireless_Basic.asp" status="vulnerable-exploited">
	2498
	2499	<Paragraph>
	2500	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2501	<Paragraph>
	2502	<ContainerBlockElement>
	2503	<Paragraph>HTTP request to
	2504	<URLLink LinkURL="http://192.168.1.18/cgi-bin/Wireless_Basic.asp" LinkTitle="http://192.168.1.18/cgi-bin/Wireless_Basic.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2505	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2506	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2507	</test>
	2508
	2509	<test id="http-basic-auth-cleartext" key="/cgi-bin/Status_Router.asp" status="vulnerable-exploited">
	2510
	2511	<Paragraph>
	2512	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2513	<Paragraph>
	2514	<ContainerBlockElement>
	2515	<Paragraph>HTTP request to
	2516	<URLLink LinkURL="http://192.168.1.18/cgi-bin/Status_Router.asp" LinkTitle="http://192.168.1.18/cgi-bin/Status_Router.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2517	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2518	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2519	</test>
	2520
	2521	<test id="http-basic-auth-cleartext" key="/cgi-bin/default.asp" status="vulnerable-exploited">
	2522
	2523	<Paragraph>
	2524	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2525	<Paragraph>
	2526	<ContainerBlockElement>
	2527	<Paragraph>HTTP request to
	2528	<URLLink LinkURL="http://192.168.1.18/cgi-bin/default.asp" LinkTitle="http://192.168.1.18/cgi-bin/default.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2529	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2530	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2531	</test>
	2532
	2533	<test id="http-basic-auth-cleartext" key="/cgi-bin/index.asp" status="vulnerable-exploited">
	2534
	2535	<Paragraph>
	2536	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2537	<Paragraph>
	2538	<ContainerBlockElement>
	2539	<Paragraph>HTTP request to
	2540	<URLLink LinkURL="http://192.168.1.18/cgi-bin/index.asp" LinkTitle="http://192.168.1.18/cgi-bin/index.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	2541	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2542	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2543	</test>
	2544
	2545	<test id="http-basic-auth-cleartext" key="/cgi-bin/default.aspx" status="vulnerable-exploited">
	2546
	2547	<Paragraph>
	2548	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2549	<Paragraph>
	2550	<ContainerBlockElement>
	2551	<Paragraph>HTTP request to
	2552	<URLLink LinkURL="http://192.168.1.18/cgi-bin/default.aspx" LinkTitle="http://192.168.1.18/cgi-bin/default.aspx"></URLLink></Paragraph>HTTP response code was an expected 401
	2553	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2554	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2555	</test>
	2556
	2557	<test id="http-basic-auth-cleartext" key="/cgi-bin/index.aspx" status="vulnerable-exploited">
	2558
	2559	<Paragraph>
	2560	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2561	<Paragraph>
	2562	<ContainerBlockElement>
	2563	<Paragraph>HTTP request to
	2564	<URLLink LinkURL="http://192.168.1.18/cgi-bin/index.aspx" LinkTitle="http://192.168.1.18/cgi-bin/index.aspx"></URLLink></Paragraph>HTTP response code was an expected 401
	2565	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2566	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2567	</test>
	2568
	2569	<test id="http-basic-auth-cleartext" key="/cgi-bin/index.cfm" status="vulnerable-exploited">
	2570
	2571	<Paragraph>
	2572	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2573	<Paragraph>
	2574	<ContainerBlockElement>
	2575	<Paragraph>HTTP request to
	2576	<URLLink LinkURL="http://192.168.1.18/cgi-bin/index.cfm" LinkTitle="http://192.168.1.18/cgi-bin/index.cfm"></URLLink></Paragraph>HTTP response code was an expected 401
	2577	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2578	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2579	</test>
	2580
	2581	<test id="http-basic-auth-cleartext" key="/cgi-bin/apply.cgi" status="vulnerable-exploited">
	2582
	2583	<Paragraph>
	2584	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2585	<Paragraph>
	2586	<ContainerBlockElement>
	2587	<Paragraph>HTTP request to
	2588	<URLLink LinkURL="http://192.168.1.18/cgi-bin/apply.cgi" LinkTitle="http://192.168.1.18/cgi-bin/apply.cgi"></URLLink></Paragraph>HTTP response code was an expected 401
	2589	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2590	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2591	</test>
	2592
	2593	<test id="http-basic-auth-cleartext" key="/cgi-bin/index.cgi" status="vulnerable-exploited">
	2594
	2595	<Paragraph>
	2596	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2597	<Paragraph>
	2598	<ContainerBlockElement>
	2599	<Paragraph>HTTP request to
	2600	<URLLink LinkURL="http://192.168.1.18/cgi-bin/index.cgi" LinkTitle="http://192.168.1.18/cgi-bin/index.cgi"></URLLink></Paragraph>HTTP response code was an expected 401
	2601	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2602	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2603	</test>
	2604
	2605	<test id="http-basic-auth-cleartext" key="/cgi-bin/default.php" status="vulnerable-exploited">
	2606
	2607	<Paragraph>
	2608	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2609	<Paragraph>
	2610	<ContainerBlockElement>
	2611	<Paragraph>HTTP request to
	2612	<URLLink LinkURL="http://192.168.1.18/cgi-bin/default.php" LinkTitle="http://192.168.1.18/cgi-bin/default.php"></URLLink></Paragraph>HTTP response code was an expected 401
	2613	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2614	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2615	</test>
	2616
	2617	<test id="http-basic-auth-cleartext" key="/cgi-bin/index.php" status="vulnerable-exploited">
	2618
	2619	<Paragraph>
	2620	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2621	<Paragraph>
	2622	<ContainerBlockElement>
	2623	<Paragraph>HTTP request to
	2624	<URLLink LinkURL="http://192.168.1.18/cgi-bin/index.php" LinkTitle="http://192.168.1.18/cgi-bin/index.php"></URLLink></Paragraph>HTTP response code was an expected 401
	2625	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2626	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2627	</test>
	2628
	2629	<test id="http-basic-auth-cleartext" key="/cgi-bin/wp-login.php" status="vulnerable-exploited">
	2630
	2631	<Paragraph>
	2632	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2633	<Paragraph>
	2634	<ContainerBlockElement>
	2635	<Paragraph>HTTP request to
	2636	<URLLink LinkURL="http://192.168.1.18/cgi-bin/wp-login.php" LinkTitle="http://192.168.1.18/cgi-bin/wp-login.php"></URLLink></Paragraph>HTTP response code was an expected 401
	2637	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2638	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2639	</test>
	2640
	2641	<test id="http-basic-auth-cleartext" key="/cgi-bin/index.php3" status="vulnerable-exploited">
	2642
	2643	<Paragraph>
	2644	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2645	<Paragraph>
	2646	<ContainerBlockElement>
	2647	<Paragraph>HTTP request to
	2648	<URLLink LinkURL="http://192.168.1.18/cgi-bin/index.php3" LinkTitle="http://192.168.1.18/cgi-bin/index.php3"></URLLink></Paragraph>HTTP response code was an expected 401
	2649	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2650	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2651	</test>
	2652
	2653	<test id="http-basic-auth-cleartext" key="/cgi-bin/default.shtml" status="vulnerable-exploited">
	2654
	2655	<Paragraph>
	2656	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2657	<Paragraph>
	2658	<ContainerBlockElement>
	2659	<Paragraph>HTTP request to
	2660	<URLLink LinkURL="http://192.168.1.18/cgi-bin/default.shtml" LinkTitle="http://192.168.1.18/cgi-bin/default.shtml"></URLLink></Paragraph>HTTP response code was an expected 401
	2661	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2662	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2663	</test>
	2664
	2665	<test id="http-basic-auth-cleartext" key="/cgi-bin/index.shtml" status="vulnerable-exploited">
	2666
	2667	<Paragraph>
	2668	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2669	<Paragraph>
	2670	<ContainerBlockElement>
	2671	<Paragraph>HTTP request to
	2672	<URLLink LinkURL="http://192.168.1.18/cgi-bin/index.shtml" LinkTitle="http://192.168.1.18/cgi-bin/index.shtml"></URLLink></Paragraph>HTTP response code was an expected 401
	2673	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2674	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2675	</test>
	2676
	2677	<test id="http-basic-auth-cleartext" key="/cgi-bin/" status="vulnerable-exploited">
	2678
	2679	<Paragraph>
	2680	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2681	<Paragraph>
	2682	<ContainerBlockElement>
	2683	<Paragraph>HTTP request to
	2684	<URLLink LinkURL="http://192.168.1.18/cgi-bin/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4-" LinkTitle="http://192.168.1.18/cgi-bin/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4-"></URLLink></Paragraph>HTTP response code was an expected 401
	2685	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2686	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2687	</test>
	2688
	2689	<test id="http-basic-auth-cleartext" key="/cgi-bin/ADw-script AD4-alert(42) ADw-/script AD4-" status="vulnerable-exploited">
	2690
	2691	<Paragraph>
	2692	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2693	<Paragraph>
	2694	<ContainerBlockElement>
	2695	<Paragraph>HTTP request to
	2696	<URLLink LinkURL="http://192.168.1.18/cgi-bin/ADw-script AD4-alert(42) ADw-/script AD4-" LinkTitle="http://192.168.1.18/cgi-bin/ADw-script AD4-alert(42) ADw-/script AD4-"></URLLink></Paragraph>HTTP response code was an expected 401
	2697	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2698	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2699	</test>
	2700
	2701	<test id="http-basic-auth-cleartext" key="/cgi-bin/CVS/Root" status="vulnerable-exploited">
	2702
	2703	<Paragraph>
	2704	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2705	<Paragraph>
	2706	<ContainerBlockElement>
	2707	<Paragraph>HTTP request to
	2708	<URLLink LinkURL="http://192.168.1.18/cgi-bin/CVS/Root" LinkTitle="http://192.168.1.18/cgi-bin/CVS/Root"></URLLink></Paragraph>HTTP response code was an expected 401
	2709	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2710	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2711	</test>
	2712
	2713	<test id="http-basic-auth-cleartext" key="/cgi-bin/DEADJOE" status="vulnerable-exploited">
	2714
	2715	<Paragraph>
	2716	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2717	<Paragraph>
	2718	<ContainerBlockElement>
	2719	<Paragraph>HTTP request to
	2720	<URLLink LinkURL="http://192.168.1.18/cgi-bin/DEADJOE" LinkTitle="http://192.168.1.18/cgi-bin/DEADJOE"></URLLink></Paragraph>HTTP response code was an expected 401
	2721	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2722	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2723	</test>
	2724
	2725	<test id="http-basic-auth-cleartext" key="/cgi-bin/CVS/Entries" status="vulnerable-exploited">
	2726
	2727	<Paragraph>
	2728	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2729	<Paragraph>
	2730	<ContainerBlockElement>
	2731	<Paragraph>HTTP request to
	2732	<URLLink LinkURL="http://192.168.1.18/cgi-bin/CVS/Entries" LinkTitle="http://192.168.1.18/cgi-bin/CVS/Entries"></URLLink></Paragraph>HTTP response code was an expected 401
	2733	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2734	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2735	</test>
	2736
	2737	<test id="http-basic-auth-cleartext" key="/cgi-bin/Filters.asp/<script>xss</script>" status="vulnerable-exploited">
	2738
	2739	<Paragraph>
	2740	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2741	<Paragraph>
	2742	<ContainerBlockElement>
	2743	<Paragraph>HTTP request to
	2744	<URLLink LinkURL="http://192.168.1.18/cgi-bin/Filters.asp/<script>xss</script>" LinkTitle="http://192.168.1.18/cgi-bin/Filters.asp/<script>xss</script>"></URLLink></Paragraph>HTTP response code was an expected 401
	2745	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2746	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2747	</test>
	2748
	2749	<test id="http-basic-auth-cleartext" key="/cgi-bin/.svn/entries" status="vulnerable-exploited">
	2750
	2751	<Paragraph>
	2752	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2753	<Paragraph>
	2754	<ContainerBlockElement>
	2755	<Paragraph>HTTP request to
	2756	<URLLink LinkURL="http://192.168.1.18/cgi-bin/.svn/entries" LinkTitle="http://192.168.1.18/cgi-bin/.svn/entries"></URLLink></Paragraph>HTTP response code was an expected 401
	2757	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2758	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2759	</test>
	2760
	2761	<test id="http-basic-auth-cleartext" key="/cgi-bin/Firewall.asp/<script>xss</script>" status="vulnerable-exploited">
	2762
	2763	<Paragraph>
	2764	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2765	<Paragraph>
	2766	<ContainerBlockElement>
	2767	<Paragraph>HTTP request to
	2768	<URLLink LinkURL="http://192.168.1.18/cgi-bin/Firewall.asp/<script>xss</script>" LinkTitle="http://192.168.1.18/cgi-bin/Firewall.asp/<script>xss</script>"></URLLink></Paragraph>HTTP response code was an expected 401
	2769	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2770	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2771	</test>
	2772
	2773	<test id="http-basic-auth-cleartext" key="/cgi-bin/ForwardSpec.asp/<script>xss</script>" status="vulnerable-exploited">
	2774
	2775	<Paragraph>
	2776	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2777	<Paragraph>
	2778	<ContainerBlockElement>
	2779	<Paragraph>HTTP request to
	2780	<URLLink LinkURL="http://192.168.1.18/cgi-bin/ForwardSpec.asp/<script>xss</script>" LinkTitle="http://192.168.1.18/cgi-bin/ForwardSpec.asp/<script>xss</script>"></URLLink></Paragraph>HTTP response code was an expected 401
	2781	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2782	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2783	</test>
	2784
	2785	<test id="http-basic-auth-cleartext" key="/cgi-bin/Info.htm" status="vulnerable-exploited">
	2786
	2787	<Paragraph>
	2788	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2789	<Paragraph>
	2790	<ContainerBlockElement>
	2791	<Paragraph>HTTP request to
	2792	<URLLink LinkURL="http://192.168.1.18/cgi-bin/Info.htm" LinkTitle="http://192.168.1.18/cgi-bin/Info.htm"></URLLink></Paragraph>HTTP response code was an expected 401
	2793	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2794	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2795	</test>
	2796
	2797	<test id="http-basic-auth-cleartext" key="/cgi-bin/Info.live.htm" status="vulnerable-exploited">
	2798
	2799	<Paragraph>
	2800	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2801	<Paragraph>
	2802	<ContainerBlockElement>
	2803	<Paragraph>HTTP request to
	2804	<URLLink LinkURL="http://192.168.1.18/cgi-bin/Info.live.htm" LinkTitle="http://192.168.1.18/cgi-bin/Info.live.htm"></URLLink></Paragraph>HTTP response code was an expected 401
	2805	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2806	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2807	</test>
	2808
	2809	<test id="http-basic-auth-cleartext" key="/cgi-bin/Info.live.htm/<script>xss</script>" status="vulnerable-exploited">
	2810
	2811	<Paragraph>
	2812	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2813	<Paragraph>
	2814	<ContainerBlockElement>
	2815	<Paragraph>HTTP request to
	2816	<URLLink LinkURL="http://192.168.1.18/cgi-bin/Info.live.htm/<script>xss</script>" LinkTitle="http://192.168.1.18/cgi-bin/Info.live.htm/<script>xss</script>"></URLLink></Paragraph>HTTP response code was an expected 401
	2817	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2818	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2819	</test>
	2820
	2821	<test id="http-basic-auth-cleartext" key="/cgi-bin/Management.asp/<script>xss</script>" status="vulnerable-exploited">
	2822
	2823	<Paragraph>
	2824	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2825	<Paragraph>
	2826	<ContainerBlockElement>
	2827	<Paragraph>HTTP request to
	2828	<URLLink LinkURL="http://192.168.1.18/cgi-bin/Management.asp/<script>xss</script>" LinkTitle="http://192.168.1.18/cgi-bin/Management.asp/<script>xss</script>"></URLLink></Paragraph>HTTP response code was an expected 401
	2829	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2830	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2831	</test>
	2832
	2833	<test id="http-basic-auth-cleartext" key="/cgi-bin/README" status="vulnerable-exploited">
	2834
	2835	<Paragraph>
	2836	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2837	<Paragraph>
	2838	<ContainerBlockElement>
	2839	<Paragraph>HTTP request to
	2840	<URLLink LinkURL="http://192.168.1.18/cgi-bin/README" LinkTitle="http://192.168.1.18/cgi-bin/README"></URLLink></Paragraph>HTTP response code was an expected 401
	2841	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2842	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2843	</test>
	2844
	2845	<test id="http-basic-auth-cleartext" key="/cgi-bin/README.TXT" status="vulnerable-exploited">
	2846
	2847	<Paragraph>
	2848	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2849	<Paragraph>
	2850	<ContainerBlockElement>
	2851	<Paragraph>HTTP request to
	2852	<URLLink LinkURL="http://192.168.1.18/cgi-bin/README.TXT" LinkTitle="http://192.168.1.18/cgi-bin/README.TXT"></URLLink></Paragraph>HTTP response code was an expected 401
	2853	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2854	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2855	</test>
	2856
	2857	<test id="http-basic-auth-cleartext" key="/cgi-bin/Status_Router.asp/<script>xss</script>" status="vulnerable-exploited">
	2858
	2859	<Paragraph>
	2860	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2861	<Paragraph>
	2862	<ContainerBlockElement>
	2863	<Paragraph>HTTP request to
	2864	<URLLink LinkURL="http://192.168.1.18/cgi-bin/Status_Router.asp/<script>xss</script>" LinkTitle="http://192.168.1.18/cgi-bin/Status_Router.asp/<script>xss</script>"></URLLink></Paragraph>HTTP response code was an expected 401
	2865	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2866	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2867	</test>
	2868
	2869	<test id="http-basic-auth-cleartext" key="/cgi-bin/Trace.axd" status="vulnerable-exploited">
	2870
	2871	<Paragraph>
	2872	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2873	<Paragraph>
	2874	<ContainerBlockElement>
	2875	<Paragraph>HTTP request to
	2876	<URLLink LinkURL="http://192.168.1.18/cgi-bin/Trace.axd" LinkTitle="http://192.168.1.18/cgi-bin/Trace.axd"></URLLink></Paragraph>HTTP response code was an expected 401
	2877	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2878	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2879	</test>
	2880
	2881	<test id="http-basic-auth-cleartext" key="/cgi-bin/WS_FTP.LOG" status="vulnerable-exploited">
	2882
	2883	<Paragraph>
	2884	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2885	<Paragraph>
	2886	<ContainerBlockElement>
	2887	<Paragraph>HTTP request to
	2888	<URLLink LinkURL="http://192.168.1.18/cgi-bin/WS_FTP.LOG" LinkTitle="http://192.168.1.18/cgi-bin/WS_FTP.LOG"></URLLink></Paragraph>HTTP response code was an expected 401
	2889	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2890	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2891	</test>
	2892
	2893	<test id="http-basic-auth-cleartext" key="/cgi-bin/Web.sitemap" status="vulnerable-exploited">
	2894
	2895	<Paragraph>
	2896	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2897	<Paragraph>
	2898	<ContainerBlockElement>
	2899	<Paragraph>HTTP request to
	2900	<URLLink LinkURL="http://192.168.1.18/cgi-bin/Web.sitemap" LinkTitle="http://192.168.1.18/cgi-bin/Web.sitemap"></URLLink></Paragraph>HTTP response code was an expected 401
	2901	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2902	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2903	</test>
	2904
	2905	<test id="http-basic-auth-cleartext" key="/cgi-bin/Wireless_Basic.asp/<script>xss</script>" status="vulnerable-exploited">
	2906
	2907	<Paragraph>
	2908	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2909	<Paragraph>
	2910	<ContainerBlockElement>
	2911	<Paragraph>HTTP request to
	2912	<URLLink LinkURL="http://192.168.1.18/cgi-bin/Wireless_Basic.asp/<script>xss</script>" LinkTitle="http://192.168.1.18/cgi-bin/Wireless_Basic.asp/<script>xss</script>"></URLLink></Paragraph>HTTP response code was an expected 401
	2913	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2914	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2915	</test>
	2916
	2917	<test id="http-basic-auth-cleartext" key="/cgi-bin/adojavas.inc" status="vulnerable-exploited">
	2918
	2919	<Paragraph>
	2920	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2921	<Paragraph>
	2922	<ContainerBlockElement>
	2923	<Paragraph>HTTP request to
	2924	<URLLink LinkURL="http://192.168.1.18/cgi-bin/adojavas.inc" LinkTitle="http://192.168.1.18/cgi-bin/adojavas.inc"></URLLink></Paragraph>HTTP response code was an expected 401
	2925	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2926	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2927	</test>
	2928
	2929	<test id="http-basic-auth-cleartext" key="/cgi-bin/adovbs.inc" status="vulnerable-exploited">
	2930
	2931	<Paragraph>
	2932	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2933	<Paragraph>
	2934	<ContainerBlockElement>
	2935	<Paragraph>HTTP request to
	2936	<URLLink LinkURL="http://192.168.1.18/cgi-bin/adovbs.inc" LinkTitle="http://192.168.1.18/cgi-bin/adovbs.inc"></URLLink></Paragraph>HTTP response code was an expected 401
	2937	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2938	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2939	</test>
	2940
	2941	<test id="http-basic-auth-cleartext" key="/cgi-bin/default.htm" status="vulnerable-exploited">
	2942
	2943	<Paragraph>
	2944	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2945	<Paragraph>
	2946	<ContainerBlockElement>
	2947	<Paragraph>HTTP request to
	2948	<URLLink LinkURL="http://192.168.1.18/cgi-bin/default.htm" LinkTitle="http://192.168.1.18/cgi-bin/default.htm"></URLLink></Paragraph>HTTP response code was an expected 401
	2949	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2950	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2951	</test>
	2952
	2953	<test id="http-basic-auth-cleartext" key="/cgi-bin/default.html" status="vulnerable-exploited">
	2954
	2955	<Paragraph>
	2956	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2957	<Paragraph>
	2958	<ContainerBlockElement>
	2959	<Paragraph>HTTP request to
	2960	<URLLink LinkURL="http://192.168.1.18/cgi-bin/default.html" LinkTitle="http://192.168.1.18/cgi-bin/default.html"></URLLink></Paragraph>HTTP response code was an expected 401
	2961	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2962	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2963	</test>
	2964
	2965	<test id="http-basic-auth-cleartext" key="/cgi-bin/default.wml" status="vulnerable-exploited">
	2966
	2967	<Paragraph>
	2968	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2969	<Paragraph>
	2970	<ContainerBlockElement>
	2971	<Paragraph>HTTP request to
	2972	<URLLink LinkURL="http://192.168.1.18/cgi-bin/default.wml" LinkTitle="http://192.168.1.18/cgi-bin/default.wml"></URLLink></Paragraph>HTTP response code was an expected 401
	2973	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2974	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2975	</test>
	2976
	2977	<test id="http-basic-auth-cleartext" key="/cgi-bin/images/common.js" status="vulnerable-exploited">
	2978
	2979	<Paragraph>
	2980	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2981	<Paragraph>
	2982	<ContainerBlockElement>
	2983	<Paragraph>HTTP request to
	2984	<URLLink LinkURL="http://192.168.1.18/cgi-bin/images/common.js" LinkTitle="http://192.168.1.18/cgi-bin/images/common.js"></URLLink></Paragraph>HTTP response code was an expected 401
	2985	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2986	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2987	</test>
	2988
	2989	<test id="http-basic-auth-cleartext" key="/cgi-bin/images/lang_pack/english.js" status="vulnerable-exploited">
	2990
	2991	<Paragraph>
	2992	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	2993	<Paragraph>
	2994	<ContainerBlockElement>
	2995	<Paragraph>HTTP request to
	2996	<URLLink LinkURL="http://192.168.1.18/cgi-bin/images/lang_pack/english.js" LinkTitle="http://192.168.1.18/cgi-bin/images/lang_pack/english.js"></URLLink></Paragraph>HTTP response code was an expected 401
	2997	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	2998	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	2999	</test>
	3000
	3001	<test id="http-basic-auth-cleartext" key="/cgi-bin/images/Filters.asp" status="vulnerable-exploited">
	3002
	3003	<Paragraph>
	3004	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3005	<Paragraph>
	3006	<ContainerBlockElement>
	3007	<Paragraph>HTTP request to
	3008	<URLLink LinkURL="http://192.168.1.18/cgi-bin/images/Filters.asp" LinkTitle="http://192.168.1.18/cgi-bin/images/Filters.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	3009	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	3010	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	3011	</test>
	3012
	3013	<test id="http-basic-auth-cleartext" key="/cgi-bin/images/Firewall.asp" status="vulnerable-exploited">
	3014
	3015	<Paragraph>
	3016	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3017	<Paragraph>
	3018	<ContainerBlockElement>
	3019	<Paragraph>HTTP request to
	3020	<URLLink LinkURL="http://192.168.1.18/cgi-bin/images/Firewall.asp" LinkTitle="http://192.168.1.18/cgi-bin/images/Firewall.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	3021	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	3022	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	3023	</test>
	3024
	3025	<test id="http-basic-auth-cleartext" key="/cgi-bin/images/ForwardSpec.asp" status="vulnerable-exploited">
	3026
	3027	<Paragraph>
	3028	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3029	<Paragraph>
	3030	<ContainerBlockElement>
	3031	<Paragraph>HTTP request to
	3032	<URLLink LinkURL="http://192.168.1.18/cgi-bin/images/ForwardSpec.asp" LinkTitle="http://192.168.1.18/cgi-bin/images/ForwardSpec.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	3033	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	3034	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	3035	</test>
	3036
	3037	<test id="http-basic-auth-cleartext" key="/cgi-bin/images/Management.asp" status="vulnerable-exploited">
	3038
	3039	<Paragraph>
	3040	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3041	<Paragraph>
	3042	<ContainerBlockElement>
	3043	<Paragraph>HTTP request to
	3044	<URLLink LinkURL="http://192.168.1.18/cgi-bin/images/Management.asp" LinkTitle="http://192.168.1.18/cgi-bin/images/Management.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	3045	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	3046	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	3047	</test>
	3048
	3049	<test id="http-basic-auth-cleartext" key="/cgi-bin/images/Services.asp" status="vulnerable-exploited">
	3050
	3051	<Paragraph>
	3052	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3053	<Paragraph>
	3054	<ContainerBlockElement>
	3055	<Paragraph>HTTP request to
	3056	<URLLink LinkURL="http://192.168.1.18/cgi-bin/images/Services.asp" LinkTitle="http://192.168.1.18/cgi-bin/images/Services.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	3057	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	3058	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	3059	</test>
	3060
	3061	<test id="http-basic-auth-cleartext" key="/cgi-bin/Services.asp/<script>xss</script>" status="vulnerable-exploited">
	3062
	3063	<Paragraph>
	3064	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3065	<Paragraph>
	3066	<ContainerBlockElement>
	3067	<Paragraph>HTTP request to
	3068	<URLLink LinkURL="http://192.168.1.18/cgi-bin/Services.asp/<script>xss</script>" LinkTitle="http://192.168.1.18/cgi-bin/Services.asp/<script>xss</script>"></URLLink></Paragraph>HTTP response code was an expected 401
	3069	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	3070	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	3071	</test>
	3072
	3073	<test id="http-basic-auth-cleartext" key="/cgi-bin/images/Status_Router.asp" status="vulnerable-exploited">
	3074
	3075	<Paragraph>
	3076	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3077	<Paragraph>
	3078	<ContainerBlockElement>
	3079	<Paragraph>HTTP request to
	3080	<URLLink LinkURL="http://192.168.1.18/cgi-bin/images/Status_Router.asp" LinkTitle="http://192.168.1.18/cgi-bin/images/Status_Router.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	3081	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	3082	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	3083	</test>
	3084
	3085	<test id="http-basic-auth-cleartext" key="/cgi-bin/images/Wireless_Basic.asp" status="vulnerable-exploited">
	3086
	3087	<Paragraph>
	3088	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3089	<Paragraph>
	3090	<ContainerBlockElement>
	3091	<Paragraph>HTTP request to
	3092	<URLLink LinkURL="http://192.168.1.18/cgi-bin/images/Wireless_Basic.asp" LinkTitle="http://192.168.1.18/cgi-bin/images/Wireless_Basic.asp"></URLLink></Paragraph>HTTP response code was an expected 401
	3093	<Paragraph preformat="true">1: Basic realm="DD-WRT"</Paragraph>
	3094	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	3095	</test>
	3096
	3097	<test id="http-iis-0014" status="not-vulnerable">
	3098
	3099	<Paragraph>
	3100	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3101	<Paragraph>Based on the following 3 results:
	3102	<OrderedList>
	3103	<ListItem>
	3104	<Paragraph>
	3105	<ContainerBlockElement></ContainerBlockElement></Paragraph></ListItem>
	3106	<ListItem>
	3107	<Paragraph>
	3108	<ContainerBlockElement>
	3109	<ContainerBlockElement>
	3110	<Paragraph>HTTP GET request to
	3111	<URLLink LinkURL="http://192.168.1.18/AdvWorks/equipment/catalog_type.asp?ProductType=\|shell("c:cmd.exe")\|" LinkTitle="http://192.168.1.18/AdvWorks/equipment/catalog_type.asp?ProductType=\|shell("c:cmd.exe")\|"></URLLink></Paragraph>HTTP response code was 401 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></ListItem>
	3112	<ListItem>
	3113	<Paragraph>
	3114	<ContainerBlockElement>
	3115	<ContainerBlockElement>
	3116	<Paragraph>HTTP GET request to
	3117	<URLLink LinkURL="http://192.168.1.18/ASPSamp/AdvWorks/equipment/catalog_type.asp?ProductType=\|shell("c:cmd.exe")\|" LinkTitle="http://192.168.1.18/ASPSamp/AdvWorks/equipment/catalog_type.asp?ProductType=\|shell("c:cmd.exe")\|"></URLLink></Paragraph>HTTP response code was 401 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></ListItem></OrderedList></Paragraph></Paragraph>
	3118	</test>
	3119
	3120	<test id="http-cgi-viewsource-arbitrary-file-access" key="/cgi-bin/view-source?../../../../../../../etc/passwd" status="not-vulnerable">
	3121
	3122	<Paragraph>
	3123	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3124	<Paragraph>
	3125	<ContainerBlockElement>
	3126	<ContainerBlockElement>
	3127	<Paragraph>HTTP GET request to
	3128	<URLLink LinkURL="http://192.168.1.18/cgi-bin/view-source?../../../../../../../etc/passwd" LinkTitle="http://192.168.1.18/cgi-bin/view-source?../../../../../../../etc/passwd"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3129	</test>
	3130
	3131	<test id="http-trace-method-enabled" key="/" status="not-vulnerable">
	3132
	3133	<Paragraph>
	3134	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3135	<Paragraph>
	3136	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3137	</test>
	3138
	3139	<test id="http-track-method-enabled" key="/" status="not-vulnerable">
	3140
	3141	<Paragraph>
	3142	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3143	<Paragraph>
	3144	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3145	</test>
	3146
	3147	<test id="spider-adobe-flash-permissive-crossdomain-xml" key="/crossdomain.xml" status="not-vulnerable">
	3148
	3149	<Paragraph>
	3150	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3151	<Paragraph>
	3152	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3153	</test>
	3154
	3155	<test id="adobe-apsb13-03-cve-2013-0631" key="/CFIDE/adminapi/customtags/fusebox.cfm" status="not-vulnerable">
	3156
	3157	<Paragraph>
	3158	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3159	<Paragraph>
	3160	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3161	</test>
	3162
	3163	<test id="adobe-apsb13-13-cve-2013-3336" key="/CFIDE/adminapi/customtags/l10n.cfm?attributes.id=test&attributes.file=../../administrator/mail/download.cfm&filename=../lib/password.properties&attributes.locale=it&attributes.var=it&attributes.jscript=false&attributes.type=text/html&attributes.charset=U" status="not-vulnerable">
	3164
	3165	<Paragraph>
	3166	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3167	<Paragraph>
	3168	<ContainerBlockElement>
	3169	<ContainerBlockElement>
	3170	<Paragraph>HTTP GET request to
	3171	<URLLink LinkURL="http://192.168.1.18/CFIDE/adminapi/customtags/l10n.cfm?attributes.id=test&attributes.file=../../administrator/mail/download.cfm&filename=../../lib/password.properties&attributes.locale=it&attributes.var=it&attributes.jscript=false&attributes.type=text/html&attributes.charset=UTF-8&thisTag.executionmode=end&thisTag.generatedContent=test" LinkTitle="http://192.168.1.18/CFIDE/adminapi/customtags/l10n.cfm?attributes.id=test&attributes.file=../../administrator/mail/download.cfm&filename=../../lib/password.properties&attributes.locale=it&attributes.var=it&attributes.jscript=false&attributes.type=text/html&attributes.charset=UTF-8&thisTag.executionmode=end&thisTag.generatedContent=test"></URLLink></Paragraph>HTTP response code was 400 but expected 200HTTP response code was 400 but expected 200HTTP response code was 400 but expected 200</ContainerBlockElement>
	3172	<ContainerBlockElement>
	3173	<Paragraph>HTTP GET request to
	3174	<URLLink LinkURL="http://192.168.1.18/CFIDE/adminapi/customtags/l10n.cfm?attributes.id=test&attributes.file=../../administrator/mail/download.cfm&filename=../lib/password.properties&attributes.locale=it&attributes.var=it&attributes.jscript=false&attributes.type=text/html&attributes.charset=UTF-8&thisTag.executionmode=end&thisTag.generatedContent=test" LinkTitle="http://192.168.1.18/CFIDE/adminapi/customtags/l10n.cfm?attributes.id=test&attributes.file=../../administrator/mail/download.cfm&filename=../lib/password.properties&attributes.locale=it&attributes.var=it&attributes.jscript=false&attributes.type=text/html&attributes.charset=UTF-8&thisTag.executionmode=end&thisTag.generatedContent=test"></URLLink></Paragraph>HTTP response code was 400 but expected 200HTTP response code was 400 but expected 200HTTP response code was 400 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3175	</test>
	3176
	3177	<test id="http-asp-dot-net-debug-enabled" key="/cgi-bin/default.aspx" status="error">
	3178
	3179	<Paragraph>
	3180	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3181	<Paragraph>
	3182	<ContainerBlockElement>
	3183	<Paragraph>HTTP request to
	3184	<URLLink LinkURL="http://192.168.1.18/cgi-bin/default.aspx" LinkTitle="http://192.168.1.18/cgi-bin/default.aspx"></URLLink></Paragraph></ContainerBlockElement></Paragraph>
	3185	<Paragraph>java.io.EOFException: Peer closed connection before first line could be read</Paragraph></Paragraph>
	3186	</test>
	3187
	3188	<test id="http-asp-dot-net-debug-enabled" key="/cgi-bin/index.aspx" status="error">
	3189
	3190	<Paragraph>
	3191	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3192	<Paragraph>
	3193	<ContainerBlockElement>
	3194	<Paragraph>HTTP request to
	3195	<URLLink LinkURL="http://192.168.1.18/cgi-bin/index.aspx" LinkTitle="http://192.168.1.18/cgi-bin/index.aspx"></URLLink></Paragraph></ContainerBlockElement></Paragraph>
	3196	<Paragraph>java.io.EOFException: Peer closed connection before first line could be read</Paragraph></Paragraph>
	3197	</test>
	3198
	3199	<test id="http-awstats-debug-information-disclosure" key="/cgi-bin/awstats/awstats.pl?debug=1" status="not-vulnerable">
	3200
	3201	<Paragraph>
	3202	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3203	<Paragraph>
	3204	<ContainerBlockElement>
	3205	<ContainerBlockElement>
	3206	<Paragraph>HTTP GET request to
	3207	<URLLink LinkURL="http://192.168.1.18/cgi-bin/awstats.pl?debug=1" LinkTitle="http://192.168.1.18/cgi-bin/awstats.pl?debug=1"></URLLink></Paragraph>HTTP response code was 401 but expected 200</ContainerBlockElement>
	3208	<ContainerBlockElement>
	3209	<Paragraph>HTTP GET request to
	3210	<URLLink LinkURL="http://192.168.1.18/cgi-bin/awstats/awstats.pl?debug=1" LinkTitle="http://192.168.1.18/cgi-bin/awstats/awstats.pl?debug=1"></URLLink></Paragraph>HTTP response code was 401 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3211	</test>
	3212
	3213	<test id="http-bigbrother-accessible" key="/bb/" status="not-vulnerable">
	3214
	3215	<Paragraph>
	3216	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3217	<Paragraph>
	3218	<ContainerBlockElement>
	3219	<ContainerBlockElement>
	3220	<Paragraph>HTTP GET request to
	3221	<URLLink LinkURL="http://192.168.1.18/bb/" LinkTitle="http://192.168.1.18/bb/"></URLLink></Paragraph></ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3222	</test>
	3223
	3224	<test id="http-cgi-htdig-arbitrary-file-access" key="/cgi-bin/htsearch?Exclude=%60/etc/passwd%60" status="not-vulnerable">
	3225
	3226	<Paragraph>
	3227	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3228	<Paragraph>
	3229	<ContainerBlockElement>
	3230	<ContainerBlockElement>
	3231	<Paragraph>HTTP GET request to
	3232	<URLLink LinkURL="http://192.168.1.18/cgi-bin/htsearch?Exclude=%60/etc/passwd%60" LinkTitle="http://192.168.1.18/cgi-bin/htsearch?Exclude=%60/etc/passwd%60"></URLLink></Paragraph>HTTP response code was 401 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3233	</test>
	3234
	3235	<test id="http-cgi-htgrep-arbitrary-file-access" key="/cgi-bin/htgrep/file=index.html&hdr=/etc/passwd" status="not-vulnerable">
	3236
	3237	<Paragraph>
	3238	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3239	<Paragraph>
	3240	<ContainerBlockElement>
	3241	<ContainerBlockElement>
	3242	<Paragraph>HTTP GET request to
	3243	<URLLink LinkURL="http://192.168.1.18/cgi-bin/htgrep/file=index.html&hdr=/etc/passwd" LinkTitle="http://192.168.1.18/cgi-bin/htgrep/file=index.html&hdr=/etc/passwd"></URLLink></Paragraph>HTTP response code was 401 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3244	</test>
	3245
	3246	<test id="http-cgi-htmlscript-arbitrary-file-access" key="/cgi-bin/htmlscript?../../../../../../../etc/passwd" status="not-vulnerable">
	3247
	3248	<Paragraph>
	3249	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3250	<Paragraph>
	3251	<ContainerBlockElement>
	3252	<ContainerBlockElement>
	3253	<Paragraph>HTTP GET request to
	3254	<URLLink LinkURL="http://192.168.1.18/cgi-bin/htmlscript?../../../../../../../etc/passwd" LinkTitle="http://192.168.1.18/cgi-bin/htmlscript?../../../../../../../etc/passwd"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3255	</test>
	3256
	3257	<test id="http-cgi-testcgi-file-listing" key="/cgi-bin/test-cgi" status="not-vulnerable">
	3258
	3259	<Paragraph>
	3260	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3261	<Paragraph>
	3262	<ContainerBlockElement>
	3263	<ContainerBlockElement>
	3264	<Paragraph>HTTP POST request to
	3265	<URLLink LinkURL="http://192.168.1.18/cgi-bin/test-cgi" LinkTitle="http://192.168.1.18/cgi-bin/test-cgi"></URLLink></Paragraph></ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3266	</test>
	3267
	3268	<test id="http-generic-propfind-dir-browsing" status="skipped-version">
	3269
	3270	<Paragraph>
	3271	<Paragraph>
	3272	<ContainerBlockElement>
	3273	<Paragraph>HTTP request to
	3274	<URLLink LinkURL="http://192.168.1.18/cgi-bin/lang_pack/" LinkTitle="http://192.168.1.18/cgi-bin/lang_pack/"></URLLink></Paragraph></ContainerBlockElement></Paragraph>
	3275	<Paragraph>Server did not respond to PROPFIND request on: /cgi-bin/lang_pack/</Paragraph>
	3276	<Paragraph>Based on the result of the "WebDAV Extensions are Enabled" test, this node is not vulnerable to this issue.</Paragraph></Paragraph>
	3277	</test>
	3278
	3279	<test id="http-generic-propfind-dir-browsing" status="skipped-version">
	3280
	3281	<Paragraph>
	3282	<Paragraph>
	3283	<ContainerBlockElement>
	3284	<Paragraph>HTTP request to
	3285	<URLLink LinkURL="http://192.168.1.18/cgi-bin/style/elegant/" LinkTitle="http://192.168.1.18/cgi-bin/style/elegant/"></URLLink></Paragraph></ContainerBlockElement></Paragraph>
	3286	<Paragraph>Server did not respond to PROPFIND request on: /cgi-bin/style/elegant/</Paragraph>
	3287	<Paragraph>Based on the result of the "WebDAV Extensions are Enabled" test, this node is not vulnerable to this issue.</Paragraph></Paragraph>
	3288	</test>
	3289
	3290	<test id="http-generic-propfind-dir-browsing" status="skipped-version">
	3291
	3292	<Paragraph>
	3293	<Paragraph>
	3294	<ContainerBlockElement>
	3295	<Paragraph>HTTP request to
	3296	<URLLink LinkURL="http://192.168.1.18/.cobalt/" LinkTitle="http://192.168.1.18/.cobalt/"></URLLink></Paragraph></ContainerBlockElement></Paragraph>
	3297	<Paragraph>Server did not respond to PROPFIND request on: /.cobalt/</Paragraph>
	3298	<Paragraph>Based on the result of the "WebDAV Extensions are Enabled" test, this node is not vulnerable to this issue.</Paragraph></Paragraph>
	3299	</test>
	3300
	3301	<test id="http-generic-propfind-dir-browsing" status="skipped-version">
	3302
	3303	<Paragraph>
	3304	<Paragraph>
	3305	<ContainerBlockElement>
	3306	<Paragraph>HTTP request to
	3307	<URLLink LinkURL="http://192.168.1.18/AdminScripts/" LinkTitle="http://192.168.1.18/AdminScripts/"></URLLink></Paragraph></ContainerBlockElement></Paragraph>
	3308	<Paragraph>Server did not respond to PROPFIND request on: /AdminScripts/</Paragraph>
	3309	<Paragraph>Based on the result of the "WebDAV Extensions are Enabled" test, this node is not vulnerable to this issue.</Paragraph></Paragraph>
	3310	</test>
	3311
	3312	<test id="http-generic-propfind-dir-browsing" status="skipped-version">
	3313
	3314	<Paragraph>
	3315	<Paragraph>
	3316	<ContainerBlockElement>
	3317	<Paragraph>HTTP request to
	3318	<URLLink LinkURL="http://192.168.1.18/" LinkTitle="http://192.168.1.18/"></URLLink></Paragraph></ContainerBlockElement></Paragraph>
	3319	<Paragraph>Server did not respond to PROPFIND request on: /</Paragraph>
	3320	<Paragraph>Based on the result of the "WebDAV Extensions are Enabled" test, this node is not vulnerable to this issue.</Paragraph></Paragraph>
	3321	</test>
	3322
	3323	<test id="http-generic-propfind-dir-browsing" status="skipped-version">
	3324
	3325	<Paragraph>
	3326	<Paragraph>
	3327	<ContainerBlockElement>
	3328	<Paragraph>HTTP request to
	3329	<URLLink LinkURL="http://192.168.1.18/cgi-bin/" LinkTitle="http://192.168.1.18/cgi-bin/"></URLLink></Paragraph></ContainerBlockElement></Paragraph>
	3330	<Paragraph>Server did not respond to PROPFIND request on: /cgi-bin/</Paragraph>
	3331	<Paragraph>Based on the result of the "WebDAV Extensions are Enabled" test, this node is not vulnerable to this issue.</Paragraph></Paragraph>
	3332	</test>
	3333
	3334	<test id="http-generic-propfind-dir-browsing" status="skipped-version">
	3335
	3336	<Paragraph>
	3337	<Paragraph>
	3338	<ContainerBlockElement>
	3339	<Paragraph>HTTP request to
	3340	<URLLink LinkURL="http://192.168.1.18/cgi-bin/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4-" LinkTitle="http://192.168.1.18/cgi-bin/?P=+ADw-script+AD4-alert(42)+ADw-/script+AD4-"></URLLink></Paragraph></ContainerBlockElement></Paragraph>
	3341	<Paragraph>Server did not respond to PROPFIND request on: /cgi-bin/</Paragraph>
	3342	<Paragraph>Based on the result of the "WebDAV Extensions are Enabled" test, this node is not vulnerable to this issue.</Paragraph></Paragraph>
	3343	</test>
	3344
	3345	<test id="http-generic-propfind-dir-browsing" status="skipped-version">
	3346
	3347	<Paragraph>
	3348	<Paragraph>
	3349	<ContainerBlockElement>
	3350	<Paragraph>HTTP request to
	3351	<URLLink LinkURL="http://192.168.1.18/cgi-bin/images/" LinkTitle="http://192.168.1.18/cgi-bin/images/"></URLLink></Paragraph></ContainerBlockElement></Paragraph>
	3352	<Paragraph>Server did not respond to PROPFIND request on: /cgi-bin/images/</Paragraph>
	3353	<Paragraph>Based on the result of the "WebDAV Extensions are Enabled" test, this node is not vulnerable to this issue.</Paragraph></Paragraph>
	3354	</test>
	3355
	3356	<test id="http-lighttpd-mod_userdir-info-discl" key="/~bin/true" status="not-vulnerable">
	3357
	3358	<Paragraph>
	3359	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3360	<Paragraph>
	3361	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3362	</test>
	3363
	3364	<test id="http-open-proxy" key="http://www.google.com:80/" status="not-vulnerable">
	3365
	3366	<Paragraph>
	3367	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3368	<Paragraph>
	3369	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3370	</test>
	3371
	3372	<test id="http-php-ini-file-exposed" key="/cgi-bin/php.ini" status="not-vulnerable">
	3373
	3374	<Paragraph>
	3375	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3376	<Paragraph>
	3377	<ContainerBlockElement>
	3378	<ContainerBlockElement>
	3379	<Paragraph>HTTP GET request to
	3380	<URLLink LinkURL="http://192.168.1.18/cgi-bin/php.ini" LinkTitle="http://192.168.1.18/cgi-bin/php.ini"></URLLink></Paragraph></ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3381	</test>
	3382
	3383	<test id="http-symantec-scan-engine-file-disclosure" key="/README.txt" status="not-vulnerable">
	3384
	3385	<Paragraph>
	3386	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3387	<Paragraph>
	3388	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3389	</test>
	3390
	3391	<test id="http-tomcat-jkstatus-accessible" key="/jkstatus/" status="not-vulnerable">
	3392
	3393	<Paragraph>
	3394	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3395	<Paragraph>
	3396	<ContainerBlockElement>
	3397	<ContainerBlockElement>
	3398	<Paragraph>HTTP GET request to
	3399	<URLLink LinkURL="http://192.168.1.18/jkstatus/" LinkTitle="http://192.168.1.18/jkstatus/"></URLLink></Paragraph>HTTP response code was an expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3400	</test>
	3401
	3402	<test id="http-vignette-app-portal-diag" status="not-vulnerable">
	3403
	3404	<Paragraph>
	3405	<Paragraph>No response returned to diagnostics request</Paragraph></Paragraph>
	3406	</test>
	3407
	3408	<test id="adobe-apsb13-03-cve-2013-0629" key="/CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtml&name=CFIDE.componentutils.cfcexplorer&path=../../../../license.html" status="not-vulnerable">
	3409
	3410	<Paragraph>
	3411	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3412	<Paragraph>
	3413	<ContainerBlockElement>
	3414	<ContainerBlockElement>
	3415	<Paragraph>HTTP GET request to
	3416	<URLLink LinkURL="http://192.168.1.18/CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtml&name=CFIDE.componentutils.cfcexplorer&path=../../../license.txt" LinkTitle="http://192.168.1.18/CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtml&name=CFIDE.componentutils.cfcexplorer&path=../../../license.txt"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	3417	<ContainerBlockElement>
	3418	<Paragraph>HTTP GET request to
	3419	<URLLink LinkURL="http://192.168.1.18/CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtml&name=CFIDE.componentutils.cfcexplorer&path=../../../../license.html" LinkTitle="http://192.168.1.18/CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtml&name=CFIDE.componentutils.cfcexplorer&path=../../../../license.html"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3420	</test>
	3421
	3422	<test id="apache-httpd-cve-2008-0005" key="ftp://ftp.kernel.org/;utf7xss" status="not-vulnerable">
	3423
	3424	<Paragraph>
	3425	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3426	<Paragraph>
	3427	<ContainerBlockElement>
	3428	<ContainerBlockElement>
	3429	<Paragraph>HTTP GET request to
	3430	<URLLink LinkURL="ftp://ftp.kernel.org/;utf7xss" LinkTitle="ftp://ftp.kernel.org/;utf7xss"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3431	</test>
	3432
	3433	<test id="apache-httpd-cve-2008-0005" key="ftp://ftp.kernel.org/;utf7xss" status="not-vulnerable">
	3434
	3435	<Paragraph>
	3436	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3437	<Paragraph>
	3438	<ContainerBlockElement>
	3439	<ContainerBlockElement>
	3440	<Paragraph>HTTP GET request to
	3441	<URLLink LinkURL="ftp://ftp.kernel.org/;utf7xss" LinkTitle="ftp://ftp.kernel.org/;utf7xss"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3442	</test>
	3443
	3444	<test id="apache-httpd-cve-2008-2939" key="ftp://ftp.kernel.org/*<img%20src=""%20onerror="alert(42)">" status="not-vulnerable">
	3445
	3446	<Paragraph>
	3447	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3448	<Paragraph>
	3449	<ContainerBlockElement>
	3450	<ContainerBlockElement>
	3451	<Paragraph>HTTP GET request to
	3452	<URLLink LinkURL="ftp://ftp.kernel.org/<img%20src=""%20onerror="alert(42)">" LinkTitle="ftp://ftp.kernel.org/<img%20src=""%20onerror="alert(42)">"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3453	</test>
	3454
	3455	<test id="apache-httpd-cve-2008-2939" key="ftp://ftp.kernel.org/*<img%20src=""%20onerror="alert(42)">" status="not-vulnerable">
	3456
	3457	<Paragraph>
	3458	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3459	<Paragraph>
	3460	<ContainerBlockElement>
	3461	<ContainerBlockElement>
	3462	<Paragraph>HTTP GET request to
	3463	<URLLink LinkURL="ftp://ftp.kernel.org/<img%20src=""%20onerror="alert(42)">" LinkTitle="ftp://ftp.kernel.org/<img%20src=""%20onerror="alert(42)">"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3464	</test>
	3465
	3466	<test id="http-adobe-amf-gateway-xxe-cve-2009-3960" key="/flex2gateway/http" status="not-vulnerable">
	3467
	3468	<Paragraph>
	3469	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3470	<Paragraph>
	3471	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3472	</test>
	3473	</tests>
	3474	</service>
	3475	</services>
	3476	</endpoint>
	3477	</endpoints>
	3478	</node>
	3479
	3480	<node address="192.168.1.33" status="alive" device-id="5">
	3481	<fingerprints>
	3482	<os certainty="0.80" vendor="Linux" family="Linux" product="Linux" version="2.6.18_pro500-davinci_IPNC_1.00" arch="armv5tejl"/>
	3483	<os certainty="0.70" device-class="General" vendor="Linux" family="Linux" product="Linux" version="2.6.9"/>
	3484	<os certainty="0.60" vendor="Linux" family="Linux" product="Linux"/>
	3485	</fingerprints>
	3486	<tests>
	3487	<test id="tcp-seq-num-approximation" status="vulnerable-exploited">
	3488
	3489	<Paragraph>
	3490	<Paragraph>TCP reset with incorrect sequence number triggered this fault on 192.168.1.33:443: Connection reset by peer</Paragraph></Paragraph>
	3491	</test>
	3492
	3493	<test id="generic-icmp-netmask" status="not-vulnerable">
	3494
	3495	<Paragraph>
	3496	<Paragraph>No response</Paragraph></Paragraph>
	3497	</test>
	3498
	3499	<test id="generic-icmp-timestamp" status="vulnerable-exploited">
	3500
	3501	<Paragraph>
	3502	<Paragraph>Remote system time: 05:15:22.694 UTC</Paragraph></Paragraph>
	3503	</test>
	3504
	3505	<test id="generic-tcp-timestamp" status="vulnerable-exploited">
	3506
	3507	<Paragraph>
	3508	<Paragraph>Apparent system boot time: Sat Nov 23 20:27:00 UTC 2013</Paragraph></Paragraph>
	3509	</test>
	3510
	3511	<test id="udp-ipid-zero" status="vulnerable-version">
	3512
	3513	<Paragraph>
	3514	<Paragraph>Received UDP packet with IP ID of zero:
	3515	<UnorderedList>
	3516	<ListItem>
	3517	<Paragraph preformat="true">IPv4 SRC[192.168.1.33] TGT[192.168.1.39]
	3518	TOS[0] TTL[64] Flags[40] Proto[17] ID[0] FragOff[0]
	3519	HDR-LENGTH[20] TOTAL-LENGTH[76] CKSUM[46856]
	3520	UDP SRC-PORT[123] TGT-PORT[3037] CKSUM[59938]
	3521	RAW DATA [48]:
	3522	1A050AEF0000A7FF00003A4B3D43D2F1 ...�..��..:K=C��
	3523	D63FFC67709A9973C6F15EDB78000000 �?�gp��s��^�x...
	3524	D63FFE5FA76C15D2D63FFE5FA77AE579 �?�_�l.��?�_�z�y
	3525	</Paragraph></ListItem></UnorderedList></Paragraph></Paragraph>
	3526	</test>
	3527	</tests>
	3528	<endpoints>
	3529	<endpoint protocol="tcp" port="80" status="open">
	3530	<services>
	3531	<service name="HTTP">
	3532	<tests>
	3533	<test id="adobe-apsb13-03-cve-2013-0632" key="/CFIDE/adminapi/administrator.cfc?" status="not-vulnerable">
	3534
	3535	<Paragraph>
	3536	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3537	<Paragraph>
	3538	<ContainerBlockElement>
	3539	<ContainerBlockElement>
	3540	<Paragraph>HTTP POST request to
	3541	<URLLink LinkURL="http://192.168.1.33/CFIDE/adminapi/administrator.cfc" LinkTitle="http://192.168.1.33/CFIDE/adminapi/administrator.cfc"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3542	</test>
	3543
	3544	<test id="adobe-apsb13-13-cve-2013-1389" status="skipped-version">
	3545
	3546	<Paragraph>
	3547	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3548	<Paragraph>Based on the result of the "APSB13-13: Security updates available for Adobe ColdFusion (CVE-2013-3336)" test, this node is not vulnerable to this issue.</Paragraph></Paragraph>
	3549	</test>
	3550
	3551	<test id="http-3com-wap-default-admin-password" key="/index.htm" status="not-vulnerable">
	3552
	3553	<Paragraph>
	3554	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3555	<Paragraph>
	3556	<ContainerBlockElement>
	3557	<ContainerBlockElement>
	3558	<Paragraph>HTTP POST request to
	3559	<URLLink LinkURL="http://192.168.1.33/index.htm" LinkTitle="http://192.168.1.33/index.htm"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3560	</test>
	3561
	3562	<test id="http-drac-default-login" key="/data/login" status="not-vulnerable">
	3563
	3564	<Paragraph>
	3565	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3566	<Paragraph>
	3567	<ContainerBlockElement>
	3568	<ContainerBlockElement>
	3569	<Paragraph>HTTP POST request to
	3570	<URLLink LinkURL="http://192.168.1.33/data/login" LinkTitle="http://192.168.1.33/data/login"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3571	</test>
	3572
	3573	<test id="http-drac-default-login" key="/cgi/login" status="not-vulnerable">
	3574
	3575	<Paragraph>
	3576	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3577	<Paragraph>
	3578	<ContainerBlockElement>
	3579	<ContainerBlockElement>
	3580	<Paragraph>HTTP POST request to
	3581	<URLLink LinkURL="http://192.168.1.33/cgi/login" LinkTitle="http://192.168.1.33/cgi/login"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3582	</test>
	3583
	3584	<test id="http-glassfish-default-admin-password" key="/common/index.jsf" status="not-vulnerable">
	3585
	3586	<Paragraph>
	3587	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3588	<Paragraph>
	3589	<ContainerBlockElement>
	3590	<ContainerBlockElement>
	3591	<Paragraph>HTTP GET request to
	3592	<URLLink LinkURL="http://192.168.1.33/common/index.jsf" LinkTitle="http://192.168.1.33/common/index.jsf"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3593	</test>
	3594
	3595	<test id="http-nokia-firewall-default-admin-password" key="/cgi-bin/home.tcl" status="not-vulnerable">
	3596
	3597	<Paragraph>
	3598	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3599	<Paragraph>
	3600	<ContainerBlockElement>
	3601	<ContainerBlockElement>
	3602	<Paragraph>HTTP POST request to
	3603	<URLLink LinkURL="http://192.168.1.33/cgi-bin/home.tcl" LinkTitle="http://192.168.1.33/cgi-bin/home.tcl"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3604	</test>
	3605
	3606	<test id="http-phpmyadmin-account-pma-password-empty" key="/phpmyadmin/" status="not-vulnerable">
	3607
	3608	<Paragraph>
	3609	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3610	<Paragraph>
	3611	<ContainerBlockElement>
	3612	<ContainerBlockElement>
	3613	<Paragraph>HTTP GET request to
	3614	<URLLink LinkURL="http://192.168.1.33/phpmyadmin/" LinkTitle="http://192.168.1.33/phpmyadmin/"></URLLink></Paragraph>HTTP response code was 404 but expected 401</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3615	</test>
	3616
	3617	<test id="apache-struts-cve-2013-2251" key="/struts2-blank/example/HelloWorld.action" status="not-vulnerable">
	3618
	3619	<Paragraph>
	3620	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3621	<Paragraph>
	3622	<ContainerBlockElement>
	3623	<ContainerBlockElement>
	3624	<Paragraph>HTTP GET request to
	3625	<URLLink LinkURL="http://192.168.1.33/struts2-blank/example/HelloWorld.action" LinkTitle="http://192.168.1.33/struts2-blank/example/HelloWorld.action"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3626	</test>
	3627
	3628	<test id="apache-struts-cve-2013-2251" key="/struts2-showcase/employee/save.action" status="not-vulnerable">
	3629
	3630	<Paragraph>
	3631	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3632	<Paragraph>
	3633	<ContainerBlockElement>
	3634	<ContainerBlockElement>
	3635	<Paragraph>HTTP GET request to
	3636	<URLLink LinkURL="http://192.168.1.33/struts2-showcase/employee/save.action" LinkTitle="http://192.168.1.33/struts2-showcase/employee/save.action"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3637	</test>
	3638
	3639	<test id="checkpoint-ess-info-disclosure-sk57881" key="/conf/ssl/apache/integrity-smartcenter.key" status="not-vulnerable">
	3640
	3641	<Paragraph>
	3642	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3643	<Paragraph>
	3644	<ContainerBlockElement>
	3645	<ContainerBlockElement>
	3646	<Paragraph>HTTP GET request to
	3647	<URLLink LinkURL="http://192.168.1.33/conf/ssl/apache/integrity.key" LinkTitle="http://192.168.1.33/conf/ssl/apache/integrity.key"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	3648	<ContainerBlockElement>
	3649	<Paragraph>HTTP GET request to
	3650	<URLLink LinkURL="http://192.168.1.33/conf/ssl/apache/integrity-smartcenter.key" LinkTitle="http://192.168.1.33/conf/ssl/apache/integrity-smartcenter.key"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3651	</test>
	3652
	3653	<test id="adobe-apsb10-18-cve-2010-2861" key="/CFIDE/administrator/enter.cfm?locale=../../../../../../../lib/password.properties%00en" status="not-vulnerable">
	3654
	3655	<Paragraph>
	3656	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3657	<Paragraph>
	3658	<ContainerBlockElement>
	3659	<ContainerBlockElement>
	3660	<Paragraph>HTTP GET request to
	3661	<URLLink LinkURL="http://192.168.1.33/CFIDE/administrator/enter.cfm?locale=../../../../../../../lib/password.properties%00en" LinkTitle="http://192.168.1.33/CFIDE/administrator/enter.cfm?locale=../../../../../../../lib/password.properties%00en"></URLLink></Paragraph>HTTP response code was 404 but expected 200HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3662	</test>
	3663
	3664	<test id="http-awstats-remote-code-execution" key="/cgi-bin/awstats/awstats.pl?PluginMode=:print+%22x%22%2e(1042+%2b+1099)%2e%22x%22;" status="not-vulnerable">
	3665
	3666	<Paragraph>
	3667	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3668	<Paragraph>
	3669	<ContainerBlockElement>
	3670	<ContainerBlockElement>
	3671	<Paragraph>HTTP GET request to
	3672	<URLLink LinkURL="http://192.168.1.33/cgi-bin/awstats.pl?PluginMode=:print+%22x%22%2e(1042+%2b+1099)%2e%22x%22;" LinkTitle="http://192.168.1.33/cgi-bin/awstats.pl?PluginMode=:print+%22x%22%2e(1042+%2b+1099)%2e%22x%22;"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	3673	<ContainerBlockElement>
	3674	<Paragraph>HTTP GET request to
	3675	<URLLink LinkURL="http://192.168.1.33/cgi-bin/awstats/awstats.pl?PluginMode=:print+%22x%22%2e(1042+%2b+1099)%2e%22x%22;" LinkTitle="http://192.168.1.33/cgi-bin/awstats/awstats.pl?PluginMode=:print+%22x%22%2e(1042+%2b+1099)%2e%22x%22;"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3676	</test>
	3677
	3678	<test id="http-cgi-faxsurvey-command-execution" key="/cgi-bin/faxquery?/bin/cat%20/etc/passwd" status="not-vulnerable">
	3679
	3680	<Paragraph>
	3681	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3682	<Paragraph>
	3683	<ContainerBlockElement>
	3684	<ContainerBlockElement>
	3685	<Paragraph>HTTP GET request to
	3686	<URLLink LinkURL="http://192.168.1.33/cgi-bin/faxsurvey?/bin/cat%20/etc/passwd" LinkTitle="http://192.168.1.33/cgi-bin/faxsurvey?/bin/cat%20/etc/passwd"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	3687	<ContainerBlockElement>
	3688	<Paragraph>HTTP GET request to
	3689	<URLLink LinkURL="http://192.168.1.33/cgi-bin/faxquery?/bin/cat%20/etc/passwd" LinkTitle="http://192.168.1.33/cgi-bin/faxquery?/bin/cat%20/etc/passwd"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3690	</test>
	3691
	3692	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/orm/" status="not-vulnerable">
	3693
	3694	<Paragraph>
	3695	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3696	<Paragraph>
	3697	<ContainerBlockElement>
	3698	<ContainerBlockElement>
	3699	<Paragraph>HTTP GET request to
	3700	<URLLink LinkURL="http://192.168.1.33/CFIDE/orm/" LinkTitle="http://192.168.1.33/CFIDE/orm/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3701	</test>
	3702
	3703	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/administrator/enter.cfm" status="not-vulnerable">
	3704
	3705	<Paragraph>
	3706	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3707	<Paragraph>
	3708	<ContainerBlockElement>
	3709	<ContainerBlockElement>
	3710	<Paragraph>HTTP GET request to
	3711	<URLLink LinkURL="http://192.168.1.33/CFIDE/administrator/" LinkTitle="http://192.168.1.33/CFIDE/administrator/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	3712	<ContainerBlockElement>
	3713	<Paragraph>HTTP GET request to
	3714	<URLLink LinkURL="http://192.168.1.33/CFIDE/administrator/enter.cfm" LinkTitle="http://192.168.1.33/CFIDE/administrator/enter.cfm"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3715	</test>
	3716
	3717	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/AIR/" status="not-vulnerable">
	3718
	3719	<Paragraph>
	3720	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3721	<Paragraph>
	3722	<ContainerBlockElement>
	3723	<ContainerBlockElement>
	3724	<Paragraph>HTTP GET request to
	3725	<URLLink LinkURL="http://192.168.1.33/CFIDE/AIR/" LinkTitle="http://192.168.1.33/CFIDE/AIR/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3726	</test>
	3727
	3728	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/appdeployment/" status="not-vulnerable">
	3729
	3730	<Paragraph>
	3731	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3732	<Paragraph>
	3733	<ContainerBlockElement>
	3734	<ContainerBlockElement>
	3735	<Paragraph>HTTP GET request to
	3736	<URLLink LinkURL="http://192.168.1.33/CFIDE/appdeployment/" LinkTitle="http://192.168.1.33/CFIDE/appdeployment/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3737	</test>
	3738
	3739	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/componentutils/" status="not-vulnerable">
	3740
	3741	<Paragraph>
	3742	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3743	<Paragraph>
	3744	<ContainerBlockElement>
	3745	<ContainerBlockElement>
	3746	<Paragraph>HTTP GET request to
	3747	<URLLink LinkURL="http://192.168.1.33/CFIDE/componentutils/" LinkTitle="http://192.168.1.33/CFIDE/componentutils/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3748	</test>
	3749
	3750	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/scheduler/" status="not-vulnerable">
	3751
	3752	<Paragraph>
	3753	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3754	<Paragraph>
	3755	<ContainerBlockElement>
	3756	<ContainerBlockElement>
	3757	<Paragraph>HTTP GET request to
	3758	<URLLink LinkURL="http://192.168.1.33/CFIDE/scheduler/" LinkTitle="http://192.168.1.33/CFIDE/scheduler/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3759	</test>
	3760
	3761	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/servermanager/" status="not-vulnerable">
	3762
	3763	<Paragraph>
	3764	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3765	<Paragraph>
	3766	<ContainerBlockElement>
	3767	<ContainerBlockElement>
	3768	<Paragraph>HTTP GET request to
	3769	<URLLink LinkURL="http://192.168.1.33/CFIDE/servermanager/" LinkTitle="http://192.168.1.33/CFIDE/servermanager/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3770	</test>
	3771
	3772	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/services/" status="not-vulnerable">
	3773
	3774	<Paragraph>
	3775	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3776	<Paragraph>
	3777	<ContainerBlockElement>
	3778	<ContainerBlockElement>
	3779	<Paragraph>HTTP GET request to
	3780	<URLLink LinkURL="http://192.168.1.33/CFIDE/services/" LinkTitle="http://192.168.1.33/CFIDE/services/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3781	</test>
	3782
	3783	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/adminapi/base.cfc?wsdl" status="not-vulnerable">
	3784
	3785	<Paragraph>
	3786	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3787	<Paragraph>
	3788	<ContainerBlockElement>
	3789	<ContainerBlockElement>
	3790	<Paragraph>HTTP GET request to
	3791	<URLLink LinkURL="http://192.168.1.33/CFIDE/adminapi/base.cfc?wsdl" LinkTitle="http://192.168.1.33/CFIDE/adminapi/base.cfc?wsdl"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3792	</test>
	3793
	3794	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/wizards/common/" status="not-vulnerable">
	3795
	3796	<Paragraph>
	3797	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3798	<Paragraph>
	3799	<ContainerBlockElement>
	3800	<ContainerBlockElement>
	3801	<Paragraph>HTTP GET request to
	3802	<URLLink LinkURL="http://192.168.1.33/CFIDE/wizards/common/" LinkTitle="http://192.168.1.33/CFIDE/wizards/common/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3803	</test>
	3804
	3805	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/adminiapi/" status="not-vulnerable">
	3806
	3807	<Paragraph>
	3808	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3809	<Paragraph>
	3810	<ContainerBlockElement>
	3811	<ContainerBlockElement>
	3812	<Paragraph>HTTP GET request to
	3813	<URLLink LinkURL="http://192.168.1.33/CFIDE/adminiapi/" LinkTitle="http://192.168.1.33/CFIDE/adminiapi/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3814	</test>
	3815
	3816	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/wizards/common/utils.cfc?method=verifyldapserver&vserver=localhost&vport=22&vstart=&vusername=&vpassword=&returnformat=json" status="not-vulnerable">
	3817
	3818	<Paragraph>
	3819	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3820	<Paragraph>
	3821	<ContainerBlockElement>
	3822	<ContainerBlockElement>
	3823	<Paragraph>HTTP GET request to
	3824	<URLLink LinkURL="http://192.168.1.33/CFIDE/wizards/common/utils.cfc?method=verifyldapserver&vserver=localhost&vport=22&vstart=&vusername=&vpassword=&returnformat=json" LinkTitle="http://192.168.1.33/CFIDE/wizards/common/utils.cfc?method=verifyldapserver&vserver=localhost&vport=22&vstart=&vusername=&vpassword=&returnformat=json"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3825	</test>
	3826
	3827	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/websocket/" status="not-vulnerable">
	3828
	3829	<Paragraph>
	3830	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3831	<Paragraph>
	3832	<ContainerBlockElement>
	3833	<ContainerBlockElement>
	3834	<Paragraph>HTTP GET request to
	3835	<URLLink LinkURL="http://192.168.1.33/CFIDE/websocket/" LinkTitle="http://192.168.1.33/CFIDE/websocket/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3836	</test>
	3837
	3838	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/portlets/" status="not-vulnerable">
	3839
	3840	<Paragraph>
	3841	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3842	<Paragraph>
	3843	<ContainerBlockElement>
	3844	<ContainerBlockElement>
	3845	<Paragraph>HTTP GET request to
	3846	<URLLink LinkURL="http://192.168.1.33/CFIDE/portlets/" LinkTitle="http://192.168.1.33/CFIDE/portlets/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3847	</test>
	3848
	3849	<test id="http-frontpage-unprotected" key="/_vti_bin/_vti_aut/author.dll" status="not-vulnerable">
	3850
	3851	<Paragraph>
	3852	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3853	<Paragraph>
	3854	<ContainerBlockElement>
	3855	<ContainerBlockElement>
	3856	<Paragraph>HTTP GET request to
	3857	<URLLink LinkURL="http://192.168.1.33/_vti_bin/_vti_aut/author.dll" LinkTitle="http://192.168.1.33/_vti_bin/_vti_aut/author.dll"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3858	</test>
	3859
	3860	<test id="http-php-xmlrpc-code-injection" key="/script/xmlrpc.php" status="not-vulnerable">
	3861
	3862	<Paragraph>
	3863	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3864	<Paragraph>
	3865	<ContainerBlockElement>
	3866	<ContainerBlockElement>
	3867	<Paragraph>HTTP POST request to
	3868	<URLLink LinkURL="http://192.168.1.33/xmlrpc.php" LinkTitle="http://192.168.1.33/xmlrpc.php"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	3869	<ContainerBlockElement>
	3870	<Paragraph>HTTP POST request to
	3871	<URLLink LinkURL="http://192.168.1.33/serendipity/serendipity_xmlrpc.php" LinkTitle="http://192.168.1.33/serendipity/serendipity_xmlrpc.php"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	3872	<ContainerBlockElement>
	3873	<Paragraph>HTTP POST request to
	3874	<URLLink LinkURL="http://192.168.1.33/serendipity/xmlrpc.php" LinkTitle="http://192.168.1.33/serendipity/xmlrpc.php"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	3875	<ContainerBlockElement>
	3876	<Paragraph>HTTP POST request to
	3877	<URLLink LinkURL="http://192.168.1.33/drupal/xmlrpc.php" LinkTitle="http://192.168.1.33/drupal/xmlrpc.php"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	3878	<ContainerBlockElement>
	3879	<Paragraph>HTTP POST request to
	3880	<URLLink LinkURL="http://192.168.1.33/bblog/xmlrpc.php" LinkTitle="http://192.168.1.33/bblog/xmlrpc.php"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	3881	<ContainerBlockElement>
	3882	<Paragraph>HTTP POST request to
	3883	<URLLink LinkURL="http://192.168.1.33/blogs/xmlsrv/xmlrpc.php" LinkTitle="http://192.168.1.33/blogs/xmlsrv/xmlrpc.php"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	3884	<ContainerBlockElement>
	3885	<Paragraph>HTTP POST request to
	3886	<URLLink LinkURL="http://192.168.1.33/xmlsrv/xmlrpc.php" LinkTitle="http://192.168.1.33/xmlsrv/xmlrpc.php"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	3887	<ContainerBlockElement>
	3888	<Paragraph>HTTP POST request to
	3889	<URLLink LinkURL="http://192.168.1.33/xmlrpc/xmlrpc.php" LinkTitle="http://192.168.1.33/xmlrpc/xmlrpc.php"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	3890	<ContainerBlockElement>
	3891	<Paragraph>HTTP POST request to
	3892	<URLLink LinkURL="http://192.168.1.33/script/xmlrpc.php" LinkTitle="http://192.168.1.33/script/xmlrpc.php"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3893	</test>
	3894
	3895	<test id="adobe-apsb13-03-cve-2013-0625" status="skipped-version">
	3896
	3897	<Paragraph>
	3898	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3899	<Paragraph>Based on the result of the "APSB13-03: Security updates available for Adobe ColdFusion (CVE-2013-0629)" test, this node is not vulnerable to this issue.</Paragraph></Paragraph>
	3900	</test>
	3901
	3902	<test id="http-basic-auth-cleartext" key="/" status="vulnerable-exploited">
	3903
	3904	<Paragraph>
	3905	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3906	<Paragraph>
	3907	<ContainerBlockElement>
	3908	<Paragraph>HTTP request to
	3909	<URLLink LinkURL="http://192.168.1.33/" LinkTitle="http://192.168.1.33/"></URLLink></Paragraph>HTTP response code was an expected 401
	3910	<Paragraph preformat="true">1: Basic realm="DCS-2132L"</Paragraph>
	3911	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></Paragraph></Paragraph>
	3912	</test>
	3913
	3914	<test id="http-basic-auth-cleartext" key="/" status="vulnerable-exploited">
	3915
	3916	<Paragraph>
	3917	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3918	<Paragraph>
	3919	<ContainerBlockElement>
	3920	<ContainerBlockElement>
	3921	<Paragraph>HTTP GET request to
	3922	<URLLink LinkURL="http://192.168.1.33/" LinkTitle="http://192.168.1.33/"></URLLink></Paragraph>HTTP response code was an expected 401
	3923	<Paragraph preformat="true">1: Basic realm="DCS-2132L"</Paragraph>
	3924	<Paragraph>HTTP header 'WWW-Authenticate' was present and matched expectation</Paragraph></ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3925	</test>
	3926
	3927	<test id="http-iis-0014" status="not-vulnerable">
	3928
	3929	<Paragraph>
	3930	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3931	<Paragraph>Based on the following 3 results:
	3932	<OrderedList>
	3933	<ListItem>
	3934	<Paragraph>
	3935	<ContainerBlockElement>
	3936	<ContainerBlockElement>
	3937	<Paragraph>HTTP GET request to
	3938	<URLLink LinkURL="http://192.168.1.33/scripts/tools/newdsn.exe?driver=Microsoft%2BAccess%2BDriver%2B%28.mdb%29&dsn=Web%20SQL&dbq=c:\temp\xyz.mdb&newdb=CREATE_DB&attr=" LinkTitle="http://192.168.1.33/scripts/tools/newdsn.exe?driver=Microsoft%2BAccess%2BDriver%2B%28.mdb%29&dsn=Web%20SQL&dbq=c:\temp\xyz.mdb&newdb=CREATE_DB&attr="></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></ListItem>
	3939	<ListItem>
	3940	<Paragraph>
	3941	<ContainerBlockElement>
	3942	<ContainerBlockElement>
	3943	<Paragraph>HTTP GET request to
	3944	<URLLink LinkURL="http://192.168.1.33/AdvWorks/equipment/catalog_type.asp?ProductType=\|shell("c:cmd.exe")\|" LinkTitle="http://192.168.1.33/AdvWorks/equipment/catalog_type.asp?ProductType=\|shell("c:cmd.exe")\|"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></ListItem>
	3945	<ListItem>
	3946	<Paragraph>
	3947	<ContainerBlockElement>
	3948	<ContainerBlockElement>
	3949	<Paragraph>HTTP GET request to
	3950	<URLLink LinkURL="http://192.168.1.33/ASPSamp/AdvWorks/equipment/catalog_type.asp?ProductType=\|shell("c:cmd.exe")\|" LinkTitle="http://192.168.1.33/ASPSamp/AdvWorks/equipment/catalog_type.asp?ProductType=\|shell("c:cmd.exe")\|"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></ListItem></OrderedList></Paragraph></Paragraph>
	3951	</test>
	3952
	3953	<test id="http-cgi-viewsource-arbitrary-file-access" key="/cgi-bin/view-source?../../../../../../../etc/passwd" status="not-vulnerable">
	3954
	3955	<Paragraph>
	3956	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3957	<Paragraph>
	3958	<ContainerBlockElement>
	3959	<ContainerBlockElement>
	3960	<Paragraph>HTTP GET request to
	3961	<URLLink LinkURL="http://192.168.1.33/cgi-bin/view-source?../../../../../../../etc/passwd" LinkTitle="http://192.168.1.33/cgi-bin/view-source?../../../../../../../etc/passwd"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3962	</test>
	3963
	3964	<test id="http-trace-method-enabled" key="/" status="not-vulnerable">
	3965
	3966	<Paragraph>
	3967	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3968	<Paragraph>
	3969	<ContainerBlockElement>
	3970	<ContainerBlockElement>
	3971	<Paragraph>HTTP TRACE request to
	3972	<URLLink LinkURL="http://192.168.1.33/" LinkTitle="http://192.168.1.33/"></URLLink></Paragraph></ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3973	</test>
	3974
	3975	<test id="http-track-method-enabled" key="/" status="not-vulnerable">
	3976
	3977	<Paragraph>
	3978	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3979	<Paragraph>
	3980	<ContainerBlockElement>
	3981	<ContainerBlockElement>
	3982	<Paragraph>HTTP TRACK request to
	3983	<URLLink LinkURL="http://192.168.1.33/" LinkTitle="http://192.168.1.33/"></URLLink></Paragraph></ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3984	</test>
	3985
	3986	<test id="spider-adobe-flash-permissive-crossdomain-xml" key="/crossdomain.xml" status="not-vulnerable">
	3987
	3988	<Paragraph>
	3989	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	3990	<Paragraph>
	3991	<ContainerBlockElement>
	3992	<ContainerBlockElement>
	3993	<Paragraph>HTTP GET request to
	3994	<URLLink LinkURL="http://192.168.1.33/crossdomain.xml" LinkTitle="http://192.168.1.33/crossdomain.xml"></URLLink></Paragraph></ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	3995	</test>
	3996
	3997	<test id="adobe-apsb13-03-cve-2013-0631" key="/CFIDE/r.cfm" status="not-vulnerable">
	3998
	3999	<Paragraph>
	4000	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	4001	<Paragraph>
	4002	<ContainerBlockElement>
	4003	<ContainerBlockElement>
	4004	<Paragraph>HTTP GET request to
	4005	<URLLink LinkURL="http://192.168.1.33/CFIDE/adminapi/customtags/fusebox.cfm" LinkTitle="http://192.168.1.33/CFIDE/adminapi/customtags/fusebox.cfm"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	4006	<ContainerBlockElement>
	4007	<Paragraph>HTTP GET request to
	4008	<URLLink LinkURL="http://192.168.1.33/CFIDE/adminapi/customtags/adss.cfm" LinkTitle="http://192.168.1.33/CFIDE/adminapi/customtags/adss.cfm"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	4009	<ContainerBlockElement>
	4010	<Paragraph>HTTP GET request to
	4011	<URLLink LinkURL="http://192.168.1.33/CFIDE/h.cfm" LinkTitle="http://192.168.1.33/CFIDE/h.cfm"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	4012	<ContainerBlockElement>
	4013	<Paragraph>HTTP GET request to
	4014	<URLLink LinkURL="http://192.168.1.33/CFIDE/h9.cfm" LinkTitle="http://192.168.1.33/CFIDE/h9.cfm"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	4015	<ContainerBlockElement>
	4016	<Paragraph>HTTP GET request to
	4017	<URLLink LinkURL="http://192.168.1.33/CFIDE/help.cfm" LinkTitle="http://192.168.1.33/CFIDE/help.cfm"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	4018	<ContainerBlockElement>
	4019	<Paragraph>HTTP GET request to
	4020	<URLLink LinkURL="http://192.168.1.33/CFIDE/i.cfm" LinkTitle="http://192.168.1.33/CFIDE/i.cfm"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	4021	<ContainerBlockElement>
	4022	<Paragraph>HTTP GET request to
	4023	<URLLink LinkURL="http://192.168.1.33/CFIDE/r.cfm" LinkTitle="http://192.168.1.33/CFIDE/r.cfm"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4024	</test>
	4025
	4026	<test id="adobe-apsb13-13-cve-2013-3336" key="/CFIDE/adminapi/customtags/l10n.cfm?attributes.id=test&attributes.file=../../administrator/mail/download.cfm&filename=../lib/password.properties&attributes.locale=it&attributes.var=it&attributes.jscript=false&attributes.type=text/html&attributes.charset=U" status="not-vulnerable">
	4027
	4028	<Paragraph>
	4029	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	4030	<Paragraph>
	4031	<ContainerBlockElement>
	4032	<ContainerBlockElement>
	4033	<Paragraph>HTTP GET request to
	4034	<URLLink LinkURL="http://192.168.1.33/CFIDE/adminapi/customtags/l10n.cfm?attributes.id=test&attributes.file=../../administrator/mail/download.cfm&filename=../../lib/password.properties&attributes.locale=it&attributes.var=it&attributes.jscript=false&attributes.type=text/html&attributes.charset=UTF-8&thisTag.executionmode=end&thisTag.generatedContent=test" LinkTitle="http://192.168.1.33/CFIDE/adminapi/customtags/l10n.cfm?attributes.id=test&attributes.file=../../administrator/mail/download.cfm&filename=../../lib/password.properties&attributes.locale=it&attributes.var=it&attributes.jscript=false&attributes.type=text/html&attributes.charset=UTF-8&thisTag.executionmode=end&thisTag.generatedContent=test"></URLLink></Paragraph>HTTP response code was 404 but expected 200HTTP response code was 404 but expected 200HTTP response code was 404 but expected 200</ContainerBlockElement>
	4035	<ContainerBlockElement>
	4036	<Paragraph>HTTP GET request to
	4037	<URLLink LinkURL="http://192.168.1.33/CFIDE/adminapi/customtags/l10n.cfm?attributes.id=test&attributes.file=../../administrator/mail/download.cfm&filename=../lib/password.properties&attributes.locale=it&attributes.var=it&attributes.jscript=false&attributes.type=text/html&attributes.charset=UTF-8&thisTag.executionmode=end&thisTag.generatedContent=test" LinkTitle="http://192.168.1.33/CFIDE/adminapi/customtags/l10n.cfm?attributes.id=test&attributes.file=../../administrator/mail/download.cfm&filename=../lib/password.properties&attributes.locale=it&attributes.var=it&attributes.jscript=false&attributes.type=text/html&attributes.charset=UTF-8&thisTag.executionmode=end&thisTag.generatedContent=test"></URLLink></Paragraph>HTTP response code was 404 but expected 200HTTP response code was 404 but expected 200HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4038	</test>
	4039
	4040	<test id="http-awstats-debug-information-disclosure" key="/cgi-bin/awstats/awstats.pl?debug=1" status="not-vulnerable">
	4041
	4042	<Paragraph>
	4043	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	4044	<Paragraph>
	4045	<ContainerBlockElement>
	4046	<ContainerBlockElement>
	4047	<Paragraph>HTTP GET request to
	4048	<URLLink LinkURL="http://192.168.1.33/cgi-bin/awstats.pl?debug=1" LinkTitle="http://192.168.1.33/cgi-bin/awstats.pl?debug=1"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	4049	<ContainerBlockElement>
	4050	<Paragraph>HTTP GET request to
	4051	<URLLink LinkURL="http://192.168.1.33/cgi-bin/awstats/awstats.pl?debug=1" LinkTitle="http://192.168.1.33/cgi-bin/awstats/awstats.pl?debug=1"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4052	</test>
	4053
	4054	<test id="http-bigbrother-accessible" key="/bb/" status="not-vulnerable">
	4055
	4056	<Paragraph>
	4057	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	4058	<Paragraph>
	4059	<ContainerBlockElement>
	4060	<ContainerBlockElement>
	4061	<Paragraph>HTTP GET request to
	4062	<URLLink LinkURL="http://192.168.1.33/bb/" LinkTitle="http://192.168.1.33/bb/"></URLLink></Paragraph></ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4063	</test>
	4064
	4065	<test id="http-cgi-htdig-arbitrary-file-access" key="/cgi-bin/htsearch?Exclude=%60/etc/passwd%60" status="not-vulnerable">
	4066
	4067	<Paragraph>
	4068	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	4069	<Paragraph>
	4070	<ContainerBlockElement>
	4071	<ContainerBlockElement>
	4072	<Paragraph>HTTP GET request to
	4073	<URLLink LinkURL="http://192.168.1.33/cgi-bin/htsearch?Exclude=%60/etc/passwd%60" LinkTitle="http://192.168.1.33/cgi-bin/htsearch?Exclude=%60/etc/passwd%60"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4074	</test>
	4075
	4076	<test id="http-cgi-htgrep-arbitrary-file-access" key="/cgi-bin/htgrep/file=index.html&hdr=/etc/passwd" status="not-vulnerable">
	4077
	4078	<Paragraph>
	4079	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	4080	<Paragraph>
	4081	<ContainerBlockElement>
	4082	<ContainerBlockElement>
	4083	<Paragraph>HTTP GET request to
	4084	<URLLink LinkURL="http://192.168.1.33/cgi-bin/htgrep/file=index.html&hdr=/etc/passwd" LinkTitle="http://192.168.1.33/cgi-bin/htgrep/file=index.html&hdr=/etc/passwd"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4085	</test>
	4086
	4087	<test id="http-cgi-htmlscript-arbitrary-file-access" key="/cgi-bin/htmlscript?../../../../../../../etc/passwd" status="not-vulnerable">
	4088
	4089	<Paragraph>
	4090	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	4091	<Paragraph>
	4092	<ContainerBlockElement>
	4093	<ContainerBlockElement>
	4094	<Paragraph>HTTP GET request to
	4095	<URLLink LinkURL="http://192.168.1.33/cgi-bin/htmlscript?../../../../../../../etc/passwd" LinkTitle="http://192.168.1.33/cgi-bin/htmlscript?../../../../../../../etc/passwd"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4096	</test>
	4097
	4098	<test id="http-cgi-testcgi-file-listing" key="/cgi-bin/test-cgi" status="not-vulnerable">
	4099
	4100	<Paragraph>
	4101	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	4102	<Paragraph>
	4103	<ContainerBlockElement>
	4104	<ContainerBlockElement>
	4105	<Paragraph>HTTP POST request to
	4106	<URLLink LinkURL="http://192.168.1.33/cgi-bin/test-cgi" LinkTitle="http://192.168.1.33/cgi-bin/test-cgi"></URLLink></Paragraph></ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4107	</test>
	4108
	4109	<test id="http-lighttpd-mod_userdir-info-discl" key="/~bin/true" status="not-vulnerable">
	4110
	4111	<Paragraph>
	4112	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	4113	<Paragraph>
	4114	<ContainerBlockElement>
	4115	<ContainerBlockElement>
	4116	<Paragraph>HTTP GET request to
	4117	<URLLink LinkURL="http://192.168.1.33/~bin/true" LinkTitle="http://192.168.1.33/~bin/true"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4118	</test>
	4119
	4120	<test id="http-open-proxy" key="http://www.google.com:80/" status="not-vulnerable">
	4121
	4122	<Paragraph>
	4123	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	4124	<Paragraph>
	4125	<ContainerBlockElement>
	4126	<ContainerBlockElement>
	4127	<Paragraph>HTTP HEAD request to
	4128	<URLLink LinkURL="http://www.google.com/" LinkTitle="http://www.google.com/"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4129	</test>
	4130
	4131	<test id="http-php-ini-file-exposed" key="/cgi-bin/php.ini" status="not-vulnerable">
	4132
	4133	<Paragraph>
	4134	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	4135	<Paragraph>
	4136	<ContainerBlockElement>
	4137	<ContainerBlockElement>
	4138	<Paragraph>HTTP GET request to
	4139	<URLLink LinkURL="http://192.168.1.33/cgi-bin/php.ini" LinkTitle="http://192.168.1.33/cgi-bin/php.ini"></URLLink></Paragraph></ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4140	</test>
	4141
	4142	<test id="http-symantec-scan-engine-file-disclosure" key="/README.txt" status="not-vulnerable">
	4143
	4144	<Paragraph>
	4145	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	4146	<Paragraph>
	4147	<ContainerBlockElement>
	4148	<ContainerBlockElement>
	4149	<Paragraph>HTTP GET request to
	4150	<URLLink LinkURL="http://192.168.1.33/README.txt" LinkTitle="http://192.168.1.33/README.txt"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4151	</test>
	4152
	4153	<test id="http-tomcat-jkstatus-accessible" key="/jkstatus/" status="not-vulnerable">
	4154
	4155	<Paragraph>
	4156	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	4157	<Paragraph>
	4158	<ContainerBlockElement>
	4159	<ContainerBlockElement>
	4160	<Paragraph>HTTP GET request to
	4161	<URLLink LinkURL="http://192.168.1.33/jkstatus/" LinkTitle="http://192.168.1.33/jkstatus/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4162	</test>
	4163
	4164	<test id="adobe-apsb13-03-cve-2013-0629" key="/CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtml&name=CFIDE.componentutils.cfcexplorer&path=../../../../license.html" status="not-vulnerable">
	4165
	4166	<Paragraph>
	4167	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	4168	<Paragraph>
	4169	<ContainerBlockElement>
	4170	<ContainerBlockElement>
	4171	<Paragraph>HTTP GET request to
	4172	<URLLink LinkURL="http://192.168.1.33/CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtml&name=CFIDE.componentutils.cfcexplorer&path=../../../license.txt" LinkTitle="http://192.168.1.33/CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtml&name=CFIDE.componentutils.cfcexplorer&path=../../../license.txt"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	4173	<ContainerBlockElement>
	4174	<Paragraph>HTTP GET request to
	4175	<URLLink LinkURL="http://192.168.1.33/CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtml&name=CFIDE.componentutils.cfcexplorer&path=../../../../license.html" LinkTitle="http://192.168.1.33/CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtml&name=CFIDE.componentutils.cfcexplorer&path=../../../../license.html"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4176	</test>
	4177
	4178	<test id="apache-httpd-cve-2008-0005" key="ftp://ftp.kernel.org/;utf7xss" status="not-vulnerable">
	4179
	4180	<Paragraph>
	4181	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	4182	<Paragraph>
	4183	<ContainerBlockElement>
	4184	<ContainerBlockElement>
	4185	<Paragraph>HTTP GET request to
	4186	<URLLink LinkURL="ftp://ftp.kernel.org/;utf7xss" LinkTitle="ftp://ftp.kernel.org/;utf7xss"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4187	</test>
	4188
	4189	<test id="apache-httpd-cve-2008-0005" key="ftp://ftp.kernel.org/;utf7xss" status="not-vulnerable">
	4190
	4191	<Paragraph>
	4192	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	4193	<Paragraph>
	4194	<ContainerBlockElement>
	4195	<ContainerBlockElement>
	4196	<Paragraph>HTTP GET request to
	4197	<URLLink LinkURL="ftp://ftp.kernel.org/;utf7xss" LinkTitle="ftp://ftp.kernel.org/;utf7xss"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4198	</test>
	4199
	4200	<test id="apache-httpd-cve-2008-2939" key="ftp://ftp.kernel.org/*<img%20src=""%20onerror="alert(42)">" status="not-vulnerable">
	4201
	4202	<Paragraph>
	4203	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	4204	<Paragraph>
	4205	<ContainerBlockElement>
	4206	<ContainerBlockElement>
	4207	<Paragraph>HTTP GET request to
	4208	<URLLink LinkURL="ftp://ftp.kernel.org/<img%20src=""%20onerror="alert(42)">" LinkTitle="ftp://ftp.kernel.org/<img%20src=""%20onerror="alert(42)">"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4209	</test>
	4210
	4211	<test id="apache-httpd-cve-2008-2939" key="ftp://ftp.kernel.org/*<img%20src=""%20onerror="alert(42)">" status="not-vulnerable">
	4212
	4213	<Paragraph>
	4214	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	4215	<Paragraph>
	4216	<ContainerBlockElement>
	4217	<ContainerBlockElement>
	4218	<Paragraph>HTTP GET request to
	4219	<URLLink LinkURL="ftp://ftp.kernel.org/<img%20src=""%20onerror="alert(42)">" LinkTitle="ftp://ftp.kernel.org/<img%20src=""%20onerror="alert(42)">"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4220	</test>
	4221
	4222	<test id="http-adobe-amf-gateway-xxe-cve-2009-3960" key="/lcds-samples/messagebroker/httpsecure" status="not-vulnerable">
	4223
	4224	<Paragraph>
	4225	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	4226	<Paragraph>
	4227	<ContainerBlockElement>
	4228	<ContainerBlockElement>
	4229	<Paragraph>HTTP POST request to
	4230	<URLLink LinkURL="http://192.168.1.33/flex2gateway/http" LinkTitle="http://192.168.1.33/flex2gateway/http"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	4231	<ContainerBlockElement>
	4232	<Paragraph>HTTP POST request to
	4233	<URLLink LinkURL="http://192.168.1.33/flex2gateway/httpsecure" LinkTitle="http://192.168.1.33/flex2gateway/httpsecure"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	4234	<ContainerBlockElement>
	4235	<Paragraph>HTTP POST request to
	4236	<URLLink LinkURL="http://192.168.1.33/messagebroker/http" LinkTitle="http://192.168.1.33/messagebroker/http"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	4237	<ContainerBlockElement>
	4238	<Paragraph>HTTP POST request to
	4239	<URLLink LinkURL="http://192.168.1.33/messagebroker/httpsecure" LinkTitle="http://192.168.1.33/messagebroker/httpsecure"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	4240	<ContainerBlockElement>
	4241	<Paragraph>HTTP POST request to
	4242	<URLLink LinkURL="http://192.168.1.33/blazeds/messagebroker/http" LinkTitle="http://192.168.1.33/blazeds/messagebroker/http"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	4243	<ContainerBlockElement>
	4244	<Paragraph>HTTP POST request to
	4245	<URLLink LinkURL="http://192.168.1.33/blazeds/messagebroker/httpsecure" LinkTitle="http://192.168.1.33/blazeds/messagebroker/httpsecure"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	4246	<ContainerBlockElement>
	4247	<Paragraph>HTTP POST request to
	4248	<URLLink LinkURL="http://192.168.1.33/samples/messagebroker/http" LinkTitle="http://192.168.1.33/samples/messagebroker/http"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	4249	<ContainerBlockElement>
	4250	<Paragraph>HTTP POST request to
	4251	<URLLink LinkURL="http://192.168.1.33/samples/messagebroker/httpsecure" LinkTitle="http://192.168.1.33/samples/messagebroker/httpsecure"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	4252	<ContainerBlockElement>
	4253	<Paragraph>HTTP POST request to
	4254	<URLLink LinkURL="http://192.168.1.33/lcds/messagebroker/http" LinkTitle="http://192.168.1.33/lcds/messagebroker/http"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	4255	<ContainerBlockElement>
	4256	<Paragraph>HTTP POST request to
	4257	<URLLink LinkURL="http://192.168.1.33/lcds/messagebroker/httpsecure" LinkTitle="http://192.168.1.33/lcds/messagebroker/httpsecure"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	4258	<ContainerBlockElement>
	4259	<Paragraph>HTTP POST request to
	4260	<URLLink LinkURL="http://192.168.1.33/lcds-samples/messagebroker/http" LinkTitle="http://192.168.1.33/lcds-samples/messagebroker/http"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	4261	<ContainerBlockElement>
	4262	<Paragraph>HTTP POST request to
	4263	<URLLink LinkURL="http://192.168.1.33/lcds-samples/messagebroker/httpsecure" LinkTitle="http://192.168.1.33/lcds-samples/messagebroker/httpsecure"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4264	</test>
	4265	</tests>
	4266	</service>
	4267	</services>
	4268	</endpoint>
	4269
	4270	<endpoint protocol="udp" port="123" status="open">
	4271	<services>
	4272	<service name="NTP">
	4273	<fingerprints>
	4274	<fingerprint certainty="0.90" family="NTP" product="NTP" version="4.2.0a@1:4.2.0a+stable-8-r"/>
	4275	</fingerprints>
	4276	<configuration>
	4277	<config name="ntp.variables">version="ntpd 4.2.0a@1:4.2.0a+stable-8-r Sat Aug 30 06:44:03 EDT 2008 (1)",
	4278	processor="armv5tejl", system="Linux/2.6.18_pro500-davinci_IPNC_1.00",
	4279	leap=0, stratum=5, precision=-17, rootdelay=663.555,
	4280	rootdispersion=223.836, peer=16948, refid=61.67.210.241,
	4281	reftime=0xd63ff867.7092ee84, poll=9, clock=0xd63ffb99.954b167e, state=4,
	4282	offset=-29.969, frequency=6.641, noise=9.203, jitter=5.336,
	4283	stability=21.220
	4284	</config>
	4285	</configuration>
	4286	<tests>
	4287	<test id="ntpd-crypto-recv-buffer-overflow" status="vulnerable-version">
	4288
	4289	<Paragraph>
	4290	<Paragraph>Running vulnerable NTP service: NTP 4.2.0a@1:4.2.0a+stable-8-r.</Paragraph></Paragraph>
	4291	</test>
	4292
	4293	<test id="ntp-clock-variables-disclosure" status="vulnerable-exploited">
	4294
	4295	<Paragraph>
	4296	<Paragraph>The following NTP variables were found from a readvar request: version="ntpd 4.2.0a@1:4.2.0a+stable-8-r Sat Aug 30 06:44:03 EDT 2008 (1)",
	4297	processor="armv5tejl", system="Linux/2.6.18_pro500-davinci_IPNC_1.00",
	4298	leap=0, stratum=5, precision=-17, rootdelay=663.555,
	4299	rootdispersion=223.836, peer=16948, refid=61.67.210.241,
	4300	reftime=0xd63ff867.7092ee84, poll=9, clock=0xd63ffb99.954b167e, state=4,
	4301	offset=-29.969, frequency=6.641, noise=9.203, jitter=5.336,
	4302	stability=21.220
	4303	</Paragraph></Paragraph>
	4304	</test>
	4305	</tests>
	4306	</service>
	4307	</services>
	4308	</endpoint>
	4309
	4310	<endpoint protocol="tcp" port="443" status="open">
	4311	<services>
	4312	<service name="HTTPS">
	4313	<configuration>
	4314	<config name="ssl">true</config>
	4315	<config name="ssl.cert.issuer.dn">CN=www.dlink.com.tw, OU=R&D Dept., O=D-Link Taiwan, L=Taipei, ST=Taiwan, C=TW</config>
	4316	<config name="ssl.cert.key.alg.name">RSA</config>
	4317	<config name="ssl.cert.key.rsa.modulusBits">1024</config>
	4318	<config name="ssl.cert.not.valid.after">Sat, 11 Mar 2023 10:43:06 UTC</config>
	4319	<config name="ssl.cert.not.valid.before">Wed, 13 Mar 2013 10:43:06 UTC</config>
	4320	<config name="ssl.cert.selfsigned">true</config>
	4321	<config name="ssl.cert.serial.number">11340214068356762790</config>
	4322	<config name="ssl.cert.sig.alg.name">SHA1withRSA</config>
	4323	<config name="ssl.cert.subject.dn">CN=www.dlink.com.tw, OU=R&D Dept., O=D-Link Taiwan, L=Taipei, ST=Taiwan, C=TW</config>
	4324	<config name="ssl.cert.validsignature">true</config>
	4325	<config name="ssl.version.ssl20">true</config>
	4326	</configuration>
	4327	<tests>
	4328	<test id="adobe-apsb13-03-cve-2013-0632" key="/CFIDE/adminapi/administrator.cfc?" status="not-vulnerable">
	4329
	4330	<Paragraph>
	4331	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4332	<Paragraph>
	4333	<ContainerBlockElement>
	4334	<ContainerBlockElement>
	4335	<Paragraph>HTTP POST request to
	4336	<URLLink LinkURL="https://192.168.1.33/CFIDE/adminapi/administrator.cfc" LinkTitle="https://192.168.1.33/CFIDE/adminapi/administrator.cfc"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4337	</test>
	4338
	4339	<test id="adobe-apsb13-13-cve-2013-1389" status="skipped-version">
	4340
	4341	<Paragraph>
	4342	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4343	<Paragraph>Based on the result of the "APSB13-13: Security updates available for Adobe ColdFusion (CVE-2013-3336)" test, this node is not vulnerable to this issue.</Paragraph></Paragraph>
	4344	</test>
	4345
	4346	<test id="http-3com-wap-default-admin-password" key="/index.htm" status="not-vulnerable">
	4347
	4348	<Paragraph>
	4349	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4350	<Paragraph>
	4351	<ContainerBlockElement>
	4352	<ContainerBlockElement>
	4353	<Paragraph>HTTP POST request to
	4354	<URLLink LinkURL="https://192.168.1.33/index.htm" LinkTitle="https://192.168.1.33/index.htm"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4355	</test>
	4356
	4357	<test id="http-drac-default-login" key="/data/login" status="not-vulnerable">
	4358
	4359	<Paragraph>
	4360	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4361	<Paragraph>
	4362	<ContainerBlockElement>
	4363	<ContainerBlockElement>
	4364	<Paragraph>HTTP POST request to
	4365	<URLLink LinkURL="https://192.168.1.33/data/login" LinkTitle="https://192.168.1.33/data/login"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4366	</test>
	4367
	4368	<test id="http-drac-default-login" key="/cgi/login" status="not-vulnerable">
	4369
	4370	<Paragraph>
	4371	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4372	<Paragraph>
	4373	<ContainerBlockElement>
	4374	<ContainerBlockElement>
	4375	<Paragraph>HTTP POST request to
	4376	<URLLink LinkURL="https://192.168.1.33/cgi/login" LinkTitle="https://192.168.1.33/cgi/login"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4377	</test>
	4378
	4379	<test id="http-glassfish-default-admin-password" key="/common/index.jsf" status="not-vulnerable">
	4380
	4381	<Paragraph>
	4382	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4383	<Paragraph>
	4384	<ContainerBlockElement>
	4385	<ContainerBlockElement>
	4386	<Paragraph>HTTP GET request to
	4387	<URLLink LinkURL="https://192.168.1.33/common/index.jsf" LinkTitle="https://192.168.1.33/common/index.jsf"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4388	</test>
	4389
	4390	<test id="http-nokia-firewall-default-admin-password" key="/cgi-bin/home.tcl" status="not-vulnerable">
	4391
	4392	<Paragraph>
	4393	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4394	<Paragraph>
	4395	<ContainerBlockElement>
	4396	<ContainerBlockElement>
	4397	<Paragraph>HTTP POST request to
	4398	<URLLink LinkURL="https://192.168.1.33/cgi-bin/home.tcl" LinkTitle="https://192.168.1.33/cgi-bin/home.tcl"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4399	</test>
	4400
	4401	<test id="http-phpmyadmin-account-pma-password-empty" key="/phpmyadmin/" status="not-vulnerable">
	4402
	4403	<Paragraph>
	4404	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4405	<Paragraph>
	4406	<ContainerBlockElement>
	4407	<ContainerBlockElement>
	4408	<Paragraph>HTTP GET request to
	4409	<URLLink LinkURL="https://192.168.1.33/phpmyadmin/" LinkTitle="https://192.168.1.33/phpmyadmin/"></URLLink></Paragraph>HTTP response code was 404 but expected 401</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4410	</test>
	4411
	4412	<test id="apache-struts-cve-2013-2251" key="/struts2-showcase/employee/save.action" status="not-vulnerable">
	4413
	4414	<Paragraph>
	4415	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4416	<Paragraph>
	4417	<ContainerBlockElement>
	4418	<ContainerBlockElement>
	4419	<Paragraph>HTTP GET request to
	4420	<URLLink LinkURL="https://192.168.1.33/struts2-showcase/employee/save.action" LinkTitle="https://192.168.1.33/struts2-showcase/employee/save.action"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4421	</test>
	4422
	4423	<test id="apache-struts-cve-2013-2251" key="/struts2-blank/example/HelloWorld.action" status="not-vulnerable">
	4424
	4425	<Paragraph>
	4426	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4427	<Paragraph>
	4428	<ContainerBlockElement>
	4429	<ContainerBlockElement>
	4430	<Paragraph>HTTP GET request to
	4431	<URLLink LinkURL="https://192.168.1.33/struts2-blank/example/HelloWorld.action" LinkTitle="https://192.168.1.33/struts2-blank/example/HelloWorld.action"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4432	</test>
	4433
	4434	<test id="checkpoint-ess-info-disclosure-sk57881" key="/conf/ssl/apache/integrity-smartcenter.key" status="not-vulnerable">
	4435
	4436	<Paragraph>
	4437	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4438	<Paragraph>
	4439	<ContainerBlockElement>
	4440	<ContainerBlockElement>
	4441	<Paragraph>HTTP GET request to
	4442	<URLLink LinkURL="https://192.168.1.33/conf/ssl/apache/integrity.key" LinkTitle="https://192.168.1.33/conf/ssl/apache/integrity.key"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	4443	<ContainerBlockElement>
	4444	<Paragraph>HTTP GET request to
	4445	<URLLink LinkURL="https://192.168.1.33/conf/ssl/apache/integrity-smartcenter.key" LinkTitle="https://192.168.1.33/conf/ssl/apache/integrity-smartcenter.key"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4446	</test>
	4447
	4448	<test id="adobe-apsb10-18-cve-2010-2861" key="/CFIDE/administrator/enter.cfm?locale=../../../../../../../lib/password.properties%00en" status="not-vulnerable">
	4449
	4450	<Paragraph>
	4451	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4452	<Paragraph>
	4453	<ContainerBlockElement>
	4454	<ContainerBlockElement>
	4455	<Paragraph>HTTP GET request to
	4456	<URLLink LinkURL="https://192.168.1.33/CFIDE/administrator/enter.cfm?locale=../../../../../../../lib/password.properties%00en" LinkTitle="https://192.168.1.33/CFIDE/administrator/enter.cfm?locale=../../../../../../../lib/password.properties%00en"></URLLink></Paragraph>HTTP response code was 404 but expected 200HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4457	</test>
	4458
	4459	<test id="http-awstats-remote-code-execution" key="/cgi-bin/awstats/awstats.pl?PluginMode=:print+%22x%22%2e(1042+%2b+1099)%2e%22x%22;" status="not-vulnerable">
	4460
	4461	<Paragraph>
	4462	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4463	<Paragraph>
	4464	<ContainerBlockElement>
	4465	<ContainerBlockElement>
	4466	<Paragraph>HTTP GET request to
	4467	<URLLink LinkURL="https://192.168.1.33/cgi-bin/awstats.pl?PluginMode=:print+%22x%22%2e(1042+%2b+1099)%2e%22x%22;" LinkTitle="https://192.168.1.33/cgi-bin/awstats.pl?PluginMode=:print+%22x%22%2e(1042+%2b+1099)%2e%22x%22;"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	4468	<ContainerBlockElement>
	4469	<Paragraph>HTTP GET request to
	4470	<URLLink LinkURL="https://192.168.1.33/cgi-bin/awstats/awstats.pl?PluginMode=:print+%22x%22%2e(1042+%2b+1099)%2e%22x%22;" LinkTitle="https://192.168.1.33/cgi-bin/awstats/awstats.pl?PluginMode=:print+%22x%22%2e(1042+%2b+1099)%2e%22x%22;"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4471	</test>
	4472
	4473	<test id="http-cgi-faxsurvey-command-execution" key="/cgi-bin/faxquery?/bin/cat%20/etc/passwd" status="not-vulnerable">
	4474
	4475	<Paragraph>
	4476	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4477	<Paragraph>
	4478	<ContainerBlockElement>
	4479	<ContainerBlockElement>
	4480	<Paragraph>HTTP GET request to
	4481	<URLLink LinkURL="https://192.168.1.33/cgi-bin/faxsurvey?/bin/cat%20/etc/passwd" LinkTitle="https://192.168.1.33/cgi-bin/faxsurvey?/bin/cat%20/etc/passwd"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	4482	<ContainerBlockElement>
	4483	<Paragraph>HTTP GET request to
	4484	<URLLink LinkURL="https://192.168.1.33/cgi-bin/faxquery?/bin/cat%20/etc/passwd" LinkTitle="https://192.168.1.33/cgi-bin/faxquery?/bin/cat%20/etc/passwd"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4485	</test>
	4486
	4487	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/administrator/enter.cfm" status="not-vulnerable">
	4488
	4489	<Paragraph>
	4490	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4491	<Paragraph>
	4492	<ContainerBlockElement>
	4493	<ContainerBlockElement>
	4494	<Paragraph>HTTP GET request to
	4495	<URLLink LinkURL="https://192.168.1.33/CFIDE/administrator/" LinkTitle="https://192.168.1.33/CFIDE/administrator/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	4496	<ContainerBlockElement>
	4497	<Paragraph>HTTP GET request to
	4498	<URLLink LinkURL="https://192.168.1.33/CFIDE/administrator/enter.cfm" LinkTitle="https://192.168.1.33/CFIDE/administrator/enter.cfm"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4499	</test>
	4500
	4501	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/appdeployment/" status="not-vulnerable">
	4502
	4503	<Paragraph>
	4504	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4505	<Paragraph>
	4506	<ContainerBlockElement>
	4507	<ContainerBlockElement>
	4508	<Paragraph>HTTP GET request to
	4509	<URLLink LinkURL="https://192.168.1.33/CFIDE/appdeployment/" LinkTitle="https://192.168.1.33/CFIDE/appdeployment/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4510	</test>
	4511
	4512	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/adminiapi/" status="not-vulnerable">
	4513
	4514	<Paragraph>
	4515	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4516	<Paragraph>
	4517	<ContainerBlockElement>
	4518	<ContainerBlockElement>
	4519	<Paragraph>HTTP GET request to
	4520	<URLLink LinkURL="https://192.168.1.33/CFIDE/adminiapi/" LinkTitle="https://192.168.1.33/CFIDE/adminiapi/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4521	</test>
	4522
	4523	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/componentutils/" status="not-vulnerable">
	4524
	4525	<Paragraph>
	4526	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4527	<Paragraph>
	4528	<ContainerBlockElement>
	4529	<ContainerBlockElement>
	4530	<Paragraph>HTTP GET request to
	4531	<URLLink LinkURL="https://192.168.1.33/CFIDE/componentutils/" LinkTitle="https://192.168.1.33/CFIDE/componentutils/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4532	</test>
	4533
	4534	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/adminapi/base.cfc?wsdl" status="not-vulnerable">
	4535
	4536	<Paragraph>
	4537	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4538	<Paragraph>
	4539	<ContainerBlockElement>
	4540	<ContainerBlockElement>
	4541	<Paragraph>HTTP GET request to
	4542	<URLLink LinkURL="https://192.168.1.33/CFIDE/adminapi/base.cfc?wsdl" LinkTitle="https://192.168.1.33/CFIDE/adminapi/base.cfc?wsdl"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4543	</test>
	4544
	4545	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/orm/" status="not-vulnerable">
	4546
	4547	<Paragraph>
	4548	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4549	<Paragraph>
	4550	<ContainerBlockElement>
	4551	<ContainerBlockElement>
	4552	<Paragraph>HTTP GET request to
	4553	<URLLink LinkURL="https://192.168.1.33/CFIDE/orm/" LinkTitle="https://192.168.1.33/CFIDE/orm/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4554	</test>
	4555
	4556	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/AIR/" status="not-vulnerable">
	4557
	4558	<Paragraph>
	4559	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4560	<Paragraph>
	4561	<ContainerBlockElement>
	4562	<ContainerBlockElement>
	4563	<Paragraph>HTTP GET request to
	4564	<URLLink LinkURL="https://192.168.1.33/CFIDE/AIR/" LinkTitle="https://192.168.1.33/CFIDE/AIR/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4565	</test>
	4566
	4567	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/scheduler/" status="not-vulnerable">
	4568
	4569	<Paragraph>
	4570	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4571	<Paragraph>
	4572	<ContainerBlockElement>
	4573	<ContainerBlockElement>
	4574	<Paragraph>HTTP GET request to
	4575	<URLLink LinkURL="https://192.168.1.33/CFIDE/scheduler/" LinkTitle="https://192.168.1.33/CFIDE/scheduler/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4576	</test>
	4577
	4578	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/servermanager/" status="not-vulnerable">
	4579
	4580	<Paragraph>
	4581	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4582	<Paragraph>
	4583	<ContainerBlockElement>
	4584	<ContainerBlockElement>
	4585	<Paragraph>HTTP GET request to
	4586	<URLLink LinkURL="https://192.168.1.33/CFIDE/servermanager/" LinkTitle="https://192.168.1.33/CFIDE/servermanager/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4587	</test>
	4588
	4589	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/services/" status="not-vulnerable">
	4590
	4591	<Paragraph>
	4592	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4593	<Paragraph>
	4594	<ContainerBlockElement>
	4595	<ContainerBlockElement>
	4596	<Paragraph>HTTP GET request to
	4597	<URLLink LinkURL="https://192.168.1.33/CFIDE/services/" LinkTitle="https://192.168.1.33/CFIDE/services/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4598	</test>
	4599
	4600	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/websocket/" status="not-vulnerable">
	4601
	4602	<Paragraph>
	4603	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4604	<Paragraph>
	4605	<ContainerBlockElement>
	4606	<ContainerBlockElement>
	4607	<Paragraph>HTTP GET request to
	4608	<URLLink LinkURL="https://192.168.1.33/CFIDE/websocket/" LinkTitle="https://192.168.1.33/CFIDE/websocket/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4609	</test>
	4610
	4611	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/wizards/common/" status="not-vulnerable">
	4612
	4613	<Paragraph>
	4614	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4615	<Paragraph>
	4616	<ContainerBlockElement>
	4617	<ContainerBlockElement>
	4618	<Paragraph>HTTP GET request to
	4619	<URLLink LinkURL="https://192.168.1.33/CFIDE/wizards/common/" LinkTitle="https://192.168.1.33/CFIDE/wizards/common/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4620	</test>
	4621
	4622	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/wizards/common/utils.cfc?method=verifyldapserver&vserver=localhost&vport=22&vstart=&vusername=&vpassword=&returnformat=json" status="not-vulnerable">
	4623
	4624	<Paragraph>
	4625	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4626	<Paragraph>
	4627	<ContainerBlockElement>
	4628	<ContainerBlockElement>
	4629	<Paragraph>HTTP GET request to
	4630	<URLLink LinkURL="https://192.168.1.33/CFIDE/wizards/common/utils.cfc?method=verifyldapserver&vserver=localhost&vport=22&vstart=&vusername=&vpassword=&returnformat=json" LinkTitle="https://192.168.1.33/CFIDE/wizards/common/utils.cfc?method=verifyldapserver&vserver=localhost&vport=22&vstart=&vusername=&vpassword=&returnformat=json"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4631	</test>
	4632
	4633	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/portlets/" status="not-vulnerable">
	4634
	4635	<Paragraph>
	4636	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4637	<Paragraph>
	4638	<ContainerBlockElement>
	4639	<ContainerBlockElement>
	4640	<Paragraph>HTTP GET request to
	4641	<URLLink LinkURL="https://192.168.1.33/CFIDE/portlets/" LinkTitle="https://192.168.1.33/CFIDE/portlets/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4642	</test>
	4643
	4644	<test id="http-frontpage-unprotected" key="/_vti_bin/_vti_aut/author.dll" status="not-vulnerable">
	4645
	4646	<Paragraph>
	4647	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4648	<Paragraph>
	4649	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4650	</test>
	4651
	4652	<test id="http-php-xmlrpc-code-injection" key="/script/xmlrpc.php" status="not-vulnerable">
	4653
	4654	<Paragraph>
	4655	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4656	<Paragraph>
	4657	<ContainerBlockElement>
	4658	<ContainerBlockElement>
	4659	<Paragraph>HTTP POST request to
	4660	<URLLink LinkURL="https://192.168.1.33/xmlrpc.php" LinkTitle="https://192.168.1.33/xmlrpc.php"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	4661	<ContainerBlockElement>
	4662	<Paragraph>HTTP POST request to
	4663	<URLLink LinkURL="https://192.168.1.33/serendipity/serendipity_xmlrpc.php" LinkTitle="https://192.168.1.33/serendipity/serendipity_xmlrpc.php"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	4664	<ContainerBlockElement>
	4665	<Paragraph>HTTP POST request to
	4666	<URLLink LinkURL="https://192.168.1.33/serendipity/xmlrpc.php" LinkTitle="https://192.168.1.33/serendipity/xmlrpc.php"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	4667	<ContainerBlockElement>
	4668	<Paragraph>HTTP POST request to
	4669	<URLLink LinkURL="https://192.168.1.33/drupal/xmlrpc.php" LinkTitle="https://192.168.1.33/drupal/xmlrpc.php"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	4670	<ContainerBlockElement>
	4671	<Paragraph>HTTP POST request to
	4672	<URLLink LinkURL="https://192.168.1.33/bblog/xmlrpc.php" LinkTitle="https://192.168.1.33/bblog/xmlrpc.php"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	4673	<ContainerBlockElement>
	4674	<Paragraph>HTTP POST request to
	4675	<URLLink LinkURL="https://192.168.1.33/blogs/xmlsrv/xmlrpc.php" LinkTitle="https://192.168.1.33/blogs/xmlsrv/xmlrpc.php"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	4676	<ContainerBlockElement>
	4677	<Paragraph>HTTP POST request to
	4678	<URLLink LinkURL="https://192.168.1.33/xmlsrv/xmlrpc.php" LinkTitle="https://192.168.1.33/xmlsrv/xmlrpc.php"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	4679	<ContainerBlockElement>
	4680	<Paragraph>HTTP POST request to
	4681	<URLLink LinkURL="https://192.168.1.33/xmlrpc/xmlrpc.php" LinkTitle="https://192.168.1.33/xmlrpc/xmlrpc.php"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	4682	<ContainerBlockElement>
	4683	<Paragraph>HTTP POST request to
	4684	<URLLink LinkURL="https://192.168.1.33/script/xmlrpc.php" LinkTitle="https://192.168.1.33/script/xmlrpc.php"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4685	</test>
	4686
	4687	<test id="adobe-apsb13-03-cve-2013-0625" status="skipped-version">
	4688
	4689	<Paragraph>
	4690	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4691	<Paragraph>Based on the result of the "APSB13-03: Security updates available for Adobe ColdFusion (CVE-2013-0629)" test, this node is not vulnerable to this issue.</Paragraph></Paragraph>
	4692	</test>
	4693
	4694	<test id="certificate-common-name-mismatch" status="vulnerable-exploited">
	4695
	4696	<Paragraph>
	4697	<Paragraph>The subject common name found in the X.509 certificate ('CN=www.dlink.com.tw') does not seem to match the scan target '192.168.1.33':
	4698	<UnorderedList>
	4699	<ListItem>Subject CN 'www.dlink.com.tw' does not match node name '192.168.1.33'</ListItem>
	4700	<ListItem>Subject CN's resolved IP address 'www.dlink.com.tw/58.86.33.135' differs from node IP address '/192.168.1.33'</ListItem></UnorderedList></Paragraph></Paragraph>
	4701	</test>
	4702
	4703	<test id="http-iis-0014" status="not-vulnerable">
	4704
	4705	<Paragraph>
	4706	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4707	<Paragraph>Based on the following 3 results:
	4708	<OrderedList>
	4709	<ListItem>
	4710	<Paragraph>
	4711	<ContainerBlockElement>
	4712	<ContainerBlockElement>
	4713	<Paragraph>HTTP GET request to
	4714	<URLLink LinkURL="https://192.168.1.33/scripts/tools/newdsn.exe?driver=Microsoft%2BAccess%2BDriver%2B%28.mdb%29&dsn=Web%20SQL&dbq=c:\temp\xyz.mdb&newdb=CREATE_DB&attr=" LinkTitle="https://192.168.1.33/scripts/tools/newdsn.exe?driver=Microsoft%2BAccess%2BDriver%2B%28.mdb%29&dsn=Web%20SQL&dbq=c:\temp\xyz.mdb&newdb=CREATE_DB&attr="></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></ListItem>
	4715	<ListItem>
	4716	<Paragraph>
	4717	<ContainerBlockElement>
	4718	<ContainerBlockElement>
	4719	<Paragraph>HTTP GET request to
	4720	<URLLink LinkURL="https://192.168.1.33/AdvWorks/equipment/catalog_type.asp?ProductType=\|shell("c:cmd.exe")\|" LinkTitle="https://192.168.1.33/AdvWorks/equipment/catalog_type.asp?ProductType=\|shell("c:cmd.exe")\|"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></ListItem>
	4721	<ListItem>
	4722	<Paragraph>
	4723	<ContainerBlockElement>
	4724	<ContainerBlockElement>
	4725	<Paragraph>HTTP GET request to
	4726	<URLLink LinkURL="https://192.168.1.33/ASPSamp/AdvWorks/equipment/catalog_type.asp?ProductType=\|shell("c:cmd.exe")\|" LinkTitle="https://192.168.1.33/ASPSamp/AdvWorks/equipment/catalog_type.asp?ProductType=\|shell("c:cmd.exe")\|"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></ListItem></OrderedList></Paragraph></Paragraph>
	4727	</test>
	4728
	4729	<test id="tls-server-cert-expired" status="not-vulnerable">
	4730
	4731	<Paragraph>
	4732	<Paragraph>Certificate valid from Wed, 13 Mar 2013 10:43:06 UTC to Sat, 11 Mar 2023 10:43:06 UTC</Paragraph></Paragraph>
	4733	</test>
	4734
	4735	<test id="http-cgi-viewsource-arbitrary-file-access" key="/cgi-bin/view-source?../../../../../../../etc/passwd" status="not-vulnerable">
	4736
	4737	<Paragraph>
	4738	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4739	<Paragraph>
	4740	<ContainerBlockElement>
	4741	<ContainerBlockElement>
	4742	<Paragraph>HTTP GET request to
	4743	<URLLink LinkURL="https://192.168.1.33/cgi-bin/view-source?../../../../../../../etc/passwd" LinkTitle="https://192.168.1.33/cgi-bin/view-source?../../../../../../../etc/passwd"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4744	</test>
	4745
	4746	<test id="http-trace-method-enabled" key="/" status="not-vulnerable">
	4747
	4748	<Paragraph>
	4749	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4750	<Paragraph>
	4751	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4752	</test>
	4753
	4754	<test id="http-track-method-enabled" key="/" status="not-vulnerable">
	4755
	4756	<Paragraph>
	4757	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4758	<Paragraph>
	4759	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4760	</test>
	4761
	4762	<test id="spider-adobe-flash-permissive-crossdomain-xml" key="/crossdomain.xml" status="not-vulnerable">
	4763
	4764	<Paragraph>
	4765	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4766	<Paragraph>
	4767	<ContainerBlockElement>
	4768	<ContainerBlockElement>
	4769	<Paragraph>HTTP GET request to
	4770	<URLLink LinkURL="https://192.168.1.33/crossdomain.xml" LinkTitle="https://192.168.1.33/crossdomain.xml"></URLLink></Paragraph></ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4771	</test>
	4772
	4773	<test id="ssl-weak-ciphers" status="vulnerable-exploited">
	4774
	4775	<Paragraph>
	4776	<Paragraph>Negotiated with the following insecure cipher suites. SSLv2 ciphers:
	4777	<UnorderedList>
	4778	<ListItem>SSL_CK_RC4_128_WITH_MD5</ListItem>
	4779	<ListItem>SSL_CK_RC4_128_EXPORT40_WITH_MD5</ListItem>
	4780	<ListItem>SSL_CK_RC2_128_CBC_WITH_MD5</ListItem>
	4781	<ListItem>SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5</ListItem>
	4782	<ListItem>SSL_CK_DES_64_CBC_WITH_MD5</ListItem>
	4783	<ListItem>SSL_CK_DES_192_EDE3_CBC_WITH_MD5</ListItem></UnorderedList>SSLv3 ciphers:
	4784	<UnorderedList>
	4785	<ListItem>SSL_RSA_WITH_DES_CBC_SHA</ListItem></UnorderedList></Paragraph></Paragraph>
	4786	</test>
	4787
	4788	<test id="sslv2-and-up-enabled" status="vulnerable-exploited">
	4789
	4790	<Paragraph>
	4791	<Paragraph>SSLv2 is supported</Paragraph></Paragraph>
	4792	</test>
	4793
	4794	<test id="adobe-apsb13-03-cve-2013-0631" key="/CFIDE/r.cfm" status="not-vulnerable">
	4795
	4796	<Paragraph>
	4797	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4798	<Paragraph>
	4799	<ContainerBlockElement>
	4800	<ContainerBlockElement>
	4801	<Paragraph>HTTP GET request to
	4802	<URLLink LinkURL="https://192.168.1.33/CFIDE/adminapi/customtags/fusebox.cfm" LinkTitle="https://192.168.1.33/CFIDE/adminapi/customtags/fusebox.cfm"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	4803	<ContainerBlockElement>
	4804	<Paragraph>HTTP GET request to
	4805	<URLLink LinkURL="https://192.168.1.33/CFIDE/adminapi/customtags/adss.cfm" LinkTitle="https://192.168.1.33/CFIDE/adminapi/customtags/adss.cfm"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	4806	<ContainerBlockElement>
	4807	<Paragraph>HTTP GET request to
	4808	<URLLink LinkURL="https://192.168.1.33/CFIDE/h.cfm" LinkTitle="https://192.168.1.33/CFIDE/h.cfm"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	4809	<ContainerBlockElement>
	4810	<Paragraph>HTTP GET request to
	4811	<URLLink LinkURL="https://192.168.1.33/CFIDE/h9.cfm" LinkTitle="https://192.168.1.33/CFIDE/h9.cfm"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	4812	<ContainerBlockElement>
	4813	<Paragraph>HTTP GET request to
	4814	<URLLink LinkURL="https://192.168.1.33/CFIDE/help.cfm" LinkTitle="https://192.168.1.33/CFIDE/help.cfm"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	4815	<ContainerBlockElement>
	4816	<Paragraph>HTTP GET request to
	4817	<URLLink LinkURL="https://192.168.1.33/CFIDE/i.cfm" LinkTitle="https://192.168.1.33/CFIDE/i.cfm"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	4818	<ContainerBlockElement>
	4819	<Paragraph>HTTP GET request to
	4820	<URLLink LinkURL="https://192.168.1.33/CFIDE/r.cfm" LinkTitle="https://192.168.1.33/CFIDE/r.cfm"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4821	</test>
	4822
	4823	<test id="adobe-apsb13-13-cve-2013-3336" key="/CFIDE/adminapi/customtags/l10n.cfm?attributes.id=test&attributes.file=../../administrator/mail/download.cfm&filename=../lib/password.properties&attributes.locale=it&attributes.var=it&attributes.jscript=false&attributes.type=text/html&attributes.charset=U" status="not-vulnerable">
	4824
	4825	<Paragraph>
	4826	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4827	<Paragraph>
	4828	<ContainerBlockElement>
	4829	<ContainerBlockElement>
	4830	<Paragraph>HTTP GET request to
	4831	<URLLink LinkURL="https://192.168.1.33/CFIDE/adminapi/customtags/l10n.cfm?attributes.id=test&attributes.file=../../administrator/mail/download.cfm&filename=../../lib/password.properties&attributes.locale=it&attributes.var=it&attributes.jscript=false&attributes.type=text/html&attributes.charset=UTF-8&thisTag.executionmode=end&thisTag.generatedContent=test" LinkTitle="https://192.168.1.33/CFIDE/adminapi/customtags/l10n.cfm?attributes.id=test&attributes.file=../../administrator/mail/download.cfm&filename=../../lib/password.properties&attributes.locale=it&attributes.var=it&attributes.jscript=false&attributes.type=text/html&attributes.charset=UTF-8&thisTag.executionmode=end&thisTag.generatedContent=test"></URLLink></Paragraph>HTTP response code was 404 but expected 200HTTP response code was 404 but expected 200HTTP response code was 404 but expected 200</ContainerBlockElement>
	4832	<ContainerBlockElement>
	4833	<Paragraph>HTTP GET request to
	4834	<URLLink LinkURL="https://192.168.1.33/CFIDE/adminapi/customtags/l10n.cfm?attributes.id=test&attributes.file=../../administrator/mail/download.cfm&filename=../lib/password.properties&attributes.locale=it&attributes.var=it&attributes.jscript=false&attributes.type=text/html&attributes.charset=UTF-8&thisTag.executionmode=end&thisTag.generatedContent=test" LinkTitle="https://192.168.1.33/CFIDE/adminapi/customtags/l10n.cfm?attributes.id=test&attributes.file=../../administrator/mail/download.cfm&filename=../lib/password.properties&attributes.locale=it&attributes.var=it&attributes.jscript=false&attributes.type=text/html&attributes.charset=UTF-8&thisTag.executionmode=end&thisTag.generatedContent=test"></URLLink></Paragraph>HTTP response code was 404 but expected 200HTTP response code was 404 but expected 200HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4835	</test>
	4836
	4837	<test id="http-awstats-debug-information-disclosure" key="/cgi-bin/awstats/awstats.pl?debug=1" status="not-vulnerable">
	4838
	4839	<Paragraph>
	4840	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4841	<Paragraph>
	4842	<ContainerBlockElement>
	4843	<ContainerBlockElement>
	4844	<Paragraph>HTTP GET request to
	4845	<URLLink LinkURL="https://192.168.1.33/cgi-bin/awstats.pl?debug=1" LinkTitle="https://192.168.1.33/cgi-bin/awstats.pl?debug=1"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	4846	<ContainerBlockElement>
	4847	<Paragraph>HTTP GET request to
	4848	<URLLink LinkURL="https://192.168.1.33/cgi-bin/awstats/awstats.pl?debug=1" LinkTitle="https://192.168.1.33/cgi-bin/awstats/awstats.pl?debug=1"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4849	</test>
	4850
	4851	<test id="http-bigbrother-accessible" key="/bb/" status="not-vulnerable">
	4852
	4853	<Paragraph>
	4854	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4855	<Paragraph>
	4856	<ContainerBlockElement>
	4857	<ContainerBlockElement>
	4858	<Paragraph>HTTP GET request to
	4859	<URLLink LinkURL="https://192.168.1.33/bb/" LinkTitle="https://192.168.1.33/bb/"></URLLink></Paragraph></ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4860	</test>
	4861
	4862	<test id="http-cgi-htdig-arbitrary-file-access" key="/cgi-bin/htsearch?Exclude=%60/etc/passwd%60" status="not-vulnerable">
	4863
	4864	<Paragraph>
	4865	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4866	<Paragraph>
	4867	<ContainerBlockElement>
	4868	<ContainerBlockElement>
	4869	<Paragraph>HTTP GET request to
	4870	<URLLink LinkURL="https://192.168.1.33/cgi-bin/htsearch?Exclude=%60/etc/passwd%60" LinkTitle="https://192.168.1.33/cgi-bin/htsearch?Exclude=%60/etc/passwd%60"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4871	</test>
	4872
	4873	<test id="http-cgi-htgrep-arbitrary-file-access" key="/cgi-bin/htgrep/file=index.html&hdr=/etc/passwd" status="not-vulnerable">
	4874
	4875	<Paragraph>
	4876	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4877	<Paragraph>
	4878	<ContainerBlockElement>
	4879	<ContainerBlockElement>
	4880	<Paragraph>HTTP GET request to
	4881	<URLLink LinkURL="https://192.168.1.33/cgi-bin/htgrep/file=index.html&hdr=/etc/passwd" LinkTitle="https://192.168.1.33/cgi-bin/htgrep/file=index.html&hdr=/etc/passwd"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4882	</test>
	4883
	4884	<test id="http-cgi-htmlscript-arbitrary-file-access" key="/cgi-bin/htmlscript?../../../../../../../etc/passwd" status="not-vulnerable">
	4885
	4886	<Paragraph>
	4887	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4888	<Paragraph>
	4889	<ContainerBlockElement>
	4890	<ContainerBlockElement>
	4891	<Paragraph>HTTP GET request to
	4892	<URLLink LinkURL="https://192.168.1.33/cgi-bin/htmlscript?../../../../../../../etc/passwd" LinkTitle="https://192.168.1.33/cgi-bin/htmlscript?../../../../../../../etc/passwd"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4893	</test>
	4894
	4895	<test id="http-cgi-testcgi-file-listing" key="/cgi-bin/test-cgi" status="not-vulnerable">
	4896
	4897	<Paragraph>
	4898	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4899	<Paragraph>
	4900	<ContainerBlockElement>
	4901	<ContainerBlockElement>
	4902	<Paragraph>HTTP POST request to
	4903	<URLLink LinkURL="https://192.168.1.33/cgi-bin/test-cgi" LinkTitle="https://192.168.1.33/cgi-bin/test-cgi"></URLLink></Paragraph></ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4904	</test>
	4905
	4906	<test id="http-lighttpd-mod_userdir-info-discl" key="/~bin/true" status="not-vulnerable">
	4907
	4908	<Paragraph>
	4909	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4910	<Paragraph>
	4911	<ContainerBlockElement>
	4912	<ContainerBlockElement>
	4913	<Paragraph>HTTP GET request to
	4914	<URLLink LinkURL="https://192.168.1.33/~bin/true" LinkTitle="https://192.168.1.33/~bin/true"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4915	</test>
	4916
	4917	<test id="http-open-proxy" key="http://www.google.com:80/" status="not-vulnerable">
	4918
	4919	<Paragraph>
	4920	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4921	<Paragraph>
	4922	<ContainerBlockElement>
	4923	<ContainerBlockElement>
	4924	<Paragraph>HTTP HEAD request to
	4925	<URLLink LinkURL="http://www.google.com/" LinkTitle="http://www.google.com/"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4926	</test>
	4927
	4928	<test id="http-php-ini-file-exposed" key="/cgi-bin/php.ini" status="not-vulnerable">
	4929
	4930	<Paragraph>
	4931	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4932	<Paragraph>
	4933	<ContainerBlockElement>
	4934	<ContainerBlockElement>
	4935	<Paragraph>HTTP GET request to
	4936	<URLLink LinkURL="https://192.168.1.33/cgi-bin/php.ini" LinkTitle="https://192.168.1.33/cgi-bin/php.ini"></URLLink></Paragraph></ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4937	</test>
	4938
	4939	<test id="http-symantec-scan-engine-file-disclosure" key="/README.txt" status="not-vulnerable">
	4940
	4941	<Paragraph>
	4942	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4943	<Paragraph>
	4944	<ContainerBlockElement>
	4945	<ContainerBlockElement>
	4946	<Paragraph>HTTP GET request to
	4947	<URLLink LinkURL="https://192.168.1.33/README.txt" LinkTitle="https://192.168.1.33/README.txt"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4948	</test>
	4949
	4950	<test id="http-tomcat-jkstatus-accessible" key="/jkstatus/" status="not-vulnerable">
	4951
	4952	<Paragraph>
	4953	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4954	<Paragraph>
	4955	<ContainerBlockElement>
	4956	<ContainerBlockElement>
	4957	<Paragraph>HTTP GET request to
	4958	<URLLink LinkURL="https://192.168.1.33/jkstatus/" LinkTitle="https://192.168.1.33/jkstatus/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4959	</test>
	4960
	4961	<test id="tls-server-cert-sig-alg-md5" status="not-vulnerable">
	4962
	4963	<Paragraph>
	4964	<Paragraph>SSL certificate is signed with SHA1withRSA</Paragraph></Paragraph>
	4965	</test>
	4966
	4967	<test id="adobe-apsb13-03-cve-2013-0629" key="/CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtml&name=CFIDE.componentutils.cfcexplorer&path=../../../../license.html" status="not-vulnerable">
	4968
	4969	<Paragraph>
	4970	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4971	<Paragraph>
	4972	<ContainerBlockElement>
	4973	<ContainerBlockElement>
	4974	<Paragraph>HTTP GET request to
	4975	<URLLink LinkURL="https://192.168.1.33/CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtml&name=CFIDE.componentutils.cfcexplorer&path=../../../license.txt" LinkTitle="https://192.168.1.33/CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtml&name=CFIDE.componentutils.cfcexplorer&path=../../../license.txt"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	4976	<ContainerBlockElement>
	4977	<Paragraph>HTTP GET request to
	4978	<URLLink LinkURL="https://192.168.1.33/CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtml&name=CFIDE.componentutils.cfcexplorer&path=../../../../license.html" LinkTitle="https://192.168.1.33/CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtml&name=CFIDE.componentutils.cfcexplorer&path=../../../../license.html"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4979	</test>
	4980
	4981	<test id="apache-httpd-cve-2008-0005" key="ftp://ftp.kernel.org/;utf7xss" status="not-vulnerable">
	4982
	4983	<Paragraph>
	4984	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4985	<Paragraph>
	4986	<ContainerBlockElement>
	4987	<ContainerBlockElement>
	4988	<Paragraph>HTTP GET request to
	4989	<URLLink LinkURL="ftp://ftp.kernel.org/;utf7xss" LinkTitle="ftp://ftp.kernel.org/;utf7xss"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	4990	</test>
	4991
	4992	<test id="apache-httpd-cve-2008-0005" key="ftp://ftp.kernel.org/;utf7xss" status="not-vulnerable">
	4993
	4994	<Paragraph>
	4995	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	4996	<Paragraph>
	4997	<ContainerBlockElement>
	4998	<ContainerBlockElement>
	4999	<Paragraph>HTTP GET request to
	5000	<URLLink LinkURL="ftp://ftp.kernel.org/;utf7xss" LinkTitle="ftp://ftp.kernel.org/;utf7xss"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5001	</test>
	5002
	5003	<test id="apache-httpd-cve-2008-2939" key="ftp://ftp.kernel.org/*<img%20src=""%20onerror="alert(42)">" status="not-vulnerable">
	5004
	5005	<Paragraph>
	5006	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	5007	<Paragraph>
	5008	<ContainerBlockElement>
	5009	<ContainerBlockElement>
	5010	<Paragraph>HTTP GET request to
	5011	<URLLink LinkURL="ftp://ftp.kernel.org/<img%20src=""%20onerror="alert(42)">" LinkTitle="ftp://ftp.kernel.org/<img%20src=""%20onerror="alert(42)">"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5012	</test>
	5013
	5014	<test id="apache-httpd-cve-2008-2939" key="ftp://ftp.kernel.org/*<img%20src=""%20onerror="alert(42)">" status="not-vulnerable">
	5015
	5016	<Paragraph>
	5017	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	5018	<Paragraph>
	5019	<ContainerBlockElement>
	5020	<ContainerBlockElement>
	5021	<Paragraph>HTTP GET request to
	5022	<URLLink LinkURL="ftp://ftp.kernel.org/<img%20src=""%20onerror="alert(42)">" LinkTitle="ftp://ftp.kernel.org/<img%20src=""%20onerror="alert(42)">"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5023	</test>
	5024
	5025	<test id="http-adobe-amf-gateway-xxe-cve-2009-3960" key="/lcds-samples/messagebroker/httpsecure" status="not-vulnerable">
	5026
	5027	<Paragraph>
	5028	<Paragraph>Running vulnerable HTTPS service.</Paragraph>
	5029	<Paragraph>
	5030	<ContainerBlockElement>
	5031	<ContainerBlockElement>
	5032	<Paragraph>HTTP POST request to
	5033	<URLLink LinkURL="https://192.168.1.33/flex2gateway/http" LinkTitle="https://192.168.1.33/flex2gateway/http"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	5034	<ContainerBlockElement>
	5035	<Paragraph>HTTP POST request to
	5036	<URLLink LinkURL="https://192.168.1.33/flex2gateway/httpsecure" LinkTitle="https://192.168.1.33/flex2gateway/httpsecure"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	5037	<ContainerBlockElement>
	5038	<Paragraph>HTTP POST request to
	5039	<URLLink LinkURL="https://192.168.1.33/messagebroker/http" LinkTitle="https://192.168.1.33/messagebroker/http"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	5040	<ContainerBlockElement>
	5041	<Paragraph>HTTP POST request to
	5042	<URLLink LinkURL="https://192.168.1.33/messagebroker/httpsecure" LinkTitle="https://192.168.1.33/messagebroker/httpsecure"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	5043	<ContainerBlockElement>
	5044	<Paragraph>HTTP POST request to
	5045	<URLLink LinkURL="https://192.168.1.33/blazeds/messagebroker/http" LinkTitle="https://192.168.1.33/blazeds/messagebroker/http"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	5046	<ContainerBlockElement>
	5047	<Paragraph>HTTP POST request to
	5048	<URLLink LinkURL="https://192.168.1.33/blazeds/messagebroker/httpsecure" LinkTitle="https://192.168.1.33/blazeds/messagebroker/httpsecure"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	5049	<ContainerBlockElement>
	5050	<Paragraph>HTTP POST request to
	5051	<URLLink LinkURL="https://192.168.1.33/samples/messagebroker/http" LinkTitle="https://192.168.1.33/samples/messagebroker/http"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	5052	<ContainerBlockElement>
	5053	<Paragraph>HTTP POST request to
	5054	<URLLink LinkURL="https://192.168.1.33/samples/messagebroker/httpsecure" LinkTitle="https://192.168.1.33/samples/messagebroker/httpsecure"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	5055	<ContainerBlockElement>
	5056	<Paragraph>HTTP POST request to
	5057	<URLLink LinkURL="https://192.168.1.33/lcds/messagebroker/http" LinkTitle="https://192.168.1.33/lcds/messagebroker/http"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	5058	<ContainerBlockElement>
	5059	<Paragraph>HTTP POST request to
	5060	<URLLink LinkURL="https://192.168.1.33/lcds/messagebroker/httpsecure" LinkTitle="https://192.168.1.33/lcds/messagebroker/httpsecure"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	5061	<ContainerBlockElement>
	5062	<Paragraph>HTTP POST request to
	5063	<URLLink LinkURL="https://192.168.1.33/lcds-samples/messagebroker/http" LinkTitle="https://192.168.1.33/lcds-samples/messagebroker/http"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement>
	5064	<ContainerBlockElement>
	5065	<Paragraph>HTTP POST request to
	5066	<URLLink LinkURL="https://192.168.1.33/lcds-samples/messagebroker/httpsecure" LinkTitle="https://192.168.1.33/lcds-samples/messagebroker/httpsecure"></URLLink></Paragraph>HTTP response code was 400 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5067	</test>
	5068
	5069	<test id="ssl-self-signed-certificate" status="vulnerable-exploited">
	5070
	5071	<Paragraph>
	5072	<Paragraph>TLS/SSL certificate is self-signed.</Paragraph></Paragraph>
	5073	</test>
	5074
	5075	<test id="weak-crypto-key" status="vulnerable-exploited">
	5076
	5077	<Paragraph>
	5078	<Paragraph>Length of RSA modulus in X.509 certificate: 1024 bits (less than 2047 bits)</Paragraph></Paragraph>
	5079	</test>
	5080
	5081	<test id="tls-server-cert-to-expire" status="not-vulnerable">
	5082
	5083	<Paragraph>
	5084	<Paragraph>Certificate valid from Wed, 13 Mar 2013 10:43:06 UTC to Sat, 11 Mar 2023 10:43:06 UTC</Paragraph></Paragraph>
	5085	</test>
	5086	</tests>
	5087	</service>
	5088	</services>
	5089	</endpoint>
	5090
	5091	<endpoint protocol="tcp" port="554" status="open">
	5092	<services>
	5093	<service name="RTSP">
	5094	<configuration>
	5095	<config name="verbs-1">DESCRIBE</config>
	5096	<config name="verbs-2">GET_PARAMETER</config>
	5097	<config name="verbs-3">OPTIONS</config>
	5098	<config name="verbs-4">PAUSE</config>
	5099	<config name="verbs-5">PLAY</config>
	5100	<config name="verbs-6">SETUP</config>
	5101	<config name="verbs-7">SET_PARAMETER</config>
	5102	<config name="verbs-8">TEARDOWN</config>
	5103	<config name="verbs-count">8</config>
	5104	</configuration>
	5105	<tests>
	5106	</tests>
	5107	</service>
	5108	</services>
	5109	</endpoint>
	5110
	5111	<endpoint protocol="tcp" port="1010" status="open">
	5112	<services>
	5113	<service name="<unknown>">
	5114	<tests>
	5115	</tests>
	5116	</service>
	5117	</services>
	5118	</endpoint>
	5119
	5120	<endpoint protocol="tcp" port="7777" status="open">
	5121	<services>
	5122	<service name="<unknown>">
	5123	<tests>
	5124	</tests>
	5125	</service>
	5126	</services>
	5127	</endpoint>
	5128	</endpoints>
	5129	</node>
	5130
	5131	<node address="192.168.1.34" status="alive" device-id="4">
	5132	<fingerprints>
	5133	<os certainty="0.70" device-class="Specialized" vendor="Apple" family="Mac OS X" product="Mac OS X" version="10.8.0" cpe="cpe:/o:apple:mac_os_x:10.0"/>
	5134	<os certainty="0.70" device-class="VoIP" vendor="Apple" family="Mac OS X" product="Mac OS X" version="10.8.0" cpe="cpe:/o:apple:mac_os_x:10.0"/>
	5135	</fingerprints>
	5136	<tests>
	5137	<test id="http-upnp-0001" status="skipped-version">
	5138
	5139	<Paragraph>
	5140	<Paragraph>Based on the result of the "Windows XP UPnP NOTIFY LOCATION Denial of Service" test, this node is not vulnerable to this issue.</Paragraph></Paragraph>
	5141	</test>
	5142
	5143	<test id="tcp-seq-num-approximation" status="not-vulnerable">
	5144
	5145	<Paragraph>
	5146	<Paragraph>TCP reset with incorrect sequence number did not trigger fault on 192.168.1.34:5000 (TCP read returned no data)</Paragraph></Paragraph>
	5147	</test>
	5148
	5149	<test id="generic-icmp-netmask" status="not-vulnerable">
	5150
	5151	<Paragraph>
	5152	<Paragraph>No response</Paragraph></Paragraph>
	5153	</test>
	5154
	5155	<test id="generic-icmp-timestamp" status="not-vulnerable">
	5156
	5157	<Paragraph>
	5158	<Paragraph>No response</Paragraph></Paragraph>
	5159	</test>
	5160
	5161	<test id="generic-tcp-timestamp" status="vulnerable-exploited">
	5162
	5163	<Paragraph>
	5164	<Paragraph>Apparent system boot time: Thu Nov 14 01:50:04 UTC 2013</Paragraph></Paragraph>
	5165	</test>
	5166
	5167	<test id="udp-ipid-zero" status="unknown"/>
	5168	</tests>
	5169	<endpoints>
	5170	<endpoint protocol="tcp" port="5000" status="open">
	5171	<services>
	5172	<service name="UPnP-HTTPU">
	5173	<configuration>
	5174	<config name="upnp.headers.server">AirTunes/190.9</config>
	5175	</configuration>
	5176	<tests>
	5177	<test id="http-upnp-0002" status="not-vulnerable">
	5178
	5179	<Paragraph>
	5180	<Paragraph>DoS attacks are not possible, server closes the connection</Paragraph></Paragraph>
	5181	</test>
	5182	</tests>
	5183	</service>
	5184	</services>
	5185	</endpoint>
	5186
	5187	<endpoint protocol="udp" port="5353" status="open">
	5188	<services>
	5189	<service name="zeroconf (Rendezvous)">
	5190	<tests>
	5191	</tests>
	5192	</service>
	5193	</services>
	5194	</endpoint>
	5195
	5196	<endpoint protocol="tcp" port="7100" status="open">
	5197	<services>
	5198	<service name="XFS">
	5199	<tests>
	5200	</tests>
	5201	</service>
	5202	</services>
	5203	</endpoint>
	5204	</endpoints>
	5205	</node>
	5206
	5207	<node address="192.168.1.35" status="alive" device-id="8">
	5208	<fingerprints>
	5209	<os certainty="0.68" device-class="General" vendor="Apple" family="Mac OS X" product="Mac OS X" version="10.5.6" cpe="cpe:/o:apple:mac_os_x:10.0"/>
	5210	<os certainty="0.66" device-class="General" vendor="FreeBSD" family="FreeBSD" product="FreeBSD" version="5.5-STABLE"/>
	5211	<os certainty="0.65" device-class="General" vendor="FreeBSD" family="FreeBSD" product="FreeBSD" version="6.1-RELEASE"/>
	5212	<os certainty="0.65" device-class="General" vendor="FreeBSD" family="FreeBSD" product="FreeBSD" version="8.0-STABLE"/>
	5213	<os certainty="0.64" device-class="General" vendor="Caldera" family="Open Unix" product="UNIX" version="7.1.0"/>
	5214	<os certainty="0.64" device-class="General" vendor="HP" family="VMS" product="VMS" version="5.1B"/>
	5215	<os certainty="0.64" device-class="General" vendor="HP" family="VMS" product="VMS" version="8.2"/>
	5216	<os certainty="0.64" device-class="General" vendor="HP" family="VMS" product="VMS" version="8.3" cpe="cpe:/o:hp:openvms:8.3"/>
	5217	<os certainty="0.64" device-class="Printer" vendor="Lexmark" family="embedded" product="embedded"/>
	5218	<os certainty="0.64" device-class="General" vendor="OpenBSD" family="OpenBSD" product="OpenBSD" version="4.3"/>
	5219	</fingerprints>
	5220	<tests>
	5221	<test id="generic-icmp-netmask" status="not-vulnerable">
	5222
	5223	<Paragraph>
	5224	<Paragraph>No response</Paragraph></Paragraph>
	5225	</test>
	5226
	5227	<test id="generic-icmp-timestamp" status="not-vulnerable">
	5228
	5229	<Paragraph>
	5230	<Paragraph>No response</Paragraph></Paragraph>
	5231	</test>
	5232	</tests>
	5233	</node>
	5234
	5235	<node address="192.168.1.37" status="alive" hardware-address="E4CE8F490D7C" device-id="2">
	5236	<names>
	5237	<name>MACBOOKPRO-C9A7</name>
	5238	</names>
	5239	<tests>
	5240	<test id="generic-icmp-netmask" status="not-vulnerable">
	5241
	5242	<Paragraph>
	5243	<Paragraph>No response</Paragraph></Paragraph>
	5244	</test>
	5245
	5246	<test id="generic-icmp-timestamp" status="not-vulnerable">
	5247
	5248	<Paragraph>
	5249	<Paragraph>No response</Paragraph></Paragraph>
	5250	</test>
	5251
	5252	<test id="udp-ipid-zero" status="not-vulnerable">
	5253
	5254	<Paragraph>
	5255	<Paragraph>No UDP replies had an IP ID of zero</Paragraph></Paragraph>
	5256	</test>
	5257	</tests>
	5258	<endpoints>
	5259	<endpoint protocol="udp" port="123" status="open">
	5260	<services>
	5261	<service name="NTP">
	5262	<tests>
	5263	<test id="ntp-clock-variables-disclosure" status="not-vulnerable">
	5264
	5265	<Paragraph>
	5266	<Paragraph>No NTP variables were found from a readvar request</Paragraph></Paragraph>
	5267	</test>
	5268	</tests>
	5269	</service>
	5270	</services>
	5271	</endpoint>
	5272
	5273	<endpoint protocol="udp" port="137" status="open">
	5274	<services>
	5275	<service name="CIFS Name Service">
	5276	<configuration>
	5277	<config name="advertised-name-1">MACBOOKPRO-C9A7 (Computer Name)</config>
	5278	<config name="advertised-name-count">1</config>
	5279	<config name="mac-address">E4CE8F490D7C</config>
	5280	</configuration>
	5281	<tests>
	5282	</tests>
	5283	</service>
	5284	</services>
	5285	</endpoint>
	5286	</endpoints>
	5287	</node>
	5288
	5289	<node address="192.168.1.38" status="alive" device-id="9">
	5290	<tests>
	5291	<test id="generic-icmp-netmask" status="not-vulnerable">
	5292
	5293	<Paragraph>
	5294	<Paragraph>No response</Paragraph></Paragraph>
	5295	</test>
	5296
	5297	<test id="generic-icmp-timestamp" status="vulnerable-exploited">
	5298
	5299	<Paragraph>
	5300	<Paragraph>Remote system time: 05:03:21.216 UTC</Paragraph></Paragraph>
	5301	</test>
	5302	</tests>
	5303	</node>
	5304
	5305	<node address="192.168.1.40" status="alive" device-id="3">
	5306	<fingerprints>
	5307	<os certainty="0.70" device-class="VoIP" vendor="Microsoft" family="Windows" product="Windows" version="7.5"/>
	5308	<os certainty="0.70" device-class="General" vendor="Microsoft" family="Windows" product="Windows Server 2008" version="3"/>
	5309	<os certainty="0.70" device-class="General" vendor="Microsoft" family="Windows" product="Windows Server 2008" version="7"/>
	5310	</fingerprints>
	5311	<tests>
	5312	<test id="cifs-insecure-acct-lockout-limit" key="Microsoft Windows Phone 7.5" status="skipped-version">
	5313
	5314	<Paragraph>
	5315	<Paragraph>Skipped OS: Microsoft Windows Phone 7.5
	5316	<Paragraph>
	5317	<UnorderedList>
	5318	<ListItem>The property "account-lockout-failure-threshold is empty.</ListItem></UnorderedList></Paragraph></Paragraph></Paragraph>
	5319	</test>
	5320
	5321	<test id="cifs-insecure-password-length-min" key="Microsoft Windows Phone 7.5" status="skipped-version">
	5322
	5323	<Paragraph>
	5324	<Paragraph>Skipped OS: Microsoft Windows Phone 7.5
	5325	<Paragraph>
	5326	<UnorderedList>
	5327	<ListItem>The property "password-minimum-length is empty.</ListItem></UnorderedList></Paragraph></Paragraph></Paragraph>
	5328	</test>
	5329
	5330	<test id="cifs-no-acct-lockout-limit" key="Microsoft Windows Phone 7.5" status="skipped-version">
	5331
	5332	<Paragraph>
	5333	<Paragraph>Skipped OS: Microsoft Windows Phone 7.5
	5334	<Paragraph>
	5335	<UnorderedList>
	5336	<ListItem>The property "account-lockout-failure-threshold is empty.</ListItem></UnorderedList></Paragraph></Paragraph></Paragraph>
	5337	</test>
	5338
	5339	<test id="cifs-no-password-length-min" key="Microsoft Windows Phone 7.5" status="skipped-version">
	5340
	5341	<Paragraph>
	5342	<Paragraph>Skipped OS: Microsoft Windows Phone 7.5
	5343	<Paragraph>
	5344	<UnorderedList>
	5345	<ListItem>The property "password-minimum-length is empty.</ListItem></UnorderedList></Paragraph></Paragraph></Paragraph>
	5346	</test>
	5347
	5348	<test id="tcp-seq-num-approximation" status="not-vulnerable">
	5349
	5350	<Paragraph>
	5351	<Paragraph>TCP reset with incorrect sequence number did not trigger fault on 192.168.1.40:80 (TCP read returned no data)</Paragraph></Paragraph>
	5352	</test>
	5353
	5354	<test id="generic-icmp-netmask" status="not-vulnerable">
	5355
	5356	<Paragraph>
	5357	<Paragraph>No response</Paragraph></Paragraph>
	5358	</test>
	5359
	5360	<test id="generic-icmp-timestamp" status="not-vulnerable">
	5361
	5362	<Paragraph>
	5363	<Paragraph>No response</Paragraph></Paragraph>
	5364	</test>
	5365
	5366	<test id="generic-tcp-timestamp" status="vulnerable-exploited">
	5367
	5368	<Paragraph>
	5369	<Paragraph>Apparent system boot time: Wed Nov 27 04:31:19 UTC 2013</Paragraph></Paragraph>
	5370	</test>
	5371	</tests>
	5372	<endpoints>
	5373	<endpoint protocol="tcp" port="80" status="open">
	5374	<services>
	5375	<service name="HTTP">
	5376	<tests>
	5377	<test id="adobe-apsb13-03-cve-2013-0632" key="/CFIDE/adminapi/administrator.cfc?" status="not-vulnerable">
	5378
	5379	<Paragraph>
	5380	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5381	<Paragraph>
	5382	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5383	</test>
	5384
	5385	<test id="adobe-apsb13-13-cve-2013-1389" status="skipped-version">
	5386
	5387	<Paragraph>
	5388	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5389	<Paragraph>Based on the result of the "APSB13-13: Security updates available for Adobe ColdFusion (CVE-2013-3336)" test, this node is not vulnerable to this issue.</Paragraph></Paragraph>
	5390	</test>
	5391
	5392	<test id="http-3com-wap-default-admin-password" key="/index.htm" status="not-vulnerable">
	5393
	5394	<Paragraph>
	5395	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5396	<Paragraph>
	5397	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5398	</test>
	5399
	5400	<test id="http-drac-default-login" key="/cgi/login" status="not-vulnerable">
	5401
	5402	<Paragraph>
	5403	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5404	<Paragraph>
	5405	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5406	</test>
	5407
	5408	<test id="http-drac-default-login" status="error">
	5409
	5410	<Paragraph>
	5411	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5412	<Paragraph>java.lang.StringIndexOutOfBoundsException: String index out of range: 55
	5413	at java.lang.String.substring(String.java:1907)
	5414	at com.rapid7.net.http.HTTPResponseParser.parseFirstLine(Unknown Source)
	5415	at com.rapid7.net.http.HTTPMessageParser.parse(Unknown Source)
	5416	at com.rapid7.net.http.HTTPResponseParser.parseResponse(Unknown Source)
	5417	at com.rapid7.net.http.HTTPSession.parseResponse(Unknown Source)
	5418	at com.rapid7.net.http.HTTPSession.doReceiveResponse(Unknown Source)
	5419	at com.rapid7.net.http.HTTPSession.getResponseFor(Unknown Source)
	5420	at com.rapid7.net.http.HTTPSession.sendRequest(Unknown Source)
	5421	at com.rapid7.net.http.HTTPClient.request(Unknown Source)
	5422	at com.rapid7.net.http.HTTPClient.request(Unknown Source)
	5423	at com.rapid7.net.http.HTTPClient.request(Unknown Source)
	5424	at com.rapid7.nexpose.plugin.http.HTTPCheckHandler$HTTPReqRespTest.isMatch(Unknown Source)
	5425	at com.rapid7.nexpose.plugin.http.HTTPCheckHandler$HTTPCheckTest.performCheck(Unknown Source)
	5426	at com.rapid7.nexpose.plugin.http.HTTPCheckHandler.handle(Unknown Source)
	5427	at com.rapid7.nexpose.plugin.BaseCheckContext.invokeTest(Unknown Source)
	5428	at com.rapid7.nexpose.nse.VulnerabilityCheckContext.performTests(Unknown Source)
	5429	at sun.reflect.GeneratedMethodAccessor252.invoke(Unknown Source)
	5430	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	5431	at java.lang.reflect.Method.invoke(Method.java:606)
	5432	at com.rapid7.thread.ThreadedCall.invokeCall(Unknown Source)
	5433	at com.rapid7.thread.ThreadedCall.execute(Unknown Source)
	5434	at com.rapid7.thread.ThreadedCallRunner.executeCall(Unknown Source)
	5435	at com.rapid7.thread.ThreadedCallRunner.run(Unknown Source)
	5436	</Paragraph></Paragraph>
	5437	</test>
	5438
	5439	<test id="http-glassfish-default-admin-password" key="/common/index.jsf" status="not-vulnerable">
	5440
	5441	<Paragraph>
	5442	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5443	<Paragraph>
	5444	<ContainerBlockElement>
	5445	<ContainerBlockElement>
	5446	<Paragraph>HTTP GET request to
	5447	<URLLink LinkURL="http://192.168.1.40/common/index.jsf" LinkTitle="http://192.168.1.40/common/index.jsf"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5448	</test>
	5449
	5450	<test id="http-nokia-firewall-default-admin-password" key="/cgi-bin/home.tcl" status="not-vulnerable">
	5451
	5452	<Paragraph>
	5453	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5454	<Paragraph>
	5455	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5456	</test>
	5457
	5458	<test id="http-phpmyadmin-account-pma-password-empty" key="/phpmyadmin/" status="not-vulnerable">
	5459
	5460	<Paragraph>
	5461	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5462	<Paragraph>
	5463	<ContainerBlockElement>
	5464	<ContainerBlockElement>
	5465	<Paragraph>HTTP GET request to
	5466	<URLLink LinkURL="http://192.168.1.40/phpmyadmin/" LinkTitle="http://192.168.1.40/phpmyadmin/"></URLLink></Paragraph>HTTP response code was 404 but expected 401</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5467	</test>
	5468
	5469	<test id="apache-struts-cve-2013-2251" key="/struts2-blank/example/HelloWorld.action" status="not-vulnerable">
	5470
	5471	<Paragraph>
	5472	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5473	<Paragraph>
	5474	<ContainerBlockElement>
	5475	<ContainerBlockElement>
	5476	<Paragraph>HTTP GET request to
	5477	<URLLink LinkURL="http://192.168.1.40/struts2-blank/example/HelloWorld.action" LinkTitle="http://192.168.1.40/struts2-blank/example/HelloWorld.action"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5478	</test>
	5479
	5480	<test id="apache-struts-cve-2013-2251" key="/struts2-showcase/employee/save.action" status="not-vulnerable">
	5481
	5482	<Paragraph>
	5483	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5484	<Paragraph>
	5485	<ContainerBlockElement>
	5486	<ContainerBlockElement>
	5487	<Paragraph>HTTP GET request to
	5488	<URLLink LinkURL="http://192.168.1.40/struts2-showcase/employee/save.action" LinkTitle="http://192.168.1.40/struts2-showcase/employee/save.action"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5489	</test>
	5490
	5491	<test id="checkpoint-ess-info-disclosure-sk57881" key="/conf/ssl/apache/integrity-smartcenter.key" status="not-vulnerable">
	5492
	5493	<Paragraph>
	5494	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5495	<Paragraph>
	5496	<ContainerBlockElement>
	5497	<ContainerBlockElement>
	5498	<Paragraph>HTTP GET request to
	5499	<URLLink LinkURL="http://192.168.1.40/conf/ssl/apache/integrity.key" LinkTitle="http://192.168.1.40/conf/ssl/apache/integrity.key"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	5500	<ContainerBlockElement>
	5501	<Paragraph>HTTP GET request to
	5502	<URLLink LinkURL="http://192.168.1.40/conf/ssl/apache/integrity-smartcenter.key" LinkTitle="http://192.168.1.40/conf/ssl/apache/integrity-smartcenter.key"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5503	</test>
	5504
	5505	<test id="adobe-apsb10-18-cve-2010-2861" key="/CFIDE/administrator/enter.cfm?locale=../../../../../../../lib/password.properties%00en" status="not-vulnerable">
	5506
	5507	<Paragraph>
	5508	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5509	<Paragraph>
	5510	<ContainerBlockElement>
	5511	<ContainerBlockElement>
	5512	<Paragraph>HTTP GET request to
	5513	<URLLink LinkURL="http://192.168.1.40/CFIDE/administrator/enter.cfm?locale=../../../../../../../lib/password.properties%00en" LinkTitle="http://192.168.1.40/CFIDE/administrator/enter.cfm?locale=../../../../../../../lib/password.properties%00en"></URLLink></Paragraph>HTTP response code was 404 but expected 200HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5514	</test>
	5515
	5516	<test id="http-awstats-remote-code-execution" key="/cgi-bin/awstats/awstats.pl?PluginMode=:print+%22x%22%2e(1042+%2b+1099)%2e%22x%22;" status="not-vulnerable">
	5517
	5518	<Paragraph>
	5519	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5520	<Paragraph>
	5521	<ContainerBlockElement>
	5522	<ContainerBlockElement>
	5523	<Paragraph>HTTP GET request to
	5524	<URLLink LinkURL="http://192.168.1.40/cgi-bin/awstats.pl?PluginMode=:print+%22x%22%2e(1042+%2b+1099)%2e%22x%22;" LinkTitle="http://192.168.1.40/cgi-bin/awstats.pl?PluginMode=:print+%22x%22%2e(1042+%2b+1099)%2e%22x%22;"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	5525	<ContainerBlockElement>
	5526	<Paragraph>HTTP GET request to
	5527	<URLLink LinkURL="http://192.168.1.40/cgi-bin/awstats/awstats.pl?PluginMode=:print+%22x%22%2e(1042+%2b+1099)%2e%22x%22;" LinkTitle="http://192.168.1.40/cgi-bin/awstats/awstats.pl?PluginMode=:print+%22x%22%2e(1042+%2b+1099)%2e%22x%22;"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5528	</test>
	5529
	5530	<test id="http-cgi-faxsurvey-command-execution" key="/cgi-bin/faxquery?/bin/cat%20/etc/passwd" status="not-vulnerable">
	5531
	5532	<Paragraph>
	5533	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5534	<Paragraph>
	5535	<ContainerBlockElement>
	5536	<ContainerBlockElement>
	5537	<Paragraph>HTTP GET request to
	5538	<URLLink LinkURL="http://192.168.1.40/cgi-bin/faxsurvey?/bin/cat%20/etc/passwd" LinkTitle="http://192.168.1.40/cgi-bin/faxsurvey?/bin/cat%20/etc/passwd"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	5539	<ContainerBlockElement>
	5540	<Paragraph>HTTP GET request to
	5541	<URLLink LinkURL="http://192.168.1.40/cgi-bin/faxquery?/bin/cat%20/etc/passwd" LinkTitle="http://192.168.1.40/cgi-bin/faxquery?/bin/cat%20/etc/passwd"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5542	</test>
	5543
	5544	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/servermanager/" status="not-vulnerable">
	5545
	5546	<Paragraph>
	5547	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5548	<Paragraph>
	5549	<ContainerBlockElement>
	5550	<ContainerBlockElement>
	5551	<Paragraph>HTTP GET request to
	5552	<URLLink LinkURL="http://192.168.1.40/CFIDE/servermanager/" LinkTitle="http://192.168.1.40/CFIDE/servermanager/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5553	</test>
	5554
	5555	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/AIR/" status="not-vulnerable">
	5556
	5557	<Paragraph>
	5558	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5559	<Paragraph>
	5560	<ContainerBlockElement>
	5561	<ContainerBlockElement>
	5562	<Paragraph>HTTP GET request to
	5563	<URLLink LinkURL="http://192.168.1.40/CFIDE/AIR/" LinkTitle="http://192.168.1.40/CFIDE/AIR/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5564	</test>
	5565
	5566	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/administrator/enter.cfm" status="not-vulnerable">
	5567
	5568	<Paragraph>
	5569	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5570	<Paragraph>
	5571	<ContainerBlockElement>
	5572	<ContainerBlockElement>
	5573	<Paragraph>HTTP GET request to
	5574	<URLLink LinkURL="http://192.168.1.40/CFIDE/administrator/" LinkTitle="http://192.168.1.40/CFIDE/administrator/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	5575	<ContainerBlockElement>
	5576	<Paragraph>HTTP GET request to
	5577	<URLLink LinkURL="http://192.168.1.40/CFIDE/administrator/enter.cfm" LinkTitle="http://192.168.1.40/CFIDE/administrator/enter.cfm"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5578	</test>
	5579
	5580	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/adminiapi/" status="not-vulnerable">
	5581
	5582	<Paragraph>
	5583	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5584	<Paragraph>
	5585	<ContainerBlockElement>
	5586	<ContainerBlockElement>
	5587	<Paragraph>HTTP GET request to
	5588	<URLLink LinkURL="http://192.168.1.40/CFIDE/adminiapi/" LinkTitle="http://192.168.1.40/CFIDE/adminiapi/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5589	</test>
	5590
	5591	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/adminapi/base.cfc?wsdl" status="not-vulnerable">
	5592
	5593	<Paragraph>
	5594	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5595	<Paragraph>
	5596	<ContainerBlockElement>
	5597	<ContainerBlockElement>
	5598	<Paragraph>HTTP GET request to
	5599	<URLLink LinkURL="http://192.168.1.40/CFIDE/adminapi/base.cfc?wsdl" LinkTitle="http://192.168.1.40/CFIDE/adminapi/base.cfc?wsdl"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5600	</test>
	5601
	5602	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/wizards/common/utils.cfc?method=verifyldapserver&vserver=localhost&vport=22&vstart=&vusername=&vpassword=&returnformat=json" status="not-vulnerable">
	5603
	5604	<Paragraph>
	5605	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5606	<Paragraph>
	5607	<ContainerBlockElement>
	5608	<ContainerBlockElement>
	5609	<Paragraph>HTTP GET request to
	5610	<URLLink LinkURL="http://192.168.1.40/CFIDE/wizards/common/utils.cfc?method=verifyldapserver&vserver=localhost&vport=22&vstart=&vusername=&vpassword=&returnformat=json" LinkTitle="http://192.168.1.40/CFIDE/wizards/common/utils.cfc?method=verifyldapserver&vserver=localhost&vport=22&vstart=&vusername=&vpassword=&returnformat=json"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5611	</test>
	5612
	5613	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/scheduler/" status="not-vulnerable">
	5614
	5615	<Paragraph>
	5616	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5617	<Paragraph>
	5618	<ContainerBlockElement>
	5619	<ContainerBlockElement>
	5620	<Paragraph>HTTP GET request to
	5621	<URLLink LinkURL="http://192.168.1.40/CFIDE/scheduler/" LinkTitle="http://192.168.1.40/CFIDE/scheduler/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5622	</test>
	5623
	5624	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/wizards/common/" status="not-vulnerable">
	5625
	5626	<Paragraph>
	5627	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5628	<Paragraph>
	5629	<ContainerBlockElement>
	5630	<ContainerBlockElement>
	5631	<Paragraph>HTTP GET request to
	5632	<URLLink LinkURL="http://192.168.1.40/CFIDE/wizards/common/" LinkTitle="http://192.168.1.40/CFIDE/wizards/common/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5633	</test>
	5634
	5635	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/appdeployment/" status="not-vulnerable">
	5636
	5637	<Paragraph>
	5638	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5639	<Paragraph>
	5640	<ContainerBlockElement>
	5641	<ContainerBlockElement>
	5642	<Paragraph>HTTP GET request to
	5643	<URLLink LinkURL="http://192.168.1.40/CFIDE/appdeployment/" LinkTitle="http://192.168.1.40/CFIDE/appdeployment/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5644	</test>
	5645
	5646	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/componentutils/" status="not-vulnerable">
	5647
	5648	<Paragraph>
	5649	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5650	<Paragraph>
	5651	<ContainerBlockElement>
	5652	<ContainerBlockElement>
	5653	<Paragraph>HTTP GET request to
	5654	<URLLink LinkURL="http://192.168.1.40/CFIDE/componentutils/" LinkTitle="http://192.168.1.40/CFIDE/componentutils/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5655	</test>
	5656
	5657	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/websocket/" status="not-vulnerable">
	5658
	5659	<Paragraph>
	5660	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5661	<Paragraph>
	5662	<ContainerBlockElement>
	5663	<ContainerBlockElement>
	5664	<Paragraph>HTTP GET request to
	5665	<URLLink LinkURL="http://192.168.1.40/CFIDE/websocket/" LinkTitle="http://192.168.1.40/CFIDE/websocket/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5666	</test>
	5667
	5668	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/services/" status="not-vulnerable">
	5669
	5670	<Paragraph>
	5671	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5672	<Paragraph>
	5673	<ContainerBlockElement>
	5674	<ContainerBlockElement>
	5675	<Paragraph>HTTP GET request to
	5676	<URLLink LinkURL="http://192.168.1.40/CFIDE/services/" LinkTitle="http://192.168.1.40/CFIDE/services/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5677	</test>
	5678
	5679	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/orm/" status="not-vulnerable">
	5680
	5681	<Paragraph>
	5682	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5683	<Paragraph>
	5684	<ContainerBlockElement>
	5685	<ContainerBlockElement>
	5686	<Paragraph>HTTP GET request to
	5687	<URLLink LinkURL="http://192.168.1.40/CFIDE/orm/" LinkTitle="http://192.168.1.40/CFIDE/orm/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5688	</test>
	5689
	5690	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/portlets/" status="not-vulnerable">
	5691
	5692	<Paragraph>
	5693	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5694	<Paragraph>
	5695	<ContainerBlockElement>
	5696	<ContainerBlockElement>
	5697	<Paragraph>HTTP GET request to
	5698	<URLLink LinkURL="http://192.168.1.40/CFIDE/portlets/" LinkTitle="http://192.168.1.40/CFIDE/portlets/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5699	</test>
	5700
	5701	<test id="http-frontpage-unprotected" key="/_vti_bin/_vti_aut/author.dll" status="not-vulnerable">
	5702
	5703	<Paragraph>
	5704	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5705	<Paragraph>
	5706	<ContainerBlockElement>
	5707	<ContainerBlockElement>
	5708	<Paragraph>HTTP GET request to
	5709	<URLLink LinkURL="http://192.168.1.40/_vti_bin/_vti_aut/author.dll" LinkTitle="http://192.168.1.40/_vti_bin/_vti_aut/author.dll"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5710	</test>
	5711
	5712	<test id="http-php-xmlrpc-code-injection" key="/xmlrpc.php" status="not-vulnerable">
	5713
	5714	<Paragraph>
	5715	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5716	<Paragraph>
	5717	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5718	</test>
	5719
	5720	<test id="adobe-apsb13-03-cve-2013-0625" status="skipped-version">
	5721
	5722	<Paragraph>
	5723	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5724	<Paragraph>Based on the result of the "APSB13-03: Security updates available for Adobe ColdFusion (CVE-2013-0629)" test, this node is not vulnerable to this issue.</Paragraph></Paragraph>
	5725	</test>
	5726
	5727	<test id="http-basic-auth-cleartext" key="/" status="not-vulnerable">
	5728
	5729	<Paragraph>
	5730	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5731	<Paragraph>
	5732	<ContainerBlockElement>
	5733	<ContainerBlockElement>
	5734	<Paragraph>HTTP GET request to
	5735	<URLLink LinkURL="http://192.168.1.40/" LinkTitle="http://192.168.1.40/"></URLLink></Paragraph>HTTP response code was 404 but expected 401</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5736	</test>
	5737
	5738	<test id="http-iis-0014" status="not-vulnerable">
	5739
	5740	<Paragraph>
	5741	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5742	<Paragraph>Based on the following 3 results:
	5743	<OrderedList>
	5744	<ListItem>
	5745	<Paragraph>
	5746	<ContainerBlockElement>
	5747	<ContainerBlockElement>
	5748	<Paragraph>HTTP GET request to
	5749	<URLLink LinkURL="http://192.168.1.40/scripts/tools/newdsn.exe?driver=Microsoft%2BAccess%2BDriver%2B%28.mdb%29&dsn=Web%20SQL&dbq=c:\temp\xyz.mdb&newdb=CREATE_DB&attr=" LinkTitle="http://192.168.1.40/scripts/tools/newdsn.exe?driver=Microsoft%2BAccess%2BDriver%2B%28.mdb%29&dsn=Web%20SQL&dbq=c:\temp\xyz.mdb&newdb=CREATE_DB&attr="></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></ListItem>
	5750	<ListItem>
	5751	<Paragraph>
	5752	<ContainerBlockElement>
	5753	<ContainerBlockElement>
	5754	<Paragraph>HTTP GET request to
	5755	<URLLink LinkURL="http://192.168.1.40/AdvWorks/equipment/catalog_type.asp?ProductType=\|shell("c:cmd.exe")\|" LinkTitle="http://192.168.1.40/AdvWorks/equipment/catalog_type.asp?ProductType=\|shell("c:cmd.exe")\|"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></ListItem>
	5756	<ListItem>
	5757	<Paragraph>
	5758	<ContainerBlockElement>
	5759	<ContainerBlockElement>
	5760	<Paragraph>HTTP GET request to
	5761	<URLLink LinkURL="http://192.168.1.40/ASPSamp/AdvWorks/equipment/catalog_type.asp?ProductType=\|shell("c:cmd.exe")\|" LinkTitle="http://192.168.1.40/ASPSamp/AdvWorks/equipment/catalog_type.asp?ProductType=\|shell("c:cmd.exe")\|"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></ListItem></OrderedList></Paragraph></Paragraph>
	5762	</test>
	5763
	5764	<test id="http-cgi-viewsource-arbitrary-file-access" key="/cgi-bin/view-source?../../../../../../../etc/passwd" status="not-vulnerable">
	5765
	5766	<Paragraph>
	5767	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5768	<Paragraph>
	5769	<ContainerBlockElement>
	5770	<ContainerBlockElement>
	5771	<Paragraph>HTTP GET request to
	5772	<URLLink LinkURL="http://192.168.1.40/cgi-bin/view-source?../../../../../../../etc/passwd" LinkTitle="http://192.168.1.40/cgi-bin/view-source?../../../../../../../etc/passwd"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5773	</test>
	5774
	5775	<test id="http-trace-method-enabled" key="/" status="not-vulnerable">
	5776
	5777	<Paragraph>
	5778	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5779	<Paragraph>
	5780	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5781	</test>
	5782
	5783	<test id="http-track-method-enabled" key="/" status="not-vulnerable">
	5784
	5785	<Paragraph>
	5786	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5787	<Paragraph>
	5788	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5789	</test>
	5790
	5791	<test id="spider-adobe-flash-permissive-crossdomain-xml" key="/crossdomain.xml" status="not-vulnerable">
	5792
	5793	<Paragraph>
	5794	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5795	<Paragraph>
	5796	<ContainerBlockElement>
	5797	<ContainerBlockElement>
	5798	<Paragraph>HTTP GET request to
	5799	<URLLink LinkURL="http://192.168.1.40/crossdomain.xml" LinkTitle="http://192.168.1.40/crossdomain.xml"></URLLink></Paragraph></ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5800	</test>
	5801
	5802	<test id="adobe-apsb13-03-cve-2013-0631" key="/CFIDE/r.cfm" status="not-vulnerable">
	5803
	5804	<Paragraph>
	5805	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5806	<Paragraph>
	5807	<ContainerBlockElement>
	5808	<ContainerBlockElement>
	5809	<Paragraph>HTTP GET request to
	5810	<URLLink LinkURL="http://192.168.1.40/CFIDE/adminapi/customtags/fusebox.cfm" LinkTitle="http://192.168.1.40/CFIDE/adminapi/customtags/fusebox.cfm"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	5811	<ContainerBlockElement>
	5812	<Paragraph>HTTP GET request to
	5813	<URLLink LinkURL="http://192.168.1.40/CFIDE/adminapi/customtags/adss.cfm" LinkTitle="http://192.168.1.40/CFIDE/adminapi/customtags/adss.cfm"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	5814	<ContainerBlockElement>
	5815	<Paragraph>HTTP GET request to
	5816	<URLLink LinkURL="http://192.168.1.40/CFIDE/h.cfm" LinkTitle="http://192.168.1.40/CFIDE/h.cfm"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	5817	<ContainerBlockElement>
	5818	<Paragraph>HTTP GET request to
	5819	<URLLink LinkURL="http://192.168.1.40/CFIDE/h9.cfm" LinkTitle="http://192.168.1.40/CFIDE/h9.cfm"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	5820	<ContainerBlockElement>
	5821	<Paragraph>HTTP GET request to
	5822	<URLLink LinkURL="http://192.168.1.40/CFIDE/help.cfm" LinkTitle="http://192.168.1.40/CFIDE/help.cfm"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	5823	<ContainerBlockElement>
	5824	<Paragraph>HTTP GET request to
	5825	<URLLink LinkURL="http://192.168.1.40/CFIDE/i.cfm" LinkTitle="http://192.168.1.40/CFIDE/i.cfm"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	5826	<ContainerBlockElement>
	5827	<Paragraph>HTTP GET request to
	5828	<URLLink LinkURL="http://192.168.1.40/CFIDE/r.cfm" LinkTitle="http://192.168.1.40/CFIDE/r.cfm"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5829	</test>
	5830
	5831	<test id="adobe-apsb13-13-cve-2013-3336" key="/CFIDE/adminapi/customtags/l10n.cfm?attributes.id=test&attributes.file=../../administrator/mail/download.cfm&filename=../lib/password.properties&attributes.locale=it&attributes.var=it&attributes.jscript=false&attributes.type=text/html&attributes.charset=U" status="not-vulnerable">
	5832
	5833	<Paragraph>
	5834	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5835	<Paragraph>
	5836	<ContainerBlockElement>
	5837	<ContainerBlockElement>
	5838	<Paragraph>HTTP GET request to
	5839	<URLLink LinkURL="http://192.168.1.40/CFIDE/adminapi/customtags/l10n.cfm?attributes.id=test&attributes.file=../../administrator/mail/download.cfm&filename=../../lib/password.properties&attributes.locale=it&attributes.var=it&attributes.jscript=false&attributes.type=text/html&attributes.charset=UTF-8&thisTag.executionmode=end&thisTag.generatedContent=test" LinkTitle="http://192.168.1.40/CFIDE/adminapi/customtags/l10n.cfm?attributes.id=test&attributes.file=../../administrator/mail/download.cfm&filename=../../lib/password.properties&attributes.locale=it&attributes.var=it&attributes.jscript=false&attributes.type=text/html&attributes.charset=UTF-8&thisTag.executionmode=end&thisTag.generatedContent=test"></URLLink></Paragraph>HTTP response code was 404 but expected 200HTTP response code was 404 but expected 200HTTP response code was 404 but expected 200</ContainerBlockElement>
	5840	<ContainerBlockElement>
	5841	<Paragraph>HTTP GET request to
	5842	<URLLink LinkURL="http://192.168.1.40/CFIDE/adminapi/customtags/l10n.cfm?attributes.id=test&attributes.file=../../administrator/mail/download.cfm&filename=../lib/password.properties&attributes.locale=it&attributes.var=it&attributes.jscript=false&attributes.type=text/html&attributes.charset=UTF-8&thisTag.executionmode=end&thisTag.generatedContent=test" LinkTitle="http://192.168.1.40/CFIDE/adminapi/customtags/l10n.cfm?attributes.id=test&attributes.file=../../administrator/mail/download.cfm&filename=../lib/password.properties&attributes.locale=it&attributes.var=it&attributes.jscript=false&attributes.type=text/html&attributes.charset=UTF-8&thisTag.executionmode=end&thisTag.generatedContent=test"></URLLink></Paragraph>HTTP response code was 404 but expected 200HTTP response code was 404 but expected 200HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5843	</test>
	5844
	5845	<test id="http-awstats-debug-information-disclosure" key="/cgi-bin/awstats/awstats.pl?debug=1" status="not-vulnerable">
	5846
	5847	<Paragraph>
	5848	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5849	<Paragraph>
	5850	<ContainerBlockElement>
	5851	<ContainerBlockElement>
	5852	<Paragraph>HTTP GET request to
	5853	<URLLink LinkURL="http://192.168.1.40/cgi-bin/awstats.pl?debug=1" LinkTitle="http://192.168.1.40/cgi-bin/awstats.pl?debug=1"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	5854	<ContainerBlockElement>
	5855	<Paragraph>HTTP GET request to
	5856	<URLLink LinkURL="http://192.168.1.40/cgi-bin/awstats/awstats.pl?debug=1" LinkTitle="http://192.168.1.40/cgi-bin/awstats/awstats.pl?debug=1"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5857	</test>
	5858
	5859	<test id="http-bigbrother-accessible" key="/bb/" status="not-vulnerable">
	5860
	5861	<Paragraph>
	5862	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5863	<Paragraph>
	5864	<ContainerBlockElement>
	5865	<ContainerBlockElement>
	5866	<Paragraph>HTTP GET request to
	5867	<URLLink LinkURL="http://192.168.1.40/bb/" LinkTitle="http://192.168.1.40/bb/"></URLLink></Paragraph></ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5868	</test>
	5869
	5870	<test id="http-cgi-htdig-arbitrary-file-access" key="/cgi-bin/htsearch?Exclude=%60/etc/passwd%60" status="not-vulnerable">
	5871
	5872	<Paragraph>
	5873	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5874	<Paragraph>
	5875	<ContainerBlockElement>
	5876	<ContainerBlockElement>
	5877	<Paragraph>HTTP GET request to
	5878	<URLLink LinkURL="http://192.168.1.40/cgi-bin/htsearch?Exclude=%60/etc/passwd%60" LinkTitle="http://192.168.1.40/cgi-bin/htsearch?Exclude=%60/etc/passwd%60"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5879	</test>
	5880
	5881	<test id="http-cgi-htgrep-arbitrary-file-access" key="/cgi-bin/htgrep/file=index.html&hdr=/etc/passwd" status="not-vulnerable">
	5882
	5883	<Paragraph>
	5884	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5885	<Paragraph>
	5886	<ContainerBlockElement>
	5887	<ContainerBlockElement>
	5888	<Paragraph>HTTP GET request to
	5889	<URLLink LinkURL="http://192.168.1.40/cgi-bin/htgrep/file=index.html&hdr=/etc/passwd" LinkTitle="http://192.168.1.40/cgi-bin/htgrep/file=index.html&hdr=/etc/passwd"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5890	</test>
	5891
	5892	<test id="http-cgi-htmlscript-arbitrary-file-access" key="/cgi-bin/htmlscript?../../../../../../../etc/passwd" status="not-vulnerable">
	5893
	5894	<Paragraph>
	5895	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5896	<Paragraph>
	5897	<ContainerBlockElement>
	5898	<ContainerBlockElement>
	5899	<Paragraph>HTTP GET request to
	5900	<URLLink LinkURL="http://192.168.1.40/cgi-bin/htmlscript?../../../../../../../etc/passwd" LinkTitle="http://192.168.1.40/cgi-bin/htmlscript?../../../../../../../etc/passwd"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5901	</test>
	5902
	5903	<test id="http-cgi-testcgi-file-listing" key="/cgi-bin/test-cgi" status="not-vulnerable">
	5904
	5905	<Paragraph>
	5906	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5907	<Paragraph>
	5908	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5909	</test>
	5910
	5911	<test id="http-lighttpd-mod_userdir-info-discl" key="/~bin/true" status="not-vulnerable">
	5912
	5913	<Paragraph>
	5914	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5915	<Paragraph>
	5916	<ContainerBlockElement>
	5917	<ContainerBlockElement>
	5918	<Paragraph>HTTP GET request to
	5919	<URLLink LinkURL="http://192.168.1.40/~bin/true" LinkTitle="http://192.168.1.40/~bin/true"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5920	</test>
	5921
	5922	<test id="http-open-proxy" key="http://www.google.com:80/" status="not-vulnerable">
	5923
	5924	<Paragraph>
	5925	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5926	<Paragraph>
	5927	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5928	</test>
	5929
	5930	<test id="http-php-ini-file-exposed" key="/cgi-bin/php.ini" status="not-vulnerable">
	5931
	5932	<Paragraph>
	5933	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5934	<Paragraph>
	5935	<ContainerBlockElement>
	5936	<ContainerBlockElement>
	5937	<Paragraph>HTTP GET request to
	5938	<URLLink LinkURL="http://192.168.1.40/cgi-bin/php.ini" LinkTitle="http://192.168.1.40/cgi-bin/php.ini"></URLLink></Paragraph></ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5939	</test>
	5940
	5941	<test id="http-symantec-scan-engine-file-disclosure" key="/README.txt" status="not-vulnerable">
	5942
	5943	<Paragraph>
	5944	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5945	<Paragraph>
	5946	<ContainerBlockElement>
	5947	<ContainerBlockElement>
	5948	<Paragraph>HTTP GET request to
	5949	<URLLink LinkURL="http://192.168.1.40/README.txt" LinkTitle="http://192.168.1.40/README.txt"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5950	</test>
	5951
	5952	<test id="http-tomcat-jkstatus-accessible" key="/jkstatus/" status="not-vulnerable">
	5953
	5954	<Paragraph>
	5955	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5956	<Paragraph>
	5957	<ContainerBlockElement>
	5958	<ContainerBlockElement>
	5959	<Paragraph>HTTP GET request to
	5960	<URLLink LinkURL="http://192.168.1.40/jkstatus/" LinkTitle="http://192.168.1.40/jkstatus/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5961	</test>
	5962
	5963	<test id="adobe-apsb13-03-cve-2013-0629" key="/CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtml&name=CFIDE.componentutils.cfcexplorer&path=../../../../license.html" status="not-vulnerable">
	5964
	5965	<Paragraph>
	5966	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5967	<Paragraph>
	5968	<ContainerBlockElement>
	5969	<ContainerBlockElement>
	5970	<Paragraph>HTTP GET request to
	5971	<URLLink LinkURL="http://192.168.1.40/CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtml&name=CFIDE.componentutils.cfcexplorer&path=../../../license.txt" LinkTitle="http://192.168.1.40/CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtml&name=CFIDE.componentutils.cfcexplorer&path=../../../license.txt"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	5972	<ContainerBlockElement>
	5973	<Paragraph>HTTP GET request to
	5974	<URLLink LinkURL="http://192.168.1.40/CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtml&name=CFIDE.componentutils.cfcexplorer&path=../../../../license.html" LinkTitle="http://192.168.1.40/CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtml&name=CFIDE.componentutils.cfcexplorer&path=../../../../license.html"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5975	</test>
	5976
	5977	<test id="apache-httpd-cve-2008-0005" key="ftp://ftp.kernel.org/;utf7xss" status="not-vulnerable">
	5978
	5979	<Paragraph>
	5980	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5981	<Paragraph>
	5982	<ContainerBlockElement>
	5983	<ContainerBlockElement>
	5984	<Paragraph>HTTP GET request to
	5985	<URLLink LinkURL="ftp://ftp.kernel.org/;utf7xss" LinkTitle="ftp://ftp.kernel.org/;utf7xss"></URLLink></Paragraph>HTTP response code was 501 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5986	</test>
	5987
	5988	<test id="apache-httpd-cve-2008-0005" key="ftp://ftp.kernel.org/;utf7xss" status="not-vulnerable">
	5989
	5990	<Paragraph>
	5991	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	5992	<Paragraph>
	5993	<ContainerBlockElement>
	5994	<ContainerBlockElement>
	5995	<Paragraph>HTTP GET request to
	5996	<URLLink LinkURL="ftp://ftp.kernel.org/;utf7xss" LinkTitle="ftp://ftp.kernel.org/;utf7xss"></URLLink></Paragraph>HTTP response code was 501 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	5997	</test>
	5998
	5999	<test id="apache-httpd-cve-2008-2939" key="ftp://ftp.kernel.org/*<img%20src=""%20onerror="alert(42)">" status="not-vulnerable">
	6000
	6001	<Paragraph>
	6002	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6003	<Paragraph>
	6004	<ContainerBlockElement>
	6005	<ContainerBlockElement>
	6006	<Paragraph>HTTP GET request to
	6007	<URLLink LinkURL="ftp://ftp.kernel.org/<img%20src=""%20onerror="alert(42)">" LinkTitle="ftp://ftp.kernel.org/<img%20src=""%20onerror="alert(42)">"></URLLink></Paragraph>HTTP response code was 501 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6008	</test>
	6009
	6010	<test id="apache-httpd-cve-2008-2939" key="ftp://ftp.kernel.org/*<img%20src=""%20onerror="alert(42)">" status="not-vulnerable">
	6011
	6012	<Paragraph>
	6013	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6014	<Paragraph>
	6015	<ContainerBlockElement>
	6016	<ContainerBlockElement>
	6017	<Paragraph>HTTP GET request to
	6018	<URLLink LinkURL="ftp://ftp.kernel.org/<img%20src=""%20onerror="alert(42)">" LinkTitle="ftp://ftp.kernel.org/<img%20src=""%20onerror="alert(42)">"></URLLink></Paragraph>HTTP response code was 501 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6019	</test>
	6020
	6021	<test id="http-adobe-amf-gateway-xxe-cve-2009-3960" key="/flex2gateway/http" status="not-vulnerable">
	6022
	6023	<Paragraph>
	6024	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6025	<Paragraph>
	6026	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6027	</test>
	6028	</tests>
	6029	</service>
	6030	</services>
	6031	</endpoint>
	6032
	6033	<endpoint protocol="tcp" port="443" status="open">
	6034	<services>
	6035	<service name="HTTP">
	6036	<tests>
	6037	<test id="adobe-apsb13-03-cve-2013-0632" key="/CFIDE/adminapi/administrator.cfc?" status="not-vulnerable">
	6038
	6039	<Paragraph>
	6040	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6041	<Paragraph>
	6042	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6043	</test>
	6044
	6045	<test id="adobe-apsb13-13-cve-2013-1389" status="skipped-version">
	6046
	6047	<Paragraph>
	6048	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6049	<Paragraph>Based on the result of the "APSB13-13: Security updates available for Adobe ColdFusion (CVE-2013-3336)" test, this node is not vulnerable to this issue.</Paragraph></Paragraph>
	6050	</test>
	6051
	6052	<test id="http-3com-wap-default-admin-password" key="/index.htm" status="not-vulnerable">
	6053
	6054	<Paragraph>
	6055	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6056	<Paragraph>
	6057	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6058	</test>
	6059
	6060	<test id="http-drac-default-login" key="/cgi/login" status="not-vulnerable">
	6061
	6062	<Paragraph>
	6063	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6064	<Paragraph>
	6065	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6066	</test>
	6067
	6068	<test id="http-drac-default-login" key="/data/login" status="not-vulnerable">
	6069
	6070	<Paragraph>
	6071	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6072	<Paragraph>
	6073	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6074	</test>
	6075
	6076	<test id="http-glassfish-default-admin-password" key="/common/index.jsf" status="not-vulnerable">
	6077
	6078	<Paragraph>
	6079	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6080	<Paragraph>
	6081	<ContainerBlockElement>
	6082	<ContainerBlockElement>
	6083	<Paragraph>HTTP GET request to
	6084	<URLLink LinkURL="http://192.168.1.40:443/common/index.jsf" LinkTitle="http://192.168.1.40:443/common/index.jsf"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6085	</test>
	6086
	6087	<test id="http-nokia-firewall-default-admin-password" key="/cgi-bin/home.tcl" status="not-vulnerable">
	6088
	6089	<Paragraph>
	6090	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6091	<Paragraph>
	6092	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6093	</test>
	6094
	6095	<test id="http-phpmyadmin-account-pma-password-empty" key="/phpmyadmin/" status="not-vulnerable">
	6096
	6097	<Paragraph>
	6098	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6099	<Paragraph>
	6100	<ContainerBlockElement>
	6101	<ContainerBlockElement>
	6102	<Paragraph>HTTP GET request to
	6103	<URLLink LinkURL="http://192.168.1.40:443/phpmyadmin/" LinkTitle="http://192.168.1.40:443/phpmyadmin/"></URLLink></Paragraph>HTTP response code was 404 but expected 401</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6104	</test>
	6105
	6106	<test id="apache-struts-cve-2013-2251" key="/struts2-showcase/employee/save.action" status="not-vulnerable">
	6107
	6108	<Paragraph>
	6109	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6110	<Paragraph>
	6111	<ContainerBlockElement>
	6112	<ContainerBlockElement>
	6113	<Paragraph>HTTP GET request to
	6114	<URLLink LinkURL="http://192.168.1.40:443/struts2-showcase/employee/save.action" LinkTitle="http://192.168.1.40:443/struts2-showcase/employee/save.action"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6115	</test>
	6116
	6117	<test id="apache-struts-cve-2013-2251" key="/struts2-blank/example/HelloWorld.action" status="not-vulnerable">
	6118
	6119	<Paragraph>
	6120	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6121	<Paragraph>
	6122	<ContainerBlockElement>
	6123	<ContainerBlockElement>
	6124	<Paragraph>HTTP GET request to
	6125	<URLLink LinkURL="http://192.168.1.40:443/struts2-blank/example/HelloWorld.action" LinkTitle="http://192.168.1.40:443/struts2-blank/example/HelloWorld.action"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6126	</test>
	6127
	6128	<test id="checkpoint-ess-info-disclosure-sk57881" key="/conf/ssl/apache/integrity-smartcenter.key" status="not-vulnerable">
	6129
	6130	<Paragraph>
	6131	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6132	<Paragraph>
	6133	<ContainerBlockElement>
	6134	<ContainerBlockElement>
	6135	<Paragraph>HTTP GET request to
	6136	<URLLink LinkURL="http://192.168.1.40:443/conf/ssl/apache/integrity.key" LinkTitle="http://192.168.1.40:443/conf/ssl/apache/integrity.key"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	6137	<ContainerBlockElement>
	6138	<Paragraph>HTTP GET request to
	6139	<URLLink LinkURL="http://192.168.1.40:443/conf/ssl/apache/integrity-smartcenter.key" LinkTitle="http://192.168.1.40:443/conf/ssl/apache/integrity-smartcenter.key"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6140	</test>
	6141
	6142	<test id="adobe-apsb10-18-cve-2010-2861" key="/CFIDE/administrator/enter.cfm?locale=../../../../../../../lib/password.properties%00en" status="not-vulnerable">
	6143
	6144	<Paragraph>
	6145	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6146	<Paragraph>
	6147	<ContainerBlockElement>
	6148	<ContainerBlockElement>
	6149	<Paragraph>HTTP GET request to
	6150	<URLLink LinkURL="http://192.168.1.40:443/CFIDE/administrator/enter.cfm?locale=../../../../../../../lib/password.properties%00en" LinkTitle="http://192.168.1.40:443/CFIDE/administrator/enter.cfm?locale=../../../../../../../lib/password.properties%00en"></URLLink></Paragraph>HTTP response code was 404 but expected 200HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6151	</test>
	6152
	6153	<test id="http-awstats-remote-code-execution" key="/cgi-bin/awstats/awstats.pl?PluginMode=:print+%22x%22%2e(1042+%2b+1099)%2e%22x%22;" status="not-vulnerable">
	6154
	6155	<Paragraph>
	6156	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6157	<Paragraph>
	6158	<ContainerBlockElement>
	6159	<ContainerBlockElement>
	6160	<Paragraph>HTTP GET request to
	6161	<URLLink LinkURL="http://192.168.1.40:443/cgi-bin/awstats.pl?PluginMode=:print+%22x%22%2e(1042+%2b+1099)%2e%22x%22;" LinkTitle="http://192.168.1.40:443/cgi-bin/awstats.pl?PluginMode=:print+%22x%22%2e(1042+%2b+1099)%2e%22x%22;"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	6162	<ContainerBlockElement>
	6163	<Paragraph>HTTP GET request to
	6164	<URLLink LinkURL="http://192.168.1.40:443/cgi-bin/awstats/awstats.pl?PluginMode=:print+%22x%22%2e(1042+%2b+1099)%2e%22x%22;" LinkTitle="http://192.168.1.40:443/cgi-bin/awstats/awstats.pl?PluginMode=:print+%22x%22%2e(1042+%2b+1099)%2e%22x%22;"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6165	</test>
	6166
	6167	<test id="http-cgi-faxsurvey-command-execution" key="/cgi-bin/faxquery?/bin/cat%20/etc/passwd" status="not-vulnerable">
	6168
	6169	<Paragraph>
	6170	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6171	<Paragraph>
	6172	<ContainerBlockElement>
	6173	<ContainerBlockElement>
	6174	<Paragraph>HTTP GET request to
	6175	<URLLink LinkURL="http://192.168.1.40:443/cgi-bin/faxsurvey?/bin/cat%20/etc/passwd" LinkTitle="http://192.168.1.40:443/cgi-bin/faxsurvey?/bin/cat%20/etc/passwd"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	6176	<ContainerBlockElement>
	6177	<Paragraph>HTTP GET request to
	6178	<URLLink LinkURL="http://192.168.1.40:443/cgi-bin/faxquery?/bin/cat%20/etc/passwd" LinkTitle="http://192.168.1.40:443/cgi-bin/faxquery?/bin/cat%20/etc/passwd"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6179	</test>
	6180
	6181	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/componentutils/" status="not-vulnerable">
	6182
	6183	<Paragraph>
	6184	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6185	<Paragraph>
	6186	<ContainerBlockElement>
	6187	<ContainerBlockElement>
	6188	<Paragraph>HTTP GET request to
	6189	<URLLink LinkURL="http://192.168.1.40:443/CFIDE/componentutils/" LinkTitle="http://192.168.1.40:443/CFIDE/componentutils/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6190	</test>
	6191
	6192	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/wizards/common/utils.cfc?method=verifyldapserver&vserver=localhost&vport=22&vstart=&vusername=&vpassword=&returnformat=json" status="not-vulnerable">
	6193
	6194	<Paragraph>
	6195	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6196	<Paragraph>
	6197	<ContainerBlockElement>
	6198	<ContainerBlockElement>
	6199	<Paragraph>HTTP GET request to
	6200	<URLLink LinkURL="http://192.168.1.40:443/CFIDE/wizards/common/utils.cfc?method=verifyldapserver&vserver=localhost&vport=22&vstart=&vusername=&vpassword=&returnformat=json" LinkTitle="http://192.168.1.40:443/CFIDE/wizards/common/utils.cfc?method=verifyldapserver&vserver=localhost&vport=22&vstart=&vusername=&vpassword=&returnformat=json"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6201	</test>
	6202
	6203	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/wizards/common/" status="not-vulnerable">
	6204
	6205	<Paragraph>
	6206	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6207	<Paragraph>
	6208	<ContainerBlockElement>
	6209	<ContainerBlockElement>
	6210	<Paragraph>HTTP GET request to
	6211	<URLLink LinkURL="http://192.168.1.40:443/CFIDE/wizards/common/" LinkTitle="http://192.168.1.40:443/CFIDE/wizards/common/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6212	</test>
	6213
	6214	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/websocket/" status="not-vulnerable">
	6215
	6216	<Paragraph>
	6217	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6218	<Paragraph>
	6219	<ContainerBlockElement>
	6220	<ContainerBlockElement>
	6221	<Paragraph>HTTP GET request to
	6222	<URLLink LinkURL="http://192.168.1.40:443/CFIDE/websocket/" LinkTitle="http://192.168.1.40:443/CFIDE/websocket/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6223	</test>
	6224
	6225	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/services/" status="not-vulnerable">
	6226
	6227	<Paragraph>
	6228	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6229	<Paragraph>
	6230	<ContainerBlockElement>
	6231	<ContainerBlockElement>
	6232	<Paragraph>HTTP GET request to
	6233	<URLLink LinkURL="http://192.168.1.40:443/CFIDE/services/" LinkTitle="http://192.168.1.40:443/CFIDE/services/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6234	</test>
	6235
	6236	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/servermanager/" status="not-vulnerable">
	6237
	6238	<Paragraph>
	6239	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6240	<Paragraph>
	6241	<ContainerBlockElement>
	6242	<ContainerBlockElement>
	6243	<Paragraph>HTTP GET request to
	6244	<URLLink LinkURL="http://192.168.1.40:443/CFIDE/servermanager/" LinkTitle="http://192.168.1.40:443/CFIDE/servermanager/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6245	</test>
	6246
	6247	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/scheduler/" status="not-vulnerable">
	6248
	6249	<Paragraph>
	6250	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6251	<Paragraph>
	6252	<ContainerBlockElement>
	6253	<ContainerBlockElement>
	6254	<Paragraph>HTTP GET request to
	6255	<URLLink LinkURL="http://192.168.1.40:443/CFIDE/scheduler/" LinkTitle="http://192.168.1.40:443/CFIDE/scheduler/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6256	</test>
	6257
	6258	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/portlets/" status="not-vulnerable">
	6259
	6260	<Paragraph>
	6261	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6262	<Paragraph>
	6263	<ContainerBlockElement>
	6264	<ContainerBlockElement>
	6265	<Paragraph>HTTP GET request to
	6266	<URLLink LinkURL="http://192.168.1.40:443/CFIDE/portlets/" LinkTitle="http://192.168.1.40:443/CFIDE/portlets/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6267	</test>
	6268
	6269	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/orm/" status="not-vulnerable">
	6270
	6271	<Paragraph>
	6272	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6273	<Paragraph>
	6274	<ContainerBlockElement>
	6275	<ContainerBlockElement>
	6276	<Paragraph>HTTP GET request to
	6277	<URLLink LinkURL="http://192.168.1.40:443/CFIDE/orm/" LinkTitle="http://192.168.1.40:443/CFIDE/orm/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6278	</test>
	6279
	6280	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/appdeployment/" status="not-vulnerable">
	6281
	6282	<Paragraph>
	6283	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6284	<Paragraph>
	6285	<ContainerBlockElement>
	6286	<ContainerBlockElement>
	6287	<Paragraph>HTTP GET request to
	6288	<URLLink LinkURL="http://192.168.1.40:443/CFIDE/appdeployment/" LinkTitle="http://192.168.1.40:443/CFIDE/appdeployment/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6289	</test>
	6290
	6291	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/AIR/" status="not-vulnerable">
	6292
	6293	<Paragraph>
	6294	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6295	<Paragraph>
	6296	<ContainerBlockElement>
	6297	<ContainerBlockElement>
	6298	<Paragraph>HTTP GET request to
	6299	<URLLink LinkURL="http://192.168.1.40:443/CFIDE/AIR/" LinkTitle="http://192.168.1.40:443/CFIDE/AIR/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6300	</test>
	6301
	6302	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/administrator/enter.cfm" status="not-vulnerable">
	6303
	6304	<Paragraph>
	6305	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6306	<Paragraph>
	6307	<ContainerBlockElement>
	6308	<ContainerBlockElement>
	6309	<Paragraph>HTTP GET request to
	6310	<URLLink LinkURL="http://192.168.1.40:443/CFIDE/administrator/" LinkTitle="http://192.168.1.40:443/CFIDE/administrator/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	6311	<ContainerBlockElement>
	6312	<Paragraph>HTTP GET request to
	6313	<URLLink LinkURL="http://192.168.1.40:443/CFIDE/administrator/enter.cfm" LinkTitle="http://192.168.1.40:443/CFIDE/administrator/enter.cfm"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6314	</test>
	6315
	6316	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/adminiapi/" status="not-vulnerable">
	6317
	6318	<Paragraph>
	6319	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6320	<Paragraph>
	6321	<ContainerBlockElement>
	6322	<ContainerBlockElement>
	6323	<Paragraph>HTTP GET request to
	6324	<URLLink LinkURL="http://192.168.1.40:443/CFIDE/adminiapi/" LinkTitle="http://192.168.1.40:443/CFIDE/adminiapi/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6325	</test>
	6326
	6327	<test id="http-coldfusion-cfide-unprotected" key="/CFIDE/adminapi/base.cfc?wsdl" status="not-vulnerable">
	6328
	6329	<Paragraph>
	6330	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6331	<Paragraph>
	6332	<ContainerBlockElement>
	6333	<ContainerBlockElement>
	6334	<Paragraph>HTTP GET request to
	6335	<URLLink LinkURL="http://192.168.1.40:443/CFIDE/adminapi/base.cfc?wsdl" LinkTitle="http://192.168.1.40:443/CFIDE/adminapi/base.cfc?wsdl"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6336	</test>
	6337
	6338	<test id="http-frontpage-unprotected" key="/_vti_bin/_vti_aut/author.dll" status="not-vulnerable">
	6339
	6340	<Paragraph>
	6341	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6342	<Paragraph>
	6343	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6344	</test>
	6345
	6346	<test id="http-php-xmlrpc-code-injection" key="/xmlrpc.php" status="not-vulnerable">
	6347
	6348	<Paragraph>
	6349	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6350	<Paragraph>
	6351	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6352	</test>
	6353
	6354	<test id="adobe-apsb13-03-cve-2013-0625" status="skipped-version">
	6355
	6356	<Paragraph>
	6357	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6358	<Paragraph>Based on the result of the "APSB13-03: Security updates available for Adobe ColdFusion (CVE-2013-0629)" test, this node is not vulnerable to this issue.</Paragraph></Paragraph>
	6359	</test>
	6360
	6361	<test id="http-basic-auth-cleartext" key="/" status="not-vulnerable">
	6362
	6363	<Paragraph>
	6364	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6365	<Paragraph>
	6366	<ContainerBlockElement>
	6367	<ContainerBlockElement>
	6368	<Paragraph>HTTP GET request to
	6369	<URLLink LinkURL="http://192.168.1.40:443/" LinkTitle="http://192.168.1.40:443/"></URLLink></Paragraph>HTTP response code was 404 but expected 401</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6370	</test>
	6371
	6372	<test id="http-iis-0014" status="not-vulnerable">
	6373
	6374	<Paragraph>
	6375	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6376	<Paragraph>Based on the following 3 results:
	6377	<OrderedList>
	6378	<ListItem>
	6379	<Paragraph>
	6380	<ContainerBlockElement>
	6381	<ContainerBlockElement>
	6382	<Paragraph>HTTP GET request to
	6383	<URLLink LinkURL="http://192.168.1.40:443/scripts/tools/newdsn.exe?driver=Microsoft%2BAccess%2BDriver%2B%28.mdb%29&dsn=Web%20SQL&dbq=c:\temp\xyz.mdb&newdb=CREATE_DB&attr=" LinkTitle="http://192.168.1.40:443/scripts/tools/newdsn.exe?driver=Microsoft%2BAccess%2BDriver%2B%28.mdb%29&dsn=Web%20SQL&dbq=c:\temp\xyz.mdb&newdb=CREATE_DB&attr="></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></ListItem>
	6384	<ListItem>
	6385	<Paragraph>
	6386	<ContainerBlockElement>
	6387	<ContainerBlockElement>
	6388	<Paragraph>HTTP GET request to
	6389	<URLLink LinkURL="http://192.168.1.40:443/AdvWorks/equipment/catalog_type.asp?ProductType=\|shell("c:cmd.exe")\|" LinkTitle="http://192.168.1.40:443/AdvWorks/equipment/catalog_type.asp?ProductType=\|shell("c:cmd.exe")\|"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></ListItem>
	6390	<ListItem>
	6391	<Paragraph>
	6392	<ContainerBlockElement>
	6393	<ContainerBlockElement>
	6394	<Paragraph>HTTP GET request to
	6395	<URLLink LinkURL="http://192.168.1.40:443/ASPSamp/AdvWorks/equipment/catalog_type.asp?ProductType=\|shell("c:cmd.exe")\|" LinkTitle="http://192.168.1.40:443/ASPSamp/AdvWorks/equipment/catalog_type.asp?ProductType=\|shell("c:cmd.exe")\|"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></ListItem></OrderedList></Paragraph></Paragraph>
	6396	</test>
	6397
	6398	<test id="http-cgi-viewsource-arbitrary-file-access" key="/cgi-bin/view-source?../../../../../../../etc/passwd" status="not-vulnerable">
	6399
	6400	<Paragraph>
	6401	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6402	<Paragraph>
	6403	<ContainerBlockElement>
	6404	<ContainerBlockElement>
	6405	<Paragraph>HTTP GET request to
	6406	<URLLink LinkURL="http://192.168.1.40:443/cgi-bin/view-source?../../../../../../../etc/passwd" LinkTitle="http://192.168.1.40:443/cgi-bin/view-source?../../../../../../../etc/passwd"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6407	</test>
	6408
	6409	<test id="http-trace-method-enabled" key="/" status="not-vulnerable">
	6410
	6411	<Paragraph>
	6412	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6413	<Paragraph>
	6414	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6415	</test>
	6416
	6417	<test id="http-track-method-enabled" key="/" status="not-vulnerable">
	6418
	6419	<Paragraph>
	6420	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6421	<Paragraph>
	6422	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6423	</test>
	6424
	6425	<test id="spider-adobe-flash-permissive-crossdomain-xml" key="/crossdomain.xml" status="not-vulnerable">
	6426
	6427	<Paragraph>
	6428	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6429	<Paragraph>
	6430	<ContainerBlockElement>
	6431	<ContainerBlockElement>
	6432	<Paragraph>HTTP GET request to
	6433	<URLLink LinkURL="http://192.168.1.40:443/crossdomain.xml" LinkTitle="http://192.168.1.40:443/crossdomain.xml"></URLLink></Paragraph></ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6434	</test>
	6435
	6436	<test id="adobe-apsb13-03-cve-2013-0631" key="/CFIDE/r.cfm" status="not-vulnerable">
	6437
	6438	<Paragraph>
	6439	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6440	<Paragraph>
	6441	<ContainerBlockElement>
	6442	<ContainerBlockElement>
	6443	<Paragraph>HTTP GET request to
	6444	<URLLink LinkURL="http://192.168.1.40:443/CFIDE/adminapi/customtags/fusebox.cfm" LinkTitle="http://192.168.1.40:443/CFIDE/adminapi/customtags/fusebox.cfm"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	6445	<ContainerBlockElement>
	6446	<Paragraph>HTTP GET request to
	6447	<URLLink LinkURL="http://192.168.1.40:443/CFIDE/adminapi/customtags/adss.cfm" LinkTitle="http://192.168.1.40:443/CFIDE/adminapi/customtags/adss.cfm"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	6448	<ContainerBlockElement>
	6449	<Paragraph>HTTP GET request to
	6450	<URLLink LinkURL="http://192.168.1.40:443/CFIDE/h.cfm" LinkTitle="http://192.168.1.40:443/CFIDE/h.cfm"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	6451	<ContainerBlockElement>
	6452	<Paragraph>HTTP GET request to
	6453	<URLLink LinkURL="http://192.168.1.40:443/CFIDE/h9.cfm" LinkTitle="http://192.168.1.40:443/CFIDE/h9.cfm"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	6454	<ContainerBlockElement>
	6455	<Paragraph>HTTP GET request to
	6456	<URLLink LinkURL="http://192.168.1.40:443/CFIDE/help.cfm" LinkTitle="http://192.168.1.40:443/CFIDE/help.cfm"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	6457	<ContainerBlockElement>
	6458	<Paragraph>HTTP GET request to
	6459	<URLLink LinkURL="http://192.168.1.40:443/CFIDE/i.cfm" LinkTitle="http://192.168.1.40:443/CFIDE/i.cfm"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	6460	<ContainerBlockElement>
	6461	<Paragraph>HTTP GET request to
	6462	<URLLink LinkURL="http://192.168.1.40:443/CFIDE/r.cfm" LinkTitle="http://192.168.1.40:443/CFIDE/r.cfm"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6463	</test>
	6464
	6465	<test id="adobe-apsb13-13-cve-2013-3336" key="/CFIDE/adminapi/customtags/l10n.cfm?attributes.id=test&attributes.file=../../administrator/mail/download.cfm&filename=../lib/password.properties&attributes.locale=it&attributes.var=it&attributes.jscript=false&attributes.type=text/html&attributes.charset=U" status="not-vulnerable">
	6466
	6467	<Paragraph>
	6468	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6469	<Paragraph>
	6470	<ContainerBlockElement>
	6471	<ContainerBlockElement>
	6472	<Paragraph>HTTP GET request to
	6473	<URLLink LinkURL="http://192.168.1.40:443/CFIDE/adminapi/customtags/l10n.cfm?attributes.id=test&attributes.file=../../administrator/mail/download.cfm&filename=../../lib/password.properties&attributes.locale=it&attributes.var=it&attributes.jscript=false&attributes.type=text/html&attributes.charset=UTF-8&thisTag.executionmode=end&thisTag.generatedContent=test" LinkTitle="http://192.168.1.40:443/CFIDE/adminapi/customtags/l10n.cfm?attributes.id=test&attributes.file=../../administrator/mail/download.cfm&filename=../../lib/password.properties&attributes.locale=it&attributes.var=it&attributes.jscript=false&attributes.type=text/html&attributes.charset=UTF-8&thisTag.executionmode=end&thisTag.generatedContent=test"></URLLink></Paragraph>HTTP response code was 404 but expected 200HTTP response code was 404 but expected 200HTTP response code was 404 but expected 200</ContainerBlockElement>
	6474	<ContainerBlockElement>
	6475	<Paragraph>HTTP GET request to
	6476	<URLLink LinkURL="http://192.168.1.40:443/CFIDE/adminapi/customtags/l10n.cfm?attributes.id=test&attributes.file=../../administrator/mail/download.cfm&filename=../lib/password.properties&attributes.locale=it&attributes.var=it&attributes.jscript=false&attributes.type=text/html&attributes.charset=UTF-8&thisTag.executionmode=end&thisTag.generatedContent=test" LinkTitle="http://192.168.1.40:443/CFIDE/adminapi/customtags/l10n.cfm?attributes.id=test&attributes.file=../../administrator/mail/download.cfm&filename=../lib/password.properties&attributes.locale=it&attributes.var=it&attributes.jscript=false&attributes.type=text/html&attributes.charset=UTF-8&thisTag.executionmode=end&thisTag.generatedContent=test"></URLLink></Paragraph>HTTP response code was 404 but expected 200HTTP response code was 404 but expected 200HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6477	</test>
	6478
	6479	<test id="http-awstats-debug-information-disclosure" key="/cgi-bin/awstats/awstats.pl?debug=1" status="not-vulnerable">
	6480
	6481	<Paragraph>
	6482	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6483	<Paragraph>
	6484	<ContainerBlockElement>
	6485	<ContainerBlockElement>
	6486	<Paragraph>HTTP GET request to
	6487	<URLLink LinkURL="http://192.168.1.40:443/cgi-bin/awstats.pl?debug=1" LinkTitle="http://192.168.1.40:443/cgi-bin/awstats.pl?debug=1"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	6488	<ContainerBlockElement>
	6489	<Paragraph>HTTP GET request to
	6490	<URLLink LinkURL="http://192.168.1.40:443/cgi-bin/awstats/awstats.pl?debug=1" LinkTitle="http://192.168.1.40:443/cgi-bin/awstats/awstats.pl?debug=1"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6491	</test>
	6492
	6493	<test id="http-bigbrother-accessible" key="/bb/" status="not-vulnerable">
	6494
	6495	<Paragraph>
	6496	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6497	<Paragraph>
	6498	<ContainerBlockElement>
	6499	<ContainerBlockElement>
	6500	<Paragraph>HTTP GET request to
	6501	<URLLink LinkURL="http://192.168.1.40:443/bb/" LinkTitle="http://192.168.1.40:443/bb/"></URLLink></Paragraph></ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6502	</test>
	6503
	6504	<test id="http-cgi-htdig-arbitrary-file-access" key="/cgi-bin/htsearch?Exclude=%60/etc/passwd%60" status="not-vulnerable">
	6505
	6506	<Paragraph>
	6507	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6508	<Paragraph>
	6509	<ContainerBlockElement>
	6510	<ContainerBlockElement>
	6511	<Paragraph>HTTP GET request to
	6512	<URLLink LinkURL="http://192.168.1.40:443/cgi-bin/htsearch?Exclude=%60/etc/passwd%60" LinkTitle="http://192.168.1.40:443/cgi-bin/htsearch?Exclude=%60/etc/passwd%60"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6513	</test>
	6514
	6515	<test id="http-cgi-htgrep-arbitrary-file-access" key="/cgi-bin/htgrep/file=index.html&hdr=/etc/passwd" status="not-vulnerable">
	6516
	6517	<Paragraph>
	6518	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6519	<Paragraph>
	6520	<ContainerBlockElement>
	6521	<ContainerBlockElement>
	6522	<Paragraph>HTTP GET request to
	6523	<URLLink LinkURL="http://192.168.1.40:443/cgi-bin/htgrep/file=index.html&hdr=/etc/passwd" LinkTitle="http://192.168.1.40:443/cgi-bin/htgrep/file=index.html&hdr=/etc/passwd"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6524	</test>
	6525
	6526	<test id="http-cgi-htmlscript-arbitrary-file-access" key="/cgi-bin/htmlscript?../../../../../../../etc/passwd" status="not-vulnerable">
	6527
	6528	<Paragraph>
	6529	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6530	<Paragraph>
	6531	<ContainerBlockElement>
	6532	<ContainerBlockElement>
	6533	<Paragraph>HTTP GET request to
	6534	<URLLink LinkURL="http://192.168.1.40:443/cgi-bin/htmlscript?../../../../../../../etc/passwd" LinkTitle="http://192.168.1.40:443/cgi-bin/htmlscript?../../../../../../../etc/passwd"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6535	</test>
	6536
	6537	<test id="http-cgi-testcgi-file-listing" key="/cgi-bin/test-cgi" status="not-vulnerable">
	6538
	6539	<Paragraph>
	6540	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6541	<Paragraph>
	6542	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6543	</test>
	6544
	6545	<test id="http-lighttpd-mod_userdir-info-discl" key="/~bin/true" status="not-vulnerable">
	6546
	6547	<Paragraph>
	6548	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6549	<Paragraph>
	6550	<ContainerBlockElement>
	6551	<ContainerBlockElement>
	6552	<Paragraph>HTTP GET request to
	6553	<URLLink LinkURL="http://192.168.1.40:443/~bin/true" LinkTitle="http://192.168.1.40:443/~bin/true"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6554	</test>
	6555
	6556	<test id="http-open-proxy" key="http://www.google.com:80/" status="not-vulnerable">
	6557
	6558	<Paragraph>
	6559	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6560	<Paragraph>
	6561	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6562	</test>
	6563
	6564	<test id="http-php-ini-file-exposed" key="/cgi-bin/php.ini" status="not-vulnerable">
	6565
	6566	<Paragraph>
	6567	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6568	<Paragraph>
	6569	<ContainerBlockElement>
	6570	<ContainerBlockElement>
	6571	<Paragraph>HTTP GET request to
	6572	<URLLink LinkURL="http://192.168.1.40:443/cgi-bin/php.ini" LinkTitle="http://192.168.1.40:443/cgi-bin/php.ini"></URLLink></Paragraph></ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6573	</test>
	6574
	6575	<test id="http-symantec-scan-engine-file-disclosure" key="/README.txt" status="not-vulnerable">
	6576
	6577	<Paragraph>
	6578	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6579	<Paragraph>
	6580	<ContainerBlockElement>
	6581	<ContainerBlockElement>
	6582	<Paragraph>HTTP GET request to
	6583	<URLLink LinkURL="http://192.168.1.40:443/README.txt" LinkTitle="http://192.168.1.40:443/README.txt"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6584	</test>
	6585
	6586	<test id="http-tomcat-jkstatus-accessible" key="/jkstatus/" status="not-vulnerable">
	6587
	6588	<Paragraph>
	6589	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6590	<Paragraph>
	6591	<ContainerBlockElement>
	6592	<ContainerBlockElement>
	6593	<Paragraph>HTTP GET request to
	6594	<URLLink LinkURL="http://192.168.1.40:443/jkstatus/" LinkTitle="http://192.168.1.40:443/jkstatus/"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6595	</test>
	6596
	6597	<test id="adobe-apsb13-03-cve-2013-0629" key="/CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtml&name=CFIDE.componentutils.cfcexplorer&path=../../../../license.html" status="not-vulnerable">
	6598
	6599	<Paragraph>
	6600	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6601	<Paragraph>
	6602	<ContainerBlockElement>
	6603	<ContainerBlockElement>
	6604	<Paragraph>HTTP GET request to
	6605	<URLLink LinkURL="http://192.168.1.40:443/CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtml&name=CFIDE.componentutils.cfcexplorer&path=../../../license.txt" LinkTitle="http://192.168.1.40:443/CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtml&name=CFIDE.componentutils.cfcexplorer&path=../../../license.txt"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement>
	6606	<ContainerBlockElement>
	6607	<Paragraph>HTTP GET request to
	6608	<URLLink LinkURL="http://192.168.1.40:443/CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtml&name=CFIDE.componentutils.cfcexplorer&path=../../../../license.html" LinkTitle="http://192.168.1.40:443/CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtml&name=CFIDE.componentutils.cfcexplorer&path=../../../../license.html"></URLLink></Paragraph>HTTP response code was 404 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6609	</test>
	6610
	6611	<test id="apache-httpd-cve-2008-0005" key="ftp://ftp.kernel.org/;utf7xss" status="not-vulnerable">
	6612
	6613	<Paragraph>
	6614	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6615	<Paragraph>
	6616	<ContainerBlockElement>
	6617	<ContainerBlockElement>
	6618	<Paragraph>HTTP GET request to
	6619	<URLLink LinkURL="ftp://ftp.kernel.org/;utf7xss" LinkTitle="ftp://ftp.kernel.org/;utf7xss"></URLLink></Paragraph>HTTP response code was 501 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6620	</test>
	6621
	6622	<test id="apache-httpd-cve-2008-0005" key="ftp://ftp.kernel.org/;utf7xss" status="not-vulnerable">
	6623
	6624	<Paragraph>
	6625	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6626	<Paragraph>
	6627	<ContainerBlockElement>
	6628	<ContainerBlockElement>
	6629	<Paragraph>HTTP GET request to
	6630	<URLLink LinkURL="ftp://ftp.kernel.org/;utf7xss" LinkTitle="ftp://ftp.kernel.org/;utf7xss"></URLLink></Paragraph>HTTP response code was 501 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6631	</test>
	6632
	6633	<test id="apache-httpd-cve-2008-2939" key="ftp://ftp.kernel.org/*<img%20src=""%20onerror="alert(42)">" status="not-vulnerable">
	6634
	6635	<Paragraph>
	6636	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6637	<Paragraph>
	6638	<ContainerBlockElement>
	6639	<ContainerBlockElement>
	6640	<Paragraph>HTTP GET request to
	6641	<URLLink LinkURL="ftp://ftp.kernel.org/<img%20src=""%20onerror="alert(42)">" LinkTitle="ftp://ftp.kernel.org/<img%20src=""%20onerror="alert(42)">"></URLLink></Paragraph>HTTP response code was 501 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6642	</test>
	6643
	6644	<test id="apache-httpd-cve-2008-2939" key="ftp://ftp.kernel.org/*<img%20src=""%20onerror="alert(42)">" status="not-vulnerable">
	6645
	6646	<Paragraph>
	6647	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6648	<Paragraph>
	6649	<ContainerBlockElement>
	6650	<ContainerBlockElement>
	6651	<Paragraph>HTTP GET request to
	6652	<URLLink LinkURL="ftp://ftp.kernel.org/<img%20src=""%20onerror="alert(42)">" LinkTitle="ftp://ftp.kernel.org/<img%20src=""%20onerror="alert(42)">"></URLLink></Paragraph>HTTP response code was 501 but expected 200</ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6653	</test>
	6654
	6655	<test id="http-adobe-amf-gateway-xxe-cve-2009-3960" key="/flex2gateway/http" status="not-vulnerable">
	6656
	6657	<Paragraph>
	6658	<Paragraph>Running vulnerable HTTP service.</Paragraph>
	6659	<Paragraph>
	6660	<ContainerBlockElement></ContainerBlockElement></Paragraph></Paragraph>
	6661	</test>
	6662	</tests>
	6663	</service>
	6664	</services>
	6665	</endpoint>
	6666	</endpoints>
	6667	</node>
	6668	</nodes><VulnerabilityDefinitions>
	6669	<vulnerability id="adobe-apsb10-18-CVE-2010-2861" title="APSB10-18: Security updates available for Adobe ColdFusion (CVE-2010-2861)" severity="8" pciSeverity="5" cvssScore="7.5" cvssVector="(AV:N/AC:L/Au:N/C:P/I:P/A:P)" published="20100811T000000000" added="20130414T000000000" modified="20131031T000000000">
	6670	<description>
	6671
	6672	<ContainerBlockElement>
	6673
	6674	<Paragraph>Multiple directory traversal vulnerabilities in the administrator console in Adobe ColdFusion 9.0.1 and earlier allow remote attackers to read arbitrary files via the locale parameter to (1) CFIDE/administrator/settings/mappings.cfm, (2) logging/settings.cfm, (3) datasources/index.cfm, (4) j2eepackaging/editarchive.cfm, and (5) enter.cfm in CFIDE/administrator/.</Paragraph>
	6675	</ContainerBlockElement></description>
	6676	<references>
	6677	<reference source="CVE">CVE-2010-2861</reference>
	6678	<reference source="URL">http://www.adobe.com/support/security/bulletins/apsb10-18.html</reference>
	6679	</references><tags>
	6680	<tag>Adobe</tag>
	6681	<tag>Adobe ColdFusion</tag>
	6682	<tag>Directory Traversal</tag>
	6683	<tag>Web</tag>
	6684	<tag>IAVM</tag>
	6685	</tags>
	6686	<solution>
	6687
	6688	<ContainerBlockElement>
	6689	<Paragraph>
	6690	<Paragraph>Adobe recommends affected ColdFusion customers update their installation using the instructions provided in the technote: http://kb2.adobe.com/cps/857/cpsid_85766.html.</Paragraph></Paragraph></ContainerBlockElement></solution>
	6691	</vulnerability>
	6692
	6693	<vulnerability id="adobe-apsb13-03-CVE-2013-0625" title="APSB13-03: Security updates available for Adobe ColdFusion (CVE-2013-0625)" severity="7" pciSeverity="4" cvssScore="6.8" cvssVector="(AV:N/AC:M/Au:N/C:P/I:P/A:P)" published="20130115T000000000" added="20130327T000000000" modified="20131031T000000000">
	6694	<description>
	6695
	6696	<ContainerBlockElement>
	6697
	6698	<Paragraph>Adobe ColdFusion 9.0, 9.0.1, and 9.0.2, when a password is not configured, allows remote attackers to bypass authentication and possibly execute arbitrary code via unspecified vectors, as exploited in the wild in January 2013.</Paragraph>
	6699	</ContainerBlockElement></description>
	6700	<references>
	6701	<reference source="BID">57164</reference>
	6702	<reference source="CVE">CVE-2013-0625</reference>
	6703	<reference source="URL">http://www.adobe.com/support/security/bulletins/apsb13-03.html</reference>
	6704	</references><tags>
	6705	<tag>Adobe</tag>
	6706	<tag>Adobe ColdFusion</tag>
	6707	<tag>Remote Execution</tag>
	6708	<tag>Web</tag>
	6709	</tags>
	6710	<solution>
	6711
	6712	<ContainerBlockElement>
	6713	<Paragraph>
	6714	<Paragraph>
	6715	Adobe recommends ColdFusion customers update their installation using the
	6716	instructions provided in the technote
	6717
	6718	<URLLink LinkURL="http://helpx.adobe.com/coldfusion/kb/coldfusion-security-hotfix-apsb13-03.html" LinkTitle="http://helpx.adobe.com/coldfusion/kb/coldfusion-security-hotfix-apsb13-03.html" href="http://helpx.adobe.com/coldfusion/kb/coldfusion-security-hotfix-apsb13-03.html">APSB13-03 technote</URLLink>.
	6719	</Paragraph>
	6720	<Paragraph>
	6721	Customers should also inspect files and scheduled tasks of unknown origin
	6722	located in the CFIDE, CFIDE/adminapi or webroot directories, and remove
	6723	any suspicious files (some examples of malicious file names include
	6724	h.cfm, i.cfm, h9.cfm, r.cfm, adss.cfm or fusebox.cfm).
	6725	</Paragraph>
	6726	<Paragraph>
	6727	Additionally, Adobe recommends that customers follow security best
	6728	practices, which include the following steps to harden their ColdFusion
	6729	server:
	6730
	6731	<UnorderedList>
	6732	<ListItem>
	6733	Configure a username and password for Remote Development Services (RDS)
	6734	that is different from the Administrator account. After configuring the
	6735	RDS account, users should disable RDS if not needed.
	6736	</ListItem>
	6737	<ListItem>
	6738	Disable external access to the following directories for all hosted
	6739	sites:
	6740
	6741	<UnorderedList>
	6742	<ListItem>/CFIDE/administrator</ListItem>
	6743	<ListItem>/CFIDE/adminapi</ListItem>
	6744	<ListItem>/CFIDE/componentutils</ListItem></UnorderedList></ListItem>
	6745	<ListItem>
	6746	Implement access control restrictions for the Administrator interface and
	6747	internal applications via the Administrator Console (in ColdFusion
	6748	version 10) or within your web server's access control mechanisms for
	6749	versions 9.0.2 and below.
	6750	</ListItem>
	6751	<ListItem>
	6752	Ensure your ColdFusion product has the latest hotfix applied.
	6753	</ListItem>
	6754	<ListItem>
	6755	Refer to the ColdFusion 9 Lockdown Guide and ColdFusion 10 Lockdown Guide
	6756	for security best practices and further information on these hardening
	6757	techniques.
	6758	</ListItem></UnorderedList></Paragraph></Paragraph></ContainerBlockElement></solution>
	6759	</vulnerability>
	6760
	6761	<vulnerability id="adobe-apsb13-03-CVE-2013-0629" title="APSB13-03: Security updates available for Adobe ColdFusion (CVE-2013-0629)" severity="4" pciSeverity="3" cvssScore="4.3" cvssVector="(AV:N/AC:M/Au:N/C:P/I:N/A:N)" published="20130115T000000000" added="20130327T000000000" modified="20131031T000000000">
	6762	<description>
	6763
	6764	<ContainerBlockElement>
	6765
	6766	<Paragraph>Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10, when a password is not configured, allows attackers to access restricted directories via unspecified vectors, as exploited in the wild in January 2013.</Paragraph>
	6767	</ContainerBlockElement></description>
	6768	<references>
	6769	<reference source="BID">57165</reference>
	6770	<reference source="CVE">CVE-2013-0629</reference>
	6771	<reference source="URL">http://www.adobe.com/support/security/bulletins/apsb13-03.html</reference>
	6772	</references><tags>
	6773	<tag>Adobe</tag>
	6774	<tag>Adobe ColdFusion</tag>
	6775	<tag>Web</tag>
	6776	</tags>
	6777	<solution>
	6778
	6779	<ContainerBlockElement>
	6780	<Paragraph>
	6781	<Paragraph>
	6782	Adobe recommends ColdFusion customers update their installation using the
	6783	instructions provided in the technote
	6784
	6785	<URLLink LinkURL="http://helpx.adobe.com/coldfusion/kb/coldfusion-security-hotfix-apsb13-03.html" LinkTitle="http://helpx.adobe.com/coldfusion/kb/coldfusion-security-hotfix-apsb13-03.html" href="http://helpx.adobe.com/coldfusion/kb/coldfusion-security-hotfix-apsb13-03.html">APSB13-03 technote</URLLink>.
	6786	</Paragraph>
	6787	<Paragraph>
	6788	Customers should also inspect files and scheduled tasks of unknown origin
	6789	located in the CFIDE, CFIDE/adminapi or webroot directories, and remove
	6790	any suspicious files (some examples of malicious file names include
	6791	h.cfm, i.cfm, h9.cfm, r.cfm, adss.cfm or fusebox.cfm).
	6792	</Paragraph>
	6793	<Paragraph>
	6794	Additionally, Adobe recommends that customers follow security best
	6795	practices, which include the following steps to harden their ColdFusion
	6796	server:
	6797
	6798	<UnorderedList>
	6799	<ListItem>
	6800	Configure a username and password for Remote Development Services (RDS)
	6801	that is different from the Administrator account. After configuring the
	6802	RDS account, users should disable RDS if not needed.
	6803	</ListItem>
	6804	<ListItem>
	6805	Disable external access to the following directories for all hosted
	6806	sites:
	6807
	6808	<UnorderedList>
	6809	<ListItem>/CFIDE/administrator</ListItem>
	6810	<ListItem>/CFIDE/adminapi</ListItem>
	6811	<ListItem>/CFIDE/componentutils</ListItem></UnorderedList></ListItem>
	6812	<ListItem>
	6813	Implement access control restrictions for the Administrator interface and
	6814	internal applications via the Administrator Console (in ColdFusion
	6815	version 10) or within your web server's access control mechanisms for
	6816	versions 9.0.2 and below.
	6817	</ListItem>
	6818	<ListItem>
	6819	Ensure your ColdFusion product has the latest hotfix applied.
	6820	</ListItem>
	6821	<ListItem>
	6822	Refer to the ColdFusion 9 Lockdown Guide and ColdFusion 10 Lockdown Guide
	6823	for security best practices and further information on these hardening
	6824	techniques.
	6825	</ListItem></UnorderedList></Paragraph></Paragraph></ContainerBlockElement></solution>
	6826	</vulnerability>
	6827
	6828	<vulnerability id="adobe-apsb13-03-CVE-2013-0631" title="APSB13-03: Security updates available for Adobe ColdFusion (CVE-2013-0631)" severity="5" pciSeverity="3" cvssScore="5.0" cvssVector="(AV:N/AC:L/Au:N/C:P/I:N/A:N)" published="20130115T000000000" added="20130327T000000000" modified="20131031T000000000">
	6829	<description>
	6830
	6831	<ContainerBlockElement>
	6832
	6833	<Paragraph>Adobe ColdFusion 9.0, 9.0.1, and 9.0.2 allows attackers to obtain sensitive information via unspecified vectors, as exploited in the wild in January 2013.</Paragraph>
	6834	</ContainerBlockElement></description>
	6835	<references>
	6836	<reference source="CVE">CVE-2013-0631</reference>
	6837	<reference source="URL">http://www.adobe.com/support/security/bulletins/apsb13-03.html</reference>
	6838	</references><tags>
	6839	<tag>Adobe</tag>
	6840	<tag>Adobe ColdFusion</tag>
	6841	<tag>Web</tag>
	6842	</tags>
	6843	<solution>
	6844
	6845	<ContainerBlockElement>
	6846	<Paragraph>
	6847	<Paragraph>
	6848	Adobe recommends ColdFusion customers update their installation using the
	6849	instructions provided in the technote
	6850
	6851	<URLLink LinkURL="http://helpx.adobe.com/coldfusion/kb/coldfusion-security-hotfix-apsb13-03.html" LinkTitle="http://helpx.adobe.com/coldfusion/kb/coldfusion-security-hotfix-apsb13-03.html" href="http://helpx.adobe.com/coldfusion/kb/coldfusion-security-hotfix-apsb13-03.html">APSB13-03 technote</URLLink>.
	6852	</Paragraph>
	6853	<Paragraph>
	6854	Customers should also inspect files and scheduled tasks of unknown origin
	6855	located in the CFIDE, CFIDE/adminapi or webroot directories, and remove
	6856	any suspicious files (some examples of malicious file names include
	6857	h.cfm, i.cfm, h9.cfm, r.cfm, adss.cfm or fusebox.cfm).
	6858	</Paragraph>
	6859	<Paragraph>
	6860	Additionally, Adobe recommends that customers follow security best
	6861	practices, which include the following steps to harden their ColdFusion
	6862	server:
	6863
	6864	<UnorderedList>
	6865	<ListItem>
	6866	Configure a username and password for Remote Development Services (RDS)
	6867	that is different from the Administrator account. After configuring the
	6868	RDS account, users should disable RDS if not needed.
	6869	</ListItem>
	6870	<ListItem>
	6871	Disable external access to the following directories for all hosted
	6872	sites:
	6873
	6874	<UnorderedList>
	6875	<ListItem>/CFIDE/administrator</ListItem>
	6876	<ListItem>/CFIDE/adminapi</ListItem>
	6877	<ListItem>/CFIDE/componentutils</ListItem></UnorderedList></ListItem>
	6878	<ListItem>
	6879	Implement access control restrictions for the Administrator interface and
	6880	internal applications via the Administrator Console (in ColdFusion
	6881	version 10) or within your web server's access control mechanisms for
	6882	versions 9.0.2 and below.
	6883	</ListItem>
	6884	<ListItem>
	6885	Ensure your ColdFusion product has the latest hotfix applied.
	6886	</ListItem>
	6887	<ListItem>
	6888	Refer to the ColdFusion 9 Lockdown Guide and ColdFusion 10 Lockdown Guide
	6889	for security best practices and further information on these hardening
	6890	techniques.
	6891	</ListItem></UnorderedList></Paragraph></Paragraph></ContainerBlockElement></solution>
	6892	</vulnerability>
	6893
	6894	<vulnerability id="adobe-apsb13-03-CVE-2013-0632" title="APSB13-03: Security updates available for Adobe ColdFusion (CVE-2013-0632)" severity="10" pciSeverity="5" cvssScore="10.0" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:C)" published="20130115T000000000" added="20130327T000000000" modified="20131031T000000000">
	6895	<description>
	6896
	6897	<ContainerBlockElement>
	6898
	6899	<Paragraph>Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to bypass authentication and possibly execute arbitrary code via unspecified vectors, as exploited in the wild in January 2013.</Paragraph>
	6900	</ContainerBlockElement></description>
	6901	<references>
	6902	<reference source="CVE">CVE-2013-0632</reference>
	6903	<reference source="URL">http://www.adobe.com/support/security/bulletins/apsb13-03.html</reference>
	6904	</references><tags>
	6905	<tag>Adobe</tag>
	6906	<tag>Adobe ColdFusion</tag>
	6907	<tag>Remote Execution</tag>
	6908	<tag>Web</tag>
	6909	</tags>
	6910	<solution>
	6911
	6912	<ContainerBlockElement>
	6913	<Paragraph>
	6914	<Paragraph>
	6915	Adobe recommends ColdFusion customers update their installation using the
	6916	instructions provided in the technote
	6917
	6918	<URLLink LinkURL="http://helpx.adobe.com/coldfusion/kb/coldfusion-security-hotfix-apsb13-03.html" LinkTitle="http://helpx.adobe.com/coldfusion/kb/coldfusion-security-hotfix-apsb13-03.html" href="http://helpx.adobe.com/coldfusion/kb/coldfusion-security-hotfix-apsb13-03.html">APSB13-03 technote</URLLink>.
	6919	</Paragraph>
	6920	<Paragraph>
	6921	Customers should also inspect files and scheduled tasks of unknown origin
	6922	located in the CFIDE, CFIDE/adminapi or webroot directories, and remove
	6923	any suspicious files (some examples of malicious file names include
	6924	h.cfm, i.cfm, h9.cfm, r.cfm, adss.cfm or fusebox.cfm).
	6925	</Paragraph>
	6926	<Paragraph>
	6927	Additionally, Adobe recommends that customers follow security best
	6928	practices, which include the following steps to harden their ColdFusion
	6929	server:
	6930
	6931	<UnorderedList>
	6932	<ListItem>
	6933	Configure a username and password for Remote Development Services (RDS)
	6934	that is different from the Administrator account. After configuring the
	6935	RDS account, users should disable RDS if not needed.
	6936	</ListItem>
	6937	<ListItem>
	6938	Disable external access to the following directories for all hosted
	6939	sites:
	6940
	6941	<UnorderedList>
	6942	<ListItem>/CFIDE/administrator</ListItem>
	6943	<ListItem>/CFIDE/adminapi</ListItem>
	6944	<ListItem>/CFIDE/componentutils</ListItem></UnorderedList></ListItem>
	6945	<ListItem>
	6946	Implement access control restrictions for the Administrator interface and
	6947	internal applications via the Administrator Console (in ColdFusion
	6948	version 10) or within your web server's access control mechanisms for
	6949	versions 9.0.2 and below.
	6950	</ListItem>
	6951	<ListItem>
	6952	Ensure your ColdFusion product has the latest hotfix applied.
	6953	</ListItem>
	6954	<ListItem>
	6955	Refer to the ColdFusion 9 Lockdown Guide and ColdFusion 10 Lockdown Guide
	6956	for security best practices and further information on these hardening
	6957	techniques.
	6958	</ListItem></UnorderedList></Paragraph></Paragraph></ContainerBlockElement></solution>
	6959	</vulnerability>
	6960
	6961	<vulnerability id="adobe-apsb13-13-CVE-2013-1389" title="APSB13-13: Security updates available for Adobe ColdFusion (CVE-2013-1389)" severity="10" pciSeverity="5" cvssScore="10.0" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:C)" published="20130514T000000000" added="20130516T000000000" modified="20131031T000000000">
	6962	<description>
	6963
	6964	<ContainerBlockElement>
	6965
	6966	<Paragraph>Unspecified vulnerability in Adobe ColdFusion 9.0 before Update 11, 9.0.1 before Update 10, 9.0.2 before Update 5, and 10 before Update 10 allows remote attackers to execute arbitrary code via unknown vectors.</Paragraph>
	6967	</ContainerBlockElement></description>
	6968	<references>
	6969	<reference source="CVE">CVE-2013-1389</reference>
	6970	<reference source="URL">http://www.adobe.com/support/security/bulletins/apsb13-13.html</reference>
	6971	</references><tags>
	6972	<tag>Adobe</tag>
	6973	<tag>Adobe ColdFusion</tag>
	6974	<tag>Remote Execution</tag>
	6975	<tag>Web</tag>
	6976	</tags>
	6977	<solution>
	6978
	6979	<ContainerBlockElement>
	6980	<Paragraph>
	6981	<Paragraph>Adobe recommends ColdFusion customers update their installation using the instructions provided in the technote located here:
	6982	http://helpx.adobe.com/coldfusion/kb/coldfusion-security-hotfix-apsb13-13.html
	6983	Customers should also apply the security configuration settings as outlined on the ColdFusion Security page, as well as review the ColdFusion 9 Lockdown Guide and ColdFusion 10 Lockdown Guide.</Paragraph></Paragraph></ContainerBlockElement></solution>
	6984	</vulnerability>
	6985
	6986	<vulnerability id="adobe-apsb13-13-CVE-2013-3336" title="APSB13-13: Security updates available for Adobe ColdFusion (CVE-2013-3336)" severity="5" pciSeverity="3" cvssScore="5.0" cvssVector="(AV:N/AC:L/Au:N/C:P/I:N/A:N)" published="20100811T000000000" added="20130414T000000000" modified="20131031T000000000">
	6987	<description>
	6988
	6989	<ContainerBlockElement>
	6990
	6991	<Paragraph>Unspecified vulnerability in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to read arbitrary files via unknown vectors.</Paragraph>
	6992	</ContainerBlockElement></description>
	6993	<references>
	6994	<reference source="CVE">CVE-2013-3336</reference>
	6995	<reference source="URL">http://www.adobe.com/support/security/bulletins/apsb13-13.html</reference>
	6996	</references><tags>
	6997	<tag>Adobe</tag>
	6998	<tag>Adobe ColdFusion</tag>
	6999	<tag>Web</tag>
	7000	</tags>
	7001	<solution>
	7002
	7003	<ContainerBlockElement>
	7004	<Paragraph>
	7005	<Paragraph>Adobe recommends ColdFusion customers update their installation using the instructions provided in the technote located here:
	7006	http://helpx.adobe.com/coldfusion/kb/coldfusion-security-hotfix-apsb13-13.html
	7007	Customers should also apply the security configuration settings as outlined on the ColdFusion Security page, as well as review the ColdFusion 9 Lockdown Guide and ColdFusion 10 Lockdown Guide.</Paragraph></Paragraph></ContainerBlockElement></solution>
	7008	</vulnerability>
	7009
	7010	<vulnerability id="apache-httpd-cve-2008-0005" title="Apache HTTPD: mod_proxy_ftp UTF-7 XSS (CVE-2008-0005)" severity="4" pciSeverity="3" cvssScore="4.3" cvssVector="(AV:N/AC:M/Au:N/C:N/I:P/A:N)" published="20080111T000000000" added="20120412T000000000" modified="20130822T000000000">
	7011	<description>
	7012
	7013	<ContainerBlockElement>
	7014
	7015	<Paragraph>The affected asset is vulnerable to this vulnerability ONLY if it is running one of the following modules: mod_proxy_ftp. Review your web server configuration for validation. A workaround was added in the mod_proxy_ftp module. On sites where mod_proxy_ftp is enabled and a forward proxy is configured, a cross-site scripting attack is possible against Web browsers which do not correctly derive the response character set following the rules in RFC 2616.</Paragraph>
	7016	</ContainerBlockElement></description>
	7017	<references>
	7018	<reference source="APPLE">APPLE-SA-2008-03-18</reference>
	7019	<reference source="BID">27234</reference>
	7020	<reference source="CVE">CVE-2008-0005</reference>
	7021	<reference source="OVAL">OVAL10812</reference>
	7022	<reference source="REDHAT">RHSA-2008:0004</reference>
	7023	<reference source="REDHAT">RHSA-2008:0005</reference>
	7024	<reference source="REDHAT">RHSA-2008:0006</reference>
	7025	<reference source="REDHAT">RHSA-2008:0007</reference>
	7026	<reference source="REDHAT">RHSA-2008:0008</reference>
	7027	<reference source="REDHAT">RHSA-2008:0009</reference>
	7028	<reference source="SECUNIA">28467</reference>
	7029	<reference source="SECUNIA">28471</reference>
	7030	<reference source="SECUNIA">28526</reference>
	7031	<reference source="SECUNIA">28607</reference>
	7032	<reference source="SECUNIA">28749</reference>
	7033	<reference source="SECUNIA">28977</reference>
	7034	<reference source="SECUNIA">29348</reference>
	7035	<reference source="SECUNIA">29420</reference>
	7036	<reference source="SECUNIA">29640</reference>
	7037	<reference source="SECUNIA">30732</reference>
	7038	<reference source="SECUNIA">35650</reference>
	7039	<reference source="SUSE">SUSE-SA:2008:021</reference>
	7040	<reference source="URL">http://httpd.apache.org/security/vulnerabilities_20.html</reference>
	7041	<reference source="URL">http://httpd.apache.org/security/vulnerabilities_22.html</reference>
	7042	<reference source="XF">39615</reference>
	7043	</references><tags>
	7044	<tag>Apache</tag>
	7045	<tag>Apache HTTP Server</tag>
	7046	<tag>Web</tag>
	7047	<tag>XSS</tag>
	7048	</tags>
	7049	<solution>
	7050
	7051	<ContainerBlockElement>
	7052	<UnorderedList>
	7053	<ListItem>
	7054	<Paragraph>Apache HTTPD >= 2.0 and < 2.0.63</Paragraph>
	7055	<Paragraph>Download and apply the upgrade from:
	7056	<URLLink LinkURL="http://archive.apache.org/dist/httpd/httpd-2.0.63.tar.gz" LinkTitle="http://archive.apache.org/dist/httpd/httpd-2.0.63.tar.gz"></URLLink></Paragraph>
	7057	<Paragraph>
	7058	<Paragraph>Many platforms and distributions provide pre-built binary packages for Apache HTTP server. These pre-built packages are usually customized and optimized for a particular distribution, therefore we recommend that you use the packages if they are available for your operating system.</Paragraph></Paragraph></ListItem>
	7059	<ListItem>
	7060	<Paragraph>Apache HTTPD >= 2.2 and < 2.2.8</Paragraph>
	7061	<Paragraph>Download and apply the upgrade from:
	7062	<URLLink LinkURL="http://archive.apache.org/dist/httpd/httpd-2.2.8.tar.gz" LinkTitle="http://archive.apache.org/dist/httpd/httpd-2.2.8.tar.gz"></URLLink></Paragraph>
	7063	<Paragraph>
	7064	<Paragraph>Many platforms and distributions provide pre-built binary packages for Apache HTTP server. These pre-built packages are usually customized and optimized for a particular distribution, therefore we recommend that you use the packages if they are available for your operating system.</Paragraph></Paragraph></ListItem></UnorderedList></ContainerBlockElement></solution>
	7065	</vulnerability>
	7066
	7067	<vulnerability id="apache-httpd-cve-2008-2939" title="Apache HTTPD: mod_proxy_ftp globbing XSS (CVE-2008-2939)" severity="4" pciSeverity="3" cvssScore="4.3" cvssVector="(AV:N/AC:M/Au:N/C:N/I:P/A:N)" published="20080806T000000000" added="20120412T000000000" modified="20130822T000000000">
	7068	<description>
	7069
	7070	<ContainerBlockElement>
	7071
	7072	<Paragraph>The affected asset is vulnerable to this vulnerability ONLY if it is running one of the following modules: mod_proxy_ftp. Review your web server configuration for validation. A flaw was found in the handling of wildcards in the path of a FTP URL with mod_proxy_ftp. If mod_proxy_ftp is enabled to support FTP-over-HTTP, requests containing globbing characters could lead to cross-site scripting (XSS) attacks.</Paragraph>
	7073	</ContainerBlockElement></description>
	7074	<references>
	7075	<reference source="APPLE">APPLE-SA-2009-05-12</reference>
	7076	<reference source="BID">30560</reference>
	7077	<reference source="CERT">TA09-133A</reference>
	7078	<reference source="CERT-VN">663763</reference>
	7079	<reference source="CVE">CVE-2008-2939</reference>
	7080	<reference source="OVAL">OVAL11316</reference>
	7081	<reference source="OVAL">OVAL7716</reference>
	7082	<reference source="REDHAT">RHSA-2008:0966</reference>
	7083	<reference source="REDHAT">RHSA-2008:0967</reference>
	7084	<reference source="SECUNIA">31384</reference>
	7085	<reference source="SECUNIA">31673</reference>
	7086	<reference source="SECUNIA">32685</reference>
	7087	<reference source="SECUNIA">32838</reference>
	7088	<reference source="SECUNIA">33156</reference>
	7089	<reference source="SECUNIA">33797</reference>
	7090	<reference source="SECUNIA">34219</reference>
	7091	<reference source="SECUNIA">35074</reference>
	7092	<reference source="URL">http://httpd.apache.org/security/vulnerabilities_20.html</reference>
	7093	<reference source="URL">http://httpd.apache.org/security/vulnerabilities_22.html</reference>
	7094	<reference source="XF">44223</reference>
	7095	</references><tags>
	7096	<tag>Apache</tag>
	7097	<tag>Apache HTTP Server</tag>
	7098	<tag>FTP</tag>
	7099	<tag>Web</tag>
	7100	<tag>XSS</tag>
	7101	</tags>
	7102	<solution>
	7103
	7104	<ContainerBlockElement>
	7105	<UnorderedList>
	7106	<ListItem>
	7107	<Paragraph>Apache HTTPD >= 2.0 and < 2.0.64</Paragraph>
	7108	<Paragraph>Download and apply the upgrade from:
	7109	<URLLink LinkURL="http://archive.apache.org/dist/httpd/httpd-2.0.64.tar.gz" LinkTitle="http://archive.apache.org/dist/httpd/httpd-2.0.64.tar.gz"></URLLink></Paragraph>
	7110	<Paragraph>
	7111	<Paragraph>Many platforms and distributions provide pre-built binary packages for Apache HTTP server. These pre-built packages are usually customized and optimized for a particular distribution, therefore we recommend that you use the packages if they are available for your operating system.</Paragraph></Paragraph></ListItem>
	7112	<ListItem>
	7113	<Paragraph>Apache HTTPD >= 2.2 and < 2.2.10</Paragraph>
	7114	<Paragraph>Download and apply the upgrade from:
	7115	<URLLink LinkURL="http://archive.apache.org/dist/httpd/httpd-2.2.10.tar.gz" LinkTitle="http://archive.apache.org/dist/httpd/httpd-2.2.10.tar.gz"></URLLink></Paragraph>
	7116	<Paragraph>
	7117	<Paragraph>Many platforms and distributions provide pre-built binary packages for Apache HTTP server. These pre-built packages are usually customized and optimized for a particular distribution, therefore we recommend that you use the packages if they are available for your operating system.</Paragraph></Paragraph></ListItem></UnorderedList></ContainerBlockElement></solution>
	7118	</vulnerability>
	7119
	7120	<vulnerability id="apache-struts-CVE-2013-2251" title="Apache Struts DefaultActionMapper OGNL arbitrary command execution (CVE-2013-2251)" severity="9" pciSeverity="5" cvssScore="9.3" cvssVector="(AV:N/AC:M/Au:N/C:C/I:C/A:C)" published="20130720T000000000" added="20130725T000000000" modified="20131105T000000000">
	7121	<description>
	7122
	7123	<ContainerBlockElement>
	7124
	7125	<Paragraph>Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a crafted (1) action:, (2) redirect:, or (3) redirectAction: prefix.</Paragraph>
	7126	</ContainerBlockElement></description>
	7127	<references>
	7128	<reference source="CVE">CVE-2013-2251</reference>
	7129	<reference source="OSVDB">98445</reference>
	7130	<reference source="URL">http://struts.apache.org/release/2.3.x/docs/s2-016.html</reference>
	7131	</references><tags>
	7132	<tag>Apache</tag>
	7133	<tag>Apache Struts</tag>
	7134	<tag>Remote Execution</tag>
	7135	<tag>Web</tag>
	7136	</tags>
	7137	<solution>
	7138
	7139	<ContainerBlockElement></ContainerBlockElement></solution>
	7140	</vulnerability>
	7141
	7142	<vulnerability id="certificate-common-name-mismatch" title="X.509 Certificate Subject CN Does Not Match the Entity Name" severity="7" pciSeverity="5" cvssScore="7.1" cvssVector="(AV:N/AC:H/Au:N/C:C/I:C/A:N)" published="20070803T000000000" added="20070803T000000000" modified="20120731T000000000">
	7143	<description>
	7144
	7145	<ContainerBlockElement>
	7146
	7147	<Paragraph>The subject common name (CN) field in the X.509 certificate does not match
	7148	the name of the entity presenting the certificate.</Paragraph>
	7149
	7150
	7151	<Paragraph>Before issuing a certificate, a Certification Authority (CA) must check the
	7152	identity of the entity requesting the certificate, as specified in the CA's
	7153	Certification Practice Statement (CPS). Thus, standard certificate validation
	7154	procedures require the subject CN field of a certificate to match the actual
	7155	name of the entity presenting the certificate. For example, in a certificate
	7156	presented by "https://www.example.com/", the CN should be "www.example.com".
	7157	</Paragraph>
	7158
	7159
	7160	<Paragraph>In order to detect and prevent active eavesdropping attacks, the validity of
	7161	a certificate must be verified, or else an attacker could then launch a
	7162	man-in-the-middle attack and gain full control of the data stream. Of
	7163	particular importance is the validity of the subject's CN, that should match
	7164	the name of the entity (hostname).</Paragraph>
	7165
	7166
	7167	<Paragraph>A CN mismatch most often occurs due to a configuration error, though it can
	7168	also indicate that a man-in-the-middle attack is being conducted.</Paragraph>
	7169	</ContainerBlockElement></description>
	7170	<references>
	7171	</references><tags>
	7172	<tag>HTTP</tag>
	7173	<tag>Web</tag>
	7174	</tags>
	7175	<solution>
	7176
	7177	<ContainerBlockElement>
	7178	<Paragraph>
	7179	The subject's common name (CN) field in the X.509 certificate should be fixed
	7180	to reflect the name of the entity presenting the certificate (e.g., the
	7181	hostname). This is done by generating a new certificate usually signed by a
	7182	Certification Authority (CA) trusted by both the client and server.
	7183	</Paragraph></ContainerBlockElement></solution>
	7184	</vulnerability>
	7185
	7186	<vulnerability id="checkpoint-ess-info-disclosure-sk57881" title="CheckPoint Endpoint Security Server Information Disclosure" severity="9" pciSeverity="5" cvssScore="9.4" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:N)" published="20101215T000000000" added="20110117T000000000" modified="20120731T000000000">
	7187	<description>
	7188
	7189	<ContainerBlockElement>
	7190
	7191	<Paragraph>
	7192	The web interface of CheckPoint Endpoint Security Server 7.x (R71,
	7193	R72 and R73) ships with an improperly protected configuration that
	7194	allows remote, unauthenticated users to access arbitrary files in the
	7195	'bin', 'conf', 'templates', 'install' and 'logs' directories within
	7196	the Tomcat directory. While the full extent of this vulnerability is
	7197	not currently understood, at a minimum it allows attackers to obtain
	7198	the private keys used to encrypt communication with the Endpoint
	7199	Security Server management interface, making a man-in-the-middle
	7200	attack considerably easier.
	7201	</Paragraph>
	7202	</ContainerBlockElement></description>
	7203	<references>
	7204	<reference source="URL">http://www.rapid7.com/security-center/advisories/R7-0038.jsp</reference>
	7205	<reference source="URL">https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk57881</reference>
	7206	</references><tags>
	7207	<tag>HTTP</tag>
	7208	<tag>Information Gathering</tag>
	7209	<tag>Web</tag>
	7210	</tags>
	7211	<solution>
	7212
	7213	<ContainerBlockElement>
	7214	<Paragraph>
	7215	Apply the hotfix as described in CheckPoint Solution ID
	7216
	7217	<URLLink LinkURL="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk57881" LinkTitle="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk57881" href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk57881">
	7218	SK57881</URLLink>, which will prevent the contents of these sensitive files
	7219	from being disclosed with an HTTP GET request, however this solution
	7220	does not prevent the size or presence of these files from being obtained
	7221	with an HTTP HEAD request, which is an information disclosure.
	7222	</Paragraph></ContainerBlockElement></solution>
	7223	</vulnerability>
	7224
	7225	<vulnerability id="cifs-insecure-acct-lockout-limit" title="CIFS Account Lockout Policy Allows Password Brute Forcing" severity="7" pciSeverity="4" cvssScore="6.8" cvssVector="(AV:N/AC:M/Au:N/C:P/I:P/A:P)" published="20041101T000000000" added="20041101T000000000" modified="20120712T000000000">
	7226	<description>
	7227
	7228	<ContainerBlockElement>
	7229
	7230	<Paragraph>The account lockout threshold of the CIFS/Samba (SMB) server is
	7231	too high. This is a security risk. Having a high account
	7232	lockout threshold allows a hacker to launch an effective
	7233	brute force attack to guess users' passwords. Using
	7234	a lower account lockout threshold will greatly limit the
	7235	effectiveness of any brute forcing attempts.</Paragraph>
	7236	</ContainerBlockElement></description>
	7237	<references>
	7238	</references><tags>
	7239	<tag>CIFS</tag>
	7240	<tag>Policy Violation</tag>
	7241	</tags>
	7242	<solution>
	7243
	7244	<ContainerBlockElement>
	7245	<UnorderedList>
	7246	<ListItem>
	7247	<Paragraph>Microsoft Windows Vista, Microsoft Windows Vista Home, Basic Edition, Microsoft Windows Vista Home, Basic N Edition, Microsoft Windows Vista Home, Premium Edition, Microsoft Windows Vista Ultimate Edition, Microsoft Windows Vista Enterprise Edition, Microsoft Windows Vista Business Edition, Microsoft Windows Vista Business N Edition, Microsoft Windows Vista Starter Edition, Microsoft Windows Server 2008, Microsoft Windows Server 2008 Standard Edition, Microsoft Windows Server 2008 Enterprise Edition, Microsoft Windows Server 2008 Datacenter Edition, Microsoft Windows Server 2008 HPC Edition, Microsoft Windows Server 2008 Web Edition, Microsoft Windows Server 2008 Storage Edition, Microsoft Windows Small Business Server 2008, Microsoft Windows Essential Business Server 2008, Microsoft Windows Server 2012, Microsoft Windows Server 2012 Essentials Edition, Microsoft Windows Server 2012 Standard Edition, Microsoft Windows Server 2012 Datacenter Edition, Microsoft Windows Server 2012 Foundation Edition, Microsoft Windows Storage Server 2012, Microsoft Windows 7, Microsoft Windows 7 Home, Basic Edition, Microsoft Windows 7 Home, Basic N Edition, Microsoft Windows 7 Home, Premium Edition, Microsoft Windows 7 Home, Premium N Edition, Microsoft Windows 7 Ultimate Edition, Microsoft Windows 7 Ultimate N Edition, Microsoft Windows 7 Enterprise Edition, Microsoft Windows 7 Enterprise N Edition, Microsoft Windows 7 Professional Edition, Microsoft Windows 7 Starter Edition, Microsoft Windows 7 Starter N Edition, Microsoft Windows Embedded Standard 7, Microsoft Windows Server 2008 R2, Microsoft Windows Server 2008 R2, Enterprise Edition, Microsoft Windows Server 2008 R2, Standard Edition, Microsoft Windows Server 2008 R2, Datacenter Edition, Microsoft Windows Server 2008 R2, Web Edition, Microsoft Windows 8, Microsoft Windows 8 Enterprise Edition, Microsoft Windows 8 Professional Edition, Microsoft Windows RT</Paragraph>
	7248	<Paragraph>
	7249	<OrderedList>
	7250	<ListItem>Open the Windows Control Panel.</ListItem>
	7251	<ListItem>Select "Administrative Tools".</ListItem>
	7252	<ListItem>To change the domain-wide lockout policy, select "Domain
	7253	Security Policy" (or "Domain Controller Security Policy" if
	7254	the computer is a Domain Controller). Otherwise, to change
	7255	the policy for this computer only, select "Local Security
	7256	Policy."</ListItem>
	7257	<ListItem>Expand the "Account Policies" folder and select
	7258	"Account Lockout Policy".</ListItem>
	7259	<ListItem>Set the Account Lockout Duration. This setting
	7260	controls the amount of time an account will remain
	7261	locked after repeated failed login attempts. To keep
	7262	accounts locked until the Administrator intervenes,
	7263	set the lockout duration to 0. Otherwise, be sure to
	7264	use a reasonable value, preferably 1440 minutes (1 day)
	7265	or greater.</ListItem>
	7266	<ListItem>Set the Account Lockout Threshold. This setting
	7267	determines the number of successive failed login attempts
	7268	that will cause the account to be locked. Set the
	7269	lockout threshold to 3 or fewer.</ListItem>
	7270	<ListItem>Restart the system for the changes to take effect.</ListItem></OrderedList></Paragraph></ListItem>
	7271	<ListItem>
	7272	<Paragraph>Microsoft Windows XP, Microsoft Windows XP Home, Microsoft Windows XP Professional, Microsoft Windows Server 2003, Microsoft Windows Server 2003, Standard Edition, Microsoft Windows Server 2003, Enterprise Edition, Microsoft Windows Server 2003, Datacenter Edition, Microsoft Windows Server 2003, Web Edition, Microsoft Windows Small Business Server 2003</Paragraph>
	7273	<Paragraph>
	7274	<OrderedList>
	7275	<ListItem>Open the "Performance and Maintenance" control panel.</ListItem>
	7276	<ListItem>Select "Administrative Tools".</ListItem>
	7277	<ListItem>To change the domain-wide lockout policy, select "Domain
	7278	Security Policy" (or "Domain Controller Security Policy" if
	7279	the computer is a Domain Controller). Otherwise, to change
	7280	the policy for this computer only, select "Local Security
	7281	Policy."</ListItem>
	7282	<ListItem>Expand the "Account Policies" folder and select
	7283	"Account Lockout Policy".</ListItem>
	7284	<ListItem>Set the Account Lockout Duration. This setting
	7285	controls the amount of time an account will remain
	7286	locked after repeated failed login attempts. To keep
	7287	accounts locked until the Administrator intervenes,
	7288	set the lockout duration to 0. Otherwise, be sure to
	7289	use a reasonable value, preferably 1440 minutes (1 day)
	7290	or greater.</ListItem>
	7291	<ListItem>Set the Account Lockout Threshold. This setting
	7292	determines the number of successive failed login attempts
	7293	that will cause the account to be locked. Set the
	7294	lockout threshold to 3 or fewer.</ListItem>
	7295	<ListItem>Restart the system for the changes to take effect.</ListItem></OrderedList></Paragraph></ListItem>
	7296	<ListItem>
	7297	<Paragraph>Microsoft Windows 2000, Microsoft Windows 2000 Professional, Microsoft Windows 2000 Server, Microsoft Windows 2000 Advanced Server, Microsoft Windows 2000 Datacenter Server</Paragraph>
	7298	<Paragraph>
	7299	<OrderedList>
	7300	<ListItem>Open the "Administrative Tools" control panel.</ListItem>
	7301	<ListItem>To change the domain-wide lockout policy, select "Domain
	7302	Security Policy" (or "Domain Controller Security Policy" if
	7303	the computer is a Domain Controller). Otherwise, to change
	7304	the policy for this computer only, select "Local Security
	7305	Policy."</ListItem>
	7306	<ListItem>Expand the "Account Policies" folder and select
	7307	"Account Lockout Policy".</ListItem>
	7308	<ListItem>Set the Account Lockout Duration. This setting
	7309	controls the amount of time an account will remain
	7310	locked after repeated failed login attempts. To keep
	7311	accounts locked until the Administrator intervenes,
	7312	set the lockout duration to 0. Otherwise, be sure to
	7313	use a reasonable value, preferably 1440 minutes (1 day)
	7314	or greater.</ListItem>
	7315	<ListItem>Set the Account Lockout Threshold. This setting
	7316	determines the number of successive failed login attempts
	7317	that will cause the account to be locked. Set the
	7318	lockout threshold to 3 or fewer.</ListItem>
	7319	<ListItem>Restart the system for the changes to take effect.</ListItem></OrderedList></Paragraph></ListItem>
	7320	<ListItem>
	7321	<Paragraph>Microsoft Windows NT, Microsoft Windows NT Workstation, Microsoft Windows NT Server, Microsoft Windows NT Advanced Server, Microsoft Windows NT Server, Enterprise Edition, Microsoft Windows NT Server, Terminal Server Edition</Paragraph>
	7322	<Paragraph>
	7323	<OrderedList>
	7324	<ListItem>Click on the "Start" button from the Task Bar</ListItem>
	7325	<ListItem>Select "Programs"</ListItem>
	7326	<ListItem>Select "Administrative Tools"</ListItem>
	7327	<ListItem>To change the domain-wide lockout policy, select
	7328	"User Manager for Domains". Otherwise, to change
	7329	the policy for this computer only, select "User Manager".</ListItem>
	7330	<ListItem>From the "Policies" menu, select "Account..."</ListItem>
	7331	<ListItem>Click on the "Account Lockout" radio button to enable
	7332	use of the account lockout policy feature.</ListItem>
	7333	<ListItem>"Lockout after [n] bad logon attempts" determines how many
	7334	successive failed logins attempts will trigger the lockout.
	7335	This should be set to a reasonably low value such as 3, which
	7336	would cause the account to get locked after 3 failed login
	7337	attempts.</ListItem>
	7338	<ListItem>"Reset count after [30] minutes" is the amount of time
	7339	to track failed logins for. This should be set to a reasonably
	7340	high value, such as 1440 minutes (1 day).</ListItem>
	7341	<ListItem>"Lockout Duration" is used to define how long the account
	7342	remains locked. To keep the account locked until the
	7343	administrator intervenes, select the "Forever (until admin
	7344	unlocks)" radio button. Otherwise, be sure to use a reasonably
	7345	high value, preferably 1440 minutes (1 day) or greater.</ListItem>
	7346	<ListItem>Restart the system for the changes to take effect</ListItem></OrderedList></Paragraph></ListItem>
	7347	<ListItem>
	7348	<Paragraph>IBM OS/400</Paragraph>
	7349	<Paragraph>
	7350	<Paragraph>OS/400 V4R2 and later include a feature called
	7351
	7352	<URLLink LinkURL="http://www-1.ibm.com/servers/eserver/iseries/netserver/" LinkTitle="http://www-1.ibm.com/servers/eserver/iseries/netserver/" href="http://www-1.ibm.com/servers/eserver/iseries/netserver/">NetServer</URLLink>
	7353	which provides Windows compatible file and printer sharing. Early
	7354	versions of NetServer relied on the underlying OS/400 user authentication
	7355	system. However, starting with V5R1 and V5R2, NetServer can be integrated
	7356	into your Windows Domain or Active Directory via Kerberos, NetBIOS, or
	7357	LDAP. This integration allows the NetServer to inherit the domain's account
	7358	lockout policies. Refer to the NetServer documentation for more information.</Paragraph></Paragraph></ListItem>
	7359	<ListItem>
	7360	<Paragraph>Samba</Paragraph>
	7361	<Paragraph>
	7362	<Paragraph>The Samba server uses the host operating system's authentication
	7363	mechanism to control access. If you want to integrate
	7364	Samba into your NT4 domain or Win2k Active Directory, you can
	7365	use Samba 2.2.2 or later with winbind to achieve "single sign-on".
	7366	However, integrating Samba with LDAP/Kerberos/Active Directory is
	7367	not a trivial task and should only be undertaken with caution.</Paragraph></Paragraph></ListItem></UnorderedList></ContainerBlockElement></solution>
	7368	</vulnerability>
	7369
	7370	<vulnerability id="cifs-insecure-password-length-min" title="CIFS Minimum Password Length Policy Allows Password Brute Forcing" severity="7" pciSeverity="4" cvssScore="6.8" cvssVector="(AV:N/AC:M/Au:N/C:P/I:P/A:P)" published="20041101T000000000" added="20041101T000000000" modified="20120712T000000000">
	7371	<description>
	7372
	7373	<ContainerBlockElement>
	7374
	7375	<Paragraph>The minimum password length on the CIFS/Samba server is too low.
	7376	This is a security risk. If the account policy does not
	7377	enforce a reasonable minimum password length, an attacker
	7378	will stand a much better chance of guessing or brute forcing
	7379	users' passwords. Enforcing a higher minimum password length
	7380	will limit the effectiveness of any brute forcing attempts.</Paragraph>
	7381
	7382
	7383	<Paragraph>The default password length is typically set to 0, which
	7384	allows empty passwords. Most policies recommend setting the
	7385	minimum to 6 or more characters.</Paragraph>
	7386	</ContainerBlockElement></description>
	7387	<references>
	7388	</references><tags>
	7389	<tag>CIFS</tag>
	7390	<tag>Default Account</tag>
	7391	<tag>Policy Violation</tag>
	7392	</tags>
	7393	<solution>
	7394
	7395	<ContainerBlockElement>
	7396	<UnorderedList>
	7397	<ListItem>
	7398	<Paragraph>Microsoft Windows Vista, Microsoft Windows Vista Home, Basic Edition, Microsoft Windows Vista Home, Basic N Edition, Microsoft Windows Vista Home, Premium Edition, Microsoft Windows Vista Ultimate Edition, Microsoft Windows Vista Enterprise Edition, Microsoft Windows Vista Business Edition, Microsoft Windows Vista Business N Edition, Microsoft Windows Vista Starter Edition, Microsoft Windows Server 2008, Microsoft Windows Server 2008 Standard Edition, Microsoft Windows Server 2008 Enterprise Edition, Microsoft Windows Server 2008 Datacenter Edition, Microsoft Windows Server 2008 HPC Edition, Microsoft Windows Server 2008 Web Edition, Microsoft Windows Server 2008 Storage Edition, Microsoft Windows Small Business Server 2008, Microsoft Windows Essential Business Server 2008, Microsoft Windows Server 2012, Microsoft Windows Server 2012 Essentials Edition, Microsoft Windows Server 2012 Standard Edition, Microsoft Windows Server 2012 Datacenter Edition, Microsoft Windows Server 2012 Foundation Edition, Microsoft Windows Storage Server 2012, Microsoft Windows 7, Microsoft Windows 7 Home, Basic Edition, Microsoft Windows 7 Home, Basic N Edition, Microsoft Windows 7 Home, Premium Edition, Microsoft Windows 7 Home, Premium N Edition, Microsoft Windows 7 Ultimate Edition, Microsoft Windows 7 Ultimate N Edition, Microsoft Windows 7 Enterprise Edition, Microsoft Windows 7 Enterprise N Edition, Microsoft Windows 7 Professional Edition, Microsoft Windows 7 Starter Edition, Microsoft Windows 7 Starter N Edition, Microsoft Windows Embedded Standard 7, Microsoft Windows Server 2008 R2, Microsoft Windows Server 2008 R2, Enterprise Edition, Microsoft Windows Server 2008 R2, Standard Edition, Microsoft Windows Server 2008 R2, Datacenter Edition, Microsoft Windows Server 2008 R2, Web Edition, Microsoft Windows 8, Microsoft Windows 8 Enterprise Edition, Microsoft Windows 8 Professional Edition, Microsoft Windows RT</Paragraph>
	7399	<Paragraph>
	7400	<OrderedList>
	7401	<ListItem>Open the Windows Control Panel.</ListItem>
	7402	<ListItem>Select "Administrative Tools".</ListItem>
	7403	<ListItem>To change the domain-wide lockout policy, select "Domain
	7404	Security Policy" (or "Domain Controller Security Policy" if
	7405	the computer is a Domain Controller). Otherwise, to change
	7406	the policy for this computer only, select "Local Security
	7407	Policy."</ListItem>
	7408	<ListItem>Expand the "Account Policies" folder and select
	7409	"Password Policy".</ListItem>
	7410	<ListItem>Set the Minimum Password Length. This setting
	7411	enforces a minimum length for new or changed passwords.
	7412	A value of 6 or higher is recommended.</ListItem>
	7413	<ListItem>Note that this policy does not affect existing
	7414	passwords. It will only take effect when an existing
	7415	user changes his password.</ListItem></OrderedList></Paragraph></ListItem>
	7416	<ListItem>
	7417	<Paragraph>Microsoft Windows XP, Microsoft Windows XP Home, Microsoft Windows XP Professional, Microsoft Windows Server 2003, Microsoft Windows Server 2003, Standard Edition, Microsoft Windows Server 2003, Enterprise Edition, Microsoft Windows Server 2003, Datacenter Edition, Microsoft Windows Server 2003, Web Edition, Microsoft Windows Small Business Server 2003</Paragraph>
	7418	<Paragraph>
	7419	<OrderedList>
	7420	<ListItem>Open the "Performance and Maintenance" control panel.</ListItem>
	7421	<ListItem>Select "Administrative Tools".</ListItem>
	7422	<ListItem>To change the domain-wide lockout policy, select "Domain
	7423	Security Policy" (or "Domain Controller Security Policy" if
	7424	the computer is a Domain Controller). Otherwise, to change
	7425	the policy for this computer only, select "Local Security
	7426	Policy."</ListItem>
	7427	<ListItem>Expand the "Account Policies" folder and select
	7428	"Password Policy".</ListItem>
	7429	<ListItem>Set the Minimum Password Length. This setting
	7430	enforces a minimum length for new or changed passwords.
	7431	A value of 6 or higher is recommended.</ListItem>
	7432	<ListItem>Note that this policy does not affect existing
	7433	passwords. It will only take effect when an existing
	7434	user changes his password.</ListItem></OrderedList></Paragraph></ListItem>
	7435	<ListItem>
	7436	<Paragraph>Microsoft Windows 2000, Microsoft Windows 2000 Professional, Microsoft Windows 2000 Server, Microsoft Windows 2000 Advanced Server, Microsoft Windows 2000 Datacenter Server</Paragraph>
	7437	<Paragraph>
	7438	<OrderedList>
	7439	<ListItem>Open the "Administrative Tools" control panel.</ListItem>
	7440	<ListItem>To change the domain-wide lockout policy, select "Domain
	7441	Security Policy" (or "Domain Controller Security Policy" if
	7442	the computer is a Domain Controller). Otherwise, to change
	7443	the policy for this computer only, select "Local Security
	7444	Policy."</ListItem>
	7445	<ListItem>Expand the "Account Policies" folder and select
	7446	"Password Policy".</ListItem>
	7447	<ListItem>Set the Minimum Password Length. This setting
	7448	enforces a minimum length for new or changed passwords.
	7449	A value of 6 or higher is recommended.</ListItem>
	7450	<ListItem>Note that this policy does not affect existing
	7451	passwords. It will only take effect when an existing
	7452	user changes his password.</ListItem></OrderedList></Paragraph></ListItem>
	7453	<ListItem>
	7454	<Paragraph>Microsoft Windows NT, Microsoft Windows NT Workstation, Microsoft Windows NT Server, Microsoft Windows NT Advanced Server, Microsoft Windows NT Server, Enterprise Edition, Microsoft Windows NT Server, Terminal Server Edition</Paragraph>
	7455	<Paragraph>
	7456	<OrderedList>
	7457	<ListItem>Click on the "Start" button from the Task Bar</ListItem>
	7458	<ListItem>Select "Programs"</ListItem>
	7459	<ListItem>Select "Administrative Tools"</ListItem>
	7460	<ListItem>To change the domain-wide lockout policy, select
	7461	"User Manager for Domains". Otherwise, to change
	7462	the policy for this computer only, select "User Manager".</ListItem>
	7463	<ListItem>From the "Policies" menu, select "Account..."</ListItem>
	7464	<ListItem>Set the Minimum Password Length. This setting
	7465	enforces a minimum length for new or changed passwords.
	7466	A value of 6 or higher is recommended.</ListItem>
	7467	<ListItem>Note that this policy does not affect existing
	7468	passwords. It will only take effect when an existing
	7469	user changes his password.</ListItem></OrderedList></Paragraph></ListItem>
	7470	<ListItem>
	7471	<Paragraph>IBM OS/400</Paragraph>
	7472	<Paragraph>
	7473	<Paragraph>OS/400 V4R2 and later include a feature called
	7474
	7475	<URLLink LinkURL="http://www-1.ibm.com/servers/eserver/iseries/netserver/" LinkTitle="http://www-1.ibm.com/servers/eserver/iseries/netserver/" href="http://www-1.ibm.com/servers/eserver/iseries/netserver/">NetServer</URLLink>
	7476	which provides Windows compatible file and printer sharing. Early
	7477	versions of NetServer relied on the underlying OS/400 user authentication
	7478	system. However, starting with V5R1 and V5R2, NetServer can be integrated
	7479	into your Windows Domain or Active Directory via Kerberos, NetBIOS, or
	7480	LDAP. This integration allows the NetServer to inherit the domain's account
	7481	lockout policies. Refer to the NetServer documentation for more information.</Paragraph></Paragraph></ListItem>
	7482	<ListItem>
	7483	<Paragraph>Samba</Paragraph>
	7484	<Paragraph>
	7485	<Paragraph>The Samba server uses the host operating system's authentication
	7486	mechanism to control access. If you want to integrate
	7487	Samba into your NT4 domain or Win2k Active Directory, you can
	7488	use Samba 2.2.2 or later with winbind to achieve "single sign-on".
	7489	However, integrating Samba with LDAP/Kerberos/Active Directory is
	7490	not a trivial task and should only be undertaken with caution.</Paragraph></Paragraph></ListItem></UnorderedList></ContainerBlockElement></solution>
	7491	</vulnerability>
	7492
	7493	<vulnerability id="cifs-no-acct-lockout-limit" title="CIFS Account Lockout Policy Not Enforced" severity="7" pciSeverity="4" cvssScore="6.8" cvssVector="(AV:N/AC:M/Au:N/C:P/I:P/A:P)" published="20041101T000000000" added="20041101T000000000" modified="20120712T000000000">
	7494	<description>
	7495
	7496	<ContainerBlockElement>
	7497
	7498	<Paragraph>The CIFS server is not using an account lockout threshold.
	7499	This is a security risk. Having no lockout threshold
	7500	allows a hacker to launch a very effective brute force
	7501	attack to guess users' passwords. Using an account lockout
	7502	threshold of 3 or lower will greatly limit the effectiveness
	7503	of any brute forcing attempts.</Paragraph>
	7504	</ContainerBlockElement></description>
	7505	<references>
	7506	</references><tags>
	7507	<tag>CIFS</tag>
	7508	<tag>Policy Violation</tag>
	7509	</tags>
	7510	<solution>
	7511
	7512	<ContainerBlockElement>
	7513	<UnorderedList>
	7514	<ListItem>
	7515	<Paragraph>Microsoft Windows Vista, Microsoft Windows Vista Home, Basic Edition, Microsoft Windows Vista Home, Basic N Edition, Microsoft Windows Vista Home, Premium Edition, Microsoft Windows Vista Ultimate Edition, Microsoft Windows Vista Enterprise Edition, Microsoft Windows Vista Business Edition, Microsoft Windows Vista Business N Edition, Microsoft Windows Vista Starter Edition, Microsoft Windows Server 2008, Microsoft Windows Server 2008 Standard Edition, Microsoft Windows Server 2008 Enterprise Edition, Microsoft Windows Server 2008 Datacenter Edition, Microsoft Windows Server 2008 HPC Edition, Microsoft Windows Server 2008 Web Edition, Microsoft Windows Server 2008 Storage Edition, Microsoft Windows Small Business Server 2008, Microsoft Windows Essential Business Server 2008, Microsoft Windows Server 2012, Microsoft Windows Server 2012 Essentials Edition, Microsoft Windows Server 2012 Standard Edition, Microsoft Windows Server 2012 Datacenter Edition, Microsoft Windows Server 2012 Foundation Edition, Microsoft Windows Storage Server 2012, Microsoft Windows 7, Microsoft Windows 7 Home, Basic Edition, Microsoft Windows 7 Home, Basic N Edition, Microsoft Windows 7 Home, Premium Edition, Microsoft Windows 7 Home, Premium N Edition, Microsoft Windows 7 Ultimate Edition, Microsoft Windows 7 Ultimate N Edition, Microsoft Windows 7 Enterprise Edition, Microsoft Windows 7 Enterprise N Edition, Microsoft Windows 7 Professional Edition, Microsoft Windows 7 Starter Edition, Microsoft Windows 7 Starter N Edition, Microsoft Windows Embedded Standard 7, Microsoft Windows Server 2008 R2, Microsoft Windows Server 2008 R2, Enterprise Edition, Microsoft Windows Server 2008 R2, Standard Edition, Microsoft Windows Server 2008 R2, Datacenter Edition, Microsoft Windows Server 2008 R2, Web Edition, Microsoft Windows 8, Microsoft Windows 8 Enterprise Edition, Microsoft Windows 8 Professional Edition, Microsoft Windows RT</Paragraph>
	7516	<Paragraph>
	7517	<OrderedList>
	7518	<ListItem>Open the Windows Control Panel.</ListItem>
	7519	<ListItem>Select "Administrative Tools".</ListItem>
	7520	<ListItem>To change the domain-wide lockout policy, select "Domain
	7521	Security Policy" (or "Domain Controller Security Policy" if
	7522	the computer is a Domain Controller). Otherwise, to change
	7523	the policy for this computer only, select "Local Security
	7524	Policy."</ListItem>
	7525	<ListItem>Expand the "Account Policies" folder and select
	7526	"Account Lockout Policy".</ListItem>
	7527	<ListItem>Set the Account Lockout Duration. This setting
	7528	controls the amount of time an account will remain
	7529	locked after repeated failed login attempts. To keep
	7530	accounts locked until the Administrator intervenes,
	7531	set the lockout duration to 0. Otherwise, be sure to
	7532	use a reasonable value, preferably 1440 minutes (1 day)
	7533	or greater.</ListItem>
	7534	<ListItem>Set the Account Lockout Threshold. This setting
	7535	determines the number of successive failed login attempts
	7536	that will cause the account to be locked. Set the
	7537	lockout threshold to 3 or fewer.</ListItem>
	7538	<ListItem>Restart the system for the changes to take effect.</ListItem></OrderedList></Paragraph></ListItem>
	7539	<ListItem>
	7540	<Paragraph>Microsoft Windows XP, Microsoft Windows XP Home, Microsoft Windows XP Professional, Microsoft Windows Server 2003, Microsoft Windows Server 2003, Standard Edition, Microsoft Windows Server 2003, Enterprise Edition, Microsoft Windows Server 2003, Datacenter Edition, Microsoft Windows Server 2003, Web Edition, Microsoft Windows Small Business Server 2003</Paragraph>
	7541	<Paragraph>
	7542	<OrderedList>
	7543	<ListItem>Open the "Performance and Maintenance" control panel.</ListItem>
	7544	<ListItem>Select "Administrative Tools".</ListItem>
	7545	<ListItem>To change the domain-wide lockout policy, select "Domain
	7546	Security Policy" (or "Domain Controller Security Policy" if
	7547	the computer is a Domain Controller). Otherwise, to change
	7548	the policy for this computer only, select "Local Security
	7549	Policy."</ListItem>
	7550	<ListItem>Expand the "Account Policies" folder and select
	7551	"Account Lockout Policy".</ListItem>
	7552	<ListItem>Set the Account Lockout Duration. This setting
	7553	controls the amount of time an account will remain
	7554	locked after repeated failed login attempts. To keep
	7555	accounts locked until the Administrator intervenes,
	7556	set the lockout duration to 0. Otherwise, be sure to
	7557	use a reasonable value, preferably 1440 minutes (1 day)
	7558	or greater.</ListItem>
	7559	<ListItem>Set the Account Lockout Threshold. This setting
	7560	determines the number of successive failed login attempts
	7561	that will cause the account to be locked. Set the
	7562	lockout threshold to 3 or fewer.</ListItem>
	7563	<ListItem>Restart the system for the changes to take effect.</ListItem></OrderedList></Paragraph></ListItem>
	7564	<ListItem>
	7565	<Paragraph>Microsoft Windows 2000, Microsoft Windows 2000 Professional, Microsoft Windows 2000 Server, Microsoft Windows 2000 Advanced Server, Microsoft Windows 2000 Datacenter Server</Paragraph>
	7566	<Paragraph>
	7567	<OrderedList>
	7568	<ListItem>Open the "Administrative Tools" control panel.</ListItem>
	7569	<ListItem>To change the domain-wide lockout policy, select "Domain
	7570	Security Policy" (or "Domain Controller Security Policy" if
	7571	the computer is a Domain Controller). Otherwise, to change
	7572	the policy for this computer only, select "Local Security
	7573	Policy."</ListItem>
	7574	<ListItem>Expand the "Account Policies" folder and select
	7575	"Account Lockout Policy".</ListItem>
	7576	<ListItem>Set the Account Lockout Duration. This setting
	7577	controls the amount of time an account will remain
	7578	locked after repeated failed login attempts. To keep
	7579	accounts locked until the Administrator intervenes,
	7580	set the lockout duration to 0. Otherwise, be sure to
	7581	use a reasonable value, preferably 1440 minutes (1 day)
	7582	or greater.</ListItem>
	7583	<ListItem>Set the Account Lockout Threshold. This setting
	7584	determines the number of successive failed login attempts
	7585	that will cause the account to be locked. Set the
	7586	lockout threshold to 3 or fewer.</ListItem>
	7587	<ListItem>Restart the system for the changes to take effect.</ListItem></OrderedList></Paragraph></ListItem>
	7588	<ListItem>
	7589	<Paragraph>Microsoft Windows NT, Microsoft Windows NT Workstation, Microsoft Windows NT Server, Microsoft Windows NT Advanced Server, Microsoft Windows NT Server, Enterprise Edition, Microsoft Windows NT Server, Terminal Server Edition</Paragraph>
	7590	<Paragraph>
	7591	<OrderedList>
	7592	<ListItem>Click on the "Start" button from the Task Bar</ListItem>
	7593	<ListItem>Select "Programs"</ListItem>
	7594	<ListItem>Select "Administrative Tools"</ListItem>
	7595	<ListItem>To change the domain-wide lockout policy, select
	7596	"User Manager for Domains". Otherwise, to change
	7597	the policy for this computer only, select "User Manager".</ListItem>
	7598	<ListItem>From the "Policies" menu, select "Account..."</ListItem>
	7599	<ListItem>Click on the "Account Lockout" radio button to enable
	7600	use of the account lockout policy feature.</ListItem>
	7601	<ListItem>"Lockout after [n] bad logon attempts" determines how many
	7602	successive failed logins attempts will trigger the lockout.
	7603	This should be set to a reasonably low value such as 3, which
	7604	would cause the account to get locked after 3 failed login
	7605	attempts.</ListItem>
	7606	<ListItem>"Reset count after [30] minutes" is the amount of time
	7607	to track failed logins for. This should be set to a reasonably
	7608	high value, such as 1440 minutes (1 day).</ListItem>
	7609	<ListItem>"Lockout Duration" is used to define how long the account
	7610	remains locked. To keep the account locked until the
	7611	administrator intervenes, select the "Forever (until admin
	7612	unlocks)" radio button. Otherwise, be sure to use a reasonably
	7613	high value, preferably 1440 minutes (1 day) or greater.</ListItem>
	7614	<ListItem>Restart the system for the changes to take effect</ListItem></OrderedList></Paragraph></ListItem>
	7615	<ListItem>
	7616	<Paragraph>IBM OS/400</Paragraph>
	7617	<Paragraph>
	7618	<Paragraph>OS/400 V4R2 and later include a feature called
	7619
	7620	<URLLink LinkURL="http://www-1.ibm.com/servers/eserver/iseries/netserver/" LinkTitle="http://www-1.ibm.com/servers/eserver/iseries/netserver/" href="http://www-1.ibm.com/servers/eserver/iseries/netserver/">NetServer</URLLink>
	7621	which provides Windows compatible file and printer sharing. Early
	7622	versions of NetServer relied on the underlying OS/400 user authentication
	7623	system. However, starting with V5R1 and V5R2, NetServer can be integrated
	7624	into your Windows Domain or Active Directory via Kerberos, NetBIOS, or
	7625	LDAP. This integration allows the NetServer to inherit the domain's account
	7626	lockout policies. Refer to the NetServer documentation for more information.</Paragraph></Paragraph></ListItem>
	7627	<ListItem>
	7628	<Paragraph>Samba</Paragraph>
	7629	<Paragraph>
	7630	<Paragraph>The Samba server uses the host operating system's authentication
	7631	mechanism to control access. If you want to integrate
	7632	Samba into your NT4 domain or Win2k Active Directory, you can
	7633	use Samba 2.2.2 or later with winbind to achieve "single sign-on".
	7634	However, integrating Samba with LDAP/Kerberos/Active Directory is
	7635	not a trivial task and should only be undertaken with caution.</Paragraph></Paragraph></ListItem></UnorderedList></ContainerBlockElement></solution>
	7636	</vulnerability>
	7637
	7638	<vulnerability id="cifs-no-password-length-min" title="CIFS Minimum Password Length Policy Not Enforced" severity="7" pciSeverity="4" cvssScore="6.8" cvssVector="(AV:N/AC:M/Au:N/C:P/I:P/A:P)" published="20041101T000000000" added="20041101T000000000" modified="20120712T000000000">
	7639	<description>
	7640
	7641	<ContainerBlockElement>
	7642
	7643	<Paragraph>The minimum password length on the CIFS server is set
	7644	to 0, which allows accounts with no password and accounts
	7645	with very short passwords. This is a security risk. If the
	7646	account policy does not enforce a reasonable minimum password
	7647	length, an attacker will stand a much better chance of
	7648	guessing or brute forcing users' passwords. Enforcing a higher
	7649	minimum password length will limit the effectiveness of
	7650	any brute forcing attempts.</Paragraph>
	7651
	7652
	7653	<Paragraph>The default password length is typically set to 0, which
	7654	allows empty passwords. Most policies recommend setting the
	7655	minimum to 6 or more characters.</Paragraph>
	7656	</ContainerBlockElement></description>
	7657	<references>
	7658	</references><tags>
	7659	<tag>CIFS</tag>
	7660	<tag>Default Account</tag>
	7661	<tag>Policy Violation</tag>
	7662	</tags>
	7663	<solution>
	7664
	7665	<ContainerBlockElement>
	7666	<UnorderedList>
	7667	<ListItem>
	7668	<Paragraph>Microsoft Windows Vista, Microsoft Windows Vista Home, Basic Edition, Microsoft Windows Vista Home, Basic N Edition, Microsoft Windows Vista Home, Premium Edition, Microsoft Windows Vista Ultimate Edition, Microsoft Windows Vista Enterprise Edition, Microsoft Windows Vista Business Edition, Microsoft Windows Vista Business N Edition, Microsoft Windows Vista Starter Edition, Microsoft Windows Server 2008, Microsoft Windows Server 2008 Standard Edition, Microsoft Windows Server 2008 Enterprise Edition, Microsoft Windows Server 2008 Datacenter Edition, Microsoft Windows Server 2008 HPC Edition, Microsoft Windows Server 2008 Web Edition, Microsoft Windows Server 2008 Storage Edition, Microsoft Windows Small Business Server 2008, Microsoft Windows Essential Business Server 2008, Microsoft Windows Server 2012, Microsoft Windows Server 2012 Essentials Edition, Microsoft Windows Server 2012 Standard Edition, Microsoft Windows Server 2012 Datacenter Edition, Microsoft Windows Server 2012 Foundation Edition, Microsoft Windows Storage Server 2012, Microsoft Windows 7, Microsoft Windows 7 Home, Basic Edition, Microsoft Windows 7 Home, Basic N Edition, Microsoft Windows 7 Home, Premium Edition, Microsoft Windows 7 Home, Premium N Edition, Microsoft Windows 7 Ultimate Edition, Microsoft Windows 7 Ultimate N Edition, Microsoft Windows 7 Enterprise Edition, Microsoft Windows 7 Enterprise N Edition, Microsoft Windows 7 Professional Edition, Microsoft Windows 7 Starter Edition, Microsoft Windows 7 Starter N Edition, Microsoft Windows Embedded Standard 7, Microsoft Windows Server 2008 R2, Microsoft Windows Server 2008 R2, Enterprise Edition, Microsoft Windows Server 2008 R2, Standard Edition, Microsoft Windows Server 2008 R2, Datacenter Edition, Microsoft Windows Server 2008 R2, Web Edition, Microsoft Windows 8, Microsoft Windows 8 Enterprise Edition, Microsoft Windows 8 Professional Edition, Microsoft Windows RT</Paragraph>
	7669	<Paragraph>
	7670	<OrderedList>
	7671	<ListItem>Open the Windows Control Panel.</ListItem>
	7672	<ListItem>Select "Administrative Tools".</ListItem>
	7673	<ListItem>To change the domain-wide lockout policy, select "Domain
	7674	Security Policy" (or "Domain Controller Security Policy" if
	7675	the computer is a Domain Controller). Otherwise, to change
	7676	the policy for this computer only, select "Local Security
	7677	Policy."</ListItem>
	7678	<ListItem>Expand the "Account Policies" folder and select
	7679	"Password Policy".</ListItem>
	7680	<ListItem>Set the Minimum Password Length. This setting
	7681	enforces a minimum length for new or changed passwords.
	7682	A value of 6 or higher is recommended.</ListItem>
	7683	<ListItem>Note that this policy does not affect existing
	7684	passwords. It will only take effect when an existing
	7685	user changes his password.</ListItem></OrderedList></Paragraph></ListItem>
	7686	<ListItem>
	7687	<Paragraph>Microsoft Windows XP, Microsoft Windows XP Home, Microsoft Windows XP Professional, Microsoft Windows Server 2003, Microsoft Windows Server 2003, Standard Edition, Microsoft Windows Server 2003, Enterprise Edition, Microsoft Windows Server 2003, Datacenter Edition, Microsoft Windows Server 2003, Web Edition, Microsoft Windows Small Business Server 2003</Paragraph>
	7688	<Paragraph>
	7689	<OrderedList>
	7690	<ListItem>Open the "Performance and Maintenance" control panel.</ListItem>
	7691	<ListItem>Select "Administrative Tools".</ListItem>
	7692	<ListItem>To change the domain-wide lockout policy, select "Domain
	7693	Security Policy" (or "Domain Controller Security Policy" if
	7694	the computer is a Domain Controller). Otherwise, to change
	7695	the policy for this computer only, select "Local Security
	7696	Policy."</ListItem>
	7697	<ListItem>Expand the "Account Policies" folder and select
	7698	"Password Policy".</ListItem>
	7699	<ListItem>Set the Minimum Password Length. This setting
	7700	enforces a minimum length for new or changed passwords.
	7701	A value of 6 or higher is recommended.</ListItem>
	7702	<ListItem>Note that this policy does not affect existing
	7703	passwords. It will only take effect when an existing
	7704	user changes his password.</ListItem></OrderedList></Paragraph></ListItem>
	7705	<ListItem>
	7706	<Paragraph>Microsoft Windows 2000, Microsoft Windows 2000 Professional, Microsoft Windows 2000 Server, Microsoft Windows 2000 Advanced Server, Microsoft Windows 2000 Datacenter Server</Paragraph>
	7707	<Paragraph>
	7708	<OrderedList>
	7709	<ListItem>Open the "Administrative Tools" control panel.</ListItem>
	7710	<ListItem>To change the domain-wide lockout policy, select "Domain
	7711	Security Policy" (or "Domain Controller Security Policy" if
	7712	the computer is a Domain Controller). Otherwise, to change
	7713	the policy for this computer only, select "Local Security
	7714	Policy."</ListItem>
	7715	<ListItem>Expand the "Account Policies" folder and select
	7716	"Password Policy".</ListItem>
	7717	<ListItem>Set the Minimum Password Length. This setting
	7718	enforces a minimum length for new or changed passwords.
	7719	A value of 6 or higher is recommended.</ListItem>
	7720	<ListItem>Note that this policy does not affect existing
	7721	passwords. It will only take effect when an existing
	7722	user changes his password.</ListItem></OrderedList></Paragraph></ListItem>
	7723	<ListItem>
	7724	<Paragraph>Microsoft Windows NT, Microsoft Windows NT Workstation, Microsoft Windows NT Server, Microsoft Windows NT Advanced Server, Microsoft Windows NT Server, Enterprise Edition, Microsoft Windows NT Server, Terminal Server Edition</Paragraph>
	7725	<Paragraph>
	7726	<OrderedList>
	7727	<ListItem>Click on the "Start" button from the Task Bar</ListItem>
	7728	<ListItem>Select "Programs"</ListItem>
	7729	<ListItem>Select "Administrative Tools"</ListItem>
	7730	<ListItem>To change the domain-wide lockout policy, select
	7731	"User Manager for Domains". Otherwise, to change
	7732	the policy for this computer only, select "User Manager".</ListItem>
	7733	<ListItem>From the "Policies" menu, select "Account..."</ListItem>
	7734	<ListItem>Set the Minimum Password Length. This setting
	7735	enforces a minimum length for new or changed passwords.
	7736	A value of 6 or higher is recommended.</ListItem>
	7737	<ListItem>Note that this policy does not affect existing
	7738	passwords. It will only take effect when an existing
	7739	user changes his password.</ListItem></OrderedList></Paragraph></ListItem>
	7740	<ListItem>
	7741	<Paragraph>IBM OS/400</Paragraph>
	7742	<Paragraph>
	7743	<Paragraph>OS/400 V4R2 and later include a feature called
	7744
	7745	<URLLink LinkURL="http://www-1.ibm.com/servers/eserver/iseries/netserver/" LinkTitle="http://www-1.ibm.com/servers/eserver/iseries/netserver/" href="http://www-1.ibm.com/servers/eserver/iseries/netserver/">NetServer</URLLink>
	7746	which provides Windows compatible file and printer sharing. Early
	7747	versions of NetServer relied on the underlying OS/400 user authentication
	7748	system. However, starting with V5R1 and V5R2, NetServer can be integrated
	7749	into your Windows Domain or Active Directory via Kerberos, NetBIOS, or
	7750	LDAP. This integration allows the NetServer to inherit the domain's account
	7751	lockout policies. Refer to the NetServer documentation for more information.</Paragraph></Paragraph></ListItem>
	7752	<ListItem>
	7753	<Paragraph>Samba</Paragraph>
	7754	<Paragraph>
	7755	<Paragraph>The Samba server uses the host operating system's authentication
	7756	mechanism to control access. If you want to integrate
	7757	Samba into your NT4 domain or Win2k Active Directory, you can
	7758	use Samba 2.2.2 or later with winbind to achieve "single sign-on".
	7759	However, integrating Samba with LDAP/Kerberos/Active Directory is
	7760	not a trivial task and should only be undertaken with caution.</Paragraph></Paragraph></ListItem></UnorderedList></ContainerBlockElement></solution>
	7761	</vulnerability>
	7762
	7763	<vulnerability id="DNS-0004" title="Unrestricted DNS Zone Transfer (CVE-1999-0532)" severity="1" pciSeverity="3" cvssScore="0.0" cvssVector="(AV:N/AC:L/Au:N/C:N/I:N/A:N)" published="19970701T000000000" added="20041101T000000000" modified="20130718T000000000">
	7764	<description>
	7765
	7766	<ContainerBlockElement>
	7767
	7768	<Paragraph>A DNS server allows zone transfers.</Paragraph>
	7769	</ContainerBlockElement></description>
	7770	<references>
	7771	<reference source="CVE">CVE-1999-0532</reference>
	7772	</references><tags>
	7773	<tag>DNS</tag>
	7774	<tag>ISC</tag>
	7775	<tag>ISC BIND</tag>
	7776	<tag>Zone Transfer</tag>
	7777	</tags>
	7778	<solution>
	7779
	7780	<ContainerBlockElement>
	7781	<Paragraph>
	7782	Restrict zone transfers to slave servers only.
	7783
	7784
	7785	<UnorderedList>
	7786	<ListItem>For BIND, use the
	7787
	7788
	7789	<URLLink LinkURL="http://www.isc.org/products/BIND/docs/bog-4.9.4/bog-sh-5.html#sh-5.1.13" LinkTitle="http://www.isc.org/products/BIND/docs/bog-4.9.4/bog-sh-5.html#sh-5.1.13" href="http://www.isc.org/products/BIND/docs/bog-4.9.4/bog-sh-5.html#sh-5.1.13">"xfernets" directive</URLLink>
	7790	( http://www.isc.org/products/BIND/docs/bog-4.9.4/bog-sh-5.html#sh-5.1.13 ) .</ListItem>
	7791	<ListItem>For djbdns/tinydns, see
	7792
	7793
	7794	<URLLink LinkURL="http://cr.yp.to/djbdns/faq/axfrdns.html" LinkTitle="http://cr.yp.to/djbdns/faq/axfrdns.html" href="http://cr.yp.to/djbdns/faq/axfrdns.html">http://cr.yp.to/djbdns/faq/axfrdns.html</URLLink> ( http://cr.yp.to/djbdns/faq/axfrdns.html ) .</ListItem>
	7795	<ListItem>For Microsoft DNS, make sure that your DNS services are integrated
	7796	with Active Directory, and then use Active Directory's built-in
	7797	object security mechanisms to place restrictions on the data. If you
	7798	are using Active Directory exclusively, you can disable zone transfer
	7799	in favor of Active Directory replication. This will only allow
	7800	designated domain controllers to obtain the Active Directory information.</ListItem></UnorderedList></Paragraph></ContainerBlockElement></solution>
	7801	</vulnerability>
	7802
	7803	<vulnerability id="dns-allows-cache-snooping" title="DNS server allows cache snooping" severity="5" pciSeverity="3" cvssScore="5.0" cvssVector="(AV:N/AC:L/Au:N/C:P/I:N/A:N)" published="19900101T000000000" added="20110401T000000000" modified="20121023T000000000">
	7804	<description>
	7805
	7806	<ContainerBlockElement>
	7807
	7808	<Paragraph>
	7809	This DNS server is susceptible to DNS cache snooping, whereby an attacker
	7810	can make non-recursive queries to a DNS server, looking for records
	7811	potentially already resolved by this DNS server for other clients.
	7812	Depending on the response, an attacker can use this information to
	7813	potentially launch other attacks.
	7814	</Paragraph>
	7815	</ContainerBlockElement></description>
	7816	<references>
	7817	<reference source="URL">http://www.rootsecure.net/content/downloads/pdf/dns_cache_snooping.pdf</reference>
	7818	</references><tags>
	7819	<tag>DNS</tag>
	7820	<tag>ISC</tag>
	7821	<tag>ISC BIND</tag>
	7822	</tags>
	7823	<solution>
	7824
	7825	<ContainerBlockElement>
	7826	<Paragraph>
	7827	<Paragraph>
	7828	Restrict the processing of DNS queries to only systems that should
	7829	be allowed to use this nameserver.
	7830	</Paragraph></Paragraph></ContainerBlockElement></solution>
	7831	</vulnerability>
	7832
	7833	<vulnerability id="dns-processes-recursive-queries" title="Nameserver Processes Recursive Queries" severity="5" pciSeverity="2" cvssScore="5.0" cvssVector="(AV:N/AC:L/Au:N/C:N/I:N/A:P)" published="19900101T000000000" added="20100226T000000000" modified="20121023T000000000">
	7834	<description>
	7835
	7836	<ContainerBlockElement>
	7837
	7838	<Paragraph>
	7839	Allowing nameservers to process recursive queries coming from any system
	7840	may, in certain situations, help attackers conduct denial of service or
	7841	cache poisoning attacks.
	7842	</Paragraph>
	7843	</ContainerBlockElement></description>
	7844	<references>
	7845	<reference source="URL">http://www.us-cert.gov/reading_room/DNS-recursion033006.pdf</reference>
	7846	</references><tags>
	7847	<tag>DNS</tag>
	7848	<tag>Denial of Service</tag>
	7849	<tag>ISC</tag>
	7850	<tag>ISC BIND</tag>
	7851	</tags>
	7852	<solution>
	7853
	7854	<ContainerBlockElement>
	7855	<Paragraph>
	7856	<Paragraph>
	7857	Restrict the processing of recursive queries to only systems that
	7858	should be allowed to use this nameserver.
	7859	</Paragraph></Paragraph></ContainerBlockElement></solution>
	7860	</vulnerability>
	7861
	7862	<vulnerability id="dns-unrestricted-reverse-zone-transfer" title="Unrestricted Reverse DNS Zone Transfer" severity="5" pciSeverity="3" cvssScore="5.0" cvssVector="(AV:N/AC:L/Au:N/C:P/I:N/A:N)" published="20071126T000000000" added="20071126T000000000" modified="20121023T000000000">
	7863	<description>
	7864
	7865	<ContainerBlockElement>
	7866	Allowing unrestricted reverse zone transfers gives anonymous users access to information about
	7867	all hostnames defined in a particular domain. This information can aid further attacks on
	7868	vulnerable systems.
	7869	</ContainerBlockElement></description>
	7870	<references>
	7871	</references><tags>
	7872	<tag>DNS</tag>
	7873	<tag>ISC</tag>
	7874	<tag>ISC BIND</tag>
	7875	<tag>Zone Transfer</tag>
	7876	</tags>
	7877	<solution>
	7878
	7879	<ContainerBlockElement>
	7880	<Paragraph>
	7881	<Paragraph>
	7882	See the documentation of your DNS server to disable or restrict reverse zone transfers.
	7883	</Paragraph></Paragraph></ContainerBlockElement></solution>
	7884	</vulnerability>
	7885
	7886	<vulnerability id="ftp-anonymous-writeable-directories" title="Anonymous FTP Writeable Directories" severity="10" pciSeverity="5" cvssScore="10.0" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:C)" published="19990101T000000000" added="20041101T000000000" modified="20120713T000000000">
	7887	<description>
	7888
	7889	<ContainerBlockElement>
	7890
	7891	<Paragraph>Anonymous users can upload files to the FTP server. This can often be used
	7892	in combination with other services, such as HTTP, to compromise the server.</Paragraph>
	7893	</ContainerBlockElement></description>
	7894	<references>
	7895	<reference source="CVE">CVE-1999-0527</reference>
	7896	</references><tags>
	7897	<tag>FTP</tag>
	7898	<tag>Web</tag>
	7899	</tags>
	7900	<solution>
	7901
	7902	<ContainerBlockElement>
	7903	<Paragraph>
	7904	<Paragraph>Disable write access (upload) for anonymous users. It is also best
	7905	to restrict world writeable permissions to any directory or file
	7906	accessible via FTP.</Paragraph></Paragraph></ContainerBlockElement></solution>
	7907	</vulnerability>
	7908
	7909	<vulnerability id="ftp-default-login-admin-null" title="FTP access with admin/null credentials" severity="8" pciSeverity="5" cvssScore="7.5" cvssVector="(AV:N/AC:L/Au:N/C:P/I:P/A:P)" published="19990101T000000000" added="20100715T000000000" modified="20120927T000000000">
	7910	<description>
	7911
	7912	<ContainerBlockElement>
	7913	Access to the FTP server was gained using the user account "admin" and password "".
	7914	</ContainerBlockElement></description>
	7915	<references>
	7916	</references><tags>
	7917	<tag>Default Account</tag>
	7918	<tag>FTP</tag>
	7919	</tags>
	7920	<solution>
	7921
	7922	<ContainerBlockElement>
	7923	<Paragraph>
	7924	<Paragraph>Remove or disable the account if it is not critical for the
	7925	system to function. Otherwise, the password should be changed
	7926	to a non-default value.</Paragraph></Paragraph></ContainerBlockElement></solution>
	7927	</vulnerability>
	7928
	7929	<vulnerability id="ftp-default-login-admin-passwd" title="FTP access with admin/passwd credentials" severity="8" pciSeverity="5" cvssScore="7.5" cvssVector="(AV:N/AC:L/Au:N/C:P/I:P/A:P)" published="19990101T000000000" added="20100715T000000000" modified="20120927T000000000">
	7930	<description>
	7931
	7932	<ContainerBlockElement>
	7933	Access to the FTP server was gained using the user account "admin" and password "passwd".
	7934	</ContainerBlockElement></description>
	7935	<references>
	7936	</references><tags>
	7937	<tag>Default Account</tag>
	7938	<tag>FTP</tag>
	7939	</tags>
	7940	<solution>
	7941
	7942	<ContainerBlockElement>
	7943	<Paragraph>
	7944	<Paragraph>Remove or disable the account if it is not critical for the
	7945	system to function. Otherwise, the password should be changed
	7946	to a non-default value.</Paragraph></Paragraph></ContainerBlockElement></solution>
	7947	</vulnerability>
	7948
	7949	<vulnerability id="ftp-default-login-admin-password" title="FTP access with admin/password credentials" severity="8" pciSeverity="5" cvssScore="7.5" cvssVector="(AV:N/AC:L/Au:N/C:P/I:P/A:P)" published="19990101T000000000" added="20100715T000000000" modified="20120927T000000000">
	7950	<description>
	7951
	7952	<ContainerBlockElement>
	7953	Access to the FTP server was gained using the user account "admin" and password "password".
	7954	</ContainerBlockElement></description>
	7955	<references>
	7956	</references><tags>
	7957	<tag>Default Account</tag>
	7958	<tag>FTP</tag>
	7959	</tags>
	7960	<solution>
	7961
	7962	<ContainerBlockElement>
	7963	<Paragraph>
	7964	<Paragraph>Remove or disable the account if it is not critical for the
	7965	system to function. Otherwise, the password should be changed
	7966	to a non-default value.</Paragraph></Paragraph></ContainerBlockElement></solution>
	7967	</vulnerability>
	7968
	7969	<vulnerability id="ftp-default-login-administrator-null" title="FTP access with administrator/null credentials" severity="8" pciSeverity="5" cvssScore="7.5" cvssVector="(AV:N/AC:L/Au:N/C:P/I:P/A:P)" published="19990101T000000000" added="20100715T000000000" modified="20120927T000000000">
	7970	<description>
	7971
	7972	<ContainerBlockElement>
	7973	Access to the FTP server was gained using the user account "administrator" and password "".
	7974	</ContainerBlockElement></description>
	7975	<references>
	7976	</references><tags>
	7977	<tag>Default Account</tag>
	7978	<tag>FTP</tag>
	7979	</tags>
	7980	<solution>
	7981
	7982	<ContainerBlockElement>
	7983	<Paragraph>
	7984	<Paragraph>Remove or disable the account if it is not critical for the
	7985	system to function. Otherwise, the password should be changed
	7986	to a non-default value.</Paragraph></Paragraph></ContainerBlockElement></solution>
	7987	</vulnerability>
	7988
	7989	<vulnerability id="ftp-default-login-administrator-passwd" title="FTP access with administrator/passwd credentials" severity="8" pciSeverity="5" cvssScore="7.5" cvssVector="(AV:N/AC:L/Au:N/C:P/I:P/A:P)" published="19990101T000000000" added="20100715T000000000" modified="20120927T000000000">
	7990	<description>
	7991
	7992	<ContainerBlockElement>
	7993	Access to the FTP server was gained using the user account "administrator" and password "passwd".
	7994	</ContainerBlockElement></description>
	7995	<references>
	7996	</references><tags>
	7997	<tag>Default Account</tag>
	7998	<tag>FTP</tag>
	7999	</tags>
	8000	<solution>
	8001
	8002	<ContainerBlockElement>
	8003	<Paragraph>
	8004	<Paragraph>Remove or disable the account if it is not critical for the
	8005	system to function. Otherwise, the password should be changed
	8006	to a non-default value.</Paragraph></Paragraph></ContainerBlockElement></solution>
	8007	</vulnerability>
	8008
	8009	<vulnerability id="ftp-default-login-administrator-password" title="FTP access with administrator/password credentials" severity="8" pciSeverity="5" cvssScore="7.5" cvssVector="(AV:N/AC:L/Au:N/C:P/I:P/A:P)" published="19990101T000000000" added="20100715T000000000" modified="20120927T000000000">
	8010	<description>
	8011
	8012	<ContainerBlockElement>
	8013	Access to the FTP server was gained using the user account "administrator" and password "password".
	8014	</ContainerBlockElement></description>
	8015	<references>
	8016	</references><tags>
	8017	<tag>Default Account</tag>
	8018	<tag>FTP</tag>
	8019	</tags>
	8020	<solution>
	8021
	8022	<ContainerBlockElement>
	8023	<Paragraph>
	8024	<Paragraph>Remove or disable the account if it is not critical for the
	8025	system to function. Otherwise, the password should be changed
	8026	to a non-default value.</Paragraph></Paragraph></ContainerBlockElement></solution>
	8027	</vulnerability>
	8028
	8029	<vulnerability id="FTP-GENERIC-0001" title="FTP access with ftp account" severity="1" pciSeverity="3" cvssScore="0.0" cvssVector="(AV:N/AC:L/Au:N/C:N/I:N/A:N)" published="19990101T000000000" added="20041101T000000000" modified="20130718T000000000">
	8030	<description>
	8031
	8032	<ContainerBlockElement>
	8033	Many FTP servers support a default account with the user ID "ftp" and password "ftp". It is best practice to remove default accounts, if possible. For accounts required by the system, the default password should be changed.
	8034	</ContainerBlockElement></description>
	8035	<references>
	8036	<reference source="CVE">CVE-1999-0497</reference>
	8037	</references><tags>
	8038	<tag>Default Account</tag>
	8039	<tag>FTP</tag>
	8040	</tags>
	8041	<solution>
	8042
	8043	<ContainerBlockElement>
	8044	<Paragraph>
	8045	<Paragraph>Remove or disable the account if it is not critical for the
	8046	system to function. Otherwise, the password should be changed
	8047	to a non-default value.</Paragraph></Paragraph></ContainerBlockElement></solution>
	8048	</vulnerability>
	8049
	8050	<vulnerability id="FTP-GENERIC-0002" title="FTP access with anonymous account" severity="1" pciSeverity="3" cvssScore="0.0" cvssVector="(AV:N/AC:L/Au:N/C:N/I:N/A:N)" published="19990101T000000000" added="20041101T000000000" modified="20130718T000000000">
	8051	<description>
	8052
	8053	<ContainerBlockElement>
	8054	Many FTP servers support a default account with the user ID "anonymous" and password "ftp@". It is best practice to remove default accounts, if possible. For accounts required by the system, the default password should be changed.
	8055	</ContainerBlockElement></description>
	8056	<references>
	8057	<reference source="CVE">CVE-1999-0497</reference>
	8058	</references><tags>
	8059	<tag>Default Account</tag>
	8060	<tag>FTP</tag>
	8061	</tags>
	8062	<solution>
	8063
	8064	<ContainerBlockElement>
	8065	<Paragraph>
	8066	<Paragraph>Remove or disable the account if it is not critical for the
	8067	system to function. Otherwise, the password should be changed
	8068	to a non-default value.</Paragraph></Paragraph></ContainerBlockElement></solution>
	8069	</vulnerability>
	8070
	8071	<vulnerability id="FTP-GENERIC-0003" title="FTP access with guest account" severity="1" pciSeverity="3" cvssScore="0.0" cvssVector="(AV:N/AC:L/Au:N/C:N/I:N/A:N)" published="19990101T000000000" added="20041101T000000000" modified="20130718T000000000">
	8072	<description>
	8073
	8074	<ContainerBlockElement>
	8075	Many FTP servers support a default account with the user ID "guest" and password "". It is best practice to remove default accounts, if possible. For accounts required by the system, the default password should be changed.
	8076	</ContainerBlockElement></description>
	8077	<references>
	8078	<reference source="CVE">CVE-1999-0497</reference>
	8079	</references><tags>
	8080	<tag>Default Account</tag>
	8081	<tag>FTP</tag>
	8082	</tags>
	8083	<solution>
	8084
	8085	<ContainerBlockElement>
	8086	<Paragraph>
	8087	<Paragraph>Remove or disable the account if it is not critical for the
	8088	system to function. Otherwise, the password should be changed
	8089	to a non-default value.</Paragraph></Paragraph></ContainerBlockElement></solution>
	8090	</vulnerability>
	8091
	8092	<vulnerability id="FTP-GENERIC-0004" title="FTP access without authentication" severity="1" pciSeverity="1" cvssScore="0.0" cvssVector="(AV:N/AC:L/Au:N/C:N/I:N/A:N)" published="19990101T000000000" added="20041101T000000000" modified="20120713T000000000">
	8093	<description>
	8094
	8095	<ContainerBlockElement>
	8096	Some FTP servers allow users to specify any user ID and password to gain access.
	8097	</ContainerBlockElement></description>
	8098	<references>
	8099	<reference source="CVE">CVE-1999-0497</reference>
	8100	</references><tags>
	8101	<tag>FTP</tag>
	8102	</tags>
	8103	<solution>
	8104
	8105	<ContainerBlockElement>
	8106	<Paragraph>
	8107	<Paragraph>Password protected accounts should always be used
	8108	to protect file access.</Paragraph></Paragraph></ContainerBlockElement></solution>
	8109	</vulnerability>
	8110
	8111	<vulnerability id="FTP-GENERIC-0005" title="FTP access with blank account and password" severity="1" pciSeverity="1" cvssScore="0.0" cvssVector="(AV:N/AC:L/Au:N/C:N/I:N/A:N)" published="19990101T000000000" added="20041101T000000000" modified="20120713T000000000">
	8112	<description>
	8113
	8114	<ContainerBlockElement>
	8115	Some FTP servers permit access with the user ID "" and password "".
	8116	</ContainerBlockElement></description>
	8117	<references>
	8118	<reference source="CVE">CVE-1999-0497</reference>
	8119	</references><tags>
	8120	<tag>FTP</tag>
	8121	</tags>
	8122	<solution>
	8123
	8124	<ContainerBlockElement>
	8125	<Paragraph>
	8126	<Paragraph>Password protected accounts should always be used
	8127	to protect file access.</Paragraph></Paragraph></ContainerBlockElement></solution>
	8128	</vulnerability>
	8129
	8130	<vulnerability id="FTP-GENERIC-0006" title="FTP access with no account and password" severity="1" pciSeverity="1" cvssScore="0.0" cvssVector="(AV:N/AC:L/Au:N/C:N/I:N/A:N)" published="19990101T000000000" added="20041101T000000000" modified="20120713T000000000">
	8131	<description>
	8132
	8133	<ContainerBlockElement>
	8134	Some FTP servers permit access with the user ID "" and password "".
	8135	</ContainerBlockElement></description>
	8136	<references>
	8137	<reference source="CVE">CVE-1999-0497</reference>
	8138	</references><tags>
	8139	<tag>FTP</tag>
	8140	</tags>
	8141	<solution>
	8142
	8143	<ContainerBlockElement>
	8144	<Paragraph>
	8145	<Paragraph>Password protected accounts should always be used
	8146	to protect file access.</Paragraph></Paragraph></ContainerBlockElement></solution>
	8147	</vulnerability>
	8148
	8149	<vulnerability id="FTP-GENERIC-0007" title="FTP server does not support AUTH command" severity="6" pciSeverity="3" cvssScore="5.8" cvssVector="(AV:N/AC:M/Au:N/C:P/I:P/A:N)" published="20041101T000000000" added="20041101T000000000" modified="20120709T000000000">
	8150	<description>
	8151
	8152	<ContainerBlockElement>
	8153
	8154	<Paragraph>
	8155	FTP clients send credentials (user ID and password) in clear text to
	8156	the FTP server by default. This allows malicious users to intercept the
	8157	credentials if they can eavesdrop on the connection.
	8158	</Paragraph>
	8159
	8160	<Paragraph>
	8161	Newer FTP servers support the AUTH command, which provides enhanced
	8162	authentication options such as TLS, Kerberos, GSSAPI, etc. This
	8163	should be used to prevent eavesdropping on FTP connections.
	8164	</Paragraph>
	8165	</ContainerBlockElement></description>
	8166	<references>
	8167	</references><tags>
	8168	<tag>FTP</tag>
	8169	</tags>
	8170	<solution>
	8171
	8172	<ContainerBlockElement>
	8173	<Paragraph>
	8174	<Paragraph>Upgrade/migrate to a FTP server that supports the AUTH command.</Paragraph></Paragraph></ContainerBlockElement></solution>
	8175	</vulnerability>
	8176
	8177	<vulnerability id="ftp-proftpd-1-3-3c-backdoor" title="ProFTPD 1.3.3c backdoor" severity="10" pciSeverity="5" cvssScore="10.0" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:C)" published="20101202T000000000" added="20101203T000000000" modified="20120713T000000000">
	8178	<description>
	8179
	8180	<ContainerBlockElement>
	8181
	8182	<Paragraph>
	8183	Version 1.3.3c of ProFTPD, if downloaded and installed between
	8184	November 28, 2010 and December 2, 2010, contains a backdoor that
	8185	allows remote, unauthenticated attackers to execute arbitrary
	8186	code as the user running the ProFTPD service.
	8187	</Paragraph>
	8188	</ContainerBlockElement></description>
	8189	<references>
	8190	<reference source="URL">http://sourceforge.net/mailarchive/message.php?msg_name=alpine.DEB.2.00.1012011542220.12930%40familiar.castaglia.org</reference>
	8191	</references><tags>
	8192	<tag>Backdoor</tag>
	8193	<tag>FTP</tag>
	8194	<tag>Remote Execution</tag>
	8195	</tags>
	8196	<solution>
	8197
	8198	<ContainerBlockElement>
	8199	<Paragraph>
	8200	<Paragraph>
	8201	All users who run versions of ProFTPD which have been downloaded and
	8202	compiled in this time window are strongly advised to check their
	8203	systems for security compromises and install unmodified versions of
	8204	ProFTPD. To verify the integrity of your source files, use the PGP
	8205	signatures which can be found here as well as on the FTP servers.
	8206	</Paragraph></Paragraph></ContainerBlockElement></solution>
	8207	</vulnerability>
	8208
	8209	<vulnerability id="generic-icmp-netmask" title="ICMP netmask response" severity="1" pciSeverity="1" cvssScore="0.0" cvssVector="(AV:L/AC:L/Au:N/C:N/I:N/A:N)" published="19970801T000000000" added="20041101T000000000" modified="20120712T000000000">
	8210	<description>
	8211
	8212	<ContainerBlockElement>
	8213	The remote host responded to an ICMP netmask request. The ICMP netmask response contains the remote host's network mask (on the interface that processed the request). This information can be used by a hacker to accurately map your subnet structures, determining the broadcast addresses in use, and which routers are responsible for which subnets. This may make it easier for them to launch a "SMURF attack" using broadcast-directed ICMP ping packets.
	8214	</ContainerBlockElement></description>
	8215	<references>
	8216	<reference source="CVE">CVE-1999-0524</reference>
	8217	<reference source="OSVDB">95</reference>
	8218	<reference source="XF">icmp-netmask(306)</reference>
	8219	<reference source="XF">icmp-timestamp(322)</reference>
	8220	</references><tags>
	8221	<tag>Network</tag>
	8222	</tags>
	8223	<solution>
	8224
	8225	<ContainerBlockElement>
	8226	<UnorderedList>
	8227	<ListItem>
	8228	<Paragraph>IBM AIX</Paragraph>
	8229	<Paragraph>
	8230	<Paragraph>Execute the following command:</Paragraph>
	8231	<Paragraph preFormat="true"> /usr/sbin/no -o icmpaddressmask=0</Paragraph>
	8232	<Paragraph>The easiest and most effective solution is to configure your
	8233	firewall to block incoming and outgoing ICMP packets with ICMP
	8234	types 17 (netmask request) and 18 (netmask response).</Paragraph></Paragraph></ListItem>
	8235	<ListItem>
	8236	<Paragraph>OpenBSD, FreeBSD, NetBSD</Paragraph>
	8237	<Paragraph>
	8238	<Paragraph>Set the "net.inet.icmp.maskrepl" sysctl variable to 0.</Paragraph>
	8239	<Paragraph preformat="true"> sysctl -w net.inet.icmp.maskrepl=0</Paragraph>
	8240	<Paragraph>The easiest and most effective solution is to configure your
	8241	firewall to block incoming and outgoing ICMP packets with ICMP
	8242	types 17 (netmask request) and 18 (netmask response).</Paragraph></Paragraph></ListItem>
	8243	<ListItem>
	8244	<Paragraph>
	8245	<Paragraph>Configure your firewall to block incoming and outgoing ICMP packets
	8246	with ICMP types 17 (netmask request) and 18 (netmask response),
	8247	respectively.</Paragraph></Paragraph></ListItem>
	8248	<ListItem>
	8249	<Paragraph>HP-UX</Paragraph>
	8250	<Paragraph>
	8251	<Paragraph>Execute the following command:</Paragraph>
	8252	<Paragraph preFormat="true"> ndd -set /dev/ip ip_respond_to_address_mask_broadcast 0</Paragraph>
	8253	<Paragraph>The easiest and most effective solution is to configure your
	8254	firewall to block incoming and outgoing ICMP packets with ICMP
	8255	types 17 (netmask request) and 18 (netmask response).</Paragraph></Paragraph></ListItem>
	8256	<ListItem>
	8257	<Paragraph>Cisco IOS</Paragraph>
	8258	<Paragraph>
	8259	<Paragraph>Issue the "no ip mask-reply" command for each affected
	8260	interface. For example:</Paragraph>
	8261	<Paragraph preformat="true"> config t</Paragraph>
	8262	<Paragraph preformat="true"> interface fastethernet0/0</Paragraph>
	8263	<Paragraph preformat="true"> no ip mask-reply</Paragraph>
	8264	<Paragraph preformat="true"> exit</Paragraph>
	8265	<Paragraph>Don't forget to save the configuration when you are finished.</Paragraph>
	8266	<Paragraph>The easiest and most effective solution is to configure your
	8267	firewall to block incoming and outgoing ICMP packets with ICMP
	8268	types 17 (netmask request) and 18 (netmask response).</Paragraph></Paragraph></ListItem>
	8269	<ListItem>
	8270	<Paragraph>SGI Irix</Paragraph>
	8271	<Paragraph>
	8272	<Paragraph>IRIX does not offer a way to disable ICMP netmask responses.
	8273	Therefore, you should block ICMP on the affected host using
	8274	ipfilterd, and/or block it at the firewall.</Paragraph>
	8275	<Paragraph>The easiest and most effective solution is to configure your
	8276	firewall to block incoming and outgoing ICMP packets with ICMP
	8277	types 17 (netmask request) and 18 (netmask response).</Paragraph></Paragraph></ListItem>
	8278	<ListItem>
	8279	<Paragraph>Linux</Paragraph>
	8280	<Paragraph>
	8281	<Paragraph>Linux offers neither a sysctl nor a /proc/sys/net/ipv4 interface to
	8282	disable ICMP netmask responses. Therefore, you should block ICMP on
	8283	the affected host using iptables, and/or block it at the firewall.
	8284	For example:</Paragraph>
	8285	<Paragraph preformat="true"> ipchains -A input -p icmp --icmp-type address-mask-request -j DROP</Paragraph>
	8286	<Paragraph preformat="true"> ipchains -A output -p icmp --icmp-type address-mask-reply -j DROP</Paragraph>
	8287	<Paragraph>The easiest and most effective solution is to configure your
	8288	firewall to block incoming and outgoing ICMP packets with ICMP
	8289	types 17 (netmask request) and 18 (netmask response).</Paragraph></Paragraph></ListItem>
	8290	<ListItem>
	8291	<Paragraph>Microsoft Windows NT, Microsoft Windows NT Workstation, Microsoft Windows NT Server, Microsoft Windows NT Advanced Server, Microsoft Windows NT Server, Enterprise Edition, Microsoft Windows NT Server, Terminal Server Edition</Paragraph>
	8292	<Paragraph>
	8293	<Paragraph>Windows NT 4 does not provide a way to block ICMP packets.
	8294	Therefore, you should block it at the firewall.</Paragraph>
	8295	<Paragraph>The easiest and most effective solution is to configure your
	8296	firewall to block incoming and outgoing ICMP packets with ICMP
	8297	types 17 (netmask request) and 18 (netmask response).</Paragraph></Paragraph></ListItem>
	8298	<ListItem>
	8299	<Paragraph>Cisco PIX</Paragraph>
	8300	<Paragraph>
	8301	<Paragraph>A properly configured PIX firewall should never respond to ICMP
	8302	packets on its external interface. In PIX Software versions 4.1(6)
	8303	until 5.2.1, ICMP traffic to the PIX's internal interface is
	8304	always permitted; the PIX cannot be configured to NOT respond.
	8305	Beginning in PIX Software version 5.2.1, ICMP is still permitted on
	8306	the internal interface by default, but ICMP netmask responses from
	8307	its internal interfaces can be disabled with the icmp command, as
	8308	follows, where <inside> is the name of the internal interface:</Paragraph>
	8309	<Paragraph preformat="true"> icmp deny any 17 <inside></Paragraph>
	8310	<Paragraph preformat="true"> icmp deny any 18 <inside></Paragraph>
	8311	<Paragraph>Don't forget to save the configuration when you are finished.</Paragraph>
	8312	<Paragraph>See Cisco's support document
	8313
	8314	<URLLink LinkURL="http://www.cisco.com/warp/public/110/31.html" LinkTitle="http://www.cisco.com/warp/public/110/31.html" href="http://www.cisco.com/warp/public/110/31.html">Handling ICMP Pings with the PIX Firewall</URLLink>
	8315	for more information.</Paragraph>
	8316	<Paragraph>The easiest and most effective solution is to configure your
	8317	firewall to block incoming and outgoing ICMP packets with ICMP
	8318	types 17 (netmask request) and 18 (netmask response).</Paragraph></Paragraph></ListItem>
	8319	<ListItem>
	8320	<Paragraph>Sun Solaris</Paragraph>
	8321	<Paragraph>
	8322	<Paragraph>Solaris does not offer a way to disable responses to unicast ICMP
	8323	netmask requests. The following command will block responses to
	8324	broadcast ICMP netmask requests:</Paragraph>
	8325	<Paragraph preformat="true"> /usr/sbin/ndd -set /dev/ip ip_respond_to_address_mask_broadcast 0</Paragraph>
	8326	<Paragraph>However, the Solaris host will always respond to ICMP netmask
	8327	requests directed to the host. In order to completely disable ICMP
	8328	netmask responses, the ICMP requests and responses must be blocked at
	8329	the firewall. Alternately, firewall software could be installed on
	8330	the host itself. Sun's SunScreen firewall suite is available for
	8331	Solaris 9 and Trusted Solaris 8. Solaris 10 will offer a more tightly
	8332	integrated SunScreen firewall. Other open source firewall packages such as
	8333
	8334	<URLLink LinkURL="http://coombs.anu.edu.au/~avalon/" LinkTitle="http://coombs.anu.edu.au/~avalon/" href="http://coombs.anu.edu.au/~avalon/">IPFilter</URLLink>
	8335	are available for Solaris.</Paragraph>
	8336	<Paragraph>The easiest and most effective solution is to configure your
	8337	firewall to block incoming and outgoing ICMP packets with ICMP
	8338	types 17 (netmask request) and 18 (netmask response).</Paragraph></Paragraph></ListItem>
	8339	<ListItem>
	8340	<Paragraph>Microsoft Windows 2000, Microsoft Windows 2000 Professional, Microsoft Windows 2000 Server, Microsoft Windows 2000 Advanced Server, Microsoft Windows 2000 Datacenter Server, Microsoft Windows XP, Microsoft Windows XP Home, Microsoft Windows XP Professional, Microsoft Windows Server 2003, Microsoft Windows Server 2003, Standard Edition, Microsoft Windows Server 2003, Enterprise Edition, Microsoft Windows Server 2003, Datacenter Edition, Microsoft Windows Server 2003, Web Edition, Microsoft Windows Small Business Server 2003</Paragraph>
	8341	<Paragraph>
	8342	<Paragraph>Use the IPSec filter feature to define and apply an IP filter list
	8343	that blocks ICMP types 17 and 18. Note that the standard TCP/IP
	8344	blocking capability under the "Networking and Dialup
	8345	Connections" control panel is NOT capable of blocking ICMP (only
	8346	TCP and UDP). The IPSec filter features, while they may seem strictly
	8347	related to the IPSec standards, will allow you to selectively block
	8348	these ICMP packets. See
	8349
	8350	<URLLink LinkURL="http://www.microsoft.com/technet/treeview/default.asp?url=/technet/columns/security/askus/au091100.asp" LinkTitle="http://www.microsoft.com/technet/treeview/default.asp?url=/technet/columns/security/askus/au091100.asp" href="http://www.microsoft.com/technet/treeview/default.asp?url=/technet/columns/security/askus/au091100.asp"></URLLink>
	8351	for more information.</Paragraph>
	8352	<Paragraph>The easiest and most effective solution is to configure your
	8353	firewall to block incoming and outgoing ICMP packets with ICMP
	8354	types 17 (netmask request) and 18 (netmask response).</Paragraph></Paragraph></ListItem></UnorderedList></ContainerBlockElement></solution>
	8355	</vulnerability>
	8356
	8357	<vulnerability id="generic-icmp-timestamp" title="ICMP timestamp response" severity="1" pciSeverity="1" cvssScore="0.0" cvssVector="(AV:L/AC:L/Au:N/C:N/I:N/A:N)" published="19970801T000000000" added="20041101T000000000" modified="20120712T000000000">
	8358	<description>
	8359
	8360	<ContainerBlockElement>
	8361
	8362	<Paragraph>The remote host responded to an ICMP timestamp request. The ICMP timestamp response
	8363	contains the remote host's date and time. This information could theoretically be
	8364	used against some systems to exploit weak time-based random number generators in
	8365	other services.</Paragraph>
	8366
	8367
	8368	<Paragraph>In addition, the versions of some operating systems can be accurately fingerprinted
	8369	by analyzing their responses to invalid ICMP timestamp requests.</Paragraph>
	8370	</ContainerBlockElement></description>
	8371	<references>
	8372	<reference source="CVE">CVE-1999-0524</reference>
	8373	<reference source="OSVDB">95</reference>
	8374	<reference source="XF">icmp-netmask(306)</reference>
	8375	<reference source="XF">icmp-timestamp(322)</reference>
	8376	</references><tags>
	8377	<tag>Network</tag>
	8378	</tags>
	8379	<solution>
	8380
	8381	<ContainerBlockElement>
	8382	<UnorderedList>
	8383	<ListItem>
	8384	<Paragraph>HP-UX</Paragraph>
	8385	<Paragraph>
	8386	<Paragraph>Execute the following command:</Paragraph>
	8387	<Paragraph preFormat="true"> ndd -set /dev/ip ip_respond_to_timestamp_broadcast 0</Paragraph>
	8388	<Paragraph>The easiest and most effective solution is to configure your
	8389	firewall to block incoming and outgoing ICMP packets with ICMP
	8390	types 13 (timestamp request) and 14 (timestamp response).</Paragraph></Paragraph></ListItem>
	8391	<ListItem>
	8392	<Paragraph>Cisco IOS</Paragraph>
	8393	<Paragraph>
	8394	<Paragraph>Use ACLs to block ICMP types 13 and 14. For example:</Paragraph>
	8395	<Paragraph preformat="true"> deny icmp any any 13</Paragraph>
	8396	<Paragraph preformat="true"> deny icmp any any 14</Paragraph>
	8397	<Paragraph>Note that it is generally preferable to use ACLs that block everything
	8398	by default and then selectively allow certain types of traffic in. For
	8399	example, block everything and then only allow ICMP unreachable, ICMP
	8400	echo reply, ICMP time exceeded, and ICMP source quench:</Paragraph>
	8401	<Paragraph preformat="true"> permit icmp any any unreachable</Paragraph>
	8402	<Paragraph preformat="true"> permit icmp any any echo-reply</Paragraph>
	8403	<Paragraph preformat="true"> permit icmp any any time-exceeded</Paragraph>
	8404	<Paragraph preformat="true"> permit icmp any any source-quench</Paragraph>
	8405	<Paragraph>The easiest and most effective solution is to configure your
	8406	firewall to block incoming and outgoing ICMP packets with ICMP
	8407	types 13 (timestamp request) and 14 (timestamp response).</Paragraph></Paragraph></ListItem>
	8408	<ListItem>
	8409	<Paragraph>SGI Irix</Paragraph>
	8410	<Paragraph>
	8411	<Paragraph>IRIX does not offer a way to disable ICMP timestamp responses.
	8412	Therefore, you should block ICMP on the affected host using ipfilterd,
	8413	and/or block it at any external firewalls.</Paragraph>
	8414	<Paragraph>The easiest and most effective solution is to configure your
	8415	firewall to block incoming and outgoing ICMP packets with ICMP
	8416	types 13 (timestamp request) and 14 (timestamp response).</Paragraph></Paragraph></ListItem>
	8417	<ListItem>
	8418	<Paragraph>Linux</Paragraph>
	8419	<Paragraph>
	8420	<Paragraph>Linux offers neither a sysctl nor a /proc/sys/net/ipv4 interface
	8421	to disable ICMP timestamp responses. Therefore, you should block
	8422	ICMP on the affected host using iptables, and/or block it at the
	8423	firewall. For example:</Paragraph>
	8424	<Paragraph preformat="true"> ipchains -A input -p icmp --icmp-type timestamp-request -j DROP</Paragraph>
	8425	<Paragraph preformat="true"> ipchains -A output -p icmp --icmp-type timestamp-reply -j DROP</Paragraph>
	8426	<Paragraph>The easiest and most effective solution is to configure your
	8427	firewall to block incoming and outgoing ICMP packets with ICMP
	8428	types 13 (timestamp request) and 14 (timestamp response).</Paragraph></Paragraph></ListItem>
	8429	<ListItem>
	8430	<Paragraph>Microsoft Windows NT, Microsoft Windows NT Workstation, Microsoft Windows NT Server, Microsoft Windows NT Advanced Server, Microsoft Windows NT Server, Enterprise Edition, Microsoft Windows NT Server, Terminal Server Edition</Paragraph>
	8431	<Paragraph>
	8432	<Paragraph>Windows NT 4 does not provide a way to block ICMP packets.
	8433	Therefore, you should block them at the firewall.</Paragraph>
	8434	<Paragraph>The easiest and most effective solution is to configure your
	8435	firewall to block incoming and outgoing ICMP packets with ICMP
	8436	types 13 (timestamp request) and 14 (timestamp response).</Paragraph></Paragraph></ListItem>
	8437	<ListItem>
	8438	<Paragraph>OpenBSD</Paragraph>
	8439	<Paragraph>
	8440	<Paragraph>Set the "net.inet.icmp.tstamprepl" sysctl variable to 0.</Paragraph>
	8441	<Paragraph preformat="true"> sysctl -w net.inet.icmp.tstamprepl=0</Paragraph>
	8442	<Paragraph>The easiest and most effective solution is to configure your
	8443	firewall to block incoming and outgoing ICMP packets with ICMP
	8444	types 13 (timestamp request) and 14 (timestamp response).</Paragraph></Paragraph></ListItem>
	8445	<ListItem>
	8446	<Paragraph>Cisco PIX</Paragraph>
	8447	<Paragraph>
	8448	<Paragraph>A properly configured PIX firewall should never respond to ICMP
	8449	packets on its external interface. In PIX Software versions 4.1(6)
	8450	until 5.2.1, ICMP traffic to the PIX's internal interface is
	8451	permitted; the PIX cannot be configured to NOT respond. Beginning in
	8452	PIX Software version 5.2.1, ICMP is still permitted on the internal
	8453	interface by default, but ICMP responses from its internal interfaces
	8454	can be disabled with the icmp command, as follows, where <inside>
	8455	is the name of the internal interface:</Paragraph>
	8456	<Paragraph preformat="true"> icmp deny any 13 <inside></Paragraph>
	8457	<Paragraph preformat="true"> icmp deny any 14 <inside></Paragraph>
	8458	<Paragraph>Don't forget to save the configuration when you are finished.</Paragraph>
	8459	<Paragraph>See Cisco's support document
	8460
	8461	<URLLink LinkURL="http://www.cisco.com/warp/public/110/31.html" LinkTitle="http://www.cisco.com/warp/public/110/31.html" href="http://www.cisco.com/warp/public/110/31.html">Handling ICMP Pings with the PIX Firewall</URLLink>
	8462	for more information.</Paragraph>
	8463	<Paragraph>The easiest and most effective solution is to configure your
	8464	firewall to block incoming and outgoing ICMP packets with ICMP
	8465	types 13 (timestamp request) and 14 (timestamp response).</Paragraph></Paragraph></ListItem>
	8466	<ListItem>
	8467	<Paragraph>Sun Solaris</Paragraph>
	8468	<Paragraph>
	8469	<Paragraph>Execute the following commands:</Paragraph>
	8470	<Paragraph preformat="true"> /usr/sbin/ndd -set /dev/ip ip_respond_to_timestamp 0</Paragraph>
	8471	<Paragraph preformat="true"> /usr/sbin/ndd -set /dev/ip ip_respond_to_timestamp_broadcast 0</Paragraph>
	8472	<Paragraph>The easiest and most effective solution is to configure your
	8473	firewall to block incoming and outgoing ICMP packets with ICMP
	8474	types 13 (timestamp request) and 14 (timestamp response).</Paragraph></Paragraph></ListItem>
	8475	<ListItem>
	8476	<Paragraph>Microsoft Windows 2000, Microsoft Windows 2000 Professional, Microsoft Windows 2000 Server, Microsoft Windows 2000 Advanced Server, Microsoft Windows 2000 Datacenter Server</Paragraph>
	8477	<Paragraph>
	8478	<Paragraph>Use the IPSec filter feature to define and apply an IP filter list
	8479	that blocks ICMP types 13 and 14. Note that the standard TCP/IP
	8480	blocking capability under the "Networking and Dialup
	8481	Connections" control panel is NOT capable of blocking ICMP (only
	8482	TCP and UDP). The IPSec filter features, while they may seem strictly
	8483	related to the IPSec standards, will allow you to selectively block
	8484	these ICMP packets. See
	8485
	8486	<URLLink LinkURL="http://support.microsoft.com/kb/313190" LinkTitle="http://support.microsoft.com/kb/313190" href="http://support.microsoft.com/kb/313190"></URLLink>
	8487	for more information.</Paragraph>
	8488	<Paragraph>The easiest and most effective solution is to configure your
	8489	firewall to block incoming and outgoing ICMP packets with ICMP
	8490	types 13 (timestamp request) and 14 (timestamp response).</Paragraph></Paragraph></ListItem>
	8491	<ListItem>
	8492	<Paragraph>Microsoft Windows XP, Microsoft Windows XP Home, Microsoft Windows XP Professional, Microsoft Windows Server 2003, Microsoft Windows Server 2003, Standard Edition, Microsoft Windows Server 2003, Enterprise Edition, Microsoft Windows Server 2003, Datacenter Edition, Microsoft Windows Server 2003, Web Edition, Microsoft Windows Small Business Server 2003</Paragraph>
	8493	<Paragraph>
	8494	<Paragraph>ICMP timestamp responses can be disabled by deselecting the "allow incoming timestamp request"
	8495	option in the ICMP configuration panel of Windows Firewall.</Paragraph>
	8496	<OrderedList>
	8497	<ListItem>Go to the Network Connections control panel.</ListItem>
	8498	<ListItem>Right click on the network adapter and select "properties", or select the internet adapter and select File->Properties.</ListItem>
	8499	<ListItem>Select the "Advanced" tab.</ListItem>
	8500	<ListItem>In the Windows Firewall box, select "Settings".</ListItem>
	8501	<ListItem>Select the "General" tab.</ListItem>
	8502	<ListItem>Enable the firewall by selecting the "on (recommended)" option.</ListItem>
	8503	<ListItem>Select the "Advanced" tab.</ListItem>
	8504	<ListItem>In the ICMP box, select "Settings".</ListItem>
	8505	<ListItem>Deselect (uncheck) the "Allow incoming timestamp request" option.</ListItem>
	8506	<ListItem>Select "OK" to exit the ICMP Settings dialog and save the settings.</ListItem>
	8507	<ListItem>Select "OK" to exit the Windows Firewall dialog and save the settings.</ListItem>
	8508	<ListItem>Select "OK" to exit the internet adapter dialog.</ListItem></OrderedList>
	8509	<Paragraph>For more information, see:
	8510
	8511	<URLLink LinkURL="http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/hnw_understanding_firewall.mspx?mfr=true" LinkTitle="http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/hnw_understanding_firewall.mspx?mfr=true" href="http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/hnw_understanding_firewall.mspx?mfr=true"></URLLink></Paragraph></Paragraph></ListItem>
	8512	<ListItem>
	8513	<Paragraph>Microsoft Windows Vista, Microsoft Windows Vista Home, Basic Edition, Microsoft Windows Vista Home, Basic N Edition, Microsoft Windows Vista Home, Premium Edition, Microsoft Windows Vista Ultimate Edition, Microsoft Windows Vista Enterprise Edition, Microsoft Windows Vista Business Edition, Microsoft Windows Vista Business N Edition, Microsoft Windows Vista Starter Edition, Microsoft Windows Server 2008, Microsoft Windows Server 2008 Standard Edition, Microsoft Windows Server 2008 Enterprise Edition, Microsoft Windows Server 2008 Datacenter Edition, Microsoft Windows Server 2008 HPC Edition, Microsoft Windows Server 2008 Web Edition, Microsoft Windows Server 2008 Storage Edition, Microsoft Windows Small Business Server 2008, Microsoft Windows Essential Business Server 2008</Paragraph>
	8514	<Paragraph>
	8515	<Paragraph>ICMP timestamp responses can be disabled via the netsh command line utility.</Paragraph>
	8516	<OrderedList>
	8517	<ListItem>Go to the Windows Control Panel.</ListItem>
	8518	<ListItem>Select "Windows Firewall".</ListItem>
	8519	<ListItem>In the Windows Firewall box, select "Change Settings".</ListItem>
	8520	<ListItem>Enable the firewall by selecting the "on (recommended)" option.</ListItem>
	8521	<ListItem>Open a Command Prompt.</ListItem>
	8522	<ListItem>Enter "netsh firewall set icmpsetting 13 disable"</ListItem></OrderedList>
	8523	<Paragraph>For more information, see:
	8524
	8525	<URLLink LinkURL="http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/hnw_understanding_firewall.mspx?mfr=true" LinkTitle="http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/hnw_understanding_firewall.mspx?mfr=true" href="http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/hnw_understanding_firewall.mspx?mfr=true"></URLLink></Paragraph></Paragraph></ListItem>
	8526	<ListItem>
	8527	<Paragraph>
	8528	<Paragraph>Disable ICMP timestamp replies for the device. If the device does not support
	8529	this level of configuration, the easiest and most effective solution is to
	8530	configure your firewall to block incoming and outgoing ICMP packets with ICMP
	8531	types 13 (timestamp request) and 14 (timestamp response).</Paragraph></Paragraph></ListItem></UnorderedList></ContainerBlockElement></solution>
	8532	</vulnerability>
	8533
	8534	<vulnerability id="generic-tcp-timestamp" title="TCP timestamp response" severity="1" pciSeverity="1" cvssScore="0.0" cvssVector="(AV:N/AC:L/Au:N/C:N/I:N/A:N)" published="19970801T000000000" added="20110401T000000000" modified="20120712T000000000">
	8535	<description>
	8536
	8537	<ContainerBlockElement>
	8538
	8539	<Paragraph>
	8540	The remote host responded with a TCP timestamp. The TCP timestamp response
	8541	can be used to approximate the remote host's uptime, potentially aiding in
	8542	further attacks. Additionally, some operating systems can be fingerprinted
	8543	based on the behavior of their TCP timestamps.
	8544	</Paragraph>
	8545	</ContainerBlockElement></description>
	8546	<references>
	8547	<reference source="URL">http://uptime.netcraft.com</reference>
	8548	<reference source="URL">http://www.forensicswiki.org/wiki/TCP_timestamps</reference>
	8549	<reference source="URL">http://www.ietf.org/rfc/rfc1323.txt</reference>
	8550	</references><tags>
	8551	<tag>Network</tag>
	8552	</tags>
	8553	<solution>
	8554
	8555	<ContainerBlockElement>
	8556	<UnorderedList>
	8557	<ListItem>
	8558	<Paragraph>Cisco</Paragraph>
	8559	<Paragraph>
	8560	<Paragraph>
	8561	Run the following command to disable TCP timestamps:
	8562	</Paragraph>
	8563	<Paragraph preformat="true">
	8564	no ip tcp timestamp
	8565	</Paragraph></Paragraph></ListItem>
	8566	<ListItem>
	8567	<Paragraph>FreeBSD</Paragraph>
	8568	<Paragraph>
	8569	<Paragraph>
	8570	Set the value of net.inet.tcp.rfc1323 to 0 by running the
	8571	following command:
	8572	</Paragraph>
	8573	<Paragraph preformat="true">
	8574	sysctl -w net.inet.tcp.rfc1323=0
	8575	</Paragraph>
	8576	<Paragraph>
	8577	Additionally, put the following value in the default sysctl
	8578	configuration file, generally sysctl.conf:
	8579	</Paragraph>
	8580	<Paragraph preformat="true">
	8581	net.inet.tcp.rfc1323=0
	8582	</Paragraph></Paragraph></ListItem>
	8583	<ListItem>
	8584	<Paragraph>Linux</Paragraph>
	8585	<Paragraph>
	8586	<Paragraph>
	8587	Set the value of net.ipv4.tcp_timestamps to 0 by running the
	8588	following command:
	8589	</Paragraph>
	8590	<Paragraph preformat="true">
	8591	sysctl -w net.ipv4.tcp_timestamps=0
	8592	</Paragraph>
	8593	<Paragraph>
	8594	Additionally, put the following value in the default sysctl
	8595	configuration file, generally sysctl.conf:
	8596	</Paragraph>
	8597	<Paragraph preformat="true">
	8598	net.ipv4.tcp_timestamps=0
	8599	</Paragraph></Paragraph></ListItem>
	8600	<ListItem>
	8601	<Paragraph>OpenBSD</Paragraph>
	8602	<Paragraph>
	8603	<Paragraph>
	8604	Set the value of net.inet.tcp.rfc1323 to 0 by running the
	8605	following command:
	8606	</Paragraph>
	8607	<Paragraph preformat="true">
	8608	sysctl -w net.inet.tcp.rfc1323=0
	8609	</Paragraph>
	8610	<Paragraph>
	8611	Additionally, put the following value in the default sysctl
	8612	configuration file, generally sysctl.conf:
	8613	</Paragraph>
	8614	<Paragraph preformat="true">
	8615	net.inet.tcp.rfc1323=0
	8616	</Paragraph></Paragraph></ListItem>
	8617	<ListItem>
	8618	<Paragraph>Microsoft Windows NT, Microsoft Windows NT Workstation, Microsoft Windows NT Server, Microsoft Windows NT Advanced Server, Microsoft Windows NT Server, Enterprise Edition, Microsoft Windows NT Server, Terminal Server Edition, Microsoft Windows 95, Microsoft Windows 98, Microsoft Windows 98SE, Microsoft Windows ME, Microsoft Windows 2000, Microsoft Windows 2000 Professional, Microsoft Windows 2000 Server, Microsoft Windows 2000 Advanced Server, Microsoft Windows 2000 Datacenter Server, Microsoft Windows XP, Microsoft Windows XP Home, Microsoft Windows XP Professional, Microsoft Windows XP Tablet PC Edition, Microsoft Windows CE, Microsoft Windows Server 2003, Microsoft Windows Server 2003, Standard Edition, Microsoft Windows Server 2003, Enterprise Edition, Microsoft Windows Server 2003, Datacenter Edition, Microsoft Windows Server 2003, Web Edition, Microsoft Windows Small Business Server 2003, Microsoft Windows Server 2003 R2, Microsoft Windows Server 2003 R2, Standard Edition, Microsoft Windows Server 2003 R2, Enterprise Edition, Microsoft Windows Server 2003 R2, Datacenter Edition, Microsoft Windows Server 2003 R2, Web Edition, Microsoft Windows Small Business Server 2003 R2, Microsoft Windows Server 2003 R2, Express Edition, Microsoft Windows Server 2003 R2, Workgroup Edition</Paragraph>
	8619	<Paragraph>
	8620	<Paragraph>
	8621	Set the Tcp1323Opts value in the following key to 1:
	8622	</Paragraph>
	8623	<Paragraph preformat="true">
	8624	HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters
	8625	</Paragraph></Paragraph></ListItem>
	8626	<ListItem>
	8627	<Paragraph>Microsoft Windows Server 2008, Microsoft Windows Server 2008 Standard Edition, Microsoft Windows Server 2008 Enterprise Edition, Microsoft Windows Server 2008 Datacenter Edition, Microsoft Windows Server 2008 HPC Edition, Microsoft Windows Server 2008 Web Edition, Microsoft Windows Server 2008 Storage Edition, Microsoft Windows Small Business Server 2008, Microsoft Windows Essential Business Server 2008, Microsoft Windows Server 2008 R2, Microsoft Windows Server 2008 R2, Standard Edition, Microsoft Windows Server 2008 R2, Enterprise Edition, Microsoft Windows Server 2008 R2, Datacenter Edition, Microsoft Windows Server 2008 R2, Web Edition, Microsoft Windows Server 2012, Microsoft Windows Server 2012 Standard Edition, Microsoft Windows Server 2012 Foundation Edition, Microsoft Windows Server 2012 Essentials Edition, Microsoft Windows Server 2012 Datacenter Edition, Microsoft Windows Storage Server 2012, Microsoft Windows Vista, Microsoft Windows Vista Home, Basic Edition, Microsoft Windows Vista Home, Basic N Edition, Microsoft Windows Vista Home, Premium Edition, Microsoft Windows Vista Ultimate Edition, Microsoft Windows Vista Enterprise Edition, Microsoft Windows Vista Business Edition, Microsoft Windows Vista Business N Edition, Microsoft Windows Vista Starter Edition, Microsoft Windows 7, Microsoft Windows 7 Home, Basic Edition, Microsoft Windows 7 Home, Basic N Edition, Microsoft Windows 7 Home, Premium Edition, Microsoft Windows 7 Home, Premium N Edition, Microsoft Windows 7 Ultimate Edition, Microsoft Windows 7 Ultimate N Edition, Microsoft Windows 7 Enterprise Edition, Microsoft Windows 7 Enterprise N Edition, Microsoft Windows 7 Professional Edition, Microsoft Windows 7 Starter Edition, Microsoft Windows 7 Starter N Edition, Microsoft Windows 8, Microsoft Windows 8 Enterprise Edition, Microsoft Windows 8 Professional Edition, Microsoft Windows 8 RT, Microsoft Windows Longhorn Server Beta</Paragraph>
	8628	<Paragraph>
	8629	<Paragraph>
	8630	TCP timestamps cannot be reliably disabled on this OS. If TCP timestamps present enough of a risk, put a firewall capable of blocking TCP timestamp packets in front of the affected assets.
	8631	</Paragraph></Paragraph></ListItem></UnorderedList></ContainerBlockElement></solution>
	8632	</vulnerability>
	8633
	8634	<vulnerability id="http-3com-wap-default-admin-password" title="3Com WAP Default Administrator Password Vulnerability" severity="10" pciSeverity="5" cvssScore="10.0" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:C)" published="20080818T000000000" added="20080818T000000000" modified="20120731T000000000">
	8635	<description>
	8636
	8637	<ContainerBlockElement>
	8638
	8639	<Paragraph>
	8640	The administrator password is unchanged from the default of 'password'.
	8641	As a result, anyone with access to the 3Com WAP can trivially gain full
	8642	access to the device.
	8643	</Paragraph>
	8644	</ContainerBlockElement></description>
	8645	<references>
	8646	</references><tags>
	8647	<tag>Default Account</tag>
	8648	<tag>HTTP</tag>
	8649	<tag>Web</tag>
	8650	<tag>Wireless</tag>
	8651	</tags>
	8652	<solution>
	8653
	8654	<ContainerBlockElement>
	8655	<Paragraph>
	8656	Change the admin password using the Web interface.
	8657	</Paragraph></ContainerBlockElement></solution>
	8658	</vulnerability>
	8659
	8660	<vulnerability id="http-adobe-amf-gateway-xxe-cve-2009-3960" title="Adobe products XML external entity injection vulnerability (CVE-2009-3960)" severity="4" pciSeverity="3" cvssScore="4.3" cvssVector="(AV:N/AC:M/Au:N/C:P/I:N/A:N)" published="20100215T000000000" added="20110105T000000000" modified="20120731T000000000">
	8661	<description>
	8662
	8663	<ContainerBlockElement>
	8664
	8665	<Paragraph>Multiple Adobe server products are vulnerable to an XML external entity injection which allows remote, unauthenticated attackers
	8666	to read arbitrary files from the system. Affected software includes BlazeDS 3.2 and earlier versions, LiveCycle 9.0, 8.2.1, and 8.0.1, LiveCycle Data
	8667	Services 3.0, 2.6.1, and 2.5.1, Flex Data Services 2.0.1, ColdFusion 9.0, 8.0.1, 8.0, and 7.0.2.</Paragraph>
	8668	</ContainerBlockElement></description>
	8669	<references>
	8670	<reference source="BID">38197</reference>
	8671	<reference source="CVE">CVE-2009-3960</reference>
	8672	<reference source="OSVDB">62292</reference>
	8673	<reference source="SECUNIA">38543</reference>
	8674	<reference source="URL">http://www.adobe.com/support/security/bulletins/apsb10-05.html</reference>
	8675	</references><tags>
	8676	<tag>Adobe</tag>
	8677	<tag>HTTP</tag>
	8678	<tag>Web</tag>
	8679	<tag>IAVM</tag>
	8680	</tags>
	8681	<solution>
	8682
	8683	<ContainerBlockElement>
	8684	<Paragraph>
	8685	Upgrade to the latest version of BlazeDS, LiveCycle, LCDS, or ColdFusion as documented
	8686	in Adobe security bulletin
	8687	<URLLink LinkURL="http://www.adobe.com/support/security/bulletins/apsb10-05.html" LinkTitle="http://www.adobe.com/support/security/bulletins/apsb10-05.html" href="http://www.adobe.com/support/security/bulletins/apsb10-05.html">APSB10-05</URLLink>.
	8688	</Paragraph></ContainerBlockElement></solution>
	8689	</vulnerability>
	8690
	8691	<vulnerability id="http-asp-dot-net-debug-enabled" title="ASP.NET debug feature enabled" severity="5" pciSeverity="3" cvssScore="5.0" cvssVector="(AV:N/AC:L/Au:N/C:P/I:N/A:N)" published="20071031T000000000" added="20071126T000000000" modified="20130620T000000000">
	8692	<description>
	8693
	8694	<ContainerBlockElement>
	8695
	8696	<Paragraph>The ASP.NET application is running in debug mode which allows a remote user to glean
	8697	information about an application by using the DEBUG verb in an HTTP request. This can
	8698	leak information including source code, hidden filenames, and detailed error messages.</Paragraph>
	8699	</ContainerBlockElement></description>
	8700	<references>
	8701	</references><tags>
	8702	<tag>Microsoft</tag>
	8703	<tag>Microsoft ASP.NET</tag>
	8704	<tag>OWASP_2010</tag>
	8705	<tag>OWASP_2013</tag>
	8706	<tag>Web</tag>
	8707	<tag>Web Spider</tag>
	8708	</tags>
	8709	<solution>
	8710
	8711	<ContainerBlockElement>
	8712	<Paragraph>
	8713	<Paragraph>Disable debug mode for this application by setting debug=false in
	8714	the Web.config file for each application on the server.</Paragraph>
	8715	<Paragraph>Also, follow Microsoft's detailed instructions in knowledgebase article
	8716
	8717	<URLLink LinkURL="http://support.microsoft.com/kb/306355" LinkTitle="http://support.microsoft.com/kb/306355" href="http://support.microsoft.com/kb/306355">306355</URLLink> to disable
	8718	detailed ASP.NET error messages using either custom error pages
	8719	or the root-level Web.config file.</Paragraph>
	8720	<Paragraph>You may also consider using Microsoft's
	8721	<URLLink LinkURL="http://msdn2.microsoft.com/en-us/library/aa302368.aspx" LinkTitle="http://msdn2.microsoft.com/en-us/library/aa302368.aspx" href="http://msdn2.microsoft.com/en-us/library/aa302368.aspx">URLScan</URLLink>
	8722	tool to harden IIS servers. URLScan blocks the DEBUG verb by default.</Paragraph></Paragraph></ContainerBlockElement></solution>
	8723	</vulnerability>
	8724
	8725	<vulnerability id="http-awstats-debug-information-disclosure" title="HTTP AWStats Debug Information Disclosure" severity="5" pciSeverity="3" cvssScore="5.0" cvssVector="(AV:N/AC:L/Au:N/C:P/I:N/A:N)" published="20050502T000000000" added="20060320T000000000" modified="20120731T000000000">
	8726	<description>
	8727
	8728	<ContainerBlockElement>
	8729
	8730	<Paragraph>AWStats is a tool that generates web, ftp or mail server statistics,
	8731	graphically. Written in perl, it works as a CGI or from command
	8732	line and shows all the possible information that the log file contains</Paragraph>
	8733
	8734
	8735	<Paragraph>awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to
	8736	obtain sensitive information by setting the debug parameter.</Paragraph>
	8737	</ContainerBlockElement></description>
	8738	<references>
	8739	<reference source="CVE">CVE-2005-0438</reference>
	8740	<reference source="SECUNIA">14299</reference>
	8741	<reference source="URL">http://www.securityfocus.com/archive/1/390368</reference>
	8742	<reference source="XF">awstats-information-disclosure(19477)</reference>
	8743	</references><tags>
	8744	<tag>FTP</tag>
	8745	<tag>HTTP</tag>
	8746	<tag>Information Gathering</tag>
	8747	<tag>Web</tag>
	8748	</tags>
	8749	<solution>
	8750
	8751	<ContainerBlockElement>
	8752	<Paragraph>Download and apply the upgrade from:
	8753	<URLLink LinkURL="http://awstats.sourceforge.net/#DOWNLOAD" LinkTitle="http://awstats.sourceforge.net/#DOWNLOAD"></URLLink></Paragraph></ContainerBlockElement></solution>
	8754	</vulnerability>
	8755
	8756	<vulnerability id="http-awstats-remote-code-execution" title="HTTP AWStats Remote Code Execution" severity="8" pciSeverity="5" cvssScore="7.5" cvssVector="(AV:N/AC:L/Au:N/C:P/I:P/A:P)" published="20050502T000000000" added="20060320T000000000" modified="20120731T000000000">
	8757	<description>
	8758
	8759	<ContainerBlockElement>
	8760
	8761	<Paragraph>AWStats is a tool that generates web, ftp or mail server statistics,
	8762	graphically. Written in perl, it works as a CGI or from command
	8763	line and shows all the possible information that the log file contains</Paragraph>
	8764
	8765
	8766
	8767	<Paragraph>An input validation vulnerability exists in AWStats main script
	8768	awstats.pl using which a remote attacker may execute perl code
	8769	and call available perl modules with the priveleges of the web
	8770	server. An attacker can also use this vulnerability to get
	8771	sensitive information or launch a denial of service attack.</Paragraph>
	8772	</ContainerBlockElement></description>
	8773	<references>
	8774	<reference source="CVE">CVE-2005-0435</reference>
	8775	<reference source="CVE">CVE-2005-0436</reference>
	8776	<reference source="CVE">CVE-2005-0437</reference>
	8777	<reference source="OSVDB">13832</reference>
	8778	<reference source="SECUNIA">14299</reference>
	8779	<reference source="URL">http://www.securityfocus.com/archive/1/390368</reference>
	8780	<reference source="XF">awstats-awstatpl-obtain-information(19333)</reference>
	8781	<reference source="XF">awstats-function-code-execution(19336)</reference>
	8782	</references><tags>
	8783	<tag>Denial of Service</tag>
	8784	<tag>FTP</tag>
	8785	<tag>HTTP</tag>
	8786	<tag>Remote Execution</tag>
	8787	<tag>Web</tag>
	8788	</tags>
	8789	<solution>
	8790
	8791	<ContainerBlockElement>
	8792	<Paragraph>Download and apply the upgrade from:
	8793	<URLLink LinkURL="http://awstats.sourceforge.net/#DOWNLOAD" LinkTitle="http://awstats.sourceforge.net/#DOWNLOAD"></URLLink></Paragraph></ContainerBlockElement></solution>
	8794	</vulnerability>
	8795
	8796	<vulnerability id="http-basic-auth-cleartext" title="HTTP Basic Authentication Enabled" severity="7" pciSeverity="4" cvssScore="6.5" cvssVector="(AV:N/AC:L/Au:S/C:P/I:P/A:P)" published="19970101T000000000" added="20100226T000000000" modified="20130620T000000000">
	8797	<description>
	8798
	8799	<ContainerBlockElement>
	8800
	8801	<Paragraph>
	8802	The HTTP Basic Authentication scheme is not considered to be a secure
	8803	method of user authentication (unless used in conjunction with some
	8804	external secure system such as TLS/SSL), as the user name and password
	8805	are passed over the network as cleartext.
	8806	</Paragraph>
	8807	</ContainerBlockElement></description>
	8808	<references>
	8809	<reference source="URL">http://tools.ietf.org/html/rfc2617</reference>
	8810	</references><tags>
	8811	<tag>HTTP</tag>
	8812	<tag>OWASP_2010</tag>
	8813	<tag>OWASP_2013</tag>
	8814	<tag>Web</tag>
	8815	<tag>Web Spider</tag>
	8816	</tags>
	8817	<solution>
	8818
	8819	<ContainerBlockElement>
	8820	<UnorderedList>
	8821	<ListItem>
	8822	<Paragraph>
	8823	<Paragraph>
	8824	Enable HTTPS on the Web server. The TLS/SSL protocol will protect
	8825	cleartext Basic Authentication credentials.
	8826	</Paragraph></Paragraph></ListItem>
	8827	<ListItem>
	8828	<Paragraph>
	8829	<Paragraph>
	8830	Replace Basic Authentication with the alternative Digest
	8831	Authentication scheme. By modern cryptographic standards Digest
	8832	Authentication is weak. But for a large range of purposes it is
	8833	valuable as a replacement for Basic Authentication. It remedies
	8834	some, but not all, weaknesses of Basic Authentication. See RFC
	8835	2617, section
	8836
	8837	<URLLink LinkURL="http://tools.ietf.org/html/rfc2617#section-4" LinkTitle="http://tools.ietf.org/html/rfc2617#section-4" href="http://tools.ietf.org/html/rfc2617#section-4">4. Security Considerations</URLLink>
	8838	for more information.
	8839	</Paragraph></Paragraph></ListItem></UnorderedList></ContainerBlockElement></solution>
	8840	</vulnerability>
	8841
	8842	<vulnerability id="http-bigbrother-accessible" title="Big Brother Monitoring Suite Reports Page Accessible" severity="5" pciSeverity="3" cvssScore="5.0" cvssVector="(AV:N/AC:L/Au:N/C:P/I:N/A:N)" published="20041101T000000000" added="20041101T000000000" modified="20120731T000000000">
	8843	<description>
	8844
	8845	<ContainerBlockElement>
	8846
	8847	<Paragraph>The
	8848
	8849	<URLLink LinkURL="http://www.bb4.com/" LinkTitle="http://www.bb4.com/" href="http://www.bb4.com/">Big Brother</URLLink> monitoring suite is a
	8850	collection of system monitoring scripts for UNIX based systems. The Big Brother
	8851	suite is capable of monitoring multiple remote systems and periodically outputting
	8852	reports to HTML (usually within the web root of a web server so that remote
	8853	administrators can view the reports from a web browser).</Paragraph>
	8854
	8855
	8856	<Paragraph>The Big Brother reports pages are a treasure trove for any attacker who
	8857	wants to learn about your network. Attackers can learn about other systems
	8858	on the network, what services they are running, what processes they are
	8859	running, usernames, exported directories, etc.</Paragraph>
	8860	</ContainerBlockElement></description>
	8861	<references>
	8862	</references><tags>
	8863	<tag>HTTP</tag>
	8864	<tag>Web</tag>
	8865	</tags>
	8866	<solution>
	8867
	8868	<ContainerBlockElement>
	8869	<Paragraph>
	8870	<Paragraph>Either disable Big Brother or use your web server's access control mechanisms
	8871	to require user authentication via HTTP before viewing the reports.</Paragraph></Paragraph></ContainerBlockElement></solution>
	8872	</vulnerability>
	8873
	8874	<vulnerability id="http-cgi-faxsurvey-command-execution" title="faxsurvey CGI Remote Command Execution" severity="8" pciSeverity="5" cvssScore="7.5" cvssVector="(AV:N/AC:L/Au:N/C:P/I:P/A:P)" published="19980804T000000000" added="20050413T000000000" modified="20120731T000000000">
	8875	<description>
	8876
	8877	<ContainerBlockElement>
	8878
	8879	<Paragraph>The faxsurvey cgi can be exploited by sending a GET request to execute shell code on the remote web server.</Paragraph>
	8880	</ContainerBlockElement></description>
	8881	<references>
	8882	<reference source="BID">2056</reference>
	8883	<reference source="CVE">CVE-1999-0262</reference>
	8884	<reference source="XF">http-cgi-faxsurvey(1532)</reference>
	8885	</references><tags>
	8886	<tag>CGI</tag>
	8887	<tag>HTTP</tag>
	8888	<tag>Remote Execution</tag>
	8889	<tag>Web</tag>
	8890	</tags>
	8891	<solution>
	8892
	8893	<ContainerBlockElement>
	8894	<Paragraph>
	8895	<Paragraph>It is strongly recommended to disable this CGI by removing any copies of it from your web server.</Paragraph></Paragraph></ContainerBlockElement></solution>
	8896	</vulnerability>
	8897
	8898	<vulnerability id="http-cgi-htdig-arbitrary-file-access" title="Ht://dig Arbitrary File Access" severity="5" pciSeverity="3" cvssScore="5.0" cvssVector="(AV:N/AC:L/Au:N/C:P/I:N/A:N)" published="20000229T000000000" added="20050413T000000000" modified="20120731T000000000">
	8899	<description>
	8900
	8901	<ContainerBlockElement>
	8902
	8903	<Paragraph>The htdig CGI can be used to access any file readable by the server process.</Paragraph>
	8904	</ContainerBlockElement></description>
	8905	<references>
	8906	<reference source="BID">1026</reference>
	8907	<reference source="CVE">CVE-2000-0208</reference>
	8908	<reference source="URL">http://www.securityfocus.com/templates/archive.pike?list=1&[email protected]</reference>
	8909	</references><tags>
	8910	<tag>CGI</tag>
	8911	<tag>HTTP</tag>
	8912	<tag>Web</tag>
	8913	</tags>
	8914	<solution>
	8915
	8916	<ContainerBlockElement>
	8917	<Paragraph>
	8918	<Paragraph>It is strongly recommended to disable this CGI by removing any copies of it from your web server.</Paragraph></Paragraph></ContainerBlockElement></solution>
	8919	</vulnerability>
	8920
	8921	<vulnerability id="http-cgi-htgrep-arbitrary-file-access" title="Htgrep Arbitrary File Access" severity="5" pciSeverity="3" cvssScore="5.0" cvssVector="(AV:N/AC:L/Au:N/C:P/I:N/A:N)" published="20001114T000000000" added="20050413T000000000" modified="20120731T000000000">
	8922	<description>
	8923
	8924	<ContainerBlockElement>
	8925
	8926	<Paragraph>The Htgrep CGI can be used to access any file readable by the server process.</Paragraph>
	8927	</ContainerBlockElement></description>
	8928	<references>
	8929	<reference source="CVE">CVE-2000-0832</reference>
	8930	<reference source="URL">http://archives.neohapsis.com/archives/bugtraq/2000-08/0208.html</reference>
	8931	<reference source="XF">htgrep-cgi-view-files(5476)</reference>
	8932	</references><tags>
	8933	<tag>CGI</tag>
	8934	<tag>HTTP</tag>
	8935	<tag>Web</tag>
	8936	</tags>
	8937	<solution>
	8938
	8939	<ContainerBlockElement>
	8940	<Paragraph>
	8941	<Paragraph>It is strongly recommended to disable this CGI by removing any copies of it from your web server.</Paragraph></Paragraph></ContainerBlockElement></solution>
	8942	</vulnerability>
	8943
	8944	<vulnerability id="http-cgi-htmlscript-arbitrary-file-access" title="Htmlscript Arbitrary File Access" severity="5" pciSeverity="3" cvssScore="5.0" cvssVector="(AV:N/AC:L/Au:N/C:P/I:N/A:N)" published="19980127T000000000" added="20050413T000000000" modified="20120731T000000000">
	8945	<description>
	8946
	8947	<ContainerBlockElement>
	8948
	8949	<Paragraph>The htmlscript CGI can be used to access any file readable by the server process.</Paragraph>
	8950	</ContainerBlockElement></description>
	8951	<references>
	8952	<reference source="CVE">CVE-1999-0264</reference>
	8953	</references><tags>
	8954	<tag>CGI</tag>
	8955	<tag>HTTP</tag>
	8956	<tag>Web</tag>
	8957	</tags>
	8958	<solution>
	8959
	8960	<ContainerBlockElement>
	8961	<Paragraph>
	8962	<Paragraph>It is strongly recommended to disable this CGI by removing any copies of it from your web server.</Paragraph></Paragraph></ContainerBlockElement></solution>
	8963	</vulnerability>
	8964
	8965	<vulnerability id="http-cgi-testcgi-file-listing" title="Test-cgi Remote File Listing" severity="5" pciSeverity="3" cvssScore="5.0" cvssVector="(AV:N/AC:L/Au:N/C:N/I:P/A:N)" published="19960401T000000000" added="20050407T000000000" modified="20120731T000000000">
	8966	<description>
	8967
	8968	<ContainerBlockElement>
	8969
	8970	<Paragraph>The test-cgi script included in older distributions of NCSA
	8971	HTTPd and Apache HTTPd does not properly sanitize user-supplied
	8972	request parameters. It is possible to retrieve a file listing
	8973	of any directory readable by the web server process by sending a
	8974	POST request with the Content-type header set to a path on
	8975	the server.</Paragraph>
	8976	</ContainerBlockElement></description>
	8977	<references>
	8978	<reference source="CVE">CVE-1999-0070</reference>
	8979	</references><tags>
	8980	<tag>CGI</tag>
	8981	<tag>HTTP</tag>
	8982	<tag>Web</tag>
	8983	</tags>
	8984	<solution>
	8985
	8986	<ContainerBlockElement>
	8987	<Paragraph>
	8988	<Paragraph>It is strongly recommended to disable this CGI by removing any copies of it from your web server.</Paragraph></Paragraph></ContainerBlockElement></solution>
	8989	</vulnerability>
	8990
	8991	<vulnerability id="http-cgi-viewsource-arbitrary-file-access" title="View-source Arbitrary File Access" severity="6" pciSeverity="4" cvssScore="6.4" cvssVector="(AV:N/AC:L/Au:N/C:P/I:P/A:N)" published="19970201T000000000" added="20050413T000000000" modified="20120731T000000000">
	8992	<description>
	8993
	8994	<ContainerBlockElement>
	8995
	8996	<Paragraph>The view-source CGI can be used to access any file readable by the server process.</Paragraph>
	8997	</ContainerBlockElement></description>
	8998	<references>
	8999	<reference source="CVE">CVE-1999-0174</reference>
	9000	</references><tags>
	9001	<tag>CGI</tag>
	9002	<tag>HTTP</tag>
	9003	<tag>Web</tag>
	9004	</tags>
	9005	<solution>
	9006
	9007	<ContainerBlockElement>
	9008	<Paragraph>
	9009	<Paragraph>It is strongly recommended to disable this CGI by removing any copies of it from your web server.</Paragraph></Paragraph></ContainerBlockElement></solution>
	9010	</vulnerability>
	9011
	9012	<vulnerability id="http-coldfusion-cfide-unprotected" title="Adobe ColdFusion not properly hardened" severity="8" pciSeverity="5" cvssScore="7.5" cvssVector="(AV:N/AC:L/Au:N/C:P/I:P/A:P)" published="20070606T000000000" added="20110630T000000000" modified="20130416T000000000">
	9013	<description>
	9014
	9015	<ContainerBlockElement>
	9016
	9017	<Paragraph>Unprotected access is allowed to the scripts under the ColdFusion /CFIDE/ directory. These utility scripts
	9018	can expose information about the server and its configuration. Because of the history of vulnerabilities due to
	9019	scripts within the /CFIDE/ directory, ColdFusion hardening best practices recommend that access to most (if not
	9020	all) of the subdirectories under /CFIDE/ be protected with a password or completely disabled</Paragraph>
	9021	</ContainerBlockElement></description>
	9022	<references>
	9023	<reference source="URL">http://www.adobe.com/content/dam/Adobe/en/products/coldfusion/pdfs/91025512-cf9-lockdownguide-wp-ue.pdf</reference>
	9024	<reference source="URL">http://www.adobe.com/content/dam/Adobe/en/products/coldfusion-enterprise/pdf/CF10%20Lockdown%20Guide.pdf</reference>
	9025	</references><tags>
	9026	<tag>Adobe</tag>
	9027	<tag>Adobe ColdFusion</tag>
	9028	<tag>HTTP</tag>
	9029	<tag>Web</tag>
	9030	</tags>
	9031	<solution>
	9032
	9033	<ContainerBlockElement>
	9034	<Paragraph>
	9035	<Paragraph>Consult the following two hardening guides and apply the relevant configuration changes to the server to secure your ColdFusion installation:
	9036
	9037	<OrderedList>
	9038	<ListItem>
	9039	<URLLink LinkURL="http://www.adobe.com/content/dam/Adobe/en/products/coldfusion/pdfs/91025512-cf9-lockdownguide-wp-ue.pdf" LinkTitle="http://www.adobe.com/content/dam/Adobe/en/products/coldfusion/pdfs/91025512-cf9-lockdownguide-wp-ue.pdf" href="http://www.adobe.com/content/dam/Adobe/en/products/coldfusion/pdfs/91025512-cf9-lockdownguide-wp-ue.pdf">Adobe ColdFusion 9 Server Lockdown Guide</URLLink></ListItem>
	9040	<ListItem>
	9041	<URLLink LinkURL="http://www.adobe.com/content/dam/Adobe/en/products/coldfusion-enterprise/pdf/CF10%20Lockdown%20Guide.pdf" LinkTitle="http://www.adobe.com/content/dam/Adobe/en/products/coldfusion-enterprise/pdf/CF10%20Lockdown%20Guide.pdf" href="http://www.adobe.com/content/dam/Adobe/en/products/coldfusion-enterprise/pdf/CF10%20Lockdown%20Guide.pdf">Adobe ColdFusion 10 Server Lockdown Guide</URLLink></ListItem></OrderedList>
	9042
	9043	For public-facing servers, you may also want to prevent search engines from indexing certain directories (such as /CFIDE/). This can be done with the use of
	9044	robots.txt, as described in the
	9045	<URLLink LinkURL="http://kb2.adobe.com/cps/175/tn_17511.html" LinkTitle="http://kb2.adobe.com/cps/175/tn_17511.html" href="http://kb2.adobe.com/cps/175/tn_17511.html">Adobe FAQ</URLLink> on the subject.
	9046	</Paragraph></Paragraph></ContainerBlockElement></solution>
	9047	</vulnerability>
	9048
	9049	<vulnerability id="http-cookie-http-only-flag" title="Missing HttpOnly Flag From Cookie" severity="5" pciSeverity="3" cvssScore="5.0" cvssVector="(AV:N/AC:L/Au:N/C:P/I:N/A:N)" published="20110531T000000000" added="20110817T000000000" modified="20131105T000000000">
	9050	<description>
	9051
	9052	<ContainerBlockElement>
	9053
	9054	<Paragraph>HttpOnly is an additional flag included in a Set-Cookie HTTP response header. If supported by the browser, using
	9055	the HttpOnly flag when generating a cookie helps mitigate the risk of client side script accessing the protected
	9056	cookie. If a browser that supports HttpOnly detects a cookie containing the HttpOnly flag, and client side script
	9057	code attempts to read the cookie, the browser returns an empty string as the result. This causes the attack to fail
	9058	by preventing the malicious (usually XSS) code from sending the data to an attacker's website.</Paragraph>
	9059	</ContainerBlockElement></description>
	9060	<references>
	9061	<reference source="URL">http://msdn.microsoft.com/en-us/library/ms533046.aspx</reference>
	9062	<reference source="URL">https://www.owasp.org/index.php/HttpOnly</reference>
	9063	</references><tags>
	9064	<tag>OWASP_2010</tag>
	9065	<tag>OWASP_2013</tag>
	9066	<tag>Web</tag>
	9067	<tag>Web Spider</tag>
	9068	</tags>
	9069	<solution>
	9070
	9071	<ContainerBlockElement>
	9072	<Paragraph>
	9073	<Paragraph>For each cookie generated by your web-site, add the "HttpOnly" flag to the cookie.
	9074	For example:</Paragraph>
	9075	<Paragraph preformat="true">
	9076	<Paragraph preformat="true">
	9077	Set-Cookie: <name>=<value>[; <Max-Age>=<age>]
	9078	[; expires=<date>][; domain=<domain_name>]
	9079	[; path=<some_path>][; secure][; HttpOnly]
	9080	</Paragraph></Paragraph></Paragraph></ContainerBlockElement></solution>
	9081	</vulnerability>
	9082
	9083	<vulnerability id="http-dd-wrt-remote-command-execution" title="DD-WRT Remote Command Execution as Root" severity="8" pciSeverity="5" cvssScore="8.3" cvssVector="(AV:A/AC:L/Au:N/C:C/I:C/A:C)" published="20090720T000000000" added="20090812T000000000" modified="20120731T000000000">
	9084	<description>
	9085
	9086	<ContainerBlockElement>
	9087
	9088	<Paragraph>
	9089	There is a vulnerability in the DD-WRT firmware as recent as 2.4 SP1. A
	9090	remote attacker can execute commands as the root user by simply appending
	9091	a semi-colon to the URL of any string in the cgi-bin path, followed by
	9092	the command of their choice. Authentication is not required for the
	9093	command to run on the target access point.
	9094	</Paragraph>
	9095	</ContainerBlockElement></description>
	9096	<references>
	9097	<reference source="BID">35742</reference>
	9098	<reference source="CVE">CVE-2009-2765</reference>
	9099	<reference source="OSVDB">55990</reference>
	9100	<reference source="URL">http://milw0rm.com/exploits/9209</reference>
	9101	<reference source="URL">http://www.dd-wrt.com/dd-wrtv3/index.php?view=article&id=34</reference>
	9102	</references><tags>
	9103	<tag>HTTP</tag>
	9104	<tag>Remote Execution</tag>
	9105	<tag>Web</tag>
	9106	</tags>
	9107	<solution>
	9108
	9109	<ContainerBlockElement>
	9110	<Paragraph>Download and apply the upgrade from:
	9111	<URLLink LinkURL="http://www.dd-wrt.com/dd-wrtv2/down.php?path=downloads%2Fothers%2Feko%2FBrainSlayer-V24-preSP2%2F07-21-09-r12533/" LinkTitle="http://www.dd-wrt.com/dd-wrtv2/down.php?path=downloads%2Fothers%2Feko%2FBrainSlayer-V24-preSP2%2F07-21-09-r12533/"></URLLink></Paragraph></ContainerBlockElement></solution>
	9112	</vulnerability>
	9113
	9114	<vulnerability id="http-drac-default-login" title="Dell Remote Access Controller (DRAC) Default Login Credentials" severity="10" pciSeverity="5" cvssScore="10.0" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:C)" published="20070925T000000000" added="20070925T000000000" modified="20120731T000000000">
	9115	<description>
	9116
	9117	<ContainerBlockElement>
	9118
	9119	<Paragraph>
	9120	Dell products that utilize Dell Remote Access Controllers (DRAC) are shipped
	9121	with the default username/password combination of root/calvin, respectively.
	9122	It is recommended that the password is changed in order to prevent unauthorized
	9123	access. Unauthorized users have access to view system information as well as
	9124	perform maintenance tasks such as firmware upgrades, system powerup,
	9125	powerdown, hardreset, powercycle and more.
	9126	Access to the system console is also possible.
	9127	</Paragraph>
	9128	</ContainerBlockElement></description>
	9129	<references>
	9130	<reference source="URL">http://support.dell.com/support/edocs/software/smdrac3/</reference>
	9131	</references><tags>
	9132	<tag>Default Account</tag>
	9133	<tag>HTTP</tag>
	9134	<tag>Web</tag>
	9135	</tags>
	9136	<solution>
	9137
	9138	<ContainerBlockElement>
	9139	<Paragraph>
	9140	<Paragraph>
	9141	SSH to the DRAC interface using the default username: root and password: calvin.
	9142	At the RACADM command prompt (ie. $), issue the following command
	9143	(change "newpassword" to the new password of your choice):
	9144	</Paragraph>
	9145	<Paragraph preformat="true">
	9146	racadm config -g cfgUserAdmin -o cfgUserAdminPassword -i 2 newpassword
	9147	</Paragraph>
	9148	<Paragraph>
	9149	Refer to the
	9150
	9151	<URLLink LinkURL="http://support.dell.com/support/edocs/software/smdrac3/" LinkTitle="http://support.dell.com/support/edocs/software/smdrac3/" href="http://support.dell.com/support/edocs/software/smdrac3/">Dell</URLLink>
	9152	support page for more information.
	9153	</Paragraph></Paragraph></ContainerBlockElement></solution>
	9154	</vulnerability>
	9155
	9156	<vulnerability id="http-frontpage-unprotected" title="Unprotected FrontPage Extensions" severity="8" pciSeverity="5" cvssScore="7.5" cvssVector="(AV:N/AC:L/Au:N/C:P/I:P/A:P)" published="20000602T000000000" added="20100804T000000000" modified="20120731T000000000">
	9157	<description>
	9158
	9159	<ContainerBlockElement>
	9160	Incorrect permissions were discovered on FrontPage extensions use for
	9161	controlling access and publishing content. By exploiting this
	9162	misconfiguration, attackers may be able to modify content served by
	9163	this web server.
	9164	</ContainerBlockElement></description>
	9165	<references>
	9166	<reference source="URL">http://www.auscert.org.au/render.html?it=828</reference>
	9167	</references><tags>
	9168	<tag>HTTP</tag>
	9169	<tag>Web</tag>
	9170	</tags>
	9171	<solution>
	9172
	9173	<ContainerBlockElement>
	9174	<Paragraph>
	9175	<Paragraph>
	9176	Web site managers who are using FrontPage to administer their sites
	9177	should check these permissions to insure that only those who are allowed to
	9178	author or administer the site have access to the admin.dll and author.dll
	9179	extensions. Web site managers who are using IIS servers but not FrontPage
	9180	should check for the existence of the FrontPage extensions (check for the
	9181	_vti_* directories and for _vti_inf.html in the web root directory) and
	9182	remove them if FrontPage is not required.
	9183	</Paragraph></Paragraph></ContainerBlockElement></solution>
	9184	</vulnerability>
	9185
	9186	<vulnerability id="http-generic-propfind-dir-browsing" title="WebDAV PROPFIND Method Allows Web Directory Browsing" severity="5" pciSeverity="3" cvssScore="5.0" cvssVector="(AV:N/AC:L/Au:N/C:P/I:N/A:N)" published="20010101T000000000" added="20070730T000000000" modified="20130620T000000000">
	9187	<description>
	9188
	9189	<ContainerBlockElement>
	9190
	9191	<Paragraph>It is possible to use the WebDAV PROPFIND method to browse web directories
	9192	on the server and discover content that would normally remain hidden. This
	9193	could potentially allow an attacker to obtain sensitive information, such as
	9194	data files and backup pages, or give them information about the directory
	9195	structure that could be useful in mounting a more sophisticated attack
	9196	later.</Paragraph>
	9197	</ContainerBlockElement></description>
	9198	<references>
	9199	</references><tags>
	9200	<tag>Backup</tag>
	9201	<tag>Directory Browsing</tag>
	9202	<tag>OWASP_2010</tag>
	9203	<tag>OWASP_2013</tag>
	9204	<tag>Web</tag>
	9205	<tag>Web Spider</tag>
	9206	</tags>
	9207	<solution>
	9208
	9209	<ContainerBlockElement>
	9210	<UnorderedList>
	9211	<ListItem>
	9212	<Paragraph>IIS, PWS, Microsoft-IIS, Internet Information Services, Internet Information Services, Microsoft-PWS</Paragraph>
	9213	<Paragraph>
	9214	<Paragraph>For Microsoft Internet Information Services (IIS), you may
	9215	use the URLScan tool, freely available at
	9216
	9217	<URLLink LinkURL="http://www.microsoft.com/technet/security/tools/urlscan.mspx" LinkTitle="http://www.microsoft.com/technet/security/tools/urlscan.mspx" href="http://www.microsoft.com/technet/security/tools/urlscan.mspx"></URLLink></Paragraph></Paragraph></ListItem>
	9218	<ListItem>
	9219	<Paragraph>Apache HTTPD</Paragraph>
	9220	<Paragraph>
	9221	<Paragraph>The PROPFIND method should be restricted from anonymous requests.
	9222	Enable authentication on the WebDAV directory so that only authorized users
	9223	can invoke the method to perform legitimate tasks, like so:</Paragraph>
	9224	<Paragraph preformat="true"><Location /webdav_dir/*>
	9225	<LimitExcept GET HEAD OPTIONS POST>
	9226	AuthType Basic
	9227	AuthName "WebDAV Authentication"
	9228	AuthUserFile /path/to/userfile
	9229	AuthGroupFile /path/to/groupfile
	9230	require group webdavusers
	9231	</LimitExcept>
	9232	</Location></Paragraph>
	9233	<Paragraph>Next, create the password file and group file:</Paragraph>
	9234	<Paragraph preformat="true">htpasswd -cs /path/to/userfile bob
	9235	echo "webdavusers: bob" > /path/to/groupfile</Paragraph></Paragraph></ListItem>
	9236	<ListItem>
	9237	<Paragraph>Java System Web Server, SunONE WebServer, Sun-ONE-Web-Server, iPlanet</Paragraph>
	9238	<Paragraph>
	9239	<Paragraph>In the server.xml configuration file, add the following lines to
	9240	restrict WebDAV methods to a particular user(s):</Paragraph>
	9241	<Paragraph preformat="true">acl "uri=/webdav_dir/*";
	9242	deny(all)
	9243	user="anyone";
	9244
	9245	allow (read,list,execute,info,write,delete)
	9246	user = "username";</Paragraph></Paragraph></ListItem>
	9247	<ListItem>
	9248	<Paragraph>Apache Tomcat, Tomcat, Tomcat Web Server, Apache Coyote, Apache-Coyote</Paragraph>
	9249	<Paragraph>
	9250	<Paragraph>In the web.xml configuration file for the WebDAV-enabled directory,
	9251	add the following lines to restrict WebDAV functionality to a particular
	9252	user(s):</Paragraph>
	9253	<Paragraph preformat="true"> <security-constraint>
	9254	<web-resource-collection>
	9255	<web-resource-name>WebDav Directory</web-resource-name>
	9256	<url-pattern>/*</url-pattern>
	9257	</web-resource-collection>
	9258	<auth-constraint>
	9259	<role-name>webdav-user</role-name>
	9260	</auth-constraint>
	9261	</security-constraint>
	9262
	9263	<login-config>
	9264	<auth-method>BASIC</auth-method>
	9265	<realm-name>WebDAV Realm</realm-name>
	9266	</login-config>
	9267
	9268	<security-role>
	9269	<description>
	9270	Legitimate WebDAV users
	9271	</description>
	9272	<role-name>webdav-user</role-name>
	9273	</security-role></Paragraph>
	9274	<Paragraph>In the conf/tomcat-users.xml file, add a WebDAV user like so:</Paragraph>
	9275	<Paragraph preformat="true"><?xml version='1.0' encoding='utf-8'?>
	9276	<tomcat-users>
	9277	<role rolename="webdav-user"/>
	9278	<user username="bob" password="b0bsp455w0rdy0!" roles="webdav-user"/>
	9279	</tomcat-users></Paragraph></Paragraph></ListItem></UnorderedList></ContainerBlockElement></solution>
	9280	</vulnerability>
	9281
	9282	<vulnerability id="http-glassfish-default-admin-password" title="Glassfish Default Administrator Password Vulnerability" severity="10" pciSeverity="5" cvssScore="10.0" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:C)" published="20100615T000000000" added="20110718T000000000" modified="20120731T000000000">
	9283	<description>
	9284
	9285	<ContainerBlockElement>
	9286
	9287	<Paragraph>The Glassfish administrator 'admin' has a password that is set to a
	9288	default blank value. As a result, anyone with access to the GlassFish
	9289	port can trivially gain full access to the machine via arbitrary remote
	9290	code execution. This requires the attacker to upload a malicious
	9291	webservice.
	9292	</Paragraph>
	9293	</ContainerBlockElement></description>
	9294	<references>
	9295	<reference source="URL">http://download.oracle.com/docs/cd/E18930_01/html/821-2435/ghgrp.html</reference>
	9296	</references><tags>
	9297	<tag>Default Account</tag>
	9298	<tag>HTTP</tag>
	9299	<tag>Remote Execution</tag>
	9300	<tag>Web</tag>
	9301	</tags>
	9302	<solution>
	9303
	9304	<ContainerBlockElement>
	9305	<Paragraph>
	9306	<Paragraph>Change the admin password to a non-default value. This can be done by modifying the password through the
	9307	administrator interface.
	9308	</Paragraph></Paragraph></ContainerBlockElement></solution>
	9309	</vulnerability>
	9310
	9311	<vulnerability id="HTTP-IIS-0014" title="Microsoft JET Database Engine VBA Vulnerability" severity="7" pciSeverity="5" cvssScore="7.2" cvssVector="(AV:L/AC:L/Au:N/C:C/I:C/A:C)" published="19990820T000000000" added="20041101T000000000" modified="20120731T000000000">
	9312	<description>
	9313
	9314	<ContainerBlockElement>
	9315
	9316	<Paragraph>Microsoft's JET database engine feature allows the embedding of Visual Basic
	9317	for Application in SQL string expressions and the lack of metacharacter filtering
	9318	by many web applications may allow remote users to execute commands on the system.</Paragraph>
	9319
	9320	<Paragraph>Microsoft's JET database engine (the core of Microsoft Access) allows the
	9321	embedding of Visual Basic for Application expressions in SQL strings. VBA expressions
	9322	withing two "\|" characters within an SQL string will be executed and its result substituted
	9323	in the string. The VBA code is evaluated in an expression context. That means you cannot
	9324	make use of statements.</Paragraph>
	9325
	9326	<Paragraph>The Microsoft JET database engine can be used via the ODBC API. It is commonly
	9327	used as a backend for web enabled applications. The fact that it uses the "\|" character
	9328	to execute VBA code within SQL statements in JET is a largely unknown feature, meaning
	9329	that few applications escape user input for this metacharacter. Therefore any script
	9330	or application that uses Microsoft's JET ODBC DSN could potentially be exploited.</Paragraph>
	9331
	9332	<Paragraph>Microsoft's IIS in particular executes ODBC commands in the context of the System
	9333	account. This may allow remote attackers to input VBA code in web enabled applications
	9334	that will be executed by IIS as the System user.</Paragraph>
	9335
	9336	<Paragraph>The most dangerous VBA command available to an attacker is shell(), which enables
	9337	it to run any command in the system.</Paragraph>
	9338
	9339	<Paragraph>Microsoft's IIS 4.0 ships with a number of sample scripts that are vulnerable
	9340	if used with the JET ODBC driver (e.g. details.idc). It also ships with MSADC which
	9341	allows remote uses to execute SQL queries on a DNS via HTTP.</Paragraph>
	9342
	9343	<Paragraph>Tests seem to indicate JET 4.0 is not vulnerable to this issue.</Paragraph>
	9344	</ContainerBlockElement></description>
	9345	<references>
	9346	<reference source="BID">548</reference>
	9347	<reference source="CVE">CVE-2000-0325</reference>
	9348	<reference source="MS">MS99-030</reference>
	9349	<reference source="URL">http://marc.info/?l=bugtraq&m=92765973107637&w=2</reference>
	9350	<reference source="XF">jet-vba-shell(3155)</reference>
	9351	</references><tags>
	9352	<tag>DNS</tag>
	9353	<tag>HTTP</tag>
	9354	<tag>Microsoft</tag>
	9355	<tag>Microsoft IIS</tag>
	9356	<tag>Web</tag>
	9357	</tags>
	9358	<solution>
	9359
	9360	<ContainerBlockElement>
	9361	<Paragraph>Download and apply the upgrade from:
	9362	<URLLink LinkURL="http://support.microsoft.com/default.aspx?scid=kb;en-us;Q239114" LinkTitle="http://support.microsoft.com/default.aspx?scid=kb;en-us;Q239114"></URLLink></Paragraph>
	9363	<Paragraph>
	9364	<Paragraph>Disable the JET ODBC drivers or
	9365
	9366
	9367	<URLLink LinkURL="http://support.microsoft.com/default.aspx?scid=kb;en-us;Q239114" LinkTitle="http://support.microsoft.com/default.aspx?scid=kb;en-us;Q239114" href="http://support.microsoft.com/default.aspx?scid=kb;en-us;Q239114">upgrade to JET 4.0 SP3</URLLink>
	9368	or later. The latest JET release is JET Service Pack 6, which is included with Windows 2000
	9369	Service Pack 3. Please note that JET 4.0 may not be fully compatible with earlier versions
	9370	and some legacy applications may fail. JET 4.0 is part of Microsoft's Data Access (MDAC) 2.1.</Paragraph>
	9371	<Paragraph>The latest stable release of MDAC is
	9372
	9373
	9374	<URLLink LinkURL="http://msdn.microsoft.com/data/mdac/downloads/default.aspx" LinkTitle="http://msdn.microsoft.com/data/mdac/downloads/default.aspx" href="http://msdn.microsoft.com/data/mdac/downloads/default.aspx">MDAC v2.6 Service Pack 2</URLLink>.
	9375	Note that MDAC 2.6 and later
	9376
	9377
	9378	<URLLink LinkURL="http://support.microsoft.com/default.aspx?scid=kb;en-us;Q271908" LinkTitle="http://support.microsoft.com/default.aspx?scid=kb;en-us;Q271908" href="http://support.microsoft.com/default.aspx?scid=kb;en-us;Q271908">do not include</URLLink>
	9379	the JET ODBC drivers by default.</Paragraph></Paragraph></ContainerBlockElement></solution>
	9380	</vulnerability>
	9381
	9382	<vulnerability id="http-lighttpd-mod_userdir-info-discl" title="Lighttpd 'mod_userdir' Information Disclosure" severity="5" pciSeverity="3" cvssScore="5.0" cvssVector="(AV:N/AC:L/Au:N/C:P/I:N/A:N)" published="20080305T000000000" added="20080811T000000000" modified="20120731T000000000">
	9383	<description>
	9384
	9385	<ContainerBlockElement>
	9386
	9387	<Paragraph>
	9388	With certain versions of lighttpd, if mod_userdir is loaded but "userdir.path"
	9389	is not configured, the default directory for userdir requests is $HOME (instead
	9390	of $HOME/public_html for example). This could lead to information disclosure.
	9391	</Paragraph>
	9392	</ContainerBlockElement></description>
	9393	<references>
	9394	<reference source="BID">28226</reference>
	9395	<reference source="CVE">CVE-2008-1270</reference>
	9396	<reference source="DEBIAN">DSA-1521</reference>
	9397	<reference source="SECUNIA">29318</reference>
	9398	<reference source="SECUNIA">29403</reference>
	9399	<reference source="SECUNIA">29622</reference>
	9400	<reference source="SECUNIA">29636</reference>
	9401	<reference source="URL">http://trac.lighttpd.net/trac/ticket/1587</reference>
	9402	<reference source="URL">http://www.lighttpd.net/security/lighttpd_sa_2008_03.txt</reference>
	9403	<reference source="XF">lighttpd-moduserdir-information-disclosure(41173)</reference>
	9404	</references><tags>
	9405	<tag>HTTP</tag>
	9406	<tag>Information Gathering</tag>
	9407	<tag>Web</tag>
	9408	<tag>lighttpd</tag>
	9409	</tags>
	9410	<solution>
	9411
	9412	<ContainerBlockElement>
	9413	<Paragraph>Download and apply the upgrade from:
	9414	<URLLink LinkURL="http://www.lighttpd.net/download/lighttpd-1.4.19.tar.gz" LinkTitle="http://www.lighttpd.net/download/lighttpd-1.4.19.tar.gz"></URLLink></Paragraph></ContainerBlockElement></solution>
	9415	</vulnerability>
	9416
	9417	<vulnerability id="http-nokia-firewall-default-admin-password" title="Nokia Firewall Default Administrator Password Vulnerability" severity="10" pciSeverity="5" cvssScore="10.0" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:C)" published="20040101T000000000" added="20090716T000000000" modified="20120731T000000000">
	9418	<description>
	9419
	9420	<ContainerBlockElement>
	9421
	9422	<Paragraph>
	9423	The administrator credentials are unchanged from the default of 'admin' and 'password'.
	9424	As a result, anyone with access to the Nokia Firewall can trivially gain full access
	9425	to the device.
	9426	</Paragraph>
	9427	</ContainerBlockElement></description>
	9428	<references>
	9429	</references><tags>
	9430	<tag>Default Account</tag>
	9431	<tag>HTTP</tag>
	9432	<tag>Web</tag>
	9433	</tags>
	9434	<solution>
	9435
	9436	<ContainerBlockElement>
	9437	<Paragraph>
	9438	Change the admin password using the Web interface.
	9439	</Paragraph></ContainerBlockElement></solution>
	9440	</vulnerability>
	9441
	9442	<vulnerability id="http-open-proxy" title="Open HTTP Proxy" severity="5" pciSeverity="3" cvssScore="5.0" cvssVector="(AV:N/AC:L/Au:N/C:N/I:P/A:N)" published="20070723T000000000" added="20070723T000000000" modified="20120731T000000000">
	9443	<description>
	9444
	9445	<ContainerBlockElement>
	9446
	9447	<Paragraph>
	9448	Open proxies allow malicious clients to mount attacks which
	9449	originate from the IP of the proxy server, without requiring the
	9450	attacker to authenticate to the proxy first.
	9451	</Paragraph>
	9452
	9453	<Paragraph>
	9454	Additionally, an open proxy may allow an attacker to access
	9455	an internal network which would be otherwise secure.
	9456	</Paragraph>
	9457
	9458	<Paragraph>
	9459	Steps should be taken to correctly configure the proxy server
	9460	such that unauthorized connections are denied.
	9461	</Paragraph>
	9462	</ContainerBlockElement></description>
	9463	<references>
	9464	<reference source="CERT-VN">150227</reference>
	9465	<reference source="URL">http://spamlinks.net/prevent-secure-proxy-fix.htm</reference>
	9466	<reference source="URL">http://www.web-cache.com/Writings/Internet-Drafts/draft-luotonen-web-proxy-tunneling-01.txt</reference>
	9467	</references><tags>
	9468	<tag>HTTP</tag>
	9469	<tag>Web</tag>
	9470	</tags>
	9471	<solution>
	9472
	9473	<ContainerBlockElement>
	9474	<UnorderedList>
	9475	<ListItem>
	9476	<Paragraph>squid</Paragraph>
	9477	<Paragraph>
	9478	<Paragraph>
	9479	An access control list (ACL) should be defined for the squid proxy server
	9480	in the file:
	9481	<Paragraph preformat="true">squid.conf</Paragraph></Paragraph>
	9482	<Paragraph>
	9483	Consult the Squid 3.0 configuration manual, located at the
	9484
	9485	<URLLink LinkURL="http://www.visolve.com/squid/squid30/contents.php" LinkTitle="http://www.visolve.com/squid/squid30/contents.php" href="http://www.visolve.com/squid/squid30/contents.php">ViSolve</URLLink> website.
	9486	</Paragraph></Paragraph></ListItem>
	9487	<ListItem>
	9488	<Paragraph>
	9489	<Paragraph>
	9490	Consult the ISA server 2006 hardening guide below for steps on
	9491	how to securely configure the web proxy component:
	9492	</Paragraph>
	9493	<Paragraph>
	9494	<URLLink LinkURL="http://www.microsoft.com/technet/isa/2006/security_guide.mspx" LinkTitle="http://www.microsoft.com/technet/isa/2006/security_guide.mspx" href="http://www.microsoft.com/technet/isa/2006/security_guide.mspx"></URLLink></Paragraph></Paragraph></ListItem></UnorderedList></ContainerBlockElement></solution>
	9495	</vulnerability>
	9496
	9497	<vulnerability id="http-php-ini-file-exposed" title="PHP Exposed 'ini' File Vulnerability" severity="5" pciSeverity="3" cvssScore="5.0" cvssVector="(AV:N/AC:L/Au:N/C:P/I:N/A:N)" published="20050119T000000000" added="20050119T000000000" modified="20130620T000000000">
	9498	<description>
	9499
	9500	<ContainerBlockElement>
	9501
	9502	<Paragraph>PHP's 'ini' file is exposed inside the 'cgi-bin' directory. This allows any unauthenticated remote user to discover sensitive information about your server(s), including database logins and passwords.</Paragraph>
	9503	</ContainerBlockElement></description>
	9504	<references>
	9505	</references><tags>
	9506	<tag>HTTP</tag>
	9507	<tag>OWASP_2010</tag>
	9508	<tag>OWASP_2013</tag>
	9509	<tag>PHP</tag>
	9510	<tag>Web</tag>
	9511	</tags>
	9512	<solution>
	9513
	9514	<ContainerBlockElement>
	9515	<Paragraph>
	9516	<Paragraph>Consult your HTTP daemon's documentation for instructions on restricting access to this file:</Paragraph>
	9517	<Paragraph>
	9518	<UnorderedList>
	9519	<ListItem>
	9520	<URLLink LinkURL="http://httpd.apache.org/docs/" LinkTitle="http://httpd.apache.org/docs/" href="http://httpd.apache.org/docs/">Apache v1.3.x Documentation</URLLink></ListItem>
	9521	<ListItem>
	9522	<URLLink LinkURL="http://httpd.apache.org/docs-2.0/" LinkTitle="http://httpd.apache.org/docs-2.0/" href="http://httpd.apache.org/docs-2.0/">Apache v2.0.x Documentation</URLLink></ListItem>
	9523	<ListItem>
	9524	<URLLink LinkURL="http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/webapp/iis/default.mspx" LinkTitle="http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/webapp/iis/default.mspx" href="http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/webapp/iis/default.mspx">Microsoft Internet Information Services Documentation</URLLink></ListItem>
	9525	<ListItem>
	9526	<URLLink LinkURL="http://docs.sun.com/db/coll/S1_websvr61_en" LinkTitle="http://docs.sun.com/db/coll/S1_websvr61_en" href="http://docs.sun.com/db/coll/S1_websvr61_en">Sun ONE v6.1 Documentation</URLLink></ListItem></UnorderedList></Paragraph></Paragraph></ContainerBlockElement></solution>
	9527	</vulnerability>
	9528
	9529	<vulnerability id="http-php-xmlrpc-code-injection" title="PHP XML-RPC Code Injection" severity="8" pciSeverity="5" cvssScore="7.5" cvssVector="(AV:N/AC:L/Au:N/C:P/I:P/A:P)" published="20050705T000000000" added="20060318T000000000" modified="20121025T000000000">
	9530	<description>
	9531
	9532	<ContainerBlockElement>
	9533
	9534	<Paragraph>Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier (aka XML-RPC or xmlrpc) and PHPXMLRPC (aka XML-RPC For PHP or php-xmlrpc) 1.1 and earlier, as used in products such as (1) WordPress, (2) Serendipity, (3) Drupal, (4) egroupware, (5) MailWatch, (6) TikiWiki, (7) phpWebSite, (8) Ampache, and others, allows remote attackers to execute arbitrary PHP code via an XML file, which is not properly sanitized before being used in an eval statement.</Paragraph>
	9535	</ContainerBlockElement></description>
	9536	<references>
	9537	<reference source="BID">14088</reference>
	9538	<reference source="CVE">CVE-2005-1921</reference>
	9539	<reference source="DEBIAN">DSA-745</reference>
	9540	<reference source="DEBIAN">DSA-746</reference>
	9541	<reference source="DEBIAN">DSA-747</reference>
	9542	<reference source="DEBIAN">DSA-789</reference>
	9543	<reference source="MANDRAKE">MDKSA-2005:109</reference>
	9544	<reference source="OVAL">OVAL11294</reference>
	9545	<reference source="OVAL">OVAL350</reference>
	9546	<reference source="REDHAT">RHSA-2005:564</reference>
	9547	<reference source="SECUNIA">15810</reference>
	9548	<reference source="SECUNIA">15852</reference>
	9549	<reference source="SECUNIA">15855</reference>
	9550	<reference source="SECUNIA">15861</reference>
	9551	<reference source="SECUNIA">15872</reference>
	9552	<reference source="SECUNIA">15883</reference>
	9553	<reference source="SECUNIA">15884</reference>
	9554	<reference source="SECUNIA">15895</reference>
	9555	<reference source="SECUNIA">15903</reference>
	9556	<reference source="SECUNIA">15904</reference>
	9557	<reference source="SECUNIA">15916</reference>
	9558	<reference source="SECUNIA">15917</reference>
	9559	<reference source="SECUNIA">15922</reference>
	9560	<reference source="SECUNIA">15944</reference>
	9561	<reference source="SECUNIA">15947</reference>
	9562	<reference source="SECUNIA">15957</reference>
	9563	<reference source="SECUNIA">16001</reference>
	9564	<reference source="SECUNIA">16339</reference>
	9565	<reference source="SECUNIA">16693</reference>
	9566	<reference source="SECUNIA">17440</reference>
	9567	<reference source="SECUNIA">17674</reference>
	9568	<reference source="SECUNIA">18003</reference>
	9569	<reference source="SUSE">SUSE-SA:2005:041</reference>
	9570	<reference source="SUSE">SUSE-SA:2005:049</reference>
	9571	<reference source="SUSE">SUSE-SA:2005:051</reference>
	9572	<reference source="URL">http://marc.theaimsgroup.com/?l=bugtraq&m=112008638320145&w=2</reference>
	9573	<reference source="URL">http://marc.theaimsgroup.com/?l=bugtraq&m=112015336720867&w=2</reference>
	9574	<reference source="URL">http://pear.php.net/package/XML_RPC/download/1.3.1</reference>
	9575	<reference source="URL">http://sourceforge.net/project/showfiles.php?group_id=87163</reference>
	9576	<reference source="URL">http://sourceforge.net/project/shownotes.php?release_id=338803</reference>
	9577	<reference source="URL">http://www.ampache.org/announce/3_3_1_2.php</reference>
	9578	<reference source="URL">http://www.drupal.org/security/drupal-sa-2005-003/advisory.txt</reference>
	9579	<reference source="URL">http://www.frsirt.com/english/advisories/2005/2827</reference>
	9580	<reference source="URL">http://www.gulftech.org/?node=research&article_id=00087-07012005</reference>
	9581	<reference source="URL">http://www.hardened-php.net/advisory-022005.php</reference>
	9582	<reference source="URL">http://www.securityfocus.com/archive/1/archive/1/419064/100/0/threaded</reference>
	9583	</references><tags>
	9584	<tag>HTTP</tag>
	9585	<tag>PHP</tag>
	9586	<tag>RPC</tag>
	9587	<tag>Remote Execution</tag>
	9588	<tag>Web</tag>
	9589	</tags>
	9590	<solution>
	9591
	9592	<ContainerBlockElement>
	9593	<Paragraph>
	9594	<Paragraph>If XML-RPC functionality is not required, the xmlrpc.php file should be remove.</Paragraph>
	9595	<Paragraph>Otherwise, the software using the XML-RPC module should be upgraded accordingly.</Paragraph></Paragraph></ContainerBlockElement></solution>
	9596	</vulnerability>
	9597
	9598	<vulnerability id="http-phpmyadmin-account-pma-password-empty" title="phpMyAdmin Credentials: user 'pma' with empty password" severity="10" pciSeverity="5" cvssScore="9.7" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:P)" published="19990101T000000000" added="20100727T000000000" modified="20120717T000000000">
	9599	<description>
	9600
	9601	<ContainerBlockElement>
	9602
	9603	<Paragraph>
	9604	The phpMyAdmin installation is vulnerable to password guessing attacks,
	9605	as it has an account with the username 'pma' and an empty password.
	9606	</Paragraph>
	9607	</ContainerBlockElement></description>
	9608	<references>
	9609	</references><tags>
	9610	<tag>HTTP</tag>
	9611	<tag>PHP</tag>
	9612	<tag>Web</tag>
	9613	</tags>
	9614	<solution>
	9615
	9616	<ContainerBlockElement>
	9617	<Paragraph>
	9618	<Paragraph>
	9619	In the config.inc.php file, either remove the values for
	9620	$cfg['Servers'][$i]['user'] and $cfg['Servers'][$i]['password'] ,
	9621	or set a strong password in the $cfg['Servers'][$i]['password']
	9622	field. Please visit the
	9623
	9624	<URLLink LinkURL="http://wiki.phpmyadmin.net/pma/Auth_types" LinkTitle="http://wiki.phpmyadmin.net/pma/Auth_types" href="http://wiki.phpmyadmin.net/pma/Auth_types">phpMyAdmin wiki</URLLink>
	9625	for more information.
	9626	</Paragraph></Paragraph></ContainerBlockElement></solution>
	9627	</vulnerability>
	9628
	9629	<vulnerability id="http-symantec-scan-engine-file-disclosure" title="Symantec Scan Engine File Disclosure Vulnerability" severity="5" pciSeverity="3" cvssScore="5.0" cvssVector="(AV:N/AC:L/Au:N/C:P/I:N/A:N)" published="20060421T000000000" added="20060421T000000000" modified="20120927T000000000">
	9630	<description>
	9631
	9632	<ContainerBlockElement>
	9633
	9634	<Paragraph>
	9635	There is a vulnerability in Symantec Scan Engine which allows
	9636	unauthenticated remote users to download any file located
	9637	under the Symantec Scan Engine installation directory. For
	9638	instance the configuration file, the scanning logs, as well as
	9639	the current virus definitions can all be accessed by any
	9640	remote user using regular or specially crafted HTTP requests.
	9641	</Paragraph>
	9642	</ContainerBlockElement></description>
	9643	<references>
	9644	<reference source="BID">17637</reference>
	9645	<reference source="CVE">CVE-2006-0232</reference>
	9646	<reference source="SECUNIA">19734</reference>
	9647	<reference source="URL">http://archives.neohapsis.com/archives/vulnwatch/2006-q2/0012.html</reference>
	9648	<reference source="URL">http://www.frsirt.com/english/advisories/2006/1464</reference>
	9649	<reference source="URL">http://www.rapid7.com/advisories/R7-0023.html</reference>
	9650	<reference source="URL">http://www.securityfocus.com/archive/1/archive/1/431728/100/0/threaded</reference>
	9651	<reference source="URL">http://www.securityfocus.com/archive/1/archive/1/431734/100/0/threaded</reference>
	9652	<reference source="URL">http://www.symantec.com/avcenter/security/Content/2006.04.21.html</reference>
	9653	<reference source="XF">sse-unauth-file-access(25974)</reference>
	9654	</references><tags>
	9655	<tag>HTTP</tag>
	9656	<tag>Symantec</tag>
	9657	<tag>Symantec Scan Engine</tag>
	9658	<tag>Virus</tag>
	9659	<tag>Web</tag>
	9660	</tags>
	9661	<solution>
	9662
	9663	<ContainerBlockElement>
	9664	<Paragraph>Download and apply the upgrade from:
	9665	<URLLink LinkURL="http://www.symantec.com/Products/enterprise?c=prodinfo&refId=836" LinkTitle="http://www.symantec.com/Products/enterprise?c=prodinfo&refId=836"></URLLink></Paragraph></ContainerBlockElement></solution>
	9666	</vulnerability>
	9667
	9668	<vulnerability id="http-thttpd-obsolete" title="THTTPD Obsolete Version" severity="9" pciSeverity="5" cvssScore="9.3" cvssVector="(AV:N/AC:M/Au:N/C:C/I:C/A:C)" published="20070404T000000000" added="20070404T000000000" modified="20130503T000000000">
	9669	<description>
	9670
	9671	<ContainerBlockElement>
	9672
	9673	<Paragraph>
	9674	Versions of THTTPD earlier than
	9675	2.0.3 are considered obsolete.
	9676	Later versions contain critical security,
	9677	performance, and compatibility enhancements.
	9678	It is recommended that you
	9679	upgrade your THTTPD
	9680	installation to the latest release.
	9681	</Paragraph>
	9682	</ContainerBlockElement></description>
	9683	<references>
	9684	</references><tags>
	9685	<tag>HTTP</tag>
	9686	<tag>Obsolete Software</tag>
	9687	<tag>Web</tag>
	9688	</tags>
	9689	<solution>
	9690
	9691	<ContainerBlockElement>
	9692	<Paragraph>Download and apply the upgrade from:
	9693	<URLLink LinkURL="http://www.acme.com/software/thttpd/thttpd-2.25b.tar.gz" LinkTitle="http://www.acme.com/software/thttpd/thttpd-2.25b.tar.gz"></URLLink></Paragraph>
	9694	<Paragraph>
	9695	<Paragraph>Upgrade to THTTP v2.25b or later. See the
	9696
	9697	<URLLink LinkURL="http://www.acme.com/software/thttpd/" LinkTitle="http://www.acme.com/software/thttpd/" href="http://www.acme.com/software/thttpd/">Acme THTTPD</URLLink>
	9698	website for more information.
	9699	</Paragraph></Paragraph></ContainerBlockElement></solution>
	9700	</vulnerability>
	9701
	9702	<vulnerability id="http-tomcat-jkstatus-accessible" title="Unprotected Tomcat JK jkstatus management and diagnostics page" severity="5" pciSeverity="3" cvssScore="5.0" cvssVector="(AV:N/AC:L/Au:N/C:P/I:N/A:N)" published="20080512T000000000" added="20080512T000000000" modified="20130620T000000000">
	9703	<description>
	9704
	9705	<ContainerBlockElement>
	9706
	9707	<Paragraph>JK is a technology which allows Apache Tomcat (or related servers like JBoss) to
	9708	run behind another web server such as Apache, IIS, or iPlanet. JK provides a management
	9709	and diagnostics web application called jkstatus that is often activated under the web
	9710	application path /jkstatus.</Paragraph>
	9711
	9712	<Paragraph>The jkstatus application, in addition to allowing remote users to start, stop, and
	9713	reconfigure the JK connector, allows remote clients to view detailed configuration
	9714	information.</Paragraph>
	9715
	9716	<Paragraph>The jkstatus application is rarely needed in production environments and should
	9717	be disabled in most cases. If access to jkstatus is required by remote administrators,
	9718	the jkstatus URL should be configured to require authentication.</Paragraph>
	9719	</ContainerBlockElement></description>
	9720	<references>
	9721	<reference source="URL">http://tomcat.apache.org/connectors-doc-archive/jk2/index.html</reference>
	9722	</references><tags>
	9723	<tag>HTTP</tag>
	9724	<tag>OWASP_2010</tag>
	9725	<tag>OWASP_2013</tag>
	9726	<tag>Web</tag>
	9727	</tags>
	9728	<solution>
	9729
	9730	<ContainerBlockElement>
	9731	<Paragraph>
	9732	<Paragraph>Follow your web server documentation to require a username and password
	9733	to access the /jkstatus page. Note that this protection is usually done
	9734	at the front-end web server level rather than within Tomcat itself.</Paragraph></Paragraph></ContainerBlockElement></solution>
	9735	</vulnerability>
	9736
	9737	<vulnerability id="http-trace-method-enabled" title="HTTP TRACE Method Enabled" severity="6" pciSeverity="3" cvssScore="5.8" cvssVector="(AV:N/AC:M/Au:N/C:P/I:P/A:N)" published="20041101T000000000" added="20041101T000000000" modified="20120731T000000000">
	9738	<description>
	9739
	9740	<ContainerBlockElement>
	9741
	9742	<Paragraph>The HTTP TRACE method is normally used to return the full HTTP request back to the requesting client for proxy-debugging purposes. An attacker can create a webpage using XMLHTTP, ActiveX, or XMLDOM to cause a client to issue a TRACE request and capture the client's cookies. This effectively results in a Cross-Site Scripting attack.</Paragraph>
	9743	</ContainerBlockElement></description>
	9744	<references>
	9745	<reference source="APPLE">APPLE-SA-2009-11-09-1</reference>
	9746	<reference source="BID">15222</reference>
	9747	<reference source="BID">19915</reference>
	9748	<reference source="BID">24456</reference>
	9749	<reference source="BID">36956</reference>
	9750	<reference source="BID">9506</reference>
	9751	<reference source="CERT-VN">867593</reference>
	9752	<reference source="CVE">CVE-2004-2320</reference>
	9753	<reference source="CVE">CVE-2004-2763</reference>
	9754	<reference source="CVE">CVE-2005-3398</reference>
	9755	<reference source="CVE">CVE-2006-4683</reference>
	9756	<reference source="CVE">CVE-2007-3008</reference>
	9757	<reference source="CVE">CVE-2008-7253</reference>
	9758	<reference source="CVE">CVE-2009-2823</reference>
	9759	<reference source="CVE">CVE-2010-0386</reference>
	9760	<reference source="OSVDB">35511</reference>
	9761	<reference source="OSVDB">3726</reference>
	9762	<reference source="OVAL">OVAL1445</reference>
	9763	<reference source="SECUNIA">10726</reference>
	9764	<reference source="SECUNIA">17334</reference>
	9765	<reference source="SECUNIA">21802</reference>
	9766	<reference source="SECUNIA">25636</reference>
	9767	<reference source="URL">http://www.apacheweek.com/issues/03-01-24#news</reference>
	9768	<reference source="URL">http://www.kb.cert.org/vuls/id/867593</reference>
	9769	<reference source="XF">mbedthis-httptrace-xss(34854)</reference>
	9770	<reference source="XF">weblogic-trace-xss(14959)</reference>
	9771	</references><tags>
	9772	<tag>HTTP</tag>
	9773	<tag>Web</tag>
	9774	<tag>XSS</tag>
	9775	</tags>
	9776	<solution>
	9777
	9778	<ContainerBlockElement>
	9779	<UnorderedList>
	9780	<ListItem>
	9781	<Paragraph>Apache HTTPD</Paragraph>
	9782	<Paragraph>
	9783	<Paragraph>Newer versions of Apache (1.3.34 and 2.0.55 and later) provide a
	9784	configuration directive called TraceEnable. To deny TRACE requests,
	9785	add the following line to the server configuration:</Paragraph>
	9786	<Paragraph preformat="true">TraceEnable off</Paragraph>
	9787	<Paragraph>For older versions of the Apache webserver, use the mod_rewrite module to
	9788	deny the TRACE requests:</Paragraph>
	9789	<Paragraph preformat="true">RewriteEngine On
	9790	RewriteCond %{REQUEST_METHOD} ^TRACE
	9791	RewriteRule .* - [F]</Paragraph></Paragraph></ListItem>
	9792	<ListItem>
	9793	<Paragraph>IIS, PWS, Microsoft-IIS, Internet Information Services, Internet Information Services, Microsoft-PWS</Paragraph>
	9794	<Paragraph>
	9795	<Paragraph>For Microsoft Internet Information Services (IIS), you may
	9796	use the URLScan tool, freely available at
	9797
	9798	<URLLink LinkURL="http://www.microsoft.com/technet/security/tools/urlscan.mspx" LinkTitle="http://www.microsoft.com/technet/security/tools/urlscan.mspx" href="http://www.microsoft.com/technet/security/tools/urlscan.mspx">http://www.microsoft.com/technet/security/tools/urlscan.mspx</URLLink></Paragraph></Paragraph></ListItem>
	9799	<ListItem>
	9800	<Paragraph>Java System Web Server, SunONE WebServer, Sun-ONE-Web-Server, iPlanet</Paragraph>
	9801	<Paragraph>
	9802	<UnorderedList>
	9803	<ListItem>
	9804	<Paragraph>For Sun ONE/iPlanet Web Server v6.0 SP2 and later, add the
	9805	following configuration to the top of the default object in the
	9806	'obj.conf' file:</Paragraph>
	9807	<Paragraph preformat="true"><Client method="TRACE">
	9808	AuthTrans fn="set-variable"
	9809	remove-headers="transfer-encoding"
	9810	set-headers="content-length: -1"
	9811	error="501"
	9812	</Client></Paragraph>
	9813	<Paragraph>You must then restart the server for the changes to take effect.</Paragraph></ListItem>
	9814	<ListItem>
	9815	<Paragraph>For Sun ONE/iPlanet Web Server prior to v6.0 SP2, follow the
	9816	instructions provided the 'Relief/Workaround' section of
	9817	Sun's official advisory:
	9818
	9819	<URLLink LinkURL="http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F50603" LinkTitle="http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F50603" href="http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F50603">http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F50603</URLLink></Paragraph></ListItem></UnorderedList></Paragraph></ListItem>
	9820	<ListItem>
	9821	<Paragraph>Lotus Domino</Paragraph>
	9822	<Paragraph>
	9823	<Paragraph>Follow
	9824	<URLLink LinkURL="http://www-1.ibm.com/support/docview.wss?&uid=swg21201202" LinkTitle="http://www-1.ibm.com/support/docview.wss?&uid=swg21201202" href="http://www-1.ibm.com/support/docview.wss?&uid=swg21201202">IBM's instructions</URLLink>
	9825	for disabling HTTP methods on the Domino server by adding the following line to the
	9826	server's NOTES.INI file:</Paragraph>
	9827	<Paragraph preformat="true">HTTPDisableMethods=TRACE</Paragraph>
	9828	<Paragraph>After saving NOTES.INI, restart the Notes web server by issuing the console
	9829	command "tell http restart".</Paragraph></Paragraph></ListItem></UnorderedList></ContainerBlockElement></solution>
	9830	</vulnerability>
	9831
	9832	<vulnerability id="http-track-method-enabled" title="HTTP TRACK Method Enabled" severity="6" pciSeverity="3" cvssScore="5.8" cvssVector="(AV:N/AC:M/Au:N/C:P/I:P/A:N)" published="20031228T000000000" added="20050405T000000000" modified="20120731T000000000">
	9833	<description>
	9834
	9835	<ContainerBlockElement>
	9836
	9837	<Paragraph>The HTTP TRACK method is normally used to return the full HTTP request back to the requesting client for proxy-debugging purposes. An attacker can create a webpage using XMLHTTP, ActiveX, or XMLDOM to cause a client to issue a TRACK request and capture the client's cookies. This effectively results in a Cross-Site Scripting attack.</Paragraph>
	9838	</ContainerBlockElement></description>
	9839	<references>
	9840	<reference source="CERT-VN">288308</reference>
	9841	<reference source="CVE">CVE-2003-1567</reference>
	9842	<reference source="OSVDB">5648</reference>
	9843	<reference source="URL">http://www.aqtronix.com/Advisories/AQ-2003-02.txt</reference>
	9844	</references><tags>
	9845	<tag>HTTP</tag>
	9846	<tag>Web</tag>
	9847	<tag>XSS</tag>
	9848	</tags>
	9849	<solution>
	9850
	9851	<ContainerBlockElement>
	9852	<Paragraph>IIS, PWS, Microsoft-IIS, Internet Information Services, Internet Information Services, Microsoft-PWS</Paragraph>
	9853	<Paragraph>
	9854	<Paragraph>For Microsoft Internet Information Services (IIS), you may
	9855	use the URLScan tool, freely available at
	9856
	9857	<URLLink LinkURL="http://www.microsoft.com/technet/security/tools/urlscan.mspx" LinkTitle="http://www.microsoft.com/technet/security/tools/urlscan.mspx" href="http://www.microsoft.com/technet/security/tools/urlscan.mspx">http://www.microsoft.com/technet/security/tools/urlscan.mspx</URLLink></Paragraph></Paragraph></ContainerBlockElement></solution>
	9858	</vulnerability>
	9859
	9860	<vulnerability id="http-unrestricted-webdav-put-delete" title="Unrestricted WebDAV PUT/DELETE Access" severity="9" pciSeverity="5" cvssScore="9.4" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:N)" published="20050120T000000000" added="20050120T000000000" modified="20130620T000000000">
	9861	<description>
	9862
	9863	<ContainerBlockElement>
	9864
	9865	<Paragraph>Unrestricted WebDAV requests expose a server to defacements and denial of service attacks. If the PUT method can be used by any unauthenticated remote user, arbitrary web pages can be inserted into the web root, or the disk can be filled with meaningless data; if the DELETE method is unprotected, then any file in a DAV-enabled directory can be removed at will.</Paragraph>
	9866	</ContainerBlockElement></description>
	9867	<references>
	9868	</references><tags>
	9869	<tag>Denial of Service</tag>
	9870	<tag>HTTP</tag>
	9871	<tag>OWASP_2010</tag>
	9872	<tag>OWASP_2013</tag>
	9873	<tag>Web</tag>
	9874	</tags>
	9875	<solution>
	9876
	9877	<ContainerBlockElement>
	9878	<Paragraph>
	9879	<Paragraph>For users of the Apache server, access can be restricted to the WebDAVdirectory like so:</Paragraph>
	9880	<Paragraph preformat="true">
	9881	<Location />
	9882	Dav On
	9883	AuthType Basic
	9884	AuthName DAV
	9885	AuthUserFile .htpasswd
	9886	<LimitExcept GET>
	9887	require user someuser
	9888	</LimitExcept>
	9889	</Location>
	9890	</Paragraph>
	9891	<Paragraph>Users of Microsoft IIS should use an authentication method other than Anonymous authentication, and should take
	9892	advantage of other security features of their version of IIS. For more information, refer to the following links
	9893	from Microsoft:
	9894
	9895	<UnorderedList>
	9896	<ListItem>http://support.microsoft.com/kb/323470</ListItem>
	9897	<ListItem>http://technet.microsoft.com/en-us/library/cc778809%28v=ws.10%29.aspx</ListItem>
	9898	<ListItem>http://www.iis.net/configreference/system.webserver/security/requestfiltering</ListItem></UnorderedList></Paragraph></Paragraph></ContainerBlockElement></solution>
	9899	</vulnerability>
	9900
	9901	<vulnerability id="HTTP-UPNP-0001" title="Windows XP UPnP NOTIFY Method LOCATION Header Buffer Overflow" severity="8" pciSeverity="5" cvssScore="7.5" cvssVector="(AV:N/AC:L/Au:N/C:P/I:P/A:P)" published="20011220T000000000" added="20041101T000000000" modified="20120731T000000000">
	9902	<description>
	9903
	9904	<ContainerBlockElement>
	9905
	9906	<Paragraph>Windows XP and some versions of Windows ME and 98 support UPnP
	9907	(Universal Plug and Play). UPnP follows the HTTP syntax, defining
	9908	some new request methods and headers. One of these request types is
	9909	NOTIFY. When a NOTIFY packet is received, the UPnP service can locate
	9910	detailed information about the advertising UPnP service by connecting
	9911	to the URL specified in the LOCATION header. Windows does not
	9912	validate this URL before connecting to it, allowing a buffer overflow
	9913	to occur.</Paragraph>
	9914	</ContainerBlockElement></description>
	9915	<references>
	9916	<reference source="BID">3723</reference>
	9917	<reference source="CERT">CA-2001-37</reference>
	9918	<reference source="CERT-VN">951555</reference>
	9919	<reference source="CIAC">M-030</reference>
	9920	<reference source="CVE">CVE-2001-0876</reference>
	9921	<reference source="MS">MS01-059</reference>
	9922	<reference source="URL">http://marc.theaimsgroup.com/?l=bugtraq&m=100887440810532&w=2</reference>
	9923	<reference source="XF">win-upnp-notify-bo(7721)</reference>
	9924	</references><tags>
	9925	<tag>HTTP</tag>
	9926	<tag>Web</tag>
	9927	</tags>
	9928	<solution>
	9929
	9930	<ContainerBlockElement>
	9931	<Paragraph>Download and apply the patch from:
	9932	<URLLink LinkURL="http://www.microsoft.com/technet/security/bulletin/MS01-059.mspx" LinkTitle="http://www.microsoft.com/technet/security/bulletin/MS01-059.mspx"></URLLink></Paragraph>
	9933	<Paragraph>
	9934	<Paragraph>Microsoft has provided the following patches for this problem.
	9935	For more information, see the
	9936
	9937
	9938
	9939	<URLLink LinkURL="http://www.microsoft.com/technet/security/bulletin/MS01-059.mspx" LinkTitle="http://www.microsoft.com/technet/security/bulletin/MS01-059.mspx" href="http://www.microsoft.com/technet/security/bulletin/MS01-059.mspx">Microsoft advisory</URLLink>.</Paragraph>
	9940	<UnorderedList>
	9941	<ListItem>
	9942	<URLLink LinkURL="http://www.microsoft.com/Downloads/details.aspx?displaylang=en&FamilyID=4F1C2546-9CF8-413D-866F-DD1E5A2D7454" LinkTitle="http://www.microsoft.com/Downloads/details.aspx?displaylang=en&FamilyID=4F1C2546-9CF8-413D-866F-DD1E5A2D7454" href="http://www.microsoft.com/Downloads/details.aspx?displaylang=en&FamilyID=4F1C2546-9CF8-413D-866F-DD1E5A2D7454">Microsoft Windows 98/98SE</URLLink></ListItem>
	9943	<ListItem>
	9944	<URLLink LinkURL="http://download.microsoft.com/download/winme/Update/22940/WinMe/EN-US/314757USAM.EXE" LinkTitle="http://download.microsoft.com/download/winme/Update/22940/WinMe/EN-US/314757USAM.EXE" href="http://download.microsoft.com/download/winme/Update/22940/WinMe/EN-US/314757USAM.EXE">Microsoft Windows ME</URLLink></ListItem>
	9945	<ListItem>
	9946	<URLLink LinkURL="http://www.microsoft.com/Downloads/details.aspx?displaylang=en&FamilyID=D17CBEB5-7478-4147-B4BA-E6CF686A352B" LinkTitle="http://www.microsoft.com/Downloads/details.aspx?displaylang=en&FamilyID=D17CBEB5-7478-4147-B4BA-E6CF686A352B" href="http://www.microsoft.com/Downloads/details.aspx?displaylang=en&FamilyID=D17CBEB5-7478-4147-B4BA-E6CF686A352B">Microsoft Windows XP</URLLink></ListItem></UnorderedList></Paragraph></ContainerBlockElement></solution>
	9947	</vulnerability>
	9948
	9949	<vulnerability id="HTTP-UPNP-0002" title="Windows XP UPnP NOTIFY LOCATION Denial of Service" severity="5" pciSeverity="2" cvssScore="5.0" cvssVector="(AV:N/AC:L/Au:N/C:N/I:N/A:P)" published="20011220T000000000" added="20041101T000000000" modified="20120731T000000000">
	9950	<description>
	9951
	9952	<ContainerBlockElement>
	9953	Windows XP and some versions of Windows ME and 98 support UPnP (Universal Plug and Play). UPnP follows the HTTP syntax, defining some new request methods and headers. One of these request types is NOTIFY. When a NOTIFY packet is received, the UPnP service can locate detailed information about the advertising UPnP service by connecting to the URL specified in the LOCATION header. Windows does not validate this URL, nor the content received from it. By sending invalid data the Windows UPnP service will consume all resources while processing the data.
	9954	</ContainerBlockElement></description>
	9955	<references>
	9956	<reference source="BID">3724</reference>
	9957	<reference source="CERT">CA-2001-37</reference>
	9958	<reference source="CERT-VN">411059</reference>
	9959	<reference source="CIAC">M-030</reference>
	9960	<reference source="CVE">CVE-2001-0877</reference>
	9961	<reference source="MS">MS01-059</reference>
	9962	<reference source="URL">http://marc.theaimsgroup.com/?l=bugtraq</reference>
	9963	<reference source="XF">win-upnp-udp-dos(7722)</reference>
	9964	</references><tags>
	9965	<tag>Denial of Service</tag>
	9966	<tag>HTTP</tag>
	9967	<tag>Web</tag>
	9968	</tags>
	9969	<solution>
	9970
	9971	<ContainerBlockElement>
	9972	<Paragraph>Download and apply the patch from:
	9973	<URLLink LinkURL="http://www.microsoft.com/technet/security/bulletin/MS01-059.mspx" LinkTitle="http://www.microsoft.com/technet/security/bulletin/MS01-059.mspx"></URLLink></Paragraph>
	9974	<Paragraph>
	9975	<Paragraph>Microsoft has provided the following patches for this problem.
	9976	For more information, see the
	9977
	9978
	9979
	9980	<URLLink LinkURL="http://www.microsoft.com/technet/security/bulletin/MS01-059.mspx" LinkTitle="http://www.microsoft.com/technet/security/bulletin/MS01-059.mspx" href="http://www.microsoft.com/technet/security/bulletin/MS01-059.mspx">Microsoft advisory</URLLink>.</Paragraph>
	9981	<UnorderedList>
	9982	<ListItem>
	9983	<URLLink LinkURL="http://www.microsoft.com/Downloads/details.aspx?displaylang=en&FamilyID=4F1C2546-9CF8-413D-866F-DD1E5A2D7454" LinkTitle="http://www.microsoft.com/Downloads/details.aspx?displaylang=en&FamilyID=4F1C2546-9CF8-413D-866F-DD1E5A2D7454" href="http://www.microsoft.com/Downloads/details.aspx?displaylang=en&FamilyID=4F1C2546-9CF8-413D-866F-DD1E5A2D7454">Microsoft Windows 98/98SE</URLLink></ListItem>
	9984	<ListItem>
	9985	<URLLink LinkURL="http://download.microsoft.com/download/winme/Update/22940/WinMe/EN-US/314757USAM.EXE" LinkTitle="http://download.microsoft.com/download/winme/Update/22940/WinMe/EN-US/314757USAM.EXE" href="http://download.microsoft.com/download/winme/Update/22940/WinMe/EN-US/314757USAM.EXE">Microsoft Windows ME</URLLink></ListItem>
	9986	<ListItem>
	9987	<URLLink LinkURL="http://www.microsoft.com/Downloads/details.aspx?displaylang=en&FamilyID=D17CBEB5-7478-4147-B4BA-E6CF686A352B" LinkTitle="http://www.microsoft.com/Downloads/details.aspx?displaylang=en&FamilyID=D17CBEB5-7478-4147-B4BA-E6CF686A352B" href="http://www.microsoft.com/Downloads/details.aspx?displaylang=en&FamilyID=D17CBEB5-7478-4147-B4BA-E6CF686A352B">Microsoft Windows XP</URLLink></ListItem></UnorderedList></Paragraph></ContainerBlockElement></solution>
	9988	</vulnerability>
	9989
	9990	<vulnerability id="http-vignette-app-portal-diag" title="Vignette Application Portal Unauthenticated Diagnostics" severity="5" pciSeverity="3" cvssScore="5.0" cvssVector="(AV:N/AC:L/Au:N/C:P/I:N/A:N)" published="20040928T000000000" added="20050120T000000000" modified="20120731T000000000">
	9991	<description>
	9992
	9993	<ContainerBlockElement>
	9994
	9995	<Paragraph>The Vignette Application Portal allows anyone to retrieve the Vignette diagnostics script. This page contains sensitive information, including operating system version, database connection parameters, usernames, and possibly even authentication information. Besides information gathering, attackers could abuse the diagnostic script to cause CPU and network usage to spike.</Paragraph>
	9996
	9997
	9998
	9999	<Paragraph>See Vignette knowledge base article KB 6947 for more information. Vignette support articles are available only to Vignette customers.</Paragraph>
	10000	</ContainerBlockElement></description>
	10001	<references>
	10002	<reference source="BID">11267</reference>
	10003	<reference source="CVE">CVE-2004-0917</reference>
	10004	<reference source="URL">http://www.atstake.com/research/advisories/2004/a092804-1.txt</reference>
	10005	<reference source="URL">http://xforce.iss.net/xforce/xfdb/17530</reference>
	10006	<reference source="XF">vignette-diagnostic-obtain-info(17530)</reference>
	10007	</references><tags>
	10008	<tag>HTTP</tag>
	10009	<tag>Web</tag>
	10010	</tags>
	10011	<solution>
	10012
	10013	<ContainerBlockElement>
	10014	<Paragraph>
	10015	<Paragraph>Use the web server's access controls to deny anonymous access to the /portal/diag/ web directory and all pages and subdirectories under it. Review your log files for requests targeting this directory, which would indicate possible probing by attackers.</Paragraph></Paragraph></ContainerBlockElement></solution>
	10016	</vulnerability>
	10017
	10018	<vulnerability id="ntp-clock-variables-disclosure" title="NTP clock variables information disclosure" severity="1" pciSeverity="1" cvssScore="0.0" cvssVector="(AV:N/AC:L/Au:N/C:N/I:N/A:N)" published="20090506T000000000" added="20110401T000000000" modified="20120712T000000000">
	10019	<description>
	10020
	10021	<ContainerBlockElement>
	10022
	10023	<Paragraph>
	10024	This sytem allows the internal NTP variables to be queried. These
	10025	variables contain potentially sensitive information, such as the NTP
	10026	software version, operating system version, peers, and more.
	10027	</Paragraph>
	10028	</ContainerBlockElement></description>
	10029	<references>
	10030	</references><tags>
	10031	<tag>Information Gathering</tag>
	10032	<tag>Network</tag>
	10033	</tags>
	10034	<solution>
	10035
	10036	<ContainerBlockElement>
	10037	<UnorderedList>
	10038	<ListItem>
	10039	<Paragraph>
	10040	<Paragraph>
	10041	Apply a restrict option to all hosts that are not authorized to perform
	10042	NTP readvar queries. For example, to deny readvar requests from all clients,
	10043	put the following in the NTP configuration file, typically /etc/ntp.conf, and
	10044	restart the NTP service:
	10045	</Paragraph>
	10046	<Paragraph preformat="true">
	10047	restrict default mask 0.0.0.0 noquery
	10048	</Paragraph></Paragraph></ListItem>
	10049	<ListItem>
	10050	<Paragraph>Cisco</Paragraph>
	10051	<Paragraph>
	10052	<Paragraph>
	10053	Apply an ACL that restricts NTP readvar queries from unauthorized clients,
	10054	as described in the
	10055	<URLLink LinkURL="http://www.cisco.com/en/US/docs/ios/12_1/configfun/configuration/guide/fcd303.html#wp1001299" LinkTitle="http://www.cisco.com/en/US/docs/ios/12_1/configfun/configuration/guide/fcd303.html#wp1001299" href="http://www.cisco.com/en/US/docs/ios/12_1/configfun/configuration/guide/fcd303.html#wp1001299">
	10056	'Configuring NTP Access Restrictions' section of the Cisco IOS documentation</URLLink>.
	10057	</Paragraph>
	10058	<Paragraph>
	10059	Alternatively, if NTP is not required, disable it entirely by running the
	10060	following command:
	10061	</Paragraph>
	10062	<Paragraph preformat="true">
	10063	ntp disable
	10064	</Paragraph></Paragraph></ListItem></UnorderedList></ContainerBlockElement></solution>
	10065	</vulnerability>
	10066
	10067	<vulnerability id="ntpd-crypto-recv-buffer-overflow" title="NTP 'ntpd' Autokey Stack Buffer Overflow Vulnerability" severity="7" pciSeverity="4" cvssScore="6.8" cvssVector="(AV:N/AC:M/Au:N/C:P/I:P/A:P)" published="20090506T000000000" added="20090716T000000000" modified="20120712T000000000">
	10068	<description>
	10069
	10070	<ContainerBlockElement>
	10071
	10072	<Paragraph>
	10073	There exists a stack-based buffer overflow in the crypto_recv function
	10074	found in ntpd before 4.2.4p7 and 4.2.5 before 4.2.5p74. When OpenSSL
	10075	and autokey are enabled, the flaw allows remote attackers to execute
	10076	arbitrary code via a specially crafted packet containing an extension
	10077	field.
	10078	</Paragraph>
	10079	</ContainerBlockElement></description>
	10080	<references>
	10081	<reference source="BID">35017</reference>
	10082	<reference source="CERT-VN">853097</reference>
	10083	<reference source="CVE">CVE-2009-1252</reference>
	10084	<reference source="DEBIAN">DSA-1801</reference>
	10085	<reference source="NETBSD">NetBSD-SA2009-006</reference>
	10086	<reference source="OVAL">OVAL11231</reference>
	10087	<reference source="OVAL">OVAL6307</reference>
	10088	<reference source="REDHAT">RHSA-2009:1039</reference>
	10089	<reference source="REDHAT">RHSA-2009:1040</reference>
	10090	<reference source="SECUNIA">35137</reference>
	10091	<reference source="SECUNIA">35138</reference>
	10092	<reference source="SECUNIA">35166</reference>
	10093	<reference source="SECUNIA">35169</reference>
	10094	<reference source="SECUNIA">35243</reference>
	10095	<reference source="SECUNIA">35253</reference>
	10096	<reference source="SECUNIA">35308</reference>
	10097	<reference source="SECUNIA">35336</reference>
	10098	<reference source="SECUNIA">35388</reference>
	10099	<reference source="SECUNIA">35416</reference>
	10100	<reference source="SECUNIA">35630</reference>
	10101	<reference source="SECUNIA">37470</reference>
	10102	<reference source="SECUNIA">37471</reference>
	10103	<reference source="URL">http://bugs.ntp.org/1151</reference>
	10104	<reference source="URL">http://www.kb.cert.org/vuls/id/853097</reference>
	10105	<reference source="URL">https://lists.ntp.org/pipermail/announce/2009-May/000062.html</reference>
	10106	</references><tags>
	10107	<tag>Network</tag>
	10108	<tag>Remote Execution</tag>
	10109	</tags>
	10110	<solution>
	10111
	10112	<ContainerBlockElement>
	10113	<UnorderedList>
	10114	<ListItem>
	10115	<Paragraph>Download and apply the upgrade from:
	10116	<URLLink LinkURL="http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-4.2.4p7.tar.gz" LinkTitle="http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-4.2.4p7.tar.gz"></URLLink></Paragraph></ListItem>
	10117	<ListItem>
	10118	<Paragraph>Download and apply the upgrade from:
	10119	<URLLink LinkURL="http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-dev/ntp-dev-4.2.5p74.tar.gz" LinkTitle="http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-dev/ntp-dev-4.2.5p74.tar.gz"></URLLink></Paragraph></ListItem>
	10120	<ListItem>
	10121	<Paragraph>
	10122	<Paragraph>
	10123	This vulnerability can be mitigated by removing the
	10124	`crypto pw password` line from the ntp.conf file.
	10125	</Paragraph></Paragraph></ListItem></UnorderedList></ContainerBlockElement></solution>
	10126	</vulnerability>
	10127
	10128	<vulnerability id="openssl-debian-weak-keys" title="Debian's OpenSSL Library Predictable Random Number Generator" severity="8" pciSeverity="5" cvssScore="7.8" cvssVector="(AV:N/AC:L/Au:N/C:C/I:N/A:N)" published="20080513T000000000" added="20080605T000000000" modified="20121003T000000000">
	10129	<description>
	10130
	10131	<ContainerBlockElement>
	10132
	10133	<Paragraph>A weakness has been discovered in the random number generator used by OpenSSL on Debian and Ubuntu systems. As a result of this weakness, certain encryption keys are much more common than they should be, such that an attacker could guess the key through a brute-force attack given minimal knowledge of the system. This particularly affects the use of encryption keys in OpenSSH, OpenVPN and SSL certificates. This vulnerability only affects operating systems which are based on Debian. However, other systems can be indirectly affected if weak keys are imported into them.</Paragraph>
	10134	</ContainerBlockElement></description>
	10135	<references>
	10136	<reference source="BID">29179</reference>
	10137	<reference source="CERT">TA08-137A</reference>
	10138	<reference source="CERT-VN">925211</reference>
	10139	<reference source="CVE">CVE-2008-0166</reference>
	10140	<reference source="DEBIAN">DSA-1571</reference>
	10141	<reference source="DEBIAN">DSA-1576</reference>
	10142	<reference source="SECUNIA">30136</reference>
	10143	<reference source="SECUNIA">30220</reference>
	10144	<reference source="SECUNIA">30221</reference>
	10145	<reference source="SECUNIA">30231</reference>
	10146	<reference source="SECUNIA">30239</reference>
	10147	<reference source="SECUNIA">30249</reference>
	10148	<reference source="URL">http://metasploit.com/users/hdm/tools/debian-openssl/</reference>
	10149	<reference source="URL">http://wiki.debian.org/SSLkeys</reference>
	10150	<reference source="URL">http://www.debian.org/security/2008/dsa-1571</reference>
	10151	<reference source="URL">http://www.debian.org/security/2008/dsa-1576</reference>
	10152	<reference source="URL">http://www.debian.org/security/key-rollover/</reference>
	10153	<reference source="URL">http://www.ubuntu.com/usn/usn-612-1</reference>
	10154	<reference source="URL">http://www.ubuntu.com/usn/usn-612-2</reference>
	10155	<reference source="URL">http://www.ubuntu.com/usn/usn-612-3</reference>
	10156	<reference source="URL">http://www.ubuntu.com/usn/usn-612-4</reference>
	10157	<reference source="URL">http://www.ubuntu.com/usn/usn-612-5</reference>
	10158	<reference source="URL">http://www.ubuntu.com/usn/usn-612-6</reference>
	10159	<reference source="URL">http://www.ubuntu.com/usn/usn-612-7</reference>
	10160	<reference source="URL">http://www.ubuntu.com/usn/usn-612-8</reference>
	10161	<reference source="XF">openssl-rng-weak-security(42375)</reference>
	10162	</references><tags>
	10163	<tag>OpenSSL</tag>
	10164	<tag>SSH</tag>
	10165	<tag>VPN</tag>
	10166	</tags>
	10167	<solution>
	10168
	10169	<ContainerBlockElement>
	10170	<Paragraph>
	10171	<Paragraph>Upgrade the OpenSSL package to the version recomended below to fix the random number generator and stop generating weak keys</Paragraph>
	10172	<UnorderedList>
	10173	<ListItem>For Debian 4.0 etch, upgrade to 0.9.8c-4etch3 </ListItem>
	10174	<ListItem>For Debian testing (lenny), upgrade to 0.9.8g-9</ListItem>
	10175	<ListItem>For Debian unstable (sid), upgrade to 0.9.8g-9</ListItem>
	10176	<ListItem>For Ubuntu 7.0.4 (feisty), upgrade to 0.9.8c-4ubuntu0.3 </ListItem>
	10177	<ListItem>For Ubuntu 7.10 (gusty), upgrade to 0.9.8e-5ubuntu3.2</ListItem>
	10178	<ListItem>For Ubuntu 8.0.4 (hardy), upgrade to 0.9.8g-4ubuntu3.1 </ListItem></UnorderedList>
	10179	<Paragraph>Then regenerate all cryptographic key material which has been created by vulnerable OpenSSL versions on Debian-based systems. Affected keys include SSH server and user keys, OpenVPN keys, DNSSEC keys, keys associated to X.509 certificates, etc.</Paragraph>
	10180	<Paragraph>Optionally, Debian and Ubuntu have released updated OpenSSH, OpenSSL and OpenVPN packages to automatically blacklist known weak keys. It is recomended to install these upgrades on all systems.</Paragraph></Paragraph></ContainerBlockElement></solution>
	10181	</vulnerability>
	10182
	10183	<vulnerability id="spider-adobe-flash-permissive-crossdomain-xml" title="Adobe Flash permissive crossdomain.xml policy" severity="6" pciSeverity="3" cvssScore="5.8" cvssVector="(AV:N/AC:M/Au:N/C:P/I:P/A:N)" published="20070312T000000000" added="20101001T000000000" modified="20130620T000000000">
	10184	<description>
	10185
	10186	<ContainerBlockElement>
	10187
	10188	<Paragraph>Permissive crossdomain.xml policy files allow external Adobe Flash (SWF) scripts to interact with your website.</Paragraph>
	10189
	10190	<Paragraph>Depending on how authorization is restricted on your website, this could inadvertently expose data to other domains or allow invocation of functionality across domains. The cross-domain policy file should permit only domains that can be trusted to make requests that include the user's domain-specific cookies.</Paragraph>
	10191
	10192	<Paragraph>See
	10193	<URLLink LinkURL="http://www.adobe.com/devnet/flashplayer/articles/cross_domain_policy.html" LinkTitle="http://www.adobe.com/devnet/flashplayer/articles/cross_domain_policy.html" href="http://www.adobe.com/devnet/flashplayer/articles/cross_domain_policy.html">Cross-domain policy file usage recommendations for Flash Player</URLLink></Paragraph>
	10194	</ContainerBlockElement></description>
	10195	<references>
	10196	<reference source="URL">http://www.adobe.com/devnet/flashplayer/articles/cross_domain_policy.html</reference>
	10197	</references><tags>
	10198	<tag>Adobe</tag>
	10199	<tag>Adobe Flash</tag>
	10200	<tag>OWASP_2010</tag>
	10201	<tag>OWASP_2013</tag>
	10202	<tag>Policy Violation</tag>
	10203	<tag>Web</tag>
	10204	<tag>Web Spider</tag>
	10205	</tags>
	10206	<solution>
	10207
	10208	<ContainerBlockElement>
	10209	<Paragraph>
	10210	<Paragraph>Edit the crossdomain.xml file, ensuring:</Paragraph>
	10211	<UnorderedList>
	10212	<ListItem>No 'site-control' tags have the "permitted-cross-domain-policies" set to "all"</ListItem>
	10213	<ListItem>No 'allow-access-from' tags have the 'domain' attribute set to '' or '.TLD'</ListItem>
	10214	<ListItem>No 'allow-access-from' tags have the 'secure' attribute set to 'false'</ListItem>
	10215	<ListItem>No 'allow-http-headers-from' tags have the 'domain' attribute set to '' or '.TLD'</ListItem>
	10216	<ListItem>No 'allow-http-headers-from' tags have the 'secure' attribute set to 'false'</ListItem></UnorderedList></Paragraph></ContainerBlockElement></solution>
	10217	</vulnerability>
	10218
	10219	<vulnerability id="ssh-default-account-admin-password-admin" title="Default SSH password: admin password "admin"" severity="10" pciSeverity="5" cvssScore="10.0" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:C)" published="19700101T000000000" added="20130115T000000000" modified="20130115T000000000">
	10220	<description>
	10221
	10222	<ContainerBlockElement>
	10223
	10224	<Paragraph>The admin account uses a password of "admin". This would allow
	10225	anyone to log into the machine via SSH and take complete
	10226	control.</Paragraph>
	10227	</ContainerBlockElement></description>
	10228	<references>
	10229	</references><tags>
	10230	<tag>Default Account</tag>
	10231	<tag>SSH</tag>
	10232	</tags>
	10233	<solution>
	10234
	10235	<ContainerBlockElement>
	10236	<Paragraph>
	10237	<Paragraph>
	10238	Change the password to a non-default value.
	10239	</Paragraph></Paragraph></ContainerBlockElement></solution>
	10240	</vulnerability>
	10241
	10242	<vulnerability id="ssh-default-account-admin-password-password" title="Default SSH password: admin password "password"" severity="10" pciSeverity="5" cvssScore="10.0" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:C)" published="19700101T000000000" added="20090512T000000000" modified="20090512T000000000">
	10243	<description>
	10244
	10245	<ContainerBlockElement>
	10246
	10247	<Paragraph>The admin account uses a password of "password". This would allow
	10248	anyone to log into the machine via SSH and take complete
	10249	control.</Paragraph>
	10250	</ContainerBlockElement></description>
	10251	<references>
	10252	</references><tags>
	10253	<tag>Default Account</tag>
	10254	<tag>SSH</tag>
	10255	</tags>
	10256	<solution>
	10257
	10258	<ContainerBlockElement>
	10259	<Paragraph>
	10260	<Paragraph>
	10261	Change the password to a non-default value.
	10262	</Paragraph></Paragraph></ContainerBlockElement></solution>
	10263	</vulnerability>
	10264
	10265	<vulnerability id="ssh-default-account-guest-password-guest" title="Default SSH password: guest password "guest"" severity="8" pciSeverity="5" cvssScore="7.5" cvssVector="(AV:N/AC:L/Au:N/C:P/I:P/A:P)" published="19980101T000000000" added="20090318T000000000" modified="20100916T000000000">
	10266	<description>
	10267
	10268	<ContainerBlockElement>
	10269
	10270	<Paragraph>A common configuration weakness is to create a
	10271	'guest' user with a password of 'guest'. This is usually a user-level account
	10272	that can be used to SSH into the system.</Paragraph>
	10273	</ContainerBlockElement></description>
	10274	<references>
	10275	</references><tags>
	10276	<tag>Default Account</tag>
	10277	<tag>SSH</tag>
	10278	</tags>
	10279	<solution>
	10280
	10281	<ContainerBlockElement>
	10282	<Paragraph>
	10283	<Paragraph>Use the "passwd" command to set a more secure login password. A good
	10284	password should consist of a mix of lower- and upper-case characters,
	10285	numbers, and punctuation and should be at least 8 characters long.</Paragraph></Paragraph></ContainerBlockElement></solution>
	10286	</vulnerability>
	10287
	10288	<vulnerability id="ssh-default-account-root-no-password" title="Default SSH password: root with blank password" severity="10" pciSeverity="5" cvssScore="10.0" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:C)" published="20041101T000000000" added="20041101T000000000" modified="20120712T000000000">
	10289	<description>
	10290
	10291	<ContainerBlockElement>
	10292
	10293	<Paragraph>The root account uses a blank password. This would allow
	10294	anyone to log into the machine via SSH and take complete
	10295	control.</Paragraph>
	10296	</ContainerBlockElement></description>
	10297	<references>
	10298	</references><tags>
	10299	<tag>Default Account</tag>
	10300	<tag>SSH</tag>
	10301	</tags>
	10302	<solution>
	10303
	10304	<ContainerBlockElement>
	10305	<Paragraph>
	10306	<Paragraph>Use the "passwd" command to set a more secure login password. A good
	10307	password should consist of a mix of lower- and upper-case characters,
	10308	numbers, and punctuation and should be at least 8 characters long.
	10309	You may also want to disable root login via SSH, which you can
	10310	do in OpenSSH by adding the following to sshd.conf:</Paragraph>
	10311	<Paragraph preformat="true">PermitRootLogin: no</Paragraph></Paragraph></ContainerBlockElement></solution>
	10312	</vulnerability>
	10313
	10314	<vulnerability id="ssh-default-account-root-password-password" title="Default SSH password: root password "password"" severity="10" pciSeverity="5" cvssScore="10.0" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:C)" published="20041101T000000000" added="20041101T000000000" modified="20120712T000000000">
	10315	<description>
	10316
	10317	<ContainerBlockElement>
	10318
	10319	<Paragraph>The root account uses a password of "password". This would allow
	10320	anyone to log into the machine via SSH and take complete
	10321	control.</Paragraph>
	10322	</ContainerBlockElement></description>
	10323	<references>
	10324	</references><tags>
	10325	<tag>Default Account</tag>
	10326	<tag>SSH</tag>
	10327	</tags>
	10328	<solution>
	10329
	10330	<ContainerBlockElement>
	10331	<Paragraph>
	10332	<Paragraph>Use the "passwd" command to set a more secure login password. A good
	10333	password should consist of a mix of lower- and upper-case characters,
	10334	numbers, and punctuation and should be at least 8 characters long.
	10335	You may also want to disable root login via SSH, which you can
	10336	do in OpenSSH by adding the following to sshd.conf:</Paragraph>
	10337	<Paragraph preformat="true">PermitRootLogin: no</Paragraph></Paragraph></ContainerBlockElement></solution>
	10338	</vulnerability>
	10339
	10340	<vulnerability id="ssh-default-account-root-password-root" title="Default SSH password: root password "root"" severity="10" pciSeverity="5" cvssScore="10.0" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:C)" published="20100513T000000000" added="20100513T000000000" modified="20120712T000000000">
	10341	<description>
	10342
	10343	<ContainerBlockElement>
	10344
	10345	<Paragraph>The root account uses a password of "root".
	10346	This would allow anyone to log into the machine via SSH and take complete control.</Paragraph>
	10347	</ContainerBlockElement></description>
	10348	<references>
	10349	</references><tags>
	10350	<tag>Default Account</tag>
	10351	<tag>SSH</tag>
	10352	</tags>
	10353	<solution>
	10354
	10355	<ContainerBlockElement>
	10356	<Paragraph>
	10357	<Paragraph>Use the "passwd" command to set a more secure login password. A good
	10358	password should consist of a mix of lower- and upper-case characters,
	10359	numbers, and punctuation and should be at least 8 characters long.
	10360	You may also want to disable root login via SSH, which you can
	10361	do in OpenSSH by adding the following to sshd.conf:</Paragraph>
	10362	<Paragraph preformat="true">PermitRootLogin: no</Paragraph></Paragraph></ContainerBlockElement></solution>
	10363	</vulnerability>
	10364
	10365	<vulnerability id="ssh-default-account-root-password-toor" title="Default SSH password: root password "toor"" severity="10" pciSeverity="5" cvssScore="10.0" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:C)" published="20080624T000000000" added="20080624T000000000" modified="20120712T000000000">
	10366	<description>
	10367
	10368	<ContainerBlockElement>
	10369
	10370	<Paragraph>The root account uses a password of "toor" (which is root spelled backwards).
	10371	This would allow anyone to log into the machine via SSH and take complete control.</Paragraph>
	10372	</ContainerBlockElement></description>
	10373	<references>
	10374	</references><tags>
	10375	<tag>Default Account</tag>
	10376	<tag>SSH</tag>
	10377	</tags>
	10378	<solution>
	10379
	10380	<ContainerBlockElement>
	10381	<Paragraph>
	10382	<Paragraph>Use the "passwd" command to set a more secure login password. A good
	10383	password should consist of a mix of lower- and upper-case characters,
	10384	numbers, and punctuation and should be at least 8 characters long.
	10385	You may also want to disable root login via SSH, which you can
	10386	do in OpenSSH by adding the following to sshd.conf:</Paragraph>
	10387	<Paragraph preformat="true">PermitRootLogin: no</Paragraph></Paragraph></ContainerBlockElement></solution>
	10388	</vulnerability>
	10389
	10390	<vulnerability id="ssh-default-account-vmware-password-vmware" title="Default SSH password: vmware password "vmware"" severity="8" pciSeverity="5" cvssScore="7.5" cvssVector="(AV:N/AC:L/Au:N/C:P/I:P/A:P)" published="20080824T000000000" added="20080824T000000000" modified="20120712T000000000">
	10391	<description>
	10392
	10393	<ContainerBlockElement>
	10394
	10395	<Paragraph>A common configuration weakness in VMWare host or guest systems is to create a
	10396	'vmware' user with a password of 'vmware'. This is usually a user-level account
	10397	that can be used to SSH into the system.</Paragraph>
	10398	</ContainerBlockElement></description>
	10399	<references>
	10400	</references><tags>
	10401	<tag>Default Account</tag>
	10402	<tag>SSH</tag>
	10403	</tags>
	10404	<solution>
	10405
	10406	<ContainerBlockElement>
	10407	<Paragraph>
	10408	<Paragraph>Use the "passwd" command to set a more secure login password. A good
	10409	password should consist of a mix of lower- and upper-case characters,
	10410	numbers, and punctuation and should be at least 8 characters long.</Paragraph></Paragraph></ContainerBlockElement></solution>
	10411	</vulnerability>
	10412
	10413	<vulnerability id="SSH-GENERIC-0003" title="SSH Inc and OpenSSH CRC-32 Integer Overflow Vulnerability" severity="10" pciSeverity="5" cvssScore="10.0" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:C)" published="20010312T000000000" added="20041101T000000000" modified="20121204T000000000">
	10414	<description>
	10415
	10416	<ContainerBlockElement>
	10417	There exists an integer overflow bug in code shared between the ssh daemons of SSH Inc and OpenSSH, which can result in letting an attacker overwrite arbitrary locations in memory. This affects SSH Inc < 2.4.0 and OpenSSH < 2.3.0. Note that it has been reported that this vulnerability is being widely exploited "in the wild".
	10418	</ContainerBlockElement></description>
	10419	<references>
	10420	<reference source="BID">2347</reference>
	10421	<reference source="CERT">CA-2001-35</reference>
	10422	<reference source="CVE">CVE-2001-0144</reference>
	10423	<reference source="OSVDB">503</reference>
	10424	<reference source="OSVDB">795</reference>
	10425	<reference source="URL">http://marc.theaimsgroup.com/?l=bugtraq&m=98168366406903&w=2</reference>
	10426	<reference source="URL">http://razor.bindview.com/publish/advisories/adv_ssh1crc.html</reference>
	10427	<reference source="XF">ssh-deattack-overwrite-memory(6083)</reference>
	10428	</references><tags>
	10429	<tag>SSH</tag>
	10430	</tags>
	10431	<solution>
	10432
	10433	<ContainerBlockElement>
	10434	<Paragraph>Download and apply the upgrade from:
	10435	<URLLink LinkURL="ftp://ftp.ssh.com/pub/ssh/old/ssh-2.4.0.tar.gz" LinkTitle="ftp://ftp.ssh.com/pub/ssh/old/ssh-2.4.0.tar.gz"></URLLink></Paragraph>
	10436	<Paragraph>
	10437	<Paragraph>Upgrade to SSH v2.4.0 or later. See the
	10438
	10439	<URLLink LinkURL="http://www.ssh.com/support/downloads/" LinkTitle="http://www.ssh.com/support/downloads/" href="http://www.ssh.com/support/downloads/">SSH</URLLink>
	10440	website for download information.
	10441	</Paragraph></Paragraph></ContainerBlockElement></solution>
	10442	</vulnerability>
	10443
	10444	<vulnerability id="ssh-iphone-default-account-root-password-alpine" title="Default SSH password: root password "alpine"" severity="10" pciSeverity="5" cvssScore="10.0" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:C)" published="20070701T000000000" added="20091204T000000000" modified="20120712T000000000">
	10445	<description>
	10446
	10447	<ContainerBlockElement>
	10448
	10449	<Paragraph>
	10450	The root account uses a password of "alpine". This would allow
	10451	anyone to log into the machine via SSH and take complete control. This
	10452	default account exists on some jailbroken iPhone and iPod Touch devices.
	10453	</Paragraph>
	10454	</ContainerBlockElement></description>
	10455	<references>
	10456	</references><tags>
	10457	<tag>Default Account</tag>
	10458	<tag>SSH</tag>
	10459	</tags>
	10460	<solution>
	10461
	10462	<ContainerBlockElement>
	10463	<Paragraph>
	10464	<Paragraph>Use the "passwd" command to set a more secure login password. A good
	10465	password should consist of a mix of lower- and upper-case characters,
	10466	numbers, and punctuation and should be at least 8 characters long.
	10467	You may also want to disable root login via SSH, which you can
	10468	do in OpenSSH by adding the following to sshd.conf:</Paragraph>
	10469	<Paragraph preformat="true">PermitRootLogin: no</Paragraph></Paragraph></ContainerBlockElement></solution>
	10470	</vulnerability>
	10471
	10472	<vulnerability id="ssh-iphone-default-account-root-password-dottie" title="Default SSH password: root password "dottie"" severity="10" pciSeverity="5" cvssScore="10.0" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:C)" published="20070701T000000000" added="20091204T000000000" modified="20120712T000000000">
	10473	<description>
	10474
	10475	<ContainerBlockElement>
	10476
	10477	<Paragraph>
	10478	The root account uses a password of "dottie". This would allow
	10479	anyone to log into the machine via SSH and take complete control. This
	10480	default account exists on some jailbroken iPhone and iPod Touch devices.
	10481	</Paragraph>
	10482	</ContainerBlockElement></description>
	10483	<references>
	10484	</references><tags>
	10485	<tag>Default Account</tag>
	10486	<tag>SSH</tag>
	10487	</tags>
	10488	<solution>
	10489
	10490	<ContainerBlockElement>
	10491	<Paragraph>
	10492	<Paragraph>Use the "passwd" command to set a more secure login password. A good
	10493	password should consist of a mix of lower- and upper-case characters,
	10494	numbers, and punctuation and should be at least 8 characters long.
	10495	You may also want to disable root login via SSH, which you can
	10496	do in OpenSSH by adding the following to sshd.conf:</Paragraph>
	10497	<Paragraph preformat="true">PermitRootLogin: no</Paragraph></Paragraph></ContainerBlockElement></solution>
	10498	</vulnerability>
	10499
	10500	<vulnerability id="SSH-OPENSSH-0001" title="OpenSSH Channel Code Off By One Vulnerability" severity="10" pciSeverity="5" cvssScore="10.0" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:C)" published="20020315T000000000" added="20041101T000000000" modified="20130822T000000000">
	10501	<description>
	10502
	10503	<ContainerBlockElement>
	10504
	10505	<Paragraph>Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.</Paragraph>
	10506	</ContainerBlockElement></description>
	10507	<references>
	10508	<reference source="BID">4241</reference>
	10509	<reference source="CALDERA">CSSA-2002-012.0</reference>
	10510	<reference source="CALDERA">CSSA-2002-SCO.10</reference>
	10511	<reference source="CALDERA">CSSA-2002-SCO.11</reference>
	10512	<reference source="CONECTIVA">CLA-2002:467</reference>
	10513	<reference source="CVE">CVE-2002-0083</reference>
	10514	<reference source="DEBIAN">DSA-119</reference>
	10515	<reference source="MANDRAKE">MDKSA-2002:019</reference>
	10516	<reference source="NETBSD">NetBSD-SA2002-004</reference>
	10517	<reference source="OSVDB">730</reference>
	10518	<reference source="REDHAT">RHSA-2002:043</reference>
	10519	<reference source="SUSE">SuSE-SA:2002:009</reference>
	10520	<reference source="XF">8383</reference>
	10521	</references><tags>
	10522	<tag>OpenSSH</tag>
	10523	<tag>SSH</tag>
	10524	</tags>
	10525	<solution>
	10526
	10527	<ContainerBlockElement>
	10528	<Paragraph>Download and apply the upgrade from:
	10529	<URLLink LinkURL="ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH" LinkTitle="ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH"></URLLink></Paragraph>
	10530	<Paragraph>
	10531	<Paragraph>The latest version of OpenSSH is 6.4.</Paragraph>
	10532	<Paragraph>
	10533	While you can always
	10534	<URLLink LinkURL="http://www.openssh.com/portable.html" LinkTitle="http://www.openssh.com/portable.html" href="http://www.openssh.com/portable.html">build OpenSSH from source</URLLink>,
	10535	many platforms and distributions provide pre-built binary packages for OpenSSH. These pre-built
	10536	packages are usually customized and optimized for a particular distribution, therefore we
	10537	recommend that you use the packages if they are available for your operating system.
	10538	</Paragraph></Paragraph></ContainerBlockElement></solution>
	10539	</vulnerability>
	10540
	10541	<vulnerability id="SSH-OPENSSH-0002" title="OpenSSH UseLogin Vulnerability" severity="7" pciSeverity="5" cvssScore="7.2" cvssVector="(AV:L/AC:L/Au:N/C:C/I:C/A:C)" published="20011221T000000000" added="20041101T000000000" modified="20130822T000000000">
	10542	<description>
	10543
	10544	<ContainerBlockElement>
	10545
	10546	<Paragraph>OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges.</Paragraph>
	10547	</ContainerBlockElement></description>
	10548	<references>
	10549	<reference source="BID">3614</reference>
	10550	<reference source="CALDERA">CSSA-2001-042.1</reference>
	10551	<reference source="CERT-VN">157447</reference>
	10552	<reference source="CIAC">M-026</reference>
	10553	<reference source="CONECTIVA">CLA-2001:446</reference>
	10554	<reference source="CVE">CVE-2001-0872</reference>
	10555	<reference source="DEBIAN">DSA-091</reference>
	10556	<reference source="MANDRAKE">MDKSA-2001:092</reference>
	10557	<reference source="OSVDB">688</reference>
	10558	<reference source="REDHAT">RHSA-2001:161</reference>
	10559	<reference source="SUSE">SuSE-SA:2001:045</reference>
	10560	<reference source="XF">7647</reference>
	10561	</references><tags>
	10562	<tag>OpenSSH</tag>
	10563	<tag>Privilege Escalation</tag>
	10564	<tag>SSH</tag>
	10565	</tags>
	10566	<solution>
	10567
	10568	<ContainerBlockElement>
	10569	<Paragraph>Download and apply the upgrade from:
	10570	<URLLink LinkURL="ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH" LinkTitle="ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH"></URLLink></Paragraph>
	10571	<Paragraph>
	10572	<Paragraph>The latest version of OpenSSH is 6.4.</Paragraph>
	10573	<Paragraph>
	10574	While you can always
	10575	<URLLink LinkURL="http://www.openssh.com/portable.html" LinkTitle="http://www.openssh.com/portable.html" href="http://www.openssh.com/portable.html">build OpenSSH from source</URLLink>,
	10576	many platforms and distributions provide pre-built binary packages for OpenSSH. These pre-built
	10577	packages are usually customized and optimized for a particular distribution, therefore we
	10578	recommend that you use the packages if they are available for your operating system.
	10579	</Paragraph></Paragraph></ContainerBlockElement></solution>
	10580	</vulnerability>
	10581
	10582	<vulnerability id="SSH-OPENSSH-0003" title="OpenSSH Kerberos Authentication Bypass Vulnerability" severity="8" pciSeverity="5" cvssScore="7.5" cvssVector="(AV:N/AC:L/Au:N/C:P/I:P/A:P)" published="20011231T000000000" added="20041101T000000000" modified="20130822T000000000">
	10583	<description>
	10584
	10585	<ContainerBlockElement>
	10586
	10587	<Paragraph>OpenSSH before 3.0.1 with Kerberos V enabled does not properly authenticate users, which could allow remote attackers to login unchallenged.</Paragraph>
	10588	</ContainerBlockElement></description>
	10589	<references>
	10590	<reference source="BID">3560</reference>
	10591	<reference source="CVE">CVE-2001-1507</reference>
	10592	<reference source="XF">7598</reference>
	10593	</references><tags>
	10594	<tag>OpenSSH</tag>
	10595	<tag>SSH</tag>
	10596	</tags>
	10597	<solution>
	10598
	10599	<ContainerBlockElement>
	10600	<Paragraph>OpenBSD OpenSSH < 3.0.1</Paragraph>
	10601	<Paragraph>Download and apply the upgrade from:
	10602	<URLLink LinkURL="ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH" LinkTitle="ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH"></URLLink></Paragraph>
	10603	<Paragraph>
	10604	<Paragraph>
	10605	While you can always
	10606	<URLLink LinkURL="http://www.openssh.com/portable.html" LinkTitle="http://www.openssh.com/portable.html" href="http://www.openssh.com/portable.html">build OpenSSH from source</URLLink>,
	10607	many platforms and distributions provide pre-built binary packages for OpenSSH. These pre-built
	10608	packages are usually customized and optimized for a particular distribution, therefore we
	10609	recommend that you use the packages if they are available for your operating system.
	10610	</Paragraph></Paragraph></ContainerBlockElement></solution>
	10611	</vulnerability>
	10612
	10613	<vulnerability id="SSH-OPENSSH-0004" title="OpenSSH IP Restriction Bypass Vulnerability" severity="7" pciSeverity="4" cvssScore="6.5" cvssVector="(AV:N/AC:L/Au:S/C:P/I:P/A:P)" published="20011018T000000000" added="20041101T000000000" modified="20121205T000000000">
	10614	<description>
	10615
	10616	<ContainerBlockElement>
	10617
	10618	<Paragraph>OpenSSH versions previous to v2.9.9 contain a vulnerability which allows
	10619	a remote attacker to bypass the IP restrictions. Note that valid
	10620	credentials are still required to log in.</Paragraph>
	10621	</ContainerBlockElement></description>
	10622	<references>
	10623	</references><tags>
	10624	<tag>SSH</tag>
	10625	</tags>
	10626	<solution>
	10627
	10628	<ContainerBlockElement>
	10629	<Paragraph>Download and apply the upgrade from:
	10630	<URLLink LinkURL="ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH" LinkTitle="ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH"></URLLink></Paragraph>
	10631	<Paragraph>
	10632	<Paragraph>The latest version of OpenSSH is 6.4.</Paragraph>
	10633	<Paragraph>
	10634	While you can always
	10635	<URLLink LinkURL="http://www.openssh.com/portable.html" LinkTitle="http://www.openssh.com/portable.html" href="http://www.openssh.com/portable.html">build OpenSSH from source</URLLink>,
	10636	many platforms and distributions provide pre-built binary packages for OpenSSH. These pre-built
	10637	packages are usually customized and optimized for a particular distribution, therefore we
	10638	recommend that you use the packages if they are available for your operating system.
	10639	</Paragraph></Paragraph></ContainerBlockElement></solution>
	10640	</vulnerability>
	10641
	10642	<vulnerability id="SSH-OPENSSH-0005" title="OpenSSH PAM Restriction Evasion Vulnerability" severity="8" pciSeverity="5" cvssScore="7.5" cvssVector="(AV:N/AC:L/Au:N/C:P/I:P/A:P)" published="20010619T000000000" added="20041101T000000000" modified="20130822T000000000">
	10643	<description>
	10644
	10645	<ContainerBlockElement>
	10646
	10647	<Paragraph>OpenSSH 2.9 and earlier does not initiate a Pluggable Authentication Module (PAM) session if commands are executed with no pty, which allows local users to bypass resource limits (rlimits) set in pam.d.</Paragraph>
	10648	</ContainerBlockElement></description>
	10649	<references>
	10650	<reference source="BID">2917</reference>
	10651	<reference source="CERT-VN">797027</reference>
	10652	<reference source="CVE">CVE-2001-1459</reference>
	10653	<reference source="XF">6757</reference>
	10654	</references><tags>
	10655	<tag>OpenSSH</tag>
	10656	<tag>SSH</tag>
	10657	</tags>
	10658	<solution>
	10659
	10660	<ContainerBlockElement>
	10661	<Paragraph>Download and apply the upgrade from:
	10662	<URLLink LinkURL="ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH" LinkTitle="ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH"></URLLink></Paragraph>
	10663	<Paragraph>
	10664	<Paragraph>The latest version of OpenSSH is 6.4.</Paragraph>
	10665	<Paragraph>
	10666	While you can always
	10667	<URLLink LinkURL="http://www.openssh.com/portable.html" LinkTitle="http://www.openssh.com/portable.html" href="http://www.openssh.com/portable.html">build OpenSSH from source</URLLink>,
	10668	many platforms and distributions provide pre-built binary packages for OpenSSH. These pre-built
	10669	packages are usually customized and optimized for a particular distribution, therefore we
	10670	recommend that you use the packages if they are available for your operating system.
	10671	</Paragraph></Paragraph></ContainerBlockElement></solution>
	10672	</vulnerability>
	10673
	10674	<vulnerability id="SSH-OPENSSH-0006" title="OpenSSH Public Key Authentication Vulnerability" severity="10" pciSeverity="5" cvssScore="10.0" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:C)" published="20011231T000000000" added="20041101T000000000" modified="20121205T000000000">
	10675	<description>
	10676
	10677	<ContainerBlockElement>
	10678
	10679	<Paragraph>OpenSSH v2.3.1, if set up to only allow public-key based
	10680	authentication, allows a remote attacker to log in without a valid
	10681	corresponding private key. It is possible to attain any priviledge
	10682	level with this vulnerability, even root. Note that this vulnerability
	10683	exists only in v2.3.1.</Paragraph>
	10684	</ContainerBlockElement></description>
	10685	<references>
	10686	</references><tags>
	10687	<tag>SSH</tag>
	10688	</tags>
	10689	<solution>
	10690
	10691	<ContainerBlockElement>
	10692	<Paragraph>Download and apply the upgrade from:
	10693	<URLLink LinkURL="ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH" LinkTitle="ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH"></URLLink></Paragraph>
	10694	<Paragraph>
	10695	<Paragraph>The latest version of OpenSSH is 6.4.</Paragraph>
	10696	<Paragraph>
	10697	While you can always
	10698	<URLLink LinkURL="http://www.openssh.com/portable.html" LinkTitle="http://www.openssh.com/portable.html" href="http://www.openssh.com/portable.html">build OpenSSH from source</URLLink>,
	10699	many platforms and distributions provide pre-built binary packages for OpenSSH. These pre-built
	10700	packages are usually customized and optimized for a particular distribution, therefore we
	10701	recommend that you use the packages if they are available for your operating system.
	10702	</Paragraph></Paragraph></ContainerBlockElement></solution>
	10703	</vulnerability>
	10704
	10705	<vulnerability id="SSH-OPENSSH-0007" title="OpenSSH UseLogin SetUID Vulnerability" severity="10" pciSeverity="5" cvssScore="10.0" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:C)" published="20000608T000000000" added="20041101T000000000" modified="20130822T000000000">
	10706	<description>
	10707
	10708	<ContainerBlockElement>
	10709
	10710	<Paragraph>OpenSSH does not properly drop privileges when the UseLogin option is enabled, which allows local users to execute arbitrary commands by providing the command to the ssh daemon.</Paragraph>
	10711	</ContainerBlockElement></description>
	10712	<references>
	10713	<reference source="BID">1334</reference>
	10714	<reference source="CVE">CVE-2000-0525</reference>
	10715	<reference source="OSVDB">341</reference>
	10716	<reference source="XF">4646</reference>
	10717	</references><tags>
	10718	<tag>OpenSSH</tag>
	10719	<tag>Remote Execution</tag>
	10720	<tag>SSH</tag>
	10721	</tags>
	10722	<solution>
	10723
	10724	<ContainerBlockElement>
	10725	<Paragraph>OpenBSD OpenSSH < 2.1.1</Paragraph>
	10726	<Paragraph>Download and apply the upgrade from:
	10727	<URLLink LinkURL="ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH" LinkTitle="ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH"></URLLink></Paragraph>
	10728	<Paragraph>
	10729	<Paragraph>
	10730	While you can always
	10731	<URLLink LinkURL="http://www.openssh.com/portable.html" LinkTitle="http://www.openssh.com/portable.html" href="http://www.openssh.com/portable.html">build OpenSSH from source</URLLink>,
	10732	many platforms and distributions provide pre-built binary packages for OpenSSH. These pre-built
	10733	packages are usually customized and optimized for a particular distribution, therefore we
	10734	recommend that you use the packages if they are available for your operating system.
	10735	</Paragraph></Paragraph></ContainerBlockElement></solution>
	10736	</vulnerability>
	10737
	10738	<vulnerability id="SSH-OPENSSH-0008" title="OpenSSH Kerberos AFS Buffer Overflow Vulnerability" severity="8" pciSeverity="5" cvssScore="7.5" cvssVector="(AV:N/AC:L/Au:N/C:P/I:P/A:P)" published="20020618T000000000" added="20041101T000000000" modified="20130822T000000000">
	10739	<description>
	10740
	10741	<ContainerBlockElement>
	10742
	10743	<Paragraph>
	10744	OpenSSH < 3.2.2 contains a buffer overflow in the Kerberos/AFS
	10745	support code. In versions < 2.9.9, this can be used to gain a
	10746	root shell remotely. In versions < 3.2.2, only a local user can
	10747	gain a root shell.
	10748	</Paragraph>
	10749
	10750	<Paragraph>
	10751	Note that Kerberos/AFS support is not enabled by default. Additionally,
	10752	vendor-supplied patches may have already been applied, even though this
	10753	test cannot discern their presence.
	10754	</Paragraph>
	10755
	10756	</ContainerBlockElement></description>
	10757	<references>
	10758	<reference source="BID">4560</reference>
	10759	<reference source="CALDERA">CSSA-2002-022.2</reference>
	10760	<reference source="CVE">CVE-2002-0575</reference>
	10761	<reference source="OSVDB">781</reference>
	10762	<reference source="XF">8896</reference>
	10763	</references><tags>
	10764	<tag>OpenSSH</tag>
	10765	<tag>SSH</tag>
	10766	</tags>
	10767	<solution>
	10768
	10769	<ContainerBlockElement>
	10770	<Paragraph>OpenBSD OpenSSH < 3.2.2</Paragraph>
	10771	<Paragraph>Download and apply the upgrade from:
	10772	<URLLink LinkURL="ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH" LinkTitle="ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH"></URLLink></Paragraph>
	10773	<Paragraph>
	10774	<Paragraph>
	10775	While you can always
	10776	<URLLink LinkURL="http://www.openssh.com/portable.html" LinkTitle="http://www.openssh.com/portable.html" href="http://www.openssh.com/portable.html">build OpenSSH from source</URLLink>,
	10777	many platforms and distributions provide pre-built binary packages for OpenSSH. These pre-built
	10778	packages are usually customized and optimized for a particular distribution, therefore we
	10779	recommend that you use the packages if they are available for your operating system.
	10780	</Paragraph></Paragraph></ContainerBlockElement></solution>
	10781	</vulnerability>
	10782
	10783	<vulnerability id="SSH-OPENSSH-0009" title="OpenSSH BSD_AUTH Authentication Confusion Vulnerability" severity="8" pciSeverity="5" cvssScore="7.5" cvssVector="(AV:N/AC:L/Au:N/C:P/I:P/A:P)" published="20020812T000000000" added="20041101T000000000" modified="20130822T000000000">
	10784	<description>
	10785
	10786	<ContainerBlockElement>
	10787
	10788	<Paragraph>sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain conditions, may allow users to successfully authenticate and log in with another user's password.</Paragraph>
	10789	</ContainerBlockElement></description>
	10790	<references>
	10791	<reference source="BID">4803</reference>
	10792	<reference source="CVE">CVE-2002-0765</reference>
	10793	<reference source="OSVDB">5113</reference>
	10794	<reference source="XF">9215</reference>
	10795	</references><tags>
	10796	<tag>OpenSSH</tag>
	10797	<tag>SSH</tag>
	10798	</tags>
	10799	<solution>
	10800
	10801	<ContainerBlockElement>
	10802	<Paragraph>OpenBSD OpenSSH < 3.4</Paragraph>
	10803	<Paragraph>Download and apply the upgrade from:
	10804	<URLLink LinkURL="ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH" LinkTitle="ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH"></URLLink></Paragraph>
	10805	<Paragraph>
	10806	<Paragraph>
	10807	While you can always
	10808	<URLLink LinkURL="http://www.openssh.com/portable.html" LinkTitle="http://www.openssh.com/portable.html" href="http://www.openssh.com/portable.html">build OpenSSH from source</URLLink>,
	10809	many platforms and distributions provide pre-built binary packages for OpenSSH. These pre-built
	10810	packages are usually customized and optimized for a particular distribution, therefore we
	10811	recommend that you use the packages if they are available for your operating system.
	10812	</Paragraph></Paragraph></ContainerBlockElement></solution>
	10813	</vulnerability>
	10814
	10815	<vulnerability id="SSH-OPENSSH-0010" title="OpenSSH Challenge-Response Buffer Overflow" severity="10" pciSeverity="5" cvssScore="10.0" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:C)" published="20020703T000000000" added="20041101T000000000" modified="20121205T000000000">
	10816	<description>
	10817
	10818	<ContainerBlockElement>
	10819
	10820	<Paragraph>There exist multiple buffer overflows in the OpenSSH daemon during the
	10821	challenge-response handshake when compiled with BSD_AUTH or SKEY support.
	10822	Authentication is not required, and successful exploitation of this
	10823	vulnerability yields root access.</Paragraph>
	10824	</ContainerBlockElement></description>
	10825	<references>
	10826	<reference source="BID">5093</reference>
	10827	<reference source="CALDERA">CSSA-2002-030.0</reference>
	10828	<reference source="CERT">CA-2002-18</reference>
	10829	<reference source="CERT-VN">369347</reference>
	10830	<reference source="CONECTIVA">CLA-2002:502</reference>
	10831	<reference source="CVE">CVE-2002-0639</reference>
	10832	<reference source="CVE">CVE-2002-0640</reference>
	10833	<reference source="DEBIAN">DSA-134</reference>
	10834	<reference source="MANDRAKE">MDKSA-2002:040</reference>
	10835	<reference source="OSVDB">6245</reference>
	10836	<reference source="OSVDB">839</reference>
	10837	<reference source="REDHAT">RHSA-2002:127</reference>
	10838	<reference source="REDHAT">RHSA-2002:131</reference>
	10839	<reference source="SUSE">SuSE-SA:2002:024</reference>
	10840	<reference source="XF">openssh-challenge-response-bo(9169)</reference>
	10841	</references><tags>
	10842	<tag>SSH</tag>
	10843	</tags>
	10844	<solution>
	10845
	10846	<ContainerBlockElement>
	10847	<UnorderedList>
	10848	<ListItem>
	10849	<Paragraph>OpenBSD OpenSSH < 3.4</Paragraph>
	10850	<Paragraph>Download and apply the upgrade from:
	10851	<URLLink LinkURL="ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH" LinkTitle="ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH"></URLLink></Paragraph>
	10852	<Paragraph>
	10853	<Paragraph>
	10854	While you can always
	10855	<URLLink LinkURL="http://www.openssh.com/portable.html" LinkTitle="http://www.openssh.com/portable.html" href="http://www.openssh.com/portable.html">build OpenSSH from source</URLLink>,
	10856	many platforms and distributions provide pre-built binary packages for OpenSSH. These pre-built
	10857	packages are usually customized and optimized for a particular distribution, therefore we
	10858	recommend that you use the packages if they are available for your operating system.
	10859	</Paragraph></Paragraph></ListItem>
	10860	<ListItem>
	10861	<Paragraph>Download and apply the upgrade from:
	10862	<URLLink LinkURL="ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH" LinkTitle="ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH"></URLLink></Paragraph>
	10863	<Paragraph>
	10864	<Paragraph>The latest version of OpenSSH is 6.4.</Paragraph>
	10865	<Paragraph>
	10866	While you can always
	10867	<URLLink LinkURL="http://www.openssh.com/portable.html" LinkTitle="http://www.openssh.com/portable.html" href="http://www.openssh.com/portable.html">build OpenSSH from source</URLLink>,
	10868	many platforms and distributions provide pre-built binary packages for OpenSSH. These pre-built
	10869	packages are usually customized and optimized for a particular distribution, therefore we
	10870	recommend that you use the packages if they are available for your operating system.
	10871	</Paragraph></Paragraph></ListItem></UnorderedList></ContainerBlockElement></solution>
	10872	</vulnerability>
	10873
	10874	<vulnerability id="ssh-openssh-pam-multiple-vulns" title="OpenSSH Portable Branch Multiple Unspecified PAM Vulnerabilities" severity="9" pciSeverity="5" cvssScore="9.3" cvssVector="(AV:N/AC:M/Au:N/C:C/I:C/A:C)" published="20041101T000000000" added="20041101T000000000" modified="20121205T000000000">
	10875	<description>
	10876
	10877	<ContainerBlockElement>
	10878
	10879	<Paragraph>Multiple unspecified PAM-related vulnerabilities were announced on September 23rd, 2003. These
	10880	vulnerabilities affect the portable branch of OpenSSH versions 3.7.1p1 and earlier,
	10881	if PAM is enabled.</Paragraph>
	10882	</ContainerBlockElement></description>
	10883	<references>
	10884	<reference source="URL">http://www.openssh.com/txt/sshpam.adv</reference>
	10885	</references><tags>
	10886	<tag>OpenSSH</tag>
	10887	<tag>SSH</tag>
	10888	</tags>
	10889	<solution>
	10890
	10891	<ContainerBlockElement>
	10892	<Paragraph>Download and apply the upgrade from:
	10893	<URLLink LinkURL="ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH" LinkTitle="ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH"></URLLink></Paragraph>
	10894	<Paragraph>
	10895	<Paragraph>The latest version of OpenSSH is 6.4.</Paragraph>
	10896	<Paragraph>
	10897	While you can always
	10898	<URLLink LinkURL="http://www.openssh.com/portable.html" LinkTitle="http://www.openssh.com/portable.html" href="http://www.openssh.com/portable.html">build OpenSSH from source</URLLink>,
	10899	many platforms and distributions provide pre-built binary packages for OpenSSH. These pre-built
	10900	packages are usually customized and optimized for a particular distribution, therefore we
	10901	recommend that you use the packages if they are available for your operating system.
	10902	</Paragraph></Paragraph></ContainerBlockElement></solution>
	10903	</vulnerability>
	10904
	10905	<vulnerability id="ssh-openssh-valid-username-info-leak" title="OpenSSH Valid Username Information Leak" severity="4" pciSeverity="3" cvssScore="4.3" cvssVector="(AV:N/AC:M/Au:N/C:P/I:N/A:N)" published="20041101T000000000" added="20041101T000000000" modified="20121205T000000000">
	10906	<description>
	10907
	10908	<ContainerBlockElement>
	10909
	10910	<Paragraph>In certain situations, it is possible to determine if a username exists on the target system by analyzing differences in response timings from the OpenSSH server. While not a vulnerability in and of itself, this information may simplify more complex attacks against the system.</Paragraph>
	10911	</ContainerBlockElement></description>
	10912	<references>
	10913	</references><tags>
	10914	<tag>OpenSSH</tag>
	10915	<tag>SSH</tag>
	10916	</tags>
	10917	<solution>
	10918
	10919	<ContainerBlockElement>
	10920	<UnorderedList>
	10921	<ListItem>
	10922	<Paragraph>OpenBSD OpenSSH < 3.1</Paragraph>
	10923	<Paragraph>Download and apply the upgrade from:
	10924	<URLLink LinkURL="ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH" LinkTitle="ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH"></URLLink></Paragraph>
	10925	<Paragraph>
	10926	<Paragraph>
	10927	While you can always
	10928	<URLLink LinkURL="http://www.openssh.com/portable.html" LinkTitle="http://www.openssh.com/portable.html" href="http://www.openssh.com/portable.html">build OpenSSH from source</URLLink>,
	10929	many platforms and distributions provide pre-built binary packages for OpenSSH. These pre-built
	10930	packages are usually customized and optimized for a particular distribution, therefore we
	10931	recommend that you use the packages if they are available for your operating system.
	10932	</Paragraph></Paragraph></ListItem>
	10933	<ListItem>
	10934	<Paragraph>Download and apply the upgrade from:
	10935	<URLLink LinkURL="ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH" LinkTitle="ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH"></URLLink></Paragraph>
	10936	<Paragraph>
	10937	<Paragraph>The latest version of OpenSSH is 6.4.</Paragraph>
	10938	<Paragraph>
	10939	While you can always
	10940	<URLLink LinkURL="http://www.openssh.com/portable.html" LinkTitle="http://www.openssh.com/portable.html" href="http://www.openssh.com/portable.html">build OpenSSH from source</URLLink>,
	10941	many platforms and distributions provide pre-built binary packages for OpenSSH. These pre-built
	10942	packages are usually customized and optimized for a particular distribution, therefore we
	10943	recommend that you use the packages if they are available for your operating system.
	10944	</Paragraph></Paragraph></ListItem></UnorderedList></ContainerBlockElement></solution>
	10945	</vulnerability>
	10946
	10947	<vulnerability id="ssh-pragma-sshredder-overflow" title="Pragma SecureShell SSHredder buffer overflow" severity="10" pciSeverity="5" cvssScore="10.0" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:C)" published="20021223T000000000" added="20041101T000000000" modified="20120730T000000000">
	10948	<description>
	10949
	10950	<ContainerBlockElement>
	10951	Pragma SecureShell server v2.x and earlier are vulnerable to a buffer overflow attack that can potentially give an attacker full control over the remote system. This buffer overflow occurs before any authentication takes place, which means that an attacker does not need a password to be able to exploit it.
	10952	</ContainerBlockElement></description>
	10953	<references>
	10954	<reference source="BID">6407</reference>
	10955	<reference source="CERT">CA-2002-36</reference>
	10956	<reference source="CVE">CVE-2002-1359</reference>
	10957	<reference source="OVAL">OVAL5848</reference>
	10958	<reference source="URL">http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html</reference>
	10959	<reference source="URL">http://www.pragmasys.com/PressReleases/SSHVulnerabilityFixed.htm</reference>
	10960	<reference source="XF">ssh-transport-multiple-bo(10870)</reference>
	10961	</references><tags>
	10962	<tag>SSH</tag>
	10963	</tags>
	10964	<solution>
	10965
	10966	<ContainerBlockElement>
	10967	<Paragraph>Download and apply the upgrade from:
	10968	<URLLink LinkURL="http://www.pragmasys.com/SecureShell/" LinkTitle="http://www.pragmasys.com/SecureShell/"></URLLink></Paragraph>
	10969	<Paragraph>
	10970
	10971
	10972
	10973
	10974
	10975
	10976	Upgrade to
	10977
	10978	Pragma SecureShell v3.0 ( http://www.pragmasys.com/SecureShell/ )
	10979	or later.
	10980
	10981
	10982
	10983
	10984	</Paragraph></ContainerBlockElement></solution>
	10985	</vulnerability>
	10986
	10987	<vulnerability id="SSH-SSHINC-0001" title="SSH Inc Kerberos Credentials Exposure Vulnerability" severity="7" pciSeverity="5" cvssScore="7.2" cvssVector="(AV:L/AC:L/Au:N/C:C/I:C/A:C)" published="20000705T000000000" added="20041101T000000000" modified="20120712T000000000">
	10988	<description>
	10989
	10990	<ContainerBlockElement>
	10991
	10992	<Paragraph>If a user logs into an SSH 1.2.27 server, and uses Kerberos during
	10993	the session, a file called 'none' is created in the current
	10994	directory. This file contains the user's Kerberos credentials, and
	10995	if the current directory is publicly accessible (like an NFS volume),
	10996	then another user on the system may intercept the credentials.</Paragraph>
	10997	</ContainerBlockElement></description>
	10998	<references>
	10999	<reference source="BID">1426</reference>
	11000	<reference source="CVE">CVE-2000-0575</reference>
	11001	<reference source="URL">http://www.securityfocus.com/templates/archive.pike?list=1&[email protected]</reference>
	11002	<reference source="XF">ssh-kerberos-tickets-disclosure(4903)</reference>
	11003	</references><tags>
	11004	<tag>NFS</tag>
	11005	<tag>SSH</tag>
	11006	</tags>
	11007	<solution>
	11008
	11009	<ContainerBlockElement>
	11010	<Paragraph>Download and apply the upgrade from:
	11011	<URLLink LinkURL="ftp://ftp.ssh.com/pub/ssh/ssh-1.2.33.tar.gz" LinkTitle="ftp://ftp.ssh.com/pub/ssh/ssh-1.2.33.tar.gz"></URLLink></Paragraph>
	11012	<Paragraph>
	11013	<Paragraph>Upgrade to
	11014
	11015	<URLLink LinkURL="ftp://ftp.ssh.com/pub/ssh/ssh-1.2.33.tar.gz" LinkTitle="ftp://ftp.ssh.com/pub/ssh/ssh-1.2.33.tar.gz" href="ftp://ftp.ssh.com/pub/ssh/ssh-1.2.33.tar.gz">v1.2.33</URLLink>
	11016	or later.</Paragraph>
	11017	<Paragraph>See the
	11018	<URLLink LinkURL="http://www.ssh.com/support/downloads/" LinkTitle="http://www.ssh.com/support/downloads/" href="http://www.ssh.com/support/downloads/">SSH</URLLink>
	11019	website for more information.</Paragraph></Paragraph></ContainerBlockElement></solution>
	11020	</vulnerability>
	11021
	11022	<vulnerability id="SSH-SSHINC-0002" title="SSH Inc Logging Failure Vulnerability" severity="8" pciSeverity="5" cvssScore="7.5" cvssVector="(AV:N/AC:L/Au:N/C:P/I:P/A:P)" published="20010627T000000000" added="20041101T000000000" modified="20120712T000000000">
	11023	<description>
	11024
	11025	<ContainerBlockElement>
	11026
	11027	<Paragraph>SSH Inc < 1.2.31 ceases to log authentication failures after
	11028	four successive attempts. This allows a remote attacker to
	11029	brute-force login IDs without risk of detection. This vulnerability
	11030	is exacerbated by the fact that root logins are enabled by default.</Paragraph>
	11031	</ContainerBlockElement></description>
	11032	<references>
	11033	<reference source="BID">2345</reference>
	11034	<reference source="CVE">CVE-2001-0471</reference>
	11035	<reference source="URL">http://www.securityfocus.com/archive/1/160648</reference>
	11036	</references><tags>
	11037	<tag>SSH</tag>
	11038	</tags>
	11039	<solution>
	11040
	11041	<ContainerBlockElement>
	11042	<Paragraph>Download and apply the upgrade from:
	11043	<URLLink LinkURL="ftp://ftp.ssh.com/pub/ssh/ssh-1.2.33.tar.gz" LinkTitle="ftp://ftp.ssh.com/pub/ssh/ssh-1.2.33.tar.gz"></URLLink></Paragraph>
	11044	<Paragraph>
	11045	<Paragraph>Upgrade to
	11046
	11047	<URLLink LinkURL="ftp://ftp.ssh.com/pub/ssh/ssh-1.2.33.tar.gz" LinkTitle="ftp://ftp.ssh.com/pub/ssh/ssh-1.2.33.tar.gz" href="ftp://ftp.ssh.com/pub/ssh/ssh-1.2.33.tar.gz">v1.2.33</URLLink>
	11048	or later.</Paragraph>
	11049	<Paragraph>See the
	11050	<URLLink LinkURL="http://www.ssh.com/support/downloads/" LinkTitle="http://www.ssh.com/support/downloads/" href="http://www.ssh.com/support/downloads/">SSH</URLLink>
	11051	website for more information.</Paragraph></Paragraph></ContainerBlockElement></solution>
	11052	</vulnerability>
	11053
	11054	<vulnerability id="SSH-SSHINC-0004" title="SSH Secure-RPC Weak Encryption Vulnerability" severity="4" pciSeverity="2" cvssScore="3.6" cvssVector="(AV:L/AC:L/Au:N/C:P/I:P/A:N)" published="20010602T000000000" added="20041101T000000000" modified="20120712T000000000">
	11055	<description>
	11056
	11057	<ContainerBlockElement>
	11058
	11059	<Paragraph>SSH Inc < 1.2.31 uses a weak authentication mechanism whereby
	11060	which a local attacker can recover another user's SUN-DES-1 magic
	11061	phrase, and decrypt that user's private key.</Paragraph>
	11062	</ContainerBlockElement></description>
	11063	<references>
	11064	<reference source="BID">2222</reference>
	11065	<reference source="CVE">CVE-2001-0259</reference>
	11066	<reference source="URL">http://archives.neohapsis.com/archives/bugtraq/2001-01/0262.html</reference>
	11067	<reference source="URL">http://www.ssh.com/products/ssh/patches/secureRPCvulnerability.html</reference>
	11068	<reference source="XF">ssh-rpc-private-key(5963)</reference>
	11069	</references><tags>
	11070	<tag>RPC</tag>
	11071	<tag>SSH</tag>
	11072	</tags>
	11073	<solution>
	11074
	11075	<ContainerBlockElement>
	11076	<Paragraph>Download and apply the upgrade from:
	11077	<URLLink LinkURL="ftp://ftp.ssh.com/pub/ssh/ssh-1.2.33.tar.gz" LinkTitle="ftp://ftp.ssh.com/pub/ssh/ssh-1.2.33.tar.gz"></URLLink></Paragraph>
	11078	<Paragraph>
	11079	<Paragraph>Upgrade to
	11080
	11081	<URLLink LinkURL="ftp://ftp.ssh.com/pub/ssh/ssh-1.2.33.tar.gz" LinkTitle="ftp://ftp.ssh.com/pub/ssh/ssh-1.2.33.tar.gz" href="ftp://ftp.ssh.com/pub/ssh/ssh-1.2.33.tar.gz">v1.2.33</URLLink>
	11082	or later.</Paragraph>
	11083	<Paragraph>See the
	11084	<URLLink LinkURL="http://www.ssh.com/support/downloads/" LinkTitle="http://www.ssh.com/support/downloads/" href="http://www.ssh.com/support/downloads/">SSH</URLLink>
	11085	website for more information.</Paragraph></Paragraph></ContainerBlockElement></solution>
	11086	</vulnerability>
	11087
	11088	<vulnerability id="SSH-SSHINC-0005" title="SSH Inc Short Password Authentication Failure Vulnerability" severity="7" pciSeverity="5" cvssScore="7.2" cvssVector="(AV:L/AC:L/Au:N/C:C/I:C/A:C)" published="20010814T000000000" added="20041101T000000000" modified="20120712T000000000">
	11089	<description>
	11090
	11091	<ContainerBlockElement>
	11092
	11093	<Paragraph>Under SSH Inc < 3.0.1, if there exists a user whose password
	11094	in the system password file is two characters or less, it is possible
	11095	for an attacker to log in under that user ID with an arbitrary
	11096	password.</Paragraph>
	11097	</ContainerBlockElement></description>
	11098	<references>
	11099	<reference source="BID">3078</reference>
	11100	<reference source="CERT-VN">737451</reference>
	11101	<reference source="CIAC">L-121</reference>
	11102	<reference source="CVE">CVE-2001-0553</reference>
	11103	<reference source="OSVDB">586</reference>
	11104	<reference source="URL">http://archives.neohapsis.com/archives/bugtraq/2001-07/0486.html</reference>
	11105	<reference source="URL">http://www.ssh.com/products/ssh/exploit.cfm</reference>
	11106	<reference source="XF">ssh-password-length-unauth-access(6868)</reference>
	11107	</references><tags>
	11108	<tag>SSH</tag>
	11109	</tags>
	11110	<solution>
	11111
	11112	<ContainerBlockElement>
	11113	<Paragraph>Download and apply the upgrade from:
	11114	<URLLink LinkURL="ftp://ftp.ssh.com/pub/ssh/ssh-3.0.1.tar.gz" LinkTitle="ftp://ftp.ssh.com/pub/ssh/ssh-3.0.1.tar.gz"></URLLink></Paragraph>
	11115	<Paragraph>
	11116	<Paragraph>Upgrade SSH v3.0.1 or later.
	11117	See the following
	11118	<URLLink LinkURL="http://www.ssh.com/support/downloads/" LinkTitle="http://www.ssh.com/support/downloads/" href="http://www.ssh.com/support/downloads/">link</URLLink>
	11119	for download information.
	11120	</Paragraph></Paragraph></ContainerBlockElement></solution>
	11121	</vulnerability>
	11122
	11123	<vulnerability id="SSH-SSHINC-0006" title="SSH Inc Restricted Shell Bypass Vulnerability" severity="7" pciSeverity="5" cvssScore="7.2" cvssVector="(AV:L/AC:L/Au:N/C:C/I:C/A:C)" published="20021231T000000000" added="20041101T000000000" modified="20120712T000000000">
	11124	<description>
	11125
	11126	<ContainerBlockElement>
	11127
	11128	<Paragraph>Under SSH < 3.1.1, it is possible for a user with a restricted
	11129	shell upload scripts to a world-writable directory, then execute it.
	11130	This allows the user to gain a regular, unrestricted shell to the
	11131	system.</Paragraph>
	11132	</ContainerBlockElement></description>
	11133	<references>
	11134	<reference source="BID">4547</reference>
	11135	<reference source="CVE">CVE-2002-1715</reference>
	11136	<reference source="XF">ssh-bypass-restricted-shells(8908)</reference>
	11137	</references><tags>
	11138	<tag>SSH</tag>
	11139	</tags>
	11140	<solution>
	11141
	11142	<ContainerBlockElement>
	11143	<Paragraph>Download and apply the upgrade from:
	11144	<URLLink LinkURL="ftp://ftp.ssh.com/pub/ssh/ssh-3.1.1.tar.gz" LinkTitle="ftp://ftp.ssh.com/pub/ssh/ssh-3.1.1.tar.gz"></URLLink></Paragraph>
	11145	<Paragraph>
	11146	<Paragraph>Upgrade to v3.1.1 or later. To correct other security issues,
	11147	we recommend upgrading to the latest 3.1 release, currently
	11148
	11149	<URLLink LinkURL="ftp://ftp.ssh.com/pub/ssh/ssh-3.1.1.tar.gz" LinkTitle="ftp://ftp.ssh.com/pub/ssh/ssh-3.1.1.tar.gz" href="ftp://ftp.ssh.com/pub/ssh/ssh-3.1.1.tar.gz">v3.1.1</URLLink></Paragraph>
	11150	<Paragraph>
	11151	See the
	11152	<URLLink LinkURL="http://www.ssh.com/support/downloads/" LinkTitle="http://www.ssh.com/support/downloads/" href="http://www.ssh.com/support/downloads/">SSH</URLLink>
	11153	website for download information.
	11154	</Paragraph></Paragraph></ContainerBlockElement></solution>
	11155	</vulnerability>
	11156
	11157	<vulnerability id="SSH-SSHINC-0007" title="SSH Inc AllowedAuthentications Override Vulnerability" severity="8" pciSeverity="5" cvssScore="7.5" cvssVector="(AV:N/AC:L/Au:N/C:P/I:P/A:P)" published="20021231T000000000" added="20041101T000000000" modified="20120712T000000000">
	11158	<description>
	11159
	11160	<ContainerBlockElement>
	11161
	11162	<Paragraph>It is sometimes possible for a remote user to circumvent the
	11163	server's "AllowedAuthentications" directive. This could allow
	11164	authentication via a weaker mechanism (such as a password) where
	11165	users would otherwise be required to log in using a stronger
	11166	method (such as public keys).</Paragraph>
	11167	</ContainerBlockElement></description>
	11168	<references>
	11169	<reference source="BID">4810</reference>
	11170	<reference source="CERT-VN">341187</reference>
	11171	<reference source="CIAC">M-081</reference>
	11172	<reference source="CVE">CVE-2002-1646</reference>
	11173	<reference source="URL">http://archives.neohapsis.com/archives/bugtraq/2002-05/0204.html</reference>
	11174	<reference source="URL">http://www.ssh.com/products/ssh/advisories/authentication.cfm</reference>
	11175	<reference source="XF">ssh-allowedauthentications-bypass-auth(9163)</reference>
	11176	</references><tags>
	11177	<tag>SSH</tag>
	11178	</tags>
	11179	<solution>
	11180
	11181	<ContainerBlockElement>
	11182	<Paragraph>
	11183	<Paragraph>
	11184	Upgrade to SSH v3.1.2 or later. See the following
	11185
	11186	<URLLink LinkURL="http://www.ssh.com/support/downloads/" LinkTitle="http://www.ssh.com/support/downloads/" href="http://www.ssh.com/support/downloads/">link</URLLink>
	11187	for download information.
	11188	</Paragraph></Paragraph></ContainerBlockElement></solution>
	11189	</vulnerability>
	11190
	11191	<vulnerability id="ssh-sshinc-getlogin-spoof-privilege-escalation" title="SSH Inc. getlogin() Spoofing Privilege Escalation Vulnerability" severity="7" pciSeverity="5" cvssScore="7.2" cvssVector="(AV:L/AC:L/Au:N/C:C/I:C/A:C)" published="20021125T000000000" added="20041101T000000000" modified="20120712T000000000">
	11192	<description>
	11193
	11194	<ContainerBlockElement>
	11195
	11196	<Paragraph>Due to a flaw in the process grouping logic, certain versions of SSH Inc. Secure Shell may allow a local attacker to spoof the result of the 'getlogin()' system call. This vulnerability allows the insertion of SSH syslog entries to be logged as coming from the root account; local attackers may also be able to elevate privileges as well.</Paragraph>
	11197	</ContainerBlockElement></description>
	11198	<references>
	11199	<reference source="BID">6247</reference>
	11200	<reference source="CERT-VN">740619</reference>
	11201	<reference source="CVE">CVE-2002-1644</reference>
	11202	<reference source="URL">http://www.ssh.com/company/newsroom/article/286/</reference>
	11203	<reference source="XF">ssh-setsid-privilege-elevation(10710)</reference>
	11204	</references><tags>
	11205	<tag>Privilege Escalation</tag>
	11206	<tag>SSH</tag>
	11207	</tags>
	11208	<solution>
	11209
	11210	<ContainerBlockElement>
	11211	<Paragraph>Download and apply the upgrade from:
	11212	<URLLink LinkURL="ftp://ftp.ssh.com/pub/ssh/old/ssh-3.2.2.tar.gz" LinkTitle="ftp://ftp.ssh.com/pub/ssh/old/ssh-3.2.2.tar.gz"></URLLink></Paragraph>
	11213	<Paragraph>
	11214	<Paragraph>Upgrade to SSH v3.2.2 or later. See the
	11215
	11216	<URLLink LinkURL="http://www.ssh.com/support/downloads/" LinkTitle="http://www.ssh.com/support/downloads/" href="http://www.ssh.com/support/downloads/">SSH</URLLink>
	11217	website for download information.
	11218	</Paragraph></Paragraph></ContainerBlockElement></solution>
	11219	</vulnerability>
	11220
	11221	<vulnerability id="ssh-sshinc-rsa-signature-forging" title="SSH Inc. RSA Signature Forging Vulnerability" severity="5" pciSeverity="3" cvssScore="5.1" cvssVector="(AV:N/AC:H/Au:N/C:P/I:P/A:P)" published="20041101T000000000" added="20041101T000000000" modified="20120712T000000000">
	11222	<description>
	11223
	11224	<ContainerBlockElement>
	11225
	11226	<Paragraph>Certain versions of SSH Communications Secure Shell incorrectly verify invalid RSA signatures. As a result, a remote attacker could authenticate with the server and gain shell access. However, this attack is largely theoretical since the attacker must make (2 ^ 67) computations in order to generate a forged signature.</Paragraph>
	11227	</ContainerBlockElement></description>
	11228	<references>
	11229	</references><tags>
	11230	<tag>SSH</tag>
	11231	</tags>
	11232	<solution>
	11233
	11234	<ContainerBlockElement>
	11235	<UnorderedList>
	11236	<ListItem>
	11237	<Paragraph>
	11238	<Paragraph>
	11239	Upgrade to SSH v3.1.8 or later. See the
	11240
	11241	<URLLink LinkURL="http://www.ssh.com/support/downloads/" LinkTitle="http://www.ssh.com/support/downloads/" href="http://www.ssh.com/support/downloads/">SSH</URLLink>
	11242	website for download information.
	11243	</Paragraph></Paragraph></ListItem>
	11244	<ListItem>
	11245	<Paragraph>
	11246	<Paragraph>
	11247	<URLLink LinkURL="http://www.ssh.com/support/downloads/" LinkTitle="http://www.ssh.com/support/downloads/" href="http://www.ssh.com/support/downloads/"></URLLink></Paragraph></Paragraph></ListItem>
	11248	<ListItem>
	11249	<Paragraph>
	11250	<Paragraph>As of July, 2003, the latest version of SSH Secure Shell is v3.2.5.
	11251
	11252
	11253	<URLLink LinkURL="http://www.ssh.com/support/downloads/" LinkTitle="http://www.ssh.com/support/downloads/" href="http://www.ssh.com/support/downloads/"></URLLink></Paragraph></Paragraph></ListItem></UnorderedList></ContainerBlockElement></solution>
	11254	</vulnerability>
	11255
	11256	<vulnerability id="ssh-suse-default-account-suse-gm-password-123456" title="Default SSH password: suse-gm password "123456"" severity="10" pciSeverity="5" cvssScore="10.0" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:C)" published="20091104T000000000" added="20091104T000000000" modified="20120712T000000000">
	11257	<description>
	11258
	11259	<ContainerBlockElement>
	11260
	11261	<Paragraph>The suse-gm account has the password "123456", which is one of the most
	11262	common passwords in use.</Paragraph>
	11263	</ContainerBlockElement></description>
	11264	<references>
	11265	</references><tags>
	11266	<tag>Default Account</tag>
	11267	<tag>SSH</tag>
	11268	</tags>
	11269	<solution>
	11270
	11271	<ContainerBlockElement>
	11272	<Paragraph>
	11273	<Paragraph>Use the "passwd" command to set a more secure login
	11274	password. A good password should consist of a mix of lower- and
	11275	upper-case characters, numbers, and punctuation and should be at least
	11276	8 characters long.</Paragraph></Paragraph></ContainerBlockElement></solution>
	11277	</vulnerability>
	11278
	11279	<vulnerability id="ssh-v1-supported" title="SSH server supports SSH protocol v1 clients" severity="8" pciSeverity="5" cvssScore="7.5" cvssVector="(AV:N/AC:L/Au:N/C:P/I:P/A:P)" published="20050421T000000000" added="20061121T000000000" modified="20130703T000000000">
	11280	<description>
	11281
	11282	<ContainerBlockElement>
	11283
	11284	<Paragraph>The SSH server support SSH version 1 clients. Version 1 of the SSH protocol
	11285	contains fundamental weaknesses which make sessions vulnerable to man-in-the-middle
	11286	attacks. Since all modern SSH clients have supported SSH v2 for at least 5 years,
	11287	there is no reason to support SSHv1.
	11288	</Paragraph>
	11289	</ContainerBlockElement></description>
	11290	<references>
	11291	<reference source="CERT-VN">684820</reference>
	11292	<reference source="CVE">CVE-2001-1473</reference>
	11293	<reference source="XF">ssh-authentication-forwarding(6603)</reference>
	11294	</references><tags>
	11295	<tag>Insecure Remote Access</tag>
	11296	<tag>SSH</tag>
	11297	</tags>
	11298	<solution>
	11299
	11300	<ContainerBlockElement>
	11301	<Paragraph>
	11302	<Paragraph>
	11303	Configure the SSH server to support protocol version 2 only. For OpenSSH-based
	11304	servers, change the "Protocol" line in the sshd_config file to read:
	11305	</Paragraph>
	11306	<Paragraph preformat="true">Protocol 2</Paragraph>
	11307	<Paragraph>
	11308	For systems not based on OpenSSH, you may need
	11309	to upgrade the operating system version to enable SSHv2 support.
	11310	</Paragraph></Paragraph></ContainerBlockElement></solution>
	11311	</vulnerability>
	11312
	11313	<vulnerability id="ssl-self-signed-certificate" title="Self-signed TLS/SSL certificate" severity="4" pciSeverity="3" cvssScore="4.3" cvssVector="(AV:N/AC:M/Au:N/C:N/I:P/A:N)" published="19950101T000000000" added="20090716T000000000" modified="20120712T000000000">
	11314	<description>
	11315
	11316	<ContainerBlockElement>
	11317
	11318	<Paragraph>
	11319	The server's TLS/SSL certificate is self-signed. Self-signed certificates cannot be
	11320	trusted by default, especially because TLS/SSL man-in-the-middle attacks typically use
	11321	self-signed certificates to eavesdrop on TLS/SSL connections.
	11322	</Paragraph>
	11323	</ContainerBlockElement></description>
	11324	<references>
	11325	</references><tags>
	11326	<tag>Network</tag>
	11327	</tags>
	11328	<solution>
	11329
	11330	<ContainerBlockElement>
	11331	<Paragraph>
	11332	<Paragraph>Obtain a new TLS/SSL server certificate that is NOT self-signed and install it on the server.
	11333	The exact instructions for obtaining a new certificate depend on your organization's requirements.
	11334	Generally, you will need to generate a certificate request and save the request as a file. This
	11335	file is then sent to a Certificate Authority (CA) for processing. Your organization may have its
	11336	own internal Certificate Authority. If not, you may have to pay for a certificate from a trusted
	11337	external Certificate Authority, such as
	11338	<URLLink LinkURL="http://www.thawte.com" LinkTitle="http://www.thawte.com" href="http://www.thawte.com">Thawte</URLLink> or
	11339
	11340	<URLLink LinkURL="http://www.verisign.com" LinkTitle="http://www.verisign.com" href="http://www.verisign.com">Verisign</URLLink>.</Paragraph></Paragraph></ContainerBlockElement></solution>
	11341	</vulnerability>
	11342
	11343	<vulnerability id="ssl-weak-ciphers" title="TLS/SSL Server Supports Weak Cipher Algorithms" severity="6" pciSeverity="3" cvssScore="5.8" cvssVector="(AV:N/AC:M/Au:N/C:P/I:P/A:N)" published="19960101T000000000" added="20090212T000000000" modified="20130515T000000000">
	11344	<description>
	11345
	11346	<ContainerBlockElement>
	11347
	11348	<Paragraph>
	11349	The TLS/SSL server supports cipher suites based on weak algorithms. This may
	11350	enable an attacker to launch man-in-the-middle attacks and monitor or
	11351	tamper with sensitive data. In general, the following ciphers are
	11352	considered weak:
	11353	</Paragraph>
	11354
	11355	<UnorderedList>
	11356	<ListItem>So called "null" ciphers, because they do not encrypt data.</ListItem>
	11357	<ListItem>Export ciphers using secret key lengths restricted to 40 bits.
	11358	This is usually indicated by the word EXP/EXPORT in the name of the cipher suite.</ListItem>
	11359	<ListItem>Obsolete encryption algorithms with secret key lengths considered short by
	11360	today's standards, eg. DES or RC4 with 56-bit keys.</ListItem></UnorderedList>
	11361	</ContainerBlockElement></description>
	11362	<references>
	11363	</references><tags>
	11364	<tag>Network</tag>
	11365	</tags>
	11366	<solution>
	11367
	11368	<ContainerBlockElement>
	11369	<Paragraph>
	11370	<Paragraph>Configure the server to disable support for weak ciphers.</Paragraph>
	11371	<Paragraph>For Microsoft IIS web servers, see Microsoft Knowledgebase article
	11372	<URLLink LinkURL="http://support.microsoft.com/kb/245030/" LinkTitle="http://support.microsoft.com/kb/245030/" href="http://support.microsoft.com/kb/245030/">245030</URLLink>
	11373	for instructions on disabling weak ciphers.</Paragraph>
	11374	<Paragraph>For Apache web servers with mod_ssl, edit the Apache configuration file and change the SSLCipherSuite line to read:</Paragraph>
	11375	<Paragraph preformat="true">SSLCipherSuite ALL:!aNULL:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM</Paragraph>
	11376	<Paragraph>For other servers, refer to the respective vendor documentation to disable the weak ciphers</Paragraph></Paragraph></ContainerBlockElement></solution>
	11377	</vulnerability>
	11378
	11379	<vulnerability id="sslv2-and-up-enabled" title="TLS/SSL Server Supports SSLv2" severity="6" pciSeverity="3" cvssScore="5.8" cvssVector="(AV:N/AC:M/Au:N/C:P/I:P/A:N)" published="19960101T000000000" added="20090209T000000000" modified="20131011T000000000">
	11380	<description>
	11381
	11382	<ContainerBlockElement>
	11383
	11384	<Paragraph>Although the server accepts clients using TLS or SSLv3, it also accepts clients using SSLv2.
	11385	SSLv2 is an older implementation of the Secure Sockets Layer protocol.
	11386	It suffers from a number of security flaws allowing attackers to
	11387	capture and alter information passed between a client and the server,
	11388	including the following weaknesses:</Paragraph>
	11389
	11390
	11391	<UnorderedList>
	11392	<ListItem>No protection from against man-in-the-middle attacks during the handshake.</ListItem>
	11393	<ListItem>Weak MAC construction and MAC relying solely on the MD5 hash function.</ListItem>
	11394	<ListItem>Exportable cipher suites unnecessarily weaken the MACs</ListItem>
	11395	<ListItem>Same cryptographic keys used for message authentication and encryption.</ListItem>
	11396	<ListItem>Vulnerable to truncation attacks by forged TCP FIN packets</ListItem></UnorderedList>
	11397
	11398
	11399	<Paragraph>SSLv2 has been deprecated and is no longer recommended. Note that neither
	11400	SSLv2 nor SSLv3 meet the U.S. FIPS 140-2 standard, which governs cryptographic
	11401	modules for use in federal information systems. Only the newer TLS (Transport
	11402	Layer Security) protocol meets FIPS 140-2 requirements. In addition, the
	11403	presence of an SSLv2-only service on a host is deemed a failure by the PCI
	11404	(Payment Card Industry) Data Security Standard.</Paragraph>
	11405
	11406
	11407	<Paragraph>Note that this vulnerability will be reported when the remote server
	11408	supports SSLv2 regardless of whether TLS or SSLv3 are also supported.</Paragraph>
	11409	</ContainerBlockElement></description>
	11410	<references>
	11411	<reference source="URL">http://www.eucybervote.org/Reports/MSI-WP2-D7V1-V1.0-02.htm</reference>
	11412	<reference source="URL">https://www.pcisecuritystandards.org/pdfs/pcissc_assessors_nl_2008-11.pdf</reference>
	11413	</references><tags>
	11414	<tag>Network</tag>
	11415	</tags>
	11416	<solution>
	11417
	11418	<ContainerBlockElement>
	11419	<UnorderedList>
	11420	<ListItem>
	11421	<Paragraph>Apache HTTPD</Paragraph>
	11422	<Paragraph>
	11423	<Paragraph>For Apache web servers with mod_ssl, edit the Apache configuration file and change the SSLCipherSuite line to read:</Paragraph>
	11424	<Paragraph preformat="true">SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:!SSLv2</Paragraph>
	11425	<Paragraph>The ! (exclamation point) before SSLv2 is what disables this protocol.</Paragraph></Paragraph></ListItem>
	11426	<ListItem>
	11427	<Paragraph>Windows</Paragraph>
	11428	<Paragraph>
	11429	<Paragraph>Configure the server to require clients to use at least SSLv3 or TLS.</Paragraph>
	11430	<Paragraph>
	11431	For Microsoft Windows before Windows 2003, see
	11432	<URLLink LinkURL="http://support.microsoft.com/kb/187498" LinkTitle="http://support.microsoft.com/kb/187498" href="http://support.microsoft.com/kb/187498">KB187498</URLLink>.
	11433	For newer versions of Microsoft Windows, see
	11434	<URLLink LinkURL="http://support.microsoft.com/kb/245030" LinkTitle="http://support.microsoft.com/kb/245030" href="http://support.microsoft.com/kb/245030">KB245030</URLLink>.
	11435	</Paragraph></Paragraph></ListItem></UnorderedList></ContainerBlockElement></solution>
	11436	</vulnerability>
	11437
	11438	<vulnerability id="tcp-seq-num-approximation" title="TCP Sequence Number Approximation Vulnerability" severity="5" pciSeverity="2" cvssScore="5.0" cvssVector="(AV:N/AC:L/Au:N/C:N/I:N/A:P)" published="20040421T000000000" added="20100125T000000000" modified="20120712T000000000">
	11439	<description>
	11440
	11441	<ContainerBlockElement>
	11442
	11443	<Paragraph>
	11444	TCP, when using a large Window Size, makes it easier for remote
	11445	attackers to guess sequence numbers and cause a denial of service
	11446	(connection loss) to persistent TCP connections by repeatedly
	11447	injecting a TCP RST packet, especially in protocols that use
	11448	long-lived connections, such as BGP.
	11449	</Paragraph>
	11450	</ContainerBlockElement></description>
	11451	<references>
	11452	<reference source="BID">10183</reference>
	11453	<reference source="CERT">TA04-111A</reference>
	11454	<reference source="CERT-VN">415294</reference>
	11455	<reference source="CVE">CVE-2004-0230</reference>
	11456	<reference source="MS">MS05-019</reference>
	11457	<reference source="MS">MS06-064</reference>
	11458	<reference source="NETBSD">NetBSD-SA2004-006</reference>
	11459	<reference source="OSVDB">4030</reference>
	11460	<reference source="OVAL">OVAL2689</reference>
	11461	<reference source="OVAL">OVAL270</reference>
	11462	<reference source="OVAL">OVAL3508</reference>
	11463	<reference source="OVAL">OVAL4791</reference>
	11464	<reference source="OVAL">OVAL5711</reference>
	11465	<reference source="SECUNIA">11440</reference>
	11466	<reference source="SECUNIA">11458</reference>
	11467	<reference source="SECUNIA">22341</reference>
	11468	<reference source="SGI">20040403-01-A</reference>
	11469	<reference source="URL">ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc</reference>
	11470	<reference source="URL">http://tools.ietf.org/html/draft-ietf-tcpm-tcpsecure-12</reference>
	11471	<reference source="URL">http://www.uniras.gov.uk/vuls/2004/236929/index.htm</reference>
	11472	<reference source="XF">tcp-rst-dos(15886)</reference>
	11473	</references><tags>
	11474	<tag>Denial of Service</tag>
	11475	<tag>Network</tag>
	11476	</tags>
	11477	<solution>
	11478
	11479	<ContainerBlockElement>
	11480	<UnorderedList>
	11481	<ListItem>
	11482	<Paragraph>Microsoft Windows Server 2003 < SP1 (x86), Microsoft Windows Server 2003, Standard Edition < SP1 (x86), Microsoft Windows Server 2003, Enterprise Edition < SP1 (x86), Microsoft Windows Server 2003, Datacenter Edition < SP1 (x86), Microsoft Windows Server 2003, Web Edition < SP1 (x86), Microsoft Windows Small Business Server 2003 < SP1 (x86)</Paragraph>
	11483	<Paragraph>Download and apply the patch from:
	11484	<URLLink LinkURL="http://www.download.windowsupdate.com/msdownload/update/v3-19990518/cabpool/windowsserver2003-kb893066-v2-x86-enu_ed6adba942906756fec6fea17347ba1a526c594b.exe" LinkTitle="http://www.download.windowsupdate.com/msdownload/update/v3-19990518/cabpool/windowsserver2003-kb893066-v2-x86-enu_ed6adba942906756fec6fea17347ba1a526c594b.exe"></URLLink></Paragraph></ListItem>
	11485	<ListItem>
	11486	<Paragraph>Microsoft Windows 2000 SP4 OR SP3 (x86), Microsoft Windows 2000 Professional SP4 OR SP3 (x86), Microsoft Windows 2000 Server SP4 OR SP3 (x86), Microsoft Windows 2000 Advanced Server SP4 OR SP3 (x86), Microsoft Windows 2000 Datacenter Server SP4 OR SP3 (x86)</Paragraph>
	11487	<Paragraph>Download and apply the patch from:
	11488	<URLLink LinkURL="http://www.download.windowsupdate.com/msdownload/update/v3-19990518/cabpool/windows2000-kb893066-v2-x86-enu_a5b95ec14e70e531e784ea83e633d24a0ea83795.exe" LinkTitle="http://www.download.windowsupdate.com/msdownload/update/v3-19990518/cabpool/windows2000-kb893066-v2-x86-enu_a5b95ec14e70e531e784ea83e633d24a0ea83795.exe"></URLLink></Paragraph></ListItem>
	11489	<ListItem>
	11490	<Paragraph>Microsoft Windows XP Professional SP2 OR SP1 (x86), Microsoft Windows XP Home SP2 OR SP1 (x86)</Paragraph>
	11491	<Paragraph>Download and apply the patch from:
	11492	<URLLink LinkURL="http://www.download.windowsupdate.com/msdownload/update/v3-19990518/cabpool/windowsxp-kb893066-v2-x86-enu_3d2029a4300c0b7943b20c1287c8143087045d52.exe" LinkTitle="http://www.download.windowsupdate.com/msdownload/update/v3-19990518/cabpool/windowsxp-kb893066-v2-x86-enu_3d2029a4300c0b7943b20c1287c8143087045d52.exe"></URLLink></Paragraph></ListItem>
	11493	<ListItem>
	11494	<Paragraph>Microsoft Windows Server 2003 SP1 OR < SP1 (x86), Microsoft Windows Server 2003, Standard Edition SP1 OR < SP1 (x86), Microsoft Windows Server 2003, Enterprise Edition SP1 OR < SP1 (x86), Microsoft Windows Server 2003, Datacenter Edition SP1 OR < SP1 (x86), Microsoft Windows Server 2003, Web Edition SP1 OR < SP1 (x86), Microsoft Windows Small Business Server 2003 SP1 OR < SP1 (x86)</Paragraph>
	11495	<Paragraph>Download and apply the patch from:
	11496	<URLLink LinkURL="http://www.download.windowsupdate.com/msdownload/update/v3-19990518/cabpool/windowsserver2003-kb922819-x86-enu_22c5d80f99afb4a79b6245a4b5db1e8c95cb03fa.exe" LinkTitle="http://www.download.windowsupdate.com/msdownload/update/v3-19990518/cabpool/windowsserver2003-kb922819-x86-enu_22c5d80f99afb4a79b6245a4b5db1e8c95cb03fa.exe"></URLLink></Paragraph></ListItem>
	11497	<ListItem>
	11498	<Paragraph>Microsoft Windows Server 2003 SP1 (x86_64), Microsoft Windows Server 2003, Standard Edition SP1 (x86_64), Microsoft Windows Server 2003, Enterprise Edition SP1 (x86_64), Microsoft Windows Server 2003, Datacenter Edition SP1 (x86_64), Microsoft Windows Server 2003, Web Edition SP1 (x86_64), Microsoft Windows Small Business Server 2003 SP1 (x86_64)</Paragraph>
	11499	<Paragraph>Download and apply the patch from:
	11500	<URLLink LinkURL="http://www.download.windowsupdate.com/msdownload/update/v3-19990518/cabpool/windowsserver2003.windowsxp-kb922819-x64-enu_4c34629b0664f2d2cd78c0276e4bd6b5e72ede61.exe" LinkTitle="http://www.download.windowsupdate.com/msdownload/update/v3-19990518/cabpool/windowsserver2003.windowsxp-kb922819-x64-enu_4c34629b0664f2d2cd78c0276e4bd6b5e72ede61.exe"></URLLink></Paragraph></ListItem>
	11501	<ListItem>
	11502	<Paragraph>Microsoft Windows XP Professional SP1 OR SP2 (x86), Microsoft Windows XP Home SP1 OR SP2 (x86)</Paragraph>
	11503	<Paragraph>Download and apply the patch from:
	11504	<URLLink LinkURL="http://www.download.windowsupdate.com/msdownload/update/v3-19990518/cabpool/windowsxp-kb922819-x86-enu_e4dceecdd4a72e5ad91cc78fe5f4572f91ee5db0.exe" LinkTitle="http://www.download.windowsupdate.com/msdownload/update/v3-19990518/cabpool/windowsxp-kb922819-x86-enu_e4dceecdd4a72e5ad91cc78fe5f4572f91ee5db0.exe"></URLLink></Paragraph></ListItem>
	11505	<ListItem>
	11506	<Paragraph>Microsoft Windows Server 2003 SP1 OR < SP1 (ia64), Microsoft Windows Server 2003, Standard Edition SP1 OR < SP1 (ia64), Microsoft Windows Server 2003, Enterprise Edition SP1 OR < SP1 (ia64), Microsoft Windows Server 2003, Datacenter Edition SP1 OR < SP1 (ia64), Microsoft Windows Server 2003, Web Edition SP1 OR < SP1 (ia64), Microsoft Windows Small Business Server 2003 SP1 OR < SP1 (ia64)</Paragraph>
	11507	<Paragraph>Download and apply the patch from:
	11508	<URLLink LinkURL="http://www.download.windowsupdate.com/msdownload/update/v3-19990518/cabpool/windowsserver2003-kb922819-ia64-enu_34ecda284c6fc7b6fbbbfd6e2c823525ab9c838a.exe" LinkTitle="http://www.download.windowsupdate.com/msdownload/update/v3-19990518/cabpool/windowsserver2003-kb922819-ia64-enu_34ecda284c6fc7b6fbbbfd6e2c823525ab9c838a.exe"></URLLink></Paragraph></ListItem>
	11509	<ListItem>
	11510	<Paragraph>Microsoft Windows XP Professional SP1 (x86_64)</Paragraph>
	11511	<Paragraph>Download and apply the patch from:
	11512	<URLLink LinkURL="http://www.download.windowsupdate.com/msdownload/update/v3-19990518/cabpool/windowsserver2003.windowsxp-kb922819-x64-enu_4c34629b0664f2d2cd78c0276e4bd6b5e72ede61.exe" LinkTitle="http://www.download.windowsupdate.com/msdownload/update/v3-19990518/cabpool/windowsserver2003.windowsxp-kb922819-x64-enu_4c34629b0664f2d2cd78c0276e4bd6b5e72ede61.exe"></URLLink></Paragraph></ListItem>
	11513	<ListItem>
	11514	<Paragraph>
	11515	<Paragraph>
	11516	Enable the TCP MD5 signature option as documented in
	11517
	11518	<URLLink LinkURL="http://www.ietf.org/rfc/rfc2385.txt" LinkTitle="http://www.ietf.org/rfc/rfc2385.txt" href="http://www.ietf.org/rfc/rfc2385.txt">RFC 2385</URLLink>. It was
	11519	designed to reduce the danger from certain security attacks on BGP,
	11520	such as TCP resets.
	11521	</Paragraph></Paragraph></ListItem>
	11522	<ListItem>
	11523	<Paragraph>
	11524	In many situations, target systems are, by themselves, patched or
	11525	otherwise unaffected by this vulnerability. In certain
	11526	configurations, however, unaffected systems can be made vulnerable if
	11527	the path between an attacker and the target system contains an
	11528	affected and unpatched network device such as a firewall or router
	11529	and that device is responsible for handling TCP connections for the
	11530	target. In this case, locate and apply remediation steps for network
	11531	devices along the route that are affected.
	11532	</Paragraph></ListItem></UnorderedList></ContainerBlockElement></solution>
	11533	</vulnerability>
	11534
	11535	<vulnerability id="telnet-avaya-default-login-diag" title="Undocumented Default Account: diag" severity="10" pciSeverity="5" cvssScore="10.0" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:C)" published="20041101T000000000" added="20041101T000000000" modified="20120716T000000000">
	11536	<description>
	11537
	11538	<ContainerBlockElement>
	11539
	11540	<Paragraph>Certain software versions for Avaya switches come with a default account, 'diag', which has read-write access. This account is completely undocumented and cannot be removed unless the firmware is upgraded.</Paragraph>
	11541	</ContainerBlockElement></description>
	11542	<references>
	11543	</references><tags>
	11544	<tag>Default Account</tag>
	11545	<tag>Telnet</tag>
	11546	</tags>
	11547	<solution>
	11548
	11549	<ContainerBlockElement>
	11550	<Paragraph>Download and apply the upgrade from:
	11551	<URLLink LinkURL="http://support.avaya.com" LinkTitle="http://support.avaya.com"></URLLink></Paragraph>
	11552	<Paragraph>
	11553	<Paragraph>Upgrade to firmware v5.3.0 or later, and disable the accounts:
	11554
	11555
	11556
	11557	<URLLink LinkURL="http://support.avaya.com" LinkTitle="http://support.avaya.com" href="http://support.avaya.com">http://support.avaya.com</URLLink> ( http://support.avaya.com ) </Paragraph></Paragraph></ContainerBlockElement></solution>
	11558	</vulnerability>
	11559
	11560	<vulnerability id="telnet-avaya-default-login-manuf" title="Undocumented Default Account: manuf" severity="10" pciSeverity="5" cvssScore="10.0" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:C)" published="20041101T000000000" added="20041101T000000000" modified="20120716T000000000">
	11561	<description>
	11562
	11563	<ContainerBlockElement>
	11564
	11565	<Paragraph>Certain software versions for Avaya switches come with a default account, 'manuf', which has read-write access. This account is completely undocumented and cannot be removed unless the firmware is upgraded.</Paragraph>
	11566	</ContainerBlockElement></description>
	11567	<references>
	11568	</references><tags>
	11569	<tag>Default Account</tag>
	11570	<tag>Telnet</tag>
	11571	</tags>
	11572	<solution>
	11573
	11574	<ContainerBlockElement>
	11575	<Paragraph>Download and apply the upgrade from:
	11576	<URLLink LinkURL="http://support.avaya.com" LinkTitle="http://support.avaya.com"></URLLink></Paragraph>
	11577	<Paragraph>
	11578	<Paragraph>Upgrade to firmware v5.3.0 or later, and disable the accounts:
	11579
	11580
	11581
	11582	<URLLink LinkURL="http://support.avaya.com" LinkTitle="http://support.avaya.com" href="http://support.avaya.com">http://support.avaya.com</URLLink> ( http://support.avaya.com ) </Paragraph></Paragraph></ContainerBlockElement></solution>
	11583	</vulnerability>
	11584
	11585	<vulnerability id="telnet-db2-default-login-db2as" title="Telnet DB2 Default Login: db2as" severity="8" pciSeverity="5" cvssScore="7.5" cvssVector="(AV:N/AC:L/Au:N/C:P/I:P/A:P)" published="20010216T000000000" added="20041101T000000000" modified="20120716T000000000">
	11586	<description>
	11587
	11588	<ContainerBlockElement>
	11589
	11590	<Paragraph>After installing certain versions of IBM's DB2 server, a system account named 'db2as' is automatically created with a default password of 'ibmdb2'. This default password should be changed immediately to prevent database and system exploitation.</Paragraph>
	11591	</ContainerBlockElement></description>
	11592	<references>
	11593	<reference source="BID">2068</reference>
	11594	<reference source="CVE">CVE-2001-0051</reference>
	11595	<reference source="URL">http://www.securityfocus.com/archive/1/149222</reference>
	11596	<reference source="XF">ibm-db2-gain-access(5662)</reference>
	11597	</references><tags>
	11598	<tag>Default Account</tag>
	11599	<tag>IBM</tag>
	11600	<tag>IBM DB2</tag>
	11601	<tag>Telnet</tag>
	11602	</tags>
	11603	<solution>
	11604
	11605	<ContainerBlockElement>
	11606	<Paragraph>
	11607	<Paragraph>Change the password to a non-default value.</Paragraph></Paragraph></ContainerBlockElement></solution>
	11608	</vulnerability>
	11609
	11610	<vulnerability id="telnet-db2-default-login-db2fenc1" title="Telnet DB2 Default Login: db2fenc1" severity="8" pciSeverity="5" cvssScore="7.5" cvssVector="(AV:N/AC:L/Au:N/C:P/I:P/A:P)" published="20010216T000000000" added="20041101T000000000" modified="20120716T000000000">
	11611	<description>
	11612
	11613	<ContainerBlockElement>
	11614
	11615	<Paragraph>After installing certain versions of IBM's DB2 server, a system account named 'db2fenc1' is automatically created with a default password of 'ibmdb2'. This default password should be changed immediately to prevent database and system exploitation.</Paragraph>
	11616	</ContainerBlockElement></description>
	11617	<references>
	11618	<reference source="BID">2068</reference>
	11619	<reference source="CVE">CVE-2001-0051</reference>
	11620	<reference source="URL">http://www.securityfocus.com/archive/1/149222</reference>
	11621	<reference source="XF">ibm-db2-gain-access(5662)</reference>
	11622	</references><tags>
	11623	<tag>Default Account</tag>
	11624	<tag>IBM</tag>
	11625	<tag>IBM DB2</tag>
	11626	<tag>Telnet</tag>
	11627	</tags>
	11628	<solution>
	11629
	11630	<ContainerBlockElement>
	11631	<Paragraph>
	11632	<Paragraph>Change the password to a non-default value.</Paragraph></Paragraph></ContainerBlockElement></solution>
	11633	</vulnerability>
	11634
	11635	<vulnerability id="telnet-db2-default-login-db2inst1" title="Telnet DB2 Default Login: db2inst1" severity="8" pciSeverity="5" cvssScore="7.5" cvssVector="(AV:N/AC:L/Au:N/C:P/I:P/A:P)" published="20010216T000000000" added="20041101T000000000" modified="20120716T000000000">
	11636	<description>
	11637
	11638	<ContainerBlockElement>
	11639
	11640	<Paragraph>After installing certain versions of IBM's DB2 server, a system account named 'db2inst1' is automatically created with a default password of 'ibmdb2'. This default password should be changed immediately to prevent database and system exploitation.</Paragraph>
	11641	</ContainerBlockElement></description>
	11642	<references>
	11643	<reference source="BID">2068</reference>
	11644	<reference source="CVE">CVE-2001-0051</reference>
	11645	<reference source="URL">http://www.securityfocus.com/archive/1/149222</reference>
	11646	<reference source="XF">ibm-db2-gain-access(5662)</reference>
	11647	</references><tags>
	11648	<tag>Default Account</tag>
	11649	<tag>IBM</tag>
	11650	<tag>IBM DB2</tag>
	11651	<tag>Telnet</tag>
	11652	</tags>
	11653	<solution>
	11654
	11655	<ContainerBlockElement>
	11656	<Paragraph>
	11657	<Paragraph>Change the password to a non-default value.</Paragraph></Paragraph></ContainerBlockElement></solution>
	11658	</vulnerability>
	11659
	11660	<vulnerability id="telnet-default-account-admin-password-password" title="Default Telnet password: admin password "password"" severity="10" pciSeverity="5" cvssScore="10.0" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:C)" published="19700101T000000000" added="20090512T000000000" modified="20120716T000000000">
	11661	<description>
	11662
	11663	<ContainerBlockElement>
	11664
	11665	<Paragraph>The admin account uses a password of "password". This would allow
	11666	anyone to log into the machine via telnet and take complete
	11667	control.</Paragraph>
	11668	</ContainerBlockElement></description>
	11669	<references>
	11670	</references><tags>
	11671	<tag>Default Account</tag>
	11672	<tag>Telnet</tag>
	11673	</tags>
	11674	<solution>
	11675
	11676	<ContainerBlockElement>
	11677	<Paragraph>
	11678	<Paragraph>
	11679	Change the password to a non-default value.
	11680	</Paragraph></Paragraph></ContainerBlockElement></solution>
	11681	</vulnerability>
	11682
	11683	<vulnerability id="telnet-default-account-root-password-password" title="Default Telnet password: root password "password"" severity="10" pciSeverity="5" cvssScore="10.0" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:C)" published="20050125T000000000" added="20050125T000000000" modified="20120716T000000000">
	11684	<description>
	11685
	11686	<ContainerBlockElement>
	11687
	11688	<Paragraph>The root account uses a password of "password". This would allow
	11689	anyone to log into the machine via Telnet and take complete control.</Paragraph>
	11690	</ContainerBlockElement></description>
	11691	<references>
	11692	</references><tags>
	11693	<tag>Default Account</tag>
	11694	<tag>Telnet</tag>
	11695	</tags>
	11696	<solution>
	11697
	11698	<ContainerBlockElement>
	11699	<Paragraph>
	11700	<Paragraph>Use the "passwd" command to set a more secure login password. A good
	11701	password should consist of a mix of lower- and upper-case characters,
	11702	numbers, and punctuation and should be at least 8 characters long.
	11703	You may also want to disable the Telnet service altogether and switch
	11704	to something like SSH. If you switch to SSH, consider disabling root
	11705	login via SSH, which you can do in OpenSSH by adding the following to
	11706	sshd.conf:</Paragraph>
	11707	<Paragraph preformat="true">PermitRootLogin: no</Paragraph></Paragraph></ContainerBlockElement></solution>
	11708	</vulnerability>
	11709
	11710	<vulnerability id="TELNET-GENERIC-0001" title="TELNET access with no account and password admin" severity="10" pciSeverity="5" cvssScore="10.0" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:C)" published="20041101T000000000" added="20041101T000000000" modified="20120716T000000000">
	11711	<description>
	11712
	11713	<ContainerBlockElement>
	11714	Many systems, such as routers, do not require an account name. This system appears to use the password "admin". It is best practice to remove default accounts, if possible. For accounts required by the system, the default password should be changed.
	11715	</ContainerBlockElement></description>
	11716	<references>
	11717	</references><tags>
	11718	<tag>Default Account</tag>
	11719	<tag>Telnet</tag>
	11720	</tags>
	11721	<solution>
	11722
	11723	<ContainerBlockElement>
	11724	<Paragraph>
	11725	Remove or disable the account if it is not critical for the system to function. Otherwise, the password should be changed to a non-default value.
	11726	</Paragraph></ContainerBlockElement></solution>
	11727	</vulnerability>
	11728
	11729	<vulnerability id="TELNET-GENERIC-0002" title="TELNET access with account admin and password admin" severity="10" pciSeverity="5" cvssScore="10.0" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:C)" published="20041101T000000000" added="20041101T000000000" modified="20120716T000000000">
	11730	<description>
	11731
	11732	<ContainerBlockElement>
	11733	Many systems, such as routers, use an administrative account "admin" with the password "admin". It is best practice to remove default accounts, if possible. For accounts required by the system, the default password should be changed.
	11734	</ContainerBlockElement></description>
	11735	<references>
	11736	</references><tags>
	11737	<tag>Default Account</tag>
	11738	<tag>Telnet</tag>
	11739	</tags>
	11740	<solution>
	11741
	11742	<ContainerBlockElement>
	11743	<Paragraph>
	11744	Remove or disable the account if it is not critical for the system to function. Otherwise, the password should be changed to a non-default value.
	11745	</Paragraph></ContainerBlockElement></solution>
	11746	</vulnerability>
	11747
	11748	<vulnerability id="TELNET-GENERIC-0003" title="TELNET access with no account and password password" severity="10" pciSeverity="5" cvssScore="10.0" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:C)" published="20041101T000000000" added="20041101T000000000" modified="20120716T000000000">
	11749	<description>
	11750
	11751	<ContainerBlockElement>
	11752	Many systems, such as routers, do not require an account name. This system appears to use the password "password". It is best practice to remove default accounts, if possible. For accounts required by the system, the default password should be changed.
	11753	</ContainerBlockElement></description>
	11754	<references>
	11755	</references><tags>
	11756	<tag>Default Account</tag>
	11757	<tag>Telnet</tag>
	11758	</tags>
	11759	<solution>
	11760
	11761	<ContainerBlockElement>
	11762	<Paragraph>
	11763	Remove or disable the account if it is not critical for the system to function. Otherwise, the password should be changed to a non-default value.
	11764	</Paragraph></ContainerBlockElement></solution>
	11765	</vulnerability>
	11766
	11767	<vulnerability id="TELNET-GENERIC-0004" title="TELNET access with root and password root" severity="10" pciSeverity="5" cvssScore="10.0" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:C)" published="20041101T000000000" added="20041101T000000000" modified="20120716T000000000">
	11768	<description>
	11769
	11770	<ContainerBlockElement>
	11771	Many systems, such as Unix systems, have an administrative account with the user ID "root" and password "root". It is best practice to remove default accounts, if possible. For accounts required by the system, the default password should be changed. This account often grants full access to the system.
	11772	</ContainerBlockElement></description>
	11773	<references>
	11774	</references><tags>
	11775	<tag>Default Account</tag>
	11776	<tag>Telnet</tag>
	11777	</tags>
	11778	<solution>
	11779
	11780	<ContainerBlockElement>
	11781	<Paragraph>
	11782	Remove or disable the account if it is not critical for the system to function. Otherwise, the password should be changed to a non-default value.
	11783	</Paragraph></ContainerBlockElement></solution>
	11784	</vulnerability>
	11785
	11786	<vulnerability id="TELNET-GENERIC-0005" title="TELNET access with root and no password" severity="10" pciSeverity="5" cvssScore="10.0" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:C)" published="20041101T000000000" added="20041101T000000000" modified="20120716T000000000">
	11787	<description>
	11788
	11789	<ContainerBlockElement>
	11790	Many systems, such as Unix systems, have an administrative account with the user ID "root" and password "". It is best practice to remove default accounts, if possible. For accounts required by the system, the default password should be changed. This account often grants full access to the system.
	11791	</ContainerBlockElement></description>
	11792	<references>
	11793	</references><tags>
	11794	<tag>Default Account</tag>
	11795	<tag>Telnet</tag>
	11796	</tags>
	11797	<solution>
	11798
	11799	<ContainerBlockElement>
	11800	<Paragraph>
	11801	Remove or disable the account if it is not critical for the system to function. Otherwise, the password should be changed to a non-default value.
	11802	</Paragraph></ContainerBlockElement></solution>
	11803	</vulnerability>
	11804
	11805	<vulnerability id="telnet-netscreen-default-netscreen-netscreen" title="Netscreen device default password: netscreen" severity="10" pciSeverity="5" cvssScore="10.0" cvssVector="(AV:N/AC:L/Au:N/C:C/I:C/A:C)" published="19980101T000000000" added="20090212T000000000" modified="20120716T000000000">
	11806	<description>
	11807
	11808	<ContainerBlockElement>
	11809
	11810	<Paragraph>
	11811	Many Netscreen devices use the default password "netscreen".
	11812	It is best practice to change the default password on all devices.
	11813	</Paragraph>
	11814	</ContainerBlockElement></description>
	11815	<references>
	11816	</references><tags>
	11817	<tag>Default Account</tag>
	11818	<tag>Telnet</tag>
	11819	</tags>
	11820	<solution>
	11821
	11822	<ContainerBlockElement>
	11823	<Paragraph>
	11824	<Paragraph>
	11825	Change the password to a non-default value.
	11826	</Paragraph></Paragraph></ContainerBlockElement></solution>
	11827	</vulnerability>
	11828
	11829	<vulnerability id="telnet-open-port" title="Unencrypted Telnet Service Available" severity="3" pciSeverity="3" cvssScore="2.9" cvssVector="(AV:A/AC:M/Au:N/C:P/I:N/A:N)" published="20100101T000000000" added="20100930T000000000" modified="20130703T000000000">
	11830	<description>
	11831
	11832	<ContainerBlockElement>
	11833
	11834	<Paragraph>
	11835	Telnet is an unencrypted protocol, as such it sends sensitive data
	11836	(usernames and passwords) in clear text. For this reason, it is a
	11837	violation of PCI DSS section 2.3 to have telnet enabled, unless a
	11838	business case can be made for why it is required.
	11839	</Paragraph>
	11840	</ContainerBlockElement></description>
	11841	<references>
	11842	<reference source="URL">https://www.pcisecuritystandards.org/security_standards/download.html?id=pci_dss_v1-2.pdf</reference>
	11843	</references><tags>
	11844	<tag>Insecure Remote Access</tag>
	11845	<tag>Telnet</tag>
	11846	</tags>
	11847	<solution>
	11848
	11849	<ContainerBlockElement>
	11850	<Paragraph>
	11851	<Paragraph>
	11852	Disable the telnet service. Replace it with technologies
	11853	such as SSH, VPN, or TLS.
	11854	</Paragraph></Paragraph></ContainerBlockElement></solution>
	11855	</vulnerability>
	11856
	11857	<vulnerability id="tls-server-cert-expired" title="X.509 Server Certificate Is Invalid/Expired" severity="7" pciSeverity="4" cvssScore="6.8" cvssVector="(AV:N/AC:M/Au:N/C:P/I:P/A:P)" published="19950101T000000000" added="20090716T000000000" modified="20121019T000000000">
	11858	<description>
	11859
	11860	<ContainerBlockElement>
	11861
	11862	<Paragraph>
	11863	The TLS/SSL server's X.509 certificate either contains a start date
	11864	in the future or is expired. Please refer to the proof for more details.
	11865	</Paragraph>
	11866	</ContainerBlockElement></description>
	11867	<references>
	11868	</references><tags>
	11869	<tag>Network</tag>
	11870	</tags>
	11871	<solution>
	11872
	11873	<ContainerBlockElement>
	11874	<Paragraph>
	11875	<Paragraph>
	11876	Obtain a new certificate and install it on the server. The exact
	11877	instructions for obtaining a new certificate depend on your
	11878	organization's requirements. Generally, you will need to generate a
	11879	certificate request and save the request as a file. This file is then
	11880	sent to a Certificate Authority (CA) for processing. Please ensure that
	11881	the start date and the end date on the new certificate are valid.
	11882	</Paragraph>
	11883	<Paragraph>
	11884	Your organization may have its own internal Certificate Authority. If not, you
	11885	may have to pay for a certificate from a trusted external Certificate Authority.
	11886	</Paragraph>
	11887	<Paragraph>
	11888	After you have received a new certificate file from the Certificate
	11889	Authority, you will have to install it on the TLS/SSL server. The
	11890	exact instructions for installing a certificate differ for each product.
	11891	Please follow their documentation.
	11892	</Paragraph></Paragraph></ContainerBlockElement></solution>
	11893	</vulnerability>
	11894
	11895	<vulnerability id="tls-server-cert-sig-alg-md5" title="MD5-based Signature in TLS/SSL Server X.509 Certificate" severity="5" pciSeverity="3" cvssScore="5.0" cvssVector="(AV:N/AC:L/Au:N/C:N/I:P/A:N)" published="20040817T000000000" added="20090105T000000000" modified="20120712T000000000">
	11896	<description>
	11897
	11898	<ContainerBlockElement>
	11899
	11900	<Paragraph>
	11901	Multiple weaknesses exist in the MD5 cryptographic hash function, which make
	11902	it insecure when used to sign X.509 certificates. Namely:
	11903	</Paragraph>
	11904
	11905	<UnorderedList>
	11906	<ListItem>
	11907	In August 2004, Xiaoyun Wang, Dengguo Feng, Xuejia Lai, and Hongbo Yu
	11908	published the results of a
	11909
	11910	<URLLink LinkURL="http://eprint.iacr.org/2004/199" LinkTitle="http://eprint.iacr.org/2004/199" href="http://eprint.iacr.org/2004/199">collision attack</URLLink>.
	11911	</ListItem>
	11912	<ListItem>
	11913	In October 2006, Marc Stevens, Arjen K. Lenstra, and Benne de Weger
	11914	produced a
	11915
	11916	<URLLink LinkURL="http://www.win.tue.nl/hashclash/TargetCollidingCertificates/" LinkTitle="http://www.win.tue.nl/hashclash/TargetCollidingCertificates/" href="http://www.win.tue.nl/hashclash/TargetCollidingCertificates/">pair
	11917	of colliding X.509 certificates for different identities</URLLink>. The
	11918	method used to produce them was later published in the EuroCrypt 2007 Proceedings,
	11919	and described as one practical application of
	11920
	11921	<URLLink LinkURL="http://www.win.tue.nl/hashclash/ChosenPrefixCollisions/" LinkTitle="http://www.win.tue.nl/hashclash/ChosenPrefixCollisions/" href="http://www.win.tue.nl/hashclash/ChosenPrefixCollisions/">chosen-prefix
	11922	collision attacks</URLLink>.
	11923	</ListItem>
	11924	<ListItem>
	11925	In December 2008, a larger team of security researchers used this attack to create a
	11926
	11927	<URLLink LinkURL="http://www.win.tue.nl/hashclash/rogue-ca/" LinkTitle="http://www.win.tue.nl/hashclash/rogue-ca/" href="http://www.win.tue.nl/hashclash/rogue-ca/">rogue CA certificate</URLLink>,
	11928	allowing them to impersonate any website on the Internet, including banking and
	11929	e-commerce sites secured using the HTTPS protocol.
	11930	</ListItem></UnorderedList>
	11931	</ContainerBlockElement></description>
	11932	<references>
	11933	<reference source="BID">33065</reference>
	11934	<reference source="CERT-VN">836068</reference>
	11935	<reference source="CVE">CVE-2004-2761</reference>
	11936	<reference source="REDHAT">RHSA-2010:0837</reference>
	11937	<reference source="REDHAT">RHSA-2010:0838</reference>
	11938	<reference source="SECUNIA">33826</reference>
	11939	<reference source="SECUNIA">34281</reference>
	11940	<reference source="SECUNIA">42181</reference>
	11941	<reference source="URL">http://blogs.technet.com/swi/archive/2008/12/30/information-regarding-md5-collisions-problem.aspx</reference>
	11942	<reference source="URL">http://www.microsoft.com/technet/security/advisory/961509.mspx</reference>
	11943	</references><tags>
	11944	<tag>Network</tag>
	11945	<tag>Web</tag>
	11946	</tags>
	11947	<solution>
	11948
	11949	<ContainerBlockElement>
	11950	<Paragraph>
	11951	<Paragraph>
	11952	Stop using signature algorithms relying on MD5, such as "MD5withRSA",
	11953	when signing X.509 certificates. Instead, use SHA-1, or preferably the
	11954	SHA-2 family (SHA-224, SHA-256, SHA-384, and SHA-512).
	11955	</Paragraph></Paragraph></ContainerBlockElement></solution>
	11956	</vulnerability>
	11957
	11958	<vulnerability id="tls-server-cert-to-expire" title="X.509 Server Certificate Will Expire Within 30 Days" severity="1" pciSeverity="1" cvssScore="-0.0" cvssVector="(AV:L/AC:H/Au:N/C:N/I:N/A:N)" published="19950101T000000000" added="20121018T000000000" modified="20121018T000000000">
	11959	<description>
	11960
	11961	<ContainerBlockElement>
	11962
	11963	<Paragraph>
	11964	The TLS/SSL server's X.509 certificate will expire within 30 days.
	11965	Please refer to the proof for more details.
	11966	</Paragraph>
	11967	</ContainerBlockElement></description>
	11968	<references>
	11969	</references><tags>
	11970	<tag>Network</tag>
	11971	</tags>
	11972	<solution>
	11973
	11974	<ContainerBlockElement>
	11975	<Paragraph>
	11976	<Paragraph>
	11977	Obtain a new certificate and install it on the server. The exact
	11978	instructions for obtaining a new certificate depend on your
	11979	organization's requirements. Generally, you will need to generate a
	11980	certificate request and save the request as a file. This file is then
	11981	sent to a Certificate Authority (CA) for processing. Please ensure that
	11982	the start date and the end date on the new certificate are valid.
	11983	</Paragraph>
	11984	<Paragraph>
	11985	Your organization may have its own internal Certificate Authority. If not, you
	11986	may have to pay for a certificate from a trusted external Certificate Authority.
	11987	</Paragraph>
	11988	<Paragraph>
	11989	After you have received a new certificate file from the Certificate
	11990	Authority, you will have to install it on the TLS/SSL server. The
	11991	exact instructions for installing a certificate differ for each product.
	11992	Please follow their documentation.
	11993	</Paragraph></Paragraph></ContainerBlockElement></solution>
	11994	</vulnerability>
	11995
	11996	<vulnerability id="udp-ipid-zero" title="UDP IP ID Zero" severity="1" pciSeverity="1" cvssScore="0.0" cvssVector="(AV:N/AC:L/Au:N/C:N/I:N/A:N)" published="20020812T000000000" added="20110523T000000000" modified="20120712T000000000">
	11997	<description>
	11998
	11999	<ContainerBlockElement>
	12000
	12001	<Paragraph>
	12002	The remote host responded with a UDP packet whose IP ID was zero.
	12003	Normally the IP ID should be set to a unique value and is used in the
	12004	reconstruction of fragmented packets. Generally this behavior is only
	12005	seen with systems derived from a Linux kernel, which may allow an
	12006	attacker to fingerprint the target's operating system.
	12007	</Paragraph>
	12008	</ContainerBlockElement></description>
	12009	<references>
	12010	</references><tags>
	12011	<tag>Network</tag>
	12012	</tags>
	12013	<solution>
	12014
	12015	<ContainerBlockElement>
	12016	<Paragraph>
	12017	Many vendors do not consider this to be a vulnerability,
	12018	or a vulnerability worth fixing, so there are no vendor-provided
	12019	solutions aside from putting a firewall or other filtering device
	12020	between the target and hostile attackers that is capable of
	12021	randomizing IP IDs.
	12022	</Paragraph></ContainerBlockElement></solution>
	12023	</vulnerability>
	12024
	12025	<vulnerability id="weak-crypto-key" title="Weak Cryptographic Key" severity="3" pciSeverity="3" cvssScore="3.2" cvssVector="(AV:A/AC:H/Au:N/C:P/I:P/A:N)" published="20050101T000000000" added="20111024T000000000" modified="20130718T000000000">
	12026	<description>
	12027
	12028	<ContainerBlockElement>
	12029
	12030	<Paragraph>
	12031	The key length used by a cryptographic algorithm determines the highest
	12032	security it can offer. Newly discovered theoretical attacks and hardware
	12033	advances constantly erode this security level over time. Taking this
	12034	into account, as of 2011, governmental, academic, and private
	12035	organizations providing guidance on cryptographic security, such as
	12036	the
	12037	<URLLink LinkURL="http://www.nist.gov" LinkTitle="http://www.nist.gov" href="http://www.nist.gov">National Institute of Standards and Technology</URLLink> (NIST),
	12038	the
	12039	<URLLink LinkURL="http://www.ecrypt.eu.org" LinkTitle="http://www.ecrypt.eu.org" href="http://www.ecrypt.eu.org">European Network of Excellence in Cryptology II</URLLink> (ECRYPT II),
	12040	make the following general recommendations to provide short to medium term
	12041	security against even the most well-funded attackers (eg. intelligence agencies):
	12042
	12043	<UnorderedList>
	12044	<ListItem>Symmetric key lengths of at least 80-112 bits.</ListItem>
	12045	<ListItem>Elliptic curve key lengths of at least 160-224 bits.</ListItem>
	12046	<ListItem>RSA key lengths of at least 1248-2048 bits.
	12047	In particular, the CA/Browser Forum
	12048
	12049	<URLLink LinkURL="http://www.cabforum.org/EV_Certificate_Guidelines.pdf" LinkTitle="http://www.cabforum.org/EV_Certificate_Guidelines.pdf" href="http://www.cabforum.org/EV_Certificate_Guidelines.pdf">Extended Validation (EV) Guidelines</URLLink>
	12050	require a minimum key length of 2048 bits.
	12051	Also, current research shows that factoring a 1024-bit RSA modulus
	12052
	12053	<URLLink LinkURL="http://people.csail.mit.edu/tromer/papers/tromer-phd-dissertation-11pt.pdf" LinkTitle="http://people.csail.mit.edu/tromer/papers/tromer-phd-dissertation-11pt.pdf" href="http://people.csail.mit.edu/tromer/papers/tromer-phd-dissertation-11pt.pdf">is within practical reach.</URLLink>
	12054	</ListItem>
	12055	<ListItem>DSA key lengths of at least 2048 bits.</ListItem></UnorderedList>
	12056	</Paragraph>
	12057
	12058	<Paragraph>
	12059	Additionally, starting in 2014, the Certificate Authority/Browser Forum has mandated that 1024-bit RSA keys no
	12060	longer be supported for SSL certificates or code signing.
	12061	</Paragraph>
	12062	</ContainerBlockElement></description>
	12063	<references>
	12064	<reference source="URL">http://www.symantec.com/page.jsp?id=1024-bit-certificate-support</reference>
	12065	<reference source="URL">http://csrc.nist.gov/publications/nistpubs/800-131A/sp800-131A.pdf</reference>
	12066	<reference source="URL">http://csrc.nist.gov/groups/ST/toolkit/key_management.html</reference>
	12067	<reference source="URL">http://www.bundesnetzagentur.de/SharedDocs/Downloads/DE/BNetzA/Sachgebiete/QES/Veroeffentlichungen/Algorithmen/2011_2_AlgoKatpdf.pdf</reference>
	12068	<reference source="URL">http://www.ecrypt.eu.org/documents/D.SPA.17.pdf</reference>
	12069	<reference source="URL">http://www.keylength.com</reference>
	12070	<reference source="URL">http://www.ssi.gouv.fr/IMG/pdf/RGS_B_1.pdf</reference>
	12071	</references><tags>
	12072	<tag>Network</tag>
	12073	<tag>Web</tag>
	12074	</tags>
	12075	<solution>
	12076
	12077	<ContainerBlockElement>
	12078	<Paragraph>
	12079	<Paragraph>
	12080	If the weak key is used in an X.509 certificate (for example for an HTTPS server),
	12081	generate a longer key and recreate the certificate.
	12082	</Paragraph></Paragraph>
	12083	<Paragraph>
	12084	Please also refer to
	12085	<URLLink LinkURL="http://csrc.nist.gov/publications/nistpubs/800-131A/sp800-131A.pdf" LinkTitle="http://csrc.nist.gov/publications/nistpubs/800-131A/sp800-131A.pdf" href="http://csrc.nist.gov/publications/nistpubs/800-131A/sp800-131A.pdf">NIST's
	12086	recommendations on cryptographic algorithms and key lengths</URLLink>.
	12087	</Paragraph></ContainerBlockElement></solution>
	12088	</vulnerability>
	12089	</VulnerabilityDefinitions>
	12090	</NexposeReport>⏎

+89

-0

test_cases/plugins/nmap.py less more

	0	#!/usr/bin/env python2.7
	1	# -- coding: utf-8 --
	2
	3	'''
	4	Faraday Penetration Test IDE
	5	Copyright (C) 2013 Infobyte LLC (http://www.infobytesec.com/)
	6	See the file 'doc/LICENSE' for the license information
	7
	8	'''
	9
	10	import unittest
	11	import sys
	12	import os
	13	sys.path.append(os.path.abspath(os.getcwd()))
	14	from plugins.repo.nmap.plugin import NmapPlugin
	15	from model.common import (
	16	factory, ModelObjectVuln, ModelObjectCred,
	17	ModelObjectVulnWeb, ModelObjectNote
	18	)
	19	from model.hosts import (
	20	Host, Service, Interface
	21	)
	22	from plugins.modelactions import modelactions
	23
	24
	25	class NmapXMLParserTest(unittest.TestCase):
	26	plugin = NmapPlugin()
	27	outputNmapBlog = ("Starting Nmap 7.12 ( https://nmap.org ) at 2016-05-16 14:56 ART\n"
	28	"Nmap scan report for joaquinlp.me (198.38.82.159)\n"
	29	"Host is up (0.19s latency).\n"
	30	"rDNS record for 198.38.82.159: mocha2005.mochahost.com\n"
	31	"Not shown: 956 filtered ports, 31 closed ports\n"
	32	"PORT STATE SERVICE\n"
	33	"21/tcp open ftp\n"
	34	"25/tcp open smtp\n"
	35	"53/tcp open domain\n"
	36	"80/tcp open http\n"
	37	"110/tcp open pop3\n"
	38	"143/tcp open imap\n"
	39	"443/tcp open https\n"
	40	"465/tcp open smtps\n"
	41	"587/tcp open submission\n"
	42	"993/tcp open imaps\n"
	43	"995/tcp open pop3s\n"
	44	"2525/tcp open ms-v-worlds\n"
	45	"3306/tcp open mysql\n"
	46	"\n"
	47	"Nmap done: 1 IP address (1 host up) scanned in 32.05 seconds\n")
	48
	49	cd = os.path.dirname(os.path.realpath(__file__))
	50	with open(cd + '/nmap_output_xml', 'r') as output:
	51	xml_output = output.read()
	52
	53	def setUp(self):
	54	factory.register(Host)
	55	factory.register(Interface)
	56	factory.register(Service)
	57	factory.register(ModelObjectVuln)
	58	factory.register(ModelObjectVulnWeb)
	59	factory.register(ModelObjectNote)
	60	factory.register(ModelObjectCred)
	61
	62	def test_Plugin_Calls_createAndAddHost(self):
	63	self.plugin.parseOutputString(self.xml_output)
	64	action = self.plugin._pending_actions.get(block=True)
	65	self.assertEqual(action[0], modelactions.CADDHOST)
	66	self.assertEqual(action[1], "198.38.82.159")
	67	action = self.plugin._pending_actions.get(block=True)
	68	self.assertEqual(action[0], modelactions.CADDINTERFACE)
	69	self.assertEqual(action[2], "198.38.82.159")
	70
	71	def test_Plugin_Calls_createAndAddService(self):
	72	self.plugin.parseOutputString(self.xml_output)
	73	action = self.plugin._pending_actions.get(block=True)
	74	self.assertEqual(action[0], modelactions.CADDSERVICEINT)
	75	self.assertEqual(action[5], ['21'])
	76	self.assertEqual(action[3], 'ftp')
	77	self.assertEqual(action[4], 'tcp')
	78	action = self.plugin._pending_actions.get(block=True)
	79	action = self.plugin._pending_actions.get(block=True)
	80	action = self.plugin._pending_actions.get(block=True)
	81	self.assertEqual(action[0], modelactions.CADDSERVICEINT)
	82	self.assertEqual(action[5], ['80'])
	83	self.assertEqual(action[3], 'http')
	84	self.assertEqual(action[4], 'tcp')
	85
	86
	87	if __name__ == '__main__':
	88	unittest.main()

+39

-0

test_cases/plugins/nmap_output_xml less more

	0	<?xml version="1.0" encoding="UTF-8"?>
	1	<!DOCTYPE nmaprun>
	2	<?xml-stylesheet href="file:///usr/bin/../share/nmap/nmap.xsl" type="text/xsl"?>
	3	<!-- Nmap 7.12 scan initiated Mon May 16 14:56:59 2016 as: nmap -oX /home/joaquin/.faraday/data/test-test-nmap_Nmap_output-9.17673265273.xml joaquinlp.me -->
	4	<nmaprun scanner="nmap" args="nmap -oX /home/joaquin/.faraday/data/test-test-nmap_Nmap_output-9.17673265273.xml joaquinlp.me" start="1463421419" startstr="Mon May 16 14:56:59 2016" version="7.12" xmloutputversion="1.04">
	5	<scaninfo type="connect" protocol="tcp" numservices="1000" services="1,3-4,6-7,9,13,17,19-26,30,32-33,37,42-43,49,53,70,79-85,88-90,99-100,106,109-111,113,119,125,135,139,143-144,146,161,163,179,199,211-212,222,254-256,259,264,280,301,306,311,340,366,389,406-407,416-417,425,427,443-445,458,464-465,481,497,500,512-515,524,541,543-545,548,554-555,563,587,593,616-617,625,631,636,646,648,666-668,683,687,691,700,705,711,714,720,722,726,749,765,777,783,787,800-801,808,843,873,880,888,898,900-903,911-912,981,987,990,992-993,995,999-1002,1007,1009-1011,1021-1100,1102,1104-1108,1110-1114,1117,1119,1121-1124,1126,1130-1132,1137-1138,1141,1145,1147-1149,1151-1152,1154,1163-1166,1169,1174-1175,1183,1185-1187,1192,1198-1199,1201,1213,1216-1218,1233-1234,1236,1244,1247-1248,1259,1271-1272,1277,1287,1296,1300-1301,1309-1311,1322,1328,1334,1352,1417,1433-1434,1443,1455,1461,1494,1500-1501,1503,1521,1524,1533,1556,1580,1583,1594,1600,1641,1658,1666,1687-1688,1700,1717-1721,1723,1755,1761,1782-1783,1801,1805,1812,1839-1840,1862-1864,1875,1900,1914,1935,1947,1971-1972,1974,1984,1998-2010,2013,2020-2022,2030,2033-2035,2038,2040-2043,2045-2049,2065,2068,2099-2100,2103,2105-2107,2111,2119,2121,2126,2135,2144,2160-2161,2170,2179,2190-2191,2196,2200,2222,2251,2260,2288,2301,2323,2366,2381-2383,2393-2394,2399,2401,2492,2500,2522,2525,2557,2601-2602,2604-2605,2607-2608,2638,2701-2702,2710,2717-2718,2725,2800,2809,2811,2869,2875,2909-2910,2920,2967-2968,2998,3000-3001,3003,3005-3007,3011,3013,3017,3030-3031,3052,3071,3077,3128,3168,3211,3221,3260-3261,3268-3269,3283,3300-3301,3306,3322-3325,3333,3351,3367,3369-3372,3389-3390,3404,3476,3493,3517,3527,3546,3551,3580,3659,3689-3690,3703,3737,3766,3784,3800-3801,3809,3814,3826-3828,3851,3869,3871,3878,3880,3889,3905,3914,3918,3920,3945,3971,3986,3995,3998,4000-4006,4045,4111,4125-4126,4129,4224,4242,4279,4321,4343,4443-4446,4449,4550,4567,4662,4848,4899-4900,4998,5000-5004,5009,5030,5033,5050-5051,5054,5060-5061,5080,5087,5100-5102,5120,5190,5200,5214,5221-5222,5225-5226,5269,5280,5298,5357,5405,5414,5431-5432,5440,5500,5510,5544,5550,5555,5560,5566,5631,5633,5666,5678-5679,5718,5730,5800-5802,5810-5811,5815,5822,5825,5850,5859,5862,5877,5900-5904,5906-5907,5910-5911,5915,5922,5925,5950,5952,5959-5963,5987-5989,5998-6007,6009,6025,6059,6100-6101,6106,6112,6123,6129,6156,6346,6389,6502,6510,6543,6547,6565-6567,6580,6646,6666-6669,6689,6692,6699,6779,6788-6789,6792,6839,6881,6901,6969,7000-7002,7004,7007,7019,7025,7070,7100,7103,7106,7200-7201,7402,7435,7443,7496,7512,7625,7627,7676,7741,7777-7778,7800,7911,7920-7921,7937-7938,7999-8002,8007-8011,8021-8022,8031,8042,8045,8080-8090,8093,8099-8100,8180-8181,8192-8194,8200,8222,8254,8290-8292,8300,8333,8383,8400,8402,8443,8500,8600,8649,8651-8652,8654,8701,8800,8873,8888,8899,8994,9000-9003,9009-9011,9040,9050,9071,9080-9081,9090-9091,9099-9103,9110-9111,9200,9207,9220,9290,9415,9418,9485,9500,9502-9503,9535,9575,9593-9595,9618,9666,9876-9878,9898,9900,9917,9929,9943-9944,9968,9998-10004,10009-10010,10012,10024-10025,10082,10180,10215,10243,10566,10616-10617,10621,10626,10628-10629,10778,11110-11111,11967,12000,12174,12265,12345,13456,13722,13782-13783,14000,14238,14441-14442,15000,15002-15004,15660,15742,16000-16001,16012,16016,16018,16080,16113,16992-16993,17877,17988,18040,18101,18988,19101,19283,19315,19350,19780,19801,19842,20000,20005,20031,20221-20222,20828,21571,22939,23502,24444,24800,25734-25735,26214,27000,27352-27353,27355-27356,27715,28201,30000,30718,30951,31038,31337,32768-32785,33354,33899,34571-34573,35500,38292,40193,40911,41511,42510,44176,44442-44443,44501,45100,48080,49152-49161,49163,49165,49167,49175-49176,49400,49999-50003,50006,50300,50389,50500,50636,50800,51103,51493,52673,52822,52848,52869,54045,54328,55055-55056,55555,55600,56737-56738,57294,57797,58080,60020,60443,61532,61900,62078,63331,64623,64680,65000,65129,65389"/>
	6	<verbose level="0"/>
	7	<debugging level="0"/>
	8	<host starttime="1463421419" endtime="1463421451"><status state="up" reason="syn-ack" reason_ttl="0"/>
	9	<address addr="198.38.82.159" addrtype="ipv4"/>
	10	<hostnames>
	11	<hostname name="joaquinlp.me" type="user"/>
	12	<hostname name="mocha2005.mochahost.com" type="PTR"/>
	13	</hostnames>
	14	<ports><extraports state="filtered" count="956">
	15	<extrareasons reason="no-responses" count="956"/>
	16	</extraports>
	17	<extraports state="closed" count="31">
	18	<extrareasons reason="conn-refused" count="31"/>
	19	</extraports>
	20	<port protocol="tcp" portid="21"><state state="open" reason="syn-ack" reason_ttl="0"/><service name="ftp" method="table" conf="3"/></port>
	21	<port protocol="tcp" portid="25"><state state="open" reason="syn-ack" reason_ttl="0"/><service name="smtp" method="table" conf="3"/></port>
	22	<port protocol="tcp" portid="53"><state state="open" reason="syn-ack" reason_ttl="0"/><service name="domain" method="table" conf="3"/></port>
	23	<port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="0"/><service name="http" method="table" conf="3"/></port>
	24	<port protocol="tcp" portid="110"><state state="open" reason="syn-ack" reason_ttl="0"/><service name="pop3" method="table" conf="3"/></port>
	25	<port protocol="tcp" portid="143"><state state="open" reason="syn-ack" reason_ttl="0"/><service name="imap" method="table" conf="3"/></port>
	26	<port protocol="tcp" portid="443"><state state="open" reason="syn-ack" reason_ttl="0"/><service name="https" method="table" conf="3"/></port>
	27	<port protocol="tcp" portid="465"><state state="open" reason="syn-ack" reason_ttl="0"/><service name="smtps" method="table" conf="3"/></port>
	28	<port protocol="tcp" portid="587"><state state="open" reason="syn-ack" reason_ttl="0"/><service name="submission" method="table" conf="3"/></port>
	29	<port protocol="tcp" portid="993"><state state="open" reason="syn-ack" reason_ttl="0"/><service name="imaps" method="table" conf="3"/></port>
	30	<port protocol="tcp" portid="995"><state state="open" reason="syn-ack" reason_ttl="0"/><service name="pop3s" method="table" conf="3"/></port>
	31	<port protocol="tcp" portid="2525"><state state="open" reason="syn-ack" reason_ttl="0"/><service name="ms-v-worlds" method="table" conf="3"/></port>
	32	<port protocol="tcp" portid="3306"><state state="open" reason="syn-ack" reason_ttl="0"/><service name="mysql" method="table" conf="3"/></port>
	33	</ports>
	34	<times srtt="193191" rttvar="22985" to="285131"/>
	35	</host>
	36	<runstats><finished time="1463421451" timestr="Mon May 16 14:57:31 2016" elapsed="32.05" summary="Nmap done at Mon May 16 14:57:31 2016; 1 IP address (1 host up) scanned in 32.05 seconds" exit="success"/><hosts up="1" down="0" total="1"/>
	37	</runstats>
	38	</nmaprun>

+58

-0

test_cases/plugins/telnet.py less more

	0	#!/usr/bin/env python2.7
	1	# -- coding: utf-8 --
	2
	3	'''
	4	Faraday Penetration Test IDE
	5	Copyright (C) 2013 Infobyte LLC (http://www.infobytesec.com/)
	6	See the file 'doc/LICENSE' for the license information
	7
	8	'''
	9
	10	import unittest
	11	import sys
	12	import os
	13	sys.path.append(os.path.abspath(os.getcwd()))
	14	from plugins.repo.telnet.plugin import TelnetRouterPlugin
	15	from model.common import (
	16	factory, ModelObjectVuln, ModelObjectCred,
	17	ModelObjectVulnWeb, ModelObjectNote
	18	)
	19	from model.hosts import (
	20	Host, Service, Interface
	21	)
	22	from plugins.modelactions import modelactions
	23
	24
	25	class CmdPingPluginTest(unittest.TestCase):
	26	plugin = TelnetRouterPlugin()
	27	outputTelnetLocalhost = ("Connection failed: Connection refused\n"
	28	"Trying ::1%1...\n"
	29	"Trying 127.0.0.1...\n"
	30	"Connected to localhost.\n"
	31	"Escape character is '^]'.\n"
	32	"a\n"
	33	"HTTP/1.1 400 Bad Request\n"
	34	"Server: MochiWeb/1.0 (Any of you quaids got a smint?)\n"
	35	"Date: Mon, 16 May 2016 17:42:18 GMT\n"
	36	"Content-Length: 0\n\n"
	37	"Connection closed by foreign host.\n")
	38	def setUp(self):
	39	factory.register(Host)
	40	factory.register(Interface)
	41	factory.register(Service)
	42	factory.register(ModelObjectVuln)
	43	factory.register(ModelObjectVulnWeb)
	44	factory.register(ModelObjectNote)
	45	factory.register(ModelObjectCred)
	46
	47	def test_Plugin_Calls_createAndAddHost(self):
	48	self.plugin.parseOutputString(self.outputTelnetLocalhost)
	49	action = self.plugin._pending_actions.get(block=True)
	50	self.assertEqual(action[0], modelactions.CADDHOST)
	51	self.assertEqual(action[1], "127.0.0.1")
	52	action = self.plugin._pending_actions.get(block=True)
	53	self.assertEqual(action[0], modelactions.CADDINTERFACE)
	54	self.assertEqual(action[2], "127.0.0.1")
	55
	56	if __name__ == '__main__':
	57	unittest.main()

-0

test_cases/plugins/test_common.py less more

	0	def skip(self, n):
	1	for x in range(n):
	2	action = self.plugin._pending_actions.get(block=True)

+51

-0

test_cases/plugins/whois.py less more

	0	#!/usr/bin/env python2.7
	1	# -- coding: utf-8 --
	2
	3	'''
	4	Faraday Penetration Test IDE
	5	Copyright (C) 2013 Infobyte LLC (http://www.infobytesec.com/)
	6	See the file 'doc/LICENSE' for the license information
	7
	8	'''
	9
	10	import unittest
	11	import sys
	12	import os
	13	sys.path.append(os.path.abspath(os.getcwd()))
	14	from plugins.repo.whois.plugin import CmdWhoisPlugin
	15	from model.common import (
	16	factory, ModelObjectVuln, ModelObjectCred,
	17	ModelObjectVulnWeb, ModelObjectNote
	18	)
	19	from model.hosts import (
	20	Host, Service, Interface
	21	)
	22	from plugins.modelactions import modelactions
	23
	24
	25	class CmdPingPluginTest(unittest.TestCase):
	26	plugin = CmdWhoisPlugin()
	27	cd = os.path.dirname(os.path.realpath(__file__))
	28	with open(cd + '/whois_output', 'r') as output:
	29	outputWhoisInfobyte = output.read()
	30
	31	def setUp(self):
	32	factory.register(Host)
	33	factory.register(Interface)
	34	factory.register(Service)
	35	factory.register(ModelObjectVuln)
	36	factory.register(ModelObjectVulnWeb)
	37	factory.register(ModelObjectNote)
	38	factory.register(ModelObjectCred)
	39
	40	def test_Plugin_Calls_createAndAddHost(self):
	41	self.plugin.parseOutputString(self.outputWhoisInfobyte)
	42	action = self.plugin._pending_actions.get(block=True)
	43	self.assertEqual(action[0], modelactions.CADDHOST)
	44	self.assertEqual(action[1], "205.251.196.172")
	45	action = self.plugin._pending_actions.get(block=True)
	46	self.assertEqual(action[0], modelactions.CADDINTERFACE)
	47	self.assertEqual(action[2], "205.251.196.172")
	48
	49	if __name__ == '__main__':
	50	unittest.main()

+144

-0

test_cases/plugins/whois_output less more

	0	Whois Server Version 2.0
	1
	2	Domain names in the .com and .net domains can now be registered
	3	with many different competing registrars. Go to http://www.internic.net
	4	for detailed information.
	5
	6	Domain Name: INFOBYTESEC.COM
	7	Registrar: GODADDY.COM, LLC
	8	Sponsoring Registrar IANA ID: 146
	9	Whois Server: whois.godaddy.com
	10	Referral URL: http://www.godaddy.com
	11	Name Server: NS-1196.AWSDNS-21.ORG
	12	Name Server: NS-121.AWSDNS-15.COM
	13	Name Server: NS-1959.AWSDNS-52.CO.UK
	14	Name Server: NS-869.AWSDNS-44.NET
	15	Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
	16	Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited
	17	Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
	18	Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
	19	Updated Date: 08-may-2016
	20	Creation Date: 07-may-2009
	21	Expiration Date: 07-may-2021
	22
	23	>>> Last update of whois database: Mon, 16 May 2016 16:00:55 GMT <<<
	24
	25	For more information on Whois status codes, please visit https://icann.org/epp
	26
	27	NOTICE: The expiration date displayed in this record is the date the
	28	registrar's sponsorship of the domain name registration in the registry is
	29	currently set to expire. This date does not necessarily reflect the expiration
	30	date of the domain name registrant's agreement with the sponsoring
	31	registrar. Users may consult the sponsoring registrar's Whois database to
	32	view the registrar's reported date of expiration for this registration.
	33
	34	TERMS OF USE: You are not authorized to access or query our Whois
	35	database through the use of electronic processes that are high-volume and
	36	automated except as reasonably necessary to register domain names or
	37	modify existing registrations; the Data in VeriSign Global Registry
	38	Services' ("VeriSign") Whois database is provided by VeriSign for
	39	information purposes only, and to assist persons in obtaining information
	40	about or related to a domain name registration record. VeriSign does not
	41	guarantee its accuracy. By submitting a Whois query, you agree to abide
	42	by the following terms of use: You agree that you may use this Data only
	43	for lawful purposes and that under no circumstances will you use this Data
	44	to: (1) allow, enable, or otherwise support the transmission of mass
	45	unsolicited, commercial advertising or solicitations via e-mail, telephone,
	46	or facsimile; or (2) enable high volume, automated, electronic processes
	47	that apply to VeriSign (or its computer systems). The compilation,
	48	repackaging, dissemination or other use of this Data is expressly
	49	prohibited without the prior written consent of VeriSign. You agree not to
	50	use electronic processes that are automated and high-volume to access or
	51	query the Whois database except as reasonably necessary to register
	52	domain names or modify existing registrations. VeriSign reserves the right
	53	to restrict your access to the Whois database in its sole discretion to ensure
	54	operational stability. VeriSign may restrict or terminate your access to the
	55	Whois database for failure to abide by these terms of use. VeriSign
	56	reserves the right to modify these terms at any time.
	57
	58	The Registry database contains ONLY .COM, .NET, .EDU domains and
	59	Registrars.
	60	Domain Name: INFOBYTESEC.COM
	61	Registry Domain ID: 1554772171_DOMAIN_COM-VRSN
	62	Registrar WHOIS Server: whois.godaddy.com
	63	Registrar URL: http://www.godaddy.com
	64	Update Date: 2016-05-08T13:33:14Z
	65	Creation Date: 2009-05-07T15:10:17Z
	66	Registrar Registration Expiration Date: 2021-05-07T15:10:17Z
	67	Registrar: GoDaddy.com, LLC
	68	Registrar IANA ID: 146
	69	Registrar Abuse Contact Email: [email protected]
	70	Registrar Abuse Contact Phone: +1.4806242505
	71	Domain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
	72	Domain Status: clientUpdateProhibited http://www.icann.org/epp#clientUpdateProhibited
	73	Domain Status: clientRenewProhibited http://www.icann.org/epp#clientRenewProhibited
	74	Domain Status: clientDeleteProhibited http://www.icann.org/epp#clientDeleteProhibited
	75	Registry Registrant ID: Not Available From Registry
	76	Registrant Name: Francisco Amato
	77	Registrant Organization: Infobyte LLC
	78	Registrant Street: 2699 S. Bayshore Dr #300
	79	Registrant City: Miami
	80	Registrant State/Province: Florida
	81	Registrant Postal Code: 33133
	82	Registrant Country: US
	83	Registrant Phone: +1.3058513373
	84	Registrant Phone Ext:
	85	Registrant Fax:
	86	Registrant Fax Ext:
	87	Registrant Email: [email protected]
	88	Registry Admin ID: Not Available From Registry
	89	Admin Name: Francisco Amato
	90	Admin Organization: Infobyte LLC
	91	Admin Street: 2699 S. Bayshore Dr #300
	92	Admin City: Miami
	93	Admin State/Province: Florida
	94	Admin Postal Code: 33133
	95	Admin Country: US
	96	Admin Phone: +1.3058513373
	97	Admin Phone Ext:
	98	Admin Fax:
	99	Admin Fax Ext:
	100	Admin Email: [email protected]
	101	Registry Tech ID: Not Available From Registry
	102	Tech Name: Francisco Amato
	103	Tech Organization: Infobyte LLC
	104	Tech Street: 2699 S. Bayshore Dr #300
	105	Tech City: Miami
	106	Tech State/Province: Florida
	107	Tech Postal Code: 33133
	108	Tech Country: US
	109	Tech Phone: +1.3058513373
	110	Tech Phone Ext:
	111	Tech Fax:
	112	Tech Fax Ext:
	113	Tech Email: [email protected]
	114	Name Server: NS-1959.AWSDNS-52.CO.UK
	115	Name Server: NS-869.AWSDNS-44.NET
	116	Name Server: NS-121.AWSDNS-15.COM
	117	Name Server: NS-1196.AWSDNS-21.ORG
	118	DNSSEC: unsigned
	119	URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
	120	>>> Last update of WHOIS database: 2016-05-16T16:00:00Z <<<
	121
	122	For more information on Whois status codes, please visit https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en
	123
	124	The data contained in GoDaddy.com, LLC's WhoIs database,
	125	while believed by the company to be reliable, is provided "as is"
	126	with no guarantee or warranties regarding its accuracy. This
	127	information is provided for the sole purpose of assisting you
	128	in obtaining information about domain name registration records.
	129	Any use of this data for any other purpose is expressly forbidden without the prior written
	130	permission of GoDaddy.com, LLC. By submitting an inquiry,
	131	you agree to these terms of usage and limitations of warranty. In particular,
	132	you agree not to use this data to allow, enable, or otherwise make possible,
	133	dissemination or collection of this data, in part or in its entirety, for any
	134	purpose, such as the transmission of unsolicited advertising and
	135	and solicitations of any kind, including spam. You further agree
	136	not to use this data to enable high volume, automated or robotic electronic
	137	processes designed to collect or compile this data for any purpose,
	138	including mining this data for your own personal or commercial purposes.
	139
	140	Please note: the registrant of the domain name is specified
	141	in the "registrant" section. In most cases, GoDaddy.com, LLC
	142	is not the registrant of domain names listed in this database.
	143

+20

-18

utils/error_report.py less more

46	46
47	47	text = StringIO()
48	48	traceback.print_exception(type, value, tb, file=text)
49
50
	49	error_name = text.getvalue().split('\n')[-2]
51	50
52
53	51	excepts = """
54	52	Traceback: %s
55	53	""" % (text.getvalue() )

57	55	exception_hash = hashlib.sha256(excepts).hexdigest()
58	56	os_dist = " ".join(platform.dist())
59	57	python_version = platform.python_version()
	58	faraday_version = CONF.getVersion()
	59
60	60	modules_info = ""
61	61	try:
62	62	import pip
63	63	modules_info = ",".join([ "%s=%s" % (x.key, x.version)
64	64	for x in pip.get_installed_distributions()])
65	65	except ImportError:
66		pass
	66	pass
67	67
68	68
69	69	python_dist = "Python %s \n Modules: [ %s ]" % (python_version, modules_info)

71	71	description = """
72	72	Exception: %s
73	73	Identifier: %s
74		Versions: OS: %s,
	74	Versions: OS: %s,
	75	Faraday Version: %s
75	76	Python Versions: %s
76		""" % (excepts, exception_hash, os_dist, python_dist)
77
	77	""" % (excepts, exception_hash, os_dist, faraday_version, python_dist)
78	78
79	79
80		event = ShowExceptionCustomEvent(description, reportToDevelopers)
	80
	81	event = ShowExceptionCustomEvent(description, reportToDevelopers, error_name)
81	82	model.guiapi.postCustomEvent(event)
82	83	text.seek(0)
83	84	text.truncate()
84	85	del text
85	86
86
87
88
89
90	87
91
92		def reportToDevelopers(self, *description):
	88	def reportToDevelopers(name=None, *description):
93	89	try:
94	90	import requests
95	91	import hashlib

99	95	headers = json.loads(CONF.getApiParams())
100	96	params = json.loads(CONF.getApiParams())
101	97
102		params['description'] = description[0]
103		params['summary'] = 'autoreport %s' % time.time()
	98	params['description'] = description[1]
104	99
105		resp = requests.post(uri,
	100	if name is not None:
	101	params['summary'] = name
	102	else:
	103	params['summary'] = 'autoreport %s' % time.time()
	104
	105	resp = requests.post(uri,
106	106	headers = headers,
107	107	data = params, timeout = 1, verify=True)
	108
108	109	model.api.devlog("Report sent it to faraday server")
109		except Exception as e:
	110
	111	except Exception as e:
110	112	model.api.devlog("Error reporting to developers:")
111	113	model.api.devlog(e)
112	114

-7

views/reports/_attachments/scripts/dashboard/partials/modal-services-by-host.html less more

26	26	</td>
27	27	<td>{{srv.description}}</td>
28	28	<td>
29		<li ng-repeat="p in srv.ports">
30		{{p}}
31		<a href="//www.shodan.io/search?query=port:{{p}}" uib-tooltip="Search in Shodan" target="_blank">
32		<img ng-src="../././reports/images/shodan.png" height="15px" width="15px" />
33		</a>
34		</li>
35		</td>
	29	{{srv.ports}}
	30	<a href="//www.shodan.io/search?query=port:{{srv.ports}}" uib-tooltip="Search in Shodan" target="_blank">
	31	<img ng-src="../././reports/images/shodan.png" height="15px" width="15px" />
	32	</a>
	33	</td>
36	34	<td>{{srv.protocol}}</td>
37	35	<td>{{srv.status}}</td>
38	36	</tr>

-2

views/reports/_attachments/scripts/dashboard/providers/dashboard.js less more

8	8	dashboardSrv._getView = function(url) {
9	9	var deferred = $q.defer();
10	10
11		$http.get(url).then(function(response){
	11	$http.get(url).then(function(response) {
12	12	res = response.data.rows;
13	13	deferred.resolve(res);
14	14	}, function(){

117	117	res.forEach(function(service){
118	118	var _service = service.value;
119	119	_service["id"] = service.id;
120		_service["port"] = _service.ports[0];
	120	_service["port"] = _service.ports;
121	121	tmp.push(_service);
122	122	});
123	123	deferred.resolve(tmp);

+45

-25

views/reports/_attachments/scripts/hosts/controllers/host.js less more

3	3
4	4	angular.module('faradayApp')
5	5	.controller('hostCtrl',
6		['$scope', '$cookies', '$filter', '$location', '$route', '$routeParams', '$uibModal', 'hostsManager', 'workspacesFact', 'dashboardSrv', 'servicesManager',
7		function($scope, $cookies, $filter, $location, $route, $routeParams, $uibModal, hostsManager, workspacesFact, dashboardSrv, servicesManager) {
	6	['$scope', '$cookies', '$filter', '$location', '$route', '$routeParams', '$uibModal', '$q',
	7	'hostsManager', 'workspacesFact', 'dashboardSrv', 'servicesManager',
	8	function($scope, $cookies, $filter, $location, $route, $routeParams, $uibModal, $q,
	9	hostsManager, workspacesFact, dashboardSrv, servicesManager) {
8	10
9	11	init = function() {
10	12	$scope.selectall_service = false;

13	15	//ID of current host
14	16	var hostId = $routeParams.hidId;
15	17
	18	$scope.services = [];
16	19	$scope.sortField = "name";
	20	$scope.reverse = false;
	21
	22	$scope.loadedServices = false;
17	23
18	24	// load all workspaces
19		workspacesFact.list().then(function(wss) {
20		$scope.workspaces = wss;
21		});
	25	workspacesFact.list()
	26	.then(function(wss) {
	27	$scope.workspaces = wss;
	28	});
	29
22	30	// current host
23		hostsManager.getHost(hostId, $scope.workspace).then(function(host){
24		$scope.host = host;
25		});
	31	hostsManager.getHost(hostId, $scope.workspace)
	32	.then(function(host) {
	33	$scope.host = host;
	34	});
	35
26	36	// services by host
27		$scope.services = [];
28	37	dashboardSrv.getServicesByHost($scope.workspace, hostId)
29	38	.then(function(services) {
30		if (services.length > 0) $scope.loadedServices = true;
	39	var pss = [];
	40
31	41	services.forEach(function(service) {
32		servicesManager.getService(service.id, $scope.workspace, true)
33		.then(function(s) {
34		$scope.services.push(s);
35		});
	42	pss.push(servicesManager.getService(service.id, $scope.workspace, true));
36	43	});
37		});
38
39		hostsManager.getAllVulnsCount($scope.workspace)
	44
	45	return $q.all(pss);
	46	})
	47	.then(function(services) {
	48	$scope.services = services;
	49
	50	$scope.services.forEach(function(service) {
	51	service.uri = encodeURIComponent(encodeURIComponent("(" + service.ports + "/" + service.protocol + ") " + service.name));
	52	});
	53
	54	$scope.loadedServices = true;
	55
	56	return hostsManager.getAllVulnsCount($scope.workspace);
	57	})
40	58	.then(function(vulns) {
41		$scope.vulnsCount = {};
	59	var vulnsCount = {};
42	60	vulns.forEach(function(vuln) {
43		$scope.vulnsCount[vuln.key] = vuln.value;
	61	vulnsCount[vuln.key] = vuln.value;
	62	});
	63	$scope.services.forEach(function(service) {
	64	service.vulns = vulnsCount[service._id] \|\| 0;
44	65	});
45	66	})
46	67	.catch(function(e) {

206	227	};
207	228
208	229	$scope.update = function(services, data) {
209		services.forEach(function(service){
210		delete service.selected;
	230	services.forEach(function(service) {
211	231	servicesManager.updateService(service, data, $scope.workspace).then(function(s) {
212		}, function(message){
	232	}, function(message) {
213	233	console.log(message);
214	234	});
215	235	});

263	283	size: 'sm',
264	284	resolve: {
265	285	msg: function() {
266		return 'No hosts were selected to delete';
	286	return 'No services were selected to delete';
267	287	}
268	288	}
269	289	})
270	290	} else {
271		var message = "A host will be deleted";
	291	var message = "A service will be deleted";
272	292	if(selected.length > 1) {
273		message = selected.length + " hosts will be deleted";
	293	message = selected.length + " services will be deleted";
274	294	}
275	295	message = message.concat(" along with all of its children. This operation cannot be undone. Are you sure you want to proceed?");
276	296	$uibModal.open(config = {

+20

-14

views/reports/_attachments/scripts/hosts/controllers/hosts.js less more

13	13	// current workspace
14	14	$scope.workspace = $routeParams.wsId;
15	15
16		$scope.sortField = "name";
	16	$scope.sortField = "vulns";
	17	$scope.reverse = true;
17	18
18	19	// load all workspaces
19	20	workspacesFact.list().then(function(wss) {

25	26	$scope.hosts = hosts;
26	27	$scope.loadedVulns = true;
27	28	$scope.loadIcons();
28		});
29
30		hostsManager.getAllServicesCount($scope.workspace)
	29
	30	return hostsManager.getAllServicesCount($scope.workspace);
	31	})
31	32	.then(function(servicesCount) {
32		$scope.servicesCount = servicesCount;
33		});
34
35		hostsManager.getAllVulnsCount($scope.workspace)
	33	$scope.hosts.forEach(function(host) {
	34	host.services = servicesCount[host._id] \|\| 0;
	35	});
	36
	37	return hostsManager.getAllVulnsCount($scope.workspace);
	38	})
36	39	.then(function(vulns) {
37		$scope.vulnsCount = {};
	40	var vulnsCount = {};
38	41	vulns.forEach(function(vuln) {
39	42	var parts = vuln.key.split("."),
40	43	parent = parts[0];
41	44
42		if(parts.length > 1) $scope.vulnsCount[vuln.key] = vuln.value;
43		if($scope.vulnsCount[parent] == undefined) $scope.vulnsCount[parent] = 0;
44		$scope.vulnsCount[parent] += vuln.value;
	45	if(parts.length > 1) vulnsCount[vuln.key] = vuln.value;
	46	if(vulnsCount[parent] == undefined) vulnsCount[parent] = 0;
	47	vulnsCount[parent] += vuln.value;
	48
	49	$scope.hosts.forEach(function(host) {
	50	host.vulns = vulnsCount[host._id] \|\| 0;
	51	});
45	52	});
46	53	})
47	54	.catch(function(e) {
48	55	console.log(e);
49	56	});
50	57
51		$scope.pageSize = 10;
	58	$scope.pageSize = 100;
52	59	$scope.currentPage = 0;
53	60	$scope.newCurrentPage = 0;
54	61

271	278	};
272	279
273	280	$scope.update = function(host, hostdata, interfaceData) {
274		delete host.selected;
275	281	hostsManager.updateHost(host, hostdata, interfaceData, $scope.workspace).then(function() {
276	282	// load icons in case an operating system changed
277	283	$scope.loadIcons();

+11

-10

views/reports/_attachments/scripts/hosts/partials/list.html less more

51	51	<tr>
52	52	<th><input type="checkbox" ng-model="selectall" ng-click="checkAll()"/></th>
53	53	<th>
54		<a href="">Open Services</a>
55		</th>
56		<th>
57	54	<a href="" ng-click="toggleSort('name')">Name</a>
58	55	</th>
59	56	<th>
60		<a href="" ng-click="toggleSort('description')">Description</a>
	57	<a href="" ng-click="toggleSort('services')">Open Services</a>
61	58	</th>
62	59	<th>
63	60	<a href="" ng-click="toggleSort('vulns')">Vulns</a>

77	74	selection-model-selected-class="multi-selected"
78	75	selection-model-on-change="selectedHosts()">
79	76	<td><input type="checkbox" name="{{host._id}}"/></td>
80		<td><a href="#/host/ws/{{workspace}}/hid/{{host._id}}" ng-bind="servicesCount[host._id] \|\| 'None'"></a></td>
81	77	<td>
82	78	{{host.name}}
83	79	<a href="//www.shodan.io/search?query={{host.name}}" uib-tooltip="Search in Shodan" target="_blank">
84	80	<img ng-src="../././reports/images/shodan.png" height="15px" width="15px" />
85	81	</a>
86	82	</td>
87		<td ng-bind="host.description \|\| '-'"></td>
88		<td> <a ng-href="#/status/ws/{{workspace}}/search/target={{host.name}}" ng-bind="vulnsCount[host._id] \|\| '-'"></a></td>
	83	<td><a href="#/host/ws/{{workspace}}/hid/{{host._id}}" ng-bind="host.services \|\| '-'"></a></td>
	84	<td><a ng-href="#/status/ws/{{workspace}}/search/target={{host.name}}" ng-bind="host.vulns"></a></td>
89	85	<td>
90		<img ng-if="host.icon != undefined" ng-src="../././reports/images/{{host.icon}}.png" uib-tooltip="{{host.os}}"/>
91		<span ng-if="host.icon == undefined" class="fa fa-laptop" uib-tooltip="{{host.os}}"></span>
	86	<a ng-href="#/hosts/ws/{{workspace}}/search/os={{host.os}}">
	87	<img ng-if="host.icon != undefined" ng-src="../././reports/images/{{host.icon}}.png" uib-tooltip="{{host.os}}"/>
	88	<span ng-if="host.icon == undefined" class="fa fa-laptop" uib-tooltip="{{host.os}}"></span>
	89	</a>
92	90	</td>
93		<td ng-bind="host.owned"></td>
	91	<td>
	92	<i class="fa fa-exclamation-triangle" aria-hidden="true" ng-if="host.owned"> owned</i>
	93	<span ng-if="!host.owned">not yet</span>
	94	</td>
94	95	</tr>
95	96	</tbody>
96	97	</table><!-- #hosts -->

-22

views/reports/_attachments/scripts/services/controllers/serviceModalEdit.js less more

9	9	init = function() {
10	10	// current Workspace
11	11	var ws = $routeParams.wsId;
12		// default scope (service)
13		$scope.service = {
14		"ports": []
15		};
16	12
17	13	if(service.length == 1) {
18	14	$scope.service = {

20	16	"description": service[0].description,
21	17	"owned": service[0].owned,
22	18	"owner": service[0].owner,
23		"ports": commons.arrayToObject(service[0].ports),
	19	"ports": service[0].ports,
24	20	"protocol": service[0].protocol,
25	21	"parent": service[0].parent,
26	22	"status": service[0].status,

32	28	};
33	29
34	30	$scope.ok = function() {
35		var ports = [];
36	31	var date = new Date(),
37	32	timestamp = date.getTime()/1000.0;
38	33
39		if($scope.service.ports.length !== 0) {
40		$scope.service.ports.forEach(function(port){
41		ports.push(port.key);
42		});
43		$scope.service.ports = ports.filter(Boolean);
44		} else {
45		delete $scope.service.ports;
46		}
47
48	34	$modalInstance.close($scope.service);
49	35	};
50	36
51		$scope.newPort = function($event){
52		$scope.service.ports.push({key:''});
53		$event.preventDefault();
54		};
55
56		$scope.call = function(service){
	37	$scope.call = function(service) {
57	38	$scope.service = {
58	39	"name": service.name,
59	40	"description": service.description,
60	41	"owned": service.owned,
61		"ports": commons.arrayToObject(service.ports),
	42	"ports": service.ports,
62	43	"protocol": service.protocol,
63	44	"status": service.status,
64	45	"version": service.version,

-15

views/reports/_attachments/scripts/services/controllers/serviceModalNew.js less more

6	6	['$scope', '$modalInstance', '$routeParams', 'host', 'servicesManager', 'hostsManager',
7	7	function($scope, $modalInstance, $routeParams, host, servicesManager, hostsManager) {
8	8
9		init = function(){
	9	init = function() {
10	10	$scope.service = {
11	11	"name": "",
12	12	"description": "",
13	13	"owned": false,
14	14	"owner": "",
15		"ports": [{key: ''}],
	15	"ports": "",
16	16	"protocol": "",
17	17	"parent": "",
18	18	"status": "",

21	21	// current Workspace
22	22	var ws = $routeParams.wsId;
23	23
24		hostsManager.getInterfaces(ws, host._id).then(function(resp){
	24	hostsManager.getInterfaces(ws, host._id).then(function(resp) {
25	25	$scope.service.parent = resp[0].value._id;
26	26	});
27	27	};
28	28
29	29	$scope.ok = function() {
30		var ports = [];
31	30	var date = new Date(),
32	31	timestamp = date.getTime()/1000.0;
33	32
34		$scope.service.ports.forEach(function(port){
35		ports.push(port.key);
36		});
37	33	$scope.service.metadata = {
38	34	"update_time": timestamp,
39	35	"update_user": "",
40	36	"update_action": 0,
41		"creator": "",
	37	"creator": "",
42	38	"create_time": timestamp,
43	39	"update_controller_action": "UI Web New",
44	40	"owner": ""
45	41	};
46
47		$scope.service.ports = ports.filter(Boolean);
	42
48	43	$modalInstance.close($scope.service);
49		};
50
51		$scope.newPort = function($event){
52		$scope.service.ports.push({key:''});
53		$event.preventDefault();
54	44	};
55	45
56	46	$scope.cancel = function() {

+52

-35

views/reports/_attachments/scripts/services/partials/list.html less more

5	5
6	6	<div class="right-main"><div id="reports-main" class="fila clearfix">
7	7	<h2 class="ws-label">
8		<span id="ws-name" title="Hosts">Services from {{host.name}}</span><!-- WS name -->
	8	<span id="ws-name" title="Hosts">Viewing {{host.name}} in {{workspace}}</span><!-- WS name -->
9	9	<div id="ws-control" class="btn-group">
10	10	<button id="refresh" type="button" class="btn btn-danger" title="Refresh current workspace" ng-click="location.reload()">
11	11	<span class="glyphicon glyphicon-refresh"></span>

18	18	</ul><!-- WS navigation -->
19	19	</div><!-- #ws-control -->
20	20	</h2>
	21	<h3>Host details</h3>
21	22	<div class="reports col-md-12 col-sm-12 col-xs-12">
22	23	<div class="form-horizontal">
23	24	<div class="form-group">
24		<div class="col-md-4">
	25	<div class="col-md-3">
25	26	<h5>Name</h5>
26	27	<label class="sr-only" for="name">Name</label>
27	28	<input type="text" class="form-control" id="name" placeholder="Name" ng-model="host.name" disabled/>
28	29	</div>
29		<div class="col-md-4">
	30	<div class="col-md-3">
30	31	<h5>Description</h5>
31	32	<label class="sr-only" for="description">Description</label>
32	33	<textarea class="form-control" id="description" placeholder="Description" ng-model="host.description" disabled></textarea>
33	34	</div>
34		<div class="col-md-4">
	35	<div class="col-md-3">
35	36	<h5>Operating System</h5>
36	37	<label class="sr-only" for="os">Operating System</label>
37	38	<input type="text" class="form-control" id="os" placeholder="Operating System" ng-model="host.os" disabled/>

39	40	</div><!-- .form-group -->
40	41	</div>
41	42	</div>
42		<h2 class="ws-label">
43		<button id="delete" type="button" class="btn btn-default" title="Delete selected hosts" ng-click="delete()">
44		<span class="glyphicon glyphicon-trash"></span>
45		Delete
46		</button>
47		<button id="merge" type="button" class="btn btn-default" title="Edit selected hosts" ng-click="edit()">
48		<span class="glyphicon glyphicon-pencil"></span>
49		Edit
50		</button>
51		<button id="merge" type="button" class="btn btn-success" title="New host" ng-click="new()">
52		<span class="glyphicon glyphicon-plus-sign"></span>
53		New
54		</button>
55		</h2><!-- .ws-label -->
	43	<h3>Host services</h3>
	44	<div class="reports col-md-9 col-sm-9 col-xs-12" ng-if="loadedServices && services.length == 0">
	45	<h4>No services found for {{host.name}}</h4>
	46	</div>
56	47	<div class="reports col-md-9 col-sm-9 col-xs-12">
57		<div class="col-md-6 col-sm-3 col-xs-11">
	48	<div class="col-md-4 col-sm-3 col-xs-11">
	49	<h2 class="ws-label">
	50	<button type="button" class="btn btn-success btn-sm" title="New service" ng-click="new()">
	51	<span class="glyphicon glyphicon-plus-sign"></span>
	52	New service
	53	</button>
	54	<button type="button" class="btn btn-default btn-sm" title="Edit selected services" ng-click="edit()" ng-disabled="services.length == 0">
	55	<span class="glyphicon glyphicon-pencil"></span>
	56	Edit
	57	</button>
	58	<button type="button" class="btn btn-default btn-sm" title="Delete selected services" ng-click="delete()" ng-disabled="services.length == 0">
	59	<span class="glyphicon glyphicon-trash"></span>
	60	Delete
	61	</button>
	62	</h2><!-- .ws-label -->
	63	</div>
	64	</div>
	65	<div class="reports col-md-9 col-sm-9 col-xs-12" ng-show="loadedServices && services.length > 0">
	66	<div class="col-md-4 col-sm-3 col-xs-11">
58	67	<form role="form" ng-submit="searchFor(true, searchParams)">
59	68	<div class="form-group">
60	69	<div class="input-group input-group-sm">
61	70	<span class="input-group-addon glyphicon-btn glyphicon glyphicon-remove" ng-click="searchFor(false, '')" ng-if="search"></span>
62		<input type="text" class="form-control" id="filter-by"
	71	<input type="text" class="form-control" id="filter-by"
63	72	placeholder="enter keywords" ng-change="currentPage = 0" ng-model="searchParams" />
64	73	<span class="input-group-addon glyphicon-btn" ng-click="searchFor(true, searchParams)">
65	74	<i class="fa fa-search" ng-if="services.length > 0 \|\| !loadedServices"></i>

77	86	<a href="" ng-click="toggleSort('name')">Name</a>
78	87	</th>
79	88	<th>
80		<a href="" ng-click="toggleSort('description')">Description</a>
	89	<a href="" ng-click="toggleSort('version')">Version</a>
81	90	</th>
82	91	<th>
83	92	<a href="" ng-click="toggleSort('ports')">Ports</a>

95	104	</thead>
96	105	<tbody>
97	106	<tr ng-repeat="service in filtered = (services \| filter:expression) \| orderBy:sortField:reverse \| startFrom:currentPage*pageSize \| limitTo:pageSize"
98		selection-model selection-model-type="checkbox"
99		selection-model-mode="multiple-additive"
	107	selection-model selection-model-type="checkbox"
	108	selection-model-mode="multiple-additive"
100	109	selection-model-selected-class="multi-selected">
101	110	<td><input type="checkbox" name="{{s._id}}"/></td>
102	111	<td>
103		{{service.name}}
104		<a href="//www.shodan.io/search?query={{service.name}}" uib-tooltip="Search in Shodan" target="_blank">
	112	<a ng-href="#/host/ws/{{workspace}}/hid/{{host._id}}/search/name={{service.name}}">
	113	<span ng-bind="service.name"></span>
	114	</a>
	115	<a ng-href="//www.shodan.io/search?query={{service.name}}" uib-tooltip="Search in Shodan" target="_blank">
105	116	<img ng-src="../././reports/images/shodan.png" height="15px" width="15px" />
106	117	</a>
107	118	</td>
108		<td ng-bind="service.description \|\| '-'"></td>
	119	<td ng-bind="service.version \|\| '-'"></td>
109	120	<td>
110		<li ng-repeat="p in service.ports">
111		{{p}}
112		<a href="//www.shodan.io/search?query=port:{{p}}" uib-tooltip="Search in Shodan" target="_blank">
113		<img ng-src="../././reports/images/shodan.png" height="15px" width="15px" />
114		</a>
115		</li>
	121	<span ng-bind="service.ports"></span>
	122	<a ng-href="//www.shodan.io/search?query=port:{{service.ports}}" uib-tooltip="Search in Shodan" target="_blank">
	123	<img ng-src="../././reports/images/shodan.png" height="15px" width="15px" />
	124	</a>
116	125	</td>
117		<td ng-bind="service.protocol"></td>
118		<td ng-bind="service.status"></td>
119		<td ng-bind="vulnsCount[service._id] \|\| '-'"></td>
	126	<td>
	127	<a ng-href="#/host/ws/{{workspace}}/hid/{{host._id}}/search/protocol={{service.protocol}}">
	128	<span ng-bind="service.protocol"></span>
	129	</a>
	130	</td>
	131	<td ng-bind="service.status \|\| '-'"></td>
	132	<td>
	133	<a ng-href="#/status/ws/{{workspace}}/search/service={{service.uri}}">
	134	<span ng-bind="service.vulns"></span>
	135	</a>
	136	</td>
120	137	</tr>
121	138	</tbody>
122	139	</table><!-- #hosts -->

-3

views/reports/_attachments/scripts/services/partials/modalEdit.html less more

36	36	<div class="form-group">
37	37	<div class="col-md-3">
38	38	<h5>Port</h5>
39		<div class="input-margin" ng-repeat="port in service.ports">
40		<label class="sr-only" for="port">Port</label>
41		<input type="number" class="form-control" id="port" placeholder="Port" ng-model="port.key"/>
	39	<div class="input-margin">
	40	<label class="sr-only" for="ports">Port</label>
	41	<input type="number" class="form-control" id="ports" placeholder="Ports" ng-model="service.ports"/>
42	42	</div>
43	43	</div>
44	44	<div class="col-md-3 protocol">

-3

views/reports/_attachments/scripts/services/partials/modalNew.html less more

36	36	<div class="form-group">
37	37	<div class="col-md-3">
38	38	<h5>Port</h5>
39		<div class="input-margin" ng-repeat="port in service.ports" ng-class="{'has-error': form.port.$invalid }">
40		<label class="sr-only" for="port">Port</label>
41		<input type="number" class="form-control" id="port" name="port" placeholder="Port" ng-model="port.key" required/>
	39	<div class="input-margin" ng-class="{'has-error': form.ports.$invalid }">
	40	<label class="sr-only" for="ports">Port</label>
	41	<input type="number" class="form-control" id="ports" name="ports" placeholder="Port" ng-model="service.ports" required/>
42	42	</div>
43	43	</div>
44	44	<div class="col-md-3 protocol" ng-class="{'has-error': form.protocol.$invalid }">

+18

-3

views/reports/_attachments/scripts/services/providers/service.js less more

3	3
4	4	angular.module('faradayApp')
5	5	.factory('Service', ['BASEURL', '$http', function(BASEURL, $http) {
6		Service = function(data){
	6	Service = function(data) {
7	7	if(data) {
8	8	this.set(data);
9	9	}

14	14	// the attributes we're assigning to the Service
15	15	set: function(data) {
16	16	// if there's no ID, we need to generate it based on the Service name
17		if(data._id === undefined){
18		var ports = data.ports.toString().replace(/,/g,":");
	17	if(data._id === undefined) {
	18	var ports = data.ports;
	19
	20	if(typeof data.ports == "object") {
	21	ports = ports.toString().replace(/,/g,":");
	22	}
	23
19	24	data['_id'] = data.parent + "." + CryptoJS.SHA1(data.protocol+ "._." + ports).toString();
20	25	}
21	26	data.type = "Service";
22	27	angular.extend(this, data);
	28	this.ports = data.ports[0];
23	29	},
24	30	delete: function(ws) {
25	31	var self = this,

40	46	angular.extend(this, data);
41	47	var self = this;
42	48
	49	if(typeof self.ports != "object") {
	50	self.ports = [self.ports];
	51	}
	52
43	53	return ($http.put(BASEURL + ws + '/' + self._id + "?rev=" + self._rev, self).success(function(data) {
44	54	self._rev = data.rev;
45	55	}));
46	56	},
47	57	save: function(ws) {
48	58	var self = this;
	59
	60	if(typeof self.ports != "object") {
	61	self.ports = [self.ports];
	62	}
	63
49	64	return ($http.put(BASEURL + ws + '/' + self._id, self).success(function(data){
50	65	self._rev = data.rev;
51	66	}));

-2

views/reports/_attachments/scripts/services/providers/services.js less more

54	54	this._objects = {};
55	55
56	56	$http.get(BASEURL + '/' + ws + '/_design/services/_view/services')
57		.success(function(servicesArray){
	57	.success(function(servicesArray) {
58	58	var services = [];
59		servicesArray.rows.forEach(function(serviceData){
	59	servicesArray.rows.forEach(function(serviceData) {
60	60	var service = self._get(serviceData.value._id, serviceData.value);
61	61	services.push(service);
62	62	});

-1

views/reports/_attachments/scripts/vulns/providers/vulns.js less more

32	32	var res = {};
33	33
34	34	services.forEach(function(service) {
35		res[service._id] = "(" + service['ports'].join(",") + "/" + service['protocol'] + ") " + service['name'];
	35	res[service._id] = "(" + service['ports'] + "/" + service['protocol'] + ") " + service['name'];
36	36	});
37	37
38	38	return res;