From 1badcda53b95d19983b9078f53bb5d240c1870ea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Simon=20Bu=C3=9Fmann?= Date: Sat, 2 Mar 2024 03:41:49 +0100 Subject: [PATCH] Started with intro_web_2 --- cscg24/.DS_Store | Bin 6148 -> 6148 bytes .../intro_web_2/intro_web_2_session.session | 6 + .../intro_web_2_session.session.data | Bin 0 -> 196608 bytes .../intro_web_2_session.session.lck | Bin 0 -> 16 bytes .../intro_web_2_session.session.lobs | Bin 0 -> 3702784 bytes .../intro_web_2_session.session.log | 2903 +++++++++++++++++ .../intro_web_2_session.session.properties | 5 + .../intro_web_2_session.session.script | 83 + 8 files changed, 2997 insertions(+) create mode 100644 cscg24/web/intro_web_2/intro_web_2_session.session create mode 100644 cscg24/web/intro_web_2/intro_web_2_session.session.data create mode 100644 cscg24/web/intro_web_2/intro_web_2_session.session.lck create mode 100644 cscg24/web/intro_web_2/intro_web_2_session.session.lobs create mode 100644 cscg24/web/intro_web_2/intro_web_2_session.session.log create mode 100644 cscg24/web/intro_web_2/intro_web_2_session.session.properties create mode 100644 cscg24/web/intro_web_2/intro_web_2_session.session.script diff --git a/cscg24/.DS_Store b/cscg24/.DS_Store index 0156d16eaa55d8d280e6dee768b2cf0a1614efb1..ed89120deb07a15727bbc998d26df9c238617b23 100644 GIT binary patch delta 48 zcmZoMXfc@J&&atkU^g=(=Vl%jcP3$GhH{2fhNQCKqP(2^ymSTz2F8tr3mG@FbNuB8 E06?1!X8-^I delta 32 ocmZoMXfc@J&&aVcU^g=($7UWDcc#smZ1Wf=Hi&Iz=lIJH0HM7J+W-In diff --git a/cscg24/web/intro_web_2/intro_web_2_session.session b/cscg24/web/intro_web_2/intro_web_2_session.session new file mode 100644 index 0000000..e4352ac --- /dev/null +++ b/cscg24/web/intro_web_2/intro_web_2_session.session @@ -0,0 +1,6 @@ + + + 1709346750724 + Untitled Session + + diff --git a/cscg24/web/intro_web_2/intro_web_2_session.session.data b/cscg24/web/intro_web_2/intro_web_2_session.session.data new file mode 100644 index 0000000000000000000000000000000000000000..df5ae5c81e2c7588b683913aa1dab5f1a927e65c GIT binary patch literal 196608 zcmeI$+ix6K9S88lX`4GqNlR!;sq4~~(#GjUfC#EmCk{y~)6@mjm< z5QC70S0p4Z&q(|^JXJ{W$OGa5B>o2k=S=5}cV@lyu8Vm39O>*izn#l>&u3=Vmwo%{ z?b-Ood-3H*@g;9FFQnNHV^(|bz;5;aVu$^4vi)*mvHekVb8RqtvAaHKKN{3dGq%i% zE%9uRhkkIkI_1xl`T49kZ0aGa9Wn9x50v?j$Jt|p-e$XYu1U(Q*eT{74gJJ!bz1*p zW&RU!HnVuIIC8ontL+{?!*Cm^Q+~ec{QBqlM;7nRU+iwS?k`>#K77}CR_t*&jK@Py z*MDrC^7GW~{G%cNJDpzpUZ=NGoN}TetL-(i-um{Ge=ttA^G}BSD_a}wUcbBEX*F(K zs~tD4%!&%C@cZOSjftO$E1jL(OjuK(CN<$tc4e>~(bcl(3YUVAEplwW*|{2HWr9LKKzL^c0d z$Zsqx&n`6|O?3xkMOeJUh%J7O9qW|;R5kxdnSU`qe$tn$wqwj3ZXk{i@DzpJw5+p>y-bcYW}wW50)nV-7`jK@nxvR&oJCZ>XiR{HGk%MWB9O% z=UK7mx5D^t=;`{8tyBJ&tNDknH|DQ();Av&=bLoMYCDdsx4u2)zc8A=)NDHefYbe7$xS#6j4Pmhs0<-b_XKhU_iR6Er~Wy)U& zdtVCua&gqyI_1w*^ACpn`OBS&zVnKRe8`52FdtcOeS6B!e-YUJ`!COLeEIIwr;U?}mOp<-bzReg%o7w^RPB)%>{r z54sOp%_;A|EQH51#r53|{rnDfcxzuP^tigaDgUb}fB&!J>`b?}I{(w=Mz8y5D~|II zx-0Fq`Np8RzS8WiEH``22kk+-7bgATzlyVP>~O0Kj?^jtwKD%VaW?m}xgS5==+B*- zdu8s8FpaZ!!>k|vFV-5&oxAhl&xd2mc~;DBgz;AB(IB>Q_4SnhwKD&=arS>-|LbM` z@8ayUtUn%~U)wOo=f7TuxAJG>hhe-EH^%lxoaEm>f6QlZ=I>7ZlGTp5vrApx|7Xhl zKgHSMOA8mT+`V~esy}|haaoZU*Y;uP@fnY;tc&lzcwgk(V_0nSW&WSzY~~w#1IXgJ zhT3lHFa6J!`G1MCLpLwoxOJ)VLH&6dI`xjztavx(#%Da;|2x(3-YCES-z@Y0n$PyO z{L;Vp82M*N^Ek%OG~8M-EVj4G{D1r}@|)q5@kd9x{^RQM`G332|7V=doQZ!iOy9EF zAtURpZ;xTIy;J7@E6xrqyuX;gKjq7N_5H)i_W$bN`+t%DfB)pI^+9K_)?Nw!&FuF( z-Ss@Z{rBI0eD0Tj`$PRuH30$y2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+ z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7 z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+ z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U TAV7cs0RjXF5FkKcYJvX(Lc2_c literal 0 HcmV?d00001 diff --git a/cscg24/web/intro_web_2/intro_web_2_session.session.lck b/cscg24/web/intro_web_2/intro_web_2_session.session.lck new file mode 100644 index 0000000000000000000000000000000000000000..ada58ee70eea8a197b7bb006ce670b5a8c296e92 GIT binary patch literal 16 XcmeYW4)pQyclKsrVC?)A`U{;&`_W*s%~9`!tY~3t6Hh9!nxY(vB2C|NXq9 zCP_)Q`eQBh>g7J`F)^t*YmTZK^;Ajez8dYSJ!o6)piSFZo8|kwjdLy2_Mq)--p$jx z)xPS_%XXQ_dR|9-Y?D0yzKJ+*`x)(S#JJ7dB5^fC^}KHW5g&(HBH;wnEsr1iMX+kX0ubN!TkDP zlWw4JqCzR%k@*D`H8xyJ3|=J~5UFWY6J#;dpU+#R<`Tcmy5=4q{%^R}O{ z)-ltxAGcBaBdxRCPuoStSU-;vchP&FXOu~wf0W2YGTP5bqxM7YmU&Zo?5$d#Z?f8L zAKJTi+H*L$mBTE(=ef=@Qmy2wUFYK;0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+ z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly zK!5-N0t5&U`0D~!ZL1x$X*+APe4n>*u4USGa*f-^>1zUbf3bjaP5yxjSx?wn+Q9 z&C^;j=WRb@tz)KXKW?M;M_OmOpSFvPv3?#U?xOcT&nS~V|0t2CeY|Dje%RbU-{i8} zKD2jfubEG7%{)ubd7pjJGrVfo`S?eG009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U zAV7cs0Rja65rM0=)ehRUowZrM&)YcHGHpA##_i+g`KvrH+hwB0tGDyq9k)qaqleS3vxXsgA zG3RYRW36MRX+LhG_D5Q0xu3R+jIn+mCGMj4KF=tVKL03pv)mu{F@I?PZ+c#&$KI{h z=bOBC+lTh9o%SqFZe=k`uX)d8(X+j3*ZKHIfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs z0RjXF5FkK+009C7{+hs5+iC}G+RoZ6-{)zHZUkK3sIk=9x6r|lwRte;1TyXd{oGs>jTKWgt1_dYQ{=I1#5 z-nZwQJa*fMyg%);p4^&smbiJJdC{}GYS;PrM}PnU0t5&UAV7cs0RjXF5FkK+009C7 z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+ z009C72oNAZfB*pk1pZNhtG3k++O(auS-#KPIM*_5JGsW~&%odhO?Kn%G(Yd6AKBw~o@|qK|W)m`TrM)J|5T*C-Xg zyXpICGjC-)Z?DqhxIN$GyW2jrckQ%Co!rW9$fGh`^i^E7>wNqpK!5-N0t5&UAV7cs z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U zAV7cs0RjXF5FkK+009C72oNAZfB*pkS8b~uv}rqQvwWYoajs?Bc5;o|$IbIsd0w{5 zM2%N(=eav>leS3vxXsgAG3RYRW36MRX+LhG_D5Q0xu3R+jIn+mCGMj4KF=tVKL03p zv)mu{F-L9h*3?gNopJkqT&tTEBylU6^_(y;M0RjXF5FkK+009C7 z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+ z009C72oNAZfB*pk1PBlyK!5-N0tEh^z*XC72W{HU+AQDaZJcYFww+w#_Hpz4Ri2ma zGEw8z+j;Je+oUbhK5p~0R?KeF{uG&^RXw!DqX8AsE<6O(M?c~~Tr+J?D=dbd-Y?p}| zuik!alidHFr+Rmu=(Ekco1TmIV|x9P*hPE4ik&5P-s2a2tjgg-T2A}ZRy)Z|%gnS$ z7LW4zwmr#b+@2=W{d|wx_j!KTzG>g3W!#SP`BUy6=iN~|Y!BOZ?w_=;b2sVhnP+Ve zlj}IW9_Gy`{Z2C0X-%ZzrG zacZ=hsYa>n&-z-*WuCT!zPd&32G^rL^YDD#^(M)>-fg$*|L6vaCqRGz0RjXF5FkK+ z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF z5FkK+009C72oNAZfB*pk1PBlyK!5;&e~Q3WdyvZW>-zI`zn$x=-deTm7j4$2scgTl zUjLw7<^6u@+mBP*ewp?k+hzMDBP`ncyxD2L_K271bCjO*c9!U6-q$GAZ;1IVmF~al zk+1UR_gg*p`p6&q_k;E-Kld~8A{qUk-nLkc^`PB9$Ak7U5&Mb%e=_Rr(dzj@d(qzJ zvzxnLGT!a=)w`PQu+Q_L{qKx3PR56~vYX}oJl9!o+sgM>xeog3juKye&+|N9y?>Fm z<94!&D}l4kyW6>aIV-L8%#-zcKew_6!w%J(^-0-k->la3A<@IGZe^Xzd}isp(;nsX zZF`c>xIK-?e!j=;`#ir(-|xE7QO?Mpa{oB*j$-#Pr|)qhzRukwj?0Wa&HeA``7S@7 zv{Cw)(-o z?pdl;{xh@uN6*2x|Gz&6H)r8>cJMIDA97A^_VHQvx6W#v$MrtnJrBEysFQinPsjh& zp5-j;w*U3ta#H^5vi21PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7 z2>ca+tM;I6wMje7_fEfmlDn_^UDdi@v{{?B^ZXpIBChgtzn$iJ-j-?qv0b)bGQy(0 z?-9SYig=kmN9j3lXNg|seT`E6YMx))Z|yp>ROG9?`TbVUy*~2C{{0|t$LaMxqd#c> zr?)LuV?FpQb3AAt6S1H8|0ko~9<81qv={AdKD)X5CF9**U%ji@4*NV0+W*ct<77P8 z4C|WZ{XExM&v+}}U*$UJt2;`3^*zt?ptY3|C+)bMtl~=GZ1e7RZePwyYd!O1z2488 z9jZ6$ld{!@bF$SwBzoA@t*mpI&n$g++M|5FP1KXD_i04-^F40g=lNaxrhV6qj&er+ zl>5hdcNDvaZ9Df*+Sj?8#BrIir@8+TW$lQv4flZNK8Z-)pyT{@(1Rwa)iJ@AI~gRe#^=?_B*wd)WVG9Q1QN$@69Zn{oT^!q16Z zrnP>5ml?hOp4DHnf9_fOXJ`43{$4-*w>by@y5H;nuD$s7-)1jL=s*8E`Ir3GJ?sAs zUFLVH{_a1_f1@w+8#T_|oBUk=FNpfz0eAl^{W`zPi+t+0{`hbFHeO_;;lI;2bJTD5 zFvs-H9Dnb>>aUa6VP^c0zb`}V-T$)xGuQKv{@(uS-{!2`|9e}1p>O_5-xXf}g}r-5 zhQGjf|5ESf6xII*IOu=3|F4{?z5H*z|Ml6a`B(f6|F6sT^D}YRtKQ%IFSW1#ZBE92 z_OHmzxw-k@+w1?AQSTn)@{a%k0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+z<*qz>Q;|?#q_GW zJIXaw#I35cUN8CWuE3eem6gdzOPnqD!yiWmGNUoP%rmT`c5vNN^>FJ94LLrE z_T${E%=#byt<{470RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5;&{|bStRA3+X zO7Q2Y)IQ2}nM&~M8twb30AID<>&<>@w^#M{syknG?{D{-rQ-X$#7(hLy=6uau73wRK zTIKDwQDz!y(N~@No%Uwcep^Y-VS(O$k6n-%Z%%$8YIs%y_@SK+3qEWY33WZH+edZ zV*wH9eDfxErtX+6lO^Nc&}=iiDx%SadPSrjH2{V=_1S89%jZTp_lhxnfoHOssw zo5<@PJI^SK_C8rJGg9S$+#|NytE}Sp+*iJ{%sJ0>wt6?TRtAgoE78mLvY)q|M0~&M zRSxG_`J|u5^Q>`wTA!{W&ik0_)^!dC8S`O#+h?rvHtRD~TkXdnHA&26d(d8_rOtcp z*@O0TBA5ADadn<5_w@=(Xe&ZP>&@A{$$NYAc9C&vKR(a6S|=H!#`-eOVXg5#>9yv~ zj=o6d$NdCc|5yBhGA0261PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+0D*s@z*Xve zk9$@7^VBvU_4?;kWqzndepAnU)a#*FMfAhGtLosld(BeU{9WqCSLODTyqT~1R}J^$ zjQU4<&vHLajrq&X^C*!QnXxL(FVeT_y4O6XeT2&9ht2)-O^&Z?Vf1QOs@KERum61XA^xXC%`)%FCi1$+RyF%Yd!MYA8L9F= z?h#wk#CdW!Tls9Yzhs_g8LfU7YW!abKacrn~b;HI-^DA|B#*so2;I$`c>;B_qD<=u zMi%wOJV9i`93s^WUpPp|sxqfctPkJ|30@2fu3P@%nMtD5r1?fGUE zyZ7W%mCCDneARm2%T=p=neW%hYF(ZE+x9q>Yw$sk5^7ly75+14gMeheHBT7009C72oNAZfB*pk z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ zfB*pk1PBlyK!5-N0t5&UAV7e?f1SWpYO#;o$6i-{*+!|;ewkYJ>k94r?KJmQ`F@ld z?uYq|dzJgDdw;vvEY;oLC3cb;?(hLy;(X0K&ghj%t@3u;C^Jp_Y8L(dulYVn#4=ef68|Wl z%6O7|4$^YaS5fOLsh#$9|2#^>Y2udcD5K5WS)zA8X?fIs?CXA?e)IO{p3z>u7n>FD z^~{!8Rps(qtF_$Cb&_oNlEXCfjoX_%okp?Nb=0*MY5ly{Jgo;Ab)IpD{rp?eXBp|D zJ&VF5qaUVM?Mlt@ux;Nn`Vjw9qGrkVWD|MaW9J!V(cUNPWk#y}k9)*cdzDrEp8Lvo zmO1CS&Q|Y+*2-X!ekFR@UiS00lZfs1c-5~Y&a?JO-@)^&a(!N(t|HF+sO#2s76%#i zVSC%>tP?lub5vXH$Y3=|%w>DfUZkZ?eC^tU_H!ba`B`ywqAL6K8i$jsbop)xW70t5&UAV7cs0RjXF z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs z0RjXF5FkK+009C72oNAZfB=DifxuO&e2;ro`}0&bANA_zRb_stM1E7veAKI&GRUc7n!jt%`eios=C)a zr+tLV=7-Jw^G%Ms_ssQaKFf?!GY{3;cUrCTcH1a3O?!3sMbGrte192L*MIA_cXOR2 z+r3_ky>{kJo=&4!J9N~w7HKVkyS?UV9ctRw`@a``mXR*nvnWh5`eF2HSE|>;wtdg& zL;O#Pnq}UTP2_ctty=br_C8rJGg9S$+#|NytGNH3`^tCLcWJ+!t=?T^uA$=ma3+>{ zUS_4W>WAr9GYzMtcCALJY!_**b9UKY_OrQ@_U-m~6>(n$`{8UqSw);Di?fx`R{Kk4 zdY19(x1j_ohqs#?-rULIL3@#y{eF(-?Lm9pv#FCjthX{;OAK>vujaftB&0(_t(D(cLU+}lh6a)wmAV7cs0RjXF z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs z0RjXF5FkK+009C72oNAZfB*pk1pcD}SE=7UZXa`1t@BZ?q2Bts#(33%KT3O5IX~63WJ4?$nb>=Vcw2so}VpVUws;5`= z_0cD_-A8SA)Av=MX{gU$vsF#`BirstisXFCVJ-#Zv@8zo1zRdUQWVNo%{%xwp zf8UTH#zR!GuNm2RK59{d7RNJ zlUn8Nwozu9_SG!<`(N{Yl89xpTqOQcK9%t#`5dI>ps%9VS5iCe>;8F^h||O^+fhcF zx3fg=e$w)&{n*$2KK3EoZ6AkGp^Q2qH3jI#!0L--Y31*yxG$i z$^5vVf$M+%A1EUdAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBoL7YbaZ%J;Ze zwLec~^HHyUURCDTmB_0O{88Gg7J5}fKg^q|41T-MEH%yFrD}ZDZ9mDI`KotSa6eAp zq0alXS6rW`0{TTNtlw@OrO!oXu8Q-Ej8fIzM;YmM9r#h(&1gg4SF1M_U$a$B`Q!F{ zvx?n&@~NDc>35bMRmHtl`!e6JGvm5~`?u|J`@TJGU$<}a^KpC9zRmr*cKbX%s`h(T zXs3f{Mf28*;_tSQf@z>9zL|$a< zs%gJS-)VlvC2E#zPd1U)J$9Z^7VUkqUS_1q|F}nNwO3ii z@42shXPI-J>umLIXsrwu=~tqc?PWi2JBiqCPgea(;yi1g^c_6UD%a=r=_=y9kGgJM zXK|2GAGWuB&N^|kK1a3Hjto|l#9X!q?L}JZ#MiDpXg?=%nV%I`C#tevuW>l(+pE@_ z(|bGfZ&q&?8K-vS^Ng!?lBingmvItnjrU2fHE;IxMKV9`XW;s;{+;oH009C72oNAZ zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7 z2oNAZfB*pk1PBlyK!5-N0t5&UAV7e?zk|S4s(g=oRr~W)HXrrs=T&8Xs6>8K&3x3W zp;tZh!@R57;J16tQq}xj>c&^)_LIDsuliRF_v4KEM|#h4KTVDK%gysBkr$b`Z|>yqpuI@Uem_U^_MpA)+0;oM)>|2_C5Ab-S6SVh@!L6n zyL!9G{2$WuV3XC;)thRauMi%wOJV9i`93s@{54 zPp|6hqfctPkJ|30@2fu3P@lbKtD5r1?fGUEyZ7W%b;_%Hd{uhi%T=p=neW%hYF(TC z+xED9-=4Ow+c)|7xc_{byJ5xi^jO}CUDsr<5tqq!8lPdL-S#GPyxsI0_m$VG7K#0_ zM_wlD%Hp{9U1#uQGuz$D_P-?dC|B*qd9Mq9yKekClP|M6{30vd&-Edzf7aJNUO7F9 z@#Ea91^++p&yEEXAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBoLA_cBee|_9O z_PX-RHcFlL%Qnl?P?3JWo#wtO-;Ywm{V<<#uX6v@C%tB=?*1;Zlhk-W={<)2)AT(~ z-#^lOmiuYD$oT8$Q6eugcGa|Br0+C8Yo41qf7skV-{iP^&s?A8Qx)fH=5a=^Olp<4 z+eVpb+E=sa?|;qrNg|fXa*_B)`BcV}ulwgwB2E*xY)2Vw-p&%e z`$@~A_G4f7`}CW)KlhCG^1axsc&}%+%&IDv-&(EZZmyGLyO$iMnQz?Q$f)y-JM8D*iayIo7wuUTCK>%Oy=qr#j)!ggp3#T+pAt1owkMm&>mEDL zD2w(!SuZnE<$v5Gw%V(#;`iKFzO&3Z&vmwXH?&p;i}Wke%l5LLx1B_6x2LOqC2^j$ zPx=m?XO-*ox{f&Sqpn-mSsY~4hwW{jvrgQs&rxl)BZJi>F_-N@dy$qp@wICY+Ruqx z=4Zv#iK^_^YaCAc_Nw*f^xn?=yVcu8#;G0oJmYGeB&t^WWt_xX<9*U=&6_=ak<5?# z8Myu;|Hes*009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7e?KPqsQD&ON?)&4w{ z%}2fZc~zMoDv{q*GavP8=v5E>Fz>21`0ZY^R5gE>y75)H{UmSZtNvBP{Wzokk>0c1 zPg7(5a`QY&TVy~Tflc&=t)(#zYtwmZ(;BK#ZT8EnU_5SZg zpJk+r_ACmMjD8rs+Lh|{ux;Nn`Vjw9qGp-*WD|MaW2=_^qPg5)l9=Fsa>lPD%(X`>zrM-m;G$+qMA!wAKESnVx05`fVtI%Hi!Mhc|a}c+g%XX1|}Kd3(@a_iXAU z59_TA*Al~=+p9Tm&iL(|zhAvwWd0B7d9cZ9y_#yBB&ycaDM9j8`4_qqJ9*^TS@jd#JpAyU#2&z2Bv3eAQwnMFLR`u4adU{n~AAM5Webjb0eP8vNhWhL^Th)|5ZqGNX*u5v8s#9Lo zu*-qm# zyxnbYGRNCZzj0rAt!k0jAA96wvaT$Sd*Ah_PcrX)mF<5?>`|`Tjq_d?{&wB?uUCD( z%#If zHA{8(cZr>(#`{U{G4!9N?{WJ6k>0c1PuoStUq6o$d6BWJru`y)r}wywK7&%pIx{X63Y0RjXF5FkK+009C72oNAZfB*pk1PBly zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk z1PBlyK!5;&e+Pl9RQVqFs`lrpY(DDM&#TJ(P>KAen)#?#L$7-1hj~}E!Eg7PrKXmZSUqfNw#~v7JKc?n>?LH zv3BUFYc0}R0(X1O(>m0&ulIj1`Ya<|v}aM6Wc0)6)vi>phi&_w(TDh-5;e=bC!5IY z9$U5S7wvtrUS_1q|F}nNwO4WfJ@=LGtnbo(J6pZG$Xr9k`Qc0~^SsPTYt;|auVxxf zN$pyVP}wfhTIcMtz3gXmC+*wq>s7>k73_zz{bUt!o-EE*LR;-Gndw=^tKWtas2tvI za(HtmhX?INV)pwvnzsk-b3gaJoMfIxjy{^MPy!n_q-s4Rj_q!F; zPx59zb;_6RUB6qVca3mU?Y*kE@3gCSosWM62oNAZfB*pk1PBlyK!5-N0t5&UAV7cs z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U zAV7cs0RjXF5FkL{OAxqfTW#Dv<~nc7Hp+F`W_j9bJGoBUJoiUw-*1QcjB{x6ISL z$M0_XzFNJh_?qoiVvgJM%_?^9$)|E&rr%k5?Dd(J?PdDE&KyIw+wI%-xP9NAwy)ba z`T4kgm!E%XPx8Kc&(nXoiTzWehxQtAnQW)srqtfF-S#%4ziB^bu66HmUw^G_ksd$x z_{-#8t2pi>40$|W^|-tKUlMnetM=o(9pwAvX1?uYIn44Q?@8wPUsOJ6Umk9wp*5am&n9>Su}G{iNklGOxXS-*fqMzL(u|kx_@8+e=H0 z@gXfkR<(=kmS=t4>+|&_%C+9>FX2}~4g?4gAV7cs0RjXF5FkK+009C72oNAZfB*pk z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ zfB*pk1PJ^O7r09G^>MEPf1WDsqg7@$e$wmBAEkXi)#eY=ez>aXe!I^swcg*Q zPW&Vl-%k=VPfS&yuNv~l={rmBsu{n?UH!bs9JgCX>2r~ptFryNiu@=e)p*N3O2zMP z`o3DdsrZ`hRbr0Y^UW%D@5$$@hHSUnx2Z+{eS6xzZr|kR z;K`uftF8z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U zAV7e?mm+YL3hd)v3I04)+DExAQwe@uqkTU$;j8X^z1dIA`NKRNt}46V?lnt&_jie% zq{{nA?=jS&uS)XA>H9}|&wB0ni;Ta19wqW3V~%>-(7g zJMHWKd6bCL#4X!VMw_>@MDKpm@~HjT*Zn^I=IzgY_Pu;BHY?ss{~F^%TDID6t=4ik z*GaP7OAgb_H*Rn8bQ;CV`zSq6({FrFuX$PzGU~j)|9jDA8R?=ui^3!$9;R3AO7(i! zw(l8zi2o^3vt)a+iM;Ny^L`TEC+lTKs{D_8#8!KiRs5d&TIDQr&U2lu-VLpl!6N-i z^s>F|=WQnu+wGfGzmho5+9!Pn&$G()d40NyIPasbTi00}WYmZ4ZJ)DF+^o-0ZM7qV z)g&>O?Lm8ymOAmZYY*DbiCpGq#np+b?AL27qsne*y*a%%nLlYyR&N&>r*`D?jH`8$ zs2c0bIEl5!`=r;JH+%XbnIHEvaQ&tHS(66=0t5&UAV7cs0RjXF5FkK+009C72oNAZ zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7 z2oNAZfB=F2l)zQ0e2;ro`}0&bANA_zRb_stM1E7veAKI&GRUc7n!jt%`eios=C)ar+tLV=7-Jw^G%Ms z_ssQaKFf?!GY{3;cUrCTcH1a3O?!3sMbGrte192L*MIA_cXOR2+r3_ky>{kJo=&4! zJ9N~w7HKVkyS?UV9ctRw`@a``mXR*nvnWh5`eF2HSE|>;)VBY8^dbJIM9nhq$tLo; z$5t)-MSGvDml>(@KkgA*?N!`=&wY(J>$|ky&Q|Y+*2-X!esy*(+sl65b`r7O{l>opEDZ?9T!PVY_TPue=KMaKD%IS)3ut>0AZBxBS{zl@VuJ9MA)=X?4h znIHEvaQ&b98>ABf0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7 z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB=CnMc^t`zQ^rj zuJcqjANA_zRb_stM1E7veAKIJ_}3X_a}7`@t+>h-W~-!u9U|5Ku7nfGK9dEH~Hmi?l=Pu9zfRQVtGh^_W2 z?!V{0@}2cv+HYs8cNdv!s5n2IiDjObS!u2MVfxif!zrmY=*-B`u{UtL!%XszMF#JwDY;QL?yt$LZgZ3gZ`~4iv+k^JH zXHzG6SZ`&xmKf&TUd?%P#&2?d(!O53U1a_b>3Oip>gnoDwN7$hYy2|KYpwA<_7DVzW!4F0Lp^^0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!Ct4fveQ- z9=DIVs^a-5*HCYLU1PlJz#pZ(s+=G83f@EI_1k@Bsp z`Ba_qsvcjJ-uH6VYG3C2b+TI5X8*Q5Zr``3sl)zFes1UKoA#$oRrYy$ELX8l^JZOP zzD8Uo+i84;k#^gg%<(o)Lk0M8UwN%+k=P%5(@KkgA*?NwIsd+saW zS>~MQI$OOPS}TJ^`jzNqd)d$1P9nD3x2t|7ah|nL`VO9FmFx5RbQN*lM_sqBvpC48 z58K;5XPvlNpQGApM+U1&VlLZ*_988H;%nC)w4W2X%+HFe6II!-*EpQ??N#f|>AlJP zN&D04?IPpUj(nbRwN4UMEB!J~Vy*E$>9yv~p1w%t$Ndak|F``eGcf@I1PBlyK!5-N z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+ z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly zK!5-N0t5&UAV7cs0RjXF5FkK+0D*soz*VYzk9$@7^Heq;_3GzUWqzncepAhS)T^Oa zJ@mu8tJ>hVd(BeS{9WqCSLODTyqT~1R}J^$jQU4<&vHLajrq&X^C*!QnXxL(FVeTF zy4O6XeT2&9ht2)-O^&Z?Vf1QOs@KD| zeb4Aa{7;FRW!{rbP@?e^^|;=T&@!`Xhaia1XeXDgwt z_Lt1`EaTO0LkUz4Z#Ox-xs$_#_98L+{T$8PgZ8>-Qzv;?Z)Lca80Oqw&3SXiZ*qRp zzFECpWd0B7d9caq>FQ0jPI6ys{4&mKt?@qN&v*WHR&$u_KlJ^+{%8F0G6n$x1PBly zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+0D*t9z*XvZkK4ywRqK3|YpA!rt}$M9;E&Q? zRn8B41@EEq`t3fm)bxIrs_|8e{UkB-RfY1Z%6^=_L!I|&-phO!Ka6i|F zto~VF`*`K_B;Jp6uNM42`Ip*o1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7 z2>ho6u2O$}+&=cY^2;_#o%YK%%hOPie!rdOzAE33Qp5c)pK-5p|J5hGW~uJ}F0qr; zct7bqhW^v^Jx*rA-FEV!3v|ps}G(T&en>l~j+&|ysxO>lBpXO5) z=WFJ1Mz2h2mABhQnQ7Wrv*_=C&G$(nmdSFF_(%Cv#*^f8kd}kKidtVu?X<7^=TRa~ z6Sr(f8ExLq621FL%cJ&VU-$d;o3}srjP~-q*sOT3XSU3$Dwp3{t>td6lVrP>9HyCX z+}`BrG>WyZqpr0`>*u}ZX+6lO^Nc&}=iiDx%SadPSrjH2{V=_1S89%jZTp_lhxnfo zHA}W9o5<@PJI^SK_C8rJGg9S$+#|NytE}Sp+*iJ{%sJ0>wt6?TRtAgoE78mLvY)q| zL~OV3R{cuiJZqoy9X!t}*XQ-=D&oA4x^7)(agb3TwzqxGI&rf;N43?C3|5oGT($@8 zMOx~_*RDNiKPPgTpA}apsN|o<%uWEmu%I2e9{k*Eo50%Jos+o^^HT0^7ewcSv8~k>!S*n`9OWpXY+t#l&{EvIYR(loq-*aF2&iXFxx3kr|i_A4toFC4_GSADbv{wBv{c5J+l+>=(2$k(3 zt#!^W+sl47chbJyzFS4ySHXTb+fP;z=gH!1CA8K4l9`@my!ve@fy&|SCWkk7a(K{Q zBxb*#qj`JKUiWP3BoFJY4A&CFoZG88Z_fBl&QCTuFEam!^gP&P^>o#*S|_=$HGUcA zwbpo_@#j1LI;%NM_8QR=1z)LstH*uY0_bdJ@}OuUhc8ej(iwAV7cs0RjXF z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs z0RjXF5FkK+009C72oNAZfB*pk1PBly@ZTnImHO-B_OaKMU$#-|v|qMao`!1lC%xkQ zQQG%Y-~KS|RptJxPx{PK+x=ZTZIe`ZKS|7d)q9$|nMFL zGIQ0oUu2YNevUFyjknCxyvOfu`o3DdsrZ`hRbr0Y^UW%D@5!ffUZ&q!dhGR?mhENw zzs?-PTDRM`sYd^Od)mHk-{j|Zetw&~r+Ht!=jp#(#eTPGt?`!0b=qZi@_x6y$qa8d zy~cgrwWdX4f9#Q$$+@yW?tRzuKgq1aTzA+0OJa|5&3m7Ne81ex_9QtEeLm#-Kl!(*BEi+SzpCx+tla@!xzV`2Z&*jhg zUUthxMjdu-FD*63hqMe?)ef#(p7ph_&sJq#xnKXcoqZD%AV7cs0RjXF5FkK+009C7 z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+ z009C72oNAZfB*pk1PBlyK;X8(RVuKLdnNeuRB9jPx=bbbb&dA@RDiF#^YvywHRliW zbhxVQe!JH!72n?_c9Od9C%wl|hrTMwAE)mh={@VU<1aG)`gxSdi;O*P=bH-hHP6kQ zKWy%wZ*ttdXRfb4Tg85#xhm9GCbi0{Ltoic+bA^ETHnX?-)Ud>&!a?~CT`h|GTOYIC3^RhmPhT!zV7$wH*bILv+w15v03q6 z`qvmA(z4ZlYqgfUxlWSpUUHabzHxh#r_(4_-bd+qnttPZdd<^%kWuIT{oji|%SadP zSrjH2@i4t=SE|>;wtdg&L;O#PnkCzlP2_cto%fUQK3Oj_QssZ#BevSBtm60F*D7b3 zbDryL^=@db3>N8EqL=MuKW{sUc+wuP`jy0a);{Swc%D_R&+F4w#Cace-MY@=AfrBP zZ~L5e;%0r0YO5U?tR{)MY!BLtwA6{OU3<`ePUJE_E3QsdWxrly8EwUAXuUbTw=@5K z^>&eQYDYfLxLPNPs009C72oNAZfB*pk z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ zfB*pk1PBlyK!5-N0t5&UAnJ_}3X_a}7`@t+>h&ltbjC{6Q_0}efgN*vHz0J7$$!L-JYmRE$OYC4Z$@67< z&|aivzn_qKo_ebJy%KT7?{HB`us8>Tj%$vi!tJ>hVd(BeS{9WqCSLODT zyqT~1SAF&4jQU4<&vHLajrq&X^C*!QnX%?xr0+C8Yo60SLS^&A=KlF6$K8A8`ZS+q zMyZ*HYVA9%R(ZQ^l$oZzy8EJM`fI+wjH>Iub=$kSPLl0juf<+F^CnNHQLG(0>ROAm zmcZR!^Rx~%?d$#Di$2Rp7wuUTCK>%OdbKOn>tWlzXY?Wdr$o&%@5v_ey2n;6`$c=7 ztd|+7@;~koTkTccf6sm8JL|i&-_BO=E;83paeg=x%RDc$(pvSy^sAYMQ&PKDBUHAF zwAMMhY%lxS+)4YB_IMR>Uj_T&Y(H5=oF|L3mC#oEOJ;hO@#?o>_?>vz-fnVub0>!f z?L}ht`#GAo2kmvwrcUy(-pX(-G0eHWn)Bw2-{kx>&cmt}ng2t29&ECDx_VQslib%D zzl`%*YrN0+^PPX4)f^`K4}HI{Z~qZ;Pk;ac0t5&UAV7cs0RjXF5FkK+009C72oNAZ zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7 z2oNAZ;0qDBO8xF}`0k3OmGK5Dz0zOVXBLw)v| zt!m02x96Kx?B0`4)hVy)@m1-4FITPhWxii0t95PmZ&Nk?`}VYb-M-1s?RD zJUy11*zXcIwAYBsWIK(|Fw$;&lR4gQ`i=X_YgLQH{@5cglXYcr-21LGc#?UCQSVl^ z|0S_UxoS7gdtLaOy75mob>qLx>hO!Ka6i|Fto~VF`*`K_B(|li7W^0T$3Pkc2oNAZ zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U zAV7csf&Y)ayIXGS$kK$Jm%`xDOoRnnlx&xIX3Of5BIJ_7a`aS$+XwssNqpiD0stk_ z4Bq?quG|1fO6+n^Pfri6dW6`(M&`=QmCsJXRY!{e0RjXF5FkK+009C72oNAZfB*pk z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs zfq!y=tJGf~xA(oS{GyFgr~R@`^KGa|ztfI$UzP7iso}n#*SJ@?|Kg)j(^PlgP3$B! z-jDi-VfszJI>X@y$JJeVk8K zoUfI~nY}WpUEXdRWu>#en|bg5HSb4>SR~7N;=jzRGM*%#y|nE0UDWGy4$# zW1^-D78&W!~N;>qTa&{11D?W_y)ge8_#}JI$K2Tqn!Ep|vuYXIzP1wwL|9 zZ6{(Yc?=OHahknP`V&0OE?4LE$ui=!&$?<|WwDo8AGKflnswr)eT{0XCo)(~5_8!$ z+KaT*iLa-&(f*dmMLsL8PE=*T+T(E2SGnDs-kZ#yB==#=JoD5O`84Bdog}Ju`Y=vn z?eRY8mFCSeeUZ!$`x&_YC;v6IeF6js5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7 z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5;& zKfAzHs(g=oRr}LaHXrrs=T&8Xs6>8K&3x3Wp;tZh{q$9B@Y|!NscOEPy75)H{U|-N z<@l=MewbN*&**9H&r)Ola{Yaj$cwC4mFDLeTUFg_o#Q@3W%K>|{`oq`H}|adaXyR8 zQY#PD+P7Qn@^;%OE1mV~?(?4MuX%qMRo8#(ws&)#B-^*W7JEIJ*ZFoF#d<;qU2C4! z61Y2Rme!%Bef9rQ^hsvAXwRZB$?W^ltEW<<9<|5!%s#~bn5b#iJz7Uz_t>gsKX31n z^&&G>{)atcv%QM@hul}b)Bcop+R3u-B5Ms5=Z7<~$oEBdTDyLfakbKLO6sZA43+IX zt#!^W+sl47x6{6roQH_}D%cNaduthSnk-J1LYwXHS?O8ktG|X4s2qM-=kWSY4jb)7 zVs`pDnzfDgQ_rSO^042^a3wLUxytJ1jNjz^q&-F;h>68B{yV+0n=lywK|Ji>yv7}0^V-!su|M?4%Vb^oANH}U47RfFu-e_- z|D4!^T=g_g+g{#Zu27V3&cyg8PG%IemFZ0^T{UoY;Y1!*frJh$k_wDSr zUSB5SIB|=tROTm%e)Cbwm&v}KYmL|s3GKLj}tAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly@J}yrmHO-B zUI+d(b=pU{E>j17RiS++_1~-NeD&<4;{1NT?Jw)P-ySthz4zV3PEz&#sE-(`&{rM# z!;Jksqo=)c{6*$peIF(AB6C+w`&Iq;TIXiX@7MRw*EznqXRR+j*~Ly@x$4tbCbi3| zLSNZb+bAoZ_1#pJ`t9~>-jCA0NS5<_|1z)2c#_DywCwd=)c)RQ{C0cVUtcETIB|=1 zklAMKB++j^YWcGL(D(f=<7Vxzef76_pRafPHsfoK^R#TX-&*bEZmyGL`!+e8Wxa8G zoo~lcth^60@;Kwh_l%mQbuY8ddjB6qpJb+s_ACmM%($OX^;BxqqxSfo*@yTa6E#h? zN9)Mz9y{wN;a##`WTwjhut#jRSJ}mf+}AFrS#y@_WZ5^gRtEEoE78mLvY)r@L~P|X zM3ls7_CD!P@HD$zo!2MJh|@mns&$pcUS@sNe(7u0iJSH{s;!>LU^Pk1W!q>k(o!eB zp4vwHTOt?vthhQ+mHlduWwaTiq4nnU-emqHr)B7!XP$Z@pJrUGlSI{A591`(9`BQ0 zY2G~37s>pvpMmRt`rlIk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009DjZh@;* z`5yPG_NS?AKI+xatIGUPiTtLT`KVVzuX^bF>8sk{w?|D=)qFQ~;}@m0h9 zFth%i(bL?YrN;c_`uix67g@0?&CfHos=C)Y$9;y%=KJ;i^L37I?pf>Od={CdRvxOg zZ@1dz?Y2=?I_uTl=RMP3^ZqcZuK(6;@8&v5wr_ha_Ifg}^X)i_^@I+();z5xaCg)! ztwT-w>i?tYlgxC{o<(7j+4rMYPo+jZN^Sd3XCLB!Ow=^%9<3vhOD62qF0ms#DM@td5Vw6B-F^Q?cKk$dZ`o-BK+b&~tqp%C;rtAq2AV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+ z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1U^%N ztJLovxA(cK*7+#cP;Y%zW4!9XAEdpiobUGv-a}pW+heAw>Ajn(@l}icC^55Th4QM( zeweXCo%gf!PSbLhI`fxzT1Odkv8=aV)zho``skzD?xXf*J@!>!X{gU$t5r?;!}ff= zi#PY=Q+3L#dVE!Sf19gz`!er8C973!_HWx)?Ys7*J#F9Qb1UDzX@AKz?0A+Di(9cz zm+dv_WJR^SS@t4WHayjfX45PnVj<{Rf{^!IU zG8>LG7Wt-;PP>cSk*PA~` z`%bFc@29Yt6Svu4i3lJFRcp>#Xq0 zvVWHT+IQ_~p8Fqq<|0c)%sgmb(r<;-hWQ)L9UwXwC&~n<$ATPbtdQOpJaUH zaMW|1X2tFHWnMeUU=q{4wCwd~QctU%`gX?G>&rwOCvK6IO8g|zZ$4`IGTGPjd)IUM zYu*>#a-La-r}j22HOF~chMm+CT(vywdtaTc^8G4N*MF+N7s(PJK!5-N0t5&UAV7cs z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U zAV7cs0RjXF5FkK+009C72oNCf`3hX60{ggEf`leK)a_)O|ndBZfNkRZ0FZV}H-+X|ElBk@;8OM~S@1+*Q?nRYAVi zxmol3_5Jg8j&JT+>x)lzvC~(s3iXvq?Xv37S2oo)%8F-wH&v&8yZxH?qqHxQmx(w|+@c+1wplw#^qY@bzHC4AeZR}NS^H~W{cYao z>m9$%_?qK9Et~DPR(rXd>m=E}O%7*SZ`@wz+i?^t?}Lmy&baYCqh@K{%dE5B|3}d$ zndzcEi^3!`?q^gzl^XS^J-%o5A^yiiO_S}>I`X>5&iYAsm#i0=sq#PU5u5E*cJU$i zwaaPNoaH)M_6@C-!93$i^s>F|=WRO?TkXkmTuGc}@00!nPqWL_d0j=E_E}f0t1R|1 z>!bEdU$ai!w69TZ^+X1%Nn$SBMthN#I`Q??Hrn43xyWb5)rqR?S9>g@%@_@>H>dX| z^C#`wW$!%m)D!tM<7%BGs^)qaC$aW;pY%%e=9#`o=7;?ZTz|elly*jd009C72oNAZ zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7 z2oNAZfB*pk1PBlyK!5-N0t5&UAn;EiaFr_G<6hPNG?mRqz501onI9^V-&8Xn^=jx< z4}CvFsA;O2@1|~iRc=2@&ulrqYPcU}*55OFn)|cVn7>?qA0_f4D^{iXdB#>% z_gd$;&rsQXzrKII&hgDXYki#0BD2)WL$&tpR=d32Hp)t8y}J9nXZma2A4b*n-@5JH zTqnu)ZLh^%Pv&*L9Y?XA&_UOlr?mv`j+&))sA*sQe-wR^nJ(J1C`>Z@e)Q_8)Tl?P zZU5=)L;R14nr7Xjb>wxAty=c;_AXg3GE?P$*dsREtGIv2ea$%SPid!}Ec=Gm%3z*x zb#^Y>%YNRr6S38vF2~(hm3}y{PnHp&0mr_c07GC%BR;QF89H`68w5FkK+009C72oNAZfB*pk1PBlyK!5-N z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+ z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly zK!5-N0t7x^fvZ&c9=G?oPE*-@)T^IYmHD9(`As$RQLl!+pPv2nRc-Lwqo%29zMH!7 zRk{5rJ+tNbs;_>SS%1&yY3|QbWBzjeeU!+HtXON$GxjW>wa#&$p|bgYegAx&Iub=$kSPLl20UW>h+%mIEmuX}9O zvY)qi$$F8QD*wYCvDse5{X_06-)VnJJMCoIcagP*iu1#nSmgU6JFQ(m%D7r-I3@Me zYKF>op4K{Nm+fUgo7-vMYEPFD_f@bT&i2+a;xt*DEQL1P-?P%Q%vXO6!{5ZC_RBhl z*LQN*XfG18)6dbYZM2_yHg%GR{Z@u6iDAvh%QbJ#_)X4F+FzEv^Q?cKk$dZ`o-BK+ zb&~tq(BQm)y@bIAV7cs0RjXF5FkK+009C72oNAZ zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7 z2oNAZfB*pk1pdSVSE=7UZtrtd#q&|Fq2Btc#(33%KS+C3Ip6OUyobu`x5rFV(|b2n z=Vcw2m_7Vp(s!s;5`=_0dPQ-AC=sdhDyd z(omnhR;!xwhwb@#7jN##r|Ohf_4umv{x(;1d?BBMp+IQ_qYR7+*&#k<^ zNlo@uRrXm%ES9lfCvw$ZGcJ-n7?QS>(zy6`u3R`njGpHH ztX*XO)%Q^%FEV%4w4Z0}Sw3r>n>D{*-#=gH_~xFqKF+5q&ezK0%wCz)E^oJuveH@K z&Aj*jn)jnbERy9s@n7au8BdbWURw70E^2=zwcVcf*O!SnPTZm$WVTs5N%WhKTE1*Q z^nJg}xLNya&**L5=j$E6?U^mItIFlKR(rXd>m=E}O%7*SZ`@wz+i?_YUk6=lp4LxC z&Csa z^&&G>{)atcv%ShLKIFdgoo3Bhu9Ico&{`SHGp(A(y(N+i$AV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1pXNXu2SWD+^gE3rn32{ zS3j>R^Ft-_n`-8xUJbqKq3@@!YJ=Y%HBD9X-PDb*%I!z#nJvdx4fn&$`g=xCbAOf^ z^Ox)IqeNb0#i}$v&)BN!Uh5q987iCa*Z0rYIlj4Pt&j6rWR_ZasMfySYL~a$Mp@~s zS9hQHOn=S$!>GFcTerQN>m=E}?X}qJ$-K_D<0#e>I_O&Sw3fi#QM0rTHSMeakD^a9 z(?xq0g-K@Lk6t~M8uh3>zGwC!{>Ma3v+mJ4^18=XE&F+Um#i0=sq#PU5u5E*+&|>L z@}2glw9`(OeHU44s5n2IiABCIveVl2ql~MShEq~ct!Aif=V`5TcG+I`v$>u2t@iaY z;=T&@!`a?iMw}*#lcmsR`+HV;mig+hp#&<2U)DLizLUd7dy$x(evW2sqy5ygsgpeH zw=!Hw3~N4Ku6c9DZ*qRxzFPLqv;KKT?ya+Wvh1nWN$zWp597Sn9`7^$^vVB}-Rvj( z^ZvZA{~3R5?U?`p0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7 z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ;K2)ArGEFgz0Xy( z&PTb1dh4qi<5dU#AnjGu!;Bs3yq~3a znwGQFnZLZ#I?9-fWxe&Po?g}0M<3O8AGJ5@v9J0{Lw)vIt!m02w&&|zytyZzs#9Lo zcbf13*I-?b<0Y5OLhTluV(Rn7KUMl6=GPtv+-uNfD~_AEZb zOmEujtno{}4He+Wedo2Sd18O)k(bH3vN-HxR~c+&-TNxr|D4!^T=g_gdtLaOy761d zb{O+8tHaN;!<}5`+5NM=_wmwcE4o$lUM=_s|1%*$0t5&UAV7cs0RjXF5FkK+009C7 z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+ z009C72oNAZfB*pk{}cjOslPsM?|WVOMH{6~`(>Nv+fb2yryb|MD&LP%!+k%maj$Y; zb?tADnx?w@Zek~?@qW}t4CBu-_Aq0A&**9H&)P-iUwt1X@*;CrP5XJqp5?RFxmol3 z_5Jg8j&JT+>*IW?;(V<<&g_**?eccpC@Y=y-OPLcuX#U8#3EVF6aQsimGLC`?4@O| z@1pisQrqome|?#VA zsCp{3#-sN5p4o@^9}_iAwnyv8>mEDHEc5m*SuZkE<$u^CHruQ0;zRB$-)YvIcrPm+h~7F5rGKH>dX|^QRFU#>_KM zJ&{i{uGUGSYNrq5B-S49lU`}wJkuA+{IH*a>wk*hOq(P?fB*pk1PBlyK!5-N0t5&U zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7 z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N z0t5&UAV7cs0RjXF5cqrru2SWD+^gE3rn32{S3j>R^Ft-_n`-8xUJbqKq3@@!YJ=Y% zHBD9X-PDb*%I!z#nJvdx4fn&$`g=xCbAOf^^Ox)IqeNb0#i}$v&)BN!Uh5q987iCa z*Z0rYIlj4Pt&j6rWR_ZasMfySYL~a$Mp@~sS9hQHOn=S$!>GFcTerQN>m=E}?X}qJ z$-K_D<0#e>I_O&Sw3fi#QM0rTHSMeakD^a9(?xq0g-K@Lk6t~M8ucjE>pz`+i2pHB z)2w^6j=b)%Rm*i|n*^ z{V3yVrQwv+Q>z&&+j&~+oL#n;{cLWheXD)5jJU6Y{cyIomJz4P;$$hb+5VoDo@KuJ zYbb%r;g@v|ukYlr(Ox8Gr=O!)+h{-aZ0aNr`>hOD62qF0muudf@td5VChK8W^Q?cK zk$dZ`o-BK+b&~tq(BQm)y@bIAV7cs0RjXF5FkK+ z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF z5FkK+009C72oNAZfB*pk1pdSVSIhd{C#h^+RnLc-=c@|i=e?qO)%af3VIO+lr;hh{ zUB~@y1@)u!?4(ZlqV4v(MMl>QH`U&&di!>}YS(%BM}PnU0t5&UAV7cs0RjXF5FkK+ z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF z5FkK+009C72oNAZfB*pk1RjFGRoiTP?W~=&Y2HuUIM*U=+qsU~dE3wD7r7SgG7;lt z&-*sX{fA}WY1_&8Ro_wWcG@f>cKcn;Rx?a{YemlcELZJ1FaHP-AV7cs0RjXF5FkK+ z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF z5FkK+009C72oNAZfB*pk1PBlyK!CtQ5V&faZLgiRlQzx!X&dKSq-{IbQ9Ez@`TQc+ zqFp9pyzF`3Cb|Ex>^p5c8Ncc~%H2+zWyEg3tJ!LXX>YB_d7tH~UFYQ=0RjXF5FkK+ z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UcnAVlZL{sQvv$&^c|UFAT#K}A=Q?WV zZ9ku1%`ok)6*=#-T(#@G{3Aes z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0Rj&};Hqu5y>`}4+BEN{ZJcY7 zw(VR;?Y!;h^NU=IcA1Frvgdu9Lh+DV({ z{j`m9Ez-7~>!_W#{d|6rYtb$fF<$n(Zk2!?d?n z$)3%fGtG=V$?X+1&?Do5w zt!9|^){30>S+3f3Uj7jvK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB=Dq zAaK<-+g>|sCvBSd(>BhvNZWR+NX*>~D@GJe%}l)Ifa z%ZS~6SF_a&)81N<^FGT}yUxo$0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk z1PBly@DK#9+Gg8pXYHg-^M2aKxfW^L&UMtz+kQU3$hByfi5M??-nU8aKP>xB+fK%> z`i^q9(`Fg5+wW?&nqk^oD{|gvxoX#W`A2{N0RjXF5FkK+009C72oNAZfB*pk1PBly zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk z1PBlyK!5-N0t6m{z*XC9d+n^9v}xW?+c?)EZQHqy+Iid0=NGva?J^PLWzYLI$^D0A z-)Y;)_*LIg?snQNBX;{;%~mr^duv6``z%-OIxqhS5FkK+009C72oNAZfB*pk1PBly zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk z1PBlyK!5-N0t5&UAV7e?LlC%Xn{BV1wUai@`)M2JTBL0|*HJrf`}zDL*P>k}V!Z5m z-zK^LuUTg@=-tra=%vs|_7y!<0TfB*pk1PBly zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009CILEx%ww!L=NPTDl@r)`{Tk+$tzNA0}r z=ktqPi*}ia@v`TAo8P4jKDZRgr)$GM;No}IRz*ErW^`{JWf({|o=6FX`1cGO1<T%}Zg^(3}4)04cuO%{vnW2c>D z{35-3?Opm8`F4`lnypqEXKZDEk{LGJZ~f`q-EBp^P5fDZwy*Q;IM1PE4thTG%u$AS zN6pf@7wuUx98SbPimr?<+OwY1aXf1DX};OhzD-}< zm)3Bme#(gbw47(Z!%3WGIt#v{#+sn*2jNOX* z5K&sEnP-x|+DSe0Rm>1^nsrastv~e{>l|0E8}0ji)~b&(vYu=`yZT?zIBBSf? zs{Y1?Iam9>yVA|y;Z3Gbb3%qO^JH32=_bQfPqj{#S${6)yPn>C&*qO#%JoC|xs?L} z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+ z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfWQM6xJotcaj!aG)yhY?E_;pmq5k+y z-SJVcQ(l$It5SN^;J!U-n)>6ry~_DKmDPu8=G%#>>grY5{`ZWY=Kd@d;xE_VM~S@1 zid9{`>ZVt{^;+k+&rsQXzrKII&hgDXYki#0?K<|gliKC&woz6(>vh+w9{hIuHSeEG zee~b@)499bsyF|(S52SB_I17;=Q-5Q54!g}tz~$3)GV!gy|R4u|55ZwX1Zw4;yB6d z`+3^+Tx-;$_V}LJhxi{8HO;z5>&WXKTXpN_?On27^cwc3IY%|uW_y`g5BkZf85YZP zQ>SJ)m(#S)a-A&W_j142PvxU!-T0dEY#m?u&NEM))yvFY=eyR~YTqtrysz5)5c7B$ zaoX1#j5gcP+0&z37rnLY$894r|6U#&?Z@OWXxDz;C%(>QJ&~2eu-;e8)|AolQ>B)H&mk)`)e&D~!(j!2C009C72oNAZ zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7 z2oNAZfB*pk1PBlyK!5-N0t5&U_n+vRX6;m&iE+R%lGpd z_xk8nbNlwFY3hydrlNXPQa?)1Ed5nOy=tl-X4c;`dYb#Q)I`5re;+0CA}dy%_<6>j z<+Ii~?lV+2->>hVuXB8J&srbnbGwdxWm3Dm-8RZfXMHzSXMMZMaoaazGKj_}`w3gxBQA0)gsu^GXe-wR^nJ!Z0{wPoKIJPzVw2yk! z9^W(j5dUMMrdjuB9eI7H?)|4#+<(f5{j71`PBNylo@V7)uKHf5ZfLDM=9#(9;AMN+ z&u#T?wQrXZ_f?G_W_YrUIPJ5p{u-Y36FQvNMcatzIHu(@$vT&5d6S6xE7G=S5=cFR1=DHrn43x0+$GT&rf8w|DtAWI62O=C9#q2T$AA%Q5rJQ|s?#-n*F( zSq*KU%gL^1ecv($ujJ=0(F{<&01|E)iryStrazi)f(^m?|h^X)j#p=1ua z_dKm-cz4t+twVkL>i?tYlgxCHiuXr(lE<;F(WiaXqxSfo*@yTa6E)4cN9)Mz9y`k{ z^Y$)TFEUf*f7l~7+soV^sbaxtykTmg{60KeSd>^F-IU%gj-ycstit z`*u0*zRL2em|>37KI`gl}UVy{W)L%34eK| zOn?9Z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNCf5CyJMaeLg}=Q>Sw^ii(M)GuGv zIKQb)K1wz7{k*E`_E63I_NZy8$T&-ZT9* z@1IKz_1{`)+}-UY`+eIhtJkxAoo~l^4kdHYz2|BDbkr=Zd%gO6_5V@yNoKle&*C`A z?E87z^;~PzqxSfo*@yTa6E#h?N9)Mz9$U5T=j~mxUSy`q|FB1FwpV#_A97#$PP67L z*U7SPXsrz98CR$8vc2plb~_PU?c3$J`)bTrrkm}_GUBw)y81hKn=EJj1kTz&j`!{_!&Vo4=u(-9KILexBLSGuvKfy1VOYoh;ivm%oQP zC-*(?Pfym1?ESEx#OsInQ!OU~1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+0D=Do zfvZ%<9{0-Tr>Ryx%5|CQYr4s;PZ@)HLaHK9XO{k| zre1Z>4>RlU89mMYSt`U|uD_2Gd65;XPW-BZdaZNZXQ*txU*A7p=lJHHwLZ>gky&cx zab~YfYL~a$Mp^N!*HoYP{$KO{xzs!Vtv{W+yPageZ+jK=dbY3g?Ksb&WDdG_Rhlou zyQ5}l-RqU&tN)LptKR)Zdltt@X5Wv0J=Yrbs6D=C_96bqL`}2q(K_1KPfj5y8AC(B)L z#%__hCec`AH^1b5CwrS`{aT~i-X?ain&kUs+h{M+veVDlEZ_c?$VEOYuFhm-zuM!l z^5bRe&H2B{{Av5kvUi?&&NFgvo!ctoYMmsicJaBKXMIo z?eeM-KUCGesYO2OwaoX^v!A}I%YA#)G&RY0Q}w;-t{~YZ=}hHB0MI)4uxuDEcHbU9@L$ zoMiU>Jned}HR@4&e9!Dd{Evy6X5FK8}R4wv-k)77AA7xyvG@P?~?lnVYJ5Ot!)XVm=pYH9nZ?$ii5%<-f zuU%ElFvn@nVD&fi_pJ0R^VQ$e@K^Py{j$#C^_?6x+Ka^O^piMi8||l_P5mtl`>hOD z62qF0muueqmE7d~w0*biooD^?jNHrY!?-8Qo@$*e+dh{QUrP5qrBBb!Px08#{?Ge~ zx&B;#)a{D^0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+ z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK;S5c~U$otRw^+__Q>(pduWz@jcAb}h z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ;2{WHwavEI&e}A4Ab6Pk@G&wRlCm1KLP{@5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U zAn*_buG(hXYiI4GP4j-*#<>=0+s<{=&f9)IzsR*{mx&lJd)~K6?msO1PTNk#ulkO1 zx6@`BvD@!zwwhtuTPt$jXSr(EdHF|x009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U zAV7cs0RjXbg1}YVY~%Jm*J)d{QLf82&9}|Ao$IL0a(|HaowlFXIM-(T;-fLscHVZ| zahtSxMvOCN7=4zz!;GC~^sJqwciKNMvc~P!QN~^&q zt7T8c*J`g4bJ(7*ck$+)d@AQf#+_uu+rHAGz0CNZvc{0@M(9^|UIPTOAIU#{2M%BW$?dHN^0AD&ueI?amP?aREr&0e-L?ny@PyZa%m2boR36ojmj7wAD_= zy=|WMdg65!>P&5S!zan$%Rb9a{2%3RlDK#2U*y|K=Be3grJCg^ttXjb*jJr^om}VH z&9knzI-5^>zMJj(A^aK1fdByl1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+0D;dy z;3{?2$Guj2)p;M~x=iKxRgLwdUUmK;?K`Opzn}K~WnK2$W2ULjzT0cQ&r`j#?tvJr!T8 zy-Lhsd%oVqn|t#4A~{vv`IC%z+gDn&ml^+4))=yVoGSHSweQ-K)V=>Ub?di!?fUQX zIaH#bW&C0pTeath)|zjTT+h19c3S_MOnzC98TVb+j^>H{p~qb&^Bv*LF9GOus5hpmiz()RKsp5(4} zwcEbQnl;}+USH?_tMnaY?nl}ASBZF2t4M*B1^LnZmD z@LrYYt7j*b;rH`xe_6Nv_NZy9x9|3<@AK4!uMxxev)olZ_}?>n+N;Q4qz3%z`zVnY znY${;&r>n}ET6T`&6?k@@1L)8d~?rQUwpEQoxbuovsWgy%c?S8*;LyoE1mV-R2BN| z_G{jc(!NNR^L+m@uWwW5ek;*WQmuX`@8kAezVEhg+F#N#ZU=dNo%^rScaXUrrPlpd ziFlg3N#Im;Ob*ousv9tChwXTiKsvhRya{D~-Fmt*Ez&Kg<5c?RCB#=Q-5Q4|+cHw0=5j zme##!&ywMABK}cyWpvS=^_-65QKL`$8YT1T>_hyIiJB(cqjltUkDX;_^X&F*`s%*4 zhBNh3M(n5MJp0}3vD2(PC=C%qYuU^*y3XKbdzmpq?^d4K5K$hd5tyW}a;>L2#5`F> zoMz^eb?dVpKb+S^+emIJpGnraOv{@@)KlE+-~LB5-lpw;rsqXs>o2JOHa6Pd61SS6 zPH5?@cD%}RXubJsxY@zi@f>>RnWvu5rXD%OvB9rLOY zKU5CCsXjjH)yu1XdDT&`O5C?cO;d$@w^u%&r|NdqI3LDW?e(f`|9eJHbAOf!@t5oG zqeNb0#j3qNPsQ%4#$M|j_Zcdi@7MRw*EznqXRVL(S!9-4d7RlRliKC&woz6(>($uj zz5my|Kg=rWRl)wUD~wY6e4f{4`>p%m-OnUDdfTg`*VB8QZ^s!|dq3!+^R$-I-BGi& z?)3`t)&ED)CzFh)NkBORQ-J^Bnb&p-uyZ^L$`>Q;g z4~ecBr~OIpw39x1bJNAk>eW}P)!)`E-~J`@jJxk3uyPu*f4t28=C9;t_g}ZKmc8@LexBL(GSl5% zSLfbc(hoE1?-@PK{aNbAU#`E85_ypotBU-pzIv^5+-In4zF*%zU+4Jd zp0z&C=XRC*%A|IAyKR&e&w9o6dC&CMy#INsq5szX@9t-k9lh-}((CEH&bQ-8*WM4h zXjPgorMshMY2E9U;;a9UqO0EhMSB*hNoL>A^Q_+usto$Y;eZmTRo`IIR45 z*?M!rZ!-Tnxeq&@XP)z{zn6LLW?Ze4W!sWPxA{g?DIu-ci7L#^`GVE zQ=S9}5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0-u?{RcddK+xuLnsaihjmCdVy z{7{kmrc(K+S32KM&wl!ZfGg}t8b>wG)T zb10dE?mbUy8QvW=OY2^*MPL1Y6kQozv}Zl1wxA ztxEUv?Do?t@vrjaJ|w#Goo3C!XE?7zYpKjLXPv&w_OhSY?L=?2zbwbySC4*};mI=M zG&7$pcfFY`>P**P$*gU(SNYsYZu8v#Yj0bf-i@qw8q-?2_E*oWPW48{PV#-D{afb0 zJzIU>XfN6?dA-Tq&zWzYebuN^ufAHX{_<+=f5|-KJiXOl;mT>q{_!&Vo4=u(-GALy zdz)wW^USuFneOhoS|`i4&*kr-&dGhx`_q&4B6~mVC-M3-`<1sH0t5&UAV7cs0RjXF z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs z0RjXF5FkK+009C72oNAZfB=F2sK8aKV~=}f^V3u-ALY7C_3>3*@S8f~qh5o&s*tZL zkKZ0OO+E45R3)#v>qm*1Eo+EZ9rVM@`g=xCbAOf!@t5oGqeNb0#i|p(s-Rx$9QPS2 zoA1~6&(}G=xo54a@qIg=+jZ=#!g=lTcH1Z`p7omQ^PcIidH-DMo&VNKwG)Tb10dE?p>AUKOHqo>t3%EU;Td+UG?rS+Os%LGW&j>c0Jb`^{73*XZ9if z$3#t&?a?~&y2q~S+J9Q5{Z*daheTJt)2unmb<#&~E?X;udFHIsciCR{6T6+ht@f8? z#C`SPE7Q&PWEpYVXI=drtg_h4tdH6+ea$+v)4oQvy!Ed%EnMXP)z{zn6LLW?Ze4W!vX+mg^bc_pDaW<21i6 zgTjmK{ji^+>;LFapEv>p2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7 z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0Ro>0T%~^Y zxV_JHn!4npUc0<%#1B=qZ)%Z`dM)$)^z5gv>T=&6HBC+O-Bf+Ay6Z>jnJvdx1@^CfU*3UMszx-s^lj&bWGt z2VHcY)>67VYL?c$UQfRI|0wz-GhMW2k(y-o{Rr2St5J{I<9lWw;(tukH0vI%Bd>dG zRjZ%3cgcE@nJWKPE%#S>HXjmQ`A++j+-WC$^k&w7w5$j}oSQ|ymr(8cQO4Cu!$~Ts znxV2S#X5_Z?PWi|+iBlw-z_8Vt1v&D|E*=jX|gz33T?K(XQgMEul{0&zne$xmvs)W z@8q!2ULa-90tqfNZ!h$+D+f zC%LaZ{&~)HIo$UgK0O^jWyky3;dwt3*Pr~NX&^v=009C72oNAZfB*pk1PBlyK!5-N z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+ z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly zK!5-N0t5&UAn>0TxLVfTK1tQ`s%SpcGassl-&7zUDygsPtPj2KQ-gcFuG4vdasy|=%PjY?HTW6_QKX21^)=t;e z>o?j}`m28ZI5q7TY5$>Jwx2V@yuC}$cKfwQyv&$`jGVQTL@&}`v(&hon4i+N-{(2a zdjBhTyZQV+D^3$PX?wRu-i(^2b(ZU-&$OBMFLLem`49R|##w1Ev(=c*_EYZm(|+DZ zRBYvOa;yJ;CyN?C%WSLNZnl54(~4f%ZnmfGn|!af^UQIa&&uy8I*aUho^M~~^=;eA zYn&WB<~3br9FDbN^NP4zjaH?Q!n6GW(;fb(*x7sM< zjxyJAUS)Hb_iCHxI?P>JzfaqCW_ps>x5=VrDWylbt0(a;{fm67r&+VrN;OMmf717I z-F|D=*idwspiX5M{<)AaE(FPX~X z)0zJ0G`xzzlil;!ul^_{kQK?KVy6S*L;%im;H?0K1Y8`n4(h)@uk*S3-#7JJb@!L#r<|X8UiII=!+&rB zE;7^Vzlp0g>O>7|oZVUDkA8Xn=zsD2SMKLOdRCt1f5i-Wf4-;X=D%!rpTO$BAa~Eu z@T+k5*W*o2+3>%7>$l{8*f3N=MC#UMa<9Fr%Ubdf}nY&(h|7-L4|1YB9SLW_7 zMg9Mv`lXrl--Y2!yleko{tHz9TYUI6x%*r5@Bc5A`fWMr|MfcQzgYjZzb60ZdH?U8 zhvEOBe$M|d>gJc^=6^-juSm7mwUNs|0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkL{ze}L1wO8HQ zlT?_k+S)_y*`YFhRgABS+*P@_YBa9u(GI;;YkU0f)Kb40Id4CtitW#dou_W)FwadT z?V-kdzdd3HZYRQ=`i{_VOuttw?dRi*L2>lj;y009C72oNAZfB*pk z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PJ{9?cG~%8^;+2;P0mh zx@rN*@gb>O-L>u^0qn$xi>5%^3yPu+wL}plC0P~p-}}xk8J*(zBsa4Ah!}D>hi`YE zot<6kW(W`q^^N_p_SRVU2%W?S7@sQa`Bu)JHN4dGqSqv))1-qg(rVtm)rl^ZBsurQdFjc|Wgavy=B$HcQ$`u2~vmO26gaT_1yQ8fjlA#!klQPmQ(9`*wGZ^ybK2o}pHA zF^@f59Mj#O#b%jJPPh{USu@1nYrC#)-w~dJ6wCRX-_!q zS!TVPGlt#Wd9NEe*XMXR8O?{Yu>+|SyV`CZqKw!8lv^}g5m z#k2m^>t=c1yn5yL_tmTS-{+Yd`u_!-=KB9t=86}2g8%i6x!`|sXa0D5d-F=a>ecEm zp1(i;--!Kx5w6bf?LR~9{;=20=KYv>S^v(xr~P-LzXx2sL%ja^tj#Uki~Cl)&)n`k z;KTR(UB|NbnC8K$L`B!2`55FkK+009C72oNAZfB*pk1PBlyK!5-N z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+ z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7KDIzxt-Y;{d5~2w z+uGXw`k2d=>5sYk zn&f?4qojGtHj;MhsJ8OCmNc)^v=}XFj%zRZlSSRQ2I;@7+f8mz)AZQvaxGemFzHHL z%UKuYtj_cDM}PnU0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7 z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1nz>sS*_Nv z4(p&Mc^}s(X`Zr;q}@8It$eN}&FeHRMvI!`+DraqQ8%tZ`Y-EtlN;1DJvO^si`F7c zy3*Ei)w~lHnpKD3;I!%kwqUN~vl0RA0jcbtp%evj<1~pBO%`VrX zwFr~0w6&adQO@c-FMk9G5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAVAyPe!VqT;#F6CSKM$&4v7#GLi_j^)L>$}AJroOGeEZR)7ZwJ{{ zQ@XjOKF)BVH%^=V^xjI}ru-o3{1+PmHcWs30RjXF5FkK+009C72oNAZfB*pk1PBly zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk P1PBlyK!5-N0ulHxPLxUB literal 0 HcmV?d00001 diff --git a/cscg24/web/intro_web_2/intro_web_2_session.session.log b/cscg24/web/intro_web_2/intro_web_2_session.session.log new file mode 100644 index 0000000..edd1eb7 --- /dev/null +++ b/cscg24/web/intro_web_2/intro_web_2_session.session.log @@ -0,0 +1,2903 @@ +/*C2*/SET SCHEMA PUBLIC +SET FILES LOG TRUE +/*C4*/SET SCHEMA PUBLIC +DELETE FROM SESSION WHERE SESSIONID=1709346750724 +INSERT INTO SESSION VALUES(1709346750724,'Untitled Session','2024-03-02 03:32:43.041776') +COMMIT +/*C3*/SET SCHEMA PUBLIC +INSERT INTO HISTORY VALUES(1,1709346750724,1,200,1709346894944,457,'POST','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','POST https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000acontent-type: application/grpc-web+proto\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aContent-Length: 44\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','00000000270a18373232653363613365393262363863656666353830336664120b696e74726f2d7765622d32','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAccess-Control-Expose-Headers: Access-Control-Allow-Origin, Vary, Date, Content-Type, grpc-status, grpc-message\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Type: application/grpc-web+proto\u000d\u000aServer: Caddy\u000d\u000aVary: Origin\u000d\u000aDate: Sat, 02 Mar 2024 02:34:55 GMT\u000d\u000acontent-length: 129\u000d\u000a\u000d\u000a','00000000670a1837323265336361336539326236386365666635383033666410011a49123d3732326533636133653932623638636566663538303366642d313032342d696e74726f2d7765622d322e6368616c6c656e67652e637363672e6c69766518b90a220568747470738000000010677270632d7374617475733a20300d0a',NULL,'',TRUE) +COMMIT +INSERT INTO HISTORY VALUES(2,1709346750724,0,0,0,0,'GET','https://api.cscg.live:444','GET https://api.cscg.live:444 HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','','','',NULL,'',FALSE) +COMMIT +INSERT INTO HISTORY VALUES(3,1709346750724,0,0,0,0,'GET','https://api.cscg.live:444/platform.Platform','GET https://api.cscg.live:444/platform.Platform HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','','','',NULL,'',FALSE) +COMMIT +/*C10*/SET SCHEMA PUBLIC +INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',1,'','https://play.cscg.live') +COMMIT +INSERT INTO PARAM VALUES(2,'api.cscg.live:444','header','Access-Control-Expose-Headers',1,'','Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message') +COMMIT +INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',1,'','h3=":443"; ma=2592000') +COMMIT +INSERT INTO PARAM VALUES(4,'api.cscg.live:444','header','Content-Type',1,'','application/grpc-web+proto') +COMMIT +INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',1,'','Caddy') +COMMIT +INSERT INTO PARAM VALUES(6,'api.cscg.live:444','header','Vary',1,'','Origin') +COMMIT +INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',1,'','Sat%2C 02 Mar 2024 02:34:55 GMT') +COMMIT +INSERT INTO PARAM VALUES(8,'api.cscg.live:444','header','content-length',1,'','129') +COMMIT +/*C5*/SET SCHEMA PUBLIC +INSERT INTO ALERT VALUES(0,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',1,1,'','',319,15,3,'','10035-1') +COMMIT +/*C6*/SET SCHEMA PUBLIC +INSERT INTO ALERT_TAG VALUES(1,0,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(2,0,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C5*/INSERT INTO ALERT VALUES(1,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',1,1,'','',693,15,3,'','10021') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(3,1,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(4,1,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C3*/INSERT INTO HISTORY VALUES(4,1709346750724,1,403,1709346896051,237,'GET','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html','GET https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html HTTP/1.1\u000d\u000ahost: 722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aConnection: keep-alive\u000d\u000aReferer: https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/\u000d\u000aUpgrade-Insecure-Requests: 1\u000d\u000aSec-Fetch-Dest: document\u000d\u000aSec-Fetch-Mode: navigate\u000d\u000aSec-Fetch-Site: same-origin\u000d\u000aSec-Fetch-User: ?1\u000d\u000a\u000d\u000a','','HTTP/1.1 403 Forbidden\u000d\u000aServer: nginx/1.24.0\u000d\u000aDate: Sat, 02 Mar 2024 02:34:56 GMT\u000d\u000aContent-Type: text/html\u000d\u000aContent-Length: 384\u000d\u000aConnection: keep-alive\u000d\u000aETag: "1-180"\u000d\u000a\u000d\u000a','3c68746d6c3e0a3c686561643e0a202020203c7469746c653e496e74726f20746f2057656220323c2f7469746c653e0a202020203c6d65746120636861727365743d225554462d38223e0a202020203c6c696e6b2072656c3d227374796c6573686565742220747970653d22746578742f6373732220687265663d227374796c652e63737322202f3e0a3c2f686561643e0a3c626f64793e0a3c68313e24284745524d414e5f4349545929205472616d205469636b6574204d616368696e653c2f68313e0a0a3c68333e3c7370616e207374796c653d22636f6c6f723a20726564223e496e736563757265206f7065726174696e672073797374656d213c2f7370616e3e3c2f68333e0a3c68723e0a466f7220734563557249745920724561536f4e732c20796f75206e65656420746f2075706461746520796f75722073797374656d20746f2057696e646f7773203935206265666f726520616363657373696e6720746869732077656273697465210a3c2f626f64793e0a3c2f68746d6c3e',NULL,'',TRUE) +COMMIT +INSERT INTO HISTORY VALUES(5,1709346750724,0,0,0,0,'GET','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','GET https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337 HTTP/1.1\u000d\u000ahost: 722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aConnection: keep-alive\u000d\u000aReferer: https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/\u000d\u000aUpgrade-Insecure-Requests: 1\u000d\u000aSec-Fetch-Dest: document\u000d\u000aSec-Fetch-Mode: navigate\u000d\u000aSec-Fetch-Site: same-origin\u000d\u000aSec-Fetch-User: ?1\u000d\u000a\u000d\u000a','','','',NULL,'',FALSE) +COMMIT +INSERT INTO HISTORY VALUES(6,1709346750724,1,200,1709346896338,23,'GET','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/style.css','GET https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/style.css HTTP/1.1\u000d\u000ahost: 722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: text/css,*/*;q=0.1\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aConnection: keep-alive\u000d\u000aReferer: https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html\u000d\u000aSec-Fetch-Dest: style\u000d\u000aSec-Fetch-Mode: no-cors\u000d\u000aSec-Fetch-Site: same-origin\u000d\u000a\u000d\u000a','','HTTP/1.1 200 OK\u000d\u000aServer: nginx/1.24.0\u000d\u000aDate: Sat, 02 Mar 2024 02:34:56 GMT\u000d\u000aContent-Type: text/plain\u000d\u000aContent-Length: 287\u000d\u000aLast-Modified: Thu, 01 Jan 1970 00:00:01 GMT\u000d\u000aConnection: keep-alive\u000d\u000aETag: "1-11f"\u000d\u000aCache-Control: no-store\u000d\u000aAccept-Ranges: bytes\u000d\u000a\u000d\u000a','68746d6c207b0a202020206d61782d77696474683a20373063683b0a2020202070616464696e673a2033656d2031656d3b0a202020206d617267696e3a206175746f3b0a202020206c696e652d6865696768743a20312e37353b0a20202020666f6e742d73697a653a20312e3235656d3b0a0a202020206261636b67726f756e642d636f6c6f723a20233145323132323b0a20202020636f6c6f723a20234244423741463b0a7d0a68312c2068322c206833207b0a20202020636f6c6f723a20234538453645333b0a7d0a6872207b0a202020206d617267696e2d746f703a202d31656d3b0a7d0a61207b0a20202020636f6c6f723a206c69676874626c75653b0a20202020746578742d6465636f726174696f6e3a206e6f6e653b0a7d0a',NULL,'',TRUE) +COMMIT +/*C5*/INSERT INTO ALERT VALUES(2,0,10036,'Server Leaks Version Information via "Server" HTTP Response Header Field',1,3,'The web/application server is leaking version information via the "Server" HTTP response header. Access to such information may facilitate attackers identifying other vulnerabilities your web/application server is subject to.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/style.css','','','Ensure that your web server, application server, load balancer, etc. is configured to suppress the "Server" header or provide generic details.','https://httpd.apache.org/docs/current/mod/core.html#servertokens\u000ahttps://learn.microsoft.com/en-us/previous-versions/msp-n-p/ff648552(v=pandp.10)\u000ahttps://www.troyhunt.com/shhh-dont-let-your-response-headers/',6,6,'','nginx/1.24.0',200,13,3,'','10036') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(5,2,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(6,2,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +INSERT INTO ALERT_TAG VALUES(7,2,'WSTG-v42-INFO-02','https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/01-Information_Gathering/02-Fingerprint_Web_Server') +COMMIT +/*C10*/INSERT INTO PARAM VALUES(9,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Server',1,'','nginx/1.24.0') +COMMIT +INSERT INTO PARAM VALUES(10,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Date',1,'','Sat%2C 02 Mar 2024 02:34:56 GMT') +COMMIT +INSERT INTO PARAM VALUES(11,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Content-Type',1,'','text/html') +COMMIT +INSERT INTO PARAM VALUES(12,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Content-Length',1,'','384') +COMMIT +INSERT INTO PARAM VALUES(13,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Connection',1,'','keep-alive') +COMMIT +INSERT INTO PARAM VALUES(14,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','ETag',1,'','"1-180"') +COMMIT +DELETE FROM PARAM WHERE PARAMID=9 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Server' AND USED=1 AND FLAGS='' AND VALS='nginx/1.24.0' +INSERT INTO PARAM VALUES(9,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Server',2,'','nginx/1.24.0') +COMMIT +DELETE FROM PARAM WHERE PARAMID=10 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Date' AND USED=1 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT' +INSERT INTO PARAM VALUES(10,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Date',2,'','Sat%2C 02 Mar 2024 02:34:56 GMT') +COMMIT +DELETE FROM PARAM WHERE PARAMID=11 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Content-Type' AND USED=1 AND FLAGS='' AND VALS='text/html' +INSERT INTO PARAM VALUES(11,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Content-Type',2,'','text/html,text/plain') +COMMIT +DELETE FROM PARAM WHERE PARAMID=12 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Content-Length' AND USED=1 AND FLAGS='' AND VALS='384' +INSERT INTO PARAM VALUES(12,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Content-Length',2,'','287,384') +COMMIT +INSERT INTO PARAM VALUES(15,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Last-Modified',1,'','Thu%2C 01 Jan 1970 00:00:01 GMT') +COMMIT +DELETE FROM PARAM WHERE PARAMID=13 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Connection' AND USED=1 AND FLAGS='' AND VALS='keep-alive' +INSERT INTO PARAM VALUES(13,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Connection',2,'','keep-alive') +COMMIT +DELETE FROM PARAM WHERE PARAMID=14 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='ETag' AND USED=1 AND FLAGS='' AND VALS='"1-180"' +INSERT INTO PARAM VALUES(14,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','ETag',2,'','"1-180","1-11f"') +COMMIT +INSERT INTO PARAM VALUES(16,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Cache-Control',1,'','no-store') +COMMIT +INSERT INTO PARAM VALUES(17,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Accept-Ranges',1,'','bytes') +COMMIT +/*C5*/INSERT INTO ALERT VALUES(3,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/style.css','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',6,6,'','',319,15,3,'','10035-1') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(8,3,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(9,3,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C5*/INSERT INTO ALERT VALUES(4,0,10038,'Content Security Policy (CSP) Header Not Set',2,3,'Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page \u2014 covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html','','','Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header.','https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policy\u000ahttps://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html\u000ahttps://www.w3.org/TR/CSP/\u000ahttps://w3c.github.io/webappsec-csp/\u000ahttps://web.dev/articles/csp\u000ahttps://caniuse.com/#feat=contentsecuritypolicy\u000ahttps://content-security-policy.com/',4,4,'','',693,15,3,'','10038-1') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(10,4,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(11,4,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C5*/INSERT INTO ALERT VALUES(5,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/style.css','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',6,6,'','',693,15,3,'','10021') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(12,5,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(13,5,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C5*/INSERT INTO ALERT VALUES(6,0,10036,'Server Leaks Version Information via "Server" HTTP Response Header Field',1,3,'The web/application server is leaking version information via the "Server" HTTP response header. Access to such information may facilitate attackers identifying other vulnerabilities your web/application server is subject to.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html','','','Ensure that your web server, application server, load balancer, etc. is configured to suppress the "Server" header or provide generic details.','https://httpd.apache.org/docs/current/mod/core.html#servertokens\u000ahttps://learn.microsoft.com/en-us/previous-versions/msp-n-p/ff648552(v=pandp.10)\u000ahttps://www.troyhunt.com/shhh-dont-let-your-response-headers/',4,4,'','nginx/1.24.0',200,13,3,'','10036') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(14,6,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(15,6,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +INSERT INTO ALERT_TAG VALUES(16,6,'WSTG-v42-INFO-02','https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/01-Information_Gathering/02-Fingerprint_Web_Server') +COMMIT +/*C5*/INSERT INTO ALERT VALUES(7,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',4,4,'','',319,15,3,'','10035-1') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(17,7,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(18,7,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C3*/INSERT INTO HISTORY VALUES(7,1709346750724,1,200,1709346896616,130,'OPTIONS','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','OPTIONS https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aAccess-Control-Request-Method: POST\u000d\u000aAccess-Control-Request-Headers: authorization,content-type,x-grpc-web,x-user-agent\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Headers: content-type,accept,x-user-agent,x-grpc-web,grpc-status,grpc-message,authorization\u000d\u000aAccess-Control-Allow-Methods: GET,HEAD,POST,PUT,DELETE\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Length: 0\u000d\u000aDate: Sat, 02 Mar 2024 02:34:56 GMT\u000d\u000aServer: Caddy\u000d\u000a\u000d\u000a','',NULL,'',TRUE) +COMMIT +/*C10*/INSERT INTO PARAM VALUES(18,'api.cscg.live:444','header','Access-Control-Allow-Headers',1,'','content-type%2Caccept%2Cx-user-agent%2Cx-grpc-web%2Cgrpc-status%2Cgrpc-message%2Cauthorization') +COMMIT +INSERT INTO PARAM VALUES(19,'api.cscg.live:444','header','Access-Control-Allow-Methods',1,'','GET%2CHEAD%2CPOST%2CPUT%2CDELETE') +COMMIT +DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=1 AND FLAGS='' AND VALS='https://play.cscg.live' +INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',2,'','https://play.cscg.live') +COMMIT +DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=1 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' +INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',2,'','h3=":443"; ma=2592000') +COMMIT +INSERT INTO PARAM VALUES(20,'api.cscg.live:444','header','Content-Length',1,'','0') +COMMIT +DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=1 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:55 GMT' +INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',2,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT') +COMMIT +DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=1 AND FLAGS='' AND VALS='Caddy' +INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',2,'','Caddy') +COMMIT +/*C5*/INSERT INTO ALERT VALUES(8,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',7,7,'','',319,15,3,'','10035-1') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(19,8,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(20,8,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C3*/INSERT INTO HISTORY VALUES(8,1709346750724,1,200,1709346896918,112,'POST','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','POST https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000acontent-type: application/grpc-web+proto\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aContent-Length: 44\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','00000000270a18373232653363613365393262363863656666353830336664120b696e74726f2d7765622d32','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAccess-Control-Expose-Headers: Access-Control-Allow-Origin, Vary, Date, Content-Type, grpc-status, grpc-message\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Type: application/grpc-web+proto\u000d\u000aServer: Caddy\u000d\u000aVary: Origin\u000d\u000aDate: Sat, 02 Mar 2024 02:34:57 GMT\u000d\u000acontent-length: 129\u000d\u000a\u000d\u000a','00000000670a1837323265336361336539326236386365666635383033666410011a49123d3732326533636133653932623638636566663538303366642d313032342d696e74726f2d7765622d322e6368616c6c656e67652e637363672e6c69766518b90a220568747470738000000010677270632d7374617475733a20300d0a',NULL,'',TRUE) +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=2 AND FLAGS='' AND VALS='https://play.cscg.live' +INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',3,'','https://play.cscg.live') +COMMIT +DELETE FROM PARAM WHERE PARAMID=2 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Expose-Headers' AND USED=1 AND FLAGS='' AND VALS='Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message' +INSERT INTO PARAM VALUES(2,'api.cscg.live:444','header','Access-Control-Expose-Headers',2,'','Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message') +COMMIT +DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=2 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' +INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',3,'','h3=":443"; ma=2592000') +COMMIT +/*C5*/INSERT INTO ALERT VALUES(9,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',8,8,'','',319,15,3,'','10035-1') +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=4 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Type' AND USED=1 AND FLAGS='' AND VALS='application/grpc-web+proto' +INSERT INTO PARAM VALUES(4,'api.cscg.live:444','header','Content-Type',2,'','application/grpc-web+proto') +COMMIT +DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=2 AND FLAGS='' AND VALS='Caddy' +INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',3,'','Caddy') +COMMIT +DELETE FROM PARAM WHERE PARAMID=6 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Vary' AND USED=1 AND FLAGS='' AND VALS='Origin' +INSERT INTO PARAM VALUES(6,'api.cscg.live:444','header','Vary',2,'','Origin') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(21,9,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(22,9,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=2 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT' +INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',3,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT') +COMMIT +DELETE FROM PARAM WHERE PARAMID=8 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='content-length' AND USED=1 AND FLAGS='' AND VALS='129' +INSERT INTO PARAM VALUES(8,'api.cscg.live:444','header','content-length',2,'','129') +COMMIT +/*C5*/INSERT INTO ALERT VALUES(10,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',8,8,'','',693,15,3,'','10021') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(23,10,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(24,10,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_CHANNEL VALUES(1,'zap',443,'','2024-03-02 03:34:57.550000',NULL,NULL) +COMMIT +/*C1*/SET SCHEMA SYSTEM_LOBS +INSERT INTO LOB_IDS VALUES(1,61,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 2 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=0 +INSERT INTO BLOCKS VALUES(0,1,0) +INSERT INTO BLOCKS VALUES(1,2147483646,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=0 +INSERT INTO LOBS VALUES(0,1,0,1) +COMMIT +/*C13*/INSERT INTO WEBSOCKET_MESSAGE VALUES(1,1,'2024-03-02 03:34:57.691000',1,1,NULL,61,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=1 +INSERT INTO LOB_IDS VALUES(1,61,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(2,77,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 3 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=1 +INSERT INTO BLOCKS VALUES(1,1,0) +INSERT INTO BLOCKS VALUES(2,2147483645,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=1 +INSERT INTO LOBS VALUES(1,1,0,2) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(2,1,'2024-03-02 03:34:57.707000',1,2,NULL,77,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=2 +INSERT INTO LOB_IDS VALUES(2,77,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(3,49,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 4 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=2 +INSERT INTO BLOCKS VALUES(2,1,0) +INSERT INTO BLOCKS VALUES(3,2147483644,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=2 +INSERT INTO LOBS VALUES(2,1,0,3) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(3,1,'2024-03-02 03:34:57.712000',1,3,NULL,49,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=3 +INSERT INTO LOB_IDS VALUES(3,49,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(4,120,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 5 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=3 +INSERT INTO BLOCKS VALUES(3,1,0) +INSERT INTO BLOCKS VALUES(4,2147483643,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=3 +INSERT INTO LOBS VALUES(3,1,0,4) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(4,1,'2024-03-02 03:34:57.714000',1,4,NULL,120,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=4 +INSERT INTO LOB_IDS VALUES(4,120,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(5,117,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 6 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=4 +INSERT INTO BLOCKS VALUES(4,1,0) +INSERT INTO BLOCKS VALUES(5,2147483642,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=4 +INSERT INTO LOBS VALUES(4,1,0,5) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(5,1,'2024-03-02 03:34:57.733000',1,5,NULL,117,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=5 +INSERT INTO LOB_IDS VALUES(5,117,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(6,112,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 7 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=5 +INSERT INTO BLOCKS VALUES(5,1,0) +INSERT INTO BLOCKS VALUES(6,2147483641,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=5 +INSERT INTO LOBS VALUES(5,1,0,6) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(6,1,'2024-03-02 03:34:57.735000',1,6,NULL,112,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=6 +INSERT INTO LOB_IDS VALUES(6,112,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(7,108,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 8 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=6 +INSERT INTO BLOCKS VALUES(6,1,0) +INSERT INTO BLOCKS VALUES(7,2147483640,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=6 +INSERT INTO LOBS VALUES(6,1,0,7) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(7,1,'2024-03-02 03:34:57.796000',1,7,NULL,108,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=7 +INSERT INTO LOB_IDS VALUES(7,108,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(8,118,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 9 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=7 +INSERT INTO BLOCKS VALUES(7,1,0) +INSERT INTO BLOCKS VALUES(8,2147483639,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=7 +INSERT INTO LOBS VALUES(7,1,0,8) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(8,1,'2024-03-02 03:34:57.802000',1,8,NULL,118,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=8 +INSERT INTO LOB_IDS VALUES(8,118,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(9,110,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 10 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=8 +INSERT INTO BLOCKS VALUES(8,1,0) +INSERT INTO BLOCKS VALUES(9,2147483638,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=8 +INSERT INTO LOBS VALUES(8,1,0,9) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(9,1,'2024-03-02 03:34:57.805000',1,9,NULL,110,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=9 +INSERT INTO LOB_IDS VALUES(9,110,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(10,130,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 11 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=9 +INSERT INTO BLOCKS VALUES(9,1,0) +INSERT INTO BLOCKS VALUES(10,2147483637,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=9 +INSERT INTO LOBS VALUES(9,1,0,10) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(10,1,'2024-03-02 03:34:57.814000',1,10,NULL,130,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=10 +INSERT INTO LOB_IDS VALUES(10,130,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(11,114,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 12 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=10 +INSERT INTO BLOCKS VALUES(10,1,0) +INSERT INTO BLOCKS VALUES(11,2147483636,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=10 +INSERT INTO LOBS VALUES(10,1,0,11) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(11,1,'2024-03-02 03:34:57.822000',1,11,NULL,114,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=11 +INSERT INTO LOB_IDS VALUES(11,114,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(12,106,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 13 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=11 +INSERT INTO BLOCKS VALUES(11,1,0) +INSERT INTO BLOCKS VALUES(12,2147483635,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=11 +INSERT INTO LOBS VALUES(11,1,0,12) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(12,1,'2024-03-02 03:34:57.823000',1,12,NULL,106,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=12 +INSERT INTO LOB_IDS VALUES(12,106,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(13,201,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 14 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=12 +INSERT INTO BLOCKS VALUES(12,1,0) +INSERT INTO BLOCKS VALUES(13,2147483634,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=12 +INSERT INTO LOBS VALUES(12,1,0,13) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(13,1,'2024-03-02 03:34:57.951000',1,13,NULL,201,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=13 +INSERT INTO LOB_IDS VALUES(13,201,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(14,960,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 15 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=13 +INSERT INTO BLOCKS VALUES(13,1,0) +INSERT INTO BLOCKS VALUES(14,2147483633,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=13 +INSERT INTO LOBS VALUES(13,1,0,14) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(14,1,'2024-03-02 03:34:57.960000',1,14,NULL,960,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=14 +INSERT INTO LOB_IDS VALUES(14,960,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(15,176,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 16 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=14 +INSERT INTO BLOCKS VALUES(14,1,0) +INSERT INTO BLOCKS VALUES(15,2147483632,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=14 +INSERT INTO LOBS VALUES(14,1,0,15) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(15,1,'2024-03-02 03:34:57.963000',1,15,NULL,176,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=15 +INSERT INTO LOB_IDS VALUES(15,176,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(16,1653,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 17 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=15 +INSERT INTO BLOCKS VALUES(15,1,0) +INSERT INTO BLOCKS VALUES(16,2147483631,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=15 +INSERT INTO LOBS VALUES(15,1,0,16) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(16,1,'2024-03-02 03:34:57.972000',1,16,NULL,1653,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=16 +INSERT INTO LOB_IDS VALUES(16,1653,1,40) +COMMIT +/*C3*/INSERT INTO HISTORY VALUES(9,1709346750724,1,200,1709346898617,348,'POST','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','POST https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000acontent-type: application/grpc-web+proto\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aContent-Length: 44\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','00000000270a18373232653363613365393262363863656666353830336664120b696e74726f2d7765622d32','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAccess-Control-Expose-Headers: Access-Control-Allow-Origin, Vary, Date, Content-Type, grpc-status, grpc-message\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Type: application/grpc-web+proto\u000d\u000aServer: Caddy\u000d\u000aVary: Origin\u000d\u000aDate: Sat, 02 Mar 2024 02:34:58 GMT\u000d\u000acontent-length: 129\u000d\u000a\u000d\u000a','00000000670a1837323265336361336539326236386365666635383033666410011a49123d3732326533636133653932623638636566663538303366642d313032342d696e74726f2d7765622d322e6368616c6c656e67652e637363672e6c69766518b90a220568747470738000000010677270632d7374617475733a20300d0a',NULL,'',TRUE) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(17,322,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 18 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=16 +INSERT INTO BLOCKS VALUES(16,1,0) +INSERT INTO BLOCKS VALUES(17,2147483630,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=16 +INSERT INTO LOBS VALUES(16,1,0,17) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(17,1,'2024-03-02 03:34:58.973000',1,17,NULL,322,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=17 +INSERT INTO LOB_IDS VALUES(17,322,1,40) +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=3 AND FLAGS='' AND VALS='https://play.cscg.live' +INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',4,'','https://play.cscg.live') +COMMIT +DELETE FROM PARAM WHERE PARAMID=2 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Expose-Headers' AND USED=2 AND FLAGS='' AND VALS='Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message' +INSERT INTO PARAM VALUES(2,'api.cscg.live:444','header','Access-Control-Expose-Headers',3,'','Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message') +COMMIT +DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=3 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' +INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',4,'','h3=":443"; ma=2592000') +COMMIT +DELETE FROM PARAM WHERE PARAMID=4 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Type' AND USED=2 AND FLAGS='' AND VALS='application/grpc-web+proto' +INSERT INTO PARAM VALUES(4,'api.cscg.live:444','header','Content-Type',3,'','application/grpc-web+proto') +COMMIT +DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=3 AND FLAGS='' AND VALS='Caddy' +INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',4,'','Caddy') +COMMIT +DELETE FROM PARAM WHERE PARAMID=6 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Vary' AND USED=2 AND FLAGS='' AND VALS='Origin' +INSERT INTO PARAM VALUES(6,'api.cscg.live:444','header','Vary',3,'','Origin') +COMMIT +DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=3 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT' +INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',4,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT') +COMMIT +DELETE FROM PARAM WHERE PARAMID=8 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='content-length' AND USED=2 AND FLAGS='' AND VALS='129' +INSERT INTO PARAM VALUES(8,'api.cscg.live:444','header','content-length',3,'','129') +COMMIT +/*C5*/INSERT INTO ALERT VALUES(11,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',9,9,'','',319,15,3,'','10035-1') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(25,11,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(26,11,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(18,551,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 19 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=17 +INSERT INTO BLOCKS VALUES(17,1,0) +INSERT INTO BLOCKS VALUES(18,2147483629,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=17 +INSERT INTO LOBS VALUES(17,1,0,18) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(18,1,'2024-03-02 03:34:59.177000',1,18,NULL,551,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=18 +INSERT INTO LOB_IDS VALUES(18,551,1,40) +COMMIT +/*C5*/INSERT INTO ALERT VALUES(12,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',9,9,'','',693,15,3,'','10021') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(27,12,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(28,12,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(19,572,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 20 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=18 +INSERT INTO BLOCKS VALUES(18,1,0) +INSERT INTO BLOCKS VALUES(19,2147483628,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=18 +INSERT INTO LOBS VALUES(18,1,0,19) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(19,1,'2024-03-02 03:34:59.187000',1,19,NULL,572,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=19 +INSERT INTO LOB_IDS VALUES(19,572,1,40) +COMMIT +/*C3*/INSERT INTO HISTORY VALUES(10,1709346750724,1,200,1709346900752,297,'POST','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','POST https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000acontent-type: application/grpc-web+proto\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aContent-Length: 44\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','00000000270a18373232653363613365393262363863656666353830336664120b696e74726f2d7765622d32','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAccess-Control-Expose-Headers: Access-Control-Allow-Origin, Vary, Date, Content-Type, grpc-status, grpc-message\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Type: application/grpc-web+proto\u000d\u000aServer: Caddy\u000d\u000aVary: Origin\u000d\u000aDate: Sat, 02 Mar 2024 02:35:01 GMT\u000d\u000acontent-length: 129\u000d\u000a\u000d\u000a','00000000670a1837323265336361336539326236386365666635383033666410011a49123d3732326533636133653932623638636566663538303366642d313032342d696e74726f2d7765622d322e6368616c6c656e67652e637363672e6c69766518b90a220568747470738000000010677270632d7374617475733a20300d0a',NULL,'',TRUE) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(20,323,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 21 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=19 +INSERT INTO BLOCKS VALUES(19,1,0) +INSERT INTO BLOCKS VALUES(20,2147483627,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=19 +INSERT INTO LOBS VALUES(19,1,0,20) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(20,1,'2024-03-02 03:35:01.052000',1,20,NULL,323,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=20 +INSERT INTO LOB_IDS VALUES(20,323,1,40) +COMMIT +/*C5*/INSERT INTO ALERT VALUES(13,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',10,10,'','',319,15,3,'','10035-1') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(29,13,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(30,13,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=4 AND FLAGS='' AND VALS='https://play.cscg.live' +INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',5,'','https://play.cscg.live') +COMMIT +DELETE FROM PARAM WHERE PARAMID=2 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Expose-Headers' AND USED=3 AND FLAGS='' AND VALS='Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message' +INSERT INTO PARAM VALUES(2,'api.cscg.live:444','header','Access-Control-Expose-Headers',4,'','Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message') +COMMIT +DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=4 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' +INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',5,'','h3=":443"; ma=2592000') +COMMIT +DELETE FROM PARAM WHERE PARAMID=4 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Type' AND USED=3 AND FLAGS='' AND VALS='application/grpc-web+proto' +INSERT INTO PARAM VALUES(4,'api.cscg.live:444','header','Content-Type',4,'','application/grpc-web+proto') +COMMIT +DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=4 AND FLAGS='' AND VALS='Caddy' +INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',5,'','Caddy') +COMMIT +DELETE FROM PARAM WHERE PARAMID=6 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Vary' AND USED=3 AND FLAGS='' AND VALS='Origin' +INSERT INTO PARAM VALUES(6,'api.cscg.live:444','header','Vary',4,'','Origin') +COMMIT +DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=4 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT' +INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',5,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT') +COMMIT +DELETE FROM PARAM WHERE PARAMID=8 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='content-length' AND USED=3 AND FLAGS='' AND VALS='129' +INSERT INTO PARAM VALUES(8,'api.cscg.live:444','header','content-length',4,'','129') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(21,552,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 22 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=20 +INSERT INTO BLOCKS VALUES(20,1,0) +INSERT INTO BLOCKS VALUES(21,2147483626,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=20 +INSERT INTO LOBS VALUES(20,1,0,21) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(21,1,'2024-03-02 03:35:01.274000',1,21,NULL,552,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=21 +INSERT INTO LOB_IDS VALUES(21,552,1,40) +COMMIT +/*C5*/INSERT INTO ALERT VALUES(14,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',10,10,'','',693,15,3,'','10021') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(31,14,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(32,14,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(22,573,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 23 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=21 +INSERT INTO BLOCKS VALUES(21,1,0) +INSERT INTO BLOCKS VALUES(22,2147483625,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=21 +INSERT INTO LOBS VALUES(21,1,0,22) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(22,1,'2024-03-02 03:35:01.281000',1,22,NULL,573,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=22 +INSERT INTO LOB_IDS VALUES(22,573,1,40) +COMMIT +/*C3*/INSERT INTO HISTORY VALUES(11,1709346750724,1,200,1709346902634,106,'OPTIONS','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','OPTIONS https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aAccess-Control-Request-Method: POST\u000d\u000aAccess-Control-Request-Headers: authorization,content-type,x-grpc-web,x-user-agent\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Headers: content-type,accept,x-user-agent,x-grpc-web,grpc-status,grpc-message,authorization\u000d\u000aAccess-Control-Allow-Methods: GET,HEAD,POST,PUT,DELETE\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Length: 0\u000d\u000aDate: Sat, 02 Mar 2024 02:35:02 GMT\u000d\u000aServer: Caddy\u000d\u000a\u000d\u000a','',NULL,'',TRUE) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(23,324,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 24 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=22 +INSERT INTO BLOCKS VALUES(22,1,0) +INSERT INTO BLOCKS VALUES(23,2147483624,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=22 +INSERT INTO LOBS VALUES(22,1,0,23) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(23,1,'2024-03-02 03:35:02.743000',1,23,NULL,324,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=23 +INSERT INTO LOB_IDS VALUES(23,324,1,40) +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=18 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Headers' AND USED=1 AND FLAGS='' AND VALS='content-type%2Caccept%2Cx-user-agent%2Cx-grpc-web%2Cgrpc-status%2Cgrpc-message%2Cauthorization' +INSERT INTO PARAM VALUES(18,'api.cscg.live:444','header','Access-Control-Allow-Headers',2,'','content-type%2Caccept%2Cx-user-agent%2Cx-grpc-web%2Cgrpc-status%2Cgrpc-message%2Cauthorization') +COMMIT +DELETE FROM PARAM WHERE PARAMID=19 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Methods' AND USED=1 AND FLAGS='' AND VALS='GET%2CHEAD%2CPOST%2CPUT%2CDELETE' +INSERT INTO PARAM VALUES(19,'api.cscg.live:444','header','Access-Control-Allow-Methods',2,'','GET%2CHEAD%2CPOST%2CPUT%2CDELETE') +COMMIT +DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=5 AND FLAGS='' AND VALS='https://play.cscg.live' +INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',6,'','https://play.cscg.live') +COMMIT +/*C5*/INSERT INTO ALERT VALUES(15,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',11,11,'','',319,15,3,'','10035-1') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(33,15,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(34,15,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=5 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' +INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',6,'','h3=":443"; ma=2592000') +COMMIT +DELETE FROM PARAM WHERE PARAMID=20 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Length' AND USED=1 AND FLAGS='' AND VALS='0' +INSERT INTO PARAM VALUES(20,'api.cscg.live:444','header','Content-Length',2,'','0') +COMMIT +DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=5 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT' +INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',6,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT') +COMMIT +DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=5 AND FLAGS='' AND VALS='Caddy' +INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',6,'','Caddy') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(24,552,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 25 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=23 +INSERT INTO BLOCKS VALUES(23,1,0) +INSERT INTO BLOCKS VALUES(24,2147483623,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=23 +INSERT INTO LOBS VALUES(23,1,0,24) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(24,1,'2024-03-02 03:35:02.956000',1,24,NULL,552,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=24 +INSERT INTO LOB_IDS VALUES(24,552,1,40) +COMMIT +/*C3*/INSERT INTO HISTORY VALUES(12,1709346750724,1,200,1709346902745,278,'POST','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','POST https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000acontent-type: application/grpc-web+proto\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aContent-Length: 44\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','00000000270a18373232653363613365393262363863656666353830336664120b696e74726f2d7765622d32','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAccess-Control-Expose-Headers: Access-Control-Allow-Origin, Vary, Date, Content-Type, grpc-status, grpc-message\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Type: application/grpc-web+proto\u000d\u000aServer: Caddy\u000d\u000aVary: Origin\u000d\u000aDate: Sat, 02 Mar 2024 02:35:03 GMT\u000d\u000acontent-length: 129\u000d\u000a\u000d\u000a','00000000670a1837323265336361336539326236386365666635383033666410011a49123d3732326533636133653932623638636566663538303366642d313032342d696e74726f2d7765622d322e6368616c6c656e67652e637363672e6c69766518b90a220568747470738000000010677270632d7374617475733a20300d0a',NULL,'',TRUE) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(25,323,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 26 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=24 +INSERT INTO BLOCKS VALUES(24,1,0) +INSERT INTO BLOCKS VALUES(25,2147483622,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=24 +INSERT INTO LOBS VALUES(24,1,0,25) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(25,1,'2024-03-02 03:35:03.024000',1,25,NULL,323,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=25 +INSERT INTO LOB_IDS VALUES(25,323,1,40) +COMMIT +/*C5*/INSERT INTO ALERT VALUES(16,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',12,12,'','',319,15,3,'','10035-1') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(35,16,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(36,16,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=6 AND FLAGS='' AND VALS='https://play.cscg.live' +INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',7,'','https://play.cscg.live') +COMMIT +DELETE FROM PARAM WHERE PARAMID=2 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Expose-Headers' AND USED=4 AND FLAGS='' AND VALS='Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message' +INSERT INTO PARAM VALUES(2,'api.cscg.live:444','header','Access-Control-Expose-Headers',5,'','Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message') +COMMIT +DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=6 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' +INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',7,'','h3=":443"; ma=2592000') +COMMIT +DELETE FROM PARAM WHERE PARAMID=4 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Type' AND USED=4 AND FLAGS='' AND VALS='application/grpc-web+proto' +INSERT INTO PARAM VALUES(4,'api.cscg.live:444','header','Content-Type',5,'','application/grpc-web+proto') +COMMIT +DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=6 AND FLAGS='' AND VALS='Caddy' +INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',7,'','Caddy') +COMMIT +DELETE FROM PARAM WHERE PARAMID=6 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Vary' AND USED=4 AND FLAGS='' AND VALS='Origin' +INSERT INTO PARAM VALUES(6,'api.cscg.live:444','header','Vary',5,'','Origin') +COMMIT +DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=6 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT' +INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',7,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT') +COMMIT +DELETE FROM PARAM WHERE PARAMID=8 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='content-length' AND USED=4 AND FLAGS='' AND VALS='129' +INSERT INTO PARAM VALUES(8,'api.cscg.live:444','header','content-length',5,'','129') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(26,552,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 27 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=25 +INSERT INTO BLOCKS VALUES(25,1,0) +INSERT INTO BLOCKS VALUES(26,2147483621,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=25 +INSERT INTO LOBS VALUES(25,1,0,26) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(26,1,'2024-03-02 03:35:03.236000',1,26,NULL,552,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=26 +INSERT INTO LOB_IDS VALUES(26,552,1,40) +COMMIT +/*C5*/INSERT INTO ALERT VALUES(17,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',12,12,'','',693,15,3,'','10021') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(37,17,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(38,17,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(27,573,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 28 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=26 +INSERT INTO BLOCKS VALUES(26,1,0) +INSERT INTO BLOCKS VALUES(27,2147483620,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=26 +INSERT INTO LOBS VALUES(26,1,0,27) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(27,1,'2024-03-02 03:35:03.262000',1,27,NULL,573,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=27 +INSERT INTO LOB_IDS VALUES(27,573,1,40) +COMMIT +/*C3*/INSERT INTO HISTORY VALUES(13,1709346750724,1,200,1709346904639,173,'POST','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','POST https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000acontent-type: application/grpc-web+proto\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aContent-Length: 44\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','00000000270a18373232653363613365393262363863656666353830336664120b696e74726f2d7765622d32','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAccess-Control-Expose-Headers: Vary, Date, Content-Type, Access-Control-Allow-Origin, grpc-status, grpc-message\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Type: application/grpc-web+proto\u000d\u000aServer: Caddy\u000d\u000aVary: Origin\u000d\u000aDate: Sat, 02 Mar 2024 02:35:04 GMT\u000d\u000acontent-length: 129\u000d\u000a\u000d\u000a','00000000670a1837323265336361336539326236386365666635383033666410011a49123d3732326533636133653932623638636566663538303366642d313032342d696e74726f2d7765622d322e6368616c6c656e67652e637363672e6c69766518b90a220568747470738000000010677270632d7374617475733a20300d0a',NULL,'',TRUE) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(28,323,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 29 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=27 +INSERT INTO BLOCKS VALUES(27,1,0) +INSERT INTO BLOCKS VALUES(28,2147483619,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=27 +INSERT INTO LOBS VALUES(27,1,0,28) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(28,1,'2024-03-02 03:35:04.813000',1,28,NULL,323,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=28 +INSERT INTO LOB_IDS VALUES(28,323,1,40) +COMMIT +/*C5*/INSERT INTO ALERT VALUES(18,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',13,13,'','',319,15,3,'','10035-1') +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=7 AND FLAGS='' AND VALS='https://play.cscg.live' +INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',8,'','https://play.cscg.live') +COMMIT +DELETE FROM PARAM WHERE PARAMID=2 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Expose-Headers' AND USED=5 AND FLAGS='' AND VALS='Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message' +INSERT INTO PARAM VALUES(2,'api.cscg.live:444','header','Access-Control-Expose-Headers',6,'','Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(39,18,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(40,18,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=7 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' +INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',8,'','h3=":443"; ma=2592000') +COMMIT +DELETE FROM PARAM WHERE PARAMID=4 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Type' AND USED=5 AND FLAGS='' AND VALS='application/grpc-web+proto' +INSERT INTO PARAM VALUES(4,'api.cscg.live:444','header','Content-Type',6,'','application/grpc-web+proto') +COMMIT +DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=7 AND FLAGS='' AND VALS='Caddy' +INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',8,'','Caddy') +COMMIT +DELETE FROM PARAM WHERE PARAMID=6 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Vary' AND USED=5 AND FLAGS='' AND VALS='Origin' +INSERT INTO PARAM VALUES(6,'api.cscg.live:444','header','Vary',6,'','Origin') +COMMIT +DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=7 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT' +INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',8,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT') +COMMIT +DELETE FROM PARAM WHERE PARAMID=8 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='content-length' AND USED=5 AND FLAGS='' AND VALS='129' +INSERT INTO PARAM VALUES(8,'api.cscg.live:444','header','content-length',6,'','129') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(29,552,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 30 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=28 +INSERT INTO BLOCKS VALUES(28,1,0) +INSERT INTO BLOCKS VALUES(29,2147483618,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=28 +INSERT INTO LOBS VALUES(28,1,0,29) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(29,1,'2024-03-02 03:35:05.035000',1,29,NULL,552,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=29 +INSERT INTO LOB_IDS VALUES(29,552,1,40) +COMMIT +/*C5*/INSERT INTO ALERT VALUES(19,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',13,13,'','',693,15,3,'','10021') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(41,19,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(42,19,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(30,573,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 31 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=29 +INSERT INTO BLOCKS VALUES(29,1,0) +INSERT INTO BLOCKS VALUES(30,2147483617,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=29 +INSERT INTO LOBS VALUES(29,1,0,30) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(30,1,'2024-03-02 03:35:05.038000',1,30,NULL,573,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=30 +INSERT INTO LOB_IDS VALUES(30,573,1,40) +COMMIT +/*C3*/INSERT INTO HISTORY VALUES(14,1709346750724,1,200,1709346906638,170,'POST','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','POST https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000acontent-type: application/grpc-web+proto\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aContent-Length: 44\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','00000000270a18373232653363613365393262363863656666353830336664120b696e74726f2d7765622d32','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAccess-Control-Expose-Headers: Access-Control-Allow-Origin, Vary, Date, Content-Type, grpc-status, grpc-message\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Type: application/grpc-web+proto\u000d\u000aServer: Caddy\u000d\u000aVary: Origin\u000d\u000aDate: Sat, 02 Mar 2024 02:35:06 GMT\u000d\u000acontent-length: 129\u000d\u000a\u000d\u000a','00000000670a1837323265336361336539326236386365666635383033666410011a49123d3732326533636133653932623638636566663538303366642d313032342d696e74726f2d7765622d322e6368616c6c656e67652e637363672e6c69766518b90a220568747470738000000010677270632d7374617475733a20300d0a',NULL,'',TRUE) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(31,323,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 32 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=30 +INSERT INTO BLOCKS VALUES(30,1,0) +INSERT INTO BLOCKS VALUES(31,2147483616,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=30 +INSERT INTO LOBS VALUES(30,1,0,31) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(31,1,'2024-03-02 03:35:06.809000',1,31,NULL,323,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=31 +INSERT INTO LOB_IDS VALUES(31,323,1,40) +COMMIT +/*C5*/INSERT INTO ALERT VALUES(20,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',14,14,'','',319,15,3,'','10035-1') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(43,20,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(44,20,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=8 AND FLAGS='' AND VALS='https://play.cscg.live' +INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',9,'','https://play.cscg.live') +COMMIT +DELETE FROM PARAM WHERE PARAMID=2 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Expose-Headers' AND USED=6 AND FLAGS='' AND VALS='Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message' +INSERT INTO PARAM VALUES(2,'api.cscg.live:444','header','Access-Control-Expose-Headers',7,'','Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message') +COMMIT +DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=8 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' +INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',9,'','h3=":443"; ma=2592000') +COMMIT +DELETE FROM PARAM WHERE PARAMID=4 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Type' AND USED=6 AND FLAGS='' AND VALS='application/grpc-web+proto' +INSERT INTO PARAM VALUES(4,'api.cscg.live:444','header','Content-Type',7,'','application/grpc-web+proto') +COMMIT +DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=8 AND FLAGS='' AND VALS='Caddy' +INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',9,'','Caddy') +COMMIT +DELETE FROM PARAM WHERE PARAMID=6 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Vary' AND USED=6 AND FLAGS='' AND VALS='Origin' +INSERT INTO PARAM VALUES(6,'api.cscg.live:444','header','Vary',7,'','Origin') +COMMIT +DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=8 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT' +INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',9,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT') +COMMIT +DELETE FROM PARAM WHERE PARAMID=8 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='content-length' AND USED=6 AND FLAGS='' AND VALS='129' +INSERT INTO PARAM VALUES(8,'api.cscg.live:444','header','content-length',7,'','129') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(32,552,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 33 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=31 +INSERT INTO BLOCKS VALUES(31,1,0) +INSERT INTO BLOCKS VALUES(32,2147483615,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=31 +INSERT INTO LOBS VALUES(31,1,0,32) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(32,1,'2024-03-02 03:35:07.025000',1,32,NULL,552,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=32 +INSERT INTO LOB_IDS VALUES(32,552,1,40) +COMMIT +/*C5*/INSERT INTO ALERT VALUES(21,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',14,14,'','',693,15,3,'','10021') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(45,21,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(46,21,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(33,573,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 34 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=32 +INSERT INTO BLOCKS VALUES(32,1,0) +INSERT INTO BLOCKS VALUES(33,2147483614,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=32 +INSERT INTO LOBS VALUES(32,1,0,33) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(33,1,'2024-03-02 03:35:07.049000',1,33,NULL,573,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=33 +INSERT INTO LOB_IDS VALUES(33,573,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(34,64,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 35 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=33 +INSERT INTO BLOCKS VALUES(33,1,0) +INSERT INTO BLOCKS VALUES(34,2147483613,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=33 +INSERT INTO LOBS VALUES(33,1,0,34) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(34,1,'2024-03-02 03:35:07.950000',1,34,NULL,64,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=34 +INSERT INTO LOB_IDS VALUES(34,64,1,40) +COMMIT +/*C3*/INSERT INTO HISTORY VALUES(15,1709346750724,1,200,1709346908652,157,'OPTIONS','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','OPTIONS https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aAccess-Control-Request-Method: POST\u000d\u000aAccess-Control-Request-Headers: authorization,content-type,x-grpc-web,x-user-agent\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Headers: content-type,accept,x-user-agent,x-grpc-web,grpc-status,grpc-message,authorization\u000d\u000aAccess-Control-Allow-Methods: GET,HEAD,POST,PUT,DELETE\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Length: 0\u000d\u000aDate: Sat, 02 Mar 2024 02:35:08 GMT\u000d\u000aServer: Caddy\u000d\u000a\u000d\u000a','',NULL,'',TRUE) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(35,324,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 36 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=34 +INSERT INTO BLOCKS VALUES(34,1,0) +INSERT INTO BLOCKS VALUES(35,2147483612,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=34 +INSERT INTO LOBS VALUES(34,1,0,35) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(35,1,'2024-03-02 03:35:08.811000',1,35,NULL,324,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=35 +INSERT INTO LOB_IDS VALUES(35,324,1,40) +COMMIT +/*C3*/INSERT INTO HISTORY VALUES(16,1709346750724,1,200,1709346908814,72,'POST','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','POST https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000acontent-type: application/grpc-web+proto\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aContent-Length: 44\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','00000000270a18373232653363613365393262363863656666353830336664120b696e74726f2d7765622d32','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAccess-Control-Expose-Headers: Content-Type, Access-Control-Allow-Origin, Vary, Date, grpc-status, grpc-message\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Type: application/grpc-web+proto\u000d\u000aServer: Caddy\u000d\u000aVary: Origin\u000d\u000aDate: Sat, 02 Mar 2024 02:35:08 GMT\u000d\u000acontent-length: 129\u000d\u000a\u000d\u000a','00000000670a1837323265336361336539326236386365666635383033666410011a49123d3732326533636133653932623638636566663538303366642d313032342d696e74726f2d7765622d322e6368616c6c656e67652e637363672e6c69766518b90a220568747470738000000010677270632d7374617475733a20300d0a',NULL,'',TRUE) +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=18 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Headers' AND USED=2 AND FLAGS='' AND VALS='content-type%2Caccept%2Cx-user-agent%2Cx-grpc-web%2Cgrpc-status%2Cgrpc-message%2Cauthorization' +INSERT INTO PARAM VALUES(18,'api.cscg.live:444','header','Access-Control-Allow-Headers',3,'','content-type%2Caccept%2Cx-user-agent%2Cx-grpc-web%2Cgrpc-status%2Cgrpc-message%2Cauthorization') +COMMIT +DELETE FROM PARAM WHERE PARAMID=19 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Methods' AND USED=2 AND FLAGS='' AND VALS='GET%2CHEAD%2CPOST%2CPUT%2CDELETE' +INSERT INTO PARAM VALUES(19,'api.cscg.live:444','header','Access-Control-Allow-Methods',3,'','GET%2CHEAD%2CPOST%2CPUT%2CDELETE') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(36,322,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 37 +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=9 AND FLAGS='' AND VALS='https://play.cscg.live' +INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',10,'','https://play.cscg.live') +COMMIT +DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=9 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' +INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',10,'','h3=":443"; ma=2592000') +COMMIT +DELETE FROM PARAM WHERE PARAMID=20 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Length' AND USED=2 AND FLAGS='' AND VALS='0' +INSERT INTO PARAM VALUES(20,'api.cscg.live:444','header','Content-Length',3,'','0') +COMMIT +/*C1*/DELETE FROM BLOCKS WHERE BLOCK_ADDR=35 +INSERT INTO BLOCKS VALUES(35,1,0) +INSERT INTO BLOCKS VALUES(36,2147483611,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=35 +INSERT INTO LOBS VALUES(35,1,0,36) +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=9 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT' +INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',10,'','Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT') +COMMIT +DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=9 AND FLAGS='' AND VALS='Caddy' +INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',10,'','Caddy') +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(36,1,'2024-03-02 03:35:08.888000',1,36,NULL,322,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=36 +INSERT INTO LOB_IDS VALUES(36,322,1,40) +COMMIT +/*C5*/INSERT INTO ALERT VALUES(22,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',16,16,'','',319,15,3,'','10035-1') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(47,22,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(48,22,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=10 AND FLAGS='' AND VALS='https://play.cscg.live' +INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',11,'','https://play.cscg.live') +COMMIT +/*C5*/INSERT INTO ALERT VALUES(23,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',15,15,'','',319,15,3,'','10035-1') +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=2 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Expose-Headers' AND USED=7 AND FLAGS='' AND VALS='Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message' +INSERT INTO PARAM VALUES(2,'api.cscg.live:444','header','Access-Control-Expose-Headers',8,'','Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Content-Type%2C Access-Control-Allow-Origin%2C Vary%2C Date%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(49,23,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=10 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' +INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',11,'','h3=":443"; ma=2592000') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(50,23,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=4 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Type' AND USED=7 AND FLAGS='' AND VALS='application/grpc-web+proto' +INSERT INTO PARAM VALUES(4,'api.cscg.live:444','header','Content-Type',8,'','application/grpc-web+proto') +COMMIT +DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=10 AND FLAGS='' AND VALS='Caddy' +INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',11,'','Caddy') +COMMIT +DELETE FROM PARAM WHERE PARAMID=6 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Vary' AND USED=7 AND FLAGS='' AND VALS='Origin' +INSERT INTO PARAM VALUES(6,'api.cscg.live:444','header','Vary',8,'','Origin') +COMMIT +DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=10 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT' +INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',11,'','Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT') +COMMIT +DELETE FROM PARAM WHERE PARAMID=8 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='content-length' AND USED=7 AND FLAGS='' AND VALS='129' +INSERT INTO PARAM VALUES(8,'api.cscg.live:444','header','content-length',8,'','129') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(37,552,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 38 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=36 +INSERT INTO BLOCKS VALUES(36,1,0) +INSERT INTO BLOCKS VALUES(37,2147483610,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=36 +INSERT INTO LOBS VALUES(36,1,0,37) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(37,1,'2024-03-02 03:35:08.894000',1,37,NULL,552,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=37 +INSERT INTO LOB_IDS VALUES(37,552,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(38,552,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 39 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=37 +INSERT INTO BLOCKS VALUES(37,1,0) +INSERT INTO BLOCKS VALUES(38,2147483609,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=37 +INSERT INTO LOBS VALUES(37,1,0,38) +COMMIT +/*C5*/INSERT INTO ALERT VALUES(24,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',16,16,'','',693,15,3,'','10021') +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(38,1,'2024-03-02 03:35:08.894000',1,38,NULL,552,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=38 +INSERT INTO LOB_IDS VALUES(38,552,1,40) +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(51,24,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(52,24,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(39,573,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 40 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=38 +INSERT INTO BLOCKS VALUES(38,1,0) +INSERT INTO BLOCKS VALUES(39,2147483608,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=38 +INSERT INTO LOBS VALUES(38,1,0,39) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(39,1,'2024-03-02 03:35:08.897000',1,39,NULL,573,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=39 +INSERT INTO LOB_IDS VALUES(39,573,1,40) +COMMIT +/*C3*/INSERT INTO HISTORY VALUES(17,1709346750724,1,200,1709346910654,366,'POST','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','POST https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000acontent-type: application/grpc-web+proto\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aContent-Length: 44\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','00000000270a18373232653363613365393262363863656666353830336664120b696e74726f2d7765622d32','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAccess-Control-Expose-Headers: Access-Control-Allow-Origin, Vary, Date, Content-Type, grpc-status, grpc-message\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Type: application/grpc-web+proto\u000d\u000aServer: Caddy\u000d\u000aVary: Origin\u000d\u000aDate: Sat, 02 Mar 2024 02:35:11 GMT\u000d\u000acontent-length: 129\u000d\u000a\u000d\u000a','00000000670a1837323265336361336539326236386365666635383033666410011a49123d3732326533636133653932623638636566663538303366642d313032342d696e74726f2d7765622d322e6368616c6c656e67652e637363672e6c69766518b90a220568747470738000000010677270632d7374617475733a20300d0a',NULL,'',TRUE) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(40,323,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 41 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=39 +INSERT INTO BLOCKS VALUES(39,1,0) +INSERT INTO BLOCKS VALUES(40,2147483607,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=39 +INSERT INTO LOBS VALUES(39,1,0,40) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(40,1,'2024-03-02 03:35:11.021000',1,40,NULL,323,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=40 +INSERT INTO LOB_IDS VALUES(40,323,1,40) +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=11 AND FLAGS='' AND VALS='https://play.cscg.live' +INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',12,'','https://play.cscg.live') +COMMIT +/*C5*/INSERT INTO ALERT VALUES(25,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',17,17,'','',319,15,3,'','10035-1') +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=2 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Expose-Headers' AND USED=8 AND FLAGS='' AND VALS='Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Content-Type%2C Access-Control-Allow-Origin%2C Vary%2C Date%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message' +INSERT INTO PARAM VALUES(2,'api.cscg.live:444','header','Access-Control-Expose-Headers',9,'','Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Content-Type%2C Access-Control-Allow-Origin%2C Vary%2C Date%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message') +COMMIT +DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=11 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' +INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',12,'','h3=":443"; ma=2592000') +COMMIT +DELETE FROM PARAM WHERE PARAMID=4 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Type' AND USED=8 AND FLAGS='' AND VALS='application/grpc-web+proto' +INSERT INTO PARAM VALUES(4,'api.cscg.live:444','header','Content-Type',9,'','application/grpc-web+proto') +COMMIT +DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=11 AND FLAGS='' AND VALS='Caddy' +INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',12,'','Caddy') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(53,25,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(54,25,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=6 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Vary' AND USED=8 AND FLAGS='' AND VALS='Origin' +INSERT INTO PARAM VALUES(6,'api.cscg.live:444','header','Vary',9,'','Origin') +COMMIT +DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=11 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT' +INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',12,'','Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT') +COMMIT +DELETE FROM PARAM WHERE PARAMID=8 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='content-length' AND USED=8 AND FLAGS='' AND VALS='129' +INSERT INTO PARAM VALUES(8,'api.cscg.live:444','header','content-length',9,'','129') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(41,552,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 42 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=40 +INSERT INTO BLOCKS VALUES(40,1,0) +INSERT INTO BLOCKS VALUES(41,2147483606,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=40 +INSERT INTO LOBS VALUES(40,1,0,41) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(41,1,'2024-03-02 03:35:11.227000',1,41,NULL,552,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=41 +INSERT INTO LOB_IDS VALUES(41,552,1,40) +COMMIT +/*C5*/INSERT INTO ALERT VALUES(26,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',17,17,'','',693,15,3,'','10021') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(55,26,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(56,26,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(42,573,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 43 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=41 +INSERT INTO BLOCKS VALUES(41,1,0) +INSERT INTO BLOCKS VALUES(42,2147483605,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=41 +INSERT INTO LOBS VALUES(41,1,0,42) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(42,1,'2024-03-02 03:35:11.230000',1,42,NULL,573,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=42 +INSERT INTO LOB_IDS VALUES(42,573,1,40) +COMMIT +/*C3*/INSERT INTO HISTORY VALUES(18,1709346750724,1,200,1709346912663,382,'POST','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','POST https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000acontent-type: application/grpc-web+proto\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aContent-Length: 44\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','00000000270a18373232653363613365393262363863656666353830336664120b696e74726f2d7765622d32','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAccess-Control-Expose-Headers: Content-Type, Access-Control-Allow-Origin, Vary, Date, grpc-status, grpc-message\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Type: application/grpc-web+proto\u000d\u000aServer: Caddy\u000d\u000aVary: Origin\u000d\u000aDate: Sat, 02 Mar 2024 02:35:12 GMT\u000d\u000acontent-length: 129\u000d\u000a\u000d\u000a','00000000670a1837323265336361336539326236386365666635383033666410011a49123d3732326533636133653932623638636566663538303366642d313032342d696e74726f2d7765622d322e6368616c6c656e67652e637363672e6c69766518b90a220568747470738000000010677270632d7374617475733a20300d0a',NULL,'',TRUE) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(43,323,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 44 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=42 +INSERT INTO BLOCKS VALUES(42,1,0) +INSERT INTO BLOCKS VALUES(43,2147483604,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=42 +INSERT INTO LOBS VALUES(42,1,0,43) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(43,1,'2024-03-02 03:35:13.047000',1,43,NULL,323,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=43 +INSERT INTO LOB_IDS VALUES(43,323,1,40) +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=12 AND FLAGS='' AND VALS='https://play.cscg.live' +INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',13,'','https://play.cscg.live') +COMMIT +DELETE FROM PARAM WHERE PARAMID=2 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Expose-Headers' AND USED=9 AND FLAGS='' AND VALS='Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Content-Type%2C Access-Control-Allow-Origin%2C Vary%2C Date%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message' +INSERT INTO PARAM VALUES(2,'api.cscg.live:444','header','Access-Control-Expose-Headers',10,'','Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Content-Type%2C Access-Control-Allow-Origin%2C Vary%2C Date%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message') +COMMIT +DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=12 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' +INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',13,'','h3=":443"; ma=2592000') +COMMIT +DELETE FROM PARAM WHERE PARAMID=4 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Type' AND USED=9 AND FLAGS='' AND VALS='application/grpc-web+proto' +INSERT INTO PARAM VALUES(4,'api.cscg.live:444','header','Content-Type',10,'','application/grpc-web+proto') +COMMIT +DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=12 AND FLAGS='' AND VALS='Caddy' +INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',13,'','Caddy') +COMMIT +DELETE FROM PARAM WHERE PARAMID=6 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Vary' AND USED=9 AND FLAGS='' AND VALS='Origin' +INSERT INTO PARAM VALUES(6,'api.cscg.live:444','header','Vary',10,'','Origin') +COMMIT +DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=12 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT' +INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',13,'','Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:12 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT') +COMMIT +DELETE FROM PARAM WHERE PARAMID=8 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='content-length' AND USED=9 AND FLAGS='' AND VALS='129' +INSERT INTO PARAM VALUES(8,'api.cscg.live:444','header','content-length',10,'','129') +COMMIT +/*C5*/INSERT INTO ALERT VALUES(27,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',18,18,'','',319,15,3,'','10035-1') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(57,27,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(58,27,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(44,552,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 45 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=43 +INSERT INTO BLOCKS VALUES(43,1,0) +INSERT INTO BLOCKS VALUES(44,2147483603,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=43 +INSERT INTO LOBS VALUES(43,1,0,44) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(44,1,'2024-03-02 03:35:13.255000',1,44,NULL,552,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=44 +INSERT INTO LOB_IDS VALUES(44,552,1,40) +COMMIT +/*C5*/INSERT INTO ALERT VALUES(28,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',18,18,'','',693,15,3,'','10021') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(59,28,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(60,28,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(45,573,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 46 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=44 +INSERT INTO BLOCKS VALUES(44,1,0) +INSERT INTO BLOCKS VALUES(45,2147483602,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=44 +INSERT INTO LOBS VALUES(44,1,0,45) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(45,1,'2024-03-02 03:35:13.258000',1,45,NULL,573,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=45 +INSERT INTO LOB_IDS VALUES(45,573,1,40) +COMMIT +/*C3*/INSERT INTO HISTORY VALUES(19,1709346750724,1,200,1709346914670,89,'OPTIONS','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','OPTIONS https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aAccess-Control-Request-Method: POST\u000d\u000aAccess-Control-Request-Headers: authorization,content-type,x-grpc-web,x-user-agent\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Headers: content-type,accept,x-user-agent,x-grpc-web,grpc-status,grpc-message,authorization\u000d\u000aAccess-Control-Allow-Methods: GET,HEAD,POST,PUT,DELETE\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Length: 0\u000d\u000aDate: Sat, 02 Mar 2024 02:35:14 GMT\u000d\u000aServer: Caddy\u000d\u000a\u000d\u000a','',NULL,'',TRUE) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(46,323,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 47 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=45 +INSERT INTO BLOCKS VALUES(45,1,0) +INSERT INTO BLOCKS VALUES(46,2147483601,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=45 +INSERT INTO LOBS VALUES(45,1,0,46) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(46,1,'2024-03-02 03:35:14.760000',1,46,NULL,323,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=46 +INSERT INTO LOB_IDS VALUES(46,323,1,40) +COMMIT +/*C3*/INSERT INTO HISTORY VALUES(20,1709346750724,1,200,1709346914763,83,'POST','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','POST https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000acontent-type: application/grpc-web+proto\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aContent-Length: 44\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','00000000270a18373232653363613365393262363863656666353830336664120b696e74726f2d7765622d32','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAccess-Control-Expose-Headers: Access-Control-Allow-Origin, Vary, Content-Type, Date, grpc-status, grpc-message\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Type: application/grpc-web+proto\u000d\u000aServer: Caddy\u000d\u000aVary: Origin\u000d\u000aDate: Sat, 02 Mar 2024 02:35:14 GMT\u000d\u000acontent-length: 129\u000d\u000a\u000d\u000a','00000000670a1837323265336361336539326236386365666635383033666410011a49123d3732326533636133653932623638636566663538303366642d313032342d696e74726f2d7765622d322e6368616c6c656e67652e637363672e6c69766518b90a220568747470738000000010677270632d7374617475733a20300d0a',NULL,'',TRUE) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(47,322,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 48 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=46 +INSERT INTO BLOCKS VALUES(46,1,0) +INSERT INTO BLOCKS VALUES(47,2147483600,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=46 +INSERT INTO LOBS VALUES(46,1,0,47) +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=18 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Headers' AND USED=3 AND FLAGS='' AND VALS='content-type%2Caccept%2Cx-user-agent%2Cx-grpc-web%2Cgrpc-status%2Cgrpc-message%2Cauthorization' +INSERT INTO PARAM VALUES(18,'api.cscg.live:444','header','Access-Control-Allow-Headers',4,'','content-type%2Caccept%2Cx-user-agent%2Cx-grpc-web%2Cgrpc-status%2Cgrpc-message%2Cauthorization') +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(47,1,'2024-03-02 03:35:14.848000',1,47,NULL,322,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=47 +INSERT INTO LOB_IDS VALUES(47,322,1,40) +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=19 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Methods' AND USED=3 AND FLAGS='' AND VALS='GET%2CHEAD%2CPOST%2CPUT%2CDELETE' +INSERT INTO PARAM VALUES(19,'api.cscg.live:444','header','Access-Control-Allow-Methods',4,'','GET%2CHEAD%2CPOST%2CPUT%2CDELETE') +COMMIT +DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=13 AND FLAGS='' AND VALS='https://play.cscg.live' +INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',14,'','https://play.cscg.live') +COMMIT +DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=13 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' +INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',14,'','h3=":443"; ma=2592000') +COMMIT +DELETE FROM PARAM WHERE PARAMID=20 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Length' AND USED=3 AND FLAGS='' AND VALS='0' +INSERT INTO PARAM VALUES(20,'api.cscg.live:444','header','Content-Length',4,'','0') +COMMIT +DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=13 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:12 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT' +INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',14,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:12 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT,Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:14 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT') +COMMIT +DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=13 AND FLAGS='' AND VALS='Caddy' +INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',14,'','Caddy') +COMMIT +DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=14 AND FLAGS='' AND VALS='https://play.cscg.live' +INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',15,'','https://play.cscg.live') +COMMIT +DELETE FROM PARAM WHERE PARAMID=2 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Expose-Headers' AND USED=10 AND FLAGS='' AND VALS='Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Content-Type%2C Access-Control-Allow-Origin%2C Vary%2C Date%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message' +INSERT INTO PARAM VALUES(2,'api.cscg.live:444','header','Access-Control-Expose-Headers',11,'','Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C Date%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Content-Type%2C Access-Control-Allow-Origin%2C Vary%2C Date%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message') +COMMIT +DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=14 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' +INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',15,'','h3=":443"; ma=2592000') +COMMIT +DELETE FROM PARAM WHERE PARAMID=4 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Type' AND USED=10 AND FLAGS='' AND VALS='application/grpc-web+proto' +INSERT INTO PARAM VALUES(4,'api.cscg.live:444','header','Content-Type',11,'','application/grpc-web+proto') +COMMIT +DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=14 AND FLAGS='' AND VALS='Caddy' +INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',15,'','Caddy') +COMMIT +DELETE FROM PARAM WHERE PARAMID=6 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Vary' AND USED=10 AND FLAGS='' AND VALS='Origin' +INSERT INTO PARAM VALUES(6,'api.cscg.live:444','header','Vary',11,'','Origin') +COMMIT +DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=14 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:12 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT,Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:14 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT' +INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',15,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:12 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT,Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:14 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT') +COMMIT +/*C5*/INSERT INTO ALERT VALUES(29,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',20,20,'','',319,15,3,'','10035-1') +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=8 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='content-length' AND USED=10 AND FLAGS='' AND VALS='129' +INSERT INTO PARAM VALUES(8,'api.cscg.live:444','header','content-length',11,'','129') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(61,29,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(62,29,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(48,552,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 49 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=47 +INSERT INTO BLOCKS VALUES(47,1,0) +INSERT INTO BLOCKS VALUES(48,2147483599,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=47 +INSERT INTO LOBS VALUES(47,1,0,48) +COMMIT +/*C5*/INSERT INTO ALERT VALUES(30,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',19,19,'','',319,15,3,'','10035-1') +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(48,1,'2024-03-02 03:35:14.851000',1,48,NULL,552,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=48 +INSERT INTO LOB_IDS VALUES(48,552,1,40) +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(63,30,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(64,30,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C5*/INSERT INTO ALERT VALUES(31,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',20,20,'','',693,15,3,'','10021') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(65,31,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(66,31,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(49,552,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 50 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=48 +INSERT INTO BLOCKS VALUES(48,1,0) +INSERT INTO BLOCKS VALUES(49,2147483598,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=48 +INSERT INTO LOBS VALUES(48,1,0,49) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(49,1,'2024-03-02 03:35:14.853000',1,49,NULL,552,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=49 +INSERT INTO LOB_IDS VALUES(49,552,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(50,573,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 51 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=49 +INSERT INTO BLOCKS VALUES(49,1,0) +INSERT INTO BLOCKS VALUES(50,2147483597,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=49 +INSERT INTO LOBS VALUES(49,1,0,50) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(50,1,'2024-03-02 03:35:14.853000',1,50,NULL,573,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=50 +INSERT INTO LOB_IDS VALUES(50,573,1,40) +COMMIT +/*C3*/INSERT INTO HISTORY VALUES(21,1709346750724,1,200,1709346916670,183,'POST','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','POST https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000acontent-type: application/grpc-web+proto\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aContent-Length: 44\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','00000000270a18373232653363613365393262363863656666353830336664120b696e74726f2d7765622d32','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAccess-Control-Expose-Headers: Date, Access-Control-Allow-Origin, Vary, Content-Type, grpc-status, grpc-message\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Type: application/grpc-web+proto\u000d\u000aServer: Caddy\u000d\u000aVary: Origin\u000d\u000aDate: Sat, 02 Mar 2024 02:35:16 GMT\u000d\u000acontent-length: 129\u000d\u000a\u000d\u000a','00000000670a1837323265336361336539326236386365666635383033666410011a49123d3732326533636133653932623638636566663538303366642d313032342d696e74726f2d7765622d322e6368616c6c656e67652e637363672e6c69766518b90a220568747470738000000010677270632d7374617475733a20300d0a',NULL,'',TRUE) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(51,323,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 52 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=50 +INSERT INTO BLOCKS VALUES(50,1,0) +INSERT INTO BLOCKS VALUES(51,2147483596,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=50 +INSERT INTO LOBS VALUES(50,1,0,51) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(51,1,'2024-03-02 03:35:16.854000',1,51,NULL,323,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=51 +INSERT INTO LOB_IDS VALUES(51,323,1,40) +COMMIT +/*C5*/INSERT INTO ALERT VALUES(32,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',21,21,'','',319,15,3,'','10035-1') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(67,32,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(68,32,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=15 AND FLAGS='' AND VALS='https://play.cscg.live' +INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',16,'','https://play.cscg.live') +COMMIT +DELETE FROM PARAM WHERE PARAMID=2 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Expose-Headers' AND USED=11 AND FLAGS='' AND VALS='Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C Date%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Content-Type%2C Access-Control-Allow-Origin%2C Vary%2C Date%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message' +INSERT INTO PARAM VALUES(2,'api.cscg.live:444','header','Access-Control-Expose-Headers',12,'','Date%2C Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C Date%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Content-Type%2C Access-Control-Allow-Origin%2C Vary%2C Date%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message') +COMMIT +DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=15 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' +INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',16,'','h3=":443"; ma=2592000') +COMMIT +DELETE FROM PARAM WHERE PARAMID=4 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Type' AND USED=11 AND FLAGS='' AND VALS='application/grpc-web+proto' +INSERT INTO PARAM VALUES(4,'api.cscg.live:444','header','Content-Type',12,'','application/grpc-web+proto') +COMMIT +DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=15 AND FLAGS='' AND VALS='Caddy' +INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',16,'','Caddy') +COMMIT +DELETE FROM PARAM WHERE PARAMID=6 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Vary' AND USED=11 AND FLAGS='' AND VALS='Origin' +INSERT INTO PARAM VALUES(6,'api.cscg.live:444','header','Vary',12,'','Origin') +COMMIT +DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=15 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:12 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT,Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:14 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT' +INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',16,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:12 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT,Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:16 GMT,Sat%2C 02 Mar 2024 02:35:14 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT') +COMMIT +DELETE FROM PARAM WHERE PARAMID=8 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='content-length' AND USED=11 AND FLAGS='' AND VALS='129' +INSERT INTO PARAM VALUES(8,'api.cscg.live:444','header','content-length',12,'','129') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(52,552,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 53 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=51 +INSERT INTO BLOCKS VALUES(51,1,0) +INSERT INTO BLOCKS VALUES(52,2147483595,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=51 +INSERT INTO LOBS VALUES(51,1,0,52) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(52,1,'2024-03-02 03:35:17.057000',1,52,NULL,552,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=52 +INSERT INTO LOB_IDS VALUES(52,552,1,40) +COMMIT +/*C5*/INSERT INTO ALERT VALUES(33,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',21,21,'','',693,15,3,'','10021') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(69,33,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(70,33,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(53,573,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 54 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=52 +INSERT INTO BLOCKS VALUES(52,1,0) +INSERT INTO BLOCKS VALUES(53,2147483594,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=52 +INSERT INTO LOBS VALUES(52,1,0,53) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(53,1,'2024-03-02 03:35:17.059000',1,53,NULL,573,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=53 +INSERT INTO LOB_IDS VALUES(53,573,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(54,64,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 55 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=53 +INSERT INTO BLOCKS VALUES(53,1,0) +INSERT INTO BLOCKS VALUES(54,2147483593,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=53 +INSERT INTO LOBS VALUES(53,1,0,54) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(54,1,'2024-03-02 03:35:17.952000',1,54,NULL,64,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=54 +INSERT INTO LOB_IDS VALUES(54,64,1,40) +COMMIT +/*C3*/INSERT INTO HISTORY VALUES(22,1709346750724,1,200,1709346918678,165,'POST','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','POST https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000acontent-type: application/grpc-web+proto\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aContent-Length: 44\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','00000000270a18373232653363613365393262363863656666353830336664120b696e74726f2d7765622d32','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAccess-Control-Expose-Headers: Vary, Date, Content-Type, Access-Control-Allow-Origin, grpc-status, grpc-message\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Type: application/grpc-web+proto\u000d\u000aServer: Caddy\u000d\u000aVary: Origin\u000d\u000aDate: Sat, 02 Mar 2024 02:35:18 GMT\u000d\u000acontent-length: 129\u000d\u000a\u000d\u000a','00000000670a1837323265336361336539326236386365666635383033666410011a49123d3732326533636133653932623638636566663538303366642d313032342d696e74726f2d7765622d322e6368616c6c656e67652e637363672e6c69766518b90a220568747470738000000010677270632d7374617475733a20300d0a',NULL,'',TRUE) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(55,323,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 56 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=54 +INSERT INTO BLOCKS VALUES(54,1,0) +INSERT INTO BLOCKS VALUES(55,2147483592,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=54 +INSERT INTO LOBS VALUES(54,1,0,55) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(55,1,'2024-03-02 03:35:18.846000',1,55,NULL,323,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=55 +INSERT INTO LOB_IDS VALUES(55,323,1,40) +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=16 AND FLAGS='' AND VALS='https://play.cscg.live' +INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',17,'','https://play.cscg.live') +COMMIT +/*C5*/INSERT INTO ALERT VALUES(34,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',22,22,'','',319,15,3,'','10035-1') +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=2 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Expose-Headers' AND USED=12 AND FLAGS='' AND VALS='Date%2C Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C Date%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Content-Type%2C Access-Control-Allow-Origin%2C Vary%2C Date%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message' +INSERT INTO PARAM VALUES(2,'api.cscg.live:444','header','Access-Control-Expose-Headers',13,'','Date%2C Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C Date%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Content-Type%2C Access-Control-Allow-Origin%2C Vary%2C Date%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message') +COMMIT +DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=16 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' +INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',17,'','h3=":443"; ma=2592000') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(71,34,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=4 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Type' AND USED=12 AND FLAGS='' AND VALS='application/grpc-web+proto' +INSERT INTO PARAM VALUES(4,'api.cscg.live:444','header','Content-Type',13,'','application/grpc-web+proto') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(72,34,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=16 AND FLAGS='' AND VALS='Caddy' +INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',17,'','Caddy') +COMMIT +DELETE FROM PARAM WHERE PARAMID=6 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Vary' AND USED=12 AND FLAGS='' AND VALS='Origin' +INSERT INTO PARAM VALUES(6,'api.cscg.live:444','header','Vary',13,'','Origin') +COMMIT +DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=16 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:12 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT,Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:16 GMT,Sat%2C 02 Mar 2024 02:35:14 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT' +INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',17,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:12 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT,Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:16 GMT,Sat%2C 02 Mar 2024 02:35:14 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT,Sat%2C 02 Mar 2024 02:35:18 GMT') +COMMIT +DELETE FROM PARAM WHERE PARAMID=8 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='content-length' AND USED=12 AND FLAGS='' AND VALS='129' +INSERT INTO PARAM VALUES(8,'api.cscg.live:444','header','content-length',13,'','129') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(56,552,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 57 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=55 +INSERT INTO BLOCKS VALUES(55,1,0) +INSERT INTO BLOCKS VALUES(56,2147483591,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=55 +INSERT INTO LOBS VALUES(55,1,0,56) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(56,1,'2024-03-02 03:35:19.051000',1,56,NULL,552,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=56 +INSERT INTO LOB_IDS VALUES(56,552,1,40) +COMMIT +/*C5*/INSERT INTO ALERT VALUES(35,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',22,22,'','',693,15,3,'','10021') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(73,35,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(74,35,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(57,573,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 58 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=56 +INSERT INTO BLOCKS VALUES(56,1,0) +INSERT INTO BLOCKS VALUES(57,2147483590,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=56 +INSERT INTO LOBS VALUES(56,1,0,57) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(57,1,'2024-03-02 03:35:19.055000',1,57,NULL,573,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=57 +INSERT INTO LOB_IDS VALUES(57,573,1,40) +COMMIT +/*C3*/INSERT INTO HISTORY VALUES(23,1709346750724,1,200,1709346920686,174,'OPTIONS','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','OPTIONS https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aAccess-Control-Request-Method: POST\u000d\u000aAccess-Control-Request-Headers: authorization,content-type,x-grpc-web,x-user-agent\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Headers: content-type,accept,x-user-agent,x-grpc-web,grpc-status,grpc-message,authorization\u000d\u000aAccess-Control-Allow-Methods: GET,HEAD,POST,PUT,DELETE\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Length: 0\u000d\u000aDate: Sat, 02 Mar 2024 02:35:20 GMT\u000d\u000aServer: Caddy\u000d\u000a\u000d\u000a','',NULL,'',TRUE) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(58,324,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 59 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=57 +INSERT INTO BLOCKS VALUES(57,1,0) +INSERT INTO BLOCKS VALUES(58,2147483589,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=57 +INSERT INTO LOBS VALUES(57,1,0,58) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(58,1,'2024-03-02 03:35:20.861000',1,58,NULL,324,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=58 +INSERT INTO LOB_IDS VALUES(58,324,1,40) +COMMIT +/*C3*/INSERT INTO HISTORY VALUES(24,1709346750724,1,200,1709346920865,94,'POST','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','POST https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000acontent-type: application/grpc-web+proto\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aContent-Length: 44\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','00000000270a18373232653363613365393262363863656666353830336664120b696e74726f2d7765622d32','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAccess-Control-Expose-Headers: Vary, Date, Content-Type, Access-Control-Allow-Origin, grpc-status, grpc-message\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Type: application/grpc-web+proto\u000d\u000aServer: Caddy\u000d\u000aVary: Origin\u000d\u000aDate: Sat, 02 Mar 2024 02:35:20 GMT\u000d\u000acontent-length: 129\u000d\u000a\u000d\u000a','00000000670a1837323265336361336539326236386365666635383033666410011a49123d3732326533636133653932623638636566663538303366642d313032342d696e74726f2d7765622d322e6368616c6c656e67652e637363672e6c69766518b90a220568747470738000000010677270632d7374617475733a20300d0a',NULL,'',TRUE) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(59,322,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 60 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=58 +INSERT INTO BLOCKS VALUES(58,1,0) +INSERT INTO BLOCKS VALUES(59,2147483588,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=58 +INSERT INTO LOBS VALUES(58,1,0,59) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(59,1,'2024-03-02 03:35:20.962000',1,59,NULL,322,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=59 +INSERT INTO LOB_IDS VALUES(59,322,1,40) +COMMIT +/*C5*/INSERT INTO ALERT VALUES(36,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',24,24,'','',319,15,3,'','10035-1') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(75,36,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(76,36,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C5*/INSERT INTO ALERT VALUES(37,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',23,23,'','',319,15,3,'','10035-1') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(77,37,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(78,37,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=18 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Headers' AND USED=4 AND FLAGS='' AND VALS='content-type%2Caccept%2Cx-user-agent%2Cx-grpc-web%2Cgrpc-status%2Cgrpc-message%2Cauthorization' +INSERT INTO PARAM VALUES(18,'api.cscg.live:444','header','Access-Control-Allow-Headers',5,'','content-type%2Caccept%2Cx-user-agent%2Cx-grpc-web%2Cgrpc-status%2Cgrpc-message%2Cauthorization') +COMMIT +DELETE FROM PARAM WHERE PARAMID=19 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Methods' AND USED=4 AND FLAGS='' AND VALS='GET%2CHEAD%2CPOST%2CPUT%2CDELETE' +INSERT INTO PARAM VALUES(19,'api.cscg.live:444','header','Access-Control-Allow-Methods',5,'','GET%2CHEAD%2CPOST%2CPUT%2CDELETE') +COMMIT +DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=17 AND FLAGS='' AND VALS='https://play.cscg.live' +INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',18,'','https://play.cscg.live') +COMMIT +DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=17 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' +INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',18,'','h3=":443"; ma=2592000') +COMMIT +DELETE FROM PARAM WHERE PARAMID=20 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Length' AND USED=4 AND FLAGS='' AND VALS='0' +INSERT INTO PARAM VALUES(20,'api.cscg.live:444','header','Content-Length',5,'','0') +COMMIT +DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=17 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:12 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT,Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:16 GMT,Sat%2C 02 Mar 2024 02:35:14 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT,Sat%2C 02 Mar 2024 02:35:18 GMT' +INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',18,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:12 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT,Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:16 GMT,Sat%2C 02 Mar 2024 02:35:14 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT,Sat%2C 02 Mar 2024 02:35:18 GMT,Sat%2C 02 Mar 2024 02:35:20 GMT') +COMMIT +DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=17 AND FLAGS='' AND VALS='Caddy' +INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',18,'','Caddy') +COMMIT +DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=18 AND FLAGS='' AND VALS='https://play.cscg.live' +INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',19,'','https://play.cscg.live') +COMMIT +DELETE FROM PARAM WHERE PARAMID=2 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Expose-Headers' AND USED=13 AND FLAGS='' AND VALS='Date%2C Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C Date%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Content-Type%2C Access-Control-Allow-Origin%2C Vary%2C Date%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message' +INSERT INTO PARAM VALUES(2,'api.cscg.live:444','header','Access-Control-Expose-Headers',14,'','Date%2C Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C Date%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Content-Type%2C Access-Control-Allow-Origin%2C Vary%2C Date%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message') +COMMIT +DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=18 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' +INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',19,'','h3=":443"; ma=2592000') +COMMIT +DELETE FROM PARAM WHERE PARAMID=4 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Type' AND USED=13 AND FLAGS='' AND VALS='application/grpc-web+proto' +INSERT INTO PARAM VALUES(4,'api.cscg.live:444','header','Content-Type',14,'','application/grpc-web+proto') +COMMIT +DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=18 AND FLAGS='' AND VALS='Caddy' +INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',19,'','Caddy') +COMMIT +DELETE FROM PARAM WHERE PARAMID=6 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Vary' AND USED=13 AND FLAGS='' AND VALS='Origin' +INSERT INTO PARAM VALUES(6,'api.cscg.live:444','header','Vary',14,'','Origin') +COMMIT +DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=18 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:12 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT,Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:16 GMT,Sat%2C 02 Mar 2024 02:35:14 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT,Sat%2C 02 Mar 2024 02:35:18 GMT,Sat%2C 02 Mar 2024 02:35:20 GMT' +INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',19,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:12 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT,Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:16 GMT,Sat%2C 02 Mar 2024 02:35:14 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT,Sat%2C 02 Mar 2024 02:35:18 GMT,Sat%2C 02 Mar 2024 02:35:20 GMT') +COMMIT +DELETE FROM PARAM WHERE PARAMID=8 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='content-length' AND USED=13 AND FLAGS='' AND VALS='129' +INSERT INTO PARAM VALUES(8,'api.cscg.live:444','header','content-length',14,'','129') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(60,552,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 61 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=59 +INSERT INTO BLOCKS VALUES(59,1,0) +INSERT INTO BLOCKS VALUES(60,2147483587,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=59 +INSERT INTO LOBS VALUES(59,1,0,60) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(60,1,'2024-03-02 03:35:20.971000',1,60,NULL,552,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=60 +INSERT INTO LOB_IDS VALUES(60,552,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(61,552,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 62 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=60 +INSERT INTO BLOCKS VALUES(60,1,0) +INSERT INTO BLOCKS VALUES(61,2147483586,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=60 +INSERT INTO LOBS VALUES(60,1,0,61) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(61,1,'2024-03-02 03:35:20.971000',1,61,NULL,552,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=61 +INSERT INTO LOB_IDS VALUES(61,552,1,40) +COMMIT +/*C5*/INSERT INTO ALERT VALUES(38,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',24,24,'','',693,15,3,'','10021') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(79,38,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(80,38,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(62,573,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 63 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=61 +INSERT INTO BLOCKS VALUES(61,1,0) +INSERT INTO BLOCKS VALUES(62,2147483585,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=61 +INSERT INTO LOBS VALUES(61,1,0,62) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(62,1,'2024-03-02 03:35:20.973000',1,62,NULL,573,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=62 +INSERT INTO LOB_IDS VALUES(62,573,1,40) +COMMIT +/*C3*/INSERT INTO HISTORY VALUES(25,1709346750724,1,200,1709346922688,508,'POST','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','POST https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000acontent-type: application/grpc-web+proto\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aContent-Length: 44\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','00000000270a18373232653363613365393262363863656666353830336664120b696e74726f2d7765622d32','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAccess-Control-Expose-Headers: Access-Control-Allow-Origin, Vary, Date, Content-Type, grpc-status, grpc-message\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Type: application/grpc-web+proto\u000d\u000aServer: Caddy\u000d\u000aVary: Origin\u000d\u000aDate: Sat, 02 Mar 2024 02:35:23 GMT\u000d\u000acontent-length: 129\u000d\u000a\u000d\u000a','00000000670a1837323265336361336539326236386365666635383033666410011a49123d3732326533636133653932623638636566663538303366642d313032342d696e74726f2d7765622d322e6368616c6c656e67652e637363672e6c69766518b90a220568747470738000000010677270632d7374617475733a20300d0a',NULL,'',TRUE) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(63,323,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 64 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=62 +INSERT INTO BLOCKS VALUES(62,1,0) +INSERT INTO BLOCKS VALUES(63,2147483584,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=62 +INSERT INTO LOBS VALUES(62,1,0,63) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(63,1,'2024-03-02 03:35:23.197000',1,63,NULL,323,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=63 +INSERT INTO LOB_IDS VALUES(63,323,1,40) +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=19 AND FLAGS='' AND VALS='https://play.cscg.live' +INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',20,'','https://play.cscg.live') +COMMIT +DELETE FROM PARAM WHERE PARAMID=2 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Expose-Headers' AND USED=14 AND FLAGS='' AND VALS='Date%2C Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C Date%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Content-Type%2C Access-Control-Allow-Origin%2C Vary%2C Date%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message' +INSERT INTO PARAM VALUES(2,'api.cscg.live:444','header','Access-Control-Expose-Headers',15,'','Date%2C Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C Date%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Content-Type%2C Access-Control-Allow-Origin%2C Vary%2C Date%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message') +COMMIT +DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=19 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' +INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',20,'','h3=":443"; ma=2592000') +COMMIT +DELETE FROM PARAM WHERE PARAMID=4 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Type' AND USED=14 AND FLAGS='' AND VALS='application/grpc-web+proto' +INSERT INTO PARAM VALUES(4,'api.cscg.live:444','header','Content-Type',15,'','application/grpc-web+proto') +COMMIT +DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=19 AND FLAGS='' AND VALS='Caddy' +INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',20,'','Caddy') +COMMIT +DELETE FROM PARAM WHERE PARAMID=6 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Vary' AND USED=14 AND FLAGS='' AND VALS='Origin' +INSERT INTO PARAM VALUES(6,'api.cscg.live:444','header','Vary',15,'','Origin') +COMMIT +DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=19 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:12 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT,Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:16 GMT,Sat%2C 02 Mar 2024 02:35:14 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT,Sat%2C 02 Mar 2024 02:35:18 GMT,Sat%2C 02 Mar 2024 02:35:20 GMT' +INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',20,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:12 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:35:23 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT,Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:16 GMT,Sat%2C 02 Mar 2024 02:35:14 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT,Sat%2C 02 Mar 2024 02:35:18 GMT,Sat%2C 02 Mar 2024 02:35:20 GMT') +COMMIT +DELETE FROM PARAM WHERE PARAMID=8 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='content-length' AND USED=14 AND FLAGS='' AND VALS='129' +INSERT INTO PARAM VALUES(8,'api.cscg.live:444','header','content-length',15,'','129') +COMMIT +/*C5*/INSERT INTO ALERT VALUES(39,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',25,25,'','',319,15,3,'','10035-1') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(81,39,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(82,39,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(64,552,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 65 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=63 +INSERT INTO BLOCKS VALUES(63,1,0) +INSERT INTO BLOCKS VALUES(64,2147483583,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=63 +INSERT INTO LOBS VALUES(63,1,0,64) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(64,1,'2024-03-02 03:35:23.399000',1,64,NULL,552,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=64 +INSERT INTO LOB_IDS VALUES(64,552,1,40) +COMMIT +/*C5*/INSERT INTO ALERT VALUES(40,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',25,25,'','',693,15,3,'','10021') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(83,40,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(84,40,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(65,573,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 66 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=64 +INSERT INTO BLOCKS VALUES(64,1,0) +INSERT INTO BLOCKS VALUES(65,2147483582,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=64 +INSERT INTO LOBS VALUES(64,1,0,65) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(65,1,'2024-03-02 03:35:23.402000',1,65,NULL,573,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=65 +INSERT INTO LOB_IDS VALUES(65,573,1,40) +COMMIT +/*C3*/INSERT INTO HISTORY VALUES(26,1709346750724,1,200,1709346924701,311,'POST','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','POST https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000acontent-type: application/grpc-web+proto\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aContent-Length: 44\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','00000000270a18373232653363613365393262363863656666353830336664120b696e74726f2d7765622d32','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAccess-Control-Expose-Headers: Access-Control-Allow-Origin, Vary, Content-Type, Date, grpc-status, grpc-message\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Type: application/grpc-web+proto\u000d\u000aServer: Caddy\u000d\u000aVary: Origin\u000d\u000aDate: Sat, 02 Mar 2024 02:35:24 GMT\u000d\u000acontent-length: 129\u000d\u000a\u000d\u000a','00000000670a1837323265336361336539326236386365666635383033666410011a49123d3732326533636133653932623638636566663538303366642d313032342d696e74726f2d7765622d322e6368616c6c656e67652e637363672e6c69766518b90a220568747470738000000010677270632d7374617475733a20300d0a',NULL,'',TRUE) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(66,323,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 67 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=65 +INSERT INTO BLOCKS VALUES(65,1,0) +INSERT INTO BLOCKS VALUES(66,2147483581,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=65 +INSERT INTO LOBS VALUES(65,1,0,66) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(66,1,'2024-03-02 03:35:25.014000',1,66,NULL,323,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=66 +INSERT INTO LOB_IDS VALUES(66,323,1,40) +COMMIT +/*C5*/INSERT INTO ALERT VALUES(41,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',26,26,'','',319,15,3,'','10035-1') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(85,41,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=20 AND FLAGS='' AND VALS='https://play.cscg.live' +INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',21,'','https://play.cscg.live') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(86,41,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=2 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Expose-Headers' AND USED=15 AND FLAGS='' AND VALS='Date%2C Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C Date%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Content-Type%2C Access-Control-Allow-Origin%2C Vary%2C Date%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message' +INSERT INTO PARAM VALUES(2,'api.cscg.live:444','header','Access-Control-Expose-Headers',16,'','Date%2C Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C Date%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Content-Type%2C Access-Control-Allow-Origin%2C Vary%2C Date%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message') +COMMIT +DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=20 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' +INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',21,'','h3=":443"; ma=2592000') +COMMIT +DELETE FROM PARAM WHERE PARAMID=4 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Type' AND USED=15 AND FLAGS='' AND VALS='application/grpc-web+proto' +INSERT INTO PARAM VALUES(4,'api.cscg.live:444','header','Content-Type',16,'','application/grpc-web+proto') +COMMIT +DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=20 AND FLAGS='' AND VALS='Caddy' +INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',21,'','Caddy') +COMMIT +DELETE FROM PARAM WHERE PARAMID=6 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Vary' AND USED=15 AND FLAGS='' AND VALS='Origin' +INSERT INTO PARAM VALUES(6,'api.cscg.live:444','header','Vary',16,'','Origin') +COMMIT +DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=20 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:12 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:35:23 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT,Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:16 GMT,Sat%2C 02 Mar 2024 02:35:14 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT,Sat%2C 02 Mar 2024 02:35:18 GMT,Sat%2C 02 Mar 2024 02:35:20 GMT' +INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',21,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:12 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:35:23 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT,Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:16 GMT,Sat%2C 02 Mar 2024 02:35:14 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT,Sat%2C 02 Mar 2024 02:35:18 GMT,Sat%2C 02 Mar 2024 02:35:24 GMT,Sat%2C 02 Mar 2024 02:35:20 GMT') +COMMIT +DELETE FROM PARAM WHERE PARAMID=8 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='content-length' AND USED=15 AND FLAGS='' AND VALS='129' +INSERT INTO PARAM VALUES(8,'api.cscg.live:444','header','content-length',16,'','129') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(67,552,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 68 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=66 +INSERT INTO BLOCKS VALUES(66,1,0) +INSERT INTO BLOCKS VALUES(67,2147483580,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=66 +INSERT INTO LOBS VALUES(66,1,0,67) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(67,1,'2024-03-02 03:35:25.220000',1,67,NULL,552,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=67 +INSERT INTO LOB_IDS VALUES(67,552,1,40) +COMMIT +/*C5*/INSERT INTO ALERT VALUES(42,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',26,26,'','',693,15,3,'','10021') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(87,42,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(88,42,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(68,573,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 69 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=67 +INSERT INTO BLOCKS VALUES(67,1,0) +INSERT INTO BLOCKS VALUES(68,2147483579,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=67 +INSERT INTO LOBS VALUES(67,1,0,68) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(68,1,'2024-03-02 03:35:25.224000',1,68,NULL,573,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=68 +INSERT INTO LOB_IDS VALUES(68,573,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(69,64,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 70 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=68 +INSERT INTO BLOCKS VALUES(68,1,0) +INSERT INTO BLOCKS VALUES(69,2147483578,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=68 +INSERT INTO LOBS VALUES(68,1,0,69) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(69,1,'2024-03-02 03:35:27.951000',1,69,NULL,64,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=69 +INSERT INTO LOB_IDS VALUES(69,64,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(70,64,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 71 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=69 +INSERT INTO BLOCKS VALUES(69,1,0) +INSERT INTO BLOCKS VALUES(70,2147483577,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=69 +INSERT INTO LOBS VALUES(69,1,0,70) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(70,1,'2024-03-02 03:35:37.956000',1,70,NULL,64,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=70 +INSERT INTO LOB_IDS VALUES(70,64,1,40) +COMMIT +/*C5*/DELETE FROM ALERT WHERE ALERTID=0 +COMMIT +/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=1 +DELETE FROM ALERT_TAG WHERE TAG_ID=2 +COMMIT +/*C5*/DELETE FROM ALERT WHERE ALERTID=1 +COMMIT +/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=3 +DELETE FROM ALERT_TAG WHERE TAG_ID=4 +COMMIT +/*C3*/DELETE FROM HISTORY WHERE HISTORYID=1 +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(71,64,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 72 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=70 +INSERT INTO BLOCKS VALUES(70,1,0) +INSERT INTO BLOCKS VALUES(71,2147483576,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=70 +INSERT INTO LOBS VALUES(70,1,0,71) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(71,1,'2024-03-02 03:35:47.956000',1,71,NULL,64,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=71 +INSERT INTO LOB_IDS VALUES(71,64,1,40) +COMMIT +/*C5*/DELETE FROM ALERT WHERE ALERTID=8 +COMMIT +/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=19 +DELETE FROM ALERT_TAG WHERE TAG_ID=20 +COMMIT +/*C3*/DELETE FROM HISTORY WHERE HISTORYID=7 +COMMIT +/*C5*/DELETE FROM ALERT WHERE ALERTID=9 +COMMIT +/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=21 +DELETE FROM ALERT_TAG WHERE TAG_ID=22 +COMMIT +/*C5*/DELETE FROM ALERT WHERE ALERTID=10 +COMMIT +/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=23 +DELETE FROM ALERT_TAG WHERE TAG_ID=24 +COMMIT +/*C3*/DELETE FROM HISTORY WHERE HISTORYID=8 +COMMIT +/*C5*/DELETE FROM ALERT WHERE ALERTID=11 +COMMIT +/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=25 +DELETE FROM ALERT_TAG WHERE TAG_ID=26 +COMMIT +/*C5*/DELETE FROM ALERT WHERE ALERTID=12 +COMMIT +/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=27 +DELETE FROM ALERT_TAG WHERE TAG_ID=28 +COMMIT +/*C3*/DELETE FROM HISTORY WHERE HISTORYID=9 +COMMIT +/*C5*/DELETE FROM ALERT WHERE ALERTID=13 +COMMIT +/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=29 +DELETE FROM ALERT_TAG WHERE TAG_ID=30 +COMMIT +/*C5*/DELETE FROM ALERT WHERE ALERTID=14 +COMMIT +/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=31 +DELETE FROM ALERT_TAG WHERE TAG_ID=32 +COMMIT +/*C3*/DELETE FROM HISTORY WHERE HISTORYID=10 +COMMIT +/*C5*/DELETE FROM ALERT WHERE ALERTID=15 +COMMIT +/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=33 +DELETE FROM ALERT_TAG WHERE TAG_ID=34 +COMMIT +/*C3*/DELETE FROM HISTORY WHERE HISTORYID=11 +COMMIT +/*C5*/DELETE FROM ALERT WHERE ALERTID=16 +COMMIT +/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=35 +DELETE FROM ALERT_TAG WHERE TAG_ID=36 +COMMIT +/*C5*/DELETE FROM ALERT WHERE ALERTID=17 +COMMIT +/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=37 +DELETE FROM ALERT_TAG WHERE TAG_ID=38 +COMMIT +/*C3*/DELETE FROM HISTORY WHERE HISTORYID=12 +COMMIT +/*C5*/DELETE FROM ALERT WHERE ALERTID=18 +COMMIT +/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=39 +DELETE FROM ALERT_TAG WHERE TAG_ID=40 +COMMIT +/*C5*/DELETE FROM ALERT WHERE ALERTID=19 +COMMIT +/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=41 +DELETE FROM ALERT_TAG WHERE TAG_ID=42 +COMMIT +/*C3*/DELETE FROM HISTORY WHERE HISTORYID=13 +COMMIT +/*C5*/DELETE FROM ALERT WHERE ALERTID=20 +COMMIT +/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=43 +DELETE FROM ALERT_TAG WHERE TAG_ID=44 +COMMIT +/*C5*/DELETE FROM ALERT WHERE ALERTID=21 +COMMIT +/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=45 +DELETE FROM ALERT_TAG WHERE TAG_ID=46 +COMMIT +/*C3*/DELETE FROM HISTORY WHERE HISTORYID=14 +COMMIT +/*C5*/DELETE FROM ALERT WHERE ALERTID=23 +COMMIT +/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=49 +DELETE FROM ALERT_TAG WHERE TAG_ID=50 +COMMIT +/*C3*/DELETE FROM HISTORY WHERE HISTORYID=15 +COMMIT +DELETE FROM HISTORY WHERE HISTORYID=16 +COMMIT +/*C5*/DELETE FROM ALERT WHERE ALERTID=25 +COMMIT +/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=53 +DELETE FROM ALERT_TAG WHERE TAG_ID=54 +COMMIT +/*C5*/DELETE FROM ALERT WHERE ALERTID=26 +COMMIT +/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=55 +DELETE FROM ALERT_TAG WHERE TAG_ID=56 +COMMIT +/*C3*/DELETE FROM HISTORY WHERE HISTORYID=17 +COMMIT +/*C5*/DELETE FROM ALERT WHERE ALERTID=27 +COMMIT +/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=57 +DELETE FROM ALERT_TAG WHERE TAG_ID=58 +COMMIT +/*C5*/DELETE FROM ALERT WHERE ALERTID=28 +COMMIT +/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=59 +DELETE FROM ALERT_TAG WHERE TAG_ID=60 +COMMIT +/*C3*/DELETE FROM HISTORY WHERE HISTORYID=18 +COMMIT +/*C5*/DELETE FROM ALERT WHERE ALERTID=30 +COMMIT +/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=63 +DELETE FROM ALERT_TAG WHERE TAG_ID=64 +COMMIT +/*C3*/DELETE FROM HISTORY WHERE HISTORYID=19 +COMMIT +DELETE FROM HISTORY WHERE HISTORYID=20 +COMMIT +/*C5*/DELETE FROM ALERT WHERE ALERTID=32 +COMMIT +/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=67 +DELETE FROM ALERT_TAG WHERE TAG_ID=68 +COMMIT +/*C5*/DELETE FROM ALERT WHERE ALERTID=33 +COMMIT +/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=69 +DELETE FROM ALERT_TAG WHERE TAG_ID=70 +COMMIT +/*C3*/DELETE FROM HISTORY WHERE HISTORYID=21 +COMMIT +/*C5*/DELETE FROM ALERT WHERE ALERTID=34 +COMMIT +/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=71 +DELETE FROM ALERT_TAG WHERE TAG_ID=72 +COMMIT +/*C5*/DELETE FROM ALERT WHERE ALERTID=35 +COMMIT +/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=73 +DELETE FROM ALERT_TAG WHERE TAG_ID=74 +COMMIT +/*C3*/DELETE FROM HISTORY WHERE HISTORYID=22 +COMMIT +/*C5*/DELETE FROM ALERT WHERE ALERTID=37 +COMMIT +/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=77 +DELETE FROM ALERT_TAG WHERE TAG_ID=78 +COMMIT +/*C3*/DELETE FROM HISTORY WHERE HISTORYID=23 +COMMIT +DELETE FROM HISTORY WHERE HISTORYID=24 +COMMIT +/*C5*/DELETE FROM ALERT WHERE ALERTID=39 +COMMIT +/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=81 +DELETE FROM ALERT_TAG WHERE TAG_ID=82 +COMMIT +/*C5*/DELETE FROM ALERT WHERE ALERTID=40 +COMMIT +/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=83 +DELETE FROM ALERT_TAG WHERE TAG_ID=84 +COMMIT +/*C3*/DELETE FROM HISTORY WHERE HISTORYID=25 +COMMIT +/*C5*/DELETE FROM ALERT WHERE ALERTID=41 +COMMIT +/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=85 +DELETE FROM ALERT_TAG WHERE TAG_ID=86 +COMMIT +/*C5*/DELETE FROM ALERT WHERE ALERTID=42 +COMMIT +/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=87 +DELETE FROM ALERT_TAG WHERE TAG_ID=88 +COMMIT +/*C3*/DELETE FROM HISTORY WHERE HISTORYID=3 +COMMIT +DELETE FROM HISTORY WHERE HISTORYID=2 +COMMIT +DELETE FROM HISTORY WHERE HISTORYID=26 +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(72,64,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 73 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=71 +INSERT INTO BLOCKS VALUES(71,1,0) +INSERT INTO BLOCKS VALUES(72,2147483575,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=71 +INSERT INTO LOBS VALUES(71,1,0,72) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(72,1,'2024-03-02 03:35:57.957000',1,72,NULL,64,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=72 +INSERT INTO LOB_IDS VALUES(72,64,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(73,64,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 74 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=72 +INSERT INTO BLOCKS VALUES(72,1,0) +INSERT INTO BLOCKS VALUES(73,2147483574,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=72 +INSERT INTO LOBS VALUES(72,1,0,73) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(73,1,'2024-03-02 03:36:07.957000',1,73,NULL,64,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=73 +INSERT INTO LOB_IDS VALUES(73,64,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(74,64,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 75 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=73 +INSERT INTO BLOCKS VALUES(73,1,0) +INSERT INTO BLOCKS VALUES(74,2147483573,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=73 +INSERT INTO LOBS VALUES(73,1,0,74) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(74,1,'2024-03-02 03:36:17.963000',1,74,NULL,64,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=74 +INSERT INTO LOB_IDS VALUES(74,64,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(75,64,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 76 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=74 +INSERT INTO BLOCKS VALUES(74,1,0) +INSERT INTO BLOCKS VALUES(75,2147483572,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=74 +INSERT INTO LOBS VALUES(74,1,0,75) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(75,1,'2024-03-02 03:36:27.964000',1,75,NULL,64,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=75 +INSERT INTO LOB_IDS VALUES(75,64,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(76,64,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 77 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=75 +INSERT INTO BLOCKS VALUES(75,1,0) +INSERT INTO BLOCKS VALUES(76,2147483571,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=75 +INSERT INTO LOBS VALUES(75,1,0,76) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(76,1,'2024-03-02 03:36:37.967000',1,76,NULL,64,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=76 +INSERT INTO LOB_IDS VALUES(76,64,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(77,64,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 78 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=76 +INSERT INTO BLOCKS VALUES(76,1,0) +INSERT INTO BLOCKS VALUES(77,2147483570,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=76 +INSERT INTO LOBS VALUES(76,1,0,77) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(77,1,'2024-03-02 03:36:47.973000',1,77,NULL,64,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=77 +INSERT INTO LOB_IDS VALUES(77,64,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(78,64,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 79 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=77 +INSERT INTO BLOCKS VALUES(77,1,0) +INSERT INTO BLOCKS VALUES(78,2147483569,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=77 +INSERT INTO LOBS VALUES(77,1,0,78) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(78,1,'2024-03-02 03:36:57.976000',1,78,NULL,64,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=78 +INSERT INTO LOB_IDS VALUES(78,64,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(79,64,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 80 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=78 +INSERT INTO BLOCKS VALUES(78,1,0) +INSERT INTO BLOCKS VALUES(79,2147483568,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=78 +INSERT INTO LOBS VALUES(78,1,0,79) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(79,1,'2024-03-02 03:37:08.102000',1,79,NULL,64,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=79 +INSERT INTO LOB_IDS VALUES(79,64,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(80,64,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 81 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=79 +INSERT INTO BLOCKS VALUES(79,1,0) +INSERT INTO BLOCKS VALUES(80,2147483567,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=79 +INSERT INTO LOBS VALUES(79,1,0,80) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(80,1,'2024-03-02 03:37:18.133000',1,80,NULL,64,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=80 +INSERT INTO LOB_IDS VALUES(80,64,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(81,64,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 82 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=80 +INSERT INTO BLOCKS VALUES(80,1,0) +INSERT INTO BLOCKS VALUES(81,2147483566,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=80 +INSERT INTO LOBS VALUES(80,1,0,81) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(81,1,'2024-03-02 03:37:28.152000',1,81,NULL,64,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=81 +INSERT INTO LOB_IDS VALUES(81,64,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(82,64,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 83 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=81 +INSERT INTO BLOCKS VALUES(81,1,0) +INSERT INTO BLOCKS VALUES(82,2147483565,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=81 +INSERT INTO LOBS VALUES(81,1,0,82) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(82,1,'2024-03-02 03:37:38.962000',1,82,NULL,64,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=82 +INSERT INTO LOB_IDS VALUES(82,64,1,40) +COMMIT +/*C3*/INSERT INTO HISTORY VALUES(27,1709346750724,15,200,1709347068648,206,'GET','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html','GET https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html HTTP/1.1\u000d\u000ahost: 722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Windows 95; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aConnection: keep-alive\u000d\u000aReferer: https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/\u000d\u000aUpgrade-Insecure-Requests: 1\u000d\u000aSec-Fetch-Dest: document\u000d\u000aSec-Fetch-Mode: navigate\u000d\u000aSec-Fetch-Site: same-origin\u000d\u000aSec-Fetch-User: ?1\u000d\u000acontent-length: 0\u000d\u000a\u000d\u000a','','HTTP/1.1 200 OK\u000d\u000aServer: nginx/1.24.0\u000d\u000aDate: Sat, 02 Mar 2024 02:37:48 GMT\u000d\u000aContent-Type: text/html\u000d\u000aContent-Length: 1366\u000d\u000aLast-Modified: Thu, 01 Jan 1970 00:00:01 GMT\u000d\u000aConnection: keep-alive\u000d\u000aETag: "1-556"\u000d\u000aCache-Control: no-store\u000d\u000aAccept-Ranges: bytes\u000d\u000a\u000d\u000a','3c68746d6c3e0a3c686561643e0a202020203c7469746c653e496e74726f20746f2057656220323c2f7469746c653e0a202020203c6d65746120636861727365743d225554462d38223e0a202020203c6c696e6b2072656c3d227374796c6573686565742220747970653d22746578742f6373732220687265663d227374796c652e63737322202f3e0a3c2f686561643e0a3c626f64793e0a3c68313e24284745524d414e5f4349545929205472616d205469636b6574204d616368696e653c2f68313e0a0a3c68333e47657420796f7572203c7370616e207374796c653d22746578742d6465636f726174696f6e3a206c696e652d7468726f7567683b223e7469636b65743c2f7370616e3e20666c61672068657265213c2f68333e0a3c68723e0a57697468207468652068656c70206f66206f75722073746174652d6f662d7468652d61727420666c6f707079206469736b20737769746368696e6720726f626f74732c20796f752063616e206e6f772072656164207468652066697273740a70617274206f662074686520666c616720696e207265616c2074696d65210a3c703e0a466c6167207061727420312f343a203c7370616e207374796c653d22636f6c6f723a20677265656e3b20666f6e742d66616d696c793a2027436f7572696572204e6577272c206d6f6e6f73706163653b223e0a20202020435343477b3c7370616e2069643d22666c6167223e2e2e2e2e2e2e2e2e3c2f7370616e3e3c2f7370616e3e0a0a3c212d2d0a4e6f2074696d6520746f20776169742c2072696768743f0a2d2d3e0a0a3c7363726970743e0a666c6167203d20226c396a6a3535304b220a73796d626f6c7352657665616c6564203d20300a7761697454696d65203d20313030303b0a0a66756e6374696f6e206e65787453796d626f6c2829207b0a202020206966202873796d626f6c7352657665616c6564203e3d20666c61672e6c656e677468292072657475726e3b0a2020202073796d626f6c7352657665616c65642b2b3b0a0a202020207761697454696d65202a3d20323b0a2020202073657454696d656f7574286e65787453796d626f6c2c207761697454696d65293b0a7d0a0a66756e6374696f6e207370696e2829207b0a20202020636f6e737420666c616750617274203d20666c61672e73756273747228302c2073796d626f6c7352657665616c6564293b0a20202020636f6e737420616c706861626574203d2028224142434445464748494a4b4c4d4e4f5052535455565758595a61626364656668696b6c6d6e6f727374757677787a3031323334353637383922290a20202020636f6e73742072616e646f6d53796d626f6c203d0a202020202020202073796d626f6c7352657665616c6564203c20666c61672e6c656e6774680a2020202020202020202020203f20616c7068616265742e636861724174284d6174682e666c6f6f72284d6174682e72616e646f6d2829202a20616c7068616265742e6c656e67746829290a2020202020202020202020203a2022223b0a20202020636f6e737420737566666978203d20222e222e726570656174284d6174682e6d617828302c20666c61672e6c656e677468202d2031202d2073796d626f6c7352657665616c656429293b0a0a20202020646f63756d656e742e676574456c656d656e74427949642822666c616722292e696e6e657248544d4c203d20666c616750617274202b2072616e646f6d53796d626f6c202b207375666669783b0a7d0a0a73657454696d656f7574286e65787453796d626f6c2c207761697454696d65293b0a736574496e74657276616c287370696e2c203530293b0a3c2f7363726970743e0a0a3c2f626f64793e0a3c2f68746d6c3e',NULL,'',TRUE) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(83,64,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 84 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=82 +INSERT INTO BLOCKS VALUES(82,1,0) +INSERT INTO BLOCKS VALUES(83,2147483564,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=82 +INSERT INTO LOBS VALUES(82,1,0,83) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(83,1,'2024-03-02 03:37:49.010000',1,83,NULL,64,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=83 +INSERT INTO LOB_IDS VALUES(83,64,1,40) +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=9 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Server' AND USED=2 AND FLAGS='' AND VALS='nginx/1.24.0' +INSERT INTO PARAM VALUES(9,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Server',3,'','nginx/1.24.0') +COMMIT +DELETE FROM PARAM WHERE PARAMID=10 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Date' AND USED=2 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT' +INSERT INTO PARAM VALUES(10,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Date',3,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:37:48 GMT') +COMMIT +DELETE FROM PARAM WHERE PARAMID=11 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Content-Type' AND USED=2 AND FLAGS='' AND VALS='text/html,text/plain' +INSERT INTO PARAM VALUES(11,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Content-Type',3,'','text/html,text/plain') +COMMIT +DELETE FROM PARAM WHERE PARAMID=12 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Content-Length' AND USED=2 AND FLAGS='' AND VALS='287,384' +INSERT INTO PARAM VALUES(12,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Content-Length',3,'','287,1366,384') +COMMIT +DELETE FROM PARAM WHERE PARAMID=15 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Last-Modified' AND USED=1 AND FLAGS='' AND VALS='Thu%2C 01 Jan 1970 00:00:01 GMT' +INSERT INTO PARAM VALUES(15,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Last-Modified',2,'','Thu%2C 01 Jan 1970 00:00:01 GMT') +COMMIT +DELETE FROM PARAM WHERE PARAMID=13 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Connection' AND USED=2 AND FLAGS='' AND VALS='keep-alive' +INSERT INTO PARAM VALUES(13,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Connection',3,'','keep-alive') +COMMIT +DELETE FROM PARAM WHERE PARAMID=14 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='ETag' AND USED=2 AND FLAGS='' AND VALS='"1-180","1-11f"' +INSERT INTO PARAM VALUES(14,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','ETag',3,'','"1-180","1-11f","1-556"') +COMMIT +DELETE FROM PARAM WHERE PARAMID=16 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Cache-Control' AND USED=1 AND FLAGS='' AND VALS='no-store' +INSERT INTO PARAM VALUES(16,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Cache-Control',2,'','no-store') +COMMIT +DELETE FROM PARAM WHERE PARAMID=17 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Accept-Ranges' AND USED=1 AND FLAGS='' AND VALS='bytes' +INSERT INTO PARAM VALUES(17,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Accept-Ranges',2,'','bytes') +COMMIT +/*C5*/INSERT INTO ALERT VALUES(43,0,10020,'Missing Anti-clickjacking Header',2,2,'The response does not include either Content-Security-Policy with ''frame-ancestors'' directive or X-Frame-Options to protect against ''ClickJacking'' attacks.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html','x-frame-options','','Modern Web browsers support the Content-Security-Policy and X-Frame-Options HTTP headers. Ensure one of them is set on all web pages returned by your site/app.\u000aIf you expect the page to be framed only by pages on your server (e.g. it''s part of a FRAMESET) then you''ll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. Alternatively consider implementing Content Security Policy''s "frame-ancestors" directive.','https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options',27,27,'','',1021,15,3,'','10020-1') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(89,43,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(90,43,'WSTG-v42-CLNT-09','https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/11-Client-side_Testing/09-Testing_for_Clickjacking') +COMMIT +INSERT INTO ALERT_TAG VALUES(91,43,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(84,630,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 85 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=83 +INSERT INTO BLOCKS VALUES(83,1,0) +INSERT INTO BLOCKS VALUES(84,2147483563,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=83 +INSERT INTO LOBS VALUES(83,1,0,84) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(84,1,'2024-03-02 03:37:49.436000',1,84,NULL,630,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=84 +INSERT INTO LOB_IDS VALUES(84,630,1,40) +COMMIT +/*C5*/INSERT INTO ALERT VALUES(44,0,10015,'Re-examine Cache-control Directives',0,1,'The cache-control header has not been set properly or is missing, allowing the browser and proxies to cache content. For static assets like css, js, or image files this might be intended, however, the resources should be reviewed to ensure that no sensitive content will be cached.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html','cache-control','','For secure content, ensure the cache-control HTTP header is set with "no-cache, no-store, must-revalidate". If an asset should be cached consider setting the directives "public, max-age, immutable".','https://cheatsheetseries.owasp.org/cheatsheets/Session_Management_Cheat_Sheet.html#web-content-caching\u000ahttps://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control\u000ahttps://grayduck.mn/2021/09/13/cache-control-recommendations/',27,27,'','no-store',525,13,3,'','10015') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(92,44,'WSTG-v42-ATHN-06','https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/04-Authentication_Testing/06-Testing_for_Browser_Cache_Weaknesses') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(85,635,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 86 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=84 +INSERT INTO BLOCKS VALUES(84,1,0) +INSERT INTO BLOCKS VALUES(85,2147483562,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=84 +INSERT INTO LOBS VALUES(84,1,0,85) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(85,1,'2024-03-02 03:37:49.459000',1,85,NULL,635,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=85 +INSERT INTO LOB_IDS VALUES(85,635,1,40) +COMMIT +/*C5*/INSERT INTO ALERT VALUES(45,0,10038,'Content Security Policy (CSP) Header Not Set',2,3,'Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page \u2014 covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html','','','Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header.','https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policy\u000ahttps://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html\u000ahttps://www.w3.org/TR/CSP/\u000ahttps://w3c.github.io/webappsec-csp/\u000ahttps://web.dev/articles/csp\u000ahttps://caniuse.com/#feat=contentsecuritypolicy\u000ahttps://content-security-policy.com/',27,27,'','',693,15,3,'','10038-1') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(93,45,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(94,45,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(86,625,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 87 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=85 +INSERT INTO BLOCKS VALUES(85,1,0) +INSERT INTO BLOCKS VALUES(86,2147483561,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=85 +INSERT INTO LOBS VALUES(85,1,0,86) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(86,1,'2024-03-02 03:37:49.464000',1,86,NULL,625,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=86 +INSERT INTO LOB_IDS VALUES(86,625,1,40) +COMMIT +/*C5*/INSERT INTO ALERT VALUES(46,0,10109,'Modern Web Application',0,2,'The application appears to be a modern web application. If you need to explore it automatically then the Ajax Spider may well be more effective than the standard one.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html','','No links have been found while there are scripts, which is an indication that this is a modern web application.','This is an informational alert and so no changes are required.','',27,27,'','',-1,-1,3,'','10109') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(87,612,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 88 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=86 +INSERT INTO BLOCKS VALUES(86,1,0) +INSERT INTO BLOCKS VALUES(87,2147483560,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=86 +INSERT INTO LOBS VALUES(86,1,0,87) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(87,1,'2024-03-02 03:37:49.486000',1,87,NULL,612,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=87 +INSERT INTO LOB_IDS VALUES(87,612,1,40) +COMMIT +/*C5*/INSERT INTO ALERT VALUES(47,0,10036,'Server Leaks Version Information via "Server" HTTP Response Header Field',1,3,'The web/application server is leaking version information via the "Server" HTTP response header. Access to such information may facilitate attackers identifying other vulnerabilities your web/application server is subject to.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html','','','Ensure that your web server, application server, load balancer, etc. is configured to suppress the "Server" header or provide generic details.','https://httpd.apache.org/docs/current/mod/core.html#servertokens\u000ahttps://learn.microsoft.com/en-us/previous-versions/msp-n-p/ff648552(v=pandp.10)\u000ahttps://www.troyhunt.com/shhh-dont-let-your-response-headers/',27,27,'','nginx/1.24.0',200,13,3,'','10036') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(95,47,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(96,47,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +INSERT INTO ALERT_TAG VALUES(97,47,'WSTG-v42-INFO-02','https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/01-Information_Gathering/02-Fingerprint_Web_Server') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(88,652,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 89 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=87 +INSERT INTO BLOCKS VALUES(87,1,0) +INSERT INTO BLOCKS VALUES(88,2147483559,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=87 +INSERT INTO LOBS VALUES(87,1,0,88) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(88,1,'2024-03-02 03:37:49.514000',1,88,NULL,652,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=88 +INSERT INTO LOB_IDS VALUES(88,652,1,40) +COMMIT +/*C5*/INSERT INTO ALERT VALUES(48,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',27,27,'','',319,15,3,'','10035-1') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(98,48,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(99,48,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(89,618,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 90 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=88 +INSERT INTO BLOCKS VALUES(88,1,0) +INSERT INTO BLOCKS VALUES(89,2147483558,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=88 +INSERT INTO LOBS VALUES(88,1,0,89) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(89,1,'2024-03-02 03:37:49.518000',1,89,NULL,618,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=89 +INSERT INTO LOB_IDS VALUES(89,618,1,40) +COMMIT +/*C5*/INSERT INTO ALERT VALUES(49,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',27,27,'','',693,15,3,'','10021') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(100,49,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(101,49,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(90,639,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 91 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=89 +INSERT INTO BLOCKS VALUES(89,1,0) +INSERT INTO BLOCKS VALUES(90,2147483557,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=89 +INSERT INTO LOBS VALUES(89,1,0,90) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(90,1,'2024-03-02 03:37:49.522000',1,90,NULL,639,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=90 +INSERT INTO LOB_IDS VALUES(90,639,1,40) +COMMIT +/*C8*/SET SCHEMA PUBLIC +INSERT INTO TAG VALUES(1,27,'Script') +COMMIT +INSERT INTO TAG VALUES(2,27,'Comment') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(91,64,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 92 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=90 +INSERT INTO BLOCKS VALUES(90,1,0) +INSERT INTO BLOCKS VALUES(91,2147483556,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=90 +INSERT INTO LOBS VALUES(90,1,0,91) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(91,1,'2024-03-02 03:37:59.053000',1,91,NULL,64,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=91 +INSERT INTO LOB_IDS VALUES(91,64,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(92,64,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 93 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=91 +INSERT INTO BLOCKS VALUES(91,1,0) +INSERT INTO BLOCKS VALUES(92,2147483555,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=91 +INSERT INTO LOBS VALUES(91,1,0,92) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(92,1,'2024-03-02 03:38:09.054000',1,92,NULL,64,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=92 +INSERT INTO LOB_IDS VALUES(92,64,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(93,64,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 94 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=92 +INSERT INTO BLOCKS VALUES(92,1,0) +INSERT INTO BLOCKS VALUES(93,2147483554,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=92 +INSERT INTO LOBS VALUES(92,1,0,93) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(93,1,'2024-03-02 03:38:19.056000',1,93,NULL,64,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=93 +INSERT INTO LOB_IDS VALUES(93,64,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(94,64,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 95 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=93 +INSERT INTO BLOCKS VALUES(93,1,0) +INSERT INTO BLOCKS VALUES(94,2147483553,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=93 +INSERT INTO LOBS VALUES(93,1,0,94) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(94,1,'2024-03-02 03:38:29.059000',1,94,NULL,64,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=94 +INSERT INTO LOB_IDS VALUES(94,64,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(95,64,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 96 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=94 +INSERT INTO BLOCKS VALUES(94,1,0) +INSERT INTO BLOCKS VALUES(95,2147483552,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=94 +INSERT INTO LOBS VALUES(94,1,0,95) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(95,1,'2024-03-02 03:38:39.059000',1,95,NULL,64,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=95 +INSERT INTO LOB_IDS VALUES(95,64,1,40) +COMMIT +/*C3*/INSERT INTO HISTORY VALUES(28,1709346750724,1,403,1709347121300,30,'GET','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html','GET https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html HTTP/1.1\u000d\u000ahost: 722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aConnection: keep-alive\u000d\u000aUpgrade-Insecure-Requests: 1\u000d\u000aSec-Fetch-Dest: document\u000d\u000aSec-Fetch-Mode: navigate\u000d\u000aSec-Fetch-Site: none\u000d\u000aSec-Fetch-User: ?1\u000d\u000a\u000d\u000a','','HTTP/1.1 403 Forbidden\u000d\u000aServer: nginx/1.24.0\u000d\u000aDate: Sat, 02 Mar 2024 02:38:41 GMT\u000d\u000aContent-Type: text/html\u000d\u000aContent-Length: 384\u000d\u000aConnection: keep-alive\u000d\u000aETag: "1-180"\u000d\u000a\u000d\u000a','3c68746d6c3e0a3c686561643e0a202020203c7469746c653e496e74726f20746f2057656220323c2f7469746c653e0a202020203c6d65746120636861727365743d225554462d38223e0a202020203c6c696e6b2072656c3d227374796c6573686565742220747970653d22746578742f6373732220687265663d227374796c652e63737322202f3e0a3c2f686561643e0a3c626f64793e0a3c68313e24284745524d414e5f4349545929205472616d205469636b6574204d616368696e653c2f68313e0a0a3c68333e3c7370616e207374796c653d22636f6c6f723a20726564223e496e736563757265206f7065726174696e672073797374656d213c2f7370616e3e3c2f68333e0a3c68723e0a466f7220734563557249745920724561536f4e732c20796f75206e65656420746f2075706461746520796f75722073797374656d20746f2057696e646f7773203935206265666f726520616363657373696e6720746869732077656273697465210a3c2f626f64793e0a3c2f68746d6c3e',NULL,'',TRUE) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(96,354,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 97 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=95 +INSERT INTO BLOCKS VALUES(95,1,0) +INSERT INTO BLOCKS VALUES(96,2147483551,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=95 +INSERT INTO LOBS VALUES(95,1,0,96) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(96,1,'2024-03-02 03:38:41.333000',1,96,NULL,354,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=96 +INSERT INTO LOB_IDS VALUES(96,354,1,40) +COMMIT +/*C3*/INSERT INTO HISTORY VALUES(29,1709346750724,1,200,1709347121392,40,'GET','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/style.css','GET https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/style.css HTTP/1.1\u000d\u000ahost: 722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: text/css,*/*;q=0.1\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aConnection: keep-alive\u000d\u000aReferer: https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html\u000d\u000aSec-Fetch-Dest: style\u000d\u000aSec-Fetch-Mode: no-cors\u000d\u000aSec-Fetch-Site: same-origin\u000d\u000a\u000d\u000a','','HTTP/1.1 200 OK\u000d\u000aServer: nginx/1.24.0\u000d\u000aDate: Sat, 02 Mar 2024 02:38:41 GMT\u000d\u000aContent-Type: text/plain\u000d\u000aContent-Length: 287\u000d\u000aLast-Modified: Thu, 01 Jan 1970 00:00:01 GMT\u000d\u000aConnection: keep-alive\u000d\u000aETag: "1-11f"\u000d\u000aCache-Control: no-store\u000d\u000aAccept-Ranges: bytes\u000d\u000a\u000d\u000a','68746d6c207b0a202020206d61782d77696474683a20373063683b0a2020202070616464696e673a2033656d2031656d3b0a202020206d617267696e3a206175746f3b0a202020206c696e652d6865696768743a20312e37353b0a20202020666f6e742d73697a653a20312e3235656d3b0a0a202020206261636b67726f756e642d636f6c6f723a20233145323132323b0a20202020636f6c6f723a20234244423741463b0a7d0a68312c2068322c206833207b0a20202020636f6c6f723a20234538453645333b0a7d0a6872207b0a202020206d617267696e2d746f703a202d31656d3b0a7d0a61207b0a20202020636f6c6f723a206c69676874626c75653b0a20202020746578742d6465636f726174696f6e3a206e6f6e653b0a7d0a',NULL,'',TRUE) +COMMIT +/*C5*/INSERT INTO ALERT VALUES(50,0,10036,'Server Leaks Version Information via "Server" HTTP Response Header Field',1,3,'The web/application server is leaking version information via the "Server" HTTP response header. Access to such information may facilitate attackers identifying other vulnerabilities your web/application server is subject to.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/style.css','','','Ensure that your web server, application server, load balancer, etc. is configured to suppress the "Server" header or provide generic details.','https://httpd.apache.org/docs/current/mod/core.html#servertokens\u000ahttps://learn.microsoft.com/en-us/previous-versions/msp-n-p/ff648552(v=pandp.10)\u000ahttps://www.troyhunt.com/shhh-dont-let-your-response-headers/',29,29,'','nginx/1.24.0',200,13,3,'','10036') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(102,50,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(103,50,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +INSERT INTO ALERT_TAG VALUES(104,50,'WSTG-v42-INFO-02','https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/01-Information_Gathering/02-Fingerprint_Web_Server') +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=9 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Server' AND USED=3 AND FLAGS='' AND VALS='nginx/1.24.0' +INSERT INTO PARAM VALUES(9,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Server',4,'','nginx/1.24.0') +COMMIT +DELETE FROM PARAM WHERE PARAMID=10 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Date' AND USED=3 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:37:48 GMT' +INSERT INTO PARAM VALUES(10,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Date',4,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:38:41 GMT,Sat%2C 02 Mar 2024 02:37:48 GMT') +COMMIT +DELETE FROM PARAM WHERE PARAMID=11 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Content-Type' AND USED=3 AND FLAGS='' AND VALS='text/html,text/plain' +INSERT INTO PARAM VALUES(11,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Content-Type',4,'','text/html,text/plain') +COMMIT +DELETE FROM PARAM WHERE PARAMID=12 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Content-Length' AND USED=3 AND FLAGS='' AND VALS='287,1366,384' +INSERT INTO PARAM VALUES(12,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Content-Length',4,'','287,1366,384') +COMMIT +DELETE FROM PARAM WHERE PARAMID=13 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Connection' AND USED=3 AND FLAGS='' AND VALS='keep-alive' +INSERT INTO PARAM VALUES(13,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Connection',4,'','keep-alive') +COMMIT +DELETE FROM PARAM WHERE PARAMID=14 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='ETag' AND USED=3 AND FLAGS='' AND VALS='"1-180","1-11f","1-556"' +INSERT INTO PARAM VALUES(14,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','ETag',4,'','"1-180","1-11f","1-556"') +COMMIT +DELETE FROM PARAM WHERE PARAMID=9 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Server' AND USED=4 AND FLAGS='' AND VALS='nginx/1.24.0' +INSERT INTO PARAM VALUES(9,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Server',5,'','nginx/1.24.0') +COMMIT +DELETE FROM PARAM WHERE PARAMID=10 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Date' AND USED=4 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:38:41 GMT,Sat%2C 02 Mar 2024 02:37:48 GMT' +INSERT INTO PARAM VALUES(10,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Date',5,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:38:41 GMT,Sat%2C 02 Mar 2024 02:37:48 GMT') +COMMIT +DELETE FROM PARAM WHERE PARAMID=11 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Content-Type' AND USED=4 AND FLAGS='' AND VALS='text/html,text/plain' +INSERT INTO PARAM VALUES(11,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Content-Type',5,'','text/html,text/plain') +COMMIT +/*C5*/INSERT INTO ALERT VALUES(51,0,10038,'Content Security Policy (CSP) Header Not Set',2,3,'Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page \u2014 covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html','','','Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header.','https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policy\u000ahttps://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html\u000ahttps://www.w3.org/TR/CSP/\u000ahttps://w3c.github.io/webappsec-csp/\u000ahttps://web.dev/articles/csp\u000ahttps://caniuse.com/#feat=contentsecuritypolicy\u000ahttps://content-security-policy.com/',28,28,'','',693,15,3,'','10038-1') +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=12 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Content-Length' AND USED=4 AND FLAGS='' AND VALS='287,1366,384' +INSERT INTO PARAM VALUES(12,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Content-Length',5,'','287,1366,384') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(97,339,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 98 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=96 +INSERT INTO BLOCKS VALUES(96,1,0) +INSERT INTO BLOCKS VALUES(97,2147483550,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=96 +INSERT INTO LOBS VALUES(96,1,0,97) +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(105,51,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(106,51,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=15 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Last-Modified' AND USED=2 AND FLAGS='' AND VALS='Thu%2C 01 Jan 1970 00:00:01 GMT' +INSERT INTO PARAM VALUES(15,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Last-Modified',3,'','Thu%2C 01 Jan 1970 00:00:01 GMT') +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(97,1,'2024-03-02 03:38:41.437000',1,97,NULL,339,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=97 +INSERT INTO LOB_IDS VALUES(97,339,1,40) +COMMIT +/*C10*/DELETE FROM PARAM WHERE PARAMID=13 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Connection' AND USED=4 AND FLAGS='' AND VALS='keep-alive' +INSERT INTO PARAM VALUES(13,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Connection',5,'','keep-alive') +COMMIT +DELETE FROM PARAM WHERE PARAMID=14 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='ETag' AND USED=4 AND FLAGS='' AND VALS='"1-180","1-11f","1-556"' +INSERT INTO PARAM VALUES(14,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','ETag',5,'','"1-180","1-11f","1-556"') +COMMIT +DELETE FROM PARAM WHERE PARAMID=16 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Cache-Control' AND USED=2 AND FLAGS='' AND VALS='no-store' +INSERT INTO PARAM VALUES(16,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Cache-Control',3,'','no-store') +COMMIT +DELETE FROM PARAM WHERE PARAMID=17 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Accept-Ranges' AND USED=2 AND FLAGS='' AND VALS='bytes' +INSERT INTO PARAM VALUES(17,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Accept-Ranges',3,'','bytes') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(98,625,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 99 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=97 +INSERT INTO BLOCKS VALUES(97,1,0) +INSERT INTO BLOCKS VALUES(98,2147483549,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=97 +INSERT INTO LOBS VALUES(97,1,0,98) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(98,1,'2024-03-02 03:38:41.439000',1,98,NULL,625,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=98 +INSERT INTO LOB_IDS VALUES(98,625,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(99,622,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 100 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=98 +INSERT INTO BLOCKS VALUES(98,1,0) +INSERT INTO BLOCKS VALUES(99,2147483548,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=98 +INSERT INTO LOBS VALUES(98,1,0,99) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(99,1,'2024-03-02 03:38:41.440000',1,99,NULL,622,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=99 +INSERT INTO LOB_IDS VALUES(99,622,1,40) +COMMIT +/*C5*/INSERT INTO ALERT VALUES(52,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/style.css','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',29,29,'','',319,15,3,'','10035-1') +COMMIT +INSERT INTO ALERT VALUES(53,0,10036,'Server Leaks Version Information via "Server" HTTP Response Header Field',1,3,'The web/application server is leaking version information via the "Server" HTTP response header. Access to such information may facilitate attackers identifying other vulnerabilities your web/application server is subject to.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html','','','Ensure that your web server, application server, load balancer, etc. is configured to suppress the "Server" header or provide generic details.','https://httpd.apache.org/docs/current/mod/core.html#servertokens\u000ahttps://learn.microsoft.com/en-us/previous-versions/msp-n-p/ff648552(v=pandp.10)\u000ahttps://www.troyhunt.com/shhh-dont-let-your-response-headers/',28,28,'','nginx/1.24.0',200,13,3,'','10036') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(107,53,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(108,53,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +INSERT INTO ALERT_TAG VALUES(109,53,'WSTG-v42-INFO-02','https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/01-Information_Gathering/02-Fingerprint_Web_Server') +COMMIT +INSERT INTO ALERT_TAG VALUES(110,52,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(111,52,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(100,588,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 101 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=99 +INSERT INTO BLOCKS VALUES(99,1,0) +INSERT INTO BLOCKS VALUES(100,2147483547,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=99 +INSERT INTO LOBS VALUES(99,1,0,100) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(101,1,'2024-03-02 03:38:41.449000',1,100,NULL,588,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=100 +INSERT INTO LOB_IDS VALUES(100,588,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(101,652,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 102 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=100 +INSERT INTO BLOCKS VALUES(100,1,0) +INSERT INTO BLOCKS VALUES(101,2147483546,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=100 +INSERT INTO LOBS VALUES(100,1,0,101) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(100,1,'2024-03-02 03:38:41.449000',1,101,NULL,652,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=101 +INSERT INTO LOB_IDS VALUES(101,652,1,40) +COMMIT +/*C5*/INSERT INTO ALERT VALUES(54,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',28,28,'','',319,15,3,'','10035-1') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(112,54,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(113,54,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C5*/INSERT INTO ALERT VALUES(55,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/style.css','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',29,29,'','',693,15,3,'','10021') +COMMIT +/*C6*/INSERT INTO ALERT_TAG VALUES(114,55,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') +COMMIT +INSERT INTO ALERT_TAG VALUES(115,55,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(102,618,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 103 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=101 +INSERT INTO BLOCKS VALUES(101,1,0) +INSERT INTO BLOCKS VALUES(102,2147483545,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=101 +INSERT INTO LOBS VALUES(101,1,0,102) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(103,1,'2024-03-02 03:38:41.472000',1,102,NULL,618,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=102 +INSERT INTO LOB_IDS VALUES(102,618,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(103,609,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 104 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=102 +INSERT INTO BLOCKS VALUES(102,1,0) +INSERT INTO BLOCKS VALUES(103,2147483544,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=102 +INSERT INTO LOBS VALUES(102,1,0,103) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(102,1,'2024-03-02 03:38:41.472000',1,103,NULL,609,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=103 +INSERT INTO LOB_IDS VALUES(103,609,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(104,201,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 105 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=103 +INSERT INTO BLOCKS VALUES(103,1,0) +INSERT INTO BLOCKS VALUES(104,2147483543,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=103 +INSERT INTO LOBS VALUES(103,1,0,104) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(104,1,'2024-03-02 03:38:41.813000',1,104,NULL,201,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=104 +INSERT INTO LOB_IDS VALUES(104,201,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(105,2013,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 106 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=104 +INSERT INTO BLOCKS VALUES(104,1,0) +INSERT INTO BLOCKS VALUES(105,2147483542,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=104 +INSERT INTO LOBS VALUES(104,1,0,105) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(105,1,'2024-03-02 03:38:41.817000',1,105,NULL,2013,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=105 +INSERT INTO LOB_IDS VALUES(105,2013,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(106,176,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 107 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=105 +INSERT INTO BLOCKS VALUES(105,1,0) +INSERT INTO BLOCKS VALUES(106,2147483541,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=105 +INSERT INTO LOBS VALUES(105,1,0,106) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(106,1,'2024-03-02 03:38:41.817000',1,106,NULL,176,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=106 +INSERT INTO LOB_IDS VALUES(106,176,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(107,2662,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 108 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=106 +INSERT INTO BLOCKS VALUES(106,1,0) +INSERT INTO BLOCKS VALUES(107,2147483540,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=106 +INSERT INTO LOBS VALUES(106,1,0,107) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(107,1,'2024-03-02 03:38:41.821000',1,107,NULL,2662,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=107 +INSERT INTO LOB_IDS VALUES(107,2662,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(108,64,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 109 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=107 +INSERT INTO BLOCKS VALUES(107,1,0) +INSERT INTO BLOCKS VALUES(108,2147483539,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=107 +INSERT INTO LOBS VALUES(107,1,0,108) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(108,1,'2024-03-02 03:38:49.061000',1,108,NULL,64,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=108 +INSERT INTO LOB_IDS VALUES(108,64,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(109,64,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 110 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=108 +INSERT INTO BLOCKS VALUES(108,1,0) +INSERT INTO BLOCKS VALUES(109,2147483538,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=108 +INSERT INTO LOBS VALUES(108,1,0,109) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(109,1,'2024-03-02 03:38:59.082000',1,109,NULL,64,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=109 +INSERT INTO LOB_IDS VALUES(109,64,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(110,64,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 111 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=109 +INSERT INTO BLOCKS VALUES(109,1,0) +INSERT INTO BLOCKS VALUES(110,2147483537,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=109 +INSERT INTO LOBS VALUES(109,1,0,110) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(110,1,'2024-03-02 03:39:09.067000',1,110,NULL,64,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=110 +INSERT INTO LOB_IDS VALUES(110,64,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(111,64,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 112 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=110 +INSERT INTO BLOCKS VALUES(110,1,0) +INSERT INTO BLOCKS VALUES(111,2147483536,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=110 +INSERT INTO LOBS VALUES(110,1,0,111) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(111,1,'2024-03-02 03:39:19.068000',1,111,NULL,64,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=111 +INSERT INTO LOB_IDS VALUES(111,64,1,40) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(112,4,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 113 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=111 +INSERT INTO BLOCKS VALUES(111,1,0) +INSERT INTO BLOCKS VALUES(112,2147483535,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=111 +INSERT INTO LOBS VALUES(111,1,0,112) +COMMIT +/*C13*/SET SCHEMA PUBLIC +INSERT INTO WEBSOCKET_MESSAGE VALUES(112,1,'2024-03-02 03:39:49.071000',8,112,NULL,2,TRUE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=112 +INSERT INTO LOB_IDS VALUES(112,4,1,40) +COMMIT +SET SCHEMA PUBLIC +DELETE FROM WEBSOCKET_CHANNEL WHERE CHANNEL_ID=1 +INSERT INTO WEBSOCKET_CHANNEL VALUES(1,'zap',443,'','2024-03-02 03:34:57.550000','2024-03-02 03:40:10.105000',NULL) +COMMIT +/*C1*/INSERT INTO LOB_IDS VALUES(113,197,0,40) +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 114 +COMMIT +DELETE FROM BLOCKS WHERE BLOCK_ADDR=112 +INSERT INTO BLOCKS VALUES(112,1,0) +INSERT INTO BLOCKS VALUES(113,2147483534,0) +DELETE FROM BLOCKS WHERE BLOCK_ADDR=112 +INSERT INTO LOBS VALUES(112,1,0,113) +COMMIT +/*C13*/INSERT INTO WEBSOCKET_MESSAGE VALUES(113,1,'2024-03-02 03:40:10.105000',1,113,NULL,197,FALSE) +SET SCHEMA SYSTEM_LOBS +DELETE FROM LOB_IDS WHERE LOB_ID=113 +INSERT INTO LOB_IDS VALUES(113,197,1,40) +COMMIT diff --git a/cscg24/web/intro_web_2/intro_web_2_session.session.properties b/cscg24/web/intro_web_2/intro_web_2_session.session.properties new file mode 100644 index 0000000..75e79aa --- /dev/null +++ b/cscg24/web/intro_web_2/intro_web_2_session.session.properties @@ -0,0 +1,5 @@ +#HSQL Database Engine 2.7.2 +#Sat Mar 02 03:32:43 CET 2024 +tx_timestamp=543 +modified=yes +version=2.7.2 diff --git a/cscg24/web/intro_web_2/intro_web_2_session.session.script b/cscg24/web/intro_web_2/intro_web_2_session.session.script new file mode 100644 index 0000000..a167063 --- /dev/null +++ b/cscg24/web/intro_web_2/intro_web_2_session.session.script @@ -0,0 +1,83 @@ +SET DATABASE UNIQUE NAME HSQLDB379AF3DEBD +SET DATABASE DEFAULT RESULT MEMORY ROWS 0 +SET DATABASE EVENT LOG LEVEL 0 +SET DATABASE TRANSACTION CONTROL LOCKS +SET DATABASE DEFAULT ISOLATION LEVEL READ COMMITTED +SET DATABASE TRANSACTION ROLLBACK ON CONFLICT TRUE +SET DATABASE TEXT TABLE DEFAULTS '' +SET DATABASE SQL NAMES FALSE +SET DATABASE SQL RESTRICT EXEC FALSE +SET DATABASE SQL REFERENCES FALSE +SET DATABASE SQL SIZE TRUE +SET DATABASE SQL TYPES FALSE +SET DATABASE SQL TDC DELETE TRUE +SET DATABASE SQL TDC UPDATE TRUE +SET DATABASE SQL SYS INDEX NAMES FALSE +SET DATABASE SQL CONCAT NULLS TRUE +SET DATABASE SQL UNIQUE NULLS TRUE +SET DATABASE SQL CONVERT TRUNCATE TRUE +SET DATABASE SQL AVG SCALE 0 +SET DATABASE SQL DOUBLE NAN TRUE +SET FILES WRITE DELAY 20 MILLIS +SET FILES BACKUP INCREMENT TRUE +SET FILES CACHE SIZE 32000 +SET FILES CACHE ROWS 50000 +SET FILES SCALE 64 +SET FILES LOB SCALE 32 +SET FILES DEFRAG 0 +SET FILES NIO TRUE +SET FILES NIO SIZE 256 +SET FILES LOG TRUE +SET FILES LOG SIZE 50 +SET FILES CHECK 543 +SET DATABASE COLLATION SQL_TEXT PAD SPACE +CREATE USER SA PASSWORD DIGEST 'd41d8cd98f00b204e9800998ecf8427e' +ALTER USER SA SET LOCAL TRUE +CREATE SCHEMA PUBLIC AUTHORIZATION DBA +CREATE CACHED TABLE PUBLIC.HISTORY(HISTORYID INTEGER GENERATED BY DEFAULT AS IDENTITY(START WITH 1) NOT NULL PRIMARY KEY,SESSIONID BIGINT NOT NULL,HISTTYPE INTEGER DEFAULT 1,STATUSCODE INTEGER DEFAULT 0,TIMESENTMILLIS BIGINT DEFAULT 0,TIMEELAPSEDMILLIS INTEGER DEFAULT 0,METHOD VARCHAR(1024) DEFAULT '',URI VARCHAR(1048576) DEFAULT '',REQHEADER VARCHAR(4194304) DEFAULT '',REQBODY VARBINARY(16777216) DEFAULT X'',RESHEADER VARCHAR(4194304) DEFAULT '',RESBODY VARBINARY(16777216) DEFAULT X'',TAG VARCHAR(32768) DEFAULT '',NOTE VARCHAR(1048576) DEFAULT '',RESPONSEFROMTARGETHOST BOOLEAN DEFAULT FALSE) +ALTER TABLE PUBLIC.HISTORY ALTER COLUMN HISTORYID RESTART WITH 1 +CREATE INDEX HISTORY_INDEX ON PUBLIC.HISTORY(URI,METHOD,REQBODY,SESSIONID,HISTTYPE,HISTORYID,STATUSCODE) +CREATE INDEX INDEX_HISTORY_HISTTYPE ON PUBLIC.HISTORY(HISTTYPE) +CREATE INDEX INDEX_HISTORY_SESSIONID ON PUBLIC.HISTORY(SESSIONID) +CREATE CACHED TABLE PUBLIC.SESSION(SESSIONID BIGINT NOT NULL PRIMARY KEY,SESSIONNAME VARCHAR(32768) DEFAULT '',LASTACCESS TIMESTAMP DEFAULT LOCALTIMESTAMP NOT NULL) +CREATE CACHED TABLE PUBLIC.ALERT(ALERTID INTEGER GENERATED BY DEFAULT AS IDENTITY(START WITH 0) NOT NULL PRIMARY KEY,SCANID INTEGER NOT NULL,PLUGINID INTEGER DEFAULT 0,ALERT VARCHAR(16777216) DEFAULT '',RISK INTEGER DEFAULT 0,RELIABILITY INTEGER DEFAULT 1,DESCRIPTION VARCHAR(16777216) DEFAULT '',URI VARCHAR(1048576) DEFAULT '',PARAM VARCHAR(32768) DEFAULT '',OTHERINFO VARCHAR(16777216) DEFAULT '',SOLUTION VARCHAR(16777216) DEFAULT '',REFERENCE VARCHAR(16777216) DEFAULT '',HISTORYID INTEGER,SOURCEHISTORYID INTEGER DEFAULT 0,ATTACK VARCHAR(32768) DEFAULT '',EVIDENCE VARCHAR(16777216) DEFAULT '',CWEID INTEGER DEFAULT -1,WASCID INTEGER DEFAULT -1,SOURCEID INTEGER DEFAULT 0,INPUT_VECTOR VARCHAR(256) DEFAULT '',ALERTREF VARCHAR(256) DEFAULT '') +ALTER TABLE PUBLIC.ALERT ALTER COLUMN ALERTID RESTART WITH 0 +CREATE INDEX ALERT_INDEX ON PUBLIC.ALERT(SOURCEHISTORYID) +CREATE INDEX INDEX_ALERT_SOURCEID ON PUBLIC.ALERT(SOURCEID) +CREATE CACHED TABLE PUBLIC.SCAN(SCANID INTEGER GENERATED BY DEFAULT AS IDENTITY(START WITH 0) NOT NULL PRIMARY KEY,SESSIONID BIGINT NOT NULL,SCANNAME VARCHAR(32768) DEFAULT '',SCANTIME TIMESTAMP DEFAULT LOCALTIMESTAMP NOT NULL) +ALTER TABLE PUBLIC.SCAN ALTER COLUMN SCANID RESTART WITH 0 +CREATE CACHED TABLE PUBLIC.CONTEXT_DATA(DATAID BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) NOT NULL,CONTEXTID INTEGER NOT NULL,TYPE INTEGER NOT NULL,DATA VARCHAR(1048576) DEFAULT '') +ALTER TABLE PUBLIC.CONTEXT_DATA ALTER COLUMN DATAID RESTART WITH 52 +CREATE INDEX INDEX_CONTEXT_DATA_CONTEXTID ON PUBLIC.CONTEXT_DATA(CONTEXTID) +CREATE INDEX INDEX_CONTEXT_DATA_TYPE ON PUBLIC.CONTEXT_DATA(TYPE) +CREATE CACHED TABLE PUBLIC.PARAM(PARAMID BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) NOT NULL,SITE VARCHAR(32768) NOT NULL,TYPE VARCHAR(32768) NOT NULL,NAME VARCHAR(32768) NOT NULL,USED INTEGER NOT NULL,FLAGS VARCHAR(32768) NOT NULL,VALS VARCHAR(8388608) NOT NULL) +ALTER TABLE PUBLIC.PARAM ALTER COLUMN PARAMID RESTART WITH 1 +CREATE CACHED TABLE PUBLIC.SESSION_URL(URLID BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) NOT NULL,TYPE INTEGER NOT NULL,URL VARCHAR(8192) DEFAULT '') +ALTER TABLE PUBLIC.SESSION_URL ALTER COLUMN URLID RESTART WITH 1 +CREATE INDEX INDEX_SESSION_URL_TYPE_AND_URL ON PUBLIC.SESSION_URL(TYPE,URL) +CREATE CACHED TABLE PUBLIC.TAG(TAGID BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) NOT NULL,HISTORYID BIGINT NOT NULL,TAG VARCHAR(1024) DEFAULT '') +ALTER TABLE PUBLIC.TAG ALTER COLUMN TAGID RESTART WITH 1 +CREATE INDEX INDEX_TAG_HISTORYID_TAG ON PUBLIC.TAG(HISTORYID,TAG) +CREATE CACHED TABLE PUBLIC.ALERT_TAG(TAG_ID BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) NOT NULL PRIMARY KEY,ALERT_ID BIGINT NOT NULL,KEY VARCHAR(1024) DEFAULT '' NOT NULL,VALUE VARCHAR(4000) DEFAULT '' NOT NULL) +ALTER TABLE PUBLIC.ALERT_TAG ALTER COLUMN TAG_ID RESTART WITH 1 +CREATE INDEX ALERT_ID_INDEX ON PUBLIC.ALERT_TAG(ALERT_ID) +CREATE CACHED TABLE PUBLIC.STRUCTURE(STRUCTUREID BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) NOT NULL,SESSIONID BIGINT NOT NULL,PARENTID BIGINT NOT NULL,HISTORYID INTEGER,NAME VARCHAR(8192) NOT NULL,NAMEHASH BIGINT NOT NULL,URL VARCHAR(8192) NOT NULL,METHOD VARCHAR(10) NOT NULL) +ALTER TABLE PUBLIC.STRUCTURE ALTER COLUMN STRUCTUREID RESTART WITH 1 +CREATE CACHED TABLE PUBLIC.WEBSOCKET_CHANNEL(CHANNEL_ID BIGINT PRIMARY KEY,HOST VARCHAR(255) NOT NULL,PORT INTEGER NOT NULL,URL VARCHAR(1048576) NOT NULL,START_TIMESTAMP TIMESTAMP NOT NULL,END_TIMESTAMP TIMESTAMP,HISTORY_ID INTEGER,FOREIGN KEY(HISTORY_ID) REFERENCES PUBLIC.HISTORY(HISTORYID) ON DELETE SET NULL ON UPDATE SET NULL) +CREATE CACHED TABLE PUBLIC.WEBSOCKET_MESSAGE(MESSAGE_ID BIGINT NOT NULL,CHANNEL_ID BIGINT NOT NULL,TIMESTAMP TIMESTAMP NOT NULL,OPCODE TINYINT NOT NULL,PAYLOAD_UTF8 CLOB(16M),PAYLOAD_BYTES BLOB(16M),PAYLOAD_LENGTH BIGINT NOT NULL,IS_OUTGOING BOOLEAN NOT NULL,PRIMARY KEY(MESSAGE_ID,CHANNEL_ID),FOREIGN KEY(CHANNEL_ID) REFERENCES PUBLIC.WEBSOCKET_CHANNEL(CHANNEL_ID),CONSTRAINT WEBSOCKET_MESSAGE_PAYLOAD CHECK((PUBLIC.WEBSOCKET_MESSAGE.PAYLOAD_UTF8 IS NOT NULL) OR (PUBLIC.WEBSOCKET_MESSAGE.PAYLOAD_BYTES IS NOT NULL))) +CREATE CACHED TABLE PUBLIC.WEBSOCKET_MESSAGE_FUZZ(FUZZ_ID BIGINT NOT NULL,MESSAGE_ID BIGINT NOT NULL,CHANNEL_ID BIGINT NOT NULL,STATE VARCHAR(50) NOT NULL,FUZZ VARCHAR(16777216) NOT NULL,PRIMARY KEY(FUZZ_ID,MESSAGE_ID,CHANNEL_ID),FOREIGN KEY(MESSAGE_ID,CHANNEL_ID) REFERENCES PUBLIC.WEBSOCKET_MESSAGE(MESSAGE_ID,CHANNEL_ID) ON DELETE CASCADE) +CREATE CACHED TABLE PUBLIC.SOAP_WSDL(WSDL_ID INTEGER NOT NULL,SOAP_ACTION VARCHAR(4000) NOT NULL,PRIMARY KEY(WSDL_ID,SOAP_ACTION)) +CREATE CACHED TABLE PUBLIC.OPENAPI_SPECS(ID INTEGER GENERATED BY DEFAULT AS IDENTITY(START WITH 0) NOT NULL PRIMARY KEY,DEFINITION CLOB(64M) NOT NULL,TARGET VARCHAR(2048),SESSION_ID BIGINT NOT NULL,CONTEXT_ID INTEGER NOT NULL) +ALTER TABLE PUBLIC.OPENAPI_SPECS ALTER COLUMN ID RESTART WITH 0 +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 1 +SET DATABASE DEFAULT INITIAL SCHEMA PUBLIC +SET TABLE PUBLIC.SESSION INDEX '103 0 1' +SET TABLE PUBLIC.CONTEXT_DATA INDEX '63 63 63 0 0 0 51' +GRANT USAGE ON DOMAIN INFORMATION_SCHEMA.CARDINAL_NUMBER TO PUBLIC +GRANT USAGE ON DOMAIN INFORMATION_SCHEMA.YES_OR_NO TO PUBLIC +GRANT USAGE ON DOMAIN INFORMATION_SCHEMA.CHARACTER_DATA TO PUBLIC +GRANT USAGE ON DOMAIN INFORMATION_SCHEMA.SQL_IDENTIFIER TO PUBLIC +GRANT USAGE ON DOMAIN INFORMATION_SCHEMA.TIME_STAMP TO PUBLIC +GRANT DBA TO SA +SET SCHEMA SYSTEM_LOBS +INSERT INTO BLOCKS VALUES(0,2147483647,0)