advanced-mikrotik-protection.html

<!DOCTYPE html>
<html lang="en">
  <head>
    <meta charset='utf-8'>
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <title>Advanced Mikrotik Router-OS Protection - BuanaNETPBun.Github.io</title>
    <meta content='Advanced Mikrotik Router-OS Protection - BuanaNETPBun.Github.io' name='description'>
    <meta content='script generator, mikrotik, router, winbox, termimal, rsc, script, hotspot, wireless, protection' name='keywords'>
    <meta content='index, follow, noodp' name='robots'>
    <link rel="shortcut icon" href="https://buananetpbun.github.io/favicon.ico" type="image/x-icon">
    <meta property="og:title" content="Advanced Mikrotik Router-OS Protection By BuanaNET-Pbun">
    <meta property="og:description" content="Advanced Mikrotik Router-OS Protection By BuanaNET-Pbun">
    <meta property="og:image" content="https://user-images.githubusercontent.com/42666125/155445008-b8970cfd-3fab-4325-8121-888ea17ee397.png">
    <meta property="og:image:alt" content="Advanced Mikrotik Router-OS Protection By BuanaNET-Pbun">
    <meta property="og:type" content="website">
    <meta property="og:url" content="https://buananetpbun.github.io/advanced-mikrotik-protection.html">
    	
    <script async defer src="https://buttons.github.io/buttons.js"></script>  
    <link rel="stylesheet" href="https://buananetpbun.github.io/mikrotik/highlightjs/styles/github.css">
    <script src="https://buananetpbun.github.io/mikrotik/highlightjs/highlight.pack.js"></script>
    <script>hljs.initHighlightingOnLoad();</script>
    <link rel="stylesheet" href="./login/login.css">
    <style>
      /* -----------------------------------------------------
      ########################################################
      # Advanced Mikrotik Router-OS Protection
      # Designer  : Agus Ramadhani / BuanaNET
      # Github    : https://buananetpbun.github.io
      # Site      : http://www.o-om.com
      # Sosmed    : https://fb.me/buananetmikrotik	
      ########################################################
      -------------------------------------------------------- */  
      *{-webkit-transition:all .3s ease-in;-moz-transition:all .3s ease-in;-ms-transition:all .3s ease-in;transition:all .3s ease-in}
      body,div,span,dl,dt,dd,ul,ol,li,h1,h2,h3,h4,h5,h6,pre,form,fieldset,textarea,p,blockquote,th,td,tr,table{margin:0;padding:0}
      body{font-size:14px;font-family:-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"Helvetica Neue",Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";margin:0}
      html,body{color:#292929;line-height:1.4;height:100%;width:100%;margin-top:0;padding:0;background:#292929 url(https://user-images.githubusercontent.com/42666125/147363663-30767ef4-09af-48d6-8ea1-ee7a1c09e90f.png) no-repeat;;font-size:14px}
      *{box-sizing:border-box}
      .logo{margin-top:10px;color:#ddd;text-decoration:none;font-size:25px;font-weight:700}
      .logo a{color:#fff!important;text-decoration:none!important}
      #wrap{max-width:900px;margin:0 auto;padding:0 5px 0 5px}
      .header{height:auto;width:100%;margin-top:0px;margin-bottom:10px;border-top:0px solid #555}
      .main-wrap{background-color:#f60}
      .content{width:100%;padding:20px;border-top:1px solid #bbb;background:#ddd;border-radius:0 0 5px 5px}
      .sidebar{width:100%;padding:20px;background-color:#f9f9f9;border-right:1px solid #bbb;border-radius:5px;overflow:auto}
      .footer{font-size:13px;padding-top:15px;padding-bottom:15px;text-align:left;clear:both;width:auto;color:#ddd}
      h2{color:#f60}
      h1{color:#777;font-size:2em;font-weight:700;margin-bottom:10px;margin-top:0;text-align:center}
      a:link{color:#f60}
      a:visited{color:#f60}
      a:hover{color:#f60}
      a:active{color:#f60}
      h2{color:#f60}
      button{color:#fff;background-color:#f60;border-color:#f60;border:none;padding:8px;width:137px;font-weight:700;font-size:14px!important;cursor:pointer;border-radius:5px;color:#fff}
      button:hover{background-color:#ccc;color:#111}
      .row:after{content:"";display:table;clear:both}
      input[type=text],select,textarea{padding:5px;border:1px solid #bbb;border-radius:1px;resize:vertical;margin-bottom:5px;font-size:14px!important;border-radius:5px}
      label{padding:5px 5px 5px 0;display:inline-block}
      input[type=submit]{background-color:#f60;color:#fff;padding:12px 20px;border:none;border-radius:1px;cursor:pointer;float:right}
      input[type=submit]:hover{background-color:#45a049}
      .col-25{float:left;width:25%;margin-top:6px}
      .col-75{float:left;width:75%;margin-top:6px}
      .row:after{content:"";display:table;clear:both}
      table,tr,td{border:none}
      table{border-collapse:collapse;width:100%}
      td,th{border:1px solid #bbb;text-align:left;padding:15px}
      tr:nth-child(even){background-color:#eee}
      .mikrotik-logo {display:none}
      @media screen and (max-width:768px) {
      .header h1{max-width:100%;justify-content:center}
      .header{border:none}
      .logo-left a{margin-top:10px!important;font-size:23px}
      .logo-left img{width:40px;margin-top:-3px!important}
      h1{font-size:21px;text-align:center}
      .mymenu{width:100%!important}
      .logo{width:100%}
      .logo-left{justify-content:center;display:flex;width:100%}
      .logo-right{justify-content:center;width:100%;display:flex}
      .footer{font-size:13px}
      }
      @media screen and (max-width:600px) {
      button{margin-bottom:5px;}
      h1{font-size:19px}
      .logo-left a{margin-top:10px!important;font-size:20px}
      .logo-left img{width:40px;margin-top:-3px!important}
      .sidebar{padding:5px}
      .mikrotik-logo{display:flex;justify-content:center;margin-top:15px}
      .show-homepage-menu{display:flex;justify-content:center;width:100%;clear:both}
      .mymenu{padding-left:0;padding-right:0}
      .mymenu ul{background:none!important;justify-content:center;display:flex}
      }
      @media screen and (max-width:500px) {
      .sidebar,.content{padding:2px}	
      .show-homepage-menu{display:flex;justify-content:center;width:100%}
      .avatar{display:none}
      .routeros{width:100%}
      table,tr,td,th {padding:0; margin:0; font-size:12px !important}
      }
      @media screen and (max-width:350px) {
      .hide-homepage{display:none}
      }
    </style>
  </head>
  <body>
    <script src="https://www.gstatic.com/firebasejs/7.14.1/firebase-app.js"></script>
    <script src="https://www.gstatic.com/firebasejs/7.14.1/firebase-auth.js"></script>  
    <div id="fb-root"></div>
    <script async defer crossorigin="anonymous" src="https://connect.facebook.net/en_US/sdk.js#xfbml=1&version=v12.0&appId=379827522913428&autoLogAppEvents=1" nonce="Esvux9Cl"></script>
    <div id="wrap">
      <div id="mymenu" class="mymenu">
        <div class="mikrotik-logo" >
          <img alt="mikrotik" src="./img/made-for-mikrotik.png">
        </div>
        <ul>
          <li><a target="_blank" href="https://buananetpbun.github.io">HOME</a></li>
          <li><a target="_blank" href="https://github.com/buananetpbun">GITHUB</a></li>
          <li><a href="javascript:callmodal()">DONATE</a></li>
          <li><a target="_blank" href="https://fb.me/buananet.pbun">CONTACT</a></li>
        </ul>
        <div class="show-homepage-menu">
          <div id="homepage" class="hide">
            <button style="width:90px !important; padding:6px; margin:4px; margin-left:10px; margin-bottom:10px; font-weight:bold; font-size:14px" id="signout">Logout</button>
            <button id="ShowProfile" style="width:100px !important; padding:6px; margin:4px; font-weight:bold;font-size:14px;" onclick="location.href = 'https://buananetpbun.github.io/login'">My Profile</button>
            <span class="hide-homepage">
            <span class="avatar">
            <img alt="avatar" id="myavatar" src="https://user-images.githubusercontent.com/42666125/199234814-c320e1fc-da95-489e-a955-43b82e3f4b46.png" >
            </span>		
            <span style="font-weight:normal;font-size:14px"><a href="https://buananetpbun.github.io/login"><img style="vertical-align:middle" width="20" src="./img/gear.png"><span style="color:#ff6600;font-weight:bold;" id="welcome-email"></span></a></span>
            <span style="font-weight:normal; font-size:14px"> [<span class="tooltip"><span class="tooltiptext2">E-mail verified status</span><span id="email_Verified" style="cursor:help"></span></span>]</span>
            </span>
          </div>
        </div>
      </div>
      <div class="logo">
        <div class="logo-right" style="float:right;">
          <div style="float:right; margin-right:5px;">
            <img src="https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fbuananetpbun.github.io%2F&count_bg=%23C83D3D&title_bg=%23555555&icon=&icon_color=%23E7E7E7&title=hits&edge_flat=false" alt="Hits">
          </div>
          <div style="float:right; margin-right:5px; margin-top:1px">
            <div  class="fb-like" data-href="https://www.facebook.com/buananetmikrotik" data-width="" data-layout="button_count" data-action="like" data-size="small" data-share="false"></div>
          </div>
        </div>
        <div class="logo-left" style="float:left;"> 
          <a href="https://buananetpbun.github.io/advanced-mikrotik-protection.html"><img alt="buananetpbun" style="float:left; margin-top:0px;margin-right:5px" width='35' src="./img/mylogo.png"><span style='color:#ff6600 !important'>Buananetpbun</span>.Github.io</a>  
        </div>
      </div>
      <div style="clear:both"></div>
      <div class="header">
      </div>
      <div id="sidebar_" class="sidebar">
        <h1>ADVANCED MIKROTIK ROUTER-OS PROTECTIONS</h1>
        <div style="margin-top:15px; margin-bottom:15px;">  
            <div style="font-size:13px;margin:10px; color:#292929; text-align:left"><span style="font-weight:700; font-size:14px; padding-left:6px; padding-right:6px; border-left:6px solid #555; border-right:6px solid #555; color:red;margin-right:5px ">DISCLAIMER</span>
             We are not responsible for any error, failure, damage or your router being locked due to intentional or accidental factors. Our Tool works independently, not under the auspices of the MikroTik Company, all problems that occur on your router are your own responsibility and you must be prepared to accept all the risks. If you "Agree", please continue.
          </div></div>
        <table>
          <tr>
            <th style="width:30%;background-color:#ccc; font-size:14px">Mikrotik Port Service</th>
            <th style="width:70%;background-color:#ccc; font-size:14px">Description</th>
          </tr>
          <tr>
            <td>
              <label style="font-weight:bold">API (8728)</label>
            </td>
            <td>
              Application Programmable Interface (API), a service that allows users to create custom software or applications that communicate with the router, for example to retrieve information on the router, or even configure the router. Using port 8728. This API port is often attacked using BRUTE FORCE, you can change the port or disable it when not in use.
              <br><br>
              <code class="routeros">
# API Port Enable<br>
              /ip service set api port=8728 address=0.0.0.0/0 disabled=no<br>
# API Port Disable<br>
              /ip service set api port=8728 address=0.0.0.0/0 disabled=yes
              </code>
            </td>
          </tr>
          <tr>
            <td>
              <label style="font-weight:bold">API-SSL (8729)</label>
            </td>
            <td>
              It has the same function as the API, only for the SSL API it is more secure because it is equipped with an ssl certificate. This SSL API runs on port 8729. you can change the port or disable it when not in use.
              <br><br>
              <code class="routeros">
# API-SSL Port Enable<br>
              /ip service set api-ssl port=8729 address=0.0.0.0/0 disabled=no<br>
# API-SSL Port Disable<br>
              /ip service set api-ssl port=8729 address=0.0.0.0/0 disabled=yes
              </code>
            </td>
          </tr>
          <tr>
            <td>
              <label style="font-weight:bold" >FTP (21)</label>
            </td>
            <td>
              Mikrotik provides a standard FTP service that uses ports 20 and 21. FTP is usually used to upload or download router data, such as backup files. FTP authorization using router account user & password. This FTP port is often attacked using BRUTE FORCE, you can change the port or disable it when not in use.
              <br><br>	
              <code class="routeros">
# FTP Port Enable<br>
              /ip service set ftp port=21 address=0.0.0.0/0 disabled=no<br>
# FTP Port Disable<br>
              /ip service set ftp port=21 address=0.0.0.0/0 disabled=yes
              </code>
            </td>
          </tr>
          <tr>
            <td>
              <label style="font-weight:bold">SSH (22)</label>
            </td>
            <td>
              Is one way to remote router in a console with secure. Almost the same as telnet, only it is more secure because the data transmitted by SSH is encrypted. MikroTik SSH by default uses port 22. This SSH port is often attacked using BRUTE FORCE, you can change the port or disable it when not in use.
              <br><br>	
              <code class="routeros">
# SSH Port Enable<br>
              /ip service set ssh port=22 address=0.0.0.0/0 disabled=no<br>
# SSH Port Disable<br>
              /ip service set ssh port=22 address=0.0.0.0/0 disabled=yes
              </code>
            </td>
          </tr>
          <tr>
            <td>
              <label style="font-weight:bold">TELNET (23)</label>
            </td>
            <td>
              It has almost the same function as ssh, but it has some limitations and a low level of security. Usually used for remote routers in the console. MikroTik telnet service uses port 23. This TELNET port is often attacked using BRUTE FORCE, you can change the port or disable it when not in use.
              <br><br>	
              <code class="routeros">
# TELNET Port Enable<br>
              /ip service set ftp port=23 address=0.0.0.0/0 disabled=no<br>
# TELNET Port Disable<br>
              /ip service set ftp port=23 address=0.0.0.0/0 disabled=yes
              </code>
            </td>
          </tr>
          <tr>
            <td>
              <label style="font-weight:bold">WINBOX (8291)</label>
            </td>
            <td>
              The service that allows the Winbox application to connect to the router. Of course we are already familiar with the Winbox application which is used to graphically remotely router. Winbox connection using port 8291. Some versions of routeros can be hacked using an exploit, You can change the Port for more Secure!	
              <br><br>
              <code class="routeros">
# WINBOX Port Enable<br>
              /ip service set winbox port=8291 address=0.0.0.0/0 disabled=no<br>
# WINBOX Port Disable<br>
              /ip service set winbox port=8291 address=0.0.0.0/0 disabled=yes
              </code>
            </td>
          </tr>
          <tr>
            <td>
              <label style="font-weight:bold">WWW WEBFIG (80)</label>
            </td>
            <td>
              In addition to the remote console and winbox, Mikrotik also provides a way to access the router via a web-base using a browser. The port used is the standard HTTP port, which is port 80, You can change the port or disable it when not in use.
              <br><br>	
              <code class="routeros">
# WWW (webfig) Port Enable<br>
              /ip service set www port=80 address=0.0.0.0/0 disabled=no<br>
# WWW (webfig) Port Disable<br>
              /ip service set www port=80 address=0.0.0.0/0 disabled=yes
              </code>
            </td>
          </tr>
          <tr>
            <td>
              <label style="font-weight:bold">WWW-SSL WEBFIG (443)</label>
            </td>
            <td>
              Just like the WWW service that allows router access using a web-base, however, www-ssl is more secure because it uses SSL certificates to establish a connection between the router and the remote client. By default use port 443, you can change the port or disable it when not in use.
              <br><br>
              <code class="routeros">
# WWW-SSL (webfig) Port Enable<br>
              /ip service set www-ssl port=443 address=0.0.0.0/0 disabled=no<br>
# WWW-SSL (webfig) Port Disable<br>
              /ip service set www-ssl port=443 address=0.0.0.0/0 disabled=yes
              </code>
            </td>
          </tr>
          <tr>
            <th style="background-color:#ccc; font-size:14px">Advanced Router Security</th>
            <th style="background-color:#ccc; font-size:14px">Description</th>
          </tr>
          <tr>
            <td>
              <label style="font-weight:bold">Protect Neighbors Discovery</label>
            </td>
            <td>
              Mikrotik has a protocol that can broadcast domains through layer 2 so that Mikrotik devices can find each other if they are on the same layer 2 network, the name is Mikrotik Neighbor Discovery Protocol (MNDP). Devices that support MNDP and CDP can find or know other router information such as Router identity information, MAC-Address, and IP-Address. The easiest example when we are going to do winbox in the Neighbors tab, we will see some router information that is connected to layer 2 with our Network Info.<br><br>
              <code class="routeros">
# Hide Discover Interface Broadcast <br>
              /ip neighbor discovery-settings set discover-interface-list=none <br>
# Show Discover Interface Broadcast<br>
              /ip neighbor discovery-settings set discover-interface-list=all 
              </code>			
            </td>
          </tr>
          <tr>
            <td>
              <label style="font-weight:bold">Protect Mac Server</label>
            </td>
            <td>
              By disabling the discovery interface, it doesn't mean that the router can't be remote using the MAC-Address. If you have previously saved or know the MAC-Address of the Router, you can still remotely use the MAC-Address. If you want the router to be unable to be remotely using MAC-address either through Winbox or via telnet, turn off the MAC-Server feature on the router.
              <br><br>           
              <code class="routeros">
# Protect login from Mac Address <br>
              /tool mac-server mac-winbox set allowed-interface-list=none <br>
              /tool mac-server ping set enabled=no <br>
# Unprotect login from Mac Address<br>
              /tool mac-server mac-winbox set allowed-interface-list=all <br>
              /tool mac-server ping set enabled=yes <br>
              </code>
            </td>
          </tr>
          <tr>
            <td>
              <label style="font-weight:bold">Bootloader Protector</label>
            </td>
            <td>
              In Mikrotik there is a feature that serves to protect access to the router system, especially with regard to the use of the reset button. The feature is "Protected RouterBOOT". When this feature is activated, some functions cannot be performed as by default, namely the reset button and pin-hole reset. And router access from the console will also be disabled.
              <br><br> 		   
              Note: in ROS New version, after paste script to enable, don't forget press button within 60 seconds to confirm protected routerboot enable
              <br><br> 	
              <code class="routeros">
# Enable Bootloader Protector<br>
              /system routerboard settings set protected-routerboot=enabled <br>
# Disable Bootloader Protector<br>
              /system routerboard settings set protected-routerboot=disabled <br>
              </code>
            </td>
          </tr>
          <tr>
            <td>
              <label style="font-weight:bold">Protect Btest Server</label>
            </td>
            <td>
              The Mikrotik router also has a Btest Server feature, which can be used to test connections that have been formed. But if this feature is suddenly used by outsiders, our router is forced to generate traffic or receive bandwidth test traffic, it could be that our bandwidth runs out or suddenly our CPU load becomes 100%. Of course as network admins don't want that, it's better to turn this feature off.<br><br>
              <code class="routeros">
# Btest Server Enable<br>
              /tool bandwidth-server set enabled=yes authenticate=yes<br>
# Btest Server Disable<br>
              /tool bandwidth-server set enabled=no authenticate=yes
              </code>			
            </td>
          </tr>
          <tr>
            <td>
              <label style="font-weight:bold">Protect RoMON</label>
            </td>
            <td>
              RoMON is the 'MikroTik Proprietary Protocol' or a protocol that is only supported by MikroTik devices. RoMON communication is based on the RoMON ID parameter taken from the router's MAC address. RoMON enabled devices will make a discovery of MAC Address Peer and also data forwarding protocol independently. if you don't want your mac address to be spread to all networks you can disable RoMON<br><br>
              <code class="routeros">
# Enable RoMON<br>
              /tool romon set enabled=yes secrets=12345<br>
# Disable RoMON<br>
              /tool romon set enabled=no secrets=12345
              </code>			
            </td>
          </tr>
          <tr>
            <th style="background-color:#ccc; font-size:14px">Optional Router Security</th>
            <th style="background-color:#ccc; font-size:14px">Description</th>
          </tr>
          <tr>
            <td>
              <label style="font-weight:bold">Protect Port Service from Internet</label>
            </td>
            <td>
              Securing the Default Service Port used by Mikrotik such as telnet, ssh, ftp, winbox, www and api. or if not in use can be turned off / disabled. if using a custom port, please add your own<br>
              <br>
              <code class="routeros">
# Protect Port Service from Internet<br>
              /interface list add name=WAN<br>
              /interface list member <br>
              add list=WAN interface="ether to ISP" <br>
              /ip firewall filter<br>
              add action=drop chain=input dst-port=21,22,23,8291,80,8728,8729 in-interface-list=WAN protocol=tcp comment="Protect Port Service from Internet"<br>
              add action=drop chain=input dst-port=21,22,23,8291,80,8728,8729 in-interface-list=WAN protocol=udp<br>
              </code>
            </td>
          </tr>
          <tr>
            <td>
              <label style="font-weight:bold">Anti Hack from EXPLOIT</label>
            </td>
            <td>
              The vulnerability allowed a special tool to connect to the Winbox port, and request the system user database file. <br>
              <br>
              Versions affected:<br>
              Affected all bugfix releases from 6.30.1 to 6.40.7, from 6.29 to 6.42 and from 6.29rc1 to 6.43rc3<br>
              <br>
              <code class="routeros">
# Anti Hack from EXPLOIT<br>
              /ip firewall filter add action=reject chain=input content=user.dat reject-with=icmp-network-unreachable comment="Anti Hack Exploit"<br>
              /ip firewall filter add action=drop chain=input content=user.dat
              </code>
            </td>
          </tr>
          <tr>
            <td>
              <label style="font-weight:bold">Memcrashed - Amplification Attacks UDP 11211</label>
            </td>
            <td>
              This DDoS is known as Memcrashed, where the attacker exploits the UDP port 11211 protocol used by the Memcached service from the webserver. Memchaced is a technology used for data storage and distribution systems in server memory. The more dynamic the application and the web, the more problems and slowing down the system itself when it comes to retrieving (load) data from the database directly because of the frequent reading and writing processes in storage.
              <br><br>
              <code class="routeros">
# Memcrashed - Amplification Attacks UDP 11211<br>
              /ip firewall filter<br>
              add chain=forward dst-port=11211 protocol=udp action=drop comment="Memcrashed - Amplification Attacks UDP 11211"
              </code>
            </td>
          </tr>
          <tr>
            <td>
              <label style="font-weight:bold">Block Access Modem</label>
            </td>
            <td>
              Modem or ISP router generally has a default configuration. Whether it's the IP address to the username and password. If there are people who understand this, of course it will be dangerous for your internet network especially for those of you who have managed public networks such as hotspots, because it could be that later you will be disturb by that person such as changing the configuration, changing the wifi name, wifi password. 
              <br><br>
              <code class="routeros">	
# Block ACCESS MODEM<br>   
              /ip firewall address-list<br>
              add address=192.168.1.1 list=IP-MODEM<br>
              add address=192.168.2.1 list=IP-MODEM<br>
              /ip firewall filter <br>
              add action=drop chain=forward dst-address-list=IP-MODEM dst-port=21-23,80,443 protocol=tcp comment="MODEM PROTECTED"<br>
              add action=drop chain=output dst-address-list=IP-MODEM dst-port=21-23,80,443 protocol=tcp
              </code>	
            </td>
          </tr>
          <tr>
            <td>
              <label style="font-weight:bold">Drop TRACEROUTE</label>
            </td>
            <td>
              To hide through several routers or via which ISP so that the client cannot read our network path, we can hide or drop it for the traceroute except for the purpose, here's the script to hide our Mikrotik network traffic
              <br><br>	
              <code class="routeros">	
# Drop TRACEROUTE <br>
              /ip firewall filter<br>
              add action=drop chain=forward icmp-options=11:0 protocol=icmp comment="Drop TRACEROUTE"<br>
              add action=drop chain=forward icmp-options=3:3 protocol=icmp
              </code>
            </td>
          </tr>
          <tr>
            <td>
              <label style="font-weight:bold"> Anti NETCUT</label>
            </td>
            <td>
              Anti Netcut, Netcut broadcasts ARP and attacks on Layer2, but at least with the script below we are able to answer who is naughty who wants to cut our network.<br><br>
              <span style="">
              <code class="routeros">
# ANTI NETCUT<br>
              /ip firewall address-list add list=netcut address=www.arcai.com comment="Anti Netcut"<br>
              /ip firewall mangle add action=add-src-to-address-list address-list=NetcutUser address-list-timeout=1h5m chain=prerouting dst-address-list=netcut dst-port=80 protocol=tcp comment="Anti Netcut"<br>
              /ip firewall filter add action=drop chain=forward src-address-list=NetcutUser comment="Anti Netcut"<br>
              /system scheduler add interval=10m name="AutoBlockNetcut" comment="Anti Netcut"
              </code>
              <br>
              Open System Scheduler and enter this script into "AutoBlockNetcut"
              <br><br>
              <code class="routeros">
              local a [/ip firewall address-list get [find list="NetcutUser"] address]<br>
              local b [/ip hotspot active get [find address=$a] mac-address]<br>
              if ($a != "") do={[
              /ip hotspot ip-binding add mac-address="$b" address="$a" type=blocked<br>
              /ip firewall address-list remove [find address="$a"]<br>
              /system scheduler add name ($a)  interval="01:00:00" on "/ip hotspot ip-binding remove [find mac-address=$b]<br>
              /system scheduler remove [find name=$a]"<br>
              ]}
              </code>			     
              </span>
            </td>
          </tr>
          <tr>
            <td>
              <label style="font-weight:bold">Block Open Recursive DNS</label>
            </td>
            <td>
              Have you ever felt that internet access suddenly feels slow? it could be that someone is naughty who uses our public router IP as a DNS server, 
              usually this is indicated by the high upload speed to the internet, to avoid this we simply use the script below.
              <br><br>
              <code class="routeros">	
# Block Open Recursive DNS<br>  
              /interface list add name=WAN<br>
              /interface list member <br>
              add list=WAN interface="ether to ISP" <br>
              /ip firewall filter<br>
              add chain=input dst-port=53 in-interface-list=WAN protocol=tcp action=drop comment="Block Open Recursive DNS"<br>
              add chain=input dst-port=53 in-interface-list=WAN protocol=udp action=drop
              </code>
            </td>
          </tr>
          <tr>
            <td>
              <label style="font-weight:bold">Block Open PROXY</label>
            </td>
            <td>
              Prevent the Open proxy from being misused by outsiders. if using a custom port, please add your own.
              <br><br>
              <code class="routeros">
# Block Open PROXY <br>  
              /interface list add name=WAN<br>
              /interface list member <br>
              add list=WAN interface="ether to ISP" <br>
              /ip firewall filter<br>
              add action=drop chain=input dst-port=3128,8080 in-interface-list=WAN protocol=tcp comment="Block Open PROXY"<br>
              add action=drop chain=input dst-port=3128,8080 in-interface-list=WAN protocol=udp
              </code>
            </td>
          </tr>
          <tr>
            <td>
              <label style="font-weight:bold">Anti DDoS Attacks</label>
            </td>
            <td>
              Anticipate DDoS attacks, namely by limiting the number of connections in firewall rules. 
              When there is a DDoS attack, the system detects the number of connection requests exceeding the specified limit.<br><br>
              <code class="routeros">
# Anti DDoS Attacks<br>
              /ip firewall filter<br>
              add chain=forward connection-state=new action=jump jump-target=block-ddos comment="Anti DDoS Attacks"<br>
              add chain=forward connection-state=new src-address-list=ddoser dst-address-list=ddosed action=drop<br>
              add chain=block-ddos dst-limit=50,50,src-and-dst-addresses/10s action=return<br>
              add chain=block-ddos action=add-dst-to-address-list address-list=ddosed address-list-timeout=10m<br>
              add chain=block-ddos action=add-src-to-address-list address-list=ddoser address-list-timeout=10m
              </code>	
            </td>
          </tr>
          <tr>
            <td>
              <label style="font-weight:bold">Anti PORT SCAN</label>
            </td>
            <td>
              To reduce all kinds of risks and losses resulting from irresponsible parties, we as Network Administrators or Network Support / Engineers are also required to always actively maintain and prevent security threats, especially from the network side.
              Various kinds of actions that can be taken to prevent from the networking side. One way is to do drop traffic from the Port Scanner application.
              <br><br>
              <code class="routeros">	
# Anti PORT SCAN<br>   
              /ip firewall filter<br>
              add chain=input protocol=tcp psd=21,3s,3,1 action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="Mark Source ip port scanner to Address list " disabled=no<br>
              add chain=input protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="NMAP FIN Stealth scan"<br>
              add chain=input protocol=tcp tcp-flags=fin,syn action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="SYN/FIN scan"<br>
              add chain=input protocol=tcp tcp-flags=syn,rst action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="SYN/RST scan"<br>
              add chain=input protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="FIN/PSH/URG scan"<br>
              add chain=input protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="ALL/ALL scan"<br>
              add chain=input protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="NMAP NULL scan"<br>
              add chain=input src-address-list="port scanners" action=drop comment="Drop port scanners" disabled=no
              </code>	
            </td>
          </tr>
          <tr>
            <td>
              <label style="font-weight:bold">Anti Hack from BruteForce FTP + SSH</label>
            </td>
            <td>
              BRUTE FORCE is an attack carried out to break into passwords by trying each password at random from a combination of letters, numbers and symbols, until finally finding the right password. Usually BRUTE FORCEs are carried out by robots or programs, because to get a combination of letters, numbers and symbols, certain programs/algorithms can quickly create them.
              <br><br>
              <code class="routeros">
# Anti Hack from BruteForce FTP + SSH<br>	 
              /ip firewall filter<br>
              add action=drop chain=input comment="drop ftp BRUTE FORCErs" dst-port=21 protocol=tcp src-address-list=ftp_blacklist<br>
              add action=accept chain=output content="530 Login incorrect" dst-limit=1/1m,9,dst-address/1m protocol=tcp<br>
              add action=add-dst-to-address-list address-list=ftp_blacklist address-list-timeout=3h chain=output content="530 Login incorrect" protocol=tcp<br>
              add action=drop chain=input comment="drop ssh BRUTE FORCErs" dst-port=22-23 protocol=tcp src-address-list=ssh_blacklist<br>
              add action=add-src-to-address-list address-list=ssh_blacklist address-list-timeout=1w3d chain=input connection-state=new dst-port=22-23 protocol=tcp src-address-list=ssh_stage3<br>
              add action=add-src-to-address-list address-list=ssh_stage3 address-list-timeout=1m chain=input connection-state=new dst-port=22-23 protocol=tcp src-address-list=ssh_stage2<br>
              add action=add-src-to-address-list address-list=ssh_stage2 address-list-timeout=1m chain=input connection-state=new dst-port=22-23 protocol=tcp src-address-list=ssh_stage1<br>
              add action=add-src-to-address-list address-list=ssh_stage1 address-list-timeout=1m chain=input connection-state=new dst-port=22-23 protocol=tcp<br>
              add action=drop chain=forward comment="drop ssh brute downstream" dst-port=22-23 protocol=tcp src-address-list=ssh_blacklist
              </code>
            </td>
          </tr>
          <tr>
            <td>
              <label style="font-weight:bold">Port Knocking Use Icmp + Packet Size</label>
            </td>
            <td>
              In computer networking, port knocking is a method of externally opening ports on a firewall by generating a connection attempt on a set of prespecified closed ports. Once a correct sequence of connection attempts is received, the firewall rules are dynamically modified to allow the host which sent the connection attempts to connect over specific port(s).to prevent an attacker from scanning a system for potentially exploitable services by doing a port scan, because unless the attacker sends the correct knock sequence, the protected ports will appear closed
              <br><br>
              Unique Packet Size For Key Knocking: 72 and 172<br><br>
              Example Manually Open Key Ping in CMD Windows:<br>
              First Key Knock = ping -l 72 (IP Adrress)<br>
              Second Key Knock = ping -l 172 (IP Adrress)<br><br>
              Example Manually Open Key Ping in Terminal Linux or MacOS:<br>
              First Key Knock = ping -s 72 (IP Adrress)<br>
              Second Key Knock = ping -s 172 (IP Adrress)
              <br><br>
              <code class="routeros">
# Port Knocking Use Icmp + Packet Size<br>
              /ip firewall filter<br>
              add action=add-src-to-address-list address-list="port-knocking-first" address-list-timeout="00:00:00" chain=input packet-size="100" protocol=icmp comment="Port Knocking Use Icmp + Packet Size"<br>
              add action=add-src-to-address-list address-list="port-knocking-second" address-list-timeout="00:00:00" chain=input packet-size="200" protocol=icmp src-address-list="port-knocking-first"<br>
              add action=accept chain=input dst-port="21,22,23" protocol=tcp src-address-list="port-knocking-second"<br>
              add action=drop chain=input dst-port="21,22,23" protocol=tcp src-address-list="!port-knocking-second"
              </code>
            </td>
          </tr>
        </table>
      </div>
      <div class="footer">
        © Copyright 2020-<span id="year">2022</span> <a target="_blank" href="https://buananetpbun.github.io/">buananetpbun.github.io</a> is proudly powered by <a target="_blank" href="https://pages.github.com/">GitHub Pages</a>
        <div style="margin-top:1px; color:#888; font-size:11px">
          Project by <a target="_blank" href="https://github.com/buananetpbun">Agus Ramadhani</a> site <a target="_blank" href="https://www.o-om.com/">o-om.com</a> P.Bun 74112, INDONESIA
        </div>			
      </div>
    </div>
    <div oncontextmenu="return false;" id="myLockScreen" class="lock-screen">
      <div id="center-screen1" class="center-screen"><div style="font-size:20px; background-color:#333; padding:20px; border-radius:10px">Please Activate Your Email.<br><button id="verify">VERIFY YOUR E-MAIL NOW</button><div style="font-size:11px; color:#888; text-align:center; font-weight:normal; margin-top:10px" id="countdown2"></div></div></div>
      <div id="center-screen2" class="center-screen"><div style="font-size:20px;background-color:#333; padding:20px; border-radius:10px">GET PREMIUM ACCESS<br>PLEASE SUBSCRIBE<br><button id="not-subscribe">GO TO BUANANET.COM</button><div style="font-size:11px; color:#888; text-align:center; font-weight:normal; margin-top:10px" id="countdown3">redirected to the new domain https://buananet.com</div></div>
	  </div>	  
    </div>
    <div oncontextmenu="return false;" id="myLogin" class="modal-login">
      <div class="modal-content">
        <div class="forms-out">
          <div class="forms-in">
            <div class="myButtonGoogle">
              <img alt="google" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAYAAABXAvmHAAAACXBIWXMAAAsTAAALEwEAmpwYAAADiElEQVRoge2Xb0gTcRjHp5tlYJRlkRK9iF5I9ke7O5WhnbstU+yPu2OVhQTSu5IIiiCqm5EFvYgiCbJId3OQKxAiNyWwF/2BikFpRBhoyW41ndsEZyXl9Zz5Z+q8uXm79eK+8GUwdj8+3+f3/J77TaGQJUuWLFmyZE2rT4dsZQnsmFOL3QAzLIE2s1qszkmgNEvklg+o1cvjzThHvfj2lQB7HmC7AZYL41EI+JQlkF3x5lZwCkUCQJ8EDy4AfI6dBPbimwbLigu8qyR7zXglowCfFWKY1WGHJYX/qsvJgJ7+uFj4ILdyBoNSEnj+EDq16Aex4KEQ9u6STUslgefFalFrmJYIwOd9VoNUuDR5CFuMZLI6pMCpQU/D969nwbf14niyZPAwafYIVpRATSyOpIVbA3bwO7hdUniOViS6D2W1hKy6FhuDsXhioWt92Y2k9+XnL4sl7xwF7Mp9I3YV5zmz4dX4LJ8ZwigpTDQCeCsfgPfQ7dT30ALuieo7JJsg0YqzKpQjNpV/MgDvwKNkt6ss28FfD+LNF1Y/25ZkBsNP+UmSh6NxldCzGqO3mjB670RqHT2QIVqAgE25N2QAm8oe7lnC6GsFcxG7xlsoWoARe2Jl6ADKu7EKUFTjo2IeACbTvVgF0NC+KtECxKOFtEb/QdECzHuIbSqPwSo8QqNvIS8uWgB+jAbsqqFg+GFbkvtUs/oNYqL2Cz2L0+6Ugqv+1FAupv2rCNrbHypA4eX+dNEC8Ap+kfW3Jr8rtZS6UDPFoQzlCLcL80lDe3eG7n9vj6jwvCbPwdvHaS/zm8pHx+GnTF6MdD2DlVNqjL7nIQMYfbdED8Bf5q48zG6ZCT5hhhoDH49gtQQect4zQPtzRQ/ACzHry0IGmDBiphowU/lqoTVyzfr16pumeeGhfTpiAj8VgqEeCIWAdhpGGLIeNVEkyui3oBZyIwTfgZrIStglC2Imf/C/y6s/21FUM/BrFvxv7SVfTkwDbLYaUqDSXcIhFmas8UgXXvvZOd373gsxhZ8U1mBYhzJkpxghYEcHC661d8Kbt4mmuURJAvBCLBVpANC2+BDkH4Q5UIvTnOCtNjbiFAnQ39XQUp6oqm8mezBGXyI9+CwhVsMKADoHh/dTWPB/I9cBoY/iz4T/S8RFWCOVBaBV0BrXwSYI1QyVroMzQwN0xTZGvzbejLJkyZIlS9Z/o7/Q0bCX5++bJAAAAABJRU5ErkJggg==">
              <span id="google-sign-in">Sign-In with Google</span>
            </div>
            <div id="registration-page" class="hide">
              <h2>SIGN UP</h2>
              <div style="clear:both"></div>
              <label>E-Mail <span style="color:#ff6600">*</span></label>
              <input type="email" id="registration-email" placeholder="E-Mail">
              <label>Confirm E-mail <span style="color:#ff6600">*</span></label> 
              <input type="email" id="registration-reemail" autocomplete="off" placeholder="Confirm E-Mail">
              <label>Password <span style="color:#ff6600">*</span><span style="font-weight:normal; font-size:13px"></span></label>
              <input type="password" id="registration-password" placeholder="Password">
              <span style="float:left; margin-top:8px" id="captcha-signup"></span><input autocomplete="off" style="margin-top:10px;width:140px;float:right" type="text" placeholder="Captcha" id="cpatchaTextBoxSignUp">
              <button style="width:100% !important;" id="register">Sign Up</button><br>
              <span style="font-weight:normal !important; float:right"><span id="show-login">Already a member? Sign-In</span></span>
              <br>
            </div>
            <div id="login-page">
              <h2>SIGN IN</h2>
              <br><br><br>
              <label>E-Mail</label>
              <input type="email" id="login-email" placeholder="E-Mail">
              <label>Password</label>
              <input type="password" id="login-password" placeholder="Password">
              <span style="float:left; margin-top:8px" id="captcha-signin"></span><input autocomplete="off" style="margin-top:10px;width:140px;float:right" type="text" placeholder="Captcha" id="cpatchaTextBoxSignIn">
              <button style="width:100% !important;" id="login">Login</button>
              <span style="font-weight:normal"> <span id="forgot-password">Forgot Password?</span></span>
              <span style="font-weight:normal !important; float:right"><span id="show-register">Not a member? Sign-Up</span></span>	
            </div>
          </div>
          <div style="clear:both"></div>
          <div style="font-size:11px; color:#888; text-align:center; font-weight:normal; margin-top:10px" id="countdown"></div>
        </div>
      </div>
    </div>
    <div oncontextmenu="return false;" id="myModal" class="modal">
      <div style="width: 605px;" class="modal-content">
        <span class="close">&times;</span>
        <div style="text-align:justify; float:right;margin-right:10px">
          <span style="font-size:14px;">Bank Transfer via [ QRIS ]</span><br><span style="font-size:13px;color:#ff6600;">BUANANET-PBUN - AGUS R.</span>
          <div style="margin-right:0px; padding-top:3px">
            <img alt="qris" style="border:7px solid #ffffff; border-radius:10px" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAKYAAACmCAYAAABQiPR3AAAgAElEQVR4nO1deXgUxbY/syaZhGQCEZJAIEgSEiQoYdFAkMX7QARXULYHCCoiGmW9XLiyucIF8QGCoiJeBFmCiKAsEl5AWQSVVZIAhhASEsi+Z5bM1Ptjbp9b1dPV0zNJWO6b3/fVB9O1dFV1p6vqLL+jIoQQuENBCAG73Y6JEAI2mw0IIWCxWMDX1xf0ej2oVCoAAPz3/zvsdjuoVCpQqVSgVqs9bkeYZ4vFIpknN+96vR50Oh3mE0Kgrq4O++br64v1hOdsNpsBAMDHxwdUd/KL6cX/X2iF/1itVrDb7U12I/rLRsNisQDvb0On07n8i7fZbFBfX4+/tVotaDQap3L19fVgs9kk21CpVKDX62XvI4Z4voS+2u12sFqt3HrCPLgqx4NGowGtVotfMxo+Pj4AAJJ5PPDmmDc+d9r2BPiekH9hwoQJBACaJGk0GnLjxg0ihY4dO3LrHT16VLIOjU8++YSps379eslyCxYs4N7n4YcfdnkfMYYMGcK0kZ6eTgghJD09XXYurl+/Tggh5NixYx7N5aJFiwghhNjtdmI0GvG6Xq/HvuXn5ytub+fOnZLjGzt2LFPu2LFjhBBCCgoKiEajabJ3xWQyEUII8XwD4oUXTQit6yK3F6QBW+CG1PWkLUKIy3JCGU/71tD6vDaVXLuV4L6YzZs3B63W8/e2rKxM0R6qRYsW0LJlSwAAqKysBJPJhHnPPfcc+Pr6ytavrKyEkJAQ3CfR5WNiYnCCy8rKmHpGoxH3lcHBwS77WVhYCL1798bfxcXF2O/a2lp49NFHQafTgdVqhYCAADAYDJJ9TUpKAo1Gw4wTAMDPzw+aNWvmVMdisUB5eTn+XrlyJXz11VfYnhJoNBpo0aIFAABUV1dDbW0t5k2ePBlmzJghOV4l0Ol0iuaPh/r6eigtLXXOEPYU4j3m+fPn3d530UhMTFS0x6QxcuRIj/YlvLbl6uzZs8et8eTl5TH1u3fvjnmrVq1i8lavXi3ZxuTJk7n9mTRpkmSdH374QdEcyO0xu3TpgnlvvvmmR3PM22P26tXLrXkU49y5c949phd3D1yu1WazGTZt2qSosQceeAASEhJkyxQWFsL333+Pv6OiouDhhx8GAIe4w9/f3+V9amtrmT3Q5s2bITAwEAAAkpKSICYmxmUbP/74IxQUFAAAQKtWrWDIkCFOZfLz82Hfvn0AAMxyKoZOp8N+2+12OHbsmOQWJCMjw2W/AAB++OEHuHnzJgAAnDt3DgwGA4raampqXNZXqVTMPJaWlsIXX3wBAABnz56VnGNCCLPEe4Lff/8dzp49q6jsmDFjULwlCeGTylvKS0tLFX/u582bh59o3lJ+9OhRps748ePd/vx37tyZ2wdaXKS03zxxUWpqKrcOvZTTcCUu4iV6Ke/duzeTV1BQgHl6vd7lUk7DZDIRf39/LNeyZUvJcuXl5dy2QeFS/ve//13xeMvKyggh3qXci7sMd5S4KD8/H6qqqvB327Ztwc/Pz602CgoK4OLFi27Vqa2txTparRY6dOjgso7JZGLuExkZKb80uUB5eTm2V1dXx+RlZWVBRUUFAABXjEMIYfrTqlUrMBqNTuVsNhtTrnXr1hAQEOBxv5sKt/zF7NChA3z22Wf4Ozo6Gv8/Y8YM2LJlC/4+evQo9OrVy2WbH3zwAe4xJ0+eDHPnzgUAAIPBACtWrAAAgF27dsHu3buxzuuvvw7x8fFgMpkgOTkZYmNjAQAgIiICrl27BgAAcXFx2Nfy8nKYNWsW1v/jjz+wDgBAeno6xMXFQWhoKDO+d955B3JycvD30qVLJV+Yv/71r7Bt2zb8/dFHH4GPjw+cP38ekpKS8PoTTzwBjz/+OAAAvPHGG7gvtFqtTH/Wrl0LkyZNcrpPSUkJU27nzp3w5JNPOpULDQ2Ft99+G3/fe++9TmWaFML+4FbtMeUgFhfxVJLiPSbdtk6nw+tGoxGvi1WSgriosrKSuR4RESF5T7G4SJwElaQY3bp1Y8oJKkkx2rRpw5SrqqoihDiLi3gqSXFau3YtIcR5jylOgkpSvMfs2LGjZD9v1R7zti/lZrMZlyeekYWSNsQCa1ewWCxgMpnQ1KqhENoTw1PDGJPJBFqt1slgor6+3u2x3o247S9mUlISXL58GQAcD6Nv375oHRQUFKSojfj4eBSnKLXYGTNmDFrpNAb69OkjaaVTXV2tqH7v3r2hqKgIABxilw4dOoBKpYL6+npISkpCLdWyZctg5cqVAODQ/AwYMECyvdatW7vVf61WC/3798f5a9u2rVv1Gxu3/cWsqqrCjb1er4fvvvtO8QspQKlqjoYSeaA7oA9tnoDeWyclJcHRo0fxd0pKCoSGhgKAQ9YrzJdGo4GDBw826L4C/P39UWZ7J8ArLvLijoTLL6ZarYaIiAhFjbn7pWtq1NXVwdSpUwEA4JdfflFUp6ysDOsAAEydOhUiIyOdyun1emjVqpXL9m7cuMFsLxYsWCCpeUlMTIQRI0YAgEPUI8y5yWSCefPmYR1/f3+8b35+PvZVq9XCsmXLAACgoqICFixYAACArihCexUVFcwKs27dOkhLSwMAgG7dusHYsWNdjomHoKAgxe+KS5cP4UR1u4w4aENhvV5PysvLXbYtp/lp7CRoPOSMOOQgPpXzklIjDk8MhZUacYwePdrleLxGHF78vwZ3KU9LS4MrV6543LCkjd2/rh85cgR/06dWu90Oe/fuRVvGpKQkaN68OQAA7N+/H0U7nhx2mhLZ2dlw/vx5/B0fHw/t27f3uL0jR47g/P32229M3sWLF2HXrl0AwEog7HY7XhfbnlZUVGDepUuXFPXh1KlTkJeXh7/pZ0GjtLQU2/YEtPKBgfBJvVU+P2IjjoEDB5KDBw+SgwcPkv79+zN5tID9nnvuweu+vr5k37595ODBg2TatGlMnVmzZmF79HWdTofXt23bxuTFx8dj3mOPPeb2Ui5njyleyrdt20YOHjzoVEfOiCMlJQX7p9Vq8bparcbrM2fOZOpMmzaNHDx4kOzdu5f4+vridaPRiHVWrFjBXcpvt8/PbRcXhYWFoSyOVuXJQaPRQL9+/cDHxwdloAI6deokKdtTq9V4PT8/n8kLDg7GPFps0xTo3bs3hIeHu2UDkJSUhOIi+tCgUqmw31evXmXqxMbGwoABA8BsNjNeo3q9Hus0RLff1LjtL6YcysvL0cSf1qAQQqCoqAj0er1iAfadDpPJhGMVKwlKSkrwhSQihYBQRyxHra6uhsLCQif3aLvdjnXkbExvN/DFfPTRRyEkJKRJbqJWqyV9YMQYOnQoihsuX74MQ4cOxbzExET0ufniiy9QMyF+ULcDXbt2ZQw8HnjgAbfb2LBhA/ryiMcUHx+P/6fzbDYb8yUV+lBdXQ0zZ86EmTNnOtUpLi7GOnJ47LHHmHLh4eEA4BBXzZw5s8k4CPDr3qCzvgdQaij87bffMuXmz5+PeZ4YCvv4+OD169evM3m0ofBLL73k9h5TDjwjDk/9ynnJU79yOikRF90qeMVFXtyRwKV8+fLlcODAAZcVwsPDYd26dQAAcPLkSdQwKIV4X5OamgqDBw92Kif4vAj4+uuv4eTJkwDgvNF3F3q9Hnr27Im/4+Li3G7j0qVLkv0WQ3w4ExAQEMD0gUZ6ejqzd+7atSsSVP3666/M0iy0UVJSgv0xm80QGRkJLVu2BEII/P7777j0arVa9Muqrq6G9PR0l2M4cOAALF++XDKvU6dO8MEHH7hsY8KECXDjxg38nZKSIm+gLHw6lYqLOnTogJ/b77//vsnEBp4mJUu5HJQu5Z4mnj0mDaU+PxqNBq+vW7eOqcOzx6R9fo4cOaJoKf/yyy+541Gq+Wnfvj1TT7DH5MG7lHtxR+KOFhc1Jurr6+Hdd9/F3yNGjICoqKhb3o+VK1ci48Z///d/Q7t27QAAYNWqVajRys3NZeqsWLEClz2a2a6xceHCBWaOBJw+fdrttsrKyuDjjz/GbYe7oinui7l7926Ijo6GyspK7l5IjClTpsDrr7/udH3t2rXw4YcfStZ56qmnYPHixS7b7tWrF6rp/Pz84OTJk7jvokGLODIzM/H/H330Ebz55pv4OyEhwa0Xs1WrVkx7kydPhkOHDuHvPXv2SPrFDBs2DC5cuIC/lyxZgv/v3bs3vpj/+Mc/GBXgqVOnwGAwwOHDh+Hll1/G68nJyfDqq68CgDKiWp1OB6dPn2b2mAISEhJwTNXV1ZCYmMjMEQ8zZ86EF198EQCAqygoKyuDN998E1/M/v37w8cff4z5UnQ4NLgvZmRkJHTs2NFJ7yqHFi1aQMeOHZ2uy8lHg4KCJOuIQWsv1Go1REdHu9Rc0O0K3D2eQqvVMu2JTdeE+RLDFfcSD9HR0RAQEABZWVnM9ZCQEEXzJUCYKyn4+flhWxUVFYoZmd3tA4DjsOdOHe6LmZWVBWq12i2DieLiYslTnuAyIIXy8nLuyTAyMlJSMG+32yEzMxO/mDExMZIEYHS7xcXFLvsvhatXr6KdafPmzbnC6StXruDXITQ0VNLgQYycnBzso1jbk5mZCQaDAT02GwuFhYWSc1FdXd1gZQXdNv31F9rnPefo6Gin1Q+f5uTJk+HRRx8FAIfFyFNPPYWFEhMT0SCVPuJ37doVtm7dCgAOg9g33niD+Vzz8OqrryItzNSpU+G+++6TLEe773722WdoXTRz5kxGu3Ljxg1Jo11eu+5g9OjR+P8pU6bA6tWrAQBg9uzZMG7cOABwWD7RWqrVq1fDlClTAADg/fffl1x1Ll26BM8//zz3vj169MD/f/rpp/jH0dAxrVq1Ct555x2367399ttIvdOlSxfJMitXrmT2qHPmzMHnlJyczO17fn4+hIWFsReljuq5ubnM0X7EiBEuxQGXLl1SLDLZsGED1vOEUVjOfZeGXB94bG9icRGdpkyZIllHKdsbDXc0P7S4iAeeuEiMhrK9yUHsvkvPsVhcRKf8/HyntrziIi/uSOBSPnfuXNixYwcAKBdJ0CdGq9UKnTp1gs6dO7usJ5xEAQAGDx4M999/v2Q5+sDSu3dvKCkpAQCHYS4NgQxVDJ1OB08//TQAOEQh9Ol40qRJkr43lZWV8Nxzz0n2h8dkFxUVhXUqKyvhrbfeQhdbHurq6qBfv35I/rp7926GGuaZZ54BrVYLBQUF0KdPHxyfcConhMBDDz2EHpNVVVXYB5PJBPPnz5fU1lRXV0uOz2q1wnfffcc1zhg1ahQe5OhT+bhx41AjV1xcDI899hhu9+j9+JAhQ9Cq6dixY057UCcIn045zQ9vKRdrfmgmjsYGbSisNMkxcfASj4lDKdxhe0tLS8N6DWXiUGrE4SnbG50WL16M9fr27cvkXb582eUcPfvss96l3Iu7E4o0P0eOHMElkYbY0GLbtm2M74sS9O/fX1Iof+LECUbwLixZ7qCmpgb7TQvH5VBUVMSMdfHixdCxY0coLS2FF154gVtv1apV0KZNG7f76C42b96MmhiatMFqtWK/5ShkysvLmfHNmTNHsQJFwIYNG9Ad+o8//mDypkyZglukN998E7p16wYADqmP8L4IS78shE9ndXU1KSkpISUlJeSPP/7w6OTmSVJqjymXMjMzse80qZZc2rp1K9ah07hx4yRPo0pJterr6yXblUoWi8XlUm42m5k69Pg0Gg1eX7lyJVP/ww8/JCUlJaSgoIAYDAZuv3mkWuK0f/9+UlJSQjIyMhifn549e2IfZsyYwdSRO5VnZ2djPZvN5vT88Yvp7++Pb3pDKY9vNYxGoyKBNo1mzZpJ1mmoH4xGo3G7L3LQ6/VMe2LtjJAnPsgZDAZo3rw5mM3mRomxKcyXmORLq9ViH9zRchmNRkk6RmzXs242HvLz8yE1NdXp+rlz527J/evr6xmd9/Xr15n83377DWpqalAi4Ao1NTVw/Phxbn6fPn3Ax8cHysvLGddc3vJbXFwMZ86cwd9i3ydh7sRalYyMDEhNTQWr1eoxi54SlJeXYx/E0pIzZ86gRkdMRnvo0CE8vQtzwkBqGRUL2D1JPXv2JBkZGSQjI4NMnTqVyVuyZAnmyQleN2/ejOWaN2/OLcfjxwwMDMT6r776quQyI+bHDA0NxTrr169n8kaNGoV5/fr1k1zKGytkH+9UnpycjH0IDAzE6zqdDq///PPPTJ2YmBjMEyfhPuKlvH379ky52tpaQgghVquVZGZm4vUePXo4LfkZGRnkwIEDRKVS4fX+/ftjnUGDBjF1pE7lTfbFNBgMyFx7zz33MHlhYWGYJxdctG3btlhOSk7pCmq1GusrdbTT6XRYR/z1DA4Oxjwl0TWaAiEhIRAbGwuEECdXXqFvQjQOAb6+vgyLsBLo9XrJOmJjFrEtw7333gtRUVFOzzUgIADbE9if5eAVF3lxRwK/mFOmTMF4PmLpf6dOneCZZ54BAICtW7cyfiyvvfYaGI1GKC0thTVr1uD1n3/+GQ0PxKy9kyZNgtdeew0AHH9hgg3gjh07uBYo06dPR/HI2rVrGYulqKgo/HrQVjrl5eXYh/r6erxPdXU1DB8+HIlb27ZtiwYZe/bsYepMmDABSVAffPBByb7RCAkJYWwaP//8c8bXxV1ERUUx7fXp0wf/P2vWLNy70StKQEAA1rHZbPDhhx9ymfg2b94Mjz32mMf9GzduHPbp0KFD0LVrVwyPPXLkSAy08Mknn2AfamtrYebMmeDr6wtFRUUQExODz6+wsNCx3xTWdKWan6FDh+J1lUpFrly5Qghxz4iDTrS4yFMOdiWpoe67YvDCQovhqfuusPdrKBqbg10O7hhxeOP8eHFXokGHH0IIdO/eHTQaTZOKJBoDZrMZDSbEW5Xjx49jXkMpqy9dusSEPxHbYnbp0gXUarVirvjU1FTGJtQTeELr/eeff+KcADi2ON27d3erjVGjRuEhSCxui46ORo55SQif2vr6emK1WonVaiVXr17lLuV0uV27dnGXiL59+2I5OolFGZ4s5XQf1qxZw+2D0WjEcvPnz1e05Ldp04bpr91ul+wDbykXi4uGDBmCbU2aNIl735deeknyvkqj73qahKXcbrcz9x8zZoyiLY3cUk6noUOHYtvDhw9n8nJzc53GjV9MevMsJ5oR+97woFKpJN0dXFIcK4DSPgD82/lKqfaD129PQbfnyXzdKojv3xjPide++FloNBqnsSuaiaysLKQIDAwMRK5wOeTn52MdlUoFo0ePlvTfuXTpEpYTO17t2rULbSgTEhLQIGD79u24RNIksGJYLBZs+9SpUy77DOA4sdN0iE888QS0atUKampq4Ouvv8brYl+clJQUCAsLc5IhXrt2DdtTwnpxq/Hjjz+inSQNMYPId999hwYbPXr0cJs4LCcnB+dBTAi8adMmPLFPnDjR8eGR+iTLaX48YeKQI25VmuRItZrStaKxiVuVMHHQaIylXCkHu9JE22MqhZyGj07eU7kXdzTc3tTY7XYkfLqVoeMsFgveV3yqrq2tveUErvQ8iBUIZrMZ88TSCrqvfn5+uF+uqamRdJ8VGz/cLbDb7YyVmtTY5CD5YjZv3hy1QDU1NUwU1+zsbC6LwtNPPw3Dhw93uq5SqVA/Gh0djW2LsWrVKm48nsWLF3MZO3iRYQ0GA5c+m+dn9MILL0C/fv3wt0AWEBwczPR72bJlzDwsXboUwsPDIT8/H6ZPnw7Tp08HAIeLs1Dviy++YMgH0tLS8F6xsbFcP5g1a9a4jKF0+PBh+PTTT2XLAAA8++yzyG536dIlWLRokWS5sLAwjBv0888/wyeffOKybRpXr16FqKgofCETEhLQtXflypVw4sQJLLt69Wo0gcNDkKu9gafRdz2BWFzU0ET7/DQ2lIqLhg4dinUmT57M5Mn5/NDJE/ddOtF7TBpitjc60ZofMdubkj1mVlYWY130+OOPY54Snx/8YlqtVkkPOXei09bX1ysqr9VqcQmjOcKbQkhP90ew+SOEMAavKpUKBcHiedDpdI0uOhFgsViwf0RmqaPLSYlWXMFut0vOgxwIIVhHrAygnzM9d/X19fgMxQbFdB8UPWfhDVXKj6nT6UhcXByJi4sjERERHn3JeIQHKpWKdOzYkcTFxTl9QUJCQvC+dAoNDWXKhYWFYR59vbF15ZMnT2b6kZWVRQiR/2IuXLgQy0dGRjp93YU8Pz8/7twJXpJiyH0x6STHjxkYGIh9oG095ZJcvPKIiAhsT+zyIjznuLg4cvPmTafx3BbiVt6LSYfsk+Ngp/HJJ58w5ZqKg10p5F5MGmIjDrk4P7fqxZSL8+PJi6nEiIMHr7jIizsSuFlp1qyZk6U5AAAhRDFTmsFgkLTsrq2tZQwJNm7cCL///jsAgKTWAcCxD6L7w7MY9/PzY8p9/fXX6COjUqnQcp3eV6nVaqxDCIGsrCwkDTtx4gTmWSwWWLFiBRKHJSUlodThs88+Y5g9BPBCFQI4tENCHPKCggIwGo3oE0Of8IODg5k+SLkuE0Lg73//O4pk0tPTsY7dbmeMJmgHObvdjmMVB+KSA91XGnl5edje8ePHoXnz5mjUs3btWti/fz8AODRq9HNyqSKW/Z4S51O53FLOO5W/++67ipYFpdF35UDvZZScysU+PzQTR2pqKpNHk2qJT+W8pPRUzsPtir7LC9knBo+JQ+5UrgTepdyLOxKScgez2Qxnz54FAGf7RJPJhEwKYkX/9evXJVkWxE5dPBBC4NSpUy4dvdRqNSQkJIBarYbCwkImvAoRRQ4T+qNWq9Ge0GKx4HLf1JqV8vJy7IN42yKQswI4HPaEiL10OBWl0XLvFJw7dw5KS0shPz+feRb0PAA4BO5arRZqa2sZNo/u3bs7xHNSn1Gl7rsqlYqkpKSQI0eOkC1btiiq0xjJ398flf3iU/ncuXPJkSNHnE6ccqfyBx54AOv8+uuvWK6srAyvHzlyBEVChBBy4cIFvC6OADx9+nTMk+P/pJO7p3JPl/KcnBzs28cff8xdyi9evMiMvbKyUnLJPX/+PJYZP348096yZcswLzw8nMlz5VrRYAPAbt26Qfv27bmBlm41oqOjMeakUgQGBkrWMRqN3LY6deqE/xdHdejQoQPWkw2ydBvQtm1bjMMph5iYGGQQlgNNO7l3714mr1OnTjgP7jKc4ItZUVGBy5ocZ7oYRUVF4Ofn5zHH+d2KsrIy1GSIeeorKyvRM1KpC0VdXZ3bdTxBVVUVSkjkJAj0+wDgsJ/Q6/Vgs9mY90On03EDL5SVleGYxNqewsJCMJlMXIYTfDGnTZsG69evx4ynnnoKgoODwWKxMMYLzZo1Q5FJXl4e16U1NDRUMqRdYWEh/PDDD/g7KiqKcUkVcO3aNTh48KBk2zRiY2NhwoQJTHuu4Ofnx9RR8mUQY+zYscw4aMyZMwfmzJkDAAARERF4r2PHjsHFixex3ODBg5HcdOvWrRh9V2hfq9VCXl6eolCKNMTjEyIaAzjCttAc7I888gh+QR966CG8npyczPTn2LFjkJiYCEVFRdCmTRt80Xr16oUiMDHGjBnD7SNNmjBy5EgMy4LqX2GvINb8nD9/nhDinriITv369ZPck3gafZdO9B5TDnQdpSH7lKKxxUWNSdwqB7G4SPD5EYMnLiooKGDY3uQ0P0qTl7jVi7sG3MPPq6++Cs2aNQOr1QpGoxFFGTdu3MDQITytDYBDbECHGBEgdmc9ePAgltPpdLBx40bw9/cHo9EIXbt2lWzbYDCg5mDfvn3w0UcfYd7UqVPhL3/5CwA4RBLkXyILmkunpKQExo8fj787d+7sMjqbuM6vv/4qW17AyZMncXznz5+Hzp07g06ng5qaGpgzZw7uz8R79GeffRY0Gg0UFhZCfHw8WhTRUYhrampwjngcUFarFUaNGoVG3VeuXGHmVY4KkMbMmTMhODgYzGYzY32VkZGB46O3KQCOQ6ArniKTyQTjxo3Dw9G3337r0DAJn05PmDgaO3mi+ZEz4uBBzoiDh8aOvutpOBVe9F0e5KLvykGpEYdc4vlV0fAycXhxV0Gx+65gtt/YIeSU4quvvpLU0vz888/cOjxXAzk+959++kmSr90TDngpCK6qYhfWxkRtbS1s3LgRABzGu7T4qa6ujpmXQYMGQbt27cBiscBXX32Fp+3GkEvv3bsXIwm3a9cOBg0aBAAOdhFh/FytoPBJvXnzJsnKyiJZWVmyLrZt27bFcp9//jmT99prr2EeL6WkpDB1nnnmGcy7cuWKJB83IfLhVE6cOIFt0BoKXnkAIOvWrcM6tEutXGQ0OsXHx7sca1ZWliwB2KZNmyTriF1+6aVcXFYKYs1PbGwsln/ttdeYPKUc7Nu3b3c5VjE5Lp3kXCuOHz+ObTgxcbRs2RK5auTIVHU6HTp/ZWRkMHnBwcFcxzABYkq+Zs2auazjCu3atZOMJSmHsLCwBt3Xx8dHUX05jUd4eLhkG3Jc5p70Wa/XYz2lhx0xeH2l4Wnb7dq1c4oliS9mbm4uagLkTttK8eeff6KGQaVSQVxcnKQ9Hw8VFRWMcYZctLb09HR84SMiIhqVnF8JiouLmSWpdevWihiMs7KyIDg4GAAcUeB44VjS09MxFEloaCi0atUKCCFw4cIFXHpVKhU3+Ghjwmq1QkZGBko7/P393Yr7LoX09HR85+Lj40GtVv/7xVywYAGj+aGRkJCAmgRXbqQCxo0bhyT5Go0Grl+/7tZXLS0tTTK2EIDjC7BkyRLQarVw9OhRGDBgAOatX78eo9quWrWK2z6t65bDjBkzIDIyEioqKrhB5rds2QLJycn4m46+K8Y777wDQUFBkJ2djWHvABxktmvXrgUAhxZu5MiRAOAINfjII49guUWLFsH8+fMBwEHiWl5eDgCOORFUpIGBgczYaZXh0KFDmefg7stcUlICCQkJijQ/PEycOBGjL+DLveoAAB6DSURBVOfn56N4D8AhPvLx8VF2+ImOjkYG4DsBOp0OXnnlFfDx8QGdTgdbtmyRLNcYfR42bBgkJibC9evXuS+mO5gwYQKEh4fD8ePHJWM9CvcUsGfPHrd9uv39/bljf/DBBxUxIzclhPDjAA7Z7vvvv+9Uxisu8uKOhNtmb8nJyXD48GEAkCc57d+/P3KXq9XqBgd2iouLw0DsPj4+iny977//ftwL+fj4oLamqKiIWR5plJaWopFKYWEhjB07FgwGg+wet0OHDgwDidwh4S9/+QsayD788MN44Pzhhx8kl9WqqioYOnQoHogEFg05iMcXExMD27dvBwDHNkPYMtCw2+2KrJp8fX1h2LBhqP2hjTHkcOjQIcnxmUwmZnzCc3X7xbx69aqieJECHUhj4dlnn+XSmfBAB7Gi/zCsVit3DBEREZCSkgIADnUpvf/hYfDgwZKWVFKgJRmff/45UsRERERw+3T8+HEmxLIr1NfXM23Rjl83btxwO94nDaPRiM557qCqqop738OHDzudyr1LuRd3JBhGYZ44h6Yk0Wq1WM5utzMGoN9//70TcakY4oi9x44dg5deegnbXr58Odrm8bBw4UIUz2RmZjL9Xr9+PXNKpPsq3Ke2thY0Go3kdqC8vBzLXb9+HbRaLahUKiCEMMv51atXsZwcaJGXHHQ6Hfa1vr6eSxnzyiuvYD9qa2uxDj0HKpWK+U0/P7nnTMNmszHGGosXL2Y42aVAhyAU7iUV5obuLyEEZs2ahc98zZo1rBFHdXU1KS0tlUzV1dUota+qqsLrW7dubRTDBiEpZeIQa1MuXbqEfaLdd4OCgvD67NmzmTrbtm2THKs4+u6PP/5ISktLXYbi8yTR9pjl5eXYhwcffJCr+REbcQh1aGYLm83GjKmiogLzamtruc+ZTiNGjGjw+FJSUrC9du3aMXlXr14lpaWlTlpGJ58fOvquHGgfltsVtk6MwMBAFFTTUKlUeF2sTQkICJCsIz6kCeWaOiIxLR92hzRLagxqtVryOoDDut3VigQgr/1TCn9/f+yHeHUKCgoCo9HIpbTEGThz5gyXn5EHpTaJTY0DBw6gOkyKsU4KJ06ckGQdy8nJadS+KUVqairaTIp9cQ4cOIAPmDe+a9euNThicevWrbk2sJ7g5MmTOMfiP+z9+/eDv78/d6uDL+bKlSu5mh+lGDt2LEycONHp+saNG2HdunWSdQYNGgR/+9vfAMDxhRO+wklJSZCWlobl2rVrJ3tfAbNnz0YBrtyXh3fCv+eee5j7ChqikJAQ5ronWL58OezevVsyb8KECdwPgxBOEADg+eefZwyWBaSmpsILL7zQoP6NHj0a/bvmzJmDz3Lfvn2wZMkSLPfSSy9h7KGpU6ciB4EYCxcuxP8nJiaiImThwoWo2QJwBHsQtFPC3rNR43dERkYybLwCjh07xq0TGhoqWSckJETyuivExsZ6VE+Ar6+vZH0fH58GtQsAHolZxGjfvn2D+6EEcXFxKDMVryIdOnTAPig13KCfp/gQ1atXL6+4yIu7A6p/2S3CxIkTFS3lwcHBXD1s3759UeMwdOhQFB/U1tbCSy+9BP7+/pCXl8fcx9fXl2sYsnv3bujRo4fT9fj4eIZWZPr06bgFWLVqlaSWqbq6mmGcGzVqlKRVDG3cCuDQyHTr1g1u3LihOLbN+++/z7jP0uMR9uV5eXmwc+dOPGS0bdsWtyDr16/nLuv+/v54ABWMYwAccYx27tzpVN5ms8HSpUu5Wp0RI0ZATEwMmM1mWL16tSRBQ11dHQwbNgytn/7rv/4LXa6/+OIL3CempaUxcZfoOaaNk8vLy+H1118HX19fKCwshG+++QYZpnNycpRH36UT7b4rh8TEREas4UmcH6XRd+k4P2LmWl5qaJwfuUTH+eHBU+JWOnni8yNOSg2FPQnZ542+68V/HCSJW8XEnz4+PuiGWVhYKLm8AjhCkUyePBkAHJtioT2NRqM4lqO4PWFpefHFF+Hll192qz5N3FpTUyMpi6ytrYW+ffvi79zcXIY0deLEiRAQEOC0FGq1WklZoc1mgyVLluB2pU+fPmje9v7778OOHTsAwLG14BG3yoEmx+XF/CwuLkbdPSEErFYrjkk8DzNnzoR33nkHbDYbM0aa7BUAuNqil19+GcMh5uXlMcStb7zxBtqOin17BgwYABqNBurq6qBFixbOWjjhU1tfX08sFguxWCwkOzub+bw+99xzmCfHQEETt1qtVqxjsVjQl6OpQ/aJiVuF+8+bN09ymRETt7Zp0wbr7N+/n9ufbt26MeMT0tmzZ5lyckwcBw4cwHr19fWKlvL58+cz95OC2OcnPj4ey8+dO1fRfMfExDD34fliiYlbMzIyiMViIRcvXmSIW+XStWvXnN4TRlcu/AWK5X+07lXpl+92RpKlIfRbaUgUeqxyUYjF+mjx/ZSAtjtQCqW6bhp0Xz2ZB3cgjMmd5y81D0329mzZsgUNOtRqNbz44osNUmH+8ssv8OGHHwKAM2sFD2azGevwIq41Bs6cOYPCd7GRihy2b9+OFIbx8fGKTOyOHz+OY1Kr1fDGG2940GPXKCsrw/vIQSw9WL9+PYSEhEBJSYniMH2ffvopbhWTk5MdL7XU59lqtZLc3FxMxcXFmFdUVMTk0Ylm0eCdyk0mE7f+E088oejTbzAYSFZWFtajl0HeqVyv1zP3qqurk1zKaQ72uro6bl/p7YM4+u4777yD5YqKirBcaWkpXt+5cydTR+5UfurUKaxHj493Kq+vr+f2tby8HK/v2LGDuc9TTz2FecOGDfNoy0WnDRs2YHtt27Zl8i5cuEByc3PJgQMHmOuyxK1arZbrsafE+08OPj4+3Lal4plLQaVSQevWrd2yilepVNz78uDr6+t2HQCHrFeqXnBwMB6YaFmpK4SFhaGhsJKtlEaj4fY7KCgI5cZijY7BYMB6Sp+FHEJCQrA98bYoPDwcjEajE5eVAK+4yIs7EvjFnDRpEvzzn/9sUGNz586FBQsWAADAe++9h1YyKpVKsdsvjffeew99SiZMmIDMvTU1NQyLWG5urqQRq7+/P2zYsAEAALZt28Z8YXft2gWDBg0CPz8/+Oabb/A6bRKWlpbGePTR6N69OxokDx48GNvIy8uD119/HaZNmwYAAEOGDEEREY2YmBjmvpMnT4Yvv/wSABxGtZs2bUJTPVofvXXrVrDb7UAIgfHjx+OY9Ho9+mDduHGDa/TSsmVLRV/r5ORkeOqpp5yuC4bUtM/Pe++9BwAOJjp6TDTWrFmDYqply5ahCzEhBD7//HNcSZyi7yrV/Milxo6+S2t+5Chi5MRFAhYsWMDUUcJEJo7zQ6fu3btL1lEask8MHnErD+4EB6CT0pB9PLhD3MqbYyXRd71LuRd3JLjioqioKPD19QWbzebEUUQjJiYGDRHo5XTAgAFMsHQexowZoygAfGxsLH7+L1++zA0/fd9996FPDL3ct2zZEiMsWK1WePrpp3FDnpSUhKHlXnvtNdTaKA1T/cknn8CMGTMAwKE1CwsLQ/vCQ4cOKRKTiZnsaLaMK1eu4G+BFx+ANb61WCx4H0IIhIeHS1Ll0NcMBgPOic1mg5SUFElDEBqEEAgJCUFNklIupfvuuw+NPcxmM8TFxYFGowGTyQQdOnTAQ11paam8Ece5c+eI3W534mCnk0qlQoYuIQmgxUVyieZgl1vK6XvIaX7ocnR/6GvuRN/lJXopF4uLPvroI7yXmLnNk8Tz+ZFLa9eudZoLuTlxZcRBp8WLF0u2564Rh91udz/Oj0qlUiSaUFquoVB6D165W9FH+l638n5y/WhIflPVVdJGgzQ/hBCYM2eOpAFCVlaWIvVXYz/AyZMn4xJsMBhgxYoVkuXovsn1k37JaH8b2n03PT2d24ZarcY8sb/OrXiBrVYrTJs2jSHc+uCDDwDAwcgnuExYLBaw2WxuP7OlS5diWEGx++6KFStQIlFcXCzZtkqlkr4nbynnhVNRmnjhVOQgt5TTcMeIw114ao+Znp7usm1Pou+K4c5STog8B7snp3IxxEYcvOSNvuvFfwS4S3lJSQncvHkT+RfdhcViYQwaQkJCQKPRgMVi4aqh5CLhFhUV4VIoto2kjToIZTjAWyZtNhvXEMTTaLzCfInh4+PDddgqLS3FOn5+fpKhR8xmM/MMiELDCB7ktg50XkVFBboTixEQEND0nALCp1NOwD548GCSkZFBMjIySL9+/dxe1hvDtYIWsPv5+ZGzZ8+SjIwMsnDhQqbOe++9h329ePGi5DIhPpXLJd5S3rlzZ7yPXHB6WsBeUFCAdTZv3syUo404aIgjoyUnJ5OMjAySnp5OAgMDXS7lNpuNZGZm4n0vXbqEbdfU1OD1jIwMhoteLpzK4sWLsVxOTg7WF29VPv30U8zLzc1VuooTQhRG3w0MDITY2FgAuDOiyarVaujYsSP4+Pg4saCFhYVhX5sSvr6+eB+lTMmhoaHYX96q4QohISEQGxsLhBBFBxVhrqRgMBgaPFd0JF9xsNM2bdp43P4ts+atrKwEX19fxlPRFWpqajCMCfFgCROHQPFEX8+DzWbD9pUu/3V1dSgcr66uZvIsFgvT38DAwCY5sZtMJkY5YTAY3DYINplMkuFlxEqP2tpaLKfVaiWXf5vNxsyFMG58MR988EHuniIxMRH/37dvX8X+KQIuXLjAjXDbvn17JuqrgLy8PBg4cKDLtqOiomDUqFFMewLovZ2Pjw+Oz8/Pj6kjB56Z3+nTp5n2hwwZAoGBgVBZWcmNyjt9+nSGtvqRRx5Bbdm2bdvQiAPAwSfpanUaPnw49w+dR9j/7rvvMtF3d+7cCU8++aRTucTEREmyWpPJBIsWLWJYNmg8/vjjEBAQADU1NQyZ7eOPPw67du1yKp+ens4Qugoc7JKGwo2Nd999l7tfuVui7yoVF8kZcTRm9F1PoTT6Lg9iIw5xunz5MiHEEY+I9vnhiYu87rte3FXApXzp0qVoyKAUKpUKNmzYAGFhYZCXl4dhTMRQSl767rvvou9MUVERhIWFoU1iTk6OJNPZ999/D//zP/+Dv2fNmoWh4XgoKSmBESNG4O8uXbqgi+3y5cthz549TnXE+ye9Xo8c85WVlTBx4kTw9/d3Wlp/+eUX9OXJzMyEiIgI0Gq1YDKZYMaMGWiHWFRUJNlXPz8/Znvyz3/+E3766SencjqdDvbu3Ss7bgCHEYjQnslkgvnz52PolUceeQTmzJkDAA6i1tTUVKy3cuVKyRA0Pj4+EB4ezvQDwLGnbN++PZ4Nfv31V8anaefOnfJbFeGT6ok9pkqlIleuXCGEEHLp0iW36wMoN+KgxUX0Ui4XfZe+Ti/lTW3EIZeURt/l2WPyND+0PaZSyGl+xOIiQWwmZ48pBy8Thxf/EWiwEcf+/fuhZcuWTtzrtF+yzWZjbBt5PuxarZZhslUip9NoNG7XUalUTB1aXCJujwe6jlqtVszAe7utjtLT0zG6cGZmJmi1WlCr1UAIgdzcXDS64EVZFuZOeJ6lpaWM68jAgQPxVE5vDevq6nCO6uvrYffu3eDv7w/Xrl0DnU7nPC/Cp7YxXCvo1Lt3b1JcXEyKi4udToJr1qzBPHrJqqysxOvFxcUM0wRvKa+rq2Pq0Kd1+p70Um6z2Zg6NEd5VVUVk8dLtKuyuA9ySWC0uF1LufhZbNy4kRQXF5Ps7GxFpFriuevVqxdTjncqHzRoENZ58sknmTrp6emY58TE0djQ6XSoCRBzfgcEBDhpCQCU8/fQ8PX1lY1WKwW1Wi15f6Fv7mq3POnDnQLhWShlzhDPnVLhvF6vx3ri1cVoNDo9jyZ7MWtra9ElQ3zizM/Px7ygoCA81V2/fh09IQEc9Nau/JvLysqYUNNhYWGSRhOEEK6LiMFgQK/CgoICxmgiMjJSEZm+ALPZjEHiARwPPiIiQnF9ARcvXpQcO+FowMTjCw0N5QYIoJGXlwcZGRlQXV2tSLtWX18Pf/75J5ZtjKAJf/75J855x44d2ei7w4cPR51qZWUlumQCOMQpAuc2DyUlJbB06VL8ffLkSW6E27/97W/Iuz5+/HjUeMycOZMJWHr06FHo1asXAADMmzcPJ0Gv1+Meddu2bcgwB8BG3128eDFeT01N5fbn4YcfxjCECxYsgM8++wzzjh07xmi+XOHKlSvMfYYOHcrlXZdD9+7dXZZRqVQYIPS3335j7rt27VqYNGmSUx1hDwjgEMHRJLwPPPAAcqNv3boV6WtoFBcXQ+fOnXGP2a5dO2aehS9f8+bNYfHixfgC05qoMWPGQLdu3QDA4WosROIFcKH5yc3NZfYAI0aMcLl3aWpxEQ9y4iIaYvddOsmJi5QQltJQ6r7rao+pJNEUMevWrWPyBOsiOdxKcREPXnGRF3cVFO0x9+7dKxn1Va1Ww/79+6FNmzZgMBi4RhdXrlyBP//8E3/Hx8djlIIff/wR2y4oKIABAwbgRpzeKyYlJTFksgLKy8uhX79+uKGmtRCdOnXCpaS0tBT7ZzabcekGcGglhD7Q+1UAB4+4O3tMwXpICosWLcKtSl1dHfTo0QP3gYcPH+a6JNOIiopCl1k5mkS6P4mJibgNatGiBfKkG41G5plJRccVIMyDWPR3+vRp5t3Yv38/YwonYODAgZIMIGazGfr27YuMIijuk/q8ipdyXqI1P3IQG3Fs2LAB8zp27MiIPGgxDA2lTBw06DJymp+mTJ4acfASz4iDt5TL+fzIQc5QWC4J4iIxxJofOnmZOLy4a4BL+TfffAO///47AACSM0lBrVbjEst1vQQHO4WgPRAHoEpJSZEUJdlsNnjrrbck6QXtdrsks4TZbIb33ntP0giVjiXpDmUhjcDAQNBqtWC32z3yf8rMzIS5c+cCgCNMoNFo/HeweEp2aDQaJUUvVquVeR50aD+1Ws3YVvIQHByM47fZbNgfAEdUOaltmqf44IMPJMVU4jCELiF8Ot0Jp2K1WjHRTAw0lDJxKE3z5s1j7iukNWvWcOsYjUamrAB3lvIjR44Qq9VKcnJyGmUc165dk5w7qbFZrVaya9cubltKTuV2u51pT8yWwbPH9HQp9yRJLeUeCdhvB7+6SqWSvK8r3XhD+6pWq0Gr1So6aCiBRqOR7BOvnw29r3jebreuXinuDAZ/N/Hzzz/j8kZHSJPD5cuX4fLlywDg3rJy/PhxKCsrc38p4uB///d/cUvy4IMPokA6LS2N8R0aOHBgg/6o/vjjD7QrDQwMhKSkJMlyp06dklQrisOf3GrgyJOTkyV9P8RQ6k+8ZMkSyYeZmZmJWh8AgP79+0sS3J84cQK1GmJMmTJF8QspYNOmTUzE3fnz50NCQgKYTCYmEmxISAh8/vnnAABw7tw5ZHETIyoqCpYtW+byvjNmzICsrCz8TUcKTktLw8Cf48aNY4j2BZ+fbt26cRnY5L5+q1atQgPgLl26YITcMWPGoFZJ/CzksGTJEq63pYBNmzZBSkoK/hbmWIx//OMfsoFvAagXs2vXro0aq1qINSiGQF8noG3btpJ/EKSBjv2u8NBDD8HgwYOdDnp+fn7YHzljDqPRqOgP+e23325QP1u1aqXoPkoRGxuLLrXu8On36dPHpWpWHL9emGMxhNDTcsAXU2kAek/BI5AihDD3liOa8qSPQh13XnR36xBCnBhAGrqXs9vtbo3Xk756Mp/isQLw9/niZ0tfdwV8MadNmwZff/21u/1UBK1WC2fPnpXkSd+6dSvuhXx8fCA9PV2SKmXZsmWwZs0aAHAmC3jllVfQEufDDz/EyaioqEAyAp4VjF6vZ5br1NRUrMOLWCvGF198wSyJS5YswSD0Yrz88sv4JaYjS0yaNAl9sDdv3gwdOnRQdG8BPNdrMZYsWYJsb2L33NjYWBgyZAgAAOzZs0fSGquoqAjuv/9+rNuzZ0+uu/KoUaMkDahpCzIe8MWsqqpSHNjJXWg0Gu5fidlsRlWcXq/nlqutreW+XAsWLMCXaeXKlcwXz9WYfHx8mL3ipEmTGOsiJairq2PuI/eSzJ8/n1GbCpg3bx7+/5dffsHAA42Nmpoa7pwkJCTgXBQWFkq+mHa7HYqKilAtKSfbVfIC8uDV/HhxR4Irj2jXrp1iPxYp5ObmKl5epBAQEADR0dGSeTk5OYyxxNixY1GzIcUeIYWFCxfi1qBz585cCYASGI1Gpq9KqGgyMzNh1qxZknnp6encei1atEBxU1ZWlqJ9YnZ2Njz++OMA4DBAphEeHo6SFsGwRg5arRaio6PxiylnBE23nZ2dzTybDh06gFqtBovFwoSF2bFjh0N8xdP8CMStnoIXsk+O7U3OiIOGmLi1oamh7rtyEHOwK3Xf5SXBiEMcTsXTpFTzo8Qu1V0OdkK89phe3GVwqVowmUwMEZQcevbsia4QnsBms8GaNWtc2j821SHNHdy8eZNhAJErdydj9+7dkJ2dDQAOfxspuSOAQ3riKjzOyZMnG61fLl/Muro6DD/nCvPmzXP7xXziiSfQQuavf/0rY/miFIcOHcJ9V0JCgqJ95po1a1BNJ6fN2rhxI3Tp0gUKCwsZipPc3FzF89JQpKWloeqSFrkdPXoU93rffvsthksEcJz+abY1KZw+fRrGjx+Pv0ePHs19MXlBFpoKt11XHhwcDPHx8QAAXEpoV6CDUykVbEdGRuJ95XDvvfdCfHz8bdUdx8bGOhHUqlQqxvlMrHVp3bq1y/E1RJzT1LjtL+btBiGEISFV4t5wqyGQ3gL824edEAKVlZUo9/WUO74pUVNTg3JOd7VMt/zFjI6OZnSlNJOZHJ555hkYNmwYAADMnj2bMXjgwWAwoLB8x44dkpFha2pqmK9RYGAg0z9BDBQcHMxcX7ZsGePeunTpUknB+Ztvvol7OBrieeDhzJkzEB8fjyvB/PnzcbvTsWNHfPBKwwvSiImJYfoQGRmJ/3/llVcw8vBPP/0Ea9euVdTm8uXLoVWrVlBUVARjxozBfnfu3JlxCXcZD104zjdGnB86+i5PXCQHsfsunebPn4/lPInzw4u+W1lZyVyPiIhw2U9CCBkyZAhTjxfnhycuUgoecasrcZES912l+PLLLxW/A17iVi/+o3HLl/LTp08zpKlPP/00ho2Tw0cffQSbN28GAAetSZ8+fUClUkFBQQH06tULLb1pw4vKykrkfi8rK0PGB4vFAi+++CL4+/sDIQSCgoLg/vvvBwCHhoLmi9+2bRs88MADcPPmTcaUr6qqCtvLz8+HwYMHo6ZswYIFMGbMGLfmYeTIkfDWW28BgMP4QfC/qqmpgcTERDTmFahsxFCpVEz/BC2OxWKBnj17op1BSEgI2kKeOnWKsUXlQXxIat++PVfjI4j6fH194eGHH8Y98LFjxyR5+LnuzsIn9VYt5WLNjxwTBy/JEbfykqfErbw4P3LEratXr8Y8pZofOs5P7969mTw6+q4A8VLOY3tzJ2Sf0kTH+VEKOfddOnmXci/uaNx2cdHRo0dhwoQJAAAuNQsCzGYzTJo0CdRqNUZ+dQWr1Yr3EYtWLl68iHmuTP4FXL16FeuIzcO++uorlCuK+eenT58Ofn5+Tgx4hw4dwvYE36S7GUVFRTB79mxcynkc81wIn1reUm6z2UhJSYmiVFtbi59uT404rl69SkpKSshXX33F5M2aNQvvExsby+RlZmZinlarxetBQUF4ffbs2UydrVu3kpKSEnLt2jXmeuvWrZkxCW6/4nkYOHAgU++XX34hJSUl5Pjx48z1QYMGYZ3nn3+eyfvuu+8wLzw8nDsvt2opHz58uNvPmQfxqfzRRx/F+mLiVjoJS7nLL6ZarZYkGmgqGI1GCAoKcvK38fPzw36IvQeNRiPm0ZoflUqF18XEqs2aNYPmzZs7eQjyxiu+Lq4XGBgIzZs3dzJ50+l03D4IdYT2bzf0en2TPWt6HpSYU3JfzGvXrnnMXgGg3NSfBiEErly5AgEBAU6c7p7AbrdzXXbz8/Ph8uXLjUI8CuCYL61WCzk5OY3SHg80aSqtTSGEMFuAli1buh2isLq6WtE2IiQkRJJto6SkBOdZiQJEFrylvDGTp9F3t2/fTrKzs0l2djYpLS3FZUJOwH716lWs40lflQrYb9y4gfcRRwCmk6ekWhcuXMD2aRYROZ50On366aeEEMeST8/JtWvXuEu50rRkyRLJOZGLQkwL2G/evIn92bdvn2dL+e1EWFgYoyZTAp6cr7FBR9zl8bk3BG3btm1QpGPhq6pSqRp9TgjHL4t3XQzaQorHk3X7NzZeeCEBFfnXa261WpvUt1yv14NKpQK73a7YLVan00keCiwWC/PXKbQthieWQuIYQEpgs9m4NqBqtRoPSvX19YyxBT2+xh6TEr4ld54FDR7/knh8NOh5kOuDMG58Mb3w4k7C/wG6aNw8T8nphwAAAABJRU5ErkJggg==">
          </div>
        </div>
        <div style="font-size:22px;font-weight:bold">Want to give me a Gift ?</div>
        <div style="font-size:16px;font-weight:bold;margin-bottom:17px; margin-top:10px">
          <p><b>Saweria</b> <a style="font-size:14px;color:#ff6600;" target="_blank" href="https://saweria.co/buananetpbun">saweria.co/buananetpbun</a></p>		
          <p><b>PayPal</b> <a style="font-size:14px;color:#ff6600;" target="_blank" href="https://paypal.me/agusramadhani1">paypal.me/agusramadhani1</a></p>
		  <p><b>Wise</b> <a style="font-size:14px;color:#ff6600;" target="_blank" href="https://wise.com/share/agusr112">wise.com/share/agusr112</a></p>		  
          <p><b>Buymeacoffee</b> <a style="font-size:14px;color:#ff6600;" target="_blank" href="https://www.buymeacoffee.com/bntpbun">buymeacoffee.com/bntpbun</a></p>
          <p><b>Bitcoin</b> <span style="font-size:11px;color:#ff6600;">bc1qazx09937at9za695m39xzjvqt8tjncgwep4ymf</span></p>
        </div>
        <div style="float:left;margin-right:3px; margin-top:0px">
          <div  class="fb-like" data-href="https://www.facebook.com/buananetmikrotik" data-width="" data-layout="button_count" data-action="like" data-size="small" data-share="false"></div>
        </div>
        <div style="margin-bottom:10px">    
          <a class="github-button" href="https://github.com/buananetpbun" data-show-count="true" aria-label="Follow">Follow</a> 
          <a class="github-button" href="https://github.com/buananetpbun/buananetpbun.github.io" data-icon="octicon-star" data-show-count="true" aria-label="star">Star</a>
          <a class="github-button" href="https://github.com/sponsors/buananetpbun" data-icon="octicon-heart" aria-label="Sponsor">Sponsor</a>	
        </div>
      </div>
    </div>
    <div id="dialogoverlay"></div>
    <div id="dialogbox">
      <div>
        <div id="dialogboxhead"></div>
        <div id="dialogboxbody"></div>
        <div id="dialogboxfoot"></div>
      </div>
    </div>
    <script src="./login/login.js"></script>	
<script>
document.querySelector("#year").innerHTML = new Date().getFullYear();
</script>
  </body>
</html>